Add subchannel spec #1
Conversation
Tibo-lg
force-pushed
the
add-subchannel-spec
branch
3 times, most recently
from
af866e4 to
f2317cc
Compare
XX-sub-channel.md
Outdated
|
|
||
| OP_IF | ||
| # Penalty transaction | ||
| <split_pubkey> |
There was a problem hiding this comment.
Explanation of <split_pubkey> may be necessary.
There was a problem hiding this comment.
Added some explanation here hope it helps.
XX-sub-channel.md
Outdated
| `to_self_delay` | ||
| OP_CHECKSEQUENCEVERIFY | ||
| OP_DROP | ||
| <local_delayedpubkey> |
There was a problem hiding this comment.
Isn't it something like this?
2 <local_pubkey> <remote_pubkey> 2 OP_CHECKMULTISIG
There was a problem hiding this comment.
Yes it is thanks for spotting that!
XX-sub-channel.md
Outdated
| - MUST set `next_per_commitment_points` to the values for the next commitment transactions of each sub-channel. | ||
| - MUST set `split_signature` to the Bitcoin signature of the split transaction of the sending party. | ||
| - MUST set each commitment transaction `signature` to the Bitcoin signature of the commitment transaction of the receiving party for the corresponding sub-channel. | ||
| - if `nb_subchannels` is equal to 0: |
XX-sub-channel.md
Outdated
|
|
||
| - MUST set `per_split_secret` to the secret used to generate keys for the previous split/commitment transaction. | ||
| - MUST set `next_per_split_point` to the values for its next split/commitment transaction. | ||
| - MUST set `nb_subchannels` to the same value as in the received `subchannel_request`. |
XX-sub-channel.md
Outdated
| - MUST set `per_split_secret` to the secret used to generate keys for the previous split/commitment transaction. | ||
| - MUST set `next_per_split_point` to the values for its next split/commitment transaction. | ||
| - MUST set `nb_subchannels` to the same value as in the received `subchannel_request`. | ||
| - if `nb_subchannels` is greater than 1: |
| * [`point`: `next_per_split_point`] | ||
| * [`u8`: `num_subchannels`] | ||
| * [`signature`: `signature`] ‾| | ||
| * [`point`: `next_per_commitment_point`] _| x num_subchannels |
There was a problem hiding this comment.
In The subchannel_finalize message, next_per_commitment_point is defined as below:
- [
num_subchannels * point:next_per_commitment_point]
There was a problem hiding this comment.
Yeah this is just a notation detail, in subchannel_finalize there is only a single field that is * num_subchannels while for request and accept there are multiple.
Tibo-lg
force-pushed
the
add-subchannel-spec
branch
2 times, most recently
from
16064e9 to
0a07288
Compare
|
|
||
| Each output of a split transaction is delayed to allow an opportunity for the counter party to submit a penalty transaction. | ||
| It can be claimed without delay by the counter-party with the revocation secret and a signature using its `split_key`. | ||
| Note that due to the addition of the split transaction, recovery of fund in the case of a unilateral close takes twice as much time than for a regular channel. |
There was a problem hiding this comment.
I think one additional point is that go-to-chain deadline for received/accepted HTLC, as laid out in the BOLT2's cltv_expiry_delta selection, should be scaled in consequence to include the split_tx's CSV.
There was a problem hiding this comment.
Good point. I added something to mention it but I'm not 100% confident about what's a safe buffer here so let me know what you think.
|
|
||
| ## Split transaction | ||
|
|
||
| The split transaction is used to fan out the fund output to multiple ones that can be used as inputs to sub-channels. |
There was a problem hiding this comment.
I think a counterparty can block your fee-bumping ability by broadcasting chain of junk transactions attached on the anchor output of one of the commitment transaction. And as such interfere with a time-sensitive confirmation of your split_tx.
To remedy I would say you need to add a pair of anchor at the split_tx-level and encumber the sub-channels outputs with a 1-block CSV.
There was a problem hiding this comment.
Yes I think indeed anchor outputs might be necessary, added a small paragraph. Though since the outputs are already not spendable by a single party without knowledge of revocation secret I don't think they need any change?
|
|
||
| The split transaction is used to fan out the fund output to multiple ones that can be used as inputs to sub-channels. | ||
|
|
||
| In order to enable updates to the set of sub-channels, a split transaction can be revoked, meaning that each party holds a different version, and all of the outputs are timelocked or spendable directly with knowledge of the correct secrets, which consist of a revocable secret updated every time the split transaction is updated, and a `split_key` whose public point should be exchanged prior to the sub-channel establishment. |
There was a problem hiding this comment.
I think one simplification could be to unify the revocation paths across the transaction stage of the protocol under the argument that if a counterparty "cheats" on one level it contamines the whole tree of transaction. One revocation point could be used for the split_tx, the commitment_tx and the HTLC ones, that way avoiding to inflate commitment_tx/HTLC_txn scripts with one more path for the split_tx specific revocation.
There was a problem hiding this comment.
I think one simplification could be to unify the revocation paths across the transaction stage of the protocol under the argument that if a counterparty "cheats" on one level it contamines the whole tree of transaction. One revocation point could be used for the split_tx, the commitment_tx and the HTLC ones
Mmmm I don't really follow you here. The split tx and commitment tx can be revoked separately so it doesn't really make sense to me for them to share the same revocation point. Am I misunderstanding what you're saying?
One revocation point could be used for the split_tx, the commitment_tx and the HTLC ones, that way avoiding to inflate commitment_tx/HTLC_txn scripts with one more path for the split_tx specific revocation.
Also I'm not sure what you mean here, in my mind the commitment tx and htlc txs don't need to have anything about the split tx, can you clarify for me?
| - if the sum of all `sender_satoshis`is not equal to the previous balance of the sending party (plus or minus the fee difference with the previous channel state if the sender funded the channel): | ||
| - SHOULD fail the channel. | ||
| - if the sum of all `reveiver_satoshis`is not equal to the previous balance of the sending party (plus or minus the fee difference with the previous channel state if the receiver funded the channel): | ||
| - SHOULD fail the channel. |
There was a problem hiding this comment.
What if the funder doesn't have balance liquidity to cover the split_tx and the sub-channels txn at the negotiated feerate ? Should the request be rejected ?
There was a problem hiding this comment.
Added a bullet point for this thanks
| A sending node: | ||
| - MUST not set `num_subchannels` to 1. | ||
| - MUST set `num_subchannels` to a value greater than 1 if the channel is a single channel at the time of sending. | ||
| - MUST set the values `sender_satoshis` and `receiver_satoshis` of the first sub-channel to large enough values to provide for all HTLC outputs and satisfy each peer's channel reserve. |
There was a problem hiding this comment.
I think it could be defined more precisely as sender_satoshis the sum of requester balance and outbound HTLCs and receiver_satoshis the sum of accepter balance and inbound HTLCs. And maybe the funder sub-channel balance should be large enough to cover at least one commitment + one CET ?
There was a problem hiding this comment.
Updated, though I prefer not to mention CET in this doc. I think it's better to leave it up to the application layer to decide whether sub-channel size is adequate or not. If not then the reject message can be used, and is not a violation of the protocol but just not adequate with the application.
XX-sub-channel.md
Outdated
|
|
||
| There is a possibility that the two nodes of a channel send a `subchannel_request` message at around the same time. | ||
| To solve this, the node with the highest `node_id` MUST reply with a `subchannel_reject` message if it receives a `subchannel_request` message after having sent a `subchannel_request` message of its own and before receiving a `subchannel_accept` or `subchannel_reject` message. | ||
| If the node with the highest `node_id` the receives a `subchannel_reject` message, it SHOULD wait for a small amount of time before sending another `subchannel_request` message to leave time to the other peer to send its own request. |
There was a problem hiding this comment.
I think you might need to introduce a update ordering rule across the split_tx state machine and the sub-channel ones, otherwise you have a risk the update split_tx-level to always halt. I.e the split_tx is updated, an update_add_htlc is exchanged, the split_tx must wait for inclusion otherwise signature is broken, though once done, simultaneously a CET has been proposed in another sub-channel, etc.
There was a problem hiding this comment.
I need some more time to think about this. I think indeed there might be some issues if receiving an update_add_htlc right after having sent a subchannel_request that make your request invalid, is that what you mean?
otherwise signature is broken
I'm not sure I understand this part, which signature would be broken?
Tibo-lg
force-pushed
the
add-subchannel-spec
branch
from
0a07288 to
62049ab
Compare
Tibo-lg
force-pushed
the
add-subchannel-spec
branch
from
62049ab to
3801a27
Compare
No description provided.