pull down to refresh

Damn it boomers! Now you have no excuse to use LN!
reply
capitulate to lnurl already. it's lightning magic.
reply
This is a really cool idea and an awesome new project to try out.
The BIG downside I see with this is that whoever can read the contents of the NFC chip, has access to the LNURL-withdraw link and can thus drain the entire node's funds.
Am I seeing this correctly or am I missing something?
reply
There's a maxWithdrawable value, so I'm guessing the card can be configured to be used X times and up to N sats per transaction.
I think. I pretty much only know LN in general, and am not very familiar with LNURL specifically, Maybe someone else seeing this and knows the answer can pipe in.
reply
If so, this means that still anyone could pull X*N sats in total. Like this the implementation doesn't seem to be usable in the real world yet. There would have to be some security mechanism in place to make a payment link non-reusable.
Even entering some sort of PIN doesn't seem to be a fitting solution as this PIN — once entered into a POS terminal — could then be used with the respective LNURL-withdraw link to pull funds as one pleases.
If someone more knowledgeable could clear up any mistakes I made in my reasoning, I'd really appreciate it.
Any ideas yet on how to overcome these issues?
reply
The video from this Tweet is also available on Youtube:
Offline Lightning Network payment from a NFC card thanks to BTCpay's LNURL NFC Support plugin
reply