510 sats \ 5 replies \ @supertestnet OP 26 Mar \ parent \ on: Hedgehog: A protocol for asynchronous layer two bitcoin payments bitcoin
I don't believe in trustless. It inherits bitcoin's standard trust assumptions, including that the majority of miners are honest. Specifically, this protocol requires getting a transaction confirmed in order to enforce the latest state, and if miners censor your attempt to do so, your counterparty can steal from you. So no, it's not trustless.
You do not need an LSP or something. You can open a channel directly to someone and then all your payments within that channel can be done asynchronously. My proof of concept only supports payments within a channel, i.e. A->B, it does not currently support routing payments from A->B->C.
Routing can be done similar to how lightning does it (using a chain of htlcs that nodes forward to one another) but that introduces liveness assumptions about the routing nodes. A routing node N cannot forward an htlc to the next hop H if N is offline. Consequently, something like an LSP (HSP?) would be helpful, as they can be online all the time and you can thus pay someone who is offline through them.
- Recipients need inbound liquidity, which costs money
- Routed payments require routing nodes to be live (thus incentivizing the creation of LSPs, or HSPs)
- Payments are not completed until the recipient eventually comes online to collect, and they have a limited time window to do that. So they either need trusted third party watchtowers or be watchful themselves, which is annoying
It inherits bitcoin's standard trust assumptions, including that the majority of miners are honest.
Bitcoin does not require a majority of miners to be honest. It requires a large percentage¹ to be independent, and economically rational. That's a much weaker requirement than honest.
If we were happy with a majority honest assumption, we could have just increased the block size: there would be no need for others to validate the chain. The majority of miners could be trusted to do that for us.
- 70%+ depending on exactly what assumptions you're making, eg selfish mining.
reply
Bitcoin does not require a majority of miners to be honest. It requires a large percentage¹ to be independent, and economically rational. That's a much weaker requirement than honest.
Suppose someone can censor your transactions at enormous cost, and you rely on your ability to transact uncensored anyway. I think that means you are trusting them not to do that i.e. you are trusting them to be honest
we could have just increased the block size
we did
(ok that's not totally true but I couldn't resist)
reply
First of all, you were talking about "a majority of miners being honest". Even dishonest miners can't censor by themselves: they need coordination. You're mixing up "majority honest" with 51% attacks.
Second, the defense in this scenario is transaction fees and inflation subsidy: you're paying miners both immediately and an expected return in the future for mining transactions the way we all want them too be mined. That is an example of economic incentives. Not honesty.
Keep in mind that in academic protocol literature, the term "honest" is used to mean someone who rigorously follows a set protocol. Most Bitcoin hash power does not even begin to do that, as they differ from Core in lots of ways.
reply
You're mixing up "majority honest" with 51% attacks
I didn't know there was a difference. If miners perform a 51% attack in order to prevent a transaction from being included in the longest chain, that seems like an example of a dishonest majority
That is an example of economic incentives. Not honesty.
It is an example of an economic incentive, but it does not seem to negate the presence of honesty. Miners who are dishonest (i.e. they want to censor you) can leave aside the economic incentive of fees+subsidy and censor you anyway
in academic protocol literature, the term "honest" is used to mean someone who rigorously follows a set protocol
I don't think I am using the term in an academically rigorous way. By "honest miners" I mean "miners who accept your transaction into their blocks or build on blocks that do." By "dishonest miners" I mean "miners who reject your transaction from their blocks and orphan blocks that include it."
Thanks for the detailed answer.
Honestly what you describe seems (at my noob level) to be a solution to one of the biggest UX problem in LN. It's huge lol
Don't know how hard it would be to convert the whole LN to this new standard but could be pretty fast it it indeed works as you show.
Congratulations anyway 🎉 for this promising idea (among all others)
reply