pull down to refresh

You're right to frame bitcoin-powered Internet as creating a huge, new space of vulnerabilities. If lightning browsers uncritically call payment(request_data) then bad stuff will happen. People would have to develop rules to limit carefully what kinds of data they're willing to send and receive. Subversions of those rules, or the systems which enforce those rules, would immediately lead to costly and therefore quickly noticed attacks.
Bugs which caused such subversions would not be zero days because they'd be exploited in the wild by their discoverer immediately upon discovery, not hoarded and privately sold in a darkweb market. After all, someone else could find that bug and start profiting from it, exposing it for all to see and squash. The economic incentive (of a blackhat) is to exploit a networking bug immediately before someone else does. This gets bugs fixed faster.
"Data in payments", to use your evocative framing, makes networking more secure by changing the economic incentives of attackers to shorten the lifecycle of bugs. I think this kind of pattern recurs in other areas such as distributed databases. Think of key-value sets and gets in some giant cloud database that is actually just a market. The same zero-day killing behavior will occur there, too. This is how I see a bitcoin-powered Internet emerging over time :)
this territory is moderated
Interesting perspective. Thanks for sharing! I see what you’re saying a little more about vulnerabilities being exploited immediately…
What you’re proposing reminds me a bit of the scene at the end of Dark KnIght Rises where Bruce Wayne can only make the leap without the rope… More lightheartedly, I call this the Claw of Shame fallacy 😆
In other words, it sounds like you’re saying people will choose lightning internet because it has better security, and it has better security because if it doesn’t, the worst case scenario will happen… and I think I’m either missing some reasoning or missing the technical explanation to justify it, because I’m not sure why people would voluntarily opt in to that in the long run, let alone be a guinea pig…
So I remain curious to see what kinds of solutions people are proposing and building, because I’m all for better security!