pull down to refresh

After taking a cursory look at fedimint, I think it can be summarized as a custodial lightning wallet server like lndhub but with two primary differences:
  1. Rather than running a hosted ledger on the lndhub server, and allowing members of the same lndhub server to transact with simple ledger adjustments and without going over the lightning network, fedi is creating a token that is signed by the fedi-server upon minting, and the token is immediately unblinded by the recipient. What this means is cryptographically the source of the token isn't traceable by the server admin, but the admin can see who redeemed how many sats. The same is true when a token is minted, the server admin can see who is minting how large a token. I suspect the blind signature scheme isn't actually providing any privacy in practice since the tokens transaction amounts are unique to each transaction and the minting and unblinding happen real-time almost instantaneously and at the same time and on the same server. Fedi tokens aren't exchangable between fedi servers, they are captive between participants of the fedimint. It would be pretty obvious when wallet A sends 12345 sats to wallet B and wallet B redeems 12345 sats. It looks like the blinding amounts to nothing more than a highly convoluted custodial ledger transfer because all this is happening online and while both wallets are connected to the same mint.
  2. Instead of running the mint on lnd, the mint is running a special lightning node that has a multisig on-chain wallet. I think all this means is that you can't open lightning channels, or spend on-chain funds from the fedimint node without all three signatures. I don't know there is any requirement for three signatures to spend sats over the lightning network, which would only be restricted by a lack of a CLI to do so. Since the fedi-tokens aren't tied to a lightning channel, nor a bitcoin wallet, if all the multi-sig nature of fedi does is prevent on-chain transactions without authorization from all trusted parties, then it should be simple to add an interface to fedi for a server admin to simply spend out whatever outbound lightning channel liquidity happens to be available.
Am I making too many assumptions about how fedimint works?
I think you got it spot on the way I try to explain it to people is basically liquids model scaled down and instead of L-BTC you're using these fedimint tokens in this walled garden
I don't see why I would use it, but keen to see how it unfolds, I want to see how it interacts with the rest of the network first before I pass judgment on it
reply
Thanks for the feedback, I think there is allot of potential with fedimint, but there is a missed opportunity cryptographically. The minting process should yield standard sizes, stored in the wallet only, and the token should be exchangeable offline many times. The tokens should have connection to lightning sats where the sats are secured inside the token and the mints are kept honest with enforcement from the lightning network or the Fedi network. The tokens should also be transferable between wallets on different mints offline, and the federation is in charge of transfer and preventing double spends/redemptions. Such a scheme might require a wallet holder to keep an amount on deposit in excess of their unredeemed token balance.
When I first heard of fedimint, i assumed it was a system of creating private offline cash, but the way its executed it looks like nothing much different than a different lndhub custodial wallet protocol, but some aspect of the custody is managed with multisig.
reply