pull down to refresh

286 sats \ 2 replies \ @petertodd 11 Mar \ on: Payments below dust limit not trustless lightning
Without HTLC they are unenforsable and may lead to the sender losing money.
Nope. I covered this in my big article on L2 protocols: https://petertodd.org/2024/covenant-dependent-layer-2-review
A L2 payment should have one of the following two properties:
  1. Unilateral enforcement on-chain. Lightning generally has this as you can close a channel, and in the case of a non-dust HTLC, actually represent it on-chain. But, obviously this costs fees... which brings us to:
  2. Economic enforcement: alternatively, ensure that the attacker can't profit from theft.
Dust HTLCs meet the second criteria because to steal the value of them you have to close a channel, which results in more transaction fees being ultimately spent than the HTLC is worth (FYI, while the dust HTLC is in flight, the value of it is just added to the transaction fee for the current commitment transaction --- the transaction that would be used to force-close the channel if necessary)
Sure, on occasion someone might lose a few sats from a counterparty closing a channel at the right moment to steal a dust HTLC. But this basically never happens because it's not an economically viable attack. Transaction fees eat up all the profits.
In fact, the dust limit isn't even the right criteria here! The way to choose between a "real" HTLC and a "dust" HTLC is to base it on current fee rates. Right now Lightning implementations arguably create too many real HTLC outputs that can't actually be profitably collected if the channel is in fact force-closed.
write
preview
0 sats \ 1 reply \ @BallLightning OP 11 Mar
I have a little problem with this statement you made: "Sure, on occasion someone might lose a few sats from a counterparty closing a channel at the right moment to steal a dust HTLC".
I specifically wrote about the future where this amount may not be trivial.
But yeah, I can see many people actually knew that there is such a thing. I didn't know until today..
reply
10 sats \ 0 replies \ @petertodd 11 Mar
I specifically wrote about the future where this amount may not be trivial.
But that's the thing, the game theory isn't about the HTLC amount being small. It's that closing a channel costs fees greater than the amount. So you can't make a profit from this attack.
We probably will have to tweak certain aspects of LN implementations to make sure this logic actually holds up in all cases. But the basic idea is sound.
reply