Topic: Can you think of ways to use LN offline? (Read 504 times)

Well, if mainstream peeps view LN as a wallet, even though it's not, then what I've said is kind of true.

When that ETH wallet got "miscoded" because one dude put in an errant line of code in the multi-sig, it froze up millions of dollars worth of ETH. Even though it was just one particular wallet that was affected, the major news outlets reported it as ETH itself being hacked.

I'm not saying the same thing will happen with Bitcoin, but if LN gets "hacked" in such a way, then... they'll just make an overreaching statement and say bitcoin was hacked.

It's different if you're talking about your hard drive or your wallet on your PC getting stolen... because no one sees that as connected to bitcoin. LN is already being touted as "part of bitcoin," so if it gets hacked, then they'll just assume bitcoin was hacked. That's the way they think.

lightning is still a ledger system.

we may not be publishing every transaction on the blockchain, but the pre-images we exchange are literally ledgers of accounts between channel participants. they're basically "private" ledgers that eventually settle on the blockchain's "public" ledger. (hence the privacy benefits of LN)

The third parties are called Watchtowers and it's actually possible for the whole scheme to be trustless

The lightning network is comprised of bi-directional payment channels between two nodes. This means that either one of those nodes should be able to initialize a transaction at any time. These transactions require both parties to be actively participating in updating the smart contracts that keep the channel alive. If one party fails to respond, they are essentially in violation of the smart contract, and are forfeiting their claim to any of the funds in the channel.

Non-responsive clients are a liability to anyone opening up a channel. It means that their bitcoin may be tied up in the channel until the timeout period. That bitcoin was typically put there either to make a payment (which now is delayed), or to earn network fees for being a hub of other people's transactions. An unresponsive node means the channel is wasted. It's similar to a denial of service attack, except it's tying up bitcoin rather than bandwidth.

I feel LN clients Would they have to rely on third-parties to commit for them when they're offline. The success would depends on how much reputation the third parties have built to be trusted . I'm thinking users would at least have to trust them to commit transactions in a timely manner to invalidate past transactions, right? This to me seems an awful lot of trust put onto third-parties

Good point, you'll need to make a new backup after every transaction.

If they don't know you lost your backup, they won't risk losing their funds by broadcasting an older TX.

The backup requirements look a lot like Byteball's Blackbytes now. Having to create new backups all the time would be very inconvenient, but I can't think of a solution other than using an online service provider.

Sounds like solving this offline LN tx might be a layer3 issue to address but if we solve this it means bitcoin/LN can replace cash globally if needed.



Backups in LN are terrifying.  If you restore from a backup and the backup is slightly out of date by 1 tx you will lose all your funds in the channel.  I.e. if you're having to use a backup because of HW failure you're probably screwed with today's setup as I understand it so better off NOT using a backup. 

We need a way to ask the counterparty node you have a payment channel with what they believe is the latest TX and only broadcast if they match. 


Periodically your node should ping them to ask this question randomly.  This needs to be done periodically and unnecessarily such that when it is needed due to verifying a restored backup, your node can be confident your payment channel counterparty node is not scamming you by confirming an OLD tx when it actually knows a more recent one.

I.e. If the counterparty node ever replies with a known OLD tx you automatically close the channel with the latest tx you have since they are trying to cheat you. 
When restoring from an old backup, if it doesn't match the connected node's latest TX the system should stop issuing new TXs but do respond with the latest TX it thinks it has.  If this tx doesn't match the counterparty will now close the channel for you.  If they don't you can confirm they agreed it is the latest tx and re-enable the issuing new transactions on that channel.


I don't believe this happens yet so peoples funds are at risk from restoring old backups.  This is an important security issue to be addressed before pushed on mainnet otherwise people will almost certainly lose a lot of funds over time without this check.

Thoughts?

No. Just like the fact that people lose money when their computer gets hacked doesn't weaken Bitcoin. "Be your own bank" comes with responsibilities, or to state the obvious: "it's a feature, not a bug".

There is no ledger system, it's just two people with their own LN wallet. There could be a few hubs involved, but the only way to lose your money is if you lose your wallet.

In a technical sense, no, because LN is specifically not Bitcoin. It's a different protocol with a different security model. LN isn't for value storage; it isn't for permanent censorship-resistant transactions. That's what the Bitcoin blockchain is for. In fact, LN leverages Bitcoin's redundancy in the case of dishonest actors -- the blockchain is used to arbitrate disputes. 


You're laying it on a bit thick. Sure, growing pains for LN would encourage some FUD for Bitcoin since it's often touted as the ultimate scaling solution. No big deal, though.


It's not, but that's irrelevant. The Bitcoin blockchain entails the entire mining infrastructure and redundant transaction storage. Lightning doesn't. They shouldn't be judged as one and the same.

What I mean is, if LN's lack of redundancy allows for hacks and cheating transactions or some kind of weak link... wouldn't it weaken bitcoin, in general?

People will lose money from bitcoin because LN was hacked in some way, and they won't blame LN... it'll just fall on bitcoin. That's how the media and people's minds work. There will be headlines like: "For the first time, Bitcoin gets hacked" or whatever. You know how FUD operates.

But if LN's ledger system is as infallible as bitcoin's, then I guess there's nothing to worry about.

"It depends": you'll be responsible for your own backups, just like you're now responsible for backing up your private keys. It's up to you to make redundant backups.

There aren't that many miners. Stand-alone mining is very rare nowadays, and pool miners don't even need their own copy of the blockchain. There are about 10,000+ full nodes, and many people like me who run Bitcoin Core to keep a full copy of the blockchain. But that's not going to help anyone who lost their own private keys.

There is no central system between those two parties.

No. Bitcoin works with or without LN.

Yes, that's how it works.
It's just between two parties. There are no nodes that store all the commitment transactions between peers.

No.
If you try to cheat the system, you'll be punished by losing your funds in the channel.
Lightning network transactions persist as channel states, if you try to publish an old channel state (which won't be mined because  it's timelocked) then your counterparty will publish a transaction that takes your funds in the channel.
Read the lightning network whitepaper
It's documented there.

If LN is off-chain, and the transactions are all contracts that aren't published by miners... is it still redundant? Bitcoin is infallible only because you have redundancy between millions of miners who can confirm transactions because they all match up with everyone's ledgers.

But if LN is not mined, then it stands to reason that there's some kind of central system or some kind of system where the transactions are only in existence between two parties.

Doesn't that simply create an exploitable hole that allows for hacks and cheats that would just weaken bitcoin overall?

That's what I also think about how lightning network will work, the main purpose is to connect sender and receiver through Lightning network protocol/software while it doesn't matter if they are connected through LAN/WAN or internet.
If we would need to stay online for sending or receiving funds then it will be a big drawback of LN i guess.

I know how it works, my point is, I have doubts it can catch up at mainstream level if you can't make a transaction at any time, since you would need to contact the person that you are sending coins to first, to guarantee that it's node is online, this seems archaic and annoying.
For big businesses it shouldn't be a problem because they will have nodes online 24/7 but p2p will require contacting the person first which sucks.


You don't need to be online to receive a payment in a bank... since when would you need to? For example, one can be receiving payments from rented properties in your bank account without even talking to the people paying you for months. Looking at your funds to see if you received the payment is different from having to be online waiting for a transaction to arrive because otherwise it will not.

that could be a goal of some off-chain mechanisms, but the primary goal of off-chain transactions is moving transactions off the blockchain---no need to store them or wait for miners to publish them. lacking internet is a whole different issue.


sure, you can update state that way (assuming you have an open channel). both parties just need to sign. i think the problem is, how do you protect the state of your channel when your not connected? i don't want my life ruled by timelock.

as ETFbitcoin says, you'd only want to do this with timelock expiration far in the future---in case of unexpected circumstances. no matter what, it will always be safer (and less headache) to control good old UTXOs. i like the idea of opendimes, etc as bearer bonds---good for offline transactions.

All this assumes you already have an open channel with the other party.

Why would this be such a big problem? When I receive a payment by bank, I need to be online too, to confirm that I received it. More people than ever are online 24/7, and I doubt this will ever go down again.

You're missing the point.
The Lightning Network is a layer on the bitcoin blockchain; it does not have the infrastructure that the underlying blockchain does.
In bitcoin, the recipient of a UTXO does not need to be online because there are other people doing that job: nodes.
Nodes track UTXOs and store unconfirmed transactions in their mempool.
The Lightning Network is just a layer, it does not have nodes.

Even though bitcoin transactions are technically peer-to-peer, the nodes act as facilitators to Every transaction and UTXO.
The Lightning Network, however, is strictly peer-to-peer.
Transactions between peers in a LN channel are just signed bitcoin transactions that aren't broadcast to the bitcoin blockchain, so they are sent DIRECTLY between themselves, without need for nodes or miners.

If Alice is sending bitcoins to Bob, Bob doesn't need to be online to track or receive the transaction because other nodes do the work because Alice's bitcoin node BROADCASTS the transaction to the other nodes in the blockchain.

If Alice and Bob are peers in a channel, and Alice sends some funds to Bob in form of a commitment transaction, it will fail because Alice is sending the transaction DIRECTLY to Bob's node, not broadcasting it, and if his node is not there to sign the transaction too, then it will fail.
There are no other nodes involved in the transaction so there is no mempool for transactions to reside till the other peer comes online.

Also, commitment transactions are multisig bitcoin transactions (2-of-2 multisig p2wsh transactions to be precise) have to be signed by BOTH parties so if Bob is not online then he can't sign the transaction. A third party, Charlie, can't act in lieu of Bob, because that would require them having Bob's private key.

To summarise the reasons why payments fail when a counterparty is offline are:
1) transactions require the signature of both parties, and obviously won't work with just one signature
2) the transactions are relayed directly p2p, and there are no other nodes that are involved to store transactions

I remember someone like achow, nullius or theymos saying that right now, you need that both parties are online, otherwise it wouldn't work, which is a big fail and will never get anywhere when it comes to mainstream adoption, but then again, I heard that they are working in ways to mitigate this and avoid needing to have both parties online at the time of the payment which is just ridiculous, it will never catch up, people don't like that, they will most likely resort to third party stuff which will come with a decrease in privacy unfortunately. I wish there was a way to leave the transacion "on hold" until the other peer connected or something.

The whole point of OFF_CHAIN txns is that you DON'T need to be connected to the network ( ON_CHAIN ).

If I go to the market, and no one has reception, I can still give you valid contracts that you can validate, independently. Phone to phone or whatever.

If one party does connect to the network and tries to spend the txn in an attempt to snatch your funds, then you will have a certain amount of time (the timelock) to logon and claim your rightful coins, and their coins aswell.. :p

Basically - I give StarBucks a valid transaction, that gives them $5. Then I want another coffee, so I give them another txn that gives them $10, both coming from our initial MultiSig setup txn (which is on-chain). They cannot spend both, as they use the same outputs, so they throw the first one away and keep the second (which is more valuable to them).

Neither of these touch the network (require you to be online), until someone wants to cash out.

You don't need to be online to sign / verify / swap a TXN.

This is indeed my understanding of LN too.

Say it's a shop on a market place that sells bread. You know you'll be going there every week, so you've opened and funded a LN channel with the bakery shop once. You don't need to close the channel any time soon, so you can make off-chain transactions each time you buy bread. The transaction can be sent through QR-code or Bluetooth, without touching the internet.

Although I don't think I'll be using this scenario any time soom, I love it! Trustless offline transactions would make Bitcoin truly like cash.