{"type":"rich","version":"1.0","title":"ZmnSCPxj [ARCHIVE] wrote","author_name":"ZmnSCPxj [ARCHIVE] (npub1g5ā€¦3ms3l)","author_url":"https://yabu.me/npub1g5zswf6y48f7fy90jf3tlcuwdmjn8znhzaa4vkmtxaeskca8hpss23ms3l","provider_name":"njump","provider_url":"https://yabu.me","html":"šŸ“… Original date posted:2023-10-17\nšŸ—’ļø Summary of this message: Batched splicing can be risky if certain conditions are met, such as having no funds in a channel and using an old state. It is important for batched splicing mechanisms to have a backout option to prevent disruptions.\nšŸ“ Original message:\nGood morning Bastien,\n\nI have not gotten around to posting it yet, but I have a write-up in my computer with the title:\n\n\u003e Batched Splicing Considered Risky\n\nThe core of the risk is that if:\n\n* I have no funds right now in a channel (e.g. the LSP allowed me to have 0 reserve, or this is a newly-singlefunded channel from the LSP to me).\n* I have an old state (e.g. for a newly-singlefunded channel, it could have been `update_fee`d, so that the initial transaction is old state).\n\nThen if I participate in a batched splice, I can disrupt the batched splice by broadcasting the old state and somehow convincing miners to confirm it before the batched splice.\n\nThus, it is important for *any* batched splicing mechanism to have a backout, where if the batched splice transaction can no longer be confirmed due to some participant disrupting it by posting an old commitment transaction, either a subset of the splice is re-created or the channels revert back to pre-splice state (with knowledge that the post-splice state can no longer be confirmed).\n\nI know that current splicing tech is to run both the pre-splice and post-splice state simultaneously until the splicing transaction is confirmed.\nHowever we need to *also* check if the splicing transaction *cannot* be confirmed --- by checking if the other inputs to the splice transaction were already consumed by transactions that have deeply confirmed, and in that case, to drop the post-splice state and revert to the pre-splice state.\nI do not know if existing splice implementations actually perform such a check.\nUnless all splice implementations do this, then any kind of batched splicing is risky.\n\nRegards,\nZmnSCPxj"}