{"type":"rich","version":"1.0","title":"lisa neigut [ARCHIVE] wrote","author_name":"lisa neigut [ARCHIVE] (npub1sp…s64t2)","author_url":"https://yabu.me/npub1sprhp66c693av0c0n9had046hcdcckp2th25fnmphwstc5e4wg9qxs64t2","provider_name":"njump","provider_url":"https://yabu.me","html":"📅 Original date posted:2020-02-12\n📝 Original message:\n\u003e Probably so that address reuse is not dinged, i.e. I have two UTXOs with\nthe same address and want to make two different channels with different\npeers.\n\nHaving 2 utxos locked to the same pubkey will map to a single H2 value\nthough, which is what is used to flag utxo reuse. With a PoDLE you're\nproving that you have a *key* for a utxo; the verifier checks that the key\nyou say you know does in fact map to controlling the utxo that you say it's\nattached to. Whether or not you added the utxo to the signature commitment\ndoesn't add anything to the security of the verification.\n\nAt worse, it might leak what other utxo that the initiator controls, if\nthey accidentally commit to the wrong utxo and the peer decided to try\ngrinding utxo outpoints on the offchance that one matched.\n\n\n\nOn Tue, Feb 11, 2020 at 10:04 PM ZmnSCPxj \u003cZmnSCPxj at protonmail.com\u003e wrote:\n\n\u003e Good morning niftynei, and waxwing, and list,\n\u003e\n\u003e \u003e \u003e s = k + H(kG || kJ || P || P2 || utxo || receiving-node) x\n\u003e \u003e\n\u003e \u003e \u003e and as before transfer opening: (P, P2, u, s, e) with receiving-node\n\u003e implicitly reconstructed to do the verification of the Schnorr sig. It's\n\u003e basically a message in a signature.\n\u003e \u003e\n\u003e \u003e Oh that's *much* nicer than calculating a second commitment.\n\u003e Verification by any node that's not the intended recipient will fail, as\n\u003e they'll use the wrong node_id (their own).\n\u003e \u003e\n\u003e \u003e It seems unnecessary to me to commit to the utxo, since the pubkey pair\n\u003e effectively does that. What's the motivation for including it?\n\u003e\n\u003e Probably so that address reuse is not dinged, i.e. I have two UTXOs with\n\u003e the same address and want to make two different channels with different\n\u003e peers.\n\u003e\n\u003e While address reuse Is Bad, you might not have much control over some wog\n\u003e who is supposed to pay you and decides to give you your money in two\n\u003e separate UTXOs to the same address.\n\u003e\n\u003e Regards,\n\u003e ZmnSCPxj\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20200212/1c55131e/attachment.html\u003e"}