ZmnSCPxj <> writes:
> Good morning Rusty and aj and list,
>> > > In the payer-supplied data case, I think 'm' should include a signature
>> > > for a key only the payer knows: this lets them prove they made the
>> > > payment.
>> >
>> > I don't object to that, but I think it's unnecessary; as long as there
>> > was a payment for delivery of the widget to "aj" in "Australia" does it
>> > matter if the payment was technically made by "aj" by "Visa on behalf
>> > of aj" or by "Bank of America on behalf of Mastercard on behalf of aj's
>> > friend who owed him some money" ?
>> You often don't want the vendor to know anything about you, and there's
>> often no reason why they should.
>> And it just doesn't work unless you give over uniquely identifying
>> information. AJ posts to r/bitcoin demonstrating payment, demanding his
>> goods. Sock puppet says "No, I'm the AJ in Australia" and cut & pastes
>> the same proof.
> Technically speaking, all that AJ in Australia needs to show is that he or 
> she knows, the private key behind the public key that is indicated on the 
> invoice.
> Before payment, only the payee knows this private key.
> After payment, both AJ in Australia and the payee know this private key 
> (since the payment is conditional on AJ in Australia learning this key).

But the merchant (payee) knows it too.  So the lizard masters[1] at
Blockstream can produce this proof as well?

Lightning-dev mailing list

Reply via email to