I'm not sure if this is known, but I'm pretty sure it's benign and so I thought I'd share since I found it interesting and maybe someone else will too. I'm not sure if this is already known either.
https://github.com/lightning/bolts/blob/master/03-transactions.md#offered-htlc-outputs Offered HTLCs have three claim paths: the revocation case, the offerer claiming through the HTLC-timeout transaction, and the receiver claiming via their sig + preimage. The offering party can claim via the HTLC-timeout case on their commitment transaction with their signature and the remote's signature (SIGHASH_ALL) after the cltv_expiry timeout. Since the remote party gives them a signature, after the timeout, the offering party can claim with the remote's signature + preimage, but can only spend with the HTLC-timeout transaction because of SIGHASH_ALL. This assumes that the remote party doesn't claim it first. I can't think of any cases where the offering party would know the preimage AND want to force close, so that's why I think it's benign. It does make the witness smaller. The same trick isn't possible with the Received HTLC's due to OP_CHECKLOCKTIMEVERIFY. Eugene (Crypt-iQ on github)
_______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
