Gijs, I love the concept, will have to look at it more. One thought I have had on this subject is that it can also help decorrelated payments on an amount analysis level. It's a step up after we have PTLC's and more timing analysis protections. Curious if you see that as being a possibility with this research write up we did last year:
https://lightningprivacy.com/en/routing-analysis#splintered-payments Tony Giorgio On 9/22/23 09:53, Gijs van Dam wrote: > Good afternoon list, > > > I have touched on Link MPP over alternative routes before [0]. The > idea is that a node inside a payment route finds an alternative route > to the next node via one (or more) intermediary nodes. ZmnSCPxj and > Christian Decker were kind enough to discuss the topic with me a bit > more, and since it seemed feasible I went ahead and made a proof of > concept by developing a core-lighting plugin called Payment Splitting > & Switching (PSS) [1]. There is also a screencast showing the plugin > in action. [2] > > The plugin works as follows. The plugin announces its support for PSS > at `init`. If Alice and Bob both support PSS, and Alice receives a > payment to be relayed to Bob, she can decide to split up the payment > into multiple parts. One part will follow the original route and use > the original onion, but it will commit to an HTLC that carries an > amount less than the intended amount. Upon receiving that HTLC Bob > receives the onion that allows him to forward the payment, but because > the HTLC carries less than expected, he will wait for another payment > from Alice. Alice sends that payment like a normal payment to Bob over > an alternative route, e.g. via a single intermediary node, but > contingent on the payment hash of the original payment. Bob does a > little bit of housekeeping to check if the combined HTLCs are enough > for him to forward the payment, and if so, the payment is forwarded as > normal. > > My interest in Link MPP and PSS (which is basically Link MPP combined > with JIT-routing [3]) arose through my research in the Balance > Discovery Attack (BDA), aka the probing attack. From the perspective > of that attack it is interesting to note that PSS allows for route > changes and amount changes *without the sender knowing about it*. So > when an attacker has to assume that PSS is used, its interpretation of > information obtained through a BDA changes completely. Using > real-world data in an LN simulator I saw up to a 62% drop in > information gain when PSS is deployed compared to earlier work (Alex > Biryukov et al.) without PSS [4]. > > For details I refer to my preprint on the Cryptology ePrint Archive > [5]. Any feedback on it would be highly appreciated. I would also love > to hear your thoughts on what role PSS could play, if any, in > mitigating probing and/or jamming. > > Because the paper is at times quite technical, I have also written a > set of blog posts introducing the research. [7][8] > > Finally, I think PSS would also work with PTLC, but because this post > is long enough as is, I will leave that for another time. > > Thank you for your time, > > Gijs van Dam > https://www.gijsvandam.nl > > > [0]: > https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-August/003144.html > [1]: https://github.com/gijswijs/plugins/tree/master/pss > [2]: https://asciinema.org/a/520416 > [3]: > https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-March/001891.html > [4]: https://link.springer.com/book/9783031182846 > [5]: https://eprint.iacr.org/2023/1360 > [7]: > https://www.gijsvandam.nl/post/all-types-of-multi-part-payments-in-lightning-network-explained/ > [8]: > https://www.gijsvandam.nl/post/the-effect-of-multi-part-payments-on-the-balance-disovery-attack/ > _______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev