Morning all,
> However it seems to me that the payer will need a direct channel to the
payee, or at least the payment terminal (of the payee...?).
Yes, for the lightning NFC connection I had the local coffe shop use case
in mind.
> The trusted server can, for instance, be a full Lightning node running at
the payer's home.
This is my current setup and I feel the only feasible one for the privacy
minded. For the time being at least.
> The payer then only has to take a very light piece of electronics with
him/her. It will still be larger than a credit card (since authentication
should be done payer-side, e.g. with a PIN code), but it can be smaller
than a smart phone.
This is a great idea!
> But what the payment terminal would provide, would not be a connection to
the payment terminal node, but a connection to the Internet-in-general.
¿Por qué no los dos?
I'm thinking of a protocol where (after initial BOLT-11 transfer) the
terminal and device agree on the means of connection depending on what they
respectively support or makes sense at that moment. There is a standard way
for NFC to handover to bluetooth or wifi, I'll look into that. Basically
whatever works as long as it seems seamless to the user and is relatively
quick.
I'm not so fussed about potential abuse for these types of payments. In my
experience people are less likely to scam you if you are physically there.
:)
Thanks for your input! I made a pull request for the BOLT-11 MIME type and
I'll have a think-over bout the connection-handover business.
Cheers,
Igor
On 5 April 2018 at 18:53, ZmnSCPxj via Lightning-dev <
lightning-dev@lists.linuxfoundation.org> wrote:
> Good morning Corne,
>
> My understanding, of the setup of Igor, is that, there is a
> Lightning-protocol connection between the mobile device and the base
> station/payment terminal device.
>
> Initiating a payment to anyone on the network requires that you have
> direct communication with whoever you have a direct channel to.
>
> If the mobile device can communicate only with the payment terminal, then
> it can only pay using channels with the only node it has a connection to.
>
> The mobile device could pay anyone else on the network via that channel,
> but presumably the purpose of the payment terminal is to be the node that
> receives the payment.
>
> If the payment terminal itself connects to anyone else, on behalf of the
> mobile device, then that is beyond the current Lightning protocol. Perhaps
> Igor has added more messages that allow such a setup?
>
> Communicating over a secure channel to a trusted server is how I imagine
> most practical mobile devices would work. But what the payment terminal
> would provide, would not be a connection to the payment terminal node, but
> a connection to the Internet-in-general.
>
> Regards,
> ZmnSCPxj.
>
>
> Sent with ProtonMail Secure Email.
>
> ‐‐‐ Original Message ‐‐‐
>
> On April 5, 2018 11:52 PM, Corné Plooy via Lightning-dev <
> lightning-dev@lists.linuxfoundation.org> wrote:
>
> > If there are censorship concerns, you could opt for a set-up where payer
> >
> > has an authenticated connection to a trusted server, through the
> >
> > Internet connection provided by payee. The trusted server can, for
> >
> > instance, be a full Lightning node running at the payer's home.
> >
> > The payer then only has to take a very light piece of electronics with
> >
> > him/her. It will still be larger than a credit card (since
> >
> > authentication should be done payer-side, e.g. with a PIN code), but it
> >
> > can be smaller than a smart phone. Personally, I like this kind of
> >
> > set-up, because I see cell phones as a huge privacy issue (you're
> >
> > continuously transmitting your rough location to the network).
> >
> > Why would there need to be a direct channel between payer and payee? We
> >
> > have the Lightning network to avoid needing direct channels, right?
> >
> > CJP
> >
> > Op 05-04-18 om 17:39 schreef ZmnSCPxj via Lightning-dev:
> >
> > > Good morning Igor,
> > >
> > > This is quite an interesting use-case for Lightning.
> > >
> > > However it seems to me that the payer will need a direct channel to
> > >
> > > the payee, or at least the payment terminal (of the payee...?).
> > >
> > > In addition the payer will need to somehow get blockchain information
> > >
> > > from the payee if the payer itself has no Internet. The payee may
> > >
> > > have an incentive to prevent the payer from knowing that timeouts have
> > >
> > > been reached, for example, and may withhold new blocks (although all
> > >
> > > censorship attacks I know of that could be used on LN target the payee
> > >
> > > and not the payer).
> > >
> > > Is my understanding correct?
> > >
> > > Regards,
> > >
> > > ZmnSCPxj
> > >
> > > Sent with ProtonMail https://protonmail.com Secure Email.
> > >
> > > ‐‐‐ Original Message ‐‐‐
> > >
> > > On April 5, 2018 5:46 PM, Igor Cota i...@codexapertus.com wrote:
> > >
> > > > Hello all,
>