Hi Laolu,
thanks for bringing this up. I think committing to more data might be
nice, but I have some reservations re signaling in the onion packet
version. But let's start at the top:
> However, since the CLTV isn't also authenticated, then it's possible
> to attempt to inject a new HTLC with a
Hi y'all,
I'm not sure how good defenses are on implementations other than lnd, but
all implementations *should* be keeping a Sphinx reply cache of the past
shared secrets they know of [1]. If a node comes across an identical shared
secret of that in the cache, then they should reject that packet.