digitsu/gist:35eb31bd50178a2cfb4f30751e8b3186

## gistfile1.txt
ah hello
digitsu
cool, yeah, what you described was pretty much my understanding.  But I have a question.
digitsu
what if Dave discloses R, and then Carol becomes unresponsive?
digitsu
at this point, carol should be using R to pull funds from Bob, but she dies instead.
digitsu
then what incentive would Dave have to give back the money to Alice (through a return path) he is paid.
digitsu
Carol ends up being the payer.
digitsu
this means it would be a good point to DDoS carol once you disclose the R to her.
jl2012
Dave should not disclose R until he gets the hash locked contact from Carol
digitsu
sure.
digitsu
and he gets that. which is why he is paid.
digitsu
but then Carol is DDoSed after that, so she cannot pass R to Bob.
digitsu
Bob reclaims his HTLC in 1 day.
digitsu
Carol ended up paying FOR Alice.
jl2012
That's another question. I don't have a good answer, other than "1 day should be enough". You may ask it on the lightning-dev channel
jl2012
Oh no
jl2012
If Carol can't communicate with Bob, she should settle the channel on chain
jl2012
Unless the bitcoin network itself is ddosed, or blocks are all full
digitsu
well, in a DDoS situalion carol cannot communicate with anyone.
digitsu
the solution in the paper says you need to trust a 3rd party to broadcast the closing txns for you.
digitsu
which works, but it somewhat centralized.
digitsu
and normally the 3rd party solution works as they are monitoring for old stale commitment txns (and will transmit the penalty txn if they see one)  But in this case, they have nothing to watch on the blockchain.  The fact that Carol is DDoS'd is silent.
digitsu
this attack vector is new and inherant to LN
digitsu
I asked this on Lightning-dev channel is slack.  Nobody answers.
	ah hello
	digitsu
	cool, yeah, what you described was pretty much my understanding. But I have a question.
	digitsu
	what if Dave discloses R, and then Carol becomes unresponsive?
	digitsu
	at this point, carol should be using R to pull funds from Bob, but she dies instead.
	digitsu
	then what incentive would Dave have to give back the money to Alice (through a return path) he is paid.
	digitsu
	Carol ends up being the payer.
	digitsu
	this means it would be a good point to DDoS carol once you disclose the R to her.
	jl2012
	Dave should not disclose R until he gets the hash locked contact from Carol
	digitsu
	sure.
	digitsu
	and he gets that. which is why he is paid.
	digitsu
	but then Carol is DDoSed after that, so she cannot pass R to Bob.
	digitsu
	Bob reclaims his HTLC in 1 day.
	digitsu
	Carol ended up paying FOR Alice.
	jl2012
	That's another question. I don't have a good answer, other than "1 day should be enough". You may ask it on the lightning-dev channel
	jl2012
	Oh no
	jl2012
	If Carol can't communicate with Bob, she should settle the channel on chain
	jl2012
	Unless the bitcoin network itself is ddosed, or blocks are all full
	digitsu
	well, in a DDoS situalion carol cannot communicate with anyone.
	digitsu
	the solution in the paper says you need to trust a 3rd party to broadcast the closing txns for you.
	digitsu
	which works, but it somewhat centralized.
	digitsu
	and normally the 3rd party solution works as they are monitoring for old stale commitment txns (and will transmit the penalty txn if they see one) But in this case, they have nothing to watch on the blockchain. The fact that Carol is DDoS'd is silent.
	digitsu
	this attack vector is new and inherant to LN
	digitsu
	I asked this on Lightning-dev channel is slack. Nobody answers.