ln breach remedy – How is a doublespend prevented in the Lightning Network?

Alice and Bob open a channel with a fixed balance equal to the amount in the multi-sig address. The channel opens with a balance sheet which includes proof for both Alice and Bob’s balance.

Every update to the balance sheet requires action and cooperation from both Alice and Bob, so they must both be online, and each step is designed with contingencies keeping the process fair by providing leverage against an uncooperative party.

The balance book is therefore always identical for both parties. When closing a channel, if both parties sign, the channel closes cleanly. One party could close the channel by themselves, as they have a signed contingency script provided by the other party but that script includes a time lock. This gives the other party time to see, verify and contest the closing transaction by providing details of a newer balance if it exists. There won’t be one if the first party was honest because that party would not agree to partake in any more payments.

The cost of cheating is that the cheater gets 0 and the would be victim gets the whole balance. If the victim is not online for the whole time lock duration and does not contest the transaction, they can be a victim of double spend. Users should always be online and the time lock provides a contingency in case of outages or down time for justice to be served.

If need be, you can use “watchtowers” to protect you if your node is offline often.

As long as one or both party is closing the channel, the balance sheet will not change and transactions will not route through your channel, so the lightning network will never experience an imbalance or double spend off-chain.

You can experience a double spend if you are not online, but with the time lock and the penalty of forfeiting all the funds, the risk of ending up worse off is very high so although possible, this type of attack is very unlikely.

Settling the invoice/payment in lightning while the other party is unresponsive

Given that Alice wants to pay Bob in the lightning network, Bob first creates an invoice (using the python api) for A as follows:

request = invoicesrpc.AddHoldInvoiceRequest(hash=r_hash, value=30000)
response_hold_B_to_A = stub.AddHoldInvoice(request, metadata=(('macaroon', macaroon)))

and sent the payment request in response_hold_B_to_A to Alice.

Next, Alice sends the payment to Bob as follows:

request = routerrpc.SendPaymentRequest(payment_request="<bob_invoice>", timeout_seconds=10000)
for resp in stub.SendPaymentV2(request, metadata=(('macaroon', macaroon))): print(resp) 

Let say after Alice sends the payment it will go offline, and Bob before the payment time expires releases its preimage of the invoice as follow:

request = invoicesrpc.SettleInvoiceMsg(preimage=r_preimage)
response = stub.SettleInvoice(request, metadata=(('macaroon', macaroon)))

At this point, if Bob checks its channels by executing request = lnrpc.ListChannelsRequest() then the htlc is gone and the channel is inactive and the channel balance is NOT updated; However, if Bob checks the status of the invoice by executing:

request = invoicesrpc.SubscribeSingleInvoiceRequest(r_hash=r_hash) 
for response in stub.SubscribeSingleInvoice(request, metadata=(('macaroon', macaroon)))

it shows that state of the payment is SETTLED.

Now if Bob closes the channel (forcefully) then the balance still not reflected.

In summary Bob’s channel balance does not change even though he has done everything right.
Can someone please explain what is happening here? and how can Bob get paid in this situation? Should he go on the blockchain with its preimage and if so how would it do it?

lightning network – Can we use lnurl-auth to create a better password manager?

LNURL-auth can be used to implement registration/login in a web app in which users don’t need username/password or other credentials instead they can just use their LN wallet to login. However cannot be used if the website doesn’t support it so can we do this locally for websites using a browser add-on?

Right now only few websites support it including LNMarkets

I have also created an issue in btcpayserver repository to support it: https://github.com/btcpayserver/btcpayserver/issues/2004

How would LNURL-auth work with a password manager?

When you create a new password, the password manager uses the main lnurl-auth key to derive a key specific for that password(challenge: random value), uses that key to sign the challenge and then saves both the public key specific for that password plus the signed challenge locally.


When the user needs to login using one of the saved passwords in a website, scans a QR code shared by password manager browser add-on or enters some PIN used by internal LN wallet in pwd manager, it retrieves the public key, checks it against the challenge signature and attempts login for that user.

What are the pros and cons if this is possible?

I don’t understand the below part mentioned in this link: https://xn--57h.bigsun.xyz/lnurl-auth.html

In fact, lnurl-auth is very unique in the sense that it doesn’t even need a Lightning wallet to work, it is a standalone authentication protocol that can work anywhere.

Also I don’t know why linking LN wallet on https://lnmarkets.com requires user to pay 100 sats invoice. Is it added to avoid spam registrations?


I was not asked to pay anything to login on https://etleneum.com



lightning network – Why does every HTLC in a commitment transaction require its own signature?

Why isn’t the signature for the entire commitment transaction enough?

Because the htlc_signature field contains the signature for the HTLC transactions spending from the htlc output(s) (either received or offered) of the commitment transaction.

To expand a bit, some paths of the HTLCs scripts (timeout for an offered htlc output and success for a received HTLC output) pays to a 2of2, thus you need the right transaction which spends from this output to be signed before comiting to this (otherwise unspendable by using this script path) output.

EDIT: This question originates from this Github issue, to which Olaoluwa Osuntokun (@Roasbeef) gave today a detailed high-level explanation of why second-stage HTLCs are used in Lightning Network.

The following is the copy paste of his answer that might be of interest to anyone passing by.

Here’s my attempt at a high level explanation:

We use something called two-stage HTLCs in the system. This allows us to decouple the CLTV (absolute timelock for HTLCs) from the CSV (commitment delay to allow for breach retribution). To see why this is an issue, consider if we had both of these in the top-level HTLC script. From here, one can imagine a scenario where we have an HTLC that can be timed out (absolute block height passed), but we can’t spend it (timing it out) until our CSV period has also expired. Therefore, one needs to set their CSV values taking into account the absolute timelock (CLTV) value as well. Critically, before a user can cancel their incoming off-chain HTLC (timing out the outgoing on-chain), they need to wait for this CSV period. However, if the CSV is greater than the time lock delta (diff between incoming and outgoing HTLCs), they’ve created a race and could possibly lose money.

Without HTLCs, the dependency between the CLTV delta value and the CSV value means that if one wants to have a higher CSV value (more time to punish malicious channel peers), then they also need to have a longer CLTV delta value. As an example, a common set up with lnd is that for super higher value channels we have a CSV value of 2016 blocks (two weeks). Without second-level HTLCs, we would need to also make our CTLV delta value (40 blocks default atm), greater than 2016 blocks. This change would then propagate through the entire network, resulting in very long time lock values. The sender of an HTLC eats the full time lock delay, meaning that know their absolute worst case is much higher, trading off for better multi-hop HTLC security.

Thankfully, we figured out a solution to this: two-stage HTLCs. Note that the HTLC scripts I described above were never actually deployed. Two-stage HTLCs are actually used in the original LN white paper for a similar reason. The defective design described above was created when developers were trying to compress down the scripts and on-chain footprint a bit.

A two-stage HTLC decouples the CSV period from one’s CTLV time-lock delta. To do this, we now require the party that forced closed to spend their HTLC with a special transaction. This transaction spends a CLTV clause in the script, and itself includes a nLocktime value as well. The output of this special transaction then pays to the party timing our or redeeming the HTLC, but then enforces a CSV period. We call them two stage as we enforce two states in the claim: wait for absolute timeout value, then wait for CSV value. Note that once the absolute timeout value passes, the party can spend the original HTLC output, transitioning the HTLC claim state machine to the CSV waiting period. At this point, they can safely cancel back any off-chain HTLCs, as the other party isn’t able to settle it with a pre-image at this point.

The way we enforce this spend, is that we make any HTLC spends from one’s commitment transaction (which you broadcast during a force close) actually be a multi-sig output. We use this output to create what’s essentially an “off-chain multi-sig covenant”. Since they require our signature to spend this output, we force them into a particular type of spend using pre-signed transactions. As a result, each time we want to give them a new commitment, in addition to the commitment signature (multi-sig spending teh funding output), we also send a series of signatures, one for each HTLC, that blesses their spend of the HTLC output.

[OzzModz] Lightning Bolt Link To New Posts

Admin submitted a new resource:

[OzzModz] Lightning Bolt Link To New Posts – Change lightning bolt icon to link to new posts

Simple addon that changes the lightning bolt icon link from what’s new to new posts. Just install it and forget it, no settings or permissions.

Read more

{Global Host IT Smart}Power Your Business With Lightning Fast Linux Hosting – Hosting, VPN, Proxies

Enhance the power of your Linux website with our customized Linux web hosting service from Host IT Smart. We are perfect for small, medium businesses looking for a dynamic hosting solution at affordable pricing. We have a starter as well as economy Linux hosting plans with cPanel to match your needs.

We don’t only believe in pricing but also the plans’ features, which are essential factors. We provide the best features in terms of security, resources, backup to make your website complete professional. We also offer a free SSL certificate with the plans.

Let’s get a look to our Linux hosting plans & Features:

Pricing of Linux web hosting:

Starter plan – @ $1.50/mo 

  • Unlimited Webspace
  • Unlimited Bandwidth
  • 1 website
  • SSL Certificate
  • Unlimited E-mail IDs
  • 1 subdomain
  • 2 MYSQL space

Performance plan -@ $2.50/mo

  • Unlimited webspace
  • Unlimited Bandwidth
  • 5 websites
  • SSL Certificate
  • Unlimited E-mail IDs
  • Unlimited subdomains
  • 10 MYSQL space

Business plan – @ $ 5.00/mo

  • Unlimited Webspace
  • Unlimited Bandwidth
  • Unlimited Websites
  • SSL Certificate
  • Unlimited E-mail IDs
  • Unlimited subdomains
  • Unlimited Dataspace

These 50% discounted prices, but you can avail more discounts with the plans.

If you purchase Linux hosting for more than 2 years, it avails you for an additional 30% discount, which totals 80% off!

By Applying code: HOSTITSMART30, You Get an Extra 30% Discount.

For More Details on Linux Hosting plans, Visit

Highlights to appreciate with Host IT Smart:

  • cPanel
  • Free SSL Certificate
  • Regular Malware Scanning
  • Unlimited Emails
  • 99.99% Uptime Guarantee
  • 24*7 Technical Assistance

Our Support Team is prepared to help you in any circumstance and anytime to tackle any issue in the best possible manner. We additionally furnish Instant Talk administration to interact with you, virtually.

For Immediate Assistance or information, contact us: info@hostitsmart.com or visit our website for live chat. 

lightning network(lnd) on bitcoin private chain(regtset)

Can I install lightning network(lnd) on bitcoin private chain(regtset)? If so, how to install it?

thank you very much!

How do I identify my EarPods lightning are original?

When I connect my EarPods bought along with iPhone from suspect source I can see sth like this:

enter image description here
enter image description here

Is not weird? Are they original or not?

lightning network – Why does the funder send the signed settlement to the counter-party in eltoo?

Quoting from the Eltoo paper:

Before signing and broadcasting the funding transaction the funder requires the other endpoint to create an initial settlement transaction that
returns the funds back to the funder. The initial settlement transaction
spends the funding output, and creates a single output that returns all of
the funds to the funder. This settlement transaction is then signed using
the settlement key and returned to the funder. The funder verifies that the
settlement transaction matches its expectations, i.e., it returns its funds and
is signed by the other endpoint. Now the funder can broadcast the funding
transaction, and wait for it to be confirmed effectively starting the contract.
The funder also signs the initial settlement transaction, making it complete
and returns it to the other endpoint.

In the last sentence, the funder signs the initial settlement and sends it to the other endpoint. But why does the other endpoint need it? This settlement transaction returns all funds to the funder, so there is no benefit for the counter-party to ever publish this first settlement transaction. Couldn’t this step be skipped?

dnd 5e – What action is used to throw a javelin of lightning?

The description of the javelin of lightning says (emphasis mine):

This javelin is a magic weapon. When you hurl it and speak its command word, it transforms into a bolt of lightning, forming a line 5 feet wide that extends out from you to a target within 120 feet. (…) The lightning bolt turns back into a javelin when it reaches the target. Make a ranged weapon attack against the target. On a hit, the target takes damage from the javelin plus 4d6 lightning damage.

The javelin’s property can’t be used again until the next dawn. In the meantime, the javelin can still be used as a magic weapon.

This seems a little ambiguous at first. The special ability of the javelin is essentially a way for it to do damage to the primary target and other creatures along the way, but it still involves a ranged weapon attack against that primary target – and the way you do that is to “hurl” the weapon (i.e. throw it). Thus, it seems reasonable to interpret it as a single weapon attack made as part of the Attack action, since nothing in the item’s description says otherwise – you’re simply attacking as normal, and saying a command word to activate its special ability when you do so.

Rules designer Jeremy Crawford unofficially confirms this interpretation on Twitter:

When using the special ability of Javelin of Lightning does the attack have disadvantage if target is outside normal range for a standard javelin rwa? Is this ability part of an Attack Action or some kind of magic item activation? RAI>RAW if they differ.

The attack portion of the javelin of lightning follows the normal rules for an attack with a javelin, and it can be done as part of the Attack action.

In short, it’s a single attack within the Attack action, and follows the corresponding rules. Essentially, you throw it as you would any javelin as part of an Attack action, you potentially speak its command word to transform it into a bolt of lightning as it flies through the air, and then it turns back into a javelin as it hits the target (doing extra damage if you activated its special ability).

This magic javelin’s description does note: “The javelin’s property can’t be used again until the next dawn.” So if you had multiple javelins of lightning somehow and you had the Extra Attack feature, you could theoretically throw multiple ones in a single turn, but you’d be using up both javelins’ ability to be used in this way for the day. (Not to mention that you’d have to have at least one of the javelins already drawn at the start of the turn, since you’d use your one free object interaction for the turn to draw a javelin.)