BOLT 4: Add sender authentication #946
Conversation
|
IMHO there will be many different ways we could want to do "some kind of sender authentication", probably too many have them in the BOLTs. BLIPs feel like a better candidate for this, at least for now? |
|
This probably shouldn't be part of the spec. Even LNURLauth doesn't need to be specific to LN or a LN node. Why would each node need to auth individually anyway? What if I own two nodes? Etc, etc, etc. |
I assume (or, well, maybe hope?) that most wallets haven't implemented that? LNURL has many parts and only some are widely implemented. At a high level, I agree with @t-bast here - one major issue is what, exactly, are you authenticating? Chat protocols shouldn't be explicitly authenticating, probably, but doing some kind of double-ratchet handshake to establish a secure channel instead. KYC protocols probably want an explicit authentication of a node_id, but only a pre-registered one. Other protocols may want a random one-off one, etc. |
|
Will convert this into a BLIP, which is indeed more suitable. |
|
Concept ack on the idea to have this definition in the BLIP. |
|
Created bLIP, closing this PR. |
Adds the possibility for the sender to optionally authenticate themselves. More background: https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-December/003422.html
This may not be the most popular PR, but sender authentication is possible using custom records already and perhaps it is better to spec it out here rather than letting it emerge organically. Otherwise we may get the same situation that we currently have with payment types. LNURL is ahead with sender auth already too.
Also we have the opportunity to set a standard for sender authentication that preserves privacy better than adding a signature.