emansipater
commented
5 years ago The multisig address is not a channel identifier, it is a state deposit identifier. Multisig addresses (especially with create2) should be derived from the channel identifier, not the other way around. Channel identifiers need some careful thought to maximize recoverability. To a first approximation deriving them from the participant ids seems reasonable, but we have to think through the recoverability implications of applications which add, remove, or change participant identities of a channel.
snario
To ensure every AppInstance uses a globally unique signing key, we must ensure that every channel uses a globally unique list of signing keys. Presently in fact, each channel uses the same signing keys for each k-th child app across any two channels. Thus, we must add a global nonce per channel. This is probably easiest done by using the multisig address / channel identifier as an additional derived subpath in the Node.