Open fredo opened 3 years ago
additional note:
It should also be checked if the state machine of the initiator is modeled such that it waits for the secret request. If so we need to change that it will skip this part if the secret arrives before the request happened.
Note: Duplicate of https://github.com/raiden-network/light-client/issues/2730
Description
An improvement to the transfer workflow is for the node to be able to send the transfer's secret ECIES encrypted to the target, so they don't need to request it from the initiator off-band, making the transfer faster, reducing the number of messages, removing the requirement for non-channel-connected nodes to be able to communicate. The drawback is that the initiator can't know the transfer failed until it expires, due to they losing the ability to chose to reveal the secret or not, which now lays with the target.
Protocol
additionalHash
signature in order for it to be valid, but the actual object must not be modified, including routes; they should be exclusively set by initiator, while mediators may read-only some if they need to, e.g. to get next hop in routemetadata.secret
, together with the Request parameters, in order to ensure the target will be able to decide if they should reveal it and the mediators didn't take more fees than intendedmetadata.secret
is a hex-encodedbytestring
containing the encrypted version of a CanonicalJSON-serialized objectmetadata.secret = hex_encode(encryptEcies(JSON.stringify(secret_payload), target.pubkey));
secret_payload
schema:payment_identifier
: string decimal encoded number up to 64bitssecret
: hex-string 32bytesamount
: string decimal encoded number up to 256bitsexpiration
: block, string decimal encoded number up to 256bitssecret
is present in metadata, and try to decrypt and parse the resulting string as a JSON.secret
is present, and hashes to the transfer'ssecrethash
SecretRequest
to the initiatormetadata.secret.amount
. If not, they should not reveal the secret, as mediators took more than they should; If they don't validate it or still go ahead and unlock, it implies they accepted whatever amount the initiator intended, even if less was received, and initiator can mark the transfer as paid.Acceptance criteria
metadata
as ismetadata.secret
, if present, use that to unlock directly and skip requesting it from initiator, if possibleTasks