SomberNight
commented
6 months ago
- Time passes, and the HTLC between Alice and Bob expires. Bob force closes the channel.
- More time passes, and the CSV delay expires, Bob now redeems the HTLC.
There is no CSV delay (unless Bob broadcasts a revoked ctx). Timing out an offered HTLC in a ctx works by broadcasting an "HTLC-Timeout" tx - the only timelock involved works by the "HTLC-Timeout" tx being presigned with a specific nLocktime (which is set to the expiration time of the HTLC).
- Time passes, and the HTLC between Alice and Bob expires. Bob force closes the channel.
We could increase the cltv_delta in the invoice created by Alice: https://github.com/spesmilo/electrum/blob/ff5048752839056b0dc81f6c3b5b3a67948dbcb6/electrum/lnworker.py#L2177 This value is currently ~1 day (147 blocks). We could increase it to 3-5 days. (increase it just for this specific use-case of normal swaps though, so it needs some refactoring)
ecdsa
Scenario:
I do not think this is fixable; this is a consequence of the new protocol. (note: In the old protocol, Alice sends on-chain funds before she receives the HTLC. She has the preimage and settles the HTLC instantly).
Note that the GUI currently shows a dialog instructing the user to stay online until the funding transaction is confirmed. However, that dialog is shown when the user initiates the swap, and the risk might not be understood. I think we should also show a dialog when the GUI is closed.
If Alice shuts down her client while a swap is ongoing, the GUI could show a dialog offering several choices:
edit: cancelling the swap does not guarantee that the swap funding transaction will not be mined