Good morning list,
During the summit, it was asked about an actual application problem for vending
machines without any secret keys (so that hackers of vending machines cannot
steal money from the machine).
It was quite very satisfactorily solved by one of us, and I thought it would
best shared and recorded for posterity (as it was not recorded in the wiki).
The problem:
1. There exists a vending machine which must be offline and not contain any
secret keys, in order to prevent theft from the machine.
As the machine is not under direct control of the owner of the machine, it
is better if the attack surface is reduced.
2. The owner of the vending machine (who is selling the product) has a
separate, probably singular, Lightning node to receive payments.
The solution:
1. Each vending machine contains a fixed number of hashes, as well as invoice
signatures (signed by the owner Lightning node) corresponding to each hash.
The number of hashes must at least equal the number of product for sale.
The description of the product as well as the invoice price is fixed (after
all, Bitcoin must be our unit of account).
(for vending machines supporting multiple product types, simply multiply
this table by the number of different product types)
2. Each hash has a 1-bit flag, initially 0.
This flag is set to 1 when the hash has been claimed.
3. When a customer requests to purchase a product, the machine searches for a
hash whose flag is 0.
It generates the invoice (concatenating the description and price, and
filling in the payment hash and invoice signature) and gives to customer.
4. The customer pays as normal.
The vending machine owner node receives this payment and releases the
preimage as proof-of-payment.
5. The customer gives the preimage to the machine, via QR code or via
short-range radio technology such as bluetooth or NFC.
6. The machine checks the preimage, computes it hash, and checks if it is in
the list of hashes.
If so, and the claim flag is not set, it sets the flag and releases the
product.
OPEN PROBLEM: If product release fails due to mechanical failure, there is
no way to easily refund the payment.
7. When replenishing the supply of product to the vending machine, the supply
of hashes can also be replenished by the owner of the vending machine also.
Regards,
ZmnSCPxj_______________________________________________
Lightning-dev mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
