Hi,
Is there a reason why we have HMACs in Sphinx? What could go wrong if we didn't? A receiving node doesn't know anyway what the origin node is; I don't see any attack mode where an attacker wouldn't be able to generate a valid HMAC. A receiving node only knows which peer sent it a Sphinx packet; verification that this peer really sent this Sphinx packet is (I think) already done on a lower protocol layer. AFAICS, The only real use case of the HMAC value is the special case of a 0-valued HMAC, indicating the end of the route. But that's just silly: it's essentially a boolean, not any kind of cryptographic verification. CJP _______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
