Good morning niftynei, and waxwing, and list, > > s = k + H(kG || kJ || P || P2 || utxo || receiving-node) x > > > and as before transfer opening: (P, P2, u, s, e) with receiving-node > > implicitly reconstructed to do the verification of the Schnorr sig. It's > > basically a message in a signature. > > Oh that's *much* nicer than calculating a second commitment. Verification by > any node that's not the intended recipient will fail, as they'll use the > wrong node_id (their own). > > It seems unnecessary to me to commit to the utxo, since the pubkey pair > effectively does that. What's the motivation for including it?
Probably so that address reuse is not dinged, i.e. I have two UTXOs with the same address and want to make two different channels with different peers. While address reuse Is Bad, you might not have much control over some wog who is supposed to pay you and decides to give you your money in two separate UTXOs to the same address. Regards, ZmnSCPxj _______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
