Good morning Antoine, > It should be noted, this current reputation-credential architectural > framework assumes credentials distribution at the endpoint of the network. > However, the framework should be flexible enough for the credentials to be > harvested by the LSPs, and then distributed in a secondary fashion to their > spokes, when they need it, or even attached transparently thanks to > trampoline. So one design intuition, there is no strong attachment of the > reputation to the endpoint HTLC sender, even if the protocol is described in > a "flat" view for now.
This seems incorrect. If I am an LSP, and I know my competitor LSP distributes their credentials, then I can simply apply to be a spoke on my competitor and then make several payments to my node, which I then jam up. This reduces the reputation of my competitor LSP. This is even worse if my competitor LSP attaches their credentials on trampolines, I do not even need to apply to be a spoke on my competitor that way. Thus in both cases the competitor LSP needs to have a similar way of ensuring that their spokes / trampoline requesters are not also trying to jam *them* in order to drain their reputation. Thus all reputation still rests with ultimate senders, who have to convince LSPs to sell their reputation to them, because they might secretly be competitor LSPs who have incentive to drain their reputation. If the price of sold reputation is too high, then it is no different from upfront fees. If the price of sold reputation is too low, then I can drain the reputation of competitor LSPs. Regards, ZmnSCPxj _______________________________________________ Lightning-dev mailing list Lightning-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
