> A problem with the idea of using one-show signatures as double-spend
> protection is that miner-claimable fidelity bonds don't work as well
> against adversaries that are not just counterparties but also miners
> themselves.
Hey David,
The fidelity bonds in the Ark context are nothing but the
Hi David,
Ark can be used for three purposes:
1. Mixing coins.
Ark is a scalable, footprint-minimal off-chain mixer. People can use Ark to mix
their coins with others. This doesn’t require waiting for on-chain
confirmations since you’re mixing your own coins with others.
2. Paying lightning i
> You can also do the same in Lightning, with the same risk profile: the LSP
> opens a 0-conf channel to you, you receive over Lightning, send out over
> Lightning again, without waiting for onchain confirmations.
This is not correct. If an LSP opens a zero-conf channel to me, I cannot
receive
> 0-conf transactions are unsafe since it is possible to double-spend the
> inputs they consume, invalidating the 0-conf transaction.
A future extension of Ark can potentially utilize a hypothetical data
manipulation opcode (OP_XOR or OP_CAT) to constrain the ASP's nonce in their
signatures to
> As the access to Lightning is also by the (same?) ASP, it seems to me that
> the ASP will simply fail to forward the payment on the broader Lightning
> network after it has replaced the in-mempool transaction, preventing
> recipients from actually being able to rely on any received funds exist
Hi list,
I'm excited to publicly publish a new second-layer protocol design I've been
working on over the past few months called Ark.
Ark is an alternative second-layer scaling approach that allows the protocol
users to send and receive funds without introducing liquidity constraints. This
mea
