You’re right, it’s one of the solutions and Raiden follows this approach. However, this solution has very low privacy, because watchtowers will be able to associate all transactions made by the same channel. There is more information about this approach in the next 2 articles of this series.
Using multiple watchtowers won’t mitigate privacy risks, because most likely there will be a big network of obedient watchtowers that will participate in a massive financial surveillance, the same as modern banks and other financial institutions do.
Correct, you can scan QR-code with different apps and the result will be the same, unless there is a bug with the scanning app.
Correct, server and your 2FA app don’t communicate. You just need to get a secret key in order to generate valid TOTP codes.
Thanks for pointing that out, however, I don’t see how it can solve the problem. The solution you’re referring to is similar to what Conner Fromknecht has said:
Clients prepay the tower for a certain number of updates. If usage is exponential then so is the tower’s revenue.
Sure, with eltoo-style, latest-state-only mechanisms, disk space is not a problem at all, but privacy is in danger, since watchtowers will be able to link each and every transaction to a particular channel or account. As a result, an adversary can track all your financial activities.
So even a 50 cent on-chain transaction fee would be high compared to LN and therefore make it much more beneficial to use the LN over on-chain transactions.
LN is not competing with on-chain transactions, but rather with other altcoins and existing centralized payment solutions with instant transactions, often zero fees, and…
Agree, critical article about LN fits into big blocker’s agenda, so BCH community was happy to share it. However, it doesn’t justice the fact that the article was heavily downvoted on r/bitcoin. Here is a good example how NEO community responded with 96% upvotes to a very critical post, which eventually got 618 points.
The argument is that you shouldn’t scan QR codes, but rather input (and backup) your secret key manually into TOTP app, because most 2FA QR codes also include completely unnecessary data such as domain name and your email address, which gives more information to a potential adversary.
P.S. SMS 2FA is obviously less secure than TOTP 2FA.
Haha, nice trolling! I’ve actually learned how to decode QR codes by hand, but it’s just too complicated comparative to using friend’s phone.
I do like an idea of generating the TOTP in your head, but it needs more research and implementation is very unclear. I’d review this approach in 5–10 years from now, when we’ll advance in bio-engineering.
There are many off-chain scaling projects, and most of them have payment channels. I wouldn’t say that RDN team just copies the code, because they have different approaches to solve similar problems via utilizing smart contracts. In the recent article about LN watchtowers and RDN monitoring services I’ve highlighted the main differences, so you can…