On Thu, Nov 02, 2023 at 05:24:36AM +0000, Antoine Riard wrote:
> Hi Peter,
> 
> > So, why can't we make the HTLC-preimage path expire? Traditionally, we've
> tried
> > to ensure that transactions - once valid - remain valid forever. We do
> this
> > because we don't want transactions to become impossible to mine in the
> event of
> > a large reorganization.
> 
> I don't know if reverse time-lock where a lightning spending path becomes
> invalid after a block height or epoch point solves the more advanced
> replacement cycling attacks, where a malicious commitment transaction
> itself replaces out a honest commitment transaction, and the
> child-pay-for-parent of this malicious transaction is itself replaced out
> by the attacker, leading to the automatic trimming of the malicious
> commitment transaction.

To be clear, are you talking about anchor channels or non-anchor channels?
Because in anchor channels, all outputs other than the anchor outputs provided
for fee bumping can't be spent until the commitment transaction is mined, which
means RBF/CPFP isn't relevant.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org