With sphinx, you can ensure that the payment is cryptographic-ally proven to be the recipient you intended through their node pub key. The pay to IP feature was vulnerable since the BTC address was generated on request and an attacker could provide their address through MITM, which can't be validated to belong to the intended recipient.
For privacy in BTC, on-chain transactions would be to a new address every time - so a new address would be required. However, since LN has onion routed payments, both privacy can be preserved and the recipient validated to provide the same general feature pay to IP provided. It's quite remarkable actually.
Widely believed to be the key to helping the cryptocurrency reach a mainstream audience by pushing it to handle millions of transactions, lightning still has a lot of work ahead of it. First and foremost, it’s not exactly safe to use yet. No less important is that the user experience has its kinks. Namely, the current way of generating addresses for accepting payments is not as easy or dynamic as it could be for many use cases.
Though, very importantly, it’s not a perfect code implementation — not by far. Plus, the usual warnings about using bitcoin’s lightning network while it’s still early-stage definitely still apply.
The main drawback to this method is an invoice can only be used once. If a user were to accept a second payment to the address, the payment could be stolen.
A ‘hacky’ start
While the code works, Osuntokun admits it’s “hacky” so far.
For sure these bugs will eventually be solved but the truth is for now LN is not yet production ready. It is in beta version. Most of the people seem's to think otherwise, they think LN is production ready, ready for mainstream use.
Not yet, maybe some day. There are plenty of work still to be done.
> Quote 3
> > The main drawback to this method is an invoice can only be used once. If a user were to accept a second payment to the address, the payment could be stolen.
I'd love to hear how exactly the payment would be stolen in this case? As far as I know if you re-use an invoice it will just get rejected by most node implementations. The ones which would not reject it would just receive the funds again (i.e. they'd have a valid transaction to claim them if they close the channel)... how is that "stolen" if the payer sent/signed the transaction?
This article is based on an interview with Lightning Labs CTO Olaoluwa Osuntokun. Did you even read the article?
This is not my personal opinion has nothing to do with me.
Why don't you ask this same question from Mr. Osuntokun
> This is not my personal opinion has nothing to do with me.
Why are you so defensive? Of course I've read the article. This isn't a direct quote of him but rather the author's understanding of this, which is not mine with my current knowledge. This is why I've asked this questions.
> Why don't you ask this same question from Mr. Osuntokun
He can answer here if he ever visits this place... or anyone else competent in the matter, this is why I am asking theses questions on a public forum. What is wrong with this?
I am sorry if you got the impression I was defensive, I was not doing that on purpose. I was just wondering why you ask me that question? I have no answer to that. I am just sharing a article that I think will be in benefit for Bitcoin and the community. I think it is better to tell the truth (all fact's) than try to hide it.
No nothing wrong with asking questions. And the more we ask the better it is for all of us, especially if we get some answers.