You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While studying a Nostr Wallet Connect plugin it occurred to me that a nice risk mitigation would be if CLN can (optionally) allocate a budget to each plugin.
This could take the form of a fake balance, which a user can topup with lightning-cli plugin-topup my-favorite-plugin 100000sat. Any payments initiated by the plugin are deducted from their balance, any paid invoices initiated by it are added.
When a plugin asks for the balance it gets the min of the real balance and this allocated balance, so fractional reserve shenanigans are limited.
One part I'm not sure about is how to represent channel balances. Maybe plugins with an allocated budget simply can't see those.
Ultimately IIUC plugins are executables in user space so they can always shell out and call lightning-cli rug-for-me, so none of this removes the need for code review. However I think it's still a nice user experience, and some peace of mind, to e.g. have a Nostr zap wallet with a limited budget.
The text was updated successfully, but these errors were encountered:
While studying a Nostr Wallet Connect plugin it occurred to me that a nice risk mitigation would be if CLN can (optionally) allocate a budget to each plugin.
This could take the form of a fake balance, which a user can topup with
lightning-cli plugin-topup my-favorite-plugin 100000sat. Any payments initiated by the plugin are deducted from their balance, any paid invoices initiated by it are added.When a plugin asks for the balance it gets the min of the real balance and this allocated balance, so fractional reserve shenanigans are limited.
One part I'm not sure about is how to represent channel balances. Maybe plugins with an allocated budget simply can't see those.
Ultimately IIUC plugins are executables in user space so they can always shell out and call
lightning-cli rug-for-me, so none of this removes the need for code review. However I think it's still a nice user experience, and some peace of mind, to e.g. have a Nostr zap wallet with a limited budget.The text was updated successfully, but these errors were encountered: