2
Make "Isolated" Connections truly isolated.
O
on4rSep 15, 2024
Lets say i
- have a channel open with inbound liquidity
- add a "Friends & Family" subaccount and
- add some funds to this account
Now the node owner still has FULL ACCESS over these funds and can spend them as he likes. They are not "isolated" at all. And the next time the friend wants to spend his received funds he can't because the node owner already spent it.
It all depends on the node runner exclusively using "isolated" connections for everything or he runs into the danger of spending the funds of the "isolated" subaccounts/connections.
Kommentare
Valid concern. Doesn't the subaccount holder trust the Alby Hub node runner in the first place to keep his funds safe anyway?
Or do you see it as a helper to warn the Alby Hub node runner that he is spending sats reserved for an isolated balance?
Moritz I don't want this to be about trust. I'm with you: right know we expect the node runner to be a trustful entity. There could be an addition in the future to minimize trust (by providing everybody with his own 12 word seed phrase in some kind) but i want to point to a different problem, because i ran into it:
now we have a problem: I can't use my Hub anymore for myself, because i run into the danger of spending his sats.
It already happend to us, and there was (and is) no feedback for him. It still shows him his old balance (the amount he first received) but these (his) stats aint no more, because i spent them!
Imagine this: He received an Connection QR from me. Connected his wallet. Received money. And now the "isolated" connection still shows him that he "has his money" but nono! The node runner spent it and he doesn't even have a way to see this!
Thats what i mean when i say that the only way to share a Hub with friends right now is to exclusively use "isolated" accounts or else you run into the aforementioned problems.
Thanks for your attention.
on4r
So as a node runner you would like to be warned that you spend sats that should be reserved for the subaccount of a friend. That's certainly helpful.
If it is a truly isolated app, we add the complexity of recovering these sats when the subaccount owner lost access.