What about doing some LN signmessage to get the information in the first place, instead of just calling a particular URL which anyone can do? If the attacker gets to the URL and gets a new randomly-generated balanceCheck URL for next time, the original owner needs to do extra steps to reset things and re-gain access. Of course no sats are stolen, but human time is.
With 1BTC liquidity, I think that SN node is well covered with liquidity... https://amboss.space/node/03cc1d0932bb99b0697f5b5e5961b83ab7fd66f1efc4c9f5c7bad66c1bcbe78f02
reply
Please elaborate more how is the "1BTC liquidity" related to LUD-14's balanceCheck.
reply
Something went wrong with this message. This was a reply to another post in another thread. @k00b can you check ?
reply
What was this supposed to be a reply to? It might help me figure out what went wrong
reply
It was a reply about how SN could be scaled or something like that, somebody asked about that if SN grows too fast, how will handle it. If I remember was in a daily discussion, maybe?
reply
Was it this one? #29091
reply
yes, this is it!
reply
What's weird is that your comment was supposedly created before that one.
Theirs: time 2022-05-17T11:59:56.999+00:00 id 29091 Yours: time 2022-05-17T11:58:41.529+00:00 id 29090
This shouldn't be possible ...
And the comment in this thread it showed up under:
time 2022-05-17T09:27:21.506+00:00 id 29053
I think I know the one you're talking about thanks.
reply