Hacker News new | past | comments | ask | show | jobs | submit login
Twilight: A Differentially Private Payment Channel Network (usenix.org)
61 points by nobody9999 on Nov 6, 2022 | hide | past | favorite | 9 comments



This uses a TEE (a chip that is hard to take apart contain a private key provided by Intel), so the privacy system is very boring (they think the person who owns the TEE will not be able to see what the chip is doing).


Look at this cool house I designed on sand.

It's odd to design a secure system and write a paper, when the security is based on something like TEE. There's tons of literature on breaking TEEs. I can't imagine anyone doing other than checkbox compliance with that level of security.


The same could be said of cryptographic schemes and hashes in general—always being broken!

However, that doesn’t mean TEE don’t provide a meaningful level of security, especially when combined with Shamir sharing between enclaves. Few actors will be able to compromise 100 TEEs distributed across the world and made by different vendors.

And just like cryptography, TEEs are getting better with every release, and will soon be very, very hard to break.


A TEE isn’t necessarily tied to any specific vendor, it’s a design scheme implemented by many different vendors in different ways. What you’re referring to is Intel SGX. There are open-source TEE implementations for e.g. ARM like OP-TEE.


Is my understanding that a TPM is also a TEE correct?


TEE is more generalised, it runs arbitrary crypto operations. TPM offers specific cryptographic operations using the keys that it holds.


I'd love to know for sure whether this can interoperate with the existing Lightning ecosystem. The paper makes one reference to this in section 6.2.1, but it's unclear to me how it would work, since the rest of the paper describes it as a wholesale competitor.


I was surprised when I saw the number of trackers on the page (14) until I saw the sponsors. Now it is dawning on me, twilight.


That feels more like an association fallacy than anything else. Usenix is from Berkeley so it’s inevitable that the two largest companies in the Bay Area that have an interest in the kind of content that is being organized would be funding it. This observation might hold weight if this weren’t the norm for websites or if privacy were a focus for this organization. I agree they probably should be doing that as leaders and to show a way forward for legislators, but I’m also not going to judge them harshly for focusing on their primary mission.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: