Every time that channel goes over another 1000 millisats, the receiving side has earned another 1 SAT. Locked in. Will settle.
That's not his issue. He's talking about an attack that modifies the 1000 msat multiplier to e.g. 10 - so if I send you 2000 msat, your wallet thinks you got 2000sat instead of 2 - and the channel close would just give you 2 sat, of course.
It´s incredible how much time people can spend with Frankies confused drivel. Face it guys: He doesn´t know shit about the Lightning network!
He is the Master Troll of bitcointalk.org.
He is actually currently making argument after argument about the horror of rounding down to the nearest $0.000169 on channel close. Bitcoin can do a 1000x and we will still just be rounding down to less than nearest quarter the USD value. Lol.
He's actually not; he's arguing that if you installed a client software that does the msat <> sat conversion wrong (e.g. by a factor of 1000), and opened a channel with the same person who gave you this wallet software, the amount of sats shown in GUI would be different (higher) than what will later be settled on-chain when closing the channel.
Which I find really far-fetched as attackers could just steal the seed or do other attacks if they can get you to trust your keys to their software.
bitcoin. for people paying and receiving in bitcoin on the bitcoin network there are network rules.. that prevent many many payment attacks
Don't prevent the attack you're
still talking about, though.
I'll say it again:
if you can get a user to install your wallet, which has measures in place that help you steal their funds, you can do that on L1 just as well as on L2.
How exactly:
(1) On L1: Seed exfiltration. You send them a wallet to use, that sends their seed to your server. Whenever you feel like it, you can use that to steal all their money.
(2) On L2: Seed exfiltration
or modified msat multiplier. You can do the same attack like (1) to steal their LN wallet's onchain funds, as well as modifying the msat multiplier and opening a channel with them, like you describe. One way they could notice though, is that any other (legitimate) channel partner's payments will look 10x higher or 100x higher (whatever multiplier you chose) than they should be.
if different people were to pay a user of 0.01btc (recipient uses say electrum)
an electrum server cant fake that to make the electrum user only get confirmed 0.0000001
The Electrum server
can fake it; of course the user can verify with a blockchain explorer (which could also fake it, though).
And especially the client can fake it. Which is what we've been talking about here. If I give you a malicious LN client, I can also give you a malicious L1 client. Under the premise of 'simplicity', I could also code it in a way that it doesn't display transaction IDs; and there you have it - no way to check with a trusted blockchain explorer, either.