LNURL: Atomic lightning address transfer

[dangeross]

Adds atomic Lightning address username transfer between pubkeys. A user can now hand a registered username from one pubkey to another in a single server-side transaction — closing the race window where today's delete-then-reregister flow could let a third party snipe the name.

How it works

1. Current owner (A) calls accept_lightning_address_transfer with the new owner's identity_pubkey. The method returns a LightningAddressTransfer containing pubkey and signature, which is the authorization that grants B the right to take over the username.
2. New owner (B) calls register_lightning_address with the new optional transfer: Some({ pubkey, signature }) field populated. The SDK routes to the server's new POST /lnurlpay/{to_pubkey}/transfer endpoint, which verifies both signatures and swaps ownership in one DB transaction (SELECT … FOR UPDATE → DELETE source → INSERT … ON CONFLICT DO UPDATE target).

[JssDWt]

Yep that will work! I like how both parties agree on the transfer this way.

[JssDWt]

DELETE has a RETURNING option. We could do RETURNING name, use that as the source_name, and error if source not owner. It will work because the tx is not committed then.

[JssDWt]

Should we add an sdk function accept_lightning_address_transfer, returning the needed info for the transfer field? This is not the worst DX, but not the best either.

[JssDWt]

I think it's worth a note that your existing payments are not transferred to the new owner. Only the address.

[JssDWt]

LGTM

Maybe the rtsync integration test error is related though:
Error: SparkSdkError: Service error: service provider error: serialization error: Json error: expected value at line 1 column 1

[dangeross]

Maybe the rtsync integration test error is related though

Isn't it an SSP error?

[JssDWt]

Isn't it an SSP error?

Ah yes it is