with LUD-16, what prevents someone from requesting an infinite amount of invoices from your ln node?

[AndySchroder]

With LUD-16, what prevents someone from requesting an infinite amount of invoices from your ln node? Seems like this could cause problems with wasted data and bog down the ln node keeping track of a bunch of invoices that may never be used. Could some kind of proof of work be required in order for an invoice to be returned?

[fiatjaf]

This is a good point, but it's not a problem only of LNURL. Most services out there are susceptible to it.

In theory you can return invoices without having to store and keep track of them, but aside from LNTXBOT I think no one has ever implemented this technique.

You can also do basic rate-limiting.

[ZmnSCPxj-jr]

The m field in invoices seems like a good use (store your data encrypted in the m field, do not store anything about the invoice locally), but it is recent and I am uncertain how widely-implemented it is.

[fiatjaf]

The m field has existed for over an year now. Everybody has implemented it. I think it is safe to rely on it at this point.