To send with keysend, you need to reveal your node's public key. With invoices, that's not necessary.
Do you need to, though? At what point do you have to reveal it as the sender?
"Loss of being able to use the preimage and invoice signature as proof-of-payment"; again, which part is different and I don't get the pre-image? Isn't it a core part of Lightning to get the pre-image? Isn't there a payment hash involved?
A payment secret and its hash are involved in the process in both cases. Here's the difference:
1) Invoice: A pay
ee generates a payment secret and makes a hash of it. They put the hash in an invoice.
2) Keysend: A pay
er generates a payment secret and makes a hash of it. They construct an onion routing packet which includes encrypted routing instructions for each hop. The payee learns the secret once they decrypt their instructions.
The end goal is the same: the payment hash is used by all intermediary hops. The pay
ee reveals the secret first. There is no security risk here - the pay
er can't steal any funds even if they generate the secret. I can elaborate on that if you are interested
The reason why the payment secret can't be used as a proof-of-payment in the latter case is that the person who tries to use it as a proof is also the person who generated it. Not a convincing proof, right?
