Why wouldn’t Alice sit on the P_a+A_1 output until the \mathsf{addr}_b timelock expires, even if Bob guessed correctly? I would have expected an extra setup tx, like:
classDiagram
class Alice{
AliceFunds
Pa+A1()
}
class ChallengeTx{
Pa+A1 [pubkey reveal + sig]
BobFunds
BobWinsOrAliceTimeout()
}
Alice<|--ChallengeTx
where Alice can only complete the challenge tx to publish it by revealing P_a+A_1.
I don’t think this quite works – you’d need the force-closer to take the challenger role (because they’re publishing the tx), but you also need the recipient of the HTLC to take the acceptor role (because they’re the one that gets the 1-in-1000 chance of a win, with the challenger getting the remaining 999-in-1000 chance), so if the force-closer is the recipient of the probabilistic payment, you’ve got a problem. Might be recoverable with tweaks to the protocol though?
Having to transmit 1000 hashed pubkeys and a zkp for every dusty-HTLC for every update is also probably prohibitive.