Lightning in a Bottle

By Jinno | .json { "nullified"; my Nounce} | 27 Jan 2024

 

  The purpose of the Lightning Network is quick settlements. Bitcoin's base layer does not have any privacy guarantees and neither does Lightning. There are ways to attempt to hide among the activity of the network, but there are no guarantees. Sizable actors can attack and reveal private channels that are an extension of the main graph. From there, the flow of funds across the network should be considered public knowledge.

  As I've come to understand the Lightning Network it can be described as a layer 2 lattice built on top of the Bitcoin protocol with onion routing properties. Essential this means that the source and destination of payments are supposed to be concealed as they are routed across the network. However because the Lightning Network consists of thousands of two party payment channels that require Lightning nodes (paid service) to route payments and realize more information than is necessary. Public channel information is distributed across the Lightning network can lead to privacy and censorship implications. Lightning has no central ledger or permanent record of all transactions - all transactions are conducted peer-to-peer concerning scenarios of privacy infraction and possible censorship: a select few Lightning nodes with high liquidity make up the majority of routing of the network map. There is a risk that the privacy of your transactions are kept in the Lightning nodes and you have no way of knowing if your information is being sold to chain analysis.

  A problem with layer 2 scaling networks is the initial bridge off the main network to the layer 2 where mainnet fees are still applicable to exit the main chain onto the layer 2. Bitcoin is essentially a pay to use database network where the mining pools are incentivized to accept transactions according to market demand. In times of high congestion the cost of sat/vB (virtual bytes) can climb to astronomical heights and if the fee to move your data is more than UTXO (Unspent Transaction Output) in your wallet you essentially have a economically unspendble UTXO that is stuck until the cost of fees comes down. Ideally you would make a UXTO transfer to the Lightning Network when Bitcoin fees are low to save the further diminishment of your stack of sats. Just remember when closing your peer-to-peer Lightning channel and making settlement on the base layer the applicable fees of the Bitcoin market will again apply.

 

4922ec9b920ae1f91e006da8b9549818f65a3d09d16acb8fa8d1b975441f0a20.png

 

  A channel is opened by one or two users locking up an amount of sats into an on chain 'funding transaction' that creates a 2 of 2 multi-signature wallet on the Bitcoin network, with each user receiving one of the keys. The opening channel 'state' will reflect the amount a user contributes and each party will sign off to say that they accept this is correct. This  'sign off' is actually an unbroadcasted Bitcoin transaction containing the signature of both parties which are passes to one another via the Lightning network. These signed but unbroadcasted transactions allow either party to close the channel at any point an ensures the sats contained within are returned 'on chain' to their rightful owner.

 To further propagate the network outside your initial channel you need to have 1 or 2 channels to fairly well connected nodes, you can route transactions to people you aren't directly connected with via people you have a direct connection (a channel) with. This type of multi-hop transaction is carried out in a trust free way using a process called onion routing. This method allows for secure transfer of messages known as HTLC's (Hased Time Locked Contracts). HTLC's are structured in such a way that each hop only see the information they need to take their fee and continue the payment to the next participant in the route until it reaches the final destination, the recipient.

 

  675e19235b6fc7396bddb8cab66cc568a2c3878cbfb2bed4351b136e7fbcc51d.jpg

 

  Here is an understated fallacy of the Lightning Network that correlates to the TOR Network. Tor exit nodes can also monitor traffic that passes through them.

  • Unencrypted traffic which contains personally identifiable information can deanonymize you to that exit node.  
  • Well-funded adversaries with the capability to passively watch all network traffic around the globe still have a chance of deanonymizing Tor users by means of advanced traffic analysis.
 
How does this apply to the Lightning Network?

 

Time Delay

Time delays are within the network are discernible way to estimate how far away a source or destination is from the observing node.  Privacy researchers have determined that some of the top nodes on the network are capable of analyzing the source and destination of 50 to 72% of payments. Even estimating how far away a source /destination is may start to narrow down on the exact node based on the topology of the network. This is done by looking at the estimated paths that might have been taken and then doing the timing analysis to narrow them down.

Longer Paths

All public nodes on the Lightning network are typically with 10 -20 hops of each other. Therefore an anonymity set of 10 hops is sufficient to avoid being suspected of being in a specific area of the Lightning graph. There is a higher degree of cost associated with creating a sufficiently connected Lightning node, mostly around the fact that locked-up liquidity is required. If you want the applicable privacy of the Lightning network by a longer routing path via connected nodes, it's going to cost you (Lightning node providers). By essential default single or double routes significantly degrade the anonymity set of the sender and receiver and in some cases can be guaranteed to identify accurately.

 

 I recently went down the rabbit hole with Samourai's ecosystem and it's the most fun I've had with Bitcoin since I acquired it but to my surprise I've unwittingly become a user of the Lightning network. The Samourai Wallet is hot mobile wallet implementation using BIP 39(12 word seed) in order to coinjoin your Bitcoin to a Whirlpool central coordinator, the coordinator tracks which wallet is used and the xpub goes to Samourai's server by default. This makes perfect sense when I was checking transactions on the Mempool and the wallets were identified as Lightning. You pay the central coordinator a Whirlpool fee based on your pool selection and Samourai's ecosystem pays negligible amounts through their custom Lightning channel(s). Genius! Have you heard of BIP-47 (Reusable Payment Codes for Hierarchical Deterministic wallets)?This is Bitcoin's implementation of stealth-addresses with a static 116 character string that is a kin to Lightning channel.

 

93e82c97c028bca3350fd68a5828fd936e5f329b6432eb31f250c3d5dc3417f4.png

 

  Once a sender is a follower of your Paynm they can derive a new Bitcoin address for making payment without manually inputting the Bitcoin address however the use of Samourai's Paynms requires a notification transaction that connects ahead of time to a static Bitcoin address that everyone connects to reuses. The reason I regale you with my tales of Bitcoin privacy is perhaps you can infer that the decentralized protocol implementations all have centralized points of fracture. Like your addresses are pseudonymous so your privacy is also a pseudo-science. I'm a crypto enthusiast and there is no amount of copium that is too far in using the technology of cryptography but to the uninitiated this might all be too much.

 

 

 

8e7498d72c359be15fa7bf58b857f6d86917b8c937b9188171fc0e8f7325eb8a.jpg 

 

 
 
Lightning Network Privacy

 

  1. As a layer 2, Lightning is built on top of on-chain bitcoin transactions. If a Lightning transaction can be easily associated with a bitcoin transaction it will then inherit the privacy of that bitcoin transaction.

  2. The world doesn't know about every Lightning transaction but the peer nodes involved in a transaction do know certain facts about it. If they choose to share this data with the world, or correlate it with other information themselves, they maybe able to deanonymize some transactions.

  3. Centralization increases the risk of point two - highly connected nodes can see a larger percentage of network activity and have a better chance of creating valid inferences.

  4. Anyone can see anyone's public node information if they've opened a public channel at all before.

  5. Anyone can see the UTXOs making up a channel, private channels are exposable as well.

  6. Chain analytics can target nodes, their active/past channels, UTXOs and etc.

  7. Receivers have very little privacy.

  8. The Lightning network  consists mostly of custodial wallet users and routing of liquidity through a few large nodes.

  9. It is recommended against attempting Lightning privacy until after you are comfortable with layer 1 Bitcoin privacy.

  10. Unless necessary, it is typically a bad idea to mix your UTXOs and then rejoin them back together. If you have multiple UTXOs from the same source, mix them into new ones, then send them to the same address. You reduce the anonymity set of those coins. Things get worse the more you consolidate more UTXOs.

 

 

 

"In centralised systems, a small group of people can see the whole and thus control the whole.

Privacy is the opposite of centralisation.

This is why privacy laws, dictated by those few people, are completely contradictory to actual privacy." 

- Gabriel Custodiet

 

 

 

 

 

 

 

 

 

 

Resources

  1. https://lightningprivacy.com/en/introduction
  2. https://abytesjourney.com/lightning-privacy/
Cryptocurrency News lightning network Bitcoin Layer 2 Onion Routing HTLCs

How do you rate this article?

5
Jinno
Jinno

Shisō hanzai-sha

.json { "nullified"; my Nounce}
.json { "nullified"; my Nounce}

A private matter is something one doesn't want the whole world to know, but a secret matter is something one doesn't want anybody to know. Privacy is the the power to selectively reveal oneself to the world. Therefore, privacy in an open society requires anonymous transaction systems. An anonymous system empowers individuals to reveal their identity when desired and only when desired; this is the essence of privacy.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.
The Drums of War Are Beating — Now What? The Drums of War Are Beating — Now What?
Nickspace

Nickspace

7 hours ago
1 minute read

My knowledge is worth money! My knowledge is worth money!
Shiftrox_

Shiftrox_

15 hours ago
1 minute read

How Revolut Makes Millions Off Crypto-Idiots How Revolut Makes Millions Off Crypto-Idiots
Mr_Reaper

Mr_Reaper

14 hours ago
2 minute read