Building non-custodial Lightning payments for AI agents (server-enforced spend caps in front of your own LND), and the sharpest feedback I got was about the audit trail.
The insight: blocking a bad payment isn't enough — you need to inspect why it was allowed or blocked, after the fact. And for a near-miss, the verdict alone is useless. What you actually want recorded per attempt, including rejected ones:
- requested amount + destination + which agent/tool initiated it
- balance and cap at decision time
- policy version applied
- allow/block reason
- and the margin — how close it came to the threshold
That last one is the part I keep coming back to. A payment blocked at 10x the cap means your policy is working. One that squeaked under by a hair means you have no headroom and didn't know it. Same "allowed" verdict, completely different risk.
For those running nodes or building on Lightning — how do you think about audit trails for unattended/automated payments? What would you need logged to trust software spending sats on its own?
(Building this in Conduit if anyone wants to see the implementation — github.com/Jake1848/conduit — but I'm more interested in how others approach the audit-trail design.)