TL;DR: ACINQ is one of the main developers and operators of the Lightning Network, an open payment network built on top of Bitcoin. Because private keys need to be “hot” (always online), operating a Lightning Network node poses serious security challenges.

After years of R&D on how to secure our Lightning node, we have settled on a combination of AWS Nitro Enclaves (an Isolated Compute Environment) and Ledger Nano (a signing device with a trusted display). This setup offers what we believe is the best trade-off between security, flexibility, performance, and operational complexity for running a professional Lightning node.