How private are the messages in a LN transaction? \ stacker news ~bitcoin

How private are the messages in a LN transaction?

4080 sats \ 86 comments \ @siggy47 16 Dec 2023 bitcoin_beginners

I said I welcomed dumb questions in this territory. Well, I have one. I have become addicted to sending messages to lightning addresses attached to nominal transactions. I know a lot of us are doing this on Stacker News. How private are these messages? I assume the messages would be visible to the nodes routing the transactions. Should we assume SN can read these messages if they're so inclined? Also, would it be correct to assume there is more privacy when using a non custodial wallet as opposed to a custodial one like the SN wallet?

view all related items

27.1k sats \ 68 replies \ @kepford 17 Dec 2023

So you can use this to see if someone has more than 250k sats.

353 sats \ 43 replies \ @ek 17 Dec 2023

Nice catch! That's a privacy leak. Please consider using responsible disclosure next time you find something like this.

Maybe you would have been more greatly rewarded if you didn't disclose it publicly immediately with no chance for us to fix before everyone knows about it? :)

/cc @k00b

5555 sats \ 7 replies \ @beorange 17 Dec 2023

IMHO, "Responsible disclosure" is a bad term, it kind of attaches the responsibility of the problem to the person that found it. In my view "Coordinated disclosure" is a much better term.

One suggestion is that instead of assuming that everybody will read the source code and be aware of that message in the "readme" file, perhaps having a security.txt can be more helpful, since it is becoming more and more standard.

0 sats \ 6 replies \ @ek 17 Dec 2023

I think if someone does not look into the README of a project or the FAQ to check for responsible disclosure procedures, they definitely won't look up if there is a security.txt

So I don't think using security.txt would help us with this problem of people shooting first and asking questions later.

Do you agree?

I also don't agree with your view on CVD. Even though I appreciate your comment, I wasn't aware that we're moving away from "responsible disclosure". Will ask my itsec circle friends what they think about this.

However, we can of course also have a security.txt.

Just want to say that I think your reasoning doesn't make sense to me.

assuming that everybody will read the source code and be aware of that message in the "readme" file,

Are you saying reading source code is the same as reading a README?

1524 sats \ 4 replies \ @beorange 17 Dec 2023

Are you saying reading source code is the same as reading a README?

I'm saying I never looked at the source code of stacker.news and I never even visited the repository. If I, for some reason, would find a problem/vulnerability, just by navigating the website I would not know how to report the issue.

I'm a user, not a programmer or developer, so I don't generally look at Github and other sites where you store/share the source code. Just out of curiosity, I've just checked the FAQ and there is in fact a line at the bottom of the page, but there is no index and that's a lot of scrolling and reading.

Someone motivated to report the issue would eventually find that information after some hops. Others less motivated, would not report or would write it in a comment, and I don't blame them.

I'm just saying that "security.txt" is straight forward and kind of a standard, so independently of the website or project that is the first place I look at.

0 sats \ 3 replies \ @ek 17 Dec 2023

I'm just saying that "security.txt" is straight forward and kind of a standard, so independently of the website or project that is the first place I look at.

Ah ok, I see where the misunderstanding comes from. I must admit, I didn't read the link you provided properly. I just assumed that you meant we should create a SECURITY.txt inside our repository. This didn't make sense to me since you mentioned you wouldn't look inside the repository anyway.

But now I properly read what is written in the link. You mean we should have a security.txt hosted here. This makes sense, thanks! I will create a ticket for this.

but there is no index

There is an index:

We also have a search function integrated in the index:

138 sats \ 2 replies \ @beorange 18 Dec 2023

There is an index: We also have a search function integrated in the index:

ah ah! good catch, didn't know about that. Always learning.

0 sats \ 0 replies \ @ek 19 Dec 2023

Always learning.

As we do :) Btw, thanks for your advice regarding security.txt. I appreciate it (my previous responses may not have sounded like I do, lol)

reply on another page

0 sats \ 0 replies \ @ek 19 Dec 2023

deleted by author

reply on another page

0 sats \ 0 replies \ @ek 17 Dec 2023

Even though I appreciate your comment, I wasn't aware that we're moving away from "responsible disclosure". Will ask my itsec circle friends what they think about this.

/cc @evmbro

563 sats \ 2 replies \ @nemo 17 Dec 2023

deleted by author

198 sats \ 1 reply \ @ek 17 Dec 2023

Mhh, we should at least consider changing it.

0 sats \ 0 replies \ @ek 18 Dec 2023

Just found out that we also use it for our LN node in Amboss.

560 sats \ 15 replies \ @kepford 17 Dec 2023

Dang. You are totally right and I should have known better. Please accept my apology. Just didn't think about it from that angle but I should have.

10 sats \ 14 replies \ @ek 17 Dec 2023

No worries, we all learn our lessons at some point :)

334 sats \ 2 replies \ @siggy47 OP 17 Dec 2023

Hey! Who's the aggrieved party here anyway? :) I'm curious. Did this same warning appear when it was at the 500k and 1 mil level?

198 sats \ 1 reply \ @ek 17 Dec 2023

Yes. This kind of error message existed since Aug 30, 2022 according to our commit history. But no one has seemed to notice so far.

But you're right.

We also learned a lesson, I guess, haha :)

0 sats \ 0 replies \ @siggy47 OP 17 Dec 2023

I know I never so it until yesterday. Probably because balance threshold was higher

0 sats \ 10 replies \ @nemo 17 Dec 2023

deleted by author

131 sats \ 9 replies \ @ek 17 Dec 2023

shouldn't responsible @kepford delete his original message?

I think it's not as severe; especially because there is no proof of exploit so someone would have to write code first to really efficiently leak user balances. I tried to do this myself to see the impact and I noticed it's not as easy for reasons I don't want to irresponsibly disclose here, lol

or is it all too late and the pressure is on to fix this in the background?

Imo, this change will already fix it enough.

1352 sats \ 0 replies \ @kepford 17 Dec 2023

I didn't even think it was a bug let alone a serious one. LOL.

If the limit were higher though it would have more impact.

334 sats \ 6 replies \ @kepford 17 Dec 2023

I'm a dev and as soon as I saw your comment I felt terrible. I know if I were working on stacker.news I'd feel responsible to fix it asap. I appreciate the gentle scolding and the zap. Was not expecting either.

10 sats \ 5 replies \ @ek 17 Dec 2023

Haha, it's okay, it happens :) You can review the "fix" if you want though

view replies

179 sats \ 0 replies \ @nemo 17 Dec 2023

deleted by author

1 sat \ 15 replies \ @Natalia 17 Dec 2023

👀

0 sats \ 14 replies \ @ek 17 Dec 2023

The funny thing is:

This is (one of) the first real vuln we have and it was disclosed publicly.

There were some people who thought they found something serious and did a responsible disclosure.

But all of them didn't do enough DD and just assumed it's a vuln and immediately contacted us, probably feeling FOMO because they might receive a huge bounty if they are the first to report, lol

Most funny was the guy who leaked his own IP address and then started to think he is now able to find out the IP address of everyone on SN with the same method, lol

179 sats \ 12 replies \ @Natalia 17 Dec 2023

Most funny was the guy who leaked his own IP address and then started to think he is now able to find out the IP address of everyone on SN with the same method, lol

I guess I might know what you are talking about? and about IP address, I tried different ways to test it. If someone keeps using the same IP, yes, it can be "dangerous", but then, even in this case, all you can know is where this user located, what did this person read and how long, what's his interests.

Maybe one account to read, one to post is the way 🧐

202 sats \ 11 replies \ @ek 17 Dec 2023

yes it can be "dangerous", but then even in this case, all you can know is where this user located, what did this person read and how long, what's his interests.

You're onto something there :)

IP addresses are actually quite often not that useful but for some people, their IP address seems to be holy to them even though their ISP provider keeps changing it all the time and their ISP provider is basically already "mixing them" with other users (CGNAT) since we've run out of IPv4 addresses a long time ago.

179 sats \ 10 replies \ @Natalia 17 Dec 2023

even though their ISP provider keeps changing it all the time and their ISP provider is basically already "mixing them" with other users (CGNAT) since we've run out of IPv4 addresses a long time ago.

oh I didn't know this 👀 also something interesting I've learnt from a privacy geek friend - creating false trace is often better than trying to hide everything.

69 sats \ 0 replies \ @ek 17 Dec 2023

false trace is often better than trying to hide everything.

Yes, hiding in the masses is better than to tell everyone that you have something to hide :)

reply on another page

0 sats \ 8 replies \ @ek 17 Dec 2023

oh I didn't know this

so many ideas for blog posts, so little time, lol :)

edit: but somehow, there is always time to reply to people on SN, lol :)

view replies

0 sats \ 0 replies \ @nemo 17 Dec 2023

deleted by author

10 sats \ 23 replies \ @siggy47 OP 17 Dec 2023

I'm glad you brought that up. I get messages and honestly I often have more than 250k in my wallet, or am I mistaken. Also, would sending to a lightning address be considered creating an invoice? Thanks for the reply. That error message confused me.

354 sats \ 6 replies \ @TonyGiorgio 17 Dec 2023

Wow, had no idea. I'm currently at 251k and didn't realize I have stopped receiving zaps. Something should be stated to help educate this. A warning icon or something would be great.

0 sats \ 1 reply \ @k00b 20 Dec 2023

Zaps on sn aren’t stopped. Just invoices adding external sats

0 sats \ 0 replies \ @TonyGiorgio 20 Dec 2023

that's a big deal for people using SN as an LNURL address on nostr.

0 sats \ 3 replies \ @ek 20 Dec 2023

I think a banner saying something like this:

Your wallet is over the limit, you will not be able to deposit any more sats (or receive zaps from outside of SN). Please withdraw your sats.

when their wallet is over the limit might make sense that a user can click away when they've seen it?

/cc @k00b

0 sats \ 2 replies \ @ek 20 Dec 2023

Working on a PR, should be ready in 15 minutes

10 sats \ 1 reply \ @ek 20 Dec 2023

PR up

471 sats \ 0 replies \ @kepford 20 Dec 2023

PR looks good to me.

196 sats \ 10 replies \ @WeAreAllSatoshi 17 Dec 2023

Sending to a lightning address does generate an invoice under the hood.

0 sats \ 9 replies \ @siggy47 OP 17 Dec 2023

Thanks for the info. So stackers here need to keep balances below 250k to message others?

175 sats \ 0 replies \ @kepford 17 Dec 2023

It appears so.

175 sats \ 7 replies \ @WeAreAllSatoshi 17 Dec 2023

To receive messages, I think? Though I didn’t think the limit was that low. It’s been a minute since I’ve been in the code though

10 sats \ 5 replies \ @siggy47 OP 17 Dec 2023

Maybe that low limit is new, because I'm pretty sure I've messaged with a wallet balance more than 250k?

265 sats \ 4 replies \ @WeAreAllSatoshi 17 Dec 2023

I think it’s the recipients balance that matters, not the senders balance. But in any case, if you’ve had a message exchange back and forth while maintaining a balance over 250K, that would suggest the limit was higher.

335 sats \ 1 reply \ @SpaceHodler 17 Dec 2023

If it was the sender's balance, it wouldn't be a vulnerability. The ability to find out yourself you have > 250k sats is a well-known feature :)

view replies

10 sats \ 0 replies \ @siggy47 OP 17 Dec 2023

Earlier today was the first time I saw that error message. It just seems really low.

reply on another page

0 sats \ 0 replies \ @kepford 17 Dec 2023

Correct. It is the receiver

reply on another page

0 sats \ 0 replies \ @kepford 17 Dec 2023

The limit has changed fairly recently I think.

175 sats \ 4 replies \ @kepford 17 Dec 2023

It was you address I used.

0 sats \ 3 replies \ @siggy47 OP 17 Dec 2023

I thought so. Were you aware of the 250k limit? I guess I never got the memo.

175 sats \ 2 replies \ @kepford 17 Dec 2023

I was. Hit it the other day.

353 sats \ 1 reply \ @nemo 17 Dec 2023

deleted by author

434 sats \ 0 replies \ @nemo 17 Dec 2023

deleted by author

243 sats \ 0 replies \ @Walletano 17 Dec 2023

For example we provide advertising messages to lightning addresses on satsforads.net. On interactive campaigns, we send unique URLs to each lightning address to claim even more sats. These unique URLs are something like: https://satsforads.net/v/ZzVs-2-fce61af57ac94ff159a3398da940830e. Even if somebody finds this message along the way, we are good because:

one additional view to the campaign (our advertiser will be happy as his message / content / video reaches one more user for free)
the sats can only be claimed by the intended lightning address.

307 sats \ 0 replies \ @WeAreAllSatoshi 17 Dec 2023

Also, would it be correct to assume there is more privacy when using a non custodial wallet as opposed to a custodial one like the SN wallet?

Non custodial wallets receiving lightning address invoices with messages using LUD-12 still require a web server to handle the lightning address send flow, so presumably you’re either having that done for you via a service provider, or you’ve implemented your own, which most people probably have not. In the former, whoever runs the web service which supports your lightning address would have access to the messages attached to the payments.

Having implemented LUD-12 for SN, this is my understanding. If anyone spots an error in this, please share!

285 sats \ 0 replies \ @WeAreAllSatoshi 17 Dec 2023

Should we assume SN can read these messages if they're so inclined?

LUD-12? Yes. Keysend? No (from my limited understanding)

275 sats \ 11 replies \ @ek 17 Dec 2023

Should we assume SN can read these messages if they're so inclined?

Definitely yes. This system was never intended for DMs.

For me, this system is just another example how people assume that things are secure just by expectation since DM systems usually use E2EE since a while.

But as mentioned, this was never meant to be used for DMs. I think @WeAreAllSatoshi just wanted us to support more LNURL features.

334 sats \ 0 replies \ @WeAreAllSatoshi 17 Dec 2023

Correct. I was aiming for more complete spec compliance

179 sats \ 7 replies \ @siggy47 OP 17 Dec 2023

Thanks for the info. I still think it's a useful tool to have available on SN. It's a way to direct message fellow stackers on individual stuff without annoying everyone. It's just good to have a low expectation of privacy.

404 sats \ 6 replies \ @ek 17 Dec 2023

I still think it's a useful tool to have available on SN. It's a way to direct message fellow stackers on individual stuff without annoying everyone.

I agree, I use it myself.

It's just good to have a low expectation of privacy.

Exactly. The only problem I have with it is that people (as this post shows) may have a false sense of privacy while using it.

0 sats \ 5 replies \ @siggy47 OP 17 Dec 2023

Has it always been limited to wallets having less than 250k sats?

385 sats \ 4 replies \ @ek 17 Dec 2023

No, the first limit for deposits was 1M sats iirc. It was decreased from 500k to 250k 2 days ago.

However, keep in mind that this doesn't mean your wallet can only hold 250k sats now. You can still have more by getting zapped, you just can't deposit more than that. We call this a soft limit. We're doing this because we are not and we do not want to be a wallet provider because of legal exposure.

155 sats \ 3 replies \ @siggy47 OP 17 Dec 2023

Aha! So I'm not crazy. I knew I was messaging people before who I can't message now. Good to know. I will adjust my wallet balance more often.

353 sats \ 2 replies \ @nemo 17 Dec 2023

deleted by author

133 sats \ 1 reply \ @siggy47 OP 17 Dec 2023

Right after the edit period expired I realized I should rethink that response

view replies

175 sats \ 1 reply \ @ek 17 Dec 2023

Btw, forgot to mention: Great post @siggy47!

Since people started to use LUD-12 for DMs, I've been wondering if people just know that someone like Snowden should probably not use this to plan his next steps, or if they simply assume that as secure as any other DM system.

Finally someone asked for clarification, lol

309 sats \ 0 replies \ @quark 17 Dec 2023

Thanks for clarification. It is hard to verify code of everything, no time for it, and the easy thing is to trust that everything is safe and private. And many people don't have any other choice since they don't know to read code. But we shouldn't assume something is good if there is no link to some information about how it works at least.

175 sats \ 1 reply \ @fred 17 Dec 2023

I can attest that LN invoice is more private than a LN address transaction

0 sats \ 0 replies \ @ek 17 Dec 2023

deleted by author