The Lightning Network is not sufficiently decentralized \ stacker news ~lightning

The Lightning Network is not sufficiently decentralized

2000 sats \ 36 comments \ @r3drun3 19 Dec 2023 lightning

Two factors undermine lightning decentralization:

Limited number of very big nodes with many channels.
Many nodes hosted on few public cloud providers (see image):

Mitigating the first point is challenging, except by attempting to open channels with smaller and less connected nodes.
The second point is more manageable, but it requires genuine Bitcoin enthusiasts to commence running their own Lightning Network nodes.

view all related items

439 sats \ 1 reply \ @nullcount 19 Dec 2023

TBH I would be more concerned if a majority if LN nodes were using residential IP addresses. Then, the LN gossip network would basically become a hit list for wrench attacks. Better to use an IP from a large company or the veil of Tor for home nodes. BTW, the majority of nodes are Tor only.

"Sufficient decentralization" does not mean that everyone and all capital IS PERFECTLY and UNIFORMLY distributed. It just means you have the option to be less connected if you want. Economies of scale are real and people are free to take advantage of them. The network remains decentral as long as there is choice and switching costs aren't prohibitive.

Similar to mining pools, its almost trivial to migrate an LN node to another host, or use another VPN provider for the node's IP if the one you're using starts to misbehave.

0 sats \ 0 replies \ @duuv 20 Dec 2023

Great comment about what sufficient decentralization is. I guess there's decentralization regarding authority, networking and capital.

426 sats \ 4 replies \ @pillar 19 Dec 2023

I would like to add a nuance. Remember that there is no such thing as The Lightning Network, just like there is no such thing as The Mempool.

You can happily build a small network with those around you and keep it isolated without any issues. Less exciting, but it works. There could be a number of people using it privately in this fashion without anybody else knowing. It would surely make sense for large players, like exchanges, to have their own connections that they use among themselves for settlement. And for these nodes and channels to remain private, only known by those involved.

Having said that, due to game theory, at some point someone will probably connect you to the rest of the world even if you try to stay isolated.

31 sats \ 0 replies \ @anon 19 Dec 2023

Good point! Also an important aspect to add to this: the chart is missing THE PRIVATE NODES and channels !

... something that you can't "see" in these meaningless charts and nobody knows how big that "private network" is.

0 sats \ 2 replies \ @bartoli 19 Dec 2023

Last time I looked from the network graph, more than 99% of the nodes were connected together. I at some point thought that finding those 'islands' was a good idea, to get lots of traffic by being the bridge between them, so I built a tool to check that The few that are not connected keep it that way for a reason.

0 sats \ 1 reply \ @elysia 20 Dec 2023

What tool did you build?

0 sats \ 0 replies \ @bartoli 1 Jan

Sorry i did not see the reply. This was in the early code for my lightning node channel advisor (www.lnshortcut.ovh). But as i found out there was actually no 'island', i just abandonned that code.

269 sats \ 8 replies \ @theinstagibbs 19 Dec 2023

Decentralization is not an end, it's a means. What are you looking for decentralization to give it.

0 sats \ 7 replies \ @sudocarlos 19 Dec 2023

Probably better guarantees of LN's continued operation without KYC requirements and less single points of failure such as AWS outage possibly creating a significant impact on the network.

0 sats \ 6 replies \ @iguano 19 Dec 2023

You will always be able to avoid KYC on open protocols.

0 sats \ 5 replies \ @sudocarlos 19 Dec 2023

But to what extent will it useful? Two distinct LN networks would suck and the non-KYC network would likely be smaller and less useful.

0 sats \ 4 replies \ @iguano 19 Dec 2023

the nodes on the center doesn't know where the payment come from and where it goes. So if 3rd node is able to connect to the node asking for kyc, and you are able to connect to that 3erd party node. you will be able to route payments via the KYC node without them to know.

0 sats \ 3 replies \ @sudocarlos 19 Dec 2023

More realistically, the larger nodes will have kyc agreements with all channel partners, a whitelist. And they may have have to prevent connections from all other nodes. That is where my idea of kyc vs non-kyc lightning networks comes from

0 sats \ 2 replies \ @iguano 19 Dec 2023

ok, lets say, me iguano, did a kyc with bitrefill and I have a channel with them, and you create a channel with me, (i did not request from you kyc) how will bitrefill know?

0 sats \ 1 reply \ @sudocarlos 19 Dec 2023

If it's unannounced, they wouldn't know. But you can probe for unannounced channels and when a partner is found to be in non-compliance they might be removed from the white list and the channel is closed

view replies

100 sats \ 0 replies \ @Line2Wire 19 Dec 2023

deleted by author

117 sats \ 7 replies \ @anon 19 Dec 2023

Misleading title and content. You better start reading our fellow Darth guides https://darthcoin.substack.com/p/omg-ln-nodes-are-running-on-amazon

0 sats \ 6 replies \ @r3drun3 OP 19 Dec 2023

I think that article is over simplistic. More than 30% of all LN nodes on the mainnet running on 5 cloud providers is a problem.

15 sats \ 3 replies \ @anon 19 Dec 2023

More than 30% of all LN nodes on the mainnet running on 5 cloud providers

How do you know that? Just by reading a chart showing a bunch of IPs? Do you know how IPs works? From your answer seems that you don't. If I buy an IP for my home server from amazon cloud, does that mean my server runs on amazon cloud? Is is it literally hosted on amazon cloud? The answer is simple: NO.

So please DYOR before posting crap.

0 sats \ 2 replies \ @r3drun3 OP 19 Dec 2023

Private citizens dont usually buy IP on aws or gcp or azure :) If your node has an "aws IP" which is really a dns name, is it becaus your node instances is running as a service within aws and have a public elastic IP associated to it.

0 sats \ 0 replies \ @endothermicdev 19 Dec 2023

nah, a wireguard vpn setup is more common than you think. I know several node operators who prefer this setup for speed + reliability + privacy. https://github.com/wtogami/vpn-nat-service-forwarding-howto

0 sats \ 0 replies \ @aljaz 19 Dec 2023

thats not entirely true, utilizing aws free tier to get a clearnet ip and then vpn that to your home node is a use case that i've seen at least few noderunners utilizing

of course this is node disproving your original thesis that a lot of capacity is running on major cloud providers but that is a different (non)issue

10 sats \ 1 reply \ @rajab 19 Dec 2023

The page itself states, "(Tor nodes excluded)". So that page is only displaying information about less than 30% of the total number of nodes on the network (source).

So this statement:

More than 30% of all LN nodes on the mainnet running on 5 cloud providers is a problem.

Is incorrect. It would actually be 30% of 30% are on 5 cloud providers, which is 9%, as far any anyone can actually prove.

0 sats \ 0 replies \ @elysia 20 Dec 2023

And private channels

52 sats \ 2 replies \ @notgeld 19 Dec 2023

This is not metrics for decentralization. Because we can quantify it and it will be different for different amounts.

That means for 10K payment it is not important if node has 1M or 10M channels, so it must be lower bound and connectivity will have nothing to do with large players. More cheap alternative routes will be available.

0 sats \ 1 reply \ @r3drun3 OP 19 Dec 2023

Yes and no...what will happen to the network if the biggest 200 nodes (on 16.000) will desappear tomorrow? In a strongly decentralised system nothing...in our reality there will be many problems.

0 sats \ 0 replies \ @notgeld 19 Dec 2023

It will be bad. However, that will also mean more opportunities for everybody else. Many payments fail, and somebody may not even notice that 200 nodes went offline.

42 sats \ 0 replies \ @m00ninite 19 Dec 2023

Some nodes are hosted at home, but tunnel through a cloud service. This will look like they're running in the cloud, but they are not. Check out PlebVPN

21 sats \ 1 reply \ @badabing 19 Dec 2023

Majority of nodes are behind Tor. You don't see those in that overview.

0 sats \ 0 replies \ @m00ninite 19 Dec 2023

Tor-only nodes might as well not exist at all. The reliability is horrible and makes for an awful lightning route. It's a good fallback, but nobody should be tor only

10 sats \ 0 replies \ @r3drun3 OP 19 Dec 2023

https://mempool.space/graphs/lightning/nodes-per-isp

10 sats \ 0 replies \ @shyfire 19 Dec 2023

deleted by author

0 sats \ 0 replies \ @ladyluck 20 Dec 2023

Node runners use what they know per the centralised cloud providers, given time they can migrate to decentralized ones