How private is the Lightning Network? \ stacker news ~lightning

pull down to refresh

1236 sats \ 21 comments \ @bellabaxter 25 Apr lightning

I keep reading that LN is private for senders and that there is no way to know from which UTXO my sats are coming.

But...

The receiver of a LN transaction knows from which channel the invoice has been paid. What is stopping the receiver from colluding with every intermediate hop to get to the source? In most transactions I've done on LN there were just 3-4 few hops, five at most, and most LN channels are not anonymous identities. They can be contacted, just can get their contact details on Amboss.

This is the dumbest attack I could image in 3 minutes but there are many articles about other techniques as balance probing or timing attacks.

What are your thoughts? Is LN only private against a lazy attacker?

view all related items

131 sats \ 2 replies \ @nullcount 26 Apr

Still accurate in 2024:

https://abytesjourney.com/lightning-privacy/

10 sats \ 0 replies \ @nikotsla 26 Apr

Excellent source of info

0 sats \ 0 replies \ @bellabaxter OP 26 Apr

Excellent article.

It goes through most ways to use the network in a privacy conscious way, trying to minimize the attack surface. That said the conclusion is clear: "Bitcoin’s base layer does not have any privacy guarantees and neither does Lightning. There are ways to attempt to hide amongst the activity of the network, but it’s no guarantee."

163 sats \ 2 replies \ @toyota_corolla0 26 Apr

This is a possible attack. Since the sender gets to select the path, the sender gets to choose who they trust to protect their privacy.

If you want better privacy on LN, I recommend use coinjoined coins to create your channels.

25 sats \ 1 reply \ @bellabaxter OP 26 Apr

Are you aware of a tool that I could use to craft a longer path? Most lightning wallets I tried use automatic routing algorithms that select the shortest path or the lowest fee. I never found a way to configure different behaviors.

How do you go about learning which nodes should I trust on the network? The only practical way I see is to personally know the "entry" node, which basically means owning it. Should I spin up a public decoy node to route all my transactions through in order to be sure that at least one node will never give away my privacy?

10 sats \ 0 replies \ @toyota_corolla0 27 Apr

I am no expert on lightning software so I am not aware of a tool but it probably exist. Something like letting you choose your first few hops and then the automatic routing takes over from there would be good.

Trust would have to be established traditionally through social relationships. Very trick currently because of how small bitcoin is.

A node you own to route your payments through would not help much because lightning currently uses HTLCs to secure it payments. HTLCs make it so every node your payment goes through has an identical token. Nodes colluding to attempt to de anonymize payments can identify a single payment flowing through the various nodes by this token. PTLCs is an alternative to HTLCs that is being worked on and should fix this.

11 sats \ 0 replies \ @TNStacker 25 Apr freebie

It is all a psyop. Send your lightning BTC to tnstacker @stacker.news to safely dispose.

10 sats \ 1 reply \ @Satosora 25 Apr

I think it is a bit more complicated than that, or else the network wouldnt still be up and running...

10 sats \ 0 replies \ @bellabaxter OP 25 Apr

Not being private as advertised doesn't prevent the network from being efficient at transferring sats

201 sats \ 3 replies \ @DarthCoin 26 Apr

So you never heard about using private LN nodes? Read here:

And much more: https://darth-coin.github.io/

30 sats \ 2 replies \ @bellabaxter OP 26 Apr

I regularly read your guides. Very useful content.

I run a private node. What software would you recommend in order to take advantage of MMP? CLN + RTL? Is there a way to constrain the payment to a specific path to force the payment through a specific trusted node?

50 sats \ 1 reply \ @DarthCoin 26 Apr

Zeus and Blixt

0 sats \ 0 replies \ @bellabaxter OP 26 Apr

I cannot find a way to specify a minimum number of hops in the payment path using Zeus or Blixt or any other wallet. The only practical way I've found so far to force more hops is to connect to a relatively unconnected node.

100 sats \ 3 replies \ @ambosstech 26 Apr

You can decrease onchain exposure by not opening any channels yourself. Instead, by purchasing channels, you use someone else's UTXO. You can buy channels with Magma or Hydro.

The number of channels that you have makes it exponentially more difficult (or infeasible) to trace the origin of a payment, even if a node lists their contact information. Cryptography is about asymmetric work and tracing a lightning payment is an extremely heavy lift.

0 sats \ 2 replies \ @bellabaxter OP 26 Apr

For your second statement, do you mean that it gets more difficult to trace payments through your node if you are a routing node?

How is the privacy of a sender impacted if all intermediate hops work together to unmask him?

0 sats \ 1 reply \ @ambosstech 26 Apr

No, if, as the destination of the payment, your node data gets seized, the channel you received a payment through is now known. To back-trace the payment, an investigator would need to contact the immediate prior hop. If they refuse an unwarranted search (likely case), the investigator would need to contact each of the prior hop's channels, say 30 channels.

Each lightning payment can reliably take 4 hops, so that's 13030*30 = 2700 people to interrogate if they refuse unwarranted search.

0 sats \ 0 replies \ @bellabaxter OP 26 Apr

I see. It gets difficult quickly when the routing nodes are uncooperative but it's quite easy in case of a warranted search.

0 sats \ 1 reply \ @premitive1 26 Apr

Is lightning really private if the government can spy on you by installing malware on your devices? what are you thoughts?

0 sats \ 0 replies \ @bellabaxter OP 26 Apr

It is not but this scenario doesn't concern me that much. Not in the threat model I'm interested in... I'm more concerned about metadata dispersion and post transaction backtracing that real time tracking of transactions.

110 sats \ 1 reply \ @shyfire 26 Apr freebie

deleted by author

50 sats \ 0 replies \ @DarthCoin 26 Apr freebie

Good answer. This is 100% true. The sad thing is that people don't want to read and learn.