I keep reading that LN is private for senders and that there is no way to know from which UTXO my sats are coming.
But...
The receiver of a LN transaction knows from which channel the invoice has been paid. What is stopping the receiver from colluding with every intermediate hop to get to the source? In most transactions I've done on LN there were just 3-4 few hops, five at most, and most LN channels are not anonymous identities. They can be contacted, just can get their contact details on Amboss.
This is the dumbest attack I could image in 3 minutes but there are many articles about other techniques as balance probing or timing attacks.
What are your thoughts? Is LN only private against a lazy attacker?
reply
Excellent source of info
reply
Excellent article.
It goes through most ways to use the network in a privacy conscious way, trying to minimize the attack surface. That said the conclusion is clear: "Bitcoin’s base layer does not have any privacy guarantees and neither does Lightning. There are ways to attempt to hide amongst the activity of the network, but it’s no guarantee."
reply
This is a possible attack. Since the sender gets to select the path, the sender gets to choose who they trust to protect their privacy.
If you want better privacy on LN, I recommend use coinjoined coins to create your channels.
reply
Are you aware of a tool that I could use to craft a longer path? Most lightning wallets I tried use automatic routing algorithms that select the shortest path or the lowest fee. I never found a way to configure different behaviors.
How do you go about learning which nodes should I trust on the network? The only practical way I see is to personally know the "entry" node, which basically means owning it. Should I spin up a public decoy node to route all my transactions through in order to be sure that at least one node will never give away my privacy?
reply
I am no expert on lightning software so I am not aware of a tool but it probably exist. Something like letting you choose your first few hops and then the automatic routing takes over from there would be good.
Trust would have to be established traditionally through social relationships. Very trick currently because of how small bitcoin is.
A node you own to route your payments through would not help much because lightning currently uses HTLCs to secure it payments. HTLCs make it so every node your payment goes through has an identical token. Nodes colluding to attempt to de anonymize payments can identify a single payment flowing through the various nodes by this token. PTLCs is an alternative to HTLCs that is being worked on and should fix this.
reply
It is all a psyop. Send your lightning BTC to tnstacker@stacker.news to safely dispose.
reply
I think it is a bit more complicated than that, or else the network wouldnt still be up and running...
reply
Not being private as advertised doesn't prevent the network from being efficient at transferring sats
reply
reply
I regularly read your guides. Very useful content.
I run a private node. What software would you recommend in order to take advantage of MMP? CLN + RTL? Is there a way to constrain the payment to a specific path to force the payment through a specific trusted node?
reply
Zeus and Blixt
reply
I cannot find a way to specify a minimum number of hops in the payment path using Zeus or Blixt or any other wallet. The only practical way I've found so far to force more hops is to connect to a relatively unconnected node.
reply
You can decrease onchain exposure by not opening any channels yourself. Instead, by purchasing channels, you use someone else's UTXO. You can buy channels with Magma or Hydro.
The number of channels that you have makes it exponentially more difficult (or infeasible) to trace the origin of a payment, even if a node lists their contact information. Cryptography is about asymmetric work and tracing a lightning payment is an extremely heavy lift.
reply
For your second statement, do you mean that it gets more difficult to trace payments through your node if you are a routing node?
How is the privacy of a sender impacted if all intermediate hops work together to unmask him?
reply
No, if, as the destination of the payment, your node data gets seized, the channel you received a payment through is now known. To back-trace the payment, an investigator would need to contact the immediate prior hop. If they refuse an unwarranted search (likely case), the investigator would need to contact each of the prior hop's channels, say 30 channels.
Each lightning payment can reliably take 4 hops, so that's 13030*30 = 2700 people to interrogate if they refuse unwarranted search.
reply
I see. It gets difficult quickly when the routing nodes are uncooperative but it's quite easy in case of a warranted search.
reply
Is lightning really private if the government can spy on you by installing malware on your devices? what are you thoughts?
reply
It is not but this scenario doesn't concern me that much. Not in the threat model I'm interested in... I'm more concerned about metadata dispersion and post transaction backtracing that real time tracking of transactions.
reply
deleted by author
reply
Good answer. This is 100% true. The sad thing is that people don't want to read and learn.
reply