But that would require the authenticating target to run their own LN node, right? Otherwise there'd be some serious security implications. One of the advantages of the current TOTP/HOTP model is that the second auth can be done with an offline device.