Is it safe to run an own LN node on somebody's infrastructure? Been thinking about starting one (currently just running two full nodes), but seems to be pretty hard...
Tradeoffs...
With a professional cloud service, you're less likely to have a hardware or network issue that costs you sats either in terms of a database corruption or failed payments...
But when running on anyone else's hardware (no matter the configuration, including some nodes as a service that claim otherwise) they could conceivably introspect memory or storage and exfiltrate your keys if they really really wanted to.
The same is true of running a mobile node, Apple/Google ultimately pwn your keys. Same could be said too of closed source desktop/server OS's like Windows and Mac.
There's a lot of solutions out there with theatrical claims of being non-custodial, part of that is virtue signal and part scamming the regulator, but they're still trusted setups.
So the question ultimately becomes then, what is the threshold for theft? Are these massive enterprises with Fortune 100 clients who entrust them with billions of dollars in data going to risk that to sweep your sats? Probably not.
Obviously I wouldn't recommend a cloud or mobile node for cold storage or any life altering amount of money, just as I wouldn't a Windows or Mac system... but in the context of Lightning it's invariably internet connected service and thus a hot wallet. Trusting some enterprise tech providers (ideally with some obscurity*) is a better tradeoff than trusting overtly financial services, especially in terms of disintermediating your income and discovering new income in a circular Lightning economy.
*obscurity: I wouldn't name a VPS "My Bitcoin whale node" or make my username Satoshi, just as I wouldn't use a VPS or hosting provider that explicitly catered to hosting Bitcoin nodes, that's called a honeypot.
reply