Good question, For one, I think ensuring some of the existing CVE's are not possible, which is mostly solved by having your node up to date. Cryptographic randomness when creating preimages is another requirement, there's been some improper preimages generated before flowing across the network. Also, auth access is important.

Those are a few things that come to mind about operationally deploying a node implementation and doing development on it. Things that an end developer can simply do. For the most part there's not been too much non-standard things I have had to do when deploying and using nodes. There's some somewhat advanced things like denying channel open requests to peers you don't know and I'm sure a few other config options that I haven't looked too much into.

And then there's things that are still outstanding on the protocol side that are the real concerns. Channel Jamming being a major DoS concern. Balance probing is another concern that people don't seem to care enough about. On <0.15 LND nodes, DB bloat is also a DoS concern. Seems to be fixed now. I'm sure there's other DoS concerns that have not been thoroughly stress tested before either, I hope to be able to explore this more in the near future.

Thank you! I completely forgot about listing that in my post. I have a very basic table on https://bitcoindevshop.github.io/hidden-lightning-network/ that [mission-bitcoin(https://twitter.com/mission_bitcoin) made for me. Someone else had done some initial graphs for me but I had them pause while I collected more data. Im unsure of how far I want to continue with that to be honest. I think I highlighted the concerns and some of the fixes are getting in place, though require education for everyone to close their existing unannounced channels.

So far I have found near 100 BTC across 10k channels, mostly from ACINQ's node which makes sense because they are an LSP. I don't think I have the latest data set on the site but I mostly finished probing them I think.

Great question, my dream is that it ends up providing a similar lightning wallet experience that everyone knows and loves while still protecting the privacy of the user as much as I can. There's a delicate balance I think between allowing the user complete insights and control vs making sure they can't screw up and not needing to worry about all the privacy tradeoffs on Lightning.

There's a cool concept we're wanting to experiment with Mutiny too where we inform the user of certain edge cases and teach them about what they should do or allow them to proceed anyways.I hope we can educate and allow the user to know their own threat models to proceed accordingly while hopefully still providing a simple send/receive UX. https://github.com/BitcoinDevShop/pln/issues/30

The hand wavy answer with Lightning is supposed to provide enough anonymity on the sender side through the onion routing aspects, but there's tons of nuances there. Absolutely worst case scenario, the actors routing the payment know that it was you that sent it and the destination (very common in single/double hop scenarios and especially with LSPs - some LSPs like Muun or Phoenix would know everything about the payments you make).

Some of the recent protocol changes fix some of the issues regarding UTXO's in unannounced channels (that my project https://bitcoindevshop.github.io/hidden-lightning-network/ highlights). But otherwise, your channel partner will always know the UTXO that is used to fund the channel.

Receivers have almost no privacy currently on LN, while in general scenarios, senders have pretty good privacy. If you're paying just a normal person on LN that's not a direct channel partner (if you have other public channels), there's pretty good assurances they won't know who it came from. It's just that it gets tricky with LSPs or bad actors.

Route blinding ASAP! (which luckily is in motion)

Sometimes I really worry about the attack vectors on Lightning, but more about the potential solutions than the attacks themselves sometimes. For instance like Channel Jamming mitigations, but there's others too. Potential ideas like reputation based routing, prepayments, and trusted debt-based solutions really worry me if we were to go down that route. To be honest, I don't think any protocol dev is in love with any of them. On one hand, we have not felt the pain yet and so it has not been prioritized, so I hope that changes in order for us to grow. On the other hand, it does give us a chance to think of even better solutions.

The reason why those ideas worry me is that it stops being about a trustless decentralized/distributed based network and more about major hubs and high fees. I worry that small payments will die off and large payments cost more than on chain fees.

My saving grace, at the end of the day, is that we resort to satoshi's original vision of payment channels between two parties. No routing, no gossip, no threat vectors. Just an IOU that settles on chain between two parties, even if it's just a user->merchant one way solution. That can still be an improvement to bitcoin today. Or friendship channels as @futurepaul likes to talk about them.

Great question. It's kind of related to the things I hold high in regards to Lightning Privacy, but in general I really want to see Route Blinding, Trampoline payments, and splicing become a thing. If we can get those 3 things, I would say we will be in a really good place.

Outside of privacy and protocol work, I hope to see more teams experimenting with LDK-based solutions and I hope to see the distributed LSP marketplaces grow, something along the lines of what Magma has been going for. We need more reputable LN nodes providing more advanced services that are themselves not mega hubs. Which, related to that, I hope to see some really cool LN integrations with smaller fediment federations.

better than being the face of http://thebitcoincompany.gay

That's-a spicy meatball!

So many. I was really worried at first and I wasn't sure if it was going to be temporary or forever, but I consider it one of the best things I have ever done. I didn't like the person I was online, I didn't consider that me. But eventually you are your actions no matter how much that truth hurts or you fight it. The personal introspection aspects of it was reason enough to be glad I did it. Other than that, the endless breaking news cycle combined with overall anger and hate did not do play well with me mentally. I keep joking with @k00b that I would love to see a stacker.olds that only shows the top posts after 3 days would be really interesting to me. That way I don't get sucked into the latest, breaking news knee jerk reactions.

If you're curious more about my thoughts on leaving twitter, I wrote a blog about it here: https://abytesjourney.com/leaving-twitter/ . I really enjoyed writing that so I recommend reading if you're curious and I would love to hear thoughts!

I think overcoming UX issues while still holding on to some of the trustless / self sovereign nature that Bitcoin is ideally about. There's trade offs to everything, and looking at how each Lightning wallet solves certain aspects to provide a decent UX is interesting. Some are very trusted, some are very unknown publicly, etc.

But that's also what makes Lightning such an interesting place to work in. We all get to experiment with different models and see what works and we all gain that knowledge and can improve.

Kyle's burgers are the best in austin!

The builders guide by LND is pretty good: https://docs.lightning.engineering/

Other than that, it gets even easier if you were to use integrations like LNBits or some of the WebLN stuff that pop open an extension for users to easily pay. I also like what Mash has bee doing to make it easier for content creators to get paid for their work more seemlessly on the readers side. Other than that there's also probably some other integrations I'm missing. But if you're trying to do it yourself, the LND builders guide is a great place to learn.

I think some of the struggles come down to if your app should connect to the users node. If it's your own node, it's a lot easier to deal with, you would just need a backend that connects to your LND node that does something simple like make a payment or get an invoice.

all bens suck

Uncle

Franklin

Kyle's van by the river! The end of an era but I'm hoping to have his burgers again soon!

I do like that it's technically possible to do cross chain LN payments and routing between liquid and bitcoin. Unfortunately though, liquid continues to disappoint in terms of user-level adoption. It would have to feature both bitcoin and liquid support and building that out for very little use might be a big time sucker. Though from a privacy perspective, confidential transactions are nice. But that's a big lift that I would also have to push adoption for Liquid too and that's not a hill I think I want to die on.

Yeah for one I like the idea that you're separating your spending from your routing. That's a great idea, and you can even take the initiative to set up your routing node to either not use any of your own UTXO's at all (by buying/leasing channels) or you set it up with a few coinjoined UTXO's (just keep in mind there's some consolidation happening there).

As far as the spending node, I think that would have been a good solution because of the "not possible to reveal the UTXO of a private channel hidden behind a public one" case. Great job on that! Though the good news now is that I believe all major Lightning implementaitons support SCID Alias so you can open up a single unannounced channel with that flagged turned on (the other channel partner also needs to support it) and then now it's not able to be probed. In both cases though, your channel partner will be aware of the UTXO, but not anyone else which is a great improvement.

I really like the idea of spinning up a new node for each UTXO and spending down that balance completely. Though it's hard to do in practice which is why I'm prioritizing that in Mutiny.

For paying, it would be fine as long as the network requests go through Tor. Even better if the LNURL itself was an onion address.

For receiving, it comes down to receiving on LN not being private. So once we get route blinding and if LNURL integrates route blinding, it would be a good solution as long as network requests go through Tor.

The Bible, I don't read much other books besides programming books. Though I did read Snow Crash for the first time this year and that was cool. Any recommendations?

To be honest, I haven't dove much into sci-fi novels much but I hope that changes. Notable, I think Snow Crash was really interesting, read that this year. I also want to read Moon is a Harsh Mistress but it wasn't at the book store last I went. Picked up Stranger in a Strange Land instead by the same author and hope to read that soon. Do you have any recommendations?

More privacy on LN, which I hope to help with. You must be the change you seek afterall.

Big believer in the ideas behind it, I have been in the Self Sovereign Identity W3C space since around 2018, which "Web5" is just a remarketed vision of that packaged in a couple tools. I would say Decentralized Web Nodes is the most intriguing part of their vision since only that is really a new idea, the rest is just a rehash of what people have been talking about and building for 5+ years. To be honest, I know we're moving in the direction of doing more P2P interactions on the web, it just does not matter to me how we get there. Someone's got to build a popular app utilizing the ideas or we are all just larpers playing around. I think some of my thoughts were also expressed here if you were interested in listening.

Good question! I feel like my answer to that is mostly around the fact that I enjoy new challenges and working on new things. Most of the time, I stay for just a year or two, do amazing work, then move on to the next problem. Typically not at the fault of the startup. Though some of the things I look for when joining a new one is if it's aligned with my own personal values and if I think the work I will be doing will be enjoyable and I have the ownership of it.

Though all that said, I think consulting now is a great middle ground for me since I can do what I love about having new challenges without the bad feeling of leaving in what some would consider a "short" amount of time.

I try not to have "beliefs" in regards to Bitcoin but more "hopes" and "worries", given that all things could change and it becomes a human nature / society reaction problem more than technical. And putting beliefs in humans as a whole will always let you down and is unpredictable.

That said, the thing I try to fight to avoid the most is government clamp downs and control. The "and then they fight you" threat is absolutely real.

I guess if there's one "belief" I have is that I do not believe Bitcoin fixes everything.

It has been researched at an academic level many times since it's origin and has about over $100+ million up for grabs. I think that speaks for itself, though it could definitely undergo more analysis and stress tests.

I would say it was/is kind of difficult, at least mentally. I don't know if it'll work and for how long, but I'm going to try anyways because I've been working at startups non-stop for like 5 years in addition to multiple jobs back to back for years before that too. So I'm going to try.

I'd say reputation in this space before making that leap will definitely help the most.

Only one I'm aware of is Nicehash that has it as a lightning payout option though I don't hear much about that still to this day.

I would imagine because miners more than anyone else probably don't want to nor need to move fast and break things. There's already on chain liquidity management they need to worry about, adding the complexities of LN from accounting to securing to automation to unreliability on the receiving end is probably not something they see being worth the cost. Plus the volume they are dealing with is probably beyond something that needs to be on LN for many reasons, including routing fees.