If a user wanted to run both a private node (for spending) as well as a public routing node (to minimize decentralization) with the objective of maximizing overall privacy, what do you think of this setup?
  1. Public routing node on a Thinkpad or whatever exposed via tunnelsats
  2. Private spending node with one public channel with low outbound liquidity and one private node with high outbound liquidity. The private channel would be funded by a mixed UTXO say 1M sats. The public channel would be funded with a second mixed UTXO say 100k sats
My understanding is that it's not possible to reveal the UTXO of the private channel in this case, and it avoids single hop scenarios.
Can you see any flaws with this setup or does it sound good from a privacy perspective?
Yeah for one I like the idea that you're separating your spending from your routing. That's a great idea, and you can even take the initiative to set up your routing node to either not use any of your own UTXO's at all (by buying/leasing channels) or you set it up with a few coinjoined UTXO's (just keep in mind there's some consolidation happening there).
As far as the spending node, I think that would have been a good solution because of the "not possible to reveal the UTXO of a private channel hidden behind a public one" case. Great job on that! Though the good news now is that I believe all major Lightning implementaitons support SCID Alias so you can open up a single unannounced channel with that flagged turned on (the other channel partner also needs to support it) and then now it's not able to be probed. In both cases though, your channel partner will be aware of the UTXO, but not anyone else which is a great improvement.
I really like the idea of spinning up a new node for each UTXO and spending down that balance completely. Though it's hard to do in practice which is why I'm prioritizing that in Mutiny.
reply
What is the privacy benefit of separating your spending from your routing?
reply
Seperation of concerns for one. You'd probably want to just open unannounced channels ideally on your spending nodes. For routing, they need to be public. So you need to be more careful about what UTXO's you use and how you create the node in general (no alias, no ip address, etc).
reply
Oh cool, I'll check out the SCID Alias thing, thanks!
reply