Simplified Privacy

Bitcoin Lightning Privacy w/ Juraj Bednar

Juraj Bednar is the author of “Author of Cryptocurrencies: Hack your way to a better life” and “Cypherpunk visions and trends” You can find him on Nostr here:

npub1m2mvvpjugwdehtaskrcl7ksvdqnnhnjur9v6g9v266nss504q7mqvlr8p9

And his website with articles & podcasts:
HackYourself.io

Juraj:

I think there are a few layers that need to be considered. The main difference is that lightning is much more peer to peer than any blockchain based payment system. What I mean by that is you have channels with the peers you choose and your interactions are between you and your chosen peers.

There is no global state of the network or global ledger, it’s much more localized. It is much harder to do mass surveillance in this kind of scenario, because you would need to tap into many peer relationships.

Then routing and the possibility of multi-path payments conceals information from the routing nodes. They don’t know if they are routing part of payment, the full amount, or more than is actually being sent.

Sender privacy is pretty good by default. Receiver privacy is up to the recipients – many choose to simply publish their permanent identity, but it’s also possible to receive through one time identity.

Juraj:

Yes. The nodes have to be reachable somehow through the P2P network, but they don’t need publicly accessible IP address nor an onion address, if they can do outbound connection.

Think of it this way – your phone can run a lightning node if you have a true lightning wallet such as Breez. The IP address changes all the time. Of course the peers you communicate with have to communicate with you somehow, so you need a way to communicate. If it’s clearnet, someone needs to see your IP address, but you can connect to peers over Tor.

You have a few concepts. One is channels, then you have the identity (pubkey) of the node and then data connections to the network. You have a few choices with each of them, so it’s highly dependant on how you want to use the network.

Juraj:

Yes, you can define it like this. But also non routing nodes (I would not call them trusted) might give you privacy in some sense, for example the on chain backing comes from their coins, so you have less risk of doxxing yourself on chain. So it’s not black and white.

In many ways, you might be better off with a node with managed liquidity over Tor and not using any on chain funds directly than running your own node.

Juraj:

I do not prefer this, there are use cases for both.

Managed liquidity means that someone uses their on chain funds to fund the channel with you. You can also use your own funds to open channel, but then you have to think about the privacy of onchain funds.

If you have a wallet like Phoenix or Breez, you can create a lightning invoice and receive funds over lightning. The wallet provider (or liquidity provider) uses their funds to open the channel to you. These are not connected to you in any way.

Juraj:

That wouldn’t identify lightning transactions themselves that easily, remember that transactions pass through channels but are off chain.

And with managed liquidity, there are also shades of gray. For example it’s true that Phoenix sees transactions because they do the routing (still trustless, but you offload this task to their node). But with Breez or some other wallets that offer managed liquidity, the routing is done in the wallet (that’s the main reason it’s a bit slower). So currently the liquidity provider would mainly see amounts, if you use only one. If you use several or open some of your own channels, you would currently see that they are sending some amount or more (because a single payment can go through multiple channels – being split). In the future, even this can be obscured, because you can send a part of the payment to yourself. But current wallets don’t do this.

Juraj:

Well, what does it mean they can gather information? Many websites gather information, such as number and capacity of public channels.

Without being specific, I would say it’s mostly marketing, but not necessarily lying. You can do some analysis, but the question is – can you trace transactions? Obviously I don’t know, but I would bet 1M sats on no.

Juraj:

First of all, you have to ask yourself what and who are you protecting against. Because that changes the answers quite a bit. Lightning is pretty good against mass surveillance already (and remember – there are no permanent records of transactions). So are you protecting against targeted surveillance? What are the capabilities of the adversary? Do they have broad overview of the network?

To give you an example – Phoenix has wide visibility on who you are paying, but if Acinq (the operating company of Phoenix) is not your adversary, you are better off using their service, because then payments go through their node and you actually increase your privacy by using their lightning payments (they are not very good with on-chain privacy, so I suggest only use them with Lightning). if your adversary is liquidity providers / wallet authors, then using wallets such as Blixt might be a better idea – and open some channels yourself, preferably using coins coming from coinjoin. Of course, protect network-level privacy (Phoenix has Tor support by default, but you can use many wallets with Tor).

With more advanced and higher threat level, using a Lightning node through Tor (in tor-only mode) is a better idea. There are many options, the most popular are core lightning (c-lightning) and lnd. It needs some Linux expertise to make sure you don’t make a mistake and really go through Tor. But there are services that make it easier (you can use Umbrel with well set-up firewall for example).

I would say, the question about your adversary is a pretty good idea though – and not only regarding your lightning. Because most people when they think about privacy, they want a silver bullet that solves all their privacy problems. But most people don’t have the same privacy problems as highly targeted individuals.

Juraj:

If it’s a private channel it is, but still you see it’s opening and closing of a channel on chain. Most people will not need to protect against it, but it’s about the threat. You might not want people to know you’re opening a channel, or you don’t care. It’s hard to make definitive statements for every person.

npub1m2mvvpjugwdehtaskrcl7ksvdqnnhnjur9v6g9v266nss504q7mqvlr8p9

And his website with articles & podcasts:
HackYourself.io

Related Articles