Bitcoin Lightning Network Privacy Status
During Bitcoin 2022, a group of developers sat down on the open source stage to flesh out the current state of Lightning privacy as well as discuss the shortcomings users should be aware of and outline some solutions. The panel included a Lightning protocol engineer at Blockstream Lisa Neigutsoftware engineer and founder of Zeus Evan Kaloudisand Tony Giorgio, developer of Bitcoin and Lightning.
Privacy is a common theme in Bitcoin conversations. However, the ideal that has sustained the research and development of cypherpunks for decades is not easy to achieve on Bitcoin. The Lightning Network, Bitcoin’s layer 2 network for cheap and fast off-chain payments, is usually advertised for its so-called private off-chain transactions as well. However, ensuring privacy on Lightning is not as simple as many believe.
As part of the Lightning Protocol, the “gossip network” discloses information about users when they tell the network about data about themselves. However, it serves an important efficiency purpose.
“The reason for using gossip is that you can create routes to send payments,” Neigut said.
Kaloudis added to his thoughts saying, “Route finding becomes very difficult without gossip.”
Since a Lightning Channel is made possible by locking bitcoin funds on the channel, any third-party observer can see the outputs that make up a node through the gossip network.
“You say where your on-chain transaction is and you leak it to your Lightning node,” Neigut said. “Chain analytics, if they already know your transaction history and you use that to build a channel, they now know information about you in another network.”
While private channels try to provide a solution, there are gaps.
“We call private channels ‘private’ but they really aren’t, they’re more like unadvertised channels,” Giorgio said, adding that there are currently ways to leverage the Lightning Network that allow a node to discover an unadvertised private channel.
“If I’m connected to the Lightning chart, I can try to find out if two people have a channel,” Giorgio said.
Despite general privacy concerns, there are also specific issues, as privacy safeguards on Lightning change depending on whether the user is sending or receiving payments.
“Shippers have incredible privacy on lighting on a general level,” Giorgio said. “Recipients, on the other hand, have to give information to get paid, and some of that information is IP address, alias, unadvertised channels. There are a lot of areas where recipients can be more careful .
“It’s about users not shooting themselves in the foot, especially when it comes to receiving on Lightning,” he added.
Kaloudis echoed Giorgio’s thoughts, saying developers have limited ability to fix some privacy issues on the network until more significant changes are made.
“We need to see changes at the protocol level to be where we want to be,” in terms of privacy, Kaloudis said.
Hope is not lost, however. Everyone can take steps to improve their privacy on Lightning. However, despite a long way to go, developers can and arguably should make it easier for the user to use Lightning privately. Such an attempt is underway with regard to invoices.
“If you pay a bill with Lightning and use a centralized service, you are disclosing your payment data,” Neigut said. “If you just said [the network that] you paid someone, why and how much. And that’s why Core Lightning is working on BOLT 12.”
BOLT 12 is a draft specification proposal for Lightning that aims to bring “deals” to the protocol. Unlike invoices, offers can be reused, can be used to request and send payments, and apply some nifty tricks to improve user privacy.
“BOLT 12 tries to solve this problem with blind paths, where you can provide a route to meet you and the payer can pay until the start of that route,” Neigut said, referring to the difference between disclosing your own information. directly as with invoices.
Going forward, some features should be a priority for developers and designers if the community wants to have a private Lightning experience. That being said, a similar burden will likely still fall on the user to ensure they can obtain off-chain private payments on Bitcoin’s Layer 2 network.
Bitcoin 2022 is part of the Bitcoin event series hosted by BTC Inc, the parent company of BitcoinMagazine.