At Bitcoin 2022, a group of developers sat down on the Open Source Stage to flesh out the current state of Lightning privacy as well as discuss shortcomings users should be aware of and sketch out some solutions. The panel featured Lightning protocol engineer at Blockstream Lisa Neigut, software engineer and Zeus founder Evan Kaloudis, and Bitcoin and Lightning developer Tony Giorgio.
Privacy is a common theme of Bitcoin conversations. However, the ideal that backboned the cypherpunks’ research and development for decades is not straightforward to achieve on Bitcoin. The Lightning Network, Bitcoin’s layer-2 network for cheap and fast payments off-chain, is usually also trumped for its supposedly private off-chain transactions. However, achieving privacy on Lightning also is not as simple as many believe.
, there is a gossip network and UTXO level privacy, you are leaking what UTXOs belong to what nodes.
As part of the Lightning protocol, the “gossip network” leaks user information as they advertise to the network data about themselves. However, it serves an important efficiency purpose.
“The reason to use gossip is that you can build routes to send payments,” Neigut said.
Kaloudis added to Lisa’s thoughts: “Route finding becomes very difficult without gossip.”
Since a Lightning channel is made possible by locking up bitcoin funds on-chain, any third-party observer can see the outputs making up a node because of the gossip network.
“You’re telling where your on-chain transaction is and you’re leaking that to your lightning node,” Neigut said. “Chain analysis, if they already know what your transaction history had been and you use that to construct a channel, now they know information about you in another network.”
While private channels try to provide a solution, there are shortcomings.
“We call private channels private but they are really not, they are more like unannounced channels,” Giorgio said, adding that there are currently ways to exploit the Lightning Network that enable a node to discover an unannounced private channel.
“If I’m connected to the Lightning graph, I can try to probe if two people have a channel,” Giorgio said.
Despite general privacy issues, there are also specific ones as privacy assurances on Lightning change depending on whether the user is sending or receiving payments.
“Senders have amazing privacy on Lighting on a general level,” Giorgio said. “Receivers, on the other hand, have to give information in order to get paid, and some of that info is IP address, alias, unannounced channels. There is a lot of areas where receivers can be more careful.”
“It comes down to the users not shooting themselves on the foot especially when it comes to receiving on Lightning,” he added.
Kaloudis echoed Giorgio’s thoughts, saying that developers have limited ability to fix some privacy issues on the network until bigger changes are made.
“We need to see some changes at the protocol level to be where we want to be,” in terms of privacy, Kaloudis said.
The hope is not lost, however. There are steps each person can take to improve their privacy on Lightning. However, despite being a long road, developers arguably can and should make it easier for the user to use Lightning privately. One such attempt is being made when it comes to invoices.
“If you are paying an invoice with Lightning and using a centralized service, you are leaking your payment data,” Neigut said. “If you’ve just told [the network that] you paid someone, why, and how much. And that’s why Core Lightning is working on BOLT 12.”
BOLT 12 is a draft specification proposal for Lightning that seeks to bring “offers” to the protocol. Differently than invoices, offers can be reused, can serve for requesting and sending payments, and apply some clever tricks to improve user privacy.
“BOLT 12 tries to fix this with blinded paths, where you can provide a route of how to get to you and the payer can pay to the beginning of that route,” Lisa said, referring to the difference between telling your own information directly as with invoices.
Looking ahead, certain features should be a priority for developers and designers if the community is to ever have a private Lightning experience. That being said, a similar burden will likely always lie on the user to ensure they can get private off-chain payments on Bitcoin’s layer 2 network.
Bitcoin 2022 is part of the Bitcoin Event Series hosted by BTC Inc, the parent company of Bitcoin Magazine.