{"id":10184,"date":"2022-04-08T17:27:34","date_gmt":"2022-04-08T17:27:34","guid":{"rendered":"http:\/\/ci029e2eab500026f4"},"modified":"2022-04-08T17:27:34","modified_gmt":"2022-04-08T17:27:34","slug":"state-of-bitcoin-lightning-network-privacy","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/technical\/state-of-bitcoin-lightning-network-privacy","title":{"rendered":"Bitcoin\u2019s Lightning Network Is Not Private, Yet"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div><p>At Bitcoin 2022, a group of developers sat down on the open-source stage to flesh out the current state of Lightning privacy as well as to discuss shortcomings that users should be aware of and to sketch out some solutions. The panel featured Lightning protocol engineer at Blockstream&nbsp;<a href=\"https:\/\/twitter.com\/niftynei\" target=\"_blank\" rel=\"noopener\">Lisa Neigut<\/a>, software engineer and Zeus founder <a href=\"https:\/\/twitter.com\/evankaloudis?s=20&amp;t=FvlLWvC-DpQ-vvLysnvCJA\" target=\"_blank\" rel=\"noopener\">Evan Kaloudis<\/a>, and Bitcoin and Lightning developer Tony Giorgio.<\/p>\n<p>Privacy is a common theme of Bitcoin conversations. However, the ideal that backboned the cypherpunks\u2019 research and development for decades is not straightforward to achieve on Bitcoin. The Lightning Network, Bitcoin\u2019s Layer 2 network for cheap and fast payments off-chain, is usually also trumpeted for its supposedly private off-chain transactions. However, achieving privacy on Lightning is <a href=\"https:\/\/abytesjourney.com\/lightning-privacy\/\" target=\"_blank\" rel=\"noopener\">not as simple as many believe<\/a>.<\/p>\n<p>As part of the Lightning protocol, the \u201cgossip network\u201d leaks user information as they advertise to the network data about themselves. However, it serves an important efficiency purpose.<\/p>\n<p>\u201cThe reason to use gossip is that you can build routes to send payments,\u201d Neigut said.<\/p>\n<p>Kaloudis added to her thoughts, saying, \u201cRoute finding becomes very difficult without gossip.\u201d<\/p>\n<p>Since a Lightning channel is made possible by locking up bitcoin funds on chain, any third-party observer can see the outputs making up a node because of the gossip network.<\/p>\n<p>\u201cYou\u2019re telling where your on-chain transaction is and you\u2019re leaking that to your Lightning node,\u201d Neigut said. \u201cChain analysis, if they already know what your transaction history had been and you use that to construct a channel, now they know information about you in another network.\u201d<\/p>\n<p>While private channels try to provide a solution, there are shortcomings.<\/p>\n<p>\u201cWe call private channels &#8216;private&#8217; but they are really not, they are more like unannounced channels,\u201d Giorgio said, adding that there are currently ways to exploit the Lightning Network that enable a node to discover an unannounced private channel.<\/p>\n<p>\u201cIf I\u2019m connected to the Lightning graph, I can try to probe if two people have a channel,\u201d Giorgio said.<\/p>\n<p>Despite general privacy issues, there are also specific ones as privacy assurances on Lightning change depending on whether the user is sending or receiving payments.<\/p>\n<p>\u201cSenders have amazing privacy on Lighting on a general level,\u201d Giorgio said. \u201cReceivers, on the other hand, have to give information in order to get paid, and some of that info is IP address, alias, unannounced channels. There is a lot of areas where receivers can be more careful.\u201d<\/p>\n<p>\u201cIt comes down to the users not shooting themselves in the foot especially when it comes to receiving on Lightning,\u201d he added.<\/p>\n<p>Kaloudis echoed Giorgio\u2019s thoughts, saying that developers have limited ability to fix some privacy issues on the network until bigger changes are made.<\/p>\n<p>\u201cWe need to see some changes at the protocol level to be where we want to be,\u201d in terms of privacy, Kaloudis said.<\/p>\n<p>The hope is not lost, however. There are steps each person can take to improve their privacy on Lightning. However, despite facing a long road, developers arguably can and should make it easier for the user to use Lightning privately. One such attempt is being made when it comes to invoices.<\/p>\n<p>\u201cIf you are paying an invoice with Lightning and using a centralized service, you are leaking your payment data,\u201d Neigut said. \u201cIf you\u2019ve just told [the network that] you paid someone, why and how much. And that\u2019s why Core Lightning is working on BOLT 12.\u201d<\/p>\n<p><a href=\"https:\/\/bolt12.org\/\" target=\"_blank\" rel=\"noopener\">BOLT 12<\/a> is a draft specification proposal for Lightning that seeks to bring \u201coffers\u201d to the protocol. Differently than invoices, offers can be reused, can serve for requesting and sending payments, and apply some clever tricks to improve user privacy.<\/p>\n<p>\u201cBOLT 12 tries to fix this with blinded paths, where you can provide a route of how to get to you and the payer can pay to the beginning of that route,\u201d&nbsp;Neigut&nbsp;said, referring to the difference between telling your own information directly as with invoices.<\/p>\n<p>Looking ahead, certain features should be a priority for developers and designers if the community is to ever have a private Lightning experience. That being said, a similar burden will likely always lie on the user to ensure they can get private off-chain payments on Bitcoin\u2019s Layer 2 network.<\/p>\n<p><em>Bitcoin 2022 is part of the Bitcoin Event Series hosted by BTC Inc, the parent company of <\/em>Bitcoin Magazine.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Lightning developers discussed privacy concerns and the corresponding probable solutions for Bitcoin\u2019s Lightning Network at the Bitcoin 2022 conference.<\/p>\n","protected":false},"author":2572,"featured_media":10185,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35],"tags":[2016,130,460,93,73],"class_list":{"0":"post-10184","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technical","8":"tag-bitcoin-2022","9":"tag-lightning","10":"tag-lightning-network","11":"tag-news","12":"tag-privacy"},"author_data":{"id":2572,"name":"Namcios","nicename":"namcios","avatar_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/12\/pfp-96x96.png"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/video-bitfinex-paolo-ardoino-on-lightning-network-add.jpg","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/10184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/2572"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=10184"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/10184\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/10185"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=10184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=10184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=10184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}