pLN makes Bitcoin Lightning more private – Bitcoin Magazine
A version of this article was originally published on BC1984.
“Citadel Dispatch” episode 70, “Using Lightning Privately With Tony And @FuturePaul”:
Tony:
“There’s a fine line between educating and being doom and gloom. People need to be taught that it is not perfect and there are many holes in Lightning privacy and Bitcoin privacy as well. It is not a lost cause. I like to toe the line between breaking privacy and fixing privacy. Breaking privacy to teach people that it’s kind of broken and you have to be careful. But then also to try to educate and do better at the same time. The reason I’m doing this is that we can make privacy better.”
Matt:
“To fix problems, you must first be aware of problems.”
pLN is a new wallet project that Tony and @futurepaul works with which aims to make it easy for users to follow the “happy path” of making payments private on the Lightning Network.
It’s still very early in the project, but the use case is very clear, considering all the pitfalls of trying to use bitcoin over Lightning in a privacy-preserving way.
The main objectives of the minimum-viable product (MVP) launch of pLN are to enable users to:
- Open Lightning channels via an on-chain deposit
- Make payments over Lightning
And, importantly, at least in the first version:
- Receive Lightning payments will be disabled
- Each channel will be opened on its own node
To understand why receiving payments will be disabled initially, it’s important to understand some of the major pitfalls of Lightning as it currently exists:
- All invoices contain the channel ID of the recipient
- The channel ID leaks deterministic information about the node/owner
However, if you use the not-yet-widely-supported “Short Channel ID” instead, these have no link to the chain state, node owner, or original UTXOs used to fund the channel.
The pLN app itself will be written in Flutter, which means that desktop and mobile versions (for both Android and iOS) will be made available.
Under the hood
Under the hood, the app uses a “root node” and a number of “channel nodes”, one for each channel. The app borrows a lot from John Cantrell‘s Sensei project, which is based on LDK.
The root node takes care of the heavy lifting: listening to gossip messages, building the network graph, calculating routes, and so on. The individual channel nodes track only their own channel state and nothing else.
Bitcoin backend can be either a connection to bitcoind or a personal Electrum server. For mobile, Electrum would probably be the best choice since it is designed for secure remote connections.
What if I want to pay a friend who also uses pLN?
Given that direct payments to channel partners betray information about your node and make it clear that payments came from you, you should be careful about making them, sparingly at best.
The concept of plausible deniability comes into play with a greater number of hops between you and the final recipient. The more jumps you make along the way, the greater your anonymity.
The app will eventually allow you to override the built-in protections and make a payment to a peer, but only after loud and clear warnings about what this entails and what information you might be leaking, should you choose to proceed.
For example, you can choose to make a direct payment to your friend who also runs pLN if you wish. (Imagine you don’t care or it doesn’t matter if they know what channels you have open, since you pay them personally and you trust them.)
But the app will encourage you to try to make a multi-hop payment if possible. (Default will probably choose more than a couple of jumps at least, I guess.)
It will also warn you if you try to open a channel with a large public hub (like in ACINQ’s or Breez’s nodes). Ideally, you should open channels with unknown/minor nodes whenever possible.
What about large payments?
Large payments can be made that appear to be partially completed atomic multipath payments (AMPs) payments (AMPs that are halfway through), with liquidity flowing out of a number of your individual channel nodes, as needed. The batches are finally aggregated to the final destination. Pretty cool!
Future ideas for the app (TBD)
- Activate blinded paths when this is available in LDK
- Continuously CoinJoin with on-chain UTXOs in the wallet of the root node
- Continuously splice out/splice in and CoinJoin with rate in channels
- Timeout options UX: If the payment takes too long to route, the app can ask you if you want to try another route with fewer hops
Final thoughts
- Privacy is a spectrum
- We need to balance usability and user experience against anonsets and privacy while trying to prevent users from shooting themselves in the foot
I think this is an exciting new wallet and project that should help both educate users about privacy and allow them to use Lightning in an easy way.
This is a guest post by Adam Anderson. Opinions expressed are entirely their own and do not necessarily reflect the opinions of BTC Inc or Bitcoin Magazine.
