Skip to main content

How Private Is Lightning?

So we've seen that Lightning payments are really cheap. But are they private?

And... wait, actually, who cares about "privacy" anyway?

The Global South needs private, secure payments​

Most residents of the first world (Europe, USA, etc.) probably know that their bank is spying on them, selling their data, and constantly gaming the system to sell them more crap and put them into debt, every time they use a credit card.

And actually, most residents of the first world know this, but kind of don't give a fuck? Right?

Right.

But, dear lucky citizen of the First World: This isn't all about you.

Bitcoin is Freedom Techβ„’.

No, really.

Bitcoin allows people to have a basic right: To earn a living, to own money, to send money, without that money being stolen from them, and without fear of political repression.

This is about the πŸ§•πŸ½ human rights activist in Saudi Arabia, who needs to receive funds to support her work, and doesn't want to risk some local official shutting down her bank account.

This is about the πŸ‘¨πŸ½β€πŸŒΎ farm worker in Argentina, who needs a way to store a currency that won't be devalued by 50% every year.

This is about the πŸšΆπŸΏβ€β™€οΈ environmental activist in Nigeria, who needs to survive under the constant threat of currency devaluation, crime, and bank account seizure.

Money is serious business, and what looks like something optional to residents of the rich world, this thing we call privacy... this has a totally different name in the Global South and for those living under dictatorships. For them, it's called "survival".

Anyway, let me get down from my high horse now, and tell you that...

Lightning is very private​

Lightning enthusiasts like to use the term "hop". One "hop" is counted for each node that a payment passes over in the network.

For each "hop", Lightning uses a technique called "onion routing" to do something very special.

Let's pretend we are running the RED node, and we want to try to spy on a payment that is being routed through our node.

Because of the "onion routing" system, we have a VERY LIMITED amount of information about a payment that is routed through our node:

  1. We can see the amount of the payment.
  2. We can see that the payment came from the purple node...
  1. We can see that the payment is going to the blue node...

So, all we can see this this:

A routing node doesn't know its position in the route​

We also can't count HOW MANY nodes are on either end of us for this payment!

So we have no idea if this payment traveled like this...

...or like this...

If that seems like a subtle difference - it's not.

This is a huge difference because as long a as payment is routed over more than three nodes, it's very, very hard for an intermediary node to guess where the payment came from originally, or where it's going.

And: Lightning payments carry a very limited amount of data. They most certainly do not carry any PERSONALLY IDENTIFYING data, such as the I.P. address of the originating node...

So, on a practical level:

  • When our Saudi human rights activist πŸ§•πŸ½ receives a payment via a bank, credit card, PayPal, Western Union, etc: this payment is immediately reported to the Saudi government, along with very detailed information like her location when she received the payment, identifying details about the sender of the payment, the purpose of the payment, any associated payments, and more.

  • When our Saudi human rights activist πŸ§•πŸ½ receives a payment via Bitcoin Lightning, the Government gets no report, and nobody can spy on her.

Another interesting and slightly trippy fact​

Many philosophers and artists have been fans of this phrase:

"The Map Is Not The Territory"

Roughly speaking, this means that you can make a map of any territory, but it will never be the same as the territory itself.

In the case of Lightning, the "territory" is the network of nodes and channels, and the "map" is the data that each node has about the network.

And it is impossible for any node to have perfect data about the Lightning network.

This is for an interesting reason:

Nodes can, and do, open and close channels constantly. They can, and do, change their fees all the time.

So the "map" of the network is always changing, and it's always incomplete. It can never be known in its entirety, because the moment you map it, just a millisecond later, it's changed. Pretty cool, right?