Bitcoin’s Lightning Network (LN) is often viewed as a boost to the legacy cryptocurrency’s privacy considering payments are off-chain. While this is true to a certain extent, the network-level analysis of payments passing through nodes has the potential to reduce this privacy and de-anonymize users.
How do you address privacy concerns with an off-chain payments network? The answer includes multiple ongoing projects, and one in particular — BOLT — presents some intriguing long-term advantages.
Addressing Potential Privacy Problems of Lightning
Because the LN is still so young and developing, speculation of its fee economy is more of a well-researched projection than a definitive outlook on what the network’s topology will unfold into. However, one thing is certain — Bitcoin’s LN needs liquidity (e.g., the inbound capacity problem) to become the scalable payments second layer that it is intended to be.
Liquidity comes with more users, and more mainstream users mean more average consumers that are less likely to understand or care about the liquidity and technical hurdles facing the underlying design of the network. More users unwilling to deposit sizeable funds, connect to multiple nodes, and increase their inbound capacity means less liquidity for the network.
Such a model is favorable to larger nodes that route payments becoming viable business models. Eventually, a scalable and liquid LN could shape into a model of major routing hubs that facilitate payments across the network.
Unfortunately, the early stage of the LN’s network topology precludes a formal threat model from being created on the potential privacy issues that will arise should it reach adoption as a cheap and instant payment method for online payments.
Payments between users of an LN channel are off-chain and not published on Bitcoin’s blockchain, but major ‘hubs’ routing payments could potentially de-anonymize users by network analysis of the path that these off-chain payments take. This problem is well-known among LN developers, and solutions from onion routing (i.e., what Tor uses) to randomized payment identifiers can help reduce the risk of privacy intrusions for LN payments.
One of the most promising projects working on boosting the LN’s privacy is the BOLT Protocol. Standing for “Blind Off-chain Lightweight Transactions,’ BOLT was initially conceived as a privacy enhancement for ZCash — which uses shielded transactions of zk-SNARKs for anonymity.
However, the primary researcher for BOLT — Dr. Ayo Akinyele — recently announced the formation of BOLT Labs, a project striving to explore the use of BOLT not solely for ZCash but as a privacy-preserving, and even interoperable solution, for Bitcoin’s LN.
So, what exactly is BOLT?
The BOLT Protocol
Concerning Bitcoin’s LN, BOLT is primarily an innovation at the node level that helps mask any information that could be used to reveal user identities and transaction details for off-chain payment channels. Still an experimental idea in its very early stages, BOLT Labs has received an initial seed investment and Zooko Wilcox, the founder of ZCash, is an advisor to the project.
BOLT uses a combination of ‘blind signatures’ and zero-knowledge proofs (ZKPs) to conceal transaction details of a payment channel. Blind signatures are a concept invented by cryptography pioneer David Chaum where the signer and message author are different parties and anonymity is wanted for the contents of the message. Research into blind signatures has been ongoing for years, and one of the most commonly cited examples for its applications is with carbon voting schemes in general elections.
For example, imagine that Alice wants to send Bob a message but Charlie must sign-off on the transaction for it to be valid. However, Alice and Bob do not want Charlie to know the contents of the message.
By using a blind signature, Charlie could sign Alice’s message without the contents of that message being revealed to him. The message would go to Bob who can read the message, and at a later point, another party (e.g., Daisy) could verify that the message was valid from Charlie’s signature — without Charlie having any information about the message besides that it is valid.
In the context of the LN, they can be used to uncouple the contents of a payment (i.e., message) from the signer. Details such as the initial channel balance and origin of transaction routing can be masked with blind signatures and ZKPs.
One of the primary ways that BOLT would be applied is for convenience-prone consumer transactions — where transactions are routed through the same path multiple times. If payment hubs that are routing those payments are sizeable enough, analysis of their payment traffic can make it relatively trivial to discern details about specific users.
Considering that many Bitcoin users already repeatedly use the same on-chain Bitcoin address for payments — which is a terrible privacy practice –, it is likely that many users of the LN will follow a similar path where they don’t understand the implications of their actions on their privacy. Such problems are to be expected, as most people don’t care or bother with how the underlying technology of an application works; they only care that it works.
Should Bitcoin’s LN gain traction as a web-based payment method (i.e., with Moon on Amazon), BOLT could provide a critical boon for user privacy without them needing to adjust their payment habits deliberately.
Outside of the privacy boon, BOLT may also spur better interoperability between similar blockchain networks. Akinyele told Coindesk recently that interoperability of the protocol among cryptocurrencies is the ultimate goal, and they are exploring BOLT as a cryptocurrency-agnostic development.
Eventually, LN-compatible clients may all have BOLT integrated, or BOLT clients may exist as standalone software options.
It’s challenging to predict how privacy enhancements for the LN will play out in the long-run, but BOLT is one of the intriguing experiments on the horizon that could offer an improvement to Bitcoin among a host of other cryptocurrencies.
Onion Routing and Other Privacy Enhancements
BOLT is still in its experimental phase, which leaves the looming issue of data leakage from centralized routing hubs a problem for other initiatives to tackle as well. For instance, onion routing is a method for bouncing encrypted messages through multiple hubs where each pitstop on its journey is unaware of its destination.
Applied to the LN, onion-routing is already a reality. Since no node knows the final or source destination of a payment when onion-routing is applied, censorship in the network can be mitigated. If a party wishing to blacklist a user’s address does not know where the payment originated or is going, they cannot censor transactions from that user.
The LN currently uses the Sphinx protocol for its onion routing message format.
Other methods for enhancing privacy on the LN include making payment routing hubs appear as standard wallet addresses, so they are less identifiable and using randomized numbers for the payment identifiers that accompany off-chain LN invoices.
Conclusion
Although still in its early experimental phase, BOLT is another interesting development for Bitcoin’s LN and other cryptocurrencies like ZCash and Litecoin. New vectors for unmasking user identities consistently emerge, and tackling them requires consistent effort — making initiatives like BOLT all the more encouraging.