Published on: 2019-03-15T19:55:02+00:00
A concern has been raised about the privacy of nodes providing liquidity in dual funded channels on the Lightning Network. René Pickhardt highlighted this issue in the Lightning-dev mailing list, expressing worries about probing a lower bound for the amount of Bitcoin available by a node supporting dual funded channels. One proposed solution is to modify the 'open_channel' message to include an option for liquidity buy and the requested amount of dual funding at channel open, which could potentially allow for probing the available BTC through internet traffic.To address this privacy concern, several suggestions have been put forward. One suggestion is to return a non-specific error message when probed, making it difficult for attackers to determine the actual amount of Bitcoin available. Another suggestion is to add a privately held randomization vector to further obfuscate the information. Additionally, it is proposed that the opening channel balance agreed upon between the two nodes should be adjusted to reflect the correct amount of push_msat for the actual amount of funding_satoshi contributed by the accepter. Furthermore, rate limiting the number of open channel requests from a single peer or globally could help mitigate the issue. It is also suggested that nodes can set their own policies regarding what they consider reasonable liquidity requests from a peer. Preserving the privacy of funds by establishing channels via out-of-band negotiation with trusted node operators is another option, as the liquidity feature is optional.During a spec meeting, the topic of dual funded channels and potential game theory with fees was discussed, but the privacy concerns of the node providing liquidity were not addressed. It is important to note that there is currently no established protocol supporting dual funded channels, so concrete solutions are still being explored.In order to tackle both privacy and liquidity issues, one user suggests using off-chain settlement protocols based on Schnorr signatures. This proposed model allows for a variety of funding combinations and enables all transactions to be done offline with a trusted oracle. Optional blinding of data from the oracle's point of view can be implemented for optimal privacy.Overall, while there are concerns about the privacy of nodes providing liquidity in dual funded channels on the Lightning Network, various suggestions and proposals have been made to address this issue. The Lightning community is actively exploring solutions to ensure strong privacy for its users while maintaining the functionality of the network.
Updated on: 2023-07-31T21:30:33.962563+00:00