Are Lightning Payments Anonymous?

In The Lightning Network, Bitcoin’s layer 2 scaling platform, every time users receive payments, request refunds, or open and close payment channels (connections between Lightning nodes), Lightning Network payments raise privacy concerns.

To quickly answer, what are lightning payments; well they are payments users carry out via the Lightning Network.

Now, this privacy issue has led to the development of protocol-based solutions like “Basis of Lightning Technology 12” (BOLT 12), which enhance privacy while adding many other features. This is a Lightning draft proposal, similar to a Bitcoin improvement proposal.

Some independent systems have also been, like LNproxy, which keeps invoices private (invoices are just payment requests), and LNURL, which facilitates web-based communication between Lightning apps.

What should a privacy-conscious Bitcoiner do? Should they rely on BOLT 12 specs or these independent ones? 

One of the best things about BOLT 12 is that it requires no extra tech. Russell works for Bitcoin infrastructure company Blockstream on Core Lightning (CLN), and everyone will get privacy by default on Lightning nodes.

Bolt 12: What is it?

Lightning invoices get a lot more functionality with BOLT 12. In an interview, Jack Sweeney, communications manager at LN Capital, creator of Torq, capital management software for Lightning routing nodes, says BOLT 12 also adds privacy. BoLT 12 is a protocol-based solution, while the proxy is an application layer one solution.

BOLT 12 introduces “offers” from the Lightning Network. The official BOLT 12 website describes them as “precursors to invoices” that enable key features like reusable QR codes, payments, and enhanced privacy.

QR codes can be reused for recurring subscriptions and donations, for example. There’s now send-and-receive functionality for Lightning ATMs and private refunds. Last but not least, route blinding, payer keys, and Schnorr signatures will help keep everyone’s info private.

Payment blinding and route blinding

Lightning payments require sending private info (via an invoice) to the sender. Routing blinding (“blinded paths”) lets you send the same payment anonymously since the sender hides the route.

The lightning nodes transfer payments between the sender and receiver by jumping between channels. The nodes only get enough information to pass the payment on to the next node until it reaches the recipient.

Keys to payees and private refunds

Can a customer get a refund for something they do not like while keeping their identity private? The “payer keys” should be entered.

The payer key generated by BOLT 12 confirms an invoice’s origin without revealing the customer’s identity. Refunds are more private when route blinding is combined with that.

Transacting on-chain with Schnorr signatures

Schnorr signatures are the heart of Bitcoin’s Taproot upgrade. Schnorr signatures are simpler and more efficient than Elliptic Curve Digital Signature Algorithm (ECDSA) signatures.

The Lightning channel’s closing transaction is currently reflected on the Bitcoin blockchain as a 2-of-2 multi-signature transaction. These metadata can be combined with additional information and sophisticated sleuthing to uncover personal financial info.

Schnorr signatures, which use MuSig2, can make Lightning transactions look like regular Bitcoin single-signature transactions.

Lnproxy

An anonymous developer developed Lnproxy, and it is gaining a lot of fans among Bitcoiners.

“Wrapped” invoices hide the destination of Lightning payments and a sender’s public Lightning node. In BOLT 12 for lnproxy, wrapped invoices perform the same function as route blinding and payer keys.

Wrapped invoices are held (or hold invoices) – payment requests requiring the recipient to take action before cashing them. “Lnproxy creates a ‘wrapped’ invoice from a Bolt 11 invoice that can only be settled after the original invoice is settled,” says the website.

Lnproxy vs. BOLT 12

Lightning implementations have yet to adopt BOLT 12, and CLN still thinks it is experimental. A Lightning spec implementation has to go through two implementations before it is fully ratified.

According to responses on the BOLT 12 Telegram group, several teams are working on incorporating the specification, such as the Lightning wallet company ACINQ, the open-source wallet project Lightning Development Kit (LDK), and the open-source Lightning implementation project Lightning Network Daemon (LND). However, no one has fully adopted it yet. 

Core Lightning is currently in beta phase. Although Lnproxy does not explicitly mention it on its website, it is in beta and not as feature-rich as BOLT 12. Privacy is just one part of BOLT 12. Besides that, you can pay with a static invoice,” says LN Capital founder and CEO Henrik Skogstrom.

LNURL is similar to BOLT 12 in that regard but requires more setup.