Same with bitcoin, neither one scales at it exists now. There's nowhere near enough block capacity for even 1/4 of people on the planet to open a channel in any timely fashion.
The IP issue is a bit different, in lightning your peer will know your IP, but also your channel id, balance, etc. Compounding that is the fact that the non-custodial lightning wallets (where you don't run a node on the phone a la zeus) that are more widely used, use trampoline routing. So they know who you're paying.
In Monero you have the issue where a malicious node can error out as you attempt to spend, and if you resubmit the tx one of the outputs in the decoys will remain constant, revealing that you own it.
As far as I know that's the only thing. But yes, at the network level, use Tor and to some extent mitigate either scenario (which 99% of users will never do of course).
The LN scenario leaks more info if you compare them side by side.
Regarding the funds potentially being stolen after 2w, it's not about the attacker predicting the future or not. It's about there being a constant risk as well as the incentive to do so.
Since most (99%+) channels are public, and since most user channels are not involved in routing, it is trivial for an attacker to monitor usage patterns and increase their odds.
I don't know about you, but for me I would not risk having on lightning any amount that I would regret losing in the first place, first because it's a hot wallet (pretty much the entire network is, really, which is yolo at its finest), second because a year from now when I check, the funds might just not be there anymore.
There is also the issue of upkeep. I don't run any LN nodes anymore because the hassle simply wasn't worth it.
Finally, regarding edge cases, yes they exist, but the known ones will be going away with FCMP soon™. They're easy enough to work around with, but I agree, it's a weakness. A small one in the grand scheme of things, but it doesn't have to be there - which is why they're going away.
About the catastrophic bug, yes, I am aware. And it was luck indeed.
But don't forget Bitcoin has suffered a catastrophic inflation bug (see https://en.bitcoin.it/wiki/Value_overflow_incident ) in the past, requiring a rollback of the chain (which never happened in Monero), as well as a host of serious bugs that would've ground the network to a halt (could link them here, but they're easy to find).
In other words, software has bugs.
Lightning, incidentally, has had its fair share of trainwreck bugs as well as potential ones (see https://protos.com/bitcoin-lightning-bug-could-jam-and-steal-millions-of-dollars/ and https://protos.com/bitcoin-lightning-network-users-could-have-lost-millions-in-jamming-attack/ and https://protos.com/researchers-discover-critical-bitcoin-lightning-network-vulnerability/ and dozens of others), further cementing in my mind that it's not worth it to risk having a lot of money there.
And because using lightning non-custodially implies opening channels, and each onchain tx is another nail in the coffin privacy-wise.. I end up defaulting to Monero most of the time.
Now, don't get me wrong, it would actually be less friction if I could use BTC privately without all the tradeoffs just mentioned, since I basically hodl zero Monero proportional to Bitcoin.
But I care about privacy as a human right a lot, and unfortunately Bitcoin and privacy rarely go well in the same sentence.
I wish that were different, but it isn't right now, at least not satisfactorily in my analysis, which is exactly why I use Monero.
papafigos / Papa Figos
npub1r5…333vz
2024-12-22 22:23:14
in reply to nevent1q…ehnl
Author Public Key
npub1r5yzptzufjehaduv3du9tlrav4ws9edwuu338s2a06haamc6xlfsf333vzPublished at
2024-12-22 22:23:14Event JSON
{
"id": "8fa450ca0c01cc28617c66b7d53a61c96db26191072b6fe938f3cc3fa74d37b5",
"pubkey": "1d0820ac5c4cb37eb78c8b7855fc7d655d02e5aee72313c15d7eafdeef1a37d3",
"created_at": 1734906194,
"kind": 1,
"tags": [
[
"e",
"7de98c7767c2f8356347aa93662d0e922e79d2928d7a5f7afa5453dfe34e2aac",
"",
"root"
],
[
"e",
"d488481287f8d334722cb2071f9fd030c12c20ef6faeb8d8154be4df9184350b"
],
[
"e",
"456655de080eda514f45526b58abd7b092a7391707ddac764e006bf026319ac3",
"",
"reply"
],
[
"p",
"50d94fc2d8580c682b071a542f8b1e31a200b0508bab95a33bef0855df281d63"
],
[
"p",
"d6149823c90c4865e4bc434a4be1a1ee8f72aabd8328dd059ba4f11f7633b0b6"
],
[
"p",
"1d0820ac5c4cb37eb78c8b7855fc7d655d02e5aee72313c15d7eafdeef1a37d3"
],
[
"p",
"6e77f4f3c9995e0887d02dc95b39692f58641ed5b073972ef86cd6b61ecc6bae"
],
[
"r",
"https://en.bitcoin.it/wiki/Value_overflow_incident"
],
[
"r",
"https://protos.com/bitcoin-lightning-bug-could-jam-and-steal-millions-of-dollars/"
],
[
"r",
"https://protos.com/bitcoin-lightning-network-users-could-have-lost-millions-in-jamming-attack/"
],
[
"r",
"https://protos.com/researchers-discover-critical-bitcoin-lightning-network-vulnerability/"
]
],
"content": "Same with bitcoin, neither one scales at it exists now. There's nowhere near enough block capacity for even 1/4 of people on the planet to open a channel in any timely fashion.\n\nThe IP issue is a bit different, in lightning your peer will know your IP, but also your channel id, balance, etc. Compounding that is the fact that the non-custodial lightning wallets (where you don't run a node on the phone a la zeus) that are more widely used, use trampoline routing. So they know who you're paying.\n\nIn Monero you have the issue where a malicious node can error out as you attempt to spend, and if you resubmit the tx one of the outputs in the decoys will remain constant, revealing that you own it.\n\nAs far as I know that's the only thing. But yes, at the network level, use Tor and to some extent mitigate either scenario (which 99% of users will never do of course).\n\nThe LN scenario leaks more info if you compare them side by side.\n\n\nRegarding the funds potentially being stolen after 2w, it's not about the attacker predicting the future or not. It's about there being a constant risk as well as the incentive to do so.\n\nSince most (99%+) channels are public, and since most user channels are not involved in routing, it is trivial for an attacker to monitor usage patterns and increase their odds.\n\nI don't know about you, but for me I would not risk having on lightning any amount that I would regret losing in the first place, first because it's a hot wallet (pretty much the entire network is, really, which is yolo at its finest), second because a year from now when I check, the funds might just not be there anymore.\n\nThere is also the issue of upkeep. I don't run any LN nodes anymore because the hassle simply wasn't worth it. \n\n\nFinally, regarding edge cases, yes they exist, but the known ones will be going away with FCMP soon™. They're easy enough to work around with, but I agree, it's a weakness. A small one in the grand scheme of things, but it doesn't have to be there - which is why they're going away.\n\nAbout the catastrophic bug, yes, I am aware. And it was luck indeed.\n\nBut don't forget Bitcoin has suffered a catastrophic inflation bug (see https://en.bitcoin.it/wiki/Value_overflow_incident ) in the past, requiring a rollback of the chain (which never happened in Monero), as well as a host of serious bugs that would've ground the network to a halt (could link them here, but they're easy to find).\n\nIn other words, software has bugs.\n\nLightning, incidentally, has had its fair share of trainwreck bugs as well as potential ones (see https://protos.com/bitcoin-lightning-bug-could-jam-and-steal-millions-of-dollars/ and https://protos.com/bitcoin-lightning-network-users-could-have-lost-millions-in-jamming-attack/ and https://protos.com/researchers-discover-critical-bitcoin-lightning-network-vulnerability/ and dozens of others), further cementing in my mind that it's not worth it to risk having a lot of money there.\n\nAnd because using lightning non-custodially implies opening channels, and each onchain tx is another nail in the coffin privacy-wise.. I end up defaulting to Monero most of the time.\n\nNow, don't get me wrong, it would actually be less friction if I could use BTC privately without all the tradeoffs just mentioned, since I basically hodl zero Monero proportional to Bitcoin.\n\nBut I care about privacy as a human right a lot, and unfortunately Bitcoin and privacy rarely go well in the same sentence.\n\nI wish that were different, but it isn't right now, at least not satisfactorily in my analysis, which is exactly why I use Monero.",
"sig": "2540bd51162e25b6db4927ebdd133b40bc7a933c428d401cec1a215e5f0833c82def8298f83a76eaf330d4f77409f187233cfb38377963b5bd4b6cffd55d18d1"
}