Lightning Network, the second layer, is not yet fully functional to protect users privacy. An attacker will be able to discover channel balances by polling.
Thank you for reading this post, don't forget to subscribe!In February 2022, governments and companies that use Chainalysis services will scrutinize the Bitcoin Lightning Network.
The firm will add support for Lightning, and from then on, anyone using its platform will be able to track transactions on the network that enables instant micropayments.
The traditional way Chainalysis proceeds is to monitor and link users with Bitcoin transactions. From there, they can explore the blockchain to see the past and future operations of the identified users.
If this company has an identified user, they can know when they have opened a channel [on the Lightning Network].
Calderón refers to the fact that, although the bitcoin micropayment network is often seen as a solution for privacy, in reality, an attacker can quickly discover the balances of the channels of a stranger through a probe.
Of course, it would be uphill for Chainalysis if it intends to monitor all public channels, which are currently 77,828, and even more so if most of them are private.
But still, Calderon said that “the company could quickly know which wallets users are using just by decoding a Lightning invoice which would allow them to obtain information about who receives the funds, the destination node, and clues to determine the payment to the destination.”
Lightning Network and Taproot, users privacy issues
Sergi Delgado, one of the Lightning Network developers, believes that the protocol cannot be seen as a privacy layer. He suggests applying heuristics to generate a hypothesis about the origin and destination of funds.
On the other hand, channel probing techniques consist of sending payments through LN channels between two nodes controlled by the same person.
These payments through LN channels are discarded once received by the destination and used to find each node’s balance in the channel.
Sergi Delgado, Lightning Implementation Developer.
Spanish developer Sergi Delgado pointed out that Taproot does not offer more excellent privacy protection in the second layer of Bitcoin.
Delgado agrees with Calderón that Taproot can stymie Chainalysis’ efforts to protect Lightning Network users.
He does, however, caution that it would only defend “at the level of channel opening and shutting, that is, it will prevent the trace that the channels leave in the chain, but not the assaults that may be carried out in the second layer.”
Regardless, there must be greater adoption for users to enjoy Taproot’s benefits, such as more private, efficient, and less expensive transactions.
For that to happen, exchanges and other service providers must update their software to make them compatible and allow trading between Bitcoin addresses with Taproot support.
Users must begin to pressure wallet developers to adopt Taproot and start to benefit, among other things, from the privacy improvements that we have today, thanks to this improvement.
Francisco Calderón, developer and evangelist of the Bitcoin Lightning Network.
Meanwhile, to protect his right to privacy in Lightning, Sergi Delgado recommends “having unannounced channels because these cannot be the target of balance probe attacks.”
However, the developer believes that path analysis is more complex.
However, it explains that this type of attack can be contained with Point Timelock contracts (also known as “payment points” or PTLC).
With them, you can send payments without trusting anyone by adding a random adjustment so that you cannot discover which fees belong to the same route.
Original Interview: CriptoNoticias