on Lightning, there is a unique ID attached to any payment
anyone on the path knows the amount of the payment and the payment ID, and which node it is going to and coming from
using certain heuristics, it is possible to identify recipients, and senders with high accuracy, by only controlling some of the nodes on the path, which can be achieved by well funded chain analysis entities nostr:note1k6zvw7rg3dv8mcmzgn9w0k90g95y8mw04tftm25ke2htfpkmutyqe0h3kr
> anyone on the path knows the amount of the payment
Thanks to the commonality of multipath payments, nodes along the path only know a lower bound of the amount, not the definite amount
> it is possible to identify recipients, and senders with high accuracy, by only controlling some of the nodes on the path
I do not think this is true. Let's suppose you control 5 nodes along the path (Charlie, Dave, Edna, Filbert, and Genna) and you start to trace a payment that flowed through your nodes. You trace it back to Bob on the "sender" side and Harry on the "recipient" side. But you can't tell whether Bob is *really* the sender or just another routing node. And you can't tell if Harry is *really* the recipient or just another routing node. All you know is, those nodes were as far as you could trace it.
CA companies likely control 50% of nodes and can get access to 80% of well connected nodes.
Don't you think they would demand government to make LN nodes get a money transmitter license so they can siphon data from those nodes directly if their current setting would not work?
Most LN tx are custodial anyways. You either push for small scale (high failure rate) self-custodial LN that can not be controlled or you set he whole network and its users up for failure.
> Don't you think they would demand government to make LN nodes get a money transmitter license so they can siphon data from those nodes directly if their current setting would not work?
I think they could try, but I don't think it would work. Money transmitters are required to get the KYC info of their users, which is a serious hurdle to onboarding, so I think most users would just gravitate toward wallets where you don't have to do that -- e.g. ones connected to "underground" routing nodes. And thus the KYC'd routing nodes would simply be routed around.
If the sender and recipient need to handshake, the NSA knows what happened.
no, they don't know anything except where it came from and where it's going, it's wrapped in encryption on each hop between the nodes in the payment, yes, timing attacks are feasible, if you control a lot of points in the network, same as can be said for low latency traffic over tor
yes the amounts are known by each point along the path, this is why more complex routing including split and join paths and this would also help for redundancy so you can have payments race to their endpoint
there is an inherent vulnerability in low latency traffic, but at the same time the greater the traffic volume grows the less useful the data can be
you don't solve the privacy problem by sticking to 15 year old tech
i am not extremely hostile to monero evangelists for nothing, they are like mormons knocking at the door that nobody is benefiting from their presence
also, it may well be that there is a big pile of problems with the most common LN node, LND, that is unsurprising to me having worked intensively with the codebase of it and it's grandpappy BTCD - the guys who are building that stuff are clowns, even if one of them was a co-inventor of LN protocol he writes shit code
What % of channel liquidity of whole network do they need to own for this to work?
