Less than two months ago, the Chain Duel Lightning node was hacked and all funds were stolen.
Suddenly, everything felt fragile.
I didn’t shut everything down, but I didn’t move forward either. I left the node empty for a while, unsure how to proceed, unsure whether starting again was responsible or reckless.
What lingered was hesitation.
That fear didn’t come from losing belief in Bitcoin or Lightning. It came from realizing how many attack surfaces existed beyond my understanding. How much I had trusted that “it will probably be fine”.
Running infrastructure exposes your blind spots. Firewalls you don’t fully understand. Services you expose because tutorials say so. Defaults you accept because questioning them takes time and effort. When something goes wrong, it becomes clear how many assumptions were hiding underneath.
Looking back, the issue wasn’t only lack of experience.
It was also complacency.
I knew some best practices. I knew certain things should be done. But I delayed them. I relied on convenience. I assumed problems were unlikely, or at least unlikely to happen to me. The abstractions made it easy to believe I was in control.
The hack broke that illusion.
For a while, I didn’t know how to proceed. Running a new node felt dangerous. Not running felt like giving up. That tension sat directly against my principles.
So I decided to start over again.
Not confidently. Not fearlessly. Just deliberately.
This time, I’m trying to reduce what I don’t understand. I removed layers I couldn’t reason about. No Umbrel. No third-party app ecosystem. Fewer moving parts, fewer assumptions.
I’m making an effort where before I postponed. SSH keys instead of passwords. Restrictive firewall instead of permissive defaults. VPN instead of exposed services.
It’s been slow and humbling. I read, realize I don’t understand enough, then read again. The more I learn, the more aware I become of how limited my understanding is. Uncomfortable, but also clarifying.
Bitcoin Core is now running from the command line.
Initial Block Download is in progress. It feels appropriate. You verify. You don’t skip steps. Trust has to be rebuilt from first principles. It’s not impressive or fast. It’s quiet and demanding.
Lightning will come afterwards.
Readiness isn’t a prerequisite. Awareness is. Care. Paying attention.
Getting hacked didn’t make me stronger.
It made me more honest about my limits.
Running a node again isn’t a victory or a return.
It’s a decision to keep learning, to take responsibility more seriously than before, and to resist the temptation of comfort over understanding.
I’m still uneasy.
But I choose to stay engaged, to learn in public, and to do my best.
