Replying to Avatar steepdawn974

I know. I'm talking about replacing the entries/invoice data in the LNbit Postgres/SQLite db somehow with blinded entries.

That said, I haven't looked into the Internals of the LNbits backend yet and might be talking out of my depth here. I seem to recall that all invoices are recorded in backend SQL, so the operator can supposedly see the user_id, wallet_id and LN invoice data of all users.

My comment was more meant as a general remark/design question:

"Could LNBits be made such that the above mentioned User data is shielded from the instance operator?"
Avatar
steepdawn974 2y ago

But when I think about it, all you'd really need is column encryption `pgcrypto` (client needs to provide a decryption key though.. maby a password?) at the database level. not 100% bullet-proof against a malicious server admin, but at least would guard you against database breaches from outside.

And if PG evere adds Transparent Data Encrpytion, than that would be a good option too.

Reply to this note

Please Login to reply.

Discussion

No replies yet.