Why stablecoins and stablechannels are dumb
Coming soon, hopefully. It's based on an observation about phoenix: their version of splice-in transactions atomically swap an inbound lightning payment for a fresh deposit of bitcoin into your channel. This form of atomic swap is better than a submarine swap in this respect: it uses only one single bitcoin transaction instead of two. So I came up with a generalized version that can be used outside of lightning wallets and I called it papa swap. I was about to implement it too (hence the repo) but I got delayed by the need to prepare workshops for upcoming conferences. When things settle down I hope to implement it.
Family is worth more than all the bitcoins
My approach to programming:
You don't have to reinvent the wheel
You "get" to
My latest tool is NWC Tester, which you can use to test Nostr Wallet Connect connection strings:
https://stacker.news/items/711076
hey npub19hg5pj5qmd3teumh6ld7drfz49d65sw3n3d5jud8sgz27avkq5dqm7yv9p you should check it out, and npub1getal6ykt05fsz5nqu4uld09nfj3y3qxmv8crys4aeut53unfvlqr80nfm you might like it too. They made a similar tool (https://getalby.github.io/nwc-tester/), but mine is more fully featured
> Is also possible to snapshot individual wallet balances, addresses, transactions?
Unless the wallet is a routing node I don't think this is feasible for third parties to do. But all wallets are connected to at least one routing node, and each of those routing nodes know the balance of your channel with them. Some, like Binance's routing node, also proactively state in their privacy policy that they log this data and share it with law enforcement, including info about any transactions that flow through their node. So be careful who you open channels with.
> So not an unsolved problem anymore?
I'm not sure. The solution is known but I am not sure node devs will upgrade to versions that don't support payment probing. It's a popular feature with native commands for it in LND and Eclair, and they would have to disable that popular feature that many wallets rely on to assess the likelihood of a successful payment before attempting one. It seems unlikely that LND and Eclair will upgrade to a version that disables this. Maybe a new, privacy focused lightning network subnet is what's needed, where participating nodes all announce that they won't allow payment probing.
May not it rather be titled LNproblems, or to include Tumblers and DLCs, L2problems instead?
Btw nostr:nprofile1qqszrqlfgavys8g0zf8mmy79dn92ghn723wwawx49py0nqjn7jtmjagpz4mhxue69uhkummnw3ezummcw3ezuer9wchszyrhwden5te0dehhxarj9ekk7mf0qy88wumn8ghj7mn0wvhxcmmv9uynmh4h did you know the first one? May that be considered analog to xmr poised txs?
I am aware of the first problem and I note that Rene Pickhardt tried to perform this attack in 2019 with little success. He tried to take a snapshot of the balances of all routing nodes on testnet, and while he did manage to do it, it took him over 9 hours to do so. It would be an even harder task on mainnet due to the larger number of routing nodes.
Since lightning has high volume, I think you wouldn't get good days about the history of transfers on LN unless you could get snapshots of routing node balances every few seconds, rather than once per day or so.
Nonetheless, Rene did find that while it takes a long time to probe the balances of*every node,* each *individual* node only takes about 20 seconds to probe. So if you looked your attack to a single largr routing node you could probably get reasonably good data about what traffic it routes across the network.
Also, the Blinded Paths upgrade mitigates this attack. Part of the plan for Blinded Paths is to remove the distinct error messages revealed by nodes depending on whether the payment made it to its destination or had a routing failure part of the way through. With Blinded Paths, the same error message is displayed for every payment failure, which means Balance Probing as performed by Rene won't work anymore. His technique involved sending multiple fake payments through a routing node and logging whether they failed due to the routing node not having enough capacity or the recipient being unable to finalize the payment. If the latter, it meant the routing node *did* have enough capacity to forward that payment, so Rene would try again and again with larger and larger fake payments until the routing node reported an inability to forward the money, then record the prior amount of the fake payment as their latest balance. This method relies on does not work if all payment failures look the same, so the Blinded Paths upgrade should fix this.
"No thanks, I don't like coffee," I explained
"Oh, I do!" she gasped. "My favorite place is __________. Their coffee is so good, lots of cream and sugar. I can barely even taste the coffee!"
I didn't say anything but I don't think she likes coffee
This bitcoin parody from 11 years ago is still fire
In he last paragraph there was an important typo. I wrote "I don't think they would be unable..." but it should say "I don't think they would be able..."
I used the "Edit" feature in amethyst to fix it but just in case your client doesn't show edits, I'm clarifying here as well.
If you withdraw your funds from a CEX to any wallet, I think the CEX will mark it as sent to you, and would probably testify that, as far as their records can tell, you still have it. I would not be surprised if a judge said that's enough data to conclude you *do* still have it. If you claimed to sell, spend, or lose all of it, I would not be surprised if a judge said that's an unlikely story and consequently "innocent until proven guilty" doesn't apply. If that happened you might need to show evidence to probe your case, and might be considered to at least own whatever amount you can't show convincing evidence of selling/spending/losing.
If you used a standard bolt11 invoice to withdraw the funds, they would have full route info from themselves to your LN wallet and could trace the funds that far. You could use tools like lnproxy.org to throw them off, but they might subpoena or purchase your "real" routing info info from lnproxy.org or whatever competitor(s) you use.
If your wallet is connected to a routing node like Amboss or Phoenix, and you're not using tor, those guys have your IP address and can also see when you close your channel and send your funds to cold storage. They might act as informants against you if their routing nodes showed up as the "last hop" on the path from the CEX to you.
All that said, I don't think they would be unable to *deterministically* trace the funds if you use tor + route blinding (e.g. through lnproxy plus a few of their competitors, or bolt12) but they probably don't need to -- if they are confident you withdrew the money *somewhere* then you will be marked in their books as having whatever amount of money you withdrew, regardless of where you sent it afterwards.
Brick Wallet is now slightly prettier, slightly snappier, and supports two new sending methods: it can send money to lnurl paycodes and lightning addresses
https://video.nostr.build/af4f920fcc7b909675060d77b29223bb47018c01b28d7d009d9834d12aeb695a.mp4
Kraken drops support for Lightning Network in Germany
They don't want you using encrypted money
Video: first look at brick wallet
https://video.nostr.build/cf0b94894c073b594d130fa42e7c630cf56e3281bcf0640f33093e89e40db1b1.mp4
My latest project is Brick Wallet: a web frontend for NWC (Nostr Wallet Connect)
Learn more here:
Tomorrow I am presenting my Bitcoin Script workshop in Spanish:
Learn to make your first bitcoin smart contract, a ballgame contract where an oracle says who won a ballgame, and anyone can bet on the outcome and take their winnings if they win
> Rights are something you earn and defend
How is this any different from Might Makes Right? You can't lay the foundation for tyranny and then act shocked and horrified when tyrants start to trample. In a society that teaches rights are created by a strong arm, the guy with the biggest gun will run amok