Have you ever considered using the Lightning Network to deposit and withdraw funds but were worried about losses due to the risk of funds being stolen, double-spent, or locked up in channels? Many bitcoin users are familiar with the base chain and are yet to explore second-layer solutions like the Lightning Network.
While moving your funds into Lightning offers you a host of benefits, such as faster transactions with lower transaction fees, there is still a question about the safety of funds when using the Lightning Network.
This is not a dig at Lightning and the security it can provide; it’s only an evaluation of the trade-offs made to provide users with the benefits that the base chain cannot off you. To access the Lightning Network, you have to be okay with the fact that it won’t be as secure as having your funds in your on-chain wallet.
Learn before you get burned.
For you to leverage the latest technologies, you have to be a responsible bitcoiner, who doesn’t trust but instead verifies; you have to remain sceptical of everything. It’s your money and your purchasing power, so you’re the one taking the risk.
When moving bitcoin to second layers, there are always trade-offs which is why it’s so essential to understand the potential risks of using the Lightning Network and gain insight into the security measures in place to ensure you don’t lose any of your funds.
If you are thinking about using Lightning, but you have questions like “What is the risk?”, “Can funds get stuck?” and “How do I avoid these risks?”. By the end, you’ll know the answers to these questions and be comfortable using the Lightning Network to transfer your funds.
The custodial rug pull.
If your point of contact with the Lightning Network is via a custodial wallet or an exchange wallet that interacts with Lightning, then you’re putting yourself in a position where you must trust the provider.
You’re banking on the fact that this service will always honour your balances, route your payments, have the bitcoin they say backs your balance, and they do not go out of business while you still hold funds with them. If the wallet providers node goes down, your funds will be locked along with the rest of the users. If the provider goes bust or is seized by the government, your funds will likely go along with them.
These apps are super convenient; it’s essentially no different from using a banking app, that supports bitcoin. This option is okay for those who wish to test out the Lightning network, get funds into Lightning to tip users or pay for items. If you’re only holding small amounts or funds for a short period and you plan to sell soon to acquire fiat or purchase goods and services, custodial wallets will do the trick.
Rugged by your channel host.
As a Lightning user, you don’t have to use one of the major custodial services; you are able to distribute your funds over several custodians that offer hosted channels. The user experience is similar to custodial wallets; the only real difference is you get to choose from a bunch of hosts and distribute your risk.
If one host goes down or they act maliciously, your total balance would not be compromised, only the balance you hold with that specific host.
While the host will hold the funds and manage your balance accordingly, you, as the client, have a cryptographic proof that acts a claim to those funds. A host cannot spend your balance without getting a signature from you, but they can exit scam the entire channel by closing the channel and sweeping those funds on-chain.
Rugged by a channel peer.
When you connect to the Lightning network, it’s important to pick the right channel peer, not only someone who will act honestly but someone that can offer you regular transaction routing, so you can earn fees for the liquidity you provide.
Lightning nodes that have a lot of traffic are sought after, and there is an incentive for them to partner up and create more channels so they can access more routes, liquidity and route cheaper and faster transactions due to fewer hops. There are clear financial incentives for Lightning Network node operators to act productively and not try to cheat channel peers.
But that doesn’t mean a node runner might not want to cause harm to others or set up a node intending to disrupt the network and various connected peers.
When you connect to a peer, the two of you are in a constant rebalancing of the channel states as you either pay one another or route payments between one another. Suppose a transfer is made, but the two of you have yet to revoke the old state; the channel now sits in a state that is advantageous to the peer. The peer can try broadcasting that old state and keep the funds for themself.
If one of the parties tries to broadcast the previous state of the channel, the other party can take the entire balance of the channel by using the revocation secret (until a certain amount of blocks, after which both parties can spend) to issue a justice transaction.
The fact that a malicious actor could lose their funds through this recourse method is a deterrent for them to broadcasting a commitment transaction that reflects an old channel state.
If you lose your partner’s revocation keys, then if the other side publishes a previous state of the channel that was more beneficial to them, you cannot use the power of the revocation keys to take the entire balance state. Your peer can now safely broadcast the previous state without worrying about you taking their entire balance.
Your node gets compromised.
Running your own Lightning node is the most secure way to access the Lightning Network; it gives you far more control over your funds, and you get to choose the peers you wish to pair with to route transactions. You also have the ability to close channels at any time and withdraw your bitcoin back to an on-chain wallet.
While your node does give you additional control and security, the node itself is an attack vector, and you need to ensure that your node is kept safe and running on a secure network connection. A Lightning node requires a hot wallet, so your keys are active on the device, making it easier to sign for channel opens and closes.
If someone were to access your node remotely or physically, they could easily close all your channels and sweep those fees to a wallet they control.
Your node goes down, and you have no backups.
Bitcoin sitting in lightning network channels, is formed through a 2of2 multi-sig wallet. You own a key, and your channel peer holds the second key. Your funds are “safe” because you have pre-signed transactions that spend from that multi-sig wallet (similar to an offline signing of a transaction).
As long as you keep those pre-signed transactions, your funds are technically safe; you also need to keep channel state information to sweep the outputs of those transactions back to the base chain. If your node goes down due to a hard drive failure, or a power outage, you are no longer holding the latest channel state information as your channels are in a zombified state.
Your channel peer could broadcast a new state and hope that you take a considerable amount of time to get back up to speed, or that you have no channel backups to prove your state. If you don’t have channel backups and don’t act in time, the peer can sweep your funds. Your final hope in this situation would be that a watchtower has kept a copy of the channel state prior to you going down, and through the watchtower, you can issue a justice transaction to recover the funds.
If you do have your pre-signed transactions, but your peer goes down, you won’t be able to use that channel to route payments; in this case, you would need to issue a forced closing to get your funds back on-chain.
Another possible way of losing access to your funds is if you lose your commitment transactions and the counterparty becomes unresponsive, then there is no way for you to get back your bitcoin. The bitcoins will remain locked in the multi-sig, which you will not be able to spend until the other party comes back online.
Do your own research.
If you want to learn more about losing funds and potential risks with Lightning, use this article as a jumping-off point and don’t trust what we say as the final say. Take the time to research, check out their official resources below or review other articles and videos tackling the topic.
- How can someone lose funds in Lightning Network?
- WARNING: If you try to use the Lightning Network you are at extremely HIGH RISK of losing funds and is not recommended or safe to do at this time or for the foreseeable future
Are you a bitcoin and lightning fan?
Have you been using Lightning to make micro-payments? Stream sats or engage with apps? Which app is your favourite? Do you run a Lightning node? How do you handle channel rebalancing? Have you tried all the forms of Lightning payments? Which one do you prefer?
Let us know in the comments down below.