Bitcoin custody provider Casa held its annual Keyfest conference this month, and with it came many conversations around Bitcoin privacy, security and the Lightning Network.
And one very important question was raised in the Q&A portion of the first session of the second day, “Lightning Network And Privacy,” hosted by Casa’s Andrew Yang, Impervious Developer Anthony Ronning, Surebit Software Engineer Nadav Kohen and Blockstream Lightning Protocol Developer Lisa Neigut: “Is the Lightning Network centralized?”
This is a very important question for a plethora of reasons, but one massive reason stands out to me: If Bitcoin separates money from state, but we are just creating another centralized system to replace the old one, then what’s the point? As Rick from “Rick And Morty” would say, “That just sounds like slavery with extra steps.”
So, we asked the question: Is Lightning centralized? To decide, let’s first do a comparison of the model we seek to replace.
The Fiat Layer 2 System
Lightning is often referred to as the Layer 2 of Bitcoin, though really it is just the most prominent of any number of Layer 2 protocols built upon the Bitcoin base layer.
It can be helpful to think about layering in reference to the Open Systems Interconnection (OSI) model architecture, which is a prominent concept model of how a network should be designed. In that model, the second layer is called the “data link” layer. Per Wikipedia, “This layer is the protocol layer that transfers data between nodes on a network segment…”
As such, this method of communication is meant to be a reliable communication between nodes. In the fiat system, there is one central node in the U.S., known as the Federal Reserve, and nobody can replace this node. Though the International Monetary Fund (IMF) serves as the lender of last resort on an international scale, that position is maintained by the Fed at the national level for the U.S.
The Fed dictates monetary policy by absorbing garbage assets on its balance sheet that nobody wants through a process called “quantitative easing,” or QE for short, where it frivolously prints money to solve its problems and buy those assets. In order to accomplish this, there need to be other nodes that can communicate with central nodes to maintain this policy across the nation.
These other nodes are made up of 12 total central banks and 24 supportive branches under them, and they all answer to the members of the Federal Open Market Committee (FOMC).
Look at that math real quick and you’ll realize that the Federal Reserve controls absolutely everything, and none of these people are elected officials. (Then there are the central banks of other countries as well).
Let’s just move right past the idea of creating your own central bank within the current architecture, because that’s not going to happen (which is a clearly obvious and direct form of centralization). Instead, let’s play and assume you just want to open a bank and be part of the Fedwire system which is « used by assigning an ID to each bank to finalize transactions between one another. This requires federal and state regulation to gain a charter in order to become a bank and help facilitate payments on the Layer 2 of fiat. Perhaps we’ll let the Fed itself explain how easy it is to get chartered:
“Starting a bank involves a long organization process that could take a year or more, and permission from at least two regulatory authorities. Extensive information about the organizer(s), the business plan, senior management team, finances, capital adequacy, risk management infrastructure, and other relevant factors must be provided to the appropriate authorities.”
Note that there are two more paragraphs explaining other requirements that I didn’t quote above, mostly because I didn’t want everyone to get bored and stop reading.
You are required to have permission from multiple entities, ridiculous capital requirements and you basically need to have the entire business model put together and beg the government to let you spin up another “node” within the fiat system and contribute to its Layer 2. Clearly, it takes a lot to facilitate transactions within this system.
So, how does Lightning compare?
The Bitcoin Layer Two System
The Lightning Network is similar to a “data link” layer in that it allows communication between nodes for final settlement. The clearest difference between the Lightning Network and Fedwire though is that you need to be a bank to participate in the Fedwire system, whereas basically anyone can open a Lightning channel, without permission required. Fedwire communicates between banks, Lightning communicates between anybody that wants a channel.
What are the barriers of entry to open a Lightning channel? Electricity and internet. That’s it. I just snapped a few brainstems there, but let me explain.
Think of the Bitcoin base layer as gold: Relatively hard to move, you need to pay fees to move it and it’s just not a user-friendly experience, so it makes purchasing a coffee somewhat difficult to do on-chain. This was a common criticism of Bitcoin as its opponents tried to tout the idea that Bitcoin could never be a currency because it couldn’t move fast enough. Those citing the criticism were never able to identify the hypocrisy of the exact same issues being in place for gold.
In comes Lightning. The transactions made in a Lightning channel do not exist on-chain, but the final balance of the channel is eventually broadcasted on-chain when a channel is closed. What does that mean?
Think of the channel as another node, or a bank if you will. This node opens when two parties want to transact off-chain because they want speed and accessibility of their funds, which you can’t really have on the base layer. Once this channel is open between willing participants, they can spend bitcoin back and forth as much as they want, as many times as they want. Once they decide that they no longer need the channel, they close it. The finality of all of those transactions is broadcasted to the Bitcoin blockchain, allowing every Lightning transaction the exact same security and immutability that they would have had in the end, had the users decided to transact on the base layer.
“But you need Bitcoin to open a channel!” Nope. Not true. This might have been the case at one point, but Lightning Labs came up with a brilliant solution. Through a “sidecar channel,” you can ask someone else to do the hard lifting for you.
“Sidecar channels solve this problem by enabling a third party to purchase channels on behalf of a user,” Ryan Gentry of Lightning Labs explained in a blog post.
Originally, Lightning Labs created Lightning Pool, which allowed node operators who didn’t have enough liquidity to link up with people who could provide the capital. Now, it has expanded on that, allowing users to link up with people who have both the channel they need and the liquidity in the form of satoshis. All you need to do is get a Lightning wallet, which will serve as your node, even though it’s not a full node, and you’re good to go.
I will repeat: All you need in order to help facilitate transactions on the Bitcoin Layer 2 protocol and help process transactions worldwide… is electricity and an internet connection.
The distance between the fiat and Lightning barriers to entry cannot be exaggerated. So, why do people think the Lightning Network might be centralized?
This article discusses the growing number of Lightning Hubs. Think of these as companies or wealthy individuals creating a large number of Lightning nodes and channels.
I find this to be largely irrelevant. Not that it isn’t an important discussion or that we shouldn’t consider attack vectors resulting from these hubs or their absence, rather, I find it irrelevant from a philosophical perspective.
Bitcoin is a philosophy of free choice. The barrier of entry to the Lightning Network is almost non-existent. A little self-teaching, and you’re well on your way with few practical requirements. Sure, you need to put in the effort to do your research and to try your best to avoid making mistakes along the way, but the point is that anyone can do it. We cannot have a protocol of free choice and simultaneously add some form of tracking that prevents companies or individuals from opening as many nodes as they want. Lightning is still in its infancy and to assume that the hubs of today will be relevant or hold any amount of control on anything in the next 15 years is absurd.
If you have an issue with Lightning Hubs, go open a channel. It’s that simple.
But, is Lightning more secure or private than fiat?
Bitcoin transactions form an output and input chain that run simultaneously. Transaction output is commonly denominated in satoshis, decimal fractions of bitcoin. The balance of bitcoin is an aggregate summation of all UTXOs (unspent transaction outputs) held within a wallet. Think of a UTXO as digital proof that you have money you have not spent yet.
In order to spend a UTXO, you are required to provide a signature (or multiple if using multisig) that corresponds to the public key (wallet address) associated with the UTXO.
Hash locks create specific requirements typically related to certain information being made public before a UTXO can be released, and similarly, a time-lock can provide requirements of time or block height in order to spend a UTXO.
In order to create a bi-directional (buy and sell) channel on Lightning, two parties, or public keys, come together in order to create a channel multisignature address, where both parties provide a signature. A funding transaction is then created, and this funding can come from one of the parties involved, both of the parties, or a third party as mentioned earlier, but not signed at this point.
Two asymmetrical commitment transactions are created in order to return funds in the event of a payment dispute between the two parties known as a “non-cooperative closure.” Each of these two transactions has one output to the person you are interacting with, and one to yourself. The output to yourself contains a revocation key, or the penalty key in case things get saucey. Once these transactions are complete, the funding transaction can then be signed, which opens the channel.
In order to spend money within the channel, both parties must create a new commitment transaction with an updated balance, and share their penalty keys for the prior channel state in case someone decides to get feisty and pull some tricks. These channels are designed to penalize any user who would attempt to defraud the system. As mentioned before, when this channel is closed, it is broadcast to the network and all of those transactions are now immutabely secure on the Bitcoin protocol.
Having the penalty key allows you to seize 100% of the funds if someone tries using a previous state to manipulate the system. Since the mempool and blockchain are open and public, you have time to use a penalty key if someone tries to cheat. The incentive to cheat is drastically outweighed by the circumstances of which you can lose all of your funds for cheating. The incentive to strengthen and maintain the network, however, grows daily as adoption continues. It’s a system that doesn’t ask its users to be honest, because the system makes sure that honesty is the only choice that makes sense.
Fiat Security And Privacy
Encryption that is only readable by the bank, Advanced Encryption Standard (AES) -256, is the standard used by most banks. This is a symmetric form of cryptography, meaning that while Bitcoin uses SHA-256 to encrypt all of its transactions by requiring both a public and private key, AES only requires one symmetrical key.
This block cipher used in AES allows for significantly higher amounts of data to be stored in each “block,” especially given the fact that the block size limit set by the Bitcoin protocol prevents massive stores of information in each block in order to maintain decentralization by having a low barrier-to-entry in hardware costs. Inherently, the encryption method of the banking system is set to a standard that allows one symmetrical key the power to decipher the encryption, and each encrypted block holds a very large amount of data within it, and all of that data is stored on a centralized server.
Now you can see why millions of people are affected every time a bank gets hacked. They are designed for efficiency, not privacy or security. They also hold every record of every transaction you’ve ever made, while only being required to insure a fraction of the total funds they represent.
Lightning was the harder system to design, but Bitcoin made it possible. The biggest issue was convincing a large amount of decentralized people to coalesce into an unstoppable swarm of hash functions securing a worldwide network, and Bitcoin accomplished this. Building on the hard path, Lightning allowed that scale to achieve exponential growth as a real currency, as made evident in El Salvador.
Are Lightning Hubs something to be concerned about? Absolutely. We should continue to watch this as it evolves and we should cheer the individuals and companies that incentivize the growth of additional and personal node use. Does this mean that Lightning is centralized? Not by a long shot. Anyone can enter whenever they want and that is the key difference. Fiat is a bygone relic and its aged systems will become increasingly meaningless as adoption continues.
This is a guest post by Shawn Amick. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.