Nice write-up and thanks for the kind words! We are on Stacker too, so just @boltz for questions ✌️

As send to and receive from Lightning within Aqua is powered by Boltz, we are present in their Telegram group and are taking support requests there. But we are not admins.

Thanksss

We had one significant vulnerability pretty early on: https://blog.boltz.exchange/p/the-problem-with-free-options-69f9f59a2d48. But it was never user funds at risk. Just ours :/ Nothing in recent years.

Downtimes: many. Scroll through our twitter and you'll see the pain we went through. Mostly caused by either crashes of our LND e.g. https://nitter.net/Boltzhq/status/1666434127321522185 or planned restarts of our LND node to do the necessary db compaction. Most significant down time in recent history was back in May because we were unprepared for the fee hike see https://nitter.net/Boltzhq/status/1656013583124242437.

We have learned from this a ton, worked a lot to prevent both from causing significant down time again in the future (second CLN node as failover see #339248, also huge work went into automating our liquidity management) and things look a lot better now.

Good question, incredibly difficult topic. We spent many hours debating this in the last months as we grew. Let me try to be very transparent about the outcome:

What? We will "not facilitate swaps involving any of these bitcoin addresses: https://github.com/0xB10C/ofac-sanctioned-digital-currency-addresses/blob/lists/sanctioned_addresses_XBT.txt", 376 as of today. Not more, but also not less.

Why (Short version)? : Because we can't become a tool that is used for serious crime. If we do, we won't make it. And we really want to make it.

Why (Long version)?: Many of our users use Boltz Swaps to increase privacy for very legit use cases, e.g. when depositing or withdrawing from KYCed services like CEXes or as precaution when e.g. moving to cold storage. We will be blocked by these services, the same way many of these services freeze your account if you deposit from addresses that were involved in a mixer/coinjoin. It would render Boltz useless for many of users, while it would help exactly none because we didn't have a single swap involving an OFAC listed address in the past. And anyways most addresses on this list are emptied or otherwise dormant. Also, as we are driving integrations of our API forward, some partners simply require us to be "OFAC compliant" otherwise they can't integrate. Because they are based in the U.S. or otherwise. So far the rational arguments.

I chose to do the risky thing and be blunt. Would love to hear your point of view!

As in Front End? Too many acronyms here on SN ;)

This. It's the only thing we have that is stable and battle-tested. Explorers, wallets (many more to come), dev tooling, even some exchange integrations. It's all there and ready, one just needs to use it. Goes without saying that many things can be improved and goes without saying we'll closely watch Fedi.

It's hard because we want to make these swaps taproot-native right from the beginning to avoid adding a swap type that will be obsolete just a month or two later. So taproot/musig2 is the big thing @michael1011 is currently working on. Liquid<>mainchain swaps itself are very similar to our submarine swaps.

PS: we'll move our existing submarine swaps to native taproot too ✌️

🙏

🙏

Write a song about it :D

Become an LSP (https://github.com/BitcoinAndLightningLayerSpecs/lsp)? Potentially. We have it in our backlog but not a prio rn.

Love it, wen github gist?

🙏

🙏

We didn't change anything on the site in the past days and definitely not in the last 40 mins. Can you spot what's different?

Regarding not working: I guess you are using LN -> Liquid swaps. So while I was here bragging about almost never running out of liquidity some big swappers came in and brutally emptied out our liquid wallet. We are refilling should be back in some mins. Just try again in a bit. I should watch my mouth.

Definitely not this year. Honestly can't really promise anything and we still need to give it a proper look to decide how it will work. How it could work for the two different swap directions is outlined here, but as you can see Dan highlighted some issues https://gist.github.com/DanGould/425bde63ca13da238071a7935bb3ea3f

Welcome to our daily nightmare. First thing I want to say: we have a pretty good fix for this in testingn that will be released soon that should greatly motivate downloading the refund file and reduce these situations to a minimum. We'll hit the user with this in chain -> lightning swaps:

That being said, there is an emergency mechanism if all refund info was lost: here the user needs to extract the preimage directly from the invoice that was used in the swap and with this preimage, the user can craft the refund transaction. We usually help users to do that and have pretty much all custodial lightning services like WoS on speed dial to help the user get their preimage. But again this is quite some manual work, involves multiple rounds of communication and definitely sth we'd ideally not have to do anymore in 2024.

So far we are not aware of any loss of funds because of lost refund info.

By reducing the attack surface. After careful evaluation we set up an entity in El Salvador, where we can operate legally as-is, and use it for very specific stuff only. But so far things are going well and are hopeful for El Salvador to become a safe haven for Bitcoin-only non-custodial services. We also moved our servers out of the cloud, don't use any service that is connected to the U.S. and generally make sure we stay as agile as we can.

Would have loved to integrate with Phoenix, we actually talked to the team but they don't want 3rd party dependencies ("if Boltz goes down, part of the app stops working") which we totally understand. Phoenix is shooting for a very polished UX.

I think it's simply that we are the only production-grade non-custodial swap service that there is and additionally is not married to one specific lightning implementation and that has an open API.

In our case it's prbly the fact that we are a very small team and bootstrapped. We are proud of this fact but it doesn't make it easier and all of us need to "wear a lot of hats".

🙏