pull down to refresh

Poorman's Coinjoin Using Non-Custodial Lightning Swaps (No Node Required)
1566 sats \ 18 comments \ @klk 29 Jun bitcoin

Bitcoin Privacy Through Lightning Network Swaps

Coinjoining on L1 is a bit of a pain. Talking about JoinMarket, it takes a long time, you end up with a lot of "toxic" change, and you pay a lot of fees on the way.
But there's a way to "instantly" swap a UTXO for another that's completely unrelated, and without anyone else but you knowing what went on.
So, how do you do that?

Visual Process Overview

Step 1: Setup Double Swap
┌─────────────────┐    ┌─────────────────────┐
│   Your UTXO     │    │   Target Address    │
│   (Original)    │    │   (Clean Bitcoin)   │
└─────────────────┘    └─────────────────────┘
         │                         ▲
         │                         │
         ▼                         │
┌─────────────────┐    ┌─────────────────────┐
│  SwapMarket     │    │     Boltz.exchange  │
│  (BTC → LN)     │    │     (LN → BTC)      │
└─────────────────┘    └─────────────────────┘
         │                         ▲
         │      Lightning          │
         └────────Invoice──────────┘

Privacy Layer: Two separate providers = No single party 
knows the full transaction path

Step-by-Step Process

Open:
  1. In Boltz, choose LN→Bitcoin and set the destination Bitcoin address and the final amount. Let's say 1M sats.
  2. Create the atomic swap and copy the LN invoice that they generate with their fees, currently 1,006,091 sats.
  3. In SwapMarket, choose another provider other than Boltz (e.g., Middle Way) for Bitcoin→LN.
  4. Paste the LN invoice that you've got from Boltz. You will see the amount that you need to send in L1 (LN invoice amount+their fees). In our example 1,007,651 sats.
  5. Create the atomic swap and copy the destination Bitcoin address and amount.
  6. Send the transaction and wait approximately two blocks. You should receive 1M sats in your destination Bitcoin address.

Cost & Privacy Analysis

This costs ~0.7% and takes just two blocks. The anonymity set is decent if you choose common amounts such as 100k, 1M, 5M, 10M sats.
Why this provides privacy:
  • Boltz doesn't know who paid them the LN invoice
  • Middle Way doesn't know what Boltz does with the funds from the invoice paid
  • The rest of the world has even less clues of what happened

Advanced Privacy Considerations

Of course the privacy would increase a lot by waiting a few blocks between the swap in and the swap out of LN. But that would require a node and at least Middle Way would know that there's a relation between the input in L1 and the destination LN node pubkey. If you wrap the invoice with lnproxy then you're golden. But yeah, you need a LN node for that. The proposed approach previously focuses on simplicity.
Needless to say, you do all this through Tor.
write
preview
related posts
54 sats \ 1 reply \ @ek 29 Jun
If Boltz and SwapMarket are subpoenaed, can’t they link both UTXOs via the lightning invoice payment hash?
I assume most are trying to achieve privacy from the government, but then you should also include government attacks in your threat model.
reply
55 sats \ 0 replies \ @klk OP 29 Jun
Yes...
Boltz already supports paying BOLT12 invoices but they don't generate them for receiving. With that it would be pretty solid.
Until then, for that level of privacy, I would go with an intermediate LN node and a lnproxy wrapped invoice.
reply
15 sats \ 0 replies \ @ken 19h
Bookmarked.
A very basic step we can take to gain quite a bit of privacy. Thanks for sharing.
reply
0 sats \ 7 replies \ @justin_shocknet 22h
Lightning has always been giant coinjoin, that's why it's so hated by spooks harvesting your xpub through centralized mixers and their privacy larp useful idiots.
As far as your list, I believe Zeus/Olympus now runs its own instance of boltz swaps fwiw.
all this through Tor.
Delete this, do not connect to Tor for any reason. It's another honeypot by the same spooks harvesting the xpubs of larps.
reply
0 sats \ 6 replies \ @klk OP 21h
Do you have a link for the Zeus service?
About Tor... You are probably right for exit nodes but it's still useful compared to just connecting from clearnet.
Boltz offers an onion hidden service to connect (so traffic and routing are private). And for SwapMarket there's still HTTPS to the static site hosted on GitHub (that you could also self host) and to the providers.
It's not as easy anymore for a Tor exit node to steal your information. This kind of things happened with unencrypted HTTP: https://xcancel.com/mrkoot/status/1292333024986697728
Here you can see how all providers use HTTPS or onion, ensuring encryption: https://github.com/SwapMarket/swapmarket.github.io/blob/97112a389894e9a1ab2fc514849461fbd2a92084/src/configs/mainnet.ts#L8
reply
22 sats \ 5 replies \ @justin_shocknet 21h
They announced on twitter at somepoint but search is awful, could only find this
Might just be an API endpoint you can switch out for boltz
Tor
No, just connecting to it is getting your IP flagged for additional scrutiny
Nothing good can come from using it. Rat poison.
reply
0 sats \ 4 replies \ @klk OP 20h
Looks like Zeus didn't release the atomic swaps yet. Looking forward to it.
Flagged by who? There are millions of IPs connected to Tor.
Tor has its problems, but it's a really amazing tool with very good protocol design.
Feel free to prove me wrong. IMO it's still the best tool to privately connect two points over Internet. Where the relay nodes can't know the route or the contents of the communication.
Any protocol that does that is going to have the problem of ISPs, governments, or whatever, flagging whoever tries to use it. But the same happens with Bitcoin and that doesn't make it rat poison either.
reply
0 sats \ 3 replies \ @justin_shocknet 20h
Flagged by who? There are millions of IPs connected to Tor.
Assume that roughly half are controlled by Langley and the other half by Ft. Meade, who also has telemetry in your ISP's networking equipment.
There's no reason to believe the middle node and exit node aren't colluding, there's no sybil resistance whatsover, and the fact that it only exists as a "privacy" tool ensures that its a honeypot under constant surveillance.
Anything marketed or spread through the virtue of privacy is inherently less private. This is the privacy paradox.
the best tool to privately connect two points over Internet
lol... you mean the laziest
reply
0 sats \ 2 replies \ @klk OP 18h
Do you have any data to support that assumption? Most Tor nodes are run by volunteers and decent foundations spread across different jurisdictions. There are lists to filter the nodes that you use, and protocols to avoid having all node within the same jurisdiction.
The sybil resistance is in getting the node approved.
lol... you mean the laziest
So what's the better alternative?
view all 2 replies
0 sats \ 2 replies \ @moptosh 29 Jun
What is the difference between the two URLs ? Please we are waiting for a video for beginners.
reply
5 sats \ 1 reply \ @klk OP 29 Jun
They are just two atomic swap providers (between Bitcoin and LN).
Boltz is the most famous one. And SwapMarket is an aggregator of similar providers. You could actually just use SwapMarket twice, the important part is to choose different providers.
reply
0 sats \ 0 replies \ @moptosh 29 Jun
Thank you for these details.
reply
0 sats \ 1 reply \ @avo 20h
"If you wrap the invoice with lnproxy then you're golden"
Please explain what lnproxy is and how to do this thanks.
reply
100 sats \ 0 replies \ @klk OP 20h
https://lnproxy.org/ is a service where you paste a lightning network invoice and you get a wrapped one, where the payment hash is still the same (so only you have the pre-image) but the destination pubkey is replaced by the lnproxy intermediate node. And the amount is bumped by the proxy fee (usually ~0.1%).
So when you share the wrapped invoice, you don't disclose the real destination node pubkey. And because the payment hash is still the same as in your original invoice, you don't have to trust the proxy with your funds.
Once the path is made, between the origin node to the proxy node and then from there to the destination node, the preimage is revealed and the payment is settled (as any regular LN payment).
reply
0 sats \ 0 replies \ @avo 20h freebie
"If you wrap the invoice with lnproxy then you're golden"
Please explain how to do this thank you.
0 sats \ 0 replies \ @denlillaapan 29 Jun
@remindme in 3 weeks
reply