Day 1: Lightswap – Building in Public, No Curtain \ stacker news ~builders

pull down to refresh

Day 1: Lightswap – Building in Public, No Curtain

2784 sats \ 20k boost \ 14 comments \ @stackingharder 25 Aug builders

Most people wait until everything is perfect before they share. I’m doing the opposite.

For the next 21 days I’ll be building Lightswap in public. Every day: one post. Honest updates. Wins, missteps, what I’m designing and building as I go.

Because building something new shouldn’t happen behind a curtain. It should invite people in.

So...

Today I published the FAQ on our homepage. Its goal is to clearly explain what the product is, what it isn’t, and how it works. A few repeating questions have come up and it’s important that they’re answered publicly and that we're clear on who we are and what we're building. If you have any questions please let me know!

view all related items

21 sats \ 9 replies \ @stackingharder OP 25 Aug

What’s one thing you’d like me to share over the next 21 days? Design sketches? Security model? Behind-the-scenes of building?

121 sats \ 3 replies \ @Scoresby 21h

I'm curious about the trust model: it seems that Lightswap is mobile only. So, I'm at least trusting that my device isn't compromised (although I could imagine some ways you mitigate against that). But what else?

If I can independently verify deposit and withdrawal addresses on hardware signers and on exchanges, that helps.

If the keys always remain on the signing device (which means I have to sign every transaction on with my signer), I'm not at risk that lightswap gets my keys.

I'm sure you've thought through this stuff endlessly, but I'm curious to know where you think I end up trusting LIghtswap -- what are the failure cases?

204 sats \ 2 replies \ @stackingharder OP 9h

Great question and one we’re constantly thinking about.

Where you trust Lightswap:

The app itself (and future updates) aren’t malicious.

The UI shows you the correct addresses and amounts — and you verify them in Lightswap’s confirmation screen and on your hardware signer’s trusted display before approving.

Our backend that parses your text intent isn’t exfiltrating sensitive info - although we don’t have any private information- we don’t ask for or know your name, personal details, or keys — just the natural-language request.

Failure cases we think about:

Compromised device or malware
Malicious/supply-chain app update
UX mistakes (e.g. skipping checks in-app or on your signer and approving blindly)

These are the same classes of risks you already have with, say, a Kraken or Cash App client or a hardware wallet. We mitigate with Secure Enclave storage (or equivalent), clear verification prompts, seeing or storing as little information as possible, open-sourcing our code and aft some point we’ll explore reproducible builds so anyone can verify what the binary does.

As you said, you can always verify deposit/withdrawal addresses independently on your hardware signer or exchange, and that’s encouraged. Our aim is to keep the trust surface as narrow as possible.

No system is perfectly trustless but we want users to understand exactly where trust is required and to minimize it wherever possible. Questions like this help us get there.

21 sats \ 1 reply \ @Scoresby 9h

Thanks for the reply! Do you anticipate Lightswap being able to interact with multisigs? (working with more than one hardware signer at a time?)

Also, will users need to create new wallets in Lightswap or will Lightswap be able to import an existing Bitcoin wallet (like from a .dat file or a descriptor)?

102 sats \ 0 replies \ @stackingharder OP 6h

We love multisig but for v1 we’re laser focused on single sig.

Yes you’ll be able to import wallets using descriptors. We don’t have .dat files on the roadmap but we’ll add it to our future features voting board so people can tell us what they want to see.

158 sats \ 2 replies \ @Car 25 Aug

Give us a video walkthrough of the platform.💫

11 sats \ 1 reply \ @stackingharder OP 25 Aug

Absolutely! Video makes it real. It's on our list of things to drop next month.

21 sats \ 0 replies \ @Car 25 Aug

Cool! Even if its just your thoughts on what you are trying to build. Speaks louder than words on a page.

121 sats \ 1 reply \ @ek 21h

the hard stuff

100 sats \ 0 replies \ @stackingharder OP 9h

There’s plenty of them… but let’s do it! Expect posts on the messy parts too.

21 sats \ 1 reply \ @ek 21h

I wanted to do something similar so I'll definitely be following along!

100 sats \ 0 replies \ @stackingharder OP 9h

I love this! The honesty, the insights, the grit. I’ll be looking out for your progress too!

21 sats \ 0 replies \ @hasherstacker 25 Aug

Nice approach. Interesting!

0 sats \ 0 replies \ @stackingharder OP 2h

Here's Day 2: #1195166