pull down to refresh
0 sats \ 2 replies \ @justin_shocknet 4h \ parent \ on: The Lightning Custody Spectrum - Your Keys, Not Your Coins? lightning
Their LSP opens a channel to the node on the phone, the lack of management is the automation of that. The node being on the phone is because that it is the full signer, the LSP is just the default channel peer.
They may be doing that with zero-conf or an up-front purchase, which would still make that trusted until such time the channel is broadcasted and confirmed, but that's a separate matter from blind signing all future transactions.
From a marketing angle I think you guys would be better positioned to highlight that a Lightning node needs to operate in a demilitarized network zone to handle client connections from the open internet, and therefore VLS can separate the key storage from that intp a system on an otherwise dark network that maintains only a single connection to the node.
That's a pretty niche requirement for people though, more of an enterprise-scale thing. Even the demilitarized node can limit connections to only the 9735 port, and perhaps an IPtable whitelist for systems to which RPCs are called to/from.
Ah ok. I will update Blocktank as well then.
And yeah, it seems blind signing is not being used anywhere. So the focus should be on the improved security VLS can bring, to your point. Seems I have more work to do to change our positioning back to security.
Appreciate your feedback!
reply
Thanks for taking it well 🫡
I know Ken has put in real work so I'd be happy to see that find a market fit. Might be useful to us at future scale.
reply