214 sats \ 7 replies \ @BBitcoinUSA 11 Aug 2023 \ on: Interest in a Lightning Address Alias Service? bitcoin
Definitely interested, tech simpletons like me need a lot more help in this department
That's good to hear. What would you use lightning address aliases for? Anything that wasn't mentioned above?
Understanding all the potential use cases will help me build a better product if I push forward with this.
reply
For me it would be in terms of logging into sites and services with Lightning. I haven’t been doing this to date due to my lack of understanding in the tech/tracking/privacy department. So I’ve been using one of those email alias tools a lot lately for creating online accounts (in the middle of a job search and have to do that frequently). But I still have all of the usual concerns about those tools in terms of data breaches, hacks, etc I hear so much about in the news, such as that password manager last year which had some big breach I read about, blanking on the name of it.
reply
I will need to look into whether or not I could support lnurl-auth (the flow used to log in with lightning) with my planned approach, I'm not sure that I could.
My focus, initially, at least, would be on aliases receiving payments.
reply
still a great idea, does anything else like that exist yet? about the drawbacks,
- Requires having an existing lightning address to use as the Destination Address
- The payee pub key would be the same for all aliases and the Destination Address. Theoretically aliases and the Destination Address could be linked by mass requesting invoices from addresses, decoding them to gather pub keys and using those pub keys to link addresses, breaking the privacy of the aliases.
#1 doesn't seem to difficult to overcome
#2 I think it's definitely a valid concern, but the undertaking required for someone to achieve that would be pretty massive, but I don't understand tech enough to say that with any confidence
reply
I haven't seen anything else like this, but it's possible I have missed it. There are services like https://satspay.to/ which allow you to create a lightning address and point it at your own lightning node, but that is quite a bit different than the aliases I have planned.
Regarding Drawbacks:
#1: Agreed, we would probably just refer users to a service such as Alby or even Stacker News to get their first lightning address if they did not already have one.
#2: I'm still debating internally whether this drawback defeats the entire point of the aliases. If you are using aliases to stay 100% private, any way to pierce that privacy veil, no matter how difficult or theoretical that threat is, is likely a deal-breaker. But if you simply wanted aliases to add a bit of privacy and the ability to use multiple lightning addresses that point to a single wallet, I can see that use case. I'd love more feedback and thoughts on this, to anyone lurking.
I'm just not sure how many people would use the aliases if they were not 100% private, it's probably a pretty big drawback.
I really, really appreciate your feedback @BBitcoinUSA
reply
Happy to help, I think the added convenience would definitely outweigh the risk for most people, but I wouldn't want to encourage that since most people just aren't aware of the risk in the first place. I'm probably missing something, I don't think I understand how onerous the process is for mass requesting invoices and then "decoding the invoices" would be - is it just a matter of running each invoice through a hash calculator type of thing or do I have it all backwards?
reply
LNURL auth has nothing to do with lightning. Just the seed words you use for your lightning node. There's non lightning apps that log in via lnurl auth. Doesn't publicly tie to your node or across multiple services.
reply