The Lightning Network is not sufficiently decentralized
2000 sats \ 36 comments \ @r3drun3 19 Dec 2023 lightning
Two factors undermine lightning decentralization:
  1. Limited number of very big nodes with many channels.
  2. Many nodes hosted on few public cloud providers (see image):
    https://m.stacker.news/8738
Mitigating the first point is challenging, except by attempting to open channels with smaller and less connected nodes.
The second point is more manageable, but it requires genuine Bitcoin enthusiasts to commence running their own Lightning Network nodes.
write
preview
related posts
439 sats \ 1 reply \ @nullcount 19 Dec 2023
TBH I would be more concerned if a majority if LN nodes were using residential IP addresses. Then, the LN gossip network would basically become a hit list for wrench attacks. Better to use an IP from a large company or the veil of Tor for home nodes. BTW, the majority of nodes are Tor only.
"Sufficient decentralization" does not mean that everyone and all capital IS PERFECTLY and UNIFORMLY distributed. It just means you have the option to be less connected if you want. Economies of scale are real and people are free to take advantage of them. The network remains decentral as long as there is choice and switching costs aren't prohibitive.
Similar to mining pools, its almost trivial to migrate an LN node to another host, or use another VPN provider for the node's IP if the one you're using starts to misbehave.
reply
0 sats \ 0 replies \ @duuv 20 Dec 2023
Great comment about what sufficient decentralization is. I guess there's decentralization regarding authority, networking and capital.
reply
426 sats \ 4 replies \ @pillar 19 Dec 2023
I would like to add a nuance. Remember that there is no such thing as The Lightning Network, just like there is no such thing as The Mempool.
You can happily build a small network with those around you and keep it isolated without any issues. Less exciting, but it works. There could be a number of people using it privately in this fashion without anybody else knowing. It would surely make sense for large players, like exchanges, to have their own connections that they use among themselves for settlement. And for these nodes and channels to remain private, only known by those involved.
Having said that, due to game theory, at some point someone will probably connect you to the rest of the world even if you try to stay isolated.
reply
31 sats \ 0 replies \ @anon 19 Dec 2023
Good point! Also an important aspect to add to this: the chart is missing THE PRIVATE NODES and channels !
... something that you can't "see" in these meaningless charts and nobody knows how big that "private network" is.
reply
0 sats \ 2 replies \ @bartoli 19 Dec 2023
Last time I looked from the network graph, more than 99% of the nodes were connected together. I at some point thought that finding those 'islands' was a good idea, to get lots of traffic by being the bridge between them, so I built a tool to check that The few that are not connected keep it that way for a reason.
reply
0 sats \ 1 reply \ @elysia 20 Dec 2023
What tool did you build?
reply
0 sats \ 0 replies \ @bartoli 1 Jan
Sorry i did not see the reply. This was in the early code for my lightning node channel advisor (www.lnshortcut.ovh). But as i found out there was actually no 'island', i just abandonned that code.
reply
269 sats \ 8 replies \ @theinstagibbs 19 Dec 2023
Decentralization is not an end, it's a means. What are you looking for decentralization to give it.
reply
0 sats \ 7 replies \ @sudocarlos 19 Dec 2023
Probably better guarantees of LN's continued operation without KYC requirements and less single points of failure such as AWS outage possibly creating a significant impact on the network.
reply
0 sats \ 6 replies \ @iguano 19 Dec 2023
You will always be able to avoid KYC on open protocols.
reply
0 sats \ 5 replies \ @sudocarlos 19 Dec 2023
But to what extent will it useful? Two distinct LN networks would suck and the non-KYC network would likely be smaller and less useful.
reply
0 sats \ 4 replies \ @iguano 19 Dec 2023
the nodes on the center doesn't know where the payment come from and where it goes. So if 3rd node is able to connect to the node asking for kyc, and you are able to connect to that 3erd party node. you will be able to route payments via the KYC node without them to know.
reply
0 sats \ 3 replies \ @sudocarlos 19 Dec 2023
More realistically, the larger nodes will have kyc agreements with all channel partners, a whitelist. And they may have have to prevent connections from all other nodes. That is where my idea of kyc vs non-kyc lightning networks comes from
reply
0 sats \ 2 replies \ @iguano 19 Dec 2023
ok, lets say, me iguano, did a kyc with bitrefill and I have a channel with them, and you create a channel with me, (i did not request from you kyc) how will bitrefill know?
reply
0 sats \ 1 reply \ @sudocarlos 19 Dec 2023
If it's unannounced, they wouldn't know. But you can probe for unannounced channels and when a partner is found to be in non-compliance they might be removed from the white list and the channel is closed
view replies
117 sats \ 7 replies \ @anon 19 Dec 2023
Misleading title and content. You better start reading our fellow Darth guides https://darthcoin.substack.com/p/omg-ln-nodes-are-running-on-amazon
reply
0 sats \ 6 replies \ @r3drun3 OP 19 Dec 2023
I think that article is over simplistic. More than 30% of all LN nodes on the mainnet running on 5 cloud providers is a problem.
reply
15 sats \ 3 replies \ @anon 19 Dec 2023
More than 30% of all LN nodes on the mainnet running on 5 cloud providers
How do you know that? Just by reading a chart showing a bunch of IPs? Do you know how IPs works? From your answer seems that you don't. If I buy an IP for my home server from amazon cloud, does that mean my server runs on amazon cloud? Is is it literally hosted on amazon cloud? The answer is simple: NO.
So please DYOR before posting crap.
reply
0 sats \ 2 replies \ @r3drun3 OP 19 Dec 2023
Private citizens dont usually buy IP on aws or gcp or azure :) If your node has an "aws IP" which is really a dns name, is it becaus your node instances is running as a service within aws and have a public elastic IP associated to it.
reply
0 sats \ 0 replies \ @endothermicdev 19 Dec 2023
nah, a wireguard vpn setup is more common than you think. I know several node operators who prefer this setup for speed + reliability + privacy. https://github.com/wtogami/vpn-nat-service-forwarding-howto
reply
0 sats \ 0 replies \ @aljaz 19 Dec 2023
thats not entirely true, utilizing aws free tier to get a clearnet ip and then vpn that to your home node is a use case that i've seen at least few noderunners utilizing
of course this is node disproving your original thesis that a lot of capacity is running on major cloud providers but that is a different (non)issue
reply
10 sats \ 1 reply \ @rajab 19 Dec 2023
The page itself states, "(Tor nodes excluded)". So that page is only displaying information about less than 30% of the total number of nodes on the network (source).
So this statement:
More than 30% of all LN nodes on the mainnet running on 5 cloud providers is a problem.
Is incorrect. It would actually be 30% of 30% are on 5 cloud providers, which is 9%, as far any anyone can actually prove.
reply
0 sats \ 0 replies \ @elysia 20 Dec 2023
And private channels
reply
52 sats \ 2 replies \ @notgeld 19 Dec 2023
This is not metrics for decentralization. Because we can quantify it and it will be different for different amounts.
That means for 10K payment it is not important if node has 1M or 10M channels, so it must be lower bound and connectivity will have nothing to do with large players. More cheap alternative routes will be available.
reply
0 sats \ 1 reply \ @r3drun3 OP 19 Dec 2023
Yes and no...what will happen to the network if the biggest 200 nodes (on 16.000) will desappear tomorrow? In a strongly decentralised system nothing...in our reality there will be many problems.
reply
0 sats \ 0 replies \ @notgeld 19 Dec 2023
It will be bad. However, that will also mean more opportunities for everybody else. Many payments fail, and somebody may not even notice that 200 nodes went offline.
reply
42 sats \ 0 replies \ @m00ninite 19 Dec 2023
Some nodes are hosted at home, but tunnel through a cloud service. This will look like they're running in the cloud, but they are not. Check out PlebVPN
reply
21 sats \ 1 reply \ @badabing 19 Dec 2023 freebie
Majority of nodes are behind Tor. You don't see those in that overview.
reply
0 sats \ 0 replies \ @m00ninite 19 Dec 2023
Tor-only nodes might as well not exist at all. The reliability is horrible and makes for an awful lightning route. It's a good fallback, but nobody should be tor only
reply
10 sats \ 0 replies \ @r3drun3 OP 19 Dec 2023
https://mempool.space/graphs/lightning/nodes-per-isp
reply
0 sats \ 0 replies \ @ladyluck 20 Dec 2023
Node runners use what they know per the centralised cloud providers, given time they can migrate to decentralized ones
reply
0 sats \ 0 replies \ @joko 20 Dec 2023
This image is misleading as it does not count nodes that are behind Tor.
Still, we need more decentralization.
reply
0 sats \ 0 replies \ @jinformatique 19 Dec 2023
Is there a way to know how many nodes are running on TOR?
reply
100 sats \ 0 replies \ @Line2Wire 19 Dec 2023
deleted by author
reply
10 sats \ 0 replies \ @shyfire 19 Dec 2023 freebie
deleted by author
reply