Author

Topic: Is Alby a legitimate extension for lightning network usage? (Read 195 times)

member
Activity: 402
Merit: 45
~snip~
is there a particular danger to run alby browser extension on a computer linked by ssh to a raspberry pi running bitcoin core ?

This sounds like you have a hot wallet, I wouldn't recommend having more than a small amount of BTC on any computer connected to the internet.

If you only have a small amount then it would be fine to run alby (which I think it's a reputable extension anyway).

If you have more than a small amount, then transfer that to cold storage.

To put it even more simply there is always a danger of having ANY funds that are accessible by ANY device that is online.
Phone / desktop / whatever.
Yes, your installation of core might be safe. But is the PC that has this extension installed gets infected and someone gains access to that machine. Then they can do whatever they want on your network.

-Dave

i see...thank you so much Dave.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
~snip~
is there a particular danger to run alby browser extension on a computer linked by ssh to a raspberry pi running bitcoin core ?

This sounds like you have a hot wallet, I wouldn't recommend having more than a small amount of BTC on any computer connected to the internet.

If you only have a small amount then it would be fine to run alby (which I think it's a reputable extension anyway).

If you have more than a small amount, then transfer that to cold storage.

To put it even more simply there is always a danger of having ANY funds that are accessible by ANY device that is online.
Phone / desktop / whatever.
Yes, your installation of core might be safe. But is the PC that has this extension installed gets infected and someone gains access to that machine. Then they can do whatever they want on your network.

-Dave
hero member
Activity: 1008
Merit: 960
~snip~
is there a particular danger to run alby browser extension on a computer linked by ssh to a raspberry pi running bitcoin core ?

This sounds like you have a hot wallet, I wouldn't recommend having more than a small amount of BTC on any computer connected to the internet.

If you only have a small amount then it would be fine to run alby (which I think it's a reputable extension anyway).

If you have more than a small amount, then transfer that to cold storage.
member
Activity: 402
Merit: 45
Alby is awesome, and the extension is open source: https://github.com/getAlby/lightning-browser-extension

You can read the code, and build it yourself if you don't trust them.

is there a particular danger to run alby browser extension on a computer linked by ssh to a raspberry pi running bitcoin core ?
hero member
Activity: 1008
Merit: 960
Alby is awesome, and the extension is open source: https://github.com/getAlby/lightning-browser-extension

You can read the code, and build it yourself if you don't trust them.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Use a hardware wallet for your main BTC software. Be it core or electrum or whatever.

So bitcoin core is considered a hardware wallet? I think I misinterpreted it.

No I mean you get a separate hardware wallet and connect it to core.

Handy video for Cold Card: https://www.youtube.com/watch?v=xc_TxlByxeY

There are a bunch of options out there for hardware wallets that was just the only video I had a link saved for.

Figure out which HW wallet works for you.

Different features appeal to different people. You can dive into the hardware wallet section: https://bitcointalk.org/index.php?board=261.0 to get more info & discuss options.

-Dave
jr. member
Activity: 46
Merit: 11
Use a hardware wallet for your main BTC software. Be it core or electrum or whatever.

So bitcoin core is considered a hardware wallet? I think I misinterpreted it.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Use a hardware wallet for your main BTC software. Be it core or electrum or whatever. This way even if your machine is compromised it's not a big deal they can't get your coins. *You can still make a mistake and get something like clipboard malware on your PC which can cause you to send funds to the wrong place but they just can't steal them.
 
For lightning payments, just keep in mind they are going to be insecure, but you should not be keeping a lot of funds in one anyway.

-Dave
jr. member
Activity: 46
Merit: 11

No, unless you utilize PSBTs, which Core supports well.

Thanks, so I don't see how one can use Bitcoin Core without asking for trouble. I suppose the best case would be to use a separate machine (online) with only bitcoin core.

What do you think is the best solution for one-machine-only Joe?
hero member
Activity: 504
Merit: 625
Pizza Maker 2023 | Bitcoinbeer.events
Yes Alby is legit but my advice since this is LN is not to hold large funds but only a small amount.  Anyway there are many other LN wallet solutions for example you could try Lightinginingbot on Telegram.
legendary
Activity: 2212
Merit: 7064
Is anyone aware of the risks of this extension, or has pursued studies on its reliability and excluded the possibility of scams?
I never used Alby myself so I can't vouch for anything, but I know people who use it for many months without any issues.
Alby is open source so any developer can inspect code and see if there are any potential flaws or bugs, but I am excluding possibility of scam.
They are very active on social media so you can contact them with your concerns, they can provide you better explanations for your questions.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org

Yes, if you are running Bitcoin Core on the same machine that is live on the internet you are asking for trouble.

I'm the kind of guy which has 1 machine only but still wants to have a full node (pruned) running and using bitcoin core as a hot wallet. Does this mean "I'm asking for trouble"? To what extent?

Generally, you should never need a browser extension to talk to your Bitcoin node, through RPC or anything. Why don't you simply run a client such as c-lightning or LND alongside your node?

Also, can bitcoin core run and work as a hot wallet in a machine that is not connected to the internet?

No, unless you utilize PSBTs, which Core supports well.
jr. member
Activity: 46
Merit: 11

Yes, if you are running Bitcoin Core on the same machine that is live on the internet you are asking for trouble.

I'm the kind of guy which has 1 machine only but still wants to have a full node (pruned) running and using bitcoin core as a hot wallet. Does this mean "I'm asking for trouble"? To what extent?

Also, can bitcoin core run and work as a hot wallet in a machine that is not connected to the internet?
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Yes it's legit.
Yes it's still a work in progress.
Yes, if you are running Bitcoin Core on the same machine that is live on the internet you are asking for trouble.

For 'spending cash' to keep it handy it's fine. To keep any amount of funds in a hot wallet is not a good idea, especially one on a machine that you are using for other things online.

-Dave
jr. member
Activity: 46
Merit: 11
I'm looking for a safe way to use Nostr and have the possibility to send and receive tips in sats.

Apparently, Alby looks like the most popular solution. I'm currently in a limbo, because I want to download it but I don't trust it enough. The extension asks me permissions to communicate with other apps outside of the browser, which certainly seems not something a guy with Bitcoin Core on the same machine should do. Moreover, it seems that Alby developers have not been verified yet.

Is anyone aware of the risks of this extension, or has pursued studies on its reliability and excluded the possibility of scams?
Jump to: