Topic: Is Lightning Network inherently flawed due to required 24/7 online (Read 329 times)

Watchtowers are a non-starter for me, and I'm sure for many people. If I'm gonna put my money in something like Bitcoin it is for the security, if I have to pay someone to make sure my funds aren't stolen that kinda ruins it. Needing someone else to watch your money in what is supposed to be a secure value network  just so that your money isn't stolen is a pretty terrible prospect for getting people to join that network. Watchtowers are dead on arrival for most people.


And I certainly wouldn't say not always online is less and less true. For certain people sure. But how about people not in first world countries? Or how about if you go on a camping trip haha. I don't know what the lock up time period is to close the channel after one party tries to close it, I read yesterday that its 1000 blocks (~7 days), if that is true and you just have to get your LN client online within a week, combined with the threat of penalty of losing all funds for the bad actor, then this SHOULD be an extremely rare problem.
Also I'm wondering will LN clients be usable on phones? How much data would routing LN payments take up on a mobile data plan assuming it is just running in the background all the time? If a mobile LN client runs in the background it would seem like you'd only want it running when you're on wifi and not using mobile data. If the computer LN client app can run in the background of the computer without keeping the app open so that anytime the computer is open and online the LN client is connected then sure the vast majority of people will likely not have to worry about this attack vector. Still though people will in general need to know that the only truly safe way to use LN is to make sure your app is connected at least once a week (or whatever the lock out time for closing a channel is).

Also I'm wondering how the updated state of LN transactions are stored. If you lose the state another party is 100% free to use an old state to steal your funds. Would that just be stored locally on the device? That would be pretty terrible like your device dies and suddenly you can't close a channel and can't stop someone you have a channel with from stealing your money. Or will LN clients keep it all in the cloud? In general there's still lots of questions about how safe it will be to use LN, the only reasonable answer will be 99.99999999%-100% safe, without a need for some paid service like watchtowers. Hopefully there will be common sense answers to all of these and not just hey you have to accept bad concepts like watchtowers due to the inferiority of the setup.

"Not always online" is less and less true: how often do you turn off your cellphone mobile data AND wifi?

In addition, we are already working on figuring out how to implement trustless blinded WatchTowers. https://lists.linuxfoundation.org/pipermail/lightning-dev/2018-April/001196.html

Until people receive their salaries as Bitcoin on Lightning, it is likely that people will convert legacy fiat to some exchange tokens, and then redeem the exchange tokens as onchain Bitcoin and/or onLightning Bitcoin.  So we can also expect that people who use Lightning for payment will periodically refill their channels from their preferred exchanges.

Even if exchanges do not directly support Lightning, most exchanges support transferring funds directly between users, and individual users may set up small businesses to convert the tokens of an exchange to and from onLightning Bitcoins, i.e. send me a Lightning invoice and your exchange tokens, then I will pay the Lightning invoice, or get a Lightning invoice from me and pay it, then I will transfer exchange tokens to you.  Such bridges would help both buyers (who get their salary/earnings in fiat) and merchants (who have to pay their employee salaries, taxes, and so on in fiat).

Further, even if exchanges do not build channels to each other, arbitrageurs (who make their living by moving Bitcoins between exchanges that have differences in exchange rates until the differences drop to negligibility) will want to use LN for the speed of transfer, which lets them move first to stabilize prices across exchanges.  This means arbitrageur nodes will make channels to many exchanges and effectively connect different exchanges together in the Lightning network; the more arbitrageurs there are, the more capacity exists to transfer funds between exchanges.

Dammit I'm gonna triple post here but whatevs.


After commenting and thinking about it and reading through people's posts, here's how I see the LN:


1. LN is perfect for creating new use cases like micro-payments and competing with credit cards for instant online or even in person payments. So that is huge.

2. Though the number of people using the LN will be extremely hampered by Bitcoin's blocksize, especially since it has to compete with normal on-chain transactions as well. Of course if you and the person you opened up the channel with both fund that channel for a while and if you receive money occasionally then that channel could stay open for a long time. So some channels might have very long lifetimes, but most will likely be closed fairly regularly, and obviously if you only spend money and don't receive money that will be closing and re-opening regularly and that is indeed the greatest use case of the LN. So unless the blockchain can start handling many more txs the LN usage is going to be very limited.

3. LN protocol opens up not-always-online users (most people) to the possibility of losing funds they have received over the LN by bad actors if they go moderate periods of time of not having their LN client connected. The penalty for being caught as a bad actor will hopefully make these attempts very rare, but it is still a risk if you have received funds from a party you don't fully know and trust.

4. The always online requirement will make LN function as a money passing client worse than existing apps like Venmo, but with clever UX it perhaps won't be too terribly much worse.

5. Always online merchants will likely make up the backbone of the LN, with regular users nodes dropping in and out of the routing network all the time when they go on and off line. The big merchants may well rarely need to close channels once/if the network becomes widespread because they can make their business payments over the LN using the money they've received over the LN. They will likely have some side channels open that they send money to from their main channels and close whenever they want to get money out of the LN, while keeping their main channels open permanently.

I could see exchanges implement LN channels.

But lets see a normal use case for users sending coins to exchanges:
I've got some coins in a wallet, I send it to an exchange, do a bunch of trades and at some point in time later send my coins back to my wallet. If I'm not gonna then close the payment channel but instead let it sit there to continue using at some later time, my money is put at risk of the exchange being a bad actor and closing the channel from the previous receipt in which they have all my funds. If my LN client isn't online to dispute that in time they get all my money. Hopefully the exchange wouldn't do that (and of course they get penalized if they are caught which should keep bad actors to a minimum), but speaking more generally about the LN that will always be a risk (losing all your money) for the average not always online user that takes payment over the LN at any point.

Now if I'm just gonna close my payment channel once I've sent my coins back to my wallet and therefore not put myself up for risk of losing funds, then why would I have used LN in the first place. I had to pay for two on-chain transactions to open and close the channel, which is exactly the same as if I didn't use the LN.

There isn't any real reason to use LN for such a transaction, as you acknowledge.

But to answer the question:
You could of course send 2000 BTC from multiple channels to a single recipient. The payments wouldn't be combined in any way though, they'd just be sent separately. You could also obviously just send your 2000 BTC spread across multiple channels into a single channel and then sent it to the recipient if you for some reason wanted it to all be in a single LN tx. Though I don't know the likelihood that your payment would find other nodes across the network with at least 2000 BTC in them for your payment to be routed, that seems very unlikely, unless major merchants decide to super fund some payment channels creating a highway in the LN for extremely large transactions.

Can we prevent hubs like exchanges to be controlled primarily by Banks, when large amounts of bitcoins are send? Let's say

you have 2000 BTC and you want to send that over the LN. Could multiple funds from several channels be combined to send

that amount or do you have to use a single pre-funded channel with 2000 BTC, to do that?  
tx's would do fine and the LN is primarily meant for micro transactions..... but what if you want to use the LN?>

Exchanges are almost always online. They are a perfect use case for LN, and eventually they are probably some of the most likely "hubs".

Users that are moving funds from an exchange to their wallet will almost always be online while they are moving those funds to their wallet.

Any intelligent exchange operators will establish LN channels between their own exchange and any other popular exchanges so that funds can be sent off-chain nearly instantly between the exchanges with extremely low fees.

Any intelligent exchange operators will eventually implement LN transfers into and out of the exchange (allowing users to transfer funds faster without needing to wait for confirmations, and keeping those transactions off-chain).

Depending on usage, this may not be particularly important.

If you only use LN for paying, you would use some kind of exchange service that converts from legacy fiat to LN Bitcoins, or onchain Bitcoins to LN Bitcoins.  While you are using that to refill your channels, you would keep yourself online until you confirm that you could receive all of the funds correctly on your LN node (because if not, you should go complain to the exchange service).

The use of proof-of-payment in LN also means that it would be possible to make use of some conversions (e.g. onchain Bitcoins, or an altcoin, to LN Bitcoins) in a trustless manner, by requiring an onchain HTLC to claim your onchain funds in exchange for a preimage that you provide for getting paid onLightning.  So in such a case, if the exchange service reneges on paying you onLightning for onchain funds (or vice-versa) then all you lose are onchain fees to offer the HTLC and reclaim it in case of failure.

Yeah no doubt LN is great in that it is adding use cases to Bitcoin and taking the txs for those use-cases mostly off-chain.

But to be clear, things are running smoothly right now cuz Bitcoin is out of a hype phase right now. Even with segwit as soon as the market starts going nuts again the blockchain is gonna start grinding and fees are going to go back up to multiple dollars. And LN really is for opening up new use cases, like micro transactions. Considering most of txs people do now is for moving betweens wallets and exchanges and very little is actual purchases LN isn't going to clear out much of the txs for current use cases, meaning blocks will be getting just as full (and far more full in the next hype phase as many many more people get into the market than did in the last hype phase). Actually batching txs from online services that were implemented this year will help a lot more than LN or even segwit in making space available for current use cases.

LN sure opens up some new use cases and allows total scaling within that use case, which is making many small or even micro payments cheaply and instantly. And that is fantastic! But the vast majority of txs so far are from use cases that wouldn't make sense to use the LN for - moving your coin from exchange to wallet or wallet to exchange or exchange to exchange. And its those txs that brought Bitcoin to a grinding halt towards the end of 2017, not the LN use case of regularly purchasing things as we all know the actual use of Bitcoin for purchases is very tiny right now. So no, on-chain transactions won't be fast because of LN, actually they'll be slower and cost more because LN opens up to use cases and you need to open and close payment channels to take advantage of those use cases which will congest the blockchain more than before LN. I could easily see a scenario in the next couple years where with realistically about 6 tx/sec capacity with segwit there being 10 on-chain txs a sec trying to get confirmed and another 10 payment channel open/closings per second trying to get confirmed. More use cases results in more on-chain congesting because LN still has to hit the chain.


Anyway, obviously LN will be great for creating more functionality for Bitcoin and opening up the practical use cases for Bitcoin, but it really is only one step in a many step march towards scaling for Bitcoin. It's online requirement makes it a mediocre service for sending regular people money (though with good client app UX it might at least be passable in this regard), and great for one-way use to buy things from always-online merchants. Though of course the LN is gonna be very unusable without a solution to on-chain scaling to free up space for people to open and close channels.

Seems to me that OFFLINE transaction requires a ledger, if not blockchain then some similar product. Online LN has intrinsic privacy by not having that ledger. You can't have them both, and be capable of scaling.

I admit that it's possible to conceive of some functionality that has a public ledger and privacy, etc. There's usually a way to stretch a technology and find a way forward.

But we need to clearly conceptualize these issues, and their implications.

HAMILTON - YOU LOGICAL BEAST !

Very well said.

And as for not being online.. I know people who haven't missed a single minute of Clash of Clans in years .. I think they're going to be online to check their money.. ( we'll catch up later )

Of course. Yet people use services such as Coinbase as a wallet. Some people even seem to prefer centralized cryptocurrencies for whatever good they are, but that's a different matter.

Like Danny pointed out, it's all about options. If centralized watchtowers become a thing I would definitely recommend people to avoid using them, just like I recommend people to not store money on exchanges or other centralized services. Some people may prefer it for convenience or whatever other reason one could think of. But keep in mind that using LN is both optional and probably not the end of the road as far as scaling is concerned. The Bitcoin base layer, ie. on-chain transactions, can still be used as is and other scaling improvements or protocol layers may come up in the future.

LN does not have to become THE payment platform / scaling solution for Bitcoin. But as long as it keeps some of the load off-chain it will definitely help.



Fair enough. Let's hope LN covers enough use cases to help keep transactions off-chain then



And that's exactly what I mean by good user experience mostly being a question of hiding and providing the right amount of information. Just because some aspects of LN's user experience are currently imperfect doesn't mean it has to stay that way.

Remember as it stands now, the Lightning Network's main focus is to reduce on-chain transactions by adding second layer applications to handle micro transactions. On-chain transactions can still be done at a slightly higher fee than with LN transactions.

To me, the LN is adding options and improved features to the Bitcoin network. Even without the LN, and only with the addition of SegWit, things are running remarkably smooth. Just imagine how fast on-chain tx's will be once all micro transactions are running on the Lightning Network.  

Bitcoin already is adopted for wide usage.  It has FAR more usage now than it did in 2013.  It had FAR more usage in 2013 than it did in 2009.

That's WHY we are talking about scaling and the related issues, BECAUSE bitcoin continues to be adopted for wider usage.

Build useful tools, the market will find ways to use those tools.  It is impossible to know what people will be doing in 10 or 20 years. Any attempt to predict the future of technology is futile. All we can do is build ever better tools that provide more options and then wait to see what the market does with those tools.

LN is just another tool providing yet another option.  Many people WILL be online when they are making their transactions.  As such, THOSE people will have LN as a low cost option to take nearly instant transactions off-chain without a centralized third party.  Doing so will free up space in the blockchain for those that need/desire a decentralized solution while they are offline, reducing congestion and cost on the blockchain.  Furthermore, as you've already pointed out, the "average person will choose to trust a third party". For low risk transactions and small values there are MANY people that will gravitate to centralized solutions for exchanging Bitcoin value. Those transactions ALSO will not be on the blockchain and will free up space for those that need/desire it.

There is no reason to think that additional tools won't be developed in the future to improve the scaling even more.

Perhaps someday everyone will be using Bitcoin every day.  Perhaps Bitcoin will never be more than a niche currency for special use cases.  Perhaps Bitcoin will become a backbone for settlement between local providers of value exchange. The point is for bitcoin to be a decentralized, global, trustless, permissionless payment system.  The market will decide the best use case for that system with the available tools at any moment in time.


LN scales just fine for online transactions.

Offline transactions can choose between on-chain solutions, or centralized solutions, or whatever new tools are created in the future.  Do you have any good tools you'd like to suggest to allow offline, decentralized transactions at scale?  If not, then all we can do is wait until someone else comes up with one.  Meanwhile, we'll scale where we can.


And LN offers a new feature that wasn't there before.  As such, people that wouldn't have chosen Bitcoin before may choose to do so now.


Or, being able to send money nearly instantly, easily, and cheaply from their computer or phone to anyone in the world that is online?


The number of users will grow to match the utility.  LN adds utility, it doesn't reduce it. As such, the number of users will increase, not decrease. LN isn't taking away the ability to perform on-chain transactions, it is just adding an option for online (off-chain) transactions.


I'm saying people can choose if they want to use bitcoin AS a "standard centralized service" (such as Coinbase.com) OR if they want to use bitcoin as an online instant service (such as with LN) OR if they want to use bitcoin as an offline approximately 1-hour service (such as with on-chain transactions) OR if they want to create a new tool for using bitcoin (there is no permission needed to create any tool you can think of).

It's that flexibility that allows bitcoin to grow and expand to the limits of what the users can think of for as long as it exists.

Yeah I mean for watchtowers...the point of decentralization is to NOT to have to trust others and pay them for that trust, the point is to cut out the middleman, hence Watchtowers would seem a big step backwards from decentralization.

I agree Bitcoin should stay as decentralized as possible, but if it can't scale then it isn't really a global currency. In that case it only enables a tiny fraction of the globe to take part in trustless permissionless payments.

Anyway I'm just starting to see LN has some unfortunate flaws in its model to become THE payment platform of Bitcoin. I do hope it is used a lot because it will be a great solution for handling a certain use case - sending money to (always-online) merchants, and to a lesser extent sending money to normal users when they happen to be online. But that always online requirement makes it impossible for it to beat out something like Venmo because it quite simply isn't as good as the centralized solution that doesn't have that always online requirement. Hopefully the design of the LN client applications hides some things and lets you know who is online and who isn't and if the application could queue up a payment until the other user got online that'd be pretty crucial too.

The point of Bitcoin is to enable global, trustless, permissionless payments and to provide an alternative to already existing centralized services. Mass adoption is a nice-to-have but not the main goal -- at least in my opinion.

Now I'm not saying that user experience isn't important. I'm just saying that it's secondary to keeping Bitcoin as decentralized as possible. Also I'm fairly positive there's still room for improvement despite certain technological limitations. After all creating a good user experience is mostly a question of hiding and providing the right amount of control and information.



Most people already pay someone to check and make sure someone else isn't stealing your money. Banks, credit card providers, PayPal, etc do just that. With the exception of banks they merely got fairly good at hiding these costs from the average consumer.

That being said, I don't think watchtowers are a good solution either. Unless we find a trustless way to solve this issue, that is.

Might point is for Bitcoin to be adopted for wide usage it needs to be as easy/convenient to use as current centralized options. The average person will choose to trust a third party that they've never had a problem with over using a more secure service that is much less convenient.

On-chain doesn't scale, which is why we have LN, but to send money to an offline counter-party you can't use LN, so those types of payments don't scale because they have to be on-chain.

People are going to make the decision to use Bitcoin based off of features. For instance being able to can send money to anyone in the world easily and cheaply from their computer or phone and they'll have it in one hour and you don't have to wire the money or have have the same bank. But if you can only do that when they are online with their LN running and you can only receive money the same way or instead do on-chain and pay what will eventually be untenable fees that means less utility, therefore less users.

You're saying people can choose if they want to use bitcoin or a standard centralized service. Well of course. But isn't the point to get them to use Bitcoin, but that will only happen if the UX is as good as current options, and needing to be online 24/7 for LN cuts out an important use case for bitcoin.

You are aware that those are:
"centralized trusted third parties that provide client applications that you fund . . . , but you trust them to control your [funds] in the payment channel"

Right?

If you like that solution, then you can use it (with or without Bitcoins).

If you prefer a decentralized solution with an offline counter-party, you can use on-chain transactions for a fee (something that Venmo and PayPal DONT offer).

If you want a decentralized solution with low fees, you can use Lightning Network whenever you and your counter-party are both online (something else that Venmo and PayPal DONT offer).

It seems to me that Bitcoin offers MANY options in how to use it.  It is up to the user to choose the solution that works best for them in any given situation.  Venmo and PayPal don't allow their users to make such choices at all.

As far as Watchtowers that seems like a bad idea to me, because that would cost money, so you have to pay someone to check to make sure someone else isn't stealing your money. Why would the average member of the public choose to use a payment network in which that was the case? They wouldn't. I certainly wouldn't.

Also assuming "in the future" we'll always be connected 24/7 is a horrible assumption to make, because it isn't true. I'm often offline, whether my computer is closed or turned off or just not in a place that I have wifi. And it is very easy to be out of range or just in general not online with a phone as well.

So neither of those things is a reasonable solution.



Now if the LN client can tell you when another LN client is online or offline, I assume that would be possible and is the only reasonable UX I can think of for this situation, then at least you could just be oh I'll have to pay them later when they are online. Or if you could make a payment wait until the other party comes online in which it automatically fires it off that would be decent. But still this setup is far worse than current payment app setups like Paypal and Venmo.

1. True, if user only send Bitcoin and never receive Bitcoin, they don't need online 24/7 since receiver won't have advantage by broadcast earlier HLTC commitment.
2. There's solution for "user need to online 24/7" which is Trustless Watchtowers, even though i've no idea how reliable or trustless this idea/service.

Also, in future this won't be huge flaw considering most people will have access to internet 24/7 and LN wallet can run background to watch on-chain network either on Smartphone (most likely) or Computer.