Bitcoin has always had a scalability problem. While this cryptocurrency wants to become the worldwide money of tomorrow, it currently doesn’t have the technical prowess to do so. For the entire world to be able to use Bitcoin for their everyday payments and other financial activities, Bitcoin’s blockchain will need to be able to handle much bigger throughputs than its current 7 transactions per second.
Various projects have attempted to create third party, off-chain solutions for this issue. One such attempt is the Lightning Network, a well-known second layer solution that enables significantly greater scalability and potential throughputs of millions of transactions per second.
Lightning Network is essentially based on creating bilateral payment channels between wallets, allowing them to transfer funds to eachother in a swift fashion, without having to depend on the Bitcoin blockchain’s throughput.
The entire thing operates in a relatively simple fashion: two Lightning Network-ready nodes will create a multisig wallet, which is a Bitcoin address that requires each node to sign off on transactions with their private keys before said transactions are broadcast onto the blockchain.
Doing so, the nodes will have effectively set up a payment channel between themselves; they can “transact” by updating their mutual balances for an unlimited period of time, with instant speeds and in an off-chain manner. Once they are done transacting they can close the channel by broadcasting the final balance to the main Bitcoin blockchain.
Lightning Network is a solution that could potentially provide massive scalability improvements. However, questions have been raised regarding potential malicious users and nodes. The window for malicious action opens up when one of the nodes that’s transacting on the Lightning Network goes offline.
A malicious node that has a payment channel open with this offline node can decide to broadcast an invalid (older) balance state to the Bitcoin blockchain and thus compromise the offline node’s funds.
In a Lightning Network channel, either party can broadcast the wallet’s balance state at any time. If the malicious node broadcasts an earlier balance state, one that doesn’t contain certain outgoing transactions that were made to the now offline node, it will effectively reduce the offline node’s balance to its own advantage. This reversal of transactions can be considered a form of double spending attack.
Lightning Network has been designed in such a way that a certain number of blocks needs to be added to the Bitcoin blockchain before a LN transaction is added to a new block (and the funds are transferred to both users’ wallets).
This is a safety measure (called HTLC) which is meant to prevent one-sided state publications and cryptocurrency theft. The false state publication can be reversed/stopped by the offline node going back online, catching the malicious behavior and broadcasting the proper state to the Bitcoin blockchain before the false state is confirmed and added.
However sometimes this isn’t possible; if a node goes offline (could be intentional, could be due to hardware failure) it could stay in that state for several days and even longer, which is more than enough time for the malicious node to make its move (without the offline node even knowing). Recent updates to the Lightning Network have addressed this problem by introducing the so-called watchtowers.
Watchtowers are envisioned as always-online nodes that will monitor the Lightning Network for potential false states. Individual wallets can connect to the Lightning Network via a watchtower node and conduct their transactions with other LN wallets through it.
The watchtower node will monitor the Lightning Network channel for breaches; if it notices one, the watchtower will launch a “penalty” transaction that will return the funds to the offline node.
The entire process starts by the creation of blobs that consist of signatures and public keys which are required to punish the side that breaks the channel by broadcasting a bad transaction state.
The blobs are created and stored inside the Lightning Network wallet where off-chain transactions take place. With every new incoming payment, this wallet searches its database for previous payments which one of the channel members might be tempted to publish. Each of these payments gets its own punishment blob with the corresponding transaction ID used as decryption key.
These encrypted blobs are then sent to the network watchtower, alongside half of the mentioned transaction ID. The watchtower saves these pairs in a database and continuously monitors the new blocks in the mempool, looking for potential halfTXID matches. If a match is found and a channel breach is detected, the mentioned penalty transaction is constructed and the funds are returned to the offline node.
By automating the entire process like this the watchtowers system ensures that the funds are immediately secured in case of potential wrongdoings, while additionally maintaining the privacy of involved wallets.
Watchtowers are still very much a work in progress and some significant questions need to be answered before they are ready for commercial application. For example, sometimes a member of an LN channel can accidentally broadcast an older state due to a software bug or some other issue.
In such cases, hitting him with a penalty is rather harsh, which is why a proposal called eltoo was concocted. Using eltoo, problematic nodes would get enough time to fix their error and retract it.
Watchtowers themselves won’t be doing the service of network watching from the goodness of their hearts. Each watchtower operator will have to invest significant resources to pay for hardware, internet, and knowledge required to deploy and run such a node.
This means that they will only embark on this enterprise if they know their efforts will be properly rewarded; subscription fees and penalty transaction fees are being proposed as the go-to forms of compensation for watchtower nodes.
Subscription fees are seen as the most ethical way of compensating the nodes; this will help the operator handle the costs of running a node and also signal to the user that the service is good (it’s in human nature to connect paid services with quality). However, such fees could cause friction by slowing down the LN and giving advantage to users who are willing to pay more. Penalty transaction fees are also a tricky question as they create an incentive for the watchtower to have the watched channel fail.
The biggest cost a node operator will face is related to the storage space required to run one watchtower. Lightning Network’s watchtower implementation will be privacy-oriented, to avoid potential issues with financial surveillance which can happen with a more open, so-called business implementation.
Check out this article to learn more about why exactly data storage requirements quadratically increase with better privacy.
Analysts predict that watchtowers might become somewhat centralized into hubs of activity, due to the high overhead cost of running them and the fact that they aren’t really a crucial necessity on the Lightning Network (the number of malicious actors on the network isn’t that high).
Additionally LN watchtowers are completely useless to people who use the Lightning Network to perform only send transactions, since the other party in such a channel would have no financial interest in publishing earlier states to the blockchain.
All of this implies that watchtowers won’t be that sought after on the Lightning Network, meaning that such nodes won’t be as widely distributed as the ones that will be in charge of maintaining the network, for example.
Lightning Network, this off-chain system that will work on top of the Bitcoin blockchain is so far seen as an ideal solution for small or even relatively microscopic transactions.
However certain problems might appear when creating one-time use channels for relatively small transactions, channels that will for example be used to handle everyday costs like paying for your coffee. Each time you create a channel you have to pay a certain fee; those fees could potentially amount to be larger than the transaction itself.
All this means that the network is currently best suited for people who intend to transact between each other several times.
Larger transfers will require levels of decentralized security that LN (and its watchtowers) certainly don’t offer and will most likely still be done through the Bitcoin blockchain layer.
What’s also a curiosity with LN is that channels have caps; the amount of Bitcoin that was stored in the wallet when the payment channel was created is the maximum amount of funds it can hold.
This can also make larger transfers uncomfortable as it will require LN users both to lock away significant funds when opening a channel and trust the watchtower with a significant amount of Bitcoin.
To conclude, Lightning Network is still very much far from being completed and ready for widespread use. Some “power” users can already create channels and transact on it, but the network’s abstract technicalities might prove a bit too much for the average Bitcoin holder to understand.
Additional features are being added constantly, latest one being the mentioned watchtowers that brought significant improvements to LN users who are unable to be online 24/7 and watch their channels constantly.
The train of innovation doesn’t stop here as LN developers have a lot of work ahead of them to bring instant, secure, and even anonymous payments to the world of Bitcoin.