Using lightning to send bitcoin payments has not been as safe as users would wish it to be, majorly due to the risk of losing funds if the hardware becomes corrupted or fails for one reason or the other.
Keeping channels safe is one of the areas v0.6 of the lightning implementation LND addresses following its release last week.
Up to now, the safety of user funds in a channel really depended on the state of one file- the channel.db file. So, if this file is lost or gets maliciously damaged, then the user loses all their money.
Especially vulnerable are bitcoin lightning enthusiasts who run nodes on devices like the Raspberry Pi.
But as Olaoluwa Osuntokun, the CTO of Lightning Labs says, the new implementation introduces “static backup channels” that ostensibly provides back up to the key file.
The new LND technology simply makes it possible for users to create a copy of the critical file, which is great as users can now save the latest file version of their bitcoin lightning wallet somewhere else.
This, in essence, helps minimize the risks associated with losing the file as a result of damage to the hardware or accidental altering when corrupted.
Note that the bitcoin blockchain stores every transaction on several thousand nodes spread across the globe. The difference with off-chain technology in lightning is that only a user’s computer stores the transaction data related to the state of payment channels.
It follows that losing this file or accidentally running an older channel.db version could result in total loss of money. A user also risks being called a cheat by a peer and face a penalty. But saving the channel.db file in multiple locations ensures a user can be assured of securing their funds.
Latest version of LND client
Patrick Lemke, a developer who has written on the topic before, says that running the latest LND version automatically creates “a backup” consisting of all the information a user needs to recover and rescue their channels should they lose the channel.db file.
In December, Osuntokun commented in a pull request (PR) that the new version is released as a “safe” option when compared to related methods of backing up a file “like rsyncing or copying the channel.db file periodically.”
He explained that one of these other methods could pose risks as it wasn’t easy to tell if they contained “the latest state of a channel or not.”
The implementation is thus aimed at providing lightning users with a simple and safe way to recover their settled funds when a loss occurs.
Users are advised to switch to the latest version, as running the older code still poses the risks, Lemke emphasized.
Dealing with a malicious peer
Even though the new LND code is available, the problem isn’t entirely settled. For instance, the backup process is automatic, yes, but to the not so tech-savvy, configuring where to store the file could be a bit of a challenge.
Then there’s that problem of dealing with a situation where malicious nodes are likely to end up stealing funds from counterparties.
According to Suredbits’ Nadav Cohen, the feature is thus best suited for average users who trust their peers as not being malicious. Even then, he thinks the solution will provide the required backup safety in 99 percent of the scenarios.
For professionals and bigger investors, a trustless backup scheme is the least as these parties (including exchanges) deal with huge amounts of money that they can’t risk losing.
That is what Lightning Labs developers are working on at the moment, trying to build a feature that allows users to work even with malicious peers. It means that the developer community is “not there yet,” and more building is needed as people begin to use lightning to move larger amounts of money.
Disclaimer: This is not investment advice. Cryptocurrencies are highly volatile assets and are very risky investments. Do your research and consult an investment professional before investing. Never invest more than you can afford to lose. Never borrow money to invest in cryptocurrencies.