Table of contents
No headings in the article.
Bitcoin and lightning are so linked that their essential ideas are nearly identical. Payment receipt procedures are a unique and crucial feature of both technologies. It's the bitcoin address for bitcoin, and the lightning invoice for lightning (BOLT 11 invoice, to be precise). They are the respective pieces of information that a receiver must give to the sender so that they can make the payment. However, there are certain questions, such as the following:
Why doesn't Lightning use a regular bitcoin address, given that it is layered on top of bitcoin? In terms of security, privacy, and capacity, which is superior?
Those are some intriguing questions to think about, and they will be covered in this article. Let's look at the structure of both the lightning and bitcoin addresses first.
A sample lightning invoice:
lntb1u1pwz5w78pp5e8w8cr5c30xzws92v36sk45znhjn098rtc4pea6ertnmvu25ng3sdpywd6hyetyvf5hgueqv3jk6meqd9h8vmmfvdjsxqrrssy29mzkzjfq27u67evzu893heqex737dhcapvcuantkztg6pnk77nrm72y7z0rs47wzc09vcnugk2ve6sr2ewvcrtqnh3yttv847qqvqpvv398x
The lightning invoice is divided into two major segments:
(i) the human readable prefix and
(ii) the data segment.
The first part of the human readable prefix lntb
tells us the instance of the lightning network we're using (mainnet, testnet, simnet/regtest), which is testnet in this case. The second part 1u
tells us the amount in satoshi's being sent and its associated multiplier (in this case, 1u = 1 microBTC = 0.000001 BTC).
The data segment is an encrypted data encoded using the bech32
encoding scheme. Decoding it should reveals atleast these parts:
- the timestamp
- expiry
- payee
- payment hash
- description
- min_cltv_expiry
- signature etc.
You can find the full list of decoded parts from this link
Now, a sample P2PKH bitcoin address:
1AKDDsfTh8uY4X3ppy1m7jw1fVMBSMkzjP
You give people your address so that they can "send" you bitcoins. When someone receives it, they can use it to develop a custom locking script based on the type of address you provided. For simplicity, we use the P2PKH address in this article. Your bitcoin address basically contains:
- a specific piece of information you'd like to include in the lock, e.g., your public key hash.
- a prefix indicating the type of lock to make,
- a checksum to aid in the detection of typos.
For a brief summary of the different address types, visit this link
Now let's answer the questions raised earlier.
- Why doesn't Lightning use the regular bitcoin address, given that it is layered on top of bitcoin?
In short, there are many aspects of the lightning network that the bitcoin address could not permit: including route hints to access recipients behind private channels, distribution of payment hashes, and the inclusion of a fallback bitcoin address in a lightning invoice. The bitcoin address is just unsuitable for lightning payments due to its complexity. There is work being done on a combined standard in BIP21 and here
2 In terms of security, privacy, and capacity, which is superior?
Security
Bitcoin addresses are generally safe since they use a public key cryptosystem to "encode" payments so that only the "owner" of that Bitcoin address may redeem them. Bitcoin addresses would generally require breaking ECDSA (secp256k1 curve) to forge signatures (128 bit), so it is considered extremely secure. As a result, bitcoin addresses can be reused, but this is not advisable. A lightning invoice achieves the same level of security (128 bit) because in order to "forge" information, you'd need to break the SHA256 hash scheme. Lightning invoices are not reusable because, in order to complete the payment, the recipient must share a "secret" with the entire payment channel, including the sender. If you reuse that invoice, you're effectively handing away control of the payment's cash. It must fail or succeed atomically, then never be used again. This is not the case with bitcoin addresses. So lightning invoices can be a footgun if "used incorrectly." Although the Bolt 12 invoice is supposed to have remedied this problem, the Bolt 11 invoice is still used for the vast majority of lightning payments today.
NB: Different bitcoin address types actually have different levels of security.
Privacy
Bitcoin addresses do not reveal the owners' identity and, unless multiple UTXOs from different addresses are spent together in the same transaction, they are difficult to link together conclusively (commonly called "UTXO clustering"). Bitcoin addresses may be derived from hashed scripts used to lock a transaction into the future. Regardless, because the blockchain is a public ledger, even these temporarily-secret spending conditions must be exposed when they are satisfied and posted to the blockchain, along with the required signatures. Lightning invoices, however may directly reveal sensitive information about the recipient, such as the recipient's (fixed!) public key, route indications that show the channel ID (for private channels, if supplied), and the payment description (if this was to be kept private). While this may not seem like a big deal to some, it could be a source for attackers looking to take advantage of the network: if you simply request to pay someone on Lightning, you can learn their node_id and sometimes their ip_address. However, however ip address leakage can be mitigated by the recipient running their lightning node on Tor only.
Capacity
In comparison to lightning invoices, bitcoin addresses may be used to receive arbitrary-sized sums of bitcoin, with no requirement that the recipient "have enough inbound liquidity". On the lightning network, the channel capacity of the routes in the payment path dictates the maximum size of payment available. Work is being done on multi-path payments to enable larger payments to be split atomically between multiple routes. This is reasonable, given that one of the key goals of the lightning network is to enable micropayments with lower transaction fees. As a result, for single large transactions, rather than using the lightning network, it is usually preferable to do it on-chain.
So far, we've discussed how the security, privacy, and capacity of both the lightning invoice and bitcoin addresses are comparable. However, I do not recommend one above the other because each has its own set of applications. The technology behind bitcoin addresses and lightning invoicing is far from flawless, and numerous open-source bitcoin enthusiasts and developers are continually working to enhance it. The truth is that, even in their current state, we've come a long way compared to centralised systems.
Image credit cover picture: author - Weizi147258 commons.wikimedia.org/wiki/File:Logo_of_Lig..
Resources
Mastering lightning book