Bitcoin Lightning Network FAQ

Q 1: What is the Lightning Network?

A:

The Lightning Network is currently under development. It will become a decentralized network that enables instant off-chain transfer of the ownership of bitcoin, without the need of a trusted third party.

The system utilizes bidirectional payment channels that consist of multi-signature addresses.

One on-chain transaction is needed to open a channel, and another on-chain transaction can close the channel.

Once a channel is open, value can be transferred instantly between counterparties, who are exchanging real bitcoin transactions, but without broadcasting them to the bitcoin network.

New transactions will replace previous transactions and the counterparties will store everything locally as long as the channel stays open.


Q 2: Is the Lightning Network open source?

A:

Yes, Lightning is open source. Anyone can review the code (in the same way as the bitcoin code)


Q 3: Who owns and controls the Lightning Network?

A:

Similar to the bitcoin network, no one will ever own or control the Lightning Network.

The code is open source and free for anyone to download and review.

Anyone can run a node and be part of the network.


Q 4: Who are the inventors of the Lightning Network?

A:

Joseph Poon and Thaddeus Dryja wrote The Lightning white paper.

Lightning is a open source project so anyone is free to contribute with code.

Several independent implementations are under development:

lnd — Lightning Labs

eclair — ACINQ

lightning-d — Blockstream


Q 5: Does the Lightning Network have its own “Lightning coins”?

A:

No, that’s not how it works.

A Lightning Network will use real bitcoin transactions with actual bitcoins in them


Q 6: Is the Lightning Network dependent on consensus to be implemented?

A:

No, the implementation of a Lightning Network does not require consensus in the bitcoin network.

Lightning is neither a soft-fork nor a hard-fork.

Instead, the Lightning Network builds an additional layer on top of the bitcoin network.

Implementation is therefore independent from consensus.


Q 7: Will there be any form of custodian risk in a Lightning Network?

Do I need to trust anyone to hold my money on my behalf?

A:

No, this system is not based on trust; you remain in full control of your money.

If anything goes wrong, you simply broadcast the latest state of your channel as a normal on-chain bitcoin transaction.

All your money will be returned to your address, and it will be recorded on the blockchain as normal.


Q 8: I’ve heard that Lightning transactions are happening “off-chain”…Does that mean that my bitcoin will be removed from the blockchain?

A:

No, your bitcoin will never leave the blockchain.

Instead your bitcoin will be held in a multi-signature address as long as your channel stays open. When the channel is closed; the final transaction will be added to the blockchain.

“Off-chain” is not a perfect term, but it is used due to the fact that the transfer of ownership is no longer reflected on the blockchain.


Q 9: I’ve heard that the Lightning Network will require my bitcoins to be locked up…Is this correct?

A:

“Locked up” is a very misleading term in this case.

Lightning will not make your money less accessible.

Your money will actually become more accessible when held in a Lightning channel.

First of all, you do not need to wait for confirmations in a Lightning Network. Your money can be moved almost instantly within this network.

Second; bringing your money “back on chain” is just as easy as sending a normal bitcoin transaction. You just wait for the first confirmation and your money is no longer “off chain”

One exception is the rare case that your channel breaks down in the middle of a transaction (counterparty goes offline)

In this exceptional case; you will be subjected to a short delay before you can spend your money. The length of this delay will vary; depending upon the parameters you have applied to your channel (the range is estimated from a few hours minimum, up to a couple of days maximum)


Q 10: Will a Lightning Network have its own blockchain?

A:

No, Lightning is dependent on the bitcoin blockchain. On-chain transactions is needed to open and to close “channels” between peers in the network.

Once a channel is open, the ownership of bitcoin can be transferred off-chain in both directions.

The transactions inside a channel are real bitcoin transactions, but they are not broadcasted to the bitcoin network as long as the channel stays open.

Instead, those involved in a channel will store the transactions locally.

This enables instant transactions and a near unlimited capacity within a Lightning Network.


Q 11: Will there be any form of mining to secure the Lightning Network?

A:

No, security is provided by the bitcoin miners in the underlying bitcoin network


Q 12: The main chain of bitcoin is secured by a hash rate of 2 ExaHash/s, but a Lightning Network doesn’t have any hash rate at all…

So how can a Lightning Network be as secure as the main chain?

A:

The security in a Lightning Network is extracted from the underlying Bitcoin Network.

A Lightning Network cannot operate on its own; it is completely dependent on the underlying bitcoin network for security.

Basically the bitcoin network takes the role as a safety net underneath the Lightning Network.

If something goes wrong in a Lightning channel (like your counterparty going offline) you will always have the option to fall into the safety-net.

(You simply broadcast the latest state of your channel as a normal on-chain bitcoin transaction)


Q 13: Does a Lightning Network have its own public ledger or some sort of database of all transactions?

A:

No, a Lightning Network does not have its own ledger and there is no database.

Holding value on a Lightning Network means that you are in possession of double-signed transactions. The transactions are valid, but they are not yet broadcasted to the Bitcoin Network.

The transactions you are holding are of the 2 of 2 multi-signature type.

Both you and your counterparty will sign, and you will both store the transactions locally.

These transactions will use a multi-signature address as their input (the funding address)

and they will point at two different addresses for their output.

One output is pointing to an address that only you can control. The other output is pointing to an address that only your counterparty can control.


Q 14.0: You say that the Lightning Network is using real bitcoin transactions…How can it be a real bitcoin transaction if it’s not recorded on the blockchain?

Short A:

To understand this, we first need to understand what a bitcoin transaction really is…

The fact is; That there are no “coins” in Bitcoin…

There are only signed messages and updates to the blockchain.

So let’s say that Alice is sending 1 bitcoin to Bob…

We call this a peer-to-peer transaction due to the fact that the ownership of value is transferred directly from Alice to Bob.

But Bob does not actually receive a “digital coin” from Alice.

The thing that in reality is happening; is that all the nodes in the network will update their local copy of the public ledger.

The public ledger is updated so that; the “coin” that was before registered in an address controlled by Alice, is now instead registered in an address controlled by Bob.

Long A:

The bitcoin transaction that Alice is sending to Bob, is in reality just a signed message that Alice is broadcasting to everybody.

The message is not only received by Bob, but it is broadcasted to all the nodes in the network.

At the time of writing there are more than 5400 so called “full nodes” in the bitcoin network.

The following steps illustrates the process that takes place when Alice is sending a bitcoin transaction to Bob:

1. When Alice is broadcasting her signed message (= bitcoin transaction), it will be picked up by some of the full nodes in the network.

2. These nodes will independently validate the message (transaction) in accordance with the consensus rules. If the nodes find the message to be valid; they will broadcast the message again so that it can be picked up by other nodes on the network.

3. Some other nodes on the network will pick up the message, and this process continues until all 5400 nodes have independently validated and re-broadcasted the message (transaction)

4. At some point a miner will succeed in constructing a valid block that includes the message (transaction) from Alice. To make this happen the miner must bear the cost of an enormous amount of electricity.

5. The miner will now broadcast this newly found block. The new block will be picked up by some of the full nodes. The nodes will independently validate the block and all its content.

By doing this they are also validating the message (transaction) from Alice for a second time.

If the nodes find the block to be valid (in accordance with the consensus rules) they will broadcast the block again so that other nodes also can receive the block.

6. Other nodes will pick up the block, validate and broadcast.

This process continues until all the nodes in the network have independently validated the block and thereby also validated the message (transaction) from Alice for a second time.

The steps above illustrate that a normal bitcoin transaction actually involves everyone on the network.

The message is independently validated two times by 5400 nodes (= 10 800 validations)

Despite this, we are still calling it a “peer-to-peer transaction” because the actual ownership of value is transferred directly from Alice to Bob*

(*But everyone still needs to help by updating their local copy of the ledger)

Conclusion:

A bitcoin transaction is just a signed message.

So let’s say that Alice wants to send 1 bitcoin to Bob within a Lightning Channel:

Alice is storing some of her money in a “2 of 2” multi-signature address.

Alice and Bob will both sign a message that transfers the ownership of 1 bitcoin from Alice to Bob.

This message is a valid bitcoin transaction, but it is not broadcasted to the bitcoin network.

Instead Alice and Bob both store the transaction (message) locally.

From Bob’s point of view, this “double-signed message” has a monetary value of 1 bitcoin.

The monetary value of 1 bitcoin comes from the fact that Bob can spend this money on-chain at any time; by simply broadcasting the message to the bitcoin network.

Bitcoin transaction = Signed message = Lightning transaction

The purpose of any monetary transaction is to change the ownership of value.

In the bitcoin network we change the ownership of value by the use of signed messages.

A Lightning transaction is a double-signed message.

This double-signed message is therefore a real bitcoin transaction.


Q 14.1: A standard bitcoin Tx is dependent on confirmations in the blockchain… So, is it really fair to claim that a Lightning Tx is the same as a normal bitcoin Tx?

A:

This is a valid point, they are not the same…

A Lightning Tx is a zero-confirmation Tx. But if it is broadcasted to the bitcoin network; it will be just as valid as any “on-chain” zero-confirmation Tx.

Both types of Tx will eventually be mined into the bitcoin blockchain if they pay a sufficient fee.

However, a LN-Tx has a different security model that makes it much more reliable when compared to a standard zero-confirmation Tx.

A Lightning Tx is only indirectly secured by Proof of Work. This is due to fact that a Lightning Network will be completely dependent on the underlying bitcoin network (see Q12)

Within an open Lightning channel; there is a different set of game-theoretical mechanisms that provide a different type of security model.

Lightning will extend the capabilities of bitcoin without the need for a trusted third party.

But the tradeoff is that you must monitor the bitcoin network by the operation of a full-node.

This monitoring can be outsourced, but in that case you must trust an external server to actually do its job. Your money will still not be routed through this server. The only role of the server is to monitor the bitcoin network, and to broadcast a so-called Penalty Transaction when necessary.

Note that the use of this service is an option, in case you don’t want to run your own full-node.

It will not be possible for this third party to steal money from a Lightning channel.

Also note that the LN is intended as a platform for low-value-transfer (sub $100)

All LN transactions are multi-signature and both participants in a channel must sign for a Tx to become valid. A traditional double-spending attack is therefore made extremely difficult.

However, there is a risk that someone can broadcast an obsolete Lightning Tx to the bitcoin network.

An obsolete Lightning Tx is a Tx that does not represent the latest state of its channel.

The above mentioned risk is the reason that you (or a service that you trust) must operate a “Watcher Node”.

This node will monitor all the transactions that are broadcasted to the bitcoin network.

If your Watcher Node discovers an obsolete Tx; it will (as a countermeasure) broadcast a “Penalty Transaction”

The Penalty Transaction gives you the power to confiscate all the money within your channel (including the money that belongs to your counterpart)

However, a penalty Tx can only become valid after the discovery of a broadcasted obsolete Tx.

Your ability to broadcast a Penalty Transaction makes it very risky for your counterpart to broadcast an obsolete Tx.

Another security/privacy feature, is that all Lightning Tx will be end-to-end encrypted between the participants.

Conclusion:

The security model of a Lightning Tx is different from the security model of traditional bitcoin Tx.

A Lightning Tx will still be regarded as a valid bitcoin Tx if broadcasted to the bitcoin network.

However;

A Lightning Tx will not be publicly broadcasted as long as the channel stays open.

It will only be exchanged between the participants in a channel, and they will store the Tx locally.

We can therefore define a Lightning-Tx as:

A Non-Broadcasted-Zero-Confirmation-Bitcoin-Tx with some additional Security-Mechanisms.


Q 15: I’ve heard that the Lightning Network will require its users to constantly monitor the blockchain…

Is this true?

A:

Yes, this is true..

Users will need to run software that is actively monitoring the blockchain for contract breaches (broadcasting of an obsolete transaction)

However, it will be possible to outsource this monitoring to a third party.

Outsourcing will not affect your privacy, but you must trust the service to actually do its job.

The upside is;

That this hopefully will encourage more people to run full nodes on the bitcoin network.

Your full node may even become able to earn a little bit of money:

A “Full-node/Lightning-node” can collect fees by acting as “Bob” (please see explanation below)

Another option is to configure your full-node to monitor the blockchain as a service. In theory this may also bring in some “micro-earnings”


Q 16: I have heard that there will be some fees involved in the Lightning Network..

Who will be collecting those fees?

A:

Potentially anyone who is running a Lightning-node.

Example:

Alice wants to send money to Carol, but Alice does not have an open channel with Carol.

But Alice has an open channel with Bob, and Bob has an open channel with Carol.

Instead of opening a new channel with Carol, Alice can route the payment trough Bob:

Alice — Bob — Carol.

In this scenario it is possible for Bob to charge a small fee.


Q 17: In the above scenario; what is preventing Bob from just stealing the money in transit?

Short A:

Bob is actually paying out to Carol first, and then afterwards Bob will get his money back from Alice.

Long A:

1. Carol starts the process by producing a random number ( R ) that she will keep as a temporary secret.

2. Carol then generates a hash ( H ) of R

3. Carol gives H to Alice

4. Alice constructs a special transaction that can transfer money from Alice to Bob. But this transaction is only valid if R is included. At this point the transaction is not valid due to the lack of R. Alice also gives H to Bob, and Bob knows that H is the hash of the missing component R.

5. Bob will now construct another special transaction that can transfer the money from Bob to Carol. But this transaction is also only valid if R is included. At this point the transaction is not valid since Bob does not have access R.

6. Carol wants her money, so she reveals R to Bob; thereby making the transaction valid.

7. Since Bob is already in possession of the transaction made by Alice, he can just include R and that transaction also becomes valid. Bob knows that he has been given the correct R because he can check that H is the hash of R.

8. At the same time; Bob also reveals R to Alice.

Alice can now use R as proof that she has paid Carol (R becomes the receipt)


Q 18: Does Lightning require Segregated Witness?

A:

A reliable answer can be found her:

https://medium.com/@rusty_lightning/bitcoin-lightning-things-to-know-e5ea8d84369f#.oujgao7s2