Hundreds of Lightning users are at risk of losing funds: 3 things you need to keep your BTC safe.

Glad our clickbait-ey title grabbed your attention, because this is a critical topic for any Lightning user. We’ve seen a lot of questions about recovery and backups — usually from people that have already lost their Bitcoin because they didn’t understand the risks.

In the event of your computer crashing or being corrupted, you will need ALL of the following to recover funds that are in Lightning channels:

1. Your seed phrase
2. Your password
3. Your static channel backup (SCB)

If your computer died right now, could you access each of these? 🤔

Your seed phrase

Please save your seed phrase (somewhere other than your hard drive). Paper/pencil is a great option — write the seed phrase down on two sheets of paper that you store in different, secure locations (lockbox, firesafe box, vault, etc.). Stamped Metal Backup (e.g., Cryptosteel) is another good choice. You can read more about recovery seed storage best practices here and here.

If it’s a smaller amount of money, just throw your seed phrase into your password manager. Note that this is a much riskier option since an attacker would have your password and recovery seed if your password manager is compromised.

Your password

This one should be easy. Use a password manager like LastPass or 1Password (with 2FA).

Your static channel backup (SCB)

This is where most people get into trouble. While your password and seed phrase are sufficient to recover on-chain funds from your wallet, you need the static channel backup to recover your balance in Lightning channels.

Zap makes it easy when you set up your wallet to back it up to Dropbox or Google Drive. They also, however, give you the option of just backing it up locally. Check your settings. If it looks like the screenshot below, consider making a new wallet that’s backed up remotely (unfortunately right now it’s not possible to change this setting after the initial setup).

If you’re using a different LND wallet, we’d recommend looking at their best practices for static channel backups. If you’re a more advanced user, it’s also worth checking out Bosworth’s script here for backing up to your hard drive, though as we’ve discussed please also save your SCB remotely.

A common misconception

We’ve heard people suggest that if you just get the remote node to force close any channels that they have open with you, then you can recover your funds. This is incorrect (at this time). You need the SCB to initiate the Data Loss Protocol (DLP) and to sweep the funds.

A few more details

• New LN feature: The Lightning Network has a feature called Static Remote Keys (SRK), which would let you recover your channel funds with just your password and seed phrase. Unfortunately, it’s unclear when exactly this will be released on major implementations (LND, eclair, etc.).
• Pending payments/HTLCs: Note that even with your password, seed phrase and static channel backup, you won’t be able to recover any in-progress payments.
• For the technically savvy: If you don’t have your SCB and your situation fits a certain set of criteria, you may be able to recover by following the procedure described here. DISCLAIMER: We have not tested the code detailed in this article, so use at your own risk. This is for more advanced users only. Essentially this takes advantage of the fact that the channel backup secret is derived from the seed phrase in such a way that you might be able to guess it via brute force.

Thanks for reading. Now, go back that channel up.