[Lightning-dev] Faking LN transactions to road block chain analysis? Does it make any sense?

ZmnSCPxj ZmnSCPxj at protonmail.com
Fri Dec 20 15:58:47 UTC 2019


Good morning Piotr,

> We do know for a fact that chain analysis software stops tracing
> backwards when found a compliant exchange address (good), gambling site
> address (bad), etc.
>
> Theoretically, LN channel closure transaction should stop chain analysis
> software from analysing the chain further, as it is an exit gateway from
> another world, correct?
>
> Not saying this is already implemented by surveillance companies but one
> would expect that in the future.
>
> If so, we could envision faking LN like transactions to road block the
> analysis.
>
> That would entail: 1) channel funding tx, 2) reasonable delay, 3)
> channel closure tx with amount split (and not merged) so it looks natural.
>
> Advantages over using the actual LN I believe are obvious: no liquidity
> problem, no data exchange with LN public nodes, simplicity, etc.
>
> Obviously, this assumes LN usage itself is not blacklisted by
> surveillance companies.
>
> Does it make sense?
>
> Or am I missing something?

Current Lightning Network mutual closes are spends of 2-of-2 outputs.
Given that most people will use either 1-of-1 or 2-of-3 ("never go to sea with two chronometers, take one or three"), they stand out and it is reasonable to assume that any 2-of-2 will be Lightning.

Now while this can be a "blockage" of some sort, we can observe as well that the upcoming BIP-Schnorr will allow the use of MuSig, which lets all n-of-n (including Lightning 2-of-2) to hide in the same anonymity set as 1-of-1.
This helps break this kind of analysis as well, as Lightning channel closes are now indistinguishable from simple single-owner spends that are expected to be a good part of foreseeable future.
Some work is also being done on verifiable secret splitting, which would allow k-of-n to hide in the same anonymity set as n-of-n, thus bringing the 2-of-3 users into this as well, and becoming a serious pain to chain analysis.
It is this uncertainty which will force chain analysis (and offchain analysis as well, as Lightning grows) to start considering fuzzy logic (i.e. probabilistic analysis models, such as Bayesian nets).

You might also be interested in CoinSwapper as well: https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-October/002245.html
This somewhat inverts things, in that a method of mixing coins is possible by passing them through the Lightning Network (and it is arguable that this method of mixing will be just as efficient as onchain-only CoinSwap, though not as efficient as CoinJoin still).


Regards,
ZmnSCPxj



More information about the Lightning-dev mailing list