Anon on Nostr: ...

quoting nevent1q…dc9q

Given your infosec background, I'm sure what I am about to say is nothing new for you, so I am mostly speaking to "the room" here.

Yes, Lightning offers better privacy than Bitcoin when set up properly, but it also has a more complex system, equating to a larger attack surface. LN's privacy features are not automatic; users must understand and manage their privacy settings actively, which can lead to unintentional exposure of transaction details.

A fundamental privacy weakness persists in the asymmetric nature of Lightning transactions—the sender learns extensive details about the receiver's node, channels, and liquidity, while the receiver learns nothing about the sender. Plus, there's the persistent hassle of maintaining channel liquidity.

Even with proper setup, Lightning faces critical privacy vulnerabilities against global adversaries who can monitor network traffic—while individual participants can't see payment details, entities capable of monitoring internet connections can track payment flows by observing message patterns between nodes, making its privacy guarantees fundamentally weak against sophisticated surveillance.

Lightning falls well short of the anonymity provided by Monero with its stealth addresses, ring signatures, and RingCT—and soon, Full-chain Membership Proofs (FCMPs) will fix current vulnerabilities like the Exchange Attack Everywhere (EAE) attack. With FCMPs, every input will have a 100-million anonymity set, up from the current 16 Ring Signatures.

Where privacy is a concern, I still recommend Monero over Lightning for most people, as Monero's privacy features are built-in on the base layer and work by default.