Various methods using Lightning Network to add more privacy to your bitcoin
Originaly posted on Substack on October 01, 2021. Updated here on October 13, 2024
It is improper saying "cleaning machine" but for a simple understanding let's use this wrong term. There's no such thing as "dirty sats", all are equal valid and nobody can stop you to use them. But this process of "cleaning" is more for users that are obsessed with privacy using BTC.
It is about how to lose trace of your sats obtained from KYC sources and you want to use them in a more private manner.
If you are buying/obtaining BTC and never have in mind to sell them back for goat shit fiat, and just use them as money, I don't see any problem in using sometimes KYC sources.
Yes, KYC is a really bad habit for exchanges and should be avoided as much is possible, but not from the POV of "hey, the gov will know how much BTC I have and I do not want to pay taxes for it". I have news for you: the govs have no idea about your BTC stash and they are interested only in those who are selling back their BTC for fiat.
Even if you buy from a full verified account with your identity, you can always say "ups, I lost them". Also there's another "approach", if a gov come to you and ask about your BTC, you can always say "fuck off, it is not your damn business what am I doing with my own money". But that is another story and we can talk about it in another guide about full individual sovereignty and how to deal with gov agents.
There are some users focused only in buying BTC and HODL, passing through CoinJoin or mixing apps. Bitcoin already evolved in something else, is time for you guys to start using your BTC as money and in the same time "cleaning" those sats. And Lightning Network (LN) is one of the easiest and simple way, that also contribute to a growing usage of Bitcoin by more merchants and users.
So, for the peace of mind of those afraid of gov tracking, in this mini guide, I will try to give you some hints about how to use LN in your "cleaning" process and what apps you can use. Maybe is not the perfect "cleaning machine" but definitely help in many ways.
Will not enter into deep analysis and explaining too much the process, but you will have enough information to start learning and create your own "procedure" if you like. I am giving you the tools, how you use them, is your own way. Test, learn, improve and make it better for your own peace of mind.
NOTE: I don't give a shit if this mini-guide is read by a gov agent. FUCK OFF! You have NO JURISDICTION over me and my own money, as a living man and I am not afraid of any gov apparatus because I am above them, they are only SERVANTS.
Talks about privacy on Lightning Network:
- Advanced LND Routing, Node Optimization - by Bitcoin Magazine
- Lightning Privacy 101 w/ Anthony Ronning - by Bitcoin Kindergarten
Applications you can use:
(use many as you can, each one have its own features pro/contra)
- Umbrel node (or any other LN node suite software) - the center of your "operations", managing LN channels, txs, moving funds. It has built in LNDHUB from Bluewallet Lightning and LNbits apps. LNDHUB wallets are very powerful tools in the aspect of "cleaning" because there's NO UTXO involed in funding of these wallets. Here is a guide how to use LNDHUB wallets from your node and also here using LNbits LNDHUB from your Umbrel node. You can also use a decoy private node, that uses your “Umbrel public node” liquidity.
- Electrum desktop wallet - easy/best for coin control, private/trampoline/swaps LN channels, this can be used as a cache step, between exchanges and your node
- Sparrow desktop wallet - very good desktop wallet with incredible features, including mixing / coinjoin options, coin control, Taproot, a must use. Here you have a guide about how to move your sats to a Taproot address using Sparrow and also mixing your own coins.
- Zeus mobile wallet - complete mobile app to use with multiple LN wallets, also as a node manager. It has built in Tor (for remote nodes) and built-in LND node. Also MPP (multi path payment) and LNDHUB accounts. Good tool when your are about to use multiple wallets. Here I wrote a “getting started with Zeus guide”.
- BlueWallet - powerful mobile app to use with your own node and also as a LNDHUB wallet app. Good tool when you are using multiple wallets.
- Phoenix mobile wallet - easy to swap funds onchain/LN, also connect to your own node to validate privately your txs. Tor support too.
- Alby Hub - powerful tool to run it as a node interface with NWC support.
- CoinOS - amazing simple web LN wallet, with full control and swaps onchain/LN and L-BTC/LN, optional if you want to swap funds between Liquid and LN to be another step into your mixing procedure.
- BitBanana - can be used in 2 ways, connected to your own node (as node manager) or as a LNDHUB accounts wallet.
Blixt mobile wallet - is a powerful wallet app using LND + Neutrino on your mobile. You can open channels towards your node and others and use it as full functional node on your mobile. Can be used also as a backup solution for your regular LN node, it supports importing wallet from other LND sessions (but not in the same time, only in case of SHTF).
Here you have a detailed presentation about Blixt node wallet.
Here you have a use case of Blixt node as companion of other 2 nodes, in a “cleaning” process.
- RTL and Thunderhub LN node management apps with built-in swaps
- Any other LN wallet as you wish and you are comfortable with. Here I wrote another guide about how to get started with them, step-by-step. Yes, some of them are custodial, but that doesn’t mean are also KYC invasive. The non-KYC custodials are a very good decoy frontend for your private nodes.
- Submarine Swaps - Swaps from onchain to Lightning Network
- Azteco or Robosats - LN exchange, no KYC, using vouchers system from physical shops. More LN exchanges here.
IMPORTANT RULE
Always keep in mind this important rule of stacking sats on 3 levels:
- HODL - your vault, always onchain, self-custody
- CACHE - your middle ground operations, coin control, managing nodes
- SPEND - your regular spending LN wallets
I’ve explained in more details this method in this guide.
PROCEDURES
The main idea is to have a decoy node in front of all your payments (send and receive). As I explained also in this guide “How to operate with LN as a merchant” (where you want to protect more when you receive payments over LN).
Lightning Network can add a lot of decoys if you learn how to use it properly. Why? Because a LN payment (HTLC) is using onion routing, explained very nicely here by Rene Pickhardt.
1 - PREPARE THE PUBLIC LN NODE
This one will be your frontend LSP. If you do not want to have this node liquidity dedicated to routing, you can skip it and use any other public LSP. Sometimes is even better because you can buy channels from them, without using any of your UTXO.
In this guide I described more about how to run a public LN node, liquidity to be used, peers to look to connect etc. so I will not enter into more details here. Please read that guide if you want to run a public LN node and if you want to expand your liquidity services for family and friends, read also this one.
- Start learning all the features and apps integrated into your node suite software
- Make backups of your LN channels every time your open/close one.
- Test your recovery plan in case your node is crashing. Never wait until is crashed and always make the test recovery when you do not have too much funds on it. Knowing how to recover is a very important step.
- Play a while with your node, making channel management and know well how this thing works, understand the process and how LN txs are routed, fees, UTXOs etc
2 - PREPARE THE PRIVATE LN NODE
You can use a desktop machine, with any of the node software suites. But I will recommend also to use in parallel mobile nodes like Zeus or Blixt. Zeus and Blixt are using a LND node in neutrino mode. That means it doesn’t need to run a full bitcoin node and is providing very good privacy for online part. You can also use a LND + neutrino on a desktop machine, with LNbits or Alby Hub or Thunderhub as node web UI and open private channels.
Also you can use the new Alby Hub as a private node interface, as I explained in this guide, where you can use a desktop machine with a private LN node backend, using various LN funding sources.
Another option is to use LNbits too as a frontend for a private LN node. It has built-in node management features, LNDHUB accounts management and many other useful extensions. Here is a guide “Getting started with LNbits”.
These private LN nodes, you will connect to any other public routing node or LSP, using “private channels”. That means are not visible on the public LN graph, are known only by your direct LN peers and they will forward your payments to the destination. Also some of them could offer “wrapped invoices”, hiding your private LN nodeID, when is about to receive.
More about private LN nodes, I wrote here, in this guide.
3 - Connect some wallet apps to your node
Make tests for sending/receiving txs, open channels, buy channels, close channels to be sure all works OK and you are comfortable with using those apps, know how to use them and when to use a specific app.
Your lack of understanding of how LN works today, will cost you a fortune tomorrow. Start learning now.
I wrote several guides about wallets and how to use them, please read more here.
4 - Open channels with/to your private nodes/apps
- Besides of many other LN channels open with other nodes, just regular usage of your node funds, you will have to open also some private channels, using the apps mentioned before.
- Always use a single UTXO and with all the funds from it when you open a new LN channel (no matter if is private or public). Each time you want to open a new LN channel, first send to your node onchain wallet the specific amount you want to have that channel, to a single new BTC address from your node wallet (UTXO).
- Public channels are used more for routing txs and making your own regular txs
- Private channels are used more for making swaps between LN and onchain for those sats you want to keep them private
- DO NOT CLOSE YOUR LN CHANNELS! Yes, keep your LN channels open as much is possible. That means the UTXOs used to open the channels will always show on the blockchain that "opening balance" so the chain-analysis tools, will never "know" where those sats goes. In the moment a channel is closed, the remaining balance is settled and published on the blockchain, but all the "movements" are not known. This is a very important aspect of privacy on LN, that many users wrongfully ignore it. So keeping open a LN channel means you can have multiple "cleaning" txs of many sats. An open channel also can be re-funded with sats from onchain, making swaps or just simple LN txs from another wallets/sources.
- Use Simple Taproot Channels if your peers support it. That could obfuscate on the blockchain the info about opening a LN channel.
- Buy LN channels from LSPs: Olympus, LNServer, LNbig, FlashSats, Megalithic etc. This option is good to obfuscate the UTXO used for opening the LN channel, not being linked to your nodeID. These inbound channels are good for swaps too. They also have a “contract” that will not be closed for a certain time.
5 - Start your "cleaning" process
- You can use LN apps to open private channels towards your public node or other LSPs (desktop apps like Electrum, Alby Hub or mobile like Blixt and Zeus).
- Do not open small channels (like 20k-1M sats), try to use bigger channels (2M-10M sats), enough to cover your swap amounts into HODL onchain addresses.
- When you move funds, try to use MPP (multi path payment), that means your LN tx will be split into many small pieces, routed through many different channels and arrived later into the same LN wallet. This makes even harder a possible analysis if the payment went through a single peer or many.
- The "process" is quite simple: pay to yourself as many as you can LN invoices, into/from many LN wallet apps. Make swaps between LN/onchain, from/using many different sources. And use your sats to buy stuff, live using your bitcoins!
- Use swap services as described in this guide.
6 - Example of moving funds
Using Electrum desktop, open a private channel (is always private) towards your node or any other LSP, of let's say 2M sats. Set the channel fees to zero (use RTL or Thunderhub in your node).
Option A
Using another swap LN mobile wallet (Phoenix, CoinOS, Walletano, Blink, WoS), create a LN invoice. Pay that invoice from your Electrum. Funds will be routed from your private channel, through your node and some other hops (you can set that too) and arrive into your "external" LN wallet (using Tor and connected with your Electrum Server of your node). Make a swap of partial funds (never use the total amount from balance) into an onchain address, as you wish. Phoenix and Blink have this option to send from LN into onchain (external address) making the swap on the fly.
Option B
If your Electrum channel is almost empty you can use the reverse way, create the invoice on your Electrum and pay it with your node wallet directly. Once you have them in Electrum you can make also swaps LN -->onchain, using the built in feature in Electrum app.
Option C
Using a LN neutrino node (Zeus, Breez, Blixt, AlbyHub etc). Create a LN invoice from the side where you want to receive the funds and be able to make the swap into onchain and pay with the side where you have more funds available. Here is a dedicated guide.
Option D
Using the same LN node, making swaps, from specific channels into onchain new address (can be external or internal of node). This swap will have a cost.
Using Boltz or SwapMarket or ZigZag or Fixedfloat LN exchanges for swaps into/from onchain. This option also have an extra cost. Withdraw BTC you buy on an exchange, then create a swap for the amount you bought, withdraw from the exchange to the swap address, then you get your funds off-chain without all of the overhead of getting a UTXO, straight to your LN wallets/node. And swaps like this don't even require trust.
Use a decoy wallet, for example Blink, CoinOS, Walletano, Lifpay, WoS or any other that do not require an invasive KYC verification and can be disposable. Many of these have already swap services (onchain ←→LN) included, so will be easier for you to receive from LN and swap to your other onchain wallets for holding. or vice-versa if you need more funds into your existing LN channels.
From these decoy wallets, move then the funds into any other wallets you have, even over LN. These decoy wallets will keep your funds as a temporary buffer, are NOT for long term holding!
Option E
ONLY WITH KNOWN PEERS! Open private or public channels with known/trusted peers and push back funds using the Thunderhub app feature for keysend. See here a dedicated guide for this procedure. So practically you open a channel, let' say of 5M sats with a trusted peer. You push 3M sats on his side (you are giving him 3M sats) and your peer will send you those 3M sats onchain from another wallet to one of your onchain BTC addresses as you wish.
Option F
Batching txs with Sparrow or Electrum as being coinjoin. This is a tx made with Sparrow and this is how it looks into a block explorer:
- I used 2 electrum instances (2 wallets), you can do it also with Sparrow wallet.
- took from each 10-20 addresses
- create a batch tx in excel, listing all 10-20 addresses from both wallets and dedicate to each a random amount, import that file into Electrum/Sparrow
- send that batch tx as being a coinjoin, connected to my node of course through Tor
- send some UTXOs to my secondary node (private)
- open private channels with each UTXO with my "public" node
- drain those sats into onchain or other LN wallets
- checking with Know Your Coin Privacy and there is NO way to trace those txs to me, all looks like a nice coinjoin
General recommendations:
- Be smart an inventive in creating your own routes of cleaning. Test your own routes and levels of privacy. You will find out yourself that there’s no way to trace back to you those payments.
- Make small tests before starting the process, to learn about the fees and routes.
- Take notes, for your own knowledge, until you control the process.
- You can shut down your LN node anytime, emptying the funds from it and create a new one, new identity anytime.
- You can even create a new private node, connected to your "public" node, only using private channels. That nodeID will not be visible for routes but can make swaps to/from onchain. This private node is not necessary to be a full node, a big machine or all the time online. Can be any computer with a Neutrino sync (see the apps section).