Insecure Lightning Node? VLS Fixes This

00:00

everyone thanks for being here instead

00:01

of uh lining up for Trump my name is

00:03

Jack raldi I'm with the validating

00:06

lightning signer

00:09

project am I live y it's good to be here

00:14

Donald if you're listening I challenge

00:16

you to 18 holes of golf if you win I

00:20

mean if I

00:22

win you donate 1 million to bitcoin open

00:25

source development and if you win you

00:28

donate 1 million to bitcoin open source

00:31

development so uh let's set the stage

00:34

here so uh before we get into VLS let's

00:36

talk about some of the challenges in the

00:38

lightning Network so there's some

00:39

custody challenges in that most

00:41

lightning nodes are actually hosted um

00:43

on cloud providers and most lightning

00:46

users are using custodial apps and uh as

00:49

I'm sure you've seen with recent news uh

00:51

holding custody of user funds presents

00:53

challenges um with the authorities um

00:56

and it just like extra risk that uh you

00:59

might not want to take as a provider uh

01:02

on the other side there's people that

01:03

are running their own nodes and holding

01:05

custody of Their Own Private Keys uh but

01:08

because lightning is uh always online

01:10

you're essentially holding your keys in

01:12

a hot wallet which uh as I'm sure a lot

01:14

of you are aware is uh quite risky to do

01:17

uh so because if the lightning node is

01:19

compromised you're going to lose your

01:20

funds uh to the

01:22

attacker so what are some solutions that

01:24

have been attempted to solve this

01:26

problem uh there's something called a

01:27

blind signer um where essentially

01:30

the signer is separated from the node to

01:32

a separate signing device um but the

01:35

problem is like like the title implies

01:38

it's a blind signer so whatever the node

01:39

asks it to sign it just goes ahead and

01:41

signs that and you've actually reduced

01:43

security because now instead of just the

01:45

one uh attack point at the node now you

01:48

have two attack points the the blind

01:49

signer and the node and you've reduced

01:52

security uh so that's what how how VLS

01:55

kind of came into being um the idea was

01:57

to increase security of lightning setups

01:59

by separating a user's private keys from

02:02

their lightning node to a separate

02:04

Harden signing device and this device

02:06

would actually validate all of the

02:07

lightning Network rules before it signs

02:09

a transaction so that if an attacker

02:12

were to compromise the lightning node uh

02:14

the VLS signer would just not allow any

02:17

transactions to be signed that uh would

02:19

make you lose money so there's no other

02:21

solution that provides this level of

02:22

security and just one note uh VLS is an

02:25

open- Source uh reference implementation

02:28

of this software we are not a consumer

02:29

facing um or commercial product we're

02:32

just building software that um I guess

02:34

other commercial products would then

02:36

incorporate into their own

02:38

Solutions uh so how does VLS work uh

02:41

essentially what it like I said it

02:42

separates your lightning Keys into uh

02:45

another device that you can Harden as

02:47

much as you like and the node then

02:49

substitutes its own internal signing

02:50

with a call to the VLS signer and what

02:53

are some examples of things that VLS

02:55

might sign it could be something like a

02:58

uh justice transaction or closing a

03:00

channel to a whit listed address and the

03:03

other cool thing is that vs allows for

03:05

um flexible policies such as uh I guess

03:09

velocity control of how how much funds

03:11

per day um or maybe setting up approval

03:14

uh approval flows such that maybe

03:16

somebody at uh I guess the front lines

03:18

of an organization can send out let's

03:21

say $1,000 in a payment or someone at

03:24

the SE Suite maybe you can send out a

03:26

million dollars in payment so you can

03:27

kind of customize it that way or you can

03:28

customize that any money that is uh your

03:31

node is receiving is auto approved by

03:34

VLS and any money that you're sending

03:35

out maybe needs some approval from from

03:37

a person with

03:38

keys so this is a quick uh system

03:41

diagram so you have your I guess

03:43

lightning node here in the middle which

03:45

has a a proxy to the VLS remote signer

03:48

um and it's asking it to sign

03:49

transactions um and then the node also I

03:53

guess has some information here on the

03:54

bottom uh so it has a utxl set and a

03:57

Bitcoin node that VLS needs in order to

04:00

track the um the the level layer one

04:02

chain State and there's also a state

04:04

storage uh just to make sure that let's

04:07

say your node goes down or your VLS

04:09

remote signer goes down that you don't

04:11

lose uh your lightning State because if

04:13

you do uh you're going to lose your

04:15

funds uh because you you kind of lost

04:16

where you're

04:18

at uh so what are some use cases for VLS

04:21

uh so it can be something like URI

04:24

running VLS on our mobile device and

04:26

this actually already exists today if

04:28

you guys have heard of green light uh

04:29

they're being used by Breeze and Breeze

04:32

is offering the VLS service to their

04:34

customers such as Rel uh that are

04:37

running VLS on a mobile device um it

04:40

could be also small Merchants that uh

04:42

are using inexpensive consumer devices

04:44

such as an esp32 or an stm32 those are

04:47

like the sp32 is 20 bucks the stm32 is

04:50

100 bucks uh you can just set it up and

04:52

have it run VLS or it could be like a

04:54

large Merchant that's running um VLS on

04:57

an HSM or hardened server so like all

04:59

the way from the cheapest devices all

05:00

the way to the the most expensive uh VLS

05:03

can run on all of them uh and the the

05:06

cool thing is like on all of those use

05:07

cases the end user whether it's like URI

05:10

I or um a merchant um or an organization

05:13

like the end user controls their private

05:16

Keys um even if their node is hosted on

05:18

something like an LSP so if uh the LSP

05:22

is misbehaving or whatever the user can

05:24

unilaterally close their channels and

05:25

recover their Bitcoins without any

05:28

involvement from the LSP so

05:30

you keep control of your keys it's your

05:32

keys and it's your

05:34

coins uh so BLS is looking for devs and

05:36

I just wanted to show you guys the road

05:38

map of what we're working on um upcoming

05:40

in case there's some interested devs

05:42

that that want to join and contribute so

05:44

we just finished tag team signing which

05:46

is a feature that allows multiple nodes

05:48

or sorry multiple signers to control the

05:50

same node uh we're going to be working

05:52

on Disaster Recovery in case of disaster

05:54

like how do you recover your funds uh up

05:57

next and then we have some features

05:59

planned such as splicing zero conf

06:00

channels um another version of the State

06:03

Storage some routing B 12 uh we're going

06:06

to do a heavy focus on Enterprise

06:08

because we we've kind of focused on

06:09

small signers now we're going to focus

06:10

on big ones uh in a minute Sean's going

06:13

to talk to you about uh VLS on secure

06:15

enclaves which I'm really excited about

06:17

and finally um off in the future we have

06:20

uh multisig lightning uh which is not

06:23

ready it depends on tap rot uh Frost and

06:26

M 2 to be ready for use by by lightning

06:29

which as I understand it will be in the

06:31

future but not quite n yet uh so yeah if

06:33

you want to take VLS for a spin um all

06:36

these links are on our website vs. te um

06:38

we have a matrix chat uh we have a

06:40

gitlab repo where you can submit a

06:41

feature request or take a look around uh

06:44

we also have uh core lightning and uh

06:46

LDK sample nodes running VLS uh that you

06:49

can uh I guess spin up in Docker if you

06:51

want to give them a shot and uh yeah and

06:54

over to Sean for validity so validity is

06:57

a new project um enabled by a spiral

06:59

Grant thanks spiral um it's it's a

07:03

pretty ambitious uh I mean my my

07:06

long-term plans are pretty ambitious I'd

07:08

like to see you know all kinds of things

07:10

going on with secure enclaves and

07:13

Bitcoin signing but in this initial uh

07:16

phase we're going to really focus on vs

07:19

because it's a really good match when

07:21

you put Keys into a secure onclave um

07:24

you can't have blind signing you need

07:26

policies that can restrict when they're

07:29

used and V does such a nice job of doing

07:32

that as Jack told you that that's going

07:34

to be our our initial uh

07:38

application so this is a a simple

07:41

diagram uh when you see the no it's

07:44

basically the the VLS remote signer

07:47

component itself uh is in inside the The

07:51

Trusted execution environment or the

07:52

secure onclave and then the other

07:54

components are outside there's sort of

07:57

two ways you can deploy this one is on a

07:59

single device where you get the benefits

08:02

of the of of the te running in the same

08:05

node or you can deploy it on a separate

08:08

device which can be even more secure

08:10

because you have greater isolation there

08:13

also um are some implementations of uh

08:17

arm trust Zone that include integrated

08:20

um Hardware that provides tamper

08:26

resistance um that we're building this

08:28

on top of something called opt the open

08:31

portable trusted execution environment

08:33

which is an enclave implementation

08:35

that's been open source for about 10

08:37

years now and it's a it's a pretty uh

08:39

well supported project and a lot of uh

08:42

commercial implementations are based on

08:44

this reference implementation it runs in

08:47

arm trust Zone and it integrates with

08:50

the the Linux OS for the um the insecure

08:54

or the rich execution environment it's

08:56

loaded by trusted firmware a and it has

08:59

been ported to other architectures like

09:01

Risk 5 but for this phase of the project

09:04

we're going to focus on arm which is

09:06

sort of the dominant processor in uh in

09:10

Mobile and and and becoming uh so for

09:13

desktops and and laptops as

09:16

well um the global platform uh is is an

09:21

API that opt uses and that this project

09:24

will use um it's an international

09:27

standard uh organization and they

09:30

provide two apis the T cant API and the

09:33

T internal core API and by using those

09:36

apis the software should be portable to

09:39

some commercial uh commercial cell phone

09:43

implementations obviously we'd have to

09:45

partner with those companies and get

09:47

whitelisted but that's is a long-term

09:49

goal for the

09:51

project uh our short-term goals are to

09:54

put together a prototype a reference

09:56

implementation and a developer kit um to

09:59

do the integration with

10:01

v um to begin talking to device

10:05

manufacturers you can come find me if

10:08

you're making a device um to get uh some

10:11

more contributors and to start begin

10:13

collecting Community knowledge security

10:15

reviewers uh fuzzers come come get us

10:18

well give me a couple months to get

10:20

further with the software but we'll

10:22

we'll be looking forward to uh

10:24

constructive criticism in that

10:27

area um we we in terms of Hardware you

10:31

know what we'd like to see like the Holy

10:33

Grail is Hardware that's open source has

10:37

no uh no blobs or large binaries in the

10:41

um either the bootloader or the device

10:43

drivers Etc that you can develop with

10:45

without signing a non-disclosure

10:47

agreement that allows the hardware that

10:51

you deploy to be self- Sovereign meaning

10:53

you control the bootloader um and to be

10:56

affordable and widely available we're

10:58

going to have to make some compromises

11:00

on this um there the current prototype

11:03

that we're doing I believe there's one

11:04

blob in the in the in the bootloader but

11:08

um we want to begin the process of

11:11

driving things more towards an open-

11:13

Source uh

11:15

ecosystem so the platforms that we're

11:18

supporting in this initial phase are

11:20

cumu which is a software emulator which

11:22

allows us to develop on you know an x86

11:26

PC or an arm I I use an arm Mac um and

11:31

we're using this uh

11:33

Raja Rock four single board computer

11:36

which has a Rockchip

11:38

3399 which has a full uh trust Zone

11:41

implementation and support for secure

11:43

boot it's uh you can get them for as

11:46

little as like 60 bucks I

11:49

think this is a a diagram of the

11:52

architecture I'm going to go through

11:54

this really quick but there's a client

11:56

app that runs in the Linux World um that

11:59

would be the um the the validating

12:01

lightning signer component that talks

12:03

via seral or tcpip to to the node um or

12:08

maybe even a Unix socket and then it

12:11

talks to the global platform client API

12:13

goes down through the kernel through the

12:15

firmware into the enclave and then the

12:18

signing occurs up here and then the the

12:20

sign messages will come back

12:24

out um you can find uh the project on

12:27

GitHub um it'll eventually have its own

12:29

domain but for now it's just under my

12:31

account and we have a uh a matrix chat

12:35

room inside of the uh it doesn't say it

12:39

but it's it's it's it's part of the V

12:42

project the

12:43

V uh what's it called yeah the VLS uh

12:46

group VLS

12:49

group so yeah like I mentioned we're

12:51

looking for devs so if you're uh

12:53

interested in helping open source um

12:55

come come talk to us uh after the

12:57

presentation and uh uh yeah thank you

13:01

very much uh for for checking us out uh

13:04

we have some links down here if you want

13:05

to if you want to learn more um yeah

13:07

thanks for everyone for the attention

13:11

[Applause]

13:16

[Music]

13:26

[Music]

13:29

a

13:31

[Music]