Maybe in about the past few weeks, I had gotten started and even set myself and the other person up with BlueWallet because I erroneously thought (and had heard) that the BlueWallet was non-custodial, but then when I looked at
https://walletscrutiny.com/ as had been suggested by n0nce in the below-attached post, I saw that BlueWallet
came up as custodial - like they had claimed to have been custodial in earlier times, but the walletscrutiny team determined that they were not non-custodial as BlueWallet had claimed...
Last I checked (a good while ago), the on-chain wallet was non-custodial, while the Lightning was custodial; maybe that's there the confusion is coming from. It's entirely possible that they switched everything to custodial, though.
Thanks for going over each of the areas of my questions and topics n0nce, and there are likely a lot of us who hesitate to discuss too many of these kinds of ideas in terms of our own set-ups, and maybe we even hesitate to talk about certain kinds of software that we use or hardware devices that we use because we are not always completely comfortable in terms of understanding the various ways in which we might end up being vulnerable to attacks... whether the potential attacks might be in-person or someone fishing our information regarding some of our transactions in remote ways...
In regards to the BlueWallet specifically, I might be phrasing some of these matters wrongly, so I understand that even if the wallet might allow you to back up, that would not cause it to be completely non-custodial, if the developer still retains a copy of the private keys.
With the BlueWallet, there is an ability to keep a back-up of the onchain wallet private keys and also there is an ability to keep a copy of the lighting network private keys. They also allow you to create a "Vault" and they say that is "Best security for large amounts".. but I have not tried the "Vault" wallet.. especially if I am already having some hesitancies in regards to the BlueWallet service as a whole.
In spite of some repetition, for me, to some extent, I get some sense that the wallet could be non-custodial and that I am retaining the ONLY way to access the funds when I am given the ability to back up the wallet in each of the kinds of ways.. so that if I ever were to lose my phone or break my phone, then those back up keys would be the ONLY way that I could regain access back to the funds.. .but the mere fact that I am able to keep a copy of those keys would not establish that I am the ONLY one who has the back up keys.
I probably got that wrong information from a podcast a year ago or so, and it just stuck in my head.
My use of the walletscrutiny service caused me to search further to see if there might be some other wallet app that I could use on IOS that could achieve my objective in terms of having open source software and also to be non-custodial... but also to be able to have both lightning network and a bitcoin main chain wallet app within the same wallet app.
[...]
The question for me is what to do. Maybe just use one of those services and consider it as if it were custodial rather than non-custodial.. and keep only a relatively small amount of value on any (or all of them) as cAPS had been considering just a few posts back - until some better wallet is verified for IOS that meets my objectives?
Your best options are probably still Breez and Phoenix; maybe
consider building them yourself directly from source, that way you circumvent the risk that exists when the provided binary differs from the source code.
build myself seems way above my current talents - even to be able to read code without my eyes glazing over....
Do keep in mind they're both Lightning-only wallets.
It would be nice to have both lightning and mainchain on one wallet because there is a certain amount of desire to continue to spread ideas of similar wallet use, and to say: "here's where you start.. this wallet has both on chain and lightning capabilities."
On mobile apps, I always recommend keeping very minimal amounts, anyway.
For sure there are a variety of reasons to try to constrain oneself to smaller amounts on mobile apps, but sometimes people will get lazy too.. or maybe not realize price changes.. and so sometimes there will end up being way more value contained in places where it should not be... I am even guilty of similar bad practices - even when supposedly knowing better.
Your friend could actually also just spin up a Linux VM on their desktop computer and install this 'full node install guide':
https://bitcointalk.org/index.php?topic=5366854.0In RTL web interface, you get access to an on-chain and Lightning wallet, as well as of course getting the whole power and abilities of Bitcoin Core and electrs.
I know a lot of people who are very limited in their computer abilities, and sometimes I am wondering why I am showing them things - but easy basic tasks are sometimes not known how to do. Remember the people who thought that AOL was the internet? Those people still exist, and sometimes there is a wonder how anything can get done... just in terms of saving files, copying files, maintaining a back up.. knowing the difference between an app from the internet and running something on a browser.. both challenges with the basics, and seeming failures to want to learn and even recognizing why some steps are important.
I understand that sometimes there can also be reluctance to attempt to teach people who do not seem to be trying very hard, yet sometimes we have relations with these people and even reasons to continue interact with hem for a variety of other reasons and computing (sharing information in that format) seems to come into the mix and also these days being able to transmit value. and there are further benefits to using bitcoin/lightning network over distances, including that other people are potentially in the network of possible bitcoin recipients (and then senders of bitcoin too.. once they have it and get used to it).
I guess I am trying to say that there is so much temptation to use custodial services like Coinbase or some other exchange, or maybe they would be o.k. with using square app, and yet I have such a hard time accepting to just let it be.. because I will likely be interacting and sending value and at the same time thinking that I should not be supporting and enabling some of these problematic services. whether rug pull, privacy or just the fact that some of them are honey pots or the owners of the service are gambling within any BTC that they might hold in such fractional reserve system.
I will admit that walletscrutiny seems to be more critical of BlueWallet because BlueWallet claims to be non-custodial when it is not... but in the end if the open source software is not verifiable on any of the IOS lightning network wallets that I know about, then I am not sure if that puts any of those other IOS wallets (such as breez, phoenix or muun) at any kind of superior security position as compared to BlueWallet.. so in the end, all of the ones that I have seen so far seem to require some level of trust.
Any recent updates or new in this direction, or do I (we?) just continue to watch the space for ongoing developments?
Well, non-custodial and non-reproducible are two different things.
Yes.. I realize that they are two different concepts, but the practical implications still might end up playing out similarly.. at least in terms of not being able to trust the service as much, but for different reasons... depending on which one it is.... and whether one is worse than another might depend upon context..
Of course, the latter wallet could also be custodial (as we can't verify it), while continuing to push code on GitHub that makes it appear non-custodial. I personally doubt that the developers maintain 2 code bases; one that is published online to give this false sense of security, while a second code-base is used for the various provided builds.
That said, sadly I can't give you a good answer. Personally, I use Core Lightning as explained in the guide above, and interface it from everywhere through Tor.
Yes.. I understand that Tor is another way to gain some possible privacy - and yet another layer for trying to both understand and to troubleshoot if there might be issues that might come up through that, as well.
... Lots of good JJG talking asking about how to se a noob up with a non-custodial lightning wallet...
Glad you are here JJG, and glad you are working to set up a friend.
Oh, and thanks for your response, and I appreciate the framing of the issues.
Likely many of us who have been into bitcoin for a while have had quite a few interactions with a variety of friends/acquaintances in regards to various ways for them to get into bitcoin and to get exposure to bitcoin and even trying to figure out their level of interest or willingness to act or to learn, and depending on their interests and our reasons for agreeing to interact with them on the topic, can contribute to all kinds of dynamics.
In this particular case, I have some self-interest as well, and there are some desires to both spread the bitcoin word but also some of my funds are going to be factored into various possible ways to either go forward with some of these relations and to attempt to achieve certain purposes, but also various kinds of set ups for these relations could be models for some other kinds of potential future (business) relations.
I personally consider non-custodial lightning to still be generally cutting edge. There are a lot of user friendly options for wallets that are a compromise, but there are costs to using these. I will explain.
I was starting to get that sense, and it may well be a bit more of a difficult task to achieve non-custodial with lightning based on the way it is designed, and even some of the earlier expectations in the design that nodes had to be "on" at the time of receiving funds.
There are basically three ways to do lightning transactions:
1. Run your own node. (Zeus, Zap, Fullynoded <- on the phone ... Raspiblitz,Umbrel,DYI, etc for node)
Pluses:
-as non custodial as it gets
-high privacy
-you are running a bitcoin node and supporting the network (thankyouverymuch)
-FUN! WHEE!
Sure, I have been considering doing something like this... yet surely even I don't have all the time in the world, in spite my long posts in the forum.
I do have a few extra computers that I could set up as nodes - even just running bitcoin core.. and then I suppose once bitcoin core is running, then setting up a lighting node would be the next step to enhance - having then both a bitcoin node and a lighting node.. which would then give more options, as you mentioned. I cannot really commit to setting it up in the near future based on some things that I have going on with my life..and surely, there is some need for learning, attention and just some ability to set aside some time for that.
It would also be one step at a time. First figuring out which computer I want to use. Making sure I have enough space that is free on the computer.. I have a few 2 TB drive computers, so space should be able to be found.. like clearing out most of the other stuff on the drive.. so the computer would mostly be used for only running the node and maybe just other basics, but not really running any other software on any regular basis.. and probably Macs, too... and then once a I had the computer selected and somewhat prepped by freeing the space, synching with Bitcoin Core or maybe some other software if I consider that to be preferable, and then maybe get used to interacting with that bitcoin core node prior to adding a lighting core.. so one step at a time and learning along the way, too.
Fun wee.. yeah.
Minuses:
-meh connectivity/success rate without many well funded channels
-technically too difficult for even the average IT professional to do well (lol)
-massive risks around maintenance and failure.
Maybe by the time that I get to this next step of adding lightning (after starting with a core node), there might be some updates to make it easier for some of us less technically inclined (less technically adventurous) folks.
2. Use a 'middleground' non-custodial wallet:(Muun, Phoenix, Breez)Pluses:
-Non-custodial with asterisks*
-pretty damn easy to use
-connectivity is USUALLY decent. Payments tend to succeed.
* Various compromises are made to achieve this mix of benefits. And each wallet has different tradeoffs. Muun uses
Turbo Channels, Phoenix requires a minimum balance and will close and open channels based on usage. Breez has had the least good connectivity in my experience (that said, it's been a minute maybe I should test again)
Minuses:
-Fees can seem inconsistent (this is complicated I will explain below)+
-walletsecurity.com does not approve of any of these currently
-Connectivity/payment success can still be sketchy at times
All of that seems to point to making sure to keep pretty low value in those kinds of wallets.
+there are several reasons fees can be weird using these wallets. First of all fees are how they make their money. This is the same as a custodial wallet. You are using THEIR node as the launching point. Imagine running this sort of node. It has to have incredible uptime, security, connectivity, liquidity, and so on. The wallets are basically making your software open a channel to their node (or possibly two for incoming payments) and are using that channel as a proxy to their node. Also Muun, for example, can switch between layer 1 and 2 to make a payment work under certain circumstances. They are maximising payment success over all else...
Yes.. makes sense.
3. Custodial wallets (WoS, Bluewallet, Others)
Pluses:
-Payments are usually successful. HIGH rate.
-Easy to fund. Once funded all tx are lightning
-Fees are generally quite good. Low value tx are zero/cheap, and high value are < on chain.
Minuses:
-NYKNYC
So I have two suggestions.
1. Wallet of Satoshi
For this one you keep as much in it as you would a physical wallet with FIAT bills in it. What's your comfort level of what you would carry there? 20k sats? 100k? 500k? (that's $50, $200, $1000?). You pay a fee to put the money in... but that's it. If you lose it because you want to advocate for trans-gay-anti-vax-catholic-russian-democrat-whatever and you get your funds confiscated? Well... how likely is that? And how much will that hurt? divided by how much does it cost to fund this wallet.
2. Muun
This wallet works well. Has a well connected node, I like the turbo channels tradeoff, and that you can avoid it if you want to. It is simple for non tech people. And it can surprise you with fees now and then because of the compromises it makes as well as the ... well... fees it charges.
So until the middle ground wallets get UX/UI as good as WoS, those are what I recommend.
Also... I think it gets good as companies are able to fine tune value/tradeoffs.
Yes... at some point I may need to experiment a bit more with some of these, and surely there are going to be ongoing developments that might come closer to resolving some of the current trade-offs and/or lack of confidence to put very much funds on those wallets... not that I am ever expecting to get close to the same level of confidence in terms of some of the non-custodial on chain bitcoin wallets... but just having some confidence in terms of how to both attempt to use the lightning network and to recommend newbies to get started and to get familiar with the lighting network.. at least from an attempt to use it for transactions from time to time... a circle of folks with possibly more options.. if it is not too much work to get them set up (or too much work to even get myself set up).
*****POSSIBLE SLEEPER*****
"Simple Bitcoin Wallet" is a non custodial lightning wallet with reproducible (by walletsecurity.com) builds! I have not used this wallet all that much. Good? Bad? I dunno.
It appears that so far that one is for Android only.
+++++Caveats+++++
Bluewallet can be used with your own node. so it is not completel "custodial".
Yes.. my hypothetical possibly some day node..