In a significant development for the Bitcoin Lightning Network, the Validating Lightning Signer (VLS) beta release has been announced, aiming to address the growing security concerns within the network. The VLS solution, an open-source Rust library and reference implementation, separates a user’s private keys from their Lightning node, providing an extra layer of protection against potential compromises and theft of funds. According to the announcement, VLS offers a level of security unmatched by other solutions in the ecosystem.
“We’re thrilled to announce the VLS beta release, a major step forward for Lightning network security, and we’re excited to share it with developers and companies in the Bitcoin ecosystem,” stated the VLS team. They encouraged developers and companies to try out the VLS Beta release, participate in the feedback process and test the software with sample CLN or LDK nodes to help enhance the security of the Bitcoin Lightning Network.
The VLS beta release introduces various features designed to safeguard against malicious nodes and enhance user protection. These features include working with CLN and LDK, encrypted cloud state backup, disaster recovery capabilities, a complete set of Layer 2 and Layer 1 validation rules, heartbeat generation and an allowlist for approved destinations. However, it’s important to note that while VLS is secure against common ways of stealing user funds, it may not cover all possible scenarios of fund loss. Therefore, the team advises running VLS in testnet or with limited funds until the production release.
VLS provides a unique approach to Lightning Network security by sequestering private keys and secrets in hardened policy signing devices. The reference implementation in Rust ensures that proposed transactions are safe to sign by applying a comprehensive set of validation rules. By incorporating UTXO Set Oracles to provide proofs of unspent UTXOs, VLS offers additional protection even in the case of a complete compromise of the node software.
Looking ahead, the VLS roadmap includes plans to run signers on platforms with limited resources, improve performance for embedded processors, and add features such as extended BOLT-12 support and VSS integration. Additionally, the team aims to enable the use of multiple signers using multi-sig with Lightning keys, pending the maturity of key protocols like Taproot, MuSig2 and FROST.
The VLS beta release represents a significant advancement in securing the Bitcoin Lightning Network and holds promise for developers, companies and users seeking enhanced protection for their funds within the network.