The setup/problem: I have two lightning nodes: (A) a Casa lightning node ("Casa-Node") that I trust in my apt, and (B) a BTCPay lightning node hot-wallet ("hot-wallet node").
BTCpay makes it REALLY easy to integrate a btc and lightning payment pipeline into my website, however the btcpay website has a warning the lightning wallet is a hot wallet, unsafe(ish):(
I’d like to use my Casa node with BTCpay but they don’t have that functionality yet. I don’t want to simply put thousands of dollars on my BTCpay LN hot-wallet, as I don’t trust it.
A potential solution? Came up with this idea: use my Casa Node as my primary routing node with payments coming in from strangers, and have only one channel between my Casa Node and my Hot Wallet Node..so all payments requests generated by the Hot Wallet Node get routed through the Casa Node, and I can easily balance the Casa/HotWallet, channel balance as needed (at the end of the day, move the funds back to the Casa Node and close that one channel out).
CasaNode = CN Hot-wallet BTCPay node = HWN Other nodes trying to pay HWN: LN1, LN2, LN3
Step 1: Setup my website with BTCPay server, and enable HWN for the lightning payment pipeline. (assume my website is CatToys.info, and I sell four different $25 dollar items..made up but it helps the picture).
Step 2: Create a big channel between my CN (more secure) and HWN. E.g., create a $1,000 payment channel.
Step 3: Create a bunch of random payment channels between CN and other big nodes in the lightning network. These random payment channels increase the odds of a routing path being found between a website customer’s LN node and HWN node (the BTCpay node that is generating the lightning payment request).
Step 4: Random customer browses CatToys.info, checks out via, which causes BTCPayserver to generate a lightning payment request via the HWN node.
Step 5: Customer uses his lightnign node (L1) to pay HWN...the routing proceeds as follows:
- $25 (in btc) from L1 --> CN --> HWN .
Other customer use the same flow:
- $25 (in btc) From L2 --> CN --> HWN
- $25 (in btc) From L3 --> CN --> HWN
Step 6: At the end of the day, HWN has 75 dollars (from the three customers paying 25 each for a cat toy. When I want to "close the store down" (which is a brick/morter thing to say, but just stay with me), I move all the funds in the CN--HWN channel back to CN, so the full $1000 is back on CN (i.e., move 75 back to CN), then close the channel out..
Step 7: if I need to "open the store" for the next day, I just need to recreate a single channel from CN---HWN, which is cheap as it’s only a single channel to open up, and CN is ready to go (always connecting to lots of nodes (and CN is trust worthy)).
This approach would: let me use BTCPay server’s hot wallet (or any wallet that I don’t trust too much) with larger-ish funds, and give my hot-wallet channel instant liquidity by connecting to CN, and I would only need to worry about closing/opening/rebalancing a single lightning payment channel between CN----HWN, instead of trying to constantly open channels with different amounts of funding to keep my website enabled to receive lightning payments.
Thoughts? Would that be safe/secure, and would payments actually be successfully routed to the website okay?