Update: We previously stated that users paid 1 satoshi to sign in. We have now corrected that to state you generate an invoice for 1 satoshi, no payment is required.
A Bitcoin Lightning Network authentication tool has gone live at Lapps.co, a website featuring a curated selection of Lightning apps (Lapps). This means that users can “Sign in with Lightning” rather than using a trusted third party such as Google or Facebook.
The authentication tool was created by Rui Gomes, lead software engineer at OpenNode, a Bitcoin payments company. He believes that online authentication is still a tricky problem, which essentially trades your privacy for ease-of-use. Instead, he has created Lightning Authentication to provide a “Proof of Identity” that doesn’t require a trusted third party. It could become the go-to method for logging into websites and apps in the emerging decentralized internet, known as Web3.
“Authentication online is still an unsolved problem. Most web platforms use social sign-in methods which severely compromise your privacy, or they use simple email/password combinations which are easy to forget. Lightning Authentication solves this problem by allowing you to authenticate without giving up any private information,” Gomes told Decrypt.
He mentioned that it provides greater incentives to keep your own personal details private, since they’re connected with your financial details too. “It also aligns the incentive to protect your Lightning identity with the incentive to protect your money (bitcoin) because now they're one and the same,” he added.
Using Lightning for authentication
Lightning is a second layer payments network built on top of Bitcoin, designed for making faster and smaller payments. It is still in development, and there are both signs that it’s growing and that it’s shrinking, but ultimately it’s hard to tell—as Blockstream CSO Samson Mow told Decrypt last week.
But Lightning isn’t just for payments. Everyone who uses it will have a unique identifying number, which won’t be connected to any personal information. And each person essentially has their own password controlling their funds (known as a private key)—which it’s vital to keep safe. But this combination is what enables it to be used as such a powerful means of authentication.
Gomes said, “Your unique Lightning Node ID is not tied to any personal information and can be used as Proof of Identity in platforms that support Lightning Authentication. This means that any individual can prove their identity using a Bitcoin/Lighting node without the need for any government-issued ID, social media accounts, or even an email/password combination.”
“Instead, their Lightning Node ID is used as Proof of Identity, increasing the user's privacy, security, and user experience,” he added.
The Lapps.co Lightning Authenticator is really easy to use. You generate an invoice for 1 satoshi (100 millionth of a bitcoin, worth $0.00008) and that's used for authentication. No payment is needed–and the whole thing takes just a few seconds. And unlike using your mobile phone as an authenticator, you can’t have your Lightning wallet SIM jacked. (But it is possible to be hacked and have your details stolen if you aren’t careful).
The lapp ecosystem
Lapps are a slowly emerging trend in the Bitcoin ecosystem. Essentially, they are applications built on the Lightning network that work using Lightning payments. They allow for micropayments in online applications, which could revolutionize the way we use the internet. Imagine playing a video game, and every gold coin you pick up is a tiny amount of real money, for example.
For now, this Lightning Authenticator just lets you sign into Lapps.co, giving you tools like upvoting cool Lapps or submitting Lapps—you can also sign in with Twitter too—but it could get integrated into the Lapps themselves, or other Bitcoin-related websites. One day, it might be the way to sign into every app. At least, that’s what the Bitcoin hopefuls think.