is there a VPN‑style service that lets me expose my Lightning node on Clearnet? \ stacker news ~bitcoin

pull down to refresh

is there a VPN‑style service that lets me expose my Lightning node on Clearnet?

394 sats \ 8 comments \ @kidcamaleon 2h bitcoin

Hi all,

I’m looking for a solution similar to a VPN, but specifically designed for people who run Bitcoin or Lightning nodes and want to make them reachable over the clearnet (i.e., with a public IP address). The idea is to have a secure, privacy‑preserving tunnel that lets me host my node on a cloud provider or a home server while protecting my real location and credentials.

So far I can’t find any widely‑used tool or service that fulfills this need. Is there something out there? If not, what are the main obstacles preventing such a VPN‑style solution from being developed for users?

Because I can rent a server and get an IP address, but the goal is that the machine cannot be traced back to the user. For example, one could take a server and offer the entire IPv6 range for a low price, allowing roughly 10000–20000 users to connect using a single 4‑core, 8 GB server vServer.

Thanks!

view all related items

0 sats \ 4 replies \ @SwapMarket 1h

You can rent a VPS at lnvps.net for €1.70/Month, paid by lightning, and configure WireGuard or ssh tunnel if you like pain. Or just pay slightly more to TunnelSats guys to do that for you. But you only need to expose an IP if you plan to sell channels. If you connect to large reliable peers your node can establish outbound clearnet connections and save you money.

0 sats \ 3 replies \ @kidcamaleon OP 1h

thx, I’ll take a look

0 sats \ 2 replies \ @kidcamaleon OP 1h

VPN WireGuard SSH tunnels are not a pain... and I think the question wasn't quite understood. VPN always provides outbound connectivity; we need inbound in this case. I'm looking for a solution, and if it works, it's all out of pure curiosity… my mind also needs to train a bit on private and public channels.

0 sats \ 1 reply \ @SwapMarket 19m

sure, not too much pain if you are good with routing tables and firewalls. I consulted gpt the last time I did it. opening ports for connections from the outside world takes balls and patience.

private channels are just the ones not announced via gossip. so the sender does not know how to reach your node and you need routing hints in your invoices.

0 sats \ 0 replies \ @kidcamaleon OP 12m

You don’t have to. Just add a bit of firewalling, use IPv6 exclusively, and give every user a strict IPv6‑only VPN tunnel dedicated to the Bitcoin/Lightning protocol. Maybe a bit more – you could use WireGuard, but roll it out with a Tailscale‑style configuration.

0 sats \ 1 reply \ @kidcamaleon OP 2h

thx. For myself and the public – so there’s currently no dedicated service for this, which I think makes it a nice niche opportunity. Just out of curiosity: my “baby” node can run fine on a VPS hosted by a German cloud provider; I can set up a few private routes and that’s all. But offering such a setup to others sounds like a great idea.

0 sats \ 0 replies \ @DarthCoin 1h

Yes, you can host it on a VPS, if you run a LND in neutrino node, otherwise running a full BTC node to back that LN node is very expensive.

But what you can do, as I said in the other msg, is to use that VPS as your personal VPN tunnel for your home node. Please pay attention to the guide I've sent you.

0 sats \ 0 replies \ @DarthCoin 2h

https://tunnelsats.com or use a VPS with a VPN This is onne of the best guides ever existed for such scennarios: https://github.com/TrezorHannes/Dual-LND-Wireguard-VPS

The important question you should ask is: what kind of LN node you want to run?

private, with only few private channels
public, for routing with lots of channels

Because for each case there are solutions and methods.