System Overview

c-Lightning Validating Signer Demo


Core Lightning demo setup with VLS signer.


VLS Integration Modes

VLS components can be integrated with C-Lightning (CLN) or the Lightning Development Kit (LDK).

NOTE - All combinations are not depicted, for example LDK:SERIAL is a valid mode.


VLS integration modes diagram showing CLN with serial/socket connections and LDK with socket.


System Overview

The Lightning Node makes requests to the Remote Signer to generate signatures for lightning operations.


VLS system architecture showing Lightning node connecting to remote signer, UTXO oracles, and state stores for secure transaction validation

Detail:

  • The Remote Signer consists of two processing entities.

    • The Front End has reasonable resources and is connected to the network.

    • The Secure Element has limited resources and is hardened against physical attacks.

  • Validation of a request signing operation may require proof that UTXOs are currently unspent. Requests are made to a (set) of UTXO set Oracles which provide proofs of inclusion.

  • A design requirement is that an exploit which compromises the Front End but not the Secure Element cannot violate signing policies.


Multi-Party Signing

Additional protection may be obtained by using multi-party computation to generate the signatures.


Multi-party signing setup showing Lightning node connecting to multiple remote signers for enhanced security and flexibility.

The Lightning Node makes requests to any one of the Remote Signers. The Remote Signer Front End initiates the multi-party signing operation and relays the resulting signature(s) back to the Lightning Node.

Protocol-Level Signing Flow

Want to see how VLS fits into the Lightning lifecycle?

Check out our Sequence Diagrams for: