You bought Bitcoin. Maybe even without KYC via Bisq, moved it onto your own hardware wallet, set up a full node. Clean work — at the base layer you are sovereign.
But how do you actually pay with it? An on-chain transaction costs anywhere from a few cents to several euros depending on mempool congestion — and you wait at least one confirmation. Useless for buying a coffee. So most people reach for Cash App, Strike, or some other Lightning app that "just works." And in doing so they quietly hand back every bit of sovereignty they worked so hard to build.
Lightning is Bitcoin's payment layer. But whether you stay free on that layer or become an account holder at a regulated provider again comes down to a single question: Who holds your keys?
Custodial vs. Non-Custodial — the distinction that decides everything
Lightning wallets split into two worlds. From the outside they look identical: pay via QR code, instant confirmation, tiny fees. Under the hood they are worlds apart.
Custodial (Cash App, Strike)
- The provider holds your keys
- Legally: Virtual Asset Service Provider (VASP)
- KYC mandatory, transaction monitoring, reporting obligations
- Account can be frozen or closed at any time
- "Tainted coins" (e.g. with darknet history) are rejected
- Total loss possible in case of insolvency, hack, or exit scam
Non-Custodial (Phoenix, Breez)
- You control the keys
- No KYC, no identity verification
- Nobody can freeze your funds
- Nobody can close your account
- No third-party insolvency risk
- Full censorship resistance
Not your keys, not your coins. That applies to Lightning too. Whoever has 50,000 sats sitting at a custodial provider doesn't own Bitcoin — they own a credit claim against a regulated company.
The flip side: non-custodial has historically been inconvenient. You had to source inbound liquidity yourself, manage channels manually, pay on-chain fees for every channel open. That's exactly why so many people end up with custodial wallets. The good news: that reason has largely disappeared over the last two years.
Channel Management — why the inbound liquidity problem exists
Lightning doesn't run on the blockchain — it runs inside payment channels. A channel is a 2-of-2 multisig address between you and a counterparty, secured by an on-chain transaction. Within the channel you can theoretically shift funds back and forth an unlimited number of times — without each individual payment touching the chain.
There are two directions:
- Outbound liquidity: Bitcoin you deposited into the channel. This lets you send.
- Inbound liquidity: Bitcoin your counterparty deposited. Only this lets you receive.
Think of an hourglass. A payment just moves sand from one side to the other — total capacity stays the same. When you start fresh and open a channel, all the liquidity is on your side: you can send, but you can't receive anything. To receive payments, inbound liquidity has to be built up first — either by spending yourself, or by another node opening a channel to you.
What a Force Close costs
If your channel partner goes offline or becomes uncooperative, you can close the channel unilaterally (force close). The costs are always borne by whoever originally opened the channel — regardless of who triggers the force close. And they are structurally higher than a cooperative close:
- 50,000 sats was a typical case reported in the Lightning community
- Over 1,000 USD in extreme cases with many open HTLCs during high-fee periods
- 1 to 14 days lockup (144–2,016 blocks) before your Bitcoin are accessible again
That's why choosing a channel partner is not a minor detail. With a reliable counterparty you'll never experience a force close.
Splicing & LSPs — how Phoenix solves the inbound problem
Phoenix by ACINQ (the team behind the eclair Lightning client) has radically simplified the whole thing. Instead of opening and closing many small channels, Phoenix uses splicing: a single dynamic channel per user whose capacity can be expanded or reduced in live operation — with a single on-chain transaction, without closing the channel.
An incoming payment larger than your current channel capacity? Phoenix automatically splices in new funds. From the user's perspective you just see a single balance — the separation between on-chain and Lightning blurs away.
The catch: Phoenix relies on a Lightning Service Provider (LSP) from ACINQ in the background. An LSP is a service provider that handles the complex channel and liquidity management. That's convenient — but it raises new questions that tend to get overlooked in the custodial debate:
- Centralization: When a handful of LSPs serve the majority of users, they become a single point of failure
- Privacy: Studies have shown that dominant nodes can correlate the origin and destination of up to roughly 50% of payments (and more with stronger collusion) in the network
- Regulation: LSPs could eventually be classified as VASPs themselves, triggering AML/KYC obligations
- Backup dependency: Lose your channel database and your LSP partner is uncooperative — the funds are gone
Phoenix is still a massive improvement over custodial. You hold your keys, nobody can freeze your funds, and you can always withdraw on-chain. For most users' everyday needs it's the pragmatic solution.
But it's not the end of the road.
The real sovereignty level: your own Lightning node
Anyone who takes Bitcoin seriously runs their own full node — and on top of that, their own Lightning node. No LSP, no third-party infrastructure, no metadata being collected somewhere. Just your machine, your internet, your rules.
That sounds like cypherpunk ivory-tower stuff — but it isn't anymore. The last few years have dramatically lowered the barrier to entry:
The achievable stack for everyone
- Umbrel on a Raspberry Pi 4/5 or any Linux machine: plug-and-play full node with integrated Lightning node (LND or Core Lightning), web UI, automatic updates, app store for Bitcoin tools. Once set up, the box sits on the shelf and helps secure the network.
- Alby Hub (or Alby Go for the mobile component): connects to your Umbrel node and delivers the smooth payment experience — Nostr zaps, web login (NWC), mobile wallet — but all keys and channels stay on your hardware. You get the convenience of Strike, backed by your own infrastructure.
- Alternatives: Start9, MyNode, Raspiblitz — all with a similar approach, requiring more or less Linux knowledge depending on your taste.
One-time hardware investment: a Raspberry Pi 5 with at least 2 TB SSD (1 TB is not enough for a full Bitcoin node long-term) currently runs roughly in the 300–400 Euro range. Important: Hardware prices are highly volatile right now — supply bottlenecks for Raspberry Pis and SSDs can shift prices sharply in the short term. Check current prices before buying. Power consumption: around 10 watts — ongoing costs depend heavily on your local electricity rate, which can shift considerably. In return you get:
- Your own Bitcoin full node that can query your hardware wallet without any third-party server
- Your own Lightning node with no LSP dependency
- No third party sees your payments, metadata, or balances
- Full censorship resistance on both layers
- A piece of network infrastructure that makes the entire Bitcoin ecosystem stronger
The moment your own node routes its first incoming sat is the moment you stop being a "Bitcoin user" and become a "Bitcoin participant." Between those two states: one afternoon of setup and a few hundred euros.
When Lightning — and when on-chain is better?
Lightning isn't the answer to everything. The honest breakdown:
Lightning fits
- Micropayments (coffee, tips, Nostr zaps)
- Everyday payments and content streaming
- High frequency, small amounts
- Low fees, settled in seconds
On-chain stays better
- Large amounts (e.g. from a few hundred thousand sats upward — weigh individually)
- Cold storage / long-term HODL
- Transfers between hardware wallets
- Final settlement certainty without a channel counterparty
Conclusion
Lightning is the difference between "I own Bitcoin" and "I use Bitcoin." But just like at the base layer, the question of who holds the keys determines whether you are sovereign or just a customer. Custodial wallets are nothing more than a bank in nice packaging — just without deposit insurance.
The pragmatic sequence for most people:
- Getting started: Install Phoenix or Breez, receive your first sat, make your first payments. Never go back to custodial.
- End goal: Umbrel with your own Lightning node on the shelf, Alby Hub as the mobile interface. No third-party LSP, no metadata leaks, full sovereignty on both layers.
The tools are there. The entry point is achievable. The only question is whether you value your own sovereignty enough to invest one afternoon in it.