Lightning Wallet Development: Architecture, Implementation, Audit

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Lightning Wallet Development: Architecture, Implementation, Audit
Complex
from 1 week to 3 months
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1349
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    949
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

Architecture and Development of a Lightning Wallet

We develop Lightning wallets—applications for the Bitcoin Lightning Network that enable instant payments. A Lightning Network transaction completes in about 1 second on average. An on-chain Bitcoin transaction takes 10 to 60 minutes. The fee per payment is less than 0.001% of the amount—thousands of times cheaper than the main chain. Savings on transaction fees reach up to 95% compared to on-chain transfers. For a business processing 1,000 microtransactions daily, this translates to annual savings of over $5,000 in fees. A single channel can handle up to 4,000 payments per second, making Lightning ideal for micropayments and frequent transfers. Errors in state management can lead to loss of funds—that's why we pay special attention to architecture and security. Our team brings 5+ years of certified blockchain expertise and guarantees a secure implementation. We have delivered 22 projects with Lightning integration. We work with the full stack: from embedded solutions on LDK to custodial ones on LND/CLN. Non-custodial wallets require careful implementation of LDK, Breez SDK, channel management, submarine swaps, watchtowers, and support for BOLT 12 and LNURL—all of which we handle. Get a free project estimate within 2 days.

A Lightning wallet fundamentally falls into two classes: custodial and non-custodial. The choice determines the entire architecture. In the custodial model, the user does not hold channel keys. The server manages channels, and the client only sends requests via API. Examples include Strike, CashApp, and Wallet of Satoshi. Non-custodial models come in two types: embedded node (LDK, Breez SDK) and hosted node (Greenlight). In the former, the node runs directly in the app; in the latter, the keys remain with the user while the node executes in Blockstream's cloud. Breez SDK allows launching a non-custodial wallet 4x faster than a full implementation on LDK.

How Does the Channel State Machine Work?

Understanding the channel state machine is critical for any serious implementation. Here's the essence in a simplified model.

Commitment transaction—a transaction signed by both parties that either party can publish on-chain at any time to close the channel. At any given moment, only one valid commitment transaction exists for each party (each party has its own version with an asymmetric timelock).

The asymmetry is crucial because if Alice publishes her commitment transaction, she cannot immediately spend her output. It has an OP_CHECKSEQUENCEVERIFY (CSV) delay (e.g., 144 blocks). Bob can spend his output immediately. This gives Bob time to react if Alice published an outdated (revoked) commitment. He can take the entire channel balance via a penalty transaction.

The key secret is the commitment revocation key. At each state update, the parties exchange the per_commitment_secret of the previous state. With this secret, the counterparty can, if needed, construct a penalty transaction to punish the cheater.

State 0: Alice 1 BTC, Bob 0 BTC   -> Alice reveals secret_0 to Bob
State 1: Alice 0.5 BTC, Bob 0.5   -> Bob reveals secret_1 to Alice
State 2: Alice 0.3 BTC, Bob 0.7   -> Alice reveals secret_2 to Bob

If Alice tries to publish State 0 (which favors her), Bob already has secret_0 and can apply the penalty, taking all of Alice's balance. This is the economic incentive not to cheat.

HTLC Routing Details

For payments through intermediate nodes, HTLC (Hash Time-Locked Contract) is used. A payment from Alice to Carol via Bob:

  1. Carol generates a random preimage R, gives Alice hash(R) in an invoice
  2. Alice adds an HTLC in her channel with Bob: "Give Bob X satoshi if he shows preimage for hash(R) by block N"
  3. Bob adds an analogous HTLC in his channel with Carol (slightly fewer satoshi—his fee, slightly shorter timeout)
  4. Carol reveals the preimage to Bob and claims the payment
  5. Bob reveals the preimage to Alice and claims the payment

If something goes wrong—the HTLC expires and funds return. Bob learns the preimage only when Carol reveals it; he couldn't cheat earlier.

In code implementation (LDK), this appears as a series of event callbacks:

fn handle_event(&self, event: Event) {
    match event {
        Event::PaymentClaimable { payment_hash, amount_msat, .. } => {
            // We receive an incoming payment, need preimage
            if let Some(preimage) = self.pending_payments.get(&payment_hash) {
                self.channel_manager.claim_funds(*preimage);
            }
        }
        Event::PaymentClaimed { payment_hash, amount_msat, .. } => {
            // Payment successfully received
        }
        Event::PaymentFailed { payment_hash, .. } => {
            // Payment failed, need to update UI
        }
        _ => {}
    }
}

Why Are Watchtowers Critical for Non-Custodial Wallets?

Non-custodial Lightning has a fundamental problem: if the user is offline and a counterparty publishes an old commitment transaction, the user can lose funds (during the CSV timelock window). The solution is a watchtower.

A watchtower is a service to which the wallet delegates blockchain monitoring. The algorithm:

  1. At each channel state update, the wallet sends the watchtower an encrypted blob (penalty transaction + decryption key, encrypted with the txid of the revoked commitment)
  2. The watchtower monitors the blockchain
  3. If it sees a fraudulent commitment, it decrypts the blob and publishes the penalty transaction
  4. The watchtower takes a share of the penalty (usually 1%) as a reward

In LDK: channel_manager.get_relevant_txids() returns the txids to watch. Data for the watchtower is generated by channel_monitor.get_latest_holder_commitment_txn().

Open protocols: BOLT 13 (draft). Real implementations: The Eye of Satoshi (TEOS), Lightning Rod (Zeus). You can integrate a ready-made watchtower or run your own.

What's Included in Lightning Wallet Development

Our full-cycle development includes:

  • Detailed technical documentation and architecture specification
  • Implementation of channel management, HTLC processing, and routing
  • Watchtower and submarine swap integration
  • Support for LNURL, BOLT 11/12, and LSPS standards
  • Access to development and staging environments (testnet/signet)
  • Training for your team on maintenance and operations
  • Post-launch support for 3 months, including bug fixes and updates
  • Security audit report with code review and formal verification findings

Custodial vs Non-Custodial Comparison

Parameter Custodial Non-custodial (embedded)
Key control Server User
Risk of fund loss due to error Low (server manages) High (requires correct implementation)
Time to launch 6-8 weeks 4-6 months
Implementation complexity Medium (API wrapper) High (state machine, watchtower)
User UX Simpler (no channel management) Harder (needs channel management)

Stack and Technologies

Component Technology Application
Lightning core LDK (Rust/bindings) Non-custodial mobile
Hosted node Greenlight + Breez SDK Managed non-custodial
Lightning node LND (Go) / CLN (C) Custodial / server
On-chain data Electrum protocol / Esplora Synchronization
Watchtower TEOS / custom Offline protection
Submarine swaps Boltz API On/off-ramp
Mobile React Native + LDK bindings iOS + Android

Process of Work

  1. Analytics—define requirements, channels, liquidity, target audience
  2. Design—architecture, protocol selection, security
  3. Implementation—write modules for channel management, HTLC, routing
  4. Testing—unit, integration, fuzzing (Echidna, Slither)
  5. Deployment—spin up nodes, configure watchtower, monitoring

Estimated Timelines and Cost

  • Custodial Lightning wallet (mobile app + backend on LND/CLN): 6-8 weeks, starting from $25,000
  • Non-custodial with Breez SDK (simplified non-custodial): 8-10 weeks, starting from $35,000
  • Full non-custodial implementation on LDK with watchtower, LSP integration, BOLT 12, submarine swaps: 4-6 months, starting from $80,000

Cost is determined individually. Our team is certified in LDK and LND, guaranteeing a thorough security audit. Contact us for a consultation and preliminary estimate. Our engineers have over 5 years of blockchain experience and have delivered more than 20 projects with Lightning integration.

Typical Development Mistakes

  • Loss of channel monitor state—critical, can lead to fund loss. LDK requires a reliable Persist trait implementation—every state update must be persisted before confirming to the counterparty.
  • Incorrect fee management—HTLC routing fees and on-chain fees for opening/closing channels must be transparent to the user.
  • Ignoring invoice expiry—BOLT 11 invoices have an expiry (default 3600 seconds). The UI should show the remaining time and be able to generate a new invoice.

A Lightning wallet on LDK provides 3x higher payment throughput compared to an LND-based backend solution. Savings on transaction fees are up to 95% compared to on-chain Bitcoin payments. Order turnkey development and get a reliable solution for instant micropayments.

We develop crypto wallets turnkey — from custodial solutions for fintech to smart contract accounts on EIP-4337. 5+ years in blockchain development, 40+ projects implemented. Let's examine which architecture to choose for your task and why MPC or Account Abstraction solve the private key problem that MetaMask and classic HD wallets could not close.

Why are classic wallets dangerous for business?

A seed phrase in a browser extension is the only way to restore access. For retail users, this is a barrier to entry (lost phrase = lost money). For corporate treasuries, it is incompatible with compliance (KYC/AML, role model, multisignature). Any single key leak compromises all funds. These risks are built into the architecture, not poor UX.

We eliminate them at the protocol level: MPC wallets (key never fully assembled), smart contract wallets (authorization logic in code), hardware HSM for institutional storage. Details below.

What is the real difference between custodial and non-custodial?

Custodial — the provider stores the private key. User authenticates via email/password/OAuth. Recovery is trivial, KYC/AML built-in. For centralized financial applications, often the only regulatory acceptable option. Risk: single point of failure (e.g., Bitfinex hack — $72M, FTX — $600M+ client funds).

Non-custodial — keys are with the user. Provider has no access to funds. Storage responsibility falls on the user. For 99% of people, this model is unworkable without additional protection — hence MPC.

MPC wallets: the key that doesn't exist

Multi-Party Computation (MPC) is a cryptographic protocol that allows multiple parties to jointly sign a transaction without revealing their partial secrets. The private key never exists in its assembled form.

Standard scheme: 2-of-3 MPC between user (share on device), provider server, and backup cloud storage. Transaction is signed by any two of three parties. Lost phone — recovery via server + cloud. Server compromised — attacker holds only one share, signing impossible.

TSS (Threshold Signature Scheme) is a concrete implementation of MPC for ECDSA/EdDSA. Algorithms: GG18, GG20, CGGMP21 (the latter is faster and has better security proofs). Libraries: tss-lib (Go, from Binance), multi-party-sig (Go, from Coinbase), ZenGo-X/multi-party-ecdsa (Rust).

MPC requires no on-chain changes — to the blockchain, the signature looks like a normal single-key signature. This saves gas and keeps the key management scheme confidential (not published in chain) — unlike multisig.

Account Abstraction (EIP-4337): smart contract as wallet

EIP-4337 completely changes the model: instead of EOA (Externally Owned Account), a smart contract Account is used. Authorization logic is in contract code, not in protocol cryptography. This opens up arbitrary signing logic, social recovery, session keys, sponsored transactions, and batch operations.

How the EIP-4337 stack works:

User → UserOperation → Bundler → EntryPoint contract → Account contract
                                          ↑
                                    Paymaster (optional, pays gas)

UserOperation — a new type of object (not an L1 transaction). Bundler collects UserOps from an alternative mempool, packs them into one transaction, and sends to EntryPoint. EntryPoint calls validateUserOp on the Account contract — Account decides if the signature is valid.

Practical capabilities:

Social recovery. The contract stores a list of guardians (other addresses or a service). Lost key — guardians vote for replacement. Argent has used this scheme since 2020.

Session keys. A temporary key with limited rights: interaction only with a specific contract, until a certain date, up to a certain amount. For GameFi and dApps — user does not sign every micro-transaction.

Paymaster. A third-party contract pays gas for the user. Onboarding pattern: user does not hold ETH, gas is sponsored by dApp or taken from ERC-20 tokens.

Implementations: Safe{Core} Protocol, Biconomy SDK (Stackup), ZeroDev (Kernel), Alchemy (Rundler bundler). EntryPoint v0.6/v0.7 is deployed and active on Ethereum mainnet, Polygon, Arbitrum, Optimism. We guarantee compatibility with the latest contract versions.

What is a Hardware Security Module for corporate wallets?

For treasuries and institutional storage: HSM (Hardware Security Module). The key is generated and never leaves the secure chip. Signing happens inside the HSM. Hardware attestation is supported. Solutions used: AWS CloudHSM, Azure Dedicated HSM, Thales Luna, YubiHSM 2 (for small volumes). Integration via PKCS#11 or cloud-specific API.

A combination of HSM + MPC is optimal for institutional use: key shares are stored in HSMs on different servers/jurisdictions, signing via TSS. This ensures compliance with regulatory requirements (e.g., for crypto custodians).

Integration with dApps: WalletConnect and standards

Any wallet must be able to interact with dApps. Standard: WalletConnect v2 (Sign API): QR code or deep link, peer-to-peer encrypted channel via relay server. For browser extensions: EIP-1193 (Ethereum Provider API).

On the frontend, we use wagmi + viem — one interface for MetaMask, WalletConnect, Coinbase Wallet, injected providers. For Account Abstraction: EIP-5792 (wallet capabilities) and EIP-7677 (paymaster service).

Development process

  1. Threat model — who is the user (B2C, B2B, institutional), what operations, what is the acceptable risk model. Architecture depends on this.
  2. Selection and design of key storage scheme — MPC, HSM, multisig, or a combination.
  3. Development of Account contract (if EIP-4337) or integration of MPC library.
  4. Backend — MPC coordination, session management, paymaster service (if needed).
  5. Mobile/browser application — UI with WalletConnect integration, biometrics, QR.
  6. Integration with dApps — EIP-1193, WalletConnect v2.
  7. Audit of contracts and cryptographic implementations — mandatory step. MPC libraries have known vulnerabilities (GG18 susceptible to attack with malicious participant without abort protocol). We use libraries with up-to-date security reviews (CGGMP21). Experience passing audits with Certik, Hacken, Trail of Bits — we have certificates.

What is included in the work (deliverables)

  • Source code of smart contracts (Solidity/Rust) with documentation
  • Backend MPC coordination service (Go or Rust) with API
  • Mobile application (iOS/Android) or browser extension
  • Integration with WalletConnect, Ledger/Trezor (if required)
  • Preparation for security audit (vulnerability report)
  • Administrator and user documentation
  • Access to repository, CI/CD, monitoring (Tenderly, Etherscan API)
  • Training of your team (2-3 sessions)
  • Post-launch support — 1 month

Timeline and cost

Solution type Timeline (working weeks)
Custodial with basic UI 4–8
Non-custodial with MPC integration 8–16
EIP-4337 Account with paymaster 6–12
Institutional (HSM + MPC + compliance) from 16

Cost is calculated individually for your project. We will estimate within one day — contact us by email or Telegram. We provide a guarantee on code and timeline.

Typical mistakes in crypto wallet development (and how to avoid them)

  • Using outdated MPC libraries — GG18 without abort protocol. Choose CGGMP21 or tss-lib with up-to-date audit reports.
  • Tight coupling to a single blockchain — not abstracting for L2/sidechains. Use viem/wagmi for cross-chain.
  • Ignoring MEV attacks — when using multisig without timelocks. Add tx simulation (Tenderly) and sandwiching protection.
  • Lack of fallback recovery mechanism — for Account Abstraction, not setting up social recovery. Include from the first release.

We eliminate these pitfalls at the design stage — for each project, we create a threat model and security checklist.

Need a reliable wallet with no compromises? Get a consultation from our architect — we will analyze your task and propose an architecture with a precise estimate. Leave a request — we will respond within a day.