Lightning Watchtower Services Compared

What Lightning Watchtowers Do

A watchtower is a third-party service that monitors the Bitcoin blockchain on your behalf, watching for attempts by a channel counterparty to broadcast a revoked commitment transaction. If a breach is detected, the watchtower broadcasts a justice transaction that sweeps the entire channel balance to the honest party as punishment.

Without a watchtower, your Lightning channel is only protected while your node is online. If your node goes offline for an extended period, a malicious counterparty could attempt to close the channel using an old state that favors them. The CSV timelock on commitment transactions provides a window to respond, but only if something is watching.

Watchtower Implementations Compared

Each major Lightning Network implementation handles watchtower functionality differently. The following table summarizes the current state across LND, CLN, Eclair, and LDK.

How the Encrypted Blob System Works

LND's watchtower protocol uses an encrypted blob approach that preserves privacy. Each time a channel state is updated, the client sends two pieces of data to the watchtower:

• A breach hint (locator): the first 16 bytes of SHA256(txid) of the commitment transaction, used to scan new blocks
• An encrypted blob: a fixed-size payload (281 bytes for legacy/anchor channels, 300 bytes for taproot) containing the justice transaction data, encrypted with ChaCha20-Poly1305

The encryption key is derived from the full transaction ID, so the watchtower can only decrypt the blob after the revoked commitment appears on-chain. Until then, the watchtower holds opaque data and cannot learn anything about your channels, balances, or counterparties. The fixed blob size prevents the watchtower from inferring channel capacity or transaction complexity.

The BOLT 13 draft specification, authored by Sergi Delgado Segura and Patrick McCorry, formalizes this approach and defines three payment models for watchtowers: on-chain bounty (output in the penalty transaction), micropayments per appointment, and subscription.

LND: Built-In Watchtower

LND is the only major Lightning implementation with a complete built-in watchtower server and client. Shipped in v0.7.0-beta (July 2019), it supports both running a watchtower for others and connecting to external watchtowers as a client.

To run an LND watchtower server, add watchtower.active=1 to your lnd.conf. The server listens on port 9911 and generates a unique public key separate from your node's Lightning identity. To connect as a client, enable wtclient.active=1 and add towers via lncli wtclient add [pubkey@address:port]. Two LND nodes can serve as each other's watchtowers simultaneously.

LND currently operates in altruist mode only: the watchtower returns all victim funds (minus on-chain fees) without taking a reward. Code for reward mode exists in the codebase but has never been officially enabled. The default justice transaction fee rate is 10 sat/vbyte, configurable via wtclient.sweep-fee-rate.

Note: LND watchtowers currently back up to_local and to_remote outputs from revoked commitments. HTLC output backups are planned for a future release.

CLN + Eye of Satoshi (TEOS)

Core Lightning does not include a native watchtower. Instead, it relies on the commitment_revocation plugin hook, which hands signed penalty transactions to external services. The primary watchtower for CLN is The Eye of Satoshi (TEOS), a BOLT 13-compliant watchtower written in Rust by Talaia Labs.

TEOS consists of two components: teosd (the watchtower server) and watchtower-plugin (the CLN client plugin). The plugin sends appointments to registered towers on every commitment update and tracks their responses. TEOS was originally written in Python before being rewritten in Rust, and was funded by a Spiral (formerly Square Crypto) grant. It supports Tor and Docker deployment.

Eclair and Phoenix: A Different Approach

Eclair, ACINQ's Scala implementation, does not include watchtower support. Instead, ACINQ has taken a fundamentally different approach with Phoenix wallet: since Phoenix only connects to ACINQ's own LSP nodes, ACINQ is always the channel counterparty. Because ACINQ has funds at stake in every channel (as the funder with a non-zero reserve), they have an inherent economic incentive not to broadcast revoked states.

Phoenix sends encrypted channel backups to ACINQ's servers, and recovery requires only the seed phrase. This model trades the generality of a watchtower protocol for a simpler trust assumption: you trust that your LSP will not attempt to cheat when they have more to lose than to gain.

LDK: Watchtower Building Blocks

LDK does not ship a complete watchtower but provides the primitives to build one. The ChannelMonitor type exposes methods for extracting commitment data, and the Persist trait allows developers to implement custom persistence strategies, including watchtower-style remote monitoring. LDK's architecture explicitly separates off-chain channel management from on-chain enforcement, making it possible to run the enforcement component on a separate host.

Hosted Watchtower Services

The watchtower market is dominated by free, altruistic services rather than commercial providers. LND's reward mode, which would enable paid watchtowers natively, has never shipped. Here are the known options:

• LightningNetwork.plus (LN+): a free altruistic watchtower for LND nodes, available over both clearnet and Tor
• Community watchtower lists (e.g., LightningHoarder.net) maintain directories of public LND watchtower addresses that can be added in bulk via the CLI
• Olympus (Bitcoin Lightning Wallet): a watchtower using Chaumian-style ecash tokens at roughly 1 sat per stored commitment, though BLW is no longer actively maintained

No widely adopted commercial paid watchtower services exist as of 2026. The lack of a reward mechanism in shipping software means watchtower operators have no protocol-level way to earn revenue, limiting the sustainability of hosted services.

Self-Hosted vs. Hosted Watchtowers

Running your own watchtower gives you full control but adds operational overhead. The following table compares the tradeoffs.

The strongest setup combines both approaches: run your own watchtower on a separate machine in a different location, and also connect to one or two public towers as backup. LND supports connecting to multiple watchtowers simultaneously.

Privacy Properties

Watchtower privacy is a critical design consideration. The encrypted blob approach used by LND and TEOS ensures that watchtowers hold minimal information about your channels:

• The watchtower cannot identify which channels the blobs correspond to, nor can it determine channel peers, capacity, or balances
• Blobs are fixed-size (281 or 300 bytes), preventing inference from payload size
• The decryption key is only derivable after the full transaction ID appears on-chain during a breach
• Client-watchtower communications use ephemeral keypairs to mitigate long-term tracking

The primary privacy leak is metadata: the watchtower observes the frequency and timing of state updates, which could reveal channel activity patterns. Using Tor (supported by both LND and TEOS) helps protect network-level identity. Distributing state updates across multiple towers further limits any single tower's visibility, though it increases the number of parties with partial metadata. For more on Lightning privacy, see our Lightning Network privacy analysis.

Anchor Outputs and Fee Bumping

Anchor outputs fundamentally changed watchtower design. Before anchors, commitment transactions were signed with a fixed fee rate agreed upon at signing time. If on-chain fees rose significantly between signing and broadcast, a justice transaction might not confirm before the timelock expired, letting the attacker escape with stolen funds.

With anchor outputs (defined in BOLT 3), each commitment transaction includes two small outputs (330 sats each) that allow either party to fee-bump via CPFP. This means a watchtower can dynamically adjust the fee of a justice transaction after broadcast, dramatically improving reliability. The tradeoff is that watchtowers (or the node itself) must maintain a reserve of UTXOs for fee bumping, adding operational complexity. LND added watchtower support for anchor channels in v0.12.0 (2021) and for simple taproot channels in 2024.

When Do You Need a Watchtower?

Not every Lightning user needs a watchtower. Use the channel calculator to understand your channel exposure, then consider these factors:

You likely need a watchtower if:

• You run a routing node with significant channel balances and cannot guarantee 24/7 uptime
• You operate a mobile Lightning wallet that spends extended periods offline
• You have channels with peers you do not fully trust
• Your channels have long CSV timelocks (e.g., 144+ blocks) giving you more response time, but you still want insurance

You may not need one if:

• You use an LSP-based wallet like Phoenix, where the LSP has an economic incentive not to cheat
• Your node maintains near-perfect uptime with monitoring and alerting already in place
• You use a protocol like Spark that handles channel management differently, eliminating the need for constant breach monitoring

Frequently Asked Questions

What is a Lightning Network watchtower?

A watchtower is a service that monitors the Bitcoin blockchain for channel breaches while your node is offline. If a counterparty broadcasts a revoked commitment transaction, the watchtower detects it and broadcasts a justice transaction to claim the full channel balance as a penalty. The watchtower holds encrypted data that it can only decrypt when a specific breach occurs, preserving your privacy during normal operation.

Does LND have a built-in watchtower?

Yes. LND has included both a watchtower server and client since v0.7.0-beta, released in July 2019. The server runs in altruist mode (no reward for the operator) and supports legacy, anchor, and taproot channel types. Enable the server with watchtower.active=1 in lnd.conf, and the client with wtclient.active=1.

Can a watchtower steal my funds?

No. The justice transaction that a watchtower broadcasts sends all funds to a sweep address controlled by your keys. The watchtower never has access to your private keys and cannot redirect funds. In altruist mode (the only mode currently shipping), the watchtower does not even receive a reward from the penalty. The worst a malicious watchtower can do is fail to act during a breach, which is why connecting to multiple independent watchtowers provides redundancy.

How much storage does a watchtower need?

Each state update stored by an LND watchtower consumes 281 bytes (for legacy and anchor channels) or 300 bytes (for taproot channels). For a watchtower serving hundreds of channels with thousands of state updates each, storage requirements are modest: a few hundred megabytes at most. The main storage requirement is the Bitcoin blockchain itself (~600+ GB), since the watchtower must run a full Bitcoin node to monitor for breaches.

Do I need a watchtower if I use Phoenix wallet?

Phoenix takes a different approach that eliminates the need for a traditional watchtower. Since all Phoenix channels connect to ACINQ's LSP, and ACINQ has funds at stake in every channel as the funder, they have a direct economic disincentive to broadcast revoked states. Phoenix also sends encrypted backups to ACINQ's servers, so recovery only requires your seed phrase.

What happens if the watchtower is offline during a breach?

If the watchtower is offline when a revoked commitment transaction is broadcast, it cannot respond. The CSV timelock (typically 144 blocks, or roughly 24 hours) provides a window during which anyone with the revocation key can broadcast the justice transaction. If neither your node nor any connected watchtower responds before the timelock expires, the attacker successfully steals funds. This is why connecting to multiple independent watchtowers is recommended.

Are there paid watchtower services?

As of 2026, the watchtower market is primarily altruistic. LND's reward mode (which would let watchtower operators earn a portion of penalty funds) has existed in the codebase since 2019 but has never been officially enabled. The BOLT 13 draft specification defines subscription and micropayment models, but no widely adopted commercial watchtower services have emerged. Free altruistic watchtowers are available from community providers like LightningNetwork.plus.

This tool is for informational purposes only and does not constitute financial advice. Watchtower implementations and services evolve rapidly. Always verify current software versions and service availability before relying on a watchtower for channel protection.