IOT-Lightning-BridgeSecurity
IOT-Lightning-Bridge is built on a simple principle: the operator should be able to verify everything, and trust nothing they can't verify.
Non-custodial
Payments settle directly on your LNBits or BTCPay node. We never see or hold your sats.
Ed25519 webhook signatures
Every payment confirmation sent to your HA bridge is signed. The add-on verifies the public key before triggering any service.
No card data, ever
Lightning replaces card payments entirely. No PCI scope, no chargebacks, no PII required from the customer.
Fully open-source
MIT-licensed gateway and HACS add-on. Audit, fork, self-host — no proprietary parts in the payment path.