Skip to content

How Lexe works

Lexe is a self-custodial Lightning wallet that can receive payments 24/7. This page explains what Lexe is and how Lexe achieves this without taking custody of your funds.

The problem: Self-custodial payments are unreliable

The Lightning Network enables fast, cheap Bitcoin payments. But self-custodial Lightning wallets have had a perennial problem: payments don't work reliably.

Earlier solutions tried different approaches. Some let you run a node on a home server, but this required technical expertise, dedicated hardware, and constant maintenance, as well as careful channel and liquidity management. If anything went wrong, you'd miss payments. Mobile wallets tried using push notifications to wake your phone for incoming payments, but payments would still fail if your phone had bad reception, was turned off, or was simply in power-saving mode, due to mobile OS restrictions. The result: unreliable payments that frustrated users.

Custodial wallets solved the reliability problem by holding your keys for you. Payments worked, but you had to trust a company with your Bitcoin.

The tradeoff seemed unavoidable: reliable payments or self-custody, but not both.

Lexe's solution: Your node in the cloud

Lexe takes a different approach: reliable payments without giving up your keys.

Your Lightning node runs on Lexe's servers in the cloud, always available to receive payments, even when your phone is off. Payments just work.

But if Lexe runs your node, doesn't that mean Lexe has access to your keys?

No. This is where secure enclaves come in.

What is a secure enclave?

A secure enclave is special hardware built into modern CPUs that creates an isolated environment. Programs running inside a secure enclave are completely isolated from everything else on the computer, including the operating system and server administrators.

Your Lexe node runs inside one of these secure enclaves; your private keys live inside. It's your own protected space within Lexe's servers, like an embassy on foreign soil. Lexe maintains the infrastructure, but the enclave is your sovereign domain: space they host but cannot enter.

How you stay in control

Secure hardware is only part of the story. How do you know that Lexe is actually running the right software inside the enclave, and not something malicious?

Open source: Lexe's node software is publicly available on GitHub. Anyone can review the code to verify there are no backdoors.

Reproducible builds: The node software can be compiled by anyone to produce the exact same binary that Lexe runs in production. This lets you verify that Lexe is running the public code, not a modified version.

Remote attestation: Before your phone shares your keys with the enclave, it cryptographically verifies that the enclave is running the expected code. This verification is built into the Lexe app and happens automatically.

Together, these guarantees mean Lexe provides the infrastructure but cannot access your funds. You stay in control.

What if Lexe goes away?

Your funds can never get stuck in Lexe. You can close your Lightning channels and withdraw your Bitcoin at any time, even if Lexe is shut down. This is called unilateral recovery: the ability to get your funds back without requiring cooperation from anyone else.

When you enable Google Drive backup, a copy of your encrypted recovery data is stored in your personal Google account, giving you an independent backup. Using an open-source recovery tool, you can decrypt your backup, close your Lightning channels on-chain, and move your Bitcoin to any wallet you choose.

For the full technical security model, see SECURITY.md on GitHub.