Versions Compared

Version Old Version 24 New Version Current
Changes made by

Charles Wernicke

Charles Wernicke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This article implements LND v0.18.1.

...

1. Setup a Bitcoin Core node (as illustrated here).

...

2. Configure Bitcoin Core.

a) Open the Bitcoin Core config file for editing (default shown):

Code Block
sudo nano "$HOME/.bitcoin/bitcoin.conf"

...

  • Note your rpcuser & rpcpass located in the config file for later use (below).

b) Add these additional settings to the config file.

They are required for lnd and bitcoind to communicate.

...

  • Save & exit nano (Ctrl-X).

c) Restart Bitcoin Core to load the new settings.

...

3. Install LND.

a) Download the LND pre-compiled tarball:

Info

Lightning is currently “beta” software. There is no other type (at this time).

  • Don’t be alarmed by the “beta” tag in the filename.

Code Block
latest=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/lightningnetwork/lnd/releases/latest)
lnversion=${latest##*/}
wget "https://github.com/lightningnetwork/lnd/releases/download/$lnversion/lnd-linux-amd64-$lnversion.tar.gz"

b) Verify the file’s integrity (recommended):

See: https://github.com/lightningnetwork/lnd/releases

c) Extract the program to the system path.

Note

WARNING: any existing version will overwritten!

Code Block
sudo tar -C /usr/local/bin --strip-components=1 -xzf "lnd-linux-amd64-$lnversion.tar.gz"

...

4. Configure LND.

Create the default LND directory:

...

  • Add the correct credentials for bitcoind.rpcuser and bitcoind.rpcpass (determined during your Bitcoin Core installation). LND uses the RPC credentials to communicate with Bitcoin Core.

  • Note: the “restlisten” port is an important CAS parameter, and can be changed (as needed) to avoid conflicts with other services that may be running on your node server.

  • the alias “gbdemo-lnd” will be broadcast to the world. Choose another alias carefully.

  • Save & exit nano (Ctrl-X).

...

5. Start the node.

a) Start the daemon.

Code Block
lnd

The node will stop & complain that that the wallet is locked. You’ll need to create one (next).

  • If you already have a LN wallet, unlock the wallet when requested.

b) Create a new LN wallet.

If you already have a LN wallet in place, then unlock it now (in a new window) and skip this step.

  • Do not close the original (daemon) window while unlocking the wallet.

...

Note

You’ll need to unlock the wallet every time you start/restart the Lightning node.

  • Use lncli unlock to unlock the wallet when requested.

...

6. Fund the node.

The node will need to be funded for a channel to be opened. This involves sending an opening transaction to your LN node from a Bitcoin wallet. Obviously, if you already have already funded your node, skip to the next step - you need not fund it again (unless you have insufficient funds).

a) Create a new LIGHTNING deposit address.

A deposit address is required to add BTC to fund your LN wallet. You may create as many deposit addresses as you like; they all fund the same LN node. The BTC sent to the LN wallet remains in the LN wallet until explicitly transferred elsewhere (or spent in LN transactions).

...

Info

A Lightning Channel is a type of temporary ledger that commits a certain amount of Bitcoin to all the contained, aggregate transactions. Think of it as a deposit, an amount that’s held in escrow until the channel is closed. When the channel closes, the tallies are committed to the Bitcoin blockchain (resulting in a finalizing transaction with normal BTC mining fees).

b) Fund the new wallet.

Use: lncli channelbalance to view any existing balances already committed to a channel.

...

  • in this example, I’ve sent a trivial example amount of 20,000 Satoshis to my funding wallet.

  • In production, you’ll send much more (for a larger, more practical channel).

  • See: Funding Guidelines

c) Create (open) a Payment Channel.

Some helpful advice: https://github.com/openoms/lightning-node-management

...

  • The transaction (as with any Bitcoin Tx) may then take anywhere from minutes to hours to confirm.

Info

FUNDING GUIDELINES

Normally, you’ll commit the largest expected transaction amounts to the channel (much more than 20000 Satoshis). This amount is for demonstration only. We can’t suggest a number that fits your needs - only you can possibly have those details.

  • The minimum amount required to open a channel is 20,000 Satoshis (.0002 BTC).

  • Many channels require a minimum of 500,000 Satoshis (.005 BTC).

  • There is no maximum (except what you commit to the funding transaction).

  • The capacity of the channel to which you decide to connect - must be a larger amount.

    • e.g. a channel with a capacity of 1 BTC can only open channels less than 1 BTC.

d) Monitor your payment channel(s).

At any time, check your channel state using the lncli listchannels command demonstrated (above). It will take a certain amount of time to open the channel, but once it confirms (and the channel activates), you’ll see an active channel as shown here, using:

...

Info

Until a channel is fully opened (active), you cannot use your node for transactions!

...

7. Setup a secure tunnel for encrypted communication.

Your CAS server and this node must have a secure method of communicating. Your passphrase and other sensitive information will be passed back & forth, so encrypt (and protect) this communication by using a secure SSH tunnel. You have 2 different tunnel options; never use both (one or the other).

The GB Wallet Tunnel is recommended.

Option 1: General Bytes has incorporated an open-source SSH client into CAS.

Option 2 (unsupported by GB):

Build an SSH tunnel (instead of the GB Wallet Tunnel), see: https://generalbytes.atlassian.net/l/cp/b7j5AVHA

  • For those instructions, set FORWARDED_PORT=8088

...

Tip

Your Lightning node is now functional and ready for CAS.

  • Next, configure your Lightning node for specific use with CAS.

...

8. Prepare the parameters for the CAS Crypto Setting

This final step is also discussed here:https://generalbytes.atlassian.net/wiki/x/AQCOyQ

...

Info

The Parameter string includes these pieces:

url : macaroon : cert

Here’s a simple script to assemble the parameters:

Code Block
url="https://$( wget -qO - ipv4.icanhazip.com ):$( cat ~/.lnd/lnd.conf | grep 'restlisten=' | cut -f2 -d':' )"
macaroon=$( xxd -ps -u -c10000 ~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon )
cert=$( xxd -ps -u -c10000 ~/.lnd/tls.cert )
echo -e "Your assembled CAS parameter string:\n$url:$macaroon:$cert"

  • This script assumes you use the GB Wallet Tunnel.

Details matter.

In the event you have trouble above (or implement a custom solution), manually verify this data:

1. url

The first parameter is the URL, and it varies upon your implementation.

...

  • If the result is empty, STOP. You better restart from the beginning.

  • Whatever number is returned: is the port you’ll need to append to the URL.

The base URL will be one (or the other) of these two:

  1. You used the GB Wallet Tunnel: use the URL or IP of that node server,

    1. e.g. if your public IP is “123.123.123.123”, then the URL will be: https://123.123.123.123

  2. You created your own tunnel, use: https://127.0.0.1

...

Code Block
https://123.123.123.123:8088

2. macaroon:cert

These files are used for secure interprocess communication (between CAS and LND). The contents must be converted & entered as hex in the CAS parameters:

...

Code Block
https://123.123.123.123:8088:0201036C6E6402F801030A10F4E593E228A73119BCD52FCCAC68D6B71201301A160A0761646472657373120472656164120577726974651A130A04696E666F120472656164120577726974651A170A08696E766F69636573120472656164120577726974651A210A086D616361726F6F6E120867656E6572617465120472656164120577726974651A160A076D657373616765120472656164120577726974651A170A086F6666636861696E120472656164120577726974651A160A076F6E636861696E120472656164120577726974651A140A057065657273120472656164120577726974651A180A067369676E6572120867656E657261746512047265616400000620DB23D44E6B093EBDA381B7DDF706D74FC95CAF57591861639102DF98F9A8143A:2D2D2D2D2D424547494E2043455254494649434154452D2D2D2D2D0A4D4949434B7A4343416447674177494241674952414B37706E43587132384F53426E7839416F4B4C65455977436759494B6F5A497A6A3045417749774E4445660A4D4230474131554543684D576247356B494746316447396E5A57356C636D46305A57516759325679644445524D4138474131554541784D49596D7868593274690A623367774868634E4D6A45774F4445344D6A45794D6A51795768634E4D6A49784D44457A4D6A45794D6A5179576A41304D523877485159445651514B45785A730A626D5167595856306232646C626D56795958526C5A43426A5A584A304D5245774477594456515144457768696247466A61324A766544425A4D424D47427971470A534D34394167454743437147534D343941774548413049414244594130456175316E572F30794B6F7050684F77394E7838653038576A61515771394D596B57790A514759486235574D2B7A2B36426D6E59447643484A662B496643362B7842435A704739756153393675426D364941436A67634D776763417744675944565230500A4151482F4241514441674B6B4D424D47413155644A51514D4D416F47434373474151554642774D424D41384741315564457745422F7751464D414D42416638770A485159445652304F42425945464F3743484939364F73796E2F636569664E6964546A68614B6174674D476B4741315564455152694D47434343474A7359574E720A596D393467676C7362324E6862476876633353434248567561586943436E56756158687759574E725A58534342324A315A6D4E76626D364842483841414147480A454141414141414141414141414141414141414141414748424D436F2F6D4F484550364141414141414141414773424E2F2F343978703477436759494B6F5A490A7A6A30454177494453414177525149674C686E787269395775744876485536456859626E42337434594C6E4E5A713544714B665A36584F4F6E356B43495144320A4B446963706457776F7073737277766C355968634A45425A525631344D46764238422B76335A6B744B673D3D0A2D2D2D2D2D454E442043455254494649434154452D2D2D2D2D0A

...

Finally, configure CAS.

Once you have the required information assembled, proceed to configure CAS:

...

Notes

IMPORTANT

A Lightning channel requires 2 Bitcoin transactions:

  • an opening transaction (funding) and

  • a closing transaction (settlement).

The Bitcoin doesn’t return to your original BTC wallet until the Lightning Channel is closed. There are a number of ways a channel may close (some deliberate - some not) but it must be closed to release your BTC funding tx. It will be locked up inside the channel until that final, closing transaction confirms.

  • A BTC mining fee is assessed for the “opening” transaction (funding), and

  • a BTC mining fee is assessed for the “closing” transaction (settlement).

After the channel is closed, it may take up to 2 weeks before the final transaction is posted!

Backups

Your Lightning wallet can be recovered from the seed generated during creation.

Closing a channel:

If you’ve decided that the channel you’ve opened is insufficient (too small) or problematic (bad routing), you can close the channel one of 2 ways.

...

  • Locate channel_point.

  • NOTE: the 2 required parameters are separated by a colon in listchannels.

    • Replace the colon with a space when passing the parameters to closechannel.

  • When active = true, you may close cooperatively. When false, use option 2 (forced).

...

Option 1 (best; cooperative):

Close an active channel with a closing transaction.

  • Request closure using: lncli closechannel funding_txid channel_point e.g.

    • Code Block
      lncli closechannel 926fb8fc1aa69432bcaa7e4aa7b0cf9cde6f24378870b8a22b92eb036175ac1e 1

      • 926fb8fc1aa69432bcaa7e4aa7b0cf9cde6f24378870b8a22b92eb036175ac1eis the funding transaction ID.

      • 1 is the output_index from channel_point

  • The closing transaction should settle and your funds should become available within a few mining confirmations.

Option 2 (forced; unilateral );

Closes any channel, but may take a few weeks to recover your funding. In some situations you have no choice, such as when the channel goes inactive.

...

The BTC will remain in your node until you specifically and manually send them elsewhere.

  • To send BTC from your Lightning wallet, use: lncli sendcoins --addr=<address> --amt=all

...

Additional resources:

https://github.com/lightningnetwork/lnd/blob/master/docs/INSTALL.md

...