Lightning Network on ATM with Bitcoin Core, LND and CAS

The Lightning Network can be used with any node software that supports SegWit. In this example, we'll demonstrate the steps to install Lightning with Bitcoin Core. This guide is intended to merely demonstrate specific commands for using this node with CAS.

DO NOT INSTALL NODES ON THE SAME HOST AS YOUR CAS.

If you need an introduction to Lightning. Please learn the intricacies & nuances of the Lightning network at introductory sites such as: https://bitcoiner.guide/lightning/

This article is not intended to describe usage of the Lightning Network or transmission/receipt of payments.

In this example, an LND node will be installed on top of a Bitcoin Core node.

This article implements LND v0.13.1.


1) Setup a Bitcoin Core node (as illustrated here).

2) Open the Bitcoin Core config file for editing (default shown):

sudo nano "$HOME/.bitcoin/bitcoin.conf"

The bitcoin.conf may exist in several places, but only one will be active. You’ll need to determine which one is active to edit the correct file. Search for all config files first:

find / -name bitcoin.conf -print 2>/dev/null

The proper config file will also have a wallet file in the same directory:

find / -name wallet.dat -print 2>/dev/null

  • Note your rpcuser & rpcpass located in the config file for later use (below).

3) Add these additional settings to the config file:

addresstype=p2sh-segwit txindex=1 # Block and Transaction Broadcasting with ZeroMQ zmqpubrawblock=tcp://127.0.0.1:29000 zmqpubrawtx=tcp://127.0.0.1:29001
  • Save & exit nano (Ctrl-X).

4) Restart Bitcoin Core to load the new settings.

5) Download the LND pre-compiled tarball:

Like Bitcoin, Lightning is currently “beta” software. There is no other type (at this time). Don’t be alarmed by the “beta” tag in the filename.

latest=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/lightningnetwork/lnd/releases/latest) lnversion=${latest##*/} wget "https://github.com/lightningnetwork/lnd/releases/download/$lnversion/lnd-linux-amd64-$lnversion.tar.gz"

6) Verify the file integrity (optional but recommended):

  • This checksum will vary between versions. Verify the checksum from

  • The checksum hash for: lnd-linux-amd64-v0.13.1-beta.tar.gz should be:

  • If the two don't match, STOP. Something is wrong; check that you’ve downloaded the same file, and verify from the lnd GitHub site that the hash is correct.

7) Extract the program to the system path.

8) Configure LND:

Create the default LND directory:

Create and secure the LND configuration file:

Open the configuration file for modification:

Add these entries to the lnd.conf file:

  • Add the correct credentials for bitcoind.rpcuser and bitcoind.rpcpass (determined during your Bitcoin Core installation). LND uses the RPC credentials to communicate with Bitcoin Core.

  • Note: the “restlisten” port is an important CAS parameter, and can be changed (as needed) to avoid conflicts with other services that may be running on your node server.

  • Save & exit nano (Ctrl-X).


Start the node.

The node will pause & protest that that the wallet is locked. You’ll need to create one (next).

  • If you already have a LN wallet, open the wallet (when requested) and skip the next step.

Create a new LN wallet.

Open another terminal window. The node (lnd) must continue to run in the background. The screen utility (or tmux) is perfect for this, or you may use 2 separate terminal windows - either way will work.

Enter a new password. You’ll need this password every time you start the node, so make it memorable.

The Lightning node will now begin synchronizing. It won’t take very long, and it depends upon the underlying Bitcoin node. Both nodes must operate simultaneously.

Create a new deposit address.

A deposit address is required to add BTC to fund your LN wallet. You may create as many deposit addresses as you like; they all fund the same LN node.

  • Creates a “Pay to witness key hash”, to which you’ll send Bitcoin to fund a channel (put BTC in escrow).

Fund the new wallet.

If you have not yet funded your wallet, send a small amount of Bitcoin to the address created in the previous step. The minimum amount is 0.0002 BTC (= 20,000 Satoshis).

Wait for the requisite confirmations (normally 3), then check your funding wallet balance:

  • in this example, I’ve sent 20000 Satoshis to my funding wallet.

Create (open) a Payment Channel.

Some helpful advice: https://github.com/openoms/lightning-node-management

You must open a channel to someone else on the Lightning network. It doesn’t really matter who it is, but it should be a channel that fits your specific needs.

  • shows that NO channels are currently open. You can’t send any LN on the network, until you connect a channel to another node, so pick a channel from any suitable explorer.

We’ll use this info (from the Lightning explorer website) to extract 2 required channel details.

  • public key = 03e35a27fa8bfad8675aeb9e96530e7b00e6fa03b571d235f6b4e68cfb4ef9097c

  • node address = 67.207.92.63:9736

The final required piece is the amount. You’ll have to commit a certain amount to the initial transaction, and this will be locked up (you can’t spend the Bitcoin) until the final transaction is broadcast. If you commit 20,000 Satoshis to the channel, then that is the maximum amount you can send back & forth. Normally, you’ll commit the largest expected transaction amounts (in Satoshis) to the channel.

In this example, we’ll commit the trivial amount of 20000 Satoshis. This is the resulting command:

If successful, the request will return the funding transaction ID:

At any time, check your channel state using the lncli listchannels command demonstrated (above). It will take a certain amount of time to open the channel, but once it confirms (and activates), you’ll see an active channel as shown here, using:

  • no channels listed probably means the channel is still pending. It may take hours+ to confirm.

    • use lncli pendingchannels to examine the situation (and other channels that might also be in limbo - such as closed channels).

  • The channel will also automatically deduct the closing transaction’s mining fees from your deposit.

    • e.g. while 20,000 satoshis were deposited, only the local_balance (19,273 satoshis) were available for spending. The current estimated mining fees (727 satoshis) for the closing transaction - are withheld.



Setup a secure tunnel for encrypted communication:

The GB Wallet Tunnel is recommended:

General Bytes has incorporated an open-source ssh client into CAS.

Alternate method (EXPERTS ONLY):


Prepare the parameters for the CAS Crypto Setting

In a text file, on a single line, assemble these parameters. Each parameter is separated by only a single colon (no spaces). This example uses spaces only for clarity of view (don’t use spaces)!

Here’s a simple procedure to assemble the parameters:

Here’s the gory details - in the event you want those instead.

1. url

The first parameter is the URL, and it depends upon your implementation.

Common between both implementations is the “restlisten=” port you set in the ~/.lnd/lnd.conf file (step 8 way at the beginning). The example supplied port “8088”, so if you haven’t deviated from the examples, then we know it’s “8088”. To be certain, you may execute this:

  • If the result is empty, STOP. You better restart from the beginning.

  • Whatever number is returned is the port you’ll need to append to the URL.

The URL will be https://127.0.0.1 if you used the “EXPERTS ONLY” option in the previous step, otherwise the URL will include the public IP of your node server. So, if your public IP is “123.123.123.123”, then the URL will be: https://123.123.123.123

Finally, append the port to the URL:

2. macaroon:cert

The contents of these 2 files must be converted & entered as hex in the CAS parameters:

  • ~/.lnd/tls.cert

  • ~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon

Here’s the 2 discrete lines to accomplish this:

Separate these with colons, and append to the parameter string (which already has the url):


Configure CAS.

  1. Create (or modify) a Crypto Setting for use with your lnd node.

  2. Select “lnd” as your “Hot Wallet Buy” provider, and

  3. enter the parameters (assembled above).

  4. If implemented (highly recommended) enable the Wallet Tunnel and enter the password.


Save it!


Test it.

  • Green means “go”.

  • Now you know that CAS is communicating with your Lightning node, it’s time for final leg.


LNURL

The next step is to enable Lightning wallets to interact with your CAS. Lightning is different from other coins; it will ask for the wallet address after inserting the fiat. CAS will communicate with your node and your customer’s wallet in separate channels while creating this transaction.

Expose the LNURL on your CAS server:

This endpoint must be certified (via a CA), proxied, and publicly accessible from the Internet. The User’s wallet app will connect to it directly when your customer scans their LNURL QR code.

Create the lnurl configuration file.

This file enables LNURL withdrawals (for BUY transactions).

Create the /batm/config/lnurl file:

Add this single line to the file:

  • Replace agent86.yourcasdomain.com with your publicly accessible, proxied LNURL domain name.

    • When accessed in a web browser, the URL should connect, displaying just: BATM LNURL REST Service

  • The site must support HTTPS & the URL must specify HTTPS.

  • The URL should have no trailing “/”.

Save the file (Ctrl+X).


Closing a channel:

If you’ve decided that the channel you’ve opened is insufficient (too small) or problematic (bad routing), you can close the channel one of 2 ways.

First, get the channel details:

  • Locate the channel_point.

  • When active = true, you may close cooperatively. When false, use option 2 (forced).

Option 1 (best; cooperative):

Close an active channel with a closing transaction. Simply post a close request using:

  • NOTE: the 2 parameters are separated by a colon in listchannels. Replace the colon with a space when passing the parameters to closechannel.

  • Your funds should be available within a few mining confirmations.

Option 2 (forced; unilateral );

Closes any channel, but may take a few weeks to recover your funding. In some situations you have no choice, such as when the channel goes inactive.

  • The funds may take a few weeks to return to your wallet. Use only as a last resort!


 

Additional resources:

https://github.com/lightningnetwork/lnd/blob/master/docs/INSTALL.md

https://github.com/alexbosworth/run-lnd

https://docs.lightning.engineering/lightning-network-tools/lnd/wallet

https://docs.lnpay.co/api/lnurl-withdraw/how-does-lnurl-withdraw-work


Copyright © 2020-2024 General Bytes USA LLC