; Example configuration for lnd. ; ; Boolean values can be specified as true/false or 1/0. [Application Options] ; The directory that lnd stores all wallet, chain, and channel related data ; within The default is ~/.lnd/data on POSIX OSes, $LOCALAPPDATA/Lnd/data on ; Windows, ~/Library/Application Support/Lnd/data on Mac OS, and $home/lnd/data ; on Plan9. Environment variables are expanded so they may be used. NOTE: ; Windows environment variables are typically %VARIABLE%, but they must be ; accessed with $VARIABLE here. Also, ~ is expanded to $LOCALAPPDATA on Windows. ; datadir=~/.lnd/data ; The directory that logs are stored in. The logs are auto-rotated by default. ; Rotated logs are compressed in place. ; logdir=~/.lnd/logs ; Number of logfiles that the log rotation should keep. Setting it to 0 disables deletion of old log files. ; maxlogfiles=3 ; ; Max log file size in MB before it is rotated. ; maxlogfilesize=10 ; Path to TLS certificate for lnd's RPC and REST services. ; tlscertpath=~/.lnd/tls.cert ; Path to TLS private key for lnd's RPC and REST services. ; tlskeypath=~/.lnd/tls.key ; Adds an extra ip to the generated certificate. Setting multiple tlsextraip= entries is allowed. ; (old tls files must be deleted if changed) ; tlsextraip= ; Adds an extra domain to the generate certificate. Setting multiple tlsextradomain= entries is allowed. ; (old tls files must be deleted if changed) ; tlsextradomain= ; Disable macaroon authentication. Macaroons are used are bearer credentials to ; authenticate all RPC access. If one wishes to opt out of macaroons, uncomment ; the line below. ; no-macaroons=true ; Path to write the admin macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the admin macaroon in a ; distinct location. By default, it is stored within lnd's network directory. ; Applications that are able to read this file, gain admin macaroon access. ; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon ; Path to write the read-only macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the read-only macaroon ; in a distinct location. The read only macaroon allows users which can read ; the file to access RPCs which don't modify the state of the daemon. By ; default, it is stored within lnd's network directory. ; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon ; Path to write the invoice macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the invoice macaroon in ; a distinct location. By default, it is stored within lnd's network directory. ; The invoice macaroon allows users which can read the file to gain read and ; write access to all invoice related RPCs. ; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon ; Specify the interfaces to listen on for p2p connections. One listen ; address per line. ; All ipv4 on port 9735: ; listen=0.0.0.0:9735 ; On all ipv4 interfaces on port 9735 and ipv6 localhost port 9736: ; listen=0.0.0.0:9735 ; listen=[::1]:9736 ; Disable listening for incoming p2p connections. This will override all ; listeners. ; nolisten=true ; Specify the interfaces to listen on for gRPC connections. One listen ; address per line. ; Only ipv4 localhost on port 10009: ; rpclisten=localhost:10009 ; On ipv4 localhost port 10009 and ipv6 port 10010: ; rpclisten=localhost:10009 ; rpclisten=[::1]:10010 ; On an Unix socket: ; rpclisten=unix:///var/run/lnd/lnd-rpclistener.sock ; Specify the interfaces to listen on for REST connections. One listen ; address per line. ; All ipv4 interfaces on port 8080: ; restlisten=0.0.0.0:8080 ; On ipv4 localhost port 80 and 443: ; restlisten=localhost:80 ; restlisten=localhost:443 ; On an Unix socket: ; restlisten=unix:///var/run/lnd-restlistener.sock ; Adding an external IP will advertise your node to the network. This signals ; that your node is available to accept incoming channels. If you don't wish to ; advertise your node, this value doesn't need to be set. Unless specified ; (with host:port notation), the default port (9735) will be added to the ; address. ; externalip= ; ; Instead of explicitly stating your external IP address, you can also enable ; UPnP or NAT-PMP support on the daemon. Both techniques will be tried and ; require proper hardware support. In order to detect this hardware support, ; `lnd` uses a dependency that retrieves the router's gateway address by using ; different built-in binaries in each platform. Therefore, it is possible that ; we are unable to detect the hardware and `lnd` will exit with an error ; indicating this. This option will automatically retrieve your external IP ; address, even after it has changed in the case of dynamic IPs, and advertise ; it to the network using the ports the daemon is listening on. This does not ; support devices behind multiple NATs. ; nat=true ; Debug logging level. ; Valid levels are {trace, debug, info, warn, error, critical} ; You may also specify =,=,... to set ; log level for individual subsystems. Use lncli debuglevel --show to list ; available subsystems. ; debuglevel=info ; Write CPU profile to the specified file. ; cpuprofile= ; Enable HTTP profiling on given port -- NOTE port must be between 1024 and ; 65536. The profile can be access at: http://localhost:/debug/pprof/. ; profile= ; The maximum number of incoming pending channels permitted per peer. ; maxpendingchannels=1 ; If true, then automatic network bootstrapping will not be attempted. This ; means that your node won't attempt to automatically seek out peers on the ; network. ; nobootstrap=true ; The smallest channel size (in satoshis) that we should accept. Incoming ; channels smaller than this will be rejected, default value 20000. ; minchansize= ; The alias your node will use, which can be up to 32 UTF-8 characters in ; length. ; alias=My Lightning ☇ ; The color of the node in hex format, used to customize node appearance in ; intelligence services. ; color=#3399FF [Bitcoin] ; If the Bitcoin chain should be active. Atm, only a single chain can be ; active. bitcoin.active=true ; Use Bitcoin's test network. ; bitcoin.testnet=true ; ; Use Bitcoin's simulation test network bitcoin.simnet=true ; Use Bitcoin's regression test network ; bitcoin.regtest=false ; Use the btcd back-end bitcoin.node=btcd ; Use the bitcoind back-end ; bitcoin.node=bitcoind ; Use the neutrino (light client) back-end ; bitcoin.node=neutrino ; The default number of confirmations a channel must have before it's considered ; open. We'll require any incoming channel requests to wait this many ; confirmations before we consider the channel active. ; bitcoin.defaultchanconfs=3 [Btcd] ; The host that your local btcd daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; btcd.rpchost=localhost ; Username for RPC connections to btcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; btcd.rpcuser=kek ; Password for RPC connections to btcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; btcd.rpcpass=kek ; File containing the daemon's certificate file. This only needs to be set if ; the node isn't on the same host as lnd. ; btcd.rpccert=~/.btcd/rpc.cert ; The raw bytes of the daemon's PEM-encoded certificate chain which will be used ; to authenticate the RPC connection. This only needs to be set if the btcd ; node is on a remote host. ; btcd.rawrpccert= [Bitcoind] ; The host that your local bitcoind daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; bitcoind.rpchost=localhost ; Username for RPC connections to bitcoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote bitcoind instance). ; bitcoind.rpcuser=kek ; Password for RPC connections to bitcoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote bitcoind instance). ; bitcoind.rpcpass=kek ; ZMQ socket which sends rawblock and rawtx notifications from bitcoind. By ; default, lnd will attempt to automatically obtain this information, so this ; likely won't need to be set (other than for a remote bitcoind instance). ; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332 ; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333 [neutrino] ; Connect only to the specified peers at startup. This creates a persistent ; connection to a target peer. This is recommended as there aren't many ; neutrino compliant full nodes on the test network yet. ; neutrino.connect= ; Add a peer to connect with at startup. ; neutrino.addpeer= ; Set a URL source for fee estimates. ; neutrino.feeurl= [Litecoin] ; If the Litecoin chain should be active. Atm, only a single chain can be ; active. ; litecoin.active=true ; Use Litecoin's test network. ; litecoin.testnet=true ; Use the ltcd back-end litecoin.node=ltcd ; Use the litecoind back-end ; litecoin.node=litecoind [Ltcd] ; The host that your local ltcd daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; ltcd.rpchost=localhost ; Username for RPC connections to ltcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; ltcd.rpcuser=kek ; Password for RPC connections to ltcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; ltcd.rpcpass=kek ; File containing the daemon's certificate file. This only needs to be set if ; the node isn't on the same host as lnd. ; ltcd.rpccert=~/.ltcd/rpc.cert ; The raw bytes of the daemon's PEM-encoded certificate chain which will be used ; to authenticate the RPC connection. This only needs to be set if the ltcd ; node is on a remote host. ; ltcd.rawrpccert= [Litecoind] ; The host that your local litecoind daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; litecoind.rpchost=localhost ; Username for RPC connections to litecoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote litecoind instance). ; litecoind.rpcuser=kek ; Password for RPC connections to litecoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote litecoind instance). ; litecoind.rpcpass=kek ; ZMQ socket which sends rawblock and rawtx notifications from litecoind. By ; default, lnd will attempt to automatically obtain this information, so this ; likely won't need to be set (other than for a remote litecoind instance). ; litecoind.zmqpubrawblock=tcp://127.0.0.1:28332 ; litecoind.zmqpubrawtx=tcp://127.0.0.1:28333 [autopilot] ; If the autopilot agent should be active or not. The autopilot agent will ; attempt to automatically open up channels to put your node in an advantageous ; position within the network graph. ; autopilot.active=true ; The maximum number of channels that should be created. ; autopilot.maxchannels=5 ; The fraction of total funds that should be committed to automatic channel ; establishment. For example 0.6 means that 60% of the total funds available ; within the wallet should be used to automatically establish channels. The total ; amount of attempted channels will still respect the maxchannels param. ; autopilot.allocation=0.6 [tor] ; The port that Tor's exposed SOCKS5 proxy is listening on. Using Tor allows ; outbound-only connections (listening will be disabled) -- NOTE port must be ; between 1024 and 65535 ; tor.socks=9050 ; The DNS server as IP:PORT that Tor will use for SRV queries - NOTE must have ; TCP resolution enabled. The current active DNS server for Testnet listening is ; nodes.lightning.directory ; tor.dns=nodes.lightning.directory ; Enable Tor stream isolation by randomizing user credentials for each ; connection. With this mode active, each connection will use a new circuit. ; This means that multiple applications (other than lnd) using Tor won't be mixed ; in with lnd's traffic. ; tor.streamisolation=true [watchtower] ; Enable integrated watchtower listening on :9911 by default. ; watchtower.active=true ; Specify the interfaces to listen on for watchtower client connections. One ; listen address per line. If no port is specified the default port of 9911 will ; be added implicitly. ; All ipv4 on port 9911: ; watchtower.listen=0.0.0.0:9911 ; On all ipv4 interfaces on port 9911 and ipv6 localhost port 9912: ; watchtower.listen=0.0.0.0:9911 ; watchtower.listen=[::1]:9912 ; Configure the external IP address of your watchtower. Setting this field does ; not have any behavioral changes to the tower or enable any sort of discovery, ; however it will make the full URI (pubkey@host:port) available via ; WatchtowerRPC.GetInfo and `lncli tower info`. ; watchtower.externalip=1.2.3.4 ; Configure the default watchtower data directory. The default directory is ; data/watchtower relative to the chosen lnddir. This can be useful if one needs ; to move the database to a separate volume with more storage. In the example ; below, the database will be stored at: ; /path/to/towerdir/bitcoin//watchtower.db. ; watchtower.towerdir=/path/to/towerdir ; Duration the watchtower server will wait for messages to be received before ; hanging up on client connections. ; watchtower.readtimeout=15s ; Duration the watchtower server will wait for messages to be written before ; hanging up on client connections ; watchtower.writetimeout=15s [wtclient] ; Configure the private tower to which lnd will connect to backup encrypted ; justice transactions. The format should be pubkey@host:port, where the port is ; optional and assumed to be 9911 otherwise. At most one private tower URI is ; supported at this time; if none are provided then the watchtower client will ; be inactive. ; wtclient.private-tower-uris= ; Specify the fee rate with which justice transactions will be signed. This fee ; rate should be chosen as a maximum fee rate one is willing to pay in order to ; sweep funds if a breach occurs while being offline. The fee rate should be ; specified in sat/byte, the default is 10 sat/byte. ; wtclient.sweep-fee-rate=10