; Example configuration for lnd. ; ; Boolean values can be specified as true/false or 1/0. [Application Options] ; The directory that lnd stores all wallet, chain, and channel related data ; within The default is ~/.lnd/data on POSIX OSes, $LOCALAPPDATA/Lnd/data on ; Windows, ~/Library/Application Support/Lnd/data on Mac OS, and $home/lnd/data ; on Plan9. Environment variables are expanded so they may be used. NOTE: ; Windows environment variables are typically %VARIABLE%, but they must be ; accessed with $VARIABLE here. Also, ~ is expanded to $LOCALAPPDATA on Windows. ; datadir=~/.lnd/data ; The directory that logs are stored in. The logs are auto-rotated by default. ; Rotated logs are compressed in place. ; logdir=~/.lnd/logs ; Number of logfiles that the log rotation should keep. Setting it to 0 disables deletion of old log files. ; maxlogfiles=3 ; ; Max log file size in MB before it is rotated. ; maxlogfilesize=10 ; Time after which an RPCAcceptor will time out and return false if ; it hasn't yet received a response. ; acceptortimeout=15s ; Path to TLS certificate for lnd's RPC and REST services. ; tlscertpath=~/.lnd/tls.cert ; Path to TLS private key for lnd's RPC and REST services. ; tlskeypath=~/.lnd/tls.key ; Adds an extra ip to the generated certificate. Setting multiple tlsextraip= entries is allowed. ; (old tls files must be deleted if changed) ; tlsextraip= ; Adds an extra domain to the generate certificate. Setting multiple tlsextradomain= entries is allowed. ; (old tls files must be deleted if changed) ; tlsextradomain= ; If set, then all certs will automatically be refreshed if they're close to ; expiring, or if any parameters related to extra IPs or domains in the cert ; change. ; tlsautorefresh=true ; A list of domains for lnd to periodically resolve, and advertise the resolved ; IPs for the backing node. This is useful for users that only have a dynamic IP, ; or want to expose the node at a domain. ; externalhosts=my-node-domain.com ; Disable macaroon authentication. Macaroons are used are bearer credentials to ; authenticate all RPC access. If one wishes to opt out of macaroons, uncomment ; the line below. ; no-macaroons=true ; Enable free list syncing for the default bbolt database. This will increase ; start up time, but can result in performance degradation for very large ; databases, and also result in higher memory usage. If "free list corruption" ; is detected, then this flag may resolve things. ; sync-freelist=true ; Path to write the admin macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the admin macaroon in a ; distinct location. By default, it is stored within lnd's network directory. ; Applications that are able to read this file, gain admin macaroon access. ; adminmacaroonpath=~/.lnd/data/chain/bitcoin/simnet/admin.macaroon ; Path to write the read-only macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the read-only macaroon ; in a distinct location. The read only macaroon allows users which can read ; the file to access RPCs which don't modify the state of the daemon. By ; default, it is stored within lnd's network directory. ; readonlymacaroonpath=~/.lnd/data/chain/bitcoin/simnet/readonly.macaroon ; Path to write the invoice macaroon for lnd's RPC and REST services if it ; doesn't exist. This can be set if one wishes to store the invoice macaroon in ; a distinct location. By default, it is stored within lnd's network directory. ; The invoice macaroon allows users which can read the file to gain read and ; write access to all invoice related RPCs. ; invoicemacaroonpath=~/.lnd/data/chain/bitcoin/simnet/invoice.macaroon ; A period to wait before for closing channels with outgoing htlcs that have ; timed out and are a result of this nodes instead payment. In addition to our ; current block based deadline, is specified this grace period will also be taken ; into account. ; payments-expiration-grace-period=30 ; Specify the interfaces to listen on for p2p connections. One listen ; address per line. ; All ipv4 on port 9735: ; listen=0.0.0.0:9735 ; On all ipv4 interfaces on port 9735 and ipv6 localhost port 9736: ; listen=0.0.0.0:9735 ; listen=[::1]:9736 ; Disable listening for incoming p2p connections. This will override all ; listeners. ; nolisten=true ; Specify the interfaces to listen on for gRPC connections. One listen ; address per line. ; Only ipv4 localhost on port 10009: ; rpclisten=localhost:10009 ; On ipv4 localhost port 10009 and ipv6 port 10010: ; rpclisten=localhost:10009 ; rpclisten=[::1]:10010 ; On an Unix socket: ; rpclisten=unix:///var/run/lnd/lnd-rpclistener.sock ; Specify the interfaces to listen on for REST connections. One listen ; address per line. ; All ipv4 interfaces on port 8080: ; restlisten=0.0.0.0:8080 ; On ipv4 localhost port 80 and 443: ; restlisten=localhost:80 ; restlisten=localhost:443 ; On an Unix socket: ; restlisten=unix:///var/run/lnd-restlistener.sock ; A series of domains to allow cross origin access from. This controls the CORs ; policy of the REST RPC proxy. ; restcors=https://my-special-site.com ; Adding an external IP will advertise your node to the network. This signals ; that your node is available to accept incoming channels. If you don't wish to ; advertise your node, this value doesn't need to be set. Unless specified ; (with host:port notation), the default port (9735) will be added to the ; address. ; externalip= ; ; Instead of explicitly stating your external IP address, you can also enable ; UPnP or NAT-PMP support on the daemon. Both techniques will be tried and ; require proper hardware support. In order to detect this hardware support, ; `lnd` uses a dependency that retrieves the router's gateway address by using ; different built-in binaries in each platform. Therefore, it is possible that ; we are unable to detect the hardware and `lnd` will exit with an error ; indicating this. This option will automatically retrieve your external IP ; address, even after it has changed in the case of dynamic IPs, and advertise ; it to the network using the ports the daemon is listening on. This does not ; support devices behind multiple NATs. ; nat=true ; Debug logging level. ; Valid levels are {trace, debug, info, warn, error, critical} ; You may also specify =,=,... to set ; log level for individual subsystems. Use lncli debuglevel --show to list ; available subsystems. ; debuglevel=info ; Write CPU profile to the specified file. ; cpuprofile= ; Enable HTTP profiling on given port -- NOTE port must be between 1024 and ; 65536. The profile can be access at: http://localhost:/debug/pprof/. ; profile= ; The maximum number of incoming pending channels permitted per peer. ; maxpendingchannels=1 ; If true, then automatic network bootstrapping will not be attempted. This ; means that your node won't attempt to automatically seek out peers on the ; network. ; nobootstrap=true ; The smallest channel size (in satoshis) that we should accept. Incoming ; channels smaller than this will be rejected, default value 20000. ; minchansize= ; The duration that a peer connection must be stable before attempting to send a ; channel update to reenable or cancel a pending disables of the peer's channels ; on the network. (default: 19m0s) ; chan-enable-timeout=22m ; The duration that must elapse after first detecting that an already active ; channel is actually inactive and sending channel update disabling it to the ; network. The pending disable can be canceled if the peer reconnects and becomes ; stable for chan-enable-timeout before the disable update is sent. ; (default: 20m0s) ; chan-disable-timeout=22m ; The polling interval between attempts to detect if an active channel has become ; inactive due to its peer going offline. (default: 1m0s) ; chan-status-sample-interval=2m ; Disable queries from the height-hint cache to try to recover channels stuck in ; the pending close state. Disabling height hint queries may cause longer chain ; rescans, resulting in a performance hit. Unset this after channels are unstuck ; so you can get better performance again. ; height-hint-cache-query-disable=true ; The polling interval between historical graph sync attempts. Each historical ; graph sync attempt ensures we reconcile with the remote peer's graph from the ; genesis block. (default: 1h0m0s) ; historicalsyncinterval=2h ; If true, will not reply with historical data that matches the range specified ; by a remote peer's gossip_timestamp_filter. Doing so will result in lower ; memory and bandwidth requirements. ; ignore-historical-gossip-filters=true ; If true, lnd will not accept channel opening requests with non-zero push ; amounts. This should prevent accidental pushes to merchant nodes. ; rejectpush=true ; If true, lnd will not forward any HTLCs that are meant as onward payments. This ; option will still allow lnd to send HTLCs and receive HTLCs but lnd won't be ; used as a hop. ; rejecthtlc=true ; If true, will apply a randomized staggering between 0s and 30s when ; reconnecting to persistent peers on startup. The first 10 reconnections will be ; attempted instantly, regardless of the flag's value ; stagger-initial-reconnect=true ; The maximum number of blocks funds could be locked up for when forwarding ; payments. (default: 2016) ; max-cltv-expiry=2016 ; The maximum percentage of total funds that can be allocated to a channel's ; commitment fee. This only applies for the initiator of the channel. Valid ; values are within [0.1, 1]. (default: 0.5) ; max-channel-fee-allocation=0.9 ; If true, lnd will abort committing a migration if it would otherwise have been ; successful. This leaves the database unmodified, and still compatible with the ; previously active version of lnd. ; dry-run-migration=true ; If true, option upfront shutdown script will be enabled. If peers that we open ; channels with support this feature, we will automatically set the script to ; which cooperative closes should be paid out to on channel open. This offers the ; partial protection of a channel peer disconnecting from us if cooperative ; close is attempted with a different script. ; enable-upfront-shutdown=true ; If true, spontaneous payments through keysend will be accepted. [experimental] ; accept-keysend=true ; If non-zero, keysend payments are accepted but not immediately settled. If the ; payment isn't settled manually after the specified time, it is canceled ; automatically. [experimental] ; keysend-hold-time=true ; If true, our node will allow htlc forwards that arrive and depart on the same ; channel. ; allow-circular-route=true ; Time in milliseconds between each release of announcements to the network ; trickledelay=180000 ; The number of peers that we should receive new graph updates from. This option ; can be tuned to save bandwidth for light clients or routing nodes. (default: 3) ; numgraphsyncpeers=9 ; The alias your node will use, which can be up to 32 UTF-8 characters in ; length. ; alias=My Lightning ☇ ; The color of the node in hex format, used to customize node appearance in ; intelligence services. ; color=#3399FF [Bitcoin] ; If the Bitcoin chain should be active. Atm, only a single chain can be ; active. bitcoin.active=true ; Use Bitcoin's test network. ; bitcoin.testnet=true ; ; Use Bitcoin's simulation test network bitcoin.simnet=true ; Use Bitcoin's regression test network ; bitcoin.regtest=false ; Use the btcd back-end bitcoin.node=btcd ; Use the bitcoind back-end ; bitcoin.node=bitcoind ; Use the neutrino (light client) back-end ; bitcoin.node=neutrino ; The default number of confirmations a channel must have before it's considered ; open. We'll require any incoming channel requests to wait this many ; confirmations before we consider the channel active. ; bitcoin.defaultchanconfs=3 [Btcd] ; The host that your local btcd daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; btcd.rpchost=localhost ; Username for RPC connections to btcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; btcd.rpcuser=kek ; Password for RPC connections to btcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; btcd.rpcpass=kek ; File containing the daemon's certificate file. This only needs to be set if ; the node isn't on the same host as lnd. ; btcd.rpccert=~/.btcd/rpc.cert ; The raw bytes of the daemon's PEM-encoded certificate chain which will be used ; to authenticate the RPC connection. This only needs to be set if the btcd ; node is on a remote host. ; btcd.rawrpccert= [Bitcoind] ; The host that your local bitcoind daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; bitcoind.rpchost=localhost ; Username for RPC connections to bitcoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote bitcoind instance). ; bitcoind.rpcuser=kek ; Password for RPC connections to bitcoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote bitcoind instance). ; bitcoind.rpcpass=kek ; ZMQ socket which sends rawblock and rawtx notifications from bitcoind. By ; default, lnd will attempt to automatically obtain this information, so this ; likely won't need to be set (other than for a remote bitcoind instance). ; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332 ; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333 ; Fee estimate mode for bitcoind. It must be either "ECONOMICAL" or "CONSERVATIVE". ; If unset, the default value is "CONSERVATIVE". ; bitcoind.estimatemode=CONSERVATIVE [neutrino] ; Connect only to the specified peers at startup. This creates a persistent ; connection to a target peer. This is recommended as there aren't many ; neutrino compliant full nodes on the test network yet. ; neutrino.connect= ; Add a peer to connect with at startup. ; neutrino.addpeer= ; Set a URL source for fee estimates. ; neutrino.feeurl= [Litecoin] ; If the Litecoin chain should be active. Atm, only a single chain can be ; active. ; litecoin.active=true ; Use Litecoin's test network. ; litecoin.testnet=true ; Use the ltcd back-end litecoin.node=ltcd ; Use the litecoind back-end ; litecoin.node=litecoind [Ltcd] ; The host that your local ltcd daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; ltcd.rpchost=localhost ; Username for RPC connections to ltcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; ltcd.rpcuser=kek ; Password for RPC connections to ltcd. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for simnet mode). ; ltcd.rpcpass=kek ; File containing the daemon's certificate file. This only needs to be set if ; the node isn't on the same host as lnd. ; ltcd.rpccert=~/.ltcd/rpc.cert ; The raw bytes of the daemon's PEM-encoded certificate chain which will be used ; to authenticate the RPC connection. This only needs to be set if the ltcd ; node is on a remote host. ; ltcd.rawrpccert= [Litecoind] ; The host that your local litecoind daemon is listening on. By default, this ; setting is assumed to be localhost with the default port for the current ; network. ; litecoind.rpchost=localhost ; Username for RPC connections to litecoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote litecoind instance). ; litecoind.rpcuser=kek ; Password for RPC connections to litecoind. By default, lnd will attempt to ; automatically obtain the credentials, so this likely won't need to be set ; (other than for a remote litecoind instance). ; litecoind.rpcpass=kek ; ZMQ socket which sends rawblock and rawtx notifications from litecoind. By ; default, lnd will attempt to automatically obtain this information, so this ; likely won't need to be set (other than for a remote litecoind instance). ; litecoind.zmqpubrawblock=tcp://127.0.0.1:28332 ; litecoind.zmqpubrawtx=tcp://127.0.0.1:28333 ; Fee estimate mode for litecoind. It must be either "ECONOMICAL" or "CONSERVATIVE". ; If unset, the default value is "CONSERVATIVE". ; litecoind.estimatemode=CONSERVATIVE [autopilot] ; If the autopilot agent should be active or not. The autopilot agent will ; attempt to automatically open up channels to put your node in an advantageous ; position within the network graph. ; autopilot.active=true ; The maximum number of channels that should be created. ; autopilot.maxchannels=5 ; The fraction of total funds that should be committed to automatic channel ; establishment. For example 0.6 means that 60% of the total funds available ; within the wallet should be used to automatically establish channels. The total ; amount of attempted channels will still respect the maxchannels param. ; autopilot.allocation=0.6 ; Heuristic to activate, and the weight to give it during scoring. (default: ; {preferential:1}) ; autopilot.heuristic={topk_centrality:1} ; The smallest channel that the autopilot agent should create (default: 20000) ; autopilot.minchansize=20000 ; The largest channel that the autopilot agent should create (default: 16777215) ; autopilot.maxchansize=20000 ; Whether the channels created by the autopilot agent should be private or not. ; Private channels won't be announced to the network. ; autopilot.private=true ; The minimum number of confirmations each of your inputs in funding transactions ; created by the autopilot agent must have. (default: 1) ; autopilot.minconfs=2 ; The confirmation target (in blocks) for channels opened by autopilot. (default: ; 3) ; autopilot.conftarget=2 [tor] ; Allow outbound and inbound connections to be routed through Tor ; tor.active=true ; The port that Tor's exposed SOCKS5 proxy is listening on. Using Tor allows ; outbound-only connections (listening will be disabled) -- NOTE port must be ; between 1024 and 65535 ; tor.socks=9050 ; The DNS server as IP:PORT that Tor will use for SRV queries - NOTE must have ; TCP resolution enabled. The current active DNS server for Testnet listening is ; nodes.lightning.directory ; tor.dns=nodes.lightning.directory ; Enable Tor stream isolation by randomizing user credentials for each ; connection. With this mode active, each connection will use a new circuit. ; This means that multiple applications (other than lnd) using Tor won't be mixed ; in with lnd's traffic. ; tor.streamisolation=true ; Enable Tor stream isolation by randomizing user credentials for each ; connection. ; tor.streamisolation=true ; The host:port that Tor is listening on for Tor control connections (default: ; localhost:9051) ; tor.control=localhost:9091 ; IP address that Tor should use as the target of the hidden service ; tor.targetipaddress= ; The password used to arrive at the HashedControlPassword for the control port. ; If provided, the HASHEDPASSWORD authentication method will be used instead of ; the SAFECOOKIE one. ; tor.password=plsdonthackme ; Automatically set up a v2 onion service to listen for inbound connections ; tor.v2=true ; Automatically set up a v3 onion service to listen for inbound connections ; tor.v3=true ; The path to the private key of the onion service being created ; tor.privatekeypath=/path/to/torkey ;The path to the private key of the watchtower onion service being created ; tor.watchtowerkeypath=/other/path/ [watchtower] ; Enable integrated watchtower listening on :9911 by default. ; watchtower.active=true ; Specify the interfaces to listen on for watchtower client connections. One ; listen address per line. If no port is specified the default port of 9911 will ; be added implicitly. ; All ipv4 on port 9911: ; watchtower.listen=0.0.0.0:9911 ; On all ipv4 interfaces on port 9911 and ipv6 localhost port 9912: ; watchtower.listen=0.0.0.0:9911 ; watchtower.listen=[::1]:9912 ; Configure the external IP address of your watchtower. Setting this field does ; not have any behavioral changes to the tower or enable any sort of discovery, ; however it will make the full URI (pubkey@host:port) available via ; WatchtowerRPC.GetInfo and `lncli tower info`. ; watchtower.externalip=1.2.3.4 ; Configure the default watchtower data directory. The default directory is ; data/watchtower relative to the chosen lnddir. This can be useful if one needs ; to move the database to a separate volume with more storage. In the example ; below, the database will be stored at: ; /path/to/towerdir/bitcoin//watchtower.db. ; watchtower.towerdir=/path/to/towerdir ; Duration the watchtower server will wait for messages to be received before ; hanging up on client connections. ; watchtower.readtimeout=15s ; Duration the watchtower server will wait for messages to be written before ; hanging up on client connections ; watchtower.writetimeout=15s [wtclient] ; Activate Watchtower Client. To get more information or configure watchtowers ; run `lncli wtclient -h`. ; wtclient.active=true ; Specify the fee rate with which justice transactions will be signed. This fee ; rate should be chosen as a maximum fee rate one is willing to pay in order to ; sweep funds if a breach occurs while being offline. The fee rate should be ; specified in sat/byte, the default is 10 sat/byte. ; wtclient.sweep-fee-rate=10 [healthcheck] ; The number of times we should attempt to query our chain backend before ; gracefully shutting down. Set this value to 0 to disable this health check. ; healthcheck.chainbackend.attempts=3 ; The amount of time we allow a call to our chain backend to take before we fail ; the attempt. This value must be >= 1s. ; healthcheck.chainbackend.timeout=10s ; The amount of time we should backoff between failed attempts to query chain ; backend. This value must be >= 1s. ; healthcheck.chainbackend.backoff=30s ; The amount of time we should wait between chain backend health checks. This ; value must be >= 1m. ; healthcheck.chainbackend.interval=1m ; The minimum ratio of free disk space to total capacity that we require. ; healthcheck.diskspace.diskrequired=0.1 ; The number of times we should attempt to query our available disk space before ; gracefully shutting down. Set this value to 0 to disable this health check. ; healthcheck.diskspace.attempts=2 ; The amount of time we allow a query for our available disk space to take ; before we fail the attempt. This value must be >= 1s. ; healthcheck.diskspace.timeout=5s ; The amount of time we should backoff between failed attempts to query ; available disk space. This value must be >= 1s. ; healthcheck.diskspace.backoff=1m ; The amount of time we should wait between disk space health checks. This ; value must be >= 1m. ; healthcheck.diskspace.interval=6h [routerrpc] ; Minimum required route success probability to attempt the payment (default: ; 0.01) ; routerrpc.minrtprob=1 ; Assumed success probability of a hop in a route when no other information is ; available. (default: 0.6) ; routerrpc.apriorihopprob=0.2 ; Weight of the a priori probability in success probability estimation. Valid ; values are in [0, 1]. (default: 0.5) ; routerrpc.aprioriweight=0.3 ; Defines the duration after which a penalized node or channel is back at 50% ; probability (default: 1h0m0s) ; routerrpc.penaltyhalflife=2h ; The (virtual) cost in sats of a failed payment attempt (default: 100) ; routerrpc.attemptcost=90 ; The maximum number of payment results that are held on disk by mission control ; (default: 1000) ; routerrpc.maxmchistory=900 ; Path to the router macaroon ; routerrpc.routermacaroonpath= [workers] ; Maximum number of concurrent read pool workers. This number should be ; proportional to the number of peers. (default: 100) ; workers.read=200 ; Maximum number of concurrent write pool workers. This number should be ; proportional to the number of CPUs on the host. (default: 8) ; workers.write=8 ; Maximum number of concurrent sig pool workers. This number should be ; proportional to the number of CPUs on the host. (default: 8) ; workers.sig=4 [caches] ; Maximum number of entries contained in the reject cache, which is used to speed ; up filtering of new channel announcements and channel updates from peers. Each ; entry requires 25 bytes. (default: 50000) ; caches.reject-cache-size=900000 ; Maximum number of entries contained in the channel cache, which is used to ; reduce memory allocations from gossip queries from peers. Each entry requires ; roughly 2Kb. (default: 20000) ; caches.channel-cache-size=9000000 [protocol] ; If set, then lnd will create and accept requests for channels larger than 0.16 ; BTC ; protocol.wumbo-channels=true ; Set to enable experimental support for anchor commitments, won't work with watchtowers yet. ; protocol.anchors=true [db] ; The selected database backend. The current default backend is "bolt". lnd ; also has experimental support for etcd, a replicated backend. ; db.backend=bolt [etcd] ; Etcd database host. ; db.etcd.host=localhost:2379 ; Etcd database user. ; db.etcd.user=userscopedforlnd ; Password for the database user. ; db.etcd.pass=longandsekrit ; Path to the TLS certificate for etcd RPC. ; db.etcd.cert_file=/key/path ; Path to the TLS private key for etcd RPC. ; db.etcd.key_file=/a/path ; Whether we intend to skip TLS verification ; db.etcd.insecure_skip_verify=true ; Whether to collect etcd commit stats. ; db.etcd.collect_stats=true [bolt] ; If true, prevents the database from syncing its freelist to disk. ; db.bolt.nofreelistsync=1