67c6d0d331
In this commit, we implement a series of new crypto operations that will allow us to encrypt and decrypt a set of serialized channel backups. Their various backups may have distinct encodings when serialized, but to the functions defined in this file, we treat them as simple opaque blobs. For encryption, we utilize chacha20poly1305 with a random 24 byte nonce. We use a larger nonce size as this can be safely generated via a CSPRNG without fear of frequency collisions between nonces generated. To encrypt a blob, we then use this nonce as the AD (associated data) and prepend the nonce to the front of the ciphertext package. For key generation, in order to ensure the user only needs their passphrase and the backup file, we utilize the existing keychain to derive a private key. In order to ensure that at we don't force any hardware signer to be aware of our crypto operations, we instead opt to utilize a public key that will be hashed to derive our private key. The assumption here is that this key will only be exposed to this software, and never derived as a public facing address. |
||
---|---|---|
.github | ||
aezeed | ||
autopilot | ||
brontide | ||
build | ||
chainntnfs | ||
chanbackup | ||
channeldb | ||
cmd/lncli | ||
contractcourt | ||
contrib | ||
discovery | ||
docker | ||
docs | ||
htlcswitch | ||
invoices | ||
keychain | ||
lncfg | ||
lnpeer | ||
lnrpc | ||
lntest | ||
lnwallet | ||
lnwire | ||
macaroons | ||
make | ||
multimutex | ||
nat | ||
netann | ||
queue | ||
routing | ||
shachain | ||
signal | ||
sweep | ||
ticker | ||
tor | ||
walletunlocker | ||
watchtower | ||
zpay32 | ||
.gitignore | ||
.travis.yml | ||
breacharbiter_test.go | ||
breacharbiter.go | ||
chainparams.go | ||
chainregistry.go | ||
chancloser.go | ||
config.go | ||
doc.go | ||
Dockerfile | ||
fundingmanager_test.go | ||
fundingmanager.go | ||
go.mod | ||
go.sum | ||
LICENSE | ||
lnd_test.go | ||
lnd.go | ||
log.go | ||
logo.png | ||
Makefile | ||
mock.go | ||
nursery_store_test.go | ||
nursery_store.go | ||
peer_test.go | ||
peer.go | ||
pilot.go | ||
README.md | ||
release.sh | ||
rpcserver.go | ||
sample-lnd.conf | ||
server_test.go | ||
server.go | ||
subrpcserver_config.go | ||
test_utils.go | ||
utxonursery_test.go | ||
utxonursery.go | ||
witness_beacon.go |
Lightning Network Daemon
The Lightning Network Daemon (lnd
) - is a complete implementation of a
Lightning Network node and currently deployed on
testnet3
- the Bitcoin Test Network. lnd
has several pluggable back-end
chain services including btcd
(a
full-node), bitcoind
, and
neutrino
(a new experimental light client). The project's codebase uses the
btcsuite set of Bitcoin libraries, and also
exports a large set of isolated re-usable Lightning Network related libraries
within it. In the current state lnd
is capable of:
- Creating channels.
- Closing channels.
- Completely managing all channel states (including the exceptional ones!).
- Maintaining a fully authenticated+validated channel graph.
- Performing path finding within the network, passively forwarding incoming payments.
- Sending outgoing onion-encrypted payments through the network.
- Updating advertised fee schedules.
- Automatic channel management (
autopilot
).
Lightning Network Specification Compliance
lnd
fully conforms to the Lightning Network specification
(BOLTs). BOLT stands for:
Basis of Lightning Technology. The specifications are currently being drafted
by several groups of implementers based around the world including the
developers of lnd
. The set of specification documents as well as our
implementation of the specification are still a work-in-progress. With that
said, the current status of lnd
's BOLT compliance is:
- BOLT 1: Base Protocol
- BOLT 2: Peer Protocol for Channel Management
- BOLT 3: Bitcoin Transaction and Script Formats
- BOLT 4: Onion Routing Protocol
- BOLT 5: Recommendations for On-chain Transaction Handling
- BOLT 7: P2P Node and Channel Discovery
- BOLT 8: Encrypted and Authenticated Transport
- BOLT 9: Assigned Feature Flags
- BOLT 10: DNS Bootstrap and Assisted Node Location
- BOLT 11: Invoice Protocol for Lightning Payments
Developer Resources
The daemon has been designed to be as developer friendly as possible in order
to facilitate application development on top of lnd
. Two primary RPC
interfaces are exported: an HTTP REST API, and a gRPC
service. The exported API's are not yet stable, so be warned: they may change
drastically in the near future.
An automatically generated set of documentation for the RPC APIs can be found at api.lightning.community. A set of developer resources including talks, articles, and example applications can be found at: dev.lightning.community.
Finally, we also have an active
Slack where protocol developers, application developers, testers and users gather to
discuss various aspects of lnd
and also Lightning in general.
Installation
In order to build from source, please see the installation instructions.
Docker
To run lnd from Docker, please see the main Docker instructions
IRC
- irc.freenode.net
- channel #lnd
- webchat
Security
The developers of lnd
take security very seriously. The disclosure of
security vulnerabilities helps us secure the health of lnd
, privacy of our
users, and also the health of the Lightning Network as a whole. If you find
any issues regarding security or privacy, please disclose the information
responsibly by sending an email to security at lightning dot engineering,
preferably encrypted using our designated PGP key
(91FE464CD75101DA6B6BAB60555C6465E5BCB3AF
) which can be found
here.