lnd version, "hacked" to enable seedless restore from xprv + scb
Go to file
Olaoluwa Osuntokun ffac0336e6
aezeed: add new package implementing the aezeed cipher seed scheme
In this commit, we add a new package implementing the aezeed cipher
seed scheme. This is a new scheme developed that aims to overcome the
two major short comings of BIP39: a lack of a version, and a lack of a
wallet birthday. A lack a version means that wallets may not
necessarily know *how* to re-derive addresses during the recovery
process. A lack of a birthday means that wallets don’t know how far
back to look in the chain to ensure that they derive *all* the proper
user addresses.

The aezeed scheme addresses these two drawbacks and adds a number of
desirable features. First, we start with the following plaintext seed:
{1 byte internal version || 2 byte timestamp || 16 bytes of entropy}.

The version field is for wallets to be able to know *how* to re-derive
the keys of the wallet.

The 2 byte timestamp is expressed in Bitcoin Days Genesis, meaning that
the number of days since the timestamp in Bitcoin’s genesis block. This
allow us to save space, and also avoid using a wasteful level of
granularity. With the currently, this can express time up until 2188.

Finally, the entropy is raw entropy that should be used to derive
wallet’s HD root.

Next, we’ll take the plaintext seed described above and encipher it to
procure a final cipher text. We’ll then take this cipher text (the
CipherSeed) and encode that using a 24-word mnemonic. The enciphering
process takes a user defined passphrase. If no passphrase is provided,
then the string “aezeed” will be used.

To encipher a plaintext seed (19 bytes) to arrive at an enciphered
cipher seed (33 bytes), we apply the following operations:
   * First we take the external version an append it to our buffer. The
external version describes *how* we encipher. For the first version
(version 0), we’ll use scrypt(n=32768, r=8, p=1) and aezeed.
  * Next, we’ll use scrypt (with the version 9 params) to generate a
strong key for encryption. We’ll generate a 32-byte key using 5 bytes
as a salt. The usage of the salt is meant to make the creation of
rainbow tables infeasible.
  * Next, the enciphering process. We use aezeed, modern AEAD with
nonce-misuse resistance properties. The important trait we exploit is
that it’s an *arbitrary input length block cipher*. Additionally, it
has what’s essentially a configurable MAC size. In our scheme we’ll use
a value of 4, which acts as a 32-bit checksum. We’ll encrypt with our
generated seed, and use an AD of (version || salt). We'll them compute a
checksum over all the data, using crc-32, appending the result to the
end.
  * Finally, we’ll encode this 33-byte cipher text using the default
world list of BIP 39 to produce 24 english words.

The `aezeed` cipher seed scheme has a few cool properties, notably:
   * The mnemonic itself is a cipher text, meaning leaving it in
plaintext is advisable if the user also set a passphrase. This is in
contrast to BIP 39 where the mnemonic alone (without a passphrase) may
be sufficient to steal funds.
   * A cipherseed can be modified to *change* the passphrase. This
means that if the users wants a stronger passphrase, they can decipher
(with the old passphrase), then encipher (with a new passphrase).
Compared to BIP 39, where if the users used a passphrase, since the
mapping is one way, they can’t change the passphrase of their existing
HD key chain.
  * A cipher seed can be *upgraded*. Since we have an external version,
offline tools can be provided to decipher using the old params, and
encipher using the new params. In the future if we change ciphers,
change scrypt, or just the parameters of scrypt, then users can easily
upgrade their seed with an offline tool.
  * We're able to verify that a user has input the incorrect passphrase,
and that the user has input the incorrect mnemonic independently.
2018-03-01 17:10:50 -08:00
aezeed aezeed: add new package implementing the aezeed cipher seed scheme 2018-03-01 17:10:50 -08:00
autopilot autopilot: modify interfaces to specify *exactly* how many chans to open 2018-02-08 20:08:18 -08:00
brontide brontide: reduce memory allocs by using static buf for next header+msg 2018-02-24 19:30:45 -08:00
chainntnfs chainntnfs/neutrinonotify: log height hint for spend notifications 2018-03-01 16:49:28 -08:00
channeldb channeldb: add todo making feerate explicit type 2018-02-26 22:42:27 +01:00
cmd/lncli multi: Remove peer_id from RPC commands 2018-02-19 17:48:39 -08:00
contractcourt contractcourt: use vsize fee estimate and new fee rate types 2018-02-26 22:42:25 +01:00
contrib contrib: add basic bash completion for lncli 2017-01-29 18:12:53 -08:00
discovery multi: fix some recently introduced typos 2018-02-18 15:27:29 -08:00
docker multi: Remove peer_id from RPC commands 2018-02-19 17:48:39 -08:00
docs docs: Add details to macaroon usage with GRPC. 2018-02-28 16:19:48 -05:00
htlcswitch htlcswitch tests: update tests to new FeeEstimator and fee rate types 2018-02-26 22:42:25 +01:00
lnrpc lnwallet/lnrpc: Expose sync status to gRPC interface 2018-02-20 19:00:06 -08:00
lntest multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
lnwallet lnwallet test: add TestFeeRateTypes and TestStaticFeeEstimator 2018-02-26 22:42:27 +01:00
lnwire lnwire: add todo for changing to SatPerKWeight for fee rates 2018-02-26 22:42:28 +01:00
macaroons multi: macaroon root key encryption 2018-02-05 21:44:06 -08:00
multimutex multimutex: add new multimutex package 2018-01-24 10:26:39 +01:00
routing routing/router Fix FindRoutes in router test 2018-02-28 19:25:19 -08:00
shachain multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
torsvc torsvc: add support for stream isolation 2018-02-08 20:09:04 -08:00
walletunlocker multi: macaroon root key encryption 2018-02-05 21:44:06 -08:00
zpay32 zpay32 test: litecoin decode tests 2018-02-19 10:19:24 -05:00
.gitignore server: disable network bootstrapping for regtest 2017-11-30 22:07:06 -08:00
.travis.yml build: update travis to build against golang 1.10+1.9.4 2018-02-19 17:32:54 -08:00
breacharbiter_test.go multi test: update tests/mocks to use EstimateFeePerVSize 2018-02-26 22:42:27 +01:00
breacharbiter.go breacharbiter: use EstimateFeePerVSize 2018-02-26 22:42:26 +01:00
chainparams.go chainparams: ensure target chain checkpoints are properly set 2017-09-01 03:17:28 -07:00
chainregistry.go chainregistry: express fee rates in sat/vbyte 2018-02-26 22:42:25 +01:00
chancloser.go chancloser: express fee rates in sat/vbyte 2018-02-26 22:42:26 +01:00
config.go config: add new option to the tor config for stream isolation 2018-02-09 12:16:13 -08:00
doc.go add some daemon related skeleton files 2015-12-26 00:09:17 -06:00
fundingmanager_test.go fundingmanager: Added additional test to check a pending channel 2018-02-26 16:44:34 -08:00
fundingmanager.go Merge pull request #762 from halseth/fee-estimator 2018-02-26 17:22:50 -08:00
glide.lock build: update glide to latest btcwallet 2018-02-23 16:48:51 -08:00
glide.yaml build: update glide to latest btcwallet 2018-02-23 16:48:51 -08:00
gotest.sh build: move check of the ports to integration tests 2017-11-09 16:38:58 -08:00
invoiceregistry.go htlcswitch: face race condition in unit tests by returning invoice 2017-11-11 16:09:29 -08:00
LICENSE LICENSE: update date on primary copyright 2017-11-27 16:19:35 -08:00
lnd_test.go lnd test: calculate channel reserve based on balance before fees 2018-02-26 22:42:27 +01:00
lnd.go lnd: remove invalid cipher suite 2018-02-26 13:29:19 -08:00
log.go multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
logo.png README: add logo to top portion of page 2017-09-29 14:06:31 -07:00
mock.go multi test: update tests/mocks to use EstimateFeePerVSize 2018-02-26 22:42:27 +01:00
nodesigner.go nodeSigner: add method for signing already hashed data 2017-09-27 12:25:45 +02:00
nursery_store_test.go multi: fixing it's/its typos in comments 2018-02-06 19:13:07 -08:00
nursery_store.go multi: fixing it's/its typos in comments 2018-02-06 19:13:07 -08:00
peer_test.go peer test: remove var casting 2018-02-26 22:42:27 +01:00
peer.go peer: use EstimateFeePerVSize 2018-02-26 22:42:26 +01:00
pilot.go pilot: express fee rates using types, use EstimateFeePerVSize 2018-02-26 22:42:26 +01:00
README.md readme: update Slack invite link 2018-01-24 22:13:14 -08:00
release.sh build: add release script 2017-01-12 18:30:47 -08:00
rpcserver.go Merge pull request #762 from halseth/fee-estimator 2018-02-26 17:22:50 -08:00
sample-lnd.conf docs: update sample-lnd.conf with Tor info 2018-02-09 12:16:16 -08:00
server_test.go lnd+server: Allow configurable Node Alias and Color 2018-01-18 09:31:48 -06:00
server.go server: express fee rates using fee rate types 2018-02-26 22:42:26 +01:00
signal.go multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
test_utils.go multi test: update tests/mocks to use EstimateFeePerVSize 2018-02-26 22:42:27 +01:00
utxonursery_test.go utxonursery_test: extends test vectors for nursery store 2017-11-15 18:49:13 -08:00
utxonursery.go utxonursery: use EstimateFeePerVSize 2018-02-26 22:42:26 +01:00
version.go multi: retain original copyright on files copied/modified from btcsuite 2017-11-27 16:19:36 -08:00
witness_beacon.go multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00

Lightning Network Daemon

Build Status MIT licensed Irc Godoc Coverage Status

The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node and currently deployed on testnet3 - the Bitcoin Test Network. lnd has several pluggable back-end chain services including btcd (a full-node) and neutrino (a new experimental light client). The project's codebase uses the btcsuite set of Bitcoin libraries, and also exports a large set of isolated re-usable Lightning Network related libraries within it. In the current state lnd is capable of:

  • Creating channels.
  • Closing channels.
  • Completely managing all channel states (including the exceptional ones!).
  • Maintaining a fully authenticated+validated channel graph.
  • Performing path finding within the network, passively forwarding incoming payments.
  • Sending outgoing onion-encrypted payments through the network.
  • Updating advertised fee schedules.
  • Automatic channel management (autopilot).

Lightning Network Specification Compliance

lnd fully conforms to the Lightning Network specification (BOLTs). BOLT stands for: Basic of Lightning Technologies. The specifications are currently being drafted by several groups of implementers based around the world including the developers of lnd. The set of specification documents as well as our implementation of the specification are still a work-in-progress. With that said, the current status of lnd's BOLT compliance is:

  • BOLT 1: Base Protocol
  • BOLT 2: Peer Protocol for Channel Management
  • BOLT 3: Bitcoin Transaction and Script Formats
  • BOLT 4: Onion Routing Protocol
  • BOLT 5: Recommendations for On-chain Transaction Handling
  • BOLT 7: P2P Node and Channel Discovery
  • BOLT 8: Encrypted and Authenticated Transport
  • BOLT 9: Assigned Feature Flags
  • BOLT 10: DNS Bootstrap and Assisted Node Location
  • BOLT 11: Invoice Protocol for Lightning Payments

Developer Resources

The daemon has been designed to be as developer friendly as possible in order to facilitate application development on top of lnd. Two primary RPC interfaces are exported: an HTTP REST API, and a gRPC service. The exported API's are not yet stable, so be warned: they may change drastically in the near future.

An automatically generated set of documentation for the RPC APIs can be found at api.lightning.community. A set of developer resources including talks, articles, and example applications can be found at: dev.lightning.community.

Finally, we also have an active Slack where protocol developers, application developers, testers and users gather to discuss various aspects of lnd and also Lightning in general.

Installation

In order to build from source, please see the installation instructions.

IRC

  • irc.freenode.net
  • channel #lnd
  • webchat

Further reading