--- Day changed Mon Aug 27 2018 00:18 -!- vindard [~vindard@96.9.90.105] has joined #lnd 00:36 -!- Talkless [~Talkless@hst-227-49.splius.lt] has joined #lnd 00:40 -!- vindard [~vindard@96.9.90.105] has left #lnd ["Leaving"] 00:41 -!- EagleTM [~hab@x4db4187e.dyn.telefonica.de] has joined #lnd 00:55 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has joined #lnd 01:00 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has quit [Ping timeout: 252 seconds] 01:35 -!- jpe [~jp@fnord.cryptophone.de] has joined #lnd 01:41 < booyah> can LN server and BTC fullnode be used together sort-of trustless? 01:42 < booyah> how normally LN uses BTC fullnode, via RPC or ZMQ or both? can it be configured that if LN would become malicious (hacked) then it can not spent bitcoin core wallet funds or damage it? limit set of RPC to maybe announce raw tx (generated in LN) and so on? 01:48 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has joined #lnd 01:52 -!- deusexbeer [~deusexbee@095-129-175-228-dynamic-pool-adsl.wbt.ru] has quit [Ping timeout: 252 seconds] 01:53 -!- deusexbeer [~deusexbee@093-092-177-058-dynamic-pool-adsl.wbt.ru] has joined #lnd 01:57 < jpe> booyah: I think it only requires ZMQ but I'm not sure. If not, you could just disable wallet functionality of bitcoind, and use a light client as your wallet which uses your own bitcoind as the backend. 02:11 -!- melvster [~melvin@ip-86-49-18-198.net.upcbroadband.cz] has quit [Ping timeout: 244 seconds] 02:26 -!- melvster [~melvin@ip-86-49-18-198.net.upcbroadband.cz] has joined #lnd 02:46 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Remote host closed the connection] 02:47 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #lnd 02:53 -!- deusexbeer [~deusexbee@093-092-177-058-dynamic-pool-adsl.wbt.ru] has quit [Ping timeout: 244 seconds] 02:53 -!- deusexbeer [~deusexbee@093-092-178-150-dynamic-pool-adsl.wbt.ru] has joined #lnd 02:55 < molz> LND doesn't use Bitcoin Core wallet 02:56 < molz> LND has its own wallet, same thing with c-lightning and Eclair mobile, the only client that uses bitcoin core wallet is Eclair desktop app 02:58 < molz> you can compile a headless bitcoin core daemon which has no wallet, no bitcoin-qt, no GUI and you can run it as the backend for LND just fine 03:00 -!- gethh [uid264798@gateway/web/irccloud.com/x-iwxjpqlprfblkjck] has quit [Quit: Connection closed for inactivity] 03:01 -!- superkire [~superkire@unaffiliated/superkire] has joined #lnd 03:48 < jpe> molz: I guess he already has some bitcoin stored in a bitcoind wallet and wants to make sure that LND doesn't have access to it 03:48 < jpe> which it would if it had full RPC access 03:49 < molz> jpe, then don't store your btc there 03:49 < jpe> that was my suggestion 03:49 < molz> and no, not sure how lnd can access the bitcoin core wallet even in such a case 03:50 < jpe> well the hypothetical situation would be that LND gets hacked by code injection which causes it to issue a bitcoind RPC call that transfers the funds in bitcoind somewhere 03:52 < jpe> if it didn't have RPC access and was running as a different user bitcoind then it might be prevented 03:54 < jpe> the quesiton is whether RPC access is needed at all or if ZMQ is sufficient 03:55 < molz> jpe, LND has no access to bitcoin core wallet, the question for him should be how he handles his bitcoin core wallet 04:00 < jpe> when you configure lnd you give a bitcoind rpcuser and rpcpass which means it has RPC access to bitcoind 04:25 < molz> jpe, have you run an lnd node? 04:26 < molz> jpe, prove to me how lnd can access your bitcoin core wallet then i'll believe you 04:28 < molz> jpe, and FYI, my mainnet lnd node doesn't have bitcoind rpcuser and rpcpass 04:29 < molz> neither does my bitcoind, no rpcuser, no rpcpassword 04:31 -!- jpe [~jp@fnord.cryptophone.de] has quit [Remote host closed the connection] 04:32 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has joined #lnd 04:36 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has quit [Ping timeout: 276 seconds] 04:38 -!- drexl [~drexl@cpc130676-camd16-2-0-cust445.know.cable.virginm.net] has joined #lnd 04:47 < Talkless> molz: my lnd has bitcoind.rpcuser and bitcoind.rpcpass, not sure why :D 04:48 < molz> Talkless, my nodes are in default directories so i can run without them because they use .cookie file in .bitcoin 04:48 < Talkless> molz: by INSTALL.md, if lnd runs as same user as bitcoind, it can take auth from config file by itself 04:48 < Talkless> my lnd runs as lnd, ad bitcoind runs as bitcoin user 04:48 < Talkless> I could meddle with file permissions I guess.. 04:49 < Talkless> add acl or group read 04:49 < molz> Talkless, are they in default locations? 04:49 < Talkless> /etc/bitcoin/bitcoin.conf, not sure if that's default 04:49 < molz> in $HOME/.bitcoin 04:50 < molz> /home/username/.bitcoin 04:50 < molz> and /home/username/.lnd 04:50 < Talkless> yeah lnd.conf is in ~/.lnd/lnd.conf 04:51 < Talkless> https://en.bitcoin.it/wiki/Running_Bitcoin says "Specify configuration file (default: bitcoin.conf) " :/ 04:51 < molz> Talkless, i meant the datadir for .lnd and .bitcoin 04:52 < molz> not talking about the .conf's 04:52 < Talkless> yes data dirs are fine 04:52 < molz> in default dirs? 04:52 < Talkless> /home/bitcoin/.bitcoin and /home/lnd/.lnd 04:52 < Talkless> bitcoind does not have "datadir" parameters, so I guess it works as default 04:52 < molz> you have two users with the name 'bitcoin' and 'lnd'? 04:53 < Talkless> yes 04:53 < molz> both of my bitcoind and lnd data files are in the same user 05:00 < Talkless> anyway, even if cookie is used, the same question is valid, if lnd is exploited, exploit can read cookie and connect to bitcoind. 05:01 < Talkless> well, I have hardened lnd and bitcoind with AppArmor. lnd cannot execute any other application (neither another copy of itself), so running some /tmp/ownd.sh would not be possible. 05:03 -!- queip [~queip@unaffiliated/rezurus] has quit [Ping timeout: 256 seconds] 05:03 -!- rafalcpp_ [~racalcppp@84-10-11-234.static.chello.pl] has joined #lnd 05:04 -!- rafalcpp [~racalcppp@84-10-11-234.static.chello.pl] has quit [Ping timeout: 276 seconds] 05:04 -!- queip [~queip@unaffiliated/rezurus] has joined #lnd 05:17 < molz> Talkless, so it's more the question of: if your bitcoin core wallet is hacked, what are you gonna do about it 05:17 < Talkless> yeah right 05:17 < Talkless> well, my bitcoin core wallet is acutally empty, but still. 05:18 < molz> Talkless, the thing is: if your hacker got ahold of your lnd, why should they bother with your bitcoin core wallet, they already have your lnd wallet 05:18 < Talkless> lnd simply opens another attack verctor 05:18 < Talkless> in addition to electrumx :)) 05:18 < molz> what? 05:19 < Talkless> some people might have mutch more in bitcoi core wallet compared to lnd, as lnd is kinda more for smaller day-to-day paymets maybe. 05:31 < molz> but why would someone put his stash in a bitcoin core wallet and use that same bitcoind/bitcoin-qt as the backend for LND? 05:32 < molz> if he still doesn't know bitcoin101 then learn that first before touching Lightning 05:33 < molz> you know you don't need a wallet.dat to own bitcoins? 05:33 < molz> or any hardware wallet 05:34 -!- Beast [~quassel@59.6.64.209] has joined #lnd 05:35 -!- jpe [~jp@fnord.cryptophone.de] has joined #lnd 05:47 < molz> Talkless, were you around when Andrea Brekken had like 100 btc in his LND wallet? 05:47 < molz> or maybe 50 btc 05:49 < Talkless> yeah seen that, around 50 I believe 05:49 < Talkless> that's crazy 05:50 < molz> but all safe and sound, he got his coins back after closing all channels 05:54 < molz> just know a few things to keep lnd safe: don't run LND with `--no-macaroons`, no password/word seeds, no firewall, on windows (except for testing) 05:56 < molz> I* just know a few things.. and there's more but basically this is it 05:56 < Veggen> no firewall? 05:56 < molz> don't run with no firewall 05:56 < Veggen> oh, that's better :) 05:58 < Veggen> molz: I closed all my testnet channels. Probably skyrused them. Did we have a channel? and can you see if I did a breach? 05:58 < molz> oh yea? lol ok let me look 05:59 < Veggen> (in short: I botched my channel.db. So I thought, well...ok, might as well just skyrus then :) 05:59 < Veggen> actually my backup was ages. like from april. 06:00 < Veggen> should probably see what I can claim (I bet some of those old nodes are just gone, so I can just go and steal those funds). 06:01 < molz> Veggen, what's your node's pubkey? 06:12 < molz> still downloading the log, too big :/ 06:20 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Remote host closed the connection] 06:25 -!- Giszmo [~leo@pc-72-54-46-190.cm.vtr.net] has quit [Ping timeout: 264 seconds] 06:27 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #lnd 06:34 < molz> Veggen, i searched for "breach" and "punishment" still don't see anything 06:35 < molz> i guess we never had a channel 06:41 -!- Bunnyh [bunnyh@psychedelic.fi] has quit [Ping timeout: 268 seconds] 06:42 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Ping timeout: 250 seconds] 06:42 -!- intcat [~zshlyk@gateway/tor-sasl/intcat] has quit [Ping timeout: 250 seconds] 06:44 -!- marcinja [~marcin@static-100-38-11-146.nycmny.fios.verizon.net] has joined #lnd 06:45 -!- intcat [~zshlyk@gateway/tor-sasl/intcat] has joined #lnd 06:47 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #lnd 06:53 -!- Giszmo [~leo@45.232.32.114] has joined #lnd 06:54 -!- Giszmo [~leo@45.232.32.114] has quit [Client Quit] 07:03 -!- Bunnyh [bunnyh@psychedelic.fi] has joined #lnd 07:13 -!- Bunnyh [bunnyh@psychedelic.fi] has quit [Ping timeout: 272 seconds] 07:13 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Ping timeout: 250 seconds] 07:14 -!- Bunnyh [bunnyh@psychedelic.fi] has joined #lnd 07:25 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #lnd 07:28 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has joined #lnd 07:31 -!- pokazef [~mikael@2001:41d0:a:4c49::aca:7928] has quit [Ping timeout: 264 seconds] 07:32 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has quit [Quit: = ""] 07:33 -!- pokazef [~mikael@2001:41d0:a:4c49::aca:7928] has joined #lnd 07:41 -!- grafcaps [~haroldbr@050-090-083-229.res.spectrum.com] has quit [Ping timeout: 252 seconds] 07:44 -!- jpe [~jp@fnord.cryptophone.de] has quit [Remote host closed the connection] 07:47 -!- jpe [~jp@fnord.cryptophone.de] has joined #lnd 08:00 -!- grafcaps [~haroldbr@104.137.194.255] has joined #lnd 08:04 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 08:06 -!- grafcaps [~haroldbr@104.137.194.255] has quit [Read error: Connection reset by peer] 08:10 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has quit [Quit: Leaving] 08:13 -!- rafalcpp_ is now known as rafalcpp 08:18 -!- Styils [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 08:21 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Ping timeout: 264 seconds] 08:22 -!- Styils [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Remote host closed the connection] 08:23 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 08:24 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Remote host closed the connection] 08:25 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 08:32 < Veggen> 020f0fc08e5ca751f5fbd803b06236cde8e87035cb651893950d91c69e6a079957 08:33 < Veggen> we might not have had. Or maybe not in april :) 08:33 < Veggen> btw, if you have one with that node, you might as well force-close it. 08:36 < Veggen> I think I might have 16 nodes that tries to reestablish their channels with me. 08:51 < qubenix> Talkless: do you mind sharing your apparmor profiles for lnd and bitcoind? btw, for sure if you are giving some other software access to your bitcoind rpc (cookie or pass) you should really run with disabled wallet or at very least encrypted. 08:54 -!- JackH_ [~laptop@host86-182-8-23.range86-182.btcentralplus.com] has quit [Ping timeout: 268 seconds] 08:58 < Talkless> qubenix: sure, bitcoind: 08:58 < Talkless> https://pastebin.mozilla.org/9092187 08:58 < Talkless> lnd: 08:58 < Talkless> https://pastebin.mozilla.org/9092188 08:59 < qubenix> thx :) 08:59 < Talkless> it might need more rules for Ubuntu & openSUSE, as upstream kernel does not have all mediation that Ubuntu patches provide 08:59 < Talkless> they should inclide for local modifications, etc. It's a WIP, maybe I'll propose these into apparmor-profiles repository some time. 08:59 < Talkless> and update lnd/bitcoind readmes on how to harden, etc. 09:00 < Talkless> qubenix: probaby youl'll need changing patsh to bitcoind and lnd executables.. 09:01 < qubenix> np, i'll be modifying it for qubes/whonix anyway. just nice to have a good starting point. 09:02 < Talkless> ok 09:08 -!- melvster [~melvin@ip-86-49-18-198.net.upcbroadband.cz] has quit [Ping timeout: 268 seconds] 09:17 < molz> Veggen, my CL node has a channel with your node, can't remember if i opened this channel, still "connected": true, 09:18 < molz> Veggen, is this the node that went skyrus? 09:37 -!- ocn_goodroute [8067f411@gateway/web/freenode/ip.128.103.244.17] has joined #lnd 09:40 -!- melvster [~melvin@ip-86-49-18-198.net.upcbroadband.cz] has joined #lnd 10:08 < Veggen> molz: not production :) 10:08 < Veggen> test. 10:14 -!- EagleTM [~hab@x4db4187e.dyn.telefonica.de] has quit [Ping timeout: 268 seconds] 10:15 < molz> yea i know 10:17 -!- pioklo [~Pioklo@118-40.echostar.pl] has joined #lnd 10:17 < Veggen> molz: uhm...what's your CLs id? 10:18 -!- Deadlyelder [~textual@2001:7e8:cc17:7500:65fd:aa66:76c0:13b8] has joined #lnd 10:18 -!- gethh [uid264798@gateway/web/irccloud.com/x-occdrgfqkdzjdyes] has joined #lnd 10:18 < Veggen> nvm. 10:22 -!- usil [~foo@odisej.fmf.uni-lj.si] has quit [Ping timeout: 260 seconds] 10:22 -!- usil [~foo@odisej.fmf.uni-lj.si] has joined #lnd 10:54 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has joined #lnd 11:19 -!- github-lnd [github-lnd@gateway/service/github.com/x-ttyelifgrjvxclnj] has joined #lnd 11:19 -github-lnd:#lnd- [lnd] Roasbeef closed pull request #1788: Disable height hint cache (master...disable-height-hint-cache) https://git.io/fAmO6 11:19 -!- github-lnd [github-lnd@gateway/service/github.com/x-ttyelifgrjvxclnj] has left #lnd [] 11:21 -!- jpe [~jp@fnord.cryptophone.de] has quit [Ping timeout: 268 seconds] 11:28 -!- Talkless [~Talkless@hst-227-49.splius.lt] has quit [Quit: Konversation terminated!] 11:41 -!- Deadlyelder [~textual@2001:7e8:cc17:7500:65fd:aa66:76c0:13b8] has quit [Ping timeout: 276 seconds] 12:09 < waxwing> roasbeef, yeah of course, on reflection, you're right. not sure where i got that idea. i'm looking at the Core impl. now and i see they have interfaces 'SigningProvider' which is actually just a keystore and 'SignatureCreator' that makes sigs using that. I'll think a bit more about that. 12:09 < waxwing> re: using PSBTs generally, do you or anyone else here have concrete ideas already about use of hardware wallets in a lightning (lnd) context? 12:10 < waxwing> i'm trying to get the right mental model of how psbts can be useful, it seems the HW wallet scenario, or let's say the airgap scenario is maybe the most important. as well as other multisig, and coinjoin. 12:16 < booyah> molz: so lnd only looks at ZMQ which is only like notifications of events, yes? 12:16 < booyah> molz: how then lnd publishes into btc p2p network the txes (opening, closing)? is it using own network? 12:16 -!- Pioklo_ [~Pioklo@118-40.echostar.pl] has joined #lnd 12:16 < booyah> using sendrawtransaction or similar from your bitcoin core node, would be more anonymous 12:18 <@roasbeef> booyah assumption is that if you're connecting to a full node, then it's essentially trusted 12:18 <@roasbeef> you should only connect to a full node that is either yours, or run by someone you trust 12:18 -!- pioklo [~Pioklo@118-40.echostar.pl] has quit [Ping timeout: 268 seconds] 12:18 < booyah> roasbeef: yes. that is perhaps a bit more advanced use, but seems very nice 12:19 <@roasbeef> waxwing: yeh i've mapped out hardware wallet integration myself, but would need to actually get the vendors to commit to integration on their end 12:19 <@roasbeef> yeh shouldn't require a new signer abstraction at all, since in the end you're _somehow_ reconstructing a bitcoin txn 12:20 <@roasbeef> the only extra thing my come into place for multi-sig, to like append to the existing witness rather than just overwriting it all together 12:22 < molz> booyah, roasbeef is here, ask him the second question 12:22 <@roasbeef> i think i get his questions, but thing is you need to trust that full node 12:22 <@roasbeef> bitcoind doesn't really have anything like macaroons to have more fine grained auth control 12:22 < waxwing> roasbeef, the digital bitbox people have been looking at the HW integration 12:22 < waxwing> they were at chainhack in lisbon and they'll be in berlin on saturday too 12:22 < molz> roasbeef, hm but does he want to know how all that wizzardry works? his question makes me think he does 12:23 < waxwing> their stack is c-lightning tho'; but will be interesting to talk to them maybe 12:24 < waxwing> re: signer abstraction; well, there is a signer abstraction because there's logic to do (see pseudocode in bip), but it's not literally signing as much as preparing signing, i guess. i've been finding it a little tricky to tease out. 12:24 < molz> roasbeef, also there was this concern: well the hypothetical situation would be that LND gets hacked by code injection which causes it to issue a bitcoind RPC call that transfers the funds in bitcoind somewhere 12:24 < booyah> soo to sum up, LND can use full,unprunned,bitcoin core node by attaching to it's ZMQ. That node can "Attack" lnd at most in the way that it could lie about transactions and lead to money loss (eg not retributing in time)? 12:25 < booyah> does LND besides that use Bitcoin via RPC, eg to send transactions? 12:25 < molz> i've never ever run a mainnet bitcoin-qt with real money as the backend for all my lnd nodes 12:25 < molz> so it has never been a concern for me 12:26 < molz> booyah, i thought you've been running an LND node and already know all this stuff all these months? 12:26 < molz> LND has its own wallet, LND has never used bitcoin core wallet 12:26 < molz> LND has "btcwallet" which is a clone from btcdsuite 12:27 < molz> but the wizard stuff is if you have a stuck tx on lnd wallet, it can be unstuck with bitcoind, which i helped someone do this a few days ago, don't ask me how all that works but i know it works 12:27 < booyah> molz: I prefer to use bitcoin core instead of LNDs built in node, if possible 12:27 < booyah> so far I used other LN clients, not LND. Still here to learn :) 12:27 < molz> booyah, sure, create your own LN impl :D 12:28 < booyah> if LND would support normal system, like Debian stable, I could had used it long before, meh 12:28 < booyah> molz: interesting idea, but perhaps later 12:28 < molz> lnd can even run on windows.. what's with Debian? 12:29 < waxwing> the key word may be 'stable' rather than debian 12:29 < booyah> and in language not requiring bleeding edge experimental updates and a cape >_> 12:30 < molz> waxwing, it would be interesting to see how bluematt creates another impl in rust :) 12:31 < booyah> or in C++, like normal people =) 12:31 <@roasbeef> waxwing: yeh i've talked to em before, when i tlaked to em last, seems they were more at the "we did a thing at tha hackaton stage" rather than like looking at the greater design considerations 12:31 < booyah> or haskel to be more secure against certain bugs 12:32 <@roasbeef> molz: hacked by code injection? if someone has htat level of access to your machine, then you're already dunzo 12:32 < booyah> roasbeef: no, why? 12:32 < molz> roasbeef, yep i thought so 12:32 < booyah> it's not "Access to your machine", it's a bug in LND 12:32 <@roasbeef> booyah: wat? 12:32 < waxwing> roasbeef, has anyone written anything about HW wallet integration seriously tho' ? like, let's say opening a channel? 12:32 < booyah> most software gets remote exploit sooner or later. except bitcoin core 12:32 <@roasbeef> waxwing: i have some stuff none of it published yet 12:32 < molz> why are they worried "what if my lnd gets hacked" but they're not worried about their bitcoind/bitcoin-qt gets hacked or their whole system gets hacked 12:32 < waxwing> well, no matter i guess, it's maybe the wrong time for that 12:32 < booyah> even bitmessage in python had remote arbitrary code execution 12:33 <@roasbeef> booyah: it's a bitcoind issue, not ours, they don't provide fine grained auth 12:33 <@roasbeef> lol bitmessage literally did eval() on messages 12:33 < booyah> yeap 12:33 < booyah> what can go wrong \o/ 12:33 <@roasbeef> in the trust model, the bitcoind node is fully trusted 12:33 <@roasbeef> so yeh it can lie to lnd or w/e or just not give it notifications 12:34 < booyah> roasbeef: ok that lying part is obvious and fine imo. but we could protect in other direction 12:34 < booyah> so which commands are actually needed from bitcoin RPC, just sendrawtx ? 12:34 < molz> for what? 12:34 < booyah> because getting all information is done via ZMQ which is separate? 12:34 < booyah> for LND to work 12:34 < molz> bitcoin-cli lndworknow 12:35 < molz> bitcoin-cli unlockmybrain 12:35 <@roasbeef> booyah: what other direction? 12:35 <@roasbeef> "malicious full node backend" isn't in our threat model atm, as we can't verify anything it gives us 12:35 <@roasbeef> it's a trusted backend 12:35 < booyah> sure 12:35 <@roasbeef> neutrino for example is its own soruce of truth however 12:36 <@roasbeef> so what attack are you concnered about? 12:36 < booyah> but I mean about LND attacking BTC by sending commands to like send arbitrary transaction 12:36 < molz> lolol 12:37 < booyah> writting a json proxy in between to just allow sendrawtx, would be simple 12:37 < booyah> molz: what "lolol"? all major and seriout p2p secure networks software HAD horrible exploits 12:37 < booyah> i2p, freenet, tor 12:38 < qubenix> booyah: run bitcoind with disabled wallet or at least encrypted wallet. then tx cant be signed. 12:38 < booyah> there can be exploit even in one of the libs like libpng or libzlip or who ever knows 12:38 < booyah> therefore it makes sense to understand and isolate what command LND can send to BTC 12:38 < booyah> qubenix: sure. there is just one problem 12:39 < booyah> it's 400 GB per one instance (looking year or two ahead) 12:39 < booyah> so like 1 TB to both have lnd + fully validating node, and also have full bitcoin core as your main normal wallet 12:40 < qubenix> prune? 12:40 < booyah> someone said prunning is not compatible with lnd 12:40 < qubenix> not on index=1 node, the ones with wallets 12:41 < booyah> qubenix: ah right. Ok I guess it's an option 12:41 < booyah> still; heaving 2 fullnodes on same machine and IP is weird, and probably a bit less private (merged traffic between lnd use and onchain use, provides more coverage) 12:42 < qubenix> idk, i have 5 mainnet nodes on my desktop right now. 12:43 <@roasbeef> qubenix: badass 12:43 < qubenix> :p 12:44 <@roasbeef> booyah: defense there woudl be on the bitcoind side, like giving a user only restricted access to paritcular calls 12:44 <@roasbeef> in the past, I think there was some work to look into that, but dunno what they did in the end 12:44 < booyah> roasbeef: right, that's why I asked which RPC calls does LND require. I could probably write such a wrapper if no one did 12:46 <@roasbeef> they're all read stuff 12:46 < molz> booyah, if you don't see roasbeef answer that q ^ then it means none 12:46 <@roasbeef> anything that modifies bitcoind state, you can remove 12:46 <@roasbeef> even then another defense is to run the bitcoind as an empty wallet 12:46 <@roasbeef> so don't store any coins on the bitcoind instance it's connecting to 12:46 < molz> i've run bitcoind as a headless and faceless node 12:46 <@roasbeef> you can even compile it w/o the wallet 12:47 <@roasbeef> i think that solves all your concerns, partition the bitcoind all together 12:50 < booyah> actually, if the bitcoind with wallet would conned to the other one via -connect as only peer, it would be as merged from outside as if you would just run 1 node. yeah that could work 12:50 < waxwing> it's not relevant here, but i believe there's a new --disable-privatekeys (caveat: not the correct name) in 0.17, so that with a watch-only wallet you could remove a security risk. but here, yeah, lnd is just using bitcoind for blockchain read access. 12:50 < waxwing> no wallet, no gui, no nuffink is aOK :) 12:51 < molz> yup 12:52 < waxwing> 'headless and faceless' ... "a node has no name" ;) 12:53 < molz> lol 12:59 -!- nik [b0201d34@gateway/web/freenode/ip.176.32.29.52] has joined #lnd 13:00 -!- nik [b0201d34@gateway/web/freenode/ip.176.32.29.52] has quit [Client Quit] 13:17 -!- Pioklo_ [~Pioklo@118-40.echostar.pl] has quit [Ping timeout: 268 seconds] 13:18 -!- SopaXorzTaker [~SopaXorzT@unaffiliated/sopaxorztaker] has quit [Remote host closed the connection] 13:21 <@roasbeef> kek 13:57 -!- Pioklo_ [~Pioklo@118-40.echostar.pl] has joined #lnd 14:24 -!- github-lnd [github-lnd@gateway/service/github.com/x-bsijxdpcwwpwpnih] has joined #lnd 14:24 -github-lnd:#lnd- [lnd] Roasbeef pushed 1 new commit to master: https://git.io/fAO1V 14:24 -github-lnd:#lnd- lnd/master 73af09a Olaoluwa Osuntokun: lnd+cmd/lncli: bump version to 0.5-beta 14:24 -!- github-lnd [github-lnd@gateway/service/github.com/x-bsijxdpcwwpwpnih] has left #lnd [] 14:29 < molz> :fireworks: 15:01 -!- contrapumpkin [~copumpkin@haskell/developer/copumpkin] has joined #lnd 15:01 -!- copumpkin [~copumpkin@haskell/developer/copumpkin] has quit [Ping timeout: 240 seconds] 15:08 -!- sh_smith [~sh_smith@cpe-76-174-26-91.socal.res.rr.com] has quit [Remote host closed the connection] 15:18 -!- Giszmo [~leo@pc-72-54-46-190.cm.vtr.net] has joined #lnd 15:45 -!- Pioklo__ [Pioklo@ip-91.246.70.194.skyware.pl] has joined #lnd 15:49 -!- Pioklo_ [~Pioklo@118-40.echostar.pl] has quit [Ping timeout: 272 seconds] 15:55 -!- github-lnd [github-lnd@gateway/service/github.com/x-gzpagbwnziwhqypw] has joined #lnd 15:55 -github-lnd:#lnd- [lnd] wpaulino opened pull request #1798: discovery/gossiper: remove optimistic channel announcement request (master...premature-chan-ann-fetch) https://git.io/fAO57 15:55 -!- github-lnd [github-lnd@gateway/service/github.com/x-gzpagbwnziwhqypw] has left #lnd [] 15:58 -!- sh_smith [~sh_smith@cpe-76-174-26-91.socal.res.rr.com] has joined #lnd 16:12 -!- Pioklo__ [Pioklo@ip-91.246.70.194.skyware.pl] has quit [Ping timeout: 244 seconds] 16:19 -!- ChunkyPuffs [~ChunkyPuf@gateway/tor-sasl/chunkypuffs] has joined #lnd 16:42 -!- ChunkyPuffs [~ChunkyPuf@gateway/tor-sasl/chunkypuffs] has quit [Remote host closed the connection] 17:04 -!- bitdex [~bitdex@gateway/tor-sasl/bitdex] has joined #lnd 17:11 <@roasbeef> https://twitter.com/roasbeef/status/1034228047967281153 17:14 -!- drexl [~drexl@cpc130676-camd16-2-0-cust445.know.cable.virginm.net] has quit [Remote host closed the connection] 17:18 < qubenix> congrats! thanks to everyone involved for their hard work and dedication. 17:21 <@roasbeef> contributors: y'all the real MVP 17:21 <@roasbeef> kek 17:35 -!- ThrobbingSausage [~xian001@47.184.129.94] has joined #lnd 17:54 -!- hihi [47b22df9@gateway/web/freenode/ip.71.178.45.249] has joined #lnd 17:55 -!- wraithm [~wraithm@unaffiliated/wraithm] has joined #lnd 19:09 -!- eamonnw [eamonnw@faeroes.sdf.org] has joined #lnd 19:38 -!- github-lnd [github-lnd@gateway/service/github.com/x-lccckgeshbazkbij] has joined #lnd 19:38 -github-lnd:#lnd- [lnd] tailnode opened pull request #1799: docs:fix markdown issues in docker/README.md (master...fix-markdown-issue) https://git.io/fA3fJ 19:38 -!- github-lnd [github-lnd@gateway/service/github.com/x-lccckgeshbazkbij] has left #lnd [] 20:08 -!- rain [71d07379@gateway/web/freenode/ip.113.208.115.121] has joined #lnd 20:13 -!- vindard_ [~androirc@116.212.135.5] has joined #lnd 20:14 -!- vindard_ [~androirc@116.212.135.5] has left #lnd [] 20:14 -!- vindard_ [~androirc@116.212.135.5] has joined #lnd 20:16 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Remote host closed the connection] 20:16 -!- vindard_ [~androirc@116.212.135.5] has quit [Quit: AndroIRC - Android IRC Client ( http://www.androirc.com )] 20:27 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 20:30 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Client Quit] 20:31 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 20:31 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Client Quit] 20:31 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 20:32 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Remote host closed the connection] 20:32 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 20:40 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has quit [Remote host closed the connection] 20:42 -!- Styil [Styil@gateway/vpn/privateinternetaccess/styil] has joined #lnd 20:53 -!- rain [71d07379@gateway/web/freenode/ip.113.208.115.121] has quit [Quit: Page closed] 20:59 -!- Urgo_ [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has joined #lnd 20:59 -!- Urgo [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has quit [Disconnected by services] 20:59 -!- Urgo_ [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has quit [Excess Flood] 20:59 -!- Urgo [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has joined #lnd 20:59 -!- Urgo [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has quit [Excess Flood] 21:00 -!- Urgo [~Urgo@cpe-107-15-142-254.nc.res.rr.com] has joined #lnd 21:02 -!- redstorm [cb56cc58@gateway/web/freenode/ip.203.86.204.88] has joined #lnd 21:26 -!- redstorm [cb56cc58@gateway/web/freenode/ip.203.86.204.88] has quit [Quit: Page closed] 22:21 -!- github-lnd [github-lnd@gateway/service/github.com/x-ymivmsqyhpoisouj] has joined #lnd 22:21 -github-lnd:#lnd- [lnd] cfromknecht opened pull request #1801: server: Stop requesting initial graph sync (master...remove-initial-graph-sync-request) https://git.io/fA3Ii 22:21 -!- github-lnd [github-lnd@gateway/service/github.com/x-ymivmsqyhpoisouj] has left #lnd [] 22:35 -!- github-lnd [github-lnd@gateway/service/github.com/x-bqrumdloelkapmpi] has joined #lnd 22:35 -github-lnd:#lnd- [lnd] wpaulino opened pull request #1802: config: ensure ZMQ options are not equal and defer creating lnddir until all flag parsing is done (master...equal-zmq-conf-error) https://git.io/fA3LZ 22:35 -!- github-lnd [github-lnd@gateway/service/github.com/x-bqrumdloelkapmpi] has left #lnd []