--- Day changed Tue Aug 08 2017 01:11 -!- Sentineo [~Undefined@node.chcembitcoin.sk] has joined #lnd 01:15 -github-lnd:#lnd- [lnd] halseth closed pull request #247: Always propagate self node announcement (master...flake-updated-node-announcement) https://git.io/v7Ka9 01:35 -!- MaxSan [~one@109.163.226.153] has joined #lnd 01:47 -!- MaxSan [~one@109.163.226.153] has quit [Ping timeout: 268 seconds] 02:33 -!- MaxSan [~one@109.163.226.153] has joined #lnd 02:39 < cdecker> Yep, found that export yesterday, however now I get SSL_ERROR_SSL: error:1000006b:SSL routines:OPENSSL_internal:BAD_ECC_CERT which seems odd 02:40 < cdecker> aakselrod, you were suggesting to create a custom certificate and place it in the lnd datadir so it gets picked up on load? That way I could use a less esoteric cert I guess? 02:42 < aakselrod> cdecker: yep, that's correct... use P256 (and i believe openssl defaults to SHA256 instead of SHA512 when creating a CSR) 02:43 < aakselrod> but that was for javascript+boringssl, not pythong 02:43 < aakselrod> python 02:43 < aakselrod> sorry, it's late, and i'm still up coding, my fingers aren't moving correctly ;) 02:43 < cdecker> Hehe, no problem, thanks for the tip, will try it and report back ^^ 02:44 < cdecker> (python also delegates SSL/TLS to OpenSSL so whatever OpenSSL generates should work I guess) 02:46 < aakselrod> would love to see `openssl x509 -in tls.cert -noout -text` output when you get it working 03:00 -!- JackH [~laptop@46.231.18.66] has joined #lnd 03:10 < cdecker> openssl is way too complicated for my taste, any pointers on how to generate the cert? 03:13 < Sentineo> what type? 03:13 < Sentineo> maybe using easy-rsa would help? 03:15 < aakselrod> sec, i pinned a tutorial in #ln-testers on bitcoin core slack, will paste here 03:15 < cdecker> That'd be great, thanks 03:16 < Sentineo> ok let me start working on my lithgning node, you guys motivated me, got stuck last time with some error 03:16 < aakselrod> cd ~/.lnd 03:16 < aakselrod> openssl ecparam -genkey -name prime256v1 -out tls.key 03:16 < aakselrod> openssl req -new -sha256 -key tls.key -out csr.csr -subj '/CN=localhost/O=lnd' 03:16 < aakselrod> openssl req -x509 -sha256 -days 3650 -key tls.key -in csr.csr -out tls.cert 03:16 < aakselrod> rm csr.csr 03:16 < Sentineo> hm why prime256v1? 03:17 < Sentineo> is it secp256k1? 03:17 < aakselrod> no, these are specifically parameters supported by boringssl 03:18 < aakselrod> which is used as a library by node.js, i guess 03:18 * aakselrod doesn't know much about node.js 03:19 < Sentineo> I use nodejs 03:19 < Sentineo> where is it used here? 03:19 < cdecker> Damn: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED 03:19 < aakselrod> it's self-signed 03:19 < aakselrod> are there any required options to allow a self-signed (or pinned) cert? 03:19 < aakselrod> in the go `lncli` client, i'm pinning to the cert 03:20 < Sentineo> you import a .pem file? 03:20 < aakselrod> that's preferable IMO 03:20 < Sentineo> or point to it? 03:20 < aakselrod> Sentineo: i point to the .cert file 03:20 < aakselrod> which is x509... the .key file is PEM 03:20 < Sentineo> oh ok 03:21 < Sentineo> I really used only easy-rsa to create certs 03:21 < Sentineo> signed with a CA 03:21 < aakselrod> you should be able to work with CA-based PKI for these certs, too 03:21 < Sentineo> ok lets start at the beginning :) new to go 03:21 < Sentineo> it is complaining I do not have GOPATH set 03:22 < Sentineo> where should it be? 03:22 < aakselrod> https://golang.org/doc/install 03:22 < aakselrod> follow those docs to install go 03:24 < Sentineo> I found one for ubuntu to install, it went ok with apt-get just does not like the path not set up 03:24 < Sentineo> o sounds like I could find out where it put go and set the var accordingly 03:24 < aakselrod> don't use the ubuntu packages, they're really old and won't work with lnd 03:24 < aakselrod> https://golang.org/doc/code.html#Workspaces <-- contains details about GOPATH 03:24 < Sentineo> ah ok 03:25 < cdecker> doh, I was unable to disable verification, but providing the cert as root_cert for the credentials works fine 03:25 < Sentineo> so will remove it and go with the page then 03:25 < aakselrod> cdecker: yeah, that's what i do for lncli too 03:25 < cdecker> Thanks aakselrod that actually worked like a charm 03:25 < aakselrod> if you have PKI your client will trust (or a letsencrypt cert or something), you don't have to do it that way 03:26 < aakselrod> but for purely self-signed, untrusted, you have to pin the cert like that 03:28 < Sentineo> aakselrod: I should go from install the Go tools righ? that go distribution sounds like some vm or am I wrong? 03:29 < aakselrod> cdecker: i see the issue you submitted, thanks! 03:30 < aakselrod> Sentineo: you should install from the .tar.gz file found at https://golang.org/dl/ 03:30 < aakselrod> no VM 03:30 < Sentineo> ok 03:30 < aakselrod> if you want a docker-based version, there's a HOWTO on that too 03:30 < aakselrod> might be easier, but i haven't played with it much myself 03:30 < Sentineo> no I do not :) 03:31 < aakselrod> https://github.com/lightningnetwork/lnd/blob/master/docker/README.md 03:31 < aakselrod> ok :) 03:31 < Sentineo> never played with docker, just wanted to make sure I click the right stuff 03:31 < Sentineo> the do not write it anywhere so I ask, it should be done as a user right? 03:32 < cdecker> aakselrod, not a huge problem but I found it puzzling not to find the cert where I was expecting it 03:32 < cdecker> and it might be annoying for people that run multiple lnd instances with different configs 03:35 < aakselrod> Sentineo: https://golang.org/doc/install explains it pretty well, you need to unzip as root because you're writing to /usr/local 03:35 < aakselrod> setting up your workspace is done as your user though 03:35 < aakselrod> cdecker: yeah, i can imagine that'd be annoying... not sure why it doesn't work, we'll look into it :) 03:35 < Sentineo> ok 03:35 < Sentineo> ty 03:36 < Sentineo> bah it is written there 03:36 < Sentineo> am 'root' blind so it seems :D 03:44 < aakselrod> ok, good night all :) bedtime for me 03:51 < Sentineo> aakselrod: thanks, installing glide :) 03:51 < Sentineo> woho, am one step further again 04:39 -!- berndj [~berndj@mail.azna.co.za] has quit [Ping timeout: 255 seconds] 04:41 -!- berndj [~berndj@mail.azna.co.za] has joined #lnd 04:45 -!- MaxSan [~one@109.163.226.153] has quit [Ping timeout: 260 seconds] 04:53 -!- dutchdev [5f61f012@gateway/web/freenode/ip.95.97.240.18] has joined #lnd 04:55 < dutchdev> Anyone here that is able/willing to help me out? Working with the lncli but keep getting "[lncli] could not find option group `Bitcoin'". Anyone seen this issue before? It's coming from the lnd.conf and it cant find the bitcoin group. LND and btc is running 05:07 -!- arubi [~ese168@gateway/tor-sasl/ese168] has quit [Ping timeout: 248 seconds] 05:07 -!- deusexbeer [~deusexbee@095-129-169-198-dynamic-pool-adsl.wbt.ru] has quit [Remote host closed the connection] 05:08 -!- deusexbeer [~deusexbee@095-129-169-198-dynamic-pool-adsl.wbt.ru] has joined #lnd 05:09 -!- arubi [~ese168@gateway/tor-sasl/ese168] has joined #lnd 05:52 -!- johanth [uid223041@gateway/web/irccloud.com/x-zijpmxmmlxypdkmp] has joined #lnd 05:52 < johanth> can you paste your lnd.conf here? :) 06:07 < Sentineo> pastebin would be probably better ... 06:22 -!- MaxSan [~one@109.163.226.153] has joined #lnd 06:30 -!- MaxSan [~one@109.163.226.153] has quit [Ping timeout: 240 seconds] 06:34 -!- MaxSan [~one@91.214.169.69] has joined #lnd 06:41 -!- MaxSan [~one@91.214.169.69] has quit [Ping timeout: 240 seconds] 07:04 -!- dutchdev [5f61f012@gateway/web/freenode/ip.95.97.240.18] has quit [Quit: Page closed] 07:04 -!- dutchdev [5f61f012@gateway/web/freenode/ip.95.97.240.18] has joined #lnd 07:07 < dutchdev> Thanks for your reply :) I got the lnd.conf straight from http://dev.lightning.community/tutorial/01-lncli/index.html . This is the pastebin: https://pastebin.com/kXzgB8G2 . 07:08 -!- MaxSan [~one@185.156.175.43] has joined #lnd 07:09 < dutchdev> I've tried it on both Mac and a Debian 8 server. Both have the exact same issue. 07:13 -!- MaxSan [~one@185.156.175.43] has quit [Ping timeout: 260 seconds] 07:18 < johanth> I think the way lncli parses the conf file changed recently. You can remove the [Bitcoin] line 07:21 < johanth> or rather, lncli just recently started parsing the conf file, I think @aakselrod knows about the issue :) 07:22 < lndbot1> You saved my day :ok_hand: That was the issue. After removing that line it works 08:23 -!- dutchdev [5f61f012@gateway/web/freenode/ip.95.97.240.18] has quit [Ping timeout: 260 seconds] 08:57 < johanth> Nice :) 09:43 -!- JackH [~laptop@46.231.18.66] has quit [Ping timeout: 258 seconds] 09:45 < aakselrod> yeah, i know about the issue :) i need to submit an upstream PR to go-flags, as it doesn't respect the IgnoreUnknown flag for unknown option groups 10:03 -!- JackH [~laptop@217.149.140.177] has joined #lnd 10:24 <@roasbeef> cdecker: i need to merge a PR to btcutil, but after that you won't have to manually generate the cert 10:26 < cdecker> Great, thanks roasbeef, I'm bundling a cert with the lightning-integration framework (yeah I know...) :-) 10:32 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 248 seconds] 10:34 -!- MaxSan [~one@185.156.175.43] has joined #lnd 10:34 < aakselrod> roasbeef: we should test that theory, i only changed the curve... looks like a change to the hash algorithm is in order too (from sha512 to sha256) 10:35 <@roasbeef> aakselrod: hmm, we should prob make that function take particualr paramters 10:35 < aakselrod> roasbeef: the new btcutil upstream does, but only for the curve... btcd still passes P521 so the resulting behavior is still the same 10:36 < aakselrod> er, maybe that's dcrd, not btcd 10:36 < aakselrod> i'll take a look, test it a bit more thoroughly with python and nodejs, and rework the PR as necessary 10:37 < aakselrod> but i'm only testing on ubuntu 16.04LTS, so some mac+windows testing might be good before it's merged 10:57 -github-lnd:#lnd- [lnd] halseth opened pull request #249: Flake node announcement threadsafe (master...flake-node-announcement-threadsafe) https://git.io/v7PYg 11:18 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 11:24 -!- Sentineo [~Undefined@node.chcembitcoin.sk] has quit [Quit: Lost terminal] 11:27 <@roasbeef> aakselrod: mhmm, meaning it should also take a hash.Hash, etc 11:29 < aakselrod> roasbeef: i'll update it to take both curve and hash algorithm as arguments, and then make btcd emulate the current state and lnd use P256 and SHA256 for boringssl compatibility 11:33 <@roasbeef> actually I think we need to specify cipher suites when we're creating the gRPC server itself 11:38 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 258 seconds] 11:43 -!- MaxSan [~one@185.156.175.43] has quit [Ping timeout: 240 seconds] 11:43 -!- abpa [~abpa@96-82-80-28-static.hfc.comcastbusiness.net] has joined #lnd 11:52 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 12:04 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 255 seconds] 12:16 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 12:29 -github-lnd:#lnd- [lnd] Roasbeef pushed 2 new commits to master: https://git.io/v7P4X 12:29 -github-lnd:#lnd- lnd/master c497a63 Johan T. Halseth: server: return copy of current node announcement instead of ref 12:29 -github-lnd:#lnd- lnd/master 5c89ec6 Johan T. Halseth: fundingManager: let CurrentNodeAnnouncement return copy instead of ref 12:37 < Emcy_> segwit locked in congrats :) 12:37 < Emcy_> path is clear 12:49 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 255 seconds] 13:01 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 13:14 -!- chjj [~chjj@unaffiliated/chjj] has quit [Quit: WeeChat 1.9] 13:14 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 13:51 -!- Artemis3 [~artemis3@190-37-30-10.dyn.dsl.cantv.net] has joined #lnd 14:31 < molz> Emcy_, yup 15:22 -!- johanth [uid223041@gateway/web/irccloud.com/x-zijpmxmmlxypdkmp] has quit [Quit: Connection closed for inactivity] 15:25 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 255 seconds] 15:37 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 16:11 -!- jouke [~worst@unaffiliated/komkommer] has quit [Ping timeout: 255 seconds] 16:13 -!- jouke [~worst@2001:1c02:1600:9200:7119:18a0:a794:e3e1] has joined #lnd 16:13 -!- jouke [~worst@2001:1c02:1600:9200:7119:18a0:a794:e3e1] has quit [Changing host] 16:13 -!- jouke [~worst@unaffiliated/komkommer] has joined #lnd 16:19 -!- vicenteH [~user@13.232.15.37.dynamic.jazztel.es] has quit [Ping timeout: 260 seconds] 16:24 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 246 seconds] 16:36 -!- riclas [~riclas@72.210.189.46.rev.vodafone.pt] has joined #lnd 16:38 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 16:59 -!- abpa [~abpa@96-82-80-28-static.hfc.comcastbusiness.net] has quit [Quit: Textual IRC Client: www.textualapp.com] 17:10 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 255 seconds] 17:59 -github-lnd:#lnd- [lnd] aakselrod opened pull request #250: Initial macaroon implementation (master...macaroons) https://git.io/v7Phu 18:25 <@roasbeef> ^ very excite for that!! 18:27 < aakselrod> \m/ 19:27 < riclas> wtf is macaroon... 19:29 < riclas> hmmmm auth i see 19:33 <@roasbeef> riclas: bearer api credentials 19:33 <@roasbeef> riclas: http://hackingdistributed.com/2014/05/16/macaroons-are-better-than-cookies/ 19:33 < riclas> ye found that post :) 19:36 <@roasbeef> nice 20:48 -!- riclas [~riclas@72.210.189.46.rev.vodafone.pt] has quit [Ping timeout: 260 seconds] 20:54 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 21:14 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 260 seconds] 21:15 -!- riclas [~riclas@72.210.189.46.rev.vodafone.pt] has joined #lnd 23:31 -!- chjj [~chjj@unaffiliated/chjj] has joined #lnd 23:42 -!- chjj [~chjj@unaffiliated/chjj] has quit [Ping timeout: 240 seconds] 23:45 < Emcy_> do any of yall think its important to have at least LN v1.0 deployed and working in some scale before november ish, when blocktimes on bitcoin might become large due to miners trying to strongarm the rest of the network 23:46 < Emcy_> a working LN would do much to smooth over that temporarily, i think? 23:48 -!- JackH [~laptop@217.149.140.177] has quit [Ping timeout: 260 seconds] 23:49 < Emcy_> i understand core are moving some things up the schedule in preperation, such as disconnecting nodes signalling the NYA service bit early