lnd

package module
v0.18.3-beta Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 11, 2024 License: MIT Imports: 150 Imported by: 31

README

Lightning Network Daemon

Release build MIT licensed Irc Godoc Go Report Card

The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. lnd has several pluggable back-end chain services including btcd (a full-node), bitcoind, and neutrino (a new experimental light client). The project's codebase uses the btcsuite set of Bitcoin libraries, and also exports a large set of isolated re-usable Lightning Network related libraries within it. In the current state lnd is capable of:

  • Creating channels.
  • Closing channels.
  • Completely managing all channel states (including the exceptional ones!).
  • Maintaining a fully authenticated+validated channel graph.
  • Performing path finding within the network, passively forwarding incoming payments.
  • Sending outgoing onion-encrypted payments through the network.
  • Updating advertised fee schedules.
  • Automatic channel management (autopilot).

Lightning Network Specification Compliance

lnd fully conforms to the Lightning Network specification (BOLTs). BOLT stands for: Basis of Lightning Technology. The specifications are currently being drafted by several groups of implementers based around the world including the developers of lnd. The set of specification documents as well as our implementation of the specification are still a work-in-progress. With that said, the current status of lnd's BOLT compliance is:

  • BOLT 1: Base Protocol
  • BOLT 2: Peer Protocol for Channel Management
  • BOLT 3: Bitcoin Transaction and Script Formats
  • BOLT 4: Onion Routing Protocol
  • BOLT 5: Recommendations for On-chain Transaction Handling
  • BOLT 7: P2P Node and Channel Discovery
  • BOLT 8: Encrypted and Authenticated Transport
  • BOLT 9: Assigned Feature Flags
  • BOLT 10: DNS Bootstrap and Assisted Node Location
  • BOLT 11: Invoice Protocol for Lightning Payments

Developer Resources

The daemon has been designed to be as developer friendly as possible in order to facilitate application development on top of lnd. Two primary RPC interfaces are exported: an HTTP REST API, and a gRPC service. The exported APIs are not yet stable, so be warned: they may change drastically in the near future.

An automatically generated set of documentation for the RPC APIs can be found at api.lightning.community. A set of developer resources including guides, articles, example applications and community resources can be found at: docs.lightning.engineering.

Finally, we also have an active Slack where protocol developers, application developers, testers and users gather to discuss various aspects of lnd and also Lightning in general.

Installation

In order to build from source, please see the installation instructions.

Docker

To run lnd from Docker, please see the main Docker instructions

IRC

  • irc.libera.chat
  • channel #lnd
  • webchat

Safety

When operating a mainnet lnd node, please refer to our operational safety guidelines. It is important to note that lnd is still beta software and that ignoring these operational guidelines can lead to loss of funds.

Security

The developers of lnd take security very seriously. The disclosure of security vulnerabilities helps us secure the health of lnd, privacy of our users, and also the health of the Lightning Network as a whole. If you find any issues regarding security or privacy, please disclose the information responsibly by sending an email to security at lightning dot engineering, preferably encrypted using our designated PGP key (91FE464CD75101DA6B6BAB60555C6465E5BCB3AF) which can be found here.

Further reading

Documentation

Index

Constants

View Source
const (

	// MaxTimeLockDelta is the maximum CLTV delta that can be applied to
	// forwarded HTLCs.
	MaxTimeLockDelta = routing.MaxCLTVDelta

	// defaultHTTPHeaderTimeout is the default timeout for HTTP requests.
	DefaultHTTPHeaderTimeout = 5 * time.Second

	// BitcoinChainName is a string that represents the Bitcoin blockchain.
	BitcoinChainName = "bitcoin"
)
View Source
const UnassignedConnID uint64 = 0

UnassignedConnID is the default connection ID that a request can have before it actually is submitted to the connmgr. TODO(conner): move into connmgr package, or better, add connmgr method for generating atomic IDs

Variables

View Source
var (
	// DefaultLndDir is the default directory where lnd tries to find its
	// configuration file and store its data. This is a directory in the
	// user's application data, for example:
	//   C:\Users\<username>\AppData\Local\Lnd on Windows
	//   ~/.lnd on Linux
	//   ~/Library/Application Support/Lnd on MacOS
	DefaultLndDir = btcutil.AppDataDir("lnd", false)

	// DefaultConfigFile is the default full path of lnd's configuration
	// file.
	DefaultConfigFile = filepath.Join(DefaultLndDir, lncfg.DefaultConfigFilename)
)
View Source
var (
	// ErrCannotResume is returned when an intercepted forward cannot be
	// resumed. This is the case in the on-chain resolution flow.
	ErrCannotResume = errors.New("cannot resume in the on-chain flow")

	// ErrCannotFail is returned when an intercepted forward cannot be failed.
	// This is the case in the on-chain resolution flow.
	ErrCannotFail = errors.New("cannot fail in the on-chain flow")

	// ErrPreimageMismatch is returned when the preimage that is specified to
	// settle an htlc doesn't match the htlc hash.
	ErrPreimageMismatch = errors.New("preimage does not match hash")
)
View Source
var (
	// ErrPeerNotConnected signals that the server has no connection to the
	// given peer.
	ErrPeerNotConnected = errors.New("peer is not connected")

	// ErrServerNotActive indicates that the server has started but hasn't
	// fully finished the startup process.
	ErrServerNotActive = errors.New("server is still in the process of " +
		"starting")

	// ErrServerShuttingDown indicates that the server is in the process of
	// gracefully exiting.
	ErrServerShuttingDown = errors.New("server is shutting down")

	// MaxFundingAmount is a soft-limit of the maximum channel size
	// currently accepted within the Lightning Protocol. This is
	// defined in BOLT-0002, and serves as an initial precautionary limit
	// while implementations are battle tested in the real world.
	//
	// At the moment, this value depends on which chain is active. It is set
	// to the value under the Bitcoin chain as default.
	//
	// TODO(roasbeef): add command line param to modify.
	MaxFundingAmount = funding.MaxBtcFundingAmount
)

Functions

func AddSubLogger

func AddSubLogger(root *build.RotatingLogWriter, subsystem string,
	interceptor signal.Interceptor, useLoggers ...func(btclog.Logger))

AddSubLogger is a helper method to conveniently create and register the logger of one or more sub systems.

func AdminAuthOptions

func AdminAuthOptions(cfg *Config, skipMacaroons bool) ([]grpc.DialOption,
	error)

AdminAuthOptions returns a list of DialOptions that can be used to authenticate with the RPC server with admin capabilities. skipMacaroons=true should be set if we don't want to include macaroons with the auth options. This is needed for instance for the WalletUnlocker service, which must be usable also before macaroons are created.

NOTE: This should only be called after the RPCListener has signaled it is ready.

func CleanAndExpandPath

func CleanAndExpandPath(path string) string

CleanAndExpandPath expands environment variables and leading ~ in the passed path, cleans the result, and returns it. This function is taken from https://github.com/btcsuite/btcd

func GetAllPermissions

func GetAllPermissions() []bakery.Op

GetAllPermissions returns all the permissions required to interact with lnd.

func Main

func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg,
	interceptor signal.Interceptor) error

Main is the true entry point for lnd. It accepts a fully populated and validated main configuration struct and an optional listener config struct. This function starts all main system components then blocks until a signal is received on the shutdownChan at which point everything is shut down again.

func MainRPCServerPermissions

func MainRPCServerPermissions() map[string][]bakery.Op

MainRPCServerPermissions returns a mapping of the main RPC server calls to the permissions they require.

func SetSubLogger

func SetSubLogger(root *build.RotatingLogWriter, subsystem string,
	logger btclog.Logger, useLoggers ...func(btclog.Logger))

SetSubLogger is a helper method to conveniently register the logger of a sub system.

func SetupLoggers

func SetupLoggers(root *build.RotatingLogWriter, interceptor signal.Interceptor)

SetupLoggers initializes all package-global logger variables.

Types

type ChainControlBuilder

type ChainControlBuilder interface {
	// BuildChainControl is responsible for creating a fully populated chain
	// control instance from a wallet.
	BuildChainControl(*chainreg.PartialChainControl,
		*btcwallet.Config) (*chainreg.ChainControl, func(), error)
}

ChainControlBuilder is an interface that must be satisfied by a custom wallet implementation.

type Config

type Config struct {
	ShowVersion bool `short:"V" long:"version" description:"Display version information and exit"`

	LndDir       string `` /* 155-byte string literal not displayed */
	ConfigFile   string `short:"C" long:"configfile" description:"Path to configuration file"`
	DataDir      string `short:"b" long:"datadir" description:"The directory to store lnd's data within"`
	SyncFreelist bool   `` /* 233-byte string literal not displayed */

	TLSCertPath        string        `long:"tlscertpath" description:"Path to write the TLS certificate for lnd's RPC and REST services"`
	TLSKeyPath         string        `long:"tlskeypath" description:"Path to write the TLS private key for lnd's RPC and REST services"`
	TLSExtraIPs        []string      `long:"tlsextraip" description:"Adds an extra ip to the generated certificate"`
	TLSExtraDomains    []string      `long:"tlsextradomain" description:"Adds an extra domain to the generated certificate"`
	TLSAutoRefresh     bool          `long:"tlsautorefresh" description:"Re-generate TLS certificate and key if the IPs or domains are changed"`
	TLSDisableAutofill bool          `` /* 173-byte string literal not displayed */
	TLSCertDuration    time.Duration `long:"tlscertduration" description:"The duration for which the auto-generated TLS certificate will be valid for"`
	TLSEncryptKey      bool          `` /* 160-byte string literal not displayed */

	NoMacaroons     bool          `` /* 133-byte string literal not displayed */
	AdminMacPath    string        `long:"adminmacaroonpath" description:"Path to write the admin macaroon for lnd's RPC and REST services if it doesn't exist"`
	ReadMacPath     string        `` /* 130-byte string literal not displayed */
	InvoiceMacPath  string        `` /* 126-byte string literal not displayed */
	LogDir          string        `long:"logdir" description:"Directory to log output."`
	MaxLogFiles     int           `long:"maxlogfiles" description:"Maximum logfiles to keep (0 for no rotation)"`
	MaxLogFileSize  int           `long:"maxlogfilesize" description:"Maximum logfile size in MB"`
	AcceptorTimeout time.Duration `` /* 136-byte string literal not displayed */

	LetsEncryptDir    string `long:"letsencryptdir" description:"The directory to store Let's Encrypt certificates within"`
	LetsEncryptListen string `` /* 471-byte string literal not displayed */
	LetsEncryptDomain string `` /* 186-byte string literal not displayed */

	// We'll parse these 'raw' string arguments into real net.Addrs in the
	// loadConfig function. We need to expose the 'raw' strings so the
	// command line library can access them.
	// Only the parsed net.Addrs should be used!
	RawRPCListeners   []string `long:"rpclisten" description:"Add an interface/port/socket to listen for RPC connections"`
	RawRESTListeners  []string `long:"restlisten" description:"Add an interface/port/socket to listen for REST connections"`
	RawListeners      []string `long:"listen" description:"Add an interface/port to listen for peer connections"`
	RawExternalIPs    []string `` /* 200-byte string literal not displayed */
	ExternalHosts     []string `` /* 173-byte string literal not displayed */
	RPCListeners      []net.Addr
	RESTListeners     []net.Addr
	RestCORS          []string `long:"restcors" description:"Add an ip:port/hostname to allow cross origin access from. To allow all origins, set as \"*\"."`
	Listeners         []net.Addr
	ExternalIPs       []net.Addr
	DisableListen     bool          `long:"nolisten" description:"Disable listening for incoming peer connections"`
	DisableRest       bool          `long:"norest" description:"Disable REST API"`
	DisableRestTLS    bool          `long:"no-rest-tls" description:"Disable TLS for REST connections"`
	WSPingInterval    time.Duration `` /* 156-byte string literal not displayed */
	WSPongWait        time.Duration `` /* 158-byte string literal not displayed */
	NAT               bool          `` /* 210-byte string literal not displayed */
	AddPeers          []string      `long:"addpeer" description:"Specify peers to connect to first"`
	MinBackoff        time.Duration `long:"minbackoff" description:"Shortest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."`
	MaxBackoff        time.Duration `long:"maxbackoff" description:"Longest backoff when reconnecting to persistent peers. Valid time units are {s, m, h}."`
	ConnectionTimeout time.Duration `long:"connectiontimeout" description:"The timeout value for network connections. Valid time units are {ms, s, m, h}."`

	DebugLevel string `` /* 290-byte string literal not displayed */

	CPUProfile string `long:"cpuprofile" description:"Write CPU profile to the specified file"`

	Profile string `long:"profile" description:"Enable HTTP profiling on either a port or host:port"`

	BlockingProfile int `` /* 204-byte string literal not displayed */
	MutexProfile    int `` /* 195-byte string literal not displayed */

	UnsafeDisconnect   bool   `` /* 180-byte string literal not displayed */
	UnsafeReplay       bool   `` /* 157-byte string literal not displayed */
	MaxPendingChannels int    `long:"maxpendingchannels" description:"The maximum number of incoming pending channels permitted per peer."`
	BackupFilePath     string `long:"backupfilepath" description:"The target location of the channel backup file"`

	FeeURL string `` /* 255-byte string literal not displayed */

	Bitcoin      *lncfg.Chain    `group:"Bitcoin" namespace:"bitcoin"`
	BtcdMode     *lncfg.Btcd     `group:"btcd" namespace:"btcd"`
	BitcoindMode *lncfg.Bitcoind `group:"bitcoind" namespace:"bitcoind"`
	NeutrinoMode *lncfg.Neutrino `group:"neutrino" namespace:"neutrino"`

	BlockCacheSize uint64 `long:"blockcachesize" description:"The maximum capacity of the block cache"`

	Autopilot *lncfg.AutoPilot `group:"Autopilot" namespace:"autopilot"`

	Tor *lncfg.Tor `group:"Tor" namespace:"tor"`

	SubRPCServers *subRPCServerConfigs `group:"subrpc"`

	Hodl *hodl.Config `group:"hodl" namespace:"hodl"`

	NoNetBootstrap bool `long:"nobootstrap" description:"If true, then automatic network bootstrapping will not be attempted."`

	NoSeedBackup             bool   `` /* 205-byte string literal not displayed */
	WalletUnlockPasswordFile string `` /* 394-byte string literal not displayed */
	WalletUnlockAllowCreate  bool   `` /* 136-byte string literal not displayed */

	ResetWalletTransactions bool `` /* 342-byte string literal not displayed */

	CoinSelectionStrategy string `` /* 142-byte string literal not displayed */

	PaymentsExpirationGracePeriod time.Duration `` /* 190-byte string literal not displayed */
	TrickleDelay                  int           `long:"trickledelay" description:"Time in milliseconds between each release of announcements to the network"`
	ChanEnableTimeout             time.Duration `` /* 215-byte string literal not displayed */
	ChanDisableTimeout            time.Duration `` /* 338-byte string literal not displayed */
	ChanStatusSampleInterval      time.Duration `` /* 168-byte string literal not displayed */
	HeightHintCacheQueryDisable   bool          `` /* 329-byte string literal not displayed */
	Alias                         string        `long:"alias" description:"The node alias. Used as a moniker by peers and intelligence services"`
	Color                         string        `` /* 139-byte string literal not displayed */
	MinChanSize                   int64         `` /* 148-byte string literal not displayed */
	MaxChanSize                   int64         `` /* 146-byte string literal not displayed */
	CoopCloseTargetConfs          uint32        `` /* 243-byte string literal not displayed */

	ChannelCommitInterval time.Duration `` /* 262-byte string literal not displayed */

	PendingCommitInterval time.Duration `` /* 315-byte string literal not displayed */

	ChannelCommitBatchSize uint32 `` /* 143-byte string literal not displayed */

	KeepFailedPaymentAttempts bool `` /* 139-byte string literal not displayed */

	StoreFinalHtlcResolutions bool `long:"store-final-htlc-resolutions" description:"Persistently store the final resolution of incoming htlcs."`

	DefaultRemoteMaxHtlcs uint16 `` /* 243-byte string literal not displayed */

	NumGraphSyncPeers      int           `` /* 184-byte string literal not displayed */
	HistoricalSyncInterval time.Duration `` /* 213-byte string literal not displayed */

	IgnoreHistoricalGossipFilters bool `` /* 240-byte string literal not displayed */

	RejectPush bool `` /* 170-byte string literal not displayed */

	RejectHTLC bool `` /* 203-byte string literal not displayed */

	AcceptPositiveInboundFees bool `` /* 291-byte string literal not displayed */

	// RequireInterceptor determines whether the HTLC interceptor is
	// registered regardless of whether the RPC is called or not.
	RequireInterceptor bool `long:"requireinterceptor" description:"Whether to always intercept HTLCs, even if no stream is attached"`

	StaggerInitialReconnect bool `` /* 246-byte string literal not displayed */

	MaxOutgoingCltvExpiry uint32 `long:"max-cltv-expiry" description:"The maximum number of blocks funds could be locked up for when forwarding payments."`

	MaxChannelFeeAllocation float64 `` /* 224-byte string literal not displayed */

	MaxCommitFeeRateAnchors uint64 `` /* 204-byte string literal not displayed */

	DryRunMigration bool `` /* 230-byte string literal not displayed */

	EnableUpfrontShutdown bool `` /* 397-byte string literal not displayed */

	AcceptKeySend bool `long:"accept-keysend" description:"If true, spontaneous payments through keysend will be accepted. [experimental]"`

	AcceptAMP bool `long:"accept-amp" description:"If true, spontaneous payments via AMP will be accepted."`

	KeysendHoldTime time.Duration `` /* 219-byte string literal not displayed */

	GcCanceledInvoicesOnStartup bool `long:"gc-canceled-invoices-on-startup" description:"If true, we'll attempt to garbage collect canceled invoices upon start."`

	GcCanceledInvoicesOnTheFly bool `long:"gc-canceled-invoices-on-the-fly" description:"If true, we'll delete newly canceled invoices on the fly."`

	MaxFeeExposure uint64 `long:"dust-threshold" description:"Sets the max fee exposure in satoshis for a channel after which HTLC's will be failed."`

	Fee *lncfg.Fee `group:"fee" namespace:"fee"`

	Invoices *lncfg.Invoices `group:"invoices" namespace:"invoices"`

	Routing *lncfg.Routing `group:"routing" namespace:"routing"`

	Gossip *lncfg.Gossip `group:"gossip" namespace:"gossip"`

	Workers *lncfg.Workers `group:"workers" namespace:"workers"`

	Caches *lncfg.Caches `group:"caches" namespace:"caches"`

	Prometheus lncfg.Prometheus `group:"prometheus" namespace:"prometheus"`

	WtClient *lncfg.WtClient `group:"wtclient" namespace:"wtclient"`

	Watchtower *lncfg.Watchtower `group:"watchtower" namespace:"watchtower"`

	ProtocolOptions *lncfg.ProtocolOptions `group:"protocol" namespace:"protocol"`

	AllowCircularRoute bool `` /* 128-byte string literal not displayed */

	HealthChecks *lncfg.HealthCheckConfig `group:"healthcheck" namespace:"healthcheck"`

	DB *lncfg.DB `group:"db" namespace:"db"`

	Cluster *lncfg.Cluster `group:"cluster" namespace:"cluster"`

	RPCMiddleware *lncfg.RPCMiddleware `group:"rpcmiddleware" namespace:"rpcmiddleware"`

	RemoteSigner *lncfg.RemoteSigner `group:"remotesigner" namespace:"remotesigner"`

	Sweeper *lncfg.Sweeper `group:"sweeper" namespace:"sweeper"`

	Htlcswitch *lncfg.Htlcswitch `group:"htlcswitch" namespace:"htlcswitch"`

	GRPC *GRPCConfig `group:"grpc" namespace:"grpc"`

	// LogWriter is the root logger that all of the daemon's subloggers are
	// hooked up to.
	LogWriter *build.RotatingLogWriter

	// ActiveNetParams contains parameters of the target chain.
	ActiveNetParams chainreg.BitcoinNetParams

	// Estimator is used to estimate routing probabilities.
	Estimator routing.Estimator

	// Dev specifies configs used for integration tests, which is always
	// empty if not built with `integration` flag.
	Dev *lncfg.DevConfig `group:"dev" namespace:"dev"`

	// HTTPHeaderTimeout is the maximum duration that the server will wait
	// before timing out reading the headers of an HTTP request.
	HTTPHeaderTimeout time.Duration `` /* 145-byte string literal not displayed */
	// contains filtered or unexported fields
}

Config defines the configuration options for lnd.

See LoadConfig for further details regarding the configuration loading+parsing process.

func DefaultConfig

func DefaultConfig() Config

DefaultConfig returns all default values for the Config struct.

func LoadConfig

func LoadConfig(interceptor signal.Interceptor) (*Config, error)

LoadConfig initializes and parses the config using a config file and command line options.

The configuration proceeds as follows:

  1. Start with a default config with sane settings
  2. Pre-parse the command line to check for an alternative config file
  3. Load configuration file overwriting defaults with any specified options
  4. Parse CLI options and overwrite/add any specified options

func ValidateConfig

func ValidateConfig(cfg Config, interceptor signal.Interceptor, fileParser,
	flagParser *flags.Parser) (*Config, error)

ValidateConfig check the given configuration to be sane. This makes sure no illegal values or combination of values are set. All file system paths are normalized. The cleaned up config is returned on success.

func (*Config) ImplementationConfig

func (c *Config) ImplementationConfig(
	interceptor signal.Interceptor) *ImplementationCfg

ImplementationConfig returns the configuration of what actual implementations should be used when creating the main lnd instance.

type CustomMessage

type CustomMessage struct {
	// Peer is the peer pubkey
	Peer [33]byte

	// Msg is the custom wire message.
	Msg *lnwire.Custom
}

CustomMessage is a custom message that is received from a peer.

type DatabaseBuilder

type DatabaseBuilder interface {
	// BuildDatabase extracts the current databases that we'll use for
	// normal operation in the daemon. A function closure that closes all
	// opened databases is also returned.
	BuildDatabase(ctx context.Context) (*DatabaseInstances, func(), error)
}

DatabaseBuilder is an interface that must be satisfied by the implementation that provides lnd's main database backend instances.

type DatabaseInstances

type DatabaseInstances struct {
	// GraphDB is the database that stores the channel graph used for path
	// finding.
	//
	// NOTE/TODO: This currently _needs_ to be the same instance as the
	// ChanStateDB below until the separation of the two databases is fully
	// complete!
	GraphDB *channeldb.DB

	// ChanStateDB is the database that stores all of our node's channel
	// state.
	//
	// NOTE/TODO: This currently _needs_ to be the same instance as the
	// GraphDB above until the separation of the two databases is fully
	// complete!
	ChanStateDB *channeldb.DB

	// HeightHintDB is the database that stores height hints for spends.
	HeightHintDB kvdb.Backend

	// InvoiceDB is the database that stores information about invoices.
	InvoiceDB invoices.InvoiceDB

	// MacaroonDB is the database that stores macaroon root keys.
	MacaroonDB kvdb.Backend

	// DecayedLogDB is the database that stores p2p related encryption
	// information.
	DecayedLogDB kvdb.Backend

	// TowerClientDB is the database that stores the watchtower client's
	// configuration.
	TowerClientDB wtclient.DB

	// TowerServerDB is the database that stores the watchtower server's
	// configuration.
	TowerServerDB watchtower.DB

	// WalletDB is the configuration for loading the wallet database using
	// the btcwallet's loader.
	WalletDB btcwallet.LoaderOption

	// NativeSQLStore is a pointer to a native SQL store that can be used
	// for native SQL queries for tables that already support it. This may
	// be nil if the use-native-sql flag was not set.
	NativeSQLStore *sqldb.BaseDB
}

DatabaseInstances is a struct that holds all instances to the actual databases that are used in lnd.

type DefaultDatabaseBuilder

type DefaultDatabaseBuilder struct {
	// contains filtered or unexported fields
}

DefaultDatabaseBuilder is a type that builds the default database backends for lnd, using the given configuration to decide what actual implementation to use.

func NewDefaultDatabaseBuilder

func NewDefaultDatabaseBuilder(cfg *Config,
	logger btclog.Logger) *DefaultDatabaseBuilder

NewDefaultDatabaseBuilder returns a new instance of the default database builder.

func (*DefaultDatabaseBuilder) BuildDatabase

func (d *DefaultDatabaseBuilder) BuildDatabase(
	ctx context.Context) (*DatabaseInstances, func(), error)

BuildDatabase extracts the current databases that we'll use for normal operation in the daemon. A function closure that closes all opened databases is also returned.

type DefaultWalletImpl

type DefaultWalletImpl struct {
	// contains filtered or unexported fields
}

DefaultWalletImpl is the default implementation of our normal, btcwallet backed configuration.

func NewDefaultWalletImpl

func NewDefaultWalletImpl(cfg *Config, logger btclog.Logger,
	interceptor signal.Interceptor, watchOnly bool) *DefaultWalletImpl

NewDefaultWalletImpl creates a new default wallet implementation.

func (*DefaultWalletImpl) BuildChainControl

func (d *DefaultWalletImpl) BuildChainControl(
	partialChainControl *chainreg.PartialChainControl,
	walletConfig *btcwallet.Config) (*chainreg.ChainControl, func(), error)

BuildChainControl is responsible for creating a fully populated chain control instance from a wallet.

NOTE: This is part of the ChainControlBuilder interface.

func (*DefaultWalletImpl) BuildWalletConfig

func (d *DefaultWalletImpl) BuildWalletConfig(ctx context.Context,
	dbs *DatabaseInstances, interceptorChain *rpcperms.InterceptorChain,
	grpcListeners []*ListenerWithSignal) (*chainreg.PartialChainControl,
	*btcwallet.Config, func(), error)

BuildWalletConfig is responsible for creating or unlocking and then fully initializing a wallet.

NOTE: This is part of the WalletConfigBuilder interface.

func (*DefaultWalletImpl) Permissions

func (d *DefaultWalletImpl) Permissions() map[string][]bakery.Op

Permissions returns the permissions that the external validator is validating. It is a map between the full HTTP URI of each RPC and its required macaroon permissions. If multiple action/entity tuples are specified per URI, they are all required. See rpcserver.go for a list of valid action and entity values.

NOTE: This is part of the ExternalValidator interface.

func (*DefaultWalletImpl) RegisterGrpcSubserver

func (d *DefaultWalletImpl) RegisterGrpcSubserver(s *grpc.Server) error

RegisterGrpcSubserver is called for each net.Listener on which lnd creates a grpc.Server instance. External subservers implementing this method can then register their own gRPC server structs to the main server instance.

NOTE: This is part of the GrpcRegistrar interface.

func (*DefaultWalletImpl) RegisterRestSubserver

func (d *DefaultWalletImpl) RegisterRestSubserver(ctx context.Context,
	mux *proxy.ServeMux, restProxyDest string,
	restDialOpts []grpc.DialOption) error

RegisterRestSubserver is called after lnd creates the main proxy.ServeMux instance. External subservers implementing this method can then register their own REST proxy stubs to the main server instance.

NOTE: This is part of the GrpcRegistrar interface.

func (*DefaultWalletImpl) ValidateMacaroon

func (d *DefaultWalletImpl) ValidateMacaroon(ctx context.Context,
	requiredPermissions []bakery.Op, fullMethod string) error

ValidateMacaroon extracts the macaroon from the context's gRPC metadata, checks its signature, makes sure all specified permissions for the called method are contained within and finally ensures all caveat conditions are met. A non-nil error is returned if any of the checks fail.

NOTE: This is part of the ExternalValidator interface.

type ExternalValidator

type ExternalValidator interface {
	macaroons.MacaroonValidator

	// Permissions returns the permissions that the external validator is
	// validating. It is a map between the full HTTP URI of each RPC and its
	// required macaroon permissions. If multiple action/entity tuples are
	// specified per URI, they are all required. See rpcserver.go for a list
	// of valid action and entity values.
	Permissions() map[string][]bakery.Op
}

ExternalValidator is an interface that must be satisfied by an external macaroon validator.

type GRPCConfig

type GRPCConfig struct {
	// ServerPingTime is a duration for the amount of time of no activity
	// after which the server pings the client to see if the transport is
	// still alive. If set below 1s, a minimum value of 1s will be used
	// instead.
	ServerPingTime time.Duration `long:"server-ping-time" description:"How long the server waits on a gRPC stream with no activity before pinging the client."`

	// ServerPingTimeout is the duration the server waits after having
	// pinged for keepalive check, and if no activity is seen even after
	// that the connection is closed.
	ServerPingTimeout time.Duration `` /* 132-byte string literal not displayed */

	// ClientPingMinWait is the minimum amount of time a client should wait
	// before sending a keepalive ping.
	ClientPingMinWait time.Duration `long:"client-ping-min-wait" description:"The minimum amount of time the client should wait before sending a keepalive ping."`

	// ClientAllowPingWithoutStream specifies whether pings from the client
	// are allowed even if there are no active gRPC streams. This might be
	// useful to keep the underlying HTTP/2 connection open for future
	// requests.
	ClientAllowPingWithoutStream bool `` /* 244-byte string literal not displayed */
}

GRPCConfig holds the configuration options for the gRPC server. See https://github.com/grpc/grpc-go/blob/v1.41.0/keepalive/keepalive.go#L50 for more details. Any value of 0 means we use the gRPC internal default values.

type GrpcRegistrar

type GrpcRegistrar interface {
	// RegisterGrpcSubserver is called for each net.Listener on which lnd
	// creates a grpc.Server instance. External subservers implementing this
	// method can then register their own gRPC server structs to the main
	// server instance.
	RegisterGrpcSubserver(*grpc.Server) error
}

GrpcRegistrar is an interface that must be satisfied by an external subserver that wants to be able to register its own gRPC server onto lnd's main grpc.Server instance.

type ImplementationCfg

type ImplementationCfg struct {
	// GrpcRegistrar is a type that can register additional gRPC subservers
	// before the main gRPC server is started.
	GrpcRegistrar

	// RestRegistrar is a type that can register additional REST subservers
	// before the main REST proxy is started.
	RestRegistrar

	// ExternalValidator is a type that can provide external macaroon
	// validation.
	ExternalValidator

	// DatabaseBuilder is a type that can provide lnd's main database
	// backend instances.
	DatabaseBuilder

	// WalletConfigBuilder is a type that can provide a wallet configuration
	// with a fully loaded and unlocked wallet.
	WalletConfigBuilder

	// ChainControlBuilder is a type that can provide a custom wallet
	// implementation.
	ChainControlBuilder
}

ImplementationCfg is a struct that holds all configuration items for components that can be implemented outside lnd itself.

type ListenerCfg

type ListenerCfg struct {
	// RPCListeners can be set to the listeners to use for the RPC server.
	// If empty a regular network listener will be created.
	RPCListeners []*ListenerWithSignal
}

ListenerCfg is a wrapper around custom listeners that can be passed to lnd when calling its main method.

type ListenerWithSignal

type ListenerWithSignal struct {
	net.Listener

	// Ready will be closed by the server listening on Listener.
	Ready chan struct{}

	// MacChan is an optional way to pass the admin macaroon to the program
	// that started lnd. The channel should be buffered to avoid lnd being
	// blocked on sending to the channel.
	MacChan chan []byte
}

ListenerWithSignal is a net.Listener that has an additional Ready channel that will be closed when a server starts listening.

type RPCSignerWalletImpl

type RPCSignerWalletImpl struct {
	// DefaultWalletImpl is the embedded instance of the default
	// implementation that the remote signer uses as its watch-only wallet
	// for keeping track of addresses and UTXOs.
	*DefaultWalletImpl
}

RPCSignerWalletImpl is a wallet implementation that uses a remote signer over an RPC interface.

func NewRPCSignerWalletImpl

func NewRPCSignerWalletImpl(cfg *Config, logger btclog.Logger,
	interceptor signal.Interceptor,
	migrateWatchOnly bool) *RPCSignerWalletImpl

NewRPCSignerWalletImpl creates a new instance of the remote signing wallet implementation.

func (*RPCSignerWalletImpl) BuildChainControl

func (d *RPCSignerWalletImpl) BuildChainControl(
	partialChainControl *chainreg.PartialChainControl,
	walletConfig *btcwallet.Config) (*chainreg.ChainControl, func(), error)

BuildChainControl is responsible for creating or unlocking and then fully initializing a wallet and returning it as part of a fully populated chain control instance.

NOTE: This is part of the ChainControlBuilder interface.

type RestRegistrar

type RestRegistrar interface {
	// RegisterRestSubserver is called after lnd creates the main
	// proxy.ServeMux instance. External subservers implementing this method
	// can then register their own REST proxy stubs to the main server
	// instance.
	RegisterRestSubserver(context.Context, *proxy.ServeMux, string,
		[]grpc.DialOption) error
}

RestRegistrar is an interface that must be satisfied by an external subserver that wants to be able to register its own REST mux onto lnd's main proxy.ServeMux instance.

type TLSManager

type TLSManager struct {
	// contains filtered or unexported fields
}

TLSManager generates/renews a TLS cert/key pair when needed. When required, it encrypts the TLS key. It also returns the certificate configuration options needed for gRPC and REST.

func NewTLSManager

func NewTLSManager(cfg *TLSManagerCfg) *TLSManager

NewTLSManager returns a reference to a new TLSManager.

func (*TLSManager) IsCertExpired

func (t *TLSManager) IsCertExpired(keyRing keychain.SecretKeyRing) (bool,
	time.Time, error)

IsCertExpired checks if the current TLS certificate is expired.

func (*TLSManager) LoadPermanentCertificate

func (t *TLSManager) LoadPermanentCertificate(
	keyRing keychain.SecretKeyRing) error

LoadPermanentCertificate deletes the ephemeral certificate file and generates a new one with the real keyring.

func (*TLSManager) SetCertificateBeforeUnlock

func (t *TLSManager) SetCertificateBeforeUnlock() ([]grpc.ServerOption,
	[]grpc.DialOption, func(net.Addr) (net.Listener, error), func(),
	error)

SetCertificateBeforeUnlock takes care of loading the certificate before the wallet is unlocked. If the TLSEncryptKey setting is on, we need to generate an ephemeral certificate we're able to use until the wallet is unlocked and a new TLS pair can be encrypted to disk. Otherwise we can process the certificate normally.

type TLSManagerCfg

type TLSManagerCfg struct {
	TLSCertPath        string
	TLSKeyPath         string
	TLSEncryptKey      bool
	TLSExtraIPs        []string
	TLSExtraDomains    []string
	TLSAutoRefresh     bool
	TLSDisableAutofill bool
	TLSCertDuration    time.Duration

	LetsEncryptDir    string
	LetsEncryptDomain string
	LetsEncryptListen string

	DisableRestTLS bool

	HTTPHeaderTimeout time.Duration
}

TLSManagerCfg houses a set of values and methods that is passed to the TLSManager for it to properly manage LND's TLS options.

type WalletConfigBuilder

type WalletConfigBuilder interface {
	// BuildWalletConfig is responsible for creating or unlocking and then
	// fully initializing a wallet.
	BuildWalletConfig(context.Context, *DatabaseInstances,
		*rpcperms.InterceptorChain,
		[]*ListenerWithSignal) (*chainreg.PartialChainControl,
		*btcwallet.Config, func(), error)
}

WalletConfigBuilder is an interface that must be satisfied by a custom wallet implementation.

Directories

Path Synopsis
cert module
Package chanfitness monitors the behaviour of channels to provide insight into the health and performance of a channel.
Package chanfitness monitors the behaviour of channels to provide insight into the health and performance of a channel.
clock module
cmd
lnd
fn module
healthcheck module
hop
internal
kvdb module
Package labels contains labels used to label transactions broadcast by lnd.
Package labels contains labels used to label transactions broadcast by lnd.
NOTE: forcetypeassert is skipped for the mock because the test would fail if the returned value doesn't match the type.
NOTE: forcetypeassert is skipped for the mock because the test would fail if the returned value doesn't match the type.
Package lnrpc is a reverse proxy.
Package lnrpc is a reverse proxy.
autopilotrpc
Package autopilotrpc is a reverse proxy.
Package autopilotrpc is a reverse proxy.
chainrpc
Package chainrpc is a reverse proxy.
Package chainrpc is a reverse proxy.
devrpc
Package devrpc is a reverse proxy.
Package devrpc is a reverse proxy.
invoicesrpc
Package invoicesrpc is a reverse proxy.
Package invoicesrpc is a reverse proxy.
neutrinorpc
Package neutrinorpc is a reverse proxy.
Package neutrinorpc is a reverse proxy.
peersrpc
Package peersrpc is a reverse proxy.
Package peersrpc is a reverse proxy.
routerrpc
Package routerrpc is a reverse proxy.
Package routerrpc is a reverse proxy.
signrpc
Package signrpc is a reverse proxy.
Package signrpc is a reverse proxy.
verrpc
Package verrpc is a reverse proxy.
Package verrpc is a reverse proxy.
walletrpc
Package walletrpc is a reverse proxy.
Package walletrpc is a reverse proxy.
watchtowerrpc
Package watchtowerrpc is a reverse proxy.
Package watchtowerrpc is a reverse proxy.
wtclientrpc
Package wtclientrpc is a reverse proxy.
Package wtclientrpc is a reverse proxy.
Package lntest provides testing utilities for the lnd repository.
Package lntest provides testing utilities for the lnd repository.
rpc
queue module
sqldb module
ticker module
tlv module
tor module

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL