Connecting to a lightning node remotely

Remote connection formats summary table

LND
prefix
d
server
d
auth
d
tls
d
lndconnect
lndconnect://
grpc_host:10009
?
macaroon=base64_macaroon
&
cert=base64_cert
BoS
{
"socket": "grpc_host:10009"
,
"macaroon": "base64_macaroon"
,
"cert": "base64_cert"
}
BTCPay
type=lnd-rest
;
;
macaroon=hex_macaroon
;
certthumbprint=hex_cert
C-lightning
prefix
d
server
d
auth
d
tls
Spark Wallet / Sparko
spark_rpc_host
?
access-key=accessKey
BTCPay unix socket
type=clightning
;
server=unix://home/user/.lightning/lightning-rpc
BTCPay TCP
type=clightning
;
server=tcp://tcp_host:27743/
BTCPay Charge
type=clightning
;
;
api-token=myapitoken...
C-lightning REST
rest_host
?
hex_macaroon
Eclair
prefix
d
server
d
auth
d
tls
BTCPay
type=eclair
;
;
password=eclairpassword...

LND

RPC

1
poetry run ./suez --client-args=--rpcserver=IP_ADDRESS:GRPC_PORT --client-args=--tlscertpath=./../tls.cert --client-args=--macaroonpath=./../admin.macaroon
Copied!

LNDconnect

1
lndconnect://<host>:<port>?[cert=<base64url_DER_certificate>&]macaroon=<base64url_macaroon>
Copied!
1
# generate data parts
2
macaroon=$(sudo base64 /mnt/hdd/app-data/lnd/data/chain/${network}/${chain}net/admin.macaroon | tr -d '=' | tr '/+' '_-' | tr -d '\n')
3
cert=$(sudo grep -v 'CERTIFICATE' /mnt/hdd/lnd/tls.cert | tr -d '=' | tr '/+' '_-' | tr -d '\n')
4
5
# generate URI parameters
6
macaroonParameter="?macaroon=${macaroon}"
7
certParameter="&cert=${cert}"
8
9
lndconnect="lndconnect://${host}:${port}${macaroonParameter}${certParameter}"
Copied!

Balance of Satoshis

  • stored in
    1
    ~/.bos/YOUR_NODE_NAME/credentials.json
    Copied!
  • with base64 values
1
{
2
"cert": "base64 tls.cert value",
3
"macaroon": "base64 .macaroon value",
4
"socket": "host:port"
5
}
6
7
# For `cert`
8
base64 ~/.lnd/tls.cert | tr -d '\n'
9
# For `macaroon`
10
base64 ~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon | tr -d '\n'
Copied!
  • with path
    1
    {
    2
    "cert_path": "/path/lnd/tls.cert",
    3
    "macaroon_path": "/path/lnd/data/chain/bitcoin/mainnet/admin.macaroon",
    4
    "socket": "LND_IP:10009"
    5
    }
    Copied!

BTCPayserver

  • LND via the REST proxy:
    1
    type=lnd-rest;server=https://mylnd:8080/;macaroon=abef263adfe...
    2
    type=lnd-rest;server=https://mylnd:8080/;macaroon=abef263adfe...;certthumbprint=abef263adfe...
    Copied!
  • macaroon
    1
    xxd -plain /root/.lnd/data/chain/bitcoin/mainnet/admin.macaroon | tr -d '\n'
    Copied!
  • certthumbprint:
    1
    openssl x509 -noout -fingerprint -sha256 -in /root/.lnd/tls.cert | sed -e 's/.*=//;s/://g'
    Copied!
  • optional:
    1
    allowinsecure=true
    Copied!

C-lightning

Spark Wallet

Sparko

  • Simply:
    1
    URL?access-key=accessKey
    Copied!
    the accessKey has macaroon-like permissions

C-lightning REST (with Zeus)

  • No standard yet, but needs:
    1
    URL?hex_macaroon
    Copied!
  • generate the hex_macaroon:
    1
    xxd -plain /home/bitcoin/c-lightning-REST/certs/access.macaroon | tr -d '\n'
    Copied!

BTCPayserver

  • c-lightning via TCP or unix domain socket connection:
    1
    type=clightning;server=unix://root/.lightning/lightning-rpc
    2
    type=clightning;server=tcp://1.1.1.1:27743/
    Copied!
  • Lightning Charge via HTTPS:
    1
    type=charge;server=https://charge:8080/;api-token=myapitoken...
    Copied!

Eclair

BTCPayServer

  • Eclair via HTTPS:
    1
    type=eclair;server=https://eclair:8080/;password=eclairpassword...
    Copied!

Notes

  • common dependencies
    1
    sudo apt install qrencode base64 xxd
    Copied!
  • generate a QRcode in the terminal (press CTRL + - to reduce the size)
    1
    string="desired content or $(command output)"
    2
    qrencode -t ANSIUTF8 "$string"
    Copied!
  • base64_macaroon
    1
    base64 ~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon | tr -d '\n'
    Copied!
  • hex_macaroon:
    1
    xxd -plain /home/bitcoin/c-lightning-REST/certs/access.macaroon | tr -d '\n'
    Copied!
  • base64_cert
    1
    base64 ~/.lnd/tls.cert | tr -d '\n'
    Copied!
  • certthumbprint:
    1
    openssl x509 -noout -fingerprint -sha256 -in /root/.lnd/tls.cert | sed -e 's/.*=//;s/://g'
    Copied!
  • inspect a tls.cert
    1
    openssl x509 -in /mnt/hdd/lnd/tls.cert -noout -text
    Copied!
  • 1
    sudo cat /var/lib/tor/SERVICE_NAME/hostname
    2
    # or on a RaspiBlitz
    3
    sudo cat /mnt/hdd/tor/SERVICE_NAME/hostname
    Copied!
Last modified 28d ago