From 045104745e7150bca578c7b7b09e012a612c3339 Mon Sep 17 00:00:00 2001 From: GitHub Date: Wed, 24 Jul 2024 00:20:08 +0000 Subject: [PATCH] update documentation --- docs/lnd/DOCKER.md | 5 ++-- docs/lnd/INSTALL.md | 16 ++++++------ docs/lnd/MAKEFILE.md | 2 +- docs/lnd/code_contribution_guidelines.md | 12 ++++----- docs/lnd/code_formatting_rules.md | 8 +++--- docs/lnd/configuring_tor.md | 8 +++--- docs/lnd/etcd.md | 4 +-- docs/lnd/fuzz.md | 4 +-- docs/lnd/grpc/java.md | 2 +- docs/lnd/key_import.md | 2 +- docs/lnd/macaroons.md | 2 +- docs/lnd/postgres.md | 2 +- docs/lnd/psbt.md | 6 ++--- docs/lnd/recovery.md | 8 +++--- .../lnd/release-notes/release-notes-0.14.0.md | 2 +- .../lnd/release-notes/release-notes-0.18.3.md | 5 ++++ docs/lnd/release.md | 4 +-- docs/lnd/remote-signing.md | 4 +-- docs/lnd/rest/websockets.md | 6 ++--- docs/lnd/safety.md | 25 +++++++++---------- docs/lnd/wallet.md | 4 +-- docs/lnd/watchtower.md | 2 +- 22 files changed, 69 insertions(+), 64 deletions(-) diff --git a/docs/lnd/DOCKER.md b/docs/lnd/DOCKER.md index 3af75c90..eb1fbd1c 100644 --- a/docs/lnd/DOCKER.md +++ b/docs/lnd/DOCKER.md @@ -3,7 +3,8 @@ There are two flavors of Dockerfiles available: - `Dockerfile`: Used for production builds. Checks out the source code from GitHub during build. The build argument `--build-arg checkout=v0.x.x-beta` - can be used to specify what git tag or commit to check out before building. + can be used to specify what git tag or commit to `git checkout` + before building. - `dev.Dockerfile` Used for development or testing builds. Uses the local code when building and allows local changes to be tested more easily. @@ -32,7 +33,7 @@ You first need to build the `lnd` docker image: $ docker build --tag=myrepository/lnd --build-arg checkout=v0.14.1-beta . ``` -It is recommended that you checkout the latest released tag. +It is recommended that you check out the latest released tag. You can continue by creating and running the container: diff --git a/docs/lnd/INSTALL.md b/docs/lnd/INSTALL.md index 30afa7bd..819e5708 100644 --- a/docs/lnd/INSTALL.md +++ b/docs/lnd/INSTALL.md @@ -39,7 +39,7 @@ are released by the team. See [release.md for more information about reproducible builds](release.md). Finally, there is the option to build `lnd` fully manually. This requires more -tooling to be set up first but allows to produce non-production (debug, +tooling to be set up first but allows producing non-production (debug, development) builds. ## Installing a binary release @@ -136,7 +136,7 @@ the following commands for your OS:
macOS - First, install [Homebrew](https://brew.sh) if you don‘t already have it. + First, install [Homebrew](https://brew.sh) if you don't already have it. Then @@ -205,7 +205,7 @@ make install The command above will install the current _master_ branch of `lnd`. If you wish to install a tagged release of `lnd` (as the master branch can at times be -unstable), then [visit then release page to locate the latest +unstable), then [visit the release page to locate the latest release](https://github.com/lightningnetwork/lnd/releases). Assuming the name of the release is `v0.x.x`, then you can compile this release from source with a small modification to the above command: @@ -294,7 +294,7 @@ To check that `lnd` was installed properly run the following command: ``` This command requires `bitcoind` (almost any version should do) to be available -in the system's `$PATH` variable. Otherwise some of the tests will fail. +in the system's `$PATH` variable. Otherwise, some tests will fail. **Command-line completion for `lncli`** @@ -308,7 +308,7 @@ time of writing of this document, there are three available chain backends: `btcd`, `neutrino`, `bitcoind`. All including neutrino can run on mainnet with an out of the box `lnd` instance. We don't require `--txindex` when running with `bitcoind` or `btcd` but activating the `txindex` will generally make -`lnd` run faster. Note that since version 0.13 pruned nodes are supported +`lnd` run faster. Note that since version 0.13 pruned nodes are supported, although they cause performance penalty and higher network usage. The set of arguments for each of the backend modes is as follows: @@ -461,7 +461,7 @@ the following: - Make sure the config setting `-rpcserialversion` in `bitcoind` is either set to 1 or NOT used because bitcoind's default behaviour is already correct (see [bitcoin/issues/28730](https://github.com/bitcoin/bitcoin/issues/28730) - for more infos). Lightning depends on segwit transactions therefore we need + for more info). Lightning depends on segwit transactions therefore we need the witness data when querying the bitcoind backend for transaction details. - Start `bitcoind` running against testnet, and let it complete a full sync with @@ -541,7 +541,7 @@ document](wallet.md). `lnd`'s authentication system is called **macaroons**, which are decentralized bearer credentials allowing for delegation, attenuation, and other cool features. You can learn more about them in Alex Akselrod's [writeup on -Github](https://github.com/lightningnetwork/lnd/issues/20). +GitHub](https://github.com/lightningnetwork/lnd/issues/20). Running `lncli create` to create a wallet, will by default generate the `admin.macaroon`, `read_only.macaroon`, and `macaroons.db` @@ -596,7 +596,7 @@ Optionally, if you'd like to have a persistent configuration between `lnd` launches, allowing you to simply type `lnd --bitcoin.testnet --bitcoin.active` at the command line, you can create an `lnd.conf`. -**On MacOS, located at:** +**On macOS, located at:** `/Users//Library/Application Support/Lnd/lnd.conf` **On Linux, located at:** diff --git a/docs/lnd/MAKEFILE.md b/docs/lnd/MAKEFILE.md index 7dbef721..b43088f7 100644 --- a/docs/lnd/MAKEFILE.md +++ b/docs/lnd/MAKEFILE.md @@ -10,7 +10,7 @@ $ make install ``` The command `make check` requires `bitcoind` (almost any version should do) to -be available in the system's `$PATH` variable. Otherwise some of the tests will +be available in the system's `$PATH` variable. Otherwise, some tests will fail. Developers diff --git a/docs/lnd/code_contribution_guidelines.md b/docs/lnd/code_contribution_guidelines.md index 1227f684..9e4203c8 100644 --- a/docs/lnd/code_contribution_guidelines.md +++ b/docs/lnd/code_contribution_guidelines.md @@ -56,7 +56,7 @@ not hard requirements as we will gladly accept code contributions as long as they follow the guidelines set forth on this page. That said, if you don't have the following basic qualifications you will likely find it quite difficult to contribute to the core layers of Lightning. However, there are still a number -of low hanging fruit which can be tackled without having full competency in the +of low-hanging fruit which can be tackled without having full competency in the areas mentioned below. - A reasonable understanding of bitcoin at a high level (see the @@ -82,7 +82,7 @@ security and performance implications. it must follow the guidelines therein. - [Original Satoshi Whitepaper](https://bitcoin.org/bitcoin.pdf) - This is the white paper that started it all. Having a solid foundation to build on will make the code much more comprehensible. -- [Lightning Network Whitepaper](https://lightning.network/lightning-network-paper.pdf) - This is the white paper that kicked off the Layer 2 revolution. Having a good grasp of the concepts of Lightning will make the core logic within the daemon much more comprehensible: Bitcoin Script, off-chain blockchain protocols, payment channels, bi-directional payment channels, relative and absolute time-locks, commitment state revocations, and Segregated Witness. +- [Lightning Network Whitepaper](https://lightning.network/lightning-network-paper.pdf) - This is the white paper that kicked off the Layer 2 revolution. Having a good grasp of the concepts of Lightning will make the core logic within the daemon much more comprehensible: Bitcoin Script, off-chain blockchain protocols, payment channels, bidirectional payment channels, relative and absolute time-locks, commitment state revocations, and Segregated Witness. - The original LN was written for a rather narrow audience, the paper may be a bit unapproachable to many. Thanks to the Bitcoin community, there exist many easily accessible supplemental resources which can help one see how all the pieces fit together from double-spend protection all the way up to commitment state transitions and Hash Time Locked Contracts (HTLCs): - [Lightning Network Summary](https://lightning.network/lightning-network-summary.pdf) - [Understanding the Lightning Network 3-Part series](https://bitcoinmagazine.com/articles/understanding-the-lightning-network-part-building-a-bidirectional-payment-channel-1464710791) @@ -101,7 +101,7 @@ be recommended for newcomers to read first in order to get up to speed. # Development Practices Developers are expected to work in their own trees and submit pull requests when -they feel their feature or bug fix is ready for integration into the master +they feel their feature or bug fix is ready for integration into the master branch. ## Share Early, Share Often @@ -478,7 +478,7 @@ also likely be asked to split the commit into several smaller, and hence more manageable, commits. Keeping the above in mind, most small changes will be reviewed within a few -days, while large or far reaching changes may take weeks. This is a good reason +days, while large or far-reaching changes may take weeks. This is a good reason to stick with the [Share Early, Share Often](#share-early-share-often) development practice outlined above. @@ -506,7 +506,7 @@ make the necessary changes. During the process of responding to review comments, we prefer that changes be made with [fixup commits](https://robots.thoughtbot.com/autosquashing-git-commits). -The reason for this is two fold: it makes it easier for the reviewer to see +The reason for this is twofold: it makes it easier for the reviewer to see what changes have been made between versions (since Github doesn't easily show prior versions like Critique) and it makes it easier on the PR author as they can set it to auto squash the fix up commits on rebase. @@ -552,7 +552,7 @@ also ping them to remind them to re-request review if needed. (default x = 3) To control the bot, you need to add a comment on the PR starting with `!lightninglabs-deploy` followed by the command. There are 2 control types: mute/unmute & cadence. Only the latest comment for each control type will be -used. This also means you dont need to keep adding new control comments, just +used. This also means you don't need to keep adding new control comments, just edit the latest comment for that control type. - `!lightninglabs-deploy mute` will mute the bot on the PR completely. diff --git a/docs/lnd/code_formatting_rules.md b/docs/lnd/code_formatting_rules.md index 07b2c24c..731bb640 100644 --- a/docs/lnd/code_formatting_rules.md +++ b/docs/lnd/code_formatting_rules.md @@ -180,8 +180,8 @@ like `require.NoErrorf()`. ### Wrapping long function definitions -If one is forced to wrap lines of function arguments that exceed the 80 -character limit, then indentation must be kept on the following lines. Also, +If one is forced to wrap lines of function arguments that exceed the +80-character limit, then indentation must be kept on the following lines. Also, lines should not end with an open parenthesis if the function definition isn't finished yet. @@ -241,7 +241,7 @@ support the `EditorConfig` scheme (for example GoLand, GitHub, GitLab, VisualStudio). In addition, specific settings for Visual Studio Code are checked into the code base as well. -Other editors (for example Atom, Nodepad++, Vim, Emacs and so on) might install +Other editors (for example Atom, Notepad++, Vim, Emacs and so on) might install a plugin to understand the rules in the `.editorconfig` file. -In Vim you might want to use `set colorcolumn=80`. +In Vim, you might want to use `set colorcolumn=80`. diff --git a/docs/lnd/configuring_tor.md b/docs/lnd/configuring_tor.md index c825a21f..20584124 100644 --- a/docs/lnd/configuring_tor.md +++ b/docs/lnd/configuring_tor.md @@ -86,8 +86,8 @@ Tor: --tor.privatekeypath= The path to the private key of the onion service being created ``` -There are a couple things here, so let's dissect them. The `--tor.active` flag -allows `lnd` to route all outbound and inbound connections through Tor. +There are a couple of things here, so let's dissect them. The `--tor.active` +flag allows `lnd` to route all outbound and inbound connections through Tor. Outbound connections are possible with the use of the `--tor.socks` and `--tor.dns` arguments. The `--tor.socks` argument should point to the interface @@ -125,7 +125,7 @@ disabled to prevent inadvertent leaks. ## Tor Stream Isolation Our support for Tor also has an additional privacy enhancing modified: stream -isolation. Usage of this mode means that Tor will always use _new circuit_ for +isolation. Usage of this mode means that Tor will always use _new circuit_ for each connection. This added features means that it's harder to correlate connections. As otherwise, several applications using Tor might share the same circuit. @@ -160,7 +160,7 @@ authentication methods (arguably, from most to least secure): In order to listen for inbound connections through Tor, an onion service must be created. There are two types of onion services: v2 and v3. v3 onion services -are the latest generation of onion services and they provide a number of +are the latest generation of onion services, and they provide a number of advantages over the legacy v2 onion services. To learn more about these benefits, see [Intro to Next Gen Onion Services](https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions). diff --git a/docs/lnd/etcd.md b/docs/lnd/etcd.md index e72e0f6d..bf1a8299 100644 --- a/docs/lnd/etcd.md +++ b/docs/lnd/etcd.md @@ -2,7 +2,7 @@ With the recent introduction of the `kvdb` interface LND can support multiple database backends allowing experimentation with the storage model as well as -improving robustness through eg. replicating essential data. +improving robustness through e.g. replicating essential data. Building on `kvdb` in v0.11.0 we're adding experimental [etcd](https://etcd.io) support to LND. As this is an unstable feature heavily in development, it still @@ -21,7 +21,7 @@ $ make tags="kvdb_etcd" The important tag is the `kvdb_etcd`, without which the binary is built without the etcd driver. -For development it is advised to set the `GOFLAGS` environment variable to +For development, it is advised to set the `GOFLAGS` environment variable to `"-tags=test"` otherwise `gopls` won't work on code in `channeldb/kvdb/etcd` directory. diff --git a/docs/lnd/fuzz.md b/docs/lnd/fuzz.md index bcfc7935..d781195e 100644 --- a/docs/lnd/fuzz.md +++ b/docs/lnd/fuzz.md @@ -9,7 +9,7 @@ It is recommended that processes be set to the number of processor cores in the ```shell $ make fuzz pkg=lnwire fuzztime=1m parallel=4 ``` -Alternatively, individual fuzz tests can be ran manually by setting the working directory to the location of the .go file holding the fuzz tests. +Alternatively, individual fuzz tests can be run manually by setting the working directory to the location of the .go file holding the fuzz tests. The go test command can only test one fuzz test at a time: ```shell $ cd lnwire @@ -21,7 +21,7 @@ $ cd lnwire $ go test -list=Fuzz.* ``` -Fuzz tests can be ran as normal tests, which only runs the seed corpus: +Fuzz tests can be run as normal tests, which only runs the seed corpus: ```shell $ cd lnwire $ go test -run=FuzzAcceptChannel -parallel=4 diff --git a/docs/lnd/grpc/java.md b/docs/lnd/grpc/java.md index 49535ca5..e27a0569 100644 --- a/docs/lnd/grpc/java.md +++ b/docs/lnd/grpc/java.md @@ -63,7 +63,7 @@ The following dependencies are required. ``` -In the build section, we'll need to configure the following things : +In the build section, we'll need to configure the following things: ```xml diff --git a/docs/lnd/key_import.md b/docs/lnd/key_import.md index fd9e62e9..6a3fd8a2 100644 --- a/docs/lnd/key_import.md +++ b/docs/lnd/key_import.md @@ -9,7 +9,7 @@ account path (`m/purpose'/coin_type'/account'`) or at the address index path the `WalletKit` APIs. Note that in order to follow the rest of this document and/or use the -`WalletKit` APIs, users will need to obtain a `lnd` build compiled with the +`WalletKit` APIs, users will need to obtain an `lnd` build compiled with the `walletrpc` tag. Our release builds already include this tag by default, so this would only be necessary when compiling from source. diff --git a/docs/lnd/macaroons.md b/docs/lnd/macaroons.md index 291afdc8..c30eb2cf 100644 --- a/docs/lnd/macaroons.md +++ b/docs/lnd/macaroons.md @@ -136,7 +136,7 @@ To avoid leaking the macaroon information, `lnd` supports the so called before the `changepassword` command still remain valid. If a user wants to invalidate all previously created macaroons, the `--new_mac_root_key` flag of the `changepassword` command should be used! -* An user of `lncli` will see the returned admin macaroon printed to the screen +* A user of `lncli` will see the returned admin macaroon printed to the screen or saved to a file if the parameter `--save_to=some_file.macaroon` is used. * **Important:** By default, `lnd` will create the macaroon files during the `unlock` phase, if the `--stateless_init` flag is not used. So to avoid diff --git a/docs/lnd/postgres.md b/docs/lnd/postgres.md index 582c9715..423efc79 100644 --- a/docs/lnd/postgres.md +++ b/docs/lnd/postgres.md @@ -17,7 +17,7 @@ $ make install ## Configuring Postgres for LND In order for LND to run on Postgres, an empty database should already exist. A -database can be created via the usual ways (psql, pgadmin, etc). A user with +database can be created via the usual ways (psql, pgadmin, etc.). A user with access to this database is also required. Creation of a schema and the tables is handled by LND automatically. diff --git a/docs/lnd/psbt.md b/docs/lnd/psbt.md index c1b824f5..6c587bea 100644 --- a/docs/lnd/psbt.md +++ b/docs/lnd/psbt.md @@ -129,7 +129,7 @@ $ bitcoin-cli decodepsbt cHNidP8BAHECAAAAAeJQY2VLRtutKgQYFUajEKpjFfl0Uyrm6x23Ou Let's now look at how we can implement manual coin selection by using the `fund` command. We again want to send half a coin to -`bcrt1qjrdns4f5zwkv29ln86plqzs092yd5fg6nsz8re` but we want to select our inputs +`bcrt1qjrdns4f5zwkv29ln86plqzs092yd5fg6nsz8re`, but we want to select our inputs manually. The first step is to look at all available UTXOs and choose. To do so, we use @@ -183,7 +183,7 @@ $ lncli wallet psbt fund --outputs='{"bcrt1qjrdns4f5zwkv29ln86plqzs092yd5fg6nsz } ``` -Inspecting this PSBT, we notice that the two inputs were chosen and a large +Inspecting this PSBT, we notice that the two inputs were chosen, and a large change output was added at index 1: ```shell @@ -319,7 +319,7 @@ outputs are used to fund a channel. See This is a step-by-step guide on how to open a channel with `lnd` by using a PSBT as the funding transaction. We will use `bitcoind` to create and sign the transaction just to keep the -example simple. Of course any other PSBT compatible wallet could be used and the +example simple. Of course any other PSBT compatible wallet could be used, and the process would likely be spread out over multiple signing steps. The goal of this example is not to cover each and every possible edge case but to help users of `lnd` understand what inputs the `lncli` utility expects. diff --git a/docs/lnd/recovery.md b/docs/lnd/recovery.md index 2e9d9f7b..c99e0dde 100644 --- a/docs/lnd/recovery.md +++ b/docs/lnd/recovery.md @@ -193,7 +193,7 @@ rescan. ### Forced In-Place Rescan The recovery methods described above assume a clean slate for a node, so -there's no existing UTXO or key data in the node's database. However, there're +there's no existing UTXO or key data in the node's database. However, there are times when an _existing_ node may want to _manually_ rescan the chain. We have a command line flag for that! Just start `lnd` and add the following flag: ```shell @@ -231,7 +231,7 @@ knows if they have the latest state of a channel or not. Instead, we aim to provide a simple, safe method to allow users to recover the settled funds in their channels in the case of partial or complete data loss. The backups themselves are encrypted using a key derived from the user's seed, this way we -protect privacy of the users channels in the back up state, and ensure that a +protect privacy of the users channels in the backup state, and ensure that a random node can't attempt to import another user's channels. Given a valid SCB, the user will be able to recover funds that are fully @@ -249,7 +249,7 @@ There are multiple ways of obtaining SCBs from `lnd`. The most commonly used method will likely be via the `channel.backup` file that's stored on-disk alongside the rest of the chain data. This is a special file that contains SCB entries for _all_ currently open channels. Each time a channel is opened or -closed, this file is updated on disk in a safe manner (atomic file rename). As +closed, this file is updated on disk safely (atomic file rename). As a result, unlike the `channel.db` file, it's _always_ safe to copy this file for backup at ones desired location. The default location on Linux is: `~/.lnd/data/chain/bitcoin/mainnet/channel.backup` @@ -280,7 +280,7 @@ $ lncli --network=simnet exportchanbackup --all $ lncli --network=simnet exportchanbackup --all --output_file=channel.backup ``` -As shown above, a user can either: specify a specific channel to backup, backup +As shown above, a user can either: specify a specific channel to back up, backup all existing channels, or backup directly to an on-disk file. All backups use the same format. diff --git a/docs/lnd/release-notes/release-notes-0.14.0.md b/docs/lnd/release-notes/release-notes-0.14.0.md index 9d4db2d4..b6ab86fe 100644 --- a/docs/lnd/release-notes/release-notes-0.14.0.md +++ b/docs/lnd/release-notes/release-notes-0.14.0.md @@ -226,7 +226,7 @@ documentation](../psbt.md#use-the-batchopenchannel-rpc-for-safe-batch-channel-fu discussion](https://github.com/lightningnetwork/lnd/pull/4685#discussion_r503080709)). This synchronization check is put back now as we want to make the integration test more robust in catching real world situations. This also means it might - take longer to start a `lnd` node when running in `simnet` or `regtest`, + take longer to start an `lnd` node when running in `simnet` or `regtest`, something developers need to watch out from this release. ### Remote signing diff --git a/docs/lnd/release-notes/release-notes-0.18.3.md b/docs/lnd/release-notes/release-notes-0.18.3.md index f784065a..8d658624 100644 --- a/docs/lnd/release-notes/release-notes-0.18.3.md +++ b/docs/lnd/release-notes/release-notes-0.18.3.md @@ -116,6 +116,11 @@ ## Tooling and Documentation +* [`lntest.HarnessTest` no longer exposes `Miner` + instance](https://github.com/lightningnetwork/lnd/pull/8892). Instead, it's + changed into a private `miner` instance and all mining related assertions are + now only accessible via the harness. + # Contributors (Alphabetical Order) * Andras Banki-Horvath diff --git a/docs/lnd/release.md b/docs/lnd/release.md index bfcd3d84..3c205f9a 100644 --- a/docs/lnd/release.md +++ b/docs/lnd/release.md @@ -6,11 +6,11 @@ binaries are now reproducible, allowing developers to build the binary on distinct machines, and end up with a byte-for-byte identical binary. However, this wasn't _fully_ solved in `go1.13`, as the build system still includes the directory the binary is built into the binary itself. As a result, our scripts -utilize a work around needed until `go1.13.2`. +utilize a workaround needed until `go1.13.2`. ## Building a New Release -### MacOS +### macOS The first requirement is to have [`docker`](https://www.docker.com/) installed locally and running. The second requirement is to have `make` diff --git a/docs/lnd/remote-signing.md b/docs/lnd/remote-signing.md index bd5fa721..0f06463b 100644 --- a/docs/lnd/remote-signing.md +++ b/docs/lnd/remote-signing.md @@ -91,9 +91,9 @@ signer> $ lncli wallet accounts list > accounts-signer.json That `accounts-signer.json` file has to be copied to the machine on which "watch-only" will be running. It contains the extended public keys for all of -`lnd`'s accounts (see [required accounts](#required-accounts) ). +`lnd`'s accounts (see [required accounts](#required-accounts)). -A custom macaroon can be baked for the watch-only node so it only gets the +A custom macaroon can be baked for the watch-only node, so it only gets the minimum required permissions on the signer instance: ```shell diff --git a/docs/lnd/rest/websockets.md b/docs/lnd/rest/websockets.md index f231075f..ff4d4a3c 100644 --- a/docs/lnd/rest/websockets.md +++ b/docs/lnd/rest/websockets.md @@ -17,7 +17,7 @@ what header fields are allowed to be sent. Therefore, the macaroon cannot just be added as a `Grpc-Metadata-Macaroon` header field as it would work with normal REST calls. The browser will just ignore that header field and not send it. -Instead we have added a workaround in `lnd`'s WebSocket proxy that allows +Instead, we have added a workaround in `lnd`'s WebSocket proxy that allows sending the macaroon as a WebSocket "protocol": ```javascript @@ -101,12 +101,12 @@ ws.on('message', function(body) { ## Request-streaming RPCs Starting with `lnd v0.13.0-beta` all RPCs can be used through REST, even those -that are fully bi-directional (e.g. the client can also send multiple request +that are fully bidirectional (e.g. the client can also send multiple request messages to the stream). **Example**: -As an example we show how one can use the bi-directional channel acceptor RPC. +As an example we show how one can use the bidirectional channel acceptor RPC. Through that RPC each incoming channel open request (another peer opening a channel to our node) will be passed in for inspection. We can decide programmatically whether to accept or reject the channel. diff --git a/docs/lnd/safety.md b/docs/lnd/safety.md index fa19eea0..159f3aec 100644 --- a/docs/lnd/safety.md +++ b/docs/lnd/safety.md @@ -29,7 +29,7 @@ This chapter describes the security/safety mechanisms that are implemented in `lnd`. We encourage every person that is planning on putting mainnet funds into a Lightning Network channel using `lnd` to read this guide carefully. -As of this writing, `lnd` is still in beta and it is considered `#reckless` to +As of this writing, `lnd` is still in beta, and it is considered `#reckless` to put any life altering amounts of BTC into the network. That said, we constantly put in a lot of effort to make `lnd` safer to use and more secure. We will update this documentation with each safety mechanism that @@ -77,7 +77,7 @@ But the node will need to be restored using the ### TLS -By default the two API connections `lnd` offers (gRPC on port 10009 and REST on +By default, the two API connections `lnd` offers (gRPC on port 10009 and REST on port 8080) use TLS with a self-signed certificate for transport level security. Specifying the certificate on the client side (for example `lncli`) is only a protection against man-in-the-middle attacks and does not provide any @@ -211,14 +211,14 @@ line, it is hashed and only the hash (or to be more exact, the BIP32 extended root key) is stored in the `wallet.db` file. There is [a tool being worked on](https://github.com/lightningnetwork/lnd/pull/2373) -that can extract the BIP32 extended root key but currently you cannot restore +that can extract the BIP32 extended root key, but currently you cannot restore lnd with only this root key. Important to know: * Setting a password/passphrase for the aezeed is meant to protect it from an attacker that finds the paper/storage device. Writing down the password alongside the 24 seed words does not enhance the security in any way. - Therefore the password should be stored in a separate place. + Therefore, the password should be stored in a separate place. ### File based backups @@ -231,7 +231,7 @@ those risks. The single most important file that needs to be backed up whenever it changes is the `/data/chain/bitcoin/mainnet/channel.backup` file which holds the Static Channel Backups (SCBs). This file is only updated every time `lnd` -starts, a channel is opened or a channel is closed. +starts, a channel is opened, or a channel is closed. Most consumer Lightning wallet apps upload the file to the cloud automatically. @@ -295,10 +295,9 @@ online. Funds that are in such channels are at great risk, as is described quite dramatically in -[this article](https://medium.com/@gcomxx/get-rid-of-those-zombie-channels-1267d5a2a708?) -. +[this article](https://medium.com/@gcomxx/get-rid-of-those-zombie-channels-1267d5a2a708?). -The TL;DR of the article is that if you have funds in a zombie channel and you +The TL;DR of the article is that if you have funds in a zombie channel, and you need to recover your node after a failure, SCBs won't be able to recover those funds. Because SCB restore [relies on the remote node cooperating](#static-channel-backups-scbs). @@ -328,7 +327,7 @@ fallback way to do it. This option works very well if the new device runs the same operating system on the same (or at least very similar) architecture. If that is the case, the whole `/home//.lnd` directory in Linux (or -`$HOME/Library/Application Support/lnd` in MacOS, `%LOCALAPPDATA%\lnd` in +`$HOME/Library/Application Support/lnd` in macOS, `%LOCALAPPDATA%\lnd` in Windows) can be moved to the new device and `lnd` started there. It is important to shut down `lnd` on the old device before moving the directory! **Not supported/untested** is moving the data directory between different @@ -427,11 +426,11 @@ The following (non-exhaustive) list of things can lead to data corruption: architectures. To avoid most of these factors, it is recommended to store `lnd`'s main data -directory on an Solid State Drive (SSD) of a reliable manufacturer. +directory on a Solid State Drive (SSD) of a reliable manufacturer. An alternative or extension to that is to use a replicated disk setup. Making -sure a power failure does not interrupt the node by running a UPS ( -uninterruptible power supply) might also make sense depending on the reliability -of the local power grid and the amount of funds at stake. +sure a power failure does not interrupt the node by running a UPS +(uninterruptible power supply) might also make sense depending on the +reliability of the local power grid and the amount of funds at stake. ### Don't interrupt `lncli` commands diff --git a/docs/lnd/wallet.md b/docs/lnd/wallet.md index 8563e52c..7506be22 100644 --- a/docs/lnd/wallet.md +++ b/docs/lnd/wallet.md @@ -115,7 +115,7 @@ of some sort. It will also only work on Unix like file systems that support named pipes. We will use the password manager [`pass`](https://www.passwordstore.org/) as an -example here but it should work similarly with other password managers. +example here, but it should work similarly with other password managers. - Start `lnd` without the flag: ```shell @@ -179,7 +179,7 @@ There is a way to get rid of the need to unlock the wallet password: The Using that flag with **real funds (mainnet) is extremely risky for two reasons**: 1. On first startup a wallet is created automatically. The seed phrase (the 24 - words needed to restore a wallet) is never shown to the user. Therefore if + words needed to restore a wallet) is never shown to the user. Therefore, if the worst thing happens and the hard disk crashes or the wallet file is deleted by accident, **THERE IS NO WAY OF GETTING THE FUNDS BACK**. 2. In addition to the seed not being known to the user, the wallet database is diff --git a/docs/lnd/watchtower.md b/docs/lnd/watchtower.md index 2bacd53b..d99eef0c 100644 --- a/docs/lnd/watchtower.md +++ b/docs/lnd/watchtower.md @@ -175,7 +175,7 @@ With the addition of the `lncli wtclient` command, users are now able to interact with the watchtower client directly to obtain/modify information about the set of registered watchtowers. -As as example, with the `lncli wtclient tower` command, you can obtain the +As an example, with the `lncli wtclient tower` command, you can obtain the number of sessions currently negotiated with the watchtower added above and determine whether it is currently being used for backups through the `active_session_candidate` value.