Connect to a Watchtower

As we've seen while discussing Lightning's security guarantees, a node can at any time close a channel, and receive their current channel balance as an on-chain transaction.

But what happens if a node tries to cheat, and tries to take more than its agreed portion of a shared channel balance?

This is where "penalty transactions" come into play.

Penalty transactions

When a node force-closes a channel, and tries to write its final balance to the Bitcoin blockchain, it has to wait for a certain pre-specified period of time.

This period of time (called the to_self_delay) can vary in length, and can be specified when a channel is opened, but it's never less than a few days.

This waiting time allows the node's channel partner ample time to look at the transaction, and determine if their partner node is trying to "cheat" -- i.e. claim more than their agreed share of the balance.

If cheating IS discovered, then the victim's node can create a transaction which will give that partner node 100% (ALL) of the channel balance.

It's really this one feature of the protocol which brings such powerful security to the network: If you try to cheat a channel partner, you'll likely lose all your balance in that channel!

But there's a catch.

What if the victim's node is offline, and your channel partner cheats, and you're not online to issue the penalty transaction?

Enter the Watchtower

A Watchtower is just another lightning node.

But this node is deputized by your node to "watch out for cheaters".

This node, if it sees that one of your channel partners is trying to cheat, can issue the penalty transaction for you!

For this reason, it's critical that your node is always protected by at least one watchtower node.

Set up a watchtower: the easy way

Lightning Network Plus provides a free watchtower that you can use for your node. Follow these directions to run the watchtower.

A few things to note about this process:

Explanations for 1, 2 & 3

Here you are being told to run the lnd software with the --wtclient.active argument. That is equivalent to including wtclient.active=1 in our lnd.conf, which you already did when you populated the lnd.conf file.
You can run this lncli to add the LN+ watchtower with Tor, if you are paranoid about network connection snooping.
If you're not paranoid, this lncli command will add it over Clearnet, instead.

Set up a Watchtower: the hard way

Do you need to set up your own Watchtower?

This is a matter of opinion. I think, if you're planning to run a small node with just a couple channels, relying on a centralized Watchtower service like LN+ should be fine.

But if you're planning a bigger node, you should take the time to also set up your own Watchtower, to be 100% sure.

But you need to keep in mind these technical requirements:

Your 'Watchtower needs to run 24/7
Your Watchtower needs to run a computer with enough hard drive space to host the Bitcoin blockchain (currently ~600GB, and growing).
Your Watchtower needs to run on a computer in a different physical building than your LND node

If you think about it, you'll realize that, of course, your Watchtower should run in a different physical location than your LND instance. Because the entire point of a Watchtower is to be available if your LND node goes down. This includes your internet or electricity going down!

Get your Watchtower computer ready

Note the technical requirements above -- this really must run on a separate computer, at a separate location!

BE SURE ABOUT THIS. THERE IS NO POINT TO RUN A WATCHTOWER AT THE SAME LOCATION, WITH THE SAME INTERNET CONNECTION AS YOUR PRIMARY LND NODE!

Get on the command line on your Watchtower computer, and clone the repository to this computer:

git clone https://github.com/MegalithicBTC/LND-With-Docker

Similar to your LND node, your watchtower needs to simultaneously run these processes:

Bitcoin Core
Tor
LND (in watchtower mode)

Luckily, we already have docker containers set up for Bitcoin Core and Tor.

First, follow the same process as you did on your main LND node to create a bitcoin.conf file.

Then, In two separate Terminal windows, run:

./start-bitcoin.sh and ./start-tor.sh

Note: Just like we did on our main computer, we'll have to wait for Bitcoin Core to fully synchronize the blockchain before continuing. This might take a few hours.

Come back here when you see the Bitcoin Core has fully synchronized.

Get your code ready for the Watchtower

You should now have two Terminal windows running:

Bitcoin Core
Tor

Open a third Terminal window now with CNTRL-ALT-T.

Run these commands

cd lnd/PRIVATE
touch lnd-watchtower.conf
touch lnd-watchtower-unlock-password.txt

Now open LND-With-Docker/lnd/PRIVATE/lnd-watchtower.conf in your editor, and paste in the contents of LND-With-Docker/lnd/COPY-THIS-lnd-watchtower.conf.

You need to change three values in lnd-watchtower.conf

## replace these values before running
alias=megalith-watchtower-example
bitcoind.rpcuser=change-me-generate-a-unique-username-for-bitcoin-rpc
bitcoind.rpcpass=change-me-generate-a-unique-password-for-bitcoin-rpc
####

For the alias, use any value. For bitcoind.rpcuser and bitcoind.rpcpass, use the same values as you used in /docker-bitcoind/PRIVATE/bitcoin.conf

Generate a password to store on disk

Then, generate a long an random password, and paste it into /lnd/PRIVATE/lnd-watchtower-unlock-password.txt.

A note about the password. You can see that we're specifying a password in plaintext for this node. This is because we will NOT KEEP ANY FUNDS on this node: We're just going to use it as a Watchtower. So we don't need to worry much about security.

Start your watchtower

In the root of your project, run

./start-watchtower.sh

The log output should stop with this line:

lnd-1  | 2024-04-08 15:32:41.022 [INF] LTND: Waiting for wallet encryption password. Use `lncli create` to create a wallet, `lncli unlock` to unlock an existing wallet, or `lncli changepassword` to change the password of an existing wallet and unlock it.

Understand what we are doing

The logs above might be confusing, because it seems like we are starting a new node. And yes -- that's exactly what we are doing.

Remember your watchtower is to some extent doing the same thing as your LND node, or at least doing one critical task the same way: It is constantly watching the Bitcoin blockchain to see if any channel partner has done something naughty.

That's why we're running Bitcoin Core on this Watchtower computer, and why we need to run LND.

Set up an insecure password for the watchtower

We do need to set a password for our Watchtower node, but we don't need to remember the wallet seed, or worry about the security of the password.

In a new window, run:

./exec-lncli.sh

and then

$ lncli create
Input wallet password:

Here, copy and paste the password you just saved in the /lnd/PRIVATE/lnd-watchtower-unlock-password.txt file.

You'll then see...

Enter 'y' to use an existing cipher seed mnemonic, 'x' to use an extended master root key
or 'n' to create a new seed (Enter y/x/n):

Press n to create a new seed.

You'll see a warning like

!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!

But remember: We're not storing any funds on this node or opening any channels, so you can ignore this.

Tell the LND Watchtower to load the password from disk

Open the /PRIVATE/lnd-watchtower.conf file, and remove the comment from the line UNDER ## enable this when you...

When you remove the comment, it should look like this:

## enable this when you have created a wallet
wallet-unlock-password-file=/PRIVATE/lnd-watchtower-unlock-password.txt

Great! Now each time our watchtower node starts, we won't have to worry about entering a password.

Let's start and stop our node now.

./exec-lncli.sh
lncli stop

Then, exit the docker container, and run ./start-watchtower.sh again.

You should see logs like:

lnd-1  | 2024-04-08 16:21:13.454 [INF] LTND: Attempting automatic wallet unlock with password provided in file
lnd-1  | 2024-04-08 16:21:14.293 [INF] LNWL: Opened wallet

Great! we are almost done.

Get the watchtower URI

Run:

./exec-lncli.sh
lncli tower info

And you should see an output like this:

{
    "pubkey": "02169b6d1d0568ec086b78801e593774bf3157a4099a93a2019f5f632cace639a0",
    "listeners": [
        "[::]:9911"
    ],
    "uris": [
        "02169b6d1d0568ec086b78801e593774bf3157a4099a93a2019f5f632cace639a0@3jkueebmhtgeddc54vrjlw3ohyu52aqk5nalkuoznjd22aqhd2gitvid.onion:9911"
    ]
}

Copy the first URI (listed under "uris"), and bring that string somehow back to your main computer, running LND.

Add the watchtower URI to your main LND node

Back at your main computer, your secure LND node, run these commands

./exec-lncli.sh
lncli wtclient add [paste full watchtower URI here]

You can then confirm that your tower is active with this command

lncli wtclient towers

Done!

Penalty transactions​

Enter the Watchtower​

Set up a watchtower: the easy way​

Explanations for 1, 2 & 3 ​

Set up a Watchtower: the hard way​

Get your Watchtower computer ready​

Get your code ready for the Watchtower​

Generate a password to store on disk​

Start your watchtower​

Understand what we are doing​

Set up an insecure password for the watchtower​

Tell the LND Watchtower to load the password from disk​

Get the watchtower URI​

Add the watchtower URI to your main LND node​