Connect to a Watchtower
As we've seen while discussing Lightning's security guarantees, a node can at any time close a channel, and receive their current channel balance as an on-chain transaction.
But what happens if a node tries to cheat, and tries to take more than its agreed portion of a shared channel balance?
This is where "penalty transactions" come into play.
Penalty transactions
When a node force-closes a channel, and tries to write its final balance to the Bitcoin blockchain, it has to wait for a certain pre-specified period of time.
This period of time (called the to_self_delay) can vary in length, and can be specified when a channel is opened, but it's never less than a few days.
This waiting time allows the node's channel partner ample time to look at the transaction, and determine if their partner node is trying to "cheat" -- i.e. claim more than their agreed share of the balance.
If cheating IS discovered, then the victim's node can create a transaction which will give that partner node 100% (ALL) of the channel balance.
It's really this one feature of the protocol which brings such powerful security to the network: If you try to cheat a channel partner, you'll likely lose all your balance in that channel!
But there's a catch.
What if the victim's node is offline, and your channel partner cheats, and you're not online to issue the penalty transaction?
Enter the Watchtower
A Watchtower is just another lightning node.
But this node is deputized by your node to "watch out for cheaters".
This node, if it sees that one of your channel partners is trying to cheat, can issue the penalty transaction for you!
For this reason, it's critical that your node is always protected by at least one watchtower node.
Set up a watchtower: the easy way
Lightning Network Plus provides a free watchtower that you can use for your node. Follow these directions to run the watchtower.
A few things to note about this process:
Explanations for 1, 2 & 3
-
Here you are being told to run the
lndsoftware with the--wtclient.activeargument. That is equivalent to includingwtclient.active=1in ourlnd.conf, which you already did when you populated the lnd.conf file. -
You can run this
lnclito add the LN+ watchtower with Tor, if you are paranoid about network connection snooping. -
If you're not paranoid, this
lnclicommand will add it over Clearnet, instead.
Set up a Watchtower: the hard way
Do you need to set up your own Watchtower?
This is a matter of opinion. I think, if you're planning to run a small node with just a couple channels, relying on a centralized Watchtower service like LN+ should be fine.
But if you're planning a bigger node, you should take the time to also set up your own Watchtower, to be 100% sure.
But you need to keep in mind these technical requirements:
- Your 'Watchtower needs to run 24/7
- Your Watchtower needs to run a computer with enough hard drive space to host the Bitcoin blockchain (currently ~600GB, and growing).
- Your Watchtower needs to run on a computer in a different physical building than your LND node
If you think about it, you'll realize that, of course, your Watchtower should run in a different physical location than your LND instance. Because the entire point of a Watchtower is to be available if your LND node goes down. This includes your internet or electricity going down!
Get your Watchtower computer ready
Note the technical requirements above -- this really must run on a separate computer, at a separate location!
BE SURE ABOUT THIS. THERE IS NO POINT TO RUN A WATCHTOWER AT THE SAME LOCATION, WITH THE SAME INTERNET CONNECTION AS YOUR PRIMARY LND NODE!
Get on the command line on your Watchtower computer, and clone the repository to this computer:
git clone https://github.com/MegalithicBTC/LND-With-Docker
Similar to your LND node, your watchtower needs to simultaneously run these processes:
- Bitcoin Core
- Tor
- LND (in watchtower mode)
Luckily, we already have docker containers set up for Bitcoin Core and Tor.
First, follow the same process as you did on your main LND node to create a bitcoin.conf file.
Then, In two separate Terminal windows, run:
./start-bitcoin.sh
and
./start-tor.sh
Note: Just like we did on our main computer, we'll have to wait for Bitcoin Core to fully synchronize the blockchain before continuing. This might take a few hours.
Come back here when you see the Bitcoin Core has fully synchronized.
Get your code ready for the Watchtower
You should now have two Terminal windows running:
- Bitcoin Core
- Tor
Open a third Terminal window now with CNTRL-ALT-T.
Run these commands
cd lnd/PRIVATE
touch lnd-watchtower.conf
touch lnd-watchtower-unlock-password.txt
Now open LND-With-Docker/lnd/PRIVATE/lnd-watchtower.conf in your editor, and paste in the contents of LND-With-Docker/lnd/COPY-THIS-lnd-watchtower.conf.
You need to change three values in lnd-watchtower.conf
## replace these values before running
alias=megalith-watchtower-example
bitcoind.rpcuser=change-me-generate-a-unique-username-for-bitcoin-rpc
bitcoind.rpcpass=change-me-generate-a-unique-password-for-bitcoin-rpc
####
For the alias, use any value. For bitcoind.rpcuser and bitcoind.rpcpass, use the same values as you used in /docker-bitcoind/PRIVATE/bitcoin.conf
Generate a password to store on disk
Then, generate a long an random password, and paste it into /lnd/PRIVATE/lnd-watchtower-unlock-password.txt.
A note about the password. You can see that we're specifying a password in plaintext for this node. This is because we will NOT KEEP ANY FUNDS on this node: We're just going to use it as a Watchtower. So we don't need to worry much about security.
Start your watchtower
In the root of your project, run
./start-watchtower.sh
The log output should stop with this line:
lnd-1 | 2024-04-08 15:32:41.022 [INF] LTND: Waiting for wallet encryption password. Use `lncli create` to create a wallet, `lncli unlock` to unlock an existing wallet, or `lncli changepassword` to change the password of an existing wallet and unlock it.
Understand what we are doing
The logs above might be confusing, because it seems like we are starting a new node. And yes -- that's exactly what we are doing.
Remember your watchtower is to some extent doing the same thing as your LND node, or at least doing one critical task the same way: It is constantly watching the Bitcoin blockchain to see if any channel partner has done something naughty.
That's why we're running Bitcoin Core on this Watchtower computer, and why we need to run LND.
Set up an insecure password for the watchtower
We do need to set a password for our Watchtower node, but we don't need to remember the wallet seed, or worry about the security of the password.
In a new window, run:
./exec-lncli.sh
and then
$ lncli create
Input wallet password:
Here, copy and paste the password you just saved in the /lnd/PRIVATE/lnd-watchtower-unlock-password.txt file.
You'll then see...
Enter 'y' to use an existing cipher seed mnemonic, 'x' to use an extended master root key
or 'n' to create a new seed (Enter y/x/n):
Press n to create a new seed.
You'll see a warning like
!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!
But remember: We're not storing any funds on this node or opening any channels, so you can ignore this.
Tell the LND Watchtower to load the password from disk
Open the /PRIVATE/lnd-watchtower.conf file, and remove the comment from the line UNDER ## enable this when you...
When you remove the comment, it should look like this:
## enable this when you have created a wallet
wallet-unlock-password-file=/PRIVATE/lnd-watchtower-unlock-password.txt
Great! Now each time our watchtower node starts, we won't have to worry about entering a password.
Let's start and stop our node now.
./exec-lncli.sh
lncli stop
Then, exit the docker container, and run ./start-watchtower.sh again.
You should see logs like:
lnd-1 | 2024-04-08 16:21:13.454 [INF] LTND: Attempting automatic wallet unlock with password provided in file
lnd-1 | 2024-04-08 16:21:14.293 [INF] LNWL: Opened wallet
Great! we are almost done.
Get the watchtower URI
Run:
./exec-lncli.sh
lncli tower info
And you should see an output like this:
{
"pubkey": "02169b6d1d0568ec086b78801e593774bf3157a4099a93a2019f5f632cace639a0",
"listeners": [
"[::]:9911"
],
"uris": [
"02169b6d1d0568ec086b78801e593774bf3157a4099a93a2019f5f632cace639a0@3jkueebmhtgeddc54vrjlw3ohyu52aqk5nalkuoznjd22aqhd2gitvid.onion:9911"
]
}
Copy the first URI (listed under "uris"), and bring that string somehow back to your main computer, running LND.
Add the watchtower URI to your main LND node
Back at your main computer, your secure LND node, run these commands
./exec-lncli.sh
lncli wtclient add [paste full watchtower URI here]
You can then confirm that your tower is active with this command
lncli wtclient towers
Done!