First of all, why would you want to run a watchtower?
Well, there’s a chance of people exploiting an offline node. Say your node goes offline. One of your connected nodes might maliciously try to force close the channel on you but send out an older status on the network, one where there were more satoshis on their side of the channel than there actually are at the time of closing. Since your node is not online to contest that, they might manage to get some more of your sats.
One way to prevent that is by setting up a watchtower. What that does is simply have a failsafe on another node, it can even be one of yours run at a secondary location but there are available ones, and it looks out for that malicious event and penalizes the offending party.
Here’s a better explanation by Lightning Network +
Watchtowers send LN justice transactions when they detect an outdated channel close.
When your node goes down for any reason for extended periods of time, there is a possibility of an attack on your channels. A node on the other side of your channel may attempt to force close with an earlier state where they had more of the funds on the channel than the current state is. In this scenario, watchtowers will send a punishing transaction on your node’s behalf, taking all the funds of the attacker on the channel and sending them to your node’s on-chain wallet.
Watchtowers on LN can only issue the punishing transaction if an attack was detected and can not change the transaction. Therefore, as a watchtower client you don’t need to trust the watchtower. You can add more than one watchtower to your node. Learn more about LND Watchtowers.
Now, the instructions to do this are spelled out in this excellent guide by @openoms
Now, I was really careless and just fumbled my way through it. Make sure you replace # with sudo and follow the steps one at a time.
Also, at some point it told me that my wallet was locked.
I had to type
and use password C on the raspiblitz.
And then it should run. Also, when it doesn’t find watchtower services running etc, just run
systemctl restart lnd
and it should run at some point. Or just restart the node completely.
Then, after all is done, you can add the watchtower from lightningnetwork+ https://lightningnetwork.plus/watchtower
There’s also a link at the bottom of the guide for more nodes: Check for some altruistic watchtowers and share your own: https://github.com/openoms/lightning-node-management/issues/4
I added a few of the fresher ones, since things move fast in the lightning space. You can use the command to see your watchtower nodes:
lncli wtclient towers
If and when you get stuck, you can ask for help in the Raspiblitz telegram group here https://t.me/raspiblitz
And that’s it, one more layer of security in an already scalding hot wallet. Hope that helped.