How to Protect Your Lightning Node With a Watchtower

Published by admin on

First of all, why would you want to run a watchtower?

Well, there’s a chance of people exploiting an offline node. Say your node goes offline. One of your connected nodes might maliciously try to force close the channel on you but send out an older status on the network, one where there were more satoshis on their side of the channel than there actually are at the time of closing. Since your node is not online to contest that, they might manage to get some more of your sats.

One way to prevent that is by setting up a watchtower. What that does is simply have a failsafe on another node, it can even be one of yours run at a secondary location but there are available ones, and it looks out for that malicious event and penalizes the offending party.

Here’s a better explanation by Lightning Network +

Watchtowers send LN justice transactions when they detect an outdated channel close.

When your node goes down for any reason for extended periods of time, there is a possibility of an attack on your channels. A node on the other side of your channel may attempt to force close with an earlier state where they had more of the funds on the channel than the current state is. In this scenario, watchtowers will send a punishing transaction on your node’s behalf, taking all the funds of the attacker on the channel and sending them to your node’s on-chain wallet.

Watchtowers on LN can only issue the punishing transaction if an attack was detected and can not change the transaction. Therefore, as a watchtower client you don’t need to trust the watchtower. You can add more than one watchtower to your node. Learn more about LND Watchtowers.

Now, the instructions to do this are spelled out in this excellent guide by @openoms

https://github.com/openoms/lightning-node-management/blob/master/advanced-tools/watchtower.md

Now, I was really careless and just fumbled my way through it. Make sure you replace # with sudo and follow the steps one at a time.

Also, at some point it told me that my wallet was locked.

I had to type

lncli unlock

and use password C on the raspiblitz.

And then it should run. Also, when it doesn’t find watchtower services running etc, just run

systemctl restart lnd

and it should run at some point. Or just restart the node completely.

Then, after all is done, you can add the watchtower from lightningnetwork+ https://lightningnetwork.plus/watchtower

There’s also a link at the bottom of the guide for more nodes: Check for some altruistic watchtowers and share your own: https://github.com/openoms/lightning-node-management/issues/4

I added a few of the fresher ones, since things move fast in the lightning space. You can use the command to see your watchtower nodes:

lncli wtclient towers

If and when you get stuck, you can ask for help in the Raspiblitz telegram group here https://t.me/raspiblitz

And that’s it, one more layer of security in an already scalding hot wallet. Hope that helped.

BullionVault
Categories: How ToLightning NetworkReadThe Bitcoin Standard
Tags:

0 Comments

Leave a Reply

Related Posts

Cryptocurrency

What is the Mempool?

Mempool is like giving your transaction to a kid to get on the bus plus bus fare. He waits at the stop, buses come in every 10 minutes. The bus has limited seating. Those who Read more…

Austrian Economics

How to Orange-Pill Someone? Here’s the Ultimate Intro Package

To actually understand bitcoin, you need to put in about 100 hours of research into it. Not many people can spare that time but here’s a list of good resources to get your friends and Read more…

Cryptocurrency

How to Borrow Against Your Bitcoin for 0%

Let’s face it, if you’re here, you’re probably bullish on Bitcoin. And the safe bet is that bitcoin is going to go up, way up in the following years. Here’s a way to borrow against Read more…