openoms openoms

LNURLpay over Tor

Setup used

Raspiblitz on the dev branch (~v1.9.0rc3 - earlier versions should work)
CLN / LND with incoming capacity on public channel(s)
BTCPayServer v1.8.2 (an earlier version with LNaddress support should work)

Steps to create the service

Create user and log in
Create Store

Software Version

bitcoin core: 0.21.0
core lightning: 0.11.1
joinmarket: 0.9.6

Step 1:

make !backups to your desktop! of:

hsm_secret (this is the root key for your onchain funds - can be regenerated from the CLN backup words)
- stored on the SSD: /home/bitcoin/.lightning/bitcoin/hsm_secret
lightningd.sqlite3.backup (this is the realtime channel database backup saved to your SDcard by the backup plugin)
- find it on the SDcard in /home/bitcoin/. If there are multiple backup files always use the latest one (the backups of the backup are dated and stored when the backup plugin is reinitialized - they can be discarded).

To start the process flash a new SDcard (keep your old SDcard as a backup) and make sure everything is working by starting a new (empty) CLN node and have bitcoind synced.

Upload the backups from your desktop (can use WinSCP on Windows):

the grand idea

I like public key auth. I feel safer using them instead of a username and password login. But, I might not have my private key with me at a time where I need access.

I started using yubikey with LastPass and since I have it always on my keychain, I decided to find more ways to make use of it.

I wasn't originally aware, but if you pass a private key to ssh and sshd is configured to accept a key, it appears pam isn't used. Your authorized keys are checked and you are logged in. If you don't pass a private key, ssh falls back to the more standard un*x style login found in /etc/pam.d/sshd. This is where we'll add the yubikey pam. I am currently unaware of a way to use both public key auth and yubikey for login.

These steps worked for me on debian squeeze/wheezy.

more info at the yubico-pam github repo

	venv
	*.swo
	*.swp
	__pycache__

	#!/bin/bash
	# https://lightning.readthedocs.io/

	# https://github.com/ElementsProject/lightning/releases
	# CLVERSION=v0.10.2

	# install the latest master by using the last commit id
	# https://github.com/ElementsProject/lightning/commit/master
	# CLVERSION="063366ed7e3b7cc12a8d1681acc2b639cf07fa23"

	#!/bin/bash

	sudo apt update
	sudo apt install openvpn -y

	## define config filename and credentials
	echo "# Type or paste the config filename and press ENTER:"
	read config; echo $config; echo
	#config="VPNconfig"
	echo "# Type or paste the VPN username and press ENTER:"

	#! /usr/bin/env sh

	pkg install wget -y

	echo "# Check the latest version at: https://www.freshports.org/net/zerotier/"
	echo "# Which version to install?"
	echo "# Example:"
	echo "1.6.5"
	read VERSION

	Mute these words in your settings here: https://twitter.com/settings/muted_keywords

	ActivityTweet
	generic_activity_highlights
	generic_activity_momentsbreaking
	RankedOrganicTweet
	suggest_activity
	suggest_activity_feed
	suggest_activity_highlights
	suggest_activity_tweet

	import base58
	x = 'xprv9s21ZrQH143K2f55zo5GiXiX16MiPzBgc2bEXNd77e1ooGsjxAyXjozyuniqiSB76VESjTW8s7vdsK3NFboha6tZgF9BzcDdNtUT6Aw99P2'
	zp = b'\x04\xb2\x43\x0c'
	base58.b58encode_check(zp + base58.b58decode_check(x)[4:]).decode('ascii')
	# output: 'zprvAWgYBBk7JR8GjFTKfWeX8huXM2ecHEAgSFdg6AQssemZuUWCTVJeywKFxCe1iFUwumU4EQhFnSdjdtGVgzdjAaFmQvY3ARrbvLbjsLf6oNE'

	# xprv = b'\x04\x88\xad\xe4'
	# yprv = b'\x04\x9d\x78\x78'
	# zprv = b'\x04\xb2\x43\x0c'