Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Connect to lightning node through TOR #2

Open
carlosmassa opened this issue Oct 28, 2020 · 18 comments
Open

Connect to lightning node through TOR #2

carlosmassa opened this issue Oct 28, 2020 · 18 comments

Comments

@carlosmassa
Copy link

Is there any way to connect lnme to a lightning node like Umbrel (https://github.com/getumbrel/umbrel) through an REDACTED.onion:8333 address?

@bumi
Copy link
Owner

bumi commented Oct 28, 2020

hey! thanks for bringing this up! Right now I think this is not possible out of the box (or without additional proxies.)
But this is for sure something that I would like to add. Can you help with that?
Do you want to run lnme on the same system as umbrel or somewhere else?

@carlosmassa
Copy link
Author

Hi! I'd like to run lnme in a github hosted webpage, and connect to a remote umbrel node. I can definitely help with testing.

@bumi
Copy link
Owner

bumi commented Oct 29, 2020

Running it as a static page does sadly not work. The invoice needs to be created that's why this is a small Golang app that does this for you. You can then embed it in any page, but the server part needs to run. - potentially that can run on the same machine as your LND node.

@carlosmassa
Copy link
Author

My LND node runs on a raspberry pi, and I can run javascript on a GitHub static page.

Would it work if the app to create the invoice runs in that same server and then a piece of javascript is embedded on the static webpage?

@bumi
Copy link
Owner

bumi commented Oct 29, 2020

yes, that's the idea. lnme runs on the same sever as your LND and then you can use JS from a static page to get the invoice.
As described here: https://github.com/bumi/lnme#javascript-widget-integration

you only need to make sure that the JS can access lnme on your raspberry pi server then.

@carlosmassa
Copy link
Author

Ok, I understand now. Thanks! Looks like an easy setup. It would be great if lnme could be accessed through a TOR hidden service to avoid exposing the IP address of the bitcoin full and lightning node.

@bumi
Copy link
Owner

bumi commented Oct 30, 2020

If you run lnme on the same node it connects through localhost. but then the lnme must be accessible.
Connecting from the outside through tor should for sure be easier and I will add this to lnme.
Do you by any chance have a tor test LND node?

@bumi
Copy link
Owner

bumi commented Nov 2, 2020

I have a branch that supports connecting through tor. You can test it here: https://github.com/bumi/lnme/tree/tor-connections
feedback welcome!

@aplnx
Copy link

aplnx commented Jun 29, 2021

Very interesting project. Straight to the point. I was trying to use BTCPAY server, but it seems too complex for what I need.

I will try to make it work on TOR and give you feedback anyway.

Thanks!!

@aplnx
Copy link

aplnx commented Aug 24, 2021

It didn't work so far.

I have all tls.* set. Tor is running ok. Hidden Services are set on 10009.

It returns the following error message:

2021/08/24 17:23:18 Error creating invoice: rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority (possibly because of "x509: ECDSA verification failure" while trying to verify candidate authority certificate "raspberrypi")"

@bumi
Copy link
Owner

bumi commented Aug 25, 2021

thanks for your feedback! sadly I do not have much experience with TOR so far, so help is greatly appreciated.

your error message does not sound that bad to me...it seems a connection could be made but the LND cert was invalid?
are you sure you have the correct cert? with which command do you run lnme?

@aplnx
Copy link

aplnx commented Aug 25, 2021

thanks for your feedback! sadly I do not have much experience with TOR so far, so help is greatly appreciated.

your error message does not sound that bad to me...it seems a connection could be made but the LND cert was invalid?
are you sure you have the correct cert? with which command do you run lnme?

It was my bad. The current version of lnme I am working on was picking old tls files from other directory path. I could not notice that until today. It is now working like a charm! Thanks!

By the way, congratulations for your work. Lnme is very good and I am loving it!

I have no experience working as github collaborator. I have added interesting features to lnme. If you are interested to know it, please, let me know.

@bumi
Copy link
Owner

bumi commented Aug 26, 2021

ok, that's great to hear! thanks! You've worked with the tor branch? (https://github.com/bumi/lnme/tree/tor-connections)?

yes, please! any interesting feature would be helpful. feel free to open issues (and PRs if you have some code... I am happy to help if you have questions)

@theLockesmith
Copy link

I'm trying to set up my lnme and I have it working fine using clearnet, but when I change my lnd-address in my config to my tor address I get the following message:
Error creating invoice: rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: EOF"

I'm testing by paying myself through Thunderhub. Here are the errors that spits out if they help at all:

{
  error: Error: Server Error
      at LnUrlResolver.lnUrlPay (/app/dist/modules/api/lnurl/lnurl.resolver.js:105:23)
      at runMicrotasks (<anonymous>)
      at processTicksAndRejections (node:internal/process/task_queues:96:5)
      at async target (/app/node_modules/@nestjs/core/helpers/external-context-creator.js:74:28)
      at async Object.lnUrlPay (/app/node_modules/@nestjs/core/helpers/external-proxy.js:9:24),
  level: 'error',
  message: 'Error paying to LnUrl service',
  timestamp: '2023-07-12T22:27:51.112Z'
}
{
  context: 'ExceptionsHandler',
  stack: [
    'Error: ProblemPayingLnUrlService\n' +
      '    at LnUrlResolver.lnUrlPay (/app/dist/modules/api/lnurl/lnurl.resolver.js:110:19)\n' +
      '    at runMicrotasks (<anonymous>)\n' +
      '    at processTicksAndRejections (node:internal/process/task_queues:96:5)\n' +
      '    at async target (/app/node_modules/@nestjs/core/helpers/external-context-creator.js:74:28)\n' +
      '    at async Object.lnUrlPay (/app/node_modules/@nestjs/core/helpers/external-proxy.js:9:24)'
  ],
  level: 'error',
  message: 'ProblemPayingLnUrlService',
  timestamp: '2023-07-12T22:27:51.112Z'
}

When I start the application (lnme) I see it connecting to my .onion followed by the cli splash and http server started on so I assume no errors on start.

@bumi
Copy link
Owner

bumi commented Jul 12, 2023

@theLockesmith the macaroon and the certificate are correct? the error "authentication handshake failed" sounds like the authentication issue?

@theLockesmith
Copy link

@bumi that was my first thought. I've tried both the file path and the hex with both clearnet and tor addresses, and both path and hex work for clearnet. Unless I need to pass them differently for tor, they're both correct afaict.

@bumi
Copy link
Owner

bumi commented Jul 13, 2023

ok. and the onion address is correct with port an everything?
but I think the error looks also more like it's on the tor connection side.
but sadly I don't know right now.

@theLockesmith
Copy link

I changed it back to the tor address to test and the error has changed:
Error creating invoice: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing socks connect tcp 127.0.0.1:34887->my.onion:[port]: unknown error host unreachable"
I think you're right with it being on the tor side. I'll dig around some. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants