Releases: lightningnetwork/lnd
lnd v0.12.0-beta.rc3
This release marks the first major release in the v0.12.x series! As this is a major release several new features are included in this release including: anchor commitment types are now the default, anchor commitment support for watchtowers, new arguments to auto compact the database as well as drop the wtxmgr state, generic wallet PSBT crafting+signing, and much more! As usual, this release contains several important bug fixes, so we recommend all users update.
Database Migrations
A migration to initialize a top-level peers bucket is included in this release. The bucket is used to track flap counts for peers that we have channels open with across restarts. These values are used to rate-limit the amount of memory that lnd uses to track peers online state, ensuring that we do not store large volumes of uptime information for peers that are constantly changing online state.
This release contains a migration to initialize a top-level-bucket for an outpoint index. There is also a subsequent migration that populates this index with an outpoint's status. This will cut down on expensive bbolt transactions throughout the codebase. The migration process should look something like this upon initial start up:
2020-12-21 10:45:07.256 [INF] LTND: Version: 0.12.0-beta commit=v0.12.0-beta, build=production, logging=default
2020-12-21 10:45:07.257 [INF] LTND: Active chain: Bitcoin (network=mainnet)
2020-12-21 10:45:07.257 [INF] LTND: Opening the main database, this might take a few minutes...
2020-12-21 10:45:07.257 [INF] LTND: Opening bbolt database, sync_freelist=false, auto_compact=false
2020-12-21 10:45:07.304 [INF] CHDB: Checking for schema update: latest_version=20, db_version=17
2020-12-21 10:45:07.304 [INF] CHDB: Performing database schema migration
2020-12-21 10:45:07.304 [INF] CHDB: Applying migration #18
2020-12-21 10:45:07.304 [INF] CHDB: Creating top-level bucket: "peers-bucket" ...
2020-12-21 10:45:07.305 [INF] CHDB: Created top-level bucket: "peers-bucket"
2020-12-21 10:45:07.305 [INF] CHDB: Applying migration #19
2020-12-21 10:45:07.305 [INF] CHDB: Creating top-level bucket: "outpoint-bucket" ...
2020-12-21 10:45:07.305 [INF] CHDB: Created top-level bucket: "outpoint-bucket"
2020-12-21 10:45:07.305 [INF] CHDB: Applying migration #20
2020-12-21 10:45:07.324 [INF] LTND: Database now open (time_to_open=67.71764ms)!
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.12.0-beta.rc3.txt and manifest-v0.12.0-beta.rc3.txt.sig are in the current directory) with:
gpg --verify manifest-v0.12.0-beta.rc3.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.12.0-beta.rc3.txt'
gpg: Signature made Tue Dec 15 18:57:27 2020 PST
gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
For this release roasbeef's signature is the secondary signature which can be verified with the following command:
gpg --verify roasbeef-manifest-v0.12.0-beta.rc3.txt.sig manifest-v0.12.0-beta.rc3.txt
gpg: Signature made Wed Sep 30 17:35:20 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Verifying the Release Timestamp
From this new version onwards, in addition to time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.12.0-beta.rc3.txt.sig.ots and manifest-v0.12.0-beta.rc3.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.12.0-beta.rc3.txt.ots
ots verify manifest-v0.12.0-beta.rc3.txt.sig.ots -f roasbeef-manifest-v0.12.0-beta.rc3.txt.sig
Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved.
The release binaries are compiled with go1.15.6, which is required by verifiers to arrive at the same ones.
They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.12.0-beta.rc3
gpg: Signature made Tue 15 Dec 2020 10:31:06 PM UTC using RSA key ID 9B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>"
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming
that vendor.tar.gz and lnd-source-v0.12.0-beta.rc3.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.12.0-beta.rc3.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc3" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc3" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
New Default Autopilot Heuristic
In this version of lnd, the default heursitic for autopilot has been changed from preferential attachment, to a version that will attempt to optimize for the betweeness centrality of the node. At a high level, this change means that rather than trying to connect (stochastically) to the nodes that have the most channels, lnd will instead attempt to connect to the nodes that appear most often in the shortest paths within the network. This change will serve to step as a stepping stone to further diffuse the graph to make it more resilient.
Pathfinding Improvements
lnd will now properly penalize attempts of larger "wumbo" sized payments proportionally. This will serve to ensure that clients with less active failure information are able to properly prune the search space by increasing the attempt cost for larger payments. New flags has been added to allow users to configure the attempt cost for this value (attemptcost and attemptcostppm). We encourage users taht frequently send larger payments to tweak these parameters to find what works best, and ideally communicate this information back to the maintainers of lnd so we can better tune the current default value.
Graph Download Optimizations
lnd will now batch all insertion operations related to channel graph which should greatly speed up initial graph download. Initial becnhmarks show this change resluting in a 3x speed increase, with further gains likely being seen on mobile and more constrained platforms.
Peer to Peer Updates
A new flag has been added to lnd to enforce a global connection timeout when trying to connect out to new peers. Setting a lower value for this new command line option (timeout) will mean that lnd will give up on unrechable peers much sooner than before, which can be useful when attempting to connect to a set of addresses to open chnnel to a peer.
Automatic Database Compaction
The most important data of any lnd node is stored in its channel database (channel.db). The database library currently used for this DB is bbolt which by design does not give back free space to the file system, even if data is deleted from the DB. This can lead to large DB files and...
lnd v0.12.0-beta.rc2
This release marks the first major release in the v0.12.x series! As this is a major release several new features are included in this release including: anchor commitment types are now the default, anchor commitment support for watchtowers, new arguments to auto compact the database as well as drop the wtxmgr state, generic wallet PSBT crafting+signing, and much more! As usual, this release contains several important bug fixes, so we recommend all users update.
Database Migrations
- TODO: describe "peers-bucket"
This release contains a migration to initialize a top-level-bucket for an outpoint index. There is also a subsequent migration that populates this index with an outpoint's status. This will cut down on expensive bbolt transactions throughout the codebase. The migration process should look something like this upon initial start up:
2020-12-21 10:45:07.256 [INF] LTND: Version: 0.12.0-beta commit=v0.12.0-beta, build=production, logging=default
2020-12-21 10:45:07.257 [INF] LTND: Active chain: Bitcoin (network=mainnet)
2020-12-21 10:45:07.257 [INF] LTND: Opening the main database, this might take a few minutes...
2020-12-21 10:45:07.257 [INF] LTND: Opening bbolt database, sync_freelist=false, auto_compact=false
2020-12-21 10:45:07.304 [INF] CHDB: Checking for schema update: latest_version=20, db_version=17
2020-12-21 10:45:07.304 [INF] CHDB: Performing database schema migration
2020-12-21 10:45:07.304 [INF] CHDB: Applying migration #18
2020-12-21 10:45:07.304 [INF] CHDB: Creating top-level bucket: "peers-bucket" ...
2020-12-21 10:45:07.305 [INF] CHDB: Created top-level bucket: "peers-bucket"
2020-12-21 10:45:07.305 [INF] CHDB: Applying migration #19
2020-12-21 10:45:07.305 [INF] CHDB: Creating top-level bucket: "outpoint-bucket" ...
2020-12-21 10:45:07.305 [INF] CHDB: Created top-level bucket: "outpoint-bucket"
2020-12-21 10:45:07.305 [INF] CHDB: Applying migration #20
2020-12-21 10:45:07.324 [INF] LTND: Database now open (time_to_open=67.71764ms)!
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.12.0-beta.rc2.txt and manifest-v0.12.0-beta.rc2.txt.sig are in the current directory) with:
gpg --verify manifest-v0.12.0-beta.rc2.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.12.0-beta.rc2.txt'
gpg: Signature made Tue Dec 15 18:57:27 2020 PST
gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
For this release roasbeef's signature is the secondary signature which can be verified with the following command:
gpg --verify roasbeef-manifest-v0.12.0-beta.rc2.txt.sig manifest-v0.12.0-beta.rc2.txt
gpg: Signature made Wed Sep 30 17:35:20 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Verifying the Release Timestamp
From this new version onwards, in addition to time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.12.0-beta.rc2.txt.sig.ots and manifest-v0.12.0-beta.rc2.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.12.0-beta.rc2.txt.ots
ots verify manifest-v0.12.0-beta.rc2.txt.sig.ots -f roasbeef-manifest-v0.12.0-beta.rc2.txt.sig
Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved.
The release binaries are compiled with go1.15.6, which is required by verifiers to arrive at the same ones.
They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.12.0-beta.rc2
gpg: Signature made Tue 15 Dec 2020 10:31:06 PM UTC using RSA key ID 9B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>"
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming
that vendor.tar.gz and lnd-source-v0.12.0-beta.rc2.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.12.0-beta.rc2.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc2" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc2" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
New Default Autopilot Heuristic
In this version of lnd, the default heursitic for autopilot has been changed from preferential attachment, to a version that will attempt to optimize for the betweeness centrality of the node. At a high level, this change means that rather than trying to connect (stochastically) to the nodes that have the most channels, lnd will instead attempt to connect to the nodes that appear most often in the shortest paths within the network. This change will serve to step as a stepping stone to further diffuse the graph to make it more resilient.
Pathfinding Improvements
lnd will now properly penalize attempts of larger "wumbo" sized payments proportionally. This will serve to ensure that clients with less active failure information are able to properly prune the search space by increasing the attempt cost for larger payments. New flags has been added to allow users to configure the attempt cost for this value (attemptcost and attemptcostppm). We encourage users taht frequently send larger payments to tweak these parameters to find what works best, and ideally communicate this information back to the maintainers of lnd so we can better tune the current default value.
Graph Download Optimizations
lnd will now batch all insertion operations related to channel graph which should greatly speed up initial graph download. Initial becnhmarks show this change resluting in a 3x speed increase, with further gains likely being seen on mobile and more constrained platforms.
Peer to Peer Updates
A new flag has been added to lnd to enforce a global connection timeout when trying to connect out to new peers. Setting a lower value for this new command line option (timeout) will mean that lnd will give up on unrechable peers much sooner than before, which can be useful when attempting to connect to a set of addresses to open chnnel to a peer.
Automatic Database Compaction
The most important data of any lnd node is stored in its channel database (channel.db). The database library currently used for this DB is bbolt which by design does not give back free space to the file system, even if data is deleted from the DB. This can lead to large DB files and slow startup times. Compaction is the process of creating a fresh copy of a bbolt database that only contains data and no "reserved free space". This process also de-fragments and validates the integrity of the data.
Automatic compaction of the channel.db can now be turned on with the flag `--db.bolt.auto-...
lnd v0.12.0-beta.rc1
This release marks the first major release in the v0.12.x series! As this is a major release several new features are included in this release including: anchor commitment types are now the default, anchor commitment support for watchtowers, new arguments to auto compact the database as well as drop the wtxmgr state, generic wallet PSBT crafting+signing, and more more! As usual this release contains several important bug fixes, so we recommend at all users update.
Database Migrations
TODO
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.12.0-beta.rc1.txt and manifest-v0.12.0-beta.rc1.txt.sig are in the current directory) with:
gpg --verify manifest-v0.12.0-beta.rc1.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.12.0-beta.rc1.txt'
gpg: Signature made Tue Dec 15 18:57:27 2020 PST
gpg: using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
For this release roasbeef's signature is the secondary signature which can be verified with the following command:
gpg --verify roasbeef-manifest-v0.12.0-beta.rc1.txt.sig manifest-v0.12.0-beta.rc1.txt
gpg: Signature made Wed Sep 30 17:35:20 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Verifying the Release Timestamp
From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.12.0-beta.rc1.txt.sig.ots and manifest-v0.12.0-beta.rc1.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.12.0-beta.rc1.txt.ots
ots verify manifest-v0.12.0-beta.rc1.txt.sig.ots -f roasbeef-manifest-v0.12.0-beta.rc1.txt.sig
Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved.
The release binaries are compiled with go1.15.6, which is required by verifiers to arrive at the same ones.
They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.12.0-beta.rc1
gpg: Signature made Tue 15 Dec 2020 10:31:06 PM UTC using RSA key ID 9B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>"
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming
that vendor.tar.gz and lnd-source-v0.12.0-beta.rc1.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.12.0-beta.rc1.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc1" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.12.0-beta.rc1" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
TODO
Contributors (Alphabetical Order)
Alex Bosworth
András Bánki-Horváth
Ben Woosley
Bjarne Magnussen
Calvin Zachman
Carla Kirk-Cohen
Carsten Otto
Conner Fromknecht
Dan Janosik
Daniel Babbev
Dominik Spicher
Eugene
Federico Bond
Glen Cooper
githorray
Graham Krizek
Hampus Sjöberg
Johan T. Halseth
Joost Jager
Juan Pablo Civile
Jules Lamur
Kartik Shah
Marty Jones
Matheus Degiovani
Mayank Chhabra
MrManPew
Olaoluwa Osuntokun
Oliver Gugger
positiveblue
Roei Erez
Tom Kirkpatrick
Torkel Rogstad
Wilmer Paulino
Yaacov Akiba Slama
Yan Pritzker
yyforyongyu
lnd v0.11.1-beta
This marks the first minor release in the v0.11.x series! This release contains no breaking changes, and no database migrations. Instead this release bundles a number of reliability improvements, some macaroon upgrades, and a change to make our version our anchor commitments spec compliant amongst several other changes.
Database Migrations
This release contains no database migrations.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.1-beta.txt and manifest-v0.11.1-beta.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.1-beta.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.1-beta.txt'
gpg: Signature made Thu Oct 1 16:38:32 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
For this release roasbeef's signature is the secondary signature which can be verified with the following command:
gpg --verify roasbeef-manifest-v0.11.1-beta.txt.sig manifest-v0.11.1-beta.txt
gpg: Signature made Wed Sep 30 17:35:20 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Verifying the Release Timestamp
From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.11.1-beta.txt.sig.ots and manifest-v0.11.1-beta.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.11.1-beta.txt.ots
ots verify manifest-v0.11.1-beta.txt.sig.ots -f roasbeef-manifest-v0.11.1-beta.txt.sig
Alternatively, the open timestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.9, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.1-beta
gpg: Signature made Tue Sep 15 18:55:00 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.1-beta.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.1-beta.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
Wumbo Soft Limit
lnd now has a soft-limit of 10 BTC for wumbo channels, when they're enabled. This limit can be reduced by specifying the new --maxchansize command line flag. This new flag allows node operators to better control their exposure to very large channels, while still allowing channels above the prior pre-wumbo limit.
Healthchecks
This release contains a new health checks subsystem which periodically runs a set of health checks and requests that lnd gracefully shutdown if the check fails. The following health checks are implemented:
- Chain backend: lnd requires access to a bitcoin backend, and may be at risk of losing funds if it loses its connection to the chain. A health check which periodically queries the chain backend for the best block is added, and enabled by default.
- Disk space: lnd needs disk space to update its database with operational data. A disk space health check which will request shutdown if available disk space falls below a threshold percentage has been added, but is disabled by default to ensure that this check does affect any existing deployments (particularly mobile).
Both of these checks are configurable, and the following options can be set in the healthcheck.chainbackend and healthcheck.diskspace config groups:
- Interval: how often the check should be run
- Attempts: the number of attempts we allow the check to fail before we request shutdown; this value can be set to 0 to disable a check.
- Timeout: the amount of time we allow a check to take before failing it due to timeout
- Backoff: the amount of time we backoff between failed checks
Note that these new checks are off by default. To turn them on, users should set healthcheck.chainbackend.attempts and healthcheck.diskspace.attempts to a non-zero value.
Anchor channels
The experimental anchor channel type introduced in lnd v0.10.0 has now been finalized in the BOLT spec, and this release makes the lnd implementation compatible with these changes. If you already have channels of the previous type you can still update. The only thing you must be aware is that cooperative close will fail until your channel party also update to a spec compliant implementation.
Note that this channel type still remains experimental.
Channel Configuration
A new flag has been added to allow node operators to limit the total number of HTLCs they'll allow to exist on "their side" of the commitment. In the future, we may lower this default in order to mitigate certain "fee siphoning" attacks that exist with high fee rates and a large number of HTLCs. Users can set this new value to control the value used for all newly created channels
using the following flag: --default-remote-max-htlcs.
RPC Server
The WalletUnlocker proxy now exposes CORS options like the rest of the REST proxy.
A new flag has been added to lnd which allows TLS certs to be generated without leaking sensitive data such as certain IP address information.
The existing PSBT funding flow has been modified to accept a raw transaction during the Finalize step. This makes our workflow more compatible with certain wallets like Electrum. Additionally, our flow is now compatible with wallets that have implemented mandatory measures to mitigate certain signing fault attacks.
Macaroons
Granular Method Macaroons
A series of new calls to enable granular macaroon access has landed in this new version. These new calls allow users to bake a macaroon with a specific method call URI. In other words, macaroons can now be created that only allow access to a specific set of RPC calls. As an example, it's now possible to create a macaroon that only lets a user obtain the current snapshot of the graph and nothing more.
A new local CLI command: lncli listpermissions, allows one to view all the current permissions available when baking a macaroon.
If we wanted to make a macaroon that only allowed access to GetInfo and `GetVersion, then we'd execute the following command:
lnd v0.11.1-beta.rc4
lnd v0.11.1-beta.rc4
lnd v0.11.1-beta.rc3
This marks the first minor release in the v0.11.x series! This release contains no breaking changes, and no database migrations. Instead this release bundles a number of reliability improvements, some macaroon upgrades, and a change to make our version our anchor commitments spec compliant amongst several other chagnes.
Database Migrations
This release contains no database migrations.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.1-beta.rc3.txt and manifest-v0.11.1-beta.rc3.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.1-beta.rc3.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.1-beta.rc3.txt'
gpg: Signature made Tue Sep 15 19:13:32 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Timestamp
From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.11.1-beta.txt.sig.ots and manifest-v0.11.1-beta.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.11.1-beta.txt.ots
ots verify manifest-v0.11.1-beta.txt.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.7, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.1-beta.rc3
gpg: Signature made Tue Sep 15 18:55:00 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.1-beta.rc3.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.1-beta.rc3.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes (WIP)
Wumbo Soft Limit
lnd now has a soft-limit of 10 BTC for wumbo channels, when they're enabled. This limit can be reduced by specifying the new --maxchansize command line flag. This new flag allows node operators to better control their exposure to very large channels, while still allowing channels above the prior pre-wumbo limit.
Healthchecks
This release contains a new health checks subsystem which periodically runs a set of health checks and requests that lnd gracefully shutdown if the check fails. The following health checks are implemented:
- Chain backend: lnd requires access to a bitcoin backend, and may be at risk of losing funds if it loses its connection to the chain. A health check which periodically queries the chain backend for the best block is added, and enabled by default.
- Disk space: lnd needs disk space to update its database with operational data. A disk space health check which will request shutdown if available disk space falls below a threshold percentage has been added, but is disabled by default to ensure that this check does affect any existing deployments (particularly mobile).
Both of these checks are configurable, and the following options can be set in the healtcheck.chainbackend and healthcheck.diskspace config groups:
- Interval: how often the check should be run
- Attempts: the number of attempts we allow the check to fail before we request shutdown; this value can be set to 0 to disable a check.
- Timeout: the amount of time we allow a check to take before failing it due to timeout
- Backoff: the amount of time we backoff between failed checks
Anchor channels
The experimental anchor channel type introduced in lnd v0.10.0 has now been finalized in the BOLT spec, and this release makes the lnd implementation compatible with these changes. If you already have channels of the previous type you can still update. The only thing you must be aware is that cooperative close will fail until your channel party also update to a spec compliant implementation.
Note that this channel type still remains experimental.
Channel Configuration
A new flag has been added to allow node operators to limit the total number of HTLCs they'll allow to exist on "their side" of the commitment. In the future, we may lower this default in order to mitigate certain "fee siphoning" attacks that exist with high fee rates and a large number of HTLCs. Users can set this new value to control the value used for all newly created channels
using the following flag: --default-remote-max-htlcs.
RPC Server
The WalletUnlocker proxy now exposes CORS options like the rest of the REST proxy.
A new flag has been added to lnd which allows TLS certs to be generated without leaking sensitive data such as certain IP address information.
The existing PSBT funding flow has been modified to accept a raw transaction during the Finalize step. This makes our workflow more compatible with certain wallets like Electrum. Additionally, our flow is now compatible with wallet's that have implemented mandatory measures to mitigate certain signing fault attacks.
Macaroons
Granular Method Macaroons
A series of new calls to enable granular macaroon access has landed in this new version. These new calls allow users to bake a macaroon with a specific method call URI. In other words, macaroons can now be created that only allow access to a specific set of RPC calls. As an example, it's now possible to create a macaroon that only lets a user obtain the current snapshot of the graph and nothing more.
A new local CLI command: lncli listpermissions, allows one to view all the current permissions available when baking a macaroon.
If we wanted to make a macaroon that only allowed access to GetInfo and `GetVersion, then we'd execute the following command:
lncli bakemacaroon uri:/lnrpc.Lightning/GetInfo uri:/verrpc.Versioner/GetVersion
A new CLI command lncli printmacaroon has also been added that shows what permissions an already baked macaroon contains.
For more information on this new feature, check out the updated set of docs on macaroons.
Custom Macaroon Validators
When initializing lnd, it's now possible to register a custom macaroon validator for a sub-server. This allows certain components to be unbundled, yet still retain lnd's primary RPC server interface for macaroon validation.
Bug Fixes
[A bug has been fixed that would at times ca...
v0.11.1-beta.rc2
This marks the first minor release in the v0.11.x series! This release contains no breaking changes, and no database migrations. Instead this release bundles a number of reliability improvements, some macaroon upgrades, and a change to make our version our anchor commitments spec compliant amongst several other chagnes.
Database Migrations
This release contains no database migrations.
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.1-beta.rc2.txt and manifest-v0.11.1-beta.rc2.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.1-beta.rc2.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.1-beta.rc2.txt'
gpg: Signature made Tue Sep 15 19:13:32 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Timestamp
From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.11.1-beta.txt.sig.ots and manifest-v0.11.1-beta.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.11.1-beta.txt.ots
ots verify manifest-v0.11.1-beta.txt.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.7, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.1-beta.rc2
gpg: Signature made Tue Sep 15 18:55:00 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.1-beta.rc2.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.1-beta.rc2.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.1-beta" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes (WIP)
Wumbo Soft Limit
lnd now has a soft-limit of 10 BTC for wumbo channels, when they're enabled. This limit can be reduced by specifying the new --maxchansize command line flag. This new flag allows node operators to better control their exposure to very large channels, while still allowing channels above the prior pre-wumbo limit.
Healthchecks
This release contains a new health checks subsystem which periodically runs a set of health checks and requests that lnd gracefully shutdown if the check fails. The following health checks are implemented:
- Chain backend: lnd requires access to a bitcoin backend, and may be at risk of losing funds if it loses its connection to the chain. A health check which periodically queries the chain backend for the best block is added, and enabled by default.
- Disk space: lnd needs disk space to update its database with operational data. A disk space health check which will request shutdown if available disk space falls below a threshold percentage has been added, but is disabled by default to ensure that this check does affect any existing deployments (particularly mobile).
Both of these checks are configurable, and the following options can be set in the healtcheck.chainbackend and healthcheck.diskspace config groups:
- Interval: how often the check should be run
- Attempts: the number of attempts we allow the check to fail before we request shutdown; this value can be set to 0 to disable a check.
- Timeout: the amount of time we allow a check to take before failing it due to timeout
- Backoff: the amount of time we backoff between failed checks
Anchor channels
The experimental anchor channel type introduced in lnd v0.10.0 has now been finalized in the BOLT spec, and this release makes the lnd implementation compatible with these changes. If you already have channels of the previous type you can still update. The only thing you must be aware is that cooperative close will fail until your channel party also update to a spec compliant implementation.
Note that this channel type still remains experimental.
Channel Configuration
A new flag has been added to allow node operators to limit the total number of HTLCs they'll allow to exist on "their side" of the commitment. In the future, we may lower this default in order to mitigate certain "fee siphoning" attacks that exist with high fee rates and a large number of HTLCs. Users can set this new value to control the value used for all newly created channels
using the following flag: --default-remote-max-htlcs.
RPC Server
The WalletUnlocker proxy now exposes CORs options like the rest of the REST proxy.
Macaroons
Granular Method Macaroons
A series of new calls to enable granular macaroon access has landed in this new version. These new calls allow users to bake a macaroon with a specific method call URI. In other words, macaroons can now be created that only allow access to a specific set of RPC calls. As an example, it's now possible to create a macaroon that only lets a user obtain the current snapshot of the graph and nothing more.
A new local CLI command: lncli listpermissions, allows one to view all the current permissions available when baking a macaroon.
If we wanted to make a macaroon that only allowed access to GetInfo and `GetVersion, then we'd execute the following command:
lncli bakemacaroon uri:/lnrpc.Lightning/GetInfo uri:/verrpc.Versioner/GetVersion
For more information on this new feature, check out the updated set of docs on macaroons.
Custom Macaroon Validators
When initializing lnd, it's now possible to register a custom macaroon validator for a sub-server. This allows certain components to be unbundled, yet still retain lnd's primary RPC server interface for macaroon validation.
Bug Fixes
A bug has been fixed that would at times cause lnd to crash due to an edge case in the logic within the ChainNotifier sub-server.
A bug has been fixed in the routerrpc server that would previously cause it to crash when given bad input.
The full list of changes since v0.11.0-beta can be found here:
Contributors (Alphabetical Order)
Carla Kirk-Cohen
Calvin Zachman
Conner Fromknecht
Graham Krizek
Johan T. Halseth
Olaoluwa Osuntokun
Oliver Gugger
Wilmer Paulino
lnd v0.11.0-beta
This marks the first major release in the v0.11.0 series! This release contains several new features including support for hodl keysend payments, stability improvements, first-class REST/WebSocket support for all RPC subservers, richer accounting APIs, and much more. Notably, this release also includes a new experimental database backend supporting replication via etcd. As usual, this release also contains a number of optimizations and bug fixes.
Database Migrations
This release contains one primary migration in order to index payments by sequence number, allowing for more efficient range queries and pagination. There are also three smaller migrations which initialize the top-level buckets for the payment index, payment address index, and channel close summaries. This migration should look something like this upon initial start up:
2020-08-19 9:31:59.543 [INF] LTND: Version: 0.11.0-beta commit=v0.11.0-beta, build=production, logging=default
2020-08-19 9:31:59.543 [INF] LTND: Active chain: Bitcoin (network=mainnet)
2020-08-19 9:31:59.543 [INF] LTND: Opening the main database, this might take a few minutes...
2020-08-19 9:31:59.960 [INF] CHDB: Checking for schema update: latest_version=17, db_version=13
2020-08-19 9:31:59.969 [INF] CHDB: Performing database schema migration
2020-08-19 9:31:59.969 [INF] CHDB: Applying migration #14
2020-08-19 9:31:59.969 [INF] CHDB: Creating top-level bucket: "pay-addr-index" ...
2020-08-19 9:31:59.969 [INF] CHDB: Created top-level bucket: "pay-addr-index"
2020-08-19 9:31:59.969 [INF] CHDB: Applying migration #15
2020-08-19 9:31:59.969 [INF] CHDB: Creating top-level bucket: "payments-index-bucket" ...
2020-08-19 9:31:59.969 [INF] CHDB: Created top-level bucket: "payments-index-bucket"
2020-08-19 9:31:59.969 [INF] CHDB: Applying migration #16
2020-08-19 9:31:59.969 [INF] CHDB: Migrating payments to add sequence number index
2020-08-19 9:31:59.970 [INF] CHDB: Applying migration #17
2020-08-19 9:31:59.970 [INF] CHDB: Creating top-level bucket: "close-summaries" ...
2020-08-19 9:31:59.970 [INF] CHDB: Created top-level bucket: "close-summaries"
2020-08-19 9:31:59.970 [INF] LTND: Database now open (time_to_open=427.238857ms)!
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.0-beta.txt and manifest-v0.11.0-beta.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.0-beta.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.0-beta.txt'
gpg: Signature made Wed Aug 19 18:22:45 2020 PDT
gpg: using RSA key 4AB7F8DA6FAEBB3B70B1F903BC13F65E2DC84465
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Timestamp
From this new version onwards, in addition time-stamping the git tag with OpenTimeStamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-v0.11.0-beta.txt.sig.ots and manifest-v0.11.0-beta.txt.ots.
Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:
ots verify manifest-v0.11.0-beta.txt.ots
ots verify manifest-v0.11.0-beta.txt.sig.ots
These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.7, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.0-beta
gpg: Signature made Wed Aug 19 07:19:57 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.0-beta.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.0-beta.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
Wumbo Channel Support
This version of lnd supports accepting and creating wumbo channels! A wumbo channel is a channel whose total capcity is greater than 0.16 BTC (the existing channel limit). Activating the wumbo channel feature is opt in meaning users will need to set a flag (--protocol.wumbo-channels) in order to use it. Most users can likely get by without wumbo channels, but larger nodes or exchanges/services may really benefit from the ability to manage a smaller set of larger channels.
As is, there's no limit with respect to the size of a channel that a node will accept. However, nodes may want to limit the size of channel they'll accept in order to limt their exposure. This can be done by using a ChannelAcceptor call back to reject all in-bound funding requests greater than a certain value.
To coincide with this feature, the existing payment limits have been lifted in the payment related RPC calls. The max payment is now bounded by what the reciever can receive, and what the sender can route over using MPP.
New Autopilot Heuristic
In this version of lnd, we've added a new autopilot heuristic that is more robust and resistant to manipulation compared to the existing preferential attachment heuristic. This new heuristic is based on the concept betweenness centrality. The betweenness centrality metric is a essentially a measure of the number of shortest paths that pass through a particular node/vertex. The new heuristic uses this value rather than the relative number of channels a node has to make attachment (channel creation) decisions. This new heuristic should be more effective for both clients and routing nodes as as it's more indicative of a nodes potential as a routing node than simply the number of channels it has.
This new mode can be activated by passing a new argument:
--autopilot.heuristic=top_centrality:1.0
to lnd. Note that it's possible to blend the old and new heuristics by specifying a another linear combination of heuristics with their total weight summing up to 1.0. The current heuristic still maintains the stochastic nature of the existing attachment heuristics. In later releases, we aim to improve on this, by doing a mini simulation to identify the best N new channels a node can add to maximize the gain of its betweenness centrality metrics. Once this is complete, then this metric will actually attempt to actively better position a potential routing node in the network, rather than try to connect to the node with the "best" value for a given metric.
Experimental Support for new Storage Backend: etcd
In this release of etcd, we've added experimental support for etcd as a new storage backend for lnd. etcd differs from bbolt (the current default storage backend) in that it's a replicated database which can be run in a clustered manner. The main advantage over bbolt is that the replicated nature eliminates the current single point of failure that...
lnd v0.11.0-beta.rc4
This marks the first major release in the v0.11.0 series!
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.0-beta.rc4.txt and manifest-v0.11.0-beta.rc4.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.0-beta.rc4.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.0-beta.rc4.txt'
gpg: Signature made Thu Aug 13 19:59:08 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.6, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.0-beta.rc4
gpg: Signature made Thu Aug 13 19:42:39 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.0-beta.rc4.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.0-beta.rc4.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta.rc4" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta.rc4" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
WIP, release will be up shortly!
Wumbo Channel Support
This version of lnd supports accepting and creating wumbo channels! A wumbo channel is a channel whose total capcity is greater than 0.16 BTC (the existing channel limit). Activating the wumbo channel feature is opt in meaning users will need to set a flag (--protocol.wumbo-channels) in order to use it. Most users can likely get by without wumbo channels, but larger nodes or exchanges/services may really benefit from the ability to manage a smaller set of larger channels.
As is, there's no limit with respect to the size of a channel that a node will accept. However, nodes may want to limit the size of channel they'll accept in order to limt their exposure. This can be done by using a ChannelAcceptor call back to reject all in-bound funding requests greater than a certain value.
To coincide with this feature, the existing payment limits have been lifted in the payment related RPC calls. The max payment is now bounded by what the reciever can receive, and what the sender can route over using MPP.
New Autopilot Heuristic
In this version of lnd, we've added a new autopilot heuristic that is more robust and resistant to manipulation compared to the existing preferential attachment heuristic. This new heuristic is based on the concept betweenness centrality. The betweenness centrality metric is a essentially a measure of the number of shortest paths that pass through a particular node/vertex. The new heuristic uses this value rather than the relative number of channels a node has to make attachment (channel creation) decisions. This new heuristic should be more effective for both clients and routing nodes as as it's more indicative of a nodes potential as a routing node than simply the number of channels it has.
This new mode can be activated by passing a new argument:
--autopilot.heuristic=top_centrality:1.0
to lnd. Note that it's possible to blend the old and new heuristics by specifying a another linear combination of heuristics with their total weight summing up to 1.0. The current heuristic still maintains the stochastic nature of the existing attachment heuristics. In later releases, we aim to improve on this, by doing a mini simulation to identify the best N new channels a node can add to maximize the gain of its betweenness centrality metrics. Once this is complete, then this metric will actually attempt to actively better position a potential routing node in the network, rather than try to connect to the node with the "best" value for a given metric.
Experimental Support for new Storage Backend: etcd
In this release of etcd, we've added experimental support for etcd as a new storage backend for lnd. etcd differs from bbolt (the current default storage backend) in that it's a replicated database which can be run in a clustered manner. The main advantage over bbolt is that the replicated nature eliminates the current single point of failure that is channel.db. When activated, lnd will store data that can be reconstructed easily locally in bbolt (such as the channel graph), while critical data such as the current state of a channel will be replicated and stored in etcd.
As this mode is still experimental, in order to test out this new DB mode, users will need to compile lnd with the new kvdb_etcd build tag: make install tags=kvdb_etcd. Before running etcd, users should check out the new documentation for information concerning the recommended etcd configuration set up. Future releases will further optimize our usage of the new database backend, eventually adding support to run lnd in a clustered mode by by using
etcd's leader election APIs.
Protocol/Spec Compliance
Sporadic Force Close Issue Resolution
This release fixes three distinct cases of erroneous force closes. All were related to the code that handles restarting channels, so nodes would regularly hit this if one of them flapped. Nodes should see increased stability across the network with this release.
ChannelAnnouncement Feature Bit Decoding
Short Channel ID Decoding
A bug has been fixed that would otherwise cuase lnd incorrectly decode a zero value short channel ID.
Support for Dynamic IPs and Domain Resolution for Node Addrs
In this version of lnd, a new flag has been added to allow users that either have a dynamic IP or want to advertise the resolved IP address of a domain name: --external-hosts. This new flag can be set to a series of external hosts. If this flag is set, then lnd will peridically attempt to resolve the target host, advetising the new IP address. We'll also keep track of the prior IPs reported by that domain name, and will send out a new advertisement with the most up to date IP addresses if we detect a change.
RPC Enhancement and Bug Fixes
New External Coin Selection API
In this release, we've added a new set of calls to the WalletKit sub-server that allows clients to perform custom coin selection. Along-side the existing SignRPC sub-server calls, this set of APIs allows clients to manually construct, sign and broadcast custom transactions. ...
lnd v0.11.0-beta.rc3
This marks the first major release in the v0.11.0 series!
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://keybase.io/bitconner/pgp_keys.asc | gpg --import
Once you have the required PGP keys, you can verify the release (assuming manifest-v0.11.0-beta.rc3.txt and manifest-v0.11.0-beta.rc3.txt.sig are in the current directory) with:
gpg --verify manifest-v0.11.0-beta.rc3.txt.sig
You should see the following if the verification was successful:
gpg: assuming signed data in 'manifest-v0.11.0-beta.rc3.txt'
gpg: Signature made Thu Aug 13 16:22:50 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Binaries
Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.14.6, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, routerrpc, and watchtowerrpc. Note that these are already included in the release script, so they do not need to be provided.
The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.
Finally, you can also verify the tag itself with the following command:
$ git verify-tag v0.11.0-beta.rc3
gpg: Signature made Thu Aug 13 15:46:14 2020 PDT
gpg: using RSA key 9C8D61868A7C492003B2744EE7D737B67FA592C7
gpg: Good signature from "Conner Fromknecht <[email protected]>" [ultimate]
Building the Contained Release
Users are able to rebuild the target release themselves without having to fetch any of the dependencies. In order to do so, assuming that vendor.tar.gz and lnd-source-v0.11.0-beta.rc3.tar.gz are in the current directory, follow these steps:
tar -xvzf vendor.tar.gz
tar -xvzf lnd-source-v0.11.0-beta.rc3.tar.gz
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta.rc3" ./cmd/lnd
GO111MODULE=on go install -v -mod=vendor -ldflags "-X github.com/lightningnetwork/lnd/build.Commit=v0.11.0-beta.rc3" ./cmd/lncli
The -mod=vendor flag tells the go build command that it doesn't need to fetch the dependencies, and instead, they're all enclosed in the local vendor directory.
Additionally, it's now possible to use the enclosed release.sh script to bundle a release for a specific system like so:
make release sys="linux-arm64 darwin-amd64"
⚡️⚡️⚡️ OK, now to the rest of the release notes! ⚡️⚡️⚡️
Release Notes
WIP, release will be up shortly!
Wumbo Channel Support
This version of lnd supports accepting and creating wumbo channels! A wumbo channel is a channel whose total capcity is greater than 0.16 BTC (the existing channel limit). Activating wumbo channel features is opt in meaning users will need to set a name flag (--protocol.wumbo-channels) in order to use it. Most users can likely get by w/o wumbo channels, but larger nodes or exchanges/services may really benefit from the ability to manage a fewer set of larger channels.
As is, there's no limit w.r.t. the size of a channel that a node will accept. However, nodes may want to limit the size of channel they'll accept in order to limt their exposure. This can be done by using a ChannelAcceptor call back to reject all in-bound funding requests greater than a certain value.
To coincide with this feature, the existing payment limits have been lifted in the payment related RPC calls. The max payment is now bounded by what the reciever can receive, and what the sender can route over using MPP.
New Autopilot Heuristic
In this version of lnd, we've added a new autopilot heuristic that is more
robust and resistant to manipulation compared to the existing preferential
attachment heuristic. This new heuristic is based on the concept betweenness
centrality. The betweenness centrality metric is a essentially a measure of the number of
shortest paths that pass through a particular node/vertex. The new heuristic
uses this value rather than the relative number of channels a node has to make
attachment (channel creation) decisions. This new heuristic should be more
effective for both clients and routing nodes as as it's more indicative of a
nodes potential as a routing node than simply the number of channels it has.
This new mode can be activated by passing a new argument: --autopilot.heuristic=top_centrality:1.0 to lnd. Note that it's possible to
blend the old and new heuristics by specifying a another linear combination of
heuristics with their total weight summing up to 1.0. The current heuristic
still maintains the stochastic nature of the existing attachment heuristics. In
later releases, we aim to improve on this, by doing a mini simulation to
identify the best N new channels a node can add to maximize the gain of its
betweenness centrality metrics. Once this is complete, then this metric will
actually attempt to actively better position a potential routing node in the
network, rather than try to connect to the node w/ the "best" value for a given
metric.
Experimental Support for new Storage Backend: etcd
In this release of etcd, we've added experimental support for etcd as a
new storage backend for lnd. etcd differs from bbolt (the current default storage backend) in that it's a replicated database which can be run in a clustered
manner. The main advantage over bbolt is that the replicated nature
eliminates the current single point of failure that is channel.db. When
activated, lnd will store data that can be reconstructed easily locally in
bbolt (such as the channel graph), while critical data such as the current
state of a channel will be replicated and stored in etcd.
As this mode is still experimental, in order to test out this new DB mode,
users will need to compile lnd with the new kvdb_etcd build tag: make install tags=kvdb_etcd. Before running etcd, users should check out the new
documentation for information concerning the recommended etcd configuration
set up. Future releases will further optimize our usage of the new database backend,
eventually adding support to run lnd in a clustered mode by by using
etcd's leader election APIs.
Protocol/Spec Compliance
Sporadic Force Close Issue Resolution
This release fixes three distinct cases of erroneous force closes. All were related to the code that handles restarting channels, so nodes would regularly hit this if one of them flapped. Nodes should see increased stability across the network with this release.
ChannelAnnouncement Feature Bit Decoding
Short Channel ID Decoding
A bug has been fixed that would otherwise cuase lnd incorrectly decode a zero value short channel ID.
Support for Dynamic IPs and Domain Resolution for Node Addrs
In this version of lnd, a new flag has been added to allow users that either have a dynamic IP or want to advertise the resolved IP address of a domain name: --external-hosts. This new flag can be set to a series of external hosts. If this flag is set, then lnd will peridically attempt to resolve the target host, advetising the new IP address. We'll also keep track of the prior IPs reported by that domain name, and will send out a new advertisement with the most up to date IP addresses if we detect a change.
RPC Enhancement and Bug Fixes
New External Coin Selection API
In this release, we've added a new set of calls to the WalletKit sub-server that allows clients to perform custom coin selection. Along-side the existing SignRPC sub-server calls, [this set of APIs allows clients to manually construct, sign and broadcast custom transactions](https://api.lightning.community/#service-walletk...