Initialization of wallet fails with ENOENT

[Kixunil]

Describe the bug

Important: to my knowledge LND doesn't produce macaroons until it's initialized - that's why I believe this is a bug with RTL, not my config.

When attempting to initialize a completely fresh LND, which didn't create macaroons yet, I get this error:

Apr 15 20:27:02 disp6398 ridetheln[9017]: Server is up and running, please open the UI at http://localhost:3000
Apr 15 20:30:52 disp6398 ridetheln[9017]: [1B blob data]
Apr 15 20:30:52 disp6398 ridetheln[9017]: INFO: RTLConf => Getting Node Config
Apr 15 20:30:53 disp6398 ridetheln[9017]: [1B blob data]
Apr 15 20:30:53 disp6398 ridetheln[9017]: INFO: RTLConf => Selected Node Updated To: "Main LND"
Apr 15 20:30:53 disp6398 ridetheln[9017]: [1B blob data]
Apr 15 20:30:53 disp6398 ridetheln[9017]: INFO: RTLConf => Selected Node Updated To: "Main LND"
Apr 15 20:30:53 disp6398 ridetheln[9017]: Common Set Options Error:{"errno":-2,"syscall":"open","code":"ENOENT","path":"/var/lib/lnd-system-mainnet/private/admin.macaroon"}
Apr 15 20:30:53 disp6398 ridetheln[9017]: Common Update Selected Node Options Error:{"errno":-2,"syscall":"open","code":"ENOENT","path":"/var/lib/lnd-system-mainnet/private/admin.macaroon"}
Apr 15 20:30:53 disp6398 ridetheln[9017]: [1B blob data]
Apr 15 20:30:53 disp6398 ridetheln[9017]: INFO: GetInfo => Selected Node: "Main LND"
Apr 15 20:30:53 disp6398 ridetheln[9017]: [1B blob data]
Apr 15 20:30:53 disp6398 ridetheln[9017]: ERROR: GetInfo(17) => LND Get info failed due to bad or missing macaroon!

My configuration:

{
  "SSO": {
    "rtlCookiePath": "/var/lib/ridetheln-system/sso/cookie",
    "rtlSSO": 1
  },
  "nodes": [
    {
      "Authentication": {
        "macaroonPath": "/var/lib/lnd-system-mainnet/private"
      },
      "Settings": {
        "lnServerUrl": "https://127.0.0.1:9090"
      },
      "index": 1,
      "lnImplementation": "LND",
      "lnNode": "Main LND"
    }
  ],
  "port": 3000
}

To Reproduce Steps to reproduce the behavior:

1. Create fresh LND instance
2. Open initialization page
3. Initialize the wallet
4. See that "nothing happens"
5. sudo journalctl -u $rtl_service_name reports the error above

Screenshots If applicable, add screenshots to help explain your problem.

Your environment

• Version of RTL 0.7.0
• Version of lnd 0.9.2
• Version of btcd, bitcoind, or other backend 0.19.1
• Browser & browser version Firefox 68.7.0esr
• Operating system (uname -a on *Nix) Linux disp6398 4.19.107-1.pvops.qubes.x86_64 #1 SMP Sat Feb 29 16:04:42 UTC 2020 x86_64 GNU/Linux

[saubyk]

LND generates macaroons as soon as its initialized. Your implementation uses a non-standard folder location for the macaroon files. Please ensure that as soon as LND initializes, the macaroon files are copied to the location which you have provided in the RTL config settings.

RTL needs the macaroon to communicate with all the LND APIs, including the init wallet operation.

Closing this ticket for now. Feel free to re-open if the macaroon exists and RTL is still unable to read the file.

[Kixunil]

Non-default paths have nothing to do with it as I set them up properly in LND config, using appropriate options, so they have to be generated at those places. I also checked the LND logs for any kinds of error messages related to generating macaroons - there were none. I also tried to remove custom path configurations to see if default one generates macaroons. It didn't.

Since I was struggling to get the macaroons generated by LND, I looked at the actual code and it's doing exactly what I said in my previous comment, see:

• At lnd.go line 362 the daemon waits for the wallet password (blocking is confirmed by a comment. Since the wallet isn't initialized, there's no password. LND doesn't distinguish between init and unlock password
• At lnd.go line 407, which is after line 362, no loops, no jumps, LND creates the macaroons.

Because of how the code is written it's impossible for macaroons to exist when the wallet is not initialized yet. So the bug must be at RTL.

That being said, I don't deny that this kind of workflow by LND is very weird, so I'm not surprised bugs like this one pop up.

[Kixunil]

I wanted to be absolutely sure, so I decided to check what lncli does. And indeed, it specifically skips macaroons in wallet unlocker you can see that true argument means skipMacaroons at getClientConn and see the argument used to skip reading the files.

[saubyk]

Reopening this to investigate further.

[ShahanaFarooqui]

It is being tracked with #367 & #369. Closing this issue.

[Kixunil]

Why? Those two bugs aren't related. This one is about using RTL to initialize the wallet, #367 is about frontend, #369 is about configuration.

[ShahanaFarooqui]

I thought it was resolved after fixing the lnServerUrl. Reopening the issue and assigning it to @saubyk

[ShahanaFarooqui]

@Kixunil I failed to reproduce the issue with the two different scenarios, below. Either the wallet is initialized or RTL is showing appropriate error on the UI.

Environment:

• Version of RTL 0.8.2
• Version of lnd 0.10.4
• Version of btcd, bitcoind, or other backend v0.19.0.1

Scenario 1 1) Create fresh LND instance:

• Created 'Lnd' folder
• Created 'lnd.conf' with required configuration in the above folder
• Run lnd
• It generated 'data', 'logs', tls.cert and tls.key in the above folder, including admin.macaroon 2) Start RTL Server 3) The RTL server will not get node information from LND and will redirect to 'unlock/initialize' page. 4) Initialize the wallet. 5) It goes through the process of generating the seed and then shows 'Go to Home' button. 6) Clicking on 'Go to Home' button redirects to Dashboard showing the details of newly initialized node.

Scenario 2 1) Create Lnd Folder only, but lnd server NOT initialized:

• Created 'Lnd' folder
• Created 'lnd.conf' with required configuration in the above folder 2) Start RTL Server 3) The server will be unable to get node information from LND and will redirect to 'unlock/initialize' page. 4) Initialize wallet throws an expected ECONNREFUSED error because lnd server is not available. 5) RTL shows the error on the screen.

[Kixunil]

including admin.macaroon

What? That's impossible, the wallet password is required for generating macaroons (because it needs to unlock the macaroon storage)

Did you use noseedbackup? Could you please post your whole LND config and the command line?

My lnd.conf

``` adminmacaroonpath=/var/lib/lnd-system-regtest/private/admin.macaroon bitcoin.defaultchanconfs=6 datadir=/var/lib/lnd-system-regtest/private/data debuglevel=info invoicemacaroonpath=/var/lib/lnd-system-regtest/invoice/invoice.macaroon listen=0.0.0.0:9737 logdir=/var/log/lnd-system-regtest maxlogfiles=5 maxlogfilesize=100 readonlymacaroonpath=/var/lib/lnd-system-regtest/readonly/readonly.macaroon restlisten=127.0.0.1:9092 rpclisten=127.0.0.1:10011 tlscertpath=/var/lib/lnd-system-regtest/public/tls.cert tlskeypath=/var/lib/lnd-system-regtest/private/tls.key bitcoin.active=1 bitcoin.node=bitcoind bitcoin.regtest=1 bitcoind.rpchost=127.0.0.1:18443 bitcoind.rpcpass=public bitcoind.rpcuser=public bitcoind.zmqpubrawblock=tcp://127.0.0.1:28442 bitcoind.zmqpubrawtx=tcp://127.0.0.1:28443 ```

My command line: /usr/bin/lnd -C /etc/lnd-system-regtest/lnd.conf

All required directories were created prior to launching lnd

The same with mainnet (just replace all instances of regtest with mainnnet and adjust the ports)

[ShahanaFarooqui]

My lnd.conf

[Application Options] alias=testnode color=#FF00FF debuglevel=debug externalip=xx.xxx.xx.xxx:9999 restlisten=0.0.0.0:8080 rpclisten=0.0.0.0:10009 [Bitcoin] bitcoin.active=1 bitcoin.testnet=1 bitcoin.node=bitcoind [Bitcoind] bitcoind.rpcuser=xxxxxxx bitcoind.rpcpass=xxxxxxx bitcoind.rpchost=xxx.x.x.x bitcoind.zmqpubrawblock=tcp://xxx.x.x.x:28332 bitcoind.zmqpubrawtx=tcp://xxx.x.x.x:28333

And command line: lnd

Another observation: Your LND config is listning to REST on port 9092 and your RTL config's lnServerUrl is pointing to port 9090.

[Kixunil]

That's super weird, I'm unable to understand how it's possible, so I opened an issue at LND.

Those ports are not a problem as before I posted configuration from mainnet and later from regtest, both behave the same in my case.

[guggero]

LND generates macaroons as soon as its initialized. Your implementation uses a non-standard folder location for the macaroon files. Please ensure that as soon as LND initializes, the macaroon files are copied to the location which you have provided in the RTL config settings.

RTL needs the macaroon to communicate with all the LND APIs, including the init wallet operation.

As commented in https://github.com/lightningnetwork/lnd/issues/4498, this is not true. The calls to the WalletUnlocker service (now with v0.11.0-beta.rc1 located in a separate file walletunlocker.proto ) do not require a macaroon to be sent. A macaroon was never required for these calls and will never be required because, as @Kixunil pointed out, they aren't generated until after unlocking the wallet.

[Kixunil]

@guggero thanks for confirming! How @ShahanaFarooqui got the macaroon generated then? The config doesn't contain noseedbackup and the directory was freshly created. :thinking:

[ShahanaFarooqui]

@guggero I wanted to create a small gif to show above behavior (admin.macaroon generates without --noseedbackup setting) but after computer restart I am unable to reproduce it. So, thanks for now. I will open an issue if i will be able to reproduce it ever again.

@Kixunil This time, Scenario 1 worked like below: 1) Create fresh LND instance:

• Created 'Lnd' folder
• Created 'lnd.conf' with required configuration in the above folder
• Run lnd
• It generated 'data', 'logs', tls.cert and tls.key in the above folder, WITHOUT macaroons 2) Start RTL Server 3) The RTL server will not get node information from LND and will redirect to 'unlock/initialize' page. 4) Initialize the wallet (As genseed and initwallet APIs do not require admin.macaroon). 5) It goes through the process of generating the seed and then shows 'Go to Home' button. 6) Clicking on 'Go to Home' button redirects to Dashboard showing the details of newly initialized node. ode.