Easier set-up with BTCPay Server node

[stefan-mihaila]

I'm trying to set-up Joule with my remote node, which is a BTCPay Server instance. After the lnd rest api url, Joule asks me to upload my .macaroon file. This is kind of painful in this case, as it means that I must ssh to my BTCPay Server and then find the .macaroon file in a docker volume (I actually don't know how to do it atm) Would be a lot easier for me if I could just paste my admin macaroon as a string, because I can copy it from my BTCPay Server admin console.

[stefan-mihaila]

I just realised that Joule requires both admin.macaroon and readonly.macaroon, not just one of them. From what I understand BTCPay exposes in its web admin just the admin macaroon, so even if I could paste readonly.macaroon in Joule, it doesn't look like I can copy it from BTCPay.

[wbobeirne]

You can technically provide admin.macaroon for both since admin is a superset of readonly. However, this will keep it unencrypted in memory and sync it to Chrome's extension storage, so I wouldn't necessarily advise this. Once LND provides some RPC API for generating macaroons (I can't find the particular issue, but I know it's in the works) it'll be able to get by with only the admin macaroon, since it could generate its own read-only.

Pasting as a string is an interesting use-case, how does BTCPay Server spit it out? Base64, hex string? I could be into an option for that, but would like to know more about how it works.

EDIT: As an aside, I think it would be nice if BTCPay Server was the one to improve its macaroon options. Many applications expect macaroons as a file (e.g. Zap) and I think that's likely to be the most common UX in the short term. Perhaps an issue should be opened for them to consider implementing.

[stefan-mihaila]

It is a hex string.

Actually, Zap has a dedicated option to sync with BTCPay Server.

In the next screen, Zap asks for a connection string, which is of the form:

{"configurations":[{"chainType":"Mainnet","type":"grpc","cryptoCode":"BTC","host":"btcpay.cypherpunk.zone","port":443,"ssl":true,"certificateThumbprint":null,"macaroon":"0201036c6e..."}]}

I really don't know what common UX will emerge, but I think it would be nice to have one. Pinging @NicolasDorier and @rockstardev just to start a discussion.

[NicolasDorier]

Hey, so I was actually talking with @wbobeirne about this.

The Configuration file that we share only show gRPC configuration, we planned to add REST configuration inside.

Though there is all the data for connecting to rest in Service Settings / Services / LND REST already, so we don't strictly need this. But still a nice to have.

[NicolasDorier]

Can you let me know if at least you can connect joule with the info provided in Service Settings / Services / LND REST

[wbobeirne]

I've just started spinning up a BTCPay Server using the LunaNode guide, so I'll be able to dig deeper into this issue pretty soon. I'll post once I have any notes about what Joule would need that isn't available yet.

[stefan-mihaila]

Can you let me know if at least you can connect joule with the info provided in Service Settings / Services / LND REST

@NicolasDorier At the moment I can't, as Joule wants me to upload 2 files: admin.macaroon and readonly.macaroon. The easiest way to do it I guess is to ssh to BTCPayServer and somehow get the files from the docker volumes and scp them to my local machine and upload them, which feels clunky.

EDIT: Just to be clear, Joule expects an actual file, not a hex string. As @wbobeirne explained earlier, admin.macaroon can be used instead of readonly.macaroon, but tbh I don't fully understand the security implications of doing that.

[NicolasDorier]

@cypherpunk2140 can you support the copy paste of the macaroon? This is way more user friendly than saving files around.

[NicolasDorier]

Why is there 2 files? If Joule has the admin.macaroon file, it can do everything readonly.macaroon does.

[wbobeirne]

@NicolasDorier @cypherpunk2140 I ask for both because I keep your admin.macaroon encrypted with the password you set at the start. However, I want you to be able to open the extension and browse without having to enter that password every time you open the extension. It felt like the responsible option.

As mentioned in this previous comment, I hope to get rid of this necessity once there's an RPC for me to generate a readonly macaroon with the admin macaroon you give me.

In the short term, I'll try to add inputs for hex strings, and you can just paste your admin macaroon for both. But if I get some free time, I can look at PRing in a readonly.macaroon hex and file download buttons on BTCPayServer, it looks like it shouldn't be too prohibitively difficult (at least to do the former.)

[NicolasDorier]

sure

[wbobeirne]

Just merged the implementation for this, you can see it in #67. If you'd like to try it out, you can build the extension from source, or I've made a zip with the latest changes for you to try out.

joule-v0.2.0-prerelease.zip

I should be putting up a new release shortly, so early feedback would be appreciated.

[stefan-mihaila]

@wbobeirne Man, that was fast! I pasted the admin macaroon hex from BTCPayServer in Joule and went straight to https://www.lightningspin.com to feed my gambling addiction. Deposited 1000 satoshis from Joule and span. Got lucky on my first try. Decided to not be overly crazy, so I created an invoice for 2000 satoshis (1000 mine + 1000 won) with Joule and withdrew everything. I love it!

Thanks for moving so fast with it and for working on this cool project. If you give me a btc address I will gladly send you some coins for a 🍺!

Hmm, maybe you could even add a donate button to https://lightningjoule.com or your homepage, for receiving tips with Joule 😉

Thank you! 🙏

[NicolasDorier]

Tested it, copied the admin macaroon in both textboxes and it could connect to my node.

I suggest that you make readonly macaroon optional and that if empty, you take the admin macaroon as readonly macaroon.

[NicolasDorier]

@wbobeirne I try to get away from LND. Would you provide a generic API that I would just implement at BTCPay level? In such way you would support clightning as well.

[wbobeirne]

I'm going to have to write a separate adapter for Joule to use c-lightning (#14), since it has a completely different API and auth structure. However, WebLN will remain agnostic to the underlying node implementation.

[NicolasDorier]

@wbobeirne if I implement WebLN server side, would you be able to connect to it?

[wbobeirne]

I'm not entirely sure what you're looking to implement, maybe we should take this out of the issue thread and into Slack or something. I'm in the LND developer slack if you want to DM me there.