show macaroons in the web GUI for specially scoped accounts like custodial accounts

[AndySchroder]

Is your feature request related to a problem? Please describe.

In the web GUI, you can only use LNC to connect to specially scoped accounts like custodial accounts. We need the access to the macaroons because https://github.com/lightninglabs/lightning-node-connect/issues/71 and https://github.com/lightninglabs/lightning-node-connect/issues/70 make it hard for developing machine to machine payment systems (like http://andyschroder.com/DistributedCharge/) where we can safely limit the machine's access to funds via a limited custodial account.

Describe the solution you'd like Show macaroons in the web GUI for custodial accounts.

Describe alternatives you've considered

https://docs.lightning.engineering/lightning-network-tools/lightning-terminal/accounts#docs-internal-guid-587703e5-7fff-5b2b-8389-3bd9e7bf6d0b works, but it requires command line access and that's not convenient for the average user and it's harder to get to the command line in systems like Start9.

[AndySchroder]

Please also add a string and QR code for an lndconnect URL (https://github.com/LN-Zap/lndconnect/blob/master/lnd_connect_uri.md). lndconnect is different from Lightning Node Connect, but they both should be usable. People with a dedicated public static IP address or a static private IP address don't need to use Lightning Node Connect, lndconnect works for them, the QR code is just a bit dense. lndconnect is way simpler to implement than Lightning Node Connect for clients and since we don't have a Lightning Node Connect library for many programming languages, this could help a lot of applications.

[AndySchroder]

Depending on how you solve it, this issue may be considered dependent on https://github.com/lightninglabs/lightning-terminal/issues/582.

[levmi]

Again, think this is great feedback and super helpful. We will start to think about designs and prioritize of implementation here. My only concern would be whether there is ongoing maintenance and support for lndconnect? I'm just not sure that there is. I also think we'd have to figure out some way to make it clear the differences between the two in UX as there are certain tradeoffs obviously.

[AndySchroder]

Agreed that you'd need some clarity on the difference between the two QR codes.

lndconnect doesn't need any maintenance or support. It's a very simple URL scheme that's widely supported across multiple applications:

lndconnect://<host>:<port>?[cert=<base64url DER certifcate>&]macaroon=<base64url macaroon>

This scheme is defined at https://github.com/LN-Zap/lndconnect/blob/master/lnd_connect_uri.md#syntax . lndconnect is different from Lightning Node Connect in that it doesn't require a proxy and it doesn't have a limited time that it can be valid for like the PAKE used in Lightning Node Connect. An lndconnect URL is valid as long as the macaroon hasn't been revoked.