Closed Zetanova closed 3 years ago
To implement a containerized backup sidecar or an external untrusted backup-service a fine-graded backup-macaroon would be needed.
For an untrusted backup-service following RPC methods would be required and offchain/read access would already be to much.
offchain/read
/lnrpc.Lightning/SubscribeChannelBackups /lnrpc.Lightning/ExportAllChannelBackup /lnrpc.Lightning/ExportChannelBackup /lnrpc.Lightning/VerifyChanBackup
a very short lived macaron for restore could be created and passed to the untrusted service to start an auto-recovery process.
/lnrpc.Lightning/RestoreChannelBackups
But this is an optional requirement, the download of the backup as a file from the untrusted backup-service would be good enough.
Possible now with the macaroon bakery.
To implement a containerized backup sidecar or an external untrusted backup-service a fine-graded backup-macaroon would be needed.
Backup
For an untrusted backup-service following RPC methods would be required and
offchain/read
access would already be to much.Recovery
a very short lived macaron for restore could be created and passed to the untrusted service to start an auto-recovery process.
But this is an optional requirement, the download of the backup as a file from the untrusted backup-service would be good enough.