Fine-graded macaroon for untrusted backup

[Zetanova]

To implement a containerized backup sidecar or an external untrusted backup-service a fine-graded backup-macaroon would be needed.

Backup

For an untrusted backup-service following RPC methods would be required and offchain/read access would already be to much.

/lnrpc.Lightning/SubscribeChannelBackups
/lnrpc.Lightning/ExportAllChannelBackup
/lnrpc.Lightning/ExportChannelBackup
/lnrpc.Lightning/VerifyChanBackup

Recovery

a very short lived macaron for restore could be created and passed to the untrusted service to start an auto-recovery process.

/lnrpc.Lightning/RestoreChannelBackups

But this is an optional requirement, the download of the backup as a file from the untrusted backup-service would be good enough.

[Roasbeef]

Possible now with the macaroon bakery.