Closed dzdidi closed 1 year ago
Stateless init is contradictory in its effect to auto unlocking. If you auto unlock then the file you used for unlocking has exactly same security implications as storing macaroons.
I'd make more sense to warn or error that the options are contradictory.
@Kixunil , understood. In this case, should enabling of auto-unlock check existence of macaroon files on disk and fail/warn if they exist?
No, if auto unlock is enabled it means the user trusts OS/filesystem to securely store sensitive information so there's no logical reason to disable macaroons. If stateless init is used and either auto unlock is also used or the macaroons already exist on disk then a warning/error is appropriate.
StatelessInit as option LND config
If I understand correctly,
StatelessInit
being part of lncli is motivated by case of remote lncli (client) which would makeadmin.macaroon
file never stored in the lnd (server) at the first place. At the same time, there is aWalletUnlockPasswordFile
option which allows to restart node and unlock wallet automatically which will persist*.macaroon
files on server.Your environment
lnd
:lnd version 0.14.1-beta commit=v0.14.1-beta
uname -a
on Nix): ``btcd
,bitcoind
, or other backend:*
Steps to reproduce
rename all the
*.macaroon
files; addWalletUnlockPasswordFile
option with path to file with correct password restart lnd and see new*.macaroon
filesExpected behaviour
Have a config option which would prevent creation of macaroon files when auto-unlock is enabled