I don't understand #Alby Hub at all. I'm running the desktop version and it:
1. Asked me for a password (for what?)
2. Never asked me for a back end (e.g. LND)
3. Doesn't have any setting yo set the back end
4. Says I can open a channel (without using my backend?)
This just doesn't seem to match what the readme says about supporting LND.
Gave up on it. It's not architecred to be self hostable; you need an Alby account for it to work, like the pre-nostr internet. 😔
It actually is! And you don't need Alby Account for it to work (not since like 4 months)
you choose your node backend in the “advanced” section during the setup.
the default is that it uses the embedded node.
the password is to encrypt your seed and sensitive data.
thanks for the feedback.
If it's running it's own node, where dies it get chain data? It isn't running a full bitcoin node, is it?
For the chain data it uses a remote esplora API (default LDK) to keep the resource usage low. (If you want to use your own full node you need to configure that.
What attacks does trusting someone else's full node enable? Obviously there are block withholding attacks, but would it be possible to provide blocks that are selectively missing transactions or forge payments?
I'm trying to understand what checks are happening in lightning (e.g. checking signatures on transactions?) and what are assumed to have happened in the full node.
I'm not asking as a criticism of the design choice. I just want to know who would want to go through the work of setting up a full node versus just rocking a lightning node by itself (and using other people's full nodes).
If you have a software architecture diagram of Alby that you can link me to, that might address a lot ofv my questions.
you can probably find a lot of details in the LDK docs: https://lightningdevkit.org/introduction/architecture/
The dev kit docs don't seem say anything about checking signatures. That kinda implies that it's up to the person using the SDK to do so.
