I am considering making an LNbits alternative that does not have too many security holes
Discussion
What’s security holes does LNbits have?
um let’s say it took them 3 months of constant reminders that allowed anyone to log onto your LNbits instance and
- destroy all data
- drain all your LN funds
- etc
bUt HoW cOuLd YoU sAy SuCh MeAn ThInGs???? 🤣
I don't enable the super admin and I only allow users to be added via the .env file. Problem solved.
I wouldn't want random internet people being able to create accounts on my instance.
Nope
Okay, can you link a GitHub issue?
Was reported a few years ago in DMs. Finally fixed
Found a few other bugs that got fixed too.
But the codebase probably has way more, looking at the code quality. Not interested in doing free work for a project ran by someone that called me a “FUDer” for saying they have issues in their code.
Fair enough and thank you for the added context.
I have a separate single channel LND node running LNBits so I can run the Lightning Piggys for my kids. I don't allow new signups. Are you saying I should not be running this cause it could still get owned?
I'm weary of any publicly accessible program that can send sats from my node, hence why I built a seperate node with minimal funds on it.
Only the node that is used can be drained
Also, if you do not expose it to the internet, you are mostly fine
Closing it off from the web defeats its use case. Limiting sign ups is probably a good first step.. but Does this problem still exist in v1 (pending release)
Seems like a glaring issue like this should be more broadly discussed. Especially for a codebase that is so regularly utilized by the Bitcoin Lightning community
Not currently. There likely are a lot of other bugs though due to the garbage code quality, and the current payment handling code can register sent payments as not sent in certain cases
maybe just enough? 🤣
just enough is 0 (except the ones you don’t know..)
i was just poking fun, i think you meant "so insecure" not "too insecure", i know english is not your mother language, how to say that without sounding like a pedant! hah. born autistic pedant at your service *salutes*
here to irritate you with ecdsa p256 secp256r1 signed bearer tokens to allow read access to dumbass clients that can't be taught to do real cryptography
that or have a nostr event as a long term token, and send it to the client from an API
And isn’t so buggy
Ultra sound security
You totally should, then decide to upkeep and find a team of volunteers for it!
if there is funding
in Golang please
hell yes
you know there is an archived version that fiatjaf left abandoned called lnbits infinity, right?
I lost some sats to LNbits due to security holes so I would appreciate that
Demo server?
It must have been a couple years ago now, but SuperTestnet had a programming course on building a simple web wallet using LNbits
So I had played with that, created a wallet, had an API key and then one day months later I read that some of the LNbits servers were attacked
So I check and then I no longer had access to my wallet, my keys no longer worked, the server was dead
I never stored that much on there because I knew the risks, but I was pretty disappointed nonetheless
I like the idea of the project and hope it does better in future, but I lost faith after that
Most recent fiasco was they pushed a completely untested(!) dev branch to their “demo server” with I think MULTIPLE BTC on it, it got drained very fast, then they tried to brush it off with “its beta” and “what did you expect”
There was other issues like SQLi being possible on ALMOST EVERY endpoint
And allowing draining of Eclair nodes with just hold invoices nothing special needed
If you are holding multiple BTC and don’t want to be responsible for it either shut it down, or at least apply some precautions
That’s disappointing
hah, lol, sql is such garbage
it may take some extra work to build proper purpose built data stores but the performance and security benefits are obvious
making everything programmable is a mistake, it's why i disagree with hot-reloadable database scripts, aka "smart contracts"... hard code them or gtfo
have you seen tigerbeetle DB
idk, i'm a badger and golang maxi so why would i look
there is another db that looks sorta interesting for high read workloads, pogreb, it would probably actually be quite good for nostr data, at least, i probably would separate the replaceable event kinds into a badger and use pogreb for the rest
i see, it's one of these funny things with extra double checking
my fiat mine uses the Move language which has all kinds of safety features and in the case of Sui at least, has a strong security against flaws that allow data to change ownership improperly
anyway, i don't like java, though phoenix is one of the better ones with LSPs, breez is based on LND and i had a particularly bad stuck payment experience with it, fortunately it eventually came back to me, and i suppose LND uses leveldb
anyway, you aren't going to convince me to use any software that isn't written in Go and especially not that is heavily funded and promoted by Apple, because i hate apple, more than i hate microsoft, and i certainly would not use their trash for finances either