Related, can you explain why BTCPay asks for an admin macaroon in order to connect a remote LND instance? Shouldn't a read-only macaroon with invoice permission suffice?
LNbank Vulnerability Recap: Last week, a critical vulnerability was identified in the LNbank plugin, which I developed as a plugin for nostr:npub155m2k8ml8sqn8w4dhh689vdv0t2twa8dgvkpnzfggxf4wfughjsq2cdcvg. The following post aims to outline what transpired and steps I, as a maintainer of the plugin, and BTCPay Server team are taking to prevent similar occurrences in the future. https://d11n.net/lnbank-vulnerability-recap
Discussion
Iirc we need it to access the connection details and health status of the GetInfo call. However, by now LND support baking custom macaroons and I'll look into if and how we can leverage that. /cc nostr:npub1y24gz5gwucl79vtv4ctwpysl0r5m4xyzu2rgulnr44ks3t5mt92q4nz2ad nostr:npub1zfytz6ktce3av2svlfpl0e79e44tnskxmvlpkcmc7q0xct3qa49swvm60l
At this point, it's not that big of a deal to not ask for it, maybe we can drop the requirement for the info.
fyi working on it here. Using invoice.macaroon suffices, only downside is we cannot display the connection details on the public Lightning node info page. https://github.com/btcpayserver/btcpayserver/pull/5567