Nostr Web Client

Replying to

tanakei

・ThunderHubで焼いたマカロンがlncli printmacaroonでどう見えるか確認した。

ThunderHub macaroon permissions

---------------------------------------------------------------

get invoices invoices:read

create invoices invoices:write

get payments offchain:read

pay invoices offchain:write

get chain transactions onchain:read

send to chain address onchain:write

create chain address address:write

get wallet info info:read

stop daemon info:write

この結果によれば、offchain:wirteとonchain:writeの権限がなければそのマカロンを使うクライアントは勝手にBTCを送金することができない。

info:writeがなければ勝手にLNDを止めたりすることができない。

・lncli printmacaroonでデフォルトで作られるmacaroonのpermissionsを調べてみた。

admin.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"address:read",

"address:write",

"info:read",

"info:write",

"invoices:read",

"invoices:write",

"macaroon:generate",

"macaroon:read",

"macaroon:write",

"message:read",

"message:write",

"offchain:read",

"offchain:write",

"onchain:read",

"onchain:write",

"peers:read",

"peers:write",

"signer:generate",

"signer:read"

],

"caveats": null

}

```

chainnotifier.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"onchain:read"

],

"caveats": null

}

```

invoice.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"address:read",

"address:write",

"invoices:read",

"invoices:write",

"onchain:read"

],

"caveats": null

}

```

invoices.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"invoices:read",

"invoices:write"

],

"caveats": null

}

```

readonly.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"address:read",

"info:read",

"invoices:read",

"macaroon:read",

"message:read",

"offchain:read",

"onchain:read",

"peers:read",

"signer:read"

],

"caveats": null

}

```

router.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"offchain:read",

"offchain:write"

],

"caveats": null

}

```

signer.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"signer:generate",

"signer:read"

],

"caveats": null

}

```

walletkit.macaroon

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"address:read",

"address:write",

"onchain:read",

"onchain:write"

],

"caveats": null

}

```

・lncli listpermissions コマンドですべての RPC メソッド URI と、それらを呼び出すために必要なマカロン権限を一覧表示できる。

LND v0.18.5-betaでやると1344行ほどのJSONができる。

AddInvoiceだとinvoice:writeのpermissionを持つmacaroonを使えばインボイスを作れるようだ。

```

"/lnrpc.Lightning/AddInvoice": {

"permissions": [

{

"entity": "invoices",

"action": "write"

}

]

},

```

lncli listpermissionsからentityとactionを抜き出してみた。

```

"entity": "address",

"entity": "info",

"entity": "invoices",

"entity": "macaroon",

"entity": "message",

"entity": "offchain",

"entity": "onchain",

"entity": "peers",

"entity": "signer",

"action": "generate"

"action": "read"

"action": "write"

```

lncli とjqを組み合わせると例えば以下コマンドでinvoices:writeを必要とするRPCの一覧を表示できる。

invoices:writeだとAddInvoiceの他にホドルインボイス作成でも使ってるようだ

```

lncli listpermissions | jq -r '.method_permissions | to_entries[]

| select(.value.permissions[] | select(.entity == "invoices" and .action == "write")) | .key'

```

/invoicesrpc.Invoices/AddHoldInvoice

/invoicesrpc.Invoices/CancelInvoice

/invoicesrpc.Invoices/HtlcModifier

/invoicesrpc.Invoices/LookupInvoiceV2

/invoicesrpc.Invoices/SettleInvoice

/lnrpc.Lightning/AddInvoice

```

invoices:readだと以下となる。

```

/invoicesrpc.Invoices/SubscribeSingleInvoice

/lnrpc.Lightning/ListInvoices

/lnrpc.Lightning/LookupInvoice

/lnrpc.Lightning/SubscribeInvoices

```

LNの主だった機能のRPCはoffchainが必要ぽいので抜き出してみた。

offchain:write

チャネルの開閉、ペイメントの送信までやってるみたい。

デフォルトのmacaroonでoffchain:writeを持ってるのはadminとrouterの2つだけ。openchannel,closechannelはonchain:writeのpermissionも必要なようだ。

```

/autopilotrpc.Autopilot/ModifyStatus

/autopilotrpc.Autopilot/SetScores

/lnrpc.Lightning/AbandonChannel

/lnrpc.Lightning/BatchOpenChannel

/lnrpc.Lightning/ChannelAcceptor

/lnrpc.Lightning/CloseChannel

/lnrpc.Lightning/DeleteAllPayments

/lnrpc.Lightning/DeletePayment

/lnrpc.Lightning/FundingStateStep

/lnrpc.Lightning/OpenChannel

/lnrpc.Lightning/OpenChannelSync

/lnrpc.Lightning/RestoreChannelBackups

/lnrpc.Lightning/SendCustomMessage

/lnrpc.Lightning/SendPayment

/lnrpc.Lightning/SendPaymentSync

/lnrpc.Lightning/SendToRoute

/lnrpc.Lightning/SendToRouteSync

/lnrpc.Lightning/UpdateChannelPolicy

/routerrpc.Router/HtlcInterceptor

/routerrpc.Router/ResetMissionControl

/routerrpc.Router/SendPayment

/routerrpc.Router/SendPaymentV2

/routerrpc.Router/SendToRoute

/routerrpc.Router/SendToRouteV2

/routerrpc.Router/SetMissionControlConfig

/routerrpc.Router/UpdateChanStatus

/routerrpc.Router/XAddLocalChanAliases

/routerrpc.Router/XDeleteLocalChanAliases

/routerrpc.Router/XImportMissionControl

/wtclientrpc.WatchtowerClient/AddTower

/wtclientrpc.WatchtowerClient/DeactivateTower

/wtclientrpc.WatchtowerClient/RemoveTower

/wtclientrpc.WatchtowerClient/TerminateSession

```

"/lnrpc.Lightning/OpenChannel": {

"permissions": [

{

"entity": "onchain",

"action": "write"

},

{

"entity": "offchain",

"action": "write"

}

]

},

```

offchain:read

readの方はチャネルやインボイスの状態を確認するためのpermissionのようだ。

```

/lnrpc.Lightning/ChannelBalance

/lnrpc.Lightning/ClosedChannels

/lnrpc.Lightning/DecodePayReq

/lnrpc.Lightning/ExportAllChannelBackups

/lnrpc.Lightning/ExportChannelBackup

/lnrpc.Lightning/FeeReport

/lnrpc.Lightning/ForwardingHistory

/lnrpc.Lightning/GetDebugInfo

/lnrpc.Lightning/ListAliases

/lnrpc.Lightning/ListChannels

/lnrpc.Lightning/ListPayments

/lnrpc.Lightning/LookupHtlcResolution

/lnrpc.Lightning/PendingChannels

/lnrpc.Lightning/SubscribeChannelBackups

/lnrpc.Lightning/SubscribeChannelEvents

/lnrpc.Lightning/SubscribeCustomMessages

/lnrpc.Lightning/VerifyChanBackup

/routerrpc.Router/BuildRoute

/routerrpc.Router/EstimateRouteFee

/routerrpc.Router/GetMissionControlConfig

/routerrpc.Router/QueryMissionControl

/routerrpc.Router/QueryProbability

/routerrpc.Router/SubscribeHtlcEvents

/routerrpc.Router/TrackPayment

/routerrpc.Router/TrackPaymentV2

/routerrpc.Router/TrackPayments

/wtclientrpc.WatchtowerClient/GetTowerInfo

/wtclientrpc.WatchtowerClient/ListTowers

/wtclientrpc.WatchtowerClient/Policy

/wtclientrpc.WatchtowerClient/Stats

```

・おまけ1

RPCメソッド名にopenを含む要素を抽出するコマンド

```

lncli listpermissions | jq '.method_permissions | to_entries[] | select(.key | test("open"; "i"))'

```

{

"key": "/lnrpc.Lightning/BatchOpenChannel",

"value": {

"permissions": [

{

"entity": "onchain",

"action": "write"

},

{

"entity": "offchain",

"action": "write"

}

]

}

{

"key": "/lnrpc.Lightning/OpenChannel",

"value": {

"permissions": [

{

"entity": "onchain",

"action": "write"

},

{

"entity": "offchain",

"action": "write"

}

]

}

{

"key": "/lnrpc.Lightning/OpenChannelSync",

"value": {

"permissions": [

{

"entity": "onchain",

"action": "write"

},

{

"entity": "offchain",

"action": "write"

}

]

}

```

・おまけ２

thunderhubで作ったmacaroonはテキストで出力されコピペして使うもので、macaroonファイルになってない。

HEXをmacaroonファイルにするには以下コマンドでできる。HEXをコピペして置換する。またYOURSの箇所を自分でわかりやすい名称に置換すると良い。

```

echo -n "HEX" | xxd -r -p > YOURS.macaroon

```

thunderhubで"Create Invoices, Get Invoices, Get Wallet Info, Get Payments, Pay Invoices"をチェックして作ったmacaroonのpermissionsは以下となる。

```

{

"version": 2,

"location": "lnd",

"root_key_id": "0",

"permissions": [

"info:read",

"invoices:read",

"invoices:write",

"offchain:read",

"offchain:write"

],

"caveats": null

}

```

offchain:writeはあるがonchain:writeがないのでチャネル開閉はできないはず。

Shigeru Minami⚡️🇯🇵 8mo ago

まいくてすと

カスタムsignetの投稿にはDamusから

マカロンの投稿にはYakihonneから⚡️したんですが、

私から見るとYakihonneの方は反映されてなくて

tanakeiさん視点だと来てますか？

❤️は反映されてるのですが

Replying to

Shigeru Minami⚡️🇯🇵

https://spotlight.soy/detail?article_id=rqoqiokdl

Shigeru Minami⚡️🇯🇵 8mo ago

I used to write on a Japanese blog platform where you could tip writers using points purchased with Bitcoin.

However, I couldn’t convert the accumulated points back into Bitcoin for withdrawal, and eventually the points expired.

This platform is quite well-known among Japanese Bitcoiners.

From now on, I plan to write on Nostr-based platforms like Yakihonne and Habla instead.

nostr:nevent1qgs93ymetqpkem0f2ke9hy54swq5pw3dat9c6xfeakg6gxlz230xn9qpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz9thwden5te0wd68yenj0yhxjunfwvh8gme0qqsg4eazqfh73useuv65hejf9kfshakag96nvghryf77ngrk9eccwzgpauxwf

Shigeru Minami⚡️🇯🇵 8mo ago

https://spotlight.soy/detail?article_id=rqoqiokdl

Shigeru Minami⚡️🇯🇵 8mo ago

GM

Shigeru Minami⚡️🇯🇵 8mo ago

The "Agile Energy X plush toy" I made is displayed on the device that Agile Energy X showcased at Tokyo Bitcoin Base.

I posted an article on Geyser explaining this device.

https://geyser.fund/project/makingwaves/posts/view/4411

Shigeru Minami⚡️🇯🇵 8mo ago

I made a plush toy for Agile Energy X.

Agile Energy X is a project that combines renewable energy with Bitcoin mining.

It is operated by a wholly owned subsidiary of TEPCO, Japan’s largest electric utility company.

#ProofOfHandmade #MakingWavesBTC https://video.nostr.build/6618a66b2b8fca8e0dfcb00909a13ea8a66fdad6f29ce7a184d9eabefa753203.mp4 https://video.nostr.build/6618a66b2b8fca8e0dfcb00909a13ea8a66fdad6f29ce7a184d9eabefa753203.mp4

Shigeru Minami⚡️🇯🇵 8mo ago

GM

Shigeru Minami⚡️🇯🇵 8mo ago

I made new toppings for the Pizza Pouch!

Cheese pizza and pepperoni pizza.

It might be fun to create designs based on popular pizzas from different regions too.

Replying to

kishin (btc_dakara)

Agreed. Puts into question what the space stands for.

Shigeru Minami⚡️🇯🇵 8mo ago

Ah, I see.

Some people might feel that the space is not for Bitcoiners, but rather for Bitcoin-related companies.

I was thinking about how Bitcoin cannot choose its holders and, just as it sometimes ends up being accumulated by speculative corporations, the statue and its creator also cannot choose their collector or interfere with the collector’s intentions.

Perhaps it was inevitable that the statue would eventually be installed in an urban environment, but I didn’t expect Japan to be the first to set an example where corporate presence is so visibly emphasized.

https://x.com/satoshigallery/status/1915321600288735323

Replying to

Run with Bitcoin

bitcoin & couchsurfing community have something in common.

Shigeru Minami⚡️🇯🇵 8mo ago

I'm interested.

What similarities do they have? For example, do they both value peer-to-peer interaction?

Shigeru Minami⚡️🇯🇵 8mo ago

Tokyo Bitcoin Base...

I'm a bit concerned about the statue installation.

Maybe I'm misunderstanding things, but it looks like a plate displaying the names of participating companies might be placed right behind the statue.

In Switzerland and El Salvador, the statues were installed in beautiful public spaces with greenery or ocean views—the entire scenery, including the background, was stunning.

Of course, I understand that such a setup may be difficult to achieve in Japan...

But having corporate nameplates in the background feels out of place.

It seems to lack what we call “fuzei” in Japanese—a sense of atmosphere or charm.

I truly hope I’m mistaken.

Shigeru Minami⚡️🇯🇵 8mo ago

GM

Shigeru Minami⚡️🇯🇵 8mo ago

Today, I changed my plans and worked on making a Genesis Block Pouch.

I also prepared a post introducing a project related to a collaborative item I made.

I plan to share posts about two projects within the next few days.