elenpay / nodeguard Goto Github PK
View Code? Open in Web Editor NEWNodeGuard is a treasury management solution for Lightning nodes
License: GNU Affero General Public License v3.0
NodeGuard is a treasury management solution for Lightning nodes
License: GNU Affero General Public License v3.0
We need to find a way to extract information from the lightning network in order to know when a channel is closed remotely. The challenge is not only to detect these type of occurrences but to find a way of making it consistent with our data model so we extract and store historical information once it happens
If reliable, this experimental feature could be used to get push notifications to avoid the use of polling.
https://api.lightning.community/#subscribechannelevents
It will require some additional services to implement this feature
Comments:
We need a better readme and contributing files
Entity model changes for features such as:
As a Finance Manager
I want to be able to create a hot wallet in NodeGuard
So that the system can automatically use the funds in it to perform automatic swaps
The hot wallet in NodeGuard will allow our system to perform automatic swaps (and reverse swaps) without the need of a Finance manager manually approving these transactions.
Withdrawals PSBTs do not have Global XPUBs field populated and the derivation paths for each input are missing. This comes from an initial thought that NodeGuard would never sign withdrawals, which is not valid anymore.
A finance manager can create (but not approve) withdrawals, channels, and also set a node with a return address to a different wallet that the one they own. It would be nice to not display wallets that none of its keys belong to the current logged finance manager.
Weird redirection to /setup-internal-wallet. Showed in video.
A bug in the counting of who many PSBTs / Signatures are required is leading to withdrawals not being able to be used in a 3-of-3 example.
Toastr channel balance error is displayed multiple times if it is not available + some UI fixes are needed on the channels view
As a Node Manager
I want that the hot wallets work with channel creation functionality
So that the system can automatically use the funds in them to perform channel openings
The Node managers will be able to use the hot wallets to quickly open channels without the need of an approval of Finance managers.
It looks like the the channelacceptorjob is not relaunching in Quartz after a crash
We need to add AGPL headers to all the files and the license file also.
Right now we cannot see the balance of the channel in the view, also the channel Id should be displayed and so.
In LND you need to add a peer prior to opening a channel, or use the —connect with the ‘openchannel’ command with the "pubkey@host:port" pattern but we are not doing it on the LightningService
Right now, in production mode, NodeGuard will generate its internal wallet automatically and print the wallet seedphrase in the console, but there is a security/privacy issue. We will implement a prompt on start to fix this.
When NodeGuard is opened for the first time (i.e. No superadmin users), we allow to set a new superadmin / password, then if not internal wallets are in the db, the same UI will generate one and display it on the screen for the user to store it safely.
Whenever a Job fails, it´s retried at an interval. That interval is currently 10 seconds and 20 retries.
We want to implement a list of backoff delays so the first retry is at 1 minutes, then 5 minutes, and then doubles. And we would like to be configurable.
Acceptance Criteria:
CI/CD need to be tweak for building the staging and prod versions of the remote signer and the nodeguard project.
We need a official docker image hosted in docker hub
The last time that the job is retried, it "succeeds" but it doesn't actually perform any action
Whenever we want to test sweeps on nodes, and we put money on them, the autosweep feature will take the money back to the wallets.
It would be useful to have a way to optionally disable autosweep on nodes.
This happens with most modals, but I'll describe steps for a specific one.
Steps to reproduce:
It would be nice to have all constants/env variables/magic numbers set up in the Constants.cs file
We lack of RPC methods for Opening and Closing Channels, it's required for some of our current use cases.
Currently, whenever a job exceeds all attempts, the UI shows that the resource stays in the state it currently was.
We need to mark them as failed if there will be no more attempts at retrying the job.
{"Timestamp":"2023-04-13T09:44:46.6734848+00:00","Level":"Warning","MessageTemplate":"Unhandled exception rendering component: {Message}","Exception":"System.NullReferenceException: Object reference not set to an instance of an object.\n at FundsManager.Services.NotificationService.SendNotification(String message, List`1 recipientList, String returnUrl) in /src/src/Services/NotificationService.cs:line 75\n at FundsManager.Services.NotificationService.NotifyRequestSigners(Int32 walletId, String sourcePage) in /src/src/Services/NotificationService.cs:line 61\n at FundsManager.Services.NotificationService.NotifyRequestSigners(Int32 walletId, String sourcePage) in /src/src/Services/NotificationService.cs:line 61\n at FundsManager.Data.Repositories.ChannelOperationRequestRepository.AddAsync(ChannelOperationRequest type) in /src/src/Data/Repositories/ChannelOperationRequestRepository.cs:line 119\n at FundsManager.Data.Repositories.ChannelOperationRequestRepository.AddAsync(ChannelOperationRequest type) in /src/src/Data/Repositories/ChannelOperationRequestRepository.cs:line 121\n at FundsManager.Data.Repositories.ChannelRepository.SafeRemove(Channel type, Boolean forceClose) in /src/src/Data/Repositories/ChannelRepository.cs:line 144\n at FundsManager.Data.Repositories.ChannelRepository.SafeRemove(Channel type, Boolean forceClose) in /src/src/Data/Repositories/ChannelRepository.cs:line 176\n at FundsManager.Pages.Channels.ShowConfirmedClose(Channel channel, Boolean forceClose) in /src/src/Pages/Channels.razor:line 363\n at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)\n at Blazorise.DropdownItem.ClickHandler()\n at Microsoft.AspNetCore.Components.ComponentBase.CallStateHasChangedOnAsyncCompletion(Task task)\n at Microsoft.AspNetCore.Components.RenderTree.Renderer.GetErrorHandledTask(Task taskToHandle, ComponentState owningComponentState)","Properties":{"Message":"Object reference not set to an instance of an object.","EventId":{"Id":100,"Name":"ExceptionRenderingComponent"},"SourceContext":"Microsoft.AspNetCore.Components.Server.Circuits.RemoteRenderer","TransportConnectionId":"FLH2JUgBFdeo-KX-1CrSQg","RequestId":"0HMPR8QCK6JK7:00000002","RequestPath":"/_blazor","ConnectionId":"0HMPR8QCK6JK7","dd.trace_id":"14129391728701447723","dd.span_id":"6131940780546872198"}}
Upgrade to dotnet 7 and remove FundsManager term from the namespace
Please add some context if necessary
As a Node Manager
I want that the hot wallets work with withdrawals
So that I can move money from one wallet to another
The Node managers will be able to use the hot wallets to quickly move funds from one wallet to another without the need of an approval from the Finance managers
The embedded signer is used always and it should not, both methods should be allowed.
The entity key for the internal wallet of the time is not found when using IKeyRepository.GetCurrentInternalWalletKey()
, we didn't take into account the changes from #7
When opening or clossing a channel, and making a withdrawal, quartz job fails because it cannot serialize recursive objects.
This UI will allow to set Liquidity Rules to managed nodes.
NodeGuard needs a gRPC API for specific uses cases like:
Check for every new file committed to /scr/**/*.cs that it has the license header
We used to add the master fingerprint of a wallet to know which seedphrase needs to be used by the remote signer lambda function, but if the fingerprint starts with a number, AWS wont allow it, so we need to retrieve the env-var in the code like MF_{Master Fingerprint}
Whenever you write inside a textarea and then do a click, the text is erased
We no longer use ansible so we can remove it from the repo.
Right now we cannot have access to already setup multisig wallets due to the work introduced by hot wallets, still, this work is needed for the future to support infinite amount of multisig wallets by the same human keys
The criteria that must be met in order to consider this project a success.
Whenever you close two channels at the same time, you get this error in the terminal
InvalidOperationException: The instance of entity type 'Channel' cannot be tracked because another instance with the same key value for {'Id'} is already being tracked
Remove remote signer project and transfer to the other git repo, so we can ease CI/CD and split features more easily.
I see this pattern repeated a lot, maybe it could be refactored in just a method, but its ok for now
Originally posted by @Jossec101 in #5 (comment)
Right now the access control is broken and nodemanagers are not able to create channels, finance managers have access to create and close channels. We should fix that so every role has access to their own domain:
Acceptance Criteria:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.