Sovereignty: Bitcoin Full Node (part 1)

Not your seed, not your coins. Not your node, not your rules. Don't trust, verify!

To become truly financially sovereign, I need to make sure that everyone is playing according to the rules. For this, the Bitcoin Full Node is needed.

Running your own node also enhances privacy and allows you to run the Lightning Network node.

en 29 Dec 2020
Reading time: 7 minutes
FreedomBitcoin

The problem

When Bitcoin wallet connects to the network it usually won't download the whole blockchain and thus won't verify all the transactions. It will use some third party server to do this job. This poses both privacy and security concerns. A trusted third party sees the addresses that you are checking for balance and in theory, can even give you false data.

The solution is to run your own Bitcoin Full Node and setup the wallet to use this node instead.

Raspiblitz

There are many different solutions for running a node. In this article, I recommend using Raspiblitz because:

  1. Hardware for it is cheap (200€ / 230$)
  2. It is easy to setup.
  3. It supports Lightning Network out of the box.
  4. It is actively maintained and supported by its developers.
  5. It has a big and great community.
  6. It provides huge utility by supporting many services.

Hardware

Raspiblitz runs on Raspberry Pi and I recommend this minimal setup:

  • Raspberry PI 4 with Power Adapter
  • Heat-sink with active cooling
  • SSD 1TB (cheap option is 2.5 SATA with external HDD Box)
  • Micro SD card, 16GB (SDHC)
  • USB stick for backups

Raspiblitz can be assembled with a nice display, but it is not needed in my opinion.

Shopping lists:

  • Alza.cz (from the article about Umbrel which is another Raspberry based full node solution)
  • Amazon (from Raspiblitz documentation)
  • The backup USB stick is missing in both of them, please make sure you have one (even super small).

Installation

Raspiblitz has amazing documentation directly on Github. It is a step-by-step guide with screenshots.

Make sure you setup your node to run behind Tor. It is just about selecting the right option in the Raspiblitz setup. You don't want to anyone know you have a full node at home.

After installation and Bitcoin blockchain sync (it will take days) you have Bitcoin Full Node and Lightning Node ready.

Backup

You have the seed for the LN wallet written down. This is the backup for on-chain funds. However, once you open some channels, funds will be locked in those channels. In case the SSD fails, you need the latest backup of those channels.

However, using the whole channel's state (the file called channel.db) is tricky. You may accidentally broadcast the old state and get punished for it.

Broadcasting old channel state (old backup) is seen by Lightning Network as a fraud attempt. It will most likely result in a Penalty Transaction that will sweep funds from your side of a channel. For more info see this article [5].

To go around this problem, the Static Channel Backup was introduced.

It comes with a tradeoff: you recover your funds, but your channels will be closed. It can be costly because opening and especially force-closing channels may cost some significant on-chain fees. But in the contrast of loosing all your off-chain funds, it is a great deal.

Raspiblitz offers some options on how to do Static Channel Backup:

  1. Raspiblitz keeps the backup file channel.backup both on the SD card and on the main SSD by default.
  2. You can configure Raspiblitz to keep backup on a USB stick plugged into a Raspberry Pi.
  3. You can configure Raspiblitz to upload encrypted backup into Dropbox. But be aware that by doing this, you are exposing to Dropbox the fact that you are running the LN node. Using the fake account and Tor is advised.

Raspiblitz has great documentation about this. and a nice video explaining it.

Testing the Backup

It is crucial to have backups. But if you haven't tested your backup you don't know if you really have it.

To test the seed:

  1. Fund the wallet with some very small amount of Bitcoin.
  2. Erase the LN wallet by going to the menu and [REPAIR][RESET-LND].
  3. Then recover the Wallet from the seed.
  4. Verify that you have recovered the correct wallet by checking the balance and funding transaction from step 1.

The only suitable way how to check that channel.backup is ok is to check that the file changes (on USB or in Dropbox) after the channel state has changed.

Truly testing it by doing the backup process is not possible because it would force-close all your channels in the process.

Lightning Network

Raspiblitz comes with Ride the Lightning app (RTL) that allows managing the node via the browser. It will be accessible via IP on your local network or via onion address over Tor allowing you to manage your node remotely.

The next step is to fund the wallet with some non-trivial amount of Bitcoin and start opening channels. Make sure they are big enough (I would recommend a minimum of 1M sats).

Preferring those "big" channels is good:

  1. Because the on-chain fees can be quite high making such channel uneconomic allocation of funds. This can be especially a problem in a situation when you need to service the channel (for example rebalance it by on-chain swap).
  2. Every channel has also some funds reserved for its force-closing transaction. The nodes will be updating the reserved amount regularly according [6] to the state of the mempool and can be quite high in busy times.

Inbound capacity

By opening a channel we have all sats on your side and it means we can send, but we cannot receive.

The easiest way how to get some inbound is to open a big channel and spend some funds on goods and services. This will move some sats on the other side of a channel allowing you to receive payments.

Here is a list of options on how to get inbound liquidity.

Using Lightning Node from the Mobile Wallet

The next step is to connect the LN wallet to your mobile phone to be able to spend sats in a grocery store. Raspiblitz supports two main wallets: Zap and Zeus.

  • Official Raspiblitz documentation
  • Nice video tutorial for Zeus which is also applicable for Zap, because the main concept is the same.

Connect on-chain wallet to your node (Electrum Server)

Electrum server is a service that allows the wallet to access the Bitcoin blockchain.

This is the part, where you became truly sovereign. By configuring your wallet to communicate with your own Bitcoin Full Node hidden behind Tor, over the Tor, you became your own bank. There is no trusted third party between you and the Bitcoin network. You just became the very part of the Bitcoin network. [7]

Again, there is a great video about it and documentation covering it.

Wallets supporting it:

  • Run Electrum Wallet by using a command like

    ./electrum-4.0.9-x86_64.AppImage --oneserver --server xxxxxxxxxxxxxxxxxxxxxxx.onion:50002:s --proxy socks5:127.0.0.1:9150

    You can get the exact command for your node from the Raspiblitz menu: [ELECTRS][CONNECT]. The Tor browser needs to be running to serve as a Tor proxy. If you have torsocs installed and use them as a proxy, use port 9050 instead of 9150. Check Electrum documentation for more info about connecting Electrum Wallet to a Tor node.

  • In Phoenix Wallet go to settings and navigate [General][Electrum server], click the [Set server] button, and paste the onion address provided by Raspiblitz. The port must be changed to 50001 (for more info see phoenix/issues/44).

  • In Wasabi Wallet you just need to set the onion address. of your Bitcoin Full node. It is different from the Electrum server and can be found in the menu section [INFO]. Wasabi then uses your full node to download the block instead of using a random one.

Wallets NOT supporting it 🔔 but hopefully soon will:

Blockchain Explorer

Pasting your transaction IDs into random blockchain explorer is possibly quite dangerous. You have to trust the third party that:

  1. They are presenting you with the correct data.
  2. They will not pair your IP with the transaction and sell this information to a blockchain analysis company (can be mitigated by Tor).

The solution to this is to run your own Blockchain Explorer on your Bitcoin Full Node. All that is needed is to turn it on in your Raspiblitz.

Conclusion

Running the full node and using it to accessing the Bitcoin network allows you to became sovereign by cutting off third parties. You can connect your wallets directly to your node and browse transactions in the Blockchain Explorer that is solely under your control.

Having the Lightning Network node allows you to connect to the network without relying on third parties (and their big nodes) like ACINQ (authors of the otherwise great Phoenix wallet). You can control fees and open channels to "create paths" for your future transactions.

In future articles, we will focus on the Lightning Loop, CoinJoin, and the Lightning Pool.

Sources and further readings

  1. Raspiblitz on Github
  2. Andreas M. Antonopoulos: Bitcoin Q&A: Why Running a Node is Important
  3. Alza: Co to je Bitcoin full node? (ZÁKLADY BITCOINU)
  4. Alza: Umbrel – Bitcoin full node s Lightningem i pro úplné amatéry (NÁVOD)
  5. Lightning Network (Part 3) – Where Is The Justice?
  6. Lightning Network RFC
  7. Wasabi Wallet: The importance of running a full node
  8. bitcoin.it | Full node
Found typo? Fix me!