A Technical Guide With Commentary
Ahhh, that feeling when a lightning payment goes through. Especially cool when it's done using a self hosted web wallet!
I recently followed Mutiny's self hosting instructions that they published, and this writeup contains some notes that might be useful to anyone else wanting to try this out.
Why Mutiny some may ask? A full comparison of self-hosted lightning wallets is beyond the scope of this article. Suffice it to say that I like playing with new tech and I'm a Bitcoin and web tech junkie 😁 See the Appendix for additional meta.
I started off by following the official installation instructions. I ran into a couple of snags but the Mutiny team quickly merged my feedback into the instructions.
Things seem to work pretty well on a 1GB/1CPU server, so I'd suggest going with those specs to start with.
At this point I was able to:
So I left it overnight and attempted paying the invoice again in the morning - it worked! I used Mutiny to pay a HODL invoice on RoboSats 💪
I was now fully up and running with Mutiny. However I didn't want random vulnerability scanners finding my server, so I looked at options to lock down access. The simple options for this are basically:
Neither 1 nor 2 are ideal because I want to access my wallet from anywhere, and basic auth is annoying AF. So you should go for option 3. Instructions here:
Be sure to make sure there is lots of entropy in your hidden path using something like
Another criteria that is important to me in terms of "accessing my wallet from anywhere", is accessing my wallet from different devices i.e. different browser tabs on different machines. Mutiny currently supports this! The only caveat is don't use the tabs within 2 minutes of each other, but the wallet warns you if you try to do this so you're good. Mutiny are aware of one issue around multiple-tab access so I'll be keeping an eye open for that.
The next day I needed to reboot my server and ran into a world of pain. After rebooting the server, hitting the URL resulted in
502 Bad Gateway which basically means the upstream web server used by nginx-in-reverse-proxy-mode is not reachable. So I ran
docker ps and noticed only two containers were running (vss and proxy).
Taking a look at Mutiny's
docker-compose.yml, I noticed that all the services were set to
restart: on-failure however when rebooting using
sudo reboot, the containers will exit 0 and therefore won't restart. So I changed this to
restart: unless-stopped and rebooted. This time all services were running and I was able to access my wallet! This still leaves the curious question of why vss and proxy were running after the first reboot, but I assume that they aren't shutting down cleanly or something and actually did exit with nonzero codes.
This was a wildly successful experiment for me compared to some other Bitcoin tech I've tried out, so hats off to the Mutiny team. Next steps I want to get to at some point:
One of the main reasons that I'm so interested in Bitcoin is that it has the potential to usher in a new era of world peace 4. In order for Bitcoin to win, however, it needs to become widely accepted as money. In order for it to be a successful money, we need scaling solutions. Anyone arguing against this is not being pragmatic. I regularly spend as little as $1 at a merchant, however spending $1 of on-chain BTC in a high fee environment is not sustaineable. Not to mention confirmation time issues, refund issues, etc. Hence lightning.
So that's why I'm really into Bitcoin and Lightning.
It's important to take Bitcoin privacy seriously though. Unlike your credit card, all base layer Bitcoin transactions are public, so it's quite easy to botch your opsec. I feel like I have a pretty good grip on on-chain privacy. Lightning privacy is, however, far more complicated. The best post I've ever read on the topic was Tony's "Current State of Lightning Network Privacy". After reading that, my Lightning setup looked like this:
This might seem like overkill, but I had some other reasons for hosting my own routing node besides privacy:
Given the recent shenanigans around lightning replacement cycling attacks, I decided to revisit my motivations for running a node.
Anyway, after a brief chat with Tony on Stacker News, I decided to take the plunge and switch to Mutiny's self hosted version. If things are looking good after a week of soak testing, I'll be decommissioning my routing node.
Originally published on shyfire's weblog