Liana (II): Technical Operation Without Pain
In this post we’ll see how to configure a policy in Liana, sign transactions, monitor expirations and renew routes, and how to run disaster drills: simulate device loss, let routes expire on testnet, and recover. This builds confidence to safely apply everything on mainnet.
Continuing from Liana (I): MiniScript Applied to Recovery and Inheritance
Initial Setup and Policy Creation
- Install Liana v13.0 (or the latest version) on your system (Windows, macOS, or Linux).
- Connect at least one compatible hardware wallet.
- Create a new wallet: select a template or “custom policy” if you want specific routes.
- Add recovery routes: define
after(X)
+ recovery keys. - Liana will prompt you to save your descriptor (now it can encrypt it in v13) for secure backups.
- Review the network/xpub validations the app performs to ensure no mistakes are made.
Signing a Normal Transaction
- Make a testnet send (or a small amount on mainnet).
- In the normal flow, Liana uses the “primary” route and will ask you to sign with your main key.
- Verify the expected transaction is generated and broadcast correctly.
Monitoring Expirations and Renewal (Refresh)
- Each route has an expiration time. Liana monitors your UTXOs and warns you when one is approaching.
- To “renew” a route about to expire, you spend that UTXO and create a new one, restarting the timelock counter.
- The idea is that this should be as simple as “pressing a button” in the UI when the alert appears.
Disaster Drills
A) Loss of the Primary Device
- Remove the main key from the signing environment.
- Attempt recovery using the recovery route that has already expired (e.g., after
after(6m)
). - Sign with the recovery key and broadcast the funds.
B) Deliberate Expiry on Testnet
- On testnet, configure a policy with a short route (e.g.,
after(1h)
orafter(2h)
). - Wait for the route to expire or force its expiration (depending on testnet behavior).
- Attempt to spend using the alternative recovery route.
- Verify it works without errors and analyze the minimal descriptor representing that route.
C) Recovery Key Rotation
- Add a new recovery key, then remove the old one (once it’s no longer needed).
- Verify the policy remains executable after rotation.
Technical Best Practices
- ✅ Always start on testnet.
- ✅ Begin with simple routes (1 recovery) before adding complexity.
- ✅ Maintain backups (encrypted descriptor, keys).
- ✅ Run drills regularly (every 6–12 months).
- ✅ Watch expiration alerts and refresh before expiry.
Resources and Tools
- Official Liana repo + changelog: https://github.com/wizardsardine/liana
- Guide on routes with BitBox + timelocks: blog.bitbox.swiss
- Release notes v13 explaining encrypted descriptor and UI improvements
Closing
- Action today: create a wallet on Liana testnet with recovery policies, let a short route expire, and practice recovery.
In the next post we’ll continue with Ashigaru: Practical Privacy, so you can combine security and anonymity in your wallet stack.