pull down to refresh

Liana (II): Technical Operation Without Pain

In this post we’ll see how to configure a policy in Liana, sign transactions, monitor expirations and renew routes, and how to run disaster drills: simulate device loss, let routes expire on testnet, and recover. This builds confidence to safely apply everything on mainnet.

Initial Setup and Policy Creation

  1. Install Liana v13.0 (or the latest version) on your system (Windows, macOS, or Linux).
  2. Connect at least one compatible hardware wallet.
  3. Create a new wallet: select a template or “custom policy” if you want specific routes.
  4. Add recovery routes: define after(X) + recovery keys.
  5. Liana will prompt you to save your descriptor (now it can encrypt it in v13) for secure backups.
  6. Review the network/xpub validations the app performs to ensure no mistakes are made.

Signing a Normal Transaction

  • Make a testnet send (or a small amount on mainnet).
  • In the normal flow, Liana uses the “primary” route and will ask you to sign with your main key.
  • Verify the expected transaction is generated and broadcast correctly.

Monitoring Expirations and Renewal (Refresh)

  • Each route has an expiration time. Liana monitors your UTXOs and warns you when one is approaching.
  • To “renew” a route about to expire, you spend that UTXO and create a new one, restarting the timelock counter.
  • The idea is that this should be as simple as “pressing a button” in the UI when the alert appears.

Disaster Drills

A) Loss of the Primary Device

  1. Remove the main key from the signing environment.
  2. Attempt recovery using the recovery route that has already expired (e.g., after after(6m)).
  3. Sign with the recovery key and broadcast the funds.

B) Deliberate Expiry on Testnet

  1. On testnet, configure a policy with a short route (e.g., after(1h) or after(2h)).
  2. Wait for the route to expire or force its expiration (depending on testnet behavior).
  3. Attempt to spend using the alternative recovery route.
  4. Verify it works without errors and analyze the minimal descriptor representing that route.

C) Recovery Key Rotation

  • Add a new recovery key, then remove the old one (once it’s no longer needed).
  • Verify the policy remains executable after rotation.

Technical Best Practices

  • ✅ Always start on testnet.
  • ✅ Begin with simple routes (1 recovery) before adding complexity.
  • ✅ Maintain backups (encrypted descriptor, keys).
  • ✅ Run drills regularly (every 6–12 months).
  • ✅ Watch expiration alerts and refresh before expiry.

Resources and Tools

  • Official Liana repo + changelog: https://github.com/wizardsardine/liana
  • Guide on routes with BitBox + timelocks: blog.bitbox.swiss
  • Release notes v13 explaining encrypted descriptor and UI improvements

Closing

  • Action today: create a wallet on Liana testnet with recovery policies, let a short route expire, and practice recovery.
In the next post we’ll continue with Ashigaru: Practical Privacy, so you can combine security and anonymity in your wallet stack.