pull down to refresh

I am curious, how do you measure the security of your node? You explicitly say, "my node was running for 2 years and was absolutely secure. Then I installed X and bad things happened." I am sorry, but this means nothing. The vulnerability is the human factor here... All systems are secure until they aren't. Look eg. at ACINQ, how they try to secure their nodes with ledgers. Hard work.
Anyway, with respect to your loss, I believe that the more interesting thing here now is the vulnerability itself. I've looked at the source code (https://github.com/dennisreimann/btcpayserver-plugin-lnbank/commits/master), there should be the fix in the 1.8.9 release. However, it is very difficult to figure out anything about it. There is no description. Am I blind or is it intentional? Can somebody explain what was the issue? Or is it a secret?
There is no mention of any critical vulnerability fix in the release notes: https://github.com/dennisreimann/btcpayserver-plugin-lnbank/releases/tag/v1.8.9. Like, seriously?
Here is a pretty new issue to start doing CI/CD: https://github.com/dennisreimann/btcpayserver-plugin-lnbank/issues/57 in the project. Great! But wait, hey, this project is intended to maintain others' people money and it does not use CI/CD yet? "Somebody has lost his founds, so it looks like it is now the right time to start testing..." WTF?
Nowadays, anybody can write code because it looks easy. Even AI can write code today. Sharing everything. But where is some responsibility? Ok, it's FOSS, no warranty... But, really?
This change looks suspicious: it resides inside a commit named "More transaction sorting" but instead it changes wallet balance caching code, which is a quite possible spot for a vulnerability.
reply
Brother, I was a developer and sysadmin myself for many years. Old school python dev. Once I learned a great lesson with someone I respect a lot... "If you want you server to be completely 1000% secure, disconnect both the network cable and power cable."
I understand nothing can be 1000% totally secure but after running 2 LN nodes for almost 2 years, using always latest versions of LND, using a great firewall on my network and many other things like researching all the time and being aware of bug reports, I had 0 (zero) issues with the LND node itself. Considering this I felt I could trust LND and my implementation to have it in production. And for 2 years all went fine until a installed BTCPay server a few months ago.
Regarding the rest of your comment, I totally agree 100% with you.
reply
I believe, you did your best.
It is now important to prevent such silly things in the future as much as we can. Bitcoin is not a toy anymore.
Take care.
reply
With all due respect, in retrospect I don't think you should consider "I had 0 (zero) issues" as a condition to put all your life savings or deduce something is bug free. If you are not risk adverse, putting 1/4 would have been better. Just one example: many people use bash and yet there was a critical bug discovered in it in 2015 I think, heartbleed. And yet it was considered safe to use for years.
reply
How does ACINQ use a ledger to secure a lightning node?
reply
They probably track everything because of that.
reply
deleted by author
reply