pull down to refresh

Hey Stackers 👋
Just wanted to share with you all a project we have been heads down working on for a while now, and is finally ready for release:
It is a FOSS browser app that connects to your CoreLn node using the Lightning transport protocol and Commando for RPC access. Currently a connection can only be made over clearnet, but we plan to add TOR support in the near future. The initial use case that we have optimised for is to be able to remotely and securely connect to your node and send/receive lightning payments on the go. We plan to gradually add features over time where eventually it can become a full UI for your node. It is also a Progressive Web App, so you can easily install it to your device for a more native like experience without needing to go through an app store.
On mobile devices, the app will stay pretty clean and focussed on making payments on the go, whereas the desktop app will have more complex features like channel management, liquidity management, accounting etc.
We would love for you all to try it out and any feedback regarding features or issues would be super helpful 😄
Epic ⚡️
reply
Let me know if you give it a try!
reply
The UI is slick! I don't have a core lightning node yet so I can't try it sadly. I've been meaning to convert my home node though. This might be the motivation I need.
reply
Yeah we have been thinking about publicly sharing credentials for our regtest nodes we have running so that anyone could try out the app first, but I am worried that it could lead to a bad experience if multiple people are using the same two nodes at the same time, but maybe we will give it a try with that caveat and see what happens. I am hoping it will lead to more people running Core LN nodes!
reply
I don't really like browser based apps for security reasons. I will check out your website for more information.
reply
We have put a lot of thought in to making the app as secure as possible, but would definitely like feedback on how it could be more secure. Is there anything in particular about browser apps that you find make them insecure?
The way the app works is that it spins up what can be conceptually thought of as an ultra light node that communicates with your node via the lightning network itself. This means that it uses the lightning transport protocol (NOISE) which is fully end to end encrypted. When the app connects to your node, it actually shows up as a regular peer but with feature bits all set to zeros.
All credentials like your rune and node connection address can be encrypted with a pin, so that they are encrypted when stored in local storage and only decrypted in memory after pin entry.
We also assign the app a persistent public key which means that you can restrict your Rune to only work with this "session" in the app. Simply reset the app and now that rune can no longer be used even if someone else has got access to it as they would need to corresponding private key that only the app had.
You can check out the docs for more detailed info and if you have any other questions, drop them here or in our discord.
reply
Sounds cool, I'll wait and see if the community adopts it 🤔🤔🤔
reply
Cool
reply