Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Hybrid clearnet and Tor mode for lightning (LND and CL)

See original GitHub issue

moving the discussion from #2684

LND config flag

https://docs.lightning.engineering/lightning-network-tools/lnd/quick-tor-setup#hybrid-mode

[tor]
; Allow outbound and inbound connections to be routed through Tor
; tor.active=true

; Allow the node to connect to non-onion services directly via clearnet. This
; allows the node operator to use direct connections to peers not running behind
; Tor, thus allowing lower latency and better connection stability.
; WARNING: This option will reveal the source IP address of the node, and should
; be used only if privacy is not a concern.
; tor.skip-proxy-for-clearnet-targets=true

C-lightning setting

https://lightning.readthedocs.io/TOR.html#quick-start-on-linux

# 'always-use-proxy' informs C-Lightning to always use Tor even when connecting to nodes with public IPs. 
# You can set this to false or remove it, if you are not privacy-conscious and find Tor is too slow for you.
always-use-proxy=false

Bitcoin Core

could be configured to use clearnet connections as well - need to look up the exact config. It would help to prevent the partitinioning of the BItcoin network to To-only and clearnet-only parts.

Hide the home IP address with a shared VPN

this should work on the RPi: https://mullvad.net/en/help/linux-openvpn-installation/

or a simple openvpn config and autostart with any provider (not recommending PIA): https://www.raspberrypi-spy.co.uk/2020/06/raspberry-pi-vpn-setup-guide/

To restart openvpn for the autostart to kick in:

sudo systemctl daemon-reload
sudo systemctl restart openvpn

Configure the ufw to stop leaking the public IP in case the VPN disconnects: https://www.comparitech.com/blog/vpn-privacy/how-to-make-a-vpn-kill-switch-in-linux-with-ufw/

If your VPN is configured with a domain find out the IPs with:

host vpn.domain.com

to which addresses you need to allow the traffic.

Can test with:

sudo systemctl openvpn start
curl https://api.ipify.org
# should show a VPN ip address
sudo systemctl stop openvpn
curl https://api.ipify.org
# this should be blocked

Issue Analytics

State:
Created 2 years ago
Comments:26 (3 by maintainers)

Top GitHub Comments

3reactions

openomscommented, Jul 9, 2022

There is a great paid solution now under beta testing (looking very good): https://tunnelsats.com/ https://github.com/blckbx/tunnelsats

2reactions

benjamin-wilsoncommented, Mar 9, 2022

This is a killer feature, sooner the better! 🙏

Top Results From Across the Web

LND: Tor & Clearnet - How to setup hybrid-mode

Configuring hybrid-mode. Advertising clearnet connectivity LND needs to know the external IP of a node. There are two different cases to investigate: static ......

LND: Tor & Clearnet - How to setup hybrid-mode - Guides

Prelude and Objective. The lightning network functions in rapid growing speed as infrastructure for payments across the globe between merchants, creators, ...

LND: Tor & Clearnet - How to setup hybrid-mode - Reddit

I went a slightly different route and setup a cheap anonymous VPS (paid with bitcoin) that simply listens on port 9735 and then...

Quick Tor Setup - Builder's Guide

LND can be easily configured to be reachable over the Tor network. ... Your node in hybrid mode: Can reach all nodes, be...

Untitled

Casio efr 519-1a5v, Zubic vila, Turton high school, Dual mode propulsion, ... Sonartec 2 hybrid, Minibus crash m62 latest, Recargas telcel apesta, ...