nix bitcoin
play

nix-bitcoin robust Lightning nodes for hackers - PowerPoint PPT Presentation

Oct 02, 2023 •106 likes •411 views

nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01 @n1ckler A smart home A Bitcoin node A lonely datacenter Robustness Do you trust binaries from some cache or do you build from source? Do

  1. nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01 @n1ckler

  2. A smart home

  3. A Bitcoin node

  4. A lonely datacenter

  6. Robustness ● Do you trust binaries from some cache or do you build from source? ● Do you always check signatures? ● Do you isolate services and give least privileges? ● Do you minimize dependencies? ● Do you use a hardened kernel? ● Is your setup reproducible? ● Goal: want to do that once and for all

  7. nix-bitcoin nix tools nix-bitcoin configuration (text files) Bitcoin/Lightning/etc. node

  8. Deployment ● Need something like: 4GB memory, CPU: Intel celeron, enough space ● There’s a tutorial for deploying virtual box in README.md ● Need machine to deploy from (right now x86 linux) ● $ git clone https://github.com/fort-nix/nix-bitcoin.git

  9. “for hackers”: configuration.nix FIXMEs { config, pkgs, ... }: { imports = [ ./modules/nix-bitcoin.nix # FIXME : Uncomment next line to import your hardware configuration. #./hardware-configuration.nix ]; services.nix-bitcoin.enable = true; # FIXME : Define your hostname. networking.hostName = "nix-bitcoin"; # FIXME : add packages you need in your system environment.systemPackages = with pkgs; [ vim ]; services.clightning.enable = true; # services.spark-wallet.enable = true; # services.liquid-daemon.enable = true;

  10. nix-bitcoin modules ● bitcoind with reasonable default config (Tor-only, banlist) ● clightning with reasonable default config (Tor-only, not listening) ● spark-wallet ● recurring-donations ● bitcoin-core hardware wallet integration (HWI) works with major hardware wallets ○ ● liquid-daemon ● lightning charge & nanopos ● electrs (usable with electrum mobile app) ssh hidden service ● ● non-root user "operator"

  12. nodeinfo [operator@nix-bitcoin:~]$ nodeinfo BITCOIND_ONION=k7joisjlx5fjg77xcemqg6c5cprmslwhbcjuswlpdqwlvgvm6hp3j3yd.onion CLIGHTNING_NODEID=0339984228019b57db117d1cbaec31df115098d6a08d192cc CLIGHTNING_ONION=bsxeb3ucczmicamu6sec56bfal5cle2mwbnp5fgxeebpkxmefzahvtad.onion CLIGHTNING_ID=0339984228019b57db117d1cbaec31df115098d6a08d192ccb9d702 LIQUIDD_ONION=qacupjhgo52otzer7r6pmfqe6lwuwqi5m2fj4bzvra7iiyd7ap662xad.onion SPARKWALLET_ONION=http://rljtbxx33aew2ggokl3dfuiziwikmzyvjbsztpiogsn ELECTRS_ONION=fnguvt2rbzst5onvigwmv6vfarjqumsfd7yjva2x3fgqkphof3y4esqd.onion SSHD_ONION=pox7b2cmajfevrik6kwyqpvz2k6tpflbyzhbxb5zt6i7golivthmegqd.onion

  13. c-lightning + spark wallet + Android app + Orbot + Bitcoin Austrian [root@nix-bitcoin:/var/lib/bitcoind]# journalctl -eu spark-wallet Running /nix/store/hsy6797wclb2wv6nyk6sz1hnq789235k-node-spark-wallet-0.2.5/bin/spark-wallet --ln-path /var/lib/clightning -Q -k -c /secrets/spark-wallet-login --public-u> Connected to c-lightning v0.7.0 with id 0339984228019b57db117d1cbaec31df115098d6a08d192ccb9d70274a4e823d95 on network bitcoin at /var/lib/clightning/lightning-rpc Access key for remote API access: f8ufvzUnUu7mWY6EZQqonTXKalWfeIJTe89TmIUaRA HTTP server running on http://rljtbxx33aew2ggokl3dfuiziwikmzyvjbsztpiogsngqrycew6g2sid.onion Scan QR to pair with HTTP server: ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ █ ▄▄▄▄▄ █████▀▄▄███▀█▀▀███████ ██▀█ ▄▄▄▄▄ █ █ █ █ █▀█ ▀▀█ █ ▀ ▄▄ ▄▀ ▀ █▄▀▄█ █ █ █ █ █ █▄▄▄█ █▄▄ ▀▀▀ ▄▀▀▄▀ ▀█▀█ ▄ ▀█▄ █ █▄▄▄█ █ █▄▄▄▄▄▄▄█▄▀ ▀ █ ▀ █▄█ █▄█ █ ▀ █▄█ █▄▄▄▄▄▄▄█ █ ▄▀▀█▄▄▄█ ▄▀█ █▀ ▀▀██ █▄ █▄▄▀█▀█▀ ▀▀██ ██▀ ▀█ ▄█▀▀▀█▀ ▄ █▄▀ ▄▀▀ ▄▄▄▀▄▀█▄▀▄██▀█ ▀█ █▀▄▀▄█▄▄▄▀ ▄▀▄█▄▄ █▀ ▀███ █▄▀██ ▀█ ▄▀▀▀▀▀█ ██▄▄ ▀▀▄ ██▀█▀▄▀▄ ▄▀███▀█▄██▄▄▄ █▀█▀▄▀ █▀█ █▀▄ ▀▄ ▄█ █ ▀▄▄ ▄▀▀▀▀▄▀█▄ ▀▀ ▀ ▀█▀▀▀█▄█▀█ ██▄ ▀▄▄▄ ▄ ▄▄ ▄▀▄▀▄█▄█▄█▄▀ ██ █ ▀ ▄▄▄▄ █ █▀▀█▄█▀▄▀▄█ ▄▄██▄█▄▀▄▄▄▄▄█▀▄ ███▀ ██ ▀▄ ▀▄█ █ ▄█▀█▀▄▀▄▀█ ▄▄▀ █▄█▀███▀▄▄█ ▄█▀▀▄▀▄▀ ████ ███▀ ▄▀▀██▀▄▀█ ▀█▀ █▀▀▄▀█ ██▀ █▀ ▀▄▀▄▀█ █▀▀█▄▀█▄▀▀█▄▀█ ███▀█▄▀▀▄▀▄███▀ ▀▀█▀█ ▀██ █ ▀█ █▄▄█▀▀█▄▀▀▄▄ █▀█▀█▄ ▄▀ ▀▄▄▀▀▀▀▀ ▀█▄█ █ █ ▄▀▄▀ ▄▄▀██▄▀▄ ▄█▄▄▄██ █▄ ▄▀██▄▀▄█▀ ▀██▄█ █▄█▄▄▄█▄█ █ ▀▄▄ █ █ ▄█▄ ▄▄▄ █ ▀ ▄▄▄ ▀▄█▄█ █ ▄▄▄▄▄ █ ▄▀▄█▀▄▄█▄█▀█▄█▀█▀ ▄▄▀▄ █▄█ ▄▄▀██ █ █ █ ██ ▄█▄▄ ▀ ▄█▄ ▀█▀▄█▀▀▀ █▄▄ ▄ ▄▄█ ▀█ █ █▄▄▄█ █▀▀▄ ▄█ ▄▄▄ █▄█▀█▀▄▄▄▄▄█▀▄█▄ ▄ █▀█ █▄▄▄▄▄▄▄█▄▄▄▄▄▄█▄▄▄██▄█▄█▄▄▄▄█▄█████▄██▄███ [NOTE: This QR contains your secret access key, which provides full access to your wallet.]

  14. Recurring Donations ● A module to repeatedly send lightning payments to recipients specified in the configuration. ● Very easy to do because we have full control over system (systemd timers) services.recurring-donations.enable = true; # Specify the receivers of the donations. By default donations # happen every Monday at a randomized time. services.recurring-donations.tallycoin = { "djbooth007" = 20000; "hillebrandmax" = 20000; "renepickhardt" = 20000; };

  15. Hacking on nix-bitcoin

  16. In search of a systematic approach ● Whole system config in a few text files and in version control ● Use abstractions to reduce complexity ● Reduced statefulness

  17. The Nix ecosystem ● Nix: a purely functional package manager

  18. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix

  19. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.bitcoind.port = 8333; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  20. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix ● Nixpkgs: collection of Nix packages and NixOs modules

  22. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix ● Nixpkgs: collection of Nix packages and NixOs modules ● NixOps: declarative tool for deploying sets of NixOS Linux machines

  23. { bitcoin-node = { config, pkgs, ... }: { deployment.targetEnv = "virtualbox"; deployment.virtualbox.memorySize = 4096; # in MB deployment.virtualbox.vcpu = 2; deployment.virtualbox.headless = true; }; } $ nixops create -d my-new-network network.nix $ nixops deploy -d my-new-network

  24. There must be a more systematic approach ● Whole system config in a few text files and in version control ● Use abstractions to reduce complexity ● Reduced statefulness ● Using Nix ○ deployment und update with single command ( nixops deploy ) ○ Reproducibilty for ease of use and security ○ uses standard linux tools under the hood ○ simple functional, typed language

  25. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.bitcoind.port = 8333; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  26. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  27. Customizations ● Change/uncomment nix-bitcoin options in configuration.nix ● Check available module options in modules/ and add to configuration.nix ○ For example services.bitcoind.prune = 120000; services.bitcoind.dbCache = 4000; Services.clightning.bind-addr = "127.0.0.1:9735"; ● If option is not available, open an issue in the nix-bitcoin github repo or define it yourself

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held electronically. No one controls it.

839 views • 17 slides
Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Cryptocurrency Technologies Mechanics of Bitcoin Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin Scripts Bitcoin Blocks The Bitcoin Network Limitations and Improvements Mechanics of

695 views • 33 slides
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad scala bility

731 views • 46 slides
Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Cryptocurrency Technologies Bitcoin as a Platform Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments Token tracking Multiparty lotteries Public randomness Prediction markets A fine stew

714 views • 38 slides
Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed Computing Group www.disco.ethz.ch What is Bitcoin? What is Bitcoin? + What is Bitcoin? = + Whats it worth? USD / Bitcoin exchange price 300

752 views • 48 slides
Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption &

Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption &

Cryptocurrency Technologies Bitcoin Mining Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption & Ecology Mining Pools Mining Incentives and Strategies Recap: Bitcoin Miners Bitcoin depends on

821 views • 35 slides
Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers are not trusted: may be greedy or corrupt Each peer knows about all bitcoins and transactions Transaction (sender -> receiver): sender

958 views • 23 slides
Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers

Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers

Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers Joseph Bonneau CITP, Princeton Thanks to Andrew Miller, Arvind Narayanan, Jeremy Clark, Joshua Kroll, Ed Felten Part I: Bitcoin in 6 easy steps

752 views • 32 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin

Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin

Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin regulated? The so far unregulated digital currency has courted controversy because of its volatile value and its popularity among

1.17k views • 51 slides
Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin?

Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin?

Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin? Bitcoin is a cryptocurrency: a digital currency whose rules are enforced by cryptography and not by a trusted party (e.g., bank) Core ideal: avoid

1.02k views • 36 slides
A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital currency Anyone can be part of the network Global distributed ledger called blockchain First Appearance Bitcoin: A Peer-to-Peer Electronic

4.02k views • 48 slides
Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol designed by Satoshi Nakamoto in 2008 https://bitcoin.org/bitcoin.pdf First Bitcoin client launched in 2009 Peer-to-peer no centralized

501 views • 31 slides
Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher

Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher

Privacy : Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher Independent investigative journalist Research focus: Bitcoin / cryptocurrencies, information security, privacy, surveillance, and

1.3k views • 85 slides
Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am

Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am

1 Abschlussprsentation Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am Bitcoin-Markt 3 Verhaltensmuster Arbitrageure 4 Arbitragetools 5 Ergebnisse und Fazit Was ist Arbitrage? Arbitrage

456 views • 33 slides
Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and Blockchain Technologies Shanghai Jiao Tong University 2017 Bitcoin Bitcoin What is bitcoin and how does it work? Bitcoin What is bitcoin and how

2.08k views • 178 slides
Uncovering interactions with Random Forests Jake Michaelson Marit Ackermann Andreas Beyer

Uncovering interactions with Random Forests Jake Michaelson Marit Ackermann Andreas Beyer

Uncovering interactions with Random Forests Jake Michaelson Marit Ackermann Andreas Beyer Random Forests >> ensembles of decision trees >> diverse trees trying to solve the same problem >> used frequently for: >>

523 views • 34 slides
Using word alignments to assist computer-aided translation users by marking which target-side

Using word alignments to assist computer-aided translation users by marking which target-side

Introduction Related Work Methodology Experiments and Results Conclusion Current and future Work Using word alignments to assist computer-aided translation users by marking which target-side words to change or keep unedited Miquel Espl`

1.05k views • 41 slides
SAILING ON AN ANALYTE RESULTS OF A CASE STUDY ON GALVANIC CELLS UNIT AT UPPER SECONDARY

SAILING ON AN ANALYTE RESULTS OF A CASE STUDY ON GALVANIC CELLS UNIT AT UPPER SECONDARY

SAILING ON AN ANALYTE RESULTS OF A CASE STUDY ON GALVANIC CELLS UNIT AT UPPER SECONDARY SCHOOL LEVEL Kinga Orwat Inquairy in Polish school In Polish curriculum: () The student acquires knowledge in a research way - observe, checks,

591 views • 16 slides
Geothermal Projects in El Salvador and its Environmental and Social Aspects Manuel Monterrosa

Geothermal Projects in El Salvador and its Environmental and Social Aspects Manuel Monterrosa

Geothermal Projects in El Salvador and its Environmental and Social Aspects Manuel Monterrosa memonterrosa@lageo.com.sv Athens, 13th September 2007 Contents Location of El Salvador Briefly history of LaGeo and the geothermal

415 views • 25 slides
Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been an art Experiences and Lessons Learned Resolution of the clock with a Portable Interface to Issues about cache effects Hardware Performance

594 views • 5 slides
XOTcl an Object-Oriented Scripting Language Gustaf Neumann Uwe Zdun Department of

XOTcl an Object-Oriented Scripting Language Gustaf Neumann Uwe Zdun Department of

XOTcl an Object-Oriented Scripting Language Gustaf Neumann Uwe Zdun Department of Information Systems Specification of Software Systems Vienna University of Economics University of Essen Vienna, Austria Essen, Germany

509 views • 17 slides
2019 For Years 11 & 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the

2019 For Years 11 & 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the

BYOd at Tully SHS 2019 For Years 11 & 12 in 2019 BYOd Bring Your Own device Why BYOd? To sustain the success of the Tully SHS 1:1 mobile devices policy in years 11 & 12. This policy has allowed each senior student to have a mobile

202 views • 16 slides
Faster Binary Curve Software: A Case Study NordSec 2015, Stockholm B. B. Brumley Department of

Faster Binary Curve Software: A Case Study NordSec 2015, Stockholm B. B. Brumley Department of

Faster Binary Curve Software: A Case Study NordSec 2015, Stockholm B. B. Brumley Department of Pervasive Computing Tampere University of Technology, Finland billy.brumley AT tut.fi 20 Oct 2015 1 / 14 Elliptic curves over binary fields Fix m

602 views • 14 slides

More recommend