1c5154cfcf
9730be9282a96ee32305384fcf8749a21acf1f6f joinmarket-yieldgenerator: simplify start script (Erik Arvstedt)
179b86d19c0ef4a8f60b38874d3fb5a2bbe9469a joinmarket: allow recreating wallet from seed (Erik Arvstedt)
7c5ef32b505b6cfad8474d57bd7aa45bae831b51 versioning: move list of changes to the top (Erik Arvstedt)
b15d71605e549eaeddd3094ac54eedbb566b7e33 joinmarket: fix leaking passwords (Erik Arvstedt)
5c144533896b85d032954e9e683fb7ca25a75824 joinmarket-ob-watcher: don't assert running, assert rpc failure (nixbitcoin)
00a0759884b29eb7747022b22a93d479815990e8 joinmarket-ob-watcher: extra permissions & functionality for fidelity bonds (nixbitcoin)
d7f9e33e1c19ad3ef5035a7bad6d5ec53a6c997c joinmarket-ob-watcher: move resource files to extra dir (Erik Arvstedt)
32d0f08d77dd00510130f2582d3edc99cd46719f docs: fix usage steps numbering (nixbitcoin)
e95abf6c7ed115afa0ca9a9967d7458765503d03 joinmarket: 0.8.3 -> 0.9.1 (nixbitcoin)
Pull request description:
ACKs for top commit:
erikarvstedt:
ACK 9730be9282a96ee32305384fcf8749a21acf1f6f
Tree-SHA512: b6e693d3e293ad3d590479eefdb5d1e144a5d7b16c4160fc7cf4ba890a78b6e94b170c43f61a541363a17dddc3cf4441917270e23ece643b7cff4c0cb4581337
nix-bitcoin is a collection of Nix packages and NixOS modules for easily installing full-featured Bitcoin nodes with an emphasis on security.
Overview
A Bitcoin node verifies the Bitcoin protocol and provides ways of interacting with the Bitcoin network. nix-bitcoin nodes are used for a variety of purposes and can serve as personal or merchant wallets, second layer public infrastructure and as backends for Bitcoin applications. In all cases, the aim is to provide security and privacy by default. However, while nix-bitcoin is used in production today, it is still considered experimental.
A full installation of nix-bitcoin is usually deployed either on a dedicated (virtual) machine or runs in a container and is online 24/7. Alternatively, the Nix packages, NixOS modules and configurations can be used independently and combined freely.
nix-bitcoin is built on top of Nix and NixOS which provide powerful abstractions to keep it highly customizable and maintainable. Testament to this are nix-bitcoin's robust security features and its potent test framework. However, running nix-bitcoin does not require any previous experience with the Nix ecosystem.
Examples
See here for examples.
Features
A configuration preset for setting up a secure node
- All applications use Tor for outbound connections and support accepting inbound connections via onion services.
NixOS modules
- Application services
- bitcoind, with a default banlist against spy nodes
- clightning with support for announcing an onion service
Available plugins:- clboss: automated C-Lightning Node Manager
- helpme: walks you through setting up a fresh c-lightning node
- monitor: helps you analyze the health of your peers and channels
- prometheus: lightning node exporter for the prometheus timeseries server
- rebalance: keeps your channels balanced
- summary: print a nice summary of the node status
- zmq: publishes notifications via ZeroMQ to configured endpoints
- lnd with support for announcing an onion service
- Lightning Loop
- Lightning Pool
- charge-lnd: policy-based channel fee manager
- lndconnect via a REST onion service
- spark-wallet
- electrs
- btcpayserver
- liquid
- JoinMarket
- recurring-donations: for periodic lightning payments
- bitcoin-core-hwi
- Helper
- netns-isolation: isolates applications on the network-level via network namespaces
- nodeinfo: script which prints info about the node's services
- backups: duplicity backups of all your node's important files
- operator: adds non-root user
operatorwho has access to client tools (e.g.bitcoin-cli,lightning-cli)
Security
- Simplicity: Only services you select in
configuration.nixand their dependencies are installed, packages and dependencies are pinned, support for doas (sudo alternative), most packages are built from the NixOS stable channel, with a few exceptions that are built from the nixpkgs unstable channel, builds happen in a sandboxed environment, code is continuously reviewed and refined. - Integrity: Nix package manager, NixOS and packages can be built from source to reduce reliance on binary caches, nix-bitcoin merge commits are signed, all commits are approved by multiple nix-bitcoin developers, upstream packages are cryptographically verified where possible, we use this software ourselves.
- Principle of Least Privilege: Services operate with least privileges; they each have their own user and are restricted further with systemd options, RPC whitelisting, and netns-isolation. There's a non-root user operator to interact with the various services.
- Defense-in-depth: nix-bitcoin is built with a hardened kernel by default, services are confined through discretionary access control, Linux namespaces, dbus firewall and seccomp-bpf with continuous improvements.
Note that if the machine you're deploying from is insecure, there is nothing nix-bitcoin can do to protect itself.
Docs
Troubleshooting
If you are having problems with nix-bitcoin check the FAQ or submit an issue.
There's also a #nix-bitcoin IRC channel on libera.
We are always happy to help.