nix bitcoin
play

nix-bitcoin robust Lightning nodes for hackers - PowerPoint PPT Presentation

Oct 02, 2023 •106 likes •411 views

nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01 @n1ckler A smart home A Bitcoin node A lonely datacenter Robustness Do you trust binaries from some cache or do you build from source? Do

  1. nix-bitcoin robust Lightning nodes for hackers github.com/fort-nix/nix-bitcoin 2019-06-01 @n1ckler

  2. A smart home

  3. A Bitcoin node

  4. A lonely datacenter

  6. Robustness ● Do you trust binaries from some cache or do you build from source? ● Do you always check signatures? ● Do you isolate services and give least privileges? ● Do you minimize dependencies? ● Do you use a hardened kernel? ● Is your setup reproducible? ● Goal: want to do that once and for all

  7. nix-bitcoin nix tools nix-bitcoin configuration (text files) Bitcoin/Lightning/etc. node

  8. Deployment ● Need something like: 4GB memory, CPU: Intel celeron, enough space ● There’s a tutorial for deploying virtual box in README.md ● Need machine to deploy from (right now x86 linux) ● $ git clone https://github.com/fort-nix/nix-bitcoin.git

  9. “for hackers”: configuration.nix FIXMEs { config, pkgs, ... }: { imports = [ ./modules/nix-bitcoin.nix # FIXME : Uncomment next line to import your hardware configuration. #./hardware-configuration.nix ]; services.nix-bitcoin.enable = true; # FIXME : Define your hostname. networking.hostName = "nix-bitcoin"; # FIXME : add packages you need in your system environment.systemPackages = with pkgs; [ vim ]; services.clightning.enable = true; # services.spark-wallet.enable = true; # services.liquid-daemon.enable = true;

  10. nix-bitcoin modules ● bitcoind with reasonable default config (Tor-only, banlist) ● clightning with reasonable default config (Tor-only, not listening) ● spark-wallet ● recurring-donations ● bitcoin-core hardware wallet integration (HWI) works with major hardware wallets ○ ● liquid-daemon ● lightning charge & nanopos ● electrs (usable with electrum mobile app) ssh hidden service ● ● non-root user "operator"

  12. nodeinfo [operator@nix-bitcoin:~]$ nodeinfo BITCOIND_ONION=k7joisjlx5fjg77xcemqg6c5cprmslwhbcjuswlpdqwlvgvm6hp3j3yd.onion CLIGHTNING_NODEID=0339984228019b57db117d1cbaec31df115098d6a08d192cc CLIGHTNING_ONION=bsxeb3ucczmicamu6sec56bfal5cle2mwbnp5fgxeebpkxmefzahvtad.onion CLIGHTNING_ID=0339984228019b57db117d1cbaec31df115098d6a08d192ccb9d702 LIQUIDD_ONION=qacupjhgo52otzer7r6pmfqe6lwuwqi5m2fj4bzvra7iiyd7ap662xad.onion SPARKWALLET_ONION=http://rljtbxx33aew2ggokl3dfuiziwikmzyvjbsztpiogsn ELECTRS_ONION=fnguvt2rbzst5onvigwmv6vfarjqumsfd7yjva2x3fgqkphof3y4esqd.onion SSHD_ONION=pox7b2cmajfevrik6kwyqpvz2k6tpflbyzhbxb5zt6i7golivthmegqd.onion

  13. c-lightning + spark wallet + Android app + Orbot + Bitcoin Austrian [root@nix-bitcoin:/var/lib/bitcoind]# journalctl -eu spark-wallet Running /nix/store/hsy6797wclb2wv6nyk6sz1hnq789235k-node-spark-wallet-0.2.5/bin/spark-wallet --ln-path /var/lib/clightning -Q -k -c /secrets/spark-wallet-login --public-u> Connected to c-lightning v0.7.0 with id 0339984228019b57db117d1cbaec31df115098d6a08d192ccb9d70274a4e823d95 on network bitcoin at /var/lib/clightning/lightning-rpc Access key for remote API access: f8ufvzUnUu7mWY6EZQqonTXKalWfeIJTe89TmIUaRA HTTP server running on http://rljtbxx33aew2ggokl3dfuiziwikmzyvjbsztpiogsngqrycew6g2sid.onion Scan QR to pair with HTTP server: ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ █ ▄▄▄▄▄ █████▀▄▄███▀█▀▀███████ ██▀█ ▄▄▄▄▄ █ █ █ █ █▀█ ▀▀█ █ ▀ ▄▄ ▄▀ ▀ █▄▀▄█ █ █ █ █ █ █▄▄▄█ █▄▄ ▀▀▀ ▄▀▀▄▀ ▀█▀█ ▄ ▀█▄ █ █▄▄▄█ █ █▄▄▄▄▄▄▄█▄▀ ▀ █ ▀ █▄█ █▄█ █ ▀ █▄█ █▄▄▄▄▄▄▄█ █ ▄▀▀█▄▄▄█ ▄▀█ █▀ ▀▀██ █▄ █▄▄▀█▀█▀ ▀▀██ ██▀ ▀█ ▄█▀▀▀█▀ ▄ █▄▀ ▄▀▀ ▄▄▄▀▄▀█▄▀▄██▀█ ▀█ █▀▄▀▄█▄▄▄▀ ▄▀▄█▄▄ █▀ ▀███ █▄▀██ ▀█ ▄▀▀▀▀▀█ ██▄▄ ▀▀▄ ██▀█▀▄▀▄ ▄▀███▀█▄██▄▄▄ █▀█▀▄▀ █▀█ █▀▄ ▀▄ ▄█ █ ▀▄▄ ▄▀▀▀▀▄▀█▄ ▀▀ ▀ ▀█▀▀▀█▄█▀█ ██▄ ▀▄▄▄ ▄ ▄▄ ▄▀▄▀▄█▄█▄█▄▀ ██ █ ▀ ▄▄▄▄ █ █▀▀█▄█▀▄▀▄█ ▄▄██▄█▄▀▄▄▄▄▄█▀▄ ███▀ ██ ▀▄ ▀▄█ █ ▄█▀█▀▄▀▄▀█ ▄▄▀ █▄█▀███▀▄▄█ ▄█▀▀▄▀▄▀ ████ ███▀ ▄▀▀██▀▄▀█ ▀█▀ █▀▀▄▀█ ██▀ █▀ ▀▄▀▄▀█ █▀▀█▄▀█▄▀▀█▄▀█ ███▀█▄▀▀▄▀▄███▀ ▀▀█▀█ ▀██ █ ▀█ █▄▄█▀▀█▄▀▀▄▄ █▀█▀█▄ ▄▀ ▀▄▄▀▀▀▀▀ ▀█▄█ █ █ ▄▀▄▀ ▄▄▀██▄▀▄ ▄█▄▄▄██ █▄ ▄▀██▄▀▄█▀ ▀██▄█ █▄█▄▄▄█▄█ █ ▀▄▄ █ █ ▄█▄ ▄▄▄ █ ▀ ▄▄▄ ▀▄█▄█ █ ▄▄▄▄▄ █ ▄▀▄█▀▄▄█▄█▀█▄█▀█▀ ▄▄▀▄ █▄█ ▄▄▀██ █ █ █ ██ ▄█▄▄ ▀ ▄█▄ ▀█▀▄█▀▀▀ █▄▄ ▄ ▄▄█ ▀█ █ █▄▄▄█ █▀▀▄ ▄█ ▄▄▄ █▄█▀█▀▄▄▄▄▄█▀▄█▄ ▄ █▀█ █▄▄▄▄▄▄▄█▄▄▄▄▄▄█▄▄▄██▄█▄█▄▄▄▄█▄█████▄██▄███ [NOTE: This QR contains your secret access key, which provides full access to your wallet.]

  14. Recurring Donations ● A module to repeatedly send lightning payments to recipients specified in the configuration. ● Very easy to do because we have full control over system (systemd timers) services.recurring-donations.enable = true; # Specify the receivers of the donations. By default donations # happen every Monday at a randomized time. services.recurring-donations.tallycoin = { "djbooth007" = 20000; "hillebrandmax" = 20000; "renepickhardt" = 20000; };

  15. Hacking on nix-bitcoin

  16. In search of a systematic approach ● Whole system config in a few text files and in version control ● Use abstractions to reduce complexity ● Reduced statefulness

  17. The Nix ecosystem ● Nix: a purely functional package manager

  18. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix

  19. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.bitcoind.port = 8333; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  20. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix ● Nixpkgs: collection of Nix packages and NixOs modules

  22. The Nix ecosystem ● Nix: a purely functional package manager ● NixOs: a Linux distribution with a declarative approach to configuration management built on top of Nix ● Nixpkgs: collection of Nix packages and NixOs modules ● NixOps: declarative tool for deploying sets of NixOS Linux machines

  23. { bitcoin-node = { config, pkgs, ... }: { deployment.targetEnv = "virtualbox"; deployment.virtualbox.memorySize = 4096; # in MB deployment.virtualbox.vcpu = 2; deployment.virtualbox.headless = true; }; } $ nixops create -d my-new-network network.nix $ nixops deploy -d my-new-network

  24. There must be a more systematic approach ● Whole system config in a few text files and in version control ● Use abstractions to reduce complexity ● Reduced statefulness ● Using Nix ○ deployment und update with single command ( nixops deploy ) ○ Reproducibilty for ease of use and security ○ uses standard linux tools under the hood ○ simple functional, typed language

  25. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.bitcoind.port = 8333; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  26. { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; services.bitcoind.enable = true; services.tor.hiddenServices.bitcoind = { map = [{port = config.services.bitcoind.port;}]; }; } $ nixos-rebuild switch

  27. Customizations ● Change/uncomment nix-bitcoin options in configuration.nix ● Check available module options in modules/ and add to configuration.nix ○ For example services.bitcoind.prune = 120000; services.bitcoind.dbCache = 4000; Services.clightning.bind-addr = "127.0.0.1:9735"; ● If option is not available, open an issue in the nix-bitcoin github repo or define it yourself

Recommend

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held electronically. No one controls it.

839 views • 17 slides
Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Cryptocurrency Technologies Mechanics of Bitcoin Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin Scripts Bitcoin Blocks The Bitcoin Network Limitations and Improvements Mechanics of

695 views • 33 slides
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad scala bility

731 views • 46 slides
Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments

Cryptocurrency Technologies Bitcoin as a Platform Bitcoin as a Platform We have built Bitcoin. What can we build on top of it? Commitments Token tracking Multiparty lotteries Public randomness Prediction markets A fine stew

714 views • 38 slides
Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed

Information Propagation in the Bitcoin Network Christian Decker ETH Zurich Distributed Computing Group www.disco.ethz.ch What is Bitcoin? What is Bitcoin? + What is Bitcoin? = + Whats it worth? USD / Bitcoin exchange price 300

752 views • 48 slides
Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption &

Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption &

Cryptocurrency Technologies Bitcoin Mining Bitcoin Mining The Task of Bitcoin Miners Mining Hardware Energy Consumption & Ecology Mining Pools Mining Incentives and Strategies Recap: Bitcoin Miners Bitcoin depends on

821 views • 35 slides
Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers are not trusted: may be greedy or corrupt Each peer knows about all bitcoins and transactions Transaction (sender -> receiver): sender

958 views • 23 slides
Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers

Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers

Intro to Bitcoin Research or Why Bitcoin is a full employment act for security engineers Joseph Bonneau CITP, Princeton Thanks to Andrew Miller, Arvind Narayanan, Jeremy Clark, Joshua Kroll, Ed Felten Part I: Bitcoin in 6 easy steps

752 views • 32 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin

Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin

Regulation of Bitcoin Jerry Brito Coin Center coincenter.org Is Bitcoin regulated? Is Bitcoin regulated? The so far unregulated digital currency has courted controversy because of its volatile value and its popularity among

1.17k views • 51 slides
Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin?

Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin?

Bitcoin CS 161: Computer Security Prof. Raluca Ada Poipa April 24, 2018 What is Bitcoin? Bitcoin is a cryptocurrency: a digital currency whose rules are enforced by cryptography and not by a trusted party (e.g., bank) Core ideal: avoid

1.02k views • 36 slides
A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital currency Anyone can be part of the network Global distributed ledger called blockchain First Appearance Bitcoin: A Peer-to-Peer Electronic

4.02k views • 48 slides
Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol designed by Satoshi Nakamoto in 2008 https://bitcoin.org/bitcoin.pdf First Bitcoin client launched in 2009 Peer-to-peer no centralized

501 views • 31 slides
Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher

Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher

Privacy : Bitcoin Privacy : Bitcoin On- and Ofg-Chain On- and Ofg-Chain with Janine Janine Teacher Independent investigative journalist Research focus: Bitcoin / cryptocurrencies, information security, privacy, surveillance, and

1.3k views • 85 slides
Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am

Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am

1 Abschlussprsentation Bitcoin Arbitrage am Bitcoin-Markt 1 7 .07 .201 3 2 Agenda 1 Arbitrage 2 Arbitrage am Bitcoin-Markt 3 Verhaltensmuster Arbitrageure 4 Arbitragetools 5 Ergebnisse und Fazit Was ist Arbitrage? Arbitrage

456 views • 33 slides
Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and Blockchain Technologies Shanghai Jiao Tong University 2017 Bitcoin Bitcoin What is bitcoin and how does it work? Bitcoin What is bitcoin and how

2.08k views • 178 slides
ACTUALLY WORKS Jan Mller Mycelium How Does Bitcoin Actually Work? This talk is not about

ACTUALLY WORKS Jan Mller Mycelium How Does Bitcoin Actually Work? This talk is not about

HOW THE BITCOIN PROTOCOL ACTUALLY WORKS Jan Mller Mycelium How Does Bitcoin Actually Work? This talk is not about the political or economical impact of Bitcoin. This talk is not about how to buy, sell, spend, or secure your bitcoins.

674 views • 36 slides
Half-fast A Bitcoin Miner for the FPGA Overview Objectives and Motivation Bitcoin

Half-fast A Bitcoin Miner for the FPGA Overview Objectives and Motivation Bitcoin

Half-fast A Bitcoin Miner for the FPGA Overview Objectives and Motivation Bitcoin System Overview Hardware Software Challenges and Difficulties Lessons learned Objectives and Motivation Build a Bitcoin

229 views • 21 slides
Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed

Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed Computing Group Cryptocurrencies What is Bitcoin? = + + Technology The Bank of Bitcoin The Bank of Bitcoin User Balance A 2 B 5 C 8

1.25k views • 104 slides
Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae

Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad

797 views • 46 slides
Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical

Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical

Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical Engineering Indian Institute of Technology Bombay August 5, 2019 1 / 32 Bitcoin Transactions Bitcoin Payment Workflow 1. Request Bobs address 2.

1.17k views • 32 slides
Bitcoin Tom Anderson Admin Course evals My office hours next week are cancelled Bitcoin Goal

Bitcoin Tom Anderson Admin Course evals My office hours next week are cancelled Bitcoin Goal

Bitcoin Tom Anderson Admin Course evals My office hours next week are cancelled Bitcoin Goal Electronic money without trust $34B market value Created out of thin air, from a paper + some code Pros/cons of Cash + portable + cannot spend

749 views • 44 slides
A Proof-of-Stake protocol for consensus on Bitcoin subchains M. Bartoletti Stefano Lande A. S.

A Proof-of-Stake protocol for consensus on Bitcoin subchains M. Bartoletti Stefano Lande A. S.

A Proof-of-Stake protocol for consensus on Bitcoin subchains M. Bartoletti Stefano Lande A. S. Podda University of Cagliari, Italy Workshop on Trusted Smart Contracts, 2017 Bitcoin Bitcoin is a popular cryptocurrency that uses a blockchain to

540 views • 20 slides
On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University

On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University

On the insecurity of quantum Bitcoin mining arXiv:1804.08118 Or Sattath, Ben-Gurion University QCrypt 2018 SUMMARY The Bitcoin network will become less secure once Bitcoin miners use a quantum computer. Quantum Bitcoin mining a high

872 views • 24 slides

More recommend