implement remote signing

[nicolasburtey]

It's possible to "segregate" lnd in 2, where one lnd have all the states, and another lnd will just be signer. more info here.

This would allow to have the signer in a different cluster/environement, with more stringent access.

Also, maybe this provide the ability for a "kill switch", just by removing network to the signer lnd.

Note: lnd 15 seems to have a regression on this (at the time of wallet creation only), so better to test with lnd 14.3 or wait for a patch lnd 15.1

[openoms]

Remote signing on bare metal is working now on mainnet and signet using LND v0.15.3, but depends on lightningnetwork/lnd#7056 to avoid scanning the full chain on wallet creation.

[nicolasburtey]

how long does it take on signet and mainnet?

[openoms]

On mainnet it is multiple hours (~2days on my test RPi4) due to scanning from the genesis (not even the first SegWit block).

On signet it is minutes because the chain is much shorter and there are only a few transactions.

Update:
in my local kubernetes dev setup on a server it took 90 minutes scan the signet chain from genesis. It is 113k blocks vs 2377k on testnet.

[openoms]

Update:
LND v0.15.5 contained the remote-signer related fixes

Running on signet:
lnd-watchonly on a self-hosted RPi: https://mempool.space/signet/lightning/node/02d7c8cded614491747d601acb7434161c1b3e676b23988fc6e23f4112cd927362

the remote-signer is hosted on a VPS and connecting over a Tailscale (wireguard) VPN.

Related PRs in this repo:

• remove lndmon:
  chore: remove lndmon, test lnd_api_endpoint and lnd_p2p_endpoint #2139
• move loop to a standalone chart:
  chore: move loop to a standalone chart #2163
• duplicate the lnd chart to an lnd-segregated chart in which:
  • run either the lnd-signer or lnd-watchonly config
  • connect to loop
  • remove the postgres backend related code
    feat: segregate lnd to watchonly and signer (prepare for remote signing) #1581