Lightning Terminal v0.7.0-alpha

Release Notes

This release of Lightning Terminal (LiT) includes a number of fixed related to LNC and Terminal Web as well as the upgrade to lnd v0.15.0-beta.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.15.0-beta, Loop v0.19.1-beta, Pool v0.5.7-alpha, and Faraday v0.2.8-alpha.

NOTE that the minimum version of lnd that can be used in --lnd-mode=remote was bumped to v0.14.3-beta.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F4FC70F07310028424EFC20A8E4256593F177720

Once you have his PGP key you can verify the release (assuming manifest-v0.7.0-alpha.sig and manifest-v0.7.0-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.7.0-alpha.sig manifest-v0.7.0-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.7.0-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.7.0-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.7.0-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.7.0-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• Update broken link to walkthrough by @cryptodread in #366
• build(deps): bump eventsource from 1.1.0 to 1.1.1 in /app by @dependabot in #376
• ui+pool: disable buttons during account changes by @jamaljsr in #375
• Standalone LiT client development by @rohit-nair in #371
• deps: Upgrade react-router to v6 by @rohit-nair in #370
• deps: Upgrade storybook to v6.x by @rohit-nair in #362
• multi: add macaroon service and remove ui password use in litcli by @ellemouton in #308
• session_rpcserver: add session expiry as macaroon caveat by @ellemouton in #378
• ui+sessions: improve when expiry label displays Never by @jamaljsr in #382
• multi: re-enable LNC handshake v2, bump dependencies for lnd 0.15.0-beta release by @guggero in #358

New Contributors

• @cryptodread made their first contribution in #366
• @rohit-nair made their first contribution in #371

Full Changelog: v0.6.7-alpha...v0.7.0-alpha

Lightning Terminal v0.6.7-alpha

Release Notes

This replaces the v0.6.6-alpha version of LiT that displayed an incorrect version number. But the functionality is identical to v0.6.6-alpha which we removed to avoid confusion.

This release of Lightning Terminal (LiT) includes a bug fixed in the Pool UI that caused an error when trying to submit an order using lnd v0.14.x-beta.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.3-beta, Loop v0.18.0-beta, Pool v0.5.6-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F4FC70F07310028424EFC20A8E4256593F177720

Once you have his PGP key you can verify the release (assuming manifest-v0.6.7-alpha.sig and manifest-v0.6.7-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.7-alpha.sig manifest-v0.6.7-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.7-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.7-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.7-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.7-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• Add support for read-only macaroons by @itsrachelfish in #345
• deps: update react-scripts to v5.0.0 by @jamaljsr in #350
• ui+settings: fix Bitcoin Unit blank page by @jamaljsr in #351
• pool: determine order type based on Pool version by @jamaljsr in #337
• multi: persist remote static key for handshakev2 by @ellemouton in #344
• litcli: add app version by @ellemouton in #349
• mod+itest: bump loop and lnd dependencies by @guggero in #348

New Contributors

• @itsrachelfish made their first contribution in #345

Full Changelog: v0.6.5-alpha...v0.6.7-alpha

Lightning Terminal v0.6.5-alpha

Release Notes

This release of Lightning Terminal (LiT) includes a bug fixed in Pool that caused sidecar channels not to be matched properly.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.2-beta, Loop v0.15.1-beta, Pool v0.5.5-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.5-alpha.sig and manifest-v0.6.5-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.5-alpha.sig manifest-v0.6.5-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.5-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.5-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.5-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.5-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• cmd/litcli: change default session expiry to 3 months by @guggero in #334
• deps: bump pool to v0.5.5-alpha by @positiveblue in #340

New Contributors

• @positiveblue made their first contribution in #340

Full Changelog: v0.6.4-alpha...v0.6.5-alpha

Lightning Terminal v0.6.4-alpha

Release Notes

This release of Lightning Terminal (LiT) includes a bug fixed in Lightning Node Connect that caused an issue when connecting to Terminal Web.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.2-beta, Loop v0.15.1-beta, Pool v0.5.4-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.4-alpha.sig and manifest-v0.6.4-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.4-alpha.sig manifest-v0.6.4-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.4-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.4-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.4-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.4-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• Support super macaroon in remote lnd mode by @guggero in #319
• Fix loop/pool over LNC in remote lnd mode, add version string by @guggero in #331

Full Changelog: v0.6.3-alpha...v0.6.4-alpha

Lightning Terminal v0.6.3-alpha

Release Notes

This release of Lightning Terminal (LiT) includes an update to Lightning Node Connect that improves connection speed and reliability.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.2-beta, Loop v0.15.1-beta, Pool v0.5.4-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.3-alpha.sig and manifest-v0.6.3-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.3-alpha.sig manifest-v0.6.3-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.3-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.3-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.3-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.3-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• build(deps): bump nanoid from 3.1.23 to 3.2.0 in /app by @dependabot in #316
• multi: revoke expired sessions by @ellemouton in #300
• session: add 2 min mailbox ping by @ellemouton in #320
• itest: add integration tests for integrated and remote modes by @guggero in #294
• multi: readonly and admin macaroon session by @ellemouton in #292
• mod: bump lnc to version with fixed int overflow by @guggero in #325

Full Changelog: v0.6.2-alpha...v0.6.3-alpha

Lightning Terminal v0.6.2-alpha

Release Notes

This release of Lightning Terminal (LiT) includes an update to the integrated pool package and some bug fixes to the UI which should cause loop out swaps to fail less often.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.1-beta, Loop v0.15.1-beta, Pool v0.5.4-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.2-alpha.sig and manifest-v0.6.2-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.2-alpha.sig manifest-v0.6.2-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.2-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.2-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.2-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.2-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Changelog (auto-generated)

What's Changed

• ui+nav: fix Lightning Node Connect link with custom path by @jamaljsr in #301
• docs: Match and pass /litrpc.* locations in nginx by @dongcarl in #306
• pool: display lease durations as human readable times by @jamaljsr in #298
• loop: increase maximum miner fee to reduce swap failures by @jamaljsr in #309
• build(deps): bump shelljs from 0.8.4 to 0.8.5 in /app by @dependabot in #311
• build(deps): bump follow-redirects from 1.14.1 to 1.14.7 in /app by @dependabot in #312
• build(deps): bump tar from 6.1.0 to 6.1.11 in /app by @dependabot in #313
• build(deps): bump url-parse from 1.5.1 to 1.5.4 in /app by @dependabot in #314
• mod+app: bump Pool version to v0.5.4-alpha, prepare for release 0.6.2 by @guggero in #310

New Contributors

• @dongcarl made their first contribution in #306

Full Changelog: v0.6.1-alpha...v0.6.2-alpha

Lightning Terminal v0.6.1-alpha

This release fixes a security issue in the litd binary. The issue affects the litd binary, but not the recently released Lightning Node Connect, or the new Lightning Terminal. We strongly recommend that all users update

Release Notes

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.1-beta, Loop v0.15.1-beta, Pool v0.5.2-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.1-alpha.sig and manifest-v0.6.1-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.1-alpha.sig manifest-v0.6.1-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.1-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.1-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.1-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.1-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Contributors (Alphabetical Order)

Jamal James
Oliver Gugger

Lightning Terminal v0.6.0-alpha

Release Notes

This release of Lightning Terminal (LiT) includes an update to all packaged components. It also introduces the stateless integrated mode where no unencrypted macaroon data is created on disk.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.14.1-beta, Loop v0.15.1-beta, Pool v0.5.2-alpha, and Faraday v0.2.7-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.6.0-alpha.sig and manifest-v0.6.0-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.6.0-alpha.sig manifest-v0.6.0-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Do 25 Nov 2021 10:41:18 CET
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]
Primary key fingerprint: F4FC 70F0 7310 0284 24EF  C20A 8E42 5659 3F17 7720

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.6.0-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.6.0-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.6.0-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.6.0-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Contributors (Alphabetical Order)

Elle Mouton
Jamal James
Olaoluwa Osuntokun
Oliver Gugger
Turtle

Lightning Terminal v0.5.2-alpha

Release Notes

This release of Lightning Terminal (LiT) includes an update to the integrated lnd mode to now package lnd v0.13.3-beta

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.13.3-beta, Loop v0.14.1-beta, Pool v0.5.1-alpha, and Faraday v0.2.6-alpha.

Installation and configuration instructions can be found in the README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import roasbeefG's key from keybase:

curl https://keybase.io/roasbeef/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.5.2-alpha.sig and manifest-v0.5.2-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.5.2-alpha.sig manifest-v0.5.2-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Oct  6 15:28:39 2021 PDT
gpg:                using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.5.2-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.5.2-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.5.2-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.5.2-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Contributors (Alphabetical Order)

Olaoluwa Osuntokun

Lightning Terminal v0.5.1-alpha

Release Notes

This release of Lightning Terminal (LiT) includes some minor bug fixes.

We'll be continuously working to improve the user experience based on feedback from the community.

This release packages LND v0.13.0-beta, Loop v0.14.1-beta, Pool v0.5.1-alpha, and Faraday v0.2.6-alpha.

Installation and configuration instructions can be found in the README.

Changelog

1. Fix logging and default macaroon path issue.
2. Pool UI: add UI for registering a sidecar ticket.
3. Pool UI: display fee estimates in the order form.
4. Update frontend dependencies: #224 and #248.
5. Use docker to generate proto files.
6. Use JS strings for uint64 gRPC fields to avoid rounding or collision errors.
7. Add MIT license.
8. Increase default connection timeouts to lnd.
9. Update compatibility matrix in README.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import guggero's key from keybase:

curl https://keybase.io/guggero/pgp_keys.asc | gpg --import

Once you have his PGP key you can verify the release (assuming manifest-v0.5.1-alpha.sig and manifest-v0.5.1-alpha.txt are in the current directory) with:

gpg --verify manifest-v0.5.1-alpha.sig manifest-v0.5.1-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Mi 29 Jul 2020 14:59:19 CEST
gpg:                using RSA key 6E01EEC9656903B0542B8F1003DB6322267C373B
gpg: Good signature from "Oliver Gugger <[email protected]>" [ultimate]

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.5.1-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.5.1-alpha

Verifying the Release Timestamp

From this new version onwards we'll also now timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-v0.5.1-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-v0.5.1-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Contributors (Alphabetical Order)

Graham Krizek
Jamal James
Oliver Gugger