lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lamassu:8cd38f6305b3ef6d514bbc67de28a84a2baf8dca
Branches Tags
lamassu:v11.0-aio-dev
...
compare: lamassu:78840f115f52f41c51da60d8c07f17959816a6f6
Branches Tags
lamassu:v11.0-aio-dev

10 commits
8cd38f6305 ... 78840f115f

Author SHA1 Message Date
padreug
78840f115f fix: correct LNBits newFunding return format for funding page 
Updates the newFunding function to return the expected interface:
- fundingPendingBalance: BN(0) for Lightning Network
- fundingConfirmedBalance: actual wallet balance as BN object
- fundingAddress: bolt11 invoice for funding

This fixes the TypeError "Cannot read properties of undefined (reading
'minus')"
that occurred when accessing the funding page in the admin UI.
 2025-10-12 14:24:29 +02:00
padreug
c58e4e330c fix: update LNBits payment request handling 
- Changed the response handling in the newAddress function to return the bolt11 invoice instead of the payment request.
- Updated error message to reflect the change in response structure from LNBits.
 2025-10-12 14:24:29 +02:00
padreug
7ebd809abc feat: implement LNURL payment handling in LNBits plugin 
- Added a new function to handle LNURL payments, allowing users to send payments via LNURL addresses.
- Integrated LNURL payment processing into the existing sendCoins function, enhancing the wallet's capabilities for Lightning Network transactions.
 2025-10-12 14:24:29 +02:00
padreug
31f1208046 feat: add bolt11 library for Lightning Network invoice handling 
- Included the bolt11 library in the server package to facilitate the creation and parsing of Lightning Network invoices.
 2025-10-12 14:24:29 +02:00
padreug
ee625a91e9 feat: integrate LNBits wallet schema and configuration 
- Added LNBits wallet schema to the admin UI, including validation and input components.
- Updated the services index to include LNBits in the available wallet options.
- Enhanced the wallet selection component to handle LNBits configuration input.
 2025-10-12 14:24:29 +02:00
padreug
0f64df1d69 refactor: update LNBits migration to use configuration object 
- Replaced SQL statements with a configuration object for LNBits settings, enhancing code clarity and maintainability.
- Simplified the migration process by utilizing the saveConfig function for applying configurations.
- Marked the down migration as a no-op to prevent breaking existing configurations.
 2025-10-12 14:24:29 +02:00
padreug
abe45c49f1 refactor: streamline LNBits migration SQL statements 
- Updated the migration script for LNBits configuration to use an array for SQL statements, improving readability and maintainability.
- Consolidated the insertion and deletion operations for user configuration related to LNBits and Lightning Network wallet options.
 2025-10-12 14:24:29 +02:00
padreug
67f62169d1 chore: add placeholder migration files for previously applied migrations 
- Introduced placeholder migration files to satisfy the migration system for various compliance triggers and machine groups.
- Each file includes no-op functions for both 'up' and 'down' migrations, indicating that the migrations were already applied to the database.
 2025-10-12 14:24:29 +02:00
padreug
fc761844b7 feat: add LNBits wallet plugin integration 
- Introduced LNBits as a Lightning Network wallet provider for Lamassu ATMs.
- Added configuration options for LNBits in the environment variables.
- Implemented core functionalities including invoice creation, payment processing, balance monitoring, and payment status tracking.
- Created unit tests for the LNBits plugin to ensure functionality and error handling.
- Updated development environment setup to include LNBits configuration.
 2025-10-12 14:24:29 +02:00
padreug
2f0cc901eb miscellaneous files 2025-10-12 14:24:29 +02:00
23 changed files with 2331 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

86
CLAUDE.md Normal file
View file

@ -0,0 +1,86 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Project Overview
This is a Bitcoin ATM server implementation built as a monorepo with three main packages:
1. **packages/server** - Node.js backend with Express, GraphQL, PostgreSQL
2. **packages/admin-ui** - React frontend with Material-UI
3. **packages/typesafe-db** - TypeScript database layer using Kysely
## Common Commands
### Development Setup
- `pnpm install` - Install dependencies (Node.js 22+ required)
- `bash packages/server/tools/cert-gen.sh` - Generate SSL certificates
- `node packages/server/bin/lamassu-migrate` - Run database migrations
- `node packages/server/bin/lamassu-register admin@example.com superuser` - Create admin user
### Development
- `pnpm run dev` - Start development servers (both admin UI and server)
- `pnpm run build` - Build all packages using Turbo
- `pnpm run test` - Run tests
### TypeScript/Database
- `cd packages/typesafe-db && npm run generate-types` - Generate database types
- `cd packages/typesafe-db && npm run build` - Build TypeScript database layer
### Individual Package Commands
- Server: `npm run dev` in packages/server (runs both server and admin-server with --watch)
- Admin UI: `npm run dev` in packages/admin-ui (Vite dev server)
## Architecture
**Monorepo Structure**: Uses Turbo for build orchestration and PNPM workspaces.
### packages/server
- **bin/** - CLI tools and executables (lamassu-migrate, lamassu-register, etc.)
- **lib/** - Core business logic
- **blockchain/** - Cryptocurrency handling (bitcoin, ethereum, etc.)
- **cash-in/**, **cash-out/** - Transaction processing
- **compliance/** - KYC/AML and sanctions checking
- **new-admin/** - GraphQL API and admin server
- **plugins/** - Exchange, wallet, and service integrations
- **routes/** - Express API endpoints
- **migrations/** - Database schema migrations
- Express server with GraphQL API, PostgreSQL database
### packages/admin-ui
- React app built with Vite
- **src/pages/** - Main application screens
- **src/components/** - Reusable UI components
- Material-UI design system
- Apollo Client for GraphQL
### packages/typesafe-db
- Kysely for type-safe SQL queries
- Auto-generates TypeScript types from PostgreSQL schema
- Shared database layer across packages
## Key Configuration
### Environment Setup
- PostgreSQL database required
- Environment variables configured in `packages/server/.env`
- SSL certificates generated via `cert-gen.sh`
### Build System
- **turbo.json** - Defines build pipeline and caching
- **pnpm-workspace.yaml** - Workspace package definitions
- **eslint.config.mjs** - ESLint configuration with React, TypeScript, Vitest rules
- Husky pre-commit hooks with lint-staged for code quality
### Database
- PostgreSQL with extensive migration system
- Critical data: transactions, customers, machines, compliance records
- Use typesafe-db package for database operations
## Development Guidelines
### Code Quality
- TypeScript for database operations via typesafe-db package
- Follow existing patterns in GraphQL resolvers and Express routes
- Test database changes with migrations before deployment
- ESLint + Prettier enforced via pre-commit hooks

169
misc-aio/BTC_NODE_WALLET_CONFIGURATION.md Normal file
View file

@ -0,0 +1,169 @@
# Bitcoin Node and Wallet Configuration Guide
## Overview
The Lamassu server uses environment variables `BTC_NODE_LOCATION` and `BTC_WALLET_LOCATION` to control how it interacts with Bitcoin infrastructure. These variables determine whether Bitcoin node and wallet operations run locally or connect to remote services.
## Configuration Values
Both variables accept two values:
- **`local`** - Run Bitcoin Core node/wallet on the same server as Lamassu
- **`remote`** - Connect to external Bitcoin Core node/wallet services
## Valid Configuration Combinations
### 1. Local Node + Local Wallet ✅
```bash
BTC_NODE_LOCATION=local
BTC_WALLET_LOCATION=local
```
- **Use case**: Full local Bitcoin Core setup
- **Requirements**: Sufficient storage for blockchain, bandwidth for sync
- **Security**: Maximum control and security
### 2. Remote Node + Remote Wallet ✅
```bash
BTC_NODE_LOCATION=remote
BTC_WALLET_LOCATION=remote
```
- **Use case**: Fully hosted Bitcoin infrastructure
- **Requirements**: All remote connection variables (see below)
- **Security**: Depends on remote service trust
### 3. Remote Node + Local Wallet ✅
```bash
BTC_NODE_LOCATION=remote
BTC_WALLET_LOCATION=local
```
- **Use case**: Use remote blockchain data with local key management
- **Requirements**: Remote node connection variables
- **Security**: Local key control, remote blockchain dependency
### 4. Local Node + Remote Wallet ❌
```bash
BTC_NODE_LOCATION=local
BTC_WALLET_LOCATION=remote
```
- **Status**: **FORBIDDEN** by Lamassu validation
- **Error**: "It's not possible to use a remote wallet without using a remote node!"
- **Reason**: Remote wallet services need their own blockchain access
## Required Environment Variables
### For Remote Node Configurations
When `BTC_NODE_LOCATION=remote`:
```bash
BTC_NODE_HOST=<remote-node-ip>
BTC_NODE_PORT=<p2p-port> # Usually 8333 for mainnet, 18333 for testnet
```
### For Remote Wallet Configurations
When `BTC_WALLET_LOCATION=remote`:
```bash
BTC_NODE_RPC_HOST=<rpc-host>
BTC_NODE_RPC_PORT=<rpc-port> # Usually 8332 for mainnet, 18332 for testnet
BTC_NODE_USER=<rpc-username>
BTC_NODE_PASSWORD=<rpc-password>
```
## Environment Setup Scripts
### Development Environment
File: `packages/server/tools/build-dev-env.js`
```javascript
BTC_NODE_LOCATION=remote // Avoid full blockchain sync
BTC_WALLET_LOCATION=local // Local testing
```
### Production Environment
File: `packages/server/tools/build-prod-env.js`
```javascript
BTC_NODE_LOCATION=local // Full control
BTC_WALLET_LOCATION=local // Maximum security
```
## Validation Logic
The configuration is validated in `packages/server/lib/blockchain/install.js`:
```javascript
function isEnvironmentValid(crypto) {
// Prevent remote wallet + local node
if (isRemoteWallet(crypto) && !isRemoteNode(crypto))
throw new Error(
`Invalid environment setup for ${crypto.display}: It's not possible to use a remote wallet without using a remote node!`
)
// Validate required variables for each configuration...
}
```
### Logic Breakdown
For `BTC_NODE_LOCATION=remote` + `BTC_WALLET_LOCATION=local`:
- `isRemoteWallet(crypto)``false` (wallet is local)
- `!isRemoteNode(crypto)``false` (node is remote, so `!remote` = `false`)
- `false && false``false` (validation passes)
## Bitcoin Core Configuration Impact
The variables affect the generated `bitcoin.conf`:
### Local Node Configuration
```conf
rpcuser=lamassuserver
rpcpassword=<generated>
server=1
rpcport=8333
bind=0.0.0.0:8332
```
### Remote Node Configuration
```conf
rpcuser=lamassuserver
rpcpassword=<generated>
server=1
rpcport=8333
bind=0.0.0.0:8332
connect=<BTC_NODE_HOST>:<BTC_NODE_PORT> # Only connect to specified peer
```
## Multi-Cryptocurrency Support
The same pattern applies to all supported cryptocurrencies:
- `BCH_NODE_LOCATION` / `BCH_WALLET_LOCATION`
- `LTC_NODE_LOCATION` / `LTC_WALLET_LOCATION`
- `DASH_NODE_LOCATION` / `DASH_WALLET_LOCATION`
- `ZEC_NODE_LOCATION` / `ZEC_WALLET_LOCATION`
- `XMR_NODE_LOCATION` / `XMR_WALLET_LOCATION`
## Bitcoin Core Compatibility
These configurations align with standard Bitcoin Core functionality:
- **Local Node + Local Wallet**: Standard `bitcoind` with wallet enabled
- **Remote Node + Remote Wallet**: Client connecting to remote Bitcoin Core RPC
- **Remote Node + Local Wallet**: Local wallet connecting to remote node via RPC
The restriction on "Local Node + Remote Wallet" is a Lamassu design choice, not a Bitcoin protocol limitation.
## Security Considerations
| Configuration | Storage | Bandwidth | Security | Trust |
|--------------|---------|-----------|----------|-------|
| Local + Local | High | High | Maximum | Self |
| Remote + Remote | Low | Low | Depends on service | Remote service |
| Remote + Local | Low | Medium | Keys local, blockchain remote | Remote node |
| Local + Remote | High | High | ❌ Not allowed | N/A |
## Troubleshooting
### Common Errors
1. **"Environment variable BTC_NODE_LOCATION is not set!"**
- Solution: Set the required environment variable
2. **"It's not possible to use a remote wallet without using a remote node!"**
- Solution: Use a valid configuration combination
3. **Missing RPC connection variables**
- Solution: Set all required variables for remote configurations

543
misc-aio/LIGHTNING_NETWORK_ANALYSIS.md Normal file
View file

@ -0,0 +1,543 @@
# Lamassu Lightning Network Integration Analysis
## Overview
This document provides a comprehensive technical analysis of how the Lamassu Bitcoin ATM server integrates with the Lightning Network to process Bitcoin Lightning transactions. The analysis covers the complete flow from hardware interaction to Lightning invoice creation and payment processing.
## Lightning Network Architecture
Lamassu implements Lightning Network support through the **Galoy wallet plugin**, which acts as a Lightning service provider rather than running a local Lightning node.
**Key Architecture Decision**: Despite the presence of a `LIGHTNING_NETWORK_DAEMON` environment variable, Lightning functionality is actually handled via **Galoy's hosted GraphQL API**, not a local Lightning daemon.
### Core Components
- **Transaction Coordinator**: Routes Lightning transactions through the cash-in/cash-out pipeline
- **Galoy Wallet Plugin**: Interfaces with Galoy's Lightning infrastructure via GraphQL
- **Invoice Management**: Creates, monitors, and processes Lightning invoices
- **Payment Probing**: Tests Lightning payment routes and limits
## Lightning Invoice Creation Flow
When a customer wants to purchase $100 of Bitcoin Lightning, the following sequence occurs:
### 1. Machine Initiates Transaction Request
The ATM machine sends a POST request to the server:
```http
POST /tx
Content-Type: application/json
{
"direction": "cashIn",
"cryptoCode": "LN",
"fiat": 10000,
"cryptoAtoms": "546448",
"isLightning": true,
"deviceId": "<machine-id>",
"txVersion": 1
}
```
**Parameters Explained**:
- `fiat`: Amount in cents ($100.00 = 10000 cents)
- `cryptoAtoms`: Equivalent amount in satoshis
- `cryptoCode`: "LN" indicates Lightning Network
- `isLightning`: Boolean flag for Lightning transactions
### 2. Server Processing Pipeline
#### Route Handler
**File**: `packages/server/lib/routes/txRoutes.js:13-49`
```javascript
function postTx(req, res, next) {
const pi = plugins(req.settings, req.deviceId)
return Tx.post(_.set('deviceId', req.deviceId, req.body), pi)
.then(tx => res.json(tx))
.catch(next)
}
```
#### Transaction Coordinator
**File**: `packages/server/lib/tx.js:13-18`
```javascript
function process(tx, pi) {
const mtx = massage(tx)
if (mtx.direction === 'cashIn') return CashInTx.post(mtx, pi) // Lightning routing
if (mtx.direction === 'cashOut') return CashOutTx.post(mtx, pi)
return Promise.reject(new Error('No such tx direction: ' + mtx.direction))
}
```
#### Cash-In Handler
**File**: `packages/server/lib/cash-in/cash-in-tx.js:154-155`
```javascript
return pi
.newAddress(r.tx) // Creates Lightning invoice
.then(txObj => {
// Process the invoice response
if (txObj.batched) {
return txBatching.addUnconfirmedTx(r.tx)
}
// Handle immediate processing
})
```
### 3. Lightning Invoice Generation
#### Plugin System Routing
**File**: `packages/server/lib/plugins.js:427-437`
```javascript
function newAddress(tx) {
const info = {
cryptoCode: tx.cryptoCode, // "LN"
label: 'TX ' + Date.now(),
hdIndex: tx.hdIndex,
cryptoAtoms: tx.cryptoAtoms, // Amount in satoshis
isLightning: tx.isLightning // true
}
return wallet.newAddress(settings, info, tx) // Calls Galoy plugin
}
```
#### Galoy Lightning Plugin
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:310-320`
```javascript
function newAddress(account, info, tx) {
const { cryptoAtoms, cryptoCode } = tx
return checkCryptoCode(cryptoCode).then(() =>
newInvoice(
account.walletId,
cryptoAtoms, // Amount in satoshis
account.apiSecret,
account.endpoint,
),
)
}
```
### 4. Galoy GraphQL Lightning Invoice Creation
#### Invoice Creation Function
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:279-298`
```javascript
function newInvoice(walletId, cryptoAtoms, token, endpoint) {
const createInvoice = {
operationName: 'lnInvoiceCreate',
query: `mutation lnInvoiceCreate($input: LnInvoiceCreateInput!) {
lnInvoiceCreate(input: $input) {
errors {
message
path
}
invoice {
paymentRequest // Lightning invoice string
}
}
}`,
variables: {
input: {
walletId,
amount: cryptoAtoms.toString()
}
}
}
return request(createInvoice, token, endpoint).then(result => {
return result.data.lnInvoiceCreate.invoice.paymentRequest // Returns "lnbc..."
})
}
```
#### GraphQL Request Handler
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:10-28`
```javascript
function request(graphqlQuery, token, endpoint) {
const headers = {
'content-type': 'application/json',
'X-API-KEY': token,
}
return axios({
method: 'post',
url: endpoint,
headers: headers,
data: graphqlQuery,
})
.then(r => {
if (r.error) throw r.error
return r.data
})
}
```
### 5. Response to Machine
The server returns the Lightning invoice to the ATM machine:
```json
{
"id": "tx-uuid-12345",
"toAddress": "lnbc5464480n1pn2s...", // Lightning invoice
"layer2Address": null,
"cryptoCode": "LN",
"direction": "cashIn",
"fiat": 10000,
"cryptoAtoms": "546448",
"status": "authorized"
}
```
## Complete Machine-Server Interaction Flow
```
[ATM Machine] [Lamassu Server] [Galoy API]
│ │ │
│ 1. POST /tx │ │
│ {direction:"cashIn", LN, $100}│ │
├──────────────────────────────►│ │
│ │ 2. Process transaction │
│ │ - Route to cash-in │
│ │ - Extract amount & type │
│ │ │
│ │ 3. GraphQL newInvoice │
│ ├───────────────────────────►│
│ │ lnInvoiceCreate mutation │
│ │ │
│ │ 4. Lightning invoice │
│ │◄───────────────────────────┤
│ │ "lnbc5464480n1..." │
│ │ │
│ 5. Transaction response │ │
│ {toAddress: "lnbc..."} │ │
│◄──────────────────────────────┤ │
│ │ │
│ 6. Display QR code to user │ │
│ Show Lightning invoice │ │
│ │ │
│ 7. Poll for payment status │ │
│ GET /tx/:id?status=confirmed │ │
├──────────────────────────────►│ │
│ │ 8. Check invoice status │
│ ├───────────────────────────►│
│ │ lnInvoicePaymentStatus │
│ │ │
│ │ 9. Payment status │
│ │◄───────────────────────────┤
│ 10. Confirmation response │ "PAID" or "PENDING" │
│ {status: "confirmed"} │ │
│◄──────────────────────────────┤ │
│ │ │
│ 11. Dispense cash to user │ │
```
## Lightning Payment Detection and Processing
### Address Type Detection
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:94-100`
```javascript
function isLnInvoice(address) {
return address.toLowerCase().startsWith('lnbc') // Lightning mainnet invoices
}
function isLnurl(address) {
return address.toLowerCase().startsWith('lnurl') // Lightning URL format
}
```
### Payment Status Monitoring
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:322-339`
```javascript
function getInvoiceStatus(token, endpoint, address) {
const query = {
operationName: 'lnInvoicePaymentStatus',
query: `query lnInvoicePaymentStatus($input: LnInvoicePaymentStatusInput!) {
lnInvoicePaymentStatus(input: $input) {
status // Returns "PENDING" or "PAID"
}
}`,
variables: { input: { paymentRequest: address } }
}
return request(query, token, endpoint)
.then(r => r?.data?.lnInvoicePaymentStatus?.status)
.catch(err => {
throw new Error(err)
})
}
```
### Status Polling Implementation
The machine continuously polls the server to check if the Lightning payment has been received:
**Route**: `/tx/:id?status=confirmed`
**Handler**: `packages/server/lib/routes/txRoutes.js:51-65`
```javascript
function getTx(req, res, next) {
if (req.query.status) {
return helpers
.fetchStatusTx(req.params.id, req.query.status)
.then(r => res.json(r))
.catch(err => {
if (err.name === 'HTTPError') {
return res.status(err.code).send(err.message)
}
next(err)
})
}
return next(httpError('Not Found', 404))
}
```
## Lightning Transaction Capabilities
### Supported Operations
1. **Invoice Creation** (`newAddress`)
- Generates Lightning invoices for incoming payments
- Specifies exact amount in satoshis
- Returns BOLT11 payment request string
2. **Payment Sending** (`sendCoins`)
- Pays existing Lightning invoices
- Handles both amount-specified and no-amount invoices
- Supports LNURL payments
3. **Status Checking** (`getStatus`)
- Monitors payment confirmation status
- Provides real-time payment updates
- Handles payment timeouts and failures
4. **Balance Queries** (`balance`)
- Checks Lightning wallet balance
- Returns available satoshi amounts
- Accounts for pending transactions
5. **Payment Probing** (`probeLN`)
- Tests Lightning payment routes
- Validates payment feasibility
- Determines supported amounts
### Payment Route Probing
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:244-254`
```javascript
function probeLN(account, cryptoCode, invoice) {
const probeHardLimits = [200000, 1000000, 2000000] // Test limits in satoshis
const promises = probeHardLimits.map(limit => {
return sendProbeRequest(
account.walletId,
invoice,
limit,
account.apiSecret,
account.endpoint,
).then(r => _.isEmpty(r.errors)) // Check if amount is routable
})
return Promise.all(promises) // Return array of supported limits
}
```
**Probe Request Implementation**:
```javascript
function sendProbeRequest(walletId, invoice, cryptoAtoms, token, endpoint) {
const sendProbeNoAmount = {
operationName: 'lnNoAmountInvoiceFeeProbe',
query: `mutation lnNoAmountInvoiceFeeProbe($input: LnNoAmountInvoiceFeeProbeInput!) {
lnNoAmountInvoiceFeeProbe(input: $input) {
amount
errors {
message
path
}
}
}`,
variables: {
input: {
paymentRequest: invoice,
walletId,
amount: cryptoAtoms.toString(),
},
},
}
return request(sendProbeNoAmount, token, endpoint)
}
```
## Lightning Cash-Out (Payment) Flow
For outgoing Lightning payments (when user wants to send Lightning Bitcoin):
### Payment Processing
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:196-242`
```javascript
function sendCoins(account, tx) {
const { toAddress, cryptoAtoms, cryptoCode } = tx
return checkCryptoCode(cryptoCode)
.then(() => {
if (isLnInvoice(toAddress)) {
return sendFundsLN(
account.walletId,
toAddress, // Lightning invoice to pay
cryptoAtoms,
account.apiSecret,
account.endpoint,
)
}
if (isLnurl(toAddress)) {
return sendFundsLNURL(
account.walletId,
toAddress, // LNURL to pay
cryptoAtoms,
account.apiSecret,
account.endpoint,
)
}
// Handle on-chain addresses
return sendFundsOnChain(...)
})
}
```
### Lightning Payment Execution
```javascript
function sendFundsLN(walletId, invoice, cryptoAtoms, token, endpoint) {
const sendLnNoAmount = {
operationName: 'lnNoAmountInvoicePaymentSend',
query: `mutation lnNoAmountInvoicePaymentSend($input: LnNoAmountInvoicePaymentInput!) {
lnNoAmountInvoicePaymentSend(input: $input) {
errors {
message
path
}
status // Payment result status
}
}`,
variables: {
input: {
paymentRequest: invoice,
walletId,
amount: cryptoAtoms.toString(),
},
},
}
return request(sendLnNoAmount, token, endpoint)
}
```
## Configuration and Environment
### Environment Variables
**File**: `packages/server/.sample.env:38`
```bash
LIGHTNING_NETWORK_DAEMON=
```
**Note**: This variable exists but is not used. Lightning functionality is provided through Galoy's API configuration in the admin interface.
### Galoy Account Configuration
Required configuration parameters for Galoy integration:
- `walletId`: Galoy wallet identifier
- `apiSecret`: Authentication token for Galoy API
- `endpoint`: Galoy GraphQL API endpoint URL
### Supported Cryptocurrency Codes
**File**: `packages/server/lib/plugins/wallet/galoy/galoy.js:5-6`
```javascript
const NAME = 'LN'
const SUPPORTED_COINS = ['LN']
```
## Error Handling and Edge Cases
### Lightning-Specific Error Handling
1. **Invoice Validation**
- Validates Lightning invoice format (starts with "lnbc")
- Checks invoice expiration
- Verifies payment request integrity
2. **Payment Routing Failures**
- Handles insufficient Lightning liquidity
- Manages routing failures
- Provides fallback mechanisms
3. **Network Connectivity Issues**
- Implements retry logic for Galoy API calls
- Handles temporary network failures
- Maintains transaction state during outages
### Transaction State Management
Lightning transactions follow these states:
- `pending`: Invoice created, awaiting payment
- `authorized`: Payment detected but not confirmed
- `confirmed`: Payment fully confirmed
- `expired`: Invoice expired without payment
- `failed`: Payment attempt failed
## Security Considerations
### API Security
- All Galoy API requests use authenticated connections
- API keys are securely stored and transmitted
- GraphQL queries are parameterized to prevent injection
### Lightning Network Security
- Invoices have built-in expiration times
- Payment amounts are validated before processing
- Route probing prevents overpayment attempts
### Transaction Integrity
- Database transactions ensure atomicity
- Serializable isolation prevents race conditions
- Transaction versioning prevents double-processing
## Performance Characteristics
### Lightning Advantages
- **Instant Payments**: Lightning payments confirm in seconds
- **Low Fees**: Minimal network fees compared to on-chain
- **Scalability**: High transaction throughput capability
### System Performance
- **GraphQL Efficiency**: Single API calls for complex operations
- **Caching**: Invoice status results cached for performance
- **Batching**: Multiple probe requests processed in parallel
### Monitoring and Observability
- Transaction logs include Lightning-specific metadata
- Payment routing information tracked for debugging
- API response times monitored for performance optimization
## Conclusion
The Lamassu Lightning Network integration provides a complete solution for instant Bitcoin transactions through ATMs. By leveraging Galoy's hosted Lightning infrastructure, the system achieves the benefits of Lightning Network payments without the operational complexity of running local Lightning nodes.
Key strengths of this implementation:
- **Reliable Infrastructure**: Galoy provides enterprise-grade Lightning services
- **Simple Integration**: GraphQL API provides clean, documented interfaces
- **Real-time Processing**: Instant payment detection and confirmation
- **Comprehensive Features**: Supports full Lightning payment lifecycle
- **Robust Error Handling**: Graceful failure modes and recovery mechanisms
This architecture enables Lamassu ATMs to offer Lightning Network functionality while maintaining the reliability and security required for financial hardware deployment.

95
misc-aio/LNBITS_CONFIG_CLARIFICATION.md Normal file
View file

@ -0,0 +1,95 @@
# LNBits Configuration Clarification
## Key Finding: walletId is NOT Required
After reviewing the LNBits codebase, we can confirm that **walletId is not necessary** for the Lamassu-LNBits integration because **the adminKey is already wallet-specific**.
## Evidence from LNBits Source Code
### 1. Wallet Model Structure
```python
# packages/lnbits/lnbits/core/models/wallets.py
class Wallet(BaseModel):
id: str
user: str
name: str
adminkey: str # Each wallet has unique adminkey
inkey: str # Each wallet has unique inkey
```
### 2. Key-to-Wallet Lookup
```sql
-- packages/lnbits/lnbits/core/crud/wallets.py:194
SELECT *, COALESCE((
SELECT balance FROM balances WHERE wallet_id = wallets.id
), 0)
AS balance_msat FROM wallets
WHERE (adminkey = :key OR inkey = :key) AND deleted = false
```
**Key Point**: LNBits looks up wallets directly by the adminkey/inkey - no walletId parameter needed.
### 3. Authentication Flow
```python
# packages/lnbits/lnbits/decorators.py:94
wallet = await get_wallet_for_key(key_value)
```
The authentication system uses only the key to identify and authorize access to the specific wallet.
### 4. Unique Key Generation
```python
# packages/lnbits/lnbits/core/crud/wallets.py:24-25
adminkey=uuid4().hex, # Unique UUID for each wallet
inkey=uuid4().hex, # Unique UUID for each wallet
```
Each wallet gets unique keys generated as UUIDs, ensuring 1:1 key-to-wallet relationship.
## Impact on Lamassu Integration
### Simplified Configuration
**Before (Incorrect Assumption)**:
```javascript
const config = {
endpoint: 'https://lnbits.example.com',
adminKey: 'abc123...',
walletId: 'wallet_xyz' // ❌ Not needed!
}
```
**After (Correct Implementation)**:
```javascript
const config = {
endpoint: 'https://lnbits.example.com',
adminKey: 'abc123...' // ✅ Admin key identifies wallet
}
```
### API Calls Simplified
All LNBits API calls use the adminKey in the `X-API-KEY` header, which automatically identifies the target wallet:
```javascript
// Create invoice - no walletId needed
POST /api/v1/payments
Headers: { 'X-API-KEY': 'abc123...' }
Body: { "out": false, "amount": 1000, "memo": "Purchase" }
// Check balance - no walletId needed
GET /api/v1/wallet
Headers: { 'X-API-KEY': 'abc123...' }
```
## Updated Migration Benefits
1. **Fewer Configuration Parameters** - Reduces setup complexity
2. **Eliminates Mismatch Errors** - No risk of wrong walletId/adminKey pairs
3. **Consistent with LNBits Design** - Follows intended architecture
4. **Simpler Admin UI** - Fewer fields in configuration forms
5. **Reduced Validation Logic** - Less error-prone configuration
## Conclusion
The walletId parameter should be **removed from the LNBits integration plan**. The adminKey serves as both authentication credential and wallet identifier, following LNBits' design principle of wallet-specific API keys.

555
misc-aio/LNBITS_REPLACEMENT_PLAN.md Normal file
View file

@ -0,0 +1,555 @@
# LNBits API Integration Plan
## Overview
This document outlines the complete plan to replace the current Galoy (Blink API) Lightning Network integration with LNBits API in the Lamassu Bitcoin ATM server.
## Current State Analysis
### Galoy Plugin Structure
- **Location**: `packages/server/lib/plugins/wallet/galoy/galoy.js`
- **API Type**: GraphQL mutations and queries
- **Authentication**: API secret token via `X-API-KEY` header
- **Core Functions**:
- `newInvoice()` - Create Lightning invoices
- `getInvoiceStatus()` - Check payment status
- `sendCoins()` - Pay Lightning invoices
- `balance()` - Check wallet balance
- `probeLN()` - Test payment routes
### LNBits API Structure
- **API Type**: RESTful API with JSON responses
- **Authentication**: Admin/Invoice keys via `X-API-KEY` header
- **Endpoint**: `POST /api/v1/payments` (universal endpoint)
- **Documentation**: Available at `/docs` endpoint
## API Mapping
### 1. Invoice Creation
**Current Galoy**:
```javascript
// GraphQL Mutation
const createInvoice = {
operationName: 'lnInvoiceCreate',
query: `mutation lnInvoiceCreate($input: LnInvoiceCreateInput!) {
lnInvoiceCreate(input: $input) {
errors { message path }
invoice { paymentRequest }
}
}`,
variables: { input: { walletId, amount: cryptoAtoms.toString() } }
}
```
**LNBits Equivalent**:
```javascript
// REST API Call
POST /api/v1/payments
{
"out": false,
"amount": cryptoAtoms,
"unit": "sat",
"memo": `Lamassu ATM Purchase - ${Date.now()}`,
"webhook": "https://your-server.com/webhook/lnbits"
}
```
### 2. Payment Status Check
**Current Galoy**:
```javascript
const query = {
operationName: 'lnInvoicePaymentStatus',
query: `query lnInvoicePaymentStatus($input: LnInvoicePaymentStatusInput!) {
lnInvoicePaymentStatus(input: $input) {
status
}
}`,
variables: { input: { paymentRequest: address } }
}
```
**LNBits Equivalent**:
```javascript
// REST API Call
GET /api/v1/payments/{payment_hash}
// Returns: { "paid": true/false, "amount": satoshis, "fee": fee_amount }
```
### 3. Outgoing Payments
**Current Galoy**:
```javascript
const sendLnNoAmount = {
operationName: 'lnNoAmountInvoicePaymentSend',
query: `mutation lnNoAmountInvoicePaymentSend($input: LnNoAmountInvoicePaymentInput!) {
lnNoAmountInvoicePaymentSend(input: $input) {
errors { message path }
status
}
}`,
variables: { input: { paymentRequest: invoice, walletId, amount: cryptoAtoms.toString() } }
}
```
**LNBits Equivalent**:
```javascript
// REST API Call
POST /api/v1/payments
{
"out": true,
"bolt11": "lnbc...",
"amount": cryptoAtoms // For zero-amount invoices
}
```
### 4. Balance Inquiry
**Current Galoy**:
```javascript
const balanceQuery = {
operationName: 'me',
query: `query me {
me {
defaultAccount {
wallets {
walletCurrency
balance
}
}
}
}`
}
```
**LNBits Equivalent**:
```javascript
// REST API Call
GET /api/v1/wallet
// Returns: { "name": "wallet_name", "balance": balance_msat }
```
## Implementation Strategy
### Phase 1: Create LNBits Plugin
**File**: `packages/server/lib/plugins/wallet/lnbits/lnbits.js`
```javascript
const axios = require('axios')
const { URL } = require('url')
const BN = require('../../../bn')
const NAME = 'LNBits'
const SUPPORTED_COINS = ['LN']
// Configuration validation
function validateConfig(account) {
const required = ['endpoint', 'adminKey'] // No walletId needed
for (const field of required) {
if (!account[field]) {
throw new Error(`LNBits configuration missing: ${field}`)
}
}
}
// HTTP request wrapper
async function request(endpoint, method = 'GET', data = null, apiKey) {
const config = {
method,
url: endpoint,
headers: {
'Content-Type': 'application/json',
'X-API-KEY': apiKey
}
}
if (data) config.data = data
try {
const response = await axios(config)
return response.data
} catch (error) {
throw new Error(`LNBits API Error: ${error.response?.data?.detail || error.message}`)
}
}
// Create Lightning invoice
async function newAddress(account, info, tx) {
validateConfig(account)
const { cryptoAtoms } = tx
const invoiceData = {
out: false,
amount: parseInt(cryptoAtoms.toString()),
unit: 'sat',
memo: `Lamassu ATM Purchase - ${Date.now()}`,
expiry: 3600 // 1 hour expiration
}
const endpoint = `${account.endpoint}/api/v1/payments`
const result = await request(endpoint, 'POST', invoiceData, account.adminKey)
return result.payment_request // Returns BOLT11 invoice string
}
// Check payment status
async function getStatus(account, tx) {
validateConfig(account)
const { toAddress } = tx
// Extract payment hash from BOLT11 invoice
const paymentHash = extractPaymentHash(toAddress)
const endpoint = `${account.endpoint}/api/v1/payments/${paymentHash}`
const result = await request(endpoint, 'GET', null, account.adminKey)
return { status: result.paid ? 'confirmed' : 'pending' }
}
// Send Lightning payment
async function sendCoins(account, tx) {
validateConfig(account)
const { toAddress, cryptoAtoms } = tx
const paymentData = {
out: true,
bolt11: toAddress,
amount: parseInt(cryptoAtoms.toString()) // For zero-amount invoices
}
const endpoint = `${account.endpoint}/api/v1/payments`
const result = await request(endpoint, 'POST', paymentData, account.adminKey)
return {
txid: result.payment_hash,
fee: result.fee || 0
}
}
// Get wallet balance
async function balance(account) {
validateConfig(account)
const endpoint = `${account.endpoint}/api/v1/wallet`
const result = await request(endpoint, 'GET', null, account.adminKey)
return new BN(Math.floor(result.balance / 1000)) // Convert msat to sat
}
// Payment route probing
async function probeLN(account, cryptoCode, invoice) {
validateConfig(account)
// Decode invoice to get payment info
const endpoint = `${account.endpoint}/api/v1/payments/decode`
const decodeData = { data: invoice }
const result = await request(endpoint, 'POST', decodeData, account.adminKey)
// Test different amounts for route feasibility
const limits = [200000, 1000000, 2000000]
return limits.map(limit => result.amount_msat <= limit * 1000)
}
// Utility functions
function extractPaymentHash(bolt11) {
// Use bolt11 decoder library to extract payment hash
const decoded = require('bolt11').decode(bolt11)
return decoded.paymentHash
}
function checkCryptoCode(cryptoCode) {
if (!SUPPORTED_COINS.includes(cryptoCode)) {
throw new Error(`Unsupported crypto: ${cryptoCode}`)
}
return Promise.resolve()
}
module.exports = {
NAME,
balance,
sendCoins,
newAddress,
getStatus,
probeLN,
isLnInvoice: (address) => address.toLowerCase().startsWith('lnbc'),
cryptoNetwork: () => 'main'
}
```
### Phase 2: Configuration Changes
#### Admin UI Configuration Panel
**File**: `packages/admin-ui/src/pages/Wallet/LNBitsConfig.jsx`
```javascript
const LNBitsConfig = () => {
const [config, setConfig] = useState({
endpoint: '',
adminKey: '' // Admin key is wallet-specific, no walletId needed
})
const fields = [
{
name: 'endpoint',
label: 'LNBits Server URL',
placeholder: 'https://your-lnbits.com'
},
{
name: 'adminKey',
label: 'Admin API Key',
type: 'password',
help: 'Wallet-specific key for all operations (no separate walletId needed)'
}
]
return <WalletConfigForm fields={fields} config={config} />
}
```
#### Database Schema Updates
**Migration File**: `packages/server/migrations/xxx-add-lnbits-config.js`
```javascript
const up = `
INSERT INTO user_config (name, display_name, data_type, config_type, secret)
VALUES
('lnbitsEndpoint', 'LNBits Server URL', 'string', 'wallets', false),
('lnbitsAdminKey', 'LNBits Admin Key', 'string', 'wallets', true);
-- Note: No lnbitsWalletId needed - adminKey is wallet-specific
`
```
### Phase 3: Integration Points
#### Plugin Registration
**File**: `packages/server/lib/plugins/wallet/lnbits/index.js`
```javascript
const lnbits = require('./lnbits')
module.exports = {
LNBits: lnbits
}
```
**File**: `packages/server/lib/plugins/wallet/index.js` (update)
```javascript
module.exports = {
// ... existing plugins
LNBits: require('./lnbits')
}
```
#### Environment Variables
**File**: `packages/server/.sample.env` (add)
```bash
# LNBits Configuration
LNBITS_ENDPOINT=https://demo.lnbits.com
LNBITS_ADMIN_KEY=your_admin_key_here
# Note: No LNBITS_WALLET_ID needed - admin key identifies the wallet
```
### Phase 4: Testing Strategy
#### Unit Tests
**File**: `packages/server/tests/unit/test_lnbits_plugin.js`
```javascript
const test = require('tape')
const lnbits = require('../../lib/plugins/wallet/lnbits/lnbits')
const mockAccount = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key' // No walletId needed
}
test('LNBits invoice creation', async t => {
const tx = { cryptoAtoms: new BN(100000) } // 100k sats
const invoice = await lnbits.newAddress(mockAccount, { cryptoCode: 'LN' }, tx)
t.ok(invoice.startsWith('lnbc'), 'Generated valid BOLT11 invoice')
t.end()
})
test('LNBits balance check', async t => {
const balance = await lnbits.balance(mockAccount, 'LN')
t.ok(balance instanceof BN, 'Returns BigNumber balance')
t.ok(balance.gte(0), 'Balance is non-negative')
t.end()
})
```
#### Integration Tests
**File**: `packages/server/tests/integration/test_lnbits_integration.js`
```javascript
const test = require('tape')
const request = require('supertest')
const app = require('../../lib/app')
test('Full Lightning transaction flow', async t => {
// 1. Create transaction
const createTx = await request(app)
.post('/tx')
.send({
direction: 'cashIn',
cryptoCode: 'LN',
fiat: 1000, // $10
cryptoAtoms: '39216',
isLightning: true
})
t.equal(createTx.status, 200, 'Transaction created successfully')
t.ok(createTx.body.toAddress.startsWith('lnbc'), 'Valid Lightning invoice')
// 2. Check transaction status
const statusCheck = await request(app)
.get(`/tx/${createTx.body.id}?status=confirmed`)
t.equal(statusCheck.status, 200, 'Status check successful')
t.end()
})
```
### Phase 5: Deployment Strategy
#### Rollout Plan
1. **Development Environment**
- Deploy LNBits instance for testing
- Configure test wallets with small amounts
- Run comprehensive integration tests
2. **Staging Environment**
- Mirror production configuration
- Test with realistic transaction volumes
- Validate error handling and edge cases
3. **Production Migration**
- Feature flag to switch between Galoy and LNBits
- Gradual rollout to subset of machines
- Monitor transaction success rates
- Full cutover after validation
#### Configuration Migration
**File**: `packages/server/tools/migrate-galoy-to-lnbits.js`
```javascript
// Migration script to convert existing Galoy configurations
const migrateWalletConfig = async () => {
const galoyConfigs = await db.query(`
SELECT * FROM user_config
WHERE name IN ('galoyEndpoint', 'galoyApiSecret', 'galoyWalletId')
`)
// Convert to LNBits format
const lnbitsConfigs = galoyConfigs.map(config => ({
...config,
name: config.name.replace('galoy', 'lnbits'),
// Additional mapping logic
}))
// Insert new configurations
await db.query(INSERT_LNBITS_CONFIG_SQL, lnbitsConfigs)
}
```
## Migration Checklist
### Pre-Migration
- [ ] LNBits server deployed and configured
- [ ] Test wallets created with sufficient balance
- [ ] All unit tests passing
- [ ] Integration tests validated
- [ ] Staging environment fully tested
### During Migration
- [ ] Feature flag enabled for LNBits
- [ ] Monitor transaction success rates
- [ ] Validate Lightning invoice generation
- [ ] Test payment status polling
- [ ] Confirm balance reporting accuracy
### Post-Migration
- [ ] All machines successfully switched to LNBits
- [ ] Transaction monitoring shows normal patterns
- [ ] Error rates within acceptable bounds
- [ ] Remove Galoy plugin code
- [ ] Update documentation
## Key Differences & Considerations
### API Architecture
- **Galoy**: Single GraphQL endpoint with mutations/queries
- **LNBits**: RESTful endpoints with standard HTTP verbs
### Authentication
- **Galoy**: Single API secret for all operations
- **LNBits**: Wallet-specific admin key (no separate walletId needed)
### Error Handling
- **Galoy**: GraphQL errors array in response
- **LNBits**: HTTP status codes with JSON error details
### Webhook Support
- **LNBits**: Native webhook support for payment notifications
- **Galoy**: Requires polling for status updates
### Payment Hash Handling
- **LNBits**: Exposes payment hashes directly
- **Galoy**: Uses internal payment request tracking
### Key Management
- **LNBits**: Admin key is wallet-specific (1:1 relationship)
- **Galoy**: API secret can access multiple wallets within account
## Benefits of Migration
1. **Self-Hosted Control**: Run your own Lightning infrastructure
2. **Better Integration**: RESTful API easier to work with than GraphQL
3. **Enhanced Features**: Native webhook support, better payment tracking
4. **Simplified Configuration**: No separate walletId needed (admin key is wallet-specific)
5. **Cost Efficiency**: No external service fees
6. **Privacy**: Complete control over transaction data
7. **Extensibility**: Easy to add custom Lightning functionality
## Risks & Mitigation
### Technical Risks
- **API Differences**: Thorough testing and validation required
- **Payment Failures**: Comprehensive error handling needed
- **Performance Issues**: Load testing with realistic volumes
### Business Risks
- **Service Interruption**: Feature flag enables quick rollback
- **Transaction Loss**: Extensive logging and monitoring
- **Customer Impact**: Staged rollout minimizes exposure
### Mitigation Strategies
- Feature flags for safe deployment
- Comprehensive monitoring and alerting
- Automated testing pipeline
- Quick rollback procedures
- 24/7 monitoring during migration
## Success Metrics
- **Transaction Success Rate**: >99.5%
- **Payment Confirmation Time**: <30 seconds average
- **API Response Time**: <2 seconds for all endpoints
- **Error Rate**: <0.5%
- **Uptime**: >99.9%
This migration plan provides a comprehensive path from Galoy's hosted Lightning service to a self-managed LNBits infrastructure, giving Lamassu operators full control over their Lightning Network integration.

BIN
misc-aio/lightning_analysis.pdf Normal file
View file

Binary file not shown.

2
packages/admin-ui/src/pages/Services/schemas/index.js
View file

@ -11,6 +11,7 @@ import inforu from './inforu'
import infura from './infura'
import _itbit from './itbit'
import _kraken from './kraken'
import lnbits from './lnbits'
import mailgun from './mailgun'
import scorechain from './scorechain'
import sumsub from './sumsub'
@ -31,6 +32,7 @@ const schemas = (markets = {}) => {
return {
[bitgo.code]: bitgo,
[galoy.code]: galoy,
[lnbits.code]: lnbits,
[bitstamp.code]: bitstamp,
[blockcypher.code]: blockcypher,
[elliptic.code]: elliptic,

36
packages/admin-ui/src/pages/Services/schemas/lnbits.js Normal file
View file

@ -0,0 +1,36 @@
import * as Yup from 'yup'
import {
SecretInput,
TextInput,
} from '../../../components/inputs/formik'
import { secretTest } from './helper'
export default {
code: 'lnbits',
name: 'LNBits',
title: 'LNBits (Wallet)',
elements: [
{
code: 'endpoint',
display: 'LNBits Server URL',
component: TextInput,
},
{
code: 'adminKey',
display: 'Admin Key',
component: SecretInput,
},
],
getValidationSchema: account => {
return Yup.object().shape({
endpoint: Yup.string('The endpoint must be a string')
.max(200, 'The endpoint is too long')
.required('The endpoint is required'),
adminKey: Yup.string('The Admin Key must be a string')
.max(200, 'The Admin Key is too long')
.test(secretTest(account?.adminKey)),
})
},
}

15
packages/admin-ui/src/pages/Wizard/components/Wallet/ChooseWallet.jsx
View file

@ -36,7 +36,7 @@ const SAVE_ACCOUNTS = gql`
`
const isConfigurable = it =>
R.includes(it)(['infura', 'bitgo', 'trongrid', 'galoy'])
R.includes(it)(['infura', 'bitgo', 'trongrid', 'galoy', 'lnbits'])
const isLocalHosted = it =>
R.includes(it)([
@ -178,6 +178,19 @@ const ChooseWallet = ({ data: currentData, addData }) => {
/>
</>
)}
{selected === 'lnbits' && (
<>
<H4 noMargin>Enter wallet information</H4>
<FormRenderer
value={accounts.lnbits}
save={saveWallet(selected)}
elements={schema.lnbits.elements}
validationSchema={schema.lnbits.getValidationSchema(accounts.lnbits)}
buttonLabel={'Continue'}
buttonClass={classes.formButton}
/>
</>
)}
</div>
)
}

6
packages/server/.sample.env
View file

@ -37,6 +37,12 @@ HOSTNAME=
LOG_LEVEL=
LIGHTNING_NETWORK_DAEMON=
## LNBits Configuration (Lightning Network)
# LNBits server URL (e.g., https://legend.lnbits.com)
LNBITS_ENDPOINT=
# Admin key for the LNBits wallet (wallet-specific, no separate walletId needed)
LNBITS_ADMIN_KEY=
# Crypto nodes related variables
## Location info (can be local or remote)

1
packages/server/lib/new-admin/config/accounts.js
View file

@ -103,6 +103,7 @@ const ALL_ACCOUNTS = [
cryptos: [BTC, ZEC, LTC, BCH, DASH],
},
{ code: 'galoy', display: 'Galoy', class: WALLET, cryptos: [LN] },
{ code: 'lnbits', display: 'LNBits', class: WALLET, cryptos: [LN] },
{
code: 'bitstamp',
display: 'Bitstamp',

144
packages/server/lib/plugins/wallet/lnbits/README.md Normal file
View file

@ -0,0 +1,144 @@
# LNBits Wallet Plugin
This plugin integrates LNBits as a Lightning Network wallet provider for Lamassu Bitcoin ATMs.
## Features
- **Lightning Invoice Creation**: Generate BOLT11 invoices for incoming payments
- **Payment Processing**: Send Lightning payments to any BOLT11 invoice
- **Balance Monitoring**: Check wallet balance in real-time
- **Payment Status Tracking**: Monitor invoice payment status
- **Route Probing**: Test payment feasibility before attempting
- **Network Detection**: Automatic mainnet/testnet/regtest detection
## Configuration
### Required Environment Variables
```bash
LNBITS_ENDPOINT=https://your-lnbits-server.com
LNBITS_ADMIN_KEY=your_admin_key_here
```
**Important**: The admin key is wallet-specific in LNBits. No separate walletId is needed.
### Database Configuration
The plugin configuration is stored in the database and can be managed through the Lamassu admin interface.
## API Functions
### Core Functions
#### `newAddress(account, info, tx)`
Creates a new Lightning invoice for receiving payments.
**Parameters:**
- `account`: Object containing `endpoint` and `adminKey`
- `info`: Transaction info object
- `tx`: Transaction object with `cryptoAtoms` and `cryptoCode`
**Returns:** BOLT11 Lightning invoice string
#### `getStatus(account, tx)`
Checks the payment status of a Lightning invoice.
**Parameters:**
- `account`: Configuration object
- `tx`: Transaction object with `toAddress` (Lightning invoice)
**Returns:** Object with `status` field: 'confirmed', 'pending', or 'notSeen'
#### `sendCoins(account, tx)`
Sends a Lightning payment to a BOLT11 invoice.
**Parameters:**
- `account`: Configuration object
- `tx`: Transaction object with `toAddress` and optional `cryptoAtoms`
**Returns:** Object with `txid` and `fee`
#### `balance(account, cryptoCode)`
Gets the current wallet balance.
**Parameters:**
- `account`: Configuration object
- `cryptoCode`: Must be 'LN'
**Returns:** BigNumber balance in satoshis
### Utility Functions
#### `isLnInvoice(address)`
Checks if a string is a valid Lightning invoice.
#### `isLnurl(address)`
Checks if a string is a valid LNURL.
#### `probeLN(account, cryptoCode, invoice)`
Tests payment route feasibility for different amounts.
#### `cryptoNetwork(account, cryptoCode)`
Detects network type from endpoint URL.
## Error Handling
The plugin provides detailed error messages for common issues:
- **Configuration errors**: Missing endpoint or admin key
- **Network errors**: Connection timeouts or unreachable server
- **API errors**: Invalid requests or authentication failures
- **Invoice errors**: Invalid BOLT11 format or expired invoices
## Testing
Run unit tests:
```bash
npm test -- tests/unit/test_lnbits_plugin.js
```
## Migration from Galoy
This plugin replaces the Galoy (Blink) integration with the following improvements:
1. **Simpler Configuration**: Only requires endpoint and admin key
2. **RESTful API**: Easier to debug than GraphQL
3. **Self-Hosted Option**: Can run your own LNBits instance
4. **Better Error Messages**: More descriptive error handling
5. **Native Webhook Support**: Real-time payment notifications (future enhancement)
## Security Considerations
- Store the admin key securely (marked as `secret: true` in database)
- Use HTTPS endpoints in production
- Validate all Lightning invoices before processing
- Implement rate limiting for API calls (handled by LNBits)
- Monitor wallet balance and set alerts for low balance
## Troubleshooting
### Common Issues
1. **"LNBits configuration missing"**
- Ensure both `endpoint` and `adminKey` are set
- Check environment variables or database configuration
2. **"Invalid Lightning invoice"**
- Verify the invoice starts with 'lnbc', 'lntb', or 'lnbcrt'
- Check if the invoice has expired
3. **"LNBits API Error: 404"**
- Payment hash not found (invoice may not exist)
- Check if using correct endpoint URL
4. **"LNBits API Error: 401"**
- Invalid admin key
- Verify the admin key is correct and has proper permissions
## Support
For LNBits-specific issues, refer to:
- [LNBits Documentation](https://docs.lnbits.com)
- [LNBits GitHub](https://github.com/lnbits/lnbits)
For Lamassu integration issues, contact Lamassu support.

1
packages/server/lib/plugins/wallet/lnbits/index.js Normal file
View file

@ -0,0 +1 @@
module.exports = require('./lnbits')

278
packages/server/lib/plugins/wallet/lnbits/lnbits.js Normal file
View file

@ -0,0 +1,278 @@
const axios = require('axios')
const bolt11 = require('bolt11')
const _ = require('lodash/fp')
const BN = require('../../../bn')
const NAME = 'LNBits'
const SUPPORTED_COINS = ['LN']
function checkCryptoCode(cryptoCode) {
if (!SUPPORTED_COINS.includes(cryptoCode)) {
return Promise.reject(new Error(`Unsupported crypto: ${cryptoCode}`))
}
return Promise.resolve()
}
function validateConfig(account) {
const required = ['endpoint', 'adminKey']
for (const field of required) {
if (!account[field]) {
throw new Error(`LNBits configuration missing: ${field}`)
}
}
try {
new URL(account.endpoint)
} catch (error) {
throw new Error(`Invalid LNBits endpoint URL: ${account.endpoint}`)
}
}
async function request(endpoint, method = 'GET', data = null, apiKey) {
const config = {
method,
url: endpoint,
headers: {
'Content-Type': 'application/json',
'X-API-KEY': apiKey
},
timeout: 30000
}
if (data) {
config.data = data
}
try {
const response = await axios(config)
return response.data
} catch (error) {
if (error.response) {
const detail = error.response.data?.detail || error.response.statusText
throw new Error(`LNBits API Error: ${detail} (${error.response.status})`)
}
throw new Error(`LNBits Network Error: ${error.message}`)
}
}
function extractPaymentHash(bolt11Invoice) {
try {
const decoded = bolt11.decode(bolt11Invoice)
return decoded.tagsObject.payment_hash
} catch (error) {
throw new Error(`Invalid Lightning invoice: ${error.message}`)
}
}
function isLnInvoice(address) {
if (!address || typeof address !== 'string') return false
return address.toLowerCase().startsWith('lnbc') ||
address.toLowerCase().startsWith('lntb') ||
address.toLowerCase().startsWith('lnbcrt')
}
function isLnurl(address) {
if (!address || typeof address !== 'string') return false
return address.toLowerCase().startsWith('lnurl')
}
async function newAddress(account, info, tx) {
validateConfig(account)
const { cryptoAtoms, cryptoCode } = tx
await checkCryptoCode(cryptoCode)
const invoiceData = {
out: false,
amount: parseInt(cryptoAtoms.toString()),
unit: 'sat',
memo: `Lamassu ATM - ${new Date().toISOString()}`,
expiry: 3600
}
const endpoint = `${account.endpoint}/api/v1/payments`
const result = await request(endpoint, 'POST', invoiceData, account.adminKey)
if (!result.bolt11) {
throw new Error('LNBits did not return a bolt11 invoice')
}
return result.bolt11
}
async function getStatus(account, tx) {
validateConfig(account)
const { toAddress, cryptoCode } = tx
await checkCryptoCode(cryptoCode)
if (!isLnInvoice(toAddress)) {
return { status: 'notSeen' }
}
const paymentHash = extractPaymentHash(toAddress)
const endpoint = `${account.endpoint}/api/v1/payments/${paymentHash}`
try {
const result = await request(endpoint, 'GET', null, account.adminKey)
if (result.paid === true) {
return { status: 'confirmed' }
} else if (result.paid === false && result.pending === true) {
return { status: 'pending' }
} else {
return { status: 'notSeen' }
}
} catch (error) {
if (error.message.includes('404')) {
return { status: 'notSeen' }
}
throw error
}
}
async function sendLNURL(account, lnurl, cryptoAtoms) {
validateConfig(account)
const paymentData = {
lnurl: lnurl,
amount: parseInt(cryptoAtoms.toString()) * 1000, // Convert satoshis to millisatoshis
comment: `Lamassu ATM - ${new Date().toISOString()}`
}
const endpoint = `${account.endpoint}/api/v1/payments/lnurl`
const result = await request(endpoint, 'POST', paymentData, account.adminKey)
if (!result.payment_hash) {
throw new Error('LNBits LNURL payment failed: No payment hash returned')
}
return {
txid: result.payment_hash,
fee: result.fee_msat ? Math.ceil(result.fee_msat / 1000) : 0
}
}
async function sendCoins(account, tx) {
validateConfig(account)
const { toAddress, cryptoAtoms, cryptoCode } = tx
await checkCryptoCode(cryptoCode)
// Handle LNURL addresses
if (isLnurl(toAddress)) {
return sendLNURL(account, toAddress, cryptoAtoms)
}
// Handle bolt11 invoices
if (!isLnInvoice(toAddress)) {
throw new Error('Invalid Lightning address: must be bolt11 invoice or LNURL')
}
const paymentData = {
out: true,
bolt11: toAddress
}
const decoded = bolt11.decode(toAddress)
const invoiceAmount = decoded.satoshis
if (!invoiceAmount || invoiceAmount === 0) {
paymentData.amount = parseInt(cryptoAtoms.toString())
}
const endpoint = `${account.endpoint}/api/v1/payments`
const result = await request(endpoint, 'POST', paymentData, account.adminKey)
if (!result.payment_hash) {
throw new Error('LNBits payment failed: No payment hash returned')
}
return {
txid: result.payment_hash,
fee: result.fee_msat ? Math.ceil(result.fee_msat / 1000) : 0
}
}
async function balance(account, cryptoCode) {
validateConfig(account)
await checkCryptoCode(cryptoCode)
const endpoint = `${account.endpoint}/api/v1/wallet`
const result = await request(endpoint, 'GET', null, account.adminKey)
if (result.balance === undefined) {
throw new Error('LNBits did not return wallet balance')
}
const balanceSats = Math.floor(result.balance / 1000)
return new BN(balanceSats)
}
async function newFunding(account, cryptoCode) {
await checkCryptoCode(cryptoCode)
validateConfig(account)
const promises = [
balance(account, cryptoCode),
newAddress(account, { cryptoCode }, { cryptoCode, cryptoAtoms: new BN(100000) })
]
const [walletBalance, fundingAddress] = await Promise.all(promises)
return {
fundingPendingBalance: new BN(0),
fundingConfirmedBalance: walletBalance,
fundingAddress
}
}
async function probeLN(account, cryptoCode, invoice) {
validateConfig(account)
await checkCryptoCode(cryptoCode)
if (!isLnInvoice(invoice)) {
throw new Error('Invalid Lightning invoice provided for probe')
}
const endpoint = `${account.endpoint}/api/v1/payments/decode`
const decodeData = { data: invoice }
try {
const result = await request(endpoint, 'POST', decodeData, account.adminKey)
const amountSats = result.amount_msat ? Math.floor(result.amount_msat / 1000) : 0
const limits = [200000, 1000000, 2000000]
const probeResults = limits.map(limit => amountSats <= limit)
return probeResults
} catch (error) {
console.error('LNBits probe error:', error.message)
return [false, false, false]
}
}
function cryptoNetwork(account, cryptoCode) {
const endpoint = account.endpoint || ''
if (endpoint.includes('testnet') || endpoint.includes('test')) {
return 'test'
}
if (endpoint.includes('regtest') || endpoint.includes('local')) {
return 'regtest'
}
return 'main'
}
module.exports = {
NAME,
balance,
sendCoins,
newAddress,
getStatus,
newFunding,
probeLN,
cryptoNetwork,
isLnInvoice,
isLnurl
}

12
packages/server/migrations/1749551637988-relational-compliance-triggers.js Normal file
View file

@ -0,0 +1,12 @@
// This migration was already applied to the database
// This is a placeholder file to satisfy the migration system
exports.up = function (next) {
// Migration already applied - no-op
next()
}
exports.down = function (next) {
// No-op
next()
}

17
packages/server/migrations/1750000000000-add-lnbits-config.js Normal file
View file

@ -0,0 +1,17 @@
const { saveConfig } = require('../lib/new-settings-loader')
exports.up = function (next) {
const config = {
'lnbits_endpoint': '',
'lnbits_adminKey': '',
'LN_wallet': 'lnbits'
}
saveConfig(config).then(next).catch(next)
}
exports.down = function (next) {
// No-op - removing config entries is not typically done in down migrations
// as it could break existing configurations
next()
}

12
packages/server/migrations/1751291688761-add-machine-groups.js Normal file
View file

@ -0,0 +1,12 @@
// This migration was already applied to the database
// This is a placeholder file to satisfy the migration system
exports.up = function (next) {
// Migration already applied - no-op
next()
}
exports.down = function (next) {
// No-op
next()
}

12
packages/server/migrations/1752141860742-compliance-triggers-sets.js Normal file
View file

@ -0,0 +1,12 @@
// This migration was already applied to the database
// This is a placeholder file to satisfy the migration system
exports.up = function (next) {
// Migration already applied - no-op
next()
}
exports.down = function (next) {
// No-op
next()
}

12
packages/server/migrations/1752599801402-add-coupon-fk-to-txs.js Normal file
View file

@ -0,0 +1,12 @@
// This migration was already applied to the database
// This is a placeholder file to satisfy the migration system
exports.up = function (next) {
// Migration already applied - no-op
next()
}
exports.down = function (next) {
// No-op
next()
}

12
packages/server/migrations/1753351586476-machine-groups-with-compliance-trigger-sets.js Normal file
View file

@ -0,0 +1,12 @@
// This migration was already applied to the database
// This is a placeholder file to satisfy the migration system
exports.up = function (next) {
// Migration already applied - no-op
next()
}
exports.down = function (next) {
// No-op
next()
}

1
packages/server/package.json
View file

@ -32,6 +32,7 @@
"bchaddrjs": "^0.3.0",
"bignumber.js": "9.0.1",
"bip39": "^2.3.1",
"bolt11": "^1.4.1",
"ccxt": "2.9.16",
"compression": "^1.7.4",
"connect-pg-simple": "^6.2.1",

257
packages/server/tests/unit/test_lnbits_plugin.js Normal file
View file

@ -0,0 +1,257 @@
const test = require('tape')
const sinon = require('sinon')
const axios = require('axios')
const BN = require('../../lib/bn')
// Mock the module before requiring the plugin
const lnbits = require('../../lib/plugins/wallet/lnbits/lnbits')
test('LNBits plugin - configuration validation', t => {
t.plan(3)
const validAccount = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key_123'
}
const invalidAccount1 = {
endpoint: 'https://demo.lnbits.com'
// Missing adminKey
}
const invalidAccount2 = {
adminKey: 'test_admin_key_123'
// Missing endpoint
}
// Valid config should not throw
t.doesNotThrow(() => {
lnbits.balance(validAccount, 'LN').catch(() => {})
}, 'Valid configuration passes validation')
// Missing adminKey should throw
lnbits.balance(invalidAccount1, 'LN').catch(err => {
t.ok(err.message.includes('LNBits configuration missing: adminKey'),
'Missing adminKey throws appropriate error')
})
// Missing endpoint should throw
lnbits.balance(invalidAccount2, 'LN').catch(err => {
t.ok(err.message.includes('LNBits configuration missing: endpoint'),
'Missing endpoint throws appropriate error')
})
})
test('LNBits plugin - crypto code validation', t => {
t.plan(2)
const account = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key'
}
// Valid crypto code
lnbits.balance(account, 'LN').catch(() => {
// Expected to fail at API call, not validation
})
t.pass('LN crypto code is accepted')
// Invalid crypto code
lnbits.balance(account, 'BTC').catch(err => {
t.ok(err.message.includes('Unsupported crypto'),
'Invalid crypto code throws appropriate error')
})
})
test('LNBits plugin - invoice detection', t => {
t.plan(6)
// Valid Lightning invoices
t.ok(lnbits.isLnInvoice('lnbc100n1p0example'), 'Detects mainnet Lightning invoice')
t.ok(lnbits.isLnInvoice('lntb100n1p0example'), 'Detects testnet Lightning invoice')
t.ok(lnbits.isLnInvoice('lnbcrt100n1p0example'), 'Detects regtest Lightning invoice')
// Invalid invoices
t.notOk(lnbits.isLnInvoice('bc1qexample'), 'Rejects Bitcoin address')
t.notOk(lnbits.isLnInvoice('lnurl1234'), 'Rejects LNURL')
t.notOk(lnbits.isLnInvoice(''), 'Rejects empty string')
})
test('LNBits plugin - LNURL detection', t => {
t.plan(3)
t.ok(lnbits.isLnurl('lnurl1dp68gurn8ghj7um9'), 'Detects LNURL')
t.notOk(lnbits.isLnurl('lnbc100n1p0example'), 'Rejects Lightning invoice')
t.notOk(lnbits.isLnurl(''), 'Rejects empty string')
})
test('LNBits plugin - network detection', t => {
t.plan(4)
const mainnetAccount = {
endpoint: 'https://lnbits.com',
adminKey: 'test'
}
const testnetAccount = {
endpoint: 'https://testnet.lnbits.com',
adminKey: 'test'
}
const regtestAccount = {
endpoint: 'http://localhost:5000',
adminKey: 'test'
}
const testAccount = {
endpoint: 'https://test.lnbits.com',
adminKey: 'test'
}
t.equal(lnbits.cryptoNetwork(mainnetAccount, 'LN'), 'main', 'Detects mainnet')
t.equal(lnbits.cryptoNetwork(testnetAccount, 'LN'), 'test', 'Detects testnet')
t.equal(lnbits.cryptoNetwork(regtestAccount, 'LN'), 'regtest', 'Detects regtest/local')
t.equal(lnbits.cryptoNetwork(testAccount, 'LN'), 'test', 'Detects test environment')
})
test('LNBits plugin - newAddress creates invoice', async t => {
t.plan(3)
const account = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key'
}
const tx = {
cryptoAtoms: new BN('100000'),
cryptoCode: 'LN'
}
const info = {
cryptoCode: 'LN'
}
// Mock the axios request
const stub = sinon.stub(axios, 'request')
stub.resolves({
data: {
payment_request: 'lnbc1000n1p0example',
payment_hash: 'abc123'
}
})
try {
const invoice = await lnbits.newAddress(account, info, tx)
t.equal(invoice, 'lnbc1000n1p0example', 'Returns Lightning invoice')
t.ok(stub.calledOnce, 'Makes one API request')
const callArgs = stub.firstCall.args[0]
t.equal(callArgs.data.amount, 100000, 'Sends correct amount in satoshis')
} catch (err) {
t.fail(`Unexpected error: ${err.message}`)
} finally {
stub.restore()
}
})
test('LNBits plugin - balance returns BN', async t => {
t.plan(2)
const account = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key'
}
// Mock the axios request
const stub = sinon.stub(axios, 'request')
stub.resolves({
data: {
balance: 500000000, // 500000 sats in millisats
name: 'Test Wallet'
}
})
try {
const balance = await lnbits.balance(account, 'LN')
t.ok(balance instanceof BN, 'Returns BigNumber instance')
t.equal(balance.toString(), '500000', 'Converts millisats to sats correctly')
} catch (err) {
t.fail(`Unexpected error: ${err.message}`)
} finally {
stub.restore()
}
})
test('LNBits plugin - getStatus checks payment', async t => {
t.plan(3)
const account = {
endpoint: 'https://demo.lnbits.com',
adminKey: 'test_admin_key'
}
const paidTx = {
toAddress: 'lnbc1000n1p3q7vlpp5example',
cryptoCode: 'LN'
}
// Mock bolt11 decode
const bolt11 = require('bolt11')
const decodeStub = sinon.stub(bolt11, 'decode')
decodeStub.returns({
tagsObject: {
payment_hash: 'abc123'
}
})
// Mock axios for paid invoice
const axiosStub = sinon.stub(axios, 'request')
axiosStub.onFirstCall().resolves({
data: {
paid: true,
amount: 1000
}
})
try {
const status = await lnbits.getStatus(account, paidTx)
t.equal(status.status, 'confirmed', 'Returns confirmed for paid invoice')
} catch (err) {
t.fail(`Unexpected error: ${err.message}`)
}
// Test pending invoice
axiosStub.onSecondCall().resolves({
data: {
paid: false,
pending: true
}
})
try {
const status = await lnbits.getStatus(account, paidTx)
t.equal(status.status, 'pending', 'Returns pending for unpaid but pending invoice')
} catch (err) {
t.fail(`Unexpected error: ${err.message}`)
}
// Test not found invoice
axiosStub.onThirdCall().rejects({
response: {
status: 404,
data: { detail: 'Payment not found' }
}
})
try {
const status = await lnbits.getStatus(account, paidTx)
t.equal(status.status, 'notSeen', 'Returns notSeen for not found invoice')
} catch (err) {
t.fail(`Unexpected error: ${err.message}`)
} finally {
decodeStub.restore()
axiosStub.restore()
}
})

94
packages/server/tools/build-dev-env.js
View file

@ -1,38 +1,76 @@
#!/usr/bin/env node
const fs = require('fs')
const path = require('path')
const setEnvVariable = require('./set-env-var')
const envPath = path.resolve(__dirname, '../.env')
const sampleEnvPath = path.resolve(__dirname, '../.sample.env')
fs.copyFileSync(
path.resolve(__dirname, '../.sample.env'),
path.resolve(__dirname, '../.env'),
)
// Check if .env already exists
if (fs.existsSync(envPath)) {
console.log('.env file already exists. To rebuild, delete it first.')
process.exit(0)
}
setEnvVariable('NODE_ENV', 'development')
// Copy sample env
const sampleContent = fs.readFileSync(sampleEnvPath, 'utf8')
setEnvVariable('POSTGRES_USER', 'postgres')
setEnvVariable('POSTGRES_PASSWORD', 'postgres123')
setEnvVariable('POSTGRES_HOST', 'localhost')
setEnvVariable('POSTGRES_PORT', '5432')
setEnvVariable('POSTGRES_DB', 'lamassu')
// Development defaults
const devDefaults = {
NODE_ENV: 'development',
// Database
POSTGRES_USER: 'lamassu',
POSTGRES_PASSWORD: 'lamassu',
POSTGRES_HOST: 'localhost',
POSTGRES_PORT: '5432',
POSTGRES_DB: 'lamassu',
// Paths
CA_PATH: path.resolve(__dirname, '../Lamassu_CA.pem'),
CERT_PATH: path.resolve(__dirname, '../../../certs/Lamassu_LS.pem'),
KEY_PATH: path.resolve(__dirname, '../../../certs/Lamassu_LS.key'),
MNEMONIC_PATH: path.resolve(__dirname, '../../../mnemonic.txt'),
// Directories
BLOCKCHAIN_DIR: path.resolve(__dirname, '../../../blockchain'),
OFAC_DATA_DIR: path.resolve(__dirname, '../../../ofac'),
ID_PHOTO_CARD_DIR: path.resolve(__dirname, '../../../photos/idcard'),
FRONT_CAMERA_DIR: path.resolve(__dirname, '../../../photos/front'),
OPERATOR_DATA_DIR: path.resolve(__dirname, '../../../operator-data'),
// Misc
HOSTNAME: 'localhost',
LOG_LEVEL: 'debug',
// Bitcoin (for development, use remote node to avoid full sync)
BTC_NODE_LOCATION: 'remote',
BTC_WALLET_LOCATION: 'local',
BTC_NODE_HOST: 'blockstream.info',
BTC_NODE_PORT: '8333',
// LNBits development defaults
LNBITS_ENDPOINT: 'https://legend.lnbits.com',
LNBITS_ADMIN_KEY: '' // User needs to set this
}
setEnvVariable('CA_PATH', `${process.env.PWD}/certs/Lamassu_OP_Root_CA.pem`)
setEnvVariable('CERT_PATH', `${process.env.PWD}/certs/Lamassu_OP.pem`)
setEnvVariable('KEY_PATH', `${process.env.PWD}/certs/Lamassu_OP.key`)
// Build .env content
let envContent = sampleContent
setEnvVariable(
'MNEMONIC_PATH',
`${process.env.PWD}/.lamassu/mnemonics/mnemonic.txt`,
)
// Replace empty values with dev defaults
Object.keys(devDefaults).forEach(key => {
const regex = new RegExp(`^${key}=.*$`, 'gm')
envContent = envContent.replace(regex, `${key}=${devDefaults[key]}`)
})
setEnvVariable('BLOCKCHAIN_DIR', `${process.env.PWD}/blockchains`)
setEnvVariable('OFAC_DATA_DIR', `${process.env.PWD}/.lamassu/ofac`)
setEnvVariable('ID_PHOTO_CARD_DIR', `${process.env.PWD}/.lamassu/idphotocard`)
setEnvVariable('FRONT_CAMERA_DIR', `${process.env.PWD}/.lamassu/frontcamera`)
setEnvVariable('OPERATOR_DATA_DIR', `${process.env.PWD}/.lamassu/operatordata`)
// Write .env file
fs.writeFileSync(envPath, envContent)
setEnvVariable('BTC_NODE_LOCATION', 'remote')
setEnvVariable('BTC_WALLET_LOCATION', 'local')
setEnvVariable('HOSTNAME', 'localhost')
setEnvVariable('LOG_LEVEL', 'debug')
console.log('Development .env file created with defaults.')
console.log('IMPORTANT: You still need to:')
console.log(' 1. Generate certificates using: bash tools/cert-gen.sh')
console.log(' 2. Create a mnemonic file at: ../../../mnemonic.txt')
console.log(' 3. Set up PostgreSQL database')
console.log(' 4. Configure LNBits admin key if using Lightning')
console.log('')
console.log('Run migrations with: node bin/lamassu-migrate')