lightning-security-module
Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-first with Docker, native fallback. Use when firewalling private key material from AI agents.
Best use case
lightning-security-module is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-first with Docker, native fallback. Use when firewalling private key material from AI agents.
Teams using lightning-security-module should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/lightning-security/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How lightning-security-module Compares
| Feature / Agent | lightning-security-module | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Set up an lnd remote signer container that holds private keys separately from the agent. Exports a credentials bundle (accounts JSON, TLS cert, admin macaroon) for watch-only litd nodes. Container-first with Docker, native fallback. Use when firewalling private key material from AI agents.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Lightning Security Module (Remote Signer)
Set up an lnd remote signer container that holds private keys on a separate,
secured machine. The signer never routes payments or opens channels — it only
holds keys and signs when asked by a watch-only litd node.
## Architecture
```
Agent Machine Signer Machine (secure)
┌─────────────────┐ ┌─────────────────────┐
│ litd (watch-only)│◄──gRPC───►│ lnd (signer) │
│ - neutrino │ │ - holds seed │
│ - manages chans │ │ - signs commitments │
│ - routes pmts │ │ - signs on-chain txs │
│ - NO key material│ │ - no p2p networking │
└─────────────────┘ └─────────────────────┘
```
The watch-only node handles all networking and channel management. The signer
node holds the seed and performs cryptographic signing. Even if the agent machine
is fully compromised, the attacker cannot extract private keys.
See [references/architecture.md](references/architecture.md) for the full
architecture explainer.
## Quick Start (Container — Recommended)
### On the Signer Machine
```bash
# 1. Install lnd signer image
skills/lightning-security-module/scripts/install.sh
# 2. Start signer container
skills/lightning-security-module/scripts/start-signer.sh
# 3. Set up signer wallet and export credentials
skills/lightning-security-module/scripts/setup-signer.sh
# 4. Copy the credentials bundle to the agent machine
# The setup script prints the bundle path and base64 string.
```
### On the Agent Machine
```bash
# 5. Import credentials bundle
skills/lnd/scripts/import-credentials.sh --bundle <credentials-bundle>
# 6. Start litd in watch-only mode
skills/lnd/scripts/start-lnd.sh --watchonly
# 7. Create watch-only wallet
skills/lnd/scripts/create-wallet.sh
# 8. Check status
skills/lnd/scripts/lncli.sh getinfo
```
### Two-Container Local Setup
For testing both on the same machine:
```bash
# Start litd + signer together
skills/lnd/scripts/start-lnd.sh --watchonly
# Set up signer wallet
skills/lightning-security-module/scripts/setup-signer.sh --container litd-signer
# Import credentials and create watch-only wallet
skills/lnd/scripts/import-credentials.sh --bundle ~/.lnget/signer/credentials-bundle
skills/lnd/scripts/create-wallet.sh --container litd
```
## Installation
Default: pulls the lnd Docker image for the signer.
```bash
skills/lightning-security-module/scripts/install.sh
```
This pulls `lightninglabs/lnd:v0.20.0-beta` from Docker Hub. The signer only
needs plain lnd (not litd) since it only holds keys and signs.
### Build from Source (Fallback)
```bash
skills/lightning-security-module/scripts/install.sh --source
```
## Native Mode
For running the signer without Docker:
```bash
# Set up signer natively
skills/lightning-security-module/scripts/setup-signer.sh --native
# Start signer natively
skills/lightning-security-module/scripts/start-signer.sh --native
# Stop signer natively
skills/lightning-security-module/scripts/stop-signer.sh --native
```
## Remote Nodes
Export credentials from a remote signer:
```bash
skills/lightning-security-module/scripts/export-credentials.sh \
--rpcserver signer-host:10012 \
--tlscertpath ~/signer-tls.cert \
--macaroonpath ~/signer-admin.macaroon
```
## Credential Bundle Format
The exported bundle (`~/.lnget/signer/credentials-bundle/`) contains:
| File | Purpose |
|------|---------|
| `accounts.json` | Account xpubs for watch-only wallet import |
| `tls.cert` | Signer's TLS certificate for authenticated gRPC |
| `admin.macaroon` | Signer's admin macaroon for RPC authentication |
The bundle is also available as a single base64-encoded tar.gz file
(`credentials-bundle.tar.gz.b64`) for easy copy-paste transfer between machines.
## Scripts
| Script | Purpose |
|--------|---------|
| `install.sh` | Pull lnd signer image (or build from source) |
| `docker-start.sh` | Start signer container |
| `docker-stop.sh` | Stop signer container |
| `setup-signer.sh` | Create signer wallet and export credentials |
| `start-signer.sh` | Start signer (delegates to Docker by default) |
| `stop-signer.sh` | Stop signer (delegates to Docker by default) |
| `export-credentials.sh` | Re-export credentials from running signer |
## Managing the Signer
### Start
```bash
# Docker (default)
skills/lightning-security-module/scripts/start-signer.sh
# With network override
skills/lightning-security-module/scripts/start-signer.sh --network mainnet
```
### Stop
```bash
# Docker stop (preserve data)
skills/lightning-security-module/scripts/stop-signer.sh
# Docker stop + remove volumes
skills/lightning-security-module/scripts/stop-signer.sh --clean
```
### Re-export Credentials
If TLS certificates or macaroons have been regenerated:
```bash
skills/lightning-security-module/scripts/export-credentials.sh
```
## Configuration
### Container Config
The signer compose template is at
`skills/lightning-security-module/templates/docker-compose-signer.yml`. Config
is passed via command-line arguments.
### Native Config
The native signer config template is at
`skills/lightning-security-module/templates/signer-lnd.conf.template`. Key
differences from a standard lnd node:
- **No P2P listening** (`--listen=`) — signer doesn't route
- **RPC on 0.0.0.0:10012** — accepts connections from watch-only node
- **REST on localhost:10013** — local only, for wallet creation
- **TLS extra IP 0.0.0.0** — watch-only on a different machine can connect
- **No autopilot, no routing fees** — signer is signing-only
## Security Model
**What stays on the signer:**
- 24-word seed mnemonic
- All private keys (funding, revocation, HTLC)
- Wallet database with key material
**What gets exported:**
- Account xpubs (public keys only — cannot spend)
- TLS certificate (for authenticated connection)
- Admin macaroon (for RPC auth — scope down for production)
**Threat model:**
- Compromised agent machine cannot sign transactions or extract keys
- Attacker with agent access can see balances and channel state but not spend
- Signer machine should have minimal attack surface
**Production hardening:**
- Replace admin macaroon with a signer-only macaroon (see `macaroon-bakery`)
- Restrict signer RPC to specific IP addresses via firewall
- Run signer on dedicated hardware or a hardened VM
- Use Lightning Node Connect (LNC) via `lightning-mcp-server` for read-only agent access
## Macaroon Bakery for Signer
For production, bake a signing-only macaroon:
```bash
skills/macaroon-bakery/scripts/bake.sh --role signer-only \
--container litd-signer --rpc-port 10012
```
Then re-export the credentials bundle with the scoped macaroon.
## Container & Ports
| Container | Purpose | Ports |
|-----------|---------|-------|
| `litd-signer` | Remote signer (lnd) | 10012, 10013 |
| Port | Service | Interface | Description |
|-------|---------|-----------|-------------|
| 10012 | gRPC | 0.0.0.0 | Signer RPC (watch-only connects here) |
| 10013 | REST | 0.0.0.0 | REST for wallet creation |
## File Locations
| Path | Purpose |
|------|---------|
| `~/.lnget/signer/wallet-password.txt` | Signer wallet passphrase (0600) |
| `~/.lnget/signer/seed.txt` | Signer seed mnemonic (0600) |
| `~/.lnget/signer/credentials-bundle/` | Exported credentials |
| `~/.lnget/signer/signer-lnd.conf` | Signer config (native mode) |
| `versions.env` | Pinned container image versions |Related Skills
okx-security
Use this skill for security scanning: check transaction safety, is this transaction safe, pre-execution check, security scan, token risk scanning, honeypot detection, DApp/URL phishing detection, message signature safety, malicious transaction detection, approval safety checks, token approval management. Triggers: 'is this token safe', 'check token security', 'honeypot check', 'scan this tx', 'scan this swap tx', 'tx risk check', 'is this URL a scam', 'check if this dapp is safe', 'phishing site check', 'is this signature safe', 'check this signing request', 'check my approvals', 'show risky approvals', 'revoke approval', 'check if this approve is safe', token authorization, ERC20 allowance, Permit2. Covers token-scan, dapp-scan, tx-scan (EVM+Solana pre-execution), sig-scan (EIP-712/personal_sign), approvals (ERC-20/Permit2). Chinese: 安全扫描, 代币安全, 蜜罐检测, 貔貅盘, 钓鱼网站, 交易安全, 签名安全, 代币风险, 授权管理, 授权查询, 风险授权, 代币授权. Do NOT use for wallet balance/send/history — use okx-agentic-wallet.
smart-contract-security-scanner
Scan smart contracts for vulnerabilities and generate audit checklists.
petir-security-agent
Autonomous red/blue team security agent with 20+ OWASP tools and MCP security plugins.
crypto-intel-security-scanner
Analyze Solidity code for vulnerabilities, get safety scores, and audit checklists.
crypto-intel-security-analyzer
Analyze Solidity code for common vulnerabilities and security issues with smart contract auditing checklist.
v4-security-foundations
Security-first Uniswap v4 hook development. Use when user mentions "v4 hooks", "hook security", "PoolManager", "beforeSwap", "afterSwap", or asks about V4 hook best practices, vulnerabilities, or audit requirements.
aegis-protocol-security
Enterprise-grade DeFi security and analytics agent with advanced threat detection and market intelligence on Base.
aegis-protocol-defi-security
Enterprise-grade DeFi security and analytics agent with advanced threat detection and market intelligence on Base.
lightning-mcp-server
Build and configure the MCP server for Lightning Node Connect (LNC). Connects AI assistants to lnd nodes via encrypted WebSocket tunnels using pairing phrases — no direct network access or TLS certs needed. Read-only by default (18 tools for querying node state, channels, payments, invoices, peers, on-chain data).
crypto-intel-security
Analyze Solidity code for vulnerabilities, get security checklists, and token safety scores.
smart-contract-security
Analyze Solidity code for vulnerabilities and get security checklists for auditing.
8004-skill
ERC-8004 Trustless Agents - Register and manage AI agent identities on TRON and BSC blockchains with on-chain reputation tracking