Bitcoin Blog

Cryoseed steel Bitcoin seed phrase backup review

With self-custody being the topic of the day, let’s talk about the Cryoseed steel backup that was just recently released. Cryoseed sent me a review unit for free but I didn’t receive anything else for this review. I am publishing the stamped steel here. As of this writing there are 4 million sats attached to this seedphrase… but there is a passphrase also that would have to be brute forced.

This is my first experience with a one of those automatic punch tools. I’ve used washers with a hammer and stamp kit in the past and the automatic punch tool is much easier and faster. I was worried that the divets made in the steel are too light, but my understanding from other similar steel backup systems is that this is normal. As you can see in my review unit above, I made a mistake on the 4th word – I put two divets in one of the places to stamp a letter. I was moving too fast – let this be a lesson to anyone paying money for a steel backup… Be extra cautious as a mistake like this could render the steel plate useless.

Cryoseed is using the 2000 plus BIP39 words for this backup method. Using the first 4 letters of each, and in alphabetical order, 1. Abandon, through 2048. Zoo. In this manner you can use the placement of the divets to unlock each word and restore a wallet.

Overall feels really well made and I think the design of the plates sliding into each other and the little hole in it for locking is really smart.

I can confirm that with a lock in place the plates will not slide out from each other. This seems like an easy, and slim way to secure a seed phrase. Obviously you would want to feel good about the lock you use. I cannot speak to how well this would do in a fire but you can check out their specs for what they claim.

Cryoseed provides the two sliding plates, an automatic punch tool, papers for writing down the seed phrase using their system before you stamp it, a few stickers, and an instruction manual.

Pros to this steel backup system:

  • Easy to use
  • Easy to decipher
  • Comes with everything you need for a steel backup, except the lock which is optional
  • The punch tool seems to be high quality and is very accurate when punching a divet
  • Small footprint but still locks

Cons:

  • Anytime you are ordering something that is known to be used for storing Bitcoin you have to be cautious with which information you are sharing, such as a home address. The folks at Cryoseed told me they delete user info, but you would have to trust that.
  • I don’t know how the numbers and dots would do in a fire situation.

Start9 Labs releases an x86 version of EmbassyOS

Start9 released EmbassyOS for x86 machines this week so I set up an Embassy for the first time last night.

EmbassyOS is another one of the Bitcoin node options available for those who prefer a pre-built node stack. This is the easiest one to set up on an x86 computer as you do not even need to install Linux to do it. The EmbassyOS .iso comes with Linux already built on it, which makes it an actual operating system that you are installing.

Start9 is recommending a computer with bare minimum requirements of a 2Ghz CPU, 4 gb of RAM and 1TB of memory. I set this up on a Dell 7040 pc with 16 gb of RAM and a 1TB ssd, and again setup was super easy. I flashed with balenaEtcher and played with the BIOS to adjust the UEFI settings and that was it.

The folks at Start9 bill EmbassyOS as more than just a bitcoin node, there are also apps available that work to help you take control of your data.

PROS

  • Easiest setup of any Node stack on an x86 computer. Most node stacks have an easy setup on a Raspberry Pi, but not so much for x86 computers.
  • Easy to use backup options which means you can safeguard your lightning funds.
  • Friendly UI.
  • Easy installation of different popular apps built on top of Bitcoin core.

CONS

  • No coinjoin apps (Dojo, Joinmarket)
  • As with other Node stacks, there is a degree of trust that comes with using third party software to install and maintain Bitcoin core. As long you you are aware of that and take care before updating, you should be fine.

Overall this has to be the easiest way to get a node stack running on an x86 computer, coupled with the excellent back up tools, this might be the easiest way to run a secure lightning node. And because you can do this easily on a beefy computer you can run plenty of channels.

Bitcoin Node Options

Why do you need to run a node?

The reasons you need to run a node vary:

  • You want to verify your own transactions in a self-sovereign way.
  • You want to coinjoin in a self-sovereign way.
  • You want to spend via the Lightning network.
  • You want to run a Lightning routing node, meaning you want to earn fees for helping others transact.
  • You want to run BTCPay Server.

It could be any of those things, or all of them. Depending on how much you need to do with your Bitcoin Node, there has never been more options out there.

Types of Bitcoin Nodes

There are a few different ways to run a node.

Run Bitcoin core on your PC or Laptop

This is a simple and effective way to run your own software capable of verifying Bitcoin transactions in a self sovereign way. Paired with Sparrow Wallet, or Spectre, it’s a great setup for the minimalist node runner. The initial setup takes some time because you need to download the timechain history, but it’s as simple as downloading Bitcoin core and picking a software wallet to pair it with (I recommend Sparrow Wallet.) You will have to dig in a little on how to pair the wallet, but Sparrow does a good job of describing how to do that. No command line stuff at all.

Run a pre-built Bitcoin Node Stack on a Raspberry Pi

There are a growing number of pre-built Bitcoin node stacks that run not only Bitcoin Core, but also have several other app offerings. They all offer both a software download that you can install on your Raspberry Pi, and they also offer to ship you a Raspberry Pi prebuilt and pre-loaded with their software.

If you are going to use any of these in DIY fashion you will need to buy a Raspberry Pi 4. Best bet is to get an 8gb version or better. Currently prices are a little crazy for these computers, and that could be temporary due to supply chain stuff, I don’t know the answer to that.

Here is a list of the pre-built Bitcoin Node stacks that I know about:

  • MyNode – Easy install. Flash an SD card and put that into your Rasperry Pi. $99 for “premium” apps, which includes being able to run tor, btcpay server, and mempool. They also offer software for an AMD64 computer as well.
  • GetUmbrel – This is likely the easiest and most commonly run software for those doing DIY Bitcoin node stacks on a Raspberry Pi. As easy to install as MyNode with just a flashed SD card, but it includes apps that MyNode charges for. Also, the interface is easy to navigate and many would say it’s the easiest on the eyes. Like MyNode, they also offer software to install on an AMD64 computer.
  • RoninDojo – Also installs with a flashed SD card, but a little more involved throughout the install process. RoninDojo does not offer Lightning and I would not bet on them adding it anytime soon. This install is command-line heavy. The RoninDojo stack is primarily built to be paired with your Android device in order to run Samourai Wallet in a self sovereign way. Coinjoin to your hearts content without every sharing your xpub.
  • RaspiBlitz – Installs with a flashed SD card also, but like Ronindojo, the setup is a little more involved and is heavy on command line.
  • Start9 – I have never setup a Start9 node and so I don’t have much to share here. My understanding is that it is not primarily a Bitcoin node as it offers applications for those looking to break away from depending on cloud based services, such as password managers, and photo backup services.

There is also the pre-built Nodl One that will set you back $529 and does not offer a software download.

Build your own Bitcoin Node Stack!

As I have previously shared, Ketan’s nodebox guide is a way to run your own Bitcoin node stack on a dedicated AMD64 machine in a self sovereign way that will not have you depending on any other company in order for you to run the software you want to run. Run all of the apps, or just run a few of them, it’s up to you. This is all done in command line.

You can do this on a computer you already have, this setup will work on any AMD64 computer, I would just recommend that the storage be SSD vs. HDD. You could also buy an older computer, upgrade the storage drive, and be on your way. Currently a Dell 9020 micro paired with a 1tb Samsung Evo will set you back around $250, which is about what a Raspberry Pi sells for on Amazon right now if you count the SSD you need with it, power supply, case, etc.

By building your own node stack with software you install and improved hardware over the single-board Raspberry Pi, you have the flexibility of running as much or as little of the software you want, depending on your scenario. You also have the benefit of having a more dependable and upgradable computer running that software.

There is also the added benefit of being able to run a public-facing instance of BTCPay Server, which is not an option on any of the pre-built Bitcoin Node stacks mentioned above. The Raspi Blitz does give you the option of interacting with a third party, paid service that will allow you to have BTCPay Server public facing, but then you run into the problem of having a single board computer dealing with incoming traffic from the internet… and the monthly fee.

The flip side to building your own self sovereign, powerful Bitcoin Node stack is that it is not easy. It took me 4 sessions, of about 3 hours long each in order to complete Ketan’s instructions from his youtube series. In my case it was my first time “living” in command line, although I should note that I have used command line some in the past. If you are more comfortable with command line you should be able to install much faster. If you have no experience with command line, it does take a little practice to get comfortable with it.

Paying for Bitcoin Node Hosting on an External Server

There are a few services out there that offer hosting a Bitcoin Node stack for you. You would not have physical control of the computer, these services have the computers at their facility. Because of that you would not have to deal with maintaining the machines.

Baseline prices for running Bitcoin, BTCpayServer, and Lightning from a hosted company:

  • Voltage.cloud – Starts at $8.64 a month ($103.68 per year)
  • LunaNode.com – Starts at $8.80 a month ($105.60 per year)

Trade-offs:

  • Easy setup. You don’t need to have much in the way of technical skills, especially with Voltage. Lunanode does require a little more effort.
  • Both should provide solid up-time and dependability
  • Lunanode let’s you pay in Bitcoin. Match that with a domain name that you setup with Namecheap and pay in Bitcoin with and you would have a setup that would let you be anonymous if you do it right. You could earn non-kyc Bitcoin with no real way to identify you.

Conclusion

I am a little biased here but I really think if you are looking to route lightning payments, or run a public facing instance of BTCPay Server, there is no doubt that you should be looking to upgrade your node to something other than a Raspberry Pi. They are too expensive right now, and they are not powerful and dependable enough for serious work.

Even if you are just looking to run a dedicated node at home, a Raspberry Pi is too expensive compared to used capable machines out there. I think it is worth it to run an upgraded node and avoid the inferior Raspberry Pi computers.

If you already have your node setup and you don’t need more out of it, then you should be fine for now. Just keep in mind you may need a node upgrade in the future.

Install Ride the Lightning GUI on Ubuntu server – Upgrade your Bitcoin Node

If you prefer a video guide to install RTL on your upgraded Bitcoin Node on Ubuntu Server, here is Ketan’s guide:

Install Ride the Lightning as a GUI for setting up and managing Lightning Channels.

  • We will be using instructions from the Ride the Lightning github here: https://github.com/Ride-The-Lightning/RTL/
  • One of the requirements is to run node.js. We will find installation instructions for that here: https://github.com/nodesource/distributions/blob/master/README.md#debinstall
  • Run this command [curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -]
  • Then this one [sudo apt-get install -y nodejs]
  • If you want to avoid permission errors for npm installs, do the following command [mkdir ~/.npm-global] and then [npm config set prefix ‘~/.npm-global’]
  • Enter [nano .profile]
  • At the bottom of that file add this line [export PATH=~/.npm-global/bin:$PATH]
  • Then command [source .profile]
  • cd into downloads [cd downloads]
  • From this webpage copy the RTL archive and wget that into your downloads directory example: [wget https://github.com/Ride-The-Lightning/RTL/archive/refs/tags/v0.12.3.tar.gz]
  • Use this command but keep an eye on your version number [tar -xvf v0.12.2.tar.gz]
  • In the example above I installed 12.3, but the command show on the RTL install page doesn’t have that updated, so be aware.
  • You can move this to your home directory if you prefer: [mv RTL-0.12.3/ ~] (again, beware of version numbers)
  • Go to home directory [cd ~]
  • Make a directory for your LND backups with the command [mkdir lndbackup]
  • Verify RTL directory is in /home with [ls]
  • Rename it with command [mv RTL-0.12.3/ RTL] (beware of version number)
  • cd into RTL [cd RTL]
  • install this [npm install –only=prod –legacy-peer-deps]
  • Check [ls] to view files. You should see a sample .json file
  • Copy that file and rename it [cp RTL-Config.json]
  • Edit that file using [nano RTL-Config.json]
  • You should see the   “multiPass”: “password”, line, change the password to one of your choosing. This is how you will login to RTL.
  • Confirm that your admin.macaroon file is in /home/<YOURUSERNAME>/data/chain/bitcoin/mainnet and you can then paste that into the line that says “macaroonpath”
  • The “configpath” line should have the filepath /home/<YOURUSERNAME>/.lnd/lnd.conf
  • The “channelbackupath” should be /home/figure8/lndbackup
  • Control x, y, enter to save and return to command line
  • Start the server with [node rtl]
  • Visit <YOURNODEIPADDRESS>:8080 to see if Ride the Lightning is up
  • If it is, stop it in terminal using ‘Control c’
  • Now we will create a service file to make it start automatically on boot
  • There are instructions here: https://github.com/Ride-The-Lightning/RTL/ at the bottom of the page
  • Create the service file using [sudo nano /etc/systemd/system/RTL.service]
  • Paste the below into that file:
[Unit]
Description=RTL daemon
Wants=lnd.service
After=lnd.service

[Service]
ExecStart=/usr/bin/node /home/<YOURUSERNAME>/RTL/rtl
User=<YOURUSERNAME>
Restart=always
TimeoutSec=120
RestartSec=30

[Install]
WantedBy=multi-user.target
  • Make sure you update your username in the above
  • Control x, y, enter
  • Enable it with [sudo systemctl enable RTL.service]
  • Start it with [sudo systemctl start RTL.service]
  • Check status with [sudo systemctl status RTL.service]

Install Lightning (LND) on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer a video guide in order to install Lightning LND on your AMD64 machine, please see Ketan’s tutorial. This guide is based on that tutorial and is meant to serve as a companion in case you run into any issues finding links, commands, etc.

Install Lightning

  • Using the installation instructions from https://raspibolt.org/guide/lightning/lightning-client.html we will install LND
  • Don’t use the link from raspibolt for your version of LND since that is for an arm based machine. If you are running an AMD64 go here to find latest release of LND: https://github.com/lightningnetwork/lnd/releases/
  • Scroll down until you find the Assets section. Find your version for the hardware you are running. If you are installing on a dell optiplex machine the version you want has ‘amd64’ in it.
  • Download into your downloads directory with [cd downloads] then [wget <link to LND version>]
  • Now using the instructions from the raspibolt.org page we can download the PGP file  and verify
  • When you’ve verified the release, unzip the file [tar -xzf lnd-linux-amd64-v0.14.3-beta.tar.gz]
  • Install with this [sudo install -m 0755 -o root -g root -t /usr/local/bin lnd-linux-amd64-v0.14.3-beta/*]
  • After install you need to setup a .conf file. Go to this github page to download an example and then we can edit that https://raw.githubusercontent.com/lightningnetwork/lnd/master/sample-lnd.conf
  • In your home directory create a directory called .lnd using [mkdir .lnd] and use [ll] to confirm it is there
  • Use [wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/sample-lnd.conf] to copy that file to your .lnd directory. [ls] to confirm it is there.
  • Rename that file using [mv sample-lnd.conf lnd.conf]
  • This is a giant file. Edit the settings. In order to ‘activate’ a line the semi-colon must be removed.
    • From [; tlsextraip=] to [tlsextraip=.0.0.0.0]
    • [; tlsextradomain=] to [tlsextradomain=.0.0.0.0]
    • [;   listen=0.0.0.0:9735] remove the semi-colon to activate
    • [;   rpclisten=localhost:10009] remove the semi-colon
    • [;   restlisten=0.0.0.0:8080] remove the semi-colon
    • [;  alias=My Lightning] to [alias=<NAME YOUR LIGHTNING NODE>]
    • [; bitcoin.mainnet=true] to [bitcoin.mainnet=true]
    • [bitcoin.simnet=true] put a semi-colon in front of it to de-activate
    • [bitcoin.node=btcd] de-activate with the semi-colon
    • [; bitcoin.node=bitcoind] remove the semi-colon to activate
    • Scrolling down until you see Bitcoind settings
    • [; bitcoind.rpcuser=kek] remove the semi-colon and change to your username for bitcoind
    • Same for the password line
    • Remove the semi colons from both of these lines:
    • ; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332
    • ; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333
  • Control x, y, enter to save the file and return to the command line
  • Run lnd with the command [lnd]
  • Open a new terminal window and login
  • Type the command [lncli create]
  • It will ask for a password, enter a strong one to login to lightning. Later this will be the password to login to Ride the Lightning
  • It will ask you to confirm password
  • It will ask if you have an existing seed, or if you want to create a fresh wallet for this lightning instance. Choose your options
  • Create a password.txt file in your .lnd directory with [cd .lnd] and [nano password.txt] and put your lightning password in there.
  • Edit the lnd.conf file with [sudo nano lnd.conf]
  • Find the below two lines in the lnd.conf file and edit them
    • change [; wallet-unlock-password-file=/tmp/example.password] to [wallet-unlock-password-file=/home/<YOURUSERNAME>/.lnd/password.txt
    • change [; wallet-unlock-allow-create=true] remove the semi-colon
  • Scroll down to the tor settings
  • [; tor.active=true] remove the semi-colon
  • [; tor.streamisolation=true] remove the semi-colon
  • [; tor.v3=true] remove the semi-colon
  • Control x, y , enter to save and exit back to terminal
  • Stop lnd using the terminal that is running lnd using control c
  • Type [lnd] to start it up again
  • We will use this link to create a service file in order to boot lnd on restart: https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/init/lnd.service
  • Go to directory cd /etc/systemd/system with [cd cd /etc/systemd/system]
  • Now [sudo wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/init/lnd.service]
  • In the terminal that is running lnd, stop with Control c
  • Edit the service file with [sudo nano lnd.service]
  • Scroll down to the ‘Service’ area and change the user and group to your node’s username
  • Control x, y, enter to save and exit back to terminal
  • Start up again with [sudo systemctl start service.lnd]
  • Check status with [sudo systemctl start service.lnd]

In the other terminal window check that lnd is running with [journalctl -fu lnd.service]

If all went well you should have LND running on your node. Next we will move on to installing Ride the Lightning so that you can start opening channels using a GUI.

Make your BTCPay Server on Ubuntu Server public facing using Cloudflare – Upgrade your Bitcoin Node

If you prefer video in order to install Cloudflare and make your BTCPay Server public-facing, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Make BTCPay Server public facing

  • Go to dash.cloudflare.com and make a free account. No need to dox any personal info.
  • Click “add a site”
  • Enter a domain name.
  • Much of the instructions will vary here depending on who your registrar is. You will want to familiarize yourself with changing settings for domain name servers and different record types. Cloudflare will try to walk you through domain nameserver settings depending on who your registrar is.
  • After you setup your domain name with cloudflare and have confirmed the connection, we can now install the downloads we need to make that work with your node.
  • Go here: https://pkg.cloudflare.com/#ubuntu-title
  • You can follow the install instructions there as they update often
  • Install cloudflared using [sudo apt install cloudflared]
  • Next use this guide to create the tunnel: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/
  • Start with this command [cloudflared tunnel login]
  • Terminal will show you a webpage to visit in order to authenticate. Go to that webpage and click on your domain name.
  • Next create a tunnel and name it with [cloudflared tunnel create <pick a name>]
  • Remember the name you choose. Make it simple, something like btcpayserver.
  • Verify that by listing out with this command [cloudflared tunnel list]
  • Check .cloudlfared directory with [ls .cloudflared] you should see a .json file that has a string of characters as its name.
  • Make a config file in your .cloudflared directory with command [nano config.yml]
  • Paste this into the config.yml file:
url: http://localhost:23001
tunnel: <Tunnel-UUID>
credentials-file: /home/<yourusername>/.cloudflared/<Tunnel-UUID>.json
  • Change the part that says <yourusername> to match your node username
  • Open a second terminal window and login to your node
  • cd into the .cloudeflared directory with [cd .cloudflared]
  • Use [ls] to see that .json file again and copy the string of characters in front of the .json
  • In that config file you are editing in the other window, paste in that string of characters to replace the two parts that say <Tunnel-UUID>
  • Connect to an application with this command [cloudflared tunnel route dns <UUID or NAME> <hostname>] edit the command to change the UUID or NAME part to the name you chose for the tunnel earlier. The <hostname> is your domain name.
  • Run it with [cloudflared tunnel run <UUID NAME>] changing name to the one you chose for the tunnel earlier
  • You should see activity in terminal and should also now be able to go to your domain name in a browser and see your btcpay server instance
  • In the terminal window that has cloudflared running, stop it using ‘control c’
  • Now we will setup the service file so that cloudflared fires up when the node starts
  • Run [cloudflared service install]
  • We need to copy a file to the cloudflared directory. In the .cloudflared directory type the command [sudo cp /home/<yourusername>/.cloudflared/config.yml /etc/cloudflared]
  • Run it again with [sudo cloudflared service install]
  • Check status with [sudo systemctl status cloudflared] (should show active)

Install your own instance of BTCPay Server on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need help to install your own BTCPay Server instance on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install BTCPay Server

wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

  • Install more software with:

sudo dpkg -i packages-microsoft-prod.deb

  • Remove a file that you no longer need:

rm packages-microsoft-prod.deb

  • Check for software updates:

sudo apt-get update

  • Install this package:

sudo apt-get install -y apt-transport-https

  • Check for updates to that package with:

sudo apt-get update

  • Install the .net package

sudo apt-get install -y dotnet-sdk-6.0

  • Next we install a database

sudo apt install postgresql postgresql-contrib

  • Change to user postgres with:

sudo -i -u postgres

  • Create a new user with:
createuser --pwprompt --interactive
  • You will be prompted to enter a username for this. Use whatever you’d like and make sure to take note of it.
  • You will be prompted to enter a password. It should be a secure password that you will remember.
  • You will be asked if this should be a ‘superuser’ – say no.
  • You will be asked if this user should be able to create a database – say yes.
  • You will be asked if this user should be able to create new roles – say no.
  • Create two databases, one for BTCPay Server and one for NBXplorer

createdb -O <the username you picked above> btcpayserver

createdb -O <the username you picked above> nbxplorer

  • Type command [exit] to get out of that username. You should be back in your downloads folder.
  • cd into your home directory with [cd ~]
  • Clone NBXplorer with the command:

git clone https://github.com/dgarage/NBXplorer

  • cd into NBXplorer with:

cd NBXplorer

  • Build NBXplorer with:

./build.sh

  • Create data directory in your home folder

mkdir -p ~/.nbxplorer/Main

  • cd into that using

cd ~/.nbxplorer/Main

  • Create a settings file

nano settings.config

  • Past this into the file:
btc.rpc.auth=<bitcoind rpc user>:<bitcoind rpc password>
port=24445
mainnet=1
postgres=User ID=<your db user>;Password=<your db password>;Host=localhost;Port=5432;Database=nbxplorer;
  • Change the bitcoin user to your bitcoind username, same with password. Also fix the postgres username and password you setup above. Control x, y, enter to save and exit
  • Back to the NBXplorer directory using: [cd ~]
  • Then cd into nbxplorer directory using [cd NBXplorer]
  • Run it using

./run.sh

  • You should see NBXplorer syncing up
  • Hit ‘control c’ to close it
  • Now we make a file to auto-start NBXplorer whenever the machine boots
  • cd into [cd /etc/systemd/system]
  • Paste this command into terminal:

sudo wget https://gist.githubusercontent.com/mariodian/de873b969e70eca4d0a7673efd697d0a/raw/acfc70c5694cd53d8a3df7ff54a35ff2caba7532/nbxplorer.service

  • Edit that file with command

Sudo nano nbxplorer.service

  • Edit the line that starts with ExecStart and find that part that says “netcoreapp2” to “net6.0”. Also remove the word /source from the filepath. Ensure username is accurate. Freedomnode uses ‘satoshi’ as the username, you may have changed that.
  • An example of that line: ExecStart=/usr/bin/dotnet “/home/<username>/NBXplorer/NBXplorer/bin/Release/net6.0/NBXplorer.dll” -c /home/<username>/.nbxplorer/Main/settings.config
  • Change User and Group to your username.
  • Control x, y, enter to save and leave
  • Enable this using:

sudo systemctl enable nbxplorer.service

  • Start it:

sudo systemctl start nbxplorer.service

  • Check status:

sudo systemctl status nbxplorer.service

  • You should see a green dot showing NBXplore is up and running
  • Now we install BTCPay Server
  • Open a new terminal window and login to your node
  • In your home directory install BTCPay server

git clone https://github.com/btcpayserver/btcpayserver.git

  • cd into btcpayserver using:

cd btcpayserver

  • Build it with:

./build.sh

  • Make another directory:

mkdir -p ~/.btcpayserver/Main

  • cd into it:

cd ~/.btcpayserver/Main

  • Create a config file:

nano settings.config

  • Add these lines to it and change your username and pass to match what you entered for the postgres install:
network=mainnet
port=23001
bind=0.0.0.0
chains=btc
BTC.explorer.url=http://127.0.0.1:24445
#BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon;certthumbprint=<finger print>
postgres=User ID=<yourusername>;Password=<your db password>;Host=localhost;Port=5432;Database=btcpayserver;
  • Go to home directory using

Cd ~

  • cd into btcpay server folder using

cd btcpayserver

  • Run it

./run.sh

  • Use a web browser to visit your ip address with :23001 at the end to see btcpay server running
  • Now we edit a service file

cd /etc/systemd/system

  • Now we download BTCPay service file:

sudo wget https://gist.githubusercontent.com/mariodian/07bb13da314e2a321784b380f543651a/raw/6cef554d9e8311e683a017d5e63a07822dee7642/btcpayserver.service

  • Edit the file using

sudo nano btcpayserver.service

  • Fix the file path to remove the /source part
  • Fix the username in the file path also
  • Fix the user to match what you made
  • Fix the group to match you username
  • Enable the service:

sudo systemctl enable btcpayserver.service

  • Start it
sudo systemctl start btcpayserver.service
  • Check status:
sudo systemctl status btcpayserver.service

Run your own Samourai Dojo and Whirlpool client on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need a text based guide to install your own Samourai Dojo and Whirlpool client on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install Samourai Dojo

This guide is intended to be used by users who intend to spend sats. Spending bitcoin leaves a permanent mark on the timechain, and if you want to spend privately it’s best to use Samourai’s post-mix spending tools to do so. Installing your own Dojo and pairing that with a Samourai mobile wallet on android is a great way to mix coins and then spend them in a way that preserves your privacy in a self-sovereign manner.

It is important to note that Samourai Wallet is only available on android devices.

  • Login to your node and go to your downloads directory with [cd downloads]
  • We will need to unzip a file so we need software to do that. Install that with [sudo apt install unzip]
  • Go to Samourai’s dojo downloads page and copy the path to their latest release https://code.samourai.io/dojo/samourai-dojo/-/releases
  • Download with command [wget <filepath>]
  • Unzip with [unzip samourai-dojo-v1.15.0] (keep an eye on version number)
  • You should already have docker setup on your Ubuntu server from the mempool guide we did previously
  • cd into your home directory with [cd ~]
  • Make a new directory with [mkdir dojo-app]
  • You should see that directory now with [ls]
  • Now let’s move the samourai download to that new directory with [mv ~/downloads/samourai-dojo-v1.15.0/* ~/dojo-app/] (be aware of version number and change to yours)
  • You should see a new directory in the dojo-app directory [cd dojo-app] then [ls]
  • cd into the conf folder with [cd docker/my-dojo/conf/
  • Type [ls] to see the different conf files that all need editing
  • First file we will edit is the bitcoind conf [nano docker-bitcoind.conf.tpl]
  • It’s a long file. Find the lines below and edit them for your setup. We need to update the bitcoind username and password. We need to tell dojo not to install bitcoind since you already have it installed. We need to update the IP address to match your node’s IP address. And we need to update some port settings to match your bitcoind installation. In a second terminal you can login to your node to see your bitcoind settings and verify that they match the lines below [nano .bitcoin/bitcoin.conf]
#########################################
# CONFIGURATION OF BITCOIND CONTAINER
#########################################

BITCOIND_RPC_USER=<bitcoind user name>

BITCOIND_RPC_PASSWORD=<Bitcoind user password>

BITCOIND_INSTALL=off
BITCOIND_IP=<YOUR NODES IP ADDRESS>
BITCOIND_RPC_PORT=8332
BITCOIND_ZMQ_RAWTXS=28333
BITCOIND_ZMQ_BLK_HASH=28334
  • Control x, y, enter to save and exit that
  • Next edit [nano docker-explorer.conf.tpl] and edit one line:
EXPLORER_INSTALL=off
  • Next edit [nano docker-indexer.conf.tpl] and edit these lines:
INDEXER_TYPE=fulcrum
INDEXER_IP=<YOUR IP ADDRESS>
INDEXER_RPC_PORT=50002
INDEXER_BATCH_SUPPORT=active
INDEXER_PROTOCOL=tls
  • Control x, y, enter to save and exit
  • Next edit [nano docker-mysql.conf.tpl] you will be entering some passwords here that are sensitive. You may want to use a password manager to generate these and save them securely.
MYSQL_ROOT_PASSWORD=<SECUREPASSWORD>
MYSQL_PASSWORD=<SECUREPASSWORD>
  • Control x, y, to save and exit
  • Next edit [nano docker-node.conf.tpl] and edit the lines with more strong passwords:
NODE_API_KEY=<SECUREPASS>
NODE_ADMIN_KEY=<PASSWORD TO LOGIN TO DOJO MAINTENANCE TOOL OVER TOR>
NODE_JWT_SECRET=<SECUREPASS>
NODE_ACTIVE_INDEXER=local_indexer
  • cd back one directory with [cd ..]
  • Use [./dojo.sh install] to install. It will ask you to confirm
  • This is going to take some time to finish. Leave running in the background and use a different terminal for now
  • In the new terminal cd into your my-dojo directory with [cd dojo-app/docker/my-dojo/]
  • Get your onion address with [./dojo.sh onion]
  • Copy your onion address and paste it into a tor browser. Add [/admin] at the end of it.
  • This password is the NODE_ADMIN_KEY password you set earlier
  • Underneath “tools” click “Pair”
  • In the Samourai wallet android app, setup your wallet. It is recommended that you use a fresh wallet for this. Go through the wallet setup instructions and be sure to use a strong passphrase. Be sure to backup your wallet in a way that cannot be corrupted.

Install Whirlpool CLI

  • In a terminal, make a whirlpool directory with [mkdir whirlpool]
  • cd into that with [cd whirlpool]
  • Find the whirlpool client here: https://code.samourai.io/whirlpool/whirlpool-client-cli/-/releases
  • In the terminal type [wget https://code.samourai.io/whirlpool/whirlpool-client-cli/uploads/3259fdd4a6ea87de3e138db592593558/whirlpool-client-cli-0.10.15-run.jar] keep an eye on the version number
  • We need java installed on our node for whirlpool cli to work. The command [java] to see a list of available java installs. Use the most recent version. The command will look something like this depending on the latest version number available [sudo apt install openjdk-17-jre-headless]
  • Then run [java -jar whirlpool-client-cli-0.10.15-run.jar –init] keep an eye on version number and make sure it matches what you downloaded.
  • It will ask you for your pairing payload from your Samourai wallet. You can find that under settings à transactions à experimental à pair to whirlpool GUI. It is a long string of characters that you can copy. That should be pasted into the terminal request and hit enter
  • It might ask you to OK using over tor. Say yes. It will ask you for your wallet’s passphrase. Enter that. CLI will be running in that window.
  • Control C to stop the service so that we can setup a service file to ensure whirlpool fires up everytime your nodes powers on.
  • Use the command [sudo nano /etc/systemd/system/whirlpool.service] to add that file and copy and paste this in (keep an eye on version number, change the NODEUSERNAME places to yours)
[Unit]
Description=Whirlpool
After=tor.service

[Service]
WorkingDirectory=/home/<NODEUSERNAME>/whirlpool
ExecStart=/usr/bin/java -jar whirlpool-client-cli-0.10.15-run.jar --server=mainnet --tor --auto-mix --mixs-target=0 --listen
User=<NODEUSERNAME>
Group=<NODEUSERNAME>
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target
  • Let’s start that with [sudo systemctl daemon-reload]
  • Enable with [sudo systemctl enable whirlpool]
  • Start with [sudo systemctl start whirlpool]
  • Check status with [sudo systemctl status whirlpool]
  • If status looks good you can now download the Whirlpool GUI to your computer (not your Bitcoin node, the computer you will interface with your node) here https://samouraiwallet.com/download
  • Open up the GUI and select advanced option
  • In the URL type <your node’s IP address>:8899
  • In the API key you can find that in a file in your whirlpool directory called whirlpool-cli-config.properties. Nano into that with [nano whirlpool-cli-config.properties] and you should see that key that you need to copy and paste into the whirlpool GUI.
  • The GUI will ask you for your wallet’s passphrase

At this point you can navigate around the GUI and learn the different mixing pools available, configurations, etc.

Install your own mempool.space instance on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need help to install your own mempool.space instance on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install mempool.space

Install mempool

  • Go to https://github.com/mempool/mempool
  • There is a green button there that says ‘code’ click that
  • Copy the link https://github.com/mempool/mempool.git
  • In your home directory type command [git clone https://github.com/mempool/mempool.git]
  • cd into mempool directory using [cd mempool]
  • [ls] should show you that there is a docker directory there
  • cd into docker directory using [cd docker]
  • [ls] there to see the docker-compose.yml file
  • Edit that file using the command [sudo nano docker-compose.yml]
  • On the lines that reads “    restart: on-failure” change on-failure to ‘always’ so that this file always starts up when the system boots.
  • On the line that has – 80:8080 change to – 4080:8080 (you don’t have to change this, but the rest of the guide assumes you did)
  • The line that has “      CORE_RPC_HOST: “172.27.0.1” change the IP address to match your nodes IP address on your network. IT IS CRITICAL THAT YOU REMEMBER THIS CHANGE FOR FUTURE MAINTENANCE. If the IP address on your node changes in the future you will need to go into this file and edit that again.
  • On the lines that have username and password for core, change to your user name and password you used for bitcoind.
  • This page will have directions for linking your mempool instance to your fulcrum server https://github.com/mempool/mempool/tree/master/docker
  • Those directions are: Change the line that says “ MEMPOOL_BACKEND: “none” change none to “electrum”
  • At the line that says “environment:” hit enter at the end of the line to add a new space below it and add the lines:
      ELECTRUM_HOST: "<YOUR IP ADDRESS"
      ELECTRUM_PORT: "50002"
      ELECTRUM_TLS: "true"
  • Add this to the bottom of the file if you intend to add other software that will use docker:
networks:
  default:
    driver: bridge
    ipam:
      config:
        - subnet: 172.16.57.0/24
  • Control x, y, enter to save and leave the file back to the directory
  • Now type command [docker-compose up] and you should see activity happening
  • Login to a different terminal window and type in [docker ps] and you should see the docker container for mempool being run there
  • Go to your web browser to test this. Use your IP address to visit your mempool instance. An example is: 192.168.86.12:4080. Use your IP addres and add :4080 at the end (or whatever extension you used)

You should now have your own working mempool.space instance. It will take some time for yours to have the graphs looking the same as mempool.space.

EDIT: Some people noted in the comment section on youtube that there are connection errors caused by the docker-compose.yml directions from above. Twitter user @gwaaan1 noted that if you replace the below and use it instead of the above it should work:

    environment:
      ELECTRUM_HOST: "<YOURIPADDRESS>"
      ELECTRUM_PORT: "50002"
      ELECTRUM_TLS_ENABLED: "true"

Install Fulcrum server on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need my help to install Fulcrum Server on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

  • Go to https://github.com/cculianu/Fulcrum/releases
  • Find the right download for you (likely the /Fulcrum-*.*.*-x86_64-linux.tar.gz version)
  • Right click and copy that link
  • Go to your downloads folder in terminal with the [cd downloads] command
  • Now download that file using the command [wget <link to file>]
  • You should see the file get downloaded in the terminal window
  • In your home directory make a new folder. You can go to your home folder with the command [cd ~]
  • Then type [mkdir fulcrum] to create that directory in your home directory
  • Make another directory [mkdir fulcrum_db] also in your home directory
  • You can type [ls] to confirm those directories are there
  • Back to downloads directory [cd downloads]
  • Unzip the fulcrum download using [tar xvf <fulcrum filename>] (you can copy the filename by typing [ls] in the downloads directory and copying the file name there.
  • The terminal should show you new filepaths written
  • Copy the file path
  • Now move all of those files to the fulcrum files you already created with the command [mv Fulcrum-1.7.0-x86_64-linux/* /home/<your username>/fulcrum ] (replace with your version number. Replace <your username> with your username)
  • Verify the move by [cd ~] to your home directory, then [cd fulcrum] to go to the fulcrum directory. Use command [ls] to check that the files are there
  • Use this command to allow fulcrum to query the network in an encrypted way [openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem]
  • You will be asked to answer some questions. No need to answer, leave blank hitting ‘enter’ for each.
  • Type [ls] command to verify the key.pem file and the cert.pem are created
  • Change the filename of the fulcrum-example-config.conf file to just fulcrum.conf with the command [mv fulcrum-example-config.conf fulcrum.conf]
  • Edit that file with [sudo nano fulcrum.conf]
  • Under basic options change datadir path to: /home/<username>/fulcrum_db
  • Make rpcuser = <your bitcoin username> (you set this when you installed bitcoind)
  • Make rpcpassword = <your bitcoin password> (you set this when you installed bitcoind)
  • On the line that reads “#ssl = 0.0.0.0:50002” remove the #
  •  Go to the line that reads “#cert = /path/to/server-cert.pem” remove the # and change the path to /home/<yourusername>/fulcrum/cert.pem
  • Go the the line that has the key.pem file, remove the # and change the path to “key = /home/<YOURUSERNAME>/fulcrum/key.pem”
  • Find line that reads #peering = true and remove the hashtag. Change true to false.
  • Find  line that reads #fast-sync = 0 and remove the #. Change zero to 5000. This means you are letting fulcrum use 5 gigs of ram capacity to sync up. Adjust accordingly based on your scenario.
  • Control x, y, enter to save the file and exit
  • Create a service file in order for fulcrum to start up on boot. Do that by going to your home directory with [cd ~] and command [sudo nano /etc/systemd/system/fulcrum.service]
  • Paste this into the fulcrum.service file:
[Unit]
Description=Fulcrum
After=network.target

[Service]
ExecStart=/home/<username>/fulcrum/Fulcrum /home/<yourusername>/fulcrum/fulcrum.conf
User=<username>
LimitNOFILE=8192
TimeoutStopSec=30min

[Install]
WantedBy=multi-user.target
  • Hit control x, y, and enter to save and exit
  • Now we enable the fulcrum service [sudo systemctl enable fulcrum.service]
  • Start it [sudo systemctl start fulcrum.service]
  • Check the status [sudo systemctl status fulcrum.service] to see if it worked
  • Check the logs to see fulcrum downloading in a different terminal with [journalctl -fu fulcrum.service]

This will take hours to finish syncing, maybe half a day. When it is done you should be able to connect Sparrow Wallet to your fulcrum server if you are on the same network. Here are instructions for connecting (if you already have Sparrow Wallet on your computer, you can jump to timestamp 4:45 for connection instructions):