Kyc3.life’s Bitcoin Node Guide Overview

This is an overview of kyc3.life’s instructions for setting up a bitcoin node from source on an x86 computer. Since this install is similar to K3tan’s instructions for setting up a bitcoin node from source, I will compare and contrast the two guides.

In kyc3’s guide, you are given instructions for installing Ubuntu server, Bitcoin core running over Tor, setting up Fulcrum electrum server, setting up a Dojo and whirlpool, along with instructions for how to setup Tailscale. There are also instructions for setting up hardening measures to protect your node form malicious attacks.

I found the guide very easy to follow along. Kyc3 gives step by step instructions and makes it dummy-proof for newbs who may have never used command line for a project like this. The guide includes buttons to copy commands and paste them into a terminal. This makes it very fast to move along the guide. Places for copying commands are easy to spot.

The software he gives instructions for are mostly bare minimum tools needed to verify your own Bitcoin, verify and broadcast bitcoin transactions, and coinjoin using Whirlpool. The idea here is that you have a dedicated pc running at all times and probably connected to your Samourai wallet on Android. This allows you to level up your Samourai wallet use by ensuring that you are not doxing your xpub to anyone and you can continuously mix your coins using your own machine to participate in conjoin rounds, and you can do all of this while on the go with your mobile device. Very self-sovereign of you.

Kyc3’s guide is notably missing a few applications. There is no guide to setup LND or Core lightning, and there is no guide for setting up BTCPay server. I don’t think this is an oversight, it’s likely that kyc3 doesn’t think interacting with the lightning network preserves privacy.

We can compare this guide to K3tan’s excellent video series for installing the same software plus a few more applications.

  • K3tans guide includes an LND node guide and Ride the Lightning for interfacing with LND. He also includes a BTCPayserver installation guide with instructions on how to make that application public facing.
  • K3tan’s guide is in video format, which some people prefer over text. If you prefer watching youtube video guides over text-based instructions, then watch K3tan’s video series. You can ignore guides that include instructions for installing applications that you don’t intend to use.
  • K3tan spends extra effort going over commonly used Linux commands, and this makes it easier for new command line users to understand what they are doing when entering commands.
  • Ky3’s guide includes easily copied commands and links to software that you need in order to execute installations. This can be easier for people who have no command line experience. 
  • Kyc3’s guide includes instructions for installing Tailscale in order to be able to access your Mempool.space instance even when you aren’t on the same network as your node. Kyc3 also gives instruction for connecting to Fulcrum server while on the go. This makes your node useful when you are mobile, which is fantastic.
  • Kyc3’s guide also includes instructions for how to lock down your node from external attacks using UFW commands.
  • Both guides recommend using an x86 machine with a small footprint, like the Dell micro series of computers.

I think it’s fantastic that there are these types of instructional guides being put out for people interested in building their own node from scratch. In the case of these two guides, you can easily mix and match what you need between the two and setup a node with software downloaded from the source and built from scratch on a very capable x86 computer.

Install Ride the Lightning GUI on Ubuntu server – Upgrade your Bitcoin Node

If you prefer a video guide to install RTL on your upgraded Bitcoin Node on Ubuntu Server, here is Ketan’s guide:

Install Ride the Lightning as a GUI for setting up and managing Lightning Channels.

  • We will be using instructions from the Ride the Lightning github here: https://github.com/Ride-The-Lightning/RTL/
  • One of the requirements is to run node.js. We will find installation instructions for that here: https://github.com/nodesource/distributions/blob/master/README.md#debinstall
  • Run this command [curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -]
  • Then this one [sudo apt-get install -y nodejs]
  • If you want to avoid permission errors for npm installs, do the following command [mkdir ~/.npm-global] and then [npm config set prefix ‘~/.npm-global’]
  • Enter [nano .profile]
  • At the bottom of that file add this line [export PATH=~/.npm-global/bin:$PATH]
  • Then command [source .profile]
  • cd into downloads [cd downloads]
  • From this webpage copy the RTL archive and wget that into your downloads directory example: [wget https://github.com/Ride-The-Lightning/RTL/archive/refs/tags/v0.12.3.tar.gz]
  • Use this command but keep an eye on your version number [tar -xvf v0.12.2.tar.gz]
  • In the example above I installed 12.3, but the command show on the RTL install page doesn’t have that updated, so be aware.
  • You can move this to your home directory if you prefer: [mv RTL-0.12.3/ ~] (again, beware of version numbers)
  • Go to home directory [cd ~]
  • Make a directory for your LND backups with the command [mkdir lndbackup]
  • Verify RTL directory is in /home with [ls]
  • Rename it with command [mv RTL-0.12.3/ RTL] (beware of version number)
  • cd into RTL [cd RTL]
  • install this [npm install –only=prod –legacy-peer-deps]
  • Check [ls] to view files. You should see a sample .json file
  • Copy that file and rename it [cp RTL-Config.json]
  • Edit that file using [nano RTL-Config.json]
  • You should see the   “multiPass”: “password”, line, change the password to one of your choosing. This is how you will login to RTL.
  • Confirm that your admin.macaroon file is in /home/<YOURUSERNAME>/data/chain/bitcoin/mainnet and you can then paste that into the line that says “macaroonpath”
  • The “configpath” line should have the filepath /home/<YOURUSERNAME>/.lnd/lnd.conf
  • The “channelbackupath” should be /home/figure8/lndbackup
  • Control x, y, enter to save and return to command line
  • Start the server with [node rtl]
  • Visit <YOURNODEIPADDRESS>:8080 to see if Ride the Lightning is up
  • If it is, stop it in terminal using ‘Control c’
  • Now we will create a service file to make it start automatically on boot
  • There are instructions here: https://github.com/Ride-The-Lightning/RTL/ at the bottom of the page
  • Create the service file using [sudo nano /etc/systemd/system/RTL.service]
  • Paste the below into that file:
[Unit]
Description=RTL daemon
Wants=lnd.service
After=lnd.service

[Service]
ExecStart=/usr/bin/node /home/<YOURUSERNAME>/RTL/rtl
User=<YOURUSERNAME>
Restart=always
TimeoutSec=120
RestartSec=30

[Install]
WantedBy=multi-user.target
  • Make sure you update your username in the above
  • Control x, y, enter
  • Enable it with [sudo systemctl enable RTL.service]
  • Start it with [sudo systemctl start RTL.service]
  • Check status with [sudo systemctl status RTL.service]

Install Lightning (LND) on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer a video guide in order to install Lightning LND on your AMD64 machine, please see Ketan’s tutorial. This guide is based on that tutorial and is meant to serve as a companion in case you run into any issues finding links, commands, etc.

Install Lightning

  • Using the installation instructions from https://raspibolt.org/guide/lightning/lightning-client.html we will install LND
  • Don’t use the link from raspibolt for your version of LND since that is for an arm based machine. If you are running an AMD64 go here to find latest release of LND: https://github.com/lightningnetwork/lnd/releases/
  • Scroll down until you find the Assets section. Find your version for the hardware you are running. If you are installing on a dell optiplex machine the version you want has ‘amd64’ in it.
  • Download into your downloads directory with [cd downloads] then [wget <link to LND version>]
  • Now using the instructions from the raspibolt.org page we can download the PGP file  and verify
  • When you’ve verified the release, unzip the file [tar -xzf lnd-linux-amd64-v0.14.3-beta.tar.gz]
  • Install with this [sudo install -m 0755 -o root -g root -t /usr/local/bin lnd-linux-amd64-v0.14.3-beta/*]
  • After install you need to setup a .conf file. Go to this github page to download an example and then we can edit that https://raw.githubusercontent.com/lightningnetwork/lnd/master/sample-lnd.conf
  • In your home directory create a directory called .lnd using [mkdir .lnd] and use [ll] to confirm it is there
  • Use [wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/sample-lnd.conf] to copy that file to your .lnd directory. [ls] to confirm it is there.
  • Rename that file using [mv sample-lnd.conf lnd.conf]
  • This is a giant file. Edit the settings. In order to ‘activate’ a line the semi-colon must be removed.
    • From [; tlsextraip=] to [tlsextraip=.0.0.0.0]
    • [; tlsextradomain=] to [tlsextradomain=.0.0.0.0]
    • [;   listen=0.0.0.0:9735] remove the semi-colon to activate
    • [;   rpclisten=localhost:10009] remove the semi-colon
    • [;   restlisten=0.0.0.0:8080] remove the semi-colon
    • [;  alias=My Lightning] to [alias=<NAME YOUR LIGHTNING NODE>]
    • [; bitcoin.mainnet=true] to [bitcoin.mainnet=true]
    • [bitcoin.simnet=true] put a semi-colon in front of it to de-activate
    • [bitcoin.node=btcd] de-activate with the semi-colon
    • [; bitcoin.node=bitcoind] remove the semi-colon to activate
    • Scrolling down until you see Bitcoind settings
    • [; bitcoind.rpcuser=kek] remove the semi-colon and change to your username for bitcoind
    • Same for the password line
    • Remove the semi colons from both of these lines:
    • ; bitcoind.zmqpubrawblock=tcp://127.0.0.1:28332
    • ; bitcoind.zmqpubrawtx=tcp://127.0.0.1:28333
  • Control x, y, enter to save the file and return to the command line
  • Run lnd with the command [lnd]
  • Open a new terminal window and login
  • Type the command [lncli create]
  • It will ask for a password, enter a strong one to login to lightning. Later this will be the password to login to Ride the Lightning
  • It will ask you to confirm password
  • It will ask if you have an existing seed, or if you want to create a fresh wallet for this lightning instance. Choose your options
  • Create a password.txt file in your .lnd directory with [cd .lnd] and [nano password.txt] and put your lightning password in there.
  • Edit the lnd.conf file with [sudo nano lnd.conf]
  • Find the below two lines in the lnd.conf file and edit them
    • change [; wallet-unlock-password-file=/tmp/example.password] to [wallet-unlock-password-file=/home/<YOURUSERNAME>/.lnd/password.txt
    • change [; wallet-unlock-allow-create=true] remove the semi-colon
  • Scroll down to the tor settings
  • [; tor.active=true] remove the semi-colon
  • [; tor.streamisolation=true] remove the semi-colon
  • [; tor.v3=true] remove the semi-colon
  • Control x, y , enter to save and exit back to terminal
  • Stop lnd using the terminal that is running lnd using control c
  • Type [lnd] to start it up again
  • We will use this link to create a service file in order to boot lnd on restart: https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/init/lnd.service
  • Go to directory cd /etc/systemd/system with [cd cd /etc/systemd/system]
  • Now [sudo wget https://raw.githubusercontent.com/lightningnetwork/lnd/master/contrib/init/lnd.service]
  • In the terminal that is running lnd, stop with Control c
  • Edit the service file with [sudo nano lnd.service]
  • Scroll down to the ‘Service’ area and change the user and group to your node’s username
  • Control x, y, enter to save and exit back to terminal
  • Start up again with [sudo systemctl start service.lnd]
  • Check status with [sudo systemctl start service.lnd]

In the other terminal window check that lnd is running with [journalctl -fu lnd.service]

If all went well you should have LND running on your node. Next we will move on to installing Ride the Lightning so that you can start opening channels using a GUI.

Make your BTCPay Server on Ubuntu Server public facing using Cloudflare – Upgrade your Bitcoin Node

If you prefer video in order to install Cloudflare and make your BTCPay Server public-facing, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Make BTCPay Server public facing

  • Go to dash.cloudflare.com and make a free account. No need to dox any personal info.
  • Click “add a site”
  • Enter a domain name.
  • Much of the instructions will vary here depending on who your registrar is. You will want to familiarize yourself with changing settings for domain name servers and different record types. Cloudflare will try to walk you through domain nameserver settings depending on who your registrar is.
  • After you setup your domain name with cloudflare and have confirmed the connection, we can now install the downloads we need to make that work with your node.
  • Go here: https://pkg.cloudflare.com/#ubuntu-title
  • You can follow the install instructions there as they update often
  • Install cloudflared using [sudo apt install cloudflared]
  • Next use this guide to create the tunnel: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/
  • Start with this command [cloudflared tunnel login]
  • Terminal will show you a webpage to visit in order to authenticate. Go to that webpage and click on your domain name.
  • Next create a tunnel and name it with [cloudflared tunnel create <pick a name>]
  • Remember the name you choose. Make it simple, something like btcpayserver.
  • Verify that by listing out with this command [cloudflared tunnel list]
  • Check .cloudlfared directory with [ls .cloudflared] you should see a .json file that has a string of characters as its name.
  • Make a config file in your .cloudflared directory with command [nano config.yml]
  • Paste this into the config.yml file:
url: http://localhost:23001
tunnel: <Tunnel-UUID>
credentials-file: /home/<yourusername>/.cloudflared/<Tunnel-UUID>.json
  • Change the part that says <yourusername> to match your node username
  • Open a second terminal window and login to your node
  • cd into the .cloudeflared directory with [cd .cloudflared]
  • Use [ls] to see that .json file again and copy the string of characters in front of the .json
  • In that config file you are editing in the other window, paste in that string of characters to replace the two parts that say <Tunnel-UUID>
  • Connect to an application with this command [cloudflared tunnel route dns <UUID or NAME> <hostname>] edit the command to change the UUID or NAME part to the name you chose for the tunnel earlier. The <hostname> is your domain name.
  • Run it with [cloudflared tunnel run <UUID NAME>] changing name to the one you chose for the tunnel earlier
  • You should see activity in terminal and should also now be able to go to your domain name in a browser and see your btcpay server instance
  • In the terminal window that has cloudflared running, stop it using ‘control c’
  • Now we will setup the service file so that cloudflared fires up when the node starts
  • Run [cloudflared service install]
  • We need to copy a file to the cloudflared directory. In the .cloudflared directory type the command [sudo cp /home/<yourusername>/.cloudflared/config.yml /etc/cloudflared]
  • Run it again with [sudo cloudflared service install]
  • Check status with [sudo systemctl status cloudflared] (should show active)

Install your own instance of BTCPay Server on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need help to install your own BTCPay Server instance on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install BTCPay Server

wget https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

  • Install more software with:

sudo dpkg -i packages-microsoft-prod.deb

  • Remove a file that you no longer need:

rm packages-microsoft-prod.deb

  • Check for software updates:

sudo apt-get update

  • Install this package:

sudo apt-get install -y apt-transport-https

  • Check for updates to that package with:

sudo apt-get update

  • Install the .net package

sudo apt-get install -y dotnet-sdk-6.0

  • Next we install a database

sudo apt install postgresql postgresql-contrib

  • Change to user postgres with:

sudo -i -u postgres

  • Create a new user with:
createuser --pwprompt --interactive
  • You will be prompted to enter a username for this. Use whatever you’d like and make sure to take note of it.
  • You will be prompted to enter a password. It should be a secure password that you will remember.
  • You will be asked if this should be a ‘superuser’ – say no.
  • You will be asked if this user should be able to create a database – say yes.
  • You will be asked if this user should be able to create new roles – say no.
  • Create two databases, one for BTCPay Server and one for NBXplorer

createdb -O <the username you picked above> btcpayserver

createdb -O <the username you picked above> nbxplorer

  • Type command [exit] to get out of that username. You should be back in your downloads folder.
  • cd into your home directory with [cd ~]
  • Clone NBXplorer with the command:

git clone https://github.com/dgarage/NBXplorer

  • cd into NBXplorer with:

cd NBXplorer

  • Build NBXplorer with:

./build.sh

  • Create data directory in your home folder

mkdir -p ~/.nbxplorer/Main

  • cd into that using

cd ~/.nbxplorer/Main

  • Create a settings file

nano settings.config

  • Past this into the file:
btc.rpc.auth=<bitcoind rpc user>:<bitcoind rpc password>
port=24445
mainnet=1
postgres=User ID=<your db user>;Password=<your db password>;Host=localhost;Port=5432;Database=nbxplorer;
  • Change the bitcoin user to your bitcoind username, same with password. Also fix the postgres username and password you setup above. Control x, y, enter to save and exit
  • Back to the NBXplorer directory using: [cd ~]
  • Then cd into nbxplorer directory using [cd NBXplorer]
  • Run it using

./run.sh

  • You should see NBXplorer syncing up
  • Hit ‘control c’ to close it
  • Now we make a file to auto-start NBXplorer whenever the machine boots
  • cd into [cd /etc/systemd/system]
  • Paste this command into terminal:

sudo wget https://gist.githubusercontent.com/mariodian/de873b969e70eca4d0a7673efd697d0a/raw/acfc70c5694cd53d8a3df7ff54a35ff2caba7532/nbxplorer.service

  • Edit that file with command

Sudo nano nbxplorer.service

  • Edit the line that starts with ExecStart and find that part that says “netcoreapp2” to “net6.0”. Also remove the word /source from the filepath. Ensure username is accurate. Freedomnode uses ‘satoshi’ as the username, you may have changed that.
  • An example of that line: ExecStart=/usr/bin/dotnet “/home/<username>/NBXplorer/NBXplorer/bin/Release/net6.0/NBXplorer.dll” -c /home/<username>/.nbxplorer/Main/settings.config
  • Change User and Group to your username.
  • Control x, y, enter to save and leave
  • Enable this using:

sudo systemctl enable nbxplorer.service

  • Start it:

sudo systemctl start nbxplorer.service

  • Check status:

sudo systemctl status nbxplorer.service

  • You should see a green dot showing NBXplore is up and running
  • Now we install BTCPay Server
  • Open a new terminal window and login to your node
  • In your home directory install BTCPay server

git clone https://github.com/btcpayserver/btcpayserver.git

  • cd into btcpayserver using:

cd btcpayserver

  • Build it with:

./build.sh

  • Make another directory:

mkdir -p ~/.btcpayserver/Main

  • cd into it:

cd ~/.btcpayserver/Main

  • Create a config file:

nano settings.config

  • Add these lines to it and change your username and pass to match what you entered for the postgres install:
network=mainnet
port=23001
bind=0.0.0.0
chains=btc
BTC.explorer.url=http://127.0.0.1:24445
#BTC.lightning=type=lnd-rest;server=https://127.0.0.1:8080/;macaroonfilepath=~/.lnd/data/chain/bitcoin/mainnet/admin.macaroon;certthumbprint=<finger print>
postgres=User ID=<yourusername>;Password=<your db password>;Host=localhost;Port=5432;Database=btcpayserver;
  • Go to home directory using

Cd ~

  • cd into btcpay server folder using

cd btcpayserver

  • Run it

./run.sh

  • Use a web browser to visit your ip address with :23001 at the end to see btcpay server running
  • Now we edit a service file

cd /etc/systemd/system

  • Now we download BTCPay service file:

sudo wget https://gist.githubusercontent.com/mariodian/07bb13da314e2a321784b380f543651a/raw/6cef554d9e8311e683a017d5e63a07822dee7642/btcpayserver.service

  • Edit the file using

sudo nano btcpayserver.service

  • Fix the file path to remove the /source part
  • Fix the username in the file path also
  • Fix the user to match what you made
  • Fix the group to match you username
  • Enable the service:

sudo systemctl enable btcpayserver.service

  • Start it
sudo systemctl start btcpayserver.service
  • Check status:
sudo systemctl status btcpayserver.service

Run your own Samourai Dojo and Whirlpool client on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need a text based guide to install your own Samourai Dojo and Whirlpool client on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install Samourai Dojo

This guide is intended to be used by users who intend to spend sats. Spending bitcoin leaves a permanent mark on the timechain, and if you want to spend privately it’s best to use Samourai’s post-mix spending tools to do so. Installing your own Dojo and pairing that with a Samourai mobile wallet on android is a great way to mix coins and then spend them in a way that preserves your privacy in a self-sovereign manner.

It is important to note that Samourai Wallet is only available on android devices.

  • Login to your node and go to your downloads directory with [cd downloads]
  • We will need to unzip a file so we need software to do that. Install that with [sudo apt install unzip]
  • Go to Samourai’s dojo downloads page and copy the path to their latest release https://code.samourai.io/dojo/samourai-dojo/-/releases
  • Download with command [wget <filepath>]
  • Unzip with [unzip samourai-dojo-v1.15.0] (keep an eye on version number)
  • You should already have docker setup on your Ubuntu server from the mempool guide we did previously
  • cd into your home directory with [cd ~]
  • Make a new directory with [mkdir dojo-app]
  • You should see that directory now with [ls]
  • Now let’s move the samourai download to that new directory with [mv ~/downloads/samourai-dojo-v1.15.0/* ~/dojo-app/] (be aware of version number and change to yours)
  • You should see a new directory in the dojo-app directory [cd dojo-app] then [ls]
  • cd into the conf folder with [cd docker/my-dojo/conf/
  • Type [ls] to see the different conf files that all need editing
  • First file we will edit is the bitcoind conf [nano docker-bitcoind.conf.tpl]
  • It’s a long file. Find the lines below and edit them for your setup. We need to update the bitcoind username and password. We need to tell dojo not to install bitcoind since you already have it installed. We need to update the IP address to match your node’s IP address. And we need to update some port settings to match your bitcoind installation. In a second terminal you can login to your node to see your bitcoind settings and verify that they match the lines below [nano .bitcoin/bitcoin.conf]
#########################################
# CONFIGURATION OF BITCOIND CONTAINER
#########################################

BITCOIND_RPC_USER=<bitcoind user name>

BITCOIND_RPC_PASSWORD=<Bitcoind user password>

BITCOIND_INSTALL=off
BITCOIND_IP=<YOUR NODES IP ADDRESS>
BITCOIND_RPC_PORT=8332
BITCOIND_ZMQ_RAWTXS=28333
BITCOIND_ZMQ_BLK_HASH=28334
  • Control x, y, enter to save and exit that
  • Next edit [nano docker-explorer.conf.tpl] and edit one line:
EXPLORER_INSTALL=off
  • Next edit [nano docker-indexer.conf.tpl] and edit these lines:
INDEXER_TYPE=fulcrum
INDEXER_IP=<YOUR IP ADDRESS>
INDEXER_RPC_PORT=50002
INDEXER_BATCH_SUPPORT=active
INDEXER_PROTOCOL=tls
  • Control x, y, enter to save and exit
  • Next edit [nano docker-mysql.conf.tpl] you will be entering some passwords here that are sensitive. You may want to use a password manager to generate these and save them securely.
MYSQL_ROOT_PASSWORD=<SECUREPASSWORD>
MYSQL_PASSWORD=<SECUREPASSWORD>
  • Control x, y, to save and exit
  • Next edit [nano docker-node.conf.tpl] and edit the lines with more strong passwords:
NODE_API_KEY=<SECUREPASS>
NODE_ADMIN_KEY=<PASSWORD TO LOGIN TO DOJO MAINTENANCE TOOL OVER TOR>
NODE_JWT_SECRET=<SECUREPASS>
NODE_ACTIVE_INDEXER=local_indexer
  • cd back one directory with [cd ..]
  • Use [./dojo.sh install] to install. It will ask you to confirm
  • This is going to take some time to finish. Leave running in the background and use a different terminal for now
  • In the new terminal cd into your my-dojo directory with [cd dojo-app/docker/my-dojo/]
  • Get your onion address with [./dojo.sh onion]
  • Copy your onion address and paste it into a tor browser. Add [/admin] at the end of it.
  • This password is the NODE_ADMIN_KEY password you set earlier
  • Underneath “tools” click “Pair”
  • In the Samourai wallet android app, setup your wallet. It is recommended that you use a fresh wallet for this. Go through the wallet setup instructions and be sure to use a strong passphrase. Be sure to backup your wallet in a way that cannot be corrupted.

Install Whirlpool CLI

  • In a terminal, make a whirlpool directory with [mkdir whirlpool]
  • cd into that with [cd whirlpool]
  • Find the whirlpool client here: https://code.samourai.io/whirlpool/whirlpool-client-cli/-/releases
  • In the terminal type [wget https://code.samourai.io/whirlpool/whirlpool-client-cli/uploads/3259fdd4a6ea87de3e138db592593558/whirlpool-client-cli-0.10.15-run.jar] keep an eye on the version number
  • We need java installed on our node for whirlpool cli to work. The command [java] to see a list of available java installs. Use the most recent version. The command will look something like this depending on the latest version number available [sudo apt install openjdk-17-jre-headless]
  • Then run [java -jar whirlpool-client-cli-0.10.15-run.jar –init] keep an eye on version number and make sure it matches what you downloaded.
  • It will ask you for your pairing payload from your Samourai wallet. You can find that under settings à transactions à experimental à pair to whirlpool GUI. It is a long string of characters that you can copy. That should be pasted into the terminal request and hit enter
  • It might ask you to OK using over tor. Say yes. It will ask you for your wallet’s passphrase. Enter that. CLI will be running in that window.
  • Control C to stop the service so that we can setup a service file to ensure whirlpool fires up everytime your nodes powers on.
  • Use the command [sudo nano /etc/systemd/system/whirlpool.service] to add that file and copy and paste this in (keep an eye on version number, change the NODEUSERNAME places to yours)
[Unit]
Description=Whirlpool
After=tor.service

[Service]
WorkingDirectory=/home/<NODEUSERNAME>/whirlpool
ExecStart=/usr/bin/java -jar whirlpool-client-cli-0.10.15-run.jar --server=mainnet --tor --auto-mix --mixs-target=0 --listen
User=<NODEUSERNAME>
Group=<NODEUSERNAME>
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60

[Install]
WantedBy=multi-user.target
  • Let’s start that with [sudo systemctl daemon-reload]
  • Enable with [sudo systemctl enable whirlpool]
  • Start with [sudo systemctl start whirlpool]
  • Check status with [sudo systemctl status whirlpool]
  • If status looks good you can now download the Whirlpool GUI to your computer (not your Bitcoin node, the computer you will interface with your node) here https://samouraiwallet.com/download
  • Open up the GUI and select advanced option
  • In the URL type <your node’s IP address>:8899
  • In the API key you can find that in a file in your whirlpool directory called whirlpool-cli-config.properties. Nano into that with [nano whirlpool-cli-config.properties] and you should see that key that you need to copy and paste into the whirlpool GUI.
  • The GUI will ask you for your wallet’s passphrase

At this point you can navigate around the GUI and learn the different mixing pools available, configurations, etc.

Install your own mempool.space instance on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need help to install your own mempool.space instance on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

Install mempool.space

Install mempool

  • Go to https://github.com/mempool/mempool
  • There is a green button there that says ‘code’ click that
  • Copy the link https://github.com/mempool/mempool.git
  • In your home directory type command [git clone https://github.com/mempool/mempool.git]
  • cd into mempool directory using [cd mempool]
  • [ls] should show you that there is a docker directory there
  • cd into docker directory using [cd docker]
  • [ls] there to see the docker-compose.yml file
  • Edit that file using the command [sudo nano docker-compose.yml]
  • On the lines that reads “    restart: on-failure” change on-failure to ‘always’ so that this file always starts up when the system boots.
  • On the line that has – 80:8080 change to – 4080:8080 (you don’t have to change this, but the rest of the guide assumes you did)
  • The line that has “      CORE_RPC_HOST: “172.27.0.1” change the IP address to match your nodes IP address on your network. IT IS CRITICAL THAT YOU REMEMBER THIS CHANGE FOR FUTURE MAINTENANCE. If the IP address on your node changes in the future you will need to go into this file and edit that again.
  • On the lines that have username and password for core, change to your user name and password you used for bitcoind.
  • This page will have directions for linking your mempool instance to your fulcrum server https://github.com/mempool/mempool/tree/master/docker
  • Those directions are: Change the line that says “ MEMPOOL_BACKEND: “none” change none to “electrum”
  • At the line that says “environment:” hit enter at the end of the line to add a new space below it and add the lines:
      ELECTRUM_HOST: "<YOUR IP ADDRESS"
      ELECTRUM_PORT: "50002"
      ELECTRUM_TLS: "true"
  • Add this to the bottom of the file if you intend to add other software that will use docker:
networks:
  default:
    driver: bridge
    ipam:
      config:
        - subnet: 172.16.57.0/24
  • Control x, y, enter to save and leave the file back to the directory
  • Now type command [docker-compose up] and you should see activity happening
  • Login to a different terminal window and type in [docker ps] and you should see the docker container for mempool being run there
  • Go to your web browser to test this. Use your IP address to visit your mempool instance. An example is: 192.168.86.12:4080. Use your IP addres and add :4080 at the end (or whatever extension you used)

You should now have your own working mempool.space instance. It will take some time for yours to have the graphs looking the same as mempool.space.

EDIT: Some people noted in the comment section on youtube that there are connection errors caused by the docker-compose.yml directions from above. Twitter user @gwaaan1 noted that if you replace the below and use it instead of the above it should work:

    environment:
      ELECTRUM_HOST: "<YOURIPADDRESS>"
      ELECTRUM_PORT: "50002"
      ELECTRUM_TLS_ENABLED: "true"

Install Fulcrum server on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need my help to install Fulcrum Server on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand.

  • Go to https://github.com/cculianu/Fulcrum/releases
  • Find the right download for you (likely the /Fulcrum-*.*.*-x86_64-linux.tar.gz version)
  • Right click and copy that link
  • Go to your downloads folder in terminal with the [cd downloads] command
  • Now download that file using the command [wget <link to file>]
  • You should see the file get downloaded in the terminal window
  • In your home directory make a new folder. You can go to your home folder with the command [cd ~]
  • Then type [mkdir fulcrum] to create that directory in your home directory
  • Make another directory [mkdir fulcrum_db] also in your home directory
  • You can type [ls] to confirm those directories are there
  • Back to downloads directory [cd downloads]
  • Unzip the fulcrum download using [tar xvf <fulcrum filename>] (you can copy the filename by typing [ls] in the downloads directory and copying the file name there.
  • The terminal should show you new filepaths written
  • Copy the file path
  • Now move all of those files to the fulcrum files you already created with the command [mv Fulcrum-1.7.0-x86_64-linux/* /home/<your username>/fulcrum ] (replace with your version number. Replace <your username> with your username)
  • Verify the move by [cd ~] to your home directory, then [cd fulcrum] to go to the fulcrum directory. Use command [ls] to check that the files are there
  • Use this command to allow fulcrum to query the network in an encrypted way [openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem]
  • You will be asked to answer some questions. No need to answer, leave blank hitting ‘enter’ for each.
  • Type [ls] command to verify the key.pem file and the cert.pem are created
  • Change the filename of the fulcrum-example-config.conf file to just fulcrum.conf with the command [mv fulcrum-example-config.conf fulcrum.conf]
  • Edit that file with [sudo nano fulcrum.conf]
  • Under basic options change datadir path to: /home/<username>/fulcrum_db
  • Make rpcuser = <your bitcoin username> (you set this when you installed bitcoind)
  • Make rpcpassword = <your bitcoin password> (you set this when you installed bitcoind)
  • On the line that reads “#ssl = 0.0.0.0:50002” remove the #
  •  Go to the line that reads “#cert = /path/to/server-cert.pem” remove the # and change the path to /home/<yourusername>/fulcrum/cert.pem
  • Go the the line that has the key.pem file, remove the # and change the path to “key = /home/<YOURUSERNAME>/fulcrum/key.pem”
  • Find line that reads #peering = true and remove the hashtag. Change true to false.
  • Find  line that reads #fast-sync = 0 and remove the #. Change zero to 5000. This means you are letting fulcrum use 5 gigs of ram capacity to sync up. Adjust accordingly based on your scenario.
  • Control x, y, enter to save the file and exit
  • Create a service file in order for fulcrum to start up on boot. Do that by going to your home directory with [cd ~] and command [sudo nano /etc/systemd/system/fulcrum.service]
  • Paste this into the fulcrum.service file:
[Unit]
Description=Fulcrum
After=network.target

[Service]
ExecStart=/home/<username>/fulcrum/Fulcrum /home/<yourusername>/fulcrum/fulcrum.conf
User=<username>
LimitNOFILE=8192
TimeoutStopSec=30min

[Install]
WantedBy=multi-user.target
  • Hit control x, y, and enter to save and exit
  • Now we enable the fulcrum service [sudo systemctl enable fulcrum.service]
  • Start it [sudo systemctl start fulcrum.service]
  • Check the status [sudo systemctl status fulcrum.service] to see if it worked
  • Check the logs to see fulcrum downloading in a different terminal with [journalctl -fu fulcrum.service]

This will take hours to finish syncing, maybe half a day. When it is done you should be able to connect Sparrow Wallet to your fulcrum server if you are on the same network. Here are instructions for connecting (if you already have Sparrow Wallet on your computer, you can jump to timestamp 4:45 for connection instructions):

Install Bitcoind on Ubuntu Server – Upgrade your Bitcoin Node

If you prefer video and don’t need my help to install Bitcoind on Ubuntu server, see this video for instructions. Use the below text as a way to help when you run in to something you don’t understand. Otherwise, the video should suffice.

Installing Bitcoind on Ubuntu Server

  • Login to your nodebox through SSH using instructions previously shared here
  • Input [mkdir downloads] to make a directory for downloads
  • Type [ls] to confirm your new directory
  • Visit https://bitcoincore.org/en/download/ to find the link to download bitcoind
  • Right click/copy link on the Linux (tgz) download
  • In terminal, go to your downloads directory with [cd downloads]
  • Input [wget] and paste in the link for the linux (tgz) file
  • Hit enter. This should download bitcoin to your downloads folder
  • When it’s done you can type [ls] into the command line and see the download in the directory
  • Follow the instruction in the bitcoincore.org/en/downloads to verify the bitcoin software you downloaded
  • After verifying the file is good, unzip the file using this command: [tar xzf bitcoin-**.0-x86_64-linux-gnu.tar.gz] YOU WILL NEED TO CHANGE THE VERSION NUMBER TO THE ONE YOU DOWNLOADED.
  • Use the command to install in your root directory: [sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-22.0/bin/*] (YOU WILL NEED TO CHANGE THE VERSION NUMBER TO THE ONE YOU DOWNLOADED.)
  • You will be prompted to enter your password
  • Enter the command [bitcoind -daemon] to run Bitcoin. Your nodebox should be downloading the bitcoin blockchain, you can confirm that by following instructions below.
  • Use the command [cd ~] to go back to your home directory
  • Enter the command [ll] to see that .bitcoin has been added to your home directory
  • Go into the .bitcoin directory using the command [cd .bitcoin]
  • Type [ls] to see a list of files there
  • Open a new terminal window and enter the command [tail -f .bitcoin/debug.log] to see the blocks downloading in real time if you’d like
    • A few bitcoin -cli commands:
      • bitcoin -cli getblockchaininfo
      • bitcoin -cli getconectioncount
  • Now we setup bitcoin.conf
    • If you aren’t in the .bitcoin directory go there. [cd .bitcoin]
    • You will create a file there called bitcoin.conf using the command [nano bitcoin.conf]
    • You should see a text editor open up named bitcoin.conf
    • Paste in the following:
server=1
txindex=1
daemon=1
rpcport=8332
rpcbind=0.0.0.0
rpcallowip=127.0.0.1
rpcallowip=10.0.0.0/8
rpcallowip=172.0.0.0/8
rpcallowip=192.0.0.0/8
zmqpubrawblock=tcp://0.0.0.0:28332
zmqpubrawtx=tcp://0.0.0.0:28333
zmqpubhashblock=tcp://0.0.0.0:28334
whitelist=127.0.0.1
  • In a browser, go to https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py
  • Keep the bitcoin.conf file open and open a new terminal
  • Use the [cd downloads] command to go into your downloads directory
  • Use the command [wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/share/rpcauth/rpcauth.py] to download that file
  • We need to make that file executable. The command for that is [chmod +x rpcauth.py]
  • We need to set a password and username for bitcoind. The command for that is [./rpcauth.py bitcoin bitcoin] (in that line “bitcoin” is designated as the password and “bitcoin” is designated as the username. Change that as you’d like.)
  • Hit enter and you will get a string of characters that starts with rpcauth. Starting from the rpcauth part all the way through the rest of the characters, paste that below the “whitelist” line in the bitcoin.conf file you are editing.
  • Hold down the “control” key and the “x” key at the same time to exit. Hit “y” to save the file when prompted. Hit “enter” to exit.
  • In the terminal window with the .bitcoin directory stop bitcoind with the command [bitcoin-cli stop]
  • Start it up again with the command [bitcoind]
  • Use the command [bitcoin-cli blockchaininfo] to see if the timechain has completely downloaded
  • Next… wait until core downloads all of the blocks. Might take 18 hours or so.

Setup the service file so that Bitcoin starts up automatically

  • Go to https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/init/bitcoind.service
  • Enter command [cd /etc/systemd/system/] to move to that directory
  • Enter command [ sudo wget https://raw.githubusercontent.com/bitcoin/bitcoin/master/contrib/init/bitcoind.service] to download the service file template
  • In the /etc/systemd/system directory enter command [sudo nano bitcoind.service]
  • This will let you edit the service file to change the directories to be accurate
  • Change lines:
[Service]
ExecStart=/usr/local/bin/bitcoind -daemon \
                            -pid=/run/bitcoind/bitcoind.pid \
                            -conf=/home/<YOURUSERNAME>/.bitcoin/bitcoin.conf \
                            -datadir=/home/<YOURUSERNAME>/.bitcoin
  • Place a # in front of this line:
ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
  • Should now read:
# ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
  • Change the username to read the same username for your node login:
# Run as bitcoin:bitcoin
User=<YOURNODEUSERNAME>
Group=<YOURNODEUSERNAME>
  • In the “Hardening Measures” part we will put a # in front of the line that reads “ProtectHome=true”
# Hardening measures
####################

# Provide a private /tmp and /var/tmp.
PrivateTmp=true

# Mount /usr, /boot/ and /etc read-only for the process.
ProtectSystem=full

# Deny access to /home, /root and /run/user
# ProtectHome=true
  • Control X to save, type “y” to confirm, and enter to return to terminal
  • Enable bitcoind with command [sudo systemctl enable bitcoind]
  • Start bitcoind with command [sudo systemctl start bitcoind]

Enable TOR

  • Install tor with [sudo apt install tor]
  • Verify install using [sudo systemctl status tor]
  • Edit a file in tor with the command [sudo nano /etc/tor/torrc]
  • Add these lines to the bottom of that file:
ControlPort 9051
CookieAuthentication 1
CookieAuthFileGroupReadable 1
  • Hit control x, ‘y’ to save, enter to leave that file
  • Make those changes effective by typing [sudo systemctl restart tor]
  • Add your username by typing [sudo usermod -a -G debian-tor <username>]
  • Add tor to bitcoin.conf file with the command [nano sudo .bitcoin/bitcoin.conf]
  • Add the following lines to the bottom of the file.
proxy=127.0.0.1:9050
listen=1
bind=127.0.0.1
onlynet=onion
  • Control x, ‘y’ to save, enter to exit
  • Reboot machine using [sudo reboot]
  • SSH back into your machine
  • Now you need to check to see if bitcoind is connecting to peers with the move to tor vs. clearnet
  • Using a second terminal, Type command [tail -f .bitcoin/debug.log] to see if new blocks are coming in
  • Back in the other terminal window, enter command [bitcoin-cli getconnectioncount]
  • If you are getting a ‘0’ for connection count you may need to manually find a connection
  • Instructions for that are:
    • Scroll down a bit and you will see a list of nodes online. Picking the first one should work just fine. Copy that onion address including the :8333 port in it.
    • Now you are going to add that address to your bitcoin.conf file using this command [sudo nano .bitcoin/bitcoin.conf]
    • Next, add that node to the bottom of the bictoin.conf file with the command [addnode=<url of that node>]
    • Control x, save, enter to finally exit
    • Restart bitcoind with command [sudo systemctl restart bitcoind]
    • Wait a minute or so and check the other terminal window to see if you are connecting to peers.
    • You can also type in a terminal [bitcoin-cli getconnectioncount] to see if you have any new peers.
    • Once you have 4 or five peers, you can go into the bitcoin.conf file and remove the node you added at the bottom. Command [sudo nano .bitcoin/bitcoin.conf] will get you back in. Scroll down and delete the text you added earlier, then control x, y, enter.
    • Restart bitcoind again with command [sudo systemctl restart bitcoind] to ensure that your node can now connect to peers on it’s own
    • After a minute or so use [bitcoin-cli getconnectioncount] to very connection to other nodes over tor
  • To verify your traffic is going over tor you can use the command [bitcoin-cli getnetworkinfo]
  • You should see an onion address at the bottom of the information that prints out in terminal. You should also see ipv4 reachable: false. Same for ipv6. Onion ‘reachable’ should say ‘true’
  • Another useful command is bitcoin-cli gettxoutsetinfo to verify the supply of all satoshis

Install Ubuntu Server – Upgrade your Bitcoin Node

This is a text companion guide to Ketan’s instructions for installing Ubuntu server. Ubuntu server is the OS we will be using to build our bitcoin node stack that I mentioned in my previous post upgrading your bitcoin node.

You may not need text based help. If that’s the case, here is Ketan’s video:

Ubuntu server prep

Installation

  • We are going to work with this node “Headless,” meaning we will not need a monitor or keyboard, but first we need a keyboard and monitor attached to the machine in order to install Ubuntu.
  • Figure out how your machine goes to BIOS (sometimes F2, sometimes F12, etc.) The startup screen will tell you what do in order to login to the BIOS.
  • Boot list options in BIOS – should be “Legacy” (may need to disable “secure boot”)
  • Change the boot order. Should be USB first, then SSD.
  • If needed for your computer, choose Advanced boot options in BIOS
  • Power management – change AC Recovery to “Power on” so that the node restarts when it has power loss. Throughout the install guide will we setup all apps to start up from boot so that if you have an interruption of power to the node it should reboot and start up all apps automatically.
  • Insert the USB stick with Ubuntu server and fire up the machine
  • Select language, keyboard layout, Choose “Ubuntu Server”
  • Write down the IP address that the install process shows you, usually something like 192.168.**.*** You will need this to SSH into the machine.
  • No proxy address needed
  • Use default mirror address
  • Choose your preference for where to install Ubuntu server. Be careful you aren’t erasing information you need with “Use entire disk”
  • No need to set up as LVM group, space bar will de-select
  • Confirm your selections
  • Enter your info here. Might be good to use a unique username and password.
  • Username must be lower case
  • Be sure you select “Install OpenSSH” with your spacebar
  • No need to select any of the featured snaps, move the cursor down to “done”
  • Will take a few minutes to setup
  • Confirm the reboot selection
  • Remove the installation USB stick when prompted and press “enter”
  • Login using the username and your password
  • You shouldn’t need the monitor or keyboard on your nodebox from here on out
  • Open up a command line on the computer you usually work with
    • In windows open a command prompt. Search CMD and hit enter.
    • On Linux/Mac open a terminal
  • From the command line type [SSH username@IPaddress] ex. [ssh satoshi@192.168.**.***]
  • At your first login your terminal may ask you to confirm the new connection, type “yes”
  • Enter the password you selected when prompted

You should be logged in

This video does an excellent job of explaining how to navigate your new Ubuntu server installation.