How to backup your lightning network channels

On the 2nd of April 2019 static channel backups (SCBs) were merged into the LND master branch. They will be included in the upcoming 0.6 release. If you run an older version of LND your channels are not save and you should be aware that you are at risk of losing your funds if your disk gets corrupted.

Background

When you first create your lightning wallet, a seed of 24 words is generated for you. It is very important to understand however that this seed only secures your on-chain funds and not funds that are stored in channels. The reason for this is that every time an update to your channel balance is made, the private key to spend the updated balance on the blockchain not only depends on your seed, but also on a random number. The random number is stored in the channel.db file in your LND directory. This has caused some confusion in the community. The intention behind this is that you would give this random number to a watchtower. A watchtower is a service that monitors the blockchain for you in case you go offline for a longer period of time, which would put you at risk of losing all the money in your channel if your channel partner tries to cheat you.

What happens if your channel.db file gets corrupted? It’s pretty simple: All the funds in your channels are lost. You cannot sign the transaction that cooperatively closes the channel since the random number that you need for this is lost. But it gets even worse: Not even if your channel partner force closes the channel and doesn’t try to cheat you, you will still not be able to get your money back. The funds will just sit on the blockchain forever (and make all other bitcoin hodlers a little bit richer).

How static channel backups solve this problem

If you run the latest version of LND your node will automatically create a backup of all the bits of information that you need to rescue your channels in case your channel.db file is lost. If you run a mainnet node the default directory where the backup is stored is

~.lnd/chain/bitcoin/mainnet/channel.backup

You can however change this location. Just add the line

backupfilepath=/custom/path/to/channel.backup

to your lnd.conf and the backup file will now be saved to this new location every time your channels update.

So this is already great. But what’s the catch? Well, by default the backup file is still stored on the same disk that your channel.db file is stored. Usually if one of the files on your disk is corrupted, chances are other files are affected too. If now both the channel.db file and the channel.backup file are corrupted, your funds are still lost.

So what’s the solution? Of course the LND developers thought about this problem and came up with a cool fix. They encrypted the channel.backup file with your 24 word seed. This makes it safe to store this file anywhere you want, even on a cloud drive service such as Dropbox or Google Drive.

But wait, isn’t it very unsafe to store your private keys in the cloud?! Well, it depends. Coinbase Wallet upset a large part of the Bitcoin community recently with their announcement that they will store the wallet’s private keys in the cloud in case a user forgets his seed. The difference here is that Coinbase Wallet encrypts their backup file with a user chosen password. And user passwords are notoriously weak. The channel.backup file password of LND however has very strong security since it depends on the seed which is in itself a very strong password as it is completely random.

Automatic channel backup

Ok so much about the theory, now let’s get to the practical part.

  1. Probably the easiest and least error prone way is using a service such as Dropbox or Google Drive. Just change the channel.backup file location to a folder that is automatically synchronized to the cloud. This way the cloud storage provider handles everything for you and saves your backup file to all the computer where the cloud drive service is installed.
  2. You can also use a service such as lsyncd for Linux. Lsyncd uses system hooks to automatically detect changes to a folder and keeps it synchronized with a location of your choosing. This can be a folder on a different disk on the same computer or even one or more remote servers. A good tutorial on lsyncd can be found here.
  3. If you are a more advanced user you can also use a custom script such as the one that Lightning Labs developer Alex Bosworth published recently.
  4. If you are familiar with the LND gRPC API you can also use the SubscribeChannelBackups request to automatically get the newest channel backup file. You can learn more about it here.

Restoring from a channel backup

In case your channel.db file is corrupted you can now run

lncli restorechanbackup /path/to/channel.backup

to get your funds back. There is just once catch though: All the channels will be closed. So the channel backup only keeps your funds save, but doesn’t include the necessary information to keep your channels alive during the process. It is my understanding though that there are ways that will make this possible in the future.

I think this is a great step in the right direction though and will make using the lightning network a lot less #reckless for everybody.