lnd update to 0.15.4-beta hotfix (#3400)

Fixes  #3395

CHANGES.md

@@ -1,5 +1,14 @@
 # CHANGES between Releases
 
+## What's new in Version 1.8.0c of RaspiBlitz?
+
+- Update: LND v0.15.4 (emergency hotfix release) [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.4-beta)
+- Update: Electrum Server in Rust (electrs) v0.9.9 [details](https://github.com/romanz/electrs/blob/master/RELEASE-NOTES.md#099-jul-12-2022)
+
+## What's new in Version 1.8.0b of RaspiBlitz?
+
+- Update: LND v0.15.2 (emergency hotfix release) [details](https://github.com/lightningnetwork/lnd/releases/tag/v0.15.2-beta)
+
 ## What's new in Version 1.8.0 of RaspiBlitz?
 
 - New: Multilanguage WebUI [details](https://github.com/cstenglein/raspiblitz-web)

README.md

@@ -3,7 +3,7 @@
 
 _Build your own Lightning & Bitcoin Fullnode on a RaspberryPi with a nice Display._
 
-`Version 1.8.0 with lnd 0.15.0 & Core Lightning 0.11.2 and bitcoin 23.0.0`
+`Version 1.8.0b with lnd 0.15.2 & Core Lightning 0.11.2 and bitcoin 23.0.0`
 
 ![RaspiBlitz](pictures/raspiblitz.jpg)
 
@@ -253,13 +253,13 @@ In the end your RaspiBlitz should look like this:
 | Philosophy       | Trust                                                                                                                                                                            | Sovereignty                                                       |
 | Difficulty level | Easy                                                                                                                                                                             | Medium                                                            |
 | Pros             | Make Blitz accessible to everyone                                                                                                                                                | You don't need to trust us, build from your own forked repository |
-| Instructions     | [Download 1.8.0 image](https://raspiblitz.fulmo.org/images/raspiblitz-v1.8.0-2022-07-28.img.gz) and [Flash the sd card](README.md#write-the-sd-card-image-to-your-sd-card) | [Build your own sd card image](#build-the-sd-card-image)          |
+| Instructions     | [Download 1.8.0b image (with lnd-bug fix)](https://raspiblitz.fulmo.org/images/raspiblitz-v1.8.0b-2022-10-10.img.gz) and [Flash the sd card](README.md#write-the-sd-card-image-to-your-sd-card) | [Build your own sd card image](#build-the-sd-card-image)          |
-| Verify what?     | [Signature file](https://raspiblitz.fulmo.org/images/raspiblitz-v1.8.0-2022-07-28.img.gz.sig) and [verify the Sig](FAQ.md#how-to-verify-the-sd-card-image-after-download) OR SHA-256 (below)                                                               | All of the code, don't trust, verify                              |
+| Verify what?     | [Signature file](https://raspiblitz.fulmo.org/images/raspiblitz-v1.8.0b-2022-10-10.img.gz.sig) and [verify the Sig](FAQ.md#how-to-verify-the-sd-card-image-after-download) OR SHA-256 (below)                                                               | All of the code, don't trust, verify                              |
 
 If downloading the maintainer SD card image:
 
 - GPG 64-bit (main): 1C73 060C 7C17 6461 & (sub): AA9D D1B5 CC56 47DA
-- SHA-256: 7711e371aba78097411b48d132c9c1fee35f1776e8faa6165dc59492fa2938f9
+- SHA-256: 42c96fb29e03eb8276b40861f77b141bde30a2ff461947e107cff7d24c5a8096
 
 Which verification method should I used: Hash or Signature?
 
@@ -433,7 +433,7 @@ For each password please choose unique, single strings, without spaces and speci
 
 You can use this [RaspiBlitz Recovery Sheet (PDF)](https://github.com/rootzoll/raspiblitz/raw/v1.7/home.admin/assets/RaspiBlitzRecoverySheet.pdf) to write those passwords down for safe storage and also use it later on for your Seed Words.
 
-_The password A,B,C idea is based on the [RaspiBolt Guide Preparations](https://raspibolt.org/preparations.html#write-down-your-passwords) - check out for more background._
+_The password A,B,C idea is based on the [RaspiBolt Guide Preparations](https://raspibolt.org/guide/raspberry-pi/preparations.html#write-down-your-passwords) - check out for more background._
 
 First, password A is requested - this is the password which will be used for SSH login and it's also set for the existing users: admin, root, bitcoin & pi.
 

build_sdcard.sh

@@ -10,7 +10,7 @@
 ##########################################################################
 
 defaultRepo="rootzoll"
-defaultBranch="v1.7"
+defaultBranch="v1.8"
 
 me="${0##/*}"
 

home.admin/99clRepairMenu.sh

@@ -29,6 +29,13 @@ If left empty will start to rescan from the block 700000 (-700000).
   sudo systemctl restart ${netprefix}lightningd
 }
 
+function resetWallet() {
+    echo "# Delete ${CLCONF}"
+    sudo rm -f ${CLCONF}
+    echo "# Delete and recreate /home/bitcoin/.lightning/${CLNETWORK}"
+    sudo rm -rf /home/bitcoin/.lightning/${CLNETWORK}
+    sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}
+}
 
 # BASIC MENU INFO
 WIDTH=64
@@ -93,7 +100,9 @@ case $CHOICE in
     if [ "${cl}" == "on" ] || [ "${cl}" == "1" ] && [ "${clEncryptedHSM}" != "on" ]; then
       dialog \
        --title "Encrypt the Core Lightning wallet" \
-       --msgbox "\nWill proceed to encrypt and lock the Core Lightning wallet to prevent it from starting automatically after the backup" 9 55
+       --msgbox "
+Will proceed to encrypt and lock the Core Lightning wallet to prevent it from starting automatically after the backup.
+Save this password as it will be needed to restore the backup (same as the Password C for CLN)." 10 55
       sudo /home/admin/config.scripts/cl.hsmtool.sh encrypt mainnet
     fi
     if [ "${clAutoUnlock}" = "on" ]; then
@@ -122,15 +131,12 @@ case $CHOICE in
     echo
     echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case."
     echo
-    echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
+    echo "The next step will overwrite the old Core Lightning $CHAIN wallet"
     echo "Press ENTER to continue or CTRL+C to abort"
     read key
-    # reset
+
-    echo "# Delete ${CLCONF}"
+    resetWallet
-    sudo rm -f ${CLCONF}
+
-    echo "# Delete and recreate /home/bitcoin/.lightning/${CLNETWORK}"
-    sudo rm -rf /home/bitcoin/.lightning/${CLNETWORK}
-    sudo -u bitcoin mkdir /home/bitcoin/.lightning/${CLNETWORK}
     # make sure the new hsm_secret is treated as unencrypted and clear autounlock
     /home/admin/config.scripts/blitz.conf.sh set ${netprefix}clEncryptedHSM "off"
     /home/admin/config.scripts/blitz.conf.sh set ${netprefix}clAutoUnlock "off"
@@ -161,12 +167,12 @@ case $CHOICE in
     echo
     echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case."
     echo
-    echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
+    echo "The next step will overwrite the old Core Lightning $CHAIN wallet"
     echo "Press ENTER to continue or CTRL+C to abort"
     read key
-    # reset
+
-    sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret
+    resetWallet
-    sudo rm -rf /home/bitcoin/.lightning/${CLNETWORK}/*.*
+
     # import file
     _temp="/var/cache/raspiblitz/temp/.temp.tmp"
     clear
@@ -186,13 +192,12 @@ case $CHOICE in
     echo
     echo "The rescue file is stored on the SDcard named cl-rescue.*.tar.gz just in case."
     echo
-    echo "The next step will overwrite the old C-lighthning $CHAIN wallet"
+    echo "The next step will overwrite the old Core Lightning $CHAIN wallet"
     echo "Press ENTER to continue or CTRL+C to abort"
     read key
-    # reset
+
-    sudo rm /home/bitcoin/.lightning/${CLNETWORK}/hsm_secret
+    resetWallet
-    sudo rm -f /home/bitcoin/.lightning/${CLNETWORK}/config
+
-    sudo rm -rf /home/bitcoin/.lightning/${CLNETWORK}/*.*
     # import seed
     _temp="/var/cache/raspiblitz/.temp.tmp"
     /home/admin/config.scripts/cl.backup.sh seed-import-gui $_temp

home.admin/config.scripts/bonus.electrs.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 
 # https://github.com/romanz/electrs/releases
-ELECTRSVERSION="v0.9.7"
+ELECTRSVERSION="v0.9.9"
 # https://github.com/romanz/electrs/commits/master
-# ELECTRSVERSION="3041e89cd2fb377541b929d852ef6298c2d4e60a"
+# ELECTRSVERSION="446858ea621416916f84cbce61be92b748e8133e"
 
 # command info
 if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then

home.admin/config.scripts/cl.hsmtool.sh

@@ -143,10 +143,10 @@ function decryptHSMsecret() {
       echo "# using the password from parameter"
     elif [ -f $passwordFile ];then
       echo "# Getting the password from $passwordFile"
-      password=$(cat sudo cat $passwordFile)
+      password=$(sudo cat $passwordFile)
     else
       passwordToFile
-      password=$(cat sudo cat $passwordFile)
+      password=$(sudo cat $passwordFile)
     fi
     if echo "${password}" | sudo -u bitcoin lightning-hsmtool decrypt \
      "$hsmSecretPath"; then

home.admin/config.scripts/lnd.install.sh

@@ -4,17 +4,17 @@
 ## based on https://raspibolt.github.io/raspibolt/raspibolt_40_lnd.html#lightning-lnd
 ## see LND releases: https://github.com/lightningnetwork/lnd/releases
 ### If you change here - make sure to also change interims version in lnd.update.sh #!
-lndVersion="0.15.0-beta"
+lndVersion="0.15.4-beta"
 
 # olaoluwa
-PGPauthor="roasbeef"
+#PGPauthor="roasbeef"
-PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
+#PGPpkeys="https://keybase.io/roasbeef/pgp_keys.asc"
-PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
+#PGPcheck="E4D85299674B2D31FAA1892E372CBD7633C61696"
 
 # guggero
-# PGPauthor="guggero"
+PGPauthor="guggero"
-# PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
+PGPpkeys="https://keybase.io/guggero/pgp_keys.asc"
-# PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
+PGPcheck="F4FC70F07310028424EFC20A8E4256593F177720"
 
 # bitconner
 #PGPauthor="bitconner"

home.admin/config.scripts/tor.install.sh

@@ -48,11 +48,18 @@ add_tor_sources(){
    "${tor_deb_repo_clean}/torproject.org/${tor_deb_repo_pgp_fingerprint}.asc" \
    | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/torproject.gpg 1>/dev/null
   if [ -s /etc/apt/trusted.gpg.d/torproject.gpg ]; then
-    echo "- OK key added"
+    echo "- OK key added over Tor"
   else
-    echo "! FAIL: Was not able to import deb.torproject.org key";
+    echo "WARN: Was not able to import deb.torproject.org key over Tor";
+    curl -s "https://deb.torproject.org/torproject.org/${tor_deb_repo_pgp_fingerprint}.asc" \
+     | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/torproject.gpg 1>/dev/null
+    if [ -s /etc/apt/trusted.gpg.d/torproject.gpg ]; then
+      echo "- OK key added over clearnet"
+    else
+      echo "! FAIL: Was not able to import deb.torproject.org key over clearnet";
       exit 1
     fi
+  fi
 
   echo -e "\n*** Adding Tor Sources ***"
   echo "\