Raspiblitz: Cipher seed bip39 not compatible with other wallets-critical issue

Lightning per se is very experimental and users have always been at significant risk of losing their funds, nothing new to see here, however ( i have not tried yet ) but as far as im concerned you need the wallet db directory of your lnd in order to recover on chain funds properly i read somewhere?

Maybe someone can correct me on this one but last time i tried to recover my on chain funds after i migrated from Raspibolt to Raspiblitz the only way to recover them was bringing on that old wallet db. By simply using the cipher seed you wont recover your funds, i tried several times with different heights but it never worked out. only when i brought that file, funds started to appearing steadily.

Thanks. I understand the experimental nature of lightning at the moment. But till the seed is recoverable, it should be clearly stated in the read me document that this won’t work on any other wallets and if you believe wallet.db is key to funds recovery it should be mentioned clearly in the user guide. But work needs to be done as priority to make this seed recoverable in any bip39 compatible wallets if we really want to make this project a huge success.

@walletofsatoshi RaspiBlitz is a open source project. Feel free to make a pull request containing the information added you think that is still missing during RaspiBlitz Setup.

Providing a stable and compatible seed recovery needs to be part of LND - please report over at the LND Dev Slack or GitHub what features you are still missing and are important to you: https://dev.lightning.community

@walletofsatoshi of course if you are not a programmer its always great if you outline a content change (text change) more concrete - like: please exchange this text here with this text suggestion at that exact piont in the process.

Checked on slacks with Devs they recommend seed recovery by running lnd recovery by hand not by raspiblitz script guide by roasbeef

At the moment the RaspiBlitz is using/calling the lncli wallet create and
is letting the user answere the LND questions to revover from seed. Did
devs on slack mentioned what the RaspiBlitz is doing different compared
doing it by hand?

walletofsatoshi notifications@github.com schrieb am Do., 18. Apr. 2019,
12:13:

Checked on slacks with Devs they recommend seed recovery by running lnd
recovery by hand not by raspiblitz script guide by roasbeef

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/rootzoll/raspiblitz/issues/500#issuecomment-484438649,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAS3SIL6EU2VAJD7XXAEWI3PRBCTFANCNFSM4HEN36EQ
.

Yes that’s what they implied. Also wanted to let you know that the seed is not bip39 hence will not work on other bip39 wallets

the seed is not bip39

Please explain in detail

Checked on slacks with Devs they recommend seed recovery by running lnd recovery by hand

Please explain in detail what you do "by hand"?

At the moment the RaspiBlitz is using/calling the lncli wallet create and is letting the user answere the LND questions to revover from seed. Did devs on slack mentioned what the RaspiBlitz is doing different compared doing it by hand? walletofsatoshi notifications@github.com schrieb am Do., 18. Apr. 2019, 12:13:
…
Checked on slacks with Devs they recommend seed recovery by running lnd recovery by hand not by raspiblitz script guide by roasbeef — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#500 (comment)>, or mute the thread https://github.com/notifications/unsubscribe-auth/AAS3SIL6EU2VAJD7XXAEWI3PRBCTFANCNFSM4HEN36EQ .

@rootzoll this LND commit might help:
https://github.com/lightningnetwork/lnd/commit/dd48a36226521f6e6e2dddc456c4c0cf3c5d48ea

Starting On-Chain Recovery

The initial entry point to trigger recovery of on-chain funds in the command
line is the lncli create command.

⛰   lncli create

Next, one can enter a _new_ wallet password to encrypt any newly derived keys
as a result of the recovery process.

Input wallet password:
Confirm wallet password:

Once a new wallet password has been obtained, the user will be prompted for
their _existing_ cipher seed:

Input your 24-word mnemonic separated by spaces: ability noise lift document certain month shoot perfect matrix mango excess turkey river pitch fluid rack drill text buddy pool soul fatal ship jelly

If a _cipher seed passphrase_ was used when the seed was created, it MUST be entered now:

Input your cipher seed passphrase (press enter if your seed doesn't have a passphrase):

Finally, the user has an option to choose a _recovery window_:

Input an optional address look-ahead used to scan for used keys (default 2500):

The recovery window is a metric that the on-chain rescanner will use to
determine when all the "used" addresses have been found. If the recovery window
is two, lnd will fail to find funds in any addresses generated after the point
in which two consecutive addresses were generated but never used. If an lnd
on-chain wallet was extensively used, then users may want to _increase_ the
default value.

If all the information provided was valid, then you'll be presented with the
seed again:

!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!
---------------BEGIN LND CIPHER SEED---------------
 1. ability   2. noise   3. lift     4. document
 5. certain   6. month   7. shoot    8. perfect
 9. matrix   10. mango  11. excess  12. turkey
13. river    14. pitch  15. fluid   16. rack
17. drill    18. text   19. buddy   20. pool
21. soul     22. fatal  23. ship    24. jelly
---------------END LND CIPHER SEED-----------------
!!!YOU MUST WRITE DOWN THIS SEED TO BE ABLE TO RESTORE THE WALLET!!!
lnd successfully initialized!

In lnd's logs, you should see something along the lines of (irrelevant lines skipped):

[INF] LNWL: Opened wallet
[INF] LTND: Wallet recovery mode enabled with address lookahead of 2500 addresses
[INF] LNWL: RECOVERY MODE ENABLED -- rescanning for used addresses with recovery_window=2500
[INF] CHBU: Updating backup file at test_lnd3/data/chain/bitcoin/simnet/channel.backup
[INF] CHBU: Swapping old multi backup file from test_lnd3/data/chain/bitcoin/simnet/temp-dont-use.backup to test_lnd3/data/chain/bitcoin/simnet/channel.backup
[INF] LNWL: Seed birthday surpassed, starting recovery of wallet from height=748 hash=3032830c812a4a6ea305d8ead13b52e9e69d6400ff3c997970b6f76fbc770920 with recovery-window=2500
[INF] LNWL: Scanning 1 blocks for recoverable addresses
[INF] LNWL: Recovered addresses from blocks 748-748
[INF] LNWL: Started rescan from block 3032830c812a4a6ea305d8ead13b52e9e69d6400ff3c997970b6f76fbc770920 (height 748) for 800 addresses
[INF] LNWL: Catching up block hashes to height 748, this might take a while
[INF] LNWL: Done catching up block hashes
[INF] LNWL: Finished rescan for 800 addresses (synced to block 3032830c812a4a6ea305d8ead13b52e9e69d6400ff3c997970b6f76fbc770920, height 748)

That final line indicates the rescan is complete! If not all funds have
appeared, then the user may need to _repeat_ the process with a higher recovery
window. Depending on how old the wallet is (the cipher seed stores the wallet's
birthday!) and how many addresses were used, the rescan may take anywhere from
a few minutes to a few hours.

If the rescan wasn't able to complete fully (lnd was shutdown for example),
then from lncli unlock, it's possible to _restart_ the rescan from where it
left off with the --recovery-window argument:

⛰  lncli unlock --recovery_window=2500

Note that if this argument is not specified, then the wallet will not
_re-enter_ the recovery mode and may miss funds during the portion of the
rescan.

Forced In-Place Rescan

The recovery methods described above assume a clean slate for a node, so
there's no existing UTXO or key data in the node's database. However, there're
times when an _existing_ node may want to _manually_ rescan the chain. We have
a tool for that! The tool is called
dropwtxmgr.
It can be installed with the following command:

⛰  go get -v -u github.com/btcsuite/btcwallet/cmd/dropwtxmgr

The dropwtxmgr tool will _reset_ the best synced height of the wallet back to
its birthday, or genesis if the birthday isn't known (for some older wallets).
In order to run the tool, you must first shutdown lnd. Once lnd is
shutdown, the rescan can be initiated with the following commands:

⛰  cp $HOME/.lnd/data/chain/bitcoin/mainnet/wallet.db $HOME/wallet.db # Copy the existing databse just in case!
⛰  dropwtxmgr --db=$HOME/.lnd/data/chain/bitcoin/mainnet/wallet.db

Once the above command returns (if it hangs for a while, then lnd may not
actually be shutdown, so double check!), lnd can be restarted. After it's
restarted, then the wallet should being rescanning. An entry resembling the
following will show up in the logs once it's complete:

[INF] LNWL: Finished rescan for 800 addresses (synced to block 3032830c812a4a6ea305d8ead13b52e9e69d6400ff3c997970b6f76fbc770920, height 748)

Yes they asked to follow this

the recovery seed while creating lnd wallet is not bip39 will not restore on chain funds in any bio 39 compatible wallets like electrum. You have to follow this roasbeef or similar lnd recovery guide without raspiblitz which would be manual

According to roasbeef's comments in the commit doc, BIP39 is inferior (can cause errors).
But it also looks like the LND "cipher seed passphrase" is optional...

Users can also _optionally_ enter a second passphrase which we call the _cipher
seed passphrase_:

Your cipher seed can optionally be encrypted.
Input your passphrase if you wish to encrypt it (or press enter to proceed without a cipher seed passphrase):

If specified, then this will be used to encrypt the cipher seed itself. The
cipher seed format is unique in that the 24-word phrase is actually a
_ciphertext_. As a result, there's no standard word list as any arbitrary
encoding can be used. If a passphrase is specified, then the cipher seed you
write down is actually an _encryption_ of the entropy used to generate the BIP
32 root key for the wallet. Unlike a BIP 39 24-word phrase, the cipher seed is
able to _detect_ incorrect passphrase. BIP 39 on the other hand, will instead
silently decrypt to a new (likely empty) wallet.

Just some follow up info for archive readers: The Lightning LND Desktop App was released: https://github.com/lightninglabs/lightning-app/releases and I heard good feedback on using it to recover on-chain funds from the LND wallet seed. So check it out if you are on a quest to recover your funds from seed.