Set Up Self-Custody Lightning Wallets
Overview
Self-custody Lightning wallets require additional set up and management beyond other BitGo wallets. While these wallets use BitGo infrastructure, a hosting service provider manages the Lightning node.
Security Considerations
- The remote signer holds the only private key, so you must secure it appropriately.
- All requests require BitGo API key authentication.
- Lightning operations require additional request signing.
- Backup static channel state files regularly.
Key Management
- Lightning operations require a single hot key.
- The remote signer node holds the encrypted key.
- The LSP holds the encrypted backup key.
- There's an additional user key for the BitGo API to request signing.
Channel Backups
- BitGo automatically creates channel backups daily.
- You can manually get channel backups using the Lightning - Get Channel Backup endpoint.
Prerequisites
- Get Started
- Set Up Self-Custody Lightning Infrastructure
- BitGo Express server running in your infrastructure
- Docker for running the Lightning Network Daemon (LND) remote signer
- Sign a self-custody Lightning license by contacting [email protected].
1. Create Lightning Wallet
Endpoint: Generate Wallet
export BITGO_EXPRESS_HOST="<YOUR_LOCALHOST>"
export COIN="tlntbc"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export LABEL="<YOUR_WALLET_NAME>"
export PASSPHRASE="<YOUR_BITGO_LOGIN_PASSPHRASE>"
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
export PASSCODE="<YOUR_ENCRYPTION_CODE>"
curl -X POST \
http://$BITGO_EXPRESS_HOST/api/v2/$COIN/wallet/generate \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"label": "'"$LABEL"'",
"passphrase": "'"$PASSPHRASE"'",
"enterprise": "'"$ENTERPRISE_ID"'"
"type": "hot",
"passcodeEncryptionCode": "'"$PASSCODE"'", # Encrypts your wallet passphrase
"subType": "lightningSelfCustody"
}'const { BitGo } = require('bitgo');
// Fill in with actual access token
const accessToken = '<YOUR_ACCESS_TOKEN>';
// Initialize the SDK
const bitgo = new BitGo({
accessToken: accessToken,
env: 'test',
});
// Generate hot wallet
async function createCustodialHotWallet() {
const newWallet = await bitgo.coin('tlnbtc').wallets().generateWallet({
label: '<YOUR_WALLET_NAME>',
passphrase: '<YOUR_BITGO_LOGIN_PASSPHRASE>',
enterprise: '<YOUR_ENTERPRISE_ID>'
passcodeEncryptionCode: '<YOUR_ENCRYPTION_CODE>'
subType: 'lightningSelfCustody'
});
console.log(JSON.stringify(newWallet, undefined, 2));
}Step Result
BitGo creates a Lightning node with a hosting service provider. This process takes approximately 30 minutes to complete.
{
"wallet": {
"id": "67e43de27f977e954022b8eb8693f5a7",
"users": [
{
"user": "6101c3790293df0006fb99bc777152ce",
"permissions": [
"admin",
"spend",
"view"
]
}
],
"coin": "tlnbtc",
"label": "Test Self-Custody Lightning Wallet",
"m": 1,
"n": 1,
"keys": [
"67e43de1551f8a42dadaabb0d2ac2264"
],
"keySignatures": {},
"enterprise": "65302ca0c3939600075905e213ca20dd",
"bitgoOrg": "BitGo Inc",
"tags": [
"67e43de27f977e954022b8eb8693f5a7",
"65302ca0c3939600075905e213ca20dd"
],
"disableTransactionNotifications": false,
"freeze": {},
"deleted": false,
"approvalsRequired": 1,
"isCold": false,
"coinSpecific": {
"keys": [
"67e43de1d19e3a9237bf558bed01f8e6",
"67e43de1ffc2dfc5c5994239ed002fb5"
]
},
"admin": {},
"clientFlags": [],
"walletFlags": [],
"allowBackupKeySigning": false,
"recoverable": true,
"startDate": "2025-03-26T17:48:18.000Z",
"type": "hot",
"buildDefaults": {},
"customChangeKeySignatures": {},
"hasLargeNumberOfAddresses": false,
"hasReceiveTransferPolicy": false,
"creator": "6101c3790293df0006fb99bc777152ce",
"subType": "lightningSelfCustody",
"config": {},
"inboundBalance": "0",
"inboundPendingBalance": "0",
"inboundUnsettledBalance": "0",
"outboundBalance": "0",
"outboundPendingBalance": "0",
"outboundUnsettledBalance": "0",
"balanceString": "0",
"confirmedBalanceString": "0",
"spendableBalanceString": "0",
"pendingApprovals": []
},
"userKeychain": {
"id": "67e43de1551f8a42dadaabb0d2ac2264",
"pub": "xpub661MyMwAqRbcFKQKbgT6uA46wmi5FrqrYoJjUzQjnPU5VY6Pk7nyqn2Jg9oHdn4gd1Eh8idDbh6wQ4mWMZ8CXBGBLGvoBbva3MpkDVmbjxL",
"ethAddress": "0x01e0c185c0652fc9d6b67fcb36149aa67a17fab4",
"source": "user",
"type": "independent",
"encryptedPrv": "{\"iv\":\"9tY/nQ9DsTXp71vypxNVGg==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"v6m97u751w4=\",\"ct\":\"E2d7SNUkJJspAz07uougA3lvih8dA9A0bm7aYt0LVtquUzGZgXji5x5Ez1gaZKb2mESuUOLrDfe8zHOnvDVhYcK015zM1llqxKH5/LOg715AcYKLNoE3hHrZoy4IZlaQV8LntKGX1+pOYlqkjlaZLWNtDMuoB+g=\"}"
},
"userAuthKeychain": {
"id": "67e43de1d19e3a9237bf558bed01f8e6",
"pub": "xpub661MyMwAqRbcH4SU8XsxRzbNkZWr3zB1Qksxp9b7mqv8f2btQgofwBQixHZFUrUSrtS8r8yH7cs6pMwYQUWuAg13upsCb72v7cnfY5sU7Xx",
"ethAddress": "0x83c3e1f73925c9013b1ae05da76eb67dbd85e374",
"source": "user",
"type": "independent",
"coinSpecific": {
"tlnbtc": {
"purpose": "userAuth",
"_requestId": "cm8q7x8kj0byf0eys63uk9nsf"
}
},
"encryptedPrv": "{\"iv\":\"7cxr+H0cT7g3xRsACg+Saw==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"4ZJflpV8Mu8=\",\"ct\":\"1R+f4etETgoyLBQ98ErQ7fMq2vZVJjnDev8Fe88BAfcZ9dGpkFfbKBgc6skJn2Qy0GjsCI0G9qFvSbjfAIWxCtkbrZ7KzLnXCnVyWH3SbagyZfOYNs4UgmCbdEoS7bIMF1ZiMzj+phIeeuP/QGaZZYcL9/Z6+Kk=\"}"
},
"nodeAuthKeychain": {
"id": "67e43de1ffc2dfc5c5994239ed002fb5",
"pub": "xpub661MyMwAqRbcFbNKN8P6pQuaieXxCdj38JniNNoiX8nL2LNf4RTdTvULEuua4pMxjyid6vFH3BiFoXQ1BHJbbxhwnkte7sd4o2jVtwgk9ig",
"ethAddress": "0x391004935442ad4237ab7adaae31e0056844f4e2",
"source": "user",
"type": "independent",
"coinSpecific": {
"tlnbtc": {
"purpose": "nodeAuth",
"_requestId": "cm8q7x8u90c7d0e0cekte5rum"
}
},
"encryptedPrv": "{\"iv\":\"9JmKBrVJvWtzsyWhoyqMPg==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"kxJFetnXI+U=\",\"ct\":\"hlquksFjZJ9EciSbjModTiHE7R4GoHenxRy6OPKHw9nHS2yTkU3ZyV1wMzqXC+/Yq0ZtPDqV7YOFKQ1r9+GWCCyKi8wdX+ZZS5mul0R2WJSsw7nBiFPuiUyqZlK7vrrt/6ERcobzrJBnqU9QN2TkUpWxPxHStLQ=\"}"
},
"responseType": "LightningWalletWithKeychains",
"encryptedWalletPassphrase": "{\"iv\":\"frevNIUliAXK5eS/YU4uaQ==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"pwl6aQtPxH0=\",\"ct\":\"/tBwHmRzyEo4dsyX0Zv5LSlh05XITpzqDU5rlA==\"}"
}2. Initialize Lightning Wallet
Once you create the wallet, you must initializes the remote signer with the necessary keys and macaroons.
Endpoint: Lightning - Initialize Node
export BITGO_EXPRESS_HOST="<YOUR_LOCALHOST>"
export COIN="tlntbc"
export WALLET_ID="<YOUR_WALLET_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export PASSPHRASE="<YOUR_BITGO_LOGIN_PASSPHRASE>"
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
export EXPRESS_HOST="<YOUR_LOCALHOST>"
curl -X POST \
http://$BITGO_EXPRESS_HOST/api/v2/$COIN/wallet/$WALLETID/initwallet \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"label": "'"$LABEL"'",
"passphrase": "'"$PASSPHRASE"'",
"expressHost": "'"$EXPRESS_HOST"'" # Provides additional security by binding macaroons to the Express server IP (recommended)
}'Step Result
The newly created Lightning Network Daemon (LND) is now initialized. You receive the updated wallet with the encrypted admin macaroon in the 'coinSpecific' response field.
{
"id": "67e43de27f977e954022b8eb8693f5a7",
"users": [
{
"user": "6101c3790293df0006fb99bc777152ce",
"permissions": [
"admin",
"spend",
"view"
]
}
],
"coin": "tlnbtc",
"label": "Test tlnbtc V2 Wallet - 1743011296980 lightningSelfCustody",
"m": 1,
"n": 1,
"keys": [
"67e43de1551f8a42dadaabb0d2ac2264"
],
"keySignatures": {},
"enterprise": "65302ca0c3939600075905e213ca20dd",
"bitgoOrg": "BitGo Inc",
"tags": [
"67e43de27f977e954022b8eb8693f5a7",
"65302ca0c3939600075905e213ca20dd"
],
"disableTransactionNotifications": false,
"freeze": {},
"deleted": false,
"approvalsRequired": 1,
"isCold": false,
"coinSpecific": {
"encryptedSignerAdminMacaroon": "{\"iv\":\"WJ+XBikHLpyuf3JEkInKtQ==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"j5TDkoJECo0=\",\"ct\":\"xsRQOP3aom8hIiY5a3rkFlF5BCx6GK7jT2OWyHgTakmqUV96f0zce16W9Xg5pGuToL0/SiKKFOxB1sd6G+sFPOrBmOk+PqcA4invhEa4C+riKhgQm3gY2pjhqpidDmBYdGb/aYsAia1sGr4TdJvLiP/dEkjn/LiX9oxe4eVn4w8TOsXTzpX4V11C80SPGaIUXwVYc3fwvxa3zf3ft27Z94HlDawnIXZQnIIr3uS3uYtnjDHa03ap4dqGt7glGt33CKOl6TcYiTdrnixvlrc13zJXVj0nkKBc7IuBqep+2ZIfHC4yWGOPgDOovpQPF3rb8aHYE1iyTZDOo5MjKrvLoEIPejuBVZUTbEOzZ7O6X+sj58X+Kf+4XN42bX4g2u+cttT8YjijZVdWk2rJktbXYVNLDw8QeZcYtzr9TnIP+//raNbkIbLfUlVsOPUwneFhGZv5DVhUlm9JBiU/ARLl6m00P3utb0KZcr1egt5N1al5oFY98WHJrDyJEN8D3TS1/O5QAuhuNxZaOGWPFxXfFA==\"}",
"encryptedSignerMacaroon": null,
"signerHost": null,
"encryptedSignerTlsKey": null,
"signerTlsCert": null,
"watchOnlyAccounts": {
"master_key_birthday_timestamp": "1743025156",
"master_key_fingerprint": "296b36f0",
"accounts": [
{
"purpose": 49,
"coin_type": 0,
"account": 0,
"xpub": "upub5DAasxWUVhvd3YLvPmcYtPCuH8yFDa4wYJpuDUKje6vTiVMqLYhmRxoEyrYE3Wh3ou7XpLxLgCoGSoEtNBWU8gjGs2cNnL3bm36ip6LDyJu"
}
},
"signedUserAuthKey": "H4PiRzUGhomTE7hYJO0thNhkpEfICJfOGwJFhFF2szBXEBYw3UKMUkrDQddMjXqk9xUzqAIr8AVHEuBTwXgCsVw=",
"keys": [
"67e43de1d19e3a9237bf558bed01f8e6",
"67e43de1ffc2dfc5c5994239ed002fb5"
]
},
"admin": {
"policy": {
"date": "2025-03-26T17:48:18.212Z",
"id": "67e43de27f977e954022b8eed3f3f639",
"label": "default",
"rules": [],
"version": 0,
"latest": true
}
},
"clientFlags": [],
"walletFlags": [],
"allowBackupKeySigning": false,
"startDate": "2025-03-26T17:48:18.000Z",
"type": "hot",
"buildDefaults": {},
"customChangeKeySignatures": {},
"hasLargeNumberOfAddresses": false,
"hasReceiveTransferPolicy": false,
"creator": "6101c3790293df0006fb99bc777152ce",
"subType": "lightningSelfCustody",
"config": {}
}3. Create Signer Macaroon
The signer macaroon is for the watch-only LND node to request signatures from the signer node.
Endpoint: Create Signer Macaroon
export BITGO_EXPRESS_HOST="<YOUR_LOCALHOST>"
export COIN="tlntbc"
export WALLET_ID="<YOUR_WALLET_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export PASSPHRASE="<YOUR_BITGO_LOGIN_PASSPHRASE>"
export ENTERPRISE_ID="<YOUR_ENTERPRISE_ID>"
curl -X POST \
http://$BITGO_EXPRESS_HOST/api/v2/$COIN/wallet/$WALLETID/signermacaroon \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"label": "'"$LABEL"'",
"passphrase": "'"$PASSPHRASE"'",
"addIpCaveatToMacaroon": true
}'Step Result
You receive the updated wallet with the encrypted signer macaroon in the coinSpecific response field.
{
"id": "67e43de27f977e954022b8eb8693f5a7",
"users": [
{
"user": "6101c3790293df0006fb99bc777152ce",
"permissions": [
"admin",
"spend",
"view"
]
}
],
"coin": "tlnbtc",
"label": "Test tlnbtc V2 Wallet - 1743011296980 lightningSelfCustody",
"m": 1,
"n": 1,
"keys": [
"67e43de1551f8a42dadaabb0d2ac2264"
],
"keySignatures": {},
"enterprise": "65302ca0c3939600075905e213ca20dd",
"bitgoOrg": "BitGo Inc",
"tags": [
"67e43de27f977e954022b8eb8693f5a7",
"65302ca0c3939600075905e213ca20dd"
],
"disableTransactionNotifications": false,
"freeze": {},
"deleted": false,
"approvalsRequired": 1,
"isCold": false,
"coinSpecific": {
"encryptedSignerAdminMacaroon": "{\"iv\":\"WJ+XBikHLpyuf3JEkInKtQ==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"j5TDkoJECo0=\",\"ct\":\"xsRQOP3aom8hIiY5a3rkFlF5BCx6GK7jT2OWyHgTakmqUV96f0zce16W9Xg5pGuToL0/SiKKFOxB1sd6G+sFPOrBmOk+PqcA4invhEa4C+riKhgQm3gY2pjhqpidDmBYdGb/aYsAia1sGr4TdJvLiP/dEkjn/LiX9oxe4eVn4w8TOsXTzpX4V11C80SPGaIUXwVYc3fwvxa3zf3ft27Z94HlDawnIXZQnIIr3uS3uYtnjDHa03ap4dqGt7glGt33CKOl6TcYiTdrnixvlrc13zJXVj0nkKBc7IuBqep+2ZIfHC4yWGOPgDOovpQPF3rb8aHYE1iyTZDOo5MjKrvLoEIPejuBVZUTbEOzZ7O6X+sj58X+Kf+4XN42bX4g2u+cttT8YjijZVdWk2rJktbXYVNLDw8QeZcYtzr9TnIP+//raNbkIbLfUlVsOPUwneFhGZv5DVhUlm9JBiU/ARLl6m00P3utb0KZcr1egt5N1al5oFY98WHJrDyJEN8D3TS1/O5QAuhuNxZaOGWPFxXfFA==\"}",
"encryptedSignerMacaroon": "{\"iv\":\"dSD0IpMzv9vUNlGKPYMhQA==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"YXq1Hxz7eiU=\",\"ct\":\"xGuw+H5arb1ic7Q/kDeD58wDuif+fqWdk9AU6w0bArtyytBy5ZHzWceVs3/M/UkDmYT3TuTBi2pAEhs3pyLTom94Og1zLDsCV1frO38sqe33Uo/+qzmnEsUonQZgBdSt3DhCE1dWod73SQqVykFE2UFNZfBtzj4PTBgeC/HmBk0rFVj+ha6O9tf1XPtr36tIbL/h14hPXMuCNVtFxtBKQ94vKOdrIdzn+ALcfpTX+hM1GDsfdH58ZP7obt9HEZY0yjzJCZv67/ZHvLk1OacDSVfIaFr4jV6Gbs7/fvzo+KPwrNnRgeXjUtSfli9FIQtFGmYhRuc5OzHVOTU53XMD9699tAAyS1qcVpvAFVGz0ICOiM7SfRVUEDzxM8Y6tw==\"}",
"encryptedSignerTlsKey": null,
"watchOnlyAccounts": {
"master_key_birthday_timestamp": "1743025156",
"master_key_fingerprint": "296b36f0",
"accounts": [
{
"purpose": 49,
"coin_type": 0,
"account": 0,
"xpub": "upub5DAasxWUVhvd3YLvPmcYtPCuH8yFDa4wYJpuDUKje6vTiVMqLYhmRxoEyrYE3Wh3ou7XpLxLgCoGSoEtNBWU8gjGs2cNnL3bm36ip6LDyJu"
}
]
},
"signedUserAuthKey": "H4PiRzUGhomTE7hYJO0thNhkpEfICJfOGwJFhFF2szBXEBYw3UKMUkrDQddMjXqk9xUzqAIr8AVHEuBTwXgCsVw=",
"keys": [
"67e43de1d19e3a9237bf558bed01f8e6",
"67e43de1ffc2dfc5c5994239ed002fb5"
]
},
"admin": {
"policy": {
"date": "2025-03-26T17:48:18.212Z",
"id": "67e43de27f977e954022b8eed3f3f639",
"label": "default",
"rules": [],
"version": 0,
"latest": true
}
},
"clientFlags": [],
"walletFlags": [],
"allowBackupKeySigning": false,
"startDate": "2025-03-26T17:48:18.000Z",
"type": "hot",
"buildDefaults": {},
"customChangeKeySignatures": {},
"hasLargeNumberOfAddresses": false,
"hasReceiveTransferPolicy": false,
"creator": "6101c3790293df0006fb99bc777152ce",
"subType": "lightningSelfCustody",
"config": {}
}4. Update The Wallet
Update the wallet on the BitGo Express server.
Endpoint: Update Wallet
export BITGO_EXPRESS_HOST="<YOUR_LOCALHOST>"
export COIN="tlntbc"
export WALLET_ID="<YOUR_WALLET_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export SIGNER_HOST="<SIGNER_NODE_MACROON>"
export SIGNER_TLS_CERT="<SIGNER_NODE_ADMIN_MACROON>"
export PASSPHRASE="<YOUR_BITGO_LOGIN_PASSPHRASE>"
curl -X PUT \
http://$BITGO_EXPRESS_HOST/api/express/api/v2/$COIN/wallet/$WALLETID \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"signerHost": string, # Signer node macaroon
"signerTlsCert": string, # Signer node admin macaroon
"passphrase": "'"$PASSPHRASE"'"
}'Step Result
BitGo automatically configures a watch-only node. BitGo sends you an email notification when the wallet is ready to use.
{
"id": "67e43de27f977e954022b8eb8693f5a7",
"users": [
{
"user": "6101c3790293df0006fb99bc777152ce",
"permissions": [
"admin",
"spend",
"view"
]
}
],
"coin": "tlnbtc",
"label": "Test tlnbtc V2 Wallet - 1743011296980 lightningSelfCustody",
"m": 1,
"n": 1,
"keys": [
"67e43de1551f8a42dadaabb0d2ac2264"
],
"keySignatures": {},
"enterprise": "65302ca0c3939600075905e213ca20dd",
"bitgoOrg": "BitGo Inc",
"tags": [
"67e43de27f977e954022b8eb8693f5a7",
"65302ca0c3939600075905e213ca20dd"
],
"disableTransactionNotifications": false,
"freeze": {},
"deleted": false,
"approvalsRequired": 1,
"isCold": false,
"coinSpecific": {
"encryptedSignerAdminMacaroon": "{\"iv\":\"WJ+XBikHLpyuf3JEkInKtQ==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"j5TDkoJECo0=\",\"ct\":\"xsRQOP3aom8hIiY5a3rkFlF5BCx6GK7jT2OWyHgTakmqUV96f0zce16W9Xg5pGuToL0/SiKKFOxB1sd6G+sFPOrBmOk+PqcA4invhEa4C+riKhgQm3gY2pjhqpidDmBYdGb/aYsAia1sGr4TdJvLiP/dEkjn/LiX9oxe4eVn4w8TOsXTzpX4V11C80SPGaIUXwVYc3fwvxa3zf3ft27Z94HlDawnIXZQnIIr3uS3uYtnjDHa03ap4dqGt7glGt33CKOl6TcYiTdrnixvlrc13zJXVj0nkKBc7IuBqep+2ZIfHC4yWGOPgDOovpQPF3rb8aHYE1iyTZDOo5MjKrvLoEIPejuBVZUTbEOzZ7O6X+sj58X+Kf+4XN42bX4g2u+cttT8YjijZVdWk2rJktbXYVNLDw8QeZcYtzr9TnIP+//raNbkIbLfUlVsOPUwneFhGZv5DVhUlm9JBiU/ARLl6m00P3utb0KZcr1egt5N1al5oFY98WHJrDyJEN8D3TS1/O5QAuhuNxZaOGWPFxXfFA==\"}",
"encryptedSignerMacaroon": "{\"iv\":\"dSD0IpMzv9vUNlGKPYMhQA==\",\"v\":1,\"iter\":10000,\"ks\":256,\"ts\":64,\"mode\":\"ccm\",\"adata\":\"\",\"cipher\":\"aes\",\"salt\":\"YXq1Hxz7eiU=\",\"ct\":\"xGuw+H5arb1ic7Q/kDeD58wDuif+fqWdk9AU6w0bArtyytBy5ZHzWceVs3/M/UkDmYT3TuTBi2pAEhs3pyLTom94Og1zLDsCV1frO38sqe33Uo/+qzmnEsUonQZgBdSt3DhCE1dWod73SQqVykFE2UFNZfBtzj4PTBgeC/HmBk0rFVj+ha6O9tf1XPtr36tIbL/h14hPXMuCNVtFxtBKQ94vKOdrIdzn+ALcfpTX+hM1GDsfdH58ZP7obt9HEZY0yjzJCZv67/ZHvLk1OacDSVfIaFr4jV6Gbs7/fvzo+KPwrNnRgeXjUtSfli9FIQtFGmYhRuc5OzHVOTU53XMD9699tAAyS1qcVpvAFVGz0ICOiM7SfRVUEDzxM8Y6tw==\"}",
"signerHost": "signerHost.com:10009",
"encryptedSignerTlsKey": null,
"signerTlsCert": "base64EncodedTlsCert==",
"watchOnlyAccounts": {
"master_key_birthday_timestamp": "1743025156",
"master_key_fingerprint": "296b36f0",
"accounts": [
{
"purpose": 49,
"coin_type": 0,
"account": 0,
"xpub": "upub5DAasxWUVhvd3YLvPmcYtPCuH8yFDa4wYJpuDUKje6vTiVMqLYhmRxoEyrYE3Wh3ou7XpLxLgCoGSoEtNBWU8gjGs2cNnL3bm36ip6LDyJu"
}
]
},
"signedUserAuthKey": "H4PiRzUGhomTE7hYJO0thNhkpEfICJfOGwJFhFF2szBXEBYw3UKMUkrDQddMjXqk9xUzqAIr8AVHEuBTwXgCsVw=",
"keys": [
"67e43de1d19e3a9237bf558bed01f8e6",
"67e43de1ffc2dfc5c5994239ed002fb5"
]
},
"admin": {
"policy": {
"date": "2025-03-26T17:48:18.212Z",
"id": "67e43de27f977e954022b8eed3f3f639",
"label": "default",
"rules": [],
"version": 0,
"latest": true
}
},
"clientFlags": [],
"walletFlags": [],
"allowBackupKeySigning": false,
"startDate": "2025-03-26T17:48:18.000Z",
"type": "hot",
"buildDefaults": {},
"customChangeKeySignatures": {},
"hasLargeNumberOfAddresses": false,
"hasReceiveTransferPolicy": false,
"creator": "6101c3790293df0006fb99bc777152ce",
"subType": "lightningSelfCustody",
"config": {}
}5. (Optional) Unlock LND Node
If the signer node restarts, you must unlock the LND node. You can check if the LND node is locked or unlocked, using the Lightning - Get Node State endpoint.
Endpoint: Lightning - Unlock Node
export BITGO_EXPRESS_HOST="<YOUR_LOCALHOST>"
export COIN="tlntbc"
export WALLET_ID="<YOUR_WALLET_ID>"
export ACCESS_TOKEN="<YOUR_ACCESS_TOKEN>"
export PASSPHRASE="<YOUR_BITGO_LOGIN_PASSPHRASE>"
curl -X POST \
http://$BITGO_EXPRESS_HOST/api/v2/$COIN/wallet/$WALLETID/unlockwallet \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $ACCESS_TOKEN" \
-d '{
"passphrase": "'"$PASSPHRASE"'"
}'Step Result
{
"message": "ok"
}Next Steps
See Also
Updated 22 days ago