From 9cb9062ce871ff05cd6bc92d8e0131df0e435165 Mon Sep 17 00:00:00 2001
From: Lakshya Singh <lakshay.singh1108@gmail.com>
Date: Tue, 31 Oct 2023 20:57:04 +0530
Subject: [PATCH 1/5] lightning: remote_hsmd_socket & remove env files

- build vls and copy binary in final layer
- update configs
- add vls port, network, rust log and rpc url in env
- compose: set env variable in compose only
- dont separate env files, ease of access on env vars with compose
- common across networks set in dockerfile
Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>
---
 assets/regtest-config      |  3 ++-
 assets/regtest-env         |  4 ----
 assets/testnet-config      |  3 ++-
 assets/testnet-env         |  4 ----
 docker-compose.regtest.yml |  4 ++--
 docker-compose.yml         |  8 ++++++--
 lightningd/Dockerfile      | 15 +++++++++++++++
 7 files changed, 27 insertions(+), 14 deletions(-)
 delete mode 100644 assets/regtest-env
 delete mode 100644 assets/testnet-env

diff --git a/assets/regtest-config b/assets/regtest-config
index cbe65d8..c471792 100644
--- a/assets/regtest-config
+++ b/assets/regtest-config
@@ -7,4 +7,5 @@ max-locktime-blocks=288
 important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19846
-plugin=/usr/local/src/plugins/summary/summary.py
\ No newline at end of file
+plugin=/usr/local/src/plugins/summary/summary.py
+subdaemon=hsmd:remote_hsmd_socket
\ No newline at end of file
diff --git a/assets/regtest-env b/assets/regtest-env
deleted file mode 100644
index a21ee38..0000000
--- a/assets/regtest-env
+++ /dev/null
@@ -1,4 +0,0 @@
-VLS_PORT=17701
-VLS_NETWORK=regtest
-BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
-RUST_LOG=info
\ No newline at end of file
diff --git a/assets/testnet-config b/assets/testnet-config
index 274338b..2d6abd3 100644
--- a/assets/testnet-config
+++ b/assets/testnet-config
@@ -7,4 +7,5 @@ max-locktime-blocks=288
 important-plugin=/usr/bin/clboss
 clboss-auto-close=true
 bind-addr=0.0.0.0:19735
-plugin=/usr/local/src/plugins/summary/summary.py
\ No newline at end of file
+plugin=/usr/local/src/plugins/summary/summary.py
+subdaemon=hsmd:remote_hsmd_socket
\ No newline at end of file
diff --git a/assets/testnet-env b/assets/testnet-env
deleted file mode 100644
index b0e54aa..0000000
--- a/assets/testnet-env
+++ /dev/null
@@ -1,4 +0,0 @@
-VLS_PORT=17701
-VLS_NETWORK=testnet
-BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
-RUST_LOG=info
diff --git a/docker-compose.regtest.yml b/docker-compose.regtest.yml
index d1d2a34..c40b408 100644
--- a/docker-compose.regtest.yml
+++ b/docker-compose.regtest.yml
@@ -18,10 +18,10 @@ services:
       - 19846
     ports:
       - 19846:19846
-    env_file:
-      - ./assets/regtest-env
     environment:
       - BITCOIN_CHAIN=regtest
+      - VLS_NETWORK=regtest
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
 
   txoo:
     container_name: txoo-regtest
diff --git a/docker-compose.yml b/docker-compose.yml
index daf88e2..de19964 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -30,15 +30,19 @@ services:
       - clightning:/home/lightning/.lightning
     expose:
       - 19735
+      - 7701
     networks:
       - LN_testing
     depends_on:
       bitcoin-core:
         condition: service_healthy
-    env_file:
-      - ./assets/testnet-env
     environment:
       - BITCOIN_CHAIN=test
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
+      - RUST_LOG=info
+      - VLS_NETWORK=testnet
+      - VLS_BIND=0.0.0.0
+      - VLS_PORT=7701
 
   txoo:
     build:
diff --git a/lightningd/Dockerfile b/lightningd/Dockerfile
index f9d4e88..c3f040b 100644
--- a/lightningd/Dockerfile
+++ b/lightningd/Dockerfile
@@ -61,6 +61,20 @@ RUN git clone $PLUGINS_REPO && \
     cd plugins && \
     git checkout $PLUGINS_GIT_HASH
 
+RUN apk add \
+        cargo \
+        rust \
+        grpc \
+        protobuf \
+        protobuf-dev
+
+ARG VLS_GIT_HASH=af02dac8b855c361d74234387d288a9591fad1d5
+ARG VLS_REPO=https://gitlab.com/lightning-signer/validating-lightning-signer.git
+RUN git clone $VLS_REPO && \
+    cd validating-lightning-signer && \
+    git checkout $VLS_GIT_HASH && \
+    cargo build --bins -r
+
 # final stage with runtime dependencies and pkgs
 FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
 
@@ -98,6 +112,7 @@ COPY --from=builder /usr/share/man/man8 /usr/share/man/man8
 COPY --from=builder /usr/share/doc/c-lightning /usr/share/doc/c-lightning
 COPY --from=builder /usr/bin/clboss /usr/bin/clboss
 COPY --from=builder /build/plugins/summary /usr/local/src/plugins/summary
+COPY --from=builder /build/validating-lightning-signer/target/release/remote_hsmd_socket /usr/libexec/c-lightning/remote_hsmd_socket
 
 RUN addgroup -S lightning && adduser -S lightning -G lightning && \
     mkdir -p ${LIGHTNINGD_DATA} && \

From b02b64ece1d0d9a1fa4c7eb88eac97466c90e1d3 Mon Sep 17 00:00:00 2001
From: Lakshya Singh <lakshay.singh1108@gmail.com>
Date: Tue, 31 Oct 2023 21:24:11 +0530
Subject: [PATCH 2/5] txoo: compose env var set network not chain

- no need of using switch in entrypoint
- directly set the network instead of chain
Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>
---
 docker-compose.regtest.yml |  3 ++-
 docker-compose.yml         |  3 ++-
 txood/entrypoint.sh        | 12 +-----------
 3 files changed, 5 insertions(+), 13 deletions(-)

diff --git a/docker-compose.regtest.yml b/docker-compose.regtest.yml
index c40b408..87ad3e5 100644
--- a/docker-compose.regtest.yml
+++ b/docker-compose.regtest.yml
@@ -28,4 +28,5 @@ services:
     command:
       - -r http://rpcuser:VLSsigner1@bitcoind:38332
     environment:
-      - BITCOIN_CHAIN=regtest
\ No newline at end of file
+      - BITCOIN_NETWORK=regtest
+
diff --git a/docker-compose.yml b/docker-compose.yml
index de19964..44637eb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -62,7 +62,8 @@ services:
       bitcoin-core:
         condition: service_healthy
     environment:
-      - BITCOIN_CHAIN=test
+      - BITCOIN_NETWORK=testnet
+
 
 volumes:
   data:
diff --git a/txood/entrypoint.sh b/txood/entrypoint.sh
index f9dae78..faf4783 100644
--- a/txood/entrypoint.sh
+++ b/txood/entrypoint.sh
@@ -1,20 +1,10 @@
 #!/bin/sh
 set -e
 
-LIGHTNING_NETWORK=""
-
-case $BITCOIN_CHAIN in
-    "test")    LIGHTNING_NETWORK=testnet ;;
-    "regtest") LIGHTNING_NETWORK=regtest ;;
-    "main")    LIGHTNING_NETWORK=bitcoin ;;
-    "signet")  LIGHTNING_NETWORK=signet ;;
-    *) echo "Invalid BITCOIN_CHAIN value: $BITCOIN_CHAIN" && exit 1 ;;
-esac
-
 if [ $(echo "$1" | cut -c1) = "-" ]; then
   echo "$0: assuming arguments for txood"
 
-  set -- txood --network $LIGHTNING_NETWORK "$@"
+  set -- txood --network $BITCOIN_NETWORK "$@"
 fi
 
 echo

From cd2a0f653f8687cf413cb471ce79f2441b266b5d Mon Sep 17 00:00:00 2001
From: Lakshya Singh <lakshay.singh1108@gmail.com>
Date: Tue, 31 Oct 2023 21:26:24 +0530
Subject: [PATCH 3/5] compose: standardize volume names

- $SERVICE_data name for volumes
- update readme
Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>
---
 README.md          |  2 +-
 docker-compose.yml | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index f7fd830..66e7355 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ sudo systemctl enable --now docker
 ```
 docker volume create bitcoin_data
 docker volume create lightning_data
-docker volume create txood_data
+docker volume create txoo_data
 ```
 
 ## Docker Compose Run
diff --git a/docker-compose.yml b/docker-compose.yml
index 44637eb..efea1da 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,7 +7,7 @@ services:
     image: bitcoind
     container_name: bitcoind-test
     volumes:
-      - data:/home/bitcoin/.bitcoin
+      - bitcoin_data:/home/bitcoin/.bitcoin
     expose:
       - 18332
     networks:
@@ -27,7 +27,7 @@ services:
       - --conf=/home/lightning/.lightning/testnet-config
       - --bitcoin-rpcconnect=bitcoind
     volumes:
-      - clightning:/home/lightning/.lightning
+      - lightning_data:/home/lightning/.lightning
     expose:
       - 19735
       - 7701
@@ -57,7 +57,7 @@ services:
       - LN_testing
     volumes:
       - txoo_data:/root/.txoo/
-      - data:/root/.bitcoin/
+      - bitcoin_data:/root/.bitcoin/
     depends_on:
       bitcoin-core:
         condition: service_healthy
@@ -66,14 +66,14 @@ services:
 
 
 volumes:
-  data:
+  bitcoin_data:
     name: bitcoin_data
     external: true
-  clightning:
+  lightning_data:
     name: lightning_data
     external: true
   txoo_data:
-    name: txood_data
+    name: txoo_data
     external: true
 
 networks:

From 4abc404246e646deaf14abfc6d5998dec82adb96 Mon Sep 17 00:00:00 2001
From: Lakshya Singh <lakshay.singh1108@gmail.com>
Date: Tue, 31 Oct 2023 20:56:06 +0530
Subject: [PATCH 4/5] vls: docker image, asssets and entrypoint

Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>
---
 assets/vlsd2.toml   |  1 +
 bitcoind/Dockerfile |  2 +-
 vlsd/Dockerfile     | 63 +++++++++++++++++++++++++++++++++++++++++++++
 vlsd/entrypoint.sh  | 20 ++++++++++++++
 4 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 assets/vlsd2.toml
 create mode 100644 vlsd/Dockerfile
 create mode 100755 vlsd/entrypoint.sh

diff --git a/assets/vlsd2.toml b/assets/vlsd2.toml
new file mode 100644
index 0000000..1d30a05
--- /dev/null
+++ b/assets/vlsd2.toml
@@ -0,0 +1 @@
+datadir = "/home/vls/.lightning-signer"
diff --git a/bitcoind/Dockerfile b/bitcoind/Dockerfile
index 6e3a786..1dbc75c 100644
--- a/bitcoind/Dockerfile
+++ b/bitcoind/Dockerfile
@@ -129,7 +129,7 @@ VOLUME ["${BITCOIN_DATA}"]
 
 USER bitcoin
 
-ENTRYPOINT  ["/entrypoint.sh"]
+ENTRYPOINT ["/entrypoint.sh"]
 
 RUN bitcoind -version | grep "Bitcoin Core version v${BITCOIN_VERSION}"
 
diff --git a/vlsd/Dockerfile b/vlsd/Dockerfile
new file mode 100644
index 0000000..f361cea
--- /dev/null
+++ b/vlsd/Dockerfile
@@ -0,0 +1,63 @@
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as builder
+
+WORKDIR /build
+
+RUN apk update && \
+  apk add \
+  build-base \
+  cargo \
+  git \
+  grpc \
+  protobuf \
+  protobuf-dev \
+  rust
+
+ARG GIT_HASH=af02dac8b855c361d74234387d288a9591fad1d5
+RUN git clone https://gitlab.com/lightning-signer/validating-lightning-signer.git && \
+    cd validating-lightning-signer && \
+    git checkout $GIT_HASH
+
+RUN cd validating-lightning-signer && \
+    cargo build --bins --release
+
+FROM --platform=${TARGETPLATFORM:-${BUILDPLATFORM:-linux/amd64}} alpine:3.18 as runner
+
+ARG UID=100
+ARG GID=101
+
+LABEL maintainer.0="Lakshya Singh (@king-11)" \
+  maintainer.1="Dev Random (@devrandom01)"
+
+RUN addgroup vls --gid ${GID} --system
+RUN adduser --uid ${UID} --system vls --ingroup vls
+
+RUN apk update && \
+  apk add \
+  build-base \
+  curl-dev \
+  protobuf \
+  bind-tools
+
+COPY --from=builder /build/validating-lightning-signer/target/release/vlsd2 /usr/local/bin/vlsd2
+
+COPY vlsd/entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+COPY assets/vlsd2.toml /vlsd2.toml
+
+ENV VLS_DATA=/home/vls/.lightning-signer
+RUN mkdir "${VLS_DATA}"
+RUN chown vls:vls "${VLS_DATA}"
+
+ENV REMOTE_SIGNER_ALLOWLIST=${VLS_DATA}/ALLOWLIST
+RUN touch "${REMOTE_SIGNER_ALLOWLIST}"
+
+VOLUME ["${VLS_DATA}"]
+
+USER vls
+
+ENTRYPOINT ["/entrypoint.sh"]
+
+RUN vlsd2 --git-desc
+
+CMD ["vlsd2"]
diff --git a/vlsd/entrypoint.sh b/vlsd/entrypoint.sh
new file mode 100755
index 0000000..ac64edd
--- /dev/null
+++ b/vlsd/entrypoint.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+cp /vlsd2.toml $VLS_DATA/
+sed -i "1s/^/network = \"$VLS_NETWORK\"\n/" $VLS_DATA/vlsd2.toml
+
+if [ $(echo "$1" | cut -c1) = "-" ]; then
+  echo "$0: assuming arguments for vlsd2"
+
+  set -- vlsd2 "$@"
+fi
+
+if [ $(echo "$1" | cut -c1) = "-" ] || [ "$1" = "vlsd2" ]; then
+  echo "$0: setting config to $VLS_DATA/vlsd2.toml"
+
+  set -- "$@" --config=$VLS_DATA/vlsd2.toml
+fi
+
+echo
+exec "$@"

From 2880ba87ebf5df23d8e356a9177d404d3ea314f4 Mon Sep 17 00:00:00 2001
From: Lakshya Singh <lakshay.singh1108@gmail.com>
Date: Tue, 31 Oct 2023 21:50:22 +0530
Subject: [PATCH 5/5] vls: service added in compose stack

- update readme
Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>
---
 README.md                  |  1 +
 docker-compose.regtest.yml |  5 +++++
 docker-compose.yml         | 21 +++++++++++++++++++++
 3 files changed, 27 insertions(+)

diff --git a/README.md b/README.md
index 66e7355..135f4cd 100644
--- a/README.md
+++ b/README.md
@@ -36,6 +36,7 @@ sudo systemctl enable --now docker
 docker volume create bitcoin_data
 docker volume create lightning_data
 docker volume create txoo_data
+docker volume create vls_data
 ```
 
 ## Docker Compose Run
diff --git a/docker-compose.regtest.yml b/docker-compose.regtest.yml
index 87ad3e5..7c4542d 100644
--- a/docker-compose.regtest.yml
+++ b/docker-compose.regtest.yml
@@ -30,3 +30,8 @@ services:
     environment:
       - BITCOIN_NETWORK=regtest
 
+  vls:
+    container_name: vlsd-regtest
+    environment:
+      - VLS_NETWORK=regtest
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:38332
diff --git a/docker-compose.yml b/docker-compose.yml
index efea1da..0543418 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -64,6 +64,24 @@ services:
     environment:
       - BITCOIN_NETWORK=testnet
 
+  vls:
+    build:
+      dockerfile: ./vlsd/Dockerfile
+      context: .
+    image: vlsd
+    container_name: vlsd-test
+    command:
+      - --log-level=info
+      - --connect=http://core-lightning:7701
+    networks:
+      - LN_testing
+    volumes:
+      - vls_data:/home/vls/.lightning-signer
+    environment:
+      - VLS_NETWORK=testnet
+      - VLS_PERMISSIVE=1
+      - RUST_LOG=info
+      - BITCOIND_RPC_URL=http://rpcuser:VLSsigner1@bitcoind:18332
 
 volumes:
   bitcoin_data:
@@ -75,6 +93,9 @@ volumes:
   txoo_data:
     name: txoo_data
     external: true
+  vls_data:
+    name: vls_data
+    external: true
 
 networks:
   LN_testing: