Blockstream Greenlight: Scalable, Non-Custodial Lightning Infrastructure Now Open to Developers
<p>Just over two years ago, Blockstream conceived of Greenlight: a groundbreaking Lightning hosting infrastructure that scales your Lightning deployments without compromise or custody. The last year of testing with partners has proven Greenlight both stable and simple to use. Today, we are open-sourcing the client repository and opening sign-ups to interested parties for our developer preview!</p>
What is Greenlight?
Greenlight is a non-custodial Lightning-as-a-Service (LaaS) for businesses, merchants, and Lightning apps. Your users hold their keys, while we take care of everything else. As a developer building with Greenlight, you can just talk to our simple API, and seamlessly integrate Lightning payments in your application, without having Lightning protocol expertise, or going about a lengthy node setup.
There are two domains of control in Greenlight: the user and Blockstream. Any number of clients from the user domain can connect to a single node on the Blockstream domain. The node running on Blockstream's infrastructure receives commands, computes the state changes, and then reaches out to the signer, which is solely under the user's control, to have it check and sign off on the changes. The result is a non-custodial, on-demand Lightning node where your keys are stored on your device and never touch our infrastructure.The philosophy behind Greenlight and how it will change Lightning custody forever. What’s Available Today?
While we are still actively developing Greenlight, the public interfaces are stable and ready for you to explore.
The client repository contains several components:
gl-client and its language bindings provide a simple API to interact with Greenlight and user nodes. The built-in signer takes care of managing your seed, and keeps it hidden from the node, and by extension us, the service operators. The end-to-end-verification (still under active development, not complete in this preview) in the signer ensures that any state change was authorized by an authenticated client, such that a potential node host compromise does not result in funds being lost. gl-testing provides a complete mock environment to test your code against, rather than the real Greenlight service. To learn more, see our tutorial on how gl-testing can be used in a Python project using the Python bindings in gl-client-py, with more tutorials in the pipeline. gl-plugin and gl-signerproxy allow anybody to replicate the interface exposed by Greenlight nodes, including the ability to use a remote signer, rather than keeping the seed on an exposed server.
The last two are the basis for our off-boarding plans: if you outgrow Greenlight, or want more control, we enable you to off-board into your own infrastructure and all of your applications will keep working. This means that if you develop your application against the Greenlight API, you will automatically have support for Core Lightning out of the box. You can read more on how to off-board in the official Greenlight documentation and tutorial site.
Head over to the Getting Started tutorial and follow the instructions. You will first need an invite code in order to register a new node on the service. The invite system allows us to gradually scale up in a controlled fashion during this early phase of the service. We have set up a form where you can request an invite, and we will send you one as soon as possible.
A minimal client that registers a node, schedules it and then executes getinfo on the node would look like this in Python:from glclient import TlsConfig, Signer, Scheduler import secrets # Make sure to use cryptographically sound randomness invite_code = "..."seed = secrets.randbits(256) # 32 bytes of randomnessnetwork = "bitcoin" tls = TlsConfig() signer = Signer(seed, network, tls) scheduler = Scheduler(node_id=signer.node_id(), network=network, tls=tls)
Now actually register the node,
r will contain the credentials to use # when talking to the node
r = scheduler.register(signer, invite_code=invite_code)
Use the credentials when talking to Greenlight from now on.
Requires a refresh
TlsConfig and the
tls = tls.with_identity(r.device_cert, r.device_key) scheduler = Scheduler( node_id=signer.node_id, network=network, tls=tls ) node = scheduler.node() # Schedules the node on the service
And finally we can use
node to call
And that’s all there is. No setting up of bitcoind, databases, backups, watchtowers, gossip, node configuration, etc. All that is done on our end so you can focus on what matters the most to you - your users and their needs!What’s Next?
We have already received much feedback from our collaborators:
Breez has built their Breez SDK on Greenlight, extending our offering with LSP and swap services, as well as migrating their well-known Breez wallet over to Greenlight. Verifying Lightning Signer for our secure signing infrastructure, helping us move closer to full end-to-end verification. Blockstream Green wallet for internal feedback and testing. Core Lightning for being the best Lightning implementation for this scale.
We are eager to reach our full release, but to do so, we still require additional feedback from developers. We invite you to join us on Discord in the #greenlight channel or on the developer page of the Build On L2 community, to share your thoughts and experiences, where you can also keep an eye out for upcoming workshops on Greenlight.
If you are in the process of creating something exciting using Greenlight, we would love to hear about it too! And we may be able to feature it on the official Blockstream blog.