Last Notes
Freedom means never being tied down to one location. Security means never ordering bitcoin hardware to your home address. This is why we built Virtual Private Node.
https://ripsline.com
Virtual Private Node v0.4.2 is live.
Every time you create a Lightning invoice, you're revealing your node, your channels, and your UTXOs.
That era is over. Blinded paths now on by default. Your node stays hidden.
Also, payment routes now show node aliases and per-hop fees.
https://image.nostr.build/5a12689dea38ddf5072d67e8920a8f1718868b9aa652146444ae8fbb881a55a3.png
We hear you. LND recommends running either Bitcoin Core or btcd as a backend. Knots runs the same RPC and ZMQ interface as Core so it would most likely work, but it has not been tested or documented by LND or by us. Virtual Private Node runs Bitcoin Core v29.
A Node to use Bitcoin, not just save it.
https://ripsline.com/
the end of privacy is the end of freewill.
computers are weapons (tools) and if we do not learn how to use them properly, our own computers will be used as weapons against us.
some thoughts on lightning.
can be extremely private but it's arguably more expensive than just sending on-chain.
trade-off: everyone needs to connect to a large routing node for reliable transactions.
should it be "easy" to run a decentralized bank?
it's a baby.
Virtual Private Node v0.3.4
🧅 ALL downloads route through Tor
⚡ Dashboard polls 4x faster
🔑 Seed confirmation: type "I SAVED MY SEED" to proceed
🛡 Rate limiting, IP stripping on LndHub proxy
📦 LndHub install blocked during IBD (prevents CPU timeout)
https://github.com/ripsline/virtual-private-node
we reach our greatest satisfactions in the action of creation.
the computer is a tool for creation. with great power comes great responsibility.
Virtual Private Node v0.3.0 — Lightning Accounts
This release adds LndHub.go as a new add-on. Create separate Lightning
wallet accounts for family, friends, or AI agents — all backed by your
own LND node. Built from source at a pinned release tag. No prebuilt
binaries. Managed entirely from the SSH dashboard.
Each account gets a one-time login and password. Share the credentials
or scan a QR code. The admin cannot see user balances. Deactivation
records the balance so you can refund to a new account. Passwords are
shown once and never stored anywhere.
The bigger change is how clearnet connections work. Previously, LndHub
was exposed over unencrypted HTTP in hybrid P2P mode. Now a TLS reverse
proxy sits in front of it — self-signed ECDSA P-256 certificate with
your server's IP in the SAN. Same approach LND uses for its REST API.
Zeus users accept the cert on first connection. Tor connections bypass
the proxy entirely.
The proxy only exists when you need it. Tor-only mode: no proxy, no
open port, LndHub reachable only through the hidden service. Hybrid
mode: proxy auto-installs, firewall opens port 3000 for encrypted
access. Upgrade from Tor to hybrid later and the proxy gets added
automatically.
Security fixes throughout: SQL injection prevention on database queries,
double-sudo bug fix, account name input validation, sshd hardening with
drop-in config files, version cache moved out of /tmp. Code cleanup:
consistent command execution patterns, idiomatic timeouts, migrated
GPG calls to the system package abstraction.
One command installs Bitcoin Core, LND, and Tor on Debian. Add LndHub,
Lightning Terminal, and Syncthing from the dashboard. No wrappers. No
abstractions. Your keys, your node.
github.com/ripsline/virtual-private-node
Virtual Private Node v0.3.1 — Syncthing channel backups, simplified.
Your LND channel.backup now syncs automatically to your local
device over a direct encrypted connection. No Tor on your laptop.
No config files. No terminal commands.
Install Syncthing on your computer/phone. Pair it from the dashboard.
Done. Your backup syncs whenever both devices are online.
How it works:
→ Syncthing uses mutual TLS with Ed25519 device keys
→ Only devices you explicitly approve can connect
→ Unapproved connections rejected before any data exchange
→ Discovery servers and relays disabled — direct IP only
→ channel.backup is useless without your 24-word seed
The pairing flow is built into the TUI. Press [a] in the
Syncthing details screen, paste your local Device ID, and
the VPS shares the backup folder automatically.
Also in this release:
• Self-update screen appears immediately (was stuck behind q)
• Dashboard layout no longer overflows on some terminals
• LndHub clearnet connections are TLS-encrypted (docs corrected)
Virtual Private Node is a one-command installer for a private
Lightning node. Bitcoin Core, LND, Tor, and now automatic
channel backups — configured and running in minutes on Debian.
Your keys. Your node. Your backups.
https://github.com/ripsline/virtual-private-node
how to download & verify #Briar on #grapheneos.
https://blossom.primal.net/44df94d474f5b204570bf6d94393af96025c3e1ccf526977af0c8bf82696f7ab.mp4
Virtual Private Node — a private Bitcoin & Lightning node in one command.
✅ TUI dashboard
✅ Bitcoin Core
✅ LND Lightning
✅ Lightning Terminal (browser UI)
✅ Wallet pairing
✅ GPG verified downloads
✅ Syncthing (automatic channel backups over Tor)
https://github.com/ripsline/virtual-private-node
nobody is going to give their bot a credit card but they will give it a macaroon with an allowance.
you have to be a good writer now if you want to have any online presence.
the most accurate AAi's just have the most reading material.
the idea of one device with many applications is a broken model.
the correct model is different devices dedicated to different tasks.
Better Bitcoin Beginnings
When I first discovered bitcoin, I heard "get your bitcoin off the exchange" and "get a hardware wallet", so that is what I did. I ordered a coldcard with my credit card and shipped it to my home.
Shortly after my coldcard arrived, I learned I need something called sparrow wallet to interact with my coldcard. All a coldcard does is generate a seed phrase offline and sign transactions through my sparrow wallet.
So I went down the sparrow wallet rabbit hole. I learned that when I use a software wallet, it is important to use a device that is mostly dedicated to the wallet. I needed to be very careful about what I do on this device.
I learned that linux is ideal for sparrow wallet because linux operating systems limit malicious software by design. I also learned that linux does not spy on users the way that MacOS and Windows does.
Next, I learned how important it is to download & verify any software I put on my dedicated device. This ensures I do not download malicious software that can steal my bitcoin.
After a few days of figuring this stuff out, I had my linux laptop with sparrow wallet. I downloaded & verified sparrow wallet using Craig Raw's amazing documentation on sparrowwallet.com. I was ready to use my coldcard.
I opened sparrow wallet for the first time and was met with the introduction, where Craig Raw educates the wallet user on bitcoin privacy as it pertains to bitcoin nodes.
I learned that I cannot use any bitcoin wallet without first connecting to a bitcoin node. I learned that it is not ideal to connect my wallet to someone else's node because they will see too much information about my bitcoin.
After a few hours of research, I found a decent plug n' play node implementation. I ordered it with my credit card and shipped it to my home.
Okay, now I have my own node, my dedicated device running linux with sparrow wallet, and my coldcard. I was ready to be self-sovereign. Wait, what was the point of the coldcard again?
I paid $250 for this fancy piece of hardware that screams, "I own bitcoin and the keys are right here." What if I lose it? What if someone sees it and threatens to kill me unless I give them access? This is not private, this is not sovereign personal finance.
To be self-sovereign is to have knowledge. There is no need for a fancy hardware device attached to my home address. I can download & verify sparrow wallet on a dedicated linux device and use sparrow itself to create my first wallet.
There is no need for a plug 'n play node attached to my home address. I can rent a Virtual Private Server and use BTCPayServer as my node backend.
I can access my bitcoin from anywhere in the world and never need some fancy piece of hardware. All I need is the knowledge to do three things: flash linux on a computer, download & verify software, and deploy BTCPay on a Virtual Private Server.
I never opened my coldcard.
how to download & verify #Brave on #grapheneos.
https://blossom.primal.net/2f6326226ab3cafeb61687705eab5e0ff91501a0d0ec3c4ef1b8394131912ae1.mp4
select amber-free rather than amber-offline, for full functionality.
it's fixed. can u zap one more time please? thanks for all the help!
