Lightning Labs’ Releases Network Tool, “Lndmon”, Serving as a Monitoring Solution for lnd

On Wednesday, July 24, Lightning Labs revealed the news regarding the first alpha release of a network tool dubbed, “Lndmon”. The blog described this respective tool as a “drop-in dockerized monitoring solution for lnd.”

The reasons for creating Lndmon supposedly stems from the disparity in “observability” along with the lack of ease for better understanding and monitoring Lightning nodes. As a result, many hindrances were faced, especially in terms of catching harm witnessed within the peer-to-peer network.

With Lndmon, users can easily monitor what’s going on with their nodes, while taking preventative action before it is too late. An example of this was shared as follows:

“A routing node operator may want to be notified if multiple channels are closed in rapid succession or if their peer connections show signs of instability.”

The Foundation of Lndmon

As for its architecture, Lndmon is supposedly built with Prometheus and Grafana, where the former collects metrics and the latter creates graphs. The tool is said to come with a set of basic graphs “out-of-the-box”, but this doesn’t mean that users cannot add their own customizable graphs.

An optional feature has also been embedded called, “Nginx”, which is reasoned as an additional step that grants users access to their dashboards via TLS.

Let’s Talk Design!

The main goal with Lndmon was in regard to “easy setup”. By this, the team means that running lnd will now be as simple as filling in the path to one’s lnd directory and running it. According to Coin Desk, an example of a metric that can be graphed is “network fees or the “channels” a user has opened to send lightning payments.”

The CTO of Lightning Labs, Olaoluwa Osuntokun has also updated users regarding this new tool, stressing that there’s more room for growth. More specifically, he shared:

“The default dashboards and the exported metrics will evolve over time based on newly available information from lnd as well as operational experience. Future versions will allow node operators to set alerts for things like heavily imbalanced channels or peer instability.”

Possible Security Concerns?

Twitter user, Alex (@ToxicMaximalist), commented on the CTO’s tweet, asking what this means in terms of security, arguing that installing many libraries on a Node may be unwise as each one can be deemed an “attack vector”. In response, Osuntokun said that one can run everything locally without making anything “publicly accessible.” He further added that:

“None of the system[s] need to run on the same machine nor network as your node, it only uses read-only macaroon, so a compromised instance can’t perform any mutating actions.”