Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zeus on iOS expects HTTPS for LND REST; does not support plain HTTP even over Tor #2525

Open
philipmw opened this issue Nov 11, 2024 · 6 comments
Open

Zeus on iOS expects HTTPS for LND REST; does not support plain HTTP even over Tor #2525

philipmw opened this issue Nov 11, 2024 · 6 comments
Labels
Bug Something isn't working Tor

Comments

@philipmw
Copy link

philipmw commented Nov 11, 2024
edited
Loading

Describe the bug

(edit: see comments; this has evolved.)

I run LND over Tor. It's at http://sv7ld5ajw6qtipmcttpzhhihhjpjfqs662cin36ylvh3sa6abv2fg3qd.onion.

When I try to set up Zeus with it ("LND over REST" mode), Zeus is never able to connect. It spins for ~30 seconds and says, "Error: An SSL error has occurred and a secure connection to the server cannot be made."

I've tried both built-in Tor support and Tor via Orbot app. Same result with both.

How I know the service is working properly:

  1. On the same phone, I can open the onion URL in my browser. It gets as far as a 404 with a JSON response.
  2. On my laptop, I am able to configure Alby browser extension with the same onion address, and Lightning functionality is working.

Reproduce

  1. Node interface: LND (REST)
  2. Host: sv7ld5ajw6qtipmcttpzhhihhjpjfqs662cin36ylvh3sa6abv2fg3qd.onion
  3. Macaroon: ...
  4. REST port: 80
  5. Use Tor: off
  6. Certificate Verification: off

Another way:

  1. Node interface: LND (REST)
  2. Host: sv7ld5ajw6qtipmcttpzhhihhjpjfqs662cin36ylvh3sa6abv2fg3qd.onion
  3. Macaroon: ...
  4. REST port: 80
  5. Use Tor: on

ZEUS version

v0.9.1

Node interface

LND (REST)

Network

Tor

Device

iPhone 12 Pro

Device operating system

iOS 18.1

Log output

No response
@philipmw philipmw added the Bug Something isn't working label Nov 11, 2024
@kaloudis kaloudis added the Tor label Nov 11, 2024
@philipmw
Copy link
Author

Today I updated to 0.9.2. The problem remains.

@kaloudis
Copy link
Contributor

Today I updated to 0.9.2. The problem remains.

have you tried restarting LND or the Tor process on your node?

@philipmw
Copy link
Author

Yes, both. Happy to try specific things. But also -- my node is publicly (over Tor) reachable. I posted its address in the original report. Want to try it yourself?

@kaloudis
Copy link
Contributor

I think the SSL error would only throw if you had Certificate verification enable when using with Orbot. You want this unchecked as Tor services typically don't have https enabled, plus yours seems to have a http prefix.

If issues persist you should consider an alternative remote connection method like Lightning Node Connect or Tailscale. We have some guides available here: https://docs.zeusln.app/category/remote-connections/

@philipmw
Copy link
Author

I agree that it is suspicious that the error mentions SSL. I have cert verification off, and the REST endpoint does not use TLS. So Zeus shouldn't be attempting TLS at all.

@philipmw
Copy link
Author

I confirmed that the issue is that Zeus is assuming/expecting TLS.

As an experiment, I changed my REST endpoint to use TLS, and I reconfigured the Tor onion service to listen on port 443 instead of 80. Zeus was able to connect, using the built-in Tor support!

So, the bug is that Zeus does not support plain HTTP for the LND REST mode, and expects HTTPS even over Tor. I will update the issue title.

@philipmw philipmw changed the title Zeus on iOS refuses to connect to my LND over Tor Zeus on iOS expects HTTPS for LND REST; does not support plain HTTP even over Tor Nov 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Something isn't working Tor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@philipmw @kaloudis