Builder's Guide
  • Welcome to the Builder's Guide to the LND Galaxy!
  • The Lightning Network
    • Overview
    • Payment Channels
      • Lifecycle of a Payment Channel
      • Watchtowers
      • Understanding Sweeping
      • Etymology
    • The Gossip Network
      • Identifying Good Peers on the Lightning Network
    • Pathfinding
      • Finding routes in the Lightning Network
      • Channel Fees
      • Multipath Payments (MPP)
    • Lightning Network Invoices
      • Understanding Lightning Invoices
    • Making Payments
      • The Payment Cycle
      • Timelocks
      • ⭐Hashed Timelock Contract (HTLC)
      • Payment Etymology
      • ⭐What Makes a Good Routing Node
      • Understanding Submarine Swaps
      • Instant Submarine Swaps
    • Liquidity
      • ⭐Understanding Liquidity
      • Managing Liquidity on the Lightning Network
      • Liquidity Management for Lightning Merchants
      • How to Get Inbound Capacity on the Lightning Network
      • Lightning Service Provider
    • L402: Lightning HTTP 402 Protocol
      • Macaroons
      • L402
      • 📋Protocol Specification
      • Implementations and Links
    • Taproot Assets
      • Taproot Assets Protocol
      • Taproot Assets on Lightning
      • Edge Nodes
      • Taproot Assets Trustless Swap
      • FAQ
      • Glossary
  • Lightning Network Tools
    • LND
      • 🛠️Get Started
      • lnd.conf
      • First Steps With LND
      • Wallet Management
      • Sending Payments
      • Atomic Multi-path Payments (AMP)
      • Receiving Payments
      • Unconfirmed Bitcoin Transactions
      • Channel Fees
      • Inbound Channel Fees
      • Macaroons
      • Configuring Watchtowers
      • Pathfinding
      • Blinded Paths
      • Key Import
      • Secure Your Lightning Network Node
      • Configuration of a Routing Node
      • Quick Tor Setup
      • Configuring Tor
      • Enable ‘Neutrino mode’ in Bitcoin Core
      • Send Messages With Keysend
      • Partially Signed Bitcoin Transactions
      • Bulk onchain actions with PSBTs
      • Sweeper
      • Debugging LND
      • Fuzzing LND
      • LND API documentation
      • Channel Acceptor
      • RPC Middleware Interceptor
      • HTLC Interceptor
      • NAT Traversal
      • Recovery: Planning for Failure
      • Migrating LND
      • Disaster recovery
      • Contribute to LND
    • Lightning Terminal
      • What is Lightning Terminal?
      • 🛠️Get litd
      • Run litd
      • Integrating litd
      • Demo: Litd Speed Run
      • Connect to Terminal
      • Recommended Channels
      • Rankings
      • Health Checks
      • Liquidity Report
      • Opening Lightning Network Channels
      • Managing Channel Liquidity
      • Autofees
      • AutoOpen
      • LND Accounts
      • Loop and Lightning Terminal
      • Loop Fees
      • Pool and Lightning Terminal
      • Command Line Interface
      • Troubleshooting
      • Lightning Node Connect: Under the hood
      • LNC Node Package
      • LITD API Documentation
      • Privacy and Security
      • Privacy Policy
      • Terms of Use
    • Loop
      • 🛠️Get Started
      • The Loop CLI
      • Autoloop
      • Static Loop In Addresses
      • Instant Loop Outs
      • Peer with Loop
      • Loop API Documentation
    • Pool
      • Overview
      • Quickstart
      • 🛠️Installation
      • First Steps
      • Accounts
      • Orders and Asks
      • Sidecar Channels
      • Zero-confirmation Channels
      • Channel Leases
      • Batch Execution
      • Account Recovery
      • Pool API Documentation
      • FAQs
    • Taproot Assets
      • Get Started
      • First Steps
      • Taproot Assets Channels
      • Asset Decimal Display
      • Become an Edge Node
      • RFQ
      • Collectibles
      • Universes
      • Asset Loop
      • Debugging Tapd
      • Multisignature
      • Minting Assets With an External Signer
      • Lightning Polar
      • Operational Safety Guidelines
      • Taproot Assets API Documentation
    • Aperture
      • ⚒️Get Aperture
      • LNC Backend
      • LNC Mailbox
      • Pricing
    • Faraday
      • 🛠️Get Started
      • The Faraday CLI
      • Faraday API Documentation
  • LAPPs
    • Guides
      • Use Polar to Build Your First LAPP
        • Setup: Local Cluster with Polar
        • Setup: Run the Completed App
        • Setup: Run the App Without LND
      • Add Features
        • Feature 1: Connect to LND
        • Feature 2: Display Node Alias and Balance
        • Feature 3: Sign and Verify Posts
        • Feature 4: Modify Upvote Action
      • Make Your own LNC-powered Application
    • Next Steps
  • Community Resources
    • Resource List
    • Lightning Bulb 💡
    • Glossary
    • FAQ
Powered by GitBook
On this page
  • Asset issuance
  • Asset transfer

Was this helpful?

  1. Lightning Network Tools
  2. Taproot Assets

Minting Assets With an External Signer

Use an external signing device to protect your private keys.

PreviousMultisignatureNextLightning Polar

Last updated 2 months ago

Was this helpful?

The Taproot Assets protocol allows for great flexibility regarding the security of an asset. Keys exist on multiple layers, each of which may be distributed between users and services, hot (internet-connected) and cold (air-gapped) machines or specialized external signing devices.

Asset issuance

There are three keys relevant to issuance of a Taproot Asset.

  1. The Bitcoin key controlling the UTXO anchoring the Taproot Asset on the Bitcoin level.

  2. The Asset Script key controlling the spending of the vUTXO on the Taproot Asset level.

  3. The Group key that identifies a grouped asset and allows for the expansion of the asset supply.

Each of these keys may be held separately, with the group key being the most sensitive, as it can be used to reissue the asset and expand its supply without limits. The group key cannot be cycled and must be safe for the entire life-cycle of the asset. Keeping this key safe is paramount.

As of now, only this group key can be held on an external device. The group key is defined by a custom derivation path of a standard master key, generated using a general seed phrase. This seed phrase can act as a backup of the key, while the signing device is used to authorize initial and further issuance of the asset.

To also hold the Bitcoin key in a hardware wallet, additional work needs to be done to allow for signing of generic Taproot PSBTs.

Similarly, while the Asset Script key could be held by a hardware wallet, the hardware wallet would need some understanding of what it is signing, ideally information of the vPSBT and Bitcoin PSBT.

Asset transfer

There are multiple keys relevant to transfer Taproot Assets.

  1. The Bitcoin key controlling the UTXO anchoring the Taproot Asset is held by LND. However, LND cannot spend this UTXO alone, not even by accident.

  2. To spend the UTXO, and with it the Taproot Asset, the taptweak held by `tapd` is needed.

  3. The Asset Script key spending the vUTXO on the Taproot Asset level.

While it is technically possible to keep either the Bitcoin key or the Asset Script key on a dedicated air-gapped or signing device, there is currently no mechanism equipped for that.

A special case is that of pocket universes, where the Bitcoin key is held by a service, while the Asset Script key is held by the user. This allows for the efficient batching of potentially millions of asset transfers in a single Bitcoin transaction. The service does however not control the assets of the users and cannot move them independently.

Read: Generating the group key on an air-gapped machine using Chantools
Read: Generating the group key on a specialized signing device
FAQ: What is a pocket universe