Setting up a Fedimint on Mutinynet
This Fedimint Setup Guide is intended for developers and community leaders to test out Fedimint and give us feedback on the experience. You'll be using Clovyr for the deployments on Mutinynet, a test network for Bitcoin with 30 second block times.
The Fedimint repo has instructions on how to deploy Federations on different networks with Docker (or bare metal if you'd like to run on your own hardware).
Before you get started, let's take a minute to understand the different roles involved in Fedimint, and what you'll need to run each one.
What is Fedimint?
Fedimint is an open source protocol for running Federated Chaumian Ecash Mints, allowing community leaders to create a trust-minimized and privacy preserving threshold custody solution for their community. Users deposit Bitcoin into the Fedimint and are issued blinded claims against those deposits. The blinded claims, which we call ecash notes, are 1-1 representations against the deposits, which can then be withdrawn on-chain by redeeming the ecash notes at the mint.
What Makes Fedimint Special:
- The Mint is Federated. Fedimint is a threshold custody solution, meaning that it requires a quorum of guardians to sign off on any deposit or withdrawal. This means that no single guardian can manipulate or take control of the funds, and that the Fedimint can only be run by a group of trusted community members. Fedimint runs a byzantine fault tolerant consensus, so your security assumptions are that at least
3mcustodian nodes are reliable and online (wheremis the number of malicious nodes).
You can run a Fedimint with 4 or more guardians, and tolerate up to 1/3 of the guardians being offline or compromised without affecting users.
- The Transactions are Private. Fedimint uses Chaumian ecash to issue blinded claims against deposits. You achieve near perfect privacy, where the user's anonymity set for any notes they spend/withdraw in a transaction is the entire set of notes (of that denomination) ever issued by the Fedimint.
Fedimints are run by your community, so it's important to begin with a baseline of privacy. Privacy is not secrecy, it is the ability to selectively reveal information about yourself. Later on in the guide we'll show you how to add some additional services to Fedimint that users can opt into with usernames like federation hosted chat, but the baseline configuration is maximal privacy.
- Fedimint is Interoperable. Fedimint's basic custody model is based upon on-chain bitcoin, but it's interoperable with the Lightning Network via Lightning Gateways. We'll cover how to set up Lightning Gateways separately, but the important element to cover here is that Gateways are Untrusted, Separate Entities from the Guardians. They are users of the federation who provide lightning services to other users, unlike guardians who are threshold custodians of the Fedimint. This means that you can run a Fedimint without any lightning services, or you can run a lightning gateway and provide services to Fedimints you don't run. This separation of concerns is important for the security of the Fedimint, and we'll cover it in more detail later on in the guide.
What's Required of a Fedimint Guardian?
A Guardian is a threshold custodian of a Fedimint. Guardians run an always-on server that signs blocks of transactions to participate in the consensus. The Fedimint Consensus mechanism is Byzantine Fault Tolerant; it can tolerate up to 1/3 of the custodians being offline or compromised without affecting users.
Fedimint Guardians have to run a 'setup ceremony' to generate their keys and start the Fedimint consensus. This ceremony is a one-time process that is required to start the Fedimint, and is the only time that the Guardians will need to be online at the same time. Once the ceremony is complete, Guardians can simply leave the server running with no further intervention required, just monitoring to ensure that it's healthy and online.
What's Required of a Fedimint Lightning Gateway?
A user of a Fedimint can set up a Lightning gateway to provide lightning services to other users. Gateways are not Guardians/custodians of the Fedimint, they are simply users who also run lightning nodes. Running a lightning node is a bit more involved than being a Fedimint Guardian because you have to manage liquidity and channels on the lightning side of things. We've worked to make this as simple as possible and included a guide to spinning up a Lightning Gateway on Mutinynet for you to attach to your Federation in the Lightning Gateway Guide.