How do I open an embassy backup to extract data from it? (so I can attempt to manually recover a node without tearing down lightning channels)

TLDR: How do I open an embassy backup to extract data from it? (so I can attempt to manually recover a node without tearing down lightning channels)

I had a hardware failure but I have an embassy backup stored on a NAS. I did a fresh install and then tried to perform a “Recover” from the setup menu, input my NAS creds, unlocked the backup/dive using the password, selected the disk, init started, then the process hung at 64%. Eventually killed the VM, tried a couple times, gave it a few hours, no change, always gets stuck at 64%.

Figured I’d give the “Restore” option a shot, so I proceeded with the “Start Fresh” option. Once that was done and I tried running the Restore process, all services were successfully restored except for CLN. It would just sit there at 100%, but wouldn’t actually complete the restore process on this one service. Rebooting node and the service would be gone, attempt to restore again, gets stuck at 100% again.

SSH into node notice that the c-lightning-embassy.BackupRestore (or something like that) container was running, but didn’t seem to be doing anything, syslogs showed it was installing CLN. After giving it some time and a few different attempts at the process above, I decided to try and do a fresh install of CLN form the marketplace, and it worked without issue.

So at this point bitcoind is in the process of re-synching the chain, I have everything but CLN data restored, but I do have CLN installed. I believe I just need the following files and I should be able to recover the node without having to close channels/build a new instance.

/root/.lightning/bitcoin/hsm_secrect
/root/.lightning/bitcoin/emergency.recover
/root/.lightning/bitcoin/lightningd.sqlite3

But first I’d need to figure out how to open/decrypt the files stored on/in the embassy backup. I started digging into ECRYPTFS, but decided it’s probably best to stop digging deeper and ask for some help.

If anyone has any ideas on how to make use of this backup and/or if you can provide guidance on another way to recover this lightning node (or at least the funds on it), any help wold be greatly appreciated.

The supported way of using encrypted backups is via the StartOS interface. To create backups would be System → Create Backup. You’d restore from System → Restore from Backup.

And while you can restore the entirety of the backed up services during the install process of StartOS, when StartOS is installed you can also restore individual services from System → Restore from Backup.

Accessing the encrypted backup, which I won’t go into into detail about here, is technically possible but you’d only retrieve a static channel backup (SCB). There’s no accessible way in Lightning to back up dynamic channel balances, especially when placing them in long term storage. Restoring a SCB will ALWAYS close all the channels because it has no idea what the latest balance of each channel is. Unless you have a channels DB from a milisecond before you node failed, you won’t be keeping your channels intact. To rescue the funds, you have to go through the backup restoration process.

Thanks for the response Stu! Unfortunately both of the supported methods [individual services] & [entire server] are both hanging up for whatever reason so I’m looking for alternate solutions.

I took the backup moments before powering down startOS and power cycling the hardware (which is when the failure occurred). So I would think the DB should be usable/current since the node has been offline since this backup was performed.

Unless I can figure out how to get the supported methods functioning, or importing the DB and restoring the node manually, I think my only chance to recover the funds is to strip out the emergency.recover file and do a manual wallet recovery. (like so- Wallet recovery )