A critical bug has been discovered in versions of LND older than 0.18.5-beta (a critical bug related to erroneous invoice state transitions, check release notes). This vulnerability could be potentially exploited to drain your Lightning wallet. The bug has been patched in LND 0.18.5-beta.
Please update immediately to protect your funds!
Updating LND on Umbrel Before the Official Release
Since it took over a week for an official Umbrel LND 0.18.5-beta release, here’s a simple guide to update your Lightning Node manually before the official Umbrel release in the future.
Step-by-Step Guide:
SSH into your Umbrel
Open a terminal and connect to your Umbrel node:
ssh umbrel@your-umbrel-ip
(Replace your-umbrel-ip with your actual Umbrel node IP.)
Pull the latest LND Docker image
Download the latest version of LND from Docker Hub:
sudo docker pull lightninglabs/lnd:v0.18.5-beta
(Replace v0.18.5-beta with the latest available version if needed.)
Verify the Docker image digest
Run the following command to get the SHA-256 hash:
sudo docker inspect --format='{{index .RepoDigests 0}}' lightninglabs/lnd:v0.18.5-beta
(Again, do not forget to check the desired version.)
This, in our current case, will return something like:
lightninglabs/lnd@sha256:2b560c9beb559c57ab2f2da1dfed80d286cf11a6dc6e4354cab84aafba79b6f6
Take note of the SHA-256 hash, as you’ll need it in the next step.
Edit docker-compose.yml
Edit the Lightning Node’s docker-compose.yml file:
sudo nano ~/umbrel/app-data/lightning/docker-compose.yml
Find the line that starts with:
lightninglabs/lnd:
Modify it to match the latest version and hash. In this example, it should look like:
lightninglabs/lnd:v0.18.5-beta@sha256:2b560c9beb559c57ab2f2da1dfed80d286cf11a6dc6e4354cab84aafba79b6f6
Save the changes:
- Press
CTRL + X - Press
Yto confirm - Press
Enterto save
Restart your Lightning Node
umbreld client apps.restart.mutate --appId lightning
Your LND is now up to date even before the official umbrelOS release!
But we still may need this in the future.