The last BTCPay Server major update was only a month and a half ago. And we're already rolling another one!
To update, simply navigate to your Server Settings > Maintenance tab and click Update or use the command btcpay-update.sh in the command line.
The BTCPay Server 1.1.0 update isn't major because of big new features or a UI overhaul but because of the number of items in the changelog. v1.1.0 introduces a number of quality of life additions and a few improvements to upgrade your security, privacy and usability inside BTCPay Server. We're also switching to proper semver (opens new window) versioning for a clearer definition of upgrade paths.
The high-time preference crowd can view the full changelog of this release here (opens new window).
BTCPay Server 188.8.131.52 (opens new window) previously patched several security vulnerabilities that were responsibly disclosed. If you're using an older version than 184.108.40.206, we strongly recommend that you update your instance.
We're fulfilling our promise, and full public disclosure of the vulnerabilities is now available here.
# ⚡Lightning Wallet Setup UI Improvements
The Lightning Network wallet configuration page has been thoroughly worked on in this update. Previously when you accessed the page, you were greeted with the information that a regular user would have had a hard time navigating. We have completely changed the UI of that page to make it clear what is being configured and what is happening.
Now if you choose the internal node, you literally have nothing to do other than save the choice while more tech-savvy users still have the option to use their custom (possibly remote) node and have access to the connection string examples to help them get started.
To accept Bitcoin through the Lightning Network on a BTCPay Server store was already a two-click process (opens new window) in previous versions, but now you'll save on pills to calm that headache that you had each time you entered the page.
# LND v0.12.1-beta and Loop
This version bumps LND to version v0.12.1-beta and also now enables instances that have the LND Lightning implementation to use the Loop-In and Loop-Out features. For full details on what Loop is, you can visit the Lightning Labs dedicated page, or the Loop feature Github repository.
To use Loop, once you have updated to BTCPay Server 1.1.0, simply navigate to your Server Settings > Services menu, select your preferred Lightning Network visualization tool (By default Ride The Lightning), and enter the tool. You should now have the option to use Loop-In and Loop-Out in the menu.
It is to be noted that users with BTCPay Server instances that have been first deployed more than a year ago might not be able to use this feature. To gain access to Loop functionality, you will need to migrate the LND container (and will lose your Lightning Channels in the process).
# 🧾 Reduce the address gap during the invoice creation
The new version introduces a new setting (opens new window) for each store. You now have the option to set to "Only enable the payment method after user explicitly chooses it". If enabled, when an invoice is created, payment methods of the invoice are only generated when the user selects each payment method in the invoice UI.
For example, if an invoice is created and the default payment method is Lightning, and the user doesn't select the Bitcoin on-chain from the dropdown, a Bitcoin address is not assigned and reserved.
This can potentially resolve three issues:
- Make invoice creation (and loading time) substantially shorter
- Make the lightning node work less by potentially generating and watching for fewer invoices, reducing the load on the server in general,
- Significantly reduce Gap Limit (opens new window) issues for many wallets if customers generate invoices without viewing the invoice (lost customer, abandoned cart, API, etc ...) or only pay via other payment methods.
Our goal is to have this option enabled by default in the next release, depending on the feedback we get.
# 🔑 WebAuthN/FIDO2 support
BTCPay Server now supports WebAuthN/FIDO2 (opens new window) as a Two-Factor-Authentification mechanism and all existing paired U2F (FIDO1) devices have been migrated to it. This should provide wider device and browser support and will act as the first step to some additional security additions in a future release.
Note for Safari users that previously had a security key registered with their account, we recommend that you enable two-factor authentication as an alternative way to authenticate in case of FIDO2 failure before updating. Alternatively, you can use a fully compatible browser such as Firefox or Chrome until Safari becomes fully compatible with the standard.
# 🔐 Disable the SSH key modification
SSH key addition, suppression, and modification can now be disabled in the UI. This prevents escalation of privilege in case an unauthorized user gains access to an admin account in the instance.
# 🔌 Extracting features as plugins
We're progressing slowly, but steadily towards extracting features as plugins. Our mission is to have a stable but flexible core of the software. One of the first attempts towards that goal is isolating certain features as optional plugins. In this version, we kicked-started that process with Shopify and CoinSwitch. However, the plugins aren't yet fully separated. We expect to do that in the next release.
Failsafe is introduced to disable a plugin if it crashes instead of crashing the whole instance.
# 👩💻Greenfield API improvements:
The in-house Greenfield API (opens new window) receives a bunch of newly available calls with this update. You can now call for:
- UTXO: Filter Confirmed or Unconfirmed
- UTXO: Keypath
- UTXO: Adress
- UTXO: Timestamp
- UTXO: Confirmation count
- WALLET: Fee Rate
A few bugs were also crushed. Namely, a typo in the webhook for OriginalDeliveryId, an access issue for misc/lang calls, and correctly reflecting in the UI the "store not configured" warning when the store was created via API.
Finally, this update also introduces several improvements on again, several views and existing features. A few of the bugs and improvements:
- You can now generate manually a receive address in an internal wallet which is Payjoin enabled,
- Filtering by "confirmed UTXO" in the internal wallet coin control is also now possible,
- Navigating through each page without having two-page titles or two error messages should be easier on the eyes,
- The file storage service provider section in the Server Settings is now more clear as to what providers are configured and available,
The full list can viewed in the Changelog (opens new window).
# A (mini) call to our translators !
Also, a call to our translators in the community. A few simple sentences have been updated or added on the BTCPay Server website (opens new window).
That will be all for this update. We worked quite a bunch for this and hope that you can secure your account easier, use the Lightning Wallet more smoothly and that those pesky Gap Limit issues are forever gone in your life (or at least, less present).
Despite this, if you have problems, feedback, feature requests, feel free to reach out on our community chat (opens new window). We hope you enjoy what this update has to offer.
As always, thank you to our invaluable contributors, we love you: @britttttk (opens new window) @dennisreimann (opens new window) @dstrukt (opens new window) @g33kme (opens new window) @junderw (opens new window) @kristapsk (opens new window) @Kukks (opens new window) @MaxHillebrand (opens new window) @NicolasDorier (opens new window) @Pavlenex (opens new window) @rockstardev (opens new window) @SakerOmera (opens new window) @ubolator (opens new window) @xpayserver (opens new window) @Zaxounette (opens new window)
The BTCPay Server team 💚