Related, can you explain why BTCPay asks for an admin macaroon in order to connect a remote LND instance? Shouldn't a read-only macaroon with invoice permission suffice?
Login to reply
Replies (1)
Iirc we need it to access the connection details and health status of the GetInfo call. However, by now LND support baking custom macaroons and I'll look into if and how we can leverage that. /cc @kukks @Nicolas Dorier
Macaroons | Builder's Guide
Macaroons are fancy cookies. You use LND to create custom macaroons that limit their permissions with great granularity, down to the exact RPC calls.