Related, can you explain why BTCPay asks for an admin macaroon in order to connect a remote LND instance? Shouldn't a read-only macaroon with invoice permission suffice?
Iirc we need it to access the connection details and health status of the GetInfo call. However, by now LND support baking custom macaroons and I'll look into if and how we can leverage that. /cc @kukks @NicolasDorier https://docs.lightning.engineering/lightning-network-tools/lnd/macaroons#docs-internal-guid-7b736a99-7fff-4c6f-a308-73da0d74c992
At this point, it's not that big of a deal to not ask for it, maybe we can drop the requirement for the info.
fyi working on it here. Using invoice.macaroon suffices, only downside is we cannot display the connection details on the public Lightning node info page. https://github.com/btcpayserver/btcpayserver/pull/5567