FAQ

Frequently asked questions about Rails Yield.

Yield & custody

Does Amboss lend my Bitcoin to a third party?

No. Rails never lends out your Bitcoin. Your funds stay in channels on your own self-custodied node; yield is generated from Lightning routing fees and liquidity leases, not from lending.

Is there rehypothecation risk?

No. Because your Bitcoin is never lent or re-pledged to a third party, there is no rehypothecation and no counterparty credit risk.

How does Rails generate yield while maintaining self-custody?

Your Bitcoin is deployed into Lightning channels on a node you custody. Rails' automation allocates that capacity to earn routing fees and liquidity leases. You keep your keys throughout. Amboss can only open and close channels, never move your funds.

What sort of yield can I expect?

Returns vary with network activity. Current estimates are an expected APY of around 4.5% and CAGR of around 5%. These figures are estimates and not guaranteed.

Is Rails suitable for institutional investors?

Yes. Rails is designed for Bitcoin treasuries, custodians, and institutional investors who need productive Bitcoin without giving up custody, along with detailed performance reporting.

Are there any lock-up periods?

No. There are no lock-ups; you can request a withdrawal at any time. Channels need time to close cleanly, so the BTC may not arrive on-chain instantly - see Withdraw for the timing model.

How much does it cost, and what fees are involved?

Rails charges a fee on the yield generated rather than on your principal. Specific terms are shown in the dashboard at rails.amboss.tech.

How do I get started?

Sign up at rails.amboss.tech, deploy Bitcoin to your node, and start earning. See Get Started.

What if I want to remove the Bitcoin deployed in my node?

You can withdraw at any time. Because you hold the keys and there are no lock-ups, you can recover funds using your seed phrase and channel backups whenever you choose. See Withdraw.

Security & key management

Control & permissions

Resilience & recovery

---

Developer FAQ

What's the API endpoint?

A single GraphQL endpoint: https://rails.amboss.tech/graphql. The same endpoint serves Rails Payments. See API Reference.

Can I deploy a node entirely from a backend script?

No. Both Fully Managed and Third Party Hosted deployments require browser-side cryptography (Argon2id key derivation from the master password, baking LND macaroons via Voltage RPCs in the browser, encrypting macaroons with the team symmetric key, then storing them via team.credentials.store_admin / store_management). The node.deploy and node.connect mutations are part of the flow but can't complete a working node on their own. Use the dashboard for deployment, then drive the rest of the lifecycle from your backend. See Deploy a Node.

Can I use a service API key (amb_live_…) for Yield operations?

Not today. Service API keys currently scope to Payments resources only (PAYMENTS, WALLETS, WEBHOOKS, ENVIRONMENTS). Yield operations under node.* and user.liquidity_provider require the dashboard Bearer token. See Authentication for the per-product matrix.

What's the rate limit?

60 requests per 60 seconds per authenticated user / IP. A 429 means you've exceeded the limit; back off and retry.

Is there a sandbox for Yield?

No. Unlike Payments, Rails Yield requires real Lightning channels and on-chain Bitcoin. Validate your integration against a small first deposit (e.g. 0.005 BTC) and scale up once it works end-to-end. Teams flagged for testing can use non-mainnet networks, which bypass the Stripe subscription on activate - contact your account contact if you need this.

How do I derive the password_hash server-side?

You shouldn't. The hash is derived from the master-account password using Argon2id with the master key + password as salt, and the derivation is intended to happen client-side so the plaintext password never leaves the user's device. If your backend needs to drive withdrawals, prompt the user for the password in the browser, derive the hash there, and forward only the hash to your backend. See Security.

What happens if my dashboard token expires?

The token follows the session cookie's lifecycle. If it expires you'll get UNAUTHENTICATED from any Rails query; re-authenticate via the dashboard (or your SSO integration) to mint a new one. There is currently no refresh-token surface in the public API.

Can I run Rails Yield on a node that isn't LND or Litd?

No. The automation expects LND or Litd because of the macaroon model and the specific RPCs it calls. Core Lightning and Eclair are not supported in the Third Party Hosted setup.

Where do I report API issues?

For schema bugs, unexpected INTERNAL_SERVER_ERROR responses, or integration support, contact your Amboss account manager or open a ticket via amboss.tech/contact. For broader documentation feedback, this docs site is open at github.com/AmbossTech/amboss-documentation.

Is there an SDK?

There is no first-party SDK today. The API is plain GraphQL and works with any client - graphql-request, Apollo Client, urql, or your language's GraphQL library of choice. The examples in these docs use graphql-request because it's minimal and language-agnostic.

How do I query an aggregate view across multiple nodes?

Omit the node_id field from LiquidityProviderInput. The query then returns combined balances and revenue across every node owned by the team.