From c284574104e9b4f2ad33b7c817979dc51148e748 Mon Sep 17 00:00:00 2001
From: Graham Krizek <graham@krizek.io>
Date: Sat, 11 Jul 2020 22:49:24 -0500
Subject: [PATCH] docs: Add a section in configuring_tor about the
 --tor.encryptkey flag

---
 docs/configuring_tor.md | 5 +++++
 sample-lnd.conf         | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/docs/configuring_tor.md b/docs/configuring_tor.md
index 1c3c03fe0..a21099c98 100644
--- a/docs/configuring_tor.md
+++ b/docs/configuring_tor.md
@@ -182,3 +182,8 @@ base directory. This will allow `lnd` to recreate the same hidden service upon
 restart. If you wish to generate a new onion service, you can simply delete this
 file. The path to this private key file can also be modified with the
 `--tor.privatekeypath` argument.
+
+You can optionally encrypt the Tor private key by using the `--tor.encryptkey` 
+flag. This will still write to the same private key files. However instead of 
+writing the plaintext private key, `lnd` encrypts the private key using the 
+wallet's seed and writes the encrypted blob to the file.
\ No newline at end of file
diff --git a/sample-lnd.conf b/sample-lnd.conf
index 0320a76c9..4ba5d3c45 100644
--- a/sample-lnd.conf
+++ b/sample-lnd.conf
@@ -935,6 +935,8 @@ litecoin.node=ltcd
 ;The path to the private key of the watchtower onion service being created
 ; tor.watchtowerkeypath=/other/path/
 
+; Instructs lnd to encrypt the private key using the wallet's seed.
+; tor.encryptkey=true
 
 [watchtower]