Browse Source
onchaind will need to do similar logic to channeld, so this allows them to share much more code. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>ppa-0.6.1
Rusty Russell
7 years ago
9 changed files with 215 additions and 139 deletions
@ -0,0 +1,61 @@ |
|||||
|
#include <lightningd/key_derive.h> |
||||
|
#include <lightningd/keyset.h> |
||||
|
|
||||
|
bool derive_keyset(const struct pubkey *per_commitment_point, |
||||
|
const struct pubkey *self_payment_basepoint, |
||||
|
const struct pubkey *other_payment_basepoint, |
||||
|
const struct pubkey *self_delayed_basepoint, |
||||
|
const struct pubkey *other_revocation_basepoint, |
||||
|
struct keyset *keyset) |
||||
|
{ |
||||
|
/* BOLT #3:
|
||||
|
* |
||||
|
* ### `localkey`, `remotekey`, `local_delayedkey` and |
||||
|
* `remote_delayedkey` Derivation |
||||
|
* |
||||
|
* These keys are simply generated by addition from their base points: |
||||
|
* |
||||
|
* pubkey = basepoint + SHA256(per_commitment_point || basepoint)*G |
||||
|
* |
||||
|
* The `localkey` uses the local node's `payment_basepoint`, |
||||
|
* `remotekey` uses the remote node's `payment_basepoint`, the |
||||
|
* `local_delayedkey` uses the local node's |
||||
|
* `delayed_payment_basepoint`, and the `remote_delayedkey` uses the |
||||
|
* remote node's `delayed_payment_basepoint`. |
||||
|
*/ |
||||
|
if (!derive_simple_key(self_payment_basepoint, |
||||
|
per_commitment_point, |
||||
|
&keyset->self_payment_key)) |
||||
|
return false; |
||||
|
|
||||
|
if (!derive_simple_key(other_payment_basepoint, |
||||
|
per_commitment_point, |
||||
|
&keyset->other_payment_key)) |
||||
|
return false; |
||||
|
|
||||
|
if (!derive_simple_key(self_delayed_basepoint, |
||||
|
per_commitment_point, |
||||
|
&keyset->self_delayed_payment_key)) |
||||
|
return NULL; |
||||
|
|
||||
|
/* BOLT #3:
|
||||
|
* |
||||
|
* ### `revocationkey` Derivation |
||||
|
* |
||||
|
* The `revocationkey` is a blinded key: when a node wishes to create |
||||
|
* a new commitment for a remote node, it uses its own |
||||
|
* `revocation_basepoint` and the remote node's `per_commitment_point` |
||||
|
* to derive a new `revocationkey` for the commitment. |
||||
|
* |
||||
|
* per_commitment_point... is used to derive the revocation key from |
||||
|
* the remote node's `revocation_basepoint`: |
||||
|
* |
||||
|
* revocationkey = revocation_basepoint * SHA256(revocation_basepoint || per_commitment_point) + per_commitment_point*SHA256(per_commitment_point || revocation_basepoint) |
||||
|
*/ |
||||
|
if (!derive_revocation_key(other_revocation_basepoint, |
||||
|
per_commitment_point, |
||||
|
&keyset->self_revocation_key)) |
||||
|
return false; |
||||
|
|
||||
|
return true; |
||||
|
} |
@ -0,0 +1,20 @@ |
|||||
|
#ifndef LIGHTNING_LIGHTNINGD_KEYSET_H |
||||
|
#define LIGHTNING_LIGHTNINGD_KEYSET_H |
||||
|
#include "config.h" |
||||
|
#include <bitcoin/pubkey.h> |
||||
|
#include <stdbool.h> |
||||
|
|
||||
|
/* Keys needed to derive a particular commitment tx. */ |
||||
|
struct keyset { |
||||
|
struct pubkey self_revocation_key; |
||||
|
struct pubkey self_delayed_payment_key; |
||||
|
struct pubkey self_payment_key, other_payment_key; |
||||
|
}; |
||||
|
|
||||
|
bool derive_keyset(const struct pubkey *per_commitment_point, |
||||
|
const struct pubkey *self_payment_basepoint, |
||||
|
const struct pubkey *other_payment_basepoint, |
||||
|
const struct pubkey *self_delayed_basepoint, |
||||
|
const struct pubkey *other_revocation_basepoint, |
||||
|
struct keyset *keyset); |
||||
|
#endif /* LIGHTNING_LIGHTNINGD_KEYSET_H */ |
Loading…
Reference in new issue