Merge pull request #3777 from guggero/shared-key

signrpc: add DeriveSharedKey
2020-01-02 16:02:47 -08:00 · 2020-01-02 16:02:47 -08:00 · 5ade9abe29
commit 5ade9abe29
parent f289a39c1a 33e8077181
3 changed files with 255 additions and 44 deletions
--- a/lnrpc/signrpc/signer.pb.go
+++ b/lnrpc/signrpc/signer.pb.go
@ -662,6 +662,86 @@ func (m *VerifyMessageResp) GetValid() bool {
 	return false
 }

+type SharedKeyRequest struct {
+	// The ephemeral public key to use for the DH key derivation.
+	EphemeralPubkey      []byte   `protobuf:"bytes,1,opt,name=ephemeral_pubkey,json=ephemeralPubkey,proto3" json:"ephemeral_pubkey,omitempty"`
+	XXX_NoUnkeyedLiteral struct{} `json:"-"`
+	XXX_unrecognized     []byte   `json:"-"`
+	XXX_sizecache        int32    `json:"-"`
+}
+
+func (m *SharedKeyRequest) Reset()         { *m = SharedKeyRequest{} }
+func (m *SharedKeyRequest) String() string { return proto.CompactTextString(m) }
+func (*SharedKeyRequest) ProtoMessage()    {}
+func (*SharedKeyRequest) Descriptor() ([]byte, []int) {
+	return fileDescriptor_4ecd772f6c7ffacf, []int{12}
+}
+
+func (m *SharedKeyRequest) XXX_Unmarshal(b []byte) error {
+	return xxx_messageInfo_SharedKeyRequest.Unmarshal(m, b)
+}
+func (m *SharedKeyRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	return xxx_messageInfo_SharedKeyRequest.Marshal(b, m, deterministic)
+}
+func (m *SharedKeyRequest) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_SharedKeyRequest.Merge(m, src)
+}
+func (m *SharedKeyRequest) XXX_Size() int {
+	return xxx_messageInfo_SharedKeyRequest.Size(m)
+}
+func (m *SharedKeyRequest) XXX_DiscardUnknown() {
+	xxx_messageInfo_SharedKeyRequest.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_SharedKeyRequest proto.InternalMessageInfo
+
+func (m *SharedKeyRequest) GetEphemeralPubkey() []byte {
+	if m != nil {
+		return m.EphemeralPubkey
+	}
+	return nil
+}
+
+type SharedKeyResponse struct {
+	// The shared public key, hashed with sha256.
+	SharedKey            []byte   `protobuf:"bytes,1,opt,name=shared_key,json=sharedKey,proto3" json:"shared_key,omitempty"`
+	XXX_NoUnkeyedLiteral struct{} `json:"-"`
+	XXX_unrecognized     []byte   `json:"-"`
+	XXX_sizecache        int32    `json:"-"`
+}
+
+func (m *SharedKeyResponse) Reset()         { *m = SharedKeyResponse{} }
+func (m *SharedKeyResponse) String() string { return proto.CompactTextString(m) }
+func (*SharedKeyResponse) ProtoMessage()    {}
+func (*SharedKeyResponse) Descriptor() ([]byte, []int) {
+	return fileDescriptor_4ecd772f6c7ffacf, []int{13}
+}
+
+func (m *SharedKeyResponse) XXX_Unmarshal(b []byte) error {
+	return xxx_messageInfo_SharedKeyResponse.Unmarshal(m, b)
+}
+func (m *SharedKeyResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+	return xxx_messageInfo_SharedKeyResponse.Marshal(b, m, deterministic)
+}
+func (m *SharedKeyResponse) XXX_Merge(src proto.Message) {
+	xxx_messageInfo_SharedKeyResponse.Merge(m, src)
+}
+func (m *SharedKeyResponse) XXX_Size() int {
+	return xxx_messageInfo_SharedKeyResponse.Size(m)
+}
+func (m *SharedKeyResponse) XXX_DiscardUnknown() {
+	xxx_messageInfo_SharedKeyResponse.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_SharedKeyResponse proto.InternalMessageInfo
+
+func (m *SharedKeyResponse) GetSharedKey() []byte {
+	if m != nil {
+		return m.SharedKey
+	}
+	return nil
+}
+
 func init() {
 	proto.RegisterType((*KeyLocator)(nil), "signrpc.KeyLocator")
 	proto.RegisterType((*KeyDescriptor)(nil), "signrpc.KeyDescriptor")
@ -675,55 +755,62 @@ func init() {
 	proto.RegisterType((*SignMessageResp)(nil), "signrpc.SignMessageResp")
 	proto.RegisterType((*VerifyMessageReq)(nil), "signrpc.VerifyMessageReq")
 	proto.RegisterType((*VerifyMessageResp)(nil), "signrpc.VerifyMessageResp")
+	proto.RegisterType((*SharedKeyRequest)(nil), "signrpc.SharedKeyRequest")
+	proto.RegisterType((*SharedKeyResponse)(nil), "signrpc.SharedKeyResponse")
 }

 func init() { proto.RegisterFile("signrpc/signer.proto", fileDescriptor_4ecd772f6c7ffacf) }

 var fileDescriptor_4ecd772f6c7ffacf = []byte{
-	// 676 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x54, 0xcb, 0x6e, 0xd3, 0x40,
-	0x14, 0x55, 0x13, 0xf2, 0xe8, 0x75, 0xdc, 0xc7, 0x50, 0x15, 0xb7, 0x80, 0x08, 0x96, 0x8a, 0x82,
-	0x04, 0x89, 0x08, 0x08, 0x09, 0x56, 0xa8, 0xa0, 0x8a, 0xaa, 0x45, 0x45, 0x93, 0x8a, 0x45, 0x37,
-	0x91, 0xe3, 0x4c, 0x9d, 0x91, 0x1d, 0x7b, 0xea, 0x19, 0xe3, 0xf8, 0x17, 0xd8, 0xf2, 0xc3, 0x68,
-	0x1e, 0x49, 0xec, 0xf0, 0x90, 0x58, 0xc5, 0xe7, 0xce, 0x9d, 0x73, 0x8f, 0xcf, 0xb9, 0x31, 0x1c,
-	0x70, 0x1a, 0xc4, 0x29, 0xf3, 0x07, 0xf2, 0x97, 0xa4, 0x7d, 0x96, 0x26, 0x22, 0x41, 0x2d, 0x53,
-	0x75, 0x3f, 0x03, 0x5c, 0x90, 0xe2, 0x32, 0xf1, 0x3d, 0x91, 0xa4, 0xe8, 0x31, 0x40, 0x48, 0x8a,
-	0xf1, 0xad, 0x37, 0xa7, 0x51, 0xe1, 0x6c, 0x75, 0xb7, 0x7a, 0x0d, 0xbc, 0x1d, 0x92, 0xe2, 0x4c,
-	0x15, 0xd0, 0x43, 0x90, 0x60, 0x4c, 0xe3, 0x29, 0x59, 0x38, 0x35, 0x75, 0xda, 0x0e, 0x49, 0x71,
-	0x2e, 0xb1, 0xeb, 0x81, 0x7d, 0x41, 0x8a, 0x4f, 0x84, 0xfb, 0x29, 0x65, 0x92, 0xcc, 0x05, 0x3b,
-	0xf5, 0xf2, 0xb1, 0xbc, 0x31, 0x29, 0x04, 0xe1, 0x8a, 0xaf, 0x83, 0xad, 0xd4, 0xcb, 0x2f, 0x48,
-	0x71, 0x2a, 0x4b, 0xe8, 0x05, 0xb4, 0xe4, 0x79, 0x94, 0xf8, 0x8a, 0xcf, 0x1a, 0xde, 0xef, 0x1b,
-	0x65, 0xfd, 0xb5, 0x2c, 0xdc, 0x0c, 0xd5, 0xb3, 0xfb, 0x1e, 0x1a, 0xd7, 0x8b, 0xab, 0x4c, 0xa0,
-	0x03, 0x68, 0x7c, 0xf7, 0xa2, 0x8c, 0x28, 0xca, 0x3a, 0xd6, 0x40, 0xca, 0x63, 0xe1, 0x58, 0xcf,
-	0x57, 0x74, 0x1d, 0xdc, 0x66, 0xe1, 0x48, 0x61, 0xf7, 0x67, 0x0d, 0x76, 0x46, 0x34, 0x88, 0x4b,
-	0x02, 0x5f, 0x81, 0x54, 0x3f, 0x9e, 0x12, 0xee, 0x2b, 0x22, 0x6b, 0x78, 0x58, 0x9e, 0xbe, 0xee,
-	0xc4, 0x52, 0xa4, 0x84, 0xe8, 0x29, 0x74, 0x38, 0x8d, 0x83, 0x88, 0x8c, 0x45, 0x4e, 0xbc, 0xd0,
-	0x4c, 0xb1, 0x74, 0xed, 0x5a, 0x96, 0x64, 0xcb, 0x34, 0xc9, 0x26, 0xab, 0x96, 0xba, 0x6e, 0xd1,
-	0x35, 0xdd, 0x72, 0x02, 0x3b, 0x39, 0x15, 0x31, 0xe1, 0x7c, 0xa9, 0xf6, 0x9e, 0x6a, 0xb2, 0x4d,
-	0x55, 0x4b, 0x46, 0xcf, 0xa0, 0x99, 0x64, 0x82, 0x65, 0xc2, 0x69, 0x28, 0x75, 0x3b, 0x2b, 0x75,
-	0xca, 0x05, 0x6c, 0x4e, 0x91, 0x03, 0x32, 0xce, 0x99, 0xc7, 0x67, 0x4e, 0xab, 0xbb, 0xd5, 0xb3,
-	0xf1, 0x12, 0xa2, 0x27, 0x60, 0xd1, 0x98, 0x65, 0xc2, 0x44, 0xd6, 0x56, 0x91, 0x81, 0x2a, 0xe9,
-	0xd0, 0x7c, 0x68, 0x49, 0x53, 0x30, 0xb9, 0x43, 0x5d, 0xe8, 0xc8, 0xb8, 0xc4, 0xa2, 0x92, 0x16,
-	0xa4, 0x5e, 0x7e, 0xbd, 0xd0, 0x61, 0xbd, 0x05, 0x90, 0x02, 0x94, 0x61, 0xdc, 0xa9, 0x75, 0xeb,
-	0x3d, 0x6b, 0xf8, 0x60, 0xa5, 0xa9, 0x6a, 0x2e, 0xde, 0xe6, 0x06, 0x73, 0xf7, 0x04, 0xda, 0x7a,
-	0x08, 0x67, 0xe8, 0x08, 0xda, 0x72, 0x0a, 0xa7, 0x81, 0x9c, 0x50, 0xef, 0x75, 0x70, 0x2b, 0xf5,
-	0xf2, 0x11, 0x0d, 0xb8, 0x7b, 0x06, 0xd6, 0xb9, 0x54, 0x66, 0xde, 0xde, 0x81, 0x96, 0xb1, 0x63,
-	0xd9, 0x68, 0xa0, 0xdc, 0x52, 0x4e, 0x83, 0x6a, 0xd0, 0x72, 0x9c, 0x49, 0xfa, 0x12, 0x76, 0x4b,
-	0x3c, 0x6a, 0xea, 0x3b, 0xb0, 0xb5, 0x0f, 0xfa, 0x8e, 0x66, 0xb4, 0x86, 0x07, 0x2b, 0xf1, 0xe5,
-	0x0b, 0x1d, 0xba, 0x06, 0xdc, 0xfd, 0xaa, 0xd7, 0xe6, 0x0b, 0xe1, 0xdc, 0x0b, 0x88, 0x34, 0x6a,
-	0x0f, 0xea, 0x73, 0x1e, 0x18, 0x7f, 0xe4, 0xe3, 0x7f, 0x6e, 0xf1, 0x00, 0x76, 0x2b, 0x8c, 0x9c,
-	0xa1, 0x47, 0xa0, 0xec, 0xf2, 0x44, 0x96, 0x12, 0x43, 0xbc, 0x2e, 0xb8, 0x37, 0xb0, 0xf7, 0x8d,
-	0xa4, 0xf4, 0xb6, 0xf8, 0xa7, 0x88, 0x0a, 0x47, 0x6d, 0x83, 0x03, 0x1d, 0x42, 0x93, 0x65, 0x93,
-	0x90, 0x14, 0x66, 0x1f, 0x0d, 0x72, 0x9f, 0xc3, 0xfe, 0x06, 0x37, 0x67, 0xe6, 0xef, 0x45, 0xa7,
-	0x8a, 0xbe, 0x8d, 0x35, 0x18, 0xfe, 0xa8, 0x41, 0x73, 0xa4, 0x3e, 0x22, 0xe8, 0x0d, 0xd8, 0xf2,
-	0xe9, 0x4a, 0xed, 0x1f, 0xf6, 0x72, 0xb4, 0x57, 0x59, 0x03, 0x4c, 0xee, 0x8e, 0xf7, 0x37, 0x2a,
-	0x9c, 0xa1, 0x0f, 0x80, 0x3e, 0x26, 0x73, 0x96, 0x09, 0x52, 0xce, 0xf9, 0xf7, 0xab, 0xce, 0x1f,
-	0x63, 0xd1, 0x0c, 0x56, 0xc9, 0x3a, 0x54, 0x5d, 0xbe, 0xb5, 0x3b, 0x25, 0x86, 0x4d, 0xa7, 0xcf,
-	0xc0, 0xae, 0xbc, 0x2f, 0x3a, 0x5a, 0xb5, 0x6e, 0x7a, 0x7c, 0x7c, 0xfc, 0xb7, 0x23, 0xce, 0x4e,
-	0x07, 0x37, 0x2f, 0x03, 0x2a, 0x66, 0xd9, 0xa4, 0xef, 0x27, 0xf3, 0x41, 0x44, 0x83, 0x99, 0x88,
-	0x69, 0x1c, 0xc4, 0x44, 0xe4, 0x49, 0x1a, 0x0e, 0xa2, 0x78, 0x3a, 0x88, 0x56, 0x9f, 0xdd, 0x94,
-	0xf9, 0x93, 0xa6, 0xfa, 0xf0, 0xbe, 0xfe, 0x15, 0x00, 0x00, 0xff, 0xff, 0x09, 0xde, 0xe5, 0x7f,
-	0x90, 0x05, 0x00, 0x00,
+	// 754 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x55, 0xed, 0x8e, 0xdb, 0x44,
+	0x14, 0xd5, 0x26, 0x6c, 0x92, 0xbd, 0x4e, 0x76, 0xb3, 0xc3, 0xaa, 0xb8, 0x0b, 0x88, 0x60, 0xa9,
+	0x28, 0x95, 0x20, 0x11, 0x01, 0x21, 0x81, 0x84, 0x84, 0x4a, 0xb5, 0x6a, 0x95, 0xa2, 0x56, 0xce,
+	0x8a, 0x1f, 0xfd, 0x63, 0x39, 0xce, 0xad, 0x33, 0xb2, 0x63, 0xcf, 0xce, 0x8c, 0xeb, 0xf8, 0x39,
+	0x78, 0x35, 0x1e, 0x08, 0xcd, 0x47, 0x1c, 0x3b, 0x05, 0xa4, 0xfe, 0x8a, 0xef, 0x99, 0x3b, 0xe7,
+	0x9e, 0x9c, 0x73, 0x13, 0xc3, 0x8d, 0xa0, 0x71, 0xc6, 0x59, 0x34, 0x57, 0x9f, 0xc8, 0x67, 0x8c,
+	0xe7, 0x32, 0x27, 0x7d, 0x8b, 0x7a, 0x2f, 0x00, 0x96, 0x58, 0xbd, 0xca, 0xa3, 0x50, 0xe6, 0x9c,
+	0x7c, 0x09, 0x90, 0x60, 0x15, 0xbc, 0x0b, 0x77, 0x34, 0xad, 0xdc, 0xb3, 0xc9, 0xd9, 0xf4, 0xdc,
+	0xbf, 0x48, 0xb0, 0xba, 0xd3, 0x00, 0xf9, 0x1c, 0x54, 0x11, 0xd0, 0x6c, 0x83, 0x7b, 0xb7, 0xa3,
+	0x4f, 0x07, 0x09, 0x56, 0x2f, 0x55, 0xed, 0x85, 0x30, 0x5a, 0x62, 0xf5, 0x1c, 0x45, 0xc4, 0x29,
+	0x53, 0x64, 0x1e, 0x8c, 0x78, 0x58, 0x06, 0xea, 0xc6, 0xba, 0x92, 0x28, 0x34, 0xdf, 0xd0, 0x77,
+	0x78, 0x58, 0x2e, 0xb1, 0x7a, 0xa6, 0x20, 0xf2, 0x2d, 0xf4, 0xd5, 0x79, 0x9a, 0x47, 0x9a, 0xcf,
+	0x59, 0x7c, 0x3a, 0xb3, 0xca, 0x66, 0x47, 0x59, 0x7e, 0x2f, 0xd1, 0xcf, 0xde, 0x2f, 0x70, 0x7e,
+	0xbf, 0x7f, 0x5d, 0x48, 0x72, 0x03, 0xe7, 0xef, 0xc3, 0xb4, 0x40, 0x4d, 0xd9, 0xf5, 0x4d, 0xa1,
+	0xe4, 0xb1, 0x24, 0x30, 0xf3, 0x35, 0xdd, 0xd0, 0x1f, 0xb0, 0x64, 0xa5, 0x6b, 0xef, 0xaf, 0x0e,
+	0x5c, 0xae, 0x68, 0x9c, 0x35, 0x04, 0x7e, 0x0f, 0x4a, 0x7d, 0xb0, 0x41, 0x11, 0x69, 0x22, 0x67,
+	0xf1, 0xa8, 0x39, 0xfd, 0xd8, 0xe9, 0x2b, 0x91, 0xaa, 0x24, 0x5f, 0xc3, 0x50, 0xd0, 0x2c, 0x4e,
+	0x31, 0x90, 0x25, 0x86, 0x89, 0x9d, 0xe2, 0x18, 0xec, 0x5e, 0x41, 0xaa, 0x65, 0x93, 0x17, 0xeb,
+	0xba, 0xa5, 0x6b, 0x5a, 0x0c, 0x66, 0x5a, 0x9e, 0xc0, 0x65, 0x49, 0x65, 0x86, 0x42, 0x1c, 0xd4,
+	0x7e, 0xa2, 0x9b, 0x46, 0x16, 0x35, 0x92, 0xc9, 0x37, 0xd0, 0xcb, 0x0b, 0xc9, 0x0a, 0xe9, 0x9e,
+	0x6b, 0x75, 0x97, 0xb5, 0x3a, 0xed, 0x82, 0x6f, 0x4f, 0x89, 0x0b, 0x2a, 0xce, 0x6d, 0x28, 0xb6,
+	0x6e, 0x7f, 0x72, 0x36, 0x1d, 0xf9, 0x87, 0x92, 0x7c, 0x05, 0x0e, 0xcd, 0x58, 0x21, 0x6d, 0x64,
+	0x03, 0x1d, 0x19, 0x68, 0xc8, 0x84, 0x16, 0x41, 0x5f, 0x99, 0xe2, 0xe3, 0x03, 0x99, 0xc0, 0x50,
+	0xc5, 0x25, 0xf7, 0xad, 0xb4, 0x80, 0x87, 0xe5, 0xfd, 0xde, 0x84, 0xf5, 0x13, 0x80, 0x12, 0xa0,
+	0x0d, 0x13, 0x6e, 0x67, 0xd2, 0x9d, 0x3a, 0x8b, 0xcf, 0x6a, 0x4d, 0x6d, 0x73, 0xfd, 0x0b, 0x61,
+	0x6b, 0xe1, 0x3d, 0x81, 0x81, 0x19, 0x22, 0x18, 0x79, 0x0c, 0x03, 0x35, 0x45, 0xd0, 0x58, 0x4d,
+	0xe8, 0x4e, 0x87, 0x7e, 0x9f, 0x87, 0xe5, 0x8a, 0xc6, 0xc2, 0xbb, 0x03, 0xe7, 0xa5, 0x52, 0x66,
+	0xbf, 0xbd, 0x0b, 0x7d, 0x6b, 0xc7, 0xa1, 0xd1, 0x96, 0x6a, 0x4b, 0x05, 0x8d, 0xdb, 0x41, 0xab,
+	0x71, 0x36, 0xe9, 0x57, 0x70, 0xd5, 0xe0, 0xd1, 0x53, 0x7f, 0x86, 0x91, 0xf1, 0xc1, 0xdc, 0x31,
+	0x8c, 0xce, 0xe2, 0xa6, 0x16, 0xdf, 0xbc, 0x30, 0xa4, 0xc7, 0x42, 0x78, 0x6f, 0xcc, 0xda, 0xfc,
+	0x81, 0x42, 0x84, 0x31, 0x2a, 0xa3, 0xc6, 0xd0, 0xdd, 0x89, 0xd8, 0xfa, 0xa3, 0x1e, 0x3f, 0x72,
+	0x8b, 0xe7, 0x70, 0xd5, 0x62, 0x14, 0x8c, 0x7c, 0x01, 0xda, 0xae, 0x50, 0x16, 0x1c, 0x2d, 0xf1,
+	0x11, 0xf0, 0xde, 0xc2, 0xf8, 0x4f, 0xe4, 0xf4, 0x5d, 0xf5, 0xbf, 0x22, 0x5a, 0x1c, 0x9d, 0x13,
+	0x0e, 0xf2, 0x08, 0x7a, 0xac, 0x58, 0x27, 0x58, 0xd9, 0x7d, 0xb4, 0x95, 0xf7, 0x14, 0xae, 0x4f,
+	0xb8, 0x05, 0xb3, 0x3f, 0x2f, 0xba, 0xd1, 0xf4, 0x03, 0xdf, 0x14, 0xde, 0xaf, 0x30, 0x5e, 0x6d,
+	0x43, 0x8e, 0x9b, 0x25, 0x56, 0x3e, 0x3e, 0x14, 0x28, 0x24, 0x79, 0x0a, 0x63, 0x64, 0x5b, 0xdc,
+	0x21, 0x0f, 0xd3, 0xc0, 0x0e, 0x30, 0x9a, 0xae, 0x6a, 0xfc, 0x8d, 0x99, 0xb4, 0x80, 0xeb, 0xc6,
+	0x75, 0xc1, 0xf2, 0x4c, 0xa0, 0x8e, 0x52, 0x83, 0xc1, 0xf1, 0xe6, 0x85, 0x38, 0xb4, 0x2d, 0xfe,
+	0xee, 0x40, 0x6f, 0xa5, 0xff, 0xb7, 0xc8, 0x8f, 0x30, 0x52, 0x4f, 0xaf, 0xf5, 0xca, 0xfb, 0x61,
+	0x49, 0xc6, 0xad, 0xcd, 0xf3, 0xf1, 0xe1, 0xf6, 0xfa, 0x04, 0x11, 0x8c, 0xfc, 0x06, 0xe4, 0xf7,
+	0x7c, 0xc7, 0x0a, 0x89, 0xcd, 0xd5, 0xfa, 0xf0, 0xaa, 0xfb, 0xaf, 0x9b, 0x60, 0x18, 0x9c, 0x46,
+	0x5a, 0xa4, 0xbd, 0xef, 0xc7, 0x40, 0x1a, 0x0c, 0xa7, 0xe1, 0xde, 0xc1, 0xa8, 0x65, 0x31, 0x79,
+	0x5c, 0xb7, 0x9e, 0xc6, 0x7a, 0x7b, 0xfb, 0x5f, 0x47, 0x82, 0x91, 0x17, 0x70, 0xf5, 0x1c, 0x39,
+	0x7d, 0x8f, 0xb5, 0x8d, 0x0d, 0xa6, 0xd3, 0x64, 0x1a, 0x4c, 0x1f, 0xb8, 0xfe, 0x6c, 0xfe, 0xf6,
+	0xbb, 0x98, 0xca, 0x6d, 0xb1, 0x9e, 0x45, 0xf9, 0x6e, 0x9e, 0xd2, 0x78, 0x2b, 0x33, 0x9a, 0xc5,
+	0x19, 0xca, 0x32, 0xe7, 0xc9, 0x3c, 0xcd, 0x36, 0xf3, 0xb4, 0x7e, 0x67, 0x70, 0x16, 0xad, 0x7b,
+	0xfa, 0xad, 0xf1, 0xc3, 0x3f, 0x01, 0x00, 0x00, 0xff, 0xff, 0x86, 0xd3, 0xf4, 0xe0, 0x4d, 0x06,
+	0x00, 0x00,
 }

 // Reference imports to suppress errors if they are not otherwise used.
@ -774,6 +861,14 @@ type SignerClient interface {
 	//The main difference to VerifyMessage in the main RPC is that the public key
 	//used to sign the message does not have to be a node known to the network.
 	VerifyMessage(ctx context.Context, in *VerifyMessageReq, opts ...grpc.CallOption) (*VerifyMessageResp, error)
+	//
+	//DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key
+	//derivation between the ephemeral public key in the request and the node's
+	//identity private key:
+	//P_shared = privKeyNodeID * ephemeralPubkey
+	//The resulting shared public key is serialized in the compressed format and
+	//hashed with sha256, resulting in the final key length of 256bit.
+	DeriveSharedKey(ctx context.Context, in *SharedKeyRequest, opts ...grpc.CallOption) (*SharedKeyResponse, error)
 }

 type signerClient struct {
@ -820,6 +915,15 @@ func (c *signerClient) VerifyMessage(ctx context.Context, in *VerifyMessageReq,
 	return out, nil
 }

+func (c *signerClient) DeriveSharedKey(ctx context.Context, in *SharedKeyRequest, opts ...grpc.CallOption) (*SharedKeyResponse, error) {
+	out := new(SharedKeyResponse)
+	err := c.cc.Invoke(ctx, "/signrpc.Signer/DeriveSharedKey", in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 // SignerServer is the server API for Signer service.
 type SignerServer interface {
 	//*
@ -858,6 +962,14 @@ type SignerServer interface {
 	//The main difference to VerifyMessage in the main RPC is that the public key
 	//used to sign the message does not have to be a node known to the network.
 	VerifyMessage(context.Context, *VerifyMessageReq) (*VerifyMessageResp, error)
+	//
+	//DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key
+	//derivation between the ephemeral public key in the request and the node's
+	//identity private key:
+	//P_shared = privKeyNodeID * ephemeralPubkey
+	//The resulting shared public key is serialized in the compressed format and
+	//hashed with sha256, resulting in the final key length of 256bit.
+	DeriveSharedKey(context.Context, *SharedKeyRequest) (*SharedKeyResponse, error)
 }

 func RegisterSignerServer(s *grpc.Server, srv SignerServer) {
@ -936,6 +1048,24 @@ func _Signer_VerifyMessage_Handler(srv interface{}, ctx context.Context, dec fun
 	return interceptor(ctx, in, info, handler)
 }

+func _Signer_DeriveSharedKey_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SharedKeyRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(SignerServer).DeriveSharedKey(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: "/signrpc.Signer/DeriveSharedKey",
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(SignerServer).DeriveSharedKey(ctx, req.(*SharedKeyRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 var _Signer_serviceDesc = grpc.ServiceDesc{
 	ServiceName: "signrpc.Signer",
 	HandlerType: (*SignerServer)(nil),
@ -956,6 +1086,10 @@ var _Signer_serviceDesc = grpc.ServiceDesc{
 			MethodName: "VerifyMessage",
 			Handler:    _Signer_VerifyMessage_Handler,
 		},
+		{
+			MethodName: "DeriveSharedKey",
+			Handler:    _Signer_DeriveSharedKey_Handler,
+		},
 	},
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "signrpc/signer.proto",
--- a/lnrpc/signrpc/signer.proto
+++ b/lnrpc/signrpc/signer.proto
@ -151,6 +151,16 @@ message VerifyMessageResp {
    bool valid = 1;
 }

+message SharedKeyRequest {
+    // The ephemeral public key to use for the DH key derivation.
+    bytes ephemeral_pubkey = 1;
+}
+
+message SharedKeyResponse {
+    // The shared public key, hashed with sha256.
+    bytes shared_key = 1;
+}
+
 service Signer {
    /**
    SignOutputRaw is a method that can be used to generated a signature for a
@ -195,4 +205,14 @@ service Signer {
    used to sign the message does not have to be a node known to the network.
    */
    rpc VerifyMessage (VerifyMessageReq) returns (VerifyMessageResp);
+
+    /*
+    DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key
+    derivation between the ephemeral public key in the request and the node's
+    identity private key:
+        P_shared = privKeyNodeID * ephemeralPubkey
+    The resulting shared public key is serialized in the compressed format and 
+    hashed with sha256, resulting in the final key length of 256bit.
+    */
+    rpc DeriveSharedKey (SharedKeyRequest) returns (SharedKeyResponse);
 }
--- a/lnrpc/signrpc/signer_server.go
+++ b/lnrpc/signrpc/signer_server.go
@ -5,6 +5,7 @@ package signrpc
 import (
 	"bytes"
 	"context"
+	"crypto/sha256"
 	"fmt"
 	"io/ioutil"
 	"os"
@ -62,6 +63,10 @@ var (
 			Entity: "signer",
 			Action: "read",
 		}},
+		"/signrpc.Signer/DeriveSharedKey": {{
+			Entity: "signer",
+			Action: "generate",
+		}},
 	}

 	// DefaultSignerMacFilename is the default name of the signer macaroon
@ -477,3 +482,55 @@ func (s *Server) VerifyMessage(ctx context.Context,
 		Valid: valid,
 	}, nil
 }
+
+// DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key
+// derivation between the ephemeral public key in the request and the node's
+// identity private key:
+//     P_shared = privKeyNodeID * ephemeralPubkey
+// The resulting shared public key is serialized in the compressed format and
+// hashed with sha256, resulting in the final key length of 256bit.
+func (s *Server) DeriveSharedKey(_ context.Context, in *SharedKeyRequest) (
+	*SharedKeyResponse, error) {
+
+	if len(in.EphemeralPubkey) != 33 {
+		return nil, fmt.Errorf("ephemeral pubkey must be " +
+			"serialized in compressed format")
+	}
+	ephemeralPubkey, err := btcec.ParsePubKey(
+		in.EphemeralPubkey, btcec.S256(),
+	)
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse pubkey: %v", err)
+	}
+
+	// Derive our node's private key from the key ring.
+	idPrivKey, err := s.cfg.KeyRing.DerivePrivKey(keychain.KeyDescriptor{
+		KeyLocator: keychain.KeyLocator{
+			Family: keychain.KeyFamilyNodeKey,
+			Index:  0,
+		},
+	})
+	if err != nil {
+		err := fmt.Errorf("unable to derive node private key: %v", err)
+		log.Error(err)
+		return nil, err
+	}
+	idPrivKey.Curve = btcec.S256()
+
+	// Derive the shared key using ECDH and hashing the serialized
+	// compressed shared point.
+	sharedKeyHash := ecdh(ephemeralPubkey, idPrivKey)
+	return &SharedKeyResponse{SharedKey: sharedKeyHash}, nil
+}
+
+// ecdh performs an ECDH operation between pub and priv. The returned value is
+// the sha256 of the compressed shared point.
+func ecdh(pub *btcec.PublicKey, priv *btcec.PrivateKey) []byte {
+	s := &btcec.PublicKey{}
+	x, y := btcec.S256().ScalarMult(pub.X, pub.Y, priv.D.Bytes())
+	s.X = x
+	s.Y = y
+
+	h := sha256.Sum256(s.SerializeCompressed())
+	return h[:]
+}