Browse Source
This commit adds a RevocationKeyLocator field to the OpenChannel struct so that the SCB derivation doesn't have to brute-force the sha chain root key and match the public key. ECDH derivation is now used to derive the key instead of regular private key derivation a la DerivePrivKey. The legacy can still be used to recover old channels.master
eugene
4 years ago
6 changed files with 183 additions and 58 deletions
@ -0,0 +1,51 @@
|
||||
// +build !rpctest
|
||||
|
||||
package lnwallet |
||||
|
||||
import ( |
||||
"github.com/lightningnetwork/lnd/keychain" |
||||
"github.com/lightningnetwork/lnd/shachain" |
||||
) |
||||
|
||||
// nextRevocationProducer creates a new revocation producer, deriving the
|
||||
// revocation root by applying ECDH to a new key from our revocation root family
|
||||
// and the multisig key we use for the channel.
|
||||
func (l *LightningWallet) nextRevocationProducer(res *ChannelReservation, |
||||
keyRing keychain.KeyRing) (shachain.Producer, error) { |
||||
|
||||
// Derive the next key in the revocation root family.
|
||||
nextRevocationKeyDesc, err := keyRing.DeriveNextKey( |
||||
keychain.KeyFamilyRevocationRoot, |
||||
) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
|
||||
// If the DeriveNextKey call returns the first key with Index 0, we need
|
||||
// to re-derive the key as the keychain/btcwallet.go DerivePrivKey call
|
||||
// special-cases Index 0.
|
||||
if nextRevocationKeyDesc.Index == 0 { |
||||
nextRevocationKeyDesc, err = keyRing.DeriveNextKey( |
||||
keychain.KeyFamilyRevocationRoot, |
||||
) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
} |
||||
|
||||
res.nextRevocationKeyLoc = nextRevocationKeyDesc.KeyLocator |
||||
|
||||
// Perform an ECDH operation between the private key described in
|
||||
// nextRevocationKeyDesc and our public multisig key. The result will be
|
||||
// used to seed the revocation producer.
|
||||
revRoot, err := l.ECDH( |
||||
nextRevocationKeyDesc, res.ourContribution.MultiSigKey.PubKey, |
||||
) |
||||
if err != nil { |
||||
return nil, err |
||||
} |
||||
|
||||
// Once we have the root, we can then generate our shachain producer
|
||||
// and from that generate the per-commitment point.
|
||||
return shachain.NewRevocationProducer(revRoot), nil |
||||
} |
Loading…
Reference in new issue