watchtower: use ECDH interface for watchtower session

This commit is contained in:
Oliver Gugger 2020-04-28 10:06:31 +02:00
parent 535a22c590
commit f97e7b9951
No known key found for this signature in database
GPG Key ID: 8E4256593F177720
12 changed files with 53 additions and 93 deletions

13
lnd.go

@ -557,17 +557,14 @@ func Main(cfg *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
} }
defer towerDB.Close() defer towerDB.Close()
towerPrivKey, err := activeChainControl.wallet.DerivePrivKey( towerKeyDesc, err := activeChainControl.keyRing.DeriveKey(
keychain.KeyDescriptor{ keychain.KeyLocator{
KeyLocator: keychain.KeyLocator{
Family: keychain.KeyFamilyTowerID, Family: keychain.KeyFamilyTowerID,
Index: 0, Index: 0,
}, },
},
) )
if err != nil { if err != nil {
err := fmt.Errorf("unable to derive watchtower "+ err := fmt.Errorf("error deriving tower key: %v", err)
"private key: %v", err)
ltndLog.Error(err) ltndLog.Error(err)
return err return err
} }
@ -582,7 +579,9 @@ func Main(cfg *Config, lisCfg ListenerCfg, shutdownChan <-chan struct{}) error {
lnwallet.WitnessPubKey, false, lnwallet.WitnessPubKey, false,
) )
}, },
NodeKeyECDH: towerPrivKey, NodeKeyECDH: keychain.NewPubKeyECDH(
towerKeyDesc, activeChainControl.keyRing,
),
PublishTx: activeChainControl.wallet.PublishTransaction, PublishTx: activeChainControl.wallet.PublishTransaction,
ChainHash: *activeNetParams.GenesisHash, ChainHash: *activeNetParams.GenesisHash,
} }

@ -5,10 +5,10 @@ import (
"net" "net"
"time" "time"
"github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcd/chaincfg/chainhash" "github.com/btcsuite/btcd/chaincfg/chainhash"
"github.com/btcsuite/btcd/wire" "github.com/btcsuite/btcd/wire"
"github.com/btcsuite/btcutil" "github.com/btcsuite/btcutil"
"github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/tor" "github.com/lightningnetwork/lnd/tor"
"github.com/lightningnetwork/lnd/watchtower/lookout" "github.com/lightningnetwork/lnd/watchtower/lookout"
) )
@ -65,7 +65,7 @@ type Config struct {
// NodeKeyECDH is the ECDH capable wrapper of the key to be used in // NodeKeyECDH is the ECDH capable wrapper of the key to be used in
// accepting new brontide connections. // accepting new brontide connections.
NodeKeyECDH *btcec.PrivateKey NodeKeyECDH keychain.SingleKeyECDH
// PublishTx provides the ability to send a signed transaction to the // PublishTx provides the ability to send a signed transaction to the
// network. // network.

@ -72,7 +72,7 @@ func New(cfg *Config) (*Standalone, error) {
listeners := make([]net.Listener, 0, len(cfg.ListenAddrs)) listeners := make([]net.Listener, 0, len(cfg.ListenAddrs))
for _, listenAddr := range cfg.ListenAddrs { for _, listenAddr := range cfg.ListenAddrs {
listener, err := brontide.NewListener( listener, err := brontide.NewListener(
nil/*TODO fix in next commit*/, listenAddr.String(), cfg.NodeKeyECDH, listenAddr.String(),
) )
if err != nil { if err != nil {
return nil, err return nil, err

@ -11,6 +11,7 @@ import (
"github.com/btcsuite/btcd/btcec" "github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcd/chaincfg/chainhash" "github.com/btcsuite/btcd/chaincfg/chainhash"
"github.com/lightningnetwork/lnd/input" "github.com/lightningnetwork/lnd/input"
"github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/lnwallet" "github.com/lightningnetwork/lnd/lnwallet"
"github.com/lightningnetwork/lnd/lnwire" "github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/watchtower/wtdb" "github.com/lightningnetwork/lnd/watchtower/wtdb"
@ -337,7 +338,7 @@ func New(config *Config) (*TowerClient, error) {
// NOTE: This method should only be used when deserialization of a // NOTE: This method should only be used when deserialization of a
// ClientSession's Tower and SessionPrivKey fields is desired, otherwise, the // ClientSession's Tower and SessionPrivKey fields is desired, otherwise, the
// existing ListClientSessions method should be used. // existing ListClientSessions method should be used.
func getClientSessions(db DB, keyRing SecretKeyRing, forTower *wtdb.TowerID, func getClientSessions(db DB, keyRing ECDHKeyRing, forTower *wtdb.TowerID,
passesFilter func(*wtdb.ClientSession) bool) ( passesFilter func(*wtdb.ClientSession) bool) (
map[wtdb.SessionID]*wtdb.ClientSession, error) { map[wtdb.SessionID]*wtdb.ClientSession, error) {
@ -358,11 +359,14 @@ func getClientSessions(db DB, keyRing SecretKeyRing, forTower *wtdb.TowerID,
} }
s.Tower = tower s.Tower = tower
sessionKey, err := DeriveSessionKey(keyRing, s.KeyIndex) towerKeyDesc, err := keyRing.DeriveKey(keychain.KeyLocator{
Family: keychain.KeyFamilyTowerSession,
Index: s.KeyIndex,
})
if err != nil { if err != nil {
return nil, err return nil, err
} }
s.SessionKeyECDH = sessionKey s.SessionKeyECDH = keychain.NewPubKeyECDH(towerKeyDesc, keyRing)
// If an optional filter was provided, use it to filter out any // If an optional filter was provided, use it to filter out any
// undesired sessions. // undesired sessions.
@ -897,10 +901,10 @@ func (c *TowerClient) taskRejected(task *backupTask, curStatus reserveStatus) {
// dial connects the peer at addr using privKey as our secret key for the // dial connects the peer at addr using privKey as our secret key for the
// connection. The connection will use the configured Net's resolver to resolve // connection. The connection will use the configured Net's resolver to resolve
// the address for either Tor or clear net connections. // the address for either Tor or clear net connections.
func (c *TowerClient) dial(privKey *btcec.PrivateKey, func (c *TowerClient) dial(localKey keychain.SingleKeyECDH,
addr *lnwire.NetAddress) (wtserver.Peer, error) { addr *lnwire.NetAddress) (wtserver.Peer, error) {
return c.cfg.AuthDial(privKey, addr, c.cfg.Dial) return c.cfg.AuthDial(localKey, addr, c.cfg.Dial)
} }
// readMessage receives and parses the next message from the given Peer. An // readMessage receives and parses the next message from the given Peer. An

@ -101,10 +101,10 @@ func (m *mockNet) ResolveTCPAddr(network string, address string) (*net.TCPAddr,
panic("not implemented") panic("not implemented")
} }
func (m *mockNet) AuthDial(localPriv *btcec.PrivateKey, netAddr *lnwire.NetAddress, func (m *mockNet) AuthDial(local keychain.SingleKeyECDH, netAddr *lnwire.NetAddress,
dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error) { dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error) {
localPk := localPriv.PubKey() localPk := local.PubKey()
localAddr := &net.TCPAddr{ localAddr := &net.TCPAddr{
IP: net.IP{0x32, 0x31, 0x30, 0x29}, IP: net.IP{0x32, 0x31, 0x30, 0x29},
Port: 36723, Port: 36723,
@ -401,6 +401,7 @@ func newHarness(t *testing.T, cfg harnessCfg) *testHarness {
if err != nil { if err != nil {
t.Fatalf("Unable to generate tower private key: %v", err) t.Fatalf("Unable to generate tower private key: %v", err)
} }
privKeyECDH := &keychain.PrivKeyECDH{PrivKey: privKey}
towerPubKey := privKey.PubKey() towerPubKey := privKey.PubKey()
@ -416,7 +417,7 @@ func newHarness(t *testing.T, cfg harnessCfg) *testHarness {
DB: serverDB, DB: serverDB,
ReadTimeout: timeout, ReadTimeout: timeout,
WriteTimeout: timeout, WriteTimeout: timeout,
NodeKeyECDH: privKey, NodeKeyECDH: privKeyECDH,
NewAddress: func() (btcutil.Address, error) { NewAddress: func() (btcutil.Address, error) {
return addr, nil return addr, nil
}, },

@ -1,24 +0,0 @@
package wtclient
import (
"github.com/btcsuite/btcd/btcec"
"github.com/lightningnetwork/lnd/keychain"
)
// DeriveSessionKey accepts an session key index for an existing session and
// derives the HD private key to be used to authenticate the brontide transport
// and authenticate requests sent to the tower. The key will use the
// keychain.KeyFamilyTowerSession and the provided index, giving a BIP43
// derivation path of:
//
// * m/1017'/coinType'/8/0/index
func DeriveSessionKey(keyRing ECDHKeyRing,
index uint32) (*btcec.PrivateKey, error) {
return keyRing.DerivePrivKey(keychain.KeyDescriptor{
KeyLocator: keychain.KeyLocator{
Family: keychain.KeyFamilyTowerSession,
Index: index,
},
})
}

@ -102,14 +102,14 @@ type Dial func(net, addr string) (net.Conn, error)
// AuthDialer connects to a remote node using an authenticated transport, such as // AuthDialer connects to a remote node using an authenticated transport, such as
// brontide. The dialer argument is used to specify a resolver, which allows // brontide. The dialer argument is used to specify a resolver, which allows
// this method to be used over Tor or clear net connections. // this method to be used over Tor or clear net connections.
type AuthDialer func(localPriv *btcec.PrivateKey, netAddr *lnwire.NetAddress, type AuthDialer func(localKey keychain.SingleKeyECDH, netAddr *lnwire.NetAddress,
dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error) dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error)
// AuthDial is the watchtower client's default method of dialing. // AuthDial is the watchtower client's default method of dialing.
func AuthDial(localPriv *btcec.PrivateKey, netAddr *lnwire.NetAddress, func AuthDial(localKey keychain.SingleKeyECDH, netAddr *lnwire.NetAddress,
dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error) { dialer func(string, string) (net.Conn, error)) (wtserver.Peer, error) {
return brontide.Dial(nil/*TODO fix in next commit*/, netAddr, dialer) return brontide.Dial(localKey, netAddr, dialer)
} }
// ECDHKeyRing abstracts the ability to derive shared ECDH keys given a // ECDHKeyRing abstracts the ability to derive shared ECDH keys given a
@ -117,10 +117,6 @@ func AuthDial(localPriv *btcec.PrivateKey, netAddr *lnwire.NetAddress,
type ECDHKeyRing interface { type ECDHKeyRing interface {
keychain.ECDHRing keychain.ECDHRing
// DerivePrivKey derives the private key from the root seed using a
// key descriptor specifying the key's derivation path.
DerivePrivKey(loc keychain.KeyDescriptor) (*btcec.PrivateKey, error)
// DeriveKey attempts to derive an arbitrary key specified by the // DeriveKey attempts to derive an arbitrary key specified by the
// passed KeyLocator. This may be used in several recovery scenarios, // passed KeyLocator. This may be used in several recovery scenarios,
// or when manually rotating something like our current default node // or when manually rotating something like our current default node

@ -5,8 +5,8 @@ import (
"sync" "sync"
"time" "time"
"github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcd/chaincfg/chainhash" "github.com/btcsuite/btcd/chaincfg/chainhash"
"github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/lnwire" "github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/watchtower/blob" "github.com/lightningnetwork/lnd/watchtower/blob"
"github.com/lightningnetwork/lnd/watchtower/wtdb" "github.com/lightningnetwork/lnd/watchtower/wtdb"
@ -58,7 +58,8 @@ type NegotiatorConfig struct {
// Dial initiates an outbound brontide connection to the given address // Dial initiates an outbound brontide connection to the given address
// using a specified private key. The peer is returned in the event of a // using a specified private key. The peer is returned in the event of a
// successful connection. // successful connection.
Dial func(*btcec.PrivateKey, *lnwire.NetAddress) (wtserver.Peer, error) Dial func(keychain.SingleKeyECDH, *lnwire.NetAddress) (wtserver.Peer,
error)
// SendMessage writes a wtwire message to remote peer. // SendMessage writes a wtwire message to remote peer.
SendMessage func(wtserver.Peer, wtwire.Message) error SendMessage func(wtserver.Peer, wtwire.Message) error
@ -315,13 +316,21 @@ func (n *sessionNegotiator) createSession(tower *wtdb.Tower,
return ErrNoTowerAddrs return ErrNoTowerAddrs
} }
sessionPriv, err := DeriveSessionKey(n.cfg.SecretKeyRing, keyIndex) sessionKeyDesc, err := n.cfg.SecretKeyRing.DeriveKey(
keychain.KeyLocator{
Family: keychain.KeyFamilyTowerSession,
Index: keyIndex,
},
)
if err != nil { if err != nil {
return err return err
} }
sessionKey := keychain.NewPubKeyECDH(
sessionKeyDesc, n.cfg.SecretKeyRing,
)
for _, lnAddr := range tower.LNAddrs() { for _, lnAddr := range tower.LNAddrs() {
err = n.tryAddress(sessionPriv, keyIndex, tower, lnAddr) err := n.tryAddress(sessionKey, keyIndex, tower, lnAddr)
switch { switch {
case err == ErrPermanentTowerFailure: case err == ErrPermanentTowerFailure:
// TODO(conner): report to iterator? can then be reset // TODO(conner): report to iterator? can then be reset
@ -346,11 +355,11 @@ func (n *sessionNegotiator) createSession(tower *wtdb.Tower,
// The address should belong to the tower's set of addresses. This method only // The address should belong to the tower's set of addresses. This method only
// returns true if all steps succeed and the new session has been persisted, and // returns true if all steps succeed and the new session has been persisted, and
// fails otherwise. // fails otherwise.
func (n *sessionNegotiator) tryAddress(privKey *btcec.PrivateKey, func (n *sessionNegotiator) tryAddress(sessionKey keychain.SingleKeyECDH,
keyIndex uint32, tower *wtdb.Tower, lnAddr *lnwire.NetAddress) error { keyIndex uint32, tower *wtdb.Tower, lnAddr *lnwire.NetAddress) error {
// Connect to the tower address using our generated session key. // Connect to the tower address using our generated session key.
conn, err := n.cfg.Dial(privKey, lnAddr) conn, err := n.cfg.Dial(sessionKey, lnAddr)
if err != nil { if err != nil {
return err return err
} }
@ -417,9 +426,7 @@ func (n *sessionNegotiator) tryAddress(privKey *btcec.PrivateKey,
// TODO(conner): validate reward address // TODO(conner): validate reward address
rewardPkScript := createSessionReply.Data rewardPkScript := createSessionReply.Data
sessionID := wtdb.NewSessionIDFromPubKey( sessionID := wtdb.NewSessionIDFromPubKey(sessionKey.PubKey())
privKey.PubKey(),
)
clientSession := &wtdb.ClientSession{ clientSession := &wtdb.ClientSession{
ClientSessionBody: wtdb.ClientSessionBody{ ClientSessionBody: wtdb.ClientSessionBody{
TowerID: tower.ID, TowerID: tower.ID,
@ -428,7 +435,7 @@ func (n *sessionNegotiator) tryAddress(privKey *btcec.PrivateKey,
RewardPkScript: rewardPkScript, RewardPkScript: rewardPkScript,
}, },
Tower: tower, Tower: tower,
SessionKeyECDH: privKey, SessionKeyECDH: sessionKey,
ID: sessionID, ID: sessionID,
} }

@ -6,9 +6,9 @@ import (
"sync" "sync"
"time" "time"
"github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcd/chaincfg/chainhash" "github.com/btcsuite/btcd/chaincfg/chainhash"
"github.com/lightningnetwork/lnd/input" "github.com/lightningnetwork/lnd/input"
"github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/lnwire" "github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/watchtower/wtdb" "github.com/lightningnetwork/lnd/watchtower/wtdb"
"github.com/lightningnetwork/lnd/watchtower/wtserver" "github.com/lightningnetwork/lnd/watchtower/wtserver"
@ -41,8 +41,8 @@ type sessionQueueConfig struct {
// Dial allows the client to dial the tower using it's public key and // Dial allows the client to dial the tower using it's public key and
// net address. // net address.
Dial func(*btcec.PrivateKey, Dial func(keychain.SingleKeyECDH, *lnwire.NetAddress) (wtserver.Peer,
*lnwire.NetAddress) (wtserver.Peer, error) error)
// SendMessage encodes, encrypts, and writes a message to the given peer. // SendMessage encodes, encrypts, and writes a message to the given peer.
SendMessage func(wtserver.Peer, wtwire.Message) error SendMessage func(wtserver.Peer, wtwire.Message) error

@ -4,7 +4,7 @@ import (
"fmt" "fmt"
"io" "io"
"github.com/btcsuite/btcd/btcec" "github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/lnwire" "github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/watchtower/blob" "github.com/lightningnetwork/lnd/watchtower/blob"
"github.com/lightningnetwork/lnd/watchtower/wtpolicy" "github.com/lightningnetwork/lnd/watchtower/wtpolicy"
@ -65,7 +65,7 @@ type ClientSession struct {
// //
// NOTE: This value is not serialized. It is derived using the KeyIndex // NOTE: This value is not serialized. It is derived using the KeyIndex
// on startup to avoid storing private keys on disk. // on startup to avoid storing private keys on disk.
SessionKeyECDH *btcec.PrivateKey SessionKeyECDH keychain.SingleKeyECDH
} }
// ClientSessionBody represents the primary components of a ClientSession that // ClientSessionBody represents the primary components of a ClientSession that

@ -20,29 +20,6 @@ func NewSecretKeyRing() *SecretKeyRing {
} }
} }
// DerivePrivKey derives the private key for a given key descriptor. If
// this method is called twice with the same argument, it will return the same
// private key.
func (m *SecretKeyRing) DerivePrivKey(
desc keychain.KeyDescriptor) (*btcec.PrivateKey, error) {
m.mu.Lock()
defer m.mu.Unlock()
if key, ok := m.keys[desc.KeyLocator]; ok {
return key, nil
}
privKey, err := btcec.NewPrivateKey(btcec.S256())
if err != nil {
return nil, err
}
m.keys[desc.KeyLocator] = privKey
return privKey, nil
}
// DeriveKey attempts to derive an arbitrary key specified by the // DeriveKey attempts to derive an arbitrary key specified by the
// passed KeyLocator. This may be used in several recovery scenarios, // passed KeyLocator. This may be used in several recovery scenarios,
// or when manually rotating something like our current default node // or when manually rotating something like our current default node

@ -8,10 +8,10 @@ import (
"sync" "sync"
"time" "time"
"github.com/btcsuite/btcd/btcec"
"github.com/btcsuite/btcd/chaincfg/chainhash" "github.com/btcsuite/btcd/chaincfg/chainhash"
"github.com/btcsuite/btcd/connmgr" "github.com/btcsuite/btcd/connmgr"
"github.com/btcsuite/btcutil" "github.com/btcsuite/btcutil"
"github.com/lightningnetwork/lnd/keychain"
"github.com/lightningnetwork/lnd/lnwire" "github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/watchtower/wtdb" "github.com/lightningnetwork/lnd/watchtower/wtdb"
"github.com/lightningnetwork/lnd/watchtower/wtwire" "github.com/lightningnetwork/lnd/watchtower/wtwire"
@ -35,7 +35,7 @@ type Config struct {
// NodeKeyECDH is the the ECDH capable wrapper of the key to be used in // NodeKeyECDH is the the ECDH capable wrapper of the key to be used in
// accepting new brontide connections. // accepting new brontide connections.
NodeKeyECDH *btcec.PrivateKey NodeKeyECDH keychain.SingleKeyECDH
// Listeners specifies which address to which clients may connect. // Listeners specifies which address to which clients may connect.
Listeners []net.Listener Listeners []net.Listener