common/bolt12_id: generate alias tweak.

For now we only use a fake id for requesting invoices (as a payer_key), but we will eventually use this generically, and we want plugins to be able to map them too, so use the same scheme as path_id: a generated secret using the makesecret API. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2024-11-19 01:43:36 +01:00 · 2024-08-01 09:33:35 +09:30 · 2024-08-01 09:33:35 +09:30 · 09401e34b6
commit 09401e34b6
parent ee47b9370f
4 changed files with 41 additions and 0 deletions
--- a/common/bolt12_id.c
+++ b/common/bolt12_id.c
@ -37,3 +37,11 @@ u8 *bolt12_path_id(const tal_t *ctx,

 	return (u8 *)tal_dup(ctx, struct secret, &path_secret);
 }
+
+void bolt12_alias_tweak(const struct secret *base_secret,
+			const void *input,
+			size_t input_len,
+			struct sha256 *tweak)
+{
+	hash_from_base(base_secret, input, input_len, tweak);
+}
--- a/common/bolt12_id.h
+++ b/common/bolt12_id.h
@ -10,6 +10,9 @@ struct sha256;
 /* String to use with makesecret to get the bolt12 base secret */
 #define BOLT12_ID_BASE_STRING "bolt12-invoice-base"

+/* String to use with makesecret to get node aliases */
+#define NODE_ALIAS_BASE_STRING "node-alias-base"
+
 /**
 * bolt12_path_secret: generate the "path_" field for the tlv_encrypted_data_tlv
 * @base_secret: the node-specific secret makesecret(BOLT12_ID_BASE_STRING)
@ -32,4 +35,20 @@ u8 *bolt12_path_id(const tal_t *ctx,
 		   const struct secret *base_secret,
 		   const struct sha256 *payment_hash);

+/**
+ * bolt12_alias_tweak: generate a tweak to disguise our node id for this offer/invoice_request
+ * @base_secret: the node-specific secret makesecret(NODE_ALIAS_BASE_STRING)
+ * @input: the byte array to use to generate the tweak.
+ * @input_len: the length of @input.
+ * @tweak: the resulting tweak.
+ *
+ * We use this tweak to disguise our node_id when we want a temporary id for a specific
+ * purpose.  The "input" can be shared publicly, as the base_secret prevents
+ * others from linking the tweak (or the resulting pubkey) to us.
+ */
+void bolt12_alias_tweak(const struct secret *base_secret,
+			const void *input,
+			size_t input_len,
+			struct sha256 *tweak);
+
 #endif /* LIGHTNING_COMMON_BOLT12_ID_H */
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@ -192,6 +192,17 @@ struct ext_key *hsm_init(struct lightningd *ld)
 	if (!fromwire_hsmd_derive_secret_reply(msg, &ld->invoicesecret_base))
 		err(EXITCODE_HSM_GENERIC_ERROR, "Bad derive_secret_reply");

+	/* This is equivalent to makesecret("node-alias-base") */
+	msg = towire_hsmd_derive_secret(NULL, tal_dup_arr(tmpctx, u8,
+							  (const u8 *)NODE_ALIAS_BASE_STRING,
+							  strlen(NODE_ALIAS_BASE_STRING), 0));
+	if (!wire_sync_write(ld->hsm_fd, take(msg)))
+		err(EXITCODE_HSM_GENERIC_ERROR, "Writing derive_secret msg to hsm");
+
+	msg = wire_sync_read(tmpctx, ld->hsm_fd);
+	if (!fromwire_hsmd_derive_secret_reply(msg, &ld->nodealias_base))
+		err(EXITCODE_HSM_GENERIC_ERROR, "Bad derive_secret_reply");
+
 	return bip32_base;
 }

--- a/lightningd/lightningd.h
+++ b/lightningd/lightningd.h
@ -157,6 +157,9 @@ struct lightningd {
 	/* Secret base for our invoices */
 	struct secret invoicesecret_base;

+	/* Secret base for node aliases  */
+	struct secret nodealias_base;
+
 	/* Feature set we offer. */
 	struct feature_set *our_features;