From 09401e34b64209188fe66bcfc6ddf151a5adce15 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 1 Aug 2024 09:33:35 +0930 Subject: [PATCH] common/bolt12_id: generate alias tweak. For now we only use a fake id for requesting invoices (as a payer_key), but we will eventually use this generically, and we want plugins to be able to map them too, so use the same scheme as path_id: a generated secret using the makesecret API. Signed-off-by: Rusty Russell --- common/bolt12_id.c | 8 ++++++++ common/bolt12_id.h | 19 +++++++++++++++++++ lightningd/hsm_control.c | 11 +++++++++++ lightningd/lightningd.h | 3 +++ 4 files changed, 41 insertions(+) diff --git a/common/bolt12_id.c b/common/bolt12_id.c index c22a40409..3348b995a 100644 --- a/common/bolt12_id.c +++ b/common/bolt12_id.c @@ -37,3 +37,11 @@ u8 *bolt12_path_id(const tal_t *ctx, return (u8 *)tal_dup(ctx, struct secret, &path_secret); } + +void bolt12_alias_tweak(const struct secret *base_secret, + const void *input, + size_t input_len, + struct sha256 *tweak) +{ + hash_from_base(base_secret, input, input_len, tweak); +} diff --git a/common/bolt12_id.h b/common/bolt12_id.h index 25e17e0bf..f99b275fd 100644 --- a/common/bolt12_id.h +++ b/common/bolt12_id.h @@ -10,6 +10,9 @@ struct sha256; /* String to use with makesecret to get the bolt12 base secret */ #define BOLT12_ID_BASE_STRING "bolt12-invoice-base" +/* String to use with makesecret to get node aliases */ +#define NODE_ALIAS_BASE_STRING "node-alias-base" + /** * bolt12_path_secret: generate the "path_" field for the tlv_encrypted_data_tlv * @base_secret: the node-specific secret makesecret(BOLT12_ID_BASE_STRING) @@ -32,4 +35,20 @@ u8 *bolt12_path_id(const tal_t *ctx, const struct secret *base_secret, const struct sha256 *payment_hash); +/** + * bolt12_alias_tweak: generate a tweak to disguise our node id for this offer/invoice_request + * @base_secret: the node-specific secret makesecret(NODE_ALIAS_BASE_STRING) + * @input: the byte array to use to generate the tweak. + * @input_len: the length of @input. + * @tweak: the resulting tweak. + * + * We use this tweak to disguise our node_id when we want a temporary id for a specific + * purpose. The "input" can be shared publicly, as the base_secret prevents + * others from linking the tweak (or the resulting pubkey) to us. + */ +void bolt12_alias_tweak(const struct secret *base_secret, + const void *input, + size_t input_len, + struct sha256 *tweak); + #endif /* LIGHTNING_COMMON_BOLT12_ID_H */ diff --git a/lightningd/hsm_control.c b/lightningd/hsm_control.c index aa7395a87..5b49dfc47 100644 --- a/lightningd/hsm_control.c +++ b/lightningd/hsm_control.c @@ -192,6 +192,17 @@ struct ext_key *hsm_init(struct lightningd *ld) if (!fromwire_hsmd_derive_secret_reply(msg, &ld->invoicesecret_base)) err(EXITCODE_HSM_GENERIC_ERROR, "Bad derive_secret_reply"); + /* This is equivalent to makesecret("node-alias-base") */ + msg = towire_hsmd_derive_secret(NULL, tal_dup_arr(tmpctx, u8, + (const u8 *)NODE_ALIAS_BASE_STRING, + strlen(NODE_ALIAS_BASE_STRING), 0)); + if (!wire_sync_write(ld->hsm_fd, take(msg))) + err(EXITCODE_HSM_GENERIC_ERROR, "Writing derive_secret msg to hsm"); + + msg = wire_sync_read(tmpctx, ld->hsm_fd); + if (!fromwire_hsmd_derive_secret_reply(msg, &ld->nodealias_base)) + err(EXITCODE_HSM_GENERIC_ERROR, "Bad derive_secret_reply"); + return bip32_base; } diff --git a/lightningd/lightningd.h b/lightningd/lightningd.h index 49a25b7d8..ea6546dac 100644 --- a/lightningd/lightningd.h +++ b/lightningd/lightningd.h @@ -157,6 +157,9 @@ struct lightningd { /* Secret base for our invoices */ struct secret invoicesecret_base; + /* Secret base for node aliases */ + struct secret nodealias_base; + /* Feature set we offer. */ struct feature_set *our_features;