docs: document hsmtool getcodexsecret, refer to it for recover.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-01-19 05:44:12 +01:00 · 2023-08-01 10:59:59 +09:30 · 2023-08-01 10:59:59 +09:30 · 1526b4e7e1
commit 1526b4e7e1
parent 5900742b3a
2 changed files with 4 additions and 2 deletions
--- a/doc/lightning-hsmtool.8.md
+++ b/doc/lightning-hsmtool.8.md
@ -73,6 +73,9 @@ the last parameter. By default, mainnet-encoded keys are generated.
 This produces the same results as lightning-commando-rune(7) on a fresh node.
 You will still need to create a rune once the node starts, if you want commando to work (as it is only activated once it has generated one).

+**getcodexsecret** *hsm\_secret\_path* *id*
+  Print out the BIP-93 formatted HSM secret, for use with `--recover`.  The `id` is any 4 character string you can use to identify this secret (e.g. `adi0`): it cannot contain `i`, `o`, or `b`, but can contain digits except `1`.
+
 BUGS
 ----

--- a/doc/lightningd-config.5.md
+++ b/doc/lightningd-config.5.md
@ -292,8 +292,7 @@ connections; default is not to activate the plugin at all.

 * **recover**=*codex32secret*

-  A 32-byte secret encoded as a codex32 secret string. This would be used to construct
-`hsm_secret`` in case it doesn't exist.
+  Restore the node from a 32-byte secret encoded as a codex32 secret string: this will fail if the `hsm_secret` file exists.  Your node will start the node in offline mode, for manual recovery.  The secret can be extracted from the `hsm_secret` using hsmtool(8).

 * **alias**=*NAME*