lightningd: get basepoints from hsmd, don't ever get seed.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2025-03-03 18:57:06 +01:00 · 2018-07-23 11:53:03 +09:30 · 2018-07-23 11:53:03 +09:30 · 231f14e645
commit 231f14e645
parent 9bf238e001
9 changed files with 57 additions and 63 deletions
--- a/hsmd/hsm.c
+++ b/hsmd/hsm.c
@ -921,14 +921,11 @@ static struct io_plan *handle_client(struct io_conn *conn,
 static void send_init_response(struct daemon_conn *master)
 {
 	struct pubkey node_id;
 	struct secret peer_seed;
 	u8 *msg;
 	hsm_peer_secret_base(&peer_seed);
 	node_key(NULL, &node_id);
-	msg = towire_hsm_init_reply(NULL, &node_id, &peer_seed,
+	msg = towire_hsm_init_reply(NULL, &node_id, &secretstuff.bip32);
 				    &secretstuff.bip32);
 	daemon_conn_send(master, take(msg));
 }
--- a/hsmd/hsm_client_wire_csv
+++ b/hsmd/hsm_client_wire_csv
@ -10,7 +10,6 @@ hsm_init,11
 #include <common/bip32.h>
 hsm_init_reply,111
 hsm_init_reply,,node_id,struct pubkey
 hsm_init_reply,,peer_seed,struct secret
 hsm_init_reply,,bip32,struct ext_key
 # Get a new HSM FD, with the specified capabilities
--- a/lightningd/channel.c
+++ b/lightningd/channel.c
@ -2,15 +2,19 @@
 #include <ccan/crypto/hkdf_sha256/hkdf_sha256.h>
 #include <ccan/tal/str/str.h>
 #include <common/wire_error.h>
 #include <errno.h>
 #include <gossipd/gen_gossip_wire.h>
 #include <hsmd/gen_hsm_client_wire.h>
 #include <inttypes.h>
 #include <lightningd/channel.h>
 #include <lightningd/gen_channel_state_names.h>
 #include <lightningd/hsm_control.h>
 #include <lightningd/jsonrpc.h>
 #include <lightningd/lightningd.h>
 #include <lightningd/log.h>
 #include <lightningd/peer_control.h>
 #include <lightningd/subd.h>
 #include <wire/wire_sync.h>
 static bool connects_to_peer(struct subd *owner)
 {
@ -99,35 +103,24 @@ void delete_channel(struct channel *channel)
 		delete_peer(peer);
 }
-/* FIXME: We have no business knowing this! */
+void get_channel_basepoints(struct lightningd *ld,
 /**
 * derive_channel_seed - Generate a unique secret for this peer's channel
 *
 * @ld: the lightning daemon to get global secret from
 * @seed: where to store the generated secret
 * @peer_id: the id node_id of the remote peer
 * @dbid: channel DBID
 *
 * This method generates a unique secret from the given parameters. It
 * is important that this secret be unique for each channel, but it
 * must be reproducible for the same channel in case of
 * reconnection. We use the DB channel ID to guarantee unique secrets
 * per channel.
 */
 void derive_channel_seed(struct lightningd *ld, struct secret *seed,
 			    const struct pubkey *peer_id,
-			 const u64 dbid)
+			    const u64 dbid,
 			    struct basepoints *local_basepoints,
 			    struct pubkey *local_funding_pubkey)
 {
-	u8 input[PUBKEY_DER_LEN + sizeof(dbid)];
+	u8 *msg;
 	char *info = "per-peer seed";
 	pubkey_to_der(input, peer_id);
 	memcpy(input + PUBKEY_DER_LEN, &dbid, sizeof(dbid));
 	assert(dbid != 0);
-	hkdf_sha256(seed, sizeof(*seed),
+	msg = towire_hsm_get_channel_basepoints(NULL, peer_id, dbid);
-		    input, sizeof(input),
+	if (!wire_sync_write(ld->hsm_fd, take(msg)))
-		    &ld->peer_seed, sizeof(ld->peer_seed),
+		fatal("Could not write to HSM: %s", strerror(errno));
-		    info, strlen(info));
+
 	msg = wire_sync_read(tmpctx, ld->hsm_fd);
 	if (!fromwire_hsm_get_channel_basepoints_reply(msg, local_basepoints,
 						       local_funding_pubkey))
 		fatal("HSM gave bad hsm_get_channel_basepoints_reply %s",
 		      tal_hex(msg, msg));
 }
 struct channel *new_channel(struct peer *peer, u64 dbid,
@ -231,7 +224,6 @@ struct channel *new_channel(struct peer *peer, u64 dbid,
 	channel->connected = connected;
 	channel->local_basepoints = *local_basepoints;
 	channel->local_funding_pubkey = *local_funding_pubkey;
 	derive_channel_seed(peer->ld, &channel->seed, &peer->id, channel->dbid);
 	list_add_tail(&peer->channels, &channel->list);
 	tal_add_destructor(channel, destroy_channel);
--- a/lightningd/channel.h
+++ b/lightningd/channel.h
@ -78,9 +78,6 @@ struct channel {
 	/* Keys for channel */
 	struct channel_info channel_info;
 	/* Secret seed (FIXME: Move to hsm!) */
 	struct secret seed;
 	/* Our local basepoints */
 	struct basepoints local_basepoints;
@ -211,9 +208,11 @@ static inline bool channel_active(const struct channel *channel)
 		&& !channel_on_chain(channel);
 }
-void derive_channel_seed(struct lightningd *ld, struct secret *seed,
+void get_channel_basepoints(struct lightningd *ld,
 			    const struct pubkey *peer_id,
-			 const u64 dbid);
+			    const u64 dbid,
 			    struct basepoints *local_basepoints,
 			    struct pubkey *local_funding_pubkey);
 void channel_set_billboard(struct channel *channel, bool perm,
 			   const char *str TAKES);
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@ -63,8 +63,6 @@ void hsm_init(struct lightningd *ld)
 	ld->wallet->bip32_base = tal(ld->wallet, struct ext_key);
 	msg = wire_sync_read(tmpctx, ld->hsm_fd);
 	if (!fromwire_hsm_init_reply(msg,
-					&ld->id,
+				     &ld->id, ld->wallet->bip32_base))
 					&ld->peer_seed,
 					ld->wallet->bip32_base))
 		errx(1, "HSM did not give init reply");
 }
--- a/lightningd/lightningd.h
+++ b/lightningd/lightningd.h
@ -131,8 +131,6 @@ struct lightningd {
 	/* All peers we're tracking. */
 	struct list_head peers;
 	/* FIXME: This should stay in HSM */
 	struct secret peer_seed;
 	/* Outstanding connect commands. */
 	struct list_head connects;
--- a/lightningd/opening_control.c
+++ b/lightningd/opening_control.c
@ -46,9 +46,6 @@ struct uncommitted_channel {
 	/* If we offered channel, this contains information, otherwise NULL */
 	struct funding_channel *fc;
 	/* Secret seed (FIXME: Move to hsm!) */
 	struct secret seed;
 	/* Our basepoints for the channel. */
 	struct basepoints local_basepoints;
@ -622,11 +619,8 @@ new_uncommitted_channel(struct lightningd *ld,
 	uc->first_blocknum = get_block_height(ld->topology);
 	uc->our_config.id = 0;
-	/* FIXME: Keep these in HSM! */
+	get_channel_basepoints(ld, &uc->peer->id, uc->dbid,
-	derive_channel_seed(ld, &uc->seed, &uc->peer->id, uc->dbid);
+			       &uc->local_basepoints, &uc->local_funding_pubkey);
 	derive_basepoints(&uc->seed,
 			  &uc->local_funding_pubkey, &uc->local_basepoints,
 			  NULL, NULL);
 	uc->peer->uncommitted_channel = uc;
 	tal_add_destructor(uc, destroy_uncommitted_channel);
--- a/wallet/test/run-wallet.c
+++ b/wallet/test/run-wallet.c
@ -410,12 +410,6 @@ struct txowatch *watch_txo(const tal_t *ctx UNNEEDED,
 						   size_t input_num UNNEEDED,
 						   const struct block *block))
 { fprintf(stderr, "watch_txo called!\n"); abort(); }
 /* Generated stub for wire_sync_read */
 u8 *wire_sync_read(const tal_t *ctx UNNEEDED, int fd UNNEEDED)
 { fprintf(stderr, "wire_sync_read called!\n"); abort(); }
 /* Generated stub for wire_sync_write */
 bool wire_sync_write(int fd UNNEEDED, const void *msg TAKES UNNEEDED)
 { fprintf(stderr, "wire_sync_write called!\n"); abort(); }
 /* AUTOGENERATED MOCKS END */
 #if DEVELOPER
@ -423,6 +417,33 @@ bool dev_disconnect_permanent(struct lightningd *ld UNNEEDED)
 { fprintf(stderr, "dev_disconnect_permanent called!\n"); abort(); }
 #endif
 /* Fake stubs to talk to hsm */
 u8 *towire_hsm_get_channel_basepoints(const tal_t *ctx UNNEEDED, const struct pubkey *peerid UNNEEDED, u64 dbid UNNEEDED)
 {
 	return NULL;
 }
 bool wire_sync_write(int fd UNNEEDED, const void *msg TAKES UNNEEDED)
 {
 	return true;
 }
 u8 *wire_sync_read(const tal_t *ctx UNNEEDED, int fd UNNEEDED)
 {
 	return NULL;
 }
 bool fromwire_hsm_get_channel_basepoints_reply(const void *p UNNEEDED,
 					       struct basepoints *basepoints,
 					       struct pubkey *funding_pubkey)
 {
 	struct secret empty;
 	memset(&empty, 0, sizeof(empty));
 	pubkey_from_secret(&empty, funding_pubkey);
 	pubkey_from_secret(&empty, &basepoints->revocation);
 	pubkey_from_secret(&empty, &basepoints->payment);
 	pubkey_from_secret(&empty, &basepoints->htlc);
 	pubkey_from_secret(&empty, &basepoints->delayed_payment);
 	return true;
 }
 static char *wallet_err;
 static void wallet_fatal(const char *fmt, ...)
 {
--- a/wallet/wallet.c
+++ b/wallet/wallet.c
@ -566,7 +566,6 @@ static struct channel *wallet_stmt2channel(const tal_t *ctx, struct wallet *w, s
 	s64 final_key_idx;
 	struct basepoints local_basepoints;
 	struct pubkey local_funding_pubkey;
 	struct secret seed;
 	peer_dbid = sqlite3_column_int64(stmt, 1);
 	peer = find_peer_by_dbid(w->ld, peer_dbid);
@ -627,11 +626,8 @@ static struct channel *wallet_stmt2channel(const tal_t *ctx, struct wallet *w, s
 		return NULL;
 	}
-	/* FIXME: this belongs in HSM */
+	get_channel_basepoints(w->ld, &peer->id, sqlite3_column_int64(stmt, 0),
-	derive_channel_seed(w->ld, &seed, &peer->id,
+			       &local_basepoints, &local_funding_pubkey);
 			    sqlite3_column_int64(stmt, 0));
 	derive_basepoints(&seed, &local_funding_pubkey, &local_basepoints,
 			  NULL, NULL);
 	chan = new_channel(peer, sqlite3_column_int64(stmt, 0),
 			   &wshachain,
 			   sqlite3_column_int(stmt, 5),