hsmd: increase the min version

Increasing the min version of the hsmd due that we added new code that required the hsmd to sign an announcements. One of the solution is to increase the min version in this way a signer like VLS fails directly during the init phase. Link: https://github.com/ElementsProject/lightning/issues/7074 Changelog-None: hsmd: increase the min version Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
2025-03-15 11:59:16 +01:00 · 2024-02-19 10:04:01 +01:00 · 2024-02-19 10:04:01 +01:00 · ef40b2face
commit ef40b2face
parent b7b8e8dfc6
4 changed files with 9 additions and 6 deletions
--- a/common/hsm_version.h
+++ b/common/hsm_version.h
@ -23,6 +23,6 @@
 * v5 with hsmd_revoke_commitment_tx: 5742538f87ef5d5bf55b66dc19e52c8683cfeb1b887d3e64ba530ba9a4d8e638
 * v5 with sign_any_cannouncement: 5fdb9068c43a21887dc03f7dce410d2e3eeff6277f0d49b4fc56595a798fd4a4
 */
-#define HSM_MIN_VERSION 3
+#define HSM_MIN_VERSION 5
 #define HSM_MAX_VERSION 5
 #endif /* LIGHTNING_COMMON_HSM_VERSION_H */
--- a/hsmd/hsmd.c
+++ b/hsmd/hsmd.c
@ -436,7 +436,7 @@ static struct io_plan *init_hsm(struct io_conn *conn,
 	struct secret *hsm_encryption_key;
 	struct bip32_key_version bip32_key_version;
 	u32 minversion, maxversion;
-	const u32 our_minversion = 2, our_maxversion = 3;
+	const u32 our_minversion = 4, our_maxversion = 5;

 	/* This must be lightningd. */
 	assert(is_lightningd(c));
@ -489,7 +489,10 @@ static struct io_plan *init_hsm(struct io_conn *conn,
 	if (hsm_encryption_key)
 		discard_key(take(hsm_encryption_key));

-	return req_reply(conn, c, hsmd_init(hsm_secret, bip32_key_version));
+	/* Define the minimum common max version for the hsmd one */
+	u64 mutual_version = maxversion < our_maxversion ? maxversion : our_maxversion;
+	return req_reply(conn, c, hsmd_init(hsm_secret, mutual_version,
+					    bip32_key_version));
 }

 /*~ Since we process requests then service them in strict order, and because
--- a/hsmd/libhsmd.c
+++ b/hsmd/libhsmd.c
@ -2151,7 +2151,7 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
 	return hsmd_status_bad_request(client, msg, "Unknown request");
 }

-u8 *hsmd_init(struct secret hsm_secret,
+u8 *hsmd_init(struct secret hsm_secret, const u64 hsmd_version,
 	      struct bip32_key_version bip32_key_version)
 {
 	u8 bip32_seed[BIP32_ENTROPY_LEN_256];
@ -2297,7 +2297,7 @@ u8 *hsmd_init(struct secret hsm_secret,
 	 * incompatibility detection) with alternate implementations.
 	 */
 	return take(towire_hsmd_init_reply_v4(
-			    NULL, 4,
+			    NULL, hsmd_version,
 			    /* Capabilities arg needs to be a tal array */
 			    tal_dup_arr(tmpctx, u32, capabilities,
 					ARRAY_SIZE(capabilities), 0),
--- a/hsmd/libhsmd.h
+++ b/hsmd/libhsmd.h
@ -47,7 +47,7 @@ struct hsmd_client {
 * Returns the `hsmd_init_reply` with the information required by
 * `lightningd`.
 */
-u8 *hsmd_init(struct secret hsm_secret,
+u8 *hsmd_init(struct secret hsm_secret, const u64 hsmd_version,
 	      struct bip32_key_version bip32_key_version);

 struct hsmd_client *hsmd_client_new_main(const tal_t *ctx, u64 capabilities,