From ef40b2face514399a0ddc0319cdaad6d037ba283 Mon Sep 17 00:00:00 2001 From: Vincenzo Palazzo Date: Mon, 19 Feb 2024 10:04:01 +0100 Subject: [PATCH] hsmd: increase the min version Increasing the min version of the hsmd due that we added new code that required the hsmd to sign an announcements. One of the solution is to increase the min version in this way a signer like VLS fails directly during the init phase. Link: https://github.com/ElementsProject/lightning/issues/7074 Changelog-None: hsmd: increase the min version Signed-off-by: Vincenzo Palazzo --- common/hsm_version.h | 2 +- hsmd/hsmd.c | 7 +++++-- hsmd/libhsmd.c | 4 ++-- hsmd/libhsmd.h | 2 +- 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/common/hsm_version.h b/common/hsm_version.h index 5a2c2deac..bb9d561f6 100644 --- a/common/hsm_version.h +++ b/common/hsm_version.h @@ -23,6 +23,6 @@ * v5 with hsmd_revoke_commitment_tx: 5742538f87ef5d5bf55b66dc19e52c8683cfeb1b887d3e64ba530ba9a4d8e638 * v5 with sign_any_cannouncement: 5fdb9068c43a21887dc03f7dce410d2e3eeff6277f0d49b4fc56595a798fd4a4 */ -#define HSM_MIN_VERSION 3 +#define HSM_MIN_VERSION 5 #define HSM_MAX_VERSION 5 #endif /* LIGHTNING_COMMON_HSM_VERSION_H */ diff --git a/hsmd/hsmd.c b/hsmd/hsmd.c index 1aec53028..e3195ffae 100644 --- a/hsmd/hsmd.c +++ b/hsmd/hsmd.c @@ -436,7 +436,7 @@ static struct io_plan *init_hsm(struct io_conn *conn, struct secret *hsm_encryption_key; struct bip32_key_version bip32_key_version; u32 minversion, maxversion; - const u32 our_minversion = 2, our_maxversion = 3; + const u32 our_minversion = 4, our_maxversion = 5; /* This must be lightningd. */ assert(is_lightningd(c)); @@ -489,7 +489,10 @@ static struct io_plan *init_hsm(struct io_conn *conn, if (hsm_encryption_key) discard_key(take(hsm_encryption_key)); - return req_reply(conn, c, hsmd_init(hsm_secret, bip32_key_version)); + /* Define the minimum common max version for the hsmd one */ + u64 mutual_version = maxversion < our_maxversion ? maxversion : our_maxversion; + return req_reply(conn, c, hsmd_init(hsm_secret, mutual_version, + bip32_key_version)); } /*~ Since we process requests then service them in strict order, and because diff --git a/hsmd/libhsmd.c b/hsmd/libhsmd.c index a6cacdb90..0604cbb38 100644 --- a/hsmd/libhsmd.c +++ b/hsmd/libhsmd.c @@ -2151,7 +2151,7 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client, return hsmd_status_bad_request(client, msg, "Unknown request"); } -u8 *hsmd_init(struct secret hsm_secret, +u8 *hsmd_init(struct secret hsm_secret, const u64 hsmd_version, struct bip32_key_version bip32_key_version) { u8 bip32_seed[BIP32_ENTROPY_LEN_256]; @@ -2297,7 +2297,7 @@ u8 *hsmd_init(struct secret hsm_secret, * incompatibility detection) with alternate implementations. */ return take(towire_hsmd_init_reply_v4( - NULL, 4, + NULL, hsmd_version, /* Capabilities arg needs to be a tal array */ tal_dup_arr(tmpctx, u32, capabilities, ARRAY_SIZE(capabilities), 0), diff --git a/hsmd/libhsmd.h b/hsmd/libhsmd.h index 638819391..756c6c2f5 100644 --- a/hsmd/libhsmd.h +++ b/hsmd/libhsmd.h @@ -47,7 +47,7 @@ struct hsmd_client { * Returns the `hsmd_init_reply` with the information required by * `lightningd`. */ -u8 *hsmd_init(struct secret hsm_secret, +u8 *hsmd_init(struct secret hsm_secret, const u64 hsmd_version, struct bip32_key_version bip32_key_version); struct hsmd_client *hsmd_client_new_main(const tal_t *ctx, u64 capabilities,