Commit Graph

6 Commits

Author SHA1 Message Date
Rusty Russell
0f6687ec7b codex32: use "cl" instead of "ms" as our HRP.
This was strongly recommended by Russell O'Connor: the "ms" implies that
it's a BIP-32 master secret, and this is CLN specific.

If we changed the hrp to "cln" it would be better, but apparently that
means we no longer fit in a "standard billfold metal wallet" (and
our code assumes a 2-byte prefix anyway).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2023-08-02 16:12:32 +09:30
Rusty Russell
4dcd712d6e hsmtool: tighten checks for validity on getcodexsecret
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2023-08-02 08:42:50 +09:30
adi2011
d00efbccde common/codex32: Add codex32_secret_encode to encode seeds in bip93 format. 2023-07-31 20:57:40 +09:30
Rusty Russell
58327a594f codex32: rework.
Firstly, I wanted the results easier to use:
1. Make them always lower case, even if the string was UPPER.
2. Decode the payload for them.
3. Don't give the user any fields they don't need, and make
   the field sizes explicit.

Secondly, I wanted to avoid the pattern of "check in one place, assume
in another", in favour of "check on use".

So, I changed the code to lower the string if it needs to at the start,
and then changed the pull functions so we always use them to get data:
this way we should fail clearly and gracefully if we don't have enough data.

I made all the checks explicit, where we assign the fields.

I also addressed the FIXME: I think the array is *often* one shorter,
but not always, so I trim the last byte at the end if needed.

[ Aditya modified the tests to work ]

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2023-07-31 11:29:59 +09:30
adi2011
135a739023 common/codex32: Added checksum verification for codex32 encoding. 2023-07-31 11:29:59 +09:30
adi2011
efc783422f common/codex32: Added codex32_decode() without checksum verification. 2023-07-31 11:29:59 +09:30