core-lightning/hsmd/hsmd_wire.csv
Rusty Russell 59efd160c1 hsmd: code to sign bolt12 messages with a tweaked key.
Invoices are signed with our own key, but we use a transient payer_key with a
tweak for invoice_requests (and refunds).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00

8.0 KiB

1# Clients should not give a bad request but not the HSM's decision to crash.
2msgtype,hsmstatus_client_bad_request,1000
3msgdata,hsmstatus_client_bad_request,id,node_id,
4msgdata,hsmstatus_client_bad_request,description,wirestring,
5msgdata,hsmstatus_client_bad_request,len,u16,
6msgdata,hsmstatus_client_bad_request,msg,u8,len
7#include <bitcoin/chainparams.h>
8# Start the HSM.
9msgtype,hsmd_init,11
10msgdata,hsmd_init,bip32_key_version,bip32_key_version,
11msgdata,hsmd_init,chainparams,chainparams,
12msgdata,hsmd_init,hsm_encryption_key,?secret,
13msgdata,hsmd_init,dev_force_privkey,?privkey,
14msgdata,hsmd_init,dev_force_bip32_seed,?secret,
15msgdata,hsmd_init,dev_force_channel_secrets,?secrets,
16msgdata,hsmd_init,dev_force_channel_secrets_shaseed,?sha256,
17#include <common/bip32.h>
18msgtype,hsmd_init_reply,111
19msgdata,hsmd_init_reply,node_id,node_id,
20msgdata,hsmd_init_reply,bip32,ext_key,
21msgdata,hsmd_init_reply,bolt12,pubkey32,
22# Get a new HSM FD, with the specified capabilities
23msgtype,hsmd_client_hsmfd,9
24# Which identity to use for requests
25msgdata,hsmd_client_hsmfd,id,node_id,
26# Database id for this client, if any.
27msgdata,hsmd_client_hsmfd,dbid,u64,
28msgdata,hsmd_client_hsmfd,capabilities,u64,
29# No content, just an fd.
30msgtype,hsmd_client_hsmfd_reply,109
31#include <common/derive_basepoints.h>
32# Get the basepoints and funding key for this specific channel.
33msgtype,hsmd_get_channel_basepoints,10
34msgdata,hsmd_get_channel_basepoints,peerid,node_id,
35msgdata,hsmd_get_channel_basepoints,dbid,u64,
36msgtype,hsmd_get_channel_basepoints_reply,110
37msgdata,hsmd_get_channel_basepoints_reply,basepoints,basepoints,
38msgdata,hsmd_get_channel_basepoints_reply,funding_pubkey,pubkey,
39# Return signature for a funding tx.
40#include <common/utxo.h>
41# Master asks the HSM to sign a node_announcement
42msgtype,hsmd_node_announcement_sig_req,6
43msgdata,hsmd_node_announcement_sig_req,annlen,u16,
44msgdata,hsmd_node_announcement_sig_req,announcement,u8,annlen
45msgtype,hsmd_node_announcement_sig_reply,106
46msgdata,hsmd_node_announcement_sig_reply,signature,secp256k1_ecdsa_signature,
47# Sign a withdrawal request
48#include <bitcoin/psbt.h>
49msgtype,hsmd_sign_withdrawal,7
50msgdata,hsmd_sign_withdrawal,num_inputs,u16,
51msgdata,hsmd_sign_withdrawal,inputs,utxo,num_inputs
52msgdata,hsmd_sign_withdrawal,psbt,wally_psbt,
53msgtype,hsmd_sign_withdrawal_reply,107
54msgdata,hsmd_sign_withdrawal_reply,psbt,wally_psbt,
55# Sign an invoice
56msgtype,hsmd_sign_invoice,8
57msgdata,hsmd_sign_invoice,len,u16,
58msgdata,hsmd_sign_invoice,u5bytes,u8,len
59msgdata,hsmd_sign_invoice,hrplen,u16,
60msgdata,hsmd_sign_invoice,hrp,u8,hrplen
61msgtype,hsmd_sign_invoice_reply,108
62msgdata,hsmd_sign_invoice_reply,sig,secp256k1_ecdsa_recoverable_signature,
63# Give me ECDH(node-id-secret,point)
64msgtype,hsmd_ecdh_req,1
65msgdata,hsmd_ecdh_req,point,pubkey,
66msgtype,hsmd_ecdh_resp,100
67msgdata,hsmd_ecdh_resp,ss,secret,
68msgtype,hsmd_cannouncement_sig_req,2
69msgdata,hsmd_cannouncement_sig_req,calen,u16,
70msgdata,hsmd_cannouncement_sig_req,ca,u8,calen
71msgtype,hsmd_cannouncement_sig_reply,102
72msgdata,hsmd_cannouncement_sig_reply,node_signature,secp256k1_ecdsa_signature,
73msgdata,hsmd_cannouncement_sig_reply,bitcoin_signature,secp256k1_ecdsa_signature,
74msgtype,hsmd_cupdate_sig_req,3
75msgdata,hsmd_cupdate_sig_req,culen,u16,
76msgdata,hsmd_cupdate_sig_req,cu,u8,culen
77msgtype,hsmd_cupdate_sig_reply,103
78msgdata,hsmd_cupdate_sig_reply,culen,u16,
79msgdata,hsmd_cupdate_sig_reply,cu,u8,culen
80# Master asks HSM to sign a commitment transaction.
81msgtype,hsmd_sign_commitment_tx,5
82msgdata,hsmd_sign_commitment_tx,peer_id,node_id,
83msgdata,hsmd_sign_commitment_tx,channel_dbid,u64,
84msgdata,hsmd_sign_commitment_tx,tx,bitcoin_tx,
85msgdata,hsmd_sign_commitment_tx,remote_funding_key,pubkey,
86msgtype,hsmd_sign_commitment_tx_reply,105
87msgdata,hsmd_sign_commitment_tx_reply,sig,bitcoin_signature,
88# Onchaind asks HSM to sign a spend to-us. Four variants, since each set
89# of keys is derived differently...
90# FIXME: Have master tell hsmd the keyindex, so it can validate output!
91msgtype,hsmd_sign_delayed_payment_to_us,12
92msgdata,hsmd_sign_delayed_payment_to_us,commit_num,u64,
93msgdata,hsmd_sign_delayed_payment_to_us,tx,bitcoin_tx,
94msgdata,hsmd_sign_delayed_payment_to_us,wscript_len,u16,
95msgdata,hsmd_sign_delayed_payment_to_us,wscript,u8,wscript_len
96msgtype,hsmd_sign_remote_htlc_to_us,13
97msgdata,hsmd_sign_remote_htlc_to_us,remote_per_commitment_point,pubkey,
98msgdata,hsmd_sign_remote_htlc_to_us,tx,bitcoin_tx,
99msgdata,hsmd_sign_remote_htlc_to_us,wscript_len,u16,
100msgdata,hsmd_sign_remote_htlc_to_us,wscript,u8,wscript_len
101msgdata,hsmd_sign_remote_htlc_to_us,option_anchor_outputs,bool,
102msgtype,hsmd_sign_penalty_to_us,14
103msgdata,hsmd_sign_penalty_to_us,revocation_secret,secret,
104msgdata,hsmd_sign_penalty_to_us,tx,bitcoin_tx,
105msgdata,hsmd_sign_penalty_to_us,wscript_len,u16,
106msgdata,hsmd_sign_penalty_to_us,wscript,u8,wscript_len
107# Onchaind asks HSM to sign a local HTLC success or HTLC timeout tx.
108msgtype,hsmd_sign_local_htlc_tx,16
109msgdata,hsmd_sign_local_htlc_tx,commit_num,u64,
110msgdata,hsmd_sign_local_htlc_tx,tx,bitcoin_tx,
111msgdata,hsmd_sign_local_htlc_tx,wscript_len,u16,
112msgdata,hsmd_sign_local_htlc_tx,wscript,u8,wscript_len
113msgdata,hsmd_sign_local_htlc_tx,option_anchor_outputs,bool,
114# Openingd/channeld asks HSM to sign the other sides' commitment tx.
115msgtype,hsmd_sign_remote_commitment_tx,19
116msgdata,hsmd_sign_remote_commitment_tx,tx,bitcoin_tx,
117msgdata,hsmd_sign_remote_commitment_tx,remote_funding_key,pubkey,
118msgdata,hsmd_sign_remote_commitment_tx,remote_per_commit,pubkey,
119msgdata,hsmd_sign_remote_commitment_tx,option_static_remotekey,bool,
120# channeld asks HSM to sign remote HTLC tx.
121msgtype,hsmd_sign_remote_htlc_tx,20
122msgdata,hsmd_sign_remote_htlc_tx,tx,bitcoin_tx,
123msgdata,hsmd_sign_remote_htlc_tx,len,u16,
124msgdata,hsmd_sign_remote_htlc_tx,wscript,u8,len
125msgdata,hsmd_sign_remote_htlc_tx,remote_per_commit_point,pubkey,
126msgdata,hsmd_sign_remote_htlc_tx,option_anchor_outputs,bool,
127# closingd asks HSM to sign mutual close tx.
128msgtype,hsmd_sign_mutual_close_tx,21
129msgdata,hsmd_sign_mutual_close_tx,tx,bitcoin_tx,
130msgdata,hsmd_sign_mutual_close_tx,remote_funding_key,pubkey,
131# Reply for all the above requests.
132msgtype,hsmd_sign_tx_reply,112
133msgdata,hsmd_sign_tx_reply,sig,bitcoin_signature,
134# Openingd/channeld/onchaind asks for Nth per_commitment_point, if > 2, gets N-2 secret.
135msgtype,hsmd_get_per_commitment_point,18
136msgdata,hsmd_get_per_commitment_point,n,u64,
137msgtype,hsmd_get_per_commitment_point_reply,118
138msgdata,hsmd_get_per_commitment_point_reply,per_commitment_point,pubkey,
139msgdata,hsmd_get_per_commitment_point_reply,old_commitment_secret,?secret,
140# master -> hsmd: do you have a memleak?
141msgtype,hsmd_dev_memleak,33
142msgtype,hsmd_dev_memleak_reply,133
143msgdata,hsmd_dev_memleak_reply,leak,bool,
144# channeld asks to check if claimed future commitment_secret is correct.
145msgtype,hsmd_check_future_secret,22
146msgdata,hsmd_check_future_secret,n,u64,
147msgdata,hsmd_check_future_secret,commitment_secret,secret,
148msgtype,hsmd_check_future_secret_reply,122
149msgdata,hsmd_check_future_secret_reply,correct,bool,
150# lightningd asks us to sign a string.
151msgtype,hsmd_sign_message,23
152msgdata,hsmd_sign_message,len,u16,
153msgdata,hsmd_sign_message,msg,u8,len
154msgtype,hsmd_sign_message_reply,123
155msgdata,hsmd_sign_message_reply,sig,secp256k1_ecdsa_recoverable_signature,
156# lightningd needs to get a scriptPubkey for a utxo with closeinfo
157msgtype,hsmd_get_output_scriptpubkey,24
158msgdata,hsmd_get_output_scriptpubkey,channel_id,u64,
159msgdata,hsmd_get_output_scriptpubkey,peer_id,node_id,
160msgdata,hsmd_get_output_scriptpubkey,commitment_point,?pubkey,
161msgtype,hsmd_get_output_scriptpubkey_reply,124
162msgdata,hsmd_get_output_scriptpubkey_reply,script_len,u16,
163msgdata,hsmd_get_output_scriptpubkey_reply,script,u8,script_len
164# Sign a bolt12-style merkle hash
165msgtype,hsmd_sign_bolt12,25
166msgdata,hsmd_sign_bolt12,messagename,wirestring,
167msgdata,hsmd_sign_bolt12,fieldname,wirestring,
168msgdata,hsmd_sign_bolt12,merkleroot,sha256,
169# This is for invreq payer_id (temporary keys)
170msgdata,hsmd_sign_bolt12,publictweaklen,u16,
171msgdata,hsmd_sign_bolt12,publictweak,u8,publictweaklen
172msgtype,hsmd_sign_bolt12_reply,125
173msgdata,hsmd_sign_bolt12_reply,sig,bip340sig,