diff --git a/lnrpc/signrpc/driver.go b/lnrpc/signrpc/driver.go new file mode 100644 index 000000000..7065d8e4e --- /dev/null +++ b/lnrpc/signrpc/driver.go @@ -0,0 +1,66 @@ +// +build signrpc + +package signrpc + +import ( + "fmt" + + "github.com/lightningnetwork/lnd/lnrpc" +) + +// createNewSubServer is a helper method that will create the new signer sub +// server given the main config dispatcher method. If we're unable to find the +// config that is meant for us in the config dispatcher, then we'll exit with +// an error. +func createNewSubServer(configRegistry lnrpc.SubServerConfigDispatcher) ( + lnrpc.SubServer, lnrpc.MacaroonPerms, error) { + + // We'll attempt to look up the config that we expect, according to our + // subServerName name. If we can't find this, then we'll exit with an + // error, as we're unable to properly initialize ourselves without this + // config. + signServerConf, ok := configRegistry.FetchConfig(subServerName) + if !ok { + return nil, nil, fmt.Errorf("unable to find config for "+ + "subserver type %s", subServerName) + } + + // Now that we've found an object mapping to our service name, we'll + // ensure that it's the type we need. + config, ok := signServerConf.(*Config) + if !ok { + return nil, nil, fmt.Errorf("wrong type of config for "+ + "subserver %s, expected %T got %T", subServerName, + &Config{}, signServerConf) + } + + // If the macaroon service is set (we should use macaroons), then + // ensure that we know where to look for them, or create them if not + // found. + switch { + case config.MacService != nil && config.NetworkDir == "": + return nil, nil, fmt.Errorf("NetworkDir must be set to create " + + "Signrpc") + case config.Signer == nil: + return nil, nil, fmt.Errorf("Signer must be set to create " + + "Signrpc") + } + + return New(config) +} + +func init() { + subServer := &lnrpc.SubServerDriver{ + SubServerName: subServerName, + New: func(c lnrpc.SubServerConfigDispatcher) (lnrpc.SubServer, lnrpc.MacaroonPerms, error) { + return createNewSubServer(c) + }, + } + + // If the build tag is active, then we'll register ourselves as a + // sub-RPC server within the global lnrpc package namespace. + if err := lnrpc.RegisterSubServer(subServer); err != nil { + panic(fmt.Sprintf("failed to register sub server driver '%s': %v", + subServerName, err)) + } +} diff --git a/lnrpc/signrpc/signer.pb.go b/lnrpc/signrpc/signer.pb.go new file mode 100644 index 000000000..c0ed582d3 --- /dev/null +++ b/lnrpc/signrpc/signer.pb.go @@ -0,0 +1,481 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// source: signer.proto + +/* +Package signrpc is a generated protocol buffer package. + +It is generated from these files: + signer.proto + +It has these top-level messages: + KeyLocator + KeyDescriptor + TxOut + SignDescriptor + SignReq + SignResp +*/ +package signrpc + +import proto "github.com/golang/protobuf/proto" +import fmt "fmt" +import math "math" + +import ( + context "golang.org/x/net/context" + grpc "google.golang.org/grpc" +) + +// Reference imports to suppress errors if they are not otherwise used. +var _ = proto.Marshal +var _ = fmt.Errorf +var _ = math.Inf + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the proto package it is being compiled against. +// A compilation error at this line likely means your copy of the +// proto package needs to be updated. +const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package + +type KeyLocator struct { + // / The family of key being identified. + KeyFamily int32 `protobuf:"varint,1,opt,name=key_family,json=keyFamily" json:"key_family,omitempty"` + // / The precise index of the key being identified. + KeyIndex int32 `protobuf:"varint,2,opt,name=key_index,json=keyIndex" json:"key_index,omitempty"` +} + +func (m *KeyLocator) Reset() { *m = KeyLocator{} } +func (m *KeyLocator) String() string { return proto.CompactTextString(m) } +func (*KeyLocator) ProtoMessage() {} +func (*KeyLocator) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + +func (m *KeyLocator) GetKeyFamily() int32 { + if m != nil { + return m.KeyFamily + } + return 0 +} + +func (m *KeyLocator) GetKeyIndex() int32 { + if m != nil { + return m.KeyIndex + } + return 0 +} + +type KeyDescriptor struct { + // Types that are valid to be assigned to Key: + // *KeyDescriptor_RawKeyBytes + // *KeyDescriptor_KeyLoc + Key isKeyDescriptor_Key `protobuf_oneof:"key"` +} + +func (m *KeyDescriptor) Reset() { *m = KeyDescriptor{} } +func (m *KeyDescriptor) String() string { return proto.CompactTextString(m) } +func (*KeyDescriptor) ProtoMessage() {} +func (*KeyDescriptor) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} } + +type isKeyDescriptor_Key interface { + isKeyDescriptor_Key() +} + +type KeyDescriptor_RawKeyBytes struct { + RawKeyBytes []byte `protobuf:"bytes,1,opt,name=raw_key_bytes,json=rawKeyBytes,proto3,oneof"` +} +type KeyDescriptor_KeyLoc struct { + KeyLoc *KeyLocator `protobuf:"bytes,2,opt,name=key_loc,json=keyLoc,oneof"` +} + +func (*KeyDescriptor_RawKeyBytes) isKeyDescriptor_Key() {} +func (*KeyDescriptor_KeyLoc) isKeyDescriptor_Key() {} + +func (m *KeyDescriptor) GetKey() isKeyDescriptor_Key { + if m != nil { + return m.Key + } + return nil +} + +func (m *KeyDescriptor) GetRawKeyBytes() []byte { + if x, ok := m.GetKey().(*KeyDescriptor_RawKeyBytes); ok { + return x.RawKeyBytes + } + return nil +} + +func (m *KeyDescriptor) GetKeyLoc() *KeyLocator { + if x, ok := m.GetKey().(*KeyDescriptor_KeyLoc); ok { + return x.KeyLoc + } + return nil +} + +// XXX_OneofFuncs is for the internal use of the proto package. +func (*KeyDescriptor) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{}) { + return _KeyDescriptor_OneofMarshaler, _KeyDescriptor_OneofUnmarshaler, _KeyDescriptor_OneofSizer, []interface{}{ + (*KeyDescriptor_RawKeyBytes)(nil), + (*KeyDescriptor_KeyLoc)(nil), + } +} + +func _KeyDescriptor_OneofMarshaler(msg proto.Message, b *proto.Buffer) error { + m := msg.(*KeyDescriptor) + // key + switch x := m.Key.(type) { + case *KeyDescriptor_RawKeyBytes: + b.EncodeVarint(1<<3 | proto.WireBytes) + b.EncodeRawBytes(x.RawKeyBytes) + case *KeyDescriptor_KeyLoc: + b.EncodeVarint(2<<3 | proto.WireBytes) + if err := b.EncodeMessage(x.KeyLoc); err != nil { + return err + } + case nil: + default: + return fmt.Errorf("KeyDescriptor.Key has unexpected type %T", x) + } + return nil +} + +func _KeyDescriptor_OneofUnmarshaler(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error) { + m := msg.(*KeyDescriptor) + switch tag { + case 1: // key.raw_key_bytes + if wire != proto.WireBytes { + return true, proto.ErrInternalBadWireType + } + x, err := b.DecodeRawBytes(true) + m.Key = &KeyDescriptor_RawKeyBytes{x} + return true, err + case 2: // key.key_loc + if wire != proto.WireBytes { + return true, proto.ErrInternalBadWireType + } + msg := new(KeyLocator) + err := b.DecodeMessage(msg) + m.Key = &KeyDescriptor_KeyLoc{msg} + return true, err + default: + return false, nil + } +} + +func _KeyDescriptor_OneofSizer(msg proto.Message) (n int) { + m := msg.(*KeyDescriptor) + // key + switch x := m.Key.(type) { + case *KeyDescriptor_RawKeyBytes: + n += proto.SizeVarint(1<<3 | proto.WireBytes) + n += proto.SizeVarint(uint64(len(x.RawKeyBytes))) + n += len(x.RawKeyBytes) + case *KeyDescriptor_KeyLoc: + s := proto.Size(x.KeyLoc) + n += proto.SizeVarint(2<<3 | proto.WireBytes) + n += proto.SizeVarint(uint64(s)) + n += s + case nil: + default: + panic(fmt.Sprintf("proto: unexpected type %T in oneof", x)) + } + return n +} + +type TxOut struct { + // / The value of the output being spent. + Value int64 `protobuf:"varint,1,opt,name=value" json:"value,omitempty"` + // / The script of the output being spent. + PkScript []byte `protobuf:"bytes,2,opt,name=pk_script,json=pkScript,proto3" json:"pk_script,omitempty"` +} + +func (m *TxOut) Reset() { *m = TxOut{} } +func (m *TxOut) String() string { return proto.CompactTextString(m) } +func (*TxOut) ProtoMessage() {} +func (*TxOut) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{2} } + +func (m *TxOut) GetValue() int64 { + if m != nil { + return m.Value + } + return 0 +} + +func (m *TxOut) GetPkScript() []byte { + if m != nil { + return m.PkScript + } + return nil +} + +type SignDescriptor struct { + // * + // A descriptor that precisely describes *which* key to use for signing. This + // may provide the raw public key directly, or require the Signer to re-derive + // the key according to the populated derivation path. + KeyDesc *KeyDescriptor `protobuf:"bytes,1,opt,name=key_desc,json=keyDesc" json:"key_desc,omitempty"` + // * + // A scalar value that will be added to the private key corresponding to the + // above public key to obtain the private key to be used to sign this input. + // This value is typically derived via the following computation: + // + // derivedKey = privkey + sha256(perCommitmentPoint || pubKey) mod N + SingleTweak []byte `protobuf:"bytes,2,opt,name=single_tweak,json=singleTweak,proto3" json:"single_tweak,omitempty"` + // * + // A private key that will be used in combination with its corresponding + // private key to derive the private key that is to be used to sign the target + // input. Within the Lightning protocol, this value is typically the + // commitment secret from a previously revoked commitment transaction. This + // value is in combination with two hash values, and the original private key + // to derive the private key to be used when signing. + // + // k = (privKey*sha256(pubKey || tweakPub) + + // tweakPriv*sha256(tweakPub || pubKey)) mod N + DoubleTweak []byte `protobuf:"bytes,3,opt,name=double_tweak,json=doubleTweak,proto3" json:"double_tweak,omitempty"` + // * + // The full script required to properly redeem the output. This field will + // only be populated if a p2wsh or a p2sh output is being signed. + WitnessScript []byte `protobuf:"bytes,4,opt,name=witness_script,json=witnessScript,proto3" json:"witness_script,omitempty"` + // * + // A description of the output being spent. The value and script MUST be provided. + Output *TxOut `protobuf:"bytes,5,opt,name=output" json:"output,omitempty"` + // * + // The target sighash type that should be used when generating the final + // sighash, and signature. + Sighash uint32 `protobuf:"varint,7,opt,name=sighash" json:"sighash,omitempty"` + // * + // The target input within the transaction that should be signed. + InputIndex int32 `protobuf:"varint,8,opt,name=input_index,json=inputIndex" json:"input_index,omitempty"` +} + +func (m *SignDescriptor) Reset() { *m = SignDescriptor{} } +func (m *SignDescriptor) String() string { return proto.CompactTextString(m) } +func (*SignDescriptor) ProtoMessage() {} +func (*SignDescriptor) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{3} } + +func (m *SignDescriptor) GetKeyDesc() *KeyDescriptor { + if m != nil { + return m.KeyDesc + } + return nil +} + +func (m *SignDescriptor) GetSingleTweak() []byte { + if m != nil { + return m.SingleTweak + } + return nil +} + +func (m *SignDescriptor) GetDoubleTweak() []byte { + if m != nil { + return m.DoubleTweak + } + return nil +} + +func (m *SignDescriptor) GetWitnessScript() []byte { + if m != nil { + return m.WitnessScript + } + return nil +} + +func (m *SignDescriptor) GetOutput() *TxOut { + if m != nil { + return m.Output + } + return nil +} + +func (m *SignDescriptor) GetSighash() uint32 { + if m != nil { + return m.Sighash + } + return 0 +} + +func (m *SignDescriptor) GetInputIndex() int32 { + if m != nil { + return m.InputIndex + } + return 0 +} + +type SignReq struct { + // / The raw bytes of the transaction to be signed. + RawTxBytes []byte `protobuf:"bytes,1,opt,name=raw_tx_bytes,json=rawTxBytes,proto3" json:"raw_tx_bytes,omitempty"` + // / A set of sign descriptors, for each input to be signed. + SignDescs []*SignDescriptor `protobuf:"bytes,2,rep,name=sign_descs,json=signDescs" json:"sign_descs,omitempty"` +} + +func (m *SignReq) Reset() { *m = SignReq{} } +func (m *SignReq) String() string { return proto.CompactTextString(m) } +func (*SignReq) ProtoMessage() {} +func (*SignReq) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} } + +func (m *SignReq) GetRawTxBytes() []byte { + if m != nil { + return m.RawTxBytes + } + return nil +} + +func (m *SignReq) GetSignDescs() []*SignDescriptor { + if m != nil { + return m.SignDescs + } + return nil +} + +type SignResp struct { + // * + // A set of signatures realized in a fixed 64-byte format ordered in ascending + // input order. + RawSigs [][]byte `protobuf:"bytes,1,rep,name=raw_sigs,json=rawSigs,proto3" json:"raw_sigs,omitempty"` +} + +func (m *SignResp) Reset() { *m = SignResp{} } +func (m *SignResp) String() string { return proto.CompactTextString(m) } +func (*SignResp) ProtoMessage() {} +func (*SignResp) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{5} } + +func (m *SignResp) GetRawSigs() [][]byte { + if m != nil { + return m.RawSigs + } + return nil +} + +func init() { + proto.RegisterType((*KeyLocator)(nil), "signrpc.KeyLocator") + proto.RegisterType((*KeyDescriptor)(nil), "signrpc.KeyDescriptor") + proto.RegisterType((*TxOut)(nil), "signrpc.TxOut") + proto.RegisterType((*SignDescriptor)(nil), "signrpc.SignDescriptor") + proto.RegisterType((*SignReq)(nil), "signrpc.SignReq") + proto.RegisterType((*SignResp)(nil), "signrpc.SignResp") +} + +// Reference imports to suppress errors if they are not otherwise used. +var _ context.Context +var _ grpc.ClientConn + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +const _ = grpc.SupportPackageIsVersion4 + +// Client API for Signer service + +type SignerClient interface { + // * + // SignOutputRaw is a method that can be used to generated a signature for a + // set of inputs/outputs to a transaction. Each request specifies details + // concerning how the outputs should be signed, which keys they should be + // signed with, and also any optional tweaks. The return value is a fixed + // 64-byte signature (the same format as we use on the wire in Lightning). + // + // If we're unable to sign using the specified keys, then an error will be + // returned. + SignOutputRaw(ctx context.Context, in *SignReq, opts ...grpc.CallOption) (*SignResp, error) +} + +type signerClient struct { + cc *grpc.ClientConn +} + +func NewSignerClient(cc *grpc.ClientConn) SignerClient { + return &signerClient{cc} +} + +func (c *signerClient) SignOutputRaw(ctx context.Context, in *SignReq, opts ...grpc.CallOption) (*SignResp, error) { + out := new(SignResp) + err := grpc.Invoke(ctx, "/signrpc.Signer/SignOutputRaw", in, out, c.cc, opts...) + if err != nil { + return nil, err + } + return out, nil +} + +// Server API for Signer service + +type SignerServer interface { + // * + // SignOutputRaw is a method that can be used to generated a signature for a + // set of inputs/outputs to a transaction. Each request specifies details + // concerning how the outputs should be signed, which keys they should be + // signed with, and also any optional tweaks. The return value is a fixed + // 64-byte signature (the same format as we use on the wire in Lightning). + // + // If we're unable to sign using the specified keys, then an error will be + // returned. + SignOutputRaw(context.Context, *SignReq) (*SignResp, error) +} + +func RegisterSignerServer(s *grpc.Server, srv SignerServer) { + s.RegisterService(&_Signer_serviceDesc, srv) +} + +func _Signer_SignOutputRaw_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SignReq) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(SignerServer).SignOutputRaw(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/signrpc.Signer/SignOutputRaw", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(SignerServer).SignOutputRaw(ctx, req.(*SignReq)) + } + return interceptor(ctx, in, info, handler) +} + +var _Signer_serviceDesc = grpc.ServiceDesc{ + ServiceName: "signrpc.Signer", + HandlerType: (*SignerServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "SignOutputRaw", + Handler: _Signer_SignOutputRaw_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "signer.proto", +} + +func init() { proto.RegisterFile("signer.proto", fileDescriptor0) } + +var fileDescriptor0 = []byte{ + // 465 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x5c, 0x92, 0x41, 0x8f, 0xd3, 0x3e, + 0x10, 0xc5, 0xb7, 0xcd, 0x3f, 0x4d, 0x76, 0x92, 0x54, 0x7f, 0xcc, 0x0a, 0x02, 0x08, 0x51, 0x22, + 0x16, 0xf5, 0x54, 0x44, 0x41, 0x1c, 0x38, 0x70, 0x58, 0x21, 0x54, 0x54, 0xa4, 0x95, 0xdc, 0xde, + 0x23, 0x37, 0x35, 0x59, 0x2b, 0x21, 0xc9, 0xc6, 0x0e, 0xa9, 0x3f, 0x07, 0x5f, 0x18, 0x8d, 0x9d, + 0xed, 0x76, 0x39, 0xb5, 0xef, 0x79, 0x32, 0xf3, 0xf3, 0x3c, 0xc3, 0x85, 0x14, 0x79, 0xd5, 0x36, + 0xd9, 0x3b, 0xfc, 0xe5, 0xed, 0xa2, 0x69, 0x6b, 0x55, 0x13, 0x6f, 0x70, 0x93, 0x15, 0xc0, 0x9a, + 0xeb, 0x1f, 0x75, 0xc6, 0x54, 0xdd, 0x92, 0x97, 0x00, 0x05, 0xd7, 0xe9, 0x4f, 0xf6, 0x4b, 0x94, + 0x3a, 0x1e, 0xcd, 0x46, 0x73, 0x97, 0x9e, 0x17, 0x5c, 0x7f, 0x33, 0x06, 0x79, 0x01, 0x28, 0x52, + 0x51, 0xed, 0xf9, 0x21, 0x1e, 0x9b, 0x53, 0xbf, 0xe0, 0xfa, 0x3b, 0xea, 0xa4, 0x84, 0x68, 0xcd, + 0xf5, 0x57, 0x2e, 0xb3, 0x56, 0x34, 0xd8, 0xec, 0x0d, 0x44, 0x2d, 0xeb, 0x53, 0xfc, 0x62, 0xa7, + 0x15, 0x97, 0xa6, 0x5f, 0xb8, 0x3a, 0xa3, 0x41, 0xcb, 0xfa, 0x35, 0xd7, 0x57, 0x68, 0x92, 0x05, + 0x78, 0x58, 0x51, 0xd6, 0x99, 0xe9, 0x18, 0x2c, 0x1f, 0x2f, 0x06, 0xb6, 0xc5, 0x3d, 0xd8, 0xea, + 0x8c, 0x4e, 0x0a, 0xa3, 0xae, 0x5c, 0x70, 0x0a, 0xae, 0x93, 0xcf, 0xe0, 0x6e, 0x0f, 0xd7, 0x9d, + 0x22, 0x17, 0xe0, 0xfe, 0x66, 0x65, 0xc7, 0x4d, 0x77, 0x87, 0x5a, 0x81, 0xa4, 0x4d, 0x91, 0x5a, + 0x14, 0xd3, 0x37, 0xa4, 0x7e, 0x53, 0x6c, 0x8c, 0x4e, 0xfe, 0x8c, 0x61, 0xba, 0x11, 0x79, 0x75, + 0xc2, 0xfa, 0x1e, 0xf0, 0x22, 0xe9, 0x9e, 0xcb, 0xcc, 0x34, 0x0a, 0x96, 0x4f, 0x4e, 0x31, 0xee, + 0x2b, 0x29, 0xd2, 0xa2, 0x24, 0xaf, 0x21, 0x94, 0xa2, 0xca, 0x4b, 0x9e, 0xaa, 0x9e, 0xb3, 0x62, + 0x98, 0x12, 0x58, 0x6f, 0x8b, 0x16, 0x96, 0xec, 0xeb, 0x6e, 0x77, 0x2c, 0x71, 0x6c, 0x89, 0xf5, + 0x6c, 0xc9, 0x25, 0x4c, 0x7b, 0xa1, 0x2a, 0x2e, 0xe5, 0x1d, 0xed, 0x7f, 0xa6, 0x28, 0x1a, 0x5c, + 0x8b, 0x4c, 0xde, 0xc2, 0xa4, 0xee, 0x54, 0xd3, 0xa9, 0xd8, 0x35, 0x74, 0xd3, 0x23, 0x9d, 0xd9, + 0x02, 0x1d, 0x4e, 0x49, 0x0c, 0x98, 0xec, 0x0d, 0x93, 0x37, 0xb1, 0x37, 0x1b, 0xcd, 0x23, 0x7a, + 0x27, 0xc9, 0x2b, 0x08, 0x44, 0xd5, 0x74, 0x6a, 0x48, 0xcf, 0x37, 0xe9, 0x81, 0xb1, 0x6c, 0x7e, + 0x19, 0x78, 0xb8, 0x14, 0xca, 0x6f, 0xc9, 0x0c, 0x42, 0x4c, 0x4e, 0x1d, 0x4e, 0x83, 0xa3, 0xd0, + 0xb2, 0x7e, 0x7b, 0xb0, 0xa9, 0x7d, 0x02, 0x40, 0x00, 0xb3, 0x30, 0x19, 0x8f, 0x67, 0xce, 0x3c, + 0x58, 0x3e, 0x3d, 0x32, 0x3d, 0x5c, 0x2e, 0x3d, 0x97, 0x83, 0x96, 0xc9, 0x25, 0xf8, 0x76, 0x88, + 0x6c, 0xc8, 0x33, 0xf0, 0x71, 0x8a, 0x14, 0x39, 0x4e, 0x70, 0xe6, 0x21, 0xf5, 0x5a, 0xd6, 0x6f, + 0x44, 0x2e, 0x97, 0x5f, 0x60, 0xb2, 0x31, 0xcf, 0x95, 0x7c, 0x84, 0x08, 0xff, 0x5d, 0x9b, 0xeb, + 0x51, 0xd6, 0x93, 0xff, 0x1f, 0x4c, 0xa1, 0xfc, 0xf6, 0xf9, 0xa3, 0x7f, 0x1c, 0xd9, 0xec, 0x26, + 0xe6, 0x95, 0x7f, 0xf8, 0x1b, 0x00, 0x00, 0xff, 0xff, 0xd0, 0x6b, 0x86, 0xc5, 0xfd, 0x02, 0x00, + 0x00, +} diff --git a/lnrpc/signrpc/signer.proto b/lnrpc/signrpc/signer.proto new file mode 100644 index 000000000..2048b3ad3 --- /dev/null +++ b/lnrpc/signrpc/signer.proto @@ -0,0 +1,118 @@ +syntax = "proto3"; + +package signrpc; + +message KeyLocator { + /// The family of key being identified. + int32 key_family = 1; + + /// The precise index of the key being identified. + int32 key_index = 2; +} + +message KeyDescriptor { + oneof key { + /** + The raw bytes of the key being identified. Either this or the KeyLocator + must be specified. + */ + bytes raw_key_bytes = 1; + + /** + The key locator that identifies which key to use for signing. Either this + or the raw bytes of the target key must be specified. + */ + KeyLocator key_loc = 2; + } +} + +message TxOut { + /// The value of the output being spent. + int64 value = 1; + + /// The script of the output being spent. + bytes pk_script = 2; +} + +message SignDescriptor { + /** + A descriptor that precisely describes *which* key to use for signing. This + may provide the raw public key directly, or require the Signer to re-derive + the key according to the populated derivation path. + */ + KeyDescriptor key_desc = 1; + + /** + A scalar value that will be added to the private key corresponding to the + above public key to obtain the private key to be used to sign this input. + This value is typically derived via the following computation: + + * derivedKey = privkey + sha256(perCommitmentPoint || pubKey) mod N + */ + bytes single_tweak = 2; + + /** + A private key that will be used in combination with its corresponding + private key to derive the private key that is to be used to sign the target + input. Within the Lightning protocol, this value is typically the + commitment secret from a previously revoked commitment transaction. This + value is in combination with two hash values, and the original private key + to derive the private key to be used when signing. + + * k = (privKey*sha256(pubKey || tweakPub) + + tweakPriv*sha256(tweakPub || pubKey)) mod N + */ + bytes double_tweak = 3; + + /** + The full script required to properly redeem the output. This field will + only be populated if a p2wsh or a p2sh output is being signed. + */ + bytes witness_script = 4; + + /** + A description of the output being spent. The value and script MUST be provided. + */ + TxOut output = 5; + + /** + The target sighash type that should be used when generating the final + sighash, and signature. + */ + uint32 sighash = 7; + + /** + The target input within the transaction that should be signed. + */ + int32 input_index = 8; +} + +message SignReq { + /// The raw bytes of the transaction to be signed. + bytes raw_tx_bytes = 1; + + /// A set of sign descriptors, for each input to be signed. + repeated SignDescriptor sign_descs = 2; +} + +message SignResp { + /** + A set of signatures realized in a fixed 64-byte format ordered in ascending + input order. + */ + repeated bytes raw_sigs = 1; +} + +service Signer { + /** + SignOutputRaw is a method that can be used to generated a signature for a + set of inputs/outputs to a transaction. Each request specifies details + concerning how the outputs should be signed, which keys they should be + signed with, and also any optional tweaks. The return value is a fixed + 64-byte signature (the same format as we use on the wire in Lightning). + + If we're unable to sign using the specified keys, then an error will be + returned. + */ + rpc SignOutputRaw(SignReq) returns (SignResp); +}