pub trait ChannelSigner {
// Required methods
fn get_per_commitment_point(
&self,
idx: u64,
secp_ctx: &Secp256k1<All>,
) -> Result<PublicKey, ()>;
fn release_commitment_secret(&self, idx: u64) -> Result<[u8; 32], ()>;
fn validate_holder_commitment(
&self,
holder_tx: &HolderCommitmentTransaction,
outbound_htlc_preimages: Vec<PaymentPreimage>,
) -> Result<(), ()>;
fn validate_counterparty_revocation(
&self,
idx: u64,
secret: &SecretKey,
) -> Result<(), ()>;
fn pubkeys(&self, secp_ctx: &Secp256k1<All>) -> ChannelPublicKeys;
fn new_funding_pubkey(
&self,
splice_parent_funding_txid: Txid,
secp_ctx: &Secp256k1<All>,
) -> PublicKey;
fn channel_keys_id(&self) -> [u8; 32];
}Expand description
A trait to handle Lightning channel key material without concretizing the channel type or the signature mechanism.
Several methods allow errors to be returned to support async signing. In such cases, the
signing operation can be replayed by calling ChannelManager::signer_unblocked once the
result is ready, at which point the channel operation will resume. Methods which allow for
async results are explicitly documented as such
Required Methods§
Sourcefn get_per_commitment_point(
&self,
idx: u64,
secp_ctx: &Secp256k1<All>,
) -> Result<PublicKey, ()>
fn get_per_commitment_point( &self, idx: u64, secp_ctx: &Secp256k1<All>, ) -> Result<PublicKey, ()>
Gets the per-commitment point for a specific commitment number
Note that the commitment number starts at (1 << 48) - 1 and counts backwards.
This method is not asynchronous. This method is expected to always return Ok
immediately after we reconnect to peers, and returning an Err may lead to an immediate
panic. This method will be made asynchronous in a future release.
Sourcefn release_commitment_secret(&self, idx: u64) -> Result<[u8; 32], ()>
fn release_commitment_secret(&self, idx: u64) -> Result<[u8; 32], ()>
Gets the commitment secret for a specific commitment number as part of the revocation process
An external signer implementation should error here if the commitment was already signed and should refuse to sign it in the future.
May be called more than once for the same index.
Note that the commitment number starts at (1 << 48) - 1 and counts backwards.
An Err can be returned to signal that the signer is unavailable/cannot produce a valid
signature and should be retried later. Once the signer is ready to provide a signature after
previously returning an Err, ChannelManager::signer_unblocked must be called.
Sourcefn validate_holder_commitment(
&self,
holder_tx: &HolderCommitmentTransaction,
outbound_htlc_preimages: Vec<PaymentPreimage>,
) -> Result<(), ()>
fn validate_holder_commitment( &self, holder_tx: &HolderCommitmentTransaction, outbound_htlc_preimages: Vec<PaymentPreimage>, ) -> Result<(), ()>
Validate the counterparty’s signatures on the holder commitment transaction and HTLCs.
This is required in order for the signer to make sure that releasing a commitment secret won’t leave us without a broadcastable holder transaction. Policy checks should be implemented in this function, including checking the amount sent to us and checking the HTLCs.
The preimages of outbound HTLCs that were fulfilled since the last commitment are provided. A validating signer should ensure that an HTLC output is removed only when the matching preimage is provided, or when the value to holder is restored.
Note that all the relevant preimages will be provided, but there may also be additional irrelevant or duplicate preimages.
This method is not asynchronous. If an Err is returned, the channel will be immediately
closed. If you wish to make this operation asynchronous, you should instead return Ok(())
and pause future signing operations until this validation completes.
Sourcefn validate_counterparty_revocation(
&self,
idx: u64,
secret: &SecretKey,
) -> Result<(), ()>
fn validate_counterparty_revocation( &self, idx: u64, secret: &SecretKey, ) -> Result<(), ()>
Validate the counterparty’s revocation.
This is required in order for the signer to make sure that the state has moved forward and it is safe to sign the next counterparty commitment.
This method is not asynchronous. If an Err is returned, the channel will be immediately
closed. If you wish to make this operation asynchronous, you should instead return Ok(())
and pause future signing operations until this validation completes.
Sourcefn pubkeys(&self, secp_ctx: &Secp256k1<All>) -> ChannelPublicKeys
fn pubkeys(&self, secp_ctx: &Secp256k1<All>) -> ChannelPublicKeys
Returns the holder channel public keys and basepoints. This should only be called once during channel creation and as such implementations are allowed undefined behavior if called more than once.
This method is not asynchronous. Instead, the value must be computed locally or in advance and cached.
Sourcefn new_funding_pubkey(
&self,
splice_parent_funding_txid: Txid,
secp_ctx: &Secp256k1<All>,
) -> PublicKey
fn new_funding_pubkey( &self, splice_parent_funding_txid: Txid, secp_ctx: &Secp256k1<All>, ) -> PublicKey
Returns a new funding pubkey (i.e. our public which is used in a 2-of-2 with the counterparty’s key to to lock the funds on-chain) for a spliced channel.
splice_parent_funding_txid can be used to compute a tweak with which to rotate the base
key (which will then be available later in signing operations via
ChannelTransactionParameters::splice_parent_funding_txid).
This method is not asynchronous. Instead, the value must be cached locally.
Sourcefn channel_keys_id(&self) -> [u8; 32]
fn channel_keys_id(&self) -> [u8; 32]
Returns an arbitrary identifier describing the set of keys which are provided back to you in
some SpendableOutputDescriptor types. This should be sufficient to identify this
EcdsaChannelSigner object uniquely and lookup or re-derive its keys.
This method is not asynchronous. Instead, the value must be cached locally.