KeysManager

lightning::sign

Struct KeysManager 

Source 
pub struct KeysManager { /* private fields */ }
Expand description

Simple implementation of EntropySource, NodeSigner, and SignerProvider that takes a 32-byte seed for use as a BIP 32 extended key and derives keys from that.

Your node_id is seed/0’. Unilateral closes may use seed/1’. Cooperative closes may use seed/2’. The two close keys may be needed to claim on-chain funds!

This struct cannot be used for nodes that wish to support receiving phantom payments; PhantomKeysManager must be used instead.

Note that switching between this struct and PhantomKeysManager will invalidate any previously issued invoices and attempts to pay previous invoices will fail.

Implementations§

Source§

impl KeysManager

Source

pub fn new( seed: &[u8; 32], starting_time_secs: u64, starting_time_nanos: u32, ) -> Self

Constructs a KeysManager from a 32-byte seed. If the seed is in some way biased (e.g., your CSRNG is busted) this may panic (but more importantly, you will possibly lose funds). starting_time isn’t strictly required to actually be a time, but it must absolutely, without a doubt, be unique to this instance. ie if you start multiple times with the same seed, starting_time must be unique to each run. Thus, the easiest way to achieve this is to simply use the current time (with very high precision).

The seed MUST be backed up safely prior to use so that the keys can be re-created, however, obviously, starting_time should be unique every time you reload the library - it is only used to generate new ephemeral key data (which will be stored by the individual channel if necessary).

Note that the seed is required to recover certain on-chain funds independent of ChannelMonitor data, though a current copy of ChannelMonitor data is also required for any channel, and some on-chain during-closing funds.

Source

pub fn get_node_secret_key(&self) -> SecretKey

Gets the “node_id” secret key used to sign gossip announcements, decode onion data, etc.

Source

pub fn derive_channel_keys( &self, channel_value_satoshis: u64, params: &[u8; 32], ) -> InMemorySigner

Derive an old EcdsaChannelSigner containing per-channel secrets based on a key derivation parameters.

Source

pub fn sign_spendable_outputs_psbt<C: Signing>( &self, descriptors: &[&SpendableOutputDescriptor], psbt: Psbt, secp_ctx: &Secp256k1<C>, ) -> Result<Psbt, ()>

Signs the given Psbt which spends the given SpendableOutputDescriptors. The resulting inputs will be finalized and the PSBT will be ready for broadcast if there are no other inputs that need signing.

Returns Err(()) if the PSBT is missing a descriptor or if we fail to sign.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

Trait Implementations§

Source§

impl EntropySource for KeysManager

Source§

fn get_secure_random_bytes(&self) -> [u8; 32]

Gets a unique, cryptographically-secure, random 32-byte value. This method must return a different value each time it is called.
Source§

impl NodeSigner for KeysManager

Source§

fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()>

Get node id based on the provided Recipient. Read more
Source§

fn ecdh( &self, recipient: Recipient, other_key: &PublicKey, tweak: Option<&Scalar>, ) -> Result<SharedSecret, ()>

Gets the ECDH shared secret of our node secret and other_key, multiplying by tweak if one is provided. Note that this tweak can be applied to other_key instead of our node secret, though this is less efficient. Read more
Source§

fn get_inbound_payment_key(&self) -> ExpandedKey

Get the ExpandedKey for use in encrypting and decrypting inbound payment data. Read more
Source§

fn sign_invoice( &self, invoice: &RawBolt11Invoice, recipient: Recipient, ) -> Result<RecoverableSignature, ()>

Sign an invoice. Read more
Source§

fn sign_bolt12_invoice( &self, invoice: &UnsignedBolt12Invoice, ) -> Result<Signature, ()>

Signs the TaggedHash of a BOLT 12 invoice. Read more
Source§

fn sign_gossip_message( &self, msg: UnsignedGossipMessage<'_>, ) -> Result<Signature, ()>

Sign a gossip message. Read more
Source§

impl OutputSpender for KeysManager

Source§

fn spend_spendable_outputs<C: Signing>( &self, descriptors: &[&SpendableOutputDescriptor], outputs: Vec<TxOut>, change_destination_script: ScriptBuf, feerate_sat_per_1000_weight: u32, locktime: Option<LockTime>, secp_ctx: &Secp256k1<C>, ) -> Result<Transaction, ()>

Creates a Transaction which spends the given descriptors to the given outputs, plus an output to the given change destination (if sufficient change value remains).

See OutputSpender::spend_spendable_outputs documentation for more information.

We do not enforce that outputs meet the dust limit or that any output scripts are standard.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

Source§

impl SignerProvider for KeysManager

Source§

type EcdsaSigner = InMemorySigner

A type which implements EcdsaChannelSigner which will be returned by Self::derive_channel_signer.
Source§

fn generate_channel_keys_id( &self, _inbound: bool, _channel_value_satoshis: u64, user_channel_id: u128, ) -> [u8; 32]

Generates a unique channel_keys_id that can be used to obtain a Self::EcdsaSigner through SignerProvider::derive_channel_signer. The user_channel_id is provided to allow implementations of SignerProvider to maintain a mapping between itself and the generated channel_keys_id. Read more
Source§

fn derive_channel_signer( &self, channel_value_satoshis: u64, channel_keys_id: [u8; 32], ) -> Self::EcdsaSigner

Derives the private key material backing a Signer. Read more
Source§

fn read_chan_signer( &self, reader: &[u8], ) -> Result<Self::EcdsaSigner, DecodeError>

Reads a Signer for this SignerProvider from the given input stream. This is only called during deserialization of other objects which contain EcdsaChannelSigner-implementing objects (i.e., ChannelMonitors and ChannelManagers). The bytes are exactly those which <Self::Signer as Writeable>::write() writes, and contain no versioning scheme. You may wish to include your own version prefix and ensure you’ve read all of the provided bytes to ensure no corruption occurred. Read more
Source§

fn get_destination_script( &self, _channel_keys_id: [u8; 32], ) -> Result<ScriptBuf, ()>

Get a script pubkey which we send funds to when claiming on-chain contestable outputs. Read more
Source§

fn get_shutdown_scriptpubkey(&self) -> Result<ShutdownScript, ()>

Get a script pubkey which we will send funds to when closing a channel. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.