af1c9640b5
I tried removing sign_penalty_to_us, but that comment is wrong: channeld uses that for the watchtower, so it stays (with updated comment). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
20 KiB
20 KiB
| 1 | # Clients should not give a bad request but not the HSM's decision to crash. | |||
|---|---|---|---|---|
| 2 | msgtype,hsmstatus_client_bad_request,1000 | |||
| 3 | msgdata,hsmstatus_client_bad_request,id,node_id, | |||
| 4 | msgdata,hsmstatus_client_bad_request,description,wirestring, | |||
| 5 | msgdata,hsmstatus_client_bad_request,len,u16, | |||
| 6 | msgdata,hsmstatus_client_bad_request,msg,u8,len | |||
| 7 | # We use this to set dev flags (before init!). It's a TLV, so we can | |||
| 8 | # extend easily. Normal TLV rules apply: ignore odd fields you don't | |||
| 9 | # understand. | |||
| 10 | msgtype,hsmd_dev_preinit,99 | |||
| 11 | msgdata,hsmd_dev_preinit,tlvs,hsmd_dev_preinit_tlvs, | |||
| 12 | tlvtype,hsmd_dev_preinit_tlvs,fail_preapprove,1 | |||
| 13 | tlvdata,hsmd_dev_preinit_tlvs,fail_preapprove,fail,bool, | |||
| 14 | tlvtype,hsmd_dev_preinit_tlvs,no_preapprove_check,3 | |||
| 15 | tlvdata,hsmd_dev_preinit_tlvs,no_preapprove_check,disable,bool, | |||
| 16 | tlvtype,hsmd_dev_preinit_tlvs,warn_on_overgrind,5 | |||
| 17 | tlvdata,hsmd_dev_preinit_tlvs,warn_on_overgrind,enable,bool, | |||
| 18 | #include <bitcoin/chainparams.h> | |||
| 19 | # Start the HSM. | |||
| 20 | msgtype,hsmd_init,11 | |||
| 21 | msgdata,hsmd_init,bip32_key_version,bip32_key_version, | |||
| 22 | msgdata,hsmd_init,chainparams,chainparams, | |||
| 23 | msgdata,hsmd_init,hsm_encryption_key,?secret, | |||
| 24 | msgdata,hsmd_init,dev_force_privkey,?privkey, | |||
| 25 | msgdata,hsmd_init,dev_force_bip32_seed,?secret, | |||
| 26 | msgdata,hsmd_init,dev_force_channel_secrets,?secrets, | |||
| 27 | msgdata,hsmd_init,dev_force_channel_secrets_shaseed,?sha256, | |||
| 28 | msgdata,hsmd_init,hsm_wire_min_version,u32, | |||
| 29 | msgdata,hsmd_init,hsm_wire_max_version,u32, | |||
| 30 | msgdata,hsmd_init,tlvs,hsmd_init_tlvs, | |||
| 31 | tlvtype,hsmd_init_tlvs,hsm_passphrase,1 | |||
| 32 | tlvdata,hsmd_init_tlvs,hsm_passphrase,passphrase,wirestring, | |||
| 33 | #include <common/bip32.h> | |||
| 34 | #include <wally_bip32.h> | |||
| 35 | # Sorry: I should have put version in v2 :( | |||
| 36 | msgtype,hsmd_init_reply_v4,114 | |||
| 37 | # This gets upgraded when the wire protocol changes in incompatible | |||
| 38 | # ways: | |||
| 39 | msgdata,hsmd_init_reply_v4,hsm_version,u32, | |||
| 40 | # Capabilities, by convention are message numbers, indicating | |||
| 41 | # that the HSM supports you sending this message. | |||
| 42 | msgdata,hsmd_init_reply_v4,num_hsm_capabilities,u16, | |||
| 43 | msgdata,hsmd_init_reply_v4,hsm_capabilities,u32,num_hsm_capabilities | |||
| 44 | msgdata,hsmd_init_reply_v4,node_id,node_id, | |||
| 45 | msgdata,hsmd_init_reply_v4,bip32,ext_key, | |||
| 46 | msgdata,hsmd_init_reply_v4,bolt12,pubkey, | |||
| 47 | msgdata,hsmd_init_reply_v4,tlvs,hsmd_init_reply_v4_tlvs, | |||
| 48 | # TLV to indicate HSM secret type | |||
| 49 | tlvtype,hsmd_init_reply_v4_tlvs,hsm_secret_type,1 | |||
| 50 | tlvdata,hsmd_init_reply_v4_tlvs,hsm_secret_type,hsm_type,u8, | |||
| 51 | tlvtype,hsmd_init_reply_v4_tlvs,bip86_base,2 | |||
| 52 | tlvdata,hsmd_init_reply_v4_tlvs,bip86_base,base,ext_key, | |||
| 53 | # HSM initialization failure response | |||
| 54 | msgtype,hsmd_init_reply_failure,115 | |||
| 55 | msgdata,hsmd_init_reply_failure,error_code,u32, | |||
| 56 | msgdata,hsmd_init_reply_failure,error_message,wirestring, | |||
| 57 | # Declare a new channel. | |||
| 58 | msgtype,hsmd_new_channel,30 | |||
| 59 | msgdata,hsmd_new_channel,id,node_id, | |||
| 60 | msgdata,hsmd_new_channel,dbid,u64, | |||
| 61 | # No value returned. | |||
| 62 | msgtype,hsmd_new_channel_reply,130 | |||
| 63 | # Get a new HSM FD, with the specified permissions | |||
| 64 | msgtype,hsmd_client_hsmfd,9 | |||
| 65 | # Which identity to use for requests | |||
| 66 | msgdata,hsmd_client_hsmfd,id,node_id, | |||
| 67 | # Database id for this client, if any. | |||
| 68 | msgdata,hsmd_client_hsmfd,dbid,u64, | |||
| 69 | msgdata,hsmd_client_hsmfd,permissions,u64, | |||
| 70 | # No content, just an fd. | |||
| 71 | msgtype,hsmd_client_hsmfd_reply,109 | |||
| 72 | #include <common/derive_basepoints.h> | |||
| 73 | # Get the basepoints and funding key for this specific channel. | |||
| 74 | msgtype,hsmd_get_channel_basepoints,10 | |||
| 75 | msgdata,hsmd_get_channel_basepoints,peerid,node_id, | |||
| 76 | msgdata,hsmd_get_channel_basepoints,dbid,u64, | |||
| 77 | msgtype,hsmd_get_channel_basepoints_reply,110 | |||
| 78 | msgdata,hsmd_get_channel_basepoints_reply,basepoints,basepoints, | |||
| 79 | msgdata,hsmd_get_channel_basepoints_reply,funding_pubkey,pubkey, | |||
| 80 | #include <common/channel_type.h> | |||
| 81 | # Provide channel parameters. | |||
| 82 | msgtype,hsmd_setup_channel,31 | |||
| 83 | msgdata,hsmd_setup_channel,is_outbound,bool, | |||
| 84 | msgdata,hsmd_setup_channel,channel_value,amount_sat, | |||
| 85 | msgdata,hsmd_setup_channel,push_value,amount_msat, | |||
| 86 | msgdata,hsmd_setup_channel,funding_txid,bitcoin_txid, | |||
| 87 | msgdata,hsmd_setup_channel,funding_txout,u16, | |||
| 88 | msgdata,hsmd_setup_channel,local_to_self_delay,u16, | |||
| 89 | msgdata,hsmd_setup_channel,local_shutdown_script_len,u16, | |||
| 90 | msgdata,hsmd_setup_channel,local_shutdown_script,u8,local_shutdown_script_len | |||
| 91 | msgdata,hsmd_setup_channel,local_shutdown_wallet_index,?u32, | |||
| 92 | msgdata,hsmd_setup_channel,remote_basepoints,basepoints, | |||
| 93 | msgdata,hsmd_setup_channel,remote_funding_pubkey,pubkey, | |||
| 94 | msgdata,hsmd_setup_channel,remote_to_self_delay,u16, | |||
| 95 | msgdata,hsmd_setup_channel,remote_shutdown_script_len,u16, | |||
| 96 | msgdata,hsmd_setup_channel,remote_shutdown_script,u8,remote_shutdown_script_len | |||
| 97 | msgdata,hsmd_setup_channel,channel_type,channel_type, | |||
| 98 | # No value returned., | |||
| 99 | msgtype,hsmd_setup_channel_reply,131 | |||
| 100 | # check if the signer agrees that a funding candidate outpoint is buried | |||
| 101 | msgtype,hsmd_check_outpoint,32 | |||
| 102 | msgdata,hsmd_check_outpoint,funding_txid,bitcoin_txid, | |||
| 103 | msgdata,hsmd_check_outpoint,funding_txout,u16, | |||
| 104 | msgtype,hsmd_check_outpoint_reply,132 | |||
| 105 | msgdata,hsmd_check_outpoint_reply,is_buried,bool, | |||
| 106 | # change the funding/splice state to locked | |||
| 107 | msgtype,hsmd_lock_outpoint,37 | |||
| 108 | msgdata,hsmd_lock_outpoint,funding_txid,bitcoin_txid, | |||
| 109 | msgdata,hsmd_lock_outpoint,funding_txout,u16, | |||
| 110 | # No value returned. | |||
| 111 | msgtype,hsmd_lock_outpoint_reply,137 | |||
| 112 | # Forget channel. | |||
| 113 | msgtype,hsmd_forget_channel,34 | |||
| 114 | msgdata,hsmd_forget_channel,id,node_id, | |||
| 115 | msgdata,hsmd_forget_channel,dbid,u64, | |||
| 116 | # No value returned. | |||
| 117 | msgtype,hsmd_forget_channel_reply,134 | |||
| 118 | # Return signature for a funding tx. | |||
| 119 | #include <hsmd/hsm_utxo.h> | |||
| 120 | # Master asks the HSM to sign a node_announcement | |||
| 121 | msgtype,hsmd_node_announcement_sig_req,6 | |||
| 122 | msgdata,hsmd_node_announcement_sig_req,annlen,u16, | |||
| 123 | msgdata,hsmd_node_announcement_sig_req,announcement,u8,annlen | |||
| 124 | msgtype,hsmd_node_announcement_sig_reply,106 | |||
| 125 | msgdata,hsmd_node_announcement_sig_reply,signature,secp256k1_ecdsa_signature, | |||
| 126 | # Sign a withdrawal request | |||
| 127 | #include <bitcoin/psbt.h> | |||
| 128 | msgtype,hsmd_sign_withdrawal,7 | |||
| 129 | msgdata,hsmd_sign_withdrawal,num_inputs,u16, | |||
| 130 | msgdata,hsmd_sign_withdrawal,inputs,hsm_utxo,num_inputs | |||
| 131 | msgdata,hsmd_sign_withdrawal,psbt,wally_psbt, | |||
| 132 | msgtype,hsmd_sign_withdrawal_reply,107 | |||
| 133 | msgdata,hsmd_sign_withdrawal_reply,psbt,wally_psbt, | |||
| 134 | # Sign an invoice | |||
| 135 | msgtype,hsmd_sign_invoice,8 | |||
| 136 | msgdata,hsmd_sign_invoice,len,u16, | |||
| 137 | msgdata,hsmd_sign_invoice,u5bytes,u8,len | |||
| 138 | msgdata,hsmd_sign_invoice,hrplen,u16, | |||
| 139 | msgdata,hsmd_sign_invoice,hrp,u8,hrplen | |||
| 140 | msgtype,hsmd_sign_invoice_reply,108 | |||
| 141 | msgdata,hsmd_sign_invoice_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
| 142 | # Preapprove an invoice for payment | |||
| 143 | msgtype,hsmd_preapprove_invoice,38 | |||
| 144 | msgdata,hsmd_preapprove_invoice,invstring,wirestring, | |||
| 145 | # Result is true if approved, declined if false | |||
| 146 | msgtype,hsmd_preapprove_invoice_reply,138 | |||
| 147 | msgdata,hsmd_preapprove_invoice_reply,approved,bool, | |||
| 148 | # Preapprove a keysend payment | |||
| 149 | msgtype,hsmd_preapprove_keysend,39 | |||
| 150 | msgdata,hsmd_preapprove_keysend,destination,node_id, | |||
| 151 | msgdata,hsmd_preapprove_keysend,payment_hash,sha256, | |||
| 152 | msgdata,hsmd_preapprove_keysend,amount_msat,amount_msat, | |||
| 153 | # Result is true if approved, declined if false | |||
| 154 | msgtype,hsmd_preapprove_keysend_reply,139 | |||
| 155 | msgdata,hsmd_preapprove_keysend_reply,approved,bool, | |||
| 156 | msgtype,hsmd_preapprove_invoice_check,51 | |||
| 157 | msgdata,hsmd_preapprove_invoice_check,invstring,wirestring, | |||
| 158 | msgdata,hsmd_preapprove_invoice_check,check_only,bool, | |||
| 159 | # Result is true if approved, declined if false | |||
| 160 | msgtype,hsmd_preapprove_invoice_check_reply,151 | |||
| 161 | msgdata,hsmd_preapprove_invoice_check_reply,approved,bool, | |||
| 162 | msgtype,hsmd_preapprove_keysend_check,52 | |||
| 163 | msgdata,hsmd_preapprove_keysend_check,destination,node_id, | |||
| 164 | msgdata,hsmd_preapprove_keysend_check,payment_hash,sha256, | |||
| 165 | msgdata,hsmd_preapprove_keysend_check,amount_msat,amount_msat, | |||
| 166 | msgdata,hsmd_preapprove_keysend_check,check_only,bool, | |||
| 167 | # Result is true if approved, declined if false | |||
| 168 | msgtype,hsmd_preapprove_keysend_check_reply,152 | |||
| 169 | msgdata,hsmd_preapprove_keysend_check_reply,approved,bool, | |||
| 170 | # Give me ECDH(node-id-secret,point) | |||
| 171 | msgtype,hsmd_ecdh_req,1 | |||
| 172 | msgdata,hsmd_ecdh_req,point,pubkey, | |||
| 173 | msgtype,hsmd_ecdh_resp,100 | |||
| 174 | msgdata,hsmd_ecdh_resp,ss,secret, | |||
| 175 | msgtype,hsmd_cannouncement_sig_req,2 | |||
| 176 | msgdata,hsmd_cannouncement_sig_req,calen,u16, | |||
| 177 | msgdata,hsmd_cannouncement_sig_req,ca,u8,calen | |||
| 178 | msgtype,hsmd_cannouncement_sig_reply,102 | |||
| 179 | msgdata,hsmd_cannouncement_sig_reply,node_signature,secp256k1_ecdsa_signature, | |||
| 180 | msgdata,hsmd_cannouncement_sig_reply,bitcoin_signature,secp256k1_ecdsa_signature, | |||
| 181 | msgtype,hsmd_sign_any_cannouncement_req,4 | |||
| 182 | msgdata,hsmd_sign_any_cannouncement_req,calen,u16, | |||
| 183 | msgdata,hsmd_sign_any_cannouncement_req,ca,u8,calen | |||
| 184 | msgdata,hsmd_sign_any_cannouncement_req,peerid,node_id, | |||
| 185 | msgdata,hsmd_sign_any_cannouncement_req,channel_dbid,u64, | |||
| 186 | ||||
| 187 | msgtype,hsmd_sign_any_cannouncement_reply,104 | |||
| 188 | msgdata,hsmd_sign_any_cannouncement_reply,node_signature,secp256k1_ecdsa_signature, | |||
| 189 | msgdata,hsmd_sign_any_cannouncement_reply,bitcoin_signature,secp256k1_ecdsa_signature, | |||
| 190 | msgtype,hsmd_cupdate_sig_req,3 | |||
| 191 | msgdata,hsmd_cupdate_sig_req,culen,u16, | |||
| 192 | msgdata,hsmd_cupdate_sig_req,cu,u8,culen | |||
| 193 | msgtype,hsmd_cupdate_sig_reply,103 | |||
| 194 | msgdata,hsmd_cupdate_sig_reply,culen,u16, | |||
| 195 | msgdata,hsmd_cupdate_sig_reply,cu,u8,culen | |||
| 196 | # Master asks HSM to sign a commitment transaction. | |||
| 197 | msgtype,hsmd_sign_commitment_tx,5 | |||
| 198 | msgdata,hsmd_sign_commitment_tx,peer_id,node_id, | |||
| 199 | msgdata,hsmd_sign_commitment_tx,channel_dbid,u64, | |||
| 200 | msgdata,hsmd_sign_commitment_tx,tx,bitcoin_tx, | |||
| 201 | msgdata,hsmd_sign_commitment_tx,remote_funding_key,pubkey, | |||
| 202 | msgdata,hsmd_sign_commitment_tx,commit_num,u64, | |||
| 203 | msgtype,hsmd_sign_commitment_tx_reply,105 | |||
| 204 | msgdata,hsmd_sign_commitment_tx_reply,sig,bitcoin_signature, | |||
| 205 | #include <common/htlc_wire.h> // For enum side and towire_side | |||
| 206 | subtype,hsm_htlc | |||
| 207 | subtypedata,hsm_htlc,side,enum side, | |||
| 208 | subtypedata,hsm_htlc,amount,amount_msat, | |||
| 209 | subtypedata,hsm_htlc,payment_hash,sha256, | |||
| 210 | subtypedata,hsm_htlc,cltv_expiry,u32, | |||
| 211 | # Validate the counterparty's commitment signatures. | |||
| 212 | msgtype,hsmd_validate_commitment_tx,35 | |||
| 213 | msgdata,hsmd_validate_commitment_tx,tx,bitcoin_tx, | |||
| 214 | msgdata,hsmd_validate_commitment_tx,num_htlcs,u16, | |||
| 215 | msgdata,hsmd_validate_commitment_tx,htlcs,hsm_htlc,num_htlcs | |||
| 216 | msgdata,hsmd_validate_commitment_tx,commit_num,u64, | |||
| 217 | msgdata,hsmd_validate_commitment_tx,feerate,u32, | |||
| 218 | msgdata,hsmd_validate_commitment_tx,sig,bitcoin_signature, | |||
| 219 | msgdata,hsmd_validate_commitment_tx,num_htlc_sigs,u16, | |||
| 220 | msgdata,hsmd_validate_commitment_tx,htlc_sigs,bitcoin_signature,num_htlc_sigs | |||
| 221 | msgtype,hsmd_validate_commitment_tx_reply,135 | |||
| 222 | msgdata,hsmd_validate_commitment_tx_reply,old_commitment_secret,?secret, | |||
| 223 | msgdata,hsmd_validate_commitment_tx_reply,next_per_commitment_point,pubkey, | |||
| 224 | # Revoke our local commitment, returns the revocation secret and next point | |||
| 225 | msgtype,hsmd_revoke_commitment_tx,40 | |||
| 226 | msgdata,hsmd_revoke_commitment_tx,commit_num,u64, | |||
| 227 | msgtype,hsmd_revoke_commitment_tx_reply,140 | |||
| 228 | msgdata,hsmd_revoke_commitment_tx_reply,old_commitment_secret,secret, | |||
| 229 | msgdata,hsmd_revoke_commitment_tx_reply,next_per_commitment_point,pubkey, | |||
| 230 | # Vaidate the counterparty's revocation secret | |||
| 231 | msgtype,hsmd_validate_revocation,36 | |||
| 232 | msgdata,hsmd_validate_revocation,revoke_num,u64, | |||
| 233 | msgdata,hsmd_validate_revocation,per_commitment_secret,secret, | |||
| 234 | # No value returned. | |||
| 235 | msgtype,hsmd_validate_revocation_reply,136 | |||
| 236 | # Onchaind asks HSM to sign a spend to-us. Four variants, since each set | |||
| 237 | # of keys is derived differently... | |||
| 238 | msgtype,hsmd_sign_delayed_payment_to_us,12 | |||
| 239 | msgdata,hsmd_sign_delayed_payment_to_us,commit_num,u64, | |||
| 240 | msgdata,hsmd_sign_delayed_payment_to_us,tx,bitcoin_tx, | |||
| 241 | msgdata,hsmd_sign_delayed_payment_to_us,wscript_len,u16, | |||
| 242 | msgdata,hsmd_sign_delayed_payment_to_us,wscript,u8,wscript_len | |||
| 243 | msgtype,hsmd_sign_remote_htlc_to_us,13 | |||
| 244 | msgdata,hsmd_sign_remote_htlc_to_us,remote_per_commitment_point,pubkey, | |||
| 245 | msgdata,hsmd_sign_remote_htlc_to_us,tx,bitcoin_tx, | |||
| 246 | msgdata,hsmd_sign_remote_htlc_to_us,wscript_len,u16, | |||
| 247 | msgdata,hsmd_sign_remote_htlc_to_us,wscript,u8,wscript_len | |||
| 248 | msgdata,hsmd_sign_remote_htlc_to_us,option_anchor_outputs,bool, | |||
| 249 | # channeld asks HSM to sign penalty, for watchtower code. | |||
| 250 | msgtype,hsmd_sign_penalty_to_us,14 | |||
| 251 | msgdata,hsmd_sign_penalty_to_us,revocation_secret,secret, | |||
| 252 | msgdata,hsmd_sign_penalty_to_us,tx,bitcoin_tx, | |||
| 253 | msgdata,hsmd_sign_penalty_to_us,wscript_len,u16, | |||
| 254 | msgdata,hsmd_sign_penalty_to_us,wscript,u8,wscript_len | |||
| 255 | # Openingd/channeld asks HSM to sign the other sides' commitment tx. | |||
| 256 | msgtype,hsmd_sign_remote_commitment_tx,19 | |||
| 257 | msgdata,hsmd_sign_remote_commitment_tx,tx,bitcoin_tx, | |||
| 258 | msgdata,hsmd_sign_remote_commitment_tx,remote_funding_key,pubkey, | |||
| 259 | msgdata,hsmd_sign_remote_commitment_tx,remote_per_commit,pubkey, | |||
| 260 | msgdata,hsmd_sign_remote_commitment_tx,option_static_remotekey,bool, | |||
| 261 | msgdata,hsmd_sign_remote_commitment_tx,commit_num,u64, | |||
| 262 | msgdata,hsmd_sign_remote_commitment_tx,num_htlcs,u16, | |||
| 263 | msgdata,hsmd_sign_remote_commitment_tx,htlcs,hsm_htlc,num_htlcs | |||
| 264 | msgdata,hsmd_sign_remote_commitment_tx,feerate,u32, | |||
| 265 | # channeld asks HSM to sign remote HTLC tx. | |||
| 266 | msgtype,hsmd_sign_remote_htlc_tx,20 | |||
| 267 | msgdata,hsmd_sign_remote_htlc_tx,tx,bitcoin_tx, | |||
| 268 | msgdata,hsmd_sign_remote_htlc_tx,len,u16, | |||
| 269 | msgdata,hsmd_sign_remote_htlc_tx,wscript,u8,len | |||
| 270 | msgdata,hsmd_sign_remote_htlc_tx,remote_per_commit_point,pubkey, | |||
| 271 | msgdata,hsmd_sign_remote_htlc_tx,option_anchor_outputs,bool, | |||
| 272 | # closingd asks HSM to sign mutual close tx. | |||
| 273 | msgtype,hsmd_sign_mutual_close_tx,21 | |||
| 274 | msgdata,hsmd_sign_mutual_close_tx,tx,bitcoin_tx, | |||
| 275 | msgdata,hsmd_sign_mutual_close_tx,remote_funding_key,pubkey, | |||
| 276 | # channeld asks HSM to sign splice tx. | |||
| 277 | msgtype,hsmd_sign_splice_tx,29 | |||
| 278 | msgdata,hsmd_sign_splice_tx,tx,bitcoin_tx, | |||
| 279 | msgdata,hsmd_sign_splice_tx,remote_funding_key,pubkey, | |||
| 280 | msgdata,hsmd_sign_splice_tx,input_index,u32, | |||
| 281 | # Reply for all the above requests. | |||
| 282 | msgtype,hsmd_sign_tx_reply,112 | |||
| 283 | msgdata,hsmd_sign_tx_reply,sig,bitcoin_signature, | |||
| 284 | # Openingd/channeld/onchaind asks for Nth per_commitment_point | |||
| 285 | # Prior to HSM_VERSION 6 we will return an old_commitment_secret | |||
| 286 | msgtype,hsmd_get_per_commitment_point,18 | |||
| 287 | msgdata,hsmd_get_per_commitment_point,n,u64, | |||
| 288 | # IMPORTANT - Beginning HSM_VERSION 6 we never return an old_commitment_secret | |||
| 289 | msgtype,hsmd_get_per_commitment_point_reply,118 | |||
| 290 | msgdata,hsmd_get_per_commitment_point_reply,per_commitment_point,pubkey, | |||
| 291 | msgdata,hsmd_get_per_commitment_point_reply,old_commitment_secret,?secret, | |||
| 292 | # master -> hsmd: do you have a memleak? | |||
| 293 | msgtype,hsmd_dev_memleak,33 | |||
| 294 | msgtype,hsmd_dev_memleak_reply,133 | |||
| 295 | msgdata,hsmd_dev_memleak_reply,leak,bool, | |||
| 296 | # channeld asks to check if claimed future commitment_secret is correct. | |||
| 297 | msgtype,hsmd_check_future_secret,22 | |||
| 298 | msgdata,hsmd_check_future_secret,n,u64, | |||
| 299 | msgdata,hsmd_check_future_secret,commitment_secret,secret, | |||
| 300 | msgtype,hsmd_check_future_secret_reply,122 | |||
| 301 | msgdata,hsmd_check_future_secret_reply,correct,bool, | |||
| 302 | # lightningd asks us to sign a string. | |||
| 303 | msgtype,hsmd_sign_message,23 | |||
| 304 | msgdata,hsmd_sign_message,len,u16, | |||
| 305 | msgdata,hsmd_sign_message,msg,u8,len | |||
| 306 | msgtype,hsmd_sign_message_reply,123 | |||
| 307 | msgdata,hsmd_sign_message_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
| 308 | # sign a raw message with a derived key | |||
| 309 | msgtype,hsmd_bip137_sign_message,45 | |||
| 310 | msgdata,hsmd_bip137_sign_message,len,u16, | |||
| 311 | msgdata,hsmd_bip137_sign_message,msg,u8,len | |||
| 312 | msgdata,hsmd_bip137_sign_message,keyidx,u32, | |||
| 313 | msgtype,hsmd_bip137_sign_message_reply,145 | |||
| 314 | msgdata,hsmd_bip137_sign_message_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
| 315 | # lightningd needs to get a scriptPubkey for a utxo with closeinfo | |||
| 316 | msgtype,hsmd_get_output_scriptpubkey,24 | |||
| 317 | msgdata,hsmd_get_output_scriptpubkey,channel_id,u64, | |||
| 318 | msgdata,hsmd_get_output_scriptpubkey,peer_id,node_id, | |||
| 319 | msgdata,hsmd_get_output_scriptpubkey,commitment_point,?pubkey, | |||
| 320 | msgtype,hsmd_get_output_scriptpubkey_reply,124 | |||
| 321 | msgdata,hsmd_get_output_scriptpubkey_reply,script_len,u16, | |||
| 322 | msgdata,hsmd_get_output_scriptpubkey_reply,script,u8,script_len | |||
| 323 | # Sign a bolt12-style merkle hash | |||
| 324 | msgtype,hsmd_sign_bolt12,25 | |||
| 325 | msgdata,hsmd_sign_bolt12,messagename,wirestring, | |||
| 326 | msgdata,hsmd_sign_bolt12,fieldname,wirestring, | |||
| 327 | msgdata,hsmd_sign_bolt12,merkleroot,sha256, | |||
| 328 | # This is for invreq payer_id (temporary keys) | |||
| 329 | msgdata,hsmd_sign_bolt12,publictweaklen,u16, | |||
| 330 | msgdata,hsmd_sign_bolt12,publictweak,u8,publictweaklen | |||
| 331 | #include <bitcoin/signature.h> | |||
| 332 | msgtype,hsmd_sign_bolt12_reply,125 | |||
| 333 | msgdata,hsmd_sign_bolt12_reply,sig,bip340sig, | |||
| 334 | # Sign a bolt12-style merkle hash (modern) | |||
| 335 | msgtype,hsmd_sign_bolt12_2,41 | |||
| 336 | msgdata,hsmd_sign_bolt12_2,messagename,wirestring, | |||
| 337 | msgdata,hsmd_sign_bolt12_2,fieldname,wirestring, | |||
| 338 | msgdata,hsmd_sign_bolt12_2,merkleroot,sha256, | |||
| 339 | # This is for signing with an alias (temporary key), used if *publictweak* not empty. | |||
| 340 | # derive_secret with info, then tweak privkey with SHA256(derived_secret || publictweak). | |||
| 341 | msgdata,hsmd_sign_bolt12_2,infolen,u16, | |||
| 342 | msgdata,hsmd_sign_bolt12_2,info,u8,infolen | |||
| 343 | msgdata,hsmd_sign_bolt12_2,publictweaklen,u16, | |||
| 344 | msgdata,hsmd_sign_bolt12_2,publictweak,u8,publictweaklen | |||
| 345 | msgtype,hsmd_sign_bolt12_2_reply,141 | |||
| 346 | msgdata,hsmd_sign_bolt12_2_reply,sig,bip340sig, | |||
| 347 | # Sign an option_will_fund offer hash | |||
| 348 | msgtype,hsmd_sign_option_will_fund_offer,26 | |||
| 349 | msgdata,hsmd_sign_option_will_fund_offer,funding_pubkey,pubkey, | |||
| 350 | msgdata,hsmd_sign_option_will_fund_offer,blockheight,u32, | |||
| 351 | msgdata,hsmd_sign_option_will_fund_offer,channel_fee_base_max_msat,u32, | |||
| 352 | msgdata,hsmd_sign_option_will_fund_offer,channel_fee_proportional_basis_max,u16, | |||
| 353 | msgtype,hsmd_sign_option_will_fund_offer_reply,126 | |||
| 354 | msgdata,hsmd_sign_option_will_fund_offer_reply,rsig,secp256k1_ecdsa_signature, | |||
| 355 | # Derive pseudorandom secret | |||
| 356 | msgtype,hsmd_derive_secret,27 | |||
| 357 | msgdata,hsmd_derive_secret,len,u16, | |||
| 358 | msgdata,hsmd_derive_secret,info,u8,len | |||
| 359 | # Reply with the derived secret | |||
| 360 | msgtype,hsmd_derive_secret_reply,127 | |||
| 361 | msgdata,hsmd_derive_secret_reply,secret,secret, | |||
| 362 | # Sanity check this pubkey derivation is correct (unhardened only) | |||
| 363 | msgtype,hsmd_check_pubkey,28 | |||
| 364 | msgdata,hsmd_check_pubkey,index,u32, | |||
| 365 | msgdata,hsmd_check_pubkey,pubkey,pubkey, | |||
| 366 | # Reply | |||
| 367 | msgtype,hsmd_check_pubkey_reply,128 | |||
| 368 | msgdata,hsmd_check_pubkey_reply,ok,bool, | |||
| 369 | # Sanity check this BIP86 pubkey derivation is correct (unhardened only) | |||
| 370 | msgtype,hsmd_check_bip86_pubkey,56 | |||
| 371 | msgdata,hsmd_check_bip86_pubkey,index,u32, | |||
| 372 | msgdata,hsmd_check_bip86_pubkey,pubkey,pubkey, | |||
| 373 | msgtype,hsmd_check_bip86_pubkey_reply,156 | |||
| 374 | msgdata,hsmd_check_bip86_pubkey_reply,ok,bool, | |||
| 375 | msgtype,hsmd_sign_anchorspend,147 | |||
| 376 | msgdata,hsmd_sign_anchorspend,peerid,node_id, | |||
| 377 | msgdata,hsmd_sign_anchorspend,channel_dbid,u64, | |||
| 378 | msgdata,hsmd_sign_anchorspend,num_inputs,u16, | |||
| 379 | msgdata,hsmd_sign_anchorspend,inputs,hsm_utxo,num_inputs | |||
| 380 | msgdata,hsmd_sign_anchorspend,psbt,wally_psbt, | |||
| 381 | msgtype,hsmd_sign_anchorspend_reply,148 | |||
| 382 | msgdata,hsmd_sign_anchorspend_reply,psbt,wally_psbt, | |||
| 383 | # These are where lightningd asks for signatures on onchaind's behalf. | |||
| 384 | msgtype,hsmd_sign_any_delayed_payment_to_us,142 | |||
| 385 | msgdata,hsmd_sign_any_delayed_payment_to_us,commit_num,u64, | |||
| 386 | msgdata,hsmd_sign_any_delayed_payment_to_us,tx,bitcoin_tx, | |||
| 387 | msgdata,hsmd_sign_any_delayed_payment_to_us,wscript_len,u16, | |||
| 388 | msgdata,hsmd_sign_any_delayed_payment_to_us,wscript,u8,wscript_len | |||
| 389 | msgdata,hsmd_sign_any_delayed_payment_to_us,input,u32, | |||
| 390 | msgdata,hsmd_sign_any_delayed_payment_to_us,peerid,node_id, | |||
| 391 | msgdata,hsmd_sign_any_delayed_payment_to_us,channel_dbid,u64, | |||
| 392 | msgtype,hsmd_sign_any_remote_htlc_to_us,143 | |||
| 393 | msgdata,hsmd_sign_any_remote_htlc_to_us,remote_per_commitment_point,pubkey, | |||
| 394 | msgdata,hsmd_sign_any_remote_htlc_to_us,tx,bitcoin_tx, | |||
| 395 | msgdata,hsmd_sign_any_remote_htlc_to_us,wscript_len,u16, | |||
| 396 | msgdata,hsmd_sign_any_remote_htlc_to_us,wscript,u8,wscript_len | |||
| 397 | msgdata,hsmd_sign_any_remote_htlc_to_us,option_anchor_outputs,bool, | |||
| 398 | msgdata,hsmd_sign_any_remote_htlc_to_us,input,u32, | |||
| 399 | msgdata,hsmd_sign_any_remote_htlc_to_us,peerid,node_id, | |||
| 400 | msgdata,hsmd_sign_any_remote_htlc_to_us,channel_dbid,u64, | |||
| 401 | msgtype,hsmd_sign_any_penalty_to_us,144 | |||
| 402 | msgdata,hsmd_sign_any_penalty_to_us,revocation_secret,secret, | |||
| 403 | msgdata,hsmd_sign_any_penalty_to_us,tx,bitcoin_tx, | |||
| 404 | msgdata,hsmd_sign_any_penalty_to_us,wscript_len,u16, | |||
| 405 | msgdata,hsmd_sign_any_penalty_to_us,wscript,u8,wscript_len | |||
| 406 | msgdata,hsmd_sign_any_penalty_to_us,input,u32, | |||
| 407 | msgdata,hsmd_sign_any_penalty_to_us,peerid,node_id, | |||
| 408 | msgdata,hsmd_sign_any_penalty_to_us,channel_dbid,u64, | |||
| 409 | msgtype,hsmd_sign_any_local_htlc_tx,146 | |||
| 410 | msgdata,hsmd_sign_any_local_htlc_tx,commit_num,u64, | |||
| 411 | msgdata,hsmd_sign_any_local_htlc_tx,tx,bitcoin_tx, | |||
| 412 | msgdata,hsmd_sign_any_local_htlc_tx,wscript_len,u16, | |||
| 413 | msgdata,hsmd_sign_any_local_htlc_tx,wscript,u8,wscript_len | |||
| 414 | msgdata,hsmd_sign_any_local_htlc_tx,option_anchor_outputs,bool, | |||
| 415 | msgdata,hsmd_sign_any_local_htlc_tx,input,u32, | |||
| 416 | msgdata,hsmd_sign_any_local_htlc_tx,peerid,node_id, | |||
| 417 | msgdata,hsmd_sign_any_local_htlc_tx,channel_dbid,u64, | |||
| 418 | msgtype,hsmd_sign_htlc_tx_mingle,149 | |||
| 419 | msgdata,hsmd_sign_htlc_tx_mingle,peerid,node_id, | |||
| 420 | msgdata,hsmd_sign_htlc_tx_mingle,channel_dbid,u64, | |||
| 421 | msgdata,hsmd_sign_htlc_tx_mingle,num_inputs,u16, | |||
| 422 | msgdata,hsmd_sign_htlc_tx_mingle,inputs,hsm_utxo,num_inputs | |||
| 423 | msgdata,hsmd_sign_htlc_tx_mingle,psbt,wally_psbt, | |||
| 424 | msgtype,hsmd_sign_htlc_tx_mingle_reply,150 | |||
| 425 | msgdata,hsmd_sign_htlc_tx_mingle_reply,psbt,wally_psbt, |