e8a38f111d
The current interface, if given a tweak, uses a *different secret key* and tweaks it. This was an early experiment: we will switch to using a secret tweak for invoice_requests like we do for invoice path ids. To make sure there's no funny business, *hsmd* hashes to form the tweak (i.e. no zero tweaks!). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
19 KiB
19 KiB
| 1 | # Clients should not give a bad request but not the HSM's decision to crash. | |||
|---|---|---|---|---|
| 2 | msgtype,hsmstatus_client_bad_request,1000 | |||
| 3 | msgdata,hsmstatus_client_bad_request,id,node_id, | |||
| 4 | msgdata,hsmstatus_client_bad_request,description,wirestring, | |||
| 5 | msgdata,hsmstatus_client_bad_request,len,u16, | |||
| 6 | msgdata,hsmstatus_client_bad_request,msg,u8,len | |||
| 7 | # We use this to set dev flags (before init!). It's a TLV, so we can | |||
| 8 | # extend easily. Normal TLV rules apply: ignore odd fields you don't | |||
| 9 | # understand. | |||
| 10 | msgtype,hsmd_dev_preinit,99 | |||
| 11 | msgdata,hsmd_dev_preinit,tlvs,hsmd_dev_preinit_tlvs, | |||
| 12 | tlvtype,hsmd_dev_preinit_tlvs,fail_preapprove,1 | |||
| 13 | tlvdata,hsmd_dev_preinit_tlvs,fail_preapprove,fail,bool, | |||
| 14 | tlvtype,hsmd_dev_preinit_tlvs,no_preapprove_check,3 | |||
| 15 | tlvdata,hsmd_dev_preinit_tlvs,no_preapprove_check,disable,bool, | |||
| 16 | #include <bitcoin/chainparams.h> | |||
| 17 | # Start the HSM. | |||
| 18 | msgtype,hsmd_init,11 | |||
| 19 | msgdata,hsmd_init,bip32_key_version,bip32_key_version, | |||
| 20 | msgdata,hsmd_init,chainparams,chainparams, | |||
| 21 | msgdata,hsmd_init,hsm_encryption_key,?secret, | |||
| 22 | msgdata,hsmd_init,dev_force_privkey,?privkey, | |||
| 23 | msgdata,hsmd_init,dev_force_bip32_seed,?secret, | |||
| 24 | msgdata,hsmd_init,dev_force_channel_secrets,?secrets, | |||
| 25 | msgdata,hsmd_init,dev_force_channel_secrets_shaseed,?sha256, | |||
| 26 | msgdata,hsmd_init,hsm_wire_min_version,u32, | |||
| 27 | msgdata,hsmd_init,hsm_wire_max_version,u32, | |||
| 28 | #include <common/bip32.h> | |||
| 29 | # Sorry: I should have put version in v2 :( | |||
| 30 | msgtype,hsmd_init_reply_v4,114 | |||
| 31 | # This gets upgraded when the wire protocol changes in incompatible | |||
| 32 | # ways: | |||
| 33 | msgdata,hsmd_init_reply_v4,hsm_version,u32, | |||
| 34 | # Capabilities, by convention are message numbers, indicating | |||
| 35 | # that the HSM supports you sending this message. | |||
| 36 | msgdata,hsmd_init_reply_v4,num_hsm_capabilities,u16, | |||
| 37 | msgdata,hsmd_init_reply_v4,hsm_capabilities,u32,num_hsm_capabilities | |||
| 38 | msgdata,hsmd_init_reply_v4,node_id,node_id, | |||
| 39 | msgdata,hsmd_init_reply_v4,bip32,ext_key, | |||
| 40 | msgdata,hsmd_init_reply_v4,bolt12,pubkey, | |||
| 41 | # Declare a new channel. | |||
| 42 | msgtype,hsmd_new_channel,30 | |||
| 43 | msgdata,hsmd_new_channel,id,node_id, | |||
| 44 | msgdata,hsmd_new_channel,dbid,u64, | |||
| 45 | # No value returned. | |||
| 46 | msgtype,hsmd_new_channel_reply,130 | |||
| 47 | # Get a new HSM FD, with the specified permissions | |||
| 48 | msgtype,hsmd_client_hsmfd,9 | |||
| 49 | # Which identity to use for requests | |||
| 50 | msgdata,hsmd_client_hsmfd,id,node_id, | |||
| 51 | # Database id for this client, if any. | |||
| 52 | msgdata,hsmd_client_hsmfd,dbid,u64, | |||
| 53 | msgdata,hsmd_client_hsmfd,permissions,u64, | |||
| 54 | # No content, just an fd. | |||
| 55 | msgtype,hsmd_client_hsmfd_reply,109 | |||
| 56 | #include <common/derive_basepoints.h> | |||
| 57 | # Get the basepoints and funding key for this specific channel. | |||
| 58 | msgtype,hsmd_get_channel_basepoints,10 | |||
| 59 | msgdata,hsmd_get_channel_basepoints,peerid,node_id, | |||
| 60 | msgdata,hsmd_get_channel_basepoints,dbid,u64, | |||
| 61 | msgtype,hsmd_get_channel_basepoints_reply,110 | |||
| 62 | msgdata,hsmd_get_channel_basepoints_reply,basepoints,basepoints, | |||
| 63 | msgdata,hsmd_get_channel_basepoints_reply,funding_pubkey,pubkey, | |||
| 64 | #include <common/channel_type.h> | |||
| 65 | # Provide channel parameters. | |||
| 66 | msgtype,hsmd_setup_channel,31 | |||
| 67 | msgdata,hsmd_setup_channel,is_outbound,bool, | |||
| 68 | msgdata,hsmd_setup_channel,channel_value,amount_sat, | |||
| 69 | msgdata,hsmd_setup_channel,push_value,amount_msat, | |||
| 70 | msgdata,hsmd_setup_channel,funding_txid,bitcoin_txid, | |||
| 71 | msgdata,hsmd_setup_channel,funding_txout,u16, | |||
| 72 | msgdata,hsmd_setup_channel,local_to_self_delay,u16, | |||
| 73 | msgdata,hsmd_setup_channel,local_shutdown_script_len,u16, | |||
| 74 | msgdata,hsmd_setup_channel,local_shutdown_script,u8,local_shutdown_script_len | |||
| 75 | msgdata,hsmd_setup_channel,local_shutdown_wallet_index,?u32, | |||
| 76 | msgdata,hsmd_setup_channel,remote_basepoints,basepoints, | |||
| 77 | msgdata,hsmd_setup_channel,remote_funding_pubkey,pubkey, | |||
| 78 | msgdata,hsmd_setup_channel,remote_to_self_delay,u16, | |||
| 79 | msgdata,hsmd_setup_channel,remote_shutdown_script_len,u16, | |||
| 80 | msgdata,hsmd_setup_channel,remote_shutdown_script,u8,remote_shutdown_script_len | |||
| 81 | msgdata,hsmd_setup_channel,channel_type,channel_type, | |||
| 82 | # No value returned., | |||
| 83 | msgtype,hsmd_setup_channel_reply,131 | |||
| 84 | # check if the signer agrees that a funding candidate outpoint is buried | |||
| 85 | msgtype,hsmd_check_outpoint,32 | |||
| 86 | msgdata,hsmd_check_outpoint,funding_txid,bitcoin_txid, | |||
| 87 | msgdata,hsmd_check_outpoint,funding_txout,u16, | |||
| 88 | msgtype,hsmd_check_outpoint_reply,132 | |||
| 89 | msgdata,hsmd_check_outpoint_reply,is_buried,bool, | |||
| 90 | # change the funding/splice state to locked | |||
| 91 | msgtype,hsmd_lock_outpoint,37 | |||
| 92 | msgdata,hsmd_lock_outpoint,funding_txid,bitcoin_txid, | |||
| 93 | msgdata,hsmd_lock_outpoint,funding_txout,u16, | |||
| 94 | # No value returned. | |||
| 95 | msgtype,hsmd_lock_outpoint_reply,137 | |||
| 96 | # Forget channel. | |||
| 97 | msgtype,hsmd_forget_channel,34 | |||
| 98 | msgdata,hsmd_forget_channel,id,node_id, | |||
| 99 | msgdata,hsmd_forget_channel,dbid,u64, | |||
| 100 | # No value returned. | |||
| 101 | msgtype,hsmd_forget_channel_reply,134 | |||
| 102 | # Return signature for a funding tx. | |||
| 103 | #include <common/utxo.h> | |||
| 104 | # Master asks the HSM to sign a node_announcement | |||
| 105 | msgtype,hsmd_node_announcement_sig_req,6 | |||
| 106 | msgdata,hsmd_node_announcement_sig_req,annlen,u16, | |||
| 107 | msgdata,hsmd_node_announcement_sig_req,announcement,u8,annlen | |||
| 108 | msgtype,hsmd_node_announcement_sig_reply,106 | |||
| 109 | msgdata,hsmd_node_announcement_sig_reply,signature,secp256k1_ecdsa_signature, | |||
| 110 | # Sign a withdrawal request | |||
| 111 | #include <bitcoin/psbt.h> | |||
| 112 | msgtype,hsmd_sign_withdrawal,7 | |||
| 113 | msgdata,hsmd_sign_withdrawal,num_inputs,u16, | |||
| 114 | msgdata,hsmd_sign_withdrawal,inputs,utxo,num_inputs | |||
| 115 | msgdata,hsmd_sign_withdrawal,psbt,wally_psbt, | |||
| 116 | msgtype,hsmd_sign_withdrawal_reply,107 | |||
| 117 | msgdata,hsmd_sign_withdrawal_reply,psbt,wally_psbt, | |||
| 118 | # Sign an invoice | |||
| 119 | msgtype,hsmd_sign_invoice,8 | |||
| 120 | msgdata,hsmd_sign_invoice,len,u16, | |||
| 121 | msgdata,hsmd_sign_invoice,u5bytes,u8,len | |||
| 122 | msgdata,hsmd_sign_invoice,hrplen,u16, | |||
| 123 | msgdata,hsmd_sign_invoice,hrp,u8,hrplen | |||
| 124 | msgtype,hsmd_sign_invoice_reply,108 | |||
| 125 | msgdata,hsmd_sign_invoice_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
| 126 | # Preapprove an invoice for payment | |||
| 127 | msgtype,hsmd_preapprove_invoice,38 | |||
| 128 | msgdata,hsmd_preapprove_invoice,invstring,wirestring, | |||
| 129 | # Result is true if approved, declined if false | |||
| 130 | msgtype,hsmd_preapprove_invoice_reply,138 | |||
| 131 | msgdata,hsmd_preapprove_invoice_reply,approved,bool, | |||
| 132 | # Preapprove a keysend payment | |||
| 133 | msgtype,hsmd_preapprove_keysend,39 | |||
| 134 | msgdata,hsmd_preapprove_keysend,destination,node_id, | |||
| 135 | msgdata,hsmd_preapprove_keysend,payment_hash,sha256, | |||
| 136 | msgdata,hsmd_preapprove_keysend,amount_msat,amount_msat, | |||
| 137 | # Result is true if approved, declined if false | |||
| 138 | msgtype,hsmd_preapprove_keysend_reply,139 | |||
| 139 | msgdata,hsmd_preapprove_keysend_reply,approved,bool, | |||
| 140 | msgtype,hsmd_preapprove_invoice_check,51 | |||
| 141 | msgdata,hsmd_preapprove_invoice_check,invstring,wirestring, | |||
| 142 | msgdata,hsmd_preapprove_invoice_check,check_only,bool, | |||
| 143 | # Result is true if approved, declined if false | |||
| 144 | msgtype,hsmd_preapprove_invoice_check_reply,151 | |||
| 145 | msgdata,hsmd_preapprove_invoice_check_reply,approved,bool, | |||
| 146 | msgtype,hsmd_preapprove_keysend_check,52 | |||
| 147 | msgdata,hsmd_preapprove_keysend_check,destination,node_id, | |||
| 148 | msgdata,hsmd_preapprove_keysend_check,payment_hash,sha256, | |||
| 149 | msgdata,hsmd_preapprove_keysend_check,amount_msat,amount_msat, | |||
| 150 | msgdata,hsmd_preapprove_keysend_check,check_only,bool, | |||
| 151 | # Result is true if approved, declined if false | |||
| 152 | msgtype,hsmd_preapprove_keysend_check_reply,152 | |||
| 153 | msgdata,hsmd_preapprove_keysend_check_reply,approved,bool, | |||
| 154 | # Give me ECDH(node-id-secret,point) | |||
| 155 | msgtype,hsmd_ecdh_req,1 | |||
| 156 | msgdata,hsmd_ecdh_req,point,pubkey, | |||
| 157 | msgtype,hsmd_ecdh_resp,100 | |||
| 158 | msgdata,hsmd_ecdh_resp,ss,secret, | |||
| 159 | msgtype,hsmd_cannouncement_sig_req,2 | |||
| 160 | msgdata,hsmd_cannouncement_sig_req,calen,u16, | |||
| 161 | msgdata,hsmd_cannouncement_sig_req,ca,u8,calen | |||
| 162 | msgtype,hsmd_cannouncement_sig_reply,102 | |||
| 163 | msgdata,hsmd_cannouncement_sig_reply,node_signature,secp256k1_ecdsa_signature, | |||
| 164 | msgdata,hsmd_cannouncement_sig_reply,bitcoin_signature,secp256k1_ecdsa_signature, | |||
| 165 | msgtype,hsmd_sign_any_cannouncement_req,4 | |||
| 166 | msgdata,hsmd_sign_any_cannouncement_req,calen,u16, | |||
| 167 | msgdata,hsmd_sign_any_cannouncement_req,ca,u8,calen | |||
| 168 | msgdata,hsmd_sign_any_cannouncement_req,peerid,node_id, | |||
| 169 | msgdata,hsmd_sign_any_cannouncement_req,channel_dbid,u64, | |||
| 170 | ||||
| 171 | msgtype,hsmd_sign_any_cannouncement_reply,104 | |||
| 172 | msgdata,hsmd_sign_any_cannouncement_reply,node_signature,secp256k1_ecdsa_signature, | |||
| 173 | msgdata,hsmd_sign_any_cannouncement_reply,bitcoin_signature,secp256k1_ecdsa_signature, | |||
| 174 | msgtype,hsmd_cupdate_sig_req,3 | |||
| 175 | msgdata,hsmd_cupdate_sig_req,culen,u16, | |||
| 176 | msgdata,hsmd_cupdate_sig_req,cu,u8,culen | |||
| 177 | msgtype,hsmd_cupdate_sig_reply,103 | |||
| 178 | msgdata,hsmd_cupdate_sig_reply,culen,u16, | |||
| 179 | msgdata,hsmd_cupdate_sig_reply,cu,u8,culen | |||
| 180 | # Master asks HSM to sign a commitment transaction. | |||
| 181 | msgtype,hsmd_sign_commitment_tx,5 | |||
| 182 | msgdata,hsmd_sign_commitment_tx,peer_id,node_id, | |||
| 183 | msgdata,hsmd_sign_commitment_tx,channel_dbid,u64, | |||
| 184 | msgdata,hsmd_sign_commitment_tx,tx,bitcoin_tx, | |||
| 185 | msgdata,hsmd_sign_commitment_tx,remote_funding_key,pubkey, | |||
| 186 | msgdata,hsmd_sign_commitment_tx,commit_num,u64, | |||
| 187 | msgtype,hsmd_sign_commitment_tx_reply,105 | |||
| 188 | msgdata,hsmd_sign_commitment_tx_reply,sig,bitcoin_signature, | |||
| 189 | # Validate the counterparty's commitment signatures. | |||
| 190 | msgtype,hsmd_validate_commitment_tx,35 | |||
| 191 | msgdata,hsmd_validate_commitment_tx,tx,bitcoin_tx, | |||
| 192 | msgdata,hsmd_validate_commitment_tx,num_htlcs,u16, | |||
| 193 | msgdata,hsmd_validate_commitment_tx,htlcs,simple_htlc,num_htlcs | |||
| 194 | msgdata,hsmd_validate_commitment_tx,commit_num,u64, | |||
| 195 | msgdata,hsmd_validate_commitment_tx,feerate,u32, | |||
| 196 | msgdata,hsmd_validate_commitment_tx,sig,bitcoin_signature, | |||
| 197 | msgdata,hsmd_validate_commitment_tx,num_htlc_sigs,u16, | |||
| 198 | msgdata,hsmd_validate_commitment_tx,htlc_sigs,bitcoin_signature,num_htlc_sigs | |||
| 199 | msgtype,hsmd_validate_commitment_tx_reply,135 | |||
| 200 | msgdata,hsmd_validate_commitment_tx_reply,old_commitment_secret,?secret, | |||
| 201 | msgdata,hsmd_validate_commitment_tx_reply,next_per_commitment_point,pubkey, | |||
| 202 | # Revoke our local commitment, returns the revocation secret and next point | |||
| 203 | msgtype,hsmd_revoke_commitment_tx,40 | |||
| 204 | msgdata,hsmd_revoke_commitment_tx,commit_num,u64, | |||
| 205 | msgtype,hsmd_revoke_commitment_tx_reply,140 | |||
| 206 | msgdata,hsmd_revoke_commitment_tx_reply,old_commitment_secret,secret, | |||
| 207 | msgdata,hsmd_revoke_commitment_tx_reply,next_per_commitment_point,pubkey, | |||
| 208 | # Vaidate the counterparty's revocation secret | |||
| 209 | msgtype,hsmd_validate_revocation,36 | |||
| 210 | msgdata,hsmd_validate_revocation,revoke_num,u64, | |||
| 211 | msgdata,hsmd_validate_revocation,per_commitment_secret,secret, | |||
| 212 | # No value returned. | |||
| 213 | msgtype,hsmd_validate_revocation_reply,136 | |||
| 214 | # Onchaind asks HSM to sign a spend to-us. Four variants, since each set | |||
| 215 | # of keys is derived differently... | |||
| 216 | msgtype,hsmd_sign_delayed_payment_to_us,12 | |||
| 217 | msgdata,hsmd_sign_delayed_payment_to_us,commit_num,u64, | |||
| 218 | msgdata,hsmd_sign_delayed_payment_to_us,tx,bitcoin_tx, | |||
| 219 | msgdata,hsmd_sign_delayed_payment_to_us,wscript_len,u16, | |||
| 220 | msgdata,hsmd_sign_delayed_payment_to_us,wscript,u8,wscript_len | |||
| 221 | msgtype,hsmd_sign_remote_htlc_to_us,13 | |||
| 222 | msgdata,hsmd_sign_remote_htlc_to_us,remote_per_commitment_point,pubkey, | |||
| 223 | msgdata,hsmd_sign_remote_htlc_to_us,tx,bitcoin_tx, | |||
| 224 | msgdata,hsmd_sign_remote_htlc_to_us,wscript_len,u16, | |||
| 225 | msgdata,hsmd_sign_remote_htlc_to_us,wscript,u8,wscript_len | |||
| 226 | msgdata,hsmd_sign_remote_htlc_to_us,option_anchor_outputs,bool, | |||
| 227 | msgtype,hsmd_sign_penalty_to_us,14 | |||
| 228 | msgdata,hsmd_sign_penalty_to_us,revocation_secret,secret, | |||
| 229 | msgdata,hsmd_sign_penalty_to_us,tx,bitcoin_tx, | |||
| 230 | msgdata,hsmd_sign_penalty_to_us,wscript_len,u16, | |||
| 231 | msgdata,hsmd_sign_penalty_to_us,wscript,u8,wscript_len | |||
| 232 | # Onchaind asks HSM to sign a local HTLC success or HTLC timeout tx. | |||
| 233 | msgtype,hsmd_sign_local_htlc_tx,16 | |||
| 234 | msgdata,hsmd_sign_local_htlc_tx,commit_num,u64, | |||
| 235 | msgdata,hsmd_sign_local_htlc_tx,tx,bitcoin_tx, | |||
| 236 | msgdata,hsmd_sign_local_htlc_tx,wscript_len,u16, | |||
| 237 | msgdata,hsmd_sign_local_htlc_tx,wscript,u8,wscript_len | |||
| 238 | msgdata,hsmd_sign_local_htlc_tx,option_anchor_outputs,bool, | |||
| 239 | # Openingd/channeld asks HSM to sign the other sides' commitment tx. | |||
| 240 | #include <common/htlc_wire.h> | |||
| 241 | msgtype,hsmd_sign_remote_commitment_tx,19 | |||
| 242 | msgdata,hsmd_sign_remote_commitment_tx,tx,bitcoin_tx, | |||
| 243 | msgdata,hsmd_sign_remote_commitment_tx,remote_funding_key,pubkey, | |||
| 244 | msgdata,hsmd_sign_remote_commitment_tx,remote_per_commit,pubkey, | |||
| 245 | msgdata,hsmd_sign_remote_commitment_tx,option_static_remotekey,bool, | |||
| 246 | msgdata,hsmd_sign_remote_commitment_tx,commit_num,u64, | |||
| 247 | msgdata,hsmd_sign_remote_commitment_tx,num_htlcs,u16, | |||
| 248 | msgdata,hsmd_sign_remote_commitment_tx,htlcs,simple_htlc,num_htlcs | |||
| 249 | msgdata,hsmd_sign_remote_commitment_tx,feerate,u32, | |||
| 250 | # channeld asks HSM to sign remote HTLC tx. | |||
| 251 | msgtype,hsmd_sign_remote_htlc_tx,20 | |||
| 252 | msgdata,hsmd_sign_remote_htlc_tx,tx,bitcoin_tx, | |||
| 253 | msgdata,hsmd_sign_remote_htlc_tx,len,u16, | |||
| 254 | msgdata,hsmd_sign_remote_htlc_tx,wscript,u8,len | |||
| 255 | msgdata,hsmd_sign_remote_htlc_tx,remote_per_commit_point,pubkey, | |||
| 256 | msgdata,hsmd_sign_remote_htlc_tx,option_anchor_outputs,bool, | |||
| 257 | # closingd asks HSM to sign mutual close tx. | |||
| 258 | msgtype,hsmd_sign_mutual_close_tx,21 | |||
| 259 | msgdata,hsmd_sign_mutual_close_tx,tx,bitcoin_tx, | |||
| 260 | msgdata,hsmd_sign_mutual_close_tx,remote_funding_key,pubkey, | |||
| 261 | # channeld asks HSM to sign splice tx. | |||
| 262 | msgtype,hsmd_sign_splice_tx,29 | |||
| 263 | msgdata,hsmd_sign_splice_tx,tx,bitcoin_tx, | |||
| 264 | msgdata,hsmd_sign_splice_tx,remote_funding_key,pubkey, | |||
| 265 | msgdata,hsmd_sign_splice_tx,input_index,u32, | |||
| 266 | # Reply for all the above requests. | |||
| 267 | msgtype,hsmd_sign_tx_reply,112 | |||
| 268 | msgdata,hsmd_sign_tx_reply,sig,bitcoin_signature, | |||
| 269 | # Openingd/channeld/onchaind asks for Nth per_commitment_point | |||
| 270 | # Prior to HSM_VERSION 6 we will return an old_commitment_secret | |||
| 271 | msgtype,hsmd_get_per_commitment_point,18 | |||
| 272 | msgdata,hsmd_get_per_commitment_point,n,u64, | |||
| 273 | # IMPORTANT - Beginning HSM_VERSION 6 we never return an old_commitment_secret | |||
| 274 | msgtype,hsmd_get_per_commitment_point_reply,118 | |||
| 275 | msgdata,hsmd_get_per_commitment_point_reply,per_commitment_point,pubkey, | |||
| 276 | msgdata,hsmd_get_per_commitment_point_reply,old_commitment_secret,?secret, | |||
| 277 | # master -> hsmd: do you have a memleak? | |||
| 278 | msgtype,hsmd_dev_memleak,33 | |||
| 279 | msgtype,hsmd_dev_memleak_reply,133 | |||
| 280 | msgdata,hsmd_dev_memleak_reply,leak,bool, | |||
| 281 | # channeld asks to check if claimed future commitment_secret is correct. | |||
| 282 | msgtype,hsmd_check_future_secret,22 | |||
| 283 | msgdata,hsmd_check_future_secret,n,u64, | |||
| 284 | msgdata,hsmd_check_future_secret,commitment_secret,secret, | |||
| 285 | msgtype,hsmd_check_future_secret_reply,122 | |||
| 286 | msgdata,hsmd_check_future_secret_reply,correct,bool, | |||
| 287 | # lightningd asks us to sign a string. | |||
| 288 | msgtype,hsmd_sign_message,23 | |||
| 289 | msgdata,hsmd_sign_message,len,u16, | |||
| 290 | msgdata,hsmd_sign_message,msg,u8,len | |||
| 291 | msgtype,hsmd_sign_message_reply,123 | |||
| 292 | msgdata,hsmd_sign_message_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
| 293 | # lightningd needs to get a scriptPubkey for a utxo with closeinfo | |||
| 294 | msgtype,hsmd_get_output_scriptpubkey,24 | |||
| 295 | msgdata,hsmd_get_output_scriptpubkey,channel_id,u64, | |||
| 296 | msgdata,hsmd_get_output_scriptpubkey,peer_id,node_id, | |||
| 297 | msgdata,hsmd_get_output_scriptpubkey,commitment_point,?pubkey, | |||
| 298 | msgtype,hsmd_get_output_scriptpubkey_reply,124 | |||
| 299 | msgdata,hsmd_get_output_scriptpubkey_reply,script_len,u16, | |||
| 300 | msgdata,hsmd_get_output_scriptpubkey_reply,script,u8,script_len | |||
| 301 | # Sign a bolt12-style merkle hash | |||
| 302 | msgtype,hsmd_sign_bolt12,25 | |||
| 303 | msgdata,hsmd_sign_bolt12,messagename,wirestring, | |||
| 304 | msgdata,hsmd_sign_bolt12,fieldname,wirestring, | |||
| 305 | msgdata,hsmd_sign_bolt12,merkleroot,sha256, | |||
| 306 | # This is for invreq payer_id (temporary keys) | |||
| 307 | msgdata,hsmd_sign_bolt12,publictweaklen,u16, | |||
| 308 | msgdata,hsmd_sign_bolt12,publictweak,u8,publictweaklen | |||
| 309 | msgtype,hsmd_sign_bolt12_reply,125 | |||
| 310 | msgdata,hsmd_sign_bolt12_reply,sig,bip340sig, | |||
| 311 | # Sign a bolt12-style merkle hash (modern) | |||
| 312 | msgtype,hsmd_sign_bolt12_2,41 | |||
| 313 | msgdata,hsmd_sign_bolt12_2,messagename,wirestring, | |||
| 314 | msgdata,hsmd_sign_bolt12_2,fieldname,wirestring, | |||
| 315 | msgdata,hsmd_sign_bolt12_2,merkleroot,sha256, | |||
| 316 | # This is for signing with an alias (temporary key), used if *publictweak* not empty. | |||
| 317 | # derive_secret with info, then tweak privkey with SHA256(derived_secret || publictweak). | |||
| 318 | msgdata,hsmd_sign_bolt12_2,infolen,u16, | |||
| 319 | msgdata,hsmd_sign_bolt12_2,info,u8,infolen | |||
| 320 | msgdata,hsmd_sign_bolt12_2,publictweaklen,u16, | |||
| 321 | msgdata,hsmd_sign_bolt12_2,publictweak,u8,publictweaklen | |||
| 322 | msgtype,hsmd_sign_bolt12_2_reply,141 | |||
| 323 | msgdata,hsmd_sign_bolt12_2_reply,sig,bip340sig, | |||
| 324 | # Sign an option_will_fund offer hash | |||
| 325 | msgtype,hsmd_sign_option_will_fund_offer,26 | |||
| 326 | msgdata,hsmd_sign_option_will_fund_offer,funding_pubkey,pubkey, | |||
| 327 | msgdata,hsmd_sign_option_will_fund_offer,blockheight,u32, | |||
| 328 | msgdata,hsmd_sign_option_will_fund_offer,channel_fee_base_max_msat,u32, | |||
| 329 | msgdata,hsmd_sign_option_will_fund_offer,channel_fee_proportional_basis_max,u16, | |||
| 330 | msgtype,hsmd_sign_option_will_fund_offer_reply,126 | |||
| 331 | msgdata,hsmd_sign_option_will_fund_offer_reply,rsig,secp256k1_ecdsa_signature, | |||
| 332 | # Derive pseudorandom secret | |||
| 333 | msgtype,hsmd_derive_secret,27 | |||
| 334 | msgdata,hsmd_derive_secret,len,u16, | |||
| 335 | msgdata,hsmd_derive_secret,info,u8,len | |||
| 336 | # Reply with the derived secret | |||
| 337 | msgtype,hsmd_derive_secret_reply,127 | |||
| 338 | msgdata,hsmd_derive_secret_reply,secret,secret, | |||
| 339 | # Sanity check this pubkey derivation is correct (unhardened only) | |||
| 340 | msgtype,hsmd_check_pubkey,28 | |||
| 341 | msgdata,hsmd_check_pubkey,index,u32, | |||
| 342 | msgdata,hsmd_check_pubkey,pubkey,pubkey, | |||
| 343 | # Reply | |||
| 344 | msgtype,hsmd_check_pubkey_reply,128 | |||
| 345 | msgdata,hsmd_check_pubkey_reply,ok,bool, | |||
| 346 | msgtype,hsmd_sign_anchorspend,147 | |||
| 347 | msgdata,hsmd_sign_anchorspend,peerid,node_id, | |||
| 348 | msgdata,hsmd_sign_anchorspend,channel_dbid,u64, | |||
| 349 | msgdata,hsmd_sign_anchorspend,num_inputs,u16, | |||
| 350 | msgdata,hsmd_sign_anchorspend,inputs,utxo,num_inputs | |||
| 351 | msgdata,hsmd_sign_anchorspend,psbt,wally_psbt, | |||
| 352 | msgtype,hsmd_sign_anchorspend_reply,148 | |||
| 353 | msgdata,hsmd_sign_anchorspend_reply,psbt,wally_psbt, | |||
| 354 | # These are where lightningd asks for signatures on onchaind's behalf. | |||
| 355 | msgtype,hsmd_sign_any_delayed_payment_to_us,142 | |||
| 356 | msgdata,hsmd_sign_any_delayed_payment_to_us,commit_num,u64, | |||
| 357 | msgdata,hsmd_sign_any_delayed_payment_to_us,tx,bitcoin_tx, | |||
| 358 | msgdata,hsmd_sign_any_delayed_payment_to_us,wscript_len,u16, | |||
| 359 | msgdata,hsmd_sign_any_delayed_payment_to_us,wscript,u8,wscript_len | |||
| 360 | msgdata,hsmd_sign_any_delayed_payment_to_us,input,u32, | |||
| 361 | msgdata,hsmd_sign_any_delayed_payment_to_us,peerid,node_id, | |||
| 362 | msgdata,hsmd_sign_any_delayed_payment_to_us,channel_dbid,u64, | |||
| 363 | msgtype,hsmd_sign_any_remote_htlc_to_us,143 | |||
| 364 | msgdata,hsmd_sign_any_remote_htlc_to_us,remote_per_commitment_point,pubkey, | |||
| 365 | msgdata,hsmd_sign_any_remote_htlc_to_us,tx,bitcoin_tx, | |||
| 366 | msgdata,hsmd_sign_any_remote_htlc_to_us,wscript_len,u16, | |||
| 367 | msgdata,hsmd_sign_any_remote_htlc_to_us,wscript,u8,wscript_len | |||
| 368 | msgdata,hsmd_sign_any_remote_htlc_to_us,option_anchor_outputs,bool, | |||
| 369 | msgdata,hsmd_sign_any_remote_htlc_to_us,input,u32, | |||
| 370 | msgdata,hsmd_sign_any_remote_htlc_to_us,peerid,node_id, | |||
| 371 | msgdata,hsmd_sign_any_remote_htlc_to_us,channel_dbid,u64, | |||
| 372 | msgtype,hsmd_sign_any_penalty_to_us,144 | |||
| 373 | msgdata,hsmd_sign_any_penalty_to_us,revocation_secret,secret, | |||
| 374 | msgdata,hsmd_sign_any_penalty_to_us,tx,bitcoin_tx, | |||
| 375 | msgdata,hsmd_sign_any_penalty_to_us,wscript_len,u16, | |||
| 376 | msgdata,hsmd_sign_any_penalty_to_us,wscript,u8,wscript_len | |||
| 377 | msgdata,hsmd_sign_any_penalty_to_us,input,u32, | |||
| 378 | msgdata,hsmd_sign_any_penalty_to_us,peerid,node_id, | |||
| 379 | msgdata,hsmd_sign_any_penalty_to_us,channel_dbid,u64, | |||
| 380 | msgtype,hsmd_sign_any_local_htlc_tx,146 | |||
| 381 | msgdata,hsmd_sign_any_local_htlc_tx,commit_num,u64, | |||
| 382 | msgdata,hsmd_sign_any_local_htlc_tx,tx,bitcoin_tx, | |||
| 383 | msgdata,hsmd_sign_any_local_htlc_tx,wscript_len,u16, | |||
| 384 | msgdata,hsmd_sign_any_local_htlc_tx,wscript,u8,wscript_len | |||
| 385 | msgdata,hsmd_sign_any_local_htlc_tx,option_anchor_outputs,bool, | |||
| 386 | msgdata,hsmd_sign_any_local_htlc_tx,input,u32, | |||
| 387 | msgdata,hsmd_sign_any_local_htlc_tx,peerid,node_id, | |||
| 388 | msgdata,hsmd_sign_any_local_htlc_tx,channel_dbid,u64, | |||
| 389 | msgtype,hsmd_sign_htlc_tx_mingle,149 | |||
| 390 | msgdata,hsmd_sign_htlc_tx_mingle,peerid,node_id, | |||
| 391 | msgdata,hsmd_sign_htlc_tx_mingle,channel_dbid,u64, | |||
| 392 | msgdata,hsmd_sign_htlc_tx_mingle,num_inputs,u16, | |||
| 393 | msgdata,hsmd_sign_htlc_tx_mingle,inputs,utxo,num_inputs | |||
| 394 | msgdata,hsmd_sign_htlc_tx_mingle,psbt,wally_psbt, | |||
| 395 | msgtype,hsmd_sign_htlc_tx_mingle_reply,150 | |||
| 396 | msgdata,hsmd_sign_htlc_tx_mingle_reply,psbt,wally_psbt, |