keysinterface: add get_phantom_secret method

valentinewallace · valentinewallace · commit 423e4217be63 · 2022-01-11T12:29:30.000-05:00
This method will be used to retrieve a phantom node's secret key to decrypt phantom node payments
diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs
@@ -223,6 +223,10 @@ impl KeysInterface for KeyProvider {
 	fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {
 		unreachable!()
 	}
+
+	fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> {
+		Err(())
+	}
 }
 
 impl KeyProvider {
diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs
@@ -336,6 +336,10 @@ impl KeysInterface for KeyProvider {
 	fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {
 		unreachable!()
 	}
+
+	fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> {
+		Err(())
+	}
 }
 
 #[inline]
diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs
@@ -30,6 +30,7 @@ use bitcoin::secp256k1::recovery::RecoverableSignature;
 use bitcoin::secp256k1;
 
 use util::{byte_utils, transaction_utils};
+use util::crypto::hkdf_extract_expand;
 use util::ser::{Writeable, Writer, Readable};
 
 use chain::transaction::OutPoint;
@@ -408,6 +409,9 @@ pub trait KeysInterface {
 	///
 	/// This method must return the same value each time it is called.
 	fn get_inbound_payment_key_material(&self) -> KeyMaterial;
+
+	/// Get a secret key for use in receiving phantom node payments.
+	fn get_phantom_secret(&self, scid: u64) -> Result<SecretKey, ()>;
 }
 
 #[derive(Clone)]
@@ -1110,6 +1114,11 @@ impl KeysInterface for KeysManager {
 	fn sign_invoice(&self, invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {
 		Ok(self.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&invoice_preimage)), &self.get_node_secret()))
 	}
+
+	fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> {
+		let hkdf = hkdf_extract_expand(b"LDK Phantom Node Secret Key Expansion", &self.inbound_payment_key.0, 1);
+		Ok(SecretKey::from_slice(&hkdf[0]).unwrap())
+	}
 }
 
 // Ensure that BaseSign can have a vtable
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -5877,6 +5877,7 @@ mod tests {
 		fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] }
 		fn read_chan_signer(&self, _data: &[u8]) -> Result<Self::Signer, DecodeError> { panic!(); }
 		fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> { panic!(); }
+		fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> { panic!(); }
 	}
 
 	fn public_from_secret_hex(secp_ctx: &Secp256k1<All>, hex: &str) -> PublicKey {
diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs
@@ -88,6 +88,7 @@ impl keysinterface::KeysInterface for OnlyReadsKeysInterface {
 		))
 	}
 	fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> { unreachable!(); }
+	fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> { unreachable!(); }
 }
 
 pub struct TestChainMonitor<'a> {
@@ -531,6 +532,8 @@ impl keysinterface::KeysInterface for TestKeysInterface {
 	fn sign_invoice(&self, invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {
 		self.backing.sign_invoice(invoice_preimage)
 	}
+
+	fn get_phantom_secret(&self, scid: u64) -> Result<SecretKey, ()> { self.backing.get_phantom_secret(scid) }
 }
 
 impl TestKeysInterface {

Original file line number	Diff line number	Diff line change
`@@ -223,6 +223,10 @@ impl KeysInterface for KeyProvider {`
`223`	`223`	`fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {`
`224`	`224`	`unreachable!()`
`225`	`225`	`}`
	`226`	`+`
	`227`	`+ fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> {`
	`228`	`+ Err(())`
	`229`	`+ }`
`226`	`230`	`}`
`227`	`231`
`228`	`232`	`impl KeyProvider {`
Original file line number	Diff line number	Diff line change
`@@ -336,6 +336,10 @@ impl KeysInterface for KeyProvider {`
`336`	`336`	`fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {`
`337`	`337`	`unreachable!()`
`338`	`338`	`}`
	`339`	`+`
	`340`	`+ fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> {`
	`341`	`+ Err(())`
	`342`	`+ }`
`339`	`343`	`}`
`340`	`344`
`341`	`345`	`#[inline]`
Original file line number	Diff line number	Diff line change
`@@ -5877,6 +5877,7 @@ mod tests {`
`5877`	`5877`	`fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] }`
`5878`	`5878`	`fn read_chan_signer(&self, _data: &[u8]) -> Result<Self::Signer, DecodeError> { panic!(); }`
`5879`	`5879`	`fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> { panic!(); }`
	`5880`	`+ fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> { panic!(); }`
`5880`	`5881`	`}`
`5881`	`5882`
`5882`	`5883`	`fn public_from_secret_hex(secp_ctx: &Secp256k1<All>, hex: &str) -> PublicKey {`
Original file line number	Diff line number	Diff line change
`@@ -88,6 +88,7 @@ impl keysinterface::KeysInterface for OnlyReadsKeysInterface {`
`88`	`88`	`))`
`89`	`89`	`}`
`90`	`90`	`fn sign_invoice(&self, _invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> { unreachable!(); }`
	`91`	`+ fn get_phantom_secret(&self, _scid: u64) -> Result<SecretKey, ()> { unreachable!(); }`
`91`	`92`	`}`
`92`	`93`
`93`	`94`	`pub struct TestChainMonitor<'a> {`
`@@ -531,6 +532,8 @@ impl keysinterface::KeysInterface for TestKeysInterface {`
`531`	`532`	`fn sign_invoice(&self, invoice_preimage: Vec<u8>) -> Result<RecoverableSignature, ()> {`
`532`	`533`	`self.backing.sign_invoice(invoice_preimage)`
`533`	`534`	`}`
	`535`	`+`
	`536`	`+ fn get_phantom_secret(&self, scid: u64) -> Result<SecretKey, ()> { self.backing.get_phantom_secret(scid) }`
`534`	`537`	`}`
`535`	`538`
`536`	`539`	`impl TestKeysInterface {`