forked from ElementsProject/lightning
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathkeyset.c
69 lines (62 loc) · 2.2 KB
/
keyset.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#include <common/key_derive.h>
#include <common/keyset.h>
bool derive_keyset(const struct pubkey *per_commitment_point,
const struct pubkey *self_payment_basepoint,
const struct pubkey *other_payment_basepoint,
const struct pubkey *self_htlc_basepoint,
const struct pubkey *other_htlc_basepoint,
const struct pubkey *self_delayed_basepoint,
const struct pubkey *other_revocation_basepoint,
struct keyset *keyset)
{
/* BOLT #3:
*
* ### `localkey`, `remotekey`, `local_htlckey`, `remote_htlckey`,
* `local_delayedkey` and `remote_delayedkey` Derivation
*
* These keys are simply generated by addition from their base points:
*
* pubkey = basepoint + SHA256(per_commitment_point || basepoint)*G
*
* The `localkey` uses the local node's `payment_basepoint`,
* `remotekey` uses the remote node's `payment_basepoint`, the
* `local_delayedkey` uses the local node's
* `delayed_payment_basepoint`, the `local_htlckey` uses the local
* node's `htlc_basepoint` and the `remote_delayedkey` uses the
* remote node's `delayed_payment_basepoint`.
*/
if (!derive_simple_key(self_payment_basepoint,
per_commitment_point,
&keyset->self_payment_key))
return false;
if (!derive_simple_key(other_payment_basepoint,
per_commitment_point,
&keyset->other_payment_key))
return false;
if (!derive_simple_key(self_htlc_basepoint,
per_commitment_point,
&keyset->self_htlc_key))
return false;
if (!derive_simple_key(other_htlc_basepoint,
per_commitment_point,
&keyset->other_htlc_key))
return false;
if (!derive_simple_key(self_delayed_basepoint,
per_commitment_point,
&keyset->self_delayed_payment_key))
return NULL;
/* BOLT #3:
*
* ### `revocationkey` Derivation
*
* The `revocationkey` is a blinded key: when a node wishes to create
* a new commitment for a remote node, it uses its own
* `revocation_basepoint` and the remote node's `per_commitment_point`
* to derive a new `revocationkey` for the commitment.
*/
if (!derive_revocation_key(other_revocation_basepoint,
per_commitment_point,
&keyset->self_revocation_key))
return false;
return true;
}