From f3edda7c7f7e337fb75fa13d5c60f97b6649d2eb Mon Sep 17 00:00:00 2001 From: Oliver Gugger Date: Sat, 3 Aug 2024 12:16:24 +0200 Subject: [PATCH] cln: add CLN node key derivation --- cln/derivation.go | 13 +++++++++++++ cln/derivation_test.go | 12 ++++++++++++ 2 files changed, 25 insertions(+) diff --git a/cln/derivation.go b/cln/derivation.go index dade986..3b9e70f 100644 --- a/cln/derivation.go +++ b/cln/derivation.go @@ -9,11 +9,24 @@ import ( ) var ( + InfoNodeID = []byte("nodeid") InfoPeerSeed = []byte("peer seed") InfoPerPeer = []byte("per-peer seed") InfoCLightning = []byte("c-lightning") ) +// NodeKey derives a CLN node key from the given HSM secret. +func NodeKey(hsmSecret [32]byte) (*btcec.PublicKey, error) { + salt := make([]byte, 4) + privKeyBytes, err := HkdfSha256(hsmSecret[:], salt, InfoNodeID) + if err != nil { + return nil, err + } + + _, pubKey := btcec.PrivKeyFromBytes(privKeyBytes[:]) + return pubKey, nil +} + // FundingKey derives a CLN channel funding key for the given peer and channel // number (incrementing database index). func FundingKey(hsmSecret [32]byte, peerPubKey *btcec.PublicKey, diff --git a/cln/derivation_test.go b/cln/derivation_test.go index 37a5349..d6e2b25 100644 --- a/cln/derivation_test.go +++ b/cln/derivation_test.go @@ -15,6 +15,11 @@ var ( 0xbf, 0x72, 0xbe, 0xb4, 0x30, 0xe5, 0x9e, 0x71, 0xb5, 0xac, 0x5a, 0x73, 0x58, 0x1a, 0x62, 0x70, } + nodeKeyBytes, _ = hex.DecodeString( + "035149629152c1bee83f1e148a51400b5f24bf3e2ca53384dd801418446e" + + "1f53fe", + ) + peerPubKeyBytes, _ = hex.DecodeString( "02678187ca43e6a6f62f9185be98a933bf485313061e6a05578bbd83c54e" + "88d460", @@ -27,6 +32,13 @@ var ( ) ) +func TestNodeKey(t *testing.T) { + nodeKey, err := NodeKey(hsmSecret) + require.NoError(t, err) + + require.Equal(t, nodeKeyBytes, nodeKey.SerializeCompressed()) +} + func TestFundingKey(t *testing.T) { fundingKey, err := FundingKey(hsmSecret, peerPubKey, 1) require.NoError(t, err)