watchtower/wtclient: use HD session key derivation

2025-11-11 14:48:14 +01:00 · 2019-04-23 20:04:55 -07:00
parent 0404aedede
commit bebe6461a9
4 changed files with 53 additions and 27 deletions
--- a/watchtower/wtclient/client.go
+++ b/watchtower/wtclient/client.go
@@ -9,7 +9,6 @@ import (
 	"github.com/btcsuite/btcd/btcec"
 	"github.com/btcsuite/btcd/chaincfg/chainhash"
 	"github.com/lightningnetwork/lnd/input"
-	"github.com/lightningnetwork/lnd/keychain"
 	"github.com/lightningnetwork/lnd/lnwallet"
 	"github.com/lightningnetwork/lnd/lnwire"
 	"github.com/lightningnetwork/lnd/watchtower/wtdb"
@@ -77,7 +76,7 @@ type Config struct {
 	// SecretKeyRing is used to derive the session keys used to communicate
 	// with the tower. The client only stores the KeyLocators internally so
 	// that we never store private keys on disk.
-	SecretKeyRing keychain.SecretKeyRing
+	SecretKeyRing SecretKeyRing

 	// Dial connects to an addr using the specified net and returns the
 	// connection object.
@@ -201,15 +200,16 @@ func New(config *Config) (*TowerClient, error) {
 		forceQuit:      make(chan struct{}),
 	}
 	c.negotiator = newSessionNegotiator(&NegotiatorConfig{
-		DB:          cfg.DB,
-		Policy:      cfg.Policy,
-		ChainHash:   cfg.ChainHash,
-		SendMessage: c.sendMessage,
-		ReadMessage: c.readMessage,
-		Dial:        c.dial,
-		Candidates:  newTowerListIterator(tower),
-		MinBackoff:  cfg.MinBackoff,
-		MaxBackoff:  cfg.MaxBackoff,
+		DB:            cfg.DB,
+		SecretKeyRing: cfg.SecretKeyRing,
+		Policy:        cfg.Policy,
+		ChainHash:     cfg.ChainHash,
+		SendMessage:   c.sendMessage,
+		ReadMessage:   c.readMessage,
+		Dial:          c.dial,
+		Candidates:    newTowerListIterator(tower),
+		MinBackoff:    cfg.MinBackoff,
+		MaxBackoff:    cfg.MaxBackoff,
 	})

 	// Next, load all active sessions from the db into the client. We will
@@ -222,14 +222,25 @@ func New(config *Config) (*TowerClient, error) {
 	}

 	// Reload any towers from disk using the tower IDs contained in each
-	// candidate session.
+	// candidate session. We will also rederive any session keys needed to
+	// be able to communicate with the towers and authenticate session
+	// requests. This prevents us from having to store the private keys on
+	// disk.
 	for _, s := range c.candidateSessions {
 		tower, err := c.cfg.DB.LoadTower(s.TowerID)
 		if err != nil {
 			return nil, err
 		}

+		sessionPriv, err := DeriveSessionKey(
+			c.cfg.SecretKeyRing, s.KeyIndex,
+		)
+		if err != nil {
+			return nil, err
+		}
+
 		s.Tower = tower
+		s.SessionPrivKey = sessionPriv
 	}

 	// Finally, load the sweep pkscripts that have been generated for all