keychain: change KeyFamilyStaticBackup name to reflect its new, broader role

2025-06-12 09:52:14 +02:00 · 2022-02-02 15:39:29 -06:00 · 2022-02-02 15:39:29 -06:00 · f3bd2227fa
commit f3bd2227fa
parent 4b2edc4777
3 changed files with 13 additions and 14 deletions
--- a/chanbackup/crypto.go
+++ b/chanbackup/crypto.go
@ -15,15 +15,15 @@ import (
 // TODO(roasbeef): interface in front of?
 // baseEncryptionKeyLoc is the KeyLocator that we'll use to derive the base
-// encryption key used for encrypting all static channel backups. We use this
+// encryption key used for encrypting all payloads. We use this to then
-// to then derive the actual key that we'll use for encryption. We do this
+// derive the actual key that we'll use for encryption. We do this
 // rather than using the raw key, as we assume that we can't obtain the raw
 // keys, and we don't want to require that the HSM know our target cipher for
 // encryption.
 //
 // TODO(roasbeef): possibly unique encrypt?
 var baseEncryptionKeyLoc = keychain.KeyLocator{
-	Family: keychain.KeyFamilyStaticBackup,
+	Family: keychain.KeyFamilyBaseEncryption,
 	Index:  0,
 }
--- a/chanbackup/single.go
+++ b/chanbackup/single.go
@ -333,10 +333,10 @@ func (s *Single) Serialize(w io.Writer) error {
 // global counter to use as a sequence number for nonces, and want to ensure
 // that we're able to decrypt these blobs without any additional context. We
 // derive the key that we use for encryption via a SHA2 operation of the with
-// the golden keychain.KeyFamilyStaticBackup base encryption key.  We then take
+// the golden keychain.KeyFamilyBaseEncryption base encryption key.  We then
-// the serialized resulting shared secret point, and hash it using sha256 to
+// take the serialized resulting shared secret point, and hash it using sha256
-// obtain the key that we'll use for encryption. When using the AEAD, we pass
+// to obtain the key that we'll use for encryption. When using the AEAD, we
-// the nonce as associated data such that we'll be able to package the two
+// pass the nonce as associated data such that we'll be able to package the two
 // together for storage. Before writing out the encrypted payload, we prepend
 // the nonce to the final blob.
 func (s *Single) PackToWriter(w io.Writer, keyRing keychain.KeyRing) error {
--- a/keychain/derivation.go
+++ b/keychain/derivation.go
@ -102,12 +102,11 @@ const (
 	// p2p level (BOLT-0008).
 	KeyFamilyNodeKey KeyFamily = 6
-	// KeyFamilyStaticBackup is the family of keys that will be used to
+	// KeyFamilyBaseEncryption is the family of keys that will be used to
-	// derive keys that we use to encrypt and decrypt our set of static
+	// derive keys that we use to encrypt and decrypt any general blob data
-	// backups. These backups may either be stored within watch towers for
+	// like static channel backups and the TLS private key. Often used when
-	// a payment, or self stored on disk in a single file containing all
+	// encrypting files on disk.
-	// the static channel backups.
+	KeyFamilyBaseEncryption KeyFamily = 7
 	KeyFamilyStaticBackup KeyFamily = 7
 	// KeyFamilyTowerSession is the family of keys that will be used to
 	// derive session keys when negotiating sessions with watchtowers. The
@ -133,7 +132,7 @@ var VersionZeroKeyFamilies = []KeyFamily{
 	KeyFamilyDelayBase,
 	KeyFamilyRevocationRoot,
 	KeyFamilyNodeKey,
-	KeyFamilyStaticBackup,
+	KeyFamilyBaseEncryption,
 	KeyFamilyTowerSession,
 	KeyFamilyTowerID,
 }