github.com/decred/dcrlnd@v0.7.6/lnrpc/signrpc/signer.proto (about) 1 syntax = "proto3"; 2 3 package signrpc; 4 5 option go_package = "github.com/decred/dcrlnd/lnrpc/signrpc"; 6 7 // Signer is a service that gives access to the signing functionality of the 8 // daemon's wallet. 9 service Signer { 10 /* 11 SignOutputRaw is a method that can be used to generated a signature for a 12 set of inputs/outputs to a transaction. Each request specifies details 13 concerning how the outputs should be signed, which keys they should be 14 signed with, and also any optional tweaks. The return value is a fixed 15 64-byte signature (the same format as we use on the wire in Lightning). 16 17 If we are unable to sign using the specified keys, then an error will be 18 returned. 19 */ 20 rpc SignOutputRaw (SignReq) returns (SignResp); 21 22 /* 23 ComputeInputScript generates a complete InputIndex for the passed 24 transaction with the signature as defined within the passed SignDescriptor. 25 This method should be capable of generating the proper input script for 26 both regular p2wkh output and p2wkh outputs nested within a regular p2sh 27 output. 28 29 Note that when using this method to sign inputs belonging to the wallet, 30 the only items of the SignDescriptor that need to be populated are pkScript 31 in the TxOut field, the value in that same field, and finally the input 32 index. 33 */ 34 rpc ComputeInputScript (SignReq) returns (InputScriptResp); 35 36 /* 37 SignMessage signs a message with the key specified in the key locator. The 38 returned signature is fixed-size LN wire format encoded. 39 40 The main difference to SignMessage in the main RPC is that a specific key is 41 used to sign the message instead of the node identity private key. 42 */ 43 rpc SignMessage (SignMessageReq) returns (SignMessageResp); 44 45 /* 46 VerifyMessage verifies a signature over a message using the public key 47 provided. The signature must be fixed-size LN wire format encoded. 48 49 The main difference to VerifyMessage in the main RPC is that the public key 50 used to sign the message does not have to be a node known to the network. 51 */ 52 rpc VerifyMessage (VerifyMessageReq) returns (VerifyMessageResp); 53 54 /* 55 DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key 56 derivation between the ephemeral public key in the request and the node's 57 key specified in the key_desc parameter. Either a key locator or a raw 58 public key is expected in the key_desc, if neither is supplied, defaults to 59 the node's identity private key: 60 P_shared = privKeyNode * ephemeralPubkey 61 The resulting shared public key is serialized in the compressed format and 62 hashed with sha256, resulting in the final key length of 256bit. 63 */ 64 rpc DeriveSharedKey (SharedKeyRequest) returns (SharedKeyResponse); 65 } 66 67 message KeyLocator { 68 // The family of key being identified. 69 int32 key_family = 1; 70 71 // The precise index of the key being identified. 72 int32 key_index = 2; 73 } 74 75 message KeyDescriptor { 76 /* 77 The raw bytes of the public key in the key pair being identified. Either 78 this or the KeyLocator must be specified. 79 */ 80 bytes raw_key_bytes = 1; 81 82 /* 83 The key locator that identifies which private key to use for signing. 84 Either this or the raw bytes of the target public key must be specified. 85 */ 86 KeyLocator key_loc = 2; 87 } 88 89 message TxOut { 90 // The value of the output being spent. 91 int64 value = 1; 92 93 // The script of the output being spent. 94 bytes pk_script = 2; 95 } 96 97 message SignDescriptor { 98 /* 99 A descriptor that precisely describes *which* key to use for signing. This 100 may provide the raw public key directly, or require the Signer to re-derive 101 the key according to the populated derivation path. 102 103 Note that if the key descriptor was obtained through walletrpc.DeriveKey, 104 then the key locator MUST always be provided, since the derived keys are not 105 persisted unlike with DeriveNextKey. 106 */ 107 KeyDescriptor key_desc = 1; 108 109 /* 110 A scalar value that will be added to the private key corresponding to the 111 above public key to obtain the private key to be used to sign this input. 112 This value is typically derived via the following computation: 113 114 * derivedKey = privkey + sha256(perCommitmentPoint || pubKey) mod N 115 */ 116 bytes single_tweak = 2; 117 118 /* 119 A private key that will be used in combination with its corresponding 120 private key to derive the private key that is to be used to sign the target 121 input. Within the Lightning protocol, this value is typically the 122 commitment secret from a previously revoked commitment transaction. This 123 value is in combination with two hash values, and the original private key 124 to derive the private key to be used when signing. 125 126 * k = (privKey*sha256(pubKey || tweakPub) + 127 tweakPriv*sha256(tweakPub || pubKey)) mod N 128 */ 129 bytes double_tweak = 3; 130 131 /* 132 The full script required to properly redeem the output. This field will 133 only be populated if a p2wsh or a p2sh output is being signed. 134 */ 135 bytes witness_script = 4; 136 137 /* 138 A description of the output being spent. The value and script MUST be 139 provided. 140 */ 141 TxOut output = 5; 142 143 /* 144 The target sighash type that should be used when generating the final 145 sighash, and signature. 146 */ 147 uint32 sighash = 7; 148 149 /* 150 The target input within the transaction that should be signed. 151 */ 152 int32 input_index = 8; 153 } 154 155 message SignReq { 156 // The raw bytes of the transaction to be signed. 157 bytes raw_tx_bytes = 1; 158 159 // A set of sign descriptors, for each input to be signed. 160 repeated SignDescriptor sign_descs = 2; 161 } 162 163 message SignResp { 164 /* 165 A set of signatures realized in a fixed 64-byte format ordered in ascending 166 input order. 167 */ 168 repeated bytes raw_sigs = 1; 169 } 170 171 message InputScript { 172 // The serializes witness stack for the specified input. 173 repeated bytes witness = 1; 174 175 /* 176 The optional sig script for the specified witness that will only be set if 177 the input specified is a nested p2sh witness program. 178 */ 179 bytes sig_script = 2; 180 } 181 182 message InputScriptResp { 183 // The set of fully valid input scripts requested. 184 repeated InputScript input_scripts = 1; 185 } 186 187 message SignMessageReq { 188 // The message to be signed. 189 bytes msg = 1; 190 191 // The key locator that identifies which key to use for signing. 192 KeyLocator key_loc = 2; 193 194 // Double-SHA256 hash instead of just the default single round. 195 bool double_hash = 3; 196 197 /* 198 Use the compact (pubkey recoverable) format instead of the raw lnwire 199 format. 200 */ 201 bool compact_sig = 4; 202 } 203 message SignMessageResp { 204 /* 205 The signature for the given message in the fixed-size LN wire format. 206 */ 207 bytes signature = 1; 208 } 209 210 message VerifyMessageReq { 211 // The message over which the signature is to be verified. 212 bytes msg = 1; 213 214 /* 215 The fixed-size LN wire encoded signature to be verified over the given 216 message. 217 */ 218 bytes signature = 2; 219 220 // The public key the signature has to be valid for. 221 bytes pubkey = 3; 222 } 223 message VerifyMessageResp { 224 // Whether the signature was valid over the given message. 225 bool valid = 1; 226 } 227 228 message SharedKeyRequest { 229 // The ephemeral public key to use for the DH key derivation. 230 bytes ephemeral_pubkey = 1; 231 232 /* 233 Deprecated. The optional key locator of the local key that should be used. 234 If this parameter is not set then the node's identity private key will be 235 used. 236 */ 237 KeyLocator key_loc = 2 [deprecated = true]; 238 239 /* 240 A key descriptor describes the key used for performing ECDH. Either a key 241 locator or a raw public key is expected, if neither is supplied, defaults to 242 the node's identity private key. 243 */ 244 KeyDescriptor key_desc = 3; 245 } 246 247 message SharedKeyResponse { 248 // The shared public key, hashed with sha256. 249 bytes shared_key = 1; 250 }