hsmd: don't use point32 for bolt12, but use pubkeys (though still always 02)

This is the one place where we hand point32 over the wire internally, so remove it. This is also our first hsm version change! Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2026-02-23 06:54:30 +01:00 · 2022-10-17 11:05:41 +10:30
parent bed905a394
commit 4e39b3ff3d
9 changed files with 57 additions and 29 deletions
--- a/lightningd/hsm_control.c
+++ b/lightningd/hsm_control.c
@@ -117,13 +117,26 @@ struct ext_key *hsm_init(struct lightningd *ld)

 	bip32_base = tal(ld, struct ext_key);
 	msg = wire_sync_read(tmpctx, ld->hsm_fd);
-	if (!fromwire_hsmd_init_reply(msg,
-				      &ld->id, bip32_base,
-				      &ld->bolt12_base,
-				      &ld->onion_reply_secret)) {
-		if (ld->config.keypass)
-			errx(EXITCODE_HSM_BAD_PASSWORD, "Wrong password for encrypted hsm_secret.");
-		errx(EXITCODE_HSM_GENERIC_ERROR, "HSM did not give init reply");
+	if (!fromwire_hsmd_init_reply_v2(msg,
+					 &ld->id, bip32_base,
+					 &ld->bolt12_base,
+					 &ld->onion_reply_secret)) {
+		/* v1 had x-only pubkey */
+		u8 pubkey32[33];
+
+		pubkey32[0] = SECP256K1_TAG_PUBKEY_EVEN;
+		if (!fromwire_hsmd_init_reply_v1(msg,
+					 &ld->id, bip32_base,
+					 pubkey32 + 1,
+					 &ld->onion_reply_secret)) {
+			if (ld->config.keypass)
+				errx(EXITCODE_HSM_BAD_PASSWORD, "Wrong password for encrypted hsm_secret.");
+			errx(EXITCODE_HSM_GENERIC_ERROR, "HSM did not give init reply");
+		}
+		if (!pubkey_from_der(pubkey32, sizeof(pubkey32),
+				     &ld->bolt12_base))
+			errx(EXITCODE_HSM_GENERIC_ERROR,
+			     "HSM gave invalid v1 bolt12_base");
 	}

 	return bip32_base;
--- a/lightningd/lightningd.h
+++ b/lightningd/lightningd.h
@@ -122,7 +122,7 @@ struct lightningd {
 	struct node_id id;

 	/* The public base for our payer_id keys */
-	struct point32 bolt12_base;
+	struct pubkey bolt12_base;

 	/* The secret we put in onion message paths to know it's ours. */
 	struct secret onion_reply_secret;
--- a/lightningd/offer.c
+++ b/lightningd/offer.c
@@ -78,7 +78,7 @@ static void hsm_sign_b12(struct lightningd *ld,
 	if (!check_schnorr_sig(&sighash, &key->pubkey, sig))
 		fatal("HSM gave bad signature %s for pubkey %s",
 		      type_to_string(tmpctx, struct bip340sig, sig),
-		      type_to_string(tmpctx, struct point32, key));
+		      type_to_string(tmpctx, struct pubkey, (struct pubkey *)key));
 }

 static struct command_result *json_createoffer(struct command *cmd,