lightningd: pass the hsm_secret encryption key in hsm_init

hsmd/hsm_wire.csv

@@ -10,6 +10,7 @@ msgdata,hsmstatus_client_bad_request,msg,u8,len
 msgtype,hsm_init,11
 msgdata,hsm_init,bip32_key_version,bip32_key_version,
 msgdata,hsm_init,chainparams,chainparams,
+msgdata,hsm_init,hsm_encryption_key,?secret,
 msgdata,hsm_init,dev_force_privkey,?privkey,
 msgdata,hsm_init,dev_force_bip32_seed,?secret,
 msgdata,hsm_init,dev_force_channel_secrets,?secrets,

hsmd/hsmd.c

@@ -580,6 +580,7 @@ static struct io_plan *init_hsm(struct io_conn *conn,
 	struct secret *seed;
 	struct secrets *secrets;
 	struct sha256 *shaseed;
+	struct secret *hsm_encryption_key;
 
 	/* This must be lightningd. */
 	assert(is_lightningd(c));
@@ -589,7 +590,7 @@ static struct io_plan *init_hsm(struct io_conn *conn,
 	 * an extension of the simple comma-separated format output by the
 	 * BOLT tools/extract-formats.py tool. */
 	if (!fromwire_hsm_init(NULL, msg_in, &bip32_key_version, &chainparams,
-			       &privkey, &seed, &secrets, &shaseed))
+	                       &hsm_encryption_key, &privkey, &seed, &secrets, &shaseed))
 		return bad_req(conn, c, msg_in);
 
 #if DEVELOPER

lightningd/hsm_control.c

@@ -96,6 +96,7 @@ void hsm_init(struct lightningd *ld)
 	if (!wire_sync_write(ld->hsm_fd, towire_hsm_init(tmpctx,
 							 &ld->topology->bitcoind->chainparams->bip32_key_version,
 							 chainparams,
+							 ld->config.keypass,
 							 IFDEV(ld->dev_force_privkey, NULL),
 							 IFDEV(ld->dev_force_bip32_seed, NULL),
 							 IFDEV(ld->dev_force_channel_secrets, NULL),