aljaz/lightning
1
0
Fork 0
mirror of https://github.com/aljazceru/lightning.git synced 2026-01-26 17:24:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

hsmd: add support for lightningd signing onchain txs.

Browse Source 
We previously used WIRE_HSMD_SIGN_DELAYED_PAYMENT_TO_US,
WIRE_HSMD_SIGN_REMOTE_HTLC_TO_US, WIRE_HSMD_SIGN_PENALTY_TO_US and
WIRE_HSMD_SIGN_LOCAL_HTLC_TX which allow onchaind to sign txs,
but only for its specific channel.

We now want lightningd to sign these, but it's not bound to a specific
channel.  So let's add variants that don't require that.

We are also now explicit about *what input* to sign.  It's always zero
for now, but future combinations may change that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell
2023-04-06 09:02:48 +09:30
parent 45193db7ea
commit 87264540c3
4 changed files with 279 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
common/hsm_version.h
View File

@@ -12,6 +12,7 @@
* v3 without v1: 3f813898f7de490e9126ab817e1c9a29af79c0413d5e37068acedce3ea7b5429
* v4: 41a730986c51b930e2d8d12b3169d24966c2004e08d424bdda310edbbde5ba70
* v4 with check_pubkey: 48b3992745aa3c6ab6ce5cdaee9082cb7d70017f523d322015e9710bf49fd193
* v4 with sign_any_penalty_to_us: ead7963185194a515d1f14d2c44401392575299d68ce9a13d8a12baff3cf4f35
*/
#define HSM_MIN_VERSION 3
#define HSM_MAX_VERSION 4

4
hsmd/hsmd.c
View File

@@ -681,6 +681,10 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
case WIRE_HSMD_SIGN_REMOTE_HTLC_TO_US:
case WIRE_HSMD_SIGN_DELAYED_PAYMENT_TO_US:
case WIRE_HSMD_CHECK_PUBKEY:
case WIRE_HSMD_SIGN_ANY_PENALTY_TO_US:
case WIRE_HSMD_SIGN_ANY_DELAYED_PAYMENT_TO_US:
case WIRE_HSMD_SIGN_ANY_REMOTE_HTLC_TO_US:
case WIRE_HSMD_SIGN_ANY_LOCAL_HTLC_TX:
/* Hand off to libhsmd for processing */
return req_reply(conn, c,
take(hsmd_handle_client_message(

40
hsmd/hsmd_wire.csv
View File

@@ -196,7 +196,6 @@ msgtype,hsmd_validate_revocation_reply,136
# Onchaind asks HSM to sign a spend to-us. Four variants, since each set
# of keys is derived differently...
# FIXME: Have master tell hsmd the keyindex, so it can validate output!
msgtype,hsmd_sign_delayed_payment_to_us,12
msgdata,hsmd_sign_delayed_payment_to_us,commit_num,u64,
msgdata,hsmd_sign_delayed_payment_to_us,tx,bitcoin_tx,
@@ -332,3 +331,42 @@ msgdata,hsmd_check_pubkey,pubkey,pubkey,
# Reply
msgtype,hsmd_check_pubkey_reply,128
msgdata,hsmd_check_pubkey_reply,ok,bool,
# These are where lightningd asks for signatures on onchaind's behalf.
msgtype,hsmd_sign_any_delayed_payment_to_us,142
msgdata,hsmd_sign_any_delayed_payment_to_us,commit_num,u64,
msgdata,hsmd_sign_any_delayed_payment_to_us,tx,bitcoin_tx,
msgdata,hsmd_sign_any_delayed_payment_to_us,wscript_len,u16,
msgdata,hsmd_sign_any_delayed_payment_to_us,wscript,u8,wscript_len
msgdata,hsmd_sign_any_delayed_payment_to_us,input,u32,
msgdata,hsmd_sign_any_delayed_payment_to_us,peerid,node_id,
msgdata,hsmd_sign_any_delayed_payment_to_us,channel_dbid,u64,
msgtype,hsmd_sign_any_remote_htlc_to_us,143
msgdata,hsmd_sign_any_remote_htlc_to_us,remote_per_commitment_point,pubkey,
msgdata,hsmd_sign_any_remote_htlc_to_us,tx,bitcoin_tx,
msgdata,hsmd_sign_any_remote_htlc_to_us,wscript_len,u16,
msgdata,hsmd_sign_any_remote_htlc_to_us,wscript,u8,wscript_len
msgdata,hsmd_sign_any_remote_htlc_to_us,option_anchor_outputs,bool,
msgdata,hsmd_sign_any_remote_htlc_to_us,input,u32,
msgdata,hsmd_sign_any_remote_htlc_to_us,peerid,node_id,
msgdata,hsmd_sign_any_remote_htlc_to_us,channel_dbid,u64,
msgtype,hsmd_sign_any_penalty_to_us,144
msgdata,hsmd_sign_any_penalty_to_us,revocation_secret,secret,
msgdata,hsmd_sign_any_penalty_to_us,tx,bitcoin_tx,
msgdata,hsmd_sign_any_penalty_to_us,wscript_len,u16,
msgdata,hsmd_sign_any_penalty_to_us,wscript,u8,wscript_len
msgdata,hsmd_sign_any_penalty_to_us,input,u32,
msgdata,hsmd_sign_any_penalty_to_us,peerid,node_id,
msgdata,hsmd_sign_any_penalty_to_us,channel_dbid,u64,
msgtype,hsmd_sign_any_local_htlc_tx,146
msgdata,hsmd_sign_any_local_htlc_tx,commit_num,u64,
msgdata,hsmd_sign_any_local_htlc_tx,tx,bitcoin_tx,
msgdata,hsmd_sign_any_local_htlc_tx,wscript_len,u16,
msgdata,hsmd_sign_any_local_htlc_tx,wscript,u8,wscript_len
msgdata,hsmd_sign_any_local_htlc_tx,option_anchor_outputs,bool,
msgdata,hsmd_sign_any_local_htlc_tx,input,u32,
msgdata,hsmd_sign_any_local_htlc_tx,peerid,node_id,
msgdata,hsmd_sign_any_local_htlc_tx,channel_dbid,u64,
1 # Clients should not give a bad request but not the HSM's decision to crash.
196 msgdata,hsmd_sign_remote_commitment_tx,commit_num,u64, msgdata,hsmd_sign_remote_commitment_tx,num_htlcs,u16,
197 msgdata,hsmd_sign_remote_commitment_tx,num_htlcs,u16, msgdata,hsmd_sign_remote_commitment_tx,htlcs,simple_htlc,num_htlcs
198 msgdata,hsmd_sign_remote_commitment_tx,htlcs,simple_htlc,num_htlcs msgdata,hsmd_sign_remote_commitment_tx,feerate,u32,
msgdata,hsmd_sign_remote_commitment_tx,feerate,u32,
199 # channeld asks HSM to sign remote HTLC tx.
200 msgtype,hsmd_sign_remote_htlc_tx,20
201 msgdata,hsmd_sign_remote_htlc_tx,tx,bitcoin_tx,
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372

288
hsmd/libhsmd.c
View File

@@ -124,6 +124,10 @@ bool hsmd_check_client_capabilities(struct hsmd_client *client,
case WIRE_HSMD_PREAPPROVE_KEYSEND:
case WIRE_HSMD_DERIVE_SECRET:
case WIRE_HSMD_CHECK_PUBKEY:
case WIRE_HSMD_SIGN_ANY_PENALTY_TO_US:
case WIRE_HSMD_SIGN_ANY_DELAYED_PAYMENT_TO_US:
case WIRE_HSMD_SIGN_ANY_REMOTE_HTLC_TO_US:
case WIRE_HSMD_SIGN_ANY_LOCAL_HTLC_TX:
return (client->capabilities & HSM_CAP_MASTER) != 0;
/*~ These are messages sent by the HSM so we should never receive them. */
@@ -516,6 +520,7 @@ static void sign_our_inputs(struct utxo **utxos, struct wally_psbt *psbt)
* sends funds to our internal wallet. */
/* FIXME: Derive output address for this client, and check it here! */
static u8 *handle_sign_to_us_tx(struct hsmd_client *c, const u8 *msg_in,
u32 input_num,
struct bitcoin_tx *tx,
const struct privkey *privkey,
const u8 *wscript,
@@ -524,6 +529,11 @@ static u8 *handle_sign_to_us_tx(struct hsmd_client *c, const u8 *msg_in,
struct bitcoin_signature sig;
struct pubkey pubkey;
if (input_num >= tx->wtx->num_inputs)
return hsmd_status_bad_request_fmt(c, msg_in,
"bad input %u of %zu",
input_num, tx->wtx->num_inputs);
if (!pubkey_from_privkey(privkey, &pubkey))
return hsmd_status_bad_request(c, msg_in,
"bad pubkey_from_privkey");
@@ -1146,29 +1156,37 @@ static u8 *handle_sign_mutual_close_tx(struct hsmd_client *c, const u8 *msg_in)
return towire_hsmd_sign_tx_reply(NULL, &sig);
}
/*~ This is used when a commitment transaction is onchain, and has an HTLC
* output paying to them, which has timed out; this signs that transaction,
* which lightningd will broadcast to collect the funds. */
static u8 *handle_sign_local_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
/*~ Originally, onchaind would ask for hsmd to sign txs directly, and then
* tell lightningd to broadcast it. With "bring-your-own-fees" HTLCs, this
* changed, since we need to find a UTXO to attach to the transaction,
* so now lightningd takes care of it all.
*
* The interfaces are very similar, so we have core functions that both
* variants call after unwrapping the message. */
static u8 *do_sign_local_htlc_tx(struct hsmd_client *c,
const u8 *msg_in,
u32 input_num,
const struct node_id *peerid,
u64 channel_dbid,
u64 commit_num,
struct bitcoin_tx *tx,
const u8 *wscript,
bool option_anchor_outputs)
{
u64 commit_num;
struct secret channel_seed, htlc_basepoint_secret;
struct sha256 shaseed;
struct pubkey per_commitment_point, htlc_basepoint;
struct bitcoin_tx *tx;
u8 *wscript;
struct bitcoin_signature sig;
struct privkey htlc_privkey;
struct pubkey htlc_pubkey;
bool option_anchor_outputs;
if (!fromwire_hsmd_sign_local_htlc_tx(tmpctx, msg_in,
&commit_num, &tx, &wscript,
&option_anchor_outputs))
return hsmd_status_malformed_request(c, msg_in);
if (input_num >= tx->wtx->num_inputs)
return hsmd_status_bad_request_fmt(c, msg_in,
"bad input %u of %zu",
input_num, tx->wtx->num_inputs);
tx->chainparams = c->chainparams;
get_channel_seed(&c->id, c->dbid, &channel_seed);
get_channel_seed(peerid, channel_dbid, &channel_seed);
if (!derive_shaseed(&channel_seed, &shaseed))
return hsmd_status_bad_request_fmt(c, msg_in,
@@ -1207,7 +1225,7 @@ static u8 *handle_sign_local_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
* * if `option_anchors` applies to this commitment transaction,
* `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used as described in [BOLT #5]
*/
sign_tx_input(tx, 0, NULL, wscript, &htlc_privkey, &htlc_pubkey,
sign_tx_input(tx, input_num, NULL, wscript, &htlc_privkey, &htlc_pubkey,
option_anchor_outputs
? (SIGHASH_SINGLE|SIGHASH_ANYONECANPAY)
: SIGHASH_ALL,
@@ -1216,6 +1234,46 @@ static u8 *handle_sign_local_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
return towire_hsmd_sign_tx_reply(NULL, &sig);
}
/*~ Called from onchaind (deprecated) */
static u8 *handle_sign_local_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
{
u64 commit_num;
struct bitcoin_tx *tx;
u8 *wscript;
bool option_anchor_outputs;
if (!fromwire_hsmd_sign_local_htlc_tx(tmpctx, msg_in,
&commit_num, &tx, &wscript,
&option_anchor_outputs))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_local_htlc_tx(c, msg_in, 0, &c->id, c->dbid,
commit_num, tx, wscript,
option_anchor_outputs);
}
/*~ This is the same function, but lightningd calling it */
static u8 *handle_sign_any_local_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
{
u64 commit_num;
struct bitcoin_tx *tx;
u8 *wscript;
bool option_anchor_outputs;
struct node_id peer_id;
u32 input_num;
u64 dbid;
if (!fromwire_hsmd_sign_any_local_htlc_tx(tmpctx, msg_in,
&commit_num, &tx, &wscript,
&option_anchor_outputs,
&input_num, &peer_id, &dbid))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_local_htlc_tx(c, msg_in, input_num, &peer_id, dbid,
commit_num, tx, wscript,
option_anchor_outputs);
}
/*~ This is used by channeld to create signatures for the remote peer's
* HTLC transactions. */
static u8 *handle_sign_remote_htlc_tx(struct hsmd_client *c, const u8 *msg_in)
@@ -1328,26 +1386,27 @@ static u8 *handle_sign_remote_commitment_tx(struct hsmd_client *c, const u8 *msg
/*~ This is used when the remote peer's commitment transaction is revoked;
* we can use the revocation secret to spend the outputs. For simplicity,
* we do them one at a time, though. */
static u8 *handle_sign_penalty_to_us(struct hsmd_client *c, const u8 *msg_in)
static u8 *do_sign_penalty_to_us(struct hsmd_client *c,
const u8 *msg_in,
u32 input_num,
const struct node_id *peerid,
u64 channel_dbid,
const struct secret *revocation_secret,
struct bitcoin_tx *tx,
const u8 *wscript)
{
struct secret channel_seed, revocation_secret, revocation_basepoint_secret;
struct secret channel_seed, revocation_basepoint_secret;
struct pubkey revocation_basepoint;
struct bitcoin_tx *tx;
struct pubkey point;
struct privkey privkey;
u8 *wscript;
if (!fromwire_hsmd_sign_penalty_to_us(tmpctx, msg_in,
&revocation_secret,
&tx, &wscript))
return hsmd_status_malformed_request(c, msg_in);
tx->chainparams = c->chainparams;
if (!pubkey_from_secret(&revocation_secret, &point))
if (!pubkey_from_secret(revocation_secret, &point))
return hsmd_status_bad_request_fmt(c, msg_in,
"Failed deriving pubkey");
get_channel_seed(&c->id, c->dbid, &channel_seed);
get_channel_seed(peerid, channel_dbid, &channel_seed);
if (!derive_revocation_basepoint(&channel_seed,
&revocation_basepoint,
&revocation_basepoint_secret))
@@ -1355,17 +1414,53 @@ static u8 *handle_sign_penalty_to_us(struct hsmd_client *c, const u8 *msg_in)
c, msg_in, "Failed deriving revocation basepoint");
if (!derive_revocation_privkey(&revocation_basepoint_secret,
&revocation_secret,
revocation_secret,
&revocation_basepoint,
&point,
&privkey))
return hsmd_status_bad_request_fmt(
c, msg_in, "Failed deriving revocation privkey");
return handle_sign_to_us_tx(c, msg_in, tx, &privkey, wscript,
return handle_sign_to_us_tx(c, msg_in, input_num, tx, &privkey, wscript,
SIGHASH_ALL);
}
/*~ Called from onchaind (deprecated) */
static u8 *handle_sign_penalty_to_us(struct hsmd_client *c, const u8 *msg_in)
{
struct secret revocation_secret;
struct bitcoin_tx *tx;
u8 *wscript;
if (!fromwire_hsmd_sign_penalty_to_us(tmpctx, msg_in,
&revocation_secret,
&tx, &wscript))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_penalty_to_us(c, msg_in, 0, &c->id, c->dbid,
&revocation_secret, tx, wscript);
}
/*~ Called from lightningd */
static u8 *handle_sign_any_penalty_to_us(struct hsmd_client *c, const u8 *msg_in)
{
struct secret revocation_secret;
struct bitcoin_tx *tx;
u8 *wscript;
struct node_id peer_id;
u64 dbid;
u32 input_num;
if (!fromwire_hsmd_sign_any_penalty_to_us(tmpctx, msg_in,
&revocation_secret,
&tx, &wscript,
&input_num, &peer_id, &dbid))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_penalty_to_us(c, msg_in, input_num, &peer_id, dbid,
&revocation_secret, tx, wscript);
}
/*~ This is another lightningd-only interface; signing a commit transaction.
* This is dangerous, since if we sign a revoked commitment tx we'll lose
* funds, thus it's only available to lightningd.
@@ -1492,24 +1587,22 @@ static u8 *handle_validate_revocation(struct hsmd_client *c, const u8 *msg_in)
/*~ This is used when a commitment transaction is onchain, and has an HTLC
* output paying to us (because we have the preimage); this signs that
* transaction, which lightningd will broadcast to collect the funds. */
static u8 *handle_sign_remote_htlc_to_us(struct hsmd_client *c,
const u8 *msg_in)
static u8 *do_sign_remote_htlc_to_us(struct hsmd_client *c,
const u8 *msg_in,
u32 input_num,
const struct node_id *peerid,
u64 channel_dbid,
const struct pubkey *remote_per_commitment_point,
struct bitcoin_tx *tx,
const u8 *wscript,
bool option_anchor_outputs)
{
struct secret channel_seed, htlc_basepoint_secret;
struct pubkey htlc_basepoint;
struct bitcoin_tx *tx;
struct pubkey remote_per_commitment_point;
struct privkey privkey;
u8 *wscript;
bool option_anchor_outputs;
if (!fromwire_hsmd_sign_remote_htlc_to_us(
tmpctx, msg_in, &remote_per_commitment_point, &tx, &wscript,
&option_anchor_outputs))
return hsmd_status_malformed_request(c, msg_in);
tx->chainparams = c->chainparams;
get_channel_seed(&c->id, c->dbid, &channel_seed);
get_channel_seed(peerid, channel_dbid, &channel_seed);
if (!derive_htlc_basepoint(&channel_seed, &htlc_basepoint,
&htlc_basepoint_secret))
@@ -1518,7 +1611,7 @@ static u8 *handle_sign_remote_htlc_to_us(struct hsmd_client *c,
if (!derive_simple_privkey(&htlc_basepoint_secret,
&htlc_basepoint,
&remote_per_commitment_point,
remote_per_commitment_point,
&privkey))
return hsmd_status_bad_request(c, msg_in,
"Failed deriving htlc privkey");
@@ -1530,34 +1623,75 @@ static u8 *handle_sign_remote_htlc_to_us(struct hsmd_client *c,
* `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used as described in [BOLT #5]
*/
return handle_sign_to_us_tx(
c, msg_in, tx, &privkey, wscript,
c, msg_in, input_num, tx, &privkey, wscript,
option_anchor_outputs ? (SIGHASH_SINGLE | SIGHASH_ANYONECANPAY)
: SIGHASH_ALL);
}
/*~ When called by onchaind */
static u8 *handle_sign_remote_htlc_to_us(struct hsmd_client *c,
const u8 *msg_in)
{
struct pubkey remote_per_commitment_point;
struct bitcoin_tx *tx;
u8 *wscript;
bool option_anchor_outputs;
if (!fromwire_hsmd_sign_remote_htlc_to_us(
tmpctx, msg_in, &remote_per_commitment_point, &tx, &wscript,
&option_anchor_outputs))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_remote_htlc_to_us(c, msg_in, 0, &c->id, c->dbid,
&remote_per_commitment_point,
tx, wscript,
option_anchor_outputs);
}
/*~ When called by lightningd */
static u8 *handle_sign_any_remote_htlc_to_us(struct hsmd_client *c,
const u8 *msg_in)
{
struct pubkey remote_per_commitment_point;
struct bitcoin_tx *tx;
u8 *wscript;
bool option_anchor_outputs;
struct node_id peer_id;
u64 dbid;
u32 input_num;
if (!fromwire_hsmd_sign_any_remote_htlc_to_us(
tmpctx, msg_in, &remote_per_commitment_point, &tx, &wscript,
&option_anchor_outputs, &input_num, &peer_id, &dbid))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_remote_htlc_to_us(c, msg_in, input_num, &peer_id, dbid,
&remote_per_commitment_point,
tx, wscript,
option_anchor_outputs);
}
/*~ When we send a commitment transaction onchain (unilateral close), there's
* a delay before we can spend it. onchaind does an explicit transaction to
* transfer it to the wallet so that doesn't need to remember how to spend
* this complex transaction. */
static u8 *handle_sign_delayed_payment_to_us(struct hsmd_client *c,
const u8 *msg_in)
static u8 *do_sign_delayed_payment_to_us(struct hsmd_client *c,
const u8 *msg_in,
u32 input_num,
const struct node_id *peerid,
u64 channel_dbid,
u64 commit_num,
struct bitcoin_tx *tx,
const u8 *wscript)
{
u64 commit_num;
struct secret channel_seed, basepoint_secret;
struct pubkey basepoint;
struct bitcoin_tx *tx;
struct sha256 shaseed;
struct pubkey per_commitment_point;
struct privkey privkey;
u8 *wscript;
/*~ We don't derive the wscript ourselves, but perhaps we should? */
if (!fromwire_hsmd_sign_delayed_payment_to_us(tmpctx, msg_in,
&commit_num,
&tx, &wscript))
return hsmd_status_malformed_request(c, msg_in);
tx->chainparams = c->chainparams;
get_channel_seed(&c->id, c->dbid, &channel_seed);
get_channel_seed(peerid, channel_dbid, &channel_seed);
/*~ ccan/crypto/shachain how we efficiently derive 2^48 ordered
* preimages from a single seed; the twist is that as the preimages
@@ -1587,10 +1721,50 @@ static u8 *handle_sign_delayed_payment_to_us(struct hsmd_client *c,
return hsmd_status_bad_request(c, msg_in,
"failed deriving privkey");
return handle_sign_to_us_tx(c, msg_in, tx, &privkey, wscript,
return handle_sign_to_us_tx(c, msg_in, input_num, tx, &privkey, wscript,
SIGHASH_ALL);
}
/*~ When called by onchaind */
static u8 *handle_sign_delayed_payment_to_us(struct hsmd_client *c,
const u8 *msg_in)
{
u64 commit_num;
struct bitcoin_tx *tx;
u8 *wscript;
/*~ We don't derive the wscript ourselves, but perhaps we should? */
if (!fromwire_hsmd_sign_delayed_payment_to_us(tmpctx, msg_in,
&commit_num,
&tx, &wscript))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_delayed_payment_to_us(c, msg_in, 0, &c->id, c->dbid,
commit_num, tx, wscript);
}
/*~ When called by lightningd */
static u8 *handle_sign_any_delayed_payment_to_us(struct hsmd_client *c,
const u8 *msg_in)
{
u64 commit_num;
struct bitcoin_tx *tx;
u8 *wscript;
struct node_id peer_id;
u64 dbid;
u32 input_num;
/*~ We don't derive the wscript ourselves, but perhaps we should? */
if (!fromwire_hsmd_sign_any_delayed_payment_to_us(tmpctx, msg_in,
&commit_num,
&tx, &wscript,
&input_num, &peer_id, &dbid))
return hsmd_status_malformed_request(c, msg_in);
return do_sign_delayed_payment_to_us(c, msg_in, input_num, &peer_id, dbid,
commit_num, tx, wscript);
}
u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
const u8 *msg)
{
@@ -1682,6 +1856,14 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
return handle_derive_secret(client, msg);
case WIRE_HSMD_CHECK_PUBKEY:
return handle_check_pubkey(client, msg);
case WIRE_HSMD_SIGN_ANY_DELAYED_PAYMENT_TO_US:
return handle_sign_any_delayed_payment_to_us(client, msg);
case WIRE_HSMD_SIGN_ANY_REMOTE_HTLC_TO_US:
return handle_sign_any_remote_htlc_to_us(client, msg);
case WIRE_HSMD_SIGN_ANY_LOCAL_HTLC_TX:
return handle_sign_any_local_htlc_tx(client, msg);
case WIRE_HSMD_SIGN_ANY_PENALTY_TO_US:
return handle_sign_any_penalty_to_us(client, msg);
case WIRE_HSMD_DEV_MEMLEAK:
case WIRE_HSMD_ECDH_RESP:
@@ -1725,7 +1907,7 @@ u8 *hsmd_init(struct secret hsm_secret,
u32 salt = 0;
struct ext_key master_extkey, child_extkey;
struct node_id node_id;
static const u32 capabilities[] = { WIRE_HSMD_CHECK_PUBKEY };
static const u32 capabilities[] = { WIRE_HSMD_CHECK_PUBKEY, WIRE_HSMD_SIGN_ANY_DELAYED_PAYMENT_TO_US };
/*~ Don't swap this. */
sodium_mlock(secretstuff.hsm_secret.data,