lightningd: remove getsharedsecret.

This was introduced to allow creating a shared secret, but it's better to use makesecret which creates unique secrets. getsharedsecret being a generic ECDH function allows the caller to initiate conversations as if it was us; this is generally OK, since we don't allow untrusted API access, but the commando plugin had to blacklist this for read-only runes explicitly. Since @ZmnSCPxj never ended up using this after introducing it, simply remove it. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Changelog-Removed: JSONRPC: `getsharedsecret` API: use `makesecret`
2025-12-22 08:34:20 +01:00 · 2022-07-15 14:00:48 +09:30
parent c34a0a22ad
commit 9685c1adaf
8 changed files with 0 additions and 180 deletions
--- a/tests/test_misc.py
+++ b/tests/test_misc.py
@@ -2245,32 +2245,6 @@ def test_sendcustommsg(node_factory):
    ])


-@pytest.mark.developer("needs --dev-force-privkey")
-def test_getsharedsecret(node_factory):
-    """
-    Test getsharedsecret command.
-    """
-    # From BOLT 8 test vectors.
-    options = [
-        {"dev-force-privkey": "1212121212121212121212121212121212121212121212121212121212121212"},
-        {}
-    ]
-    l1, l2 = node_factory.get_nodes(2, opts=options)
-
-    # Check BOLT 8 test vectors.
-    shared_secret = l1.rpc.getsharedsecret("028d7500dd4c12685d1f568b4c2b5048e8534b873319f3a8daa612b469132ec7f7")['shared_secret']
-    assert (shared_secret == "1e2fb3c8fe8fb9f262f649f64d26ecf0f2c0a805a767cf02dc2d77a6ef1fdcc3")
-
-    # Clear the forced privkey of l1.
-    del l1.daemon.opts["dev-force-privkey"]
-    l1.restart()
-
-    # l1 and l2 can generate the same shared secret
-    # knowing only the public key of the other.
-    assert (l1.rpc.getsharedsecret(l2.info["id"])["shared_secret"]
-            == l2.rpc.getsharedsecret(l1.info["id"])["shared_secret"])
-
-
@pytest.mark.developer("needs --dev-force-privkey")
 def test_makesecret(node_factory):
    """