hsmd: add hsmd_preapprove_keysend and check_preapprovekeysend pay modifier

Changelog-added: hsmd: A new message `hsmd_preapprove_keysend` is added.
Changelog-added: JSON-RPC: A new command `preapprovekeysend` is added.

hsmd/hsmd.c

@@ -669,6 +669,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_SIGN_OPTION_WILL_FUND_OFFER:
 	case WIRE_HSMD_SIGN_BOLT12:
 	case WIRE_HSMD_PREAPPROVE_INVOICE:
+	case WIRE_HSMD_PREAPPROVE_KEYSEND:
 	case WIRE_HSMD_ECDH_REQ:
 	case WIRE_HSMD_CHECK_FUTURE_SECRET:
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY:
@@ -710,6 +711,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY_REPLY:
 	case WIRE_HSMD_SIGN_BOLT12_REPLY:
 	case WIRE_HSMD_PREAPPROVE_INVOICE_REPLY:
+	case WIRE_HSMD_PREAPPROVE_KEYSEND_REPLY:
 		return bad_req_fmt(conn, c, c->msg_in,
 				   "Received an incoming message of type %s, "
 				   "which is not a request",

hsmd/hsmd_wire.csv

@@ -121,6 +121,16 @@ msgdata,hsmd_preapprove_invoice,invstring,wirestring,
 msgtype,hsmd_preapprove_invoice_reply,138
 msgdata,hsmd_preapprove_invoice_reply,approved,bool,
 
+# Preapprove a keysend payment
+msgtype,hsmd_preapprove_keysend,39
+msgdata,hsmd_preapprove_keysend,destination,node_id,
+msgdata,hsmd_preapprove_keysend,payment_hash,sha256,
+msgdata,hsmd_preapprove_keysend,amount_msat,amount_msat,
+
+# Result is true if approved, declined if false 
+msgtype,hsmd_preapprove_keysend_reply,139
+msgdata,hsmd_preapprove_keysend_reply,approved,bool,
+
 # Give me ECDH(node-id-secret,point)
 msgtype,hsmd_ecdh_req,1
 msgdata,hsmd_ecdh_req,point,pubkey,

hsmd/libhsmd.c

@@ -120,6 +120,7 @@ bool hsmd_check_client_capabilities(struct hsmd_client *client,
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY:
 	case WIRE_HSMD_SIGN_BOLT12:
 	case WIRE_HSMD_PREAPPROVE_INVOICE:
+	case WIRE_HSMD_PREAPPROVE_KEYSEND:
 	case WIRE_HSMD_DERIVE_SECRET:
 		return (client->capabilities & HSM_CAP_MASTER) != 0;
 
@@ -151,6 +152,7 @@ bool hsmd_check_client_capabilities(struct hsmd_client *client,
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY_REPLY:
 	case WIRE_HSMD_SIGN_BOLT12_REPLY:
 	case WIRE_HSMD_PREAPPROVE_INVOICE_REPLY:
+	case WIRE_HSMD_PREAPPROVE_KEYSEND_REPLY:
 	case WIRE_HSMD_DERIVE_SECRET_REPLY:
 		break;
 	}
@@ -677,6 +679,24 @@ static u8 *handle_preapprove_invoice(struct hsmd_client *c, const u8 *msg_in)
 	return towire_hsmd_preapprove_invoice_reply(NULL, approved);
 }
 
+/*~ lightningd asks us to approve a keysend payment. This stub implementation
+ * is overriden by fully validating signers that need to track keysend
+ * payments. */
+static u8 *handle_preapprove_keysend(struct hsmd_client *c, const u8 *msg_in)
+{
+	struct node_id destination;
+	struct sha256 payment_hash;
+	struct amount_msat amount_msat;
+	bool approved;
+	if (!fromwire_hsmd_preapprove_keysend(msg_in, &destination, &payment_hash, &amount_msat))
+		return hsmd_status_malformed_request(c, msg_in);
+
+	/* This stub always approves */
+	approved = true;
+
+	return towire_hsmd_preapprove_keysend_reply(NULL, approved);
+}
+
 /*~ Lightning invoices, defined by BOLT 11, are signed.  This has been
  * surprisingly controversial; it means a node needs to be online to create
  * invoices.  However, it seems clear to me that in a world without
@@ -1592,6 +1612,8 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
 		return handle_sign_bolt12(client, msg);
 	case WIRE_HSMD_PREAPPROVE_INVOICE:
 		return handle_preapprove_invoice(client, msg);
+	case WIRE_HSMD_PREAPPROVE_KEYSEND:
+		return handle_preapprove_keysend(client, msg);
 	case WIRE_HSMD_SIGN_MESSAGE:
 		return handle_sign_message(client, msg);
 	case WIRE_HSMD_GET_CHANNEL_BASEPOINTS:
@@ -1656,6 +1678,7 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY_REPLY:
 	case WIRE_HSMD_SIGN_BOLT12_REPLY:
 	case WIRE_HSMD_PREAPPROVE_INVOICE_REPLY:
+	case WIRE_HSMD_PREAPPROVE_KEYSEND_REPLY:
 		break;
 	}
 	return hsmd_status_bad_request(client, msg, "Unknown request");