Struct KeysManager

pub struct KeysManager { /* private fields */ }

Simple implementation of EntropySource, NodeSigner, and SignerProvider that takes a 32-byte seed for use as a BIP 32 extended key and derives keys from that.

Your node_id is seed/0’. Unilateral closes may use seed/1’. Cooperative closes may use seed/2’. The two close keys may be needed to claim on-chain funds!

This struct cannot be used for nodes that wish to support receiving phantom payments; PhantomKeysManager must be used instead.

Note that switching between this struct and PhantomKeysManager will invalidate any previously issued invoices and attempts to pay previous invoices will fail.

Implementations

impl KeysManager

pub fn new( seed: &[u8; 32], starting_time_secs: u64, starting_time_nanos: u32, v2_remote_key_derivation: bool, ) -> Self

Constructs a KeysManager from a 32-byte seed. If the seed is in some way biased (e.g., your CSRNG is busted) this may panic (but more importantly, you will possibly lose funds). starting_time isn’t strictly required to actually be a time, but it must absolutely, without a doubt, be unique to this instance. ie if you start multiple times with the same seed, starting_time must be unique to each run. Thus, the easiest way to achieve this is to simply use the current time (with very high precision).

The seed MUST be backed up safely prior to use so that the keys can be re-created, however, obviously, starting_time should be unique every time you reload the library - it is only used to generate new ephemeral key data (which will be stored by the individual channel if necessary).

Note that the seed is required to recover certain on-chain funds independent of ChannelMonitor data, though a current copy of ChannelMonitor data is also required for any channel, and some on-chain during-closing funds.

If v2_remote_key_derivation is set, the script_pubkeys which receive funds on-chain when our counterparty force-closes will be one of a static set of STATIC_PAYMENT_KEY_COUNT*2 possible script_pubkeys. This only applies to new or spliced channels, however if this is set you MUST NOT downgrade to a version of LDK prior to 0.2.

pub fn get_node_secret_key(&self) -> SecretKey

Gets the “node_id” secret key used to sign gossip announcements, decode onion data, etc.

pub fn possible_v2_counterparty_closed_balance_spks<C: Signing>( &self, secp_ctx: &Secp256k1<C>, ) -> Vec<ScriptBuf>

Gets the set of possible script_pubkeys which can appear on chain for our non-HTLC-encumbered balance if our counterparty force-closes a channel.

If you’ve lost all data except your seed, asking your peers nicely to force-close the chanels they had with you (and hoping they don’t broadcast a stale state and that there are no pending HTLCs in the latest state) and scanning the chain for these script_pubkeys can allow you to recover (some of) your funds.

Only channels opened when using a KeysManager with the v2_remote_key_derivation argument to KeysManager::new set, or any spliced channels will close to such scripts, other channels will close to a randomly-generated script_pubkey.

pub fn derive_channel_keys(&self, params: &[u8; 32]) -> InMemorySigner

Derive an old EcdsaChannelSigner containing per-channel secrets based on a key derivation parameters.

pub fn sign_spendable_outputs_psbt<C: Signing>( &self, descriptors: &[&SpendableOutputDescriptor], psbt: Psbt, secp_ctx: &Secp256k1<C>, ) -> Result<Psbt, ()>

Signs the given Psbt which spends the given SpendableOutputDescriptors. The resulting inputs will be finalized and the PSBT will be ready for broadcast if there are no other inputs that need signing.

Returns Err(()) if the PSBT is missing a descriptor or if we fail to sign.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

Trait Implementations

impl EntropySource for KeysManager

fn get_secure_random_bytes(&self) -> [u8; 32]

Gets a unique, cryptographically-secure, random 32-byte value. This method must return a different value each time it is called.

impl NodeSigner for KeysManager

fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()>

Get node id based on the provided Recipient.

fn ecdh( &self, recipient: Recipient, other_key: &PublicKey, tweak: Option<&Scalar>, ) -> Result<SharedSecret, ()>

Gets the ECDH shared secret of our node secret and other_key, multiplying by tweak if one is provided. Note that this tweak can be applied to other_key instead of our node secret, though this is less efficient.

fn get_expanded_key(&self) -> ExpandedKey

Get the ExpandedKey which provides cryptographic material for various Lightning Network operations.

fn get_peer_storage_key(&self) -> PeerStorageKey

Defines a method to derive a 32-byte encryption key for peer storage.

fn get_receive_auth_key(&self) -> ReceiveAuthKey

Returns the ReceiveAuthKey used to authenticate incoming BlindedMessagePath contexts.

fn sign_invoice( &self, invoice: &RawBolt11Invoice, recipient: Recipient, ) -> Result<RecoverableSignature, ()>

Sign an invoice.

fn sign_bolt12_invoice( &self, invoice: &UnsignedBolt12Invoice, ) -> Result<Signature, ()>

Signs the TaggedHash of a BOLT 12 invoice.

fn sign_gossip_message( &self, msg: UnsignedGossipMessage<'_>, ) -> Result<Signature, ()>

Sign a gossip message.

fn sign_message(&self, msg: &[u8]) -> Result<String, ()>

Sign an arbitrary message with the node’s secret key.

impl OutputSpender for KeysManager

fn spend_spendable_outputs( &self, descriptors: &[&SpendableOutputDescriptor], outputs: Vec<TxOut>, change_destination_script: ScriptBuf, feerate_sat_per_1000_weight: u32, locktime: Option<LockTime>, secp_ctx: &Secp256k1<All>, ) -> Result<Transaction, ()>

Creates a Transaction which spends the given descriptors to the given outputs, plus an output to the given change destination (if sufficient change value remains).

See OutputSpender::spend_spendable_outputs documentation for more information.

We do not enforce that outputs meet the dust limit or that any output scripts are standard.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

impl SignerProvider for KeysManager

type EcdsaSigner = InMemorySigner

A type which implements EcdsaChannelSigner which will be returned by Self::derive_channel_signer.

fn generate_channel_keys_id( &self, _inbound: bool, user_channel_id: u128, ) -> [u8; 32]

Generates a unique channel_keys_id that can be used to obtain a Self::EcdsaSigner through SignerProvider::derive_channel_signer. The user_channel_id is provided to allow implementations of SignerProvider to maintain a mapping between itself and the generated channel_keys_id.

fn derive_channel_signer(&self, channel_keys_id: [u8; 32]) -> Self::EcdsaSigner

Derives the private key material backing a Signer.

fn get_destination_script( &self, _channel_keys_id: [u8; 32], ) -> Result<ScriptBuf, ()>

Get a script pubkey which we send funds to when claiming on-chain contestable outputs.

fn get_shutdown_scriptpubkey(&self) -> Result<ShutdownScript, ()>

Get a script pubkey which we will send funds to when closing a channel.