Struct breez_sdk_liquid::lightning::sign::KeysManager

pub struct KeysManager { /* private fields */ }

Simple implementation of EntropySource, NodeSigner, and SignerProvider that takes a 32-byte seed for use as a BIP 32 extended key and derives keys from that.

Your node_id is seed/0’. Unilateral closes may use seed/1’. Cooperative closes may use seed/2’. The two close keys may be needed to claim on-chain funds!

This struct cannot be used for nodes that wish to support receiving phantom payments; PhantomKeysManager must be used instead.

Note that switching between this struct and PhantomKeysManager will invalidate any previously issued invoices and attempts to pay previous invoices will fail.

Implementations

impl KeysManager

pub fn new( seed: &[u8; 32], starting_time_secs: u64, starting_time_nanos: u32, ) -> KeysManager

Constructs a KeysManager from a 32-byte seed. If the seed is in some way biased (e.g., your CSRNG is busted) this may panic (but more importantly, you will possibly lose funds). starting_time isn’t strictly required to actually be a time, but it must absolutely, without a doubt, be unique to this instance. ie if you start multiple times with the same seed, starting_time must be unique to each run. Thus, the easiest way to achieve this is to simply use the current time (with very high precision).

The seed MUST be backed up safely prior to use so that the keys can be re-created, however, obviously, starting_time should be unique every time you reload the library - it is only used to generate new ephemeral key data (which will be stored by the individual channel if necessary).

Note that the seed is required to recover certain on-chain funds independent of ChannelMonitor data, though a current copy of ChannelMonitor data is also required for any channel, and some on-chain during-closing funds.

pub fn get_node_secret_key(&self) -> SecretKey

Gets the “node_id” secret key used to sign gossip announcements, decode onion data, etc.

pub fn derive_channel_keys( &self, channel_value_satoshis: u64, params: &[u8; 32], ) -> InMemorySigner

Derive an old WriteableEcdsaChannelSigner containing per-channel secrets based on a key derivation parameters.

pub fn sign_spendable_outputs_psbt<C>( &self, descriptors: &[&SpendableOutputDescriptor], psbt: PartiallySignedTransaction, secp_ctx: &Secp256k1<C>, ) -> Result<PartiallySignedTransaction, ()>

where C: Signing,

Signs the given PartiallySignedTransaction which spends the given SpendableOutputDescriptors. The resulting inputs will be finalized and the PSBT will be ready for broadcast if there are no other inputs that need signing.

Returns Err(()) if the PSBT is missing a descriptor or if we fail to sign.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

pub fn spend_spendable_outputs<C>( &self, descriptors: &[&SpendableOutputDescriptor], outputs: Vec<TxOut>, change_destination_script: Script, feerate_sat_per_1000_weight: u32, locktime: Option<PackedLockTime>, secp_ctx: &Secp256k1<C>, ) -> Result<Transaction, ()>

where C: Signing,

Creates a Transaction which spends the given descriptors to the given outputs, plus an output to the given change destination (if sufficient change value remains). The transaction will have a feerate, at least, of the given value.

The locktime argument is used to set the transaction’s locktime. If None, the transaction will have a locktime of 0. It it recommended to set this to the current block height to avoid fee sniping, unless you have some specific reason to use a different locktime.

Returns Err(()) if the output value is greater than the input value minus required fee, if a descriptor was duplicated, or if an output descriptor script_pubkey does not match the one we can spend.

We do not enforce that outputs meet the dust limit or that any output scripts are standard.

May panic if the SpendableOutputDescriptors were not generated by channels which used this KeysManager or one of the InMemorySigner created by this KeysManager.

Trait Implementations

impl EntropySource for KeysManager

fn get_secure_random_bytes(&self) -> [u8; 32]

Gets a unique, cryptographically-secure, random 32-byte value. This method must return a different value each time it is called.

impl NodeSigner for KeysManager

fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()>

Get node id based on the provided Recipient.

fn ecdh( &self, recipient: Recipient, other_key: &PublicKey, tweak: Option<&Scalar>, ) -> Result<SharedSecret, ()>

Gets the ECDH shared secret of our node secret and other_key, multiplying by tweak if one is provided. Note that this tweak can be applied to other_key instead of our node secret, though this is less efficient.

fn get_inbound_payment_key_material(&self) -> KeyMaterial

Get secret key material as bytes for use in encrypting and decrypting inbound payment data.

fn sign_invoice( &self, hrp_bytes: &[u8], invoice_data: &[u5], recipient: Recipient, ) -> Result<RecoverableSignature, ()>

Sign an invoice.

fn sign_bolt12_invoice_request( &self, invoice_request: &UnsignedInvoiceRequest, ) -> Result<Signature, ()>

Signs the TaggedHash of a BOLT 12 invoice request.

fn sign_bolt12_invoice( &self, invoice: &UnsignedBolt12Invoice, ) -> Result<Signature, ()>

Signs the TaggedHash of a BOLT 12 invoice.

fn sign_gossip_message( &self, msg: UnsignedGossipMessage<'_>, ) -> Result<Signature, ()>

Sign a gossip message.

impl SignerProvider for KeysManager

type Signer = InMemorySigner

A type which implements WriteableEcdsaChannelSigner which will be returned by Self::derive_channel_signer.

fn generate_channel_keys_id( &self, _inbound: bool, _channel_value_satoshis: u64, user_channel_id: u128, ) -> [u8; 32]

Generates a unique channel_keys_id that can be used to obtain a Self::Signer through SignerProvider::derive_channel_signer. The user_channel_id is provided to allow implementations of SignerProvider to maintain a mapping between itself and the generated channel_keys_id.

fn derive_channel_signer( &self, channel_value_satoshis: u64, channel_keys_id: [u8; 32], ) -> <KeysManager as SignerProvider>::Signer

Derives the private key material backing a Signer.

fn read_chan_signer( &self, reader: &[u8], ) -> Result<<KeysManager as SignerProvider>::Signer, DecodeError>

Reads a Signer for this SignerProvider from the given input stream. This is only called during deserialization of other objects which contain WriteableEcdsaChannelSigner-implementing objects (i.e., ChannelMonitors and ChannelManagers). The bytes are exactly those which <Self::Signer as Writeable>::write() writes, and contain no versioning scheme. You may wish to include your own version prefix and ensure you’ve read all of the provided bytes to ensure no corruption occurred.

fn get_destination_script(&self) -> Result<Script, ()>

Get a script pubkey which we send funds to when claiming on-chain contestable outputs.

fn get_shutdown_scriptpubkey(&self) -> Result<ShutdownScript, ()>

Get a script pubkey which we will send funds to when closing a channel.