+ /// channel_parameters.is_populated() MUST be true.
+ fn provide_channel_parameters(&mut self, channel_parameters: &ChannelTransactionParameters);
+}
+
+/// A writeable signer.
+///
+/// There will always be two instances of a signer per channel, one occupied by the
+/// [`ChannelManager`] and another by the channel's [`ChannelMonitor`].
+///
+/// [`ChannelManager`]: crate::ln::channelmanager::ChannelManager
+/// [`ChannelMonitor`]: crate::chain::channelmonitor::ChannelMonitor
+pub trait Sign: BaseSign + Writeable {
+}
+
+/// Specifies the recipient of an invoice, to indicate to [`KeysInterface::sign_invoice`] what node
+/// secret key should be used to sign the invoice.
+pub enum Recipient {
+ /// The invoice should be signed with the local node secret key.
+ Node,
+ /// The invoice should be signed with the phantom node secret key. This secret key must be the
+ /// same for all nodes participating in the [phantom node payment].
+ ///
+ /// [phantom node payment]: PhantomKeysManager
+ PhantomNode,
+}
+
+/// A trait to describe an object which can get user secrets and key material.
+pub trait KeysInterface {
+ /// A type which implements Sign which will be returned by derive_channel_signer.
+ type Signer : Sign;
+
+ /// Get node secret key based on the provided [`Recipient`].
+ ///
+ /// The node_id/network_key is the public key that corresponds to this secret key.
+ ///
+ /// This method must return the same value each time it is called with a given `Recipient`
+ /// parameter.
+ ///
+ /// Errors if the `Recipient` variant is not supported by the implementation.
+ fn get_node_secret(&self, recipient: Recipient) -> Result<SecretKey, ()>;
+ /// Get node id based on the provided [`Recipient`]. This public key corresponds to the secret in
+ /// [`get_node_secret`].
+ ///
+ /// This method must return the same value each time it is called with a given `Recipient`
+ /// parameter.
+ ///
+ /// Errors if the `Recipient` variant is not supported by the implementation.
+ ///
+ /// [`get_node_secret`]: KeysInterface::get_node_secret
+ fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()> {
+ let secp_ctx = Secp256k1::signing_only();
+ Ok(PublicKey::from_secret_key(&secp_ctx, &self.get_node_secret(recipient)?))
+ }
+ /// Gets the ECDH shared secret of our [`node secret`] and `other_key`, multiplying by `tweak` if
+ /// one is provided. Note that this tweak can be applied to `other_key` instead of our node
+ /// secret, though this is less efficient.
+ ///
+ /// Errors if the `Recipient` variant is not supported by the implementation.
+ ///
+ /// [`node secret`]: Self::get_node_secret
+ fn ecdh(&self, recipient: Recipient, other_key: &PublicKey, tweak: Option<&Scalar>) -> Result<SharedSecret, ()>;
+ /// Get a script pubkey which we send funds to when claiming on-chain contestable outputs.
+ ///
+ /// This method should return a different value each time it is called, to avoid linking
+ /// on-chain funds across channels as controlled to the same user.
+ fn get_destination_script(&self) -> Script;
+ /// Get a script pubkey which we will send funds to when closing a channel.
+ ///
+ /// This method should return a different value each time it is called, to avoid linking
+ /// on-chain funds across channels as controlled to the same user.
+ fn get_shutdown_scriptpubkey(&self) -> ShutdownScript;
+ /// Generates a unique `channel_keys_id` that can be used to obtain a `Signer` through
+ /// [`KeysInterface::derive_channel_signer`]. The `user_channel_id` is provided to allow
+ /// implementations of `KeysInterface` to maintain a mapping between it and the generated
+ /// `channel_keys_id`.
+ ///
+ /// This method must return a different value each time it is called.
+ fn generate_channel_keys_id(&self, inbound: bool, channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32];
+ /// Derives the private key material backing a `Signer`.
+ ///
+ /// To derive a new `Signer`, a fresh `channel_keys_id` should be obtained through
+ /// [`KeysInterface::generate_channel_keys_id`]. Otherwise, an existing `Signer` can be
+ /// re-derived from its `channel_keys_id`, which can be obtained through its trait method
+ /// [`BaseSign::channel_keys_id`].
+ fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer;
+ /// Gets a unique, cryptographically-secure, random 32 byte value. This is used for encrypting
+ /// onion packets and for temporary channel IDs. There is no requirement that these be
+ /// persisted anywhere, though they must be unique across restarts.
+ ///
+ /// This method must return a different value each time it is called.
+ fn get_secure_random_bytes(&self) -> [u8; 32];
+
+ /// Reads a `Signer` for this `KeysInterface` from the given input stream.
+ /// This is only called during deserialization of other objects which contain
+ /// `Sign`-implementing objects (ie `ChannelMonitor`s and `ChannelManager`s).
+ /// The bytes are exactly those which `<Self::Signer as Writeable>::write()` writes, and
+ /// contain no versioning scheme. You may wish to include your own version prefix and ensure
+ /// you've read all of the provided bytes to ensure no corruption occurred.
+ ///
+ /// This method is slowly being phased out -- it will only be called when reading objects
+ /// written by LDK versions prior to 0.0.113.
+ fn read_chan_signer(&self, reader: &[u8]) -> Result<Self::Signer, DecodeError>;
+
+ /// Sign an invoice.
+ /// By parameterizing by the raw invoice bytes instead of the hash, we allow implementors of
+ /// this trait to parse the invoice and make sure they're signing what they expect, rather than
+ /// blindly signing the hash.
+ /// The hrp is ascii bytes, while the invoice data is base32.
+ ///
+ /// The secret key used to sign the invoice is dependent on the [`Recipient`].
+ ///
+ /// Errors if the `Recipient` variant is not supported by the implementation.
+ fn sign_invoice(&self, hrp_bytes: &[u8], invoice_data: &[u5], receipient: Recipient) -> Result<RecoverableSignature, ()>;
+
+ /// Get secret key material as bytes for use in encrypting and decrypting inbound payment data.
+ ///
+ /// If the implementor of this trait supports [phantom node payments], then every node that is
+ /// intended to be included in the phantom invoice route hints must return the same value from
+ /// this method.
+ // This is because LDK avoids storing inbound payment data by encrypting payment data in the
+ // payment hash and/or payment secret, therefore for a payment to be receivable by multiple
+ // nodes, they must share the key that encrypts this payment data.
+ ///
+ /// This method must return the same value each time it is called.
+ ///
+ /// [phantom node payments]: PhantomKeysManager
+ fn get_inbound_payment_key_material(&self) -> KeyMaterial;