From 6f635c6bc3ba30323867125f8ad14f476a0dec43 Mon Sep 17 00:00:00 2001 From: Devrandom Date: Sun, 9 Aug 2020 15:56:10 +0200 Subject: [PATCH] Expose TxCreationKeys in LocalCommitmentTransaction via a method This makes it obvious to signer implementers that the pre-derived keys are a local cache and should not be trusted in a validating signer. --- lightning/src/ln/chan_utils.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs index 1e49782b8..b5d4d4907 100644 --- a/lightning/src/ln/chan_utils.rs +++ b/lightning/src/ln/chan_utils.rs @@ -540,8 +540,7 @@ pub struct LocalCommitmentTransaction { // Which order the signatures should go in when constructing the final commitment tx witness. // The user should be able to reconstruc this themselves, so we don't bother to expose it. our_sig_first: bool, - /// The key derivation parameters for this commitment transaction - pub local_keys: TxCreationKeys, + pub(crate) local_keys: TxCreationKeys, /// The feerate paid per 1000-weight-unit in this commitment transaction. This value is /// controlled by the channel initiator. pub feerate_per_kw: u32, @@ -606,6 +605,12 @@ impl LocalCommitmentTransaction { } } + /// The pre-calculated transaction creation public keys. + /// An external validating signer should not trust these keys. + pub fn trust_key_derivation(&self) -> &TxCreationKeys { + &self.local_keys + } + /// Get the txid of the local commitment transaction contained in this /// LocalCommitmentTransaction pub fn txid(&self) -> Txid { -- 2.39.5