seed: derive LN node key pair directly w/o LDK keys manager

Author: phlip9

common/Cargo.toml

@@ -13,7 +13,7 @@ edition = "2021"
 [dependencies]
 # --- BITCOIN --- #
 
-bitcoin = { version = "0.28.1", features = ["use-serde"] }
+bitcoin = { version = "0.28.1", features = ["std", "use-serde"] }
 bitcoin-bech32 = "0.12"
 
 # --- LIGHTNING --- #

common/src/root_seed.rs

@@ -2,10 +2,14 @@ use std::fmt;
 use std::str::FromStr;
 
 use anyhow::format_err;
+use bitcoin::secp256k1::Secp256k1;
+use bitcoin::util::bip32::{ChildNumber, ExtendedPrivKey};
+use bitcoin::{KeyPair, Network};
 use rand_core::{CryptoRng, RngCore};
 use secrecy::{ExposeSecret, Secret, SecretVec};
 use serde::{de, Deserialize, Deserializer, Serialize, Serializer};
 
+use crate::rng::Crng;
 use crate::{ed25519, hex};
 
 /// The user's root seed from which we derive all child secrets.
@@ -92,6 +96,30 @@ impl RootSeed {
         ed25519::from_seed(seed.expose_secret())
     }
 
+    /// Derive the lightning node key pair directly, without needing to derive
+    /// all the other auxiliary node secrets.
+    pub fn derive_node_key_pair<R: Crng>(&self, rng: &mut R) -> KeyPair {
+        // NOTE: this doesn't affect the output; this randomizes the SECP256K1
+        // context for sidechannel resistance.
+        let mut secp_randomize = [0u8; 32];
+        rng.fill_bytes(&mut secp_randomize);
+        let mut secp_ctx = Secp256k1::new();
+        secp_ctx.seeded_randomize(&secp_randomize);
+
+        let master_secret =
+            ExtendedPrivKey::new_master(Network::Testnet, self.expose_secret())
+                .expect("should never fail; the sizes match up");
+        let child_number = ChildNumber::from_hardened_idx(0)
+            .expect("should never fail; index is in range");
+        let node_sk = master_secret
+            .ckd_priv(&secp_ctx, child_number)
+            .expect("should never fail")
+            .private_key;
+        let node_key_pair = KeyPair::from_secret_key(&secp_ctx, node_sk);
+
+        node_key_pair
+    }
+
     #[cfg(test)]
     fn as_bytes(&self) -> &[u8] {
         self.0.expose_secret().as_slice()
@@ -195,6 +223,7 @@ impl proptest::arbitrary::Arbitrary for RootSeed {
 
         proptest::arbitrary::any::<[u8; 32]>()
             .prop_map(|buf| Self::new(Secret::new(buf)))
+            .no_shrink()
             .boxed()
     }
 }

node/src/lexe/keys_manager.rs

@@ -114,3 +114,23 @@ impl LexeKeysManager {
         )
     }
 }
+
+#[cfg(test)]
+mod test {
+    use common::rng::SysRng;
+
+    use super::*;
+
+    #[test]
+    fn test_derive_node_sk_equiv() {
+        // TODO(phlip9): use test rng
+        let mut rng = SysRng::new();
+        let root_seed = RootSeed::from_rng(&mut rng);
+        let node_key_pair = root_seed.derive_node_key_pair(&mut rng);
+        let node_pk = PublicKey::from(&node_key_pair);
+
+        let keys_manager =
+            LexeKeysManager::init(&mut rng, &node_pk, &root_seed).unwrap();
+        assert_eq!(node_pk, keys_manager.derive_pk(&mut rng));
+    }
+}

node/src/provision.rs

@@ -45,7 +45,6 @@ use warp::reject::Reject;
 use warp::{Filter, Rejection, Reply};
 
 use crate::attest;
-use crate::lexe::keys_manager::LexeKeysManager;
 use crate::types::ApiClientType;
 
 const PROVISION_TIMEOUT: Duration = Duration::from_secs(10);
@@ -116,10 +115,10 @@ fn verify_provision_request<R: Crng>(
 ) -> Result<(UserPk, PublicKey, ProvisionedSecrets)> {
     ensure!(req.user_pk == expected_user_id);
 
-    // TODO(phlip9): derive just the node pk without all the extra junk
-    // that gets derived constructing a whole KeysManager
-    let _keys_manager =
-        LexeKeysManager::init(rng, &req.node_pk, &req.root_seed)?;
+    let derived_node_pk =
+        PublicKey::from(req.root_seed.derive_node_key_pair(rng));
+    ensure!(req.node_pk == derived_node_pk);
+
     Ok((
         req.user_pk,
         req.node_pk,
@@ -264,7 +263,7 @@ pub async fn provision(
         match tokio::time::timeout(PROVISION_TIMEOUT, shutdown_rx.recv()).await
         {
             Ok(_) => {
-                debug!("received shutdown; done provisioning");
+                info!("received shutdown; done provisioning");
             }
             Err(_) => {
                 warn!(