Add method to derive Peer Storage encryption key

Aditya Sharma · adi2011 · commit dc3d6c14e989 · 2025-02-27T09:00:14.000+05:30
Add get_peer_storage_key method to derive a 32-byte encryption key for securing Peer Storage.
This method utilizes HKDF with the node's secret key as input and a fixed info string to generate the encryption key.

 - Add 'get_peer_storage_key' to NodeSigner.
 - Implement 'get_peer_storage_key' for KeysManager &amp; PhantomKeysManager.
diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs
@@ -336,6 +336,10 @@ impl NodeSigner for KeyProvider {
 		unreachable!()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		unreachable!()
+	}
+
 	fn sign_bolt12_invoice(
 		&self, _invoice: &UnsignedBolt12Invoice,
 	) -> Result<schnorr::Signature, ()> {
diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs
@@ -420,6 +420,10 @@ impl NodeSigner for KeyProvider {
 		let secp_ctx = Secp256k1::signing_only();
 		Ok(secp_ctx.sign_ecdsa(&msg_hash, &self.node_secret))
 	}
+
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		unreachable!()
+	}
 }
 
 impl SignerProvider for KeyProvider {
diff --git a/fuzz/src/onion_message.rs b/fuzz/src/onion_message.rs
@@ -246,6 +246,10 @@ impl NodeSigner for KeyProvider {
 	) -> Result<bitcoin::secp256k1::ecdsa::Signature, ()> {
 		unreachable!()
 	}
+
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		unreachable!()
+	}
 }
 
 impl SignerProvider for KeyProvider {
diff --git a/lightning/src/ln/blinded_payment_tests.rs b/lightning/src/ln/blinded_payment_tests.rs
@@ -1550,6 +1550,7 @@ fn route_blinding_spec_test_vector() {
 		fn sign_invoice(
 			&self, _invoice: &RawBolt11Invoice, _recipient: Recipient,
 		) -> Result<RecoverableSignature, ()> { unreachable!() }
+		fn get_peer_storage_key(&self) -> [u8;32] { unreachable!() }
 		fn sign_bolt12_invoice(
 			&self, _invoice: &UnsignedBolt12Invoice,
 		) -> Result<schnorr::Signature, ()> { unreachable!() }
diff --git a/lightning/src/sign/mod.rs b/lightning/src/sign/mod.rs
@@ -856,6 +856,35 @@ pub trait NodeSigner {
 	/// [phantom node payments]: PhantomKeysManager
 	fn get_inbound_payment_key(&self) -> ExpandedKey;
 
+	/// Generates a 32-byte key used for peer storage encryption.
+	///
+	/// This function derives an encryption key for peer storage by using the HKDF
+	/// (HMAC-based Key Derivation Function) with a specific label and the node
+	/// secret key. The derived key is used for encrypting or decrypting peer storage
+	/// data.
+	///
+	/// The process involves the following steps:
+	/// 1. Retrieves the node secret key.
+	/// 2. Uses the node secret key and the label `"Peer Storage Encryption Key"`
+	///    to perform HKDF extraction and expansion.
+	/// 3. Returns the first part of the derived key, which is a 32-byte array.
+	///
+	/// # Returns
+	///
+	/// Returns a 32-byte array that serves as the encryption key for peer storage.
+	///
+	/// # Panics
+	///
+	/// This function does not panic under normal circumstances, but failures in
+	/// obtaining the node secret key or issues within the HKDF function may cause
+	/// unexpected behavior.
+	///
+	/// # Notes
+	///
+	/// Ensure that the node secret key is securely managed, as it is crucial for
+	/// the security of the derived encryption key.
+	fn get_peer_storage_key(&self) -> [u8; 32];
+
 	/// Get node id based on the provided [`Recipient`].
 	///
 	/// This method must return the same value each time it is called with a given [`Recipient`]
@@ -2201,6 +2230,14 @@ impl NodeSigner for KeysManager {
 		self.inbound_payment_key.clone()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		let (t1, _) = hkdf_extract_expand_twice(
+			b"Peer Storage Encryption Key",
+			&self.get_node_secret_key().secret_bytes(),
+		);
+		t1
+	}
+
 	fn sign_invoice(
 		&self, invoice: &RawBolt11Invoice, recipient: Recipient,
 	) -> Result<RecoverableSignature, ()> {
@@ -2370,6 +2407,14 @@ impl NodeSigner for PhantomKeysManager {
 		self.inbound_payment_key.clone()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		let (t1, _) = hkdf_extract_expand_twice(
+			b"Peer Storage Encryption Key",
+			&self.get_node_secret_key().secret_bytes(),
+		);
+		t1
+	}
+
 	fn sign_invoice(
 		&self, invoice: &RawBolt11Invoice, recipient: Recipient,
 	) -> Result<RecoverableSignature, ()> {
diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs
@@ -1460,6 +1460,10 @@ impl NodeSigner for TestNodeSigner {
 		unreachable!()
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		unreachable!()
+	}
+
 	fn get_node_id(&self, recipient: Recipient) -> Result<PublicKey, ()> {
 		let node_secret = match recipient {
 			Recipient::Node => Ok(&self.node_secret),
@@ -1538,6 +1542,10 @@ impl NodeSigner for TestKeysInterface {
 		self.backing.sign_invoice(invoice, recipient)
 	}
 
+	fn get_peer_storage_key(&self) -> [u8; 32] {
+		self.backing.get_peer_storage_key()
+	}
+
 	fn sign_bolt12_invoice(
 		&self, invoice: &UnsignedBolt12Invoice,
 	) -> Result<schnorr::Signature, ()> {

Original file line number	Diff line number	Diff line change
`@@ -420,6 +420,10 @@ impl NodeSigner for KeyProvider {`
`420`	`420`	`let secp_ctx = Secp256k1::signing_only();`
`421`	`421`	`Ok(secp_ctx.sign_ecdsa(&msg_hash, &self.node_secret))`
`422`	`422`	`}`
	`423`	`+`
	`424`	`+ fn get_peer_storage_key(&self) -> [u8; 32] {`
	`425`	`+ unreachable!()`
	`426`	`+ }`
`423`	`427`	`}`
`424`	`428`
`425`	`429`	`impl SignerProvider for KeyProvider {`
Original file line number	Diff line number	Diff line change
`@@ -246,6 +246,10 @@ impl NodeSigner for KeyProvider {`
`246`	`246`	`) -> Result<bitcoin::secp256k1::ecdsa::Signature, ()> {`
`247`	`247`	`unreachable!()`
`248`	`248`	`}`
	`249`	`+`
	`250`	`+ fn get_peer_storage_key(&self) -> [u8; 32] {`
	`251`	`+ unreachable!()`
	`252`	`+ }`
`249`	`253`	`}`
`250`	`254`
`251`	`255`	`impl SignerProvider for KeyProvider {`