zombierecovery: make preparekeys CLN compatible

guggero · guggero · commit a2792d9904fd · 2025-06-09T21:11:45.000+02:00
diff --git a/cmd/chantools/zombierecovery_makeoffer.go b/cmd/chantools/zombierecovery_makeoffer.go
@@ -183,22 +183,6 @@ func (c *zombieRecoveryMakeOfferCommand) Execute(_ *cobra.Command,
 		}
 	}
 
-	// If we're only matching, we can stop here.
-	if c.MatchOnly {
-		ourPubKeys, err := parseKeys(keys1.Node1.MultisigKeys)
-		if err != nil {
-			return fmt.Errorf("error parsing their keys: %w", err)
-		}
-
-		theirPubKeys, err := parseKeys(keys2.Node2.MultisigKeys)
-		if err != nil {
-			return fmt.Errorf("error parsing our keys: %w", err)
-		}
-		return matchKeys(
-			keys1.Channels, ourPubKeys, theirPubKeys, chainParams,
-		)
-	}
-
 	// Make sure one of the nodes is ours.
 	_, pubKey, _, err := lnd.DeriveKey(
 		extendedKey, lnd.IdentityPath(chainParams), chainParams,
@@ -277,6 +261,11 @@ func (c *zombieRecoveryMakeOfferCommand) Execute(_ *cobra.Command,
 		return err
 	}
 
+	// If we're only matching, we can stop here.
+	if c.MatchOnly {
+		return nil
+	}
+
 	// Let's prepare the PSBT.
 	packet, err := psbt.NewFromUnsignedTx(wire.NewMsgTx(2))
 	if err != nil {
diff --git a/cmd/chantools/zombierecovery_makeoffer_test.go b/cmd/chantools/zombierecovery_makeoffer_test.go
@@ -9,23 +9,37 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-var (
-	key1Bytes, _ = hex.DecodeString(
-		"0201943d78d61c8ad50ba57164830f536c156d8d89d979448bef3e67f564" +
-			"ea0ab6",
-	)
-	key1, _      = btcec.ParsePubKey(key1Bytes)
-	key2Bytes, _ = hex.DecodeString(
-		"038b88de18064024e9da4dfc9c804283b3077a265dcd73ad3615b50badcb" +
-			"debd5b",
-	)
-	key2, _ = btcec.ParsePubKey(key2Bytes)
-	addr    = "bc1qp5jnhnavt32fjwhnf5ttpvvym7e0syp79q5l9skz545q62d8u2uq05" +
-		"ul63"
-)
-
 func TestMatchScript(t *testing.T) {
-	ok, _, _, err := matchScript(addr, key1, key2, &chaincfg.MainNetParams)
-	require.NoError(t, err)
-	require.True(t, ok)
+	testCases := []struct {
+		key1   string
+		key2   string
+		addr   string
+		params *chaincfg.Params
+	}{{
+		key1:   "0201943d78d61c8ad50ba57164830f536c156d8d89d979448bef3e67f564ea0ab6",
+		key2:   "038b88de18064024e9da4dfc9c804283b3077a265dcd73ad3615b50badcbdebd5b",
+		addr:   "bc1qp5jnhnavt32fjwhnf5ttpvvym7e0syp79q5l9skz545q62d8u2uq05ul63",
+		params: &chaincfg.MainNetParams,
+	}, {
+		key1:   "03585d8e760bd0925da67d9c22a69dcad9f51f90a39f9a681971268555975ea30d",
+		key2:   "0326a2171c97673cc8cd7a04a043f0224c59591fc8c9de320a48f7c9b68ab0ae2b",
+		addr:   "bcrt1qhcn39q6jc0krkh9va230y2z6q96zadt8fhxw3erv92fzlrw83cyq40nwek",
+		params: &chaincfg.RegressionNetParams,
+	}}
+
+	for _, tc := range testCases {
+		key1Bytes, err := hex.DecodeString(tc.key1)
+		require.NoError(t, err)
+		key1, err := btcec.ParsePubKey(key1Bytes)
+		require.NoError(t, err)
+
+		key2Bytes, err := hex.DecodeString(tc.key2)
+		require.NoError(t, err)
+		key2, err := btcec.ParsePubKey(key2Bytes)
+		require.NoError(t, err)
+
+		ok, _, _, err := matchScript(tc.addr, key1, key2, tc.params)
+		require.NoError(t, err)
+		require.True(t, ok)
+	}
 }
diff --git a/cmd/chantools/zombierecovery_preparekeys.go b/cmd/chantools/zombierecovery_preparekeys.go
@@ -9,9 +9,12 @@ import (
 	"os"
 	"time"
 
+	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/btcutil"
 	"github.com/btcsuite/btcd/wire"
+	"github.com/lightninglabs/chantools/cln"
 	"github.com/lightninglabs/chantools/lnd"
+	"github.com/lightningnetwork/lnd/keychain"
 	"github.com/spf13/cobra"
 )
 
@@ -25,6 +28,8 @@ type zombieRecoveryPrepareKeysCommand struct {
 
 	NumKeys uint32
 
+	HsmSecret string
+
 	rootKey *rootKey
 	cmd     *cobra.Command
 }
@@ -58,6 +63,12 @@ correct ones for the matched channels.`,
 		&cc.NumKeys, "num_keys", numMultisigKeys, "the number of "+
 			"multisig keys to derive",
 	)
+	cc.cmd.Flags().StringVar(
+		&cc.HsmSecret, "hsm_secret", "", "the hex encoded HSM secret "+
+			"to use for deriving the multisig keys for a CLN "+
+			"node; obtain by running 'xxd -p -c32 "+
+			"~/.lightning/bitcoin/hsm_secret'",
+	)
 
 	cc.rootKey = newRootKey(cc.cmd, "deriving the multisig keys")
 
@@ -67,12 +78,7 @@ correct ones for the matched channels.`,
 func (c *zombieRecoveryPrepareKeysCommand) Execute(_ *cobra.Command,
 	_ []string) error {
 
-	extendedKey, err := c.rootKey.read()
-	if err != nil {
-		return fmt.Errorf("error reading root key: %w", err)
-	}
-
-	err = lnd.CheckAddress(
+	err := lnd.CheckAddress(
 		c.PayoutAddr, chainParams, false, "payout", lnd.AddrTypeP2WKH,
 		lnd.AddrTypeP2TR,
 	)
@@ -98,26 +104,68 @@ func (c *zombieRecoveryPrepareKeysCommand) Execute(_ *cobra.Command,
 		return errors.New("invalid match file, node info missing")
 	}
 
-	_, pubKey, _, err := lnd.DeriveKey(
-		extendedKey, lnd.IdentityPath(chainParams), chainParams,
-	)
+	// Derive the keys for the node type, depending on the input flags.
+	var signer lnd.ChannelSigner
+	switch {
+	case c.HsmSecret != "":
+		secretBytes, err := hex.DecodeString(c.HsmSecret)
+		if err != nil {
+			return fmt.Errorf("error decoding HSM secret: %w", err)
+		}
+
+		var hsmSecret [32]byte
+		copy(hsmSecret[:], secretBytes)
+
+		signer = &cln.Signer{
+			HsmSecret: hsmSecret,
+		}
+
+	default:
+		extendedKey, err := c.rootKey.read()
+		if err != nil {
+			return fmt.Errorf("error reading root key: %w", err)
+		}
+		signer = &lnd.Signer{
+			ExtendedKey: extendedKey,
+			ChainParams: chainParams,
+		}
+	}
+
+	nodePrivKey, err := signer.FetchPrivateKey(&keychain.KeyDescriptor{
+		KeyLocator: keychain.KeyLocator{
+			Family: keychain.KeyFamilyNodeKey,
+		},
+	})
 	if err != nil {
-		return fmt.Errorf("error deriving identity pubkey: %w", err)
+		return fmt.Errorf("error deriving identity private key: %w",
+			err)
 	}
 
+	pubKey := nodePrivKey.PubKey()
 	pubKeyStr := hex.EncodeToString(pubKey.SerializeCompressed())
-	var nodeInfo *nodeInfo
+	var ourNodeInfo, theirNodeInfo *nodeInfo
 	switch {
 	case match.Node1.PubKey != pubKeyStr && match.Node2.PubKey != pubKeyStr:
-		return fmt.Errorf("derived pubkey %s from seed but that key "+
-			"was not found in the match file %s", pubKeyStr,
+		return fmt.Errorf("derived pubkey %s from seed but that "+
+			"key was not found in the match file %s", pubKeyStr,
 			c.MatchFile)
 
 	case match.Node1.PubKey == pubKeyStr:
-		nodeInfo = match.Node1
+		ourNodeInfo = match.Node1
+		theirNodeInfo = match.Node2
 
 	default:
-		nodeInfo = match.Node2
+		ourNodeInfo = match.Node2
+		theirNodeInfo = match.Node1
+	}
+
+	theirNodeKeyBytes, err := hex.DecodeString(theirNodeInfo.PubKey)
+	if err != nil {
+		return fmt.Errorf("error decoding peer pubkey: %w", err)
+	}
+	theirNodeKey, err := btcec.ParsePubKey(theirNodeKeyBytes)
+	if err != nil {
+		return fmt.Errorf("error parsing peer pubkey: %w", err)
 	}
 
 	// If there are any Simple Taproot channels, we need to generate some
@@ -132,6 +180,12 @@ func (c *zombieRecoveryPrepareKeysCommand) Execute(_ *cobra.Command,
 
 		_, isP2TR := addr.(*btcutil.AddressTaproot)
 		if isP2TR {
+			lndSigner, ok := signer.(*lnd.Signer)
+			if !ok {
+				return errors.New("taproot channels not " +
+					"supported for CLN ")
+			}
+
 			chanPoint, err := wire.NewOutPointFromString(
 				matchChannel.ChanPoint,
 			)
@@ -147,12 +201,13 @@ func (c *zombieRecoveryPrepareKeysCommand) Execute(_ *cobra.Command,
 			}
 
 			nonces, err := lnd.GenerateMuSig2Nonces(
-				extendedKey, randomness, chanPoint, chainParams,
+				lndSigner.ExtendedKey, randomness, chanPoint,
+				chainParams,
 				nil,
 			)
 			if err != nil {
-				return fmt.Errorf("error generating MuSig2 "+
-					"nonces: %w", err)
+				return fmt.Errorf("error generating "+
+					"MuSig2 nonces: %w", err)
 			}
 
 			matchChannel.MuSig2NonceRandomness = hex.EncodeToString(
@@ -166,21 +221,25 @@ func (c *zombieRecoveryPrepareKeysCommand) Execute(_ *cobra.Command,
 
 	// Derive all 2500 keys now, this might take a while.
 	for index := range c.NumKeys {
-		_, pubKey, _, err := lnd.DeriveKey(
-			extendedKey, lnd.MultisigPath(chainParams, int(index)),
-			chainParams,
-		)
+		privKey, err := signer.FetchPrivateKey(&keychain.KeyDescriptor{
+			PubKey: theirNodeKey,
+			KeyLocator: keychain.KeyLocator{
+				Family: keychain.KeyFamilyMultiSig,
+				Index:  index,
+			},
+		})
 		if err != nil {
-			return fmt.Errorf("error deriving multisig pubkey: %w",
-				err)
+			return fmt.Errorf("error deriving funding private "+
+				"key: %w", err)
 		}
 
-		nodeInfo.MultisigKeys = append(
-			nodeInfo.MultisigKeys,
-			hex.EncodeToString(pubKey.SerializeCompressed()),
+		fundingPubKey := privKey.PubKey()
+		ourNodeInfo.MultisigKeys = append(
+			ourNodeInfo.MultisigKeys,
+			hex.EncodeToString(fundingPubKey.SerializeCompressed()),
 		)
 	}
-	nodeInfo.PayoutAddr = c.PayoutAddr
+	ourNodeInfo.PayoutAddr = c.PayoutAddr
 
 	// Write the result back into a new file.
 	matchBytes, err := json.MarshalIndent(match, "", " ")
diff --git a/doc/chantools_zombierecovery_preparekeys.md b/doc/chantools_zombierecovery_preparekeys.md
@@ -27,6 +27,7 @@ chantools zombierecovery preparekeys \
 ```
       --bip39                read a classic BIP39 seed and passphrase from the terminal instead of asking for lnd seed format or providing the --rootkey flag
   -h, --help                 help for preparekeys
+      --hsm_secret string    the hex encoded HSM secret to use for deriving the multisig keys for a CLN node; obtain by running 'xxd -p -c32 ~/.lightning/bitcoin/hsm_secret'
       --match_file string    the match JSON file that was sent to both nodes by the match maker
       --num_keys uint32      the number of multisig keys to derive (default 2500)
       --payout_addr string   the address where this node's rescued funds should be sent to, must be a P2WPKH (native SegWit) or P2TR (Taproot) address
