splice: Add hsmd_next_funding_pubkey

hsmd/hsmd.c

@@ -655,6 +655,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_NEW_CHANNEL:
 	case WIRE_HSMD_SETUP_CHANNEL:
 	case WIRE_HSMD_SYNC_OUTPOINT:
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX:
 	case WIRE_HSMD_VALIDATE_REVOCATION:
@@ -701,6 +702,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_NEW_CHANNEL_REPLY:
 	case WIRE_HSMD_SETUP_CHANNEL_REPLY:
 	case WIRE_HSMD_SYNC_OUTPOINT_REPLY:
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY_REPLY:
 	case WIRE_HSMD_NODE_ANNOUNCEMENT_SIG_REPLY:
 	case WIRE_HSMD_SIGN_WITHDRAWAL_REPLY:
 	case WIRE_HSMD_SIGN_INVOICE_REPLY:

hsmd/hsmd_wire.csv

@@ -98,6 +98,17 @@ msgdata,hsmd_sync_outpoint,funding_txout,u32,
 # No value returned
 msgtype,hsmd_sync_outpoint_reply,132
 
+# Sent to derive the next funding pubkey (for splicing)
+msgtype,hsmd_next_funding_pubkey,34
+msgdata,hsmd_next_funding_pubkey,peerid,node_id,
+msgdata,hsmd_next_funding_pubkey,dbid,u64,
+msgdata,hsmd_next_funding_pubkey,funding_txid,bitcoin_txid,
+msgdata,hsmd_next_funding_pubkey,funding_txout,u32,
+
+# Returns the next funding pubkey for a splice
+msgtype,hsmd_next_funding_pubkey_reply,134
+msgdata,hsmd_next_funding_pubkey_reply,next_funding_pubkey,pubkey,
+
 # Return signature for a funding tx.
 #include <common/utxo.h>
 

hsmd/libhsmd.c

@@ -122,6 +122,7 @@ bool hsmd_check_client_capabilities(struct hsmd_client *client,
 	case WIRE_HSMD_SIGN_INVOICE:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX:
 	case WIRE_HSMD_GET_CHANNEL_BASEPOINTS:
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY:
 	case WIRE_HSMD_DEV_MEMLEAK:
 	case WIRE_HSMD_SIGN_MESSAGE:
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY:
@@ -162,6 +163,7 @@ bool hsmd_check_client_capabilities(struct hsmd_client *client,
 	case WIRE_HSMD_GET_PER_COMMITMENT_POINT_REPLY:
 	case WIRE_HSMD_CHECK_FUTURE_SECRET_REPLY:
 	case WIRE_HSMD_GET_CHANNEL_BASEPOINTS_REPLY:
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY_REPLY:
 	case WIRE_HSMD_DEV_MEMLEAK_REPLY:
 	case WIRE_HSMD_SIGN_MESSAGE_REPLY:
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY_REPLY:
@@ -398,6 +400,27 @@ static u8 *handle_sync_outpoint(struct hsmd_client *c, const u8 *msg_in)
 	return towire_hsmd_setup_channel_reply(NULL);
 }
 
+/* ~Return the funding pubkey for the next splice */
+static u8 *handle_next_funding_pubkey(struct hsmd_client *c, const u8 *msg_in)
+{
+	struct node_id peer_id;
+	u64 dbid;
+	struct bitcoin_txid funding_txid;
+	u32 funding_txout;
+	struct secret seed;
+	struct pubkey funding_pubkey;
+
+	if (!fromwire_hsmd_next_funding_pubkey(msg_in, &peer_id, &dbid,
+					       &funding_txid, &funding_txout))
+		return hsmd_status_malformed_request(c, msg_in);
+
+	// TODO actually rotate the funding pubkey
+	get_channel_seed(&peer_id, dbid, &seed);
+	derive_basepoints(&seed, &funding_pubkey, NULL, NULL, NULL);
+
+	return towire_hsmd_setup_channel_reply(NULL);
+}
+
 /*~ For almost every wallet tx we use the BIP32 seed, but not for onchain
  * unilateral closes from a peer: they (may) have an output to us using a
  * public key based on the channel basepoints.  It's a bit spammy to spend
@@ -1927,6 +1950,8 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
 		return handle_setup_channel(client, msg);
 	case WIRE_HSMD_SYNC_OUTPOINT:
 		return handle_sync_outpoint(client, msg);
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY:
+		return handle_next_funding_pubkey(client, msg);
 	case WIRE_HSMD_GET_OUTPUT_SCRIPTPUBKEY:
 		return handle_get_output_scriptpubkey(client, msg);
 	case WIRE_HSMD_CHECK_FUTURE_SECRET:
@@ -2005,6 +2030,7 @@ u8 *hsmd_handle_client_message(const tal_t *ctx, struct hsmd_client *client,
 	case WIRE_HSMD_NEW_CHANNEL_REPLY:
 	case WIRE_HSMD_SETUP_CHANNEL_REPLY:
 	case WIRE_HSMD_SYNC_OUTPOINT_REPLY:
+	case WIRE_HSMD_NEXT_FUNDING_PUBKEY_REPLY:
 	case WIRE_HSMD_NODE_ANNOUNCEMENT_SIG_REPLY:
 	case WIRE_HSMD_SIGN_WITHDRAWAL_REPLY:
 	case WIRE_HSMD_SIGN_INVOICE_REPLY: