lightning network – LND per-commitment-secret derivation

For learning purposes I’m trying to recreate all keys in LND channel.

I could reproduce MultiSigKey, RevocationBasePoint, PaymentBasePoint, DelayBasePoint, HtlcBasePoint. The workflow to reproduce them was to create HD node root key with azeed from 24 words and then use HD Wallet BIP44 specification to calculate these keys with defined paths.

My HD node root key (base58): vprv9DMUxX4ShgxMLHkP4A7EPJr52LoHYn5jD6vn3UfQnf6Tv1uA7mw3RozDzwD2vMxs5MWLAPENaxYvrDERFdARSQLa6RXWBih5bjRqh5hsfJr

(derived from:
words_local=”above tomato swarm square ski frame remain buffalo aerobic ginger reduce insect kiwi kitchen antenna elevator century brave boil gospel gas picnic weather basket”)

For example I can successfully derive RevocationBasePoint with path “m/1017’/1’/1’/0/0”
(the real keys I got reading channel data with chantools from guggero).

However I cannot derive the Per-commitment-point, which should be:

I’ve implemented per-commitment-secret as in BOLT 03 and tested it with successfully with test vectors, but still can not derive the ‘0346d4..’ key.

generate_from_seed(seed, I):
    P = seed
    for B in 47 down to 0:
        if B set in I:
            flip(B) in P
            P = SHA256(P)
    return P

I use for seed the decoded extended private key:

extended_private_key = "vprv9DMUxX4ShgxMLHkP4A7EPJr52LoHYn5jD6vn3UfQnf6Tv1uA7mw3RozDzwD2vMxs5MWLAPENaxYvrDERFdARSQLa6RXWBih5bjRqh5hsfJr"
decoded_key = base58.b58decode(extended_private_key)
seed = decoded_key[46:78]

index = 0xFFFFFFFFFFFF # 281474976710655 (first channel).

I believe I’m not using the right seed…Could someone please help how to derive the per-commitment-secret?

Source link


Leave a Comment