ln-service 53.15.0 → 53.16.0

package/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Versions
 
+## 53.16.0
+
+- `beginGroupSigningSession`: Add method to start a MuSig2 signing session
+- `endGroupSigningSession`: Add method to complete a MuSig2 signing session
+- `updateGroupSigningSession`: Add method to add nonces to a MuSig2 session
+
 ## 53.15.0
 
 - `getRouteToDestination`, `isDestinationPayable`, `pay`,

package/README.md

@@ -105,6 +105,7 @@ for `unlocker` methods.
 - [addExternalSocket](#addexternalsocket) - Advertise a new p2p host:ip address
 - [addPeer](#addpeer) - Connect to a peer
 - [authenticatedLndGrpc](#authenticatedlndgrpc) - LND API Object
+- [beginGroupSigningSession](#begingroupsigningsession) - Start MuSig2 session
 - [broadcastChainTransaction](#broadcastchaintransaction) - Push a chain tx
 - [cancelHodlInvoice](#cancelhodlinvoice) - Cancel a held or any open invoice
 - [cancelPendingChannel](#cancelpendingchannel) - Cancel a pending open channel
@@ -132,6 +133,7 @@ for `unlocker` methods.
 - [disableChannel](#disablechannel) - Disable a channel for outgoing payments
 - [disconnectWatchtower](#disconnectwatchtower) - Disconnect a watchtower
 - [enableChannel](#enablechannel) - Enable a channel for outgoing payments
+- [endGroupSigningSession](#endgroupsigningsession) - Complete MuSig2 session
 - [fundPendingChannels](#fundpendingchannels) - Fund pending open channels
 - [fundPsbt](#fundpsbt) - Create an unsigned PSBT with funding inputs and 
     spending outputs
@@ -256,6 +258,7 @@ for `unlocker` methods.
     transaction
 - [updateColor](#updatecolor) - Update node graph color value
 - [updateConnectedWatchtower](#updateconnectedwatchtower) - Update watchtower
+- [updateGroupSigningSession](#updategroupsigningsession) - Sign with MuSig2
 - [updatePathfindingSettings](#updatepathfindingsettings) - Update pathfinding
     configuration
 - [updateRoutingFees](#updateroutingfees) - Change routing fees
@@ -277,7 +280,7 @@ for `unlocker` methods.
 - [ln-accounting](https://npmjs.com/package/ln-accounting) - accounting records
 - [ln-docker-daemons](https://github.com/alexbosworth/ln-docker-daemons) -
     run regtest integration tests
-- [ln-pathfinding](https://npmjs.com/package/ln-accounting) - pathfinding
+- [ln-pathfinding](https://npmjs.com/package/ln-pathfinding) - pathfinding
     utilities
 - [ln-sync](https://www.npmjs.com/package/ln-sync) - metadata helper methods
 - [probing](https://npmjs.com/package/probing) - payment probing utilities
@@ -380,6 +383,46 @@ const {lnd} = lnService.authenticatedLndGrpc({
 const wallet = await lnService.getWalletInfo({lnd});
 ```
 
+### beginGroupSigningSession
+
+Start a MuSig2 group signing session
+
+Requires LND built with `signrpc`, `walletrpc` build tags
+
+Requires `address:read`, `signer:generate` permissions
+
+This method is not supported in LND 0.14.3 and below
+
+    {
+      lnd: <Authenticated LND API Object>
+      [is_key_spend]: <Key Is BIP 86 Key Spend Key Bool>
+      key_family: <HD Seed Key Family Number>
+      key_index: <Key Index Number>
+      public_keys: [<External Public Key Hex String>]
+      [root_hash]: <Taproot Script Root Hash Hex String>
+    }
+
+    @returns via cbk or Promise
+    {
+      external_key: <Final Script or Top Level Public Key Hex String>
+      id: <Session Id Hex String>
+      [internal_key]: <Internal Top Level Public Key Hex String>
+      nonce: <Session Compound Nonces Hex String>
+    }
+
+Example:
+
+```node
+const {beginGroupSigningSession} = require('ln-service');
+
+const session = await beginGroupSigningSession({
+  lnd,
+  key_family: 0,
+  key_index: 0,
+  public_keys: [externalPublicKey],
+});
+```
+
 ### broadcastChainTransaction
 
 Publish a raw blockchain transaction to Blockchain network peers
@@ -1118,6 +1161,36 @@ await enableChannel({
 });
 ```
 
+### endGroupSigningSession
+
+Complete a MuSig2 signing session
+
+Requires LND built with `signrpc` build tag
+
+Requires `signer:generate` permission
+
+This method is not supported in LND 0.14.3 and below
+
+    {
+      id: <Session Id Hex String>
+      lnd: <Authenticated LND API Object>
+      [signatures]: [<Combine External Partial Signature Hex String>]
+    }
+
+    @returns via cbk or Promise
+    {
+      [signature]: <Combined Signature Hex String>
+    }
+
+Example:
+
+```node
+const {endGroupSigningSession} = require('ln-service');
+
+// Cancel a group signing session
+await endGroupSigningSession({id, lnd});
+```
+
 ### fundPendingChannels
 
 Fund pending channels
@@ -6761,6 +6834,43 @@ await updateConnectedWatchtower({
 });
 ```
 
+### updateGroupSigningSession
+
+Update a MuSig2 signing session with nonces and generate a partial sig
+
+All remote nonces are expected to be passed
+
+Requires LND built with `signrpc` build tag
+
+Requires `signer:generate` permission
+
+This method is not supported in LND 0.14.3 and below
+
+    {
+      hash: <Hash to Sign Hex String>
+      id: <MuSig2 Session Id Hex String>
+      lnd: <Authenticated LND API Object>
+      nonces: [<Nonce Hex String>]
+    }
+
+    @returns via cbk or Promise
+    {
+      signature: <Partial Signature Hex String>
+    }
+
+Example:
+
+```node
+const {updateGroupSigningSession} = require('ln-service');
+
+const {signature} = await updateGroupSigningSession({
+  lnd,
+  hash: v1TxDigestHash,
+  id: sessionId,
+  nonces: [externalNonce],
+});
+```
+
 ### updatePathfindingSettings
 
 Update current pathfinding settings

package/index.js

@@ -1,6 +1,7 @@
 const {addExternalSocket} = require('lightning');
 const {addPeer} = require('lightning');
 const {authenticatedLndGrpc} = require('lightning');
+const {beginGroupSigningSession} = require('lightning');
 const {broadcastChainTransaction} = require('lightning');
 const {cancelHodlInvoice} = require('lightning');
 const {cancelPendingChannel} = require('lightning');
@@ -25,6 +26,7 @@ const {diffieHellmanComputeSecret} = require('lightning');
 const {disableChannel} = require('lightning');
 const {disconnectWatchtower} = require('lightning');
 const {enableChannel} = require('lightning');
+const {endGroupSigningSession} = require('lightning');
 const {fundPendingChannels} = require('lightning');
 const {fundPsbt} = require('lightning');
 const {getAccessIds} = require('lightning');
@@ -135,6 +137,7 @@ const {updateAlias} = require('lightning');
 const {updateChainTransaction} = require('lightning');
 const {updateColor} = require('lightning');
 const {updateConnectedWatchtower} = require('lightning');
+const {updateGroupSigningSession} = require('lightning');
 const {updatePathfindingSettings} = require('lightning');
 const {updateRoutingFees} = require('lightning');
 const {verifyAccess} = require('lightning');
@@ -147,6 +150,7 @@ module.exports = {
   addExternalSocket,
   addPeer,
   authenticatedLndGrpc,
+  beginGroupSigningSession,
   broadcastChainTransaction,
   cancelHodlInvoice,
   cancelPendingChannel,
@@ -171,6 +175,7 @@ module.exports = {
   disableChannel,
   disconnectWatchtower,
   enableChannel,
+  endGroupSigningSession,
   fundPendingChannels,
   fundPsbt,
   getAccessIds,
@@ -281,6 +286,7 @@ module.exports = {
   updateChainTransaction,
   updateColor,
   updateConnectedWatchtower,
+  updateGroupSigningSession,
   updatePathfindingSettings,
   updateRoutingFees,
   verifyAccess,

package/package.json

@@ -9,12 +9,12 @@
   "dependencies": {
     "bolt07": "1.8.1",
     "cors": "2.8.5",
-    "express": "4.17.3",
+    "express": "4.18.1",
     "invoices": "2.0.6",
-    "lightning": "5.14.0",
+    "lightning": "5.15.0",
     "macaroon": "3.0.4",
     "morgan": "1.10.0",
-    "ws": "8.5.0"
+    "ws": "8.6.0"
   },
   "description": "Interaction helper for your Lightning Network daemon",
   "devDependencies": {
@@ -28,7 +28,7 @@
     "bn.js": "5.2.0",
     "bs58check": "2.1.2",
     "ecpair": "2.0.1",
-    "ln-docker-daemons": "2.2.9",
+    "ln-docker-daemons": "2.2.10",
     "p2tr": "1.3.1",
     "portfinder": "1.0.28",
     "psbt": "2.0.1",
@@ -70,5 +70,5 @@
     "integration-test-0.12.0": "DOCKER_LND_VERSION=v0.12.0-beta npm run test",
     "test": "echo $DOCKER_LND_VERSION && tap -j 2 --branches=1 --functions=1 --lines=1 --statements=1 -t 200 test/autopilotrpc-integration/*.js test/chainrpc-integration/*.js test/integration/*.js test/invoicesrpc-integration/*.js test/peersrpc-integration/*.js test/routerrpc-integration/*.js test/signerrpc-integration/*.js test/tower_clientrpc-integration/*.js test/tower_serverrpc-integration/*.js test/walletrpc-integration/*.js"
   },
-  "version": "53.15.0"
+  "version": "53.16.0"
 }

package/test/chainrpc-integration/test_subscribe_to_chain_address.js

@@ -66,7 +66,7 @@ test(`Subscribe to chain transactions`, async ({end, equal, fail}) => {
       .filter(n => !!n.is_outgoing);
 
     if (!transaction) {
-      throw new Error('ExpectedTrnasaction');
+      throw new Error('ExpectedTransactionInSubscribeToChainAddressResult');
     }
 
     // Wait for generation to be over

package/test/signerrpc-integration/test_begin_group_signing_session.js

@@ -0,0 +1,440 @@
+const asyncRetry = require('async/retry');
+const {address} = require('bitcoinjs-lib');
+const {controlBlock} = require('p2tr');
+const {createPsbt} = require('psbt');
+const {hashForTree} = require('p2tr');
+const {leafHash} = require('p2tr');
+const {networks} = require('bitcoinjs-lib');
+const {script} = require('bitcoinjs-lib');
+const {spawnLightningCluster} = require('ln-docker-daemons');
+const {test} = require('@alexbosworth/tap');
+const {Transaction} = require('bitcoinjs-lib');
+const {v1OutputScript} = require('p2tr');
+
+const {beginGroupSigningSession} = require('./../../');
+const {broadcastChainTransaction} = require('./../../');
+const {createChainAddress} = require('./../../');
+const {endGroupSigningSession} = require('./../../');
+const {fundPsbt} = require('./../../');
+const {getPublicKey} = require('./../../');
+const {getUtxos} = require('./../../');
+const {signPsbt} = require('./../../');
+const {updateGroupSigningSession} = require('./../../');
+
+const {compile} = script;
+const count = 100;
+const defaultInternalKey = '0350929b74c1a04954b78b4b6035e97a5e078a5a0f28ec96d547bfee9ace803ac0';
+const {from} = Buffer;
+const {fromHex} = Transaction;
+const hexAsBuffer = hex => Buffer.from(hex, 'hex');
+const interval = 100;
+const OP_CHECKSIG = 172;
+const smallTokens = 2e5;
+const times = 20;
+const {toOutputScript} = address;
+const tokens = 1e6;
+
+// Starting a group signing session should result in a new MuSig2 session
+test(`Begin group signing session`, async ({end, equal}) => {
+  const {kill, nodes} = await spawnLightningCluster({size: 2});
+
+  const [{generate, lnd}, target] = nodes;
+
+  try {
+    await beginGroupSigningSession({
+      lnd,
+      is_key_spend: true,
+      key_family: 0,
+      key_index: 0,
+      public_keys: [Buffer.alloc(33, 2).toString('hex')],
+    });
+  } catch (err) {
+    // On LND 0.14.3 and below, group signing is not supported
+    if (err.slice().shift() === 501) {
+      await kill({});
+
+      return end();
+    }
+
+    throw err;
+  }
+
+  // A Taproot script can be funded and spent with MuSig2
+  try {
+    await generate({count});
+
+    const controlKey = await getPublicKey({lnd, family: 0});
+    const targetKey = await getPublicKey({family: 0, lnd: target.lnd});
+
+    const controlGroup = await beginGroupSigningSession({
+      lnd,
+      is_key_spend: true,
+      key_family: 0,
+      key_index: controlKey.index,
+      public_keys: [targetKey.public_key],
+    });
+
+    const targetGroup = await beginGroupSigningSession({
+      is_key_spend: true,
+      key_family: 0,
+      key_index: targetKey.index,
+      lnd: target.lnd,
+      public_keys: [controlKey.public_key],
+    });
+
+    equal(controlGroup.external_key, targetGroup.external_key, 'Equal e-keys');
+    equal(controlGroup.internal_key, targetGroup.internal_key, 'Equal i-keys');
+
+    const script = Buffer.concat([
+      Buffer.from([81]),
+      Buffer.from([32]),
+      hexAsBuffer(controlGroup.external_key),
+    ]);
+
+    const [utxo] = (await getUtxos({lnd})).utxos.reverse();
+
+    // Make a PSBT paying to the Taproot output
+    const {psbt} = createPsbt({
+      outputs: [{tokens, script: script.toString('hex')}],
+      utxos: [{id: utxo.transaction_id, vout: utxo.transaction_vout}],
+    });
+
+    // Sign the PSBT
+    const signed = await signPsbt({
+      lnd,
+      psbt: (await fundPsbt({lnd, psbt})).psbt,
+    });
+
+    // Send the tx to the chain
+    await broadcastChainTransaction({lnd, transaction: signed.transaction});
+
+    // Make a new tx that will spend the output back into the wallet
+    const tx = new Transaction();
+
+    // The new tx spends the Taproot output
+    tx.addInput(
+      fromHex(signed.transaction).getHash(),
+      fromHex(signed.transaction).outs.findIndex(n => n.value === tokens)
+    );
+
+    // Make an output to pay back into the wallet
+    const chainOutput = toOutputScript(
+      (await createChainAddress({lnd})).address,
+      networks.regtest
+    );
+
+    // Add output to the pay back transaction
+    tx.addOutput(chainOutput, smallTokens);
+
+    const [hashToSign] = tx.ins.map((input, i) => {
+      return tx.hashForWitnessV1(
+        i,
+        [script],
+        [tokens],
+        Transaction.SIGHASH_DEFAULT,
+      );
+    });
+
+    const controlSign = await updateGroupSigningSession({
+      lnd,
+      hash: hashToSign.toString('hex'),
+      id: controlGroup.id,
+      nonces: [targetGroup.nonce],
+    });
+
+    const targetSign = await updateGroupSigningSession({
+      hash: hashToSign.toString('hex'),
+      id: targetGroup.id,
+      lnd: target.lnd,
+      nonces: [controlGroup.nonce],
+    });
+
+    await endGroupSigningSession({lnd: target.lnd, id: targetGroup.id});
+
+    const {signature} = await endGroupSigningSession({
+      lnd,
+      id: controlGroup.id,
+      signatures: [targetSign.signature],
+    });
+
+    // Add the signature to the input
+    tx.ins.forEach((input, i) => tx.setWitness(i, [hexAsBuffer(signature)]));
+
+    await broadcastChainTransaction({lnd, transaction: tx.toHex()});
+
+    await asyncRetry({interval, times}, async () => {
+      await generate({});
+
+      const {utxos} = await getUtxos({lnd});
+
+      const utxo = utxos.find(n => n.transaction_id === tx.getId());
+
+      if (!utxo || !utxo.confirmation_count) {
+        throw new Error('ExpectedReceivedTaprootSpend');
+      }
+    });
+  } catch (err) {
+    equal(err, null, 'Expected no error');
+  }
+
+  // A Taproot script can be funded and spent with MuSig2 for a script output
+  try {
+    await generate({count});
+
+    const controlKey = await getPublicKey({lnd, family: 0});
+    const targetKey = await getPublicKey({family: 0, lnd: target.lnd});
+    const unusedKey = (await getPublicKey({lnd, family: 805})).public_key;
+
+    const xOnlyUnused = hexAsBuffer(unusedKey.slice(2));
+
+    const witnessScript = compile([xOnlyUnused, OP_CHECKSIG]);
+
+    const branches = [{script: witnessScript.toString('hex')}];
+
+    const {hash} = hashForTree({branches});
+
+    const controlGroup = await beginGroupSigningSession({
+      lnd,
+      key_family: 0,
+      key_index: controlKey.index,
+      public_keys: [targetKey.public_key],
+      root_hash: hash,
+    });
+
+    const targetGroup = await beginGroupSigningSession({
+      key_family: 0,
+      key_index: targetKey.index,
+      lnd: target.lnd,
+      public_keys: [controlKey.public_key],
+      root_hash: hash,
+    });
+
+    equal(controlGroup.external_key, targetGroup.external_key, 'Equal e-keys');
+    equal(controlGroup.internal_key, targetGroup.internal_key, 'Equal i-keys');
+
+    const script = Buffer.concat([
+      from([81]),
+      from([32]),
+      hexAsBuffer(controlGroup.external_key),
+    ]);
+
+    const [utxo] = (await getUtxos({lnd})).utxos.reverse();
+
+    // Make a PSBT paying to the Taproot output
+    const {psbt} = createPsbt({
+      outputs: [{tokens, script: script.toString('hex')}],
+      utxos: [{id: utxo.transaction_id, vout: utxo.transaction_vout}],
+    });
+
+    // Sign the PSBT
+    const signed = await signPsbt({
+      lnd,
+      psbt: (await fundPsbt({lnd, psbt})).psbt,
+    });
+
+    // Send the tx to the chain
+    await broadcastChainTransaction({lnd, transaction: signed.transaction});
+
+    // Make a new tx that will spend the output back into the wallet
+    const tx = new Transaction();
+
+    // The new tx spends the Taproot output
+    tx.addInput(
+      fromHex(signed.transaction).getHash(),
+      fromHex(signed.transaction).outs.findIndex(n => n.value === tokens)
+    );
+
+    // Make an output to pay back into the wallet
+    const chainOutput = toOutputScript(
+      (await createChainAddress({lnd})).address,
+      networks.regtest
+    );
+
+    // Add output to the pay back transaction
+    tx.addOutput(chainOutput, smallTokens);
+
+    const [hashToSign] = tx.ins.map((input, i) => {
+      return tx.hashForWitnessV1(
+        i,
+        [script],
+        [tokens],
+        Transaction.SIGHASH_DEFAULT,
+      );
+    });
+
+    const controlSign = await updateGroupSigningSession({
+      lnd,
+      hash: hashToSign.toString('hex'),
+      id: controlGroup.id,
+      nonces: [targetGroup.nonce],
+    });
+
+    const targetSign = await updateGroupSigningSession({
+      hash: hashToSign.toString('hex'),
+      id: targetGroup.id,
+      lnd: target.lnd,
+      nonces: [controlGroup.nonce],
+    });
+
+    await endGroupSigningSession({lnd: target.lnd, id: targetGroup.id});
+
+    const {signature} = await endGroupSigningSession({
+      lnd,
+      id: controlGroup.id,
+      signatures: [targetSign.signature],
+    });
+
+    // Add the signature to the input
+    tx.ins.forEach((input, i) => tx.setWitness(i, [hexAsBuffer(signature)]));
+
+    await broadcastChainTransaction({lnd, transaction: tx.toHex()});
+
+    await asyncRetry({interval, times}, async () => {
+      await generate({});
+
+      const {utxos} = await getUtxos({lnd});
+
+      const utxo = utxos.find(n => n.transaction_id === tx.getId());
+
+      if (!utxo || !utxo.confirmation_count) {
+        throw new Error('ExpectedReceivedTaprootSpend');
+      }
+    });
+  } catch (err) {
+    equal(err, null, 'Expected no error');
+  }
+
+  // A Taproot script can be funded and spent on the script path
+  try {
+    await generate({count});
+
+    const controlKey = await getPublicKey({lnd, family: 0});
+    const targetKey = await getPublicKey({family: 0, lnd: target.lnd});
+
+    const controlGroup = await beginGroupSigningSession({
+      lnd,
+      key_family: 0,
+      key_index: controlKey.index,
+      public_keys: [targetKey.public_key],
+    });
+
+    const targetGroup = await beginGroupSigningSession({
+      key_family: 0,
+      key_index: targetKey.index,
+      lnd: target.lnd,
+      public_keys: [controlKey.public_key],
+    });
+
+    const scriptKey = hexAsBuffer(controlGroup.external_key);
+
+    const witnessScript = compile([scriptKey, OP_CHECKSIG]);
+
+    const branches = [{script: witnessScript.toString('hex')}];
+
+    const {hash} = hashForTree({branches});
+
+    const output = v1OutputScript({hash, internal_key: defaultInternalKey});
+
+    const [utxo] = (await getUtxos({lnd})).utxos.reverse();
+
+    // Make a PSBT paying to the Taproot output
+    const {psbt} = createPsbt({
+      outputs: [{tokens, script: output.script}],
+      utxos: [{id: utxo.transaction_id, vout: utxo.transaction_vout}],
+    });
+
+    // Sign the PSBT
+    const signed = await signPsbt({
+      lnd,
+      psbt: (await fundPsbt({lnd, psbt})).psbt,
+    });
+
+    // Send the tx to the chain
+    await broadcastChainTransaction({lnd, transaction: signed.transaction});
+
+    // Make a new tx that will spend the output back into the wallet
+    const tx = new Transaction();
+
+    // The new tx spends the Taproot output
+    tx.addInput(
+      fromHex(signed.transaction).getHash(),
+      fromHex(signed.transaction).outs.findIndex(n => n.value === tokens)
+    );
+
+    // Make an output to pay back into the wallet
+    const chainOutput = toOutputScript(
+      (await createChainAddress({lnd})).address,
+      networks.regtest
+    );
+
+    // Add output to the pay back transaction
+    tx.addOutput(chainOutput, smallTokens);
+
+    const [hashToSign] = tx.ins.map((input, i) => {
+      return tx.hashForWitnessV1(
+        i,
+        [hexAsBuffer(output.script)],
+        [tokens],
+        Transaction.SIGHASH_DEFAULT,
+        hexAsBuffer(leafHash({script: witnessScript.toString('hex')}).hash),
+      );
+    });
+
+    const controlSign = await updateGroupSigningSession({
+      lnd,
+      hash: hashToSign.toString('hex'),
+      id: controlGroup.id,
+      nonces: [targetGroup.nonce],
+    });
+
+    const targetSign = await updateGroupSigningSession({
+      hash: hashToSign.toString('hex'),
+      id: targetGroup.id,
+      lnd: target.lnd,
+      nonces: [controlGroup.nonce],
+    });
+
+    await endGroupSigningSession({lnd: target.lnd, id: targetGroup.id});
+
+    const {signature} = await endGroupSigningSession({
+      lnd,
+      id: controlGroup.id,
+      signatures: [targetSign.signature],
+    });
+
+    const {block} = controlBlock({
+      external_key: output.external_key,
+      leaf_script: witnessScript.toString('hex'),
+      script_branches: branches,
+    });
+
+    // Add the signature to the input
+    tx.ins.forEach((input, i) => {
+      return tx.setWitness(i, [
+        hexAsBuffer(signature),
+        witnessScript,
+        hexAsBuffer(block),
+      ]);
+    });
+
+    await broadcastChainTransaction({lnd, transaction: tx.toHex()});
+
+    await asyncRetry({interval, times}, async () => {
+      await generate({});
+
+      const {utxos} = await getUtxos({lnd});
+
+      const utxo = utxos.find(n => n.transaction_id === tx.getId());
+
+      if (!utxo || !utxo.confirmation_count) {
+        throw new Error('ExpectedReceivedTaprootSpend');
+      }
+    });
+  } catch (err) {
+    equal(err, null, 'Expected no error');
+  }
+
+  await kill({});
+
+  return end();
+});