Allow the user to use custom signing scheme and multiple keys in vtxo tree signatures #422
Conversation
| repeated string cosigners_pubkeys = 2; | ||
| Tree unsigned_vtxo_tree = 3; | ||
| string unsigned_round_tx = 4; | ||
| Tree unsigned_vtxo_tree = 2; |
There was a problem hiding this comment.
let's keep the list of cosigners, this way it's easier for clients to understand if they are participating this round or have to wait for the next one.
| UnsignedTree tree.VtxoTree | ||
| CosignersPubKeys []*secp256k1.PublicKey | ||
| UnsignedRoundTx string | ||
| ID string |
| } | ||
|
|
||
| // WithCustomTreeSigner allows to use a set of custom signer for the vtxo tree signing process | ||
| func WithCustomTreeSigner(privKeys []*secp256k1.PrivateKey) Option { |
There was a problem hiding this comment.
I took a look at handleOptions and i think this should be come WithExtraSigner to be useful for the user.. this way he just need to add extra keys, without taking care of creating one for himself, that should always be done by the SDK.
| func WithCustomTreeSigner(privKeys []*secp256k1.PrivateKey) Option { | |
| func WithExtraSigner(privKeys []*secp256k1.PrivateKey) Option { |
| } | ||
|
|
||
| // if no custom signer priv keys are provided, we generate a new ephemeral key | ||
| if len(signerPubKeys) == 0 { |
There was a problem hiding this comment.
in light of this comment, we should always generate the keypair for the sdk wallet
| if err = signerSession.SetKeys(event.CosignersPubKeys); err != nil { | ||
| return | ||
| } | ||
| for _, privKey := range signerPrivKeys { |
There was a problem hiding this comment.
should be done in parallel?
| if err := signerSession.SetAggregatedNonces(event.Nonces); err != nil { | ||
| return err | ||
| } | ||
| for _, session := range signerSessions { |
| ephemeralKey, err := secp256k1.GeneratePrivateKey() | ||
| if err != nil { | ||
| return nil, nil, tree.SignBranch, err | ||
| } |
There was a problem hiding this comment.
maybe we should use an ephemeral key only when signing ALL, otherwise we should use a wallet key to be sure we can re-sign the branch if needed?
Co-authored-by: Pietralberto Mazza <[email protected]> Signed-off-by: Louis Singer <[email protected]>
Co-authored-by: Pietralberto Mazza <[email protected]> Signed-off-by: Louis Singer <[email protected]>
This PR adds a way for the user to sign only its branch during the vtxo tree signing process.
now
RegisterInputsForNextRoundRPC expects the following request:ephemeral_pubkeyhas been replaced bysigner_pubkeys. It allows setting multiple signing keys for the same request. Useful for collaborative VTXO contracts.signing_typeis a flag signalling to the server the type of signing scheme the user wants to use, 2 are supported:SignAll = 0is the existing scheme where one signs all branches of the tree.SignBranch = 1is the new scheme where one signs only the branch(es) related to his VTXO(s) in the tree.BREAKING CHANGES:
With this, the tree's PSBTs don't embed the sweep tapscript leaf and internal taproot key as unknown fields anymore. They are replaced instead with the round lifetime, as clients know all other info to reconstruct the sweep leaf on their own.
All clients must be updated once this is merged.
@tiero @altafan @sekulicd please review
AI TL;DR
Looking at the changes in the PR, the main changes are:
Refactoring of the signing process for vtxo trees:
Changes to the signing protocol:
Core API changes:
RegisterInputsForNextRoundRPC to take signer_pubkeys and signing_type instead of ephemeral_pubkey