Skip to main content

DeriveSharedKey

DeriveSharedKey returns a shared secret key by performing Diffie-Hellman key derivation between the ephemeral public key in the request and the node's key specified in the key_desc parameter. Either a key locator or a raw public key is expected in the key_desc, if neither is supplied, defaults to the node's identity private key: P_shared = privKeyNode * ephemeralPubkey The resulting shared public key is serialized in the compressed format and hashed with sha256, resulting in the final key length of 256bit.

Source: signrpc/signer.proto

gRPC

rpc DeriveSharedKey (SharedKeyRequest) returns (SharedKeyResponse);

REST

HTTP MethodPath
POST /v2/signer/sharedkey

Code Samples

const fs = require('fs');
const grpc = require('@grpc/grpc-js');
const protoLoader = require('@grpc/proto-loader');

const GRPC_HOST = 'localhost:10009'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
const TLS_PATH = 'LND_DIR/tls.cert'

const loaderOptions = {
keepCase: true,
longs: String,
enums: String,
defaults: true,
oneofs: true,
};
const packageDefinition = protoLoader.loadSync(['lightning.proto', 'signrpc/signer.proto'], loaderOptions);
const signrpc = grpc.loadPackageDefinition(packageDefinition).signrpc;
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA';
const tlsCert = fs.readFileSync(TLS_PATH);
const sslCreds = grpc.credentials.createSsl(tlsCert);
const macaroon = fs.readFileSync(MACAROON_PATH).toString('hex');
const macaroonCreds = grpc.credentials.createFromMetadataGenerator(function(args, callback) {
let metadata = new grpc.Metadata();
metadata.add('macaroon', macaroon);
callback(null, metadata);
});
let creds = grpc.credentials.combineChannelCredentials(sslCreds, macaroonCreds);
let client = new signrpc.Signer(GRPC_HOST, creds);
let request = {
ephemeral_pubkey: <bytes>,
key_loc: <KeyLocator>,
key_desc: <KeyDescriptor>,
};
client.deriveSharedKey(request, function(err, response) {
console.log(response);
});
// Console output:
// {
// "shared_key": <bytes>,
// }

Messages

signrpc.SharedKeyRequest

Source: signrpc/signer.proto

FieldgRPC TypeREST TypeREST Placement
ephemeral_pubkey
bytesstringbody
key_locdeprecated
KeyLocatorobjectbody
key_desc
KeyDescriptorobjectbody

signrpc.SharedKeyResponse

Source: signrpc/signer.proto

FieldgRPC TypeREST Type
shared_key
bytesstring

Nested Messages

signrpc.KeyDescriptor

FieldgRPC TypeREST Type
raw_key_bytes
bytesstring
key_loc
KeyLocatorobject

signrpc.KeyLocator

FieldgRPC TypeREST Type
key_family
int32integer
key_index
int32integer