DeriveNextKey

DeriveNextKey attempts to derive the next key within the key family (account in BIP43) specified. This method should return the next external child within this branch.

Source: walletrpc/walletkit.proto

gRPC

rpc DeriveNextKey (KeyReq) returns (KeyDescriptor);

REST

HTTP Method	Path
POST	/v2/wallet/key/next

Code Samples

gRPC

Javascript

const fs = require('fs');
const grpc = require('@grpc/grpc-js');
const protoLoader = require('@grpc/proto-loader');

const GRPC_HOST = 'localhost:10009'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
const TLS_PATH = 'LND_DIR/tls.cert'

const loaderOptions = {
  keepCase: true,
  longs: String,
  enums: String,
  defaults: true,
  oneofs: true,
};
const packageDefinition = protoLoader.loadSync(['lightning.proto', 'walletrpc/walletkit.proto'], loaderOptions);
const walletrpc = grpc.loadPackageDefinition(packageDefinition).walletrpc;
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA';
const tlsCert = fs.readFileSync(TLS_PATH);
const sslCreds = grpc.credentials.createSsl(tlsCert);
const macaroon = fs.readFileSync(MACAROON_PATH).toString('hex');
const macaroonCreds = grpc.credentials.createFromMetadataGenerator(function(args, callback) {
  let metadata = new grpc.Metadata();
  metadata.add('macaroon', macaroon);
  callback(null, metadata);
});
let creds = grpc.credentials.combineChannelCredentials(sslCreds, macaroonCreds);
let client = new walletrpc.WalletKit(GRPC_HOST, creds);
let request = {
  key_finger_print: <int32>,
  key_family: <int32>,
};
client.deriveNextKey(request, function(err, response) {
  console.log(response);
});
// Console output:
//  {
//    "raw_key_bytes": <bytes>,
//    "key_loc": <KeyLocator>,
//  }

Python

import codecs, grpc, os
# Generate the following 2 modules by compiling the walletrpc/walletkit.proto with the grpcio-tools.
# See https://github.com/lightningnetwork/lnd/blob/master/docs/grpc/python.md for instructions.
import walletkit_pb2 as walletrpc, walletkit_pb2_grpc as walletkitstub

GRPC_HOST = 'localhost:10009'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'

# create macaroon credentials
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
def metadata_callback(context, callback):
  callback([('macaroon', macaroon)], None)
auth_creds = grpc.metadata_call_credentials(metadata_callback)
# create SSL credentials
os.environ['GRPC_SSL_CIPHER_SUITES'] = 'HIGH+ECDSA'
cert = open(TLS_PATH, 'rb').read()
ssl_creds = grpc.ssl_channel_credentials(cert)
# combine macaroon and SSL credentials
combined_creds = grpc.composite_channel_credentials(ssl_creds, auth_creds)
# make the request
channel = grpc.secure_channel(GRPC_HOST, combined_creds)
stub = walletkitstub.WalletKitStub(channel)
request = walletrpc.KeyReq(
  key_finger_print=<int32>,
  key_family=<int32>,
)
response = stub.DeriveNextKey(request)
print(response)
# {
#    "raw_key_bytes": <bytes>,
#    "key_loc": <KeyLocator>,
# }

REST

Javascript

const fs = require('fs');
const request = require('request');

const REST_HOST = 'localhost:8080'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'

let requestBody = {
  key_finger_print: <integer>, // <int32> 
  key_family: <integer>, // <int32> 
};
let options = {
  url: `https://${REST_HOST}/v2/wallet/key/next`,
  // Work-around for self-signed certificates.
  rejectUnauthorized: false,
  json: true,
  headers: {
    'Grpc-Metadata-macaroon': fs.readFileSync(MACAROON_PATH).toString('hex'),
  },
  form: JSON.stringify(requestBody),
}
request.post(options, function(error, response, body) {
  console.log(body);
});
// Console output:
//  {
//    "raw_key_bytes": <string>, // <bytes> 
//    "key_loc": <object>, // <KeyLocator> 
//  }

Python

import base64, codecs, json, requests

REST_HOST = 'localhost:8080'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'

url = f'https://{REST_HOST}/v2/wallet/key/next'
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
headers = {'Grpc-Metadata-macaroon': macaroon}
data = {
  'key_finger_print': <int32>,
  'key_family': <int32>,
}
r = requests.post(url, headers=headers, data=json.dumps(data), verify=TLS_PATH)
print(r.json())
# {
#    "raw_key_bytes": <bytes>,
#    "key_loc": <KeyLocator>,
# }

Shell

# There is no CLI command for this RPC

Messages

walletrpc.KeyReq

Source: walletrpc/walletkit.proto

Field	gRPC Type	REST Type	REST Placement
key_finger_print Is the key finger print of the root pubkey that this request is targeting. This allows the WalletKit to possibly serve out keys for multiple HD chains via public derivation.	int32	integer	body
key_family The target key family to derive a key from. In other contexts, this is known as the "account".	int32	integer	body

signrpc.KeyDescriptor

Source: signrpc/signer.proto

Field	gRPC Type	REST Type
raw_key_bytes The raw bytes of the public key in the key pair being identified. Either this or the KeyLocator must be specified.	bytes	string
key_loc The key locator that identifies which private key to use for signing. Either this or the raw bytes of the target public key must be specified.	KeyLocator	object

Nested Messages

signrpc.KeyLocator

Field	gRPC Type	REST Type
key_family The family of key being identified.	int32	integer
key_index The precise index of the key being identified.	int32	integer