walletunlocker

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2024 License: MIT Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrUnlockTimeout signals that we did not get the expected unlock
	// message before the timeout occurred.
	ErrUnlockTimeout = errors.New("got no unlock message before timeout")
)

Functions

func DisableLog added in v0.3.3 

func DisableLog()

DisableLog disables all library log output. Logging output is disabled by default until UseLogger is called.

func UseLogger added in v0.3.3 

func UseLogger(logger slog.Logger)

UseLogger uses a specified Logger to output package logging info. This should be used in preference to SetLogWriter if the caller is also using slog.

func ValidatePassword added in v0.2.0 

func ValidatePassword(password []byte) error

ValidatePassword assures the password meets all of our constraints.

Types

type ChannelsToRecover added in v0.2.0 

type ChannelsToRecover struct {
	// PackedMultiChanBackup is an encrypted and serialized multi-channel
	// backup.
	PackedMultiChanBackup chanbackup.PackedMulti

	// PackedSingleChanBackups is a series of encrypted and serialized
	// single-channel backup for one or more channels.
	PackedSingleChanBackups chanbackup.PackedSingles
}

ChannelsToRecover wraps any set of packed (serialized+encrypted) channel back ups together. These can be passed in when unlocking the wallet, or creating a new wallet for the first time with an existing seed.

type UnlockerService 

type UnlockerService struct {
	// InitMsgs is a channel that carries all wallet init messages.
	InitMsgs chan *WalletInitMsg

	// UnlockMsgs is a channel where unlock parameters provided by the rpc
	// client to be used to unlock and decrypt an existing wallet will be
	// sent.
	UnlockMsgs chan *WalletUnlockMsg

	// MacResponseChan is the channel for sending back the admin macaroon to
	// the WalletUnlocker service.
	MacResponseChan chan []byte
	// contains filtered or unexported fields
}

UnlockerService implements the WalletUnlocker service used to provide lnd with a password for wallet encryption at startup. Additionally, during initial setup, users can provide their own source of entropy which will be used to generate the seed that's ultimately used within the wallet.

func New 

func New(chainDir string, params *chaincfg.Params,
	macaroonFiles []string, dbTimeout time.Duration,
	dcrwHost, dcrwCert, dcrwClientKey,
	dcrwClientCert string, dcrwAccount int32) *UnlockerService

New creates and returns a new UnlockerService.

func (*UnlockerService) ChangePassword 

func (u *UnlockerService) ChangePassword(ctx context.Context,
	in *lnrpc.ChangePasswordRequest) (*lnrpc.ChangePasswordResponse, error)

ChangePassword changes the password of the wallet and sends the new password across the UnlockPasswords channel to automatically unlock the wallet if successful.

func (*UnlockerService) GenSeed 

func (u *UnlockerService) GenSeed(_ context.Context,
	in *lnrpc.GenSeedRequest) (*lnrpc.GenSeedResponse, error)

GenSeed is the first method that should be used to instantiate a new lnd instance. This method allows a caller to generate a new aezeed cipher seed given an optional passphrase. If provided, the passphrase will be necessary to decrypt the cipherseed to expose the internal wallet seed.

Once the cipherseed is obtained and verified by the user, the InitWallet method should be used to commit the newly generated seed, and create the wallet.

func (*UnlockerService) InitWallet 

func (u *UnlockerService) InitWallet(ctx context.Context,
	in *lnrpc.InitWalletRequest) (*lnrpc.InitWalletResponse, error)

InitWallet is used when lnd is starting up for the first time to fully initialize the daemon and its internal wallet. At the very least a wallet password must be provided. This will be used to encrypt sensitive material on disk.

In the case of a recovery scenario, the user can also specify their aezeed mnemonic and passphrase. If set, then the daemon will use this prior state to initialize its internal wallet.

Alternatively, this can be used along with the GenSeed RPC to obtain a seed, then present it to the user. Once it has been verified by the user, the seed can be fed into this RPC in order to commit the new wallet.

func (*UnlockerService) LoadAndUnlock added in v0.5.0 

func (u *UnlockerService) LoadAndUnlock(ctx context.Context, password []byte,
	recoveryWindow uint32) (*wallet.Wallet, func() error, error)

LoadAndUnlock creates a loader for the wallet and tries to unlock the wallet with the given password and recovery window. If the drop wallet transactions flag is set, the history state drop is performed before unlocking the wallet yet again.

func (*UnlockerService) SetDB added in v0.5.0 

func (u *UnlockerService) SetDB(db *channeldb.DB)

SetDB sets the DB used for checking that unlocking remote wallets works. This must be called before the service is

func (*UnlockerService) SetLoaderOpts added in v0.5.0 

func (u *UnlockerService) SetLoaderOpts(loaderOpts []walletloader.LoaderOption)

SetLoaderOpts can be used to inject wallet loader options after the unlocker service has been hooked to the main RPC server.

func (*UnlockerService) SetMacaroonDB added in v0.6.0 

func (u *UnlockerService) SetMacaroonDB(macaroonDB kvdb.Backend)

SetMacaroonDB can be used to inject the macaroon database after the unlocker service has been hooked to the main RPC server.

func (*UnlockerService) UnlockWallet 

func (u *UnlockerService) UnlockWallet(ctx context.Context,
	in *lnrpc.UnlockWalletRequest) (*lnrpc.UnlockWalletResponse, error)

UnlockWallet sends the password provided by the incoming UnlockWalletRequest over the UnlockMsgs channel in case it successfully decrypts an existing wallet found in the chain's wallet database directory.

func (*UnlockerService) WalletExists added in v0.5.0 

func (u *UnlockerService) WalletExists() (bool, error)

WalletExists returns whether a wallet exists on the file path the UnlockerService is using.

type WalletInitMsg 

type WalletInitMsg struct {
	// Passphrase is the passphrase that will be used to encrypt the wallet
	// itself. This MUST be at least 8 characters.
	Passphrase []byte

	// WalletSeed is the deciphered cipher seed that the wallet should use
	// to initialize itself. The seed might be nil if the wallet should be
	// created from an extended master root key instead.
	WalletSeed *aezeed.CipherSeed

	// WalletExtendedKey is the wallet's extended master root key that
	// should be used instead of the seed, if non-nil. The extended key is
	// mutually exclusive to the wallet seed, but one of both is always set.
	WalletExtendedKey *hdkeychain.ExtendedKey

	// ExtendedKeyBirthday is the birthday of a wallet that's being restored
	// through an extended key instead of an aezeed.
	ExtendedKeyBirthday time.Time

	// WatchOnlyBirthday is the birthday of the master root key the above
	// watch-only account xpubs were derived from.
	WatchOnlyBirthday time.Time

	// WatchOnlyMasterFingerprint is the fingerprint of the master root key
	// the above watch-only account xpubs were derived from.
	WatchOnlyMasterFingerprint uint32

	// RecoveryWindow is the address look-ahead used when restoring a seed
	// with existing funds. A recovery window zero indicates that no
	// recovery should be attempted, such as after the wallet's initial
	// creation.
	RecoveryWindow uint32

	// ChanBackups a set of static channel backups that should be received
	// after the wallet has been initialized.
	ChanBackups ChannelsToRecover

	// StatelessInit signals that the user requested the daemon to be
	// initialized stateless, which means no unencrypted macaroons should be
	// written to disk.
	StatelessInit bool
}

WalletInitMsg is a message sent by the UnlockerService when a user wishes to set up the internal wallet for the first time. The user MUST provide a passphrase, but is also able to provide their own source of entropy. If provided, then this source of entropy will be used to generate the wallet's HD seed. Otherwise, the wallet will generate one itself.

type WalletUnlockMsg 

type WalletUnlockMsg struct {
	// Passphrase is the passphrase that will be used to encrypt the wallet
	// itself. This MUST be at least 8 characters.
	Passphrase []byte

	// RecoveryWindow is the address look-ahead used when restoring a seed
	// with existing funds. A recovery window zero indicates that no
	// recovery should be attempted, such as after the wallet's initial
	// creation, but before any addresses have been created.
	RecoveryWindow uint32

	// Wallet is the loaded and unlocked Wallet. This is returned through
	// the channel to avoid it being unlocked twice (once to check if the
	// password is correct, here in the WalletUnlocker and again later when
	// lnd actually uses it). Because unlocking involves scrypt which is
	// resource intensive, we want to avoid doing it twice.
	Wallet *wallet.Wallet

	Loader *walletloader.Loader

	// Conn is the connection to a remote wallet when the daemon has been
	// configured to connect to a wallet instead of using the embedded one.
	Conn *grpc.ClientConn

	// ChanBackups a set of static channel backups that should be received
	// after the wallet has been unlocked.
	ChanBackups ChannelsToRecover

	// UnloadWallet is a function for unloading the wallet, which should
	// be called on shutdown.
	UnloadWallet func() error

	// StatelessInit signals that the user requested the daemon to be
	// initialized stateless, which means no unencrypted macaroons should be
	// written to disk.
	StatelessInit bool
}

WalletUnlockMsg is a message sent by the UnlockerService when a user wishes to unlock the internal wallet after initial setup. The user can optionally specify a recovery window, which will resume an interrupted rescan for used addresses.

type WalletUnlockParams added in v0.6.0 

type WalletUnlockParams struct {
	// Password is the public and private wallet passphrase.
	Password []byte

	// Birthday specifies the approximate time that this wallet was created.
	// This is used to bound any rescans on startup.
	Birthday time.Time

	// RecoveryWindow specifies the address lookahead when entering recovery
	// mode. A recovery will be attempted if this value is non-zero.
	RecoveryWindow uint32

	// Wallet is the loaded and unlocked Wallet. This is returned
	// from the unlocker service to avoid it being unlocked twice (once in
	// the unlocker service to check if the password is correct and again
	// later when lnd actually uses it). Because unlocking involves scrypt
	// which is resource intensive, we want to avoid doing it twice.
	Wallet *wallet.Wallet

	// Loader is the wallet loader used to create or open the corresponding
	// wallet.
	Loader *walletloader.Loader

	// Conn is the connection to the remote wallet when that is used
	// instead of an embedded dcrwallet instance.
	Conn *grpc.ClientConn

	// ChansToRestore a set of static channel backups that should be
	// restored before the main server instance starts up.
	ChansToRestore ChannelsToRecover

	// UnloadWallet is a function for unloading the wallet, which should
	// be called on shutdown.
	UnloadWallet func() error

	// StatelessInit signals that the user requested the daemon to be
	// initialized stateless, which means no unencrypted macaroons should be
	// written to disk.
	StatelessInit bool

	// MacResponseChan is the channel for sending back the admin macaroon to
	// the WalletUnlocker service.
	MacResponseChan chan []byte
}

WalletUnlockParams holds the variables used to parameterize the unlocking of lnd's wallet after it has already been created.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.