lightningd: remove getsharedsecret.

This was introduced to allow creating a shared secret, but it's better to use makesecret which creates unique secrets. getsharedsecret being a generic ECDH function allows the caller to initiate conversations as if it was us; this is generally OK, since we don't allow untrusted API access, but the commando plugin had to blacklist this for read-only runes explicitly. Since @ZmnSCPxj never ended up using this after introducing it, simply remove it. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Changelog-Removed: JSONRPC: `getsharedsecret` API: use `makesecret`
ElementsProject · Jul 15, 2022 · b658d29 · b658d29
1 parent b9d3a98
commit b658d29
Show file tree

Hide file tree

Showing 8 changed files with 0 additions and 180 deletions.
diff --git a/contrib/msggen/msggen/utils/utils.py b/contrib/msggen/msggen/utils/utils.py
@@ -93,7 +93,6 @@ def load_jsonrpc_service(schema_dir: str = None):
         # "funderupdate",
         # "getlog",
         "GetRoute",
-        # "getsharedsecret",
         "ListForwards",
         # "listoffers",
         "ListPays",

diff --git a/contrib/pyln-client/pyln/client/lightning.py b/contrib/pyln-client/pyln/client/lightning.py
@@ -1442,18 +1442,6 @@ def checkmessage(self, message, zbase, pubkey=None):
         }
         return self.call("checkmessage", payload)
 
-    def getsharedsecret(self, point, **kwargs):
-        """
-        Compute the hash of the Elliptic Curve Diffie Hellman shared
-        secret point from this node private key and an
-        input {point}.
-        """
-        payload = {
-            "point": point
-        }
-        payload.update({k: v for k, v in kwargs.items()})
-        return self.call("getsharedsecret", payload)
-
     def keysend(self, destination, amount_msat=None, label=None, maxfeepercent=None,
                 retry_for=None, maxdelay=None, exemptfee=None,
                 extratlvs=None, msatoshi=None):

diff --git a/doc/Makefile b/doc/Makefile
@@ -34,7 +34,6 @@ MANPAGES := doc/lightning-cli.1 \
 	doc/lightning-funderupdate.7 \
 	doc/lightning-fundpsbt.7 \
 	doc/lightning-getroute.7 \
-	doc/lightning-getsharedsecret.7 \
 	doc/lightning-hsmtool.8 \
 	doc/lightning-invoice.7 \
 	doc/lightning-keysend.7 \

diff --git a/doc/index.rst b/doc/index.rst
@@ -59,7 +59,6 @@ Core Lightning Documentation
    lightning-getinfo <lightning-getinfo.7.md>
    lightning-getlog <lightning-getlog.7.md>
    lightning-getroute <lightning-getroute.7.md>
-   lightning-getsharedsecret <lightning-getsharedsecret.7.md>
    lightning-help <lightning-help.7.md>
    lightning-hsmtool <lightning-hsmtool.8.md>
    lightning-invoice <lightning-invoice.7.md>

diff --git a/doc/lightning-getsharedsecret.7.md b/doc/lightning-getsharedsecret.7.md
diff --git a/doc/schemas/getsharedsecret.schema.json b/doc/schemas/getsharedsecret.schema.json
diff --git a/lightningd/hsm_control.c b/lightningd/hsm_control.c
@@ -128,26 +128,6 @@ struct ext_key *hsm_init(struct lightningd *ld)
 	return bip32_base;
 }
 
-static struct command_result *json_getsharedsecret(struct command *cmd,
-					   const char *buffer,
-					   const jsmntok_t *obj UNNEEDED,
-					   const jsmntok_t *params)
-{
-	struct pubkey *point;
-	struct secret ss;
-	struct json_stream *response;
-
-	if (!param(cmd, buffer, params,
-		   p_req("point", &param_pubkey, &point),
-		   NULL))
-		return command_param_failed();
-
-	ecdh(point, &ss);
-	response = json_stream_success(cmd);
-	json_add_secret(response, "shared_secret", &ss);
-	return command_success(cmd, response);
-}
-
 static struct command_result *json_makesecret(struct command *cmd,
 					   const char *buffer,
 					   const jsmntok_t *obj UNNEEDED,
@@ -186,12 +166,3 @@ static const struct json_command makesecret_command = {
 	"Get a pseudorandom secret key, using some {hex} data."
 };
 AUTODATA(json_command, &makesecret_command);
-
-static const struct json_command getsharedsecret_command = {
-	"getsharedsecret",
-	"utility", /* FIXME: Or "crypto"?  */
-	&json_getsharedsecret,
-	"Compute the hash of the Elliptic Curve Diffie Hellman shared secret point from "
-	"this node private key and an input {point}."
-};
-AUTODATA(json_command, &getsharedsecret_command);
diff --git a/tests/test_misc.py b/tests/test_misc.py
@@ -2245,32 +2245,6 @@ def test_sendcustommsg(node_factory):
     ])
 
 
-@pytest.mark.developer("needs --dev-force-privkey")
-def test_getsharedsecret(node_factory):
-    """
-    Test getsharedsecret command.
-    """
-    # From BOLT 8 test vectors.
-    options = [
-        {"dev-force-privkey": "1212121212121212121212121212121212121212121212121212121212121212"},
-        {}
-    ]
-    l1, l2 = node_factory.get_nodes(2, opts=options)
-
-    # Check BOLT 8 test vectors.
-    shared_secret = l1.rpc.getsharedsecret("028d7500dd4c12685d1f568b4c2b5048e8534b873319f3a8daa612b469132ec7f7")['shared_secret']
-    assert (shared_secret == "1e2fb3c8fe8fb9f262f649f64d26ecf0f2c0a805a767cf02dc2d77a6ef1fdcc3")
-
-    # Clear the forced privkey of l1.
-    del l1.daemon.opts["dev-force-privkey"]
-    l1.restart()
-
-    # l1 and l2 can generate the same shared secret
-    # knowing only the public key of the other.
-    assert (l1.rpc.getsharedsecret(l2.info["id"])["shared_secret"]
-            == l2.rpc.getsharedsecret(l1.info["id"])["shared_secret"])
-
-
 @pytest.mark.developer("needs --dev-force-privkey")
 def test_makesecret(node_factory):
     """