New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hsmtool: add feature to dump private keys #6985
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a couple of comments
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK
I think this PR is ready for review? I left some comments too
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 1b02369
I would like to have a feature in core-lightning to export the private keys used by the on-chain wallet.
This feature would allow to control the funds using a 3rd party software, personally I don't like to have funds that can only be recovered with a single wallet.
Currently core-lightning has a tool to generate the
hsm_secret
from a mnemonic sentence (+ passphrase), but this mechanics is not compliant with BIP39. Thehsm_secret
itself is not even the seed of the BIP32 wallet, and the HD wallet does not use BIP43 purpose derivation for the different types of addresses (wpkh, sh(wpkh), tr) instead a single extended key is used in all three wallets. That said one cannot just put the original mnemonic into another wallet and derive the public and private keys, and neither plughsm_secret
into any other software wallet.For that reason the only thing we can export from core-lightning to recover our HD wallet from another software are the wallet descriptors. One can call
tools/hsmtools dumponchaindescriptors
to perform that task. Unfortunately this will print only the public descriptors and not the private keys.A work-around is to write oneself the code necessary to derive the extended private keys (or the descriptors) for example cln_tools.py that I wrote after a couple of days tinkering.
But I think a functionality like this is needed into core-lightning.
The discussion in #1762 is relevant to this PR.
To-do list: