diff --git a/daemon/packets.c b/daemon/packets.c
index e3279fe9a12d..a16c1e104741 100644
--- a/daemon/packets.c
+++ b/daemon/packets.c
@@ -809,7 +809,6 @@ Pkt *accept_pkt_revocation(struct peer *peer, const Pkt *pkt)
 	 * SHA256 hash of `revocation_preimage` matches the previous commitment
 	 * transaction, and MUST fail if it does not.
 	 */
-	/* FIXME: Save preimage in shachain too. */
 	if (!check_preimage(r->revocation_preimage, &ci->revocation_hash))
 		return pkt_err(peer, "complete preimage incorrect");
 
@@ -819,6 +818,9 @@ Pkt *accept_pkt_revocation(struct peer *peer, const Pkt *pkt)
 
 	proto_to_sha256(r->revocation_preimage, ci->revocation_preimage);
 
+	// save revocation preimages in shachain
+	shachain_add_hash(&peer->their_preimages, 0xFFFFFFFFFFFFFFFFL - ci->commit_num, ci->revocation_preimage);
+
 	/* Save next revocation hash. */
 	proto_to_sha256(r->next_revocation_hash,
 			&peer->remote.next_revocation_hash);
diff --git a/daemon/peer.h b/daemon/peer.h
index 01394cd711f9..97c2f5058cfb 100644
--- a/daemon/peer.h
+++ b/daemon/peer.h
@@ -11,6 +11,7 @@
 #include "netaddr.h"
 #include "state.h"
 #include <ccan/crypto/sha256/sha256.h>
+#include <ccan/crypto/shachain/shachain.h>
 #include <ccan/list/list.h>
 #include <ccan/time/time.h>
 
@@ -214,6 +215,9 @@ struct peer {
 
 	/* Stuff we have in common. */
 	struct peer_visible_state local, remote;
+
+	/* this is where we will store their revocation preimages*/
+	struct shachain their_preimages;
 };
 
 void setup_listeners(struct lightningd_state *dstate, unsigned int portnum);
diff --git a/daemon/secrets.c b/daemon/secrets.c
index 74c535d41b9b..7c6135101f76 100644
--- a/daemon/secrets.c
+++ b/daemon/secrets.c
@@ -147,12 +147,15 @@ void peer_secrets_init(struct peer *peer)
 	if (RAND_bytes(peer->secrets->revocation_seed.u.u8,
 		       sizeof(peer->secrets->revocation_seed.u.u8)) != 1)
 		fatal("Could not get random bytes for revocation seed");
+
+	shachain_init(&peer->their_preimages);
 }
 
 void peer_get_revocation_preimage(const struct peer *peer, u64 index,
 				  struct sha256 *preimage)
 {
-	shachain_from_seed(&peer->secrets->revocation_seed, index, preimage);
+	// generate hashes in reverse order, otherwise the first hash gives away everything
+	shachain_from_seed(&peer->secrets->revocation_seed, 0xFFFFFFFFFFFFFFFFL - index, preimage);
 }
 	
 void peer_get_revocation_hash(const struct peer *peer, u64 index,