BOLT 3 : remove localpubkey and remote_delayedpubkey references

03-transactions.md

@@ -22,7 +22,7 @@ This details the exact format of on-chain transactions, which both sides need to
         * [Fee Payment](#fee-payment)
   * [Keys](#keys)
     * [Key Derivation](#key-derivation)
-        * [`localpubkey`, `remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, `local_delayedpubkey`, and `remote_delayedpubkey` Derivation](#localpubkey-remotepubkey-local_htlcpubkey-remote_htlcpubkey-local_delayedpubkey-and-remote_delayedpubkey-derivation)
+        * [`remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, and `local_delayedpubkey` Derivation](#remotepubkey-local_htlcpubkey-remote_htlcpubkey-and-local_delayedpubkey-derivation)
         * [`revocationpubkey` Derivation](#revocationpubkey-derivation)
         * [Per-commitment Secret Requirements](#per-commitment-secret-requirements)
     * [Efficient Per-commitment Secret Storage](#efficient-per-commitment-secret-storage)
@@ -411,7 +411,8 @@ committed HTLCs:
 
 ## Key Derivation
 
-Each commitment transaction uses a unique set of keys: `localpubkey` and `remotepubkey`.
+Each commitment transaction uses a unique set of keys: `local_delayedpubkey`, `remote_htlcpubkey`,
+`local_htlcpubkey`, `remotepubkey` .
 The HTLC-success and HTLC-timeout transactions use `local_delayedpubkey` and `revocationpubkey`.
 These are changed for every transaction based on the `per_commitment_point`.
 
@@ -426,11 +427,9 @@ avoid storage of every commitment transaction, a _watcher_ can be given the
 the scripts required for the penalty transaction; thus, a _watcher_ need only be
 given (and store) the signatures for each penalty input.
 
-Changing the `localpubkey` and `remotepubkey` every time ensures that commitment
+Changing the set of keys`every time ensures that commitment
 transaction ID cannot be guessed; every commitment transaction uses an ID
-in its output script. Splitting the `local_delayedpubkey`, which is required for
-the penalty transaction, allows it to be shared with the _watcher_ without
-revealing `localpubkey`; even if both peers use the same _watcher_, nothing is revealed.
+in its output script. 
 
 Finally, even in the case of normal unilateral close, the HTLC-success
 and/or HTLC-timeout transactions do not reveal anything to the
@@ -441,21 +440,19 @@ For efficiency, keys are generated from a series of per-commitment secrets
 that are generated from a single seed, which allows the receiver to compactly
 store them (see [below](#efficient-per-commitment-secret-storage)).
 
-### `localpubkey`, `remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, `local_delayedpubkey`, and `remote_delayedpubkey` Derivation
+### ``remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, and `local_delayedpubkey`Derivation
 
 These pubkeys are simply generated by addition from their base points:
 
 	pubkey = basepoint + SHA256(per_commitment_point || basepoint) * G
 
-The `localpubkey` uses the local node's `payment_basepoint`;
 the `remotepubkey` uses the remote node's `payment_basepoint`;
 the `local_htlcpubkey` uses the local node's `htlc_basepoint`;
 the `remote_htlcpubkey` uses the remote node's `htlc_basepoint`;
-the `local_delayedpubkey` uses the local node's `delayed_payment_basepoint`;
-and the `remote_delayedpubkey` uses the remote node's `delayed_payment_basepoint`.
+and the `local_delayedpubkey` uses the local node's `delayed_payment_basepoint`;
 
 The corresponding private keys can be similarly derived, if the basepoint
-secrets are known (i.e. the private keys corresponding to `localpubkey`, `local_htlcpubkey`, and `local_delayedpubkey` only):
+secrets are known (i.e. the private keys corresponding to `local_htlcpubkey`, and `local_delayedpubkey` only):
 
     privkey = basepoint_secret + SHA256(per_commitment_point || basepoint)
 
@@ -708,8 +705,8 @@ The *expected weight* of an HTLC transaction is calculated as follows:
         - OP_EQUALVERIFY: 1 byte
         - 2: 1 byte
         - OP_SWAP: 1 byte
-		- OP_DATA: 1 byte (localpubkey length)
-		- localpubkey: 33 bytes
+		- OP_DATA: 1 byte (local_htlcpubkey length)
+		- local_htlcpubkey: 33 bytes
         - 2: 1 byte
         - OP_CHECKMULTISIG: 1 byte
         - OP_ELSE: 1 byte
@@ -742,8 +739,8 @@ The *expected weight* of an HTLC transaction is calculated as follows:
 		- OP_DROP: 1 byte
 		- 2: 1 byte
 		- OP_SWAP: 1 byte
-		- OP_DATA: 1 byte (localpubkey length)
-		- localpubkey: 33 bytes
+		- OP_DATA: 1 byte (local_htlcpubkey length)
+		- local_htlcpubkey: 33 bytes
 		- 2: 1 byte
 		- OP_CHECKMULTISIG: 1 byte
 		- OP_ELSE: 1 byte
@@ -921,7 +918,6 @@ And, here are the keys needed to create the transactions:
     local_funding_pubkey: 023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb
     remote_funding_pubkey: 030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c1
     local_privkey: bb13b121cdc357cd2e608b0aea294afca36e2b34cf958e2e6451a2f27469449101
-    localpubkey: 030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e7
     remotepubkey: 0394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b
     local_delayedpubkey: 03fd5960528dc152014952efdb702a88f71e3c1653b2314431701ec77e57fde83c
     local_revocation_pubkey: 0212a140cd0c6539d07cd08dfe09984dec3251ea808b892efeac3ede9402bf2b19
@@ -1501,8 +1497,7 @@ seeded with `0x000...00`.
 
 # Appendix E: Key Derivation Test Vectors
 
-These test the derivation for `localpubkey`, `remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, `local_delayedpubkey`, and
-`remote_delayedpubkey` (which use the same formula), as well as the `revocationpubkey`.
+These test the derivation for `remotepubkey`, `local_htlcpubkey`, `remote_htlcpubkey`, and `local_delayedpubkey` (which use the same formula), as well as the `revocationpubkey`.
 
 All of them use the following secrets (and thus the derived points):
 
@@ -1511,22 +1506,6 @@ All of them use the following secrets (and thus the derived points):
     base_point: 0x036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2
     per_commitment_point: 0x025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486
 
-    name: derivation of pubkey from basepoint and per_commitment_point
-    # SHA256(per_commitment_point || basepoint)
-    # => SHA256(0x025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486 || 0x036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2)
-    # = 0xcbcdd70fcfad15ea8e9e5c5a12365cf00912504f08ce01593689dd426bca9ff0
-    # + basepoint (0x036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2)
-    # = 0x0235f2dbfaa89b57ec7b055afe29849ef7ddfeb1cefdb9ebdc43f5494984db29e5
-    localpubkey: 0x0235f2dbfaa89b57ec7b055afe29849ef7ddfeb1cefdb9ebdc43f5494984db29e5
-
-    name: derivation of private key from basepoint secret and per_commitment_secret
-	# SHA256(per_commitment_point || basepoint)
-    # => SHA256(0x025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486 || 0x036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2)
-    # = 0xcbcdd70fcfad15ea8e9e5c5a12365cf00912504f08ce01593689dd426bca9ff0
-    # + basepoint_secret (0x000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f)
-    # = 0xcbced912d3b21bf196a766651e436aff192362621ce317704ea2f75d87e7be0f
-    localprivkey: 0xcbced912d3b21bf196a766651e436aff192362621ce317704ea2f75d87e7be0f
-
     name: derivation of revocation pubkey from basepoint and per_commitment_point
     # SHA256(revocation_basepoint || per_commitment_point)
     # => SHA256(0x036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2 || 0x025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486)