Author: ZmnSCPxj 2021-12-17 15:06:44
Published on: 2021-12-17T15:06:44+00:00
In a conversation between cdecker and ZmnSCPxj, it was mentioned that the `createinvoice` command does almost what is needed, but requires the preimage and stores the invoice in the database. As a result, a `signfakeinvoice` command is required as they cannot know the preimage at invoice creation time, and their invoice database assumes every invoice has a preimage known and recorded in the database. However, if one has access to the `hsm_secret`, they could sign in the plugin itself without needing `lightningd`. The `lightningd` `hsmd` interface includes commands for invoice signing, and `signfakeinvoice` would essentially just expose that interface. A plugin cannot rely on `hsm_secret` existing because the signer might not be emulated in software, but an actual hardware signer that does not keep the secret keys on the same disk. Hence, `getsharedsecret` was created and exposed to consider a future where the HSM is truly a hardware module.
Updated on: 2023-06-03T07:01:13.277500+00:00