tlightning network base - electrum - Electrum Bitcoin wallet
HTML git clone https://git.parazyd.org/electrum
DIR Log
DIR Files
DIR Refs
DIR Submodules
---
DIR commit cbf8d4c78141df88e08e088646d949112248838c
DIR parent 094b939a24a0bc0de0c66a023249e9618764a9ab
HTML Author: ThomasV <thomasv@electrum.org>
Date: Tue, 10 Apr 2018 15:53:58 +0200
lightning network base
Diffstat:
A lib/lnbase.py | 240 +++++++++++++++++++++++++++++++
1 file changed, 240 insertions(+), 0 deletions(-)
---
DIR diff --git a/lib/lnbase.py b/lib/lnbase.py
t@@ -0,0 +1,240 @@
+#!/usr/bin/env python3
+"""
+ Lightning network interface for Electrum
+ Derived from https://gist.github.com/AdamISZ/046d05c156aaeb56cc897f85eecb3eb8
+"""
+
+import asyncio
+import sys
+import binascii
+import hashlib
+import hmac
+import cryptography.hazmat.primitives.ciphers.aead as AEAD
+
+from electrum.bitcoin import public_key_from_private_key, ser_to_point, point_to_ser, string_to_number
+from electrum.bitcoin import int_to_hex, bfh, rev_hex
+
+tcp_socket_timeout = 10
+server_response_timeout = 60
+
+def decode(string):
+ """Return the integer value of the
+ bytestring b
+ """
+ if isinstance(string, str):
+ string = bytes(bytearray.fromhex(string))
+ result = 0
+ while len(string) > 0:
+ result *= 256
+ result += string[0]
+ string = string[1:]
+ return result
+
+
+def encode(n, s):
+ """Return a bytestring version of the integer
+ value n, with a string length of s
+ """
+ return bfh(rev_hex(int_to_hex(n, s)))
+
+
+def H256(data):
+ return hashlib.sha256(data).digest()
+
+class HandshakeState(object):
+ prologue = b"lightning"
+ protocol_name = b"Noise_XK_secp256k1_ChaChaPoly_SHA256"
+ handshake_version = b"\x00"
+ def __init__(self, responder_pub):
+ self.responder_pub = responder_pub
+ self.h = H256(self.protocol_name)
+ self.ck = self.h
+ self.update(self.prologue)
+ self.update(self.responder_pub)
+
+ def update(self, data):
+ self.h = H256(self.h + data)
+ return self.h
+
+def get_nonce_bytes(n):
+ """BOLT 8 requires the nonce to be 12 bytes, 4 bytes leading
+ zeroes and 8 bytes little endian encoded 64 bit integer.
+ """
+ nb = b"\x00"*4
+ #Encode the integer as an 8 byte byte-string
+ nb2 = encode(n, 8)
+ nb2 = bytearray(nb2)
+ #Little-endian is required here
+ nb2.reverse()
+ return nb + nb2
+
+def aead_encrypt(k, nonce, associated_data, data):
+ nonce_bytes = get_nonce_bytes(nonce)
+ a = AEAD.ChaCha20Poly1305(k)
+ return a.encrypt(nonce_bytes, data, associated_data)
+
+def aead_decrypt(k, nonce, associated_data, data):
+ nonce_bytes = get_nonce_bytes(nonce)
+ a = AEAD.ChaCha20Poly1305(k)
+ #raises InvalidTag exception if it's not valid
+ return a.decrypt(nonce_bytes, data, associated_data)
+
+def get_bolt8_hkdf(salt, ikm):
+ """RFC5869 HKDF instantiated in the specific form
+ used in Lightning BOLT 8:
+ Extract and expand to 64 bytes using HMAC-SHA256,
+ with info field set to a zero length string as per BOLT8
+ Return as two 32 byte fields.
+ """
+ #Extract
+ prk = hmac.new(salt, msg=ikm, digestmod=hashlib.sha256).digest()
+ assert len(prk) == 32
+ #Expand
+ info = b""
+ T0 = b""
+ T1 = hmac.new(prk, T0 + info + b"\x01", digestmod=hashlib.sha256).digest()
+ T2 = hmac.new(prk, T1 + info + b"\x02", digestmod=hashlib.sha256).digest()
+ assert len(T1 + T2) == 64
+ return T1, T2
+
+def get_ecdh(priv, pub):
+ s = string_to_number(priv)
+ pk = ser_to_point(pub)
+ pt = point_to_ser(pk * s)
+ return H256(pt)
+
+def act1_initiator_message(hs, my_privkey):
+ #Get a new ephemeral key
+ epriv, epub = create_ephemeral_key(my_privkey)
+ hs.update(epub)
+ ss = get_ecdh(epriv, hs.responder_pub)
+ ck2, temp_k1 = get_bolt8_hkdf(hs.ck, ss)
+ hs.ck = ck2
+ c = aead_encrypt(temp_k1, 0, hs.h, b"")
+ #for next step if we do it
+ hs.update(c)
+ msg = hs.handshake_version + epub + c
+ assert len(msg) == 50
+ return msg
+
+def privkey_to_pubkey(priv):
+ pub = public_key_from_private_key(priv[:32], True)
+ return bytes.fromhex(pub)
+
+def create_ephemeral_key(privkey):
+ pub = privkey_to_pubkey(privkey)
+ return (privkey[:32], pub)
+
+def process_message(message):
+ print("Received %d bytes: "%len(message), binascii.hexlify(message))
+
+def send_message(writer, msg, sk, sn):
+ print("Sending %d bytes: "%len(msg), binascii.hexlify(msg))
+ l = encode(len(msg), 2)
+ lc = aead_encrypt(sk, sn, b'', l)
+ c = aead_encrypt(sk, sn+1, b'', msg)
+ assert len(lc) == 18
+ assert len(c) == len(msg) + 16
+ writer.write(lc+c)
+
+
+async def read_message(reader, rk, rn):
+ rspns = b''
+ while True:
+ rspns += await reader.read(2**10)
+ print("buffer %d bytes:"%len(rspns), binascii.hexlify(rspns))
+ lc = rspns[:18]
+ l = aead_decrypt(rk, rn, b'', lc)
+ length = decode(l)
+ if len(rspns) < 18 + length + 16:
+ continue
+ c = rspns[18:18 + length + 16]
+ msg = aead_decrypt(rk, rn+1, b'', c)
+ return msg
+
+
+
+async def main_loop(my_privkey, host, port, pubkey, loop):
+ reader, writer = await asyncio.open_connection(host, port, loop=loop)
+
+ hs = HandshakeState(pubkey)
+ msg = act1_initiator_message(hs, my_privkey)
+
+ # handshake act 1
+ writer.write(msg)
+ rspns = await reader.read(2**10)
+ assert len(rspns) == 50
+ hver, alice_epub, tag = rspns[0], rspns[1:34], rspns[34:]
+ assert bytes([hver]) == hs.handshake_version
+
+ # handshake act 2
+ hs.update(alice_epub)
+ myepriv, myepub = create_ephemeral_key(my_privkey)
+ ss = get_ecdh(myepriv, alice_epub)
+ ck, temp_k2 = get_bolt8_hkdf(hs.ck, ss)
+ hs.ck = ck
+ p = aead_decrypt(temp_k2, 0, hs.h, tag)
+ hs.update(tag)
+
+ # handshake act 3
+ my_pubkey = privkey_to_pubkey(my_privkey)
+ c = aead_encrypt(temp_k2, 1, hs.h, my_pubkey)
+ hs.update(c)
+ ss = get_ecdh(my_privkey[:32], alice_epub)
+ ck, temp_k3 = get_bolt8_hkdf(hs.ck, ss)
+ hs.ck = ck
+ t = aead_encrypt(temp_k3, 0, hs.h, b'')
+ sk, rk = get_bolt8_hkdf(hs.ck, b'')
+ msg = hs.handshake_version + c + t
+ writer.write(msg)
+
+ # init counters
+ sn = 0
+ rn = 0
+
+ # read init
+ msg = await read_message(reader, rk, rn)
+ process_message(msg)
+ rn += 2
+
+ # send init
+ init_msg = encode(16, 2) + encode(0, 2) +encode(0,2)
+ send_message(writer, init_msg, sk, sn)
+ sn += 2
+
+ # send ping
+ msg_type = 18
+ num_pong_bytes = 4
+ byteslen = 4
+ ping_msg = encode(msg_type, 2) + encode(num_pong_bytes, 2) + encode(byteslen, 2) + b'\x00'*byteslen
+ send_message(writer, ping_msg, sk, sn)
+ sn += 2
+
+ # read pong
+ msg = await read_message(reader, rk, rn)
+ process_message(msg)
+ rn += 2
+
+ # close socket
+ writer.close()
+
+
+
+
+node_list = [
+ ('ecdsa.net', '9735', '038370f0e7a03eded3e1d41dc081084a87f0afa1c5b22090b4f3abb391eb15d8ff'),
+ ('77.58.162.148', '9735', '022bb78ab9df617aeaaf37f6644609abb7295fad0c20327bccd41f8d69173ccb49')
+ ]
+
+
+if __name__ == "__main__":
+ if len(sys.argv) > 1:
+ host, port, pubkey = sys.argv[1:4]
+ else:
+ host, port, pubkey = node_list[0]
+ pubkey = binascii.unhexlify(pubkey)
+ port = int(port)
+ privkey = b"\x21"*32 + b"\x01"
+ loop = asyncio.get_event_loop()
+ loop.run_until_complete(main_loop(privkey, host, port, pubkey, loop))
+ loop.close()