MuSig2CreateSession
MuSig2CreateSession (experimental!) creates a new MuSig2 signing session using the local key identified by the key locator. The complete list of all public keys of all signing parties must be provided, including the public key of the local signing key. If nonces of other parties are already known, they can be submitted as well to reduce the number of RPC calls necessary later on.
NOTE: The MuSig2 BIP is not final yet and therefore this API must be considered to be HIGHLY EXPERIMENTAL and subject to change in upcoming releases. Backward compatibility is not guaranteed!
Source: signrpc/signer.proto
gRPC
rpc MuSig2CreateSession (MuSig2SessionRequest) returns (MuSig2SessionResponse);
REST
HTTP Method | Path |
---|---|
POST | /v2/signer/musig2/createsession |
Code Samples
- gRPC
- REST
- Shell
- Javascript
- Python
const fs = require('fs');
const grpc = require('@grpc/grpc-js');
const protoLoader = require('@grpc/proto-loader');
const GRPC_HOST = 'localhost:10009'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
const TLS_PATH = 'LND_DIR/tls.cert'
const loaderOptions = {
keepCase: true,
longs: String,
enums: String,
defaults: true,
oneofs: true,
};
const packageDefinition = protoLoader.loadSync(['lightning.proto', 'signrpc/signer.proto'], loaderOptions);
const signrpc = grpc.loadPackageDefinition(packageDefinition).signrpc;
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA';
const tlsCert = fs.readFileSync(TLS_PATH);
const sslCreds = grpc.credentials.createSsl(tlsCert);
const macaroon = fs.readFileSync(MACAROON_PATH).toString('hex');
const macaroonCreds = grpc.credentials.createFromMetadataGenerator(function(args, callback) {
let metadata = new grpc.Metadata();
metadata.add('macaroon', macaroon);
callback(null, metadata);
});
let creds = grpc.credentials.combineChannelCredentials(sslCreds, macaroonCreds);
let client = new signrpc.Signer(GRPC_HOST, creds);
let request = {
key_loc: <KeyLocator>,
all_signer_pubkeys: <bytes>,
other_signer_public_nonces: <bytes>,
tweaks: <TweakDesc>,
taproot_tweak: <TaprootTweakDesc>,
};
client.muSig2CreateSession(request, function(err, response) {
console.log(response);
});
// Console output:
// {
// "session_id": <bytes>,
// "combined_key": <bytes>,
// "taproot_internal_key": <bytes>,
// "local_public_nonces": <bytes>,
// "have_all_nonces": <bool>,
// }
import codecs, grpc, os
# Generate the following 2 modules by compiling the signrpc/signer.proto with the grpcio-tools.
# See https://github.com/lightningnetwork/lnd/blob/master/docs/grpc/python.md for instructions.
import signer_pb2 as signrpc, signer_pb2_grpc as signerstub
GRPC_HOST = 'localhost:10009'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'
# create macaroon credentials
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
def metadata_callback(context, callback):
callback([('macaroon', macaroon)], None)
auth_creds = grpc.metadata_call_credentials(metadata_callback)
# create SSL credentials
os.environ['GRPC_SSL_CIPHER_SUITES'] = 'HIGH+ECDSA'
cert = open(TLS_PATH, 'rb').read()
ssl_creds = grpc.ssl_channel_credentials(cert)
# combine macaroon and SSL credentials
combined_creds = grpc.composite_channel_credentials(ssl_creds, auth_creds)
# make the request
channel = grpc.secure_channel(GRPC_HOST, combined_creds)
stub = signerstub.SignerStub(channel)
request = signrpc.MuSig2SessionRequest(
key_loc=<KeyLocator>,
all_signer_pubkeys=<bytes>,
other_signer_public_nonces=<bytes>,
tweaks=<TweakDesc>,
taproot_tweak=<TaprootTweakDesc>,
)
response = stub.MuSig2CreateSession(request)
print(response)
# {
# "session_id": <bytes>,
# "combined_key": <bytes>,
# "taproot_internal_key": <bytes>,
# "local_public_nonces": <bytes>,
# "have_all_nonces": <bool>,
# }
- Javascript
- Python
const fs = require('fs');
const request = require('request');
const REST_HOST = 'localhost:8080'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
let requestBody = {
key_loc: <object>, // <KeyLocator>
all_signer_pubkeys: <array>, // <bytes> (base64 encoded)
other_signer_public_nonces: <array>, // <bytes> (base64 encoded)
tweaks: <array>, // <TweakDesc>
taproot_tweak: <object>, // <TaprootTweakDesc>
};
let options = {
url: `https://${REST_HOST}/v2/signer/musig2/createsession`,
// Work-around for self-signed certificates.
rejectUnauthorized: false,
json: true,
headers: {
'Grpc-Metadata-macaroon': fs.readFileSync(MACAROON_PATH).toString('hex'),
},
form: JSON.stringify(requestBody),
}
request.post(options, function(error, response, body) {
console.log(body);
});
// Console output:
// {
// "session_id": <string>, // <bytes>
// "combined_key": <string>, // <bytes>
// "taproot_internal_key": <string>, // <bytes>
// "local_public_nonces": <string>, // <bytes>
// "have_all_nonces": <boolean>, // <bool>
// }
import base64, codecs, json, requests
REST_HOST = 'localhost:8080'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'
url = f'https://{REST_HOST}/v2/signer/musig2/createsession'
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
headers = {'Grpc-Metadata-macaroon': macaroon}
data = {
'key_loc': <KeyLocator>,
'all_signer_pubkeys': base64.b64encode(<bytes>),
'other_signer_public_nonces': base64.b64encode(<bytes>),
'tweaks': <TweakDesc>,
'taproot_tweak': <TaprootTweakDesc>,
}
r = requests.post(url, headers=headers, data=json.dumps(data), verify=TLS_PATH)
print(r.json())
# {
# "session_id": <bytes>,
# "combined_key": <bytes>,
# "taproot_internal_key": <bytes>,
# "local_public_nonces": <bytes>,
# "have_all_nonces": <bool>,
# }
# There is no CLI command for this RPC
Messages
signrpc.MuSig2SessionRequest
Source: signrpc/signer.proto
Field | gRPC Type | REST Type | REST Placement |
---|---|---|---|
key_loc | KeyLocator | object | body |
all_signer_pubkeys | bytes[] | array | body |
other_signer_public_nonces | bytes[] | array | body |
tweaks | TweakDesc[] | array | body |
taproot_tweak | TaprootTweakDesc | object | body |
signrpc.MuSig2SessionResponse
Source: signrpc/signer.proto
Field | gRPC Type | REST Type |
---|---|---|
session_id | bytes | string |
combined_key | bytes | string |
taproot_internal_key | bytes | string |
local_public_nonces | bytes | string |
have_all_nonces | bool | boolean |
Nested Messages
signrpc.KeyLocator
Field | gRPC Type | REST Type |
---|---|---|
key_family | int32 | integer |
key_index | int32 | integer |
signrpc.TweakDesc
Field | gRPC Type | REST Type |
---|---|---|
tweak | bytes | string |
is_x_only | bool | boolean |
signrpc.TaprootTweakDesc
Field | gRPC Type | REST Type |
---|---|---|
script_root | bytes | string |
key_spend_only | bool | boolean |