SignOutputRaw
SignOutputRaw is a method that can be used to generated a signature for a set of inputs/outputs to a transaction. Each request specifies details concerning how the outputs should be signed, which keys they should be signed with, and also any optional tweaks. The return value is a fixed 64-byte signature (the same format as we use on the wire in Lightning).
If we are unable to sign using the specified keys, then an error will be returned.
Source: signrpc/signer.proto
gRPC
rpc SignOutputRaw (SignReq) returns (SignResp);
REST
HTTP Method | Path |
---|---|
POST | /v2/signer/signraw |
Code Samples
- gRPC
- REST
- Shell
- Javascript
- Python
const fs = require('fs');
const grpc = require('@grpc/grpc-js');
const protoLoader = require('@grpc/proto-loader');
const GRPC_HOST = 'localhost:10009'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
const TLS_PATH = 'LND_DIR/tls.cert'
const loaderOptions = {
keepCase: true,
longs: String,
enums: String,
defaults: true,
oneofs: true,
};
const packageDefinition = protoLoader.loadSync(['lightning.proto', 'signrpc/signer.proto'], loaderOptions);
const signrpc = grpc.loadPackageDefinition(packageDefinition).signrpc;
process.env.GRPC_SSL_CIPHER_SUITES = 'HIGH+ECDSA';
const tlsCert = fs.readFileSync(TLS_PATH);
const sslCreds = grpc.credentials.createSsl(tlsCert);
const macaroon = fs.readFileSync(MACAROON_PATH).toString('hex');
const macaroonCreds = grpc.credentials.createFromMetadataGenerator(function(args, callback) {
let metadata = new grpc.Metadata();
metadata.add('macaroon', macaroon);
callback(null, metadata);
});
let creds = grpc.credentials.combineChannelCredentials(sslCreds, macaroonCreds);
let client = new signrpc.Signer(GRPC_HOST, creds);
let request = {
raw_tx_bytes: <bytes>,
sign_descs: <SignDescriptor>,
prev_outputs: <TxOut>,
};
client.signOutputRaw(request, function(err, response) {
console.log(response);
});
// Console output:
// {
// "raw_sigs": <bytes>,
// }
import codecs, grpc, os
# Generate the following 2 modules by compiling the signrpc/signer.proto with the grpcio-tools.
# See https://github.com/lightningnetwork/lnd/blob/master/docs/grpc/python.md for instructions.
import signer_pb2 as signrpc, signer_pb2_grpc as signerstub
GRPC_HOST = 'localhost:10009'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'
# create macaroon credentials
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
def metadata_callback(context, callback):
callback([('macaroon', macaroon)], None)
auth_creds = grpc.metadata_call_credentials(metadata_callback)
# create SSL credentials
os.environ['GRPC_SSL_CIPHER_SUITES'] = 'HIGH+ECDSA'
cert = open(TLS_PATH, 'rb').read()
ssl_creds = grpc.ssl_channel_credentials(cert)
# combine macaroon and SSL credentials
combined_creds = grpc.composite_channel_credentials(ssl_creds, auth_creds)
# make the request
channel = grpc.secure_channel(GRPC_HOST, combined_creds)
stub = signerstub.SignerStub(channel)
request = signrpc.SignReq(
raw_tx_bytes=<bytes>,
sign_descs=<SignDescriptor>,
prev_outputs=<TxOut>,
)
response = stub.SignOutputRaw(request)
print(response)
# {
# "raw_sigs": <bytes>,
# }
- Javascript
- Python
const fs = require('fs');
const request = require('request');
const REST_HOST = 'localhost:8080'
const MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
let requestBody = {
raw_tx_bytes: <string>, // <bytes> (base64 encoded)
sign_descs: <array>, // <SignDescriptor>
prev_outputs: <array>, // <TxOut>
};
let options = {
url: `https://${REST_HOST}/v2/signer/signraw`,
// Work-around for self-signed certificates.
rejectUnauthorized: false,
json: true,
headers: {
'Grpc-Metadata-macaroon': fs.readFileSync(MACAROON_PATH).toString('hex'),
},
form: JSON.stringify(requestBody),
}
request.post(options, function(error, response, body) {
console.log(body);
});
// Console output:
// {
// "raw_sigs": <array>, // <bytes>
// }
import base64, codecs, json, requests
REST_HOST = 'localhost:8080'
MACAROON_PATH = 'LND_DIR/data/chain/bitcoin/regtest/admin.macaroon'
TLS_PATH = 'LND_DIR/tls.cert'
url = f'https://{REST_HOST}/v2/signer/signraw'
macaroon = codecs.encode(open(MACAROON_PATH, 'rb').read(), 'hex')
headers = {'Grpc-Metadata-macaroon': macaroon}
data = {
'raw_tx_bytes': base64.b64encode(<bytes>),
'sign_descs': <SignDescriptor>,
'prev_outputs': <TxOut>,
}
r = requests.post(url, headers=headers, data=json.dumps(data), verify=TLS_PATH)
print(r.json())
# {
# "raw_sigs": <bytes>,
# }
# There is no CLI command for this RPC
Messages
signrpc.SignReq
Source: signrpc/signer.proto
Field | gRPC Type | REST Type | REST Placement |
---|---|---|---|
raw_tx_bytes | bytes | string | body |
sign_descs | SignDescriptor[] | array | body |
prev_outputs | TxOut[] | array | body |
signrpc.SignResp
Source: signrpc/signer.proto
Field | gRPC Type | REST Type |
---|---|---|
raw_sigs | bytes[] | array |
Nested Messages
signrpc.SignDescriptor
Field | gRPC Type | REST Type |
---|---|---|
key_desc | KeyDescriptor | object |
single_tweak | bytes | string |
double_tweak | bytes | string |
tap_tweak | bytes | string |
witness_script | bytes | string |
output | TxOut | object |
sighash | uint32 | integer |
input_index | int32 | integer |
sign_method | SignMethod | string |
signrpc.KeyDescriptor
Field | gRPC Type | REST Type |
---|---|---|
raw_key_bytes | bytes | string |
key_loc | KeyLocator | object |
signrpc.KeyLocator
Field | gRPC Type | REST Type |
---|---|---|
key_family | int32 | integer |
key_index | int32 | integer |
signrpc.TxOut
Field | gRPC Type | REST Type |
---|---|---|
value | int64 | string |
pk_script | bytes | string |
Enums
signrpc.SignMethod
Name | Number |
---|---|
SIGN_METHOD_WITNESS_V0 | 0 |
SIGN_METHOD_TAPROOT_KEY_SPEND_BIP0086 | 1 |
SIGN_METHOD_TAPROOT_KEY_SPEND | 2 |
SIGN_METHOD_TAPROOT_SCRIPT_SPEND | 3 |