hsjoberg
commented
4 years ago Maybe a flag would work for this? And defaulting to current behavior
Closed michaelWuensch closed 2 years ago
hsjoberg
commented
4 years ago Maybe a flag would work for this? And defaulting to current behavior
hsjoberg
commented
4 years ago I've been conducting some tests and just skipping the hashing on line 450,451 and just using in.Msg to SignDigest works and can be used with lnurl-auth. I'm working on code adding a simple flag.
I'm still unsure what exactly "LN wire format" means in the context of a signature, but I'm getting the exact same bytes as my own implementation when deriving a private key and doing all the signing in my application.
Roasbeef
commented
2 years ago This should be possible now with the changes in: https://github.com/lightningnetwork/lnd/pull/5689
Background
I want to implement LNURL-auth. For it to work a challenge (k1) has to be signed. The service where you want to authenticate verifies that you have provided a valid signature and logs you in if it was valid.
The problem is that LNURL-auth spec requires to verify the signature for k1, while LND creates the signature for sha256(k1). Therefore the signature validation fails and it is currently not possible to implement LNURL-auth with LND.
Can we have an additional boolean parameter for the sign command to specify whether to sign the hash of the message or the message directly? And have this exposed to gRPC?
For LNURL-auth specs please see here: https://github.com/btcontract/lnurl-rfc/blob/master/lnurl-auth.md