Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

exposesecret: a way to back up the hsm_secret via rpc (if enabled!) #7647

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

exposesecret: a way to back up the hsm_secret via rpc (if enabled!) #7647

wants to merge 4 commits into from

Conversation

rustyrussell
Copy link
Contributor

As co-programmed with @ShahanaFarooqui .

If you set exposesecret-passphrase you can use that to retrieve the hsm_secret using the exposesecret command. It doesn't handle encrypted hsm secrets (if you're prepared type in the secret on every start, you don't want this).

@rustyrussell rustyrussell added this to the v24.11 milestone Sep 6, 2024
niftynei
niftynei reviewed Sep 6, 2024
View reviewed changes
Copy link
Collaborator

@niftynei niftynei left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 8a68385

doc/developers-guide/plugin-development/a-day-in-the-life-of-a-plugin.md
- int: parsed as a signed integer (64-bit)
- flag: no-arg flag option. Presented as `true` if config specifies it.
- `string`: a string
- `string-conceal`: a string which will appear as "..." in `listconfigs`.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

very cool!

@ShahanaFarooqui ShahanaFarooqui force-pushed the guilt/exposesecret-plugin branch 3 times, most recently from 1a44756 to ad422bb Compare September 11, 2024 18:24
@rustyrussell @ShahanaFarooqui
common/hsm_encryption: use const char * for errors.
319d45e 
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell @ShahanaFarooqui
exposesecret: new plugin and command to get hsm_secret.
fd76284 
Being able to back up the hsm_secret is critical, but you cannot do
this through a UI, because of course we do not allow such access.
People have lost funds because they didn't back up.

This allows access to the hsm_secret if you use a password set in the
config file.  (If it's not set, the command does not work).  This is a
compromise, of course.

Changelog-Added: `exposesecret` command for encouraging hsm_secret backups.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell @ShahanaFarooqui
ccan: update to latest version
3f43a1d 
Gives us more room for user bits in opt.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell @ShahanaFarooqui
config: add the ability for plugins to specify that config values sho…
c1f9fa9 
…uld be concealed.

And use it for `exposesecret-passphrase`.  This is probably overly
cautious, but it makes me feel a little better that we won't leak it
to someone with read-only access.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@niftynei niftynei niftynei left review comments

@cdecker cdecker Awaiting requested review from cdecker cdecker is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v24.11
Development

Successfully merging this pull request may close these issues.
2 participants
@rustyrussell @niftynei