UNPKG

paid-services

Version:

Lightning Paid Services library

github.com/alexbosworth/paid-services

alexbosworth/paid-services

101 lines (81 loc) 2.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
const {createDecipheriv} = require('crypto'); const asyncAuto = require('async/auto'); const {diffieHellmanComputeSecret} = require('ln-service'); const {getIdentity} = require('ln-service'); const {returnResult} = require('asyncjs-util'); const algorithm = 'aes-256-gcm'; const bufferAsHex = buffer => buffer.toString('hex'); const hexAsBuffer = hex => Buffer.from(hex, 'hex'); const iv = Buffer.alloc(16, 0); /** Decrypt a trade with a secret preimage { auth: <Auth Tag Hex String> from: <Trading With Node Id Public Key Hex String> lnd: <Authenticated LND API Object> payload: <Encrypted Data Hex String> secret: <Preimage Hex String> } @returns via cbk or Promise { plain: <Plain Decrypted Secret Hex String> } */ module.exports = ({auth, from, lnd, payload, secret}, cbk) => { return new Promise((resolve, reject) => { return asyncAuto({ // Check arguments validate: cbk => { if (!auth) { return cbk([400, 'ExpectedAuthToDecryptTradeSecret']); } if (!from) { return cbk([400, 'ExpectedFromTradingNodeIdToDecryptTradeSecret']); } if (!lnd) { return cbk([400, 'ExpectedAuthenticatedLndToDecryptTradeSecret']); } if (!payload) { return cbk([400, 'ExpectedTradePayloadToDecryptTradeSecret']); } if (!secret) { return cbk([400, 'ExpectedTradeUnlockKeyToDecryptTradeSecret']); } return cbk(); }, // Get identity public key getId: ['validate', ({}, cbk) => getIdentity({lnd}, cbk)], // Compute a shared secret with the trading partner computeSharedSecret: ['validate', ({}, cbk) => { return diffieHellmanComputeSecret({ lnd, partner_public_key: from, }, cbk); }], // Combine the shared secret with a payment preimage for the final secret key: ['computeSharedSecret', ({computeSharedSecret}, cbk) => { const paidSecret = hexAsBuffer(secret); const key = hexAsBuffer(computeSharedSecret.secret); // Combine the shared secret with the payment preimage for (let i = 0; i < key.length; ++i) { key[i] = key[i] ^ paidSecret[i]; } return cbk(null, key); }], // Decrypt the payload decryptPayload: ['key', ({key}, cbk) => { const decipher = createDecipheriv(algorithm, key, iv); const encrypted = hexAsBuffer(payload); decipher.setAuthTag(hexAsBuffer(auth)); // Try decrypting using the unlock key try { const elements = [decipher.update(encrypted), decipher.final()]; return cbk(null, {plain: bufferAsHex(Buffer.concat(elements))}); } catch (err) { return cbk([503, 'FailedToDecryptEncryptedTradePayload', {err}]); } }], }, returnResult({reject, resolve, of: 'decryptPayload'}, cbk)); }); };