[c-lightning] Policy signer PoC

Devrandom c1.devrandom at niftybox.net
Fri Dec 13 09:04:14 AEDT 2019


Hi all,

Ken Sedgwick and I have been looking at securing Lightning nodes.  Our goal
is to extract the signing operation (and other secret handling) to a policy
signer, which can then be implemented in a dedicated hardware device - such
as a secure element.  The policy signer would be able to defend against
theft even if the node itself is completely compromised.

We wrote an article about this idea here:
https://medium.com/@devrandom/securing-lightning-nodes-39410747734b

We also implemented a proof-of-concept.  The PoC is currently based on
c-lightning, because the hsmd abstraction in that implementation is very
suitable for this purpose.

More about the PoC, with pointers to the software, is available here:
https://gitlab.com/ksedgwic/liposig/wikis/Lightning-Policy-Signing-PoC

We would like your feedback about this approach. We'd like to complete this
reference implementation and create the relevant hooks in major Lightning
implementations.  This way policy signer implementations could be created
for different target hardware and integrated with node software.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/c-lightning/attachments/20191212/fe7cc42c/attachment.htm>


More information about the c-lightning mailing list