assets: implement asset deposit key reveal

bhandras · bhandras · commit b017b499837e · 2025-08-17T15:13:45.000+02:00
With this commit, the client can now reveal the keys of asset
deposits to the server. This allows the server to sweep the
deposits as needed, without requiring further interaction with
the client.
diff --git a/assets/deposit/manager.go b/assets/deposit/manager.go
@@ -1171,3 +1171,76 @@ func (m *Manager) publishPendingWithdrawals(ctx context.Context) error {
 
 	return nil
 }
+
+// RevealDepositKeys reveals the internal keys for the given deposit IDs to
+// the swap server.
+func (m *Manager) RevealDepositKeys(ctx context.Context,
+	depositIDs []string) error {
+
+	done, err := m.scheduleNextCall()
+	if err != nil {
+		return err
+	}
+	defer done()
+
+	// First check that all requested deposits are in the required state and
+	// collect the keys.
+	keys := make(map[string][]byte, len(depositIDs))
+	for _, depositID := range depositIDs {
+		d, ok := m.deposits[depositID]
+		if !ok {
+			log.Warnf("Can't reveal key for deposit %v as it is "+
+				"not active", depositID)
+		}
+
+		if d.State != StateConfirmed && d.State != StateKeyRevealed {
+			return fmt.Errorf("deposit %v key cannot be revealed",
+				depositID)
+		}
+
+		internalPubKey, internalPrivKey, err := DeriveSharedDepositKey(
+			ctx, m.signer, d.FunderScriptKey,
+		)
+		if err != nil {
+			return err
+		}
+
+		if !d.FunderInternalKey.IsEqual(internalPubKey) {
+			log.Errorf("Funder internal key %x does not match "+
+				"expected %x for deposit %v",
+				d.FunderInternalKey.SerializeCompressed(),
+				internalPubKey.SerializeCompressed(), depositID)
+
+			return fmt.Errorf("funder internal key mismatch")
+		}
+
+		keys[depositID] = internalPrivKey.Serialize()
+	}
+
+	// Update the deposit state before we actually push the keys to the
+	// server. Otherwise we may fail to update the state in our database,
+	// despite the server accepting the keys.
+	for depositID := range keys {
+		d := m.deposits[depositID]
+		d.State = StateKeyRevealed
+		err = m.handleDepositStateUpdate(ctx, d)
+		if err != nil {
+			return err
+		}
+
+		log.Infof("Revealing deposit key for %v: pub=%x", depositID,
+			d.FunderInternalKey.SerializeCompressed())
+	}
+
+	// Now push the keys to the server.
+	_, err = m.depositServiceClient.PushAssetDepositKeys(
+		ctx, &swapserverrpc.PushAssetDepositKeysReq{
+			DepositKeys: keys,
+		},
+	)
+	if err != nil {
+		return err
+	}
+
+	return err
+}
diff --git a/assets/deposit/server.go b/assets/deposit/server.go
@@ -140,7 +140,18 @@ func (s *Server) RevealAssetDepositKey(ctx context.Context,
 	in *looprpc.RevealAssetDepositKeyRequest) (
 	*looprpc.RevealAssetDepositKeyResponse, error) {
 
-	return nil, status.Error(codes.Unimplemented, "unimplemented")
+	if s.manager == nil {
+		return nil, ErrAssetDepositsUnavailable
+	}
+
+	err := s.manager.RevealDepositKeys(
+		ctx, []string{in.DepositId},
+	)
+	if err != nil {
+		return nil, status.Error(codes.Internal, err.Error())
+	}
+
+	return &looprpc.RevealAssetDepositKeyResponse{}, nil
 }
 
 // WithdrawAssetDeposits is the rpc endpoint for loop clients to withdraw their
