backup

package
v0.8.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2026 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package backup implements wallet asset backup and restore functionality.

Privacy note: backup files contain key derivation paths (key family and index) for anchor internal keys and script keys. This is similar to exporting an xpub or a descriptor — anyone with access to the backup file can derive the public keys used for the wallet's on-chain outputs. Backup files should be treated as sensitive and stored securely.

Index

Constants

View Source 
const (
	// BackupVersionOriginal is the first version of the backup format
	// which stores the complete proof file blob.
	BackupVersionOriginal uint32 = 1

	// BackupVersionStripped is the second version of the backup format
	// which stores stripped proof files with rehydration hints, reducing
	// backup size by omitting blockchain-derivable fields.
	BackupVersionStripped uint32 = 2

	// BackupVersionOptimistic is the third version of the backup format
	// which stores no proof data at all. Proofs are fetched from a
	// universe server on import. This is the smallest backup format but
	// requires a reachable universe server during restore.
	BackupVersionOptimistic uint32 = 3

	// BackupVersion is the current (latest) version of the backup format.
	BackupVersion = BackupVersionOptimistic
)
View Source 
const (
	// AssetBackupAssetType is the TLV type for the asset field.
	AssetBackupAssetType tlv.Type = 0

	// AssetBackupOutpointType is the TLV type for the anchor outpoint.
	AssetBackupOutpointType tlv.Type = 1

	// AssetBackupBlockHeightType is the TLV type for the anchor block
	// height.
	AssetBackupBlockHeightType tlv.Type = 2

	// AssetBackupScriptKeyType is the TLV type for the script key info.
	AssetBackupScriptKeyType tlv.Type = 3

	// AssetBackupAnchorKeyType is the TLV type for the anchor internal key
	// info.
	AssetBackupAnchorKeyType tlv.Type = 4

	// AssetBackupProofBlobType is the TLV type for the complete proof file
	// blob. Used in v1 backups.
	AssetBackupProofBlobType tlv.Type = 5

	// AssetBackupAnchorPkScriptType is the TLV type for the anchor
	// output's pk_script, used for spend detection on import.
	AssetBackupAnchorPkScriptType tlv.Type = 6

	// AssetBackupStrippedProofBlobType is the TLV type for the stripped
	// proof file blob (blockchain-derivable fields removed). Used in v2+
	// backups. Odd type so older decoders can safely skip it.
	AssetBackupStrippedProofBlobType tlv.Type = 7

	// AssetBackupRehydrationHintsType is the TLV type for the serialized
	// rehydration hints needed to reconstruct stripped fields. Used in v2+
	// backups. Odd type so older decoders can safely skip it.
	AssetBackupRehydrationHintsType tlv.Type = 9
)

TLV type constants for AssetBackup fields.

View Source 
const (
	ScriptKeyPubKeyType    tlv.Type = 0
	ScriptKeyFamilyType    tlv.Type = 1
	ScriptKeyIndexType     tlv.Type = 2
	ScriptKeyRawPubKeyType tlv.Type = 3
	ScriptKeyTweakType     tlv.Type = 4
)

TLV type constants for ScriptKeyBackup fields. Note: Types must be in ascending order when encoded.

View Source 
const (
	KeyDescPubKeyType tlv.Type = 0
	KeyDescFamilyType tlv.Type = 1
	KeyDescIndexType  tlv.Type = 2
)

TLV type constants for KeyDescriptorBackup fields.

View Source 
const Subsystem = "BKUP"

Subsystem defines the logging code for this subsystem.

Variables

View Source 
var (
	// ErrKeyLocatorNotFound is returned when a key locator cannot be found
	// for a given public key.
	ErrKeyLocatorNotFound = errors.New("key locator not found")
)

Functions

func DisableLog 

func DisableLog()

DisableLog disables all library log output. Logging output is disabled by default until UseLogger is called.

func EncodeFileHints 

func EncodeFileHints(w io.Writer, hints FileHints) error

EncodeFileHints serializes FileHints to a writer. The format is: [varint num_hints][hint_0][hint_1]... where each hint is [32 bytes AnchorTxHash][4 bytes BlockHeight big-endian].

func EncodeWalletBackup 

func EncodeWalletBackup(backup *WalletBackup) ([]byte, error)

EncodeWalletBackup encodes a WalletBackup to a byte slice with a SHA256 checksum appended at the end for integrity verification.

func ExportBackup 

func ExportBackup(ctx context.Context, mode ExportMode,
	assets []*asset.ChainAsset, proofArchive proof.Archiver,
	keyLookup KeyLocatorLookup,
	federationURLs []string) ([]byte, error)

ExportBackup creates a wallet backup from the given assets. For ExportModeCompact, proofs are stripped of blockchain-derivable fields. For ExportModeOptimistic, no proofs are included and federationURLs must be non-empty.

func ImportBackup 

func ImportBackup(ctx context.Context, backupBlob []byte,
	cfg *ImportConfig) (uint32, error)

ImportBackup decodes and imports assets from a backup blob. Returns the number of newly imported assets.

func RehydrateProofFile 

func RehydrateProofFile(ctx context.Context, strippedBlob []byte,
	hints FileHints, chain ChainQuerier) ([]byte, error)

RehydrateProofFile takes a stripped proof blob and its hints, fetches the missing blockchain data from the chain, and returns a fully reconstructed proof file blob.

func UseLogger 

func UseLogger(logger btclog.Logger)

UseLogger uses a specified Logger to output package logging info. This should be used in preference to SetLogWriter if the caller is also using btclog.

Types

type AssetBackup 

type AssetBackup struct {
	// Asset contains the core asset state including amount, version,
	// script key, and witnesses.
	Asset *asset.Asset

	// AnchorOutpoint is the outpoint where this asset is currently
	// anchored.
	AnchorOutpoint wire.OutPoint

	// AnchorBlockHeight is the block height where this asset was confirmed.
	AnchorBlockHeight uint32

	// ScriptKeyInfo contains the key derivation information needed to
	// reconstruct the script key for spending.
	ScriptKeyInfo *ScriptKeyBackup

	// AnchorInternalKeyInfo contains the key derivation information for the
	// internal key used in the anchor taproot output.
	AnchorInternalKeyInfo *KeyDescriptorBackup

	// ProofFileBlob contains the complete encoded proof file for
	// this asset. This preserves the full proof chain and all
	// proof data without needing to reconstruct anything.
	// Used in v1 backups.
	ProofFileBlob []byte

	// StrippedProofFileBlob contains a proof file with blockchain-
	// derivable fields removed (BlockHeader, AnchorTx, TxMerkleProof,
	// BlockHeight). Used in v2+ backups to reduce backup size.
	StrippedProofFileBlob []byte

	// RehydrationHintsBlob contains the serialized FileHints needed
	// to reconstruct the stripped fields from blockchain data.
	// Used in v2+ backups alongside StrippedProofFileBlob.
	RehydrationHintsBlob []byte

	// AnchorOutputPkScript is the pk_script of the anchor output.
	// Needed for registering spend notifications during import.
	AnchorOutputPkScript []byte
}

AssetBackup contains the essential data needed to restore a single asset. It stores the full proof file blob to preserve the complete proof chain and avoid encoding/decoding issues with complex proof structures.

func (*AssetBackup) Decode 

func (ab *AssetBackup) Decode(r io.Reader) error

Decode deserializes an AssetBackup from a reader.

func (*AssetBackup) Encode 

func (ab *AssetBackup) Encode(w io.Writer) error

Encode serializes an AssetBackup to a writer using TLV format.

type ChainQuerier 

type ChainQuerier interface {
	// GetBlockByHeight returns a full block given its height.
	GetBlockByHeight(ctx context.Context,
		blockHeight int64) (*wire.MsgBlock, error)
}

ChainQuerier is the interface needed to fetch blockchain data during proof rehydration. The tapgarden.ChainBridge interface satisfies this.

type ExportMode 

type ExportMode int

ExportMode controls which backup format is used when exporting. 

const (
	// ExportModeRaw produces a v1 backup with full proof data.
	ExportModeRaw ExportMode = iota

	// ExportModeCompact produces a v2 backup with stripped proofs and
	// rehydration hints.
	ExportModeCompact

	// ExportModeOptimistic produces a v3 backup with no proof data.
	// Proofs are fetched from a universe server on import.
	ExportModeOptimistic
)

type FileHints 

type FileHints struct {
	// Hints contains the rehydration hints for each proof transition.
	Hints []ProofHint
}

FileHints contains one hint per proof in a file, in chain order (genesis first).

func DecodeFileHints 

func DecodeFileHints(r io.Reader) (FileHints, error)

DecodeFileHints deserializes FileHints from a reader.

func StripProofFile 

func StripProofFile(proofBlob []byte) ([]byte, FileHints, error)

StripProofFile takes a complete proof file blob and returns a stripped version with blockchain-derivable fields removed, along with hints needed to reconstruct those fields later.

The following TLV fields are stripped from each proof transition:

  • BlockHeader (type 4) — 80 bytes, fetchable by block height
  • AnchorTx (type 6) — ~250-500 bytes, findable in block by txid
  • TxMerkleProof (type 8) — ~200-300 bytes, reconstructable from block
  • BlockHeight (type 22) — 4 bytes, stored in hint

AdditionalInputs (nested proof files) are kept as-is.

type ImportConfig 

type ImportConfig struct {
	// SpendChecker is used to detect stale backup entries whose anchor
	// outpoints have already been spent.
	SpendChecker SpendChecker

	// ChainQuerier provides access to blockchain data for rehydrating
	// stripped proofs.
	ChainQuerier ChainQuerier

	// ProofArchive is used to check for existing proofs and to import
	// new proofs.
	ProofArchive proof.Archiver

	// KeyRegistrar is used to register anchor internal keys and script
	// keys so the wallet can sign for imported assets.
	KeyRegistrar KeyRegistrar

	// ProofVerifier provides the verification context for imported proofs.
	ProofVerifier proof.VerifierCtx
}

ImportConfig holds the dependencies needed to import a backup.

type KeyDescriptorBackup 

type KeyDescriptorBackup struct {
	// PubKey is the public key.
	PubKey *btcec.PublicKey

	// KeyLocator contains the derivation path info (family + index).
	KeyLocator keychain.KeyLocator
}

KeyDescriptorBackup contains the key derivation info for an internal key.

func (*KeyDescriptorBackup) Decode 

func (kd *KeyDescriptorBackup) Decode(r io.Reader) error

Decode deserializes a KeyDescriptorBackup from a reader.

func (*KeyDescriptorBackup) Encode 

func (kd *KeyDescriptorBackup) Encode(w io.Writer) error

Encode serializes a KeyDescriptorBackup to a writer.

type KeyLocatorLookup 

type KeyLocatorLookup interface {
	// FetchInternalKeyLocator returns the key locator for an internal key
	// given its public key. Returns ErrKeyLocatorNotFound if the key is
	// not found.
	FetchInternalKeyLocator(ctx context.Context,
		pubKey *btcec.PublicKey) (keychain.KeyLocator, error)
}

KeyLocatorLookup is an interface for looking up key locators by public key. This allows the backup package to fetch full key derivation information for internal keys.

type KeyRegistrar 

type KeyRegistrar interface {
	// InsertInternalKey inserts an internal key into the database.
	InsertInternalKey(ctx context.Context,
		keyDesc keychain.KeyDescriptor) error

	// InsertScriptKey inserts a script key into the database.
	InsertScriptKey(ctx context.Context, scriptKey asset.ScriptKey,
		keyType asset.ScriptKeyType) error
}

KeyRegistrar allows registering keys needed for wallet operations.

type ProofHint 

type ProofHint struct {
	// AnchorTxHash is the txid of the anchor transaction. This is used
	// to locate the transaction within its block during rehydration.
	AnchorTxHash [32]byte

	// BlockHeight is the height of the block containing the anchor
	// transaction.
	BlockHeight uint32
}

ProofHint contains the minimal info needed to reconstruct blockchain- derivable fields for a single proof transition.

type ScriptKeyBackup 

type ScriptKeyBackup struct {
	// PubKey is the final tweaked script key.
	PubKey *btcec.PublicKey

	// RawKey is the key descriptor for the internal key before tweaking.
	RawKey keychain.KeyDescriptor

	// Tweak is the tweak applied to derive the final script key.
	// If nil, a BIP-0086 tweak is assumed.
	Tweak []byte
}

ScriptKeyBackup contains the key material needed to restore a script key.

func (*ScriptKeyBackup) Decode 

func (sk *ScriptKeyBackup) Decode(r io.Reader) error

Decode deserializes a ScriptKeyBackup from a reader.

func (*ScriptKeyBackup) Encode 

func (sk *ScriptKeyBackup) Encode(w io.Writer) error

Encode serializes a ScriptKeyBackup to a writer.

type SpendChecker 

type SpendChecker interface {
	// RegisterSpendNtfn dispatches a spend notification request to the
	// chain notifier. If the outpoint has already been spent, the
	// notification is dispatched immediately.
	RegisterSpendNtfn(ctx context.Context, outpoint *wire.OutPoint,
		pkScript []byte, heightHint int32,
		optFuncs ...lndclient.NotifierOption) (
		chan *chainntnfs.SpendDetail, chan error, error)
}

SpendChecker can determine whether an outpoint has been spent.

type WalletBackup 

type WalletBackup struct {
	// Version is the backup format version.
	Version uint32

	// Assets contains the backup data for each active asset.
	Assets []*AssetBackup

	// FederationURLs contains the universe federation server URLs used
	// in v3 (optimistic) backups to fetch proofs on import.
	FederationURLs []string
}

WalletBackup contains all the data needed to restore a wallet's assets.

func DecodeWalletBackup 

func DecodeWalletBackup(data []byte) (*WalletBackup, error)

DecodeWalletBackup decodes a WalletBackup from a byte slice after verifying the SHA256 checksum.

func (*WalletBackup) Decode 

func (w *WalletBackup) Decode(reader io.Reader) error

Decode deserializes a WalletBackup from a reader.

func (*WalletBackup) Encode 

func (w *WalletBackup) Encode(writer io.Writer) error

Encode serializes a WalletBackup to a writer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.