Add BIP-0322 message signing to SignMessageWithAddr RPC

[guggero]

This PR depends on btcsuite/btcd#2521.

Change Description

The BIP-0322 was recently moved to status "Complete", which means wallets can finally implement it without needing to worry about breaking changes in the protocol.

Steps to Test

# New Taproot address
$ lncli newaddress p2tr
{
    "address":  "bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8"
}

# Legacy format
$ lncli wallet addresses signmessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 "foo bar"
{
    "signature":  "ICMQCUOIgoumLJ/i9lxcZ88nvyxVPLBaNVKQqyYVe0ArUuSw7Hqg1aeyELxtdVZHcEAirnlM1CJ4ZiWrYYZHejA="
}

$ lncli wallet addresses verifymessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 ICMQCUOIgoumLJ/i9lxcZ88nvyxVPLBaNVKQqyYVe0ArUuSw7Hqg1aeyELxtdVZHcEAirnlM1CJ4ZiWrYYZHejA= "foo bar"
{
    "valid":  true,
    "pubkey":  "022d2ae0b1b0c96accdaae08c6323134568528ece23df5900d9e702916e1e5e980",
    "signature_type":  "MSG_SIGNATURE_TYPE_LEGACY",
    "time_constraints":  null
}

# BIP-0322 format
$ lncli wallet addresses signmessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 "foo bar" --bip322
{
    "signature":  "smpAUCaDN4rmBK51+sF3ItMqnqAYhPh4ofAZdRuWnSA7WPcnnntCkCuqHcZAj01So5JyA1bZ6CXp2wa8bAZKut5L+g0"
}

$ lncli wallet addresses verifymessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 smpAUCaDN4rmBK51+sF3ItMqnqAYhPh4ofAZdRuWnSA7WPcnnntCkCuqHcZAj01So5JyA1bZ6CXp2wa8bAZKut5L+g0 "foo bar"
{
    "valid":  true,
    "pubkey":  "",
    "signature_type":  "MSG_SIGNATURE_TYPE_BIP0322_SIMPLE",
    "time_constraints":  null
}

# Incorrect message / invalid signature
$ lncli wallet addresses verifymessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 smpAUCaDN4rmBK51+sF3ItMqnqAYhPh4ofAZdRuWnSA7WPcnnntCkCuqHcZAj01So5JyA1bZ6CXp2wa8bAZKut5L+g0 "foo barz"
{
    "valid":  false,
    "pubkey":  "",
    "signature_type":  "MSG_SIGNATURE_TYPE_BIP0322_SIMPLE",
    "time_constraints":  null
}

# Invalid signature format
$ lncli wallet addresses verifymessage bcrt1p9e5rsfm0c0nrx88jvgu0lr6rfrdryzmy2uj74n4pxlgpm7nsnsrssll0z8 smpAUCaDN4rmBK51+sF3ItMqnqAYhPh4ofAZaaaaaaaaaaaaaaaaaaaaaaa "foo bar" 
[lncli] rpc error: code = Unknown desc = unable to verify message: error parsing signature as witness: witness item length 64 exceeds remaining input 61

Pull Request Checklist

Testing

• Your PR passes all CI checks.
• Tests covering the positive and negative (error paths) are included.
• Bug fixes contain tests triggering the bug to prevent regressions.

Code Style and Documentation

• The change is not insubstantial. Typo fixes are not accepted to fight bot spam.
• The change obeys the Code Documentation and Commenting guidelines, and lines wrap at 80.
• Commits follow the Ideal Git Commit Structure.
• Any new logging statements use an appropriate subsystem and logging level.
• Any new lncli commands have appropriate tags in the comments for the rpc in the proto file.
• There is a change description in the release notes, or [skip ci] in the commit message for small changes.

📝 Please see our Contribution Guidelines for further guidance.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request implements the BIP-0322 standard for generic message signing within the lnd wallet. It enables users to sign and verify messages using the standardized BIP-0322 format, significantly improving compatibility across various address types, including Taproot. The changes encompass updates to the RPC layer, CLI commands, and protobuf definitions, supported by comprehensive integration tests to ensure cross-format reliability.

Highlights

• BIP-0322 Support: Added support for the BIP-0322 Generic Signed Message Format in the SignMessageWithAddr and VerifyMessageWithAddr RPCs.
• CLI Update: Introduced the --bip322 flag to the lncli wallet addresses signmessage command to enable standardized message signing.
• RPC Schema Changes: Updated the walletrpc protobuf definitions to include MsgSignatureType and MsgSignatureTimeConstraints for improved signature reporting.
• Testing: Expanded integration tests to validate both legacy and BIP-0322 signature formats across P2WKH, NP2WKH, and P2TR address types.

New Features

🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🟠 PR Severity: HIGH

Highest-severity file: lnrpc/walletrpc/walletkit_server.go | 7 files (non-test/non-generated) | 456 lines changed

🟠 High (1 file)

• lnrpc/walletrpc/walletkit_server.go - RPC server implementation in lnrpc/*

🟡 Medium (5 files)

• lnrpc/walletrpc/walletkit.proto - .proto API definition (API change)
• lnrpc/walletrpc/walletkit.swagger.json - Swagger/OpenAPI definition
• cmd/commands/walletrpc_active.go - CLI client command (cmd/*, not server-side)
• go.mod - Go module dependency update
• go.sum - Go module checksum update

🟢 Low (2 files, excluded from counts)

• docs/release-notes/release-notes-0.22.0.md - Release notes
• itest/lnd_misc_test.go - Integration test file

⚙️ Auto-generated (2 files, excluded from counts)

• lnrpc/walletrpc/walletkit.pb.go - Protobuf generated code
• lnrpc/walletrpc/walletkit_grpc.pb.go - Protobuf gRPC generated code

Analysis

This PR modifies the walletrpc RPC subsystem, with the primary severity driver being walletkit_server.go — the server-side implementation of the WalletKit gRPC service (lnrpc/*). It also updates the .proto definition and Swagger spec, indicating a new or changed RPC method is being introduced (181 additions in the server file alongside 78 proto additions suggest a meaningful API expansion).

The cmd/commands/walletrpc_active.go file is CLI client code under cmd/* and is correctly classified as MEDIUM regardless of the walletrpc name in the path.

Severity bump check:

• Files (non-test/non-generated): 7 — below the 20-file threshold
• Lines changed (non-test/non-generated): 456 — below the 500-line threshold
• No multiple distinct critical packages touched

No severity bump triggered; HIGH is the final classification based on the lnrpc/* server implementation change.

---

_{To override, add a severity-override-{critical,high,medium,low} label.}
<!-- pr-severity-bot -->

[gemini-code-assist]

Code Review

This pull request implements support for the BIP-0322 Generic Signed Message Format, adding a --bip322 flag to the signmessage command and updating verifymessage to automatically detect and validate the new format. The changes span RPC definitions, server-side implementation, and integration tests. Feedback identifies a missing errors package import and a potential nil pointer dereference when handling signature constraints. It is also recommended to use more descriptive error messages for unsupported address types to improve the user experience.

[TechLateef]

Is the temporary psbt replacement required for this PR as well, or is it only needed internally by the custom bip322 dependency?

[TechLateef]

Update: I’ve checked again and confirmed that the related PR in btcd does touch PSBT, so this replace directive is expected here. My earlier question is resolved.

[TechLateef]

Would it make sense to also add a few negative-path integration tests for the new BIP-0322 flow (for example modified messages, malformed signatures, or verification against the wrong address)?

The implementation added several new validation/error branches that currently don't appear to be exercised here.