fix: derive_node_secret_from_mnemonic to match KeysManager

The function now correctly replicates LDK's KeysManager node_secret
derivation:
1. BIP39 seed (64 bytes) → BIP32 master key (32 bytes)
2. Those 32 bytes as new seed → BIP32 master → derive m/0' → node_secret

This ensures the derived key matches what a running Node instance would
use, enabling proper backup authentication before the node starts.

Added verification tests that compare against LDK's KeysManager output.

Also bumps version to v0.7.0-rc.5 and updates bindings.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: ovitrif

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ldk-node"
-version = "0.7.0-rc.4"
+version = "0.7.0-rc.5"
 authors = ["Elias Rohrer <dev@tnull.de>"]
 homepage = "https://lightningdevkit.org/"
 license = "MIT OR Apache-2.0"

Package.swift

@@ -3,8 +3,8 @@
 
 import PackageDescription
 
-let tag = "v0.7.0-rc.4"
-let checksum = "6d3871ce5178f5b1f29721914820ae5f8161b6ed60464537b3aad490a3a560a7"
+let tag = "v0.7.0-rc.5"
+let checksum = "4ef5195192cdb079f58e87d2b8b80943b223d764b6e93a6c7146b9583cfcc064"
 let url = "https://github.com/synonymdev/ldk-node/releases/download/\(tag)/LDKNodeFFI.xcframework.zip"
 
 let package = Package(

bindings/kotlin/ldk-node-android/gradle.properties

@@ -2,4 +2,4 @@ org.gradle.jvmargs=-Xmx1536m
 android.useAndroidX=true
 android.enableJetifier=true
 kotlin.code.style=official
-libraryVersion=0.7.0-rc.4
+libraryVersion=0.7.0-rc.5

bindings/kotlin/ldk-node-android/lib/src/main/jniLibs/arm64-v8a/libldk_node.so

@@ -74,19 +74,36 @@ pub fn generate_entropy_mnemonic(word_count: Option<WordCount>) -> Mnemonic {
 /// This is the same key that would be used by a [`Node`] built with this mnemonic via
 /// [`Builder::set_entropy_bip39_mnemonic`].
 ///
+/// The derivation follows LDK's KeysManager behavior:
+/// 1. BIP39 seed (64 bytes) → BIP32 master key (32 bytes)
+/// 2. Those 32 bytes as new seed → BIP32 master → derive m/0' → node_secret
+///
 /// [`Node`]: crate::Node
 /// [`Builder::set_entropy_bip39_mnemonic`]: crate::Builder::set_entropy_bip39_mnemonic
 pub fn derive_node_secret_from_mnemonic(
 	mnemonic: String, passphrase: Option<String>,
 ) -> Result<Vec<u8>, Error> {
-	let parsed_mnemonic = Mnemonic::parse(&mnemonic).map_err(|_| Error::InvalidMnemonic)?;
+	use bitcoin::bip32::ChildNumber;
+	use bitcoin::secp256k1::Secp256k1;
 
+	let parsed_mnemonic = Mnemonic::parse(&mnemonic).map_err(|_| Error::InvalidMnemonic)?;
 	let seed = parsed_mnemonic.to_seed(passphrase.as_deref().unwrap_or(""));
 
+	// First BIP32 derivation: 64-byte BIP39 seed → 32-byte master private key
 	let xpriv =
 		Xpriv::new_master(Network::Bitcoin, &seed).map_err(|_| Error::InvalidMnemonic)?;
-
-	Ok(xpriv.private_key.secret_bytes().to_vec())
+	let ldk_seed: [u8; 32] = xpriv.private_key.secret_bytes();
+
+	// Second BIP32 derivation: KeysManager treats the 32-byte key as a new seed
+	// and derives node_secret at path m/0'
+	let secp = Secp256k1::new();
+	let keys_master =
+		Xpriv::new_master(Network::Bitcoin, &ldk_seed).map_err(|_| Error::InvalidMnemonic)?;
+	let node_secret_xpriv = keys_master
+		.derive_priv(&secp, &[ChildNumber::from_hardened_idx(0).unwrap()])
+		.map_err(|_| Error::InvalidMnemonic)?;
+
+	Ok(node_secret_xpriv.private_key.secret_bytes().to_vec())
 }
 
 pub(crate) fn read_or_generate_seed_file<L: Deref>(
@@ -645,6 +662,7 @@ pub(crate) fn read_bdk_wallet_change_set(
 #[cfg(test)]
 mod tests {
 	use super::*;
+	use lightning::sign::KeysManager as LdkKeysManager;
 
 	#[test]
 	fn mnemonic_to_entropy_to_mnemonic() {
@@ -679,4 +697,46 @@ mod tests {
 			assert_eq!(mnemonic.word_count(), expected_words);
 		}
 	}
+
+	#[test]
+	fn derive_node_secret_matches_keys_manager() {
+		// Standard test mnemonic (BIP39 test vector)
+		let mnemonic =
+			"abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
+
+		// Derive using our function
+		let derived_secret =
+			derive_node_secret_from_mnemonic(mnemonic.to_string(), None).unwrap();
+
+		// Derive using LDK's KeysManager (same flow as Builder)
+		let parsed = Mnemonic::parse(mnemonic).unwrap();
+		let seed = parsed.to_seed("");
+		let xpriv = Xpriv::new_master(Network::Bitcoin, &seed).unwrap();
+		let ldk_seed: [u8; 32] = xpriv.private_key.secret_bytes();
+
+		let keys_manager = LdkKeysManager::new(&ldk_seed, 0, 0, false);
+		let expected_secret = keys_manager.get_node_secret_key();
+
+		assert_eq!(derived_secret, expected_secret.secret_bytes().to_vec());
+	}
+
+	#[test]
+	fn derive_node_secret_with_passphrase() {
+		let mnemonic =
+			"abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about";
+		let passphrase = Some("test_passphrase".to_string());
+
+		let derived_secret =
+			derive_node_secret_from_mnemonic(mnemonic.to_string(), passphrase).unwrap();
+
+		let parsed = Mnemonic::parse(mnemonic).unwrap();
+		let seed = parsed.to_seed("test_passphrase");
+		let xpriv = Xpriv::new_master(Network::Bitcoin, &seed).unwrap();
+		let ldk_seed: [u8; 32] = xpriv.private_key.secret_bytes();
+
+		let keys_manager = LdkKeysManager::new(&ldk_seed, 0, 0, false);
+		let expected_secret = keys_manager.get_node_secret_key();
+
+		assert_eq!(derived_secret, expected_secret.secret_bytes().to_vec());
+	}
 }