commit dd8b8b337a890f37e8b98a478cffbcd4c469ea31
parent 81aae98a5edd7607f0f1074101fb1d16b5e7bcae
Author: Jared Tobin <jared@jtobin.io>
Date: Sun, 25 Jan 2026 09:38:28 +0400
doc: fix key rotation comment (1000 not 500)
Haddock for encrypt/decrypt incorrectly described key rotation
timing. It occurs at nonce 1000, not "every 500 messages".
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Diffstat:
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/Lightning/Protocol/BOLT8.hs b/lib/Lightning/Protocol/BOLT8.hs
@@ -503,7 +503,7 @@ finalize hs msg3 = do
-- | Encrypt a message (max 65535 bytes).
--
-- Returns the encrypted packet and updated session. Key rotation
--- is handled automatically every 500 messages.
+-- is handled automatically at nonce 1000.
--
-- Wire format: encrypted_length (2) || MAC (16) || encrypted_body || MAC (16)
--
@@ -539,7 +539,7 @@ encrypt sess pt = do
-- | Decrypt a message, requiring an exact packet with no trailing bytes.
--
-- Returns the plaintext and updated session. Key rotation
--- is handled automatically every 1000 messages.
+-- is handled automatically at nonce 1000.
--
-- This is a strict variant that rejects any trailing data. For
-- streaming use cases where you need to handle multiple frames in a
