From f0a8a2857bce64e0585263b4edd8beff60df80ff Mon Sep 17 00:00:00 2001
From: Juan Font Alonso <juanfontalonso@gmail.com>
Date: Sat, 20 Aug 2022 00:23:33 +0200
Subject: [PATCH] Clarified why we have a different key

---
 app.go             | 1 +
 protocol_common.go | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/app.go b/app.go
index 851805dc..6e37fcd4 100644
--- a/app.go
+++ b/app.go
@@ -132,6 +132,7 @@ func NewHeadscale(cfg *Config) (*Headscale, error) {
 		return nil, ErrFailedPrivateKey
 	}
 
+	// TS2021 requires to have a different key from the legacy protocol.
 	noisePrivateKey, err := readOrCreatePrivateKey(cfg.NoisePrivateKeyPath)
 	if err != nil {
 		return nil, ErrFailedNoisePrivateKey
diff --git a/protocol_common.go b/protocol_common.go
index 49c9138a..3cce7602 100644
--- a/protocol_common.go
+++ b/protocol_common.go
@@ -56,8 +56,8 @@ func (h *Headscale) KeyHandler(
 			return
 		}
 
+		// TS2021 (Tailscale v2 protocol) requires to have a different key
 		if clientCapabilityVersion >= NoiseCapabilityVersion {
-			// Tailscale has a different key for the TS2021 protocol
 			resp := tailcfg.OverTLSPublicKeyResponse{
 				LegacyPublicKey: h.privateKey.Public(),
 				PublicKey:       h.noisePrivateKey.Public(),