tx: strip out witscript

now that witness script data is saved into the tx/psbt which is
serialized across the wire, there's no reason to use witscript to do
this. good bye witscript!
This commit is contained in:
niftynei 2020-05-21 13:27:54 +09:30 committed by Rusty Russell
parent 559f88faa1
commit bf4cac7fb8
8 changed files with 33 additions and 99 deletions

View File

@ -242,38 +242,20 @@ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx,
return res;
}
struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx,
const struct bitcoin_tx *tx,
u8 *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx,
int outnum)
{
struct witscript *wit;
struct wally_psbt_output *out;
assert(outnum < tx->psbt->num_outputs);
out = &tx->psbt->outputs[outnum];
if (out->witness_script_len == 0)
return NULL;
wit = tal(ctx, struct witscript);
wit->ptr = tal_dup_arr(ctx, u8, out->witness_script, out->witness_script_len, 0);
return wit;
return tal_dup_arr(ctx, u8, out->witness_script, out->witness_script_len, 0);
}
const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx,
const struct bitcoin_tx *tx)
{
size_t i;
struct witscript **witscripts;
witscripts = tal_arr(ctx, struct witscript *, tx->wtx->num_outputs);
for (i = 0; i < tx->wtx->num_outputs; i++)
witscripts[i] = bitcoin_tx_output_get_witscript(witscripts, tx, i);
return cast_const2(const struct witscript **, witscripts);
}
/* FIXME(cdecker) Make the caller pass in a reference to amount_asset, and
* return false if unintelligible/encrypted. (WARN UNUSED). */
struct amount_asset bitcoin_tx_output_get_amount(const struct bitcoin_tx *tx,
@ -722,24 +704,3 @@ void towire_bitcoin_tx_output(u8 **pptr, const struct bitcoin_tx_output *output)
towire_u16(pptr, tal_count(output->script));
towire_u8_array(pptr, output->script, tal_count(output->script));
}
void towire_witscript(u8 **pptr, const struct witscript *script)
{
if (script == NULL) {
towire_u16(pptr, 0);
} else {
assert(script->ptr != NULL);
towire_u16(pptr, tal_count(script->ptr));
towire_u8_array(pptr, script->ptr, tal_count(script->ptr));
}
}
struct witscript *fromwire_witscript(const tal_t *ctx, const u8 **cursor, size_t *max)
{
struct witscript *retval = tal(ctx, struct witscript);
u16 len = fromwire_u16(cursor, max);
retval->ptr = fromwire_tal_arrn(retval, cursor, max, len);
if (!*cursor)
return tal_free(retval);
return retval;
}

View File

@ -14,10 +14,6 @@
#define BITCOIN_TX_DEFAULT_SEQUENCE 0xFFFFFFFF
struct wally_psbt;
struct witscript {
u8 *ptr;
};
struct bitcoin_txid {
struct sha256_double shad;
};
@ -110,12 +106,8 @@ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx, const struct bitcoin_tx
/**
* Helper to get a witness script for an output.
*/
struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum);
u8 *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum);
/**
* Helper to get all witness scripts for a transaction.
*/
const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx, const struct bitcoin_tx *tx);
/** bitcoin_tx_output_get_amount_sat - Helper to get transaction output's amount
*
* Internally we use a `wally_tx` to represent the transaction. The
@ -199,12 +191,8 @@ struct bitcoin_tx *fromwire_bitcoin_tx(const tal_t *ctx,
const u8 **cursor, size_t *max);
struct bitcoin_tx_output *fromwire_bitcoin_tx_output(const tal_t *ctx,
const u8 **cursor, size_t *max);
struct witscript *fromwire_witscript(const tal_t *ctx,
const u8 **cursor, size_t *max);
void towire_bitcoin_txid(u8 **pptr, const struct bitcoin_txid *txid);
void towire_bitcoin_tx(u8 **pptr, const struct bitcoin_tx *tx);
void towire_bitcoin_tx_output(u8 **pptr, const struct bitcoin_tx_output *output);
void towire_witscript(u8 **pptr, const struct witscript *script);
#endif /* LIGHTNING_BITCOIN_TX_H */

View File

@ -837,14 +837,12 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
size_t i;
struct pubkey local_htlckey;
const u8 *msg;
const struct witscript **ws;
secp256k1_ecdsa_signature *htlc_sigs;
ws = bitcoin_tx_get_witscripts(tmpctx, txs[0]);
msg = towire_hsm_sign_remote_commitment_tx(NULL, txs[0],
&peer->channel->funding_pubkey[REMOTE],
*txs[0]->input_amounts[0],
ws, &peer->remote_per_commit,
&peer->remote_per_commit,
peer->channel->option_static_remotekey);
msg = hsm_req(tmpctx, take(msg));
@ -880,11 +878,11 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
for (i = 0; i < tal_count(htlc_sigs); i++) {
struct bitcoin_signature sig;
struct witscript *w;
u8 *wscript;
w = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
txs[i+1]->wtx->inputs[0].index);
msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], w->ptr,
msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], wscript,
*txs[i+1]->input_amounts[0],
&peer->remote_per_commit);
@ -899,10 +897,10 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
type_to_string(tmpctx, struct bitcoin_signature,
&sig),
type_to_string(tmpctx, struct bitcoin_tx, txs[1+i]),
tal_hex(tmpctx, w->ptr),
tal_hex(tmpctx, wscript),
type_to_string(tmpctx, struct pubkey,
&local_htlckey));
assert(check_tx_sig(txs[1+i], 0, NULL, w->ptr,
assert(check_tx_sig(txs[1+i], 0, NULL, wscript,
&local_htlckey,
&sig));
}
@ -1349,23 +1347,23 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg)
*/
for (i = 0; i < tal_count(htlc_sigs); i++) {
struct bitcoin_signature sig;
struct witscript *w;
u8 *wscript;
w = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
txs[i+1]->wtx->inputs[0].index);
/* SIGHASH_ALL is implied. */
sig.s = htlc_sigs[i];
sig.sighash_type = SIGHASH_ALL;
if (!check_tx_sig(txs[1+i], 0, NULL, w->ptr,
if (!check_tx_sig(txs[1+i], 0, NULL, wscript,
&remote_htlckey, &sig))
peer_failed(peer->pps,
&peer->channel_id,
"Bad commit_sig signature %s for htlc %s wscript %s key %s",
type_to_string(msg, struct bitcoin_signature, &sig),
type_to_string(msg, struct bitcoin_tx, txs[1+i]),
tal_hex(msg, w->ptr),
tal_hex(msg, wscript),
type_to_string(msg, struct pubkey,
&remote_htlckey));
}

View File

@ -465,7 +465,7 @@ int main(int argc, char *argv[])
for (size_t i = 0; i < tal_count(htlcmap); i++) {
struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
struct amount_sat amt;
struct witscript *w;
u8 *wscript;
if (!htlcmap[i])
continue;
@ -477,15 +477,15 @@ int main(int argc, char *argv[])
local_txs[1+i]->input_amounts[0]
= tal_dup(local_txs[1+i], struct amount_sat, &amt);
w = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i);
printf("# wscript: %s\n", tal_hex(NULL, w->ptr));
wscript = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i);
printf("# wscript: %s\n", tal_hex(NULL, wscript));
bitcoin_tx_hash_for_sig(local_txs[1+i], 0, w->ptr,
bitcoin_tx_hash_for_sig(local_txs[1+i], 0, wscript,
SIGHASH_ALL, &hash);
sign_tx_input(local_txs[1+i], 0, NULL, w->ptr,
sign_tx_input(local_txs[1+i], 0, NULL, wscript,
&local_htlc_privkey, &local_htlc_pubkey,
SIGHASH_ALL, &local_htlc_sig);
sign_tx_input(local_txs[1+i], 0, NULL, w->ptr,
sign_tx_input(local_txs[1+i], 0, NULL, wscript,
&remote_htlc_privkey, &remote_htlc_pubkey,
SIGHASH_ALL, &remote_htlc_sig);
printf("localsig_on_local output %zu: %s\n",
@ -497,13 +497,13 @@ int main(int argc, char *argv[])
witness = bitcoin_witness_htlc_timeout_tx(NULL,
&local_htlc_sig,
&remote_htlc_sig,
w->ptr);
wscript);
else
witness = bitcoin_witness_htlc_success_tx(NULL,
&local_htlc_sig,
&remote_htlc_sig,
preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
w->ptr);
wscript);
bitcoin_tx_input_set_witness(local_txs[1+i], 0, witness);
printf("htlc tx for output %zu: %s\n",
i, tal_hex(NULL, linearize_tx(NULL, local_txs[1+i])));
@ -580,7 +580,7 @@ int main(int argc, char *argv[])
for (size_t i = 0; i < tal_count(htlcmap); i++) {
struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
struct amount_sat amt;
struct witscript *w;
u8 *wscript;
if (!htlcmap[i])
continue;
@ -592,14 +592,14 @@ int main(int argc, char *argv[])
remote_txs[1+i]->input_amounts[0]
= tal_dup(remote_txs[1+i], struct amount_sat, &amt);
w = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i);
printf("# wscript: %s\n", tal_hex(NULL, w->ptr));
bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, w->ptr,
wscript = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i);
printf("# wscript: %s\n", tal_hex(NULL, wscript));
bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, wscript,
SIGHASH_ALL, &hash);
sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr,
sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
&local_htlc_privkey, &local_htlc_pubkey,
SIGHASH_ALL, &local_htlc_sig);
sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr,
sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
&remote_htlc_privkey, &remote_htlc_pubkey,
SIGHASH_ALL, &remote_htlc_sig);
printf("localsig_on_remote output %zu: %s\n",
@ -611,13 +611,13 @@ int main(int argc, char *argv[])
witness = bitcoin_witness_htlc_timeout_tx(NULL,
&remote_htlc_sig,
&local_htlc_sig,
w->ptr);
wscript);
else
witness = bitcoin_witness_htlc_success_tx(NULL,
&remote_htlc_sig,
&local_htlc_sig,
preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
w->ptr);
wscript);
bitcoin_tx_input_set_witness(remote_txs[1+i], 0, witness);
printf("htlc tx for output %zu: %s\n",
i, tal_hex(NULL, linearize_tx(NULL, remote_txs[1+i])));

View File

@ -159,8 +159,6 @@ msgtype,hsm_sign_remote_commitment_tx,19
msgdata,hsm_sign_remote_commitment_tx,tx,bitcoin_tx,
msgdata,hsm_sign_remote_commitment_tx,remote_funding_key,pubkey,
msgdata,hsm_sign_remote_commitment_tx,funding_amount,amount_sat,
msgdata,hsm_sign_remote_commitment_tx,num_witscripts,u16,
msgdata,hsm_sign_remote_commitment_tx,output_witscripts,witscript,num_witscripts
msgdata,hsm_sign_remote_commitment_tx,remote_per_commit,pubkey,
msgdata,hsm_sign_remote_commitment_tx,option_static_remotekey,bool,

1 # Clients should not give a bad request but not the HSM's decision to crash.
159 msgdata,hsm_get_per_commitment_point_reply,per_commitment_point,pubkey, # master -> hsmd: do you have a memleak?
160 msgdata,hsm_get_per_commitment_point_reply,old_commitment_secret,?secret, msgtype,hsm_dev_memleak,33
161 # master -> hsmd: do you have a memleak? msgtype,hsm_dev_memleak_reply,133
msgtype,hsm_dev_memleak,33
msgtype,hsm_dev_memleak_reply,133
162 msgdata,hsm_dev_memleak_reply,leak,bool,
163 # channeld asks to check if claimed future commitment_secret is correct.
164 msgtype,hsm_check_future_secret,22

View File

@ -996,7 +996,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
struct bitcoin_signature sig;
struct secrets secrets;
const u8 *funding_wscript;
struct witscript **output_witscripts;
struct pubkey remote_per_commit;
bool option_static_remotekey;
@ -1004,7 +1003,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
&tx,
&remote_funding_pubkey,
&funding,
&output_witscripts,
&remote_per_commit,
&option_static_remotekey))
return bad_req(conn, c, msg_in);
@ -1015,8 +1013,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
return bad_req_fmt(conn, c, msg_in, "tx must have 1 input");
if (tx->wtx->num_outputs == 0)
return bad_req_fmt(conn, c, msg_in, "tx must have > 0 outputs");
if (tal_count(output_witscripts) != tx->wtx->num_outputs)
return bad_req_fmt(conn, c, msg_in, "tx must have matching witscripts");
get_channel_seed(&c->id, c->dbid, &channel_seed);
derive_basepoints(&channel_seed,

View File

@ -667,7 +667,6 @@ static bool funder_finalize_channel_setup(struct state *state,
struct channel_id id_in;
const u8 *wscript;
char *err_reason;
const struct witscript **ws;
struct wally_tx_output *direct_outputs[NUM_SIDES];
/*~ Now we can initialize the `struct channel`. This represents
@ -733,12 +732,10 @@ static bool funder_finalize_channel_setup(struct state *state,
* witness script. It also needs the amount of the funding output,
* as segwit signatures commit to that as well, even though it doesn't
* explicitly appear in the transaction itself. */
ws = bitcoin_tx_get_witscripts(tmpctx, *tx);
msg = towire_hsm_sign_remote_commitment_tx(NULL,
*tx,
&state->channel->funding_pubkey[REMOTE],
state->channel->funding,
ws,
&state->first_per_commitment_point[REMOTE],
state->channel->option_static_remotekey);
@ -913,7 +910,6 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
struct bitcoin_signature theirsig, sig;
struct bitcoin_tx *local_commit, *remote_commit;
struct bitcoin_blkid chain_hash;
const struct witscript **ws;
u8 *msg;
const u8 *wscript;
u8 channel_flags;
@ -1270,12 +1266,10 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
}
/* Make HSM sign it */
ws = bitcoin_tx_get_witscripts(tmpctx, remote_commit);
msg = towire_hsm_sign_remote_commitment_tx(NULL,
remote_commit,
&state->channel->funding_pubkey[REMOTE],
state->channel->funding,
ws,
&state->first_per_commitment_point[REMOTE],
state->channel->option_static_remotekey);

View File

@ -231,7 +231,6 @@ class Type(FieldSet):
'exclude_entry',
'fee_states',
'onionreply',
'witscript',
'feature_set',
'onionmsg_path',
'route_hop',