test-cli/extract-escape-secret: helper to get escape secret from other side.

When other side uses their escape tx, we extract the secret to we
can use our fast-escape.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

Makefile

@@ -8,7 +8,7 @@ FEATURES := -DHAS_CSV=1 -DALPHA_TXSTYLE=1 -DUSE_SCHNORR=1
 # Bitcoin uses DER for signatures
 #FEATURES := -DSCRIPTS_USE_DER
 
-PROGRAMS := test-cli/open-channel test-cli/open-commit-sig test-cli/check-commit-sig test-cli/get-anchor-depth test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx test-cli/txid-of test-cli/create-anchor-tx test-cli/open-anchor-id test-cli/open-complete test-cli/check-open-complete test-cli/open-escape-sigs test-cli/create-escape-tx test-cli/get-revocation-secret test-cli/extract-revocation-preimage test-cli/create-secret-spend-tx
+PROGRAMS := test-cli/open-channel test-cli/open-commit-sig test-cli/check-commit-sig test-cli/get-anchor-depth test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx test-cli/txid-of test-cli/create-anchor-tx test-cli/open-anchor-id test-cli/open-complete test-cli/check-open-complete test-cli/open-escape-sigs test-cli/create-escape-tx test-cli/get-revocation-secret test-cli/extract-revocation-preimage test-cli/create-secret-spend-tx test-cli/extract-escape-secret
 
 BITCOIN_OBJS := bitcoin/address.o bitcoin/base58.o bitcoin/pubkey.o bitcoin/script.o bitcoin/shadouble.o bitcoin/signature.o bitcoin/tx.o
 

test-cli/extract-escape-secret.c

@@ -0,0 +1,102 @@
+#include <ccan/crypto/shachain/shachain.h>
+#include <ccan/read_write_all/read_write_all.h>
+#include <ccan/short_types/short_types.h>
+#include <ccan/tal/tal.h>
+#include <ccan/opt/opt.h>
+#include <ccan/str/hex/hex.h>
+#include <ccan/err/err.h>
+#include "bitcoin/tx.h"
+#include <unistd.h>
+
+#define OP_PUSHDATA1	0x4C
+#define OP_PUSHDATA2	0x4D
+#define OP_PUSHDATA4	0x4E
+
+static bool pull_value(const u8 **s, const u8 *end, void *dst, size_t max)
+{
+	size_t len;
+
+	if (*s >= end)
+		return false;
+
+	if (**s < 76) {
+		len = **s;
+		(*s)++;
+	} else if (**s == OP_PUSHDATA1) {
+		(*s)++;
+		if (*s >= end)
+			return false;
+		len = **s;
+		(*s)++;
+	} else if (**s == OP_PUSHDATA2) {
+		(*s)++;
+		if (*s + 1 >= end)
+			return false;
+		len = (u32)(*s)[0] | ((u32)(*s)[1] << 8);
+		(*s) += 2;
+	} else if (**s == OP_PUSHDATA4) {
+		(*s)++;
+		if (*s + 3 >= end)
+			return false;
+		len = (u32)(*s)[0] | ((u32)(*s)[1] << 8) | ((u32)(*s)[2] << 16)
+			| ((u32)(*s)[3] << 24);
+		(*s) += 4;
+	} else
+		return false;
+
+	if (len > max)
+		return false;
+	memcpy(dst, *s, len);
+	(*s) += len;
+	return true;
+}
+
+int main(int argc, char *argv[])
+{
+	const tal_t *ctx = tal_arr(NULL, char, 0);
+	struct bitcoin_tx *tx;
+	const u8 *s, *end;
+	struct sha256 secret;
+	u8 sig[73];
+	char hexstr[hex_str_size(sizeof(secret))];
+
+	err_set_progname(argv[0]);
+
+	/* FIXME: Take update.pbs to adjust channel */
+	opt_register_noarg("--help|-h", opt_usage_and_exit,
+			   "<escape-txfile>\n"
+			   "Print the secret revealed by this escape tx",
+			   "Print this message.");
+
+ 	opt_parse(&argc, argv, opt_log_stderr_exit);
+
+	if (argc != 2)
+		opt_usage_exit_fail("Expected 1 argument");
+
+	tx = bitcoin_tx_from_file(ctx, argv[1]);
+
+	if (tx->input_count != 1)
+		errx(1, "Expected 1 input");
+
+	s = tx->input[0].script;
+	end = s + tx->input[0].script_length;
+
+	if (!pull_value(&s, end, NULL, 0))
+		errx(1, "Expected 0");
+	if (!pull_value(&s, end, sig, sizeof(sig)))
+		errx(1, "Expected sig1");
+	if (!pull_value(&s, end, sig, sizeof(sig)))
+		errx(1, "Expected sig2");
+	if (!pull_value(&s, end, secret.u.u8, sizeof(secret.u.u8)))
+		errx(1, "Expected secret");
+
+	if (!hex_encode(&secret.u.u8, sizeof(secret.u.u8), hexstr, sizeof(hexstr)))
+		abort();
+
+	/* Print it out. */
+	if (!write_all(STDOUT_FILENO, hexstr, strlen(hexstr)))
+		err(1, "Writing out secret");
+
+	tal_free(ctx);
+	return 0;
+}

test-cli/scripts/test.sh

@@ -112,6 +112,26 @@ $PREFIX ./create-escape-tx --fast B-open.pb A-open.pb B-anchor-id.pb A-escape-si
 $CLI sendrawtransaction `cut -d: -f1 A-anchor.tx` > A-anchor.txid
 $CLI sendrawtransaction `cut -d: -f1 B-anchor.tx` > B-anchor.txid
 
+if [ x"$1" = x--escape ]; then
+    # A uses their escape transaction.
+    $CLI sendrawtransaction `cut -d: -f1 A-escape.tx` > A-escape.txid
+    # B can extract the secret
+    $PREFIX ./extract-escape-secret A-escape.tx > A-escape-secret
+
+    # Now B can send fast-escape.
+    $CLI sendrawtransaction `cut -d: -f1 B-fast-escape.tx` > B-fast-escape.txid
+
+    # And use the secret to spend it.
+    $PREFIX ./create-secret-spend-tx --secret B-fast-escape.tx $A_FINALPUBKEY 93600 $B_FINALKEY $B_CHANGEPUBKEY `cat A-escape-secret` > B-fast-escape-spend.tx
+
+    $CLI sendrawtransaction `cut -d: -f1 B-fast-escape-spend.tx` > B-fast-escape-spend.txid
+
+    # A can't spend escape until after delay
+    $PREFIX ./create-secret-spend-tx --hash-secret A-escape.tx $B_FINALPUBKEY 60 $A_FINALKEY $A_CHANGEPUBKEY `cat A-escape-secret` > A-escape-spend.tx
+    send_after_delay `cut -d: -f1 A-escape-spend.tx` > A-escape-spend.txid
+    exit 0
+fi
+
 # Now create commit signature
 $PREFIX ./open-commit-sig A-open.pb B-open.pb A-anchor-id.pb B-anchor-id.pb $A_TMPKEY > A-commit-sig.pb
 $PREFIX ./open-commit-sig B-open.pb A-open.pb B-anchor-id.pb A-anchor-id.pb $B_TMPKEY > B-commit-sig.pb