Commit Graph

60 Commits

Author SHA1 Message Date
Rusty Russell
4ffda340d3 check: make sure all files outside contrib/ include "config.h" first.
And turn "" includes into full-path (which makes it easier to put
config.h first, and finds some cases check-includes.sh missed
previously).

config.h sets _GNU_SOURCE which really needs to be done before any
'#includes': we mainly got away with it with glibc, but other platforms
like Alpine may have stricter requirements.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-12-06 10:05:39 +10:30
Rusty Russell
7401b26824 cleanup: remove unneeded includes in C files.
Before:
 Ten builds, laptop -j5, no ccache:

```
real	0m36.686000-38.956000(38.608+/-0.65)s
user	2m32.864000-42.253000(40.7545+/-2.7)s
sys	0m16.618000-18.316000(17.8531+/-0.48)s
```

 Ten builds, laptop -j5, ccache (warm):

```
real	0m8.212000-8.577000(8.39989+/-0.13)s
user	0m12.731000-13.212000(12.9751+/-0.17)s
sys	0m3.697000-3.902000(3.83722+/-0.064)s
```

After:
 Ten builds, laptop -j5, no ccache: 8% faster

```
real	0m33.802000-35.773000(35.468+/-0.54)s
user	2m19.073000-27.754000(26.2542+/-2.3)s
sys	0m15.784000-17.173000(16.7165+/-0.37)s
```

 Ten builds, laptop -j5, ccache (warm): 1% faster

```
real	0m8.200000-8.485000(8.30138+/-0.097)s
user	0m12.485000-13.100000(12.7344+/-0.19)s
sys	0m3.702000-3.889000(3.78787+/-0.056)s
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-09-17 09:43:22 +09:30
Michael Schmoock
d5f1515b25 chore: fix compile issue discovered by gcc
Changelog-None
2021-06-11 13:53:41 +09:30
Rusty Russell
16735e1352 bitcoin: allow developer override of signature grinding.
Allows us to precisely replicate test vectors.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-03 10:10:32 +09:30
Rusty Russell
93d3b0d126 doc: update BOLT quotes (to include LOW-S-standard rule).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-25 13:23:16 +10:30
Rusty Russell
84dc943cf5 common/bolt11_json: extract bolt11->json code.
Our new "decode" command will also handle bolt11.  We make a few cleanups:

1. Avoid type_to_string() in JSON, instead use format functions directly.
2. Don't need to escape description now that JSON core does that for us.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
f06ad0471c common/bolt12_merkle.h: experimental bolt 12 implementation.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-09 16:40:13 +10:30
Rusty Russell
9d656464f5 bitcoin/pubkey: add pubkey32 primitive for xonly pubkey types.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-09 16:40:13 +10:30
Rusty Russell
cce3e717d9 bitcoin/signature: wrap libwally call.
If a tx is larger than 2k, libwally will do an alloc:

```
lightning_hsmd: common/setup.c:11: wally_tal: Assertion `wally_tal_ctx' failed.
0x11c283 wally_tal
	common/setup.c:11
0x15ebd1 wally_malloc
	../../../libwally-core/src/internal.c:233
0x171e9e tx_to_bip143_bytes
	../../../libwally-core/src/transaction.c:1918
0x172cda tx_to_bytes
	../../../libwally-core/src/transaction.c:2086
0x1759df tx_get_signature_hash
	../../../libwally-core/src/transaction.c:2776
0x175afd wally_tx_get_signature_hash
	../../../libwally-core/src/transaction.c:2800
0x175b62 wally_tx_get_btc_signature_hash
	../../../libwally-core/src/transaction.c:2810
0x1297d9 bitcoin_tx_hash_for_sig
	bitcoin/signature.c:139
0x1298ca sign_tx_input
	bitcoin/signature.c:161
0x10e701 handle_sign_remote_commitment_tx
	hsmd/hsmd.c:1011
0x110f7f handle_client
	hsmd/hsmd.c:1968
0x147a71 next_plan
	ccan/ccan/io/io.c:59
0x1485ee do_plan
	ccan/ccan/io/io.c:407
0x14862c io_ready
	ccan/ccan/io/io.c:417
0x14a7f2 io_loop
	ccan/ccan/io/poll.c:445
0x111125 main
	hsmd/hsmd.c:2040
```

I reduced that constant in libwally to 200, and ran the entire
test suite, and found no other places.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-11-04 14:28:06 -06:00
niftynei
a04f0fe250 psbt: remove input_amounts from bitcoin tx
Instead we will stash them into the PSBT as a utxo/witness record (which
includes the amount)
2020-06-11 13:13:13 +02:00
Rusty Russell
27220646c3 common/wire: move bitcoin-specific marshalling functions into bitcoin files.
We did this originally because these types are referred to in the bolts, and we
had no way of injecting the correct include lines into those.  Now we do, so
there's less excuse for this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
lisa neigut
3705b5f605 devtools: add privkey+hash printing to mkcommit/mkgossip
We updated the protocol spec tests to verify a sig from a hash
and a private key; this updates mkcommit + mkgossip utilities
to print out the procotol compatible SIG() notation for all signatures.

--verbose will print a computed signature and more data as well.

Also adds --verbose flag to mkgossip.

Changelog-None
2019-11-21 01:17:33 +00:00
lisa neigut
861b12b21a dump_tx: fixup compiliation errs
When we refactored bitcoin_tx to use wally_tx, this (uncompiled)
debug statement rotted. This unrots it.
2019-11-21 01:17:33 +00:00
gorazdko
a3851f2943 wallet: always create signatures with low r-value 2019-10-29 18:51:09 -05:00
Christian Decker
d5f0c08a88 elements: Remove global is_elements variable in favor of chainparams
No need to keep duplicate globals.
2019-10-03 04:32:57 +00:00
Christian Decker
f0396df449 elements: Added small helper to compute the right signature hash
Depending on the network we end up with different signature hash algorithms,
so we just collect that decision in one place.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
d651ce6f3b wally: Migrate main daemon to use wally transactions
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
48006cb674 wally: Switch signatures over to using the wally_tx hash
First step towards decomissioning the handrolled bitcoin_tx operations.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
bd2573eafb wally: Build wally transactions in parallel with the old ones
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Rusty Russell
b7da41e674 bitcoin/signature: implement SIGHASH_SINGLE|SIGHASH_ANYONECANPAY for segwit.
option_simplified_commitment wants this for HTLC txs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
dffe2f516a signature: wrap almost all signatures in struct bitcoin_signature.
This is prep work for when we sign htlc txs with
SIGHASH_SINGLE|SIGHASH_ANYONECANPAY.

We still deal with raw signatures for the htlc txs at the moment, since
we send them like that across the wire, and changing that was simply too
painful (for the moment?).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
a83e45fec2 bitcoin/signature: create/check tx sigs without mangling the tx.
We currently make sure that all the bitcoin_tx input scripts are NULL
and set the input script of the input we're signing, so we can easily
reuse the tx hashing code for signature checks.  This means that we
sometimes jump through hoops to make sure input scripts are NULL, and
also means that the tx can't be const.

Put more logic inside bitcoin/tx so it can simply ignore things we
don't want to hash.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
5cf34d6618 Remove tal_len, use tal_count() or tal_bytelen().
tal_count() is used where there's a type, even if it's char or u8, and
tal_bytelen() is going to replace tal_len() for clarity: it's only needed
where a pointer is void.

We shim tal_bytelen() for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
practicalswift
6269a4c55d Remove unused functions not covered by unit tests 2018-03-26 23:35:56 +00:00
practicalswift
c85c2fcfe9 Fix conversion order 2018-03-16 01:17:40 +00:00
practicalswift
91a9c2923f Mark intentionally unused parameters as such (with "UNUSED") 2018-02-22 01:09:12 +00:00
Rusty Russell
85ff95e829 common: new directory for any shared objects.
To avoid everything pulling in HTLCs stuff to the opening daemon, we
split the channel and commit_tx routines into initial_channel and
initial_commit_tx (no HTLC support) and move full HTLC supporting versions
into channeld.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
b99c5620ef struct secret: use everywhere.
We alternated between using a sha256 and using a privkey, but there are
numerous places where we have a random 32 bytes which are neither.

This fixes many of them (plus, struct privkey is now defined in terms of
struct secret).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-05-09 11:43:35 +09:30
Rusty Russell
7d68554787 type_to_string: add secp256k1_ecdsa_signature.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-02 14:48:00 +10:30
Rusty Russell
8522a5ea64 struct bitcoin_tx: remove explicit lengths, use tal_len()/tal_count()
They're always tal objects, so we can simply ask tal for the length,
simplifying the API.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
8159c4458a bitcoin/script.h: remove struct bitcoin_signature
Technically this incudes the sighash flags, but we only handle SIGHASH_ALL
anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
1edce4878d bitcoin/signature.h: remove struct signature.
It's a wrapper around secp256k1_ecdsa_signature, so use that directly.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
a4fdaab5b3 Use global secp256k1_ctx instead of passing it around.
If I'd known how large this patch would be (though trivial), I'd
have done it in parts.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-12-02 18:12:58 +10:30
Rusty Russell
f5c00deec7 Remove trailing whitespace from source.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-11 09:32:04 +10:30
Christian Decker
f4568e5c1c routing: Added IRC announcement glue
Added channel announcement serialization and parsing, as well as the
entrypoints for the IRC peer discovery. Announcements are signed by the
sending endpoint and signatures are verified before adding the channels
to the local view of the topology. We do not yet verify the existence of
the anchor transaction.
2016-09-07 23:49:39 +02:00
Rusty Russell
be38d3f507 Minor cleanups: things found while debugging the database code.
1. Fix #ifdef DEBUG code in signature.c so it compiles.
2. Don't set peer->closing.our_script in queue_pkt_close_shutdown: it's
   assigned in caller already.
3. Wrap setting of htlc's rval in set_htlc_rval() function.
4. Log where we were when unexpected packet comes in.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:25:13 +09:30
Rusty Russell
f2d835522c bitcoin: implement sig_valid.
Update libsecp256k1 has a normalize function, which allows us to test
if the signature was in low-S form.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
69cb158edd base58, script, protobuf_convert: don't use temporary secp256k1 context.
We use libsecp256k1 to convert signatures to DER; we were creating a
temporary one, but we really should be handing the one we have in dstate
through.  This does that, everywhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
410fc3b272 misc: remove some unused functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:33:13 +09:30
Rusty Russell
df5d4e3c10 bitcoin/signature: BIP143 signature support.
We hand in the witness_script: if non-NULL, we use BIP143-style
signature hash creation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:05:51 +09:30
Rusty Russell
8545db418b bitcoin/tx: sha256_tx_for_sig() takes sighash flag.
That way it can assert (as we only support SIGHASH_ALL).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:45:53 +09:30
Rusty Russell
8104886503 Remove Alpha support.
I had already disabled it, and this clears the decks for Segregated Witness
which gives us everything we want.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:32:43 +09:30
Rusty Russell
e669baec1c bitcoin/signature: fix compilation with #define DEBUG
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:28:23 +09:30
Rusty Russell
6750794667 Use #if instead of #ifdef (we already use -Wundef).
This avoids embarassing typos in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-27 15:00:50 +10:30
Rusty Russell
9aa0eac814 bitcoin: hand in a secp256k1_context to all routines.
We don't want to re-create them internally, ever.

The test-cli tools are patched to generate them all the time, but
they're not performance critical.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
93b5db89a8 signature: expose check_signed_hash()
This is wanted for crypto communications to check signature.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:45 +10:30
Rusty Russell
9ebbe16b1e source cleanup: sort include lines into alpha order
This makes merging easier in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
32fe988fe8 bitcoin: signature fixes.
The libsecp change broke signature checking.  Disable it for now,
with a big FIXME.  The next version should have a method for S value
checking, and also compact serialization.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-12 10:45:02 +10:30
Rusty Russell
242fa1b2dd pubkey: pubkey_eq helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:38:58 +09:30
Rusty Russell
e7856e6e69 Update libsecp to git@github.com:bitcoin/secp256k1.git 52fd03f
We want the ecdh stuff for onion routing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:37:21 +09:30