Commit Graph

497 Commits

Author SHA1 Message Date
Rusty Russell
c7b69abdaa type_to_string: move formatting to appropriate files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-04 14:07:15 +10:30
Christian Decker
9f846925b3 bitcoin: Add comparison between pubkeys
Some of the routing messages rely on a canonical ordering of pubkeys.
2017-01-03 15:08:05 +10:30
Rusty Russell
a4fdaab5b3 Use global secp256k1_ctx instead of passing it around.
If I'd known how large this patch would be (though trivial), I'd
have done it in parts.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-12-02 18:12:58 +10:30
Rusty Russell
1f447688bc test: make generic driver for unit tests.
Not just in daemon.  This fixes 'make check' when it tries to
run 'make wire-tests'

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-12-02 18:10:13 +10:30
Rusty Russell
f5c00deec7 Remove trailing whitespace from source.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-11 09:32:04 +10:30
Rusty Russell
700c536a27 Makefile: remove all the old Elements Alpha support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-10 23:30:35 +10:30
Rusty Russell
78a0177f1c script: free redeemscript in bitcoin_witness_p2sh_p2wpkh
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-04 11:17:03 +10:30
Christian Decker
f4568e5c1c routing: Added IRC announcement glue
Added channel announcement serialization and parsing, as well as the
entrypoints for the IRC peer discovery. Announcements are signed by the
sending endpoint and signatures are verified before adding the channels
to the local view of the topology. We do not yet verify the existence of
the anchor transaction.
2016-09-07 23:49:39 +02:00
Rusty Russell
f90fb4934f close_shutdown: make sure script_pubkey is standard.
As per BOLT update 9c3f150d2a44af6ee2c3be03acd6ef80ea184f4e.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-31 16:06:32 +09:30
Rusty Russell
be38d3f507 Minor cleanups: things found while debugging the database code.
1. Fix #ifdef DEBUG code in signature.c so it compiles.
2. Don't set peer->closing.our_script in queue_pkt_close_shutdown: it's
   assigned in caller already.
3. Wrap setting of htlc's rval in set_htlc_rval() function.
4. Log where we were when unexpected packet comes in.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:25:13 +09:30
Rusty Russell
809caa8588 bitcoin/pullpush.[ch]: expose bitcoin-style marshal/unmarshal.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:23:45 +09:30
Rusty Russell
ec3344ce6e daemon/output_to_htlc: routines to map outputs for HTLCs for a given commit_num.
And use this to resolve old transactions by comparing outputs with
HTLCs.

Rather than remembering the output ordering for every one of their
previous commitment transactions, we just remember the commitment
number for each commitment txid, and when we see it, derive all the
HTLC scriptpubkeys and the to-us and to-them scriptpubkeys, and figure
out which is which.

This avoids us having to save information on disk, except for the
txid->commitment-number mapping (and the shachain).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:23:45 +09:30
Rusty Russell
bcd3e5f60e base58: fix check-source header order check.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-09 15:30:34 +09:30
Rusty Russell
e252f5de7d base58: remove openssl include, and undefined function declaration.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-09 13:10:19 +09:30
Christian Decker
1f4a056009 Switched base58 to use libbase58. 2016-08-09 13:10:19 +09:30
Rusty Russell
78174a09e2 bitcoin/varint: fix varint reading for multibyte varints.
Embarrassing error.

Reported-by: throckmorton on #lightning-dev
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-07 11:55:32 +09:30
Rusty Russell
364c2cd2c0 key_from_base58 / pubkey_from_privkey: don't support non-compressed keys.
It just clutters the API, and we don't support them on the wire anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
2a03af4486 Misc minor cleanups.
From doing a code walkthrough with Christian Decker; unnecessary const in
bitcoin/tx.c, an erroneous FIXME, a missing comment, and an unused struct.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
f2d835522c bitcoin: implement sig_valid.
Update libsecp256k1 has a normalize function, which allows us to test
if the signature was in low-S form.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
42bed80145 pubkey: don't carry around DER encoding.
We just wrap the libsecp256k1 structure, and convert to DER on demand.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
69cb158edd base58, script, protobuf_convert: don't use temporary secp256k1 context.
We use libsecp256k1 to convert signatures to DER; we were creating a
temporary one, but we really should be handing the one we have in dstate
through.  This does that, everywhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
caf50c9ae4 peer: handle fulfull and fail onchain.
We now need to use bitcoin_witness_htlc with the r value, so that API
is updated to take 'struct rval' or 'struct sha256'.

We use the nc->delay amount (ie. dstate->config.min_htlc_expiry) to
wait for a timeout refund to be buried before "failing" upstream.
This should probably be made into a clearer parameter rather than
overloading this one.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>


Header from folded patch 'dont-use-peer-nc-in-onchain-code.patch':

peer: Don't use peer->nc->delay for onchain case.

Use the config var directly.  We should be freeing peer->nc when the
connection dies anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
1245ffaae3 script: add check for 32-byte preimage.
We need to enforce this onchain as we do in the protocol off-chain,
otherwise we can have an onchain redemption we can't redeem upstream
via the protocol.  While Laolu points out there's a 520 byte limit on
witness stack element, that can still make for a larger tx and make
problems for the steal tx case.

The downside is that even the timeout transaction, which used to spend
the HTLC with an empty 'secret', now needs a 32-byte secret, making it
a little larger.  We create a 'bitcoin_witness_htlc' helper for this
case.

See: http://lists.linuxfoundation.org/pipermail/lightning-dev/2016-May/000529.html

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:50 +09:30
Rusty Russell
02593059cd script: rename scriptpubkey_htlc_send to/recv bitcoin_redeem_htlc_send/recv
They could be scriptpubkeys, but they're actually used inside p2wsh,
so they're really witness scripts.  We use the term "redeem" elsewhere
from when we were using p2sh, though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:50 +09:30
Rusty Russell
9eabab78ab utils: tal_hexstr() helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:49 +09:30
Rusty Russell
7efc0efab1 scripteq: simple helper for comparing scripts.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:27:56 +09:30
Rusty Russell
f4e94147a7 Remove unused script functions now we use witness.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 20:09:39 +09:30
Rusty Russell
b1700b1a91 protocol: non-HTLC commit tx outputs are p2wpkh
This is changes the payments to either party to be p2wpkh.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:57:35 +09:30
Rusty Russell
8dce2e77f7 script: 2of2 witness support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:54:35 +09:30
Rusty Russell
d26be323b6 measure_tx_cost: determine the BIP141 cost of a transaction.
BIP141 indicates that the rule for block size has changed: witness
bytes effectively count for 1, and non-witness bytes count for 4, but
the maximum total has increased to 4,000,000.

This means that fee estimates should use the witness cost (divided by
4), not the raw txlen.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:53:35 +09:30
Rusty Russell
e60b1b4efa bitcoind: use correct endianness for block hashes.
Like txids, we need to reverse them.  We didn't, but then we only used them
to pass to/from bitcoind.  We're about to get them from the block header,
so we need to fix that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:41:20 +09:30
Rusty Russell
e7b9a913a6 bitcoind: getrawblock helper.
It turns out using the verbose=false parameter, you can get the raw block
from getblock.  Do that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:40:29 +09:30
Rusty Russell
410fc3b272 misc: remove some unused functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:33:13 +09:30
Rusty Russell
d9c4960f33 bitcoin/script: support for creating p2sh-p2wpkh.
We want this because P2SH is something we can tell bitcoind to pay to;
we can't (yet?) do that with "raw" P2WPKH.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:04 +09:30
Rusty Russell
772a960c41 tx: add measure_tx_len() helper.
We currently linearize and then measure the string; this is better since
we're about to do it in a second place.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:04 +09:30
Rusty Russell
6b956ea22a varint: new file.
Move varint handling from tx.c and generalize it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:03 +09:30
Rusty Russell
af080d5613 bitcoin/script: helper to create ScriptCode for signing P2WPKH.
sign_tx_input() now takes a witness_script arg: P2WPKH doesn't really
have a witness_script, but for signing it behaves as if it does.

This helper constructs that "fake" witness_script.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:06:51 +09:30
Rusty Russell
df5d4e3c10 bitcoin/signature: BIP143 signature support.
We hand in the witness_script: if non-NULL, we use BIP143-style
signature hash creation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:05:51 +09:30
Rusty Russell
8545db418b bitcoin/tx: sha256_tx_for_sig() takes sighash flag.
That way it can assert (as we only support SIGHASH_ALL).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:45:53 +09:30
Rusty Russell
ee5f0e3ea6 bitcoin/tx: add helper to write blob of data.
We do this a lot.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:44:53 +09:30
Rusty Russell
58b14292ad bitcoin/tx: (optional) input amount.
We need this for signing segwitness txs.  Unfortunately, we don't have it
for transactions we received as hex, only ones we created; to make this safe
we use a pointer which is NULL if we don't know, and those will crash if
we try to sign or check their sigs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:43:53 +09:30
Rusty Russell
ed70b13041 bitcoin: add first unit test.
Should grow from here.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:42:53 +09:30
Rusty Russell
66084271c3 bitcoind: work around fundrawtransaction segwit issue.
See https://github.com/sipa/bitcaoin/issues/67

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:41:53 +09:30
Rusty Russell
587cda0ab8 tx: segregated witness encoding/decoding support.
As described in BIP144.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:39:53 +09:30
Rusty Russell
a084bb2160 bitcoin/tx: make sure we don't try to do a huge allocation on bad input tx.
This could only happen via our RPC interface (bitcoind should not give
us bad txs!) but it's better to be robust.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:36:29 +09:30
Rusty Russell
40b14981fd daemon: fix BIP68 support.
We got the -> second translation wrong by a factor of 512, and also we
need to move the median time in our tests otherwise bitcoind won't let
us spend the tx.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:34:29 +09:30
Rusty Russell
e44a7dc2d5 bitcoin/tx: remove style arg.
Without Alpha, it's superfluous.  We're about to add segwit support,
but linearization requires a more powerful approach, and segwit
signature checking is completely different and really deserves its
own function.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:33:29 +09:30
Rusty Russell
8104886503 Remove Alpha support.
I had already disabled it, and this clears the decks for Segregated Witness
which gives us everything we want.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:32:43 +09:30
Rusty Russell
15f7ec436c Fix "make check-source"
Obviously, haven't run it in a while.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:28:43 +09:30
Rusty Russell
e669baec1c bitcoin/signature: fix compilation with #define DEBUG
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:28:23 +09:30
Rusty Russell
b6943b9198 protocol: remove support for uncompressed pubkeys.
There's no good reason to support them, and this way every key is 33 bytes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-30 16:54:16 +10:30
Rusty Russell
c1d1b360bf daemon: add memcheck() in various places where we expect things to be initialized.
This just causes valgrind to warn sooner.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:31:15 +10:30
Rusty Russell
6750794667 Use #if instead of #ifdef (we already use -Wundef).
This avoids embarassing typos in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-27 15:00:50 +10:30
Rusty Russell
9aa0eac814 bitcoin: hand in a secp256k1_context to all routines.
We don't want to re-create them internally, ever.

The test-cli tools are patched to generate them all the time, but
they're not performance critical.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
3374ddd2a6 bitcoin: use a length arg to bitcoin_tx_from_hex
Our json parser doesn't use nul-terminated strings.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
cf547d491b bitcoin: add len arg to pubkey conversion function.
Our json parser doesn't give nul-terminated strings.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
7cf786f1f4 pull_bitcoin_tx: allocate outputs off tx itself.
All the members of the transaction should be allocated off the
transaction, as they have the same lifetime.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
3a803eefbb bitcoin/tx: move bitcoin_tx_from_file() to test-cli, expose bitcoin_tx_from_hex()
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
04fd2c861f bitcoin/base58: p2sh address support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
93b5db89a8 signature: expose check_signed_hash()
This is wanted for crypto communications to check signature.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:45 +10:30
Rusty Russell
9ebbe16b1e source cleanup: sort include lines into alpha order
This makes merging easier in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
d733e82352 header cleanup: sort include lines into alpha order, after config.h
This makes merging easier in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
2e873af86f locktime: complete the set of conversion functions.
And add protobuf_convert helpers, too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4b02c6f558 locktime: nice abstractions for absolute and relative locktimes.
I got confused navigating these, especially since Alpha and Bitcoin
have diverged (BIP68 was proposed after Elements Alpha).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4c42930940 bitcoin/tx, protobuf_convert: support BIP68 as implemented.
The format for both the nSequence field and the stack arg for
OP_CHECKSEQUENCEVERIFY is either:

  Time-relative:	[Bit 22 = 1] 00000 <time-shifted-by-9>
  Block-relative:	[Bit 22 = 0] 00000 <number of blocks>

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4e23f9916d script: encode numbers minimally.
This happens for CSV, for example (3-byte encoding), and bitcoind treats
too-long encodings as non-standard.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
6b2d844f2a bitcoin: use ccan/mem instead of rolling own check_mem function.
Reported-by: John Newbery
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-26 21:06:23 +10:30
Rusty Russell
32fe988fe8 bitcoin: signature fixes.
The libsecp change broke signature checking.  Disable it for now,
with a big FIXME.  The next version should have a method for S value
checking, and also compact serialization.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-12 10:45:02 +10:30
Rusty Russell
242fa1b2dd pubkey: pubkey_eq helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:38:58 +09:30
Rusty Russell
e7856e6e69 Update libsecp to git@github.com:bitcoin/secp256k1.git 52fd03f
We want the ecdh stuff for onion routing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:37:21 +09:30
Rusty Russell
454a3867e5 BIP68 support (nSequence enforcement)
The latest version of the BIP doesn't use inversion, but does use
bitshifts.

It also uncovered a bug in the test scripts: the block timestamps
creep forward when we generate large numbers of blocks (UpdateTime
insists it be > GetMedianTimePast() so it's valid).  We need to take
this into account when waiting for the median to move (reduced it from
60 to 30 seconds, since that adds about 14 seconds).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 10:54:11 +09:30
Rusty Russell
58a62e782d bitcoin/script: don't pass value for HTLC script.
We don't need it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-24 14:56:01 +09:30
Rusty Russell
08ae4a687d script: HTLC support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
cf3433a0ad script: add OP_CHECKLOCKTIMEVERIFY.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
0170ad4abd script: add add_push_le32 helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
c4d5a85b4e protocol: remove tx_version field.
It's trivial to add later as an optional field.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-29 12:00:49 +09:30
Rusty Russell
ee3af28980 test-cli/txid-of: simple helper to get txid.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
6a5ba591ee signature: match alpha hashing bug for multiple inputs.
https://github.com/ElementsProject/elements/issues/37

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
aa79887d79 script: use the normalized delay script form for commit output.
As documented in the paper; it's also two bytes shorter, and allows
us to use the exact same script for three cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
d053181b0b script: add standard routines for secret-or-timedelay outputs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
465c2b04e8 signature: fix -DDEBUG case, add hash printing.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
8f64eb90af Switch over to CCAN's ripemd160.
Avoids handing naked u8 arrays around, too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-09 15:43:36 +09:30
Rusty Russell
66b1df4036 tx: locktime should be 0.
It doesn't matter until we start setting sequence numbers properly,
so hasn't been noticed until now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-03 10:44:44 +09:30
Rusty Russell
ae31431168 tx: centralize transaction writing, append amounts for alpha.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:55:11 +09:30
Rusty Russell
62a002c860 script: make DER for signature encoding optional.
Alpha does the sane thing, places signatures raw.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
faae91f3fc Schnorr signature support.
This variation is used by alpha.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
1d82bf51fc signature: fix invalid S check.
The even-S check was based on https://github.com/sipa/bitcoin/commit/a81cd9680
which was replaced by a low-S check in commit e0e14e43d9586409e42919f6cb955540134cda2a

Abstract out and fix the check.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
d20ddb5a90 Use libsecp256k1 instead of openssl for crypto.
We still use openssl for bignums (base58) and for ripemd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
fbe63124f6 Move DER encoding into bitcoin/signature.c
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
20624c049f tx: prepare for Elements Alpha.
They sign, hash, and serialize differently.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:45 +09:30
Rusty Russell
61737a79d2 Fix typo.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-25 13:48:05 +09:30
Rusty Russell
602117e8bb Add valgrind memcheck helpers.
Otherwise valgrind tells you when you test a hash; you want to
know if you hash uninitialized memory long before that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-24 16:15:34 +09:30
Rusty Russell
143e7e032c Optimize revocable output a little.
Both paths do CHECKSIG, do that outside.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-23 16:05:09 +09:30
Rusty Russell
9f12b72476 Don't include mutual redemption in recovable commit tx output.
It's not clear it's needed, and without it there's a good reason to
delay dumping to the blockchain if a node becomes unreachable (since
you'll get your money faster if it comes back online).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:41:30 +09:30
Rusty Russell
ef9463f6b1 Sort include lines (ignoring hacky cli test utils).
Put ccan first, openssl next, then standard headers, then locals.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:41:28 +09:30
Rusty Russell
442f321585 Move protobuf<->bitcoin converters out of bitcoin/
They're lightning-specific.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:35:42 +09:30
Rusty Russell
612d713470 Move bitcoin stuff into bitcoin subdir.
It's not very interesting if you're looking for LN code.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:35:42 +09:30