Commit Graph

496 Commits

Author SHA1 Message Date
Christian Decker
e10cde3516 chainparams: Remove index from chainparams
We no longer use it to reference chainparams, so we can remove it completely.
2018-09-14 21:18:11 +02:00
Christian Decker
f417dfa0e1 chainparams: Always retrieve chainparams by the chain_hash 2018-09-14 21:18:11 +02:00
Christian Decker
2d7e603ac1 chainparams: Move the BOLT2 quote to the chainparams where we set it 2018-09-14 21:18:11 +02:00
Christian Decker
8d95917e7c chainparams: Add max_funding_satoshi and max_payment_msat to chainparams 2018-09-14 21:18:11 +02:00
Rusty Russell
8340d8c070 secret_eq: remove in favor of constant time variant.
To be safe, we should never memcmp secrets.  We don't do this
currently outside tests, but we're about to.

The tests to prove this as constant time are the tricky bit.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
Rusty Russell
5cf34d6618 Remove tal_len, use tal_count() or tal_bytelen().
tal_count() is used where there's a type, even if it's char or u8, and
tal_bytelen() is going to replace tal_len() for clarity: it's only needed
where a pointer is void.

We shim tal_bytelen() for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
Rusty Russell
289e39a0a3 bitcoin/pubkey: add pubkey_from_secret.
Really, we should have a 'struct point' since we don't use all points
as pubkeys.  But this is the minimal fix to avoid type cast nastiness.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
fed5a117e7 Update ccan/structeq.
structeq() is too dangerous: if a structure has padding, it can fail
silently.

The new ccan/structeq instead provides a macro to define foo_eq(),
which does the right thing in case of padding (which none of our
structures currently have anyway).

Upgrade ccan, and use it everywhere.  Except run-peer-wire.c, which
is only testing code and can use raw memcmp(): valgrind will tell us
if padding exists.

Interestingly, we still declared short_channel_id_eq, even though
we didn't define it any more!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-04 23:57:00 +02:00
Rusty Russell
0e6c0dbba2 bitcoin: expose feerate_floor.
Onchaind will want it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-06-21 13:43:32 +02:00
Rusty Russell
18a6cbd11f bitcoin/*: fix up BOLT references.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-06-18 12:31:09 +02:00
Saibato
09407b9fd8 fix Litecoin testnet bip173 name
Signed-off-by: Saibato <saibato.naga@protonmail.com>
2018-05-03 14:09:50 +02:00
practicalswift
abf510740d Force the use of the POSIX C locale for all commands and their subprocesses 2018-04-27 14:02:59 +02:00
nicolas.dorier
e36cf354aa Update when_lightning_became_cool for LTC 2018-04-27 13:59:19 +02:00
practicalswift
6269a4c55d Remove unused functions not covered by unit tests 2018-03-26 23:35:56 +00:00
practicalswift
98f49c0837 Remove include in file foo.c that is already included in foo.h 2018-03-25 23:54:21 +00:00
practicalswift
c85c2fcfe9 Fix conversion order 2018-03-16 01:17:40 +00:00
practicalswift
b8846dad49 Readability: Use streq instead of strcmp 2018-03-16 01:17:40 +00:00
practicalswift
60a7720a24 Avoid passing NULL argument to memcpy 2018-03-16 01:17:40 +00:00
Rusty Russell
5eea772c53 type_to_string: support sha256_double.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-13 16:34:55 +01:00
Rusty Russell
45e145df5e onchaind: don't create zero-output txs if fees overwhelm us.
They're illegal.  Instead do OP_RETURN so we don't pollute the UTXO.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-07 18:55:51 +01:00
Rusty Russell
ca4603455b short_channel_id: remove short_channel_id_to_uint accessor.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-01 23:33:56 +01:00
Rusty Russell
c5d41a23d7 short_channel_id: just use structeq.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-01 23:33:56 +01:00
Rusty Russell
042d5d13f5 short_channel_id: don't use bitfields.
I leave all the now-unnecessary accessors in place to avoid churn, but
the use of bitfields has been more pain than help.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-01 23:33:56 +01:00
practicalswift
91a9c2923f Mark intentionally unused parameters as such (with "UNUSED") 2018-02-22 01:09:12 +00:00
Rusty Russell
6620305606 wallet: use last_processed_block to determine scan start.
With fallback depending on chainparams: this means the first upgrade
will be slow, but after that it'll be fast.

Fixes: #990
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-16 13:07:12 +01:00
Luca Vaccaro
4dac2da8fc Fix litecoin mainnet & testnet chainparams 2018-02-14 15:26:27 +01:00
practicalswift
4f4756bd20 Fix a-vs-an typos 2018-02-08 22:49:34 +01:00
Rusty Russell
9a6c36a568 bitcoin/tx: remove unused pull_bitcoin_tx_onto.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-08 19:07:12 +01:00
Jon Griffiths
4b38696613 pull_length: Take structure size into account when checking max
When a serialized length refers to an array of structures, the trivial
DOS prevention can be out by a factor of sizeof(serialized struct). Use
the size of the serialized structure as a multiplier to prevent this.

Transaction inputs are the motivating example, where the check is out by
a factor of ~40.
2018-02-07 00:45:26 +00:00
William Casarin
b30fb952e6 chainparams: fix regtest bip173_name
regtest bech32 hrp is bcrt, not tb

Signed-off-by: William Casarin <jb55@jb55.com>
2018-02-06 01:37:58 +00:00
Christian Decker
d7224e2178 gossip: Added short_channel_id_to_uint for uintmap index
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-02-05 18:28:39 +00:00
Rusty Russell
de0777cb2c Fix weight calculation, rename cost->weight.
Reported-by: Jon Griffiths
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-03 21:00:55 +01:00
Jon Griffiths
505a249966 push_tx: Don't create BIP 144 invalid transactions
If no witnesses are present on any inputs, then extended serialisation
should not be used.

[ Amended to make adding new flags clearer in future -- RR ]
Signed-off-by: Jon Griffiths <jon_p_griffiths@yahoo.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-02 02:33:13 +00:00
Luca Vaccaro
af26c91a2c Add litecoin testnet support 2018-01-28 13:56:28 +01:00
William Casarin
3cb03ab784 bitcoin: add test programs to ALL_TEST_PROGRAMS
* Add BITCOIN_TEST_PROGRAMS to ALL_TEST_PROGRAMS
* Refactor bitcoin test make directives into its own Makefile under bitcoin/test

Signed-off-by: William Casarin <jb55@jb55.com>
2018-01-24 17:42:32 +01:00
Christian Decker
524849bc11 bitcoin: Split pull_bitcoin_tx
The deserialization of bitcoin transactions in wire/ is rather
annoying in that we first allocate a new bitcoin_tx, then copy it's
contents onto the destination and then still carry the newly allocated
one around due to the tal-tree. This splits `pull_bitcoin_tx` into
two: one part that does the allocation and another one that proceeds
to parse.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-01-08 17:19:25 +01:00
Rusty Russell
3ae7b9f0fb bitcoin: add formatting hook for printing bitcoin blockids
lightningd(12615): Adding block UNKNOWN TYPE bitcoin_blkid

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-25 12:33:22 +01:00
Rusty Russell
810abb6b21 bitcoin: create new wrapper type bitcoin_blkid, log backward endianness.
It's just a sha256_double, but importantly when we convert it to a
string (in type_to_string, which is used in logging) we use
bitcoin_blkid_to_hex() so it's reversed as people expect.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 11:05:38 +00:00
Rusty Russell
0237e0b28c bitcoin: create new wrapper type bitcoin_txid, log backward endianness.
It's just a sha256_double, but importantly when we convert it to a
string (in type_to_string, which is used in logging) we use
bitcoin_txid_to_hex() so it's reversed as people expect.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-21 11:05:38 +00:00
Rusty Russell
070929f92e bitcoin/script: define standard scriptpubkey lengths.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-20 12:56:15 +01:00
ZmnSCPxj
f0fa01b439 Share similar code between bitcoin_witness_p2sh_p2wpkh and bitcoin_scriptsig_p2sh_p2wpkh.
Note that bitcoin_witness_p2sh_p2wpkh is not actually used in current
code.
2017-12-10 12:46:25 +01:00
Rusty Russell
af7e6158af Makefile: clean needs to do more, distclean should remove everything.
I checked this with git status --ignored after a full build and 'make distclean'.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-24 13:29:03 +01:00
Rusty Russell
88ec8df329 bitcoin/scripts: use htlckey instead of localkey.
Basically a namechange in the argument list.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
20ce829f81 script: add helper to use a raw witness program.
This is for future compatibility.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 01:09:23 +00:00
Rusty Russell
9ec5cb7ba2 script: enhance is_p2sh/is_p2pkh/is_p2wsh/is_p2wpkh to extract addr.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 01:09:23 +00:00
Rusty Russell
58604a0497 chainparams: add bip173 name.
Google lead me to a discussion about litecint, it suggested they would use
'ltc' and I don't really care.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 01:09:23 +00:00
Rusty Russell
f9edbcb4ec script: add p2sh scriptpubkey helper to create from hash.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-01 01:09:23 +00:00
Rusty Russell
6ef64cd52b script: make "sig_and_empty" more generic, make htlc tx witness fns clearer.
For non-delayed HTLC success spends, we have a similar pattern ("<sig>
<preimage> <wscript>") so a we want to use the same function.

The other routines don't say "witness" in them, and should.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-28 13:07:05 +09:30
Rusty Russell
56d89b02c7 chainparams: fix order of chain hashes.
See https://github.com/lightningnetwork/lightning-rfc/issues/237

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-09-05 00:35:38 +02:00
Rusty Russell
739b163f8b Makefiles: simplify dependencies.
Gather all binaries and objects and make the depend on external
requirements and common headers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
f42f34b82d external: new subdirectory for all external libraries and submodules.
You will want to 'make distclean' after this.

I also removed libsecp; we use the one in in libwally anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
8c22bd9ee1 headers: fix up header idempotent lines.
For future reference, done via:
	for f in `find wire/ bitcoin/ common/ lightningd -name '*.h' ! -name 'gen*'`; do ID=`echo -n LIGHTNING/$f | tr 'a-z' 'A-Z' | tr -cs 'A-Z0-9' _`; sed 's/^#\(ifndef\|define\) .*_H$/#\1 '$ID/ < $f | sed 's,#endif /..*_H ./$,#endif /* '$ID' */,' | bagto $f; done

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
a37c165cb9 common: move some files out of lightningd/
Basically all files shared by different daemons.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
8375857116 common: absorb remaining files from daemon/
Also, we split the more sophisticated json_add helpers to avoid pulling in
everything into lightning-cli, and unify the routines to print struct
short_channel_id (it's ':',  not '/' too).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
85ff95e829 common: new directory for any shared objects.
To avoid everything pulling in HTLCs stuff to the opening daemon, we
split the channel and commit_tx routines into initial_channel and
initial_commit_tx (no HTLC support) and move full HTLC supporting versions
into channeld.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
052c9f42d4 bitcoin/script: remove routines unnecessary for modern daemon.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-29 17:54:14 +02:00
Rusty Russell
af9d763763 bitcoin/script: support variants where we only have the ripemd.
For space saving, we only keep the ripemd160 for old HTLCs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-20 13:06:41 +09:30
Rusty Russell
253b3e679e bitcoin/tx: use NULL for empty input scripts, not a zero-len array.
The signing code asserts these are NULL, and if we unmarshal from the
wire then sign them, it gets upset.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-08-20 13:06:41 +09:30
Christian Decker
f085a474b2 fix: Only add cli_args if we have some defined
This was causing calls to `bitcoin-cli` to fail on mainnet since it
was interpreting the empty string as the RPC method to call.
2017-08-13 13:57:48 +09:30
Christian Decker
fa6e53bb08 Move short_channel_id primitive into bitcoin
Not really a bitcoin primitive but the place where we keep all the
small stuff currently.
2017-08-10 12:34:58 +09:30
Christian Decker
7dc693963d script: Consolidate scripts to use pubkey_to_hash160 2017-07-15 10:19:33 +09:30
Christian Decker
2c0b52fb77 bitcoin: Make chainparams const
`cli` and `cli_args` were not `const` before since they are added to a
non-`const` array. Using `cast_const` we can keep them `const` without
unsafe cast.

Reported-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-07-13 15:36:50 +02:00
Christian Decker
5fdb8a58aa fix: Addressing feedback from PR #192 2017-07-12 13:16:00 +02:00
Christian Decker
83c8c3fc52 opening: Use the correct chainparams to open a channel
We were using the bitcoin genesis blockhash for all networks, which is
not correct, and would result in the open being aborted when talking
to other implementations.

Reported-by: @sstone and @pm47
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-07-12 11:30:23 +09:30
Christian Decker
df056e5973 bitcoin: Added chainparams grouping blockchain specific parameters 2017-07-12 11:30:23 +09:30
Christian Decker
40165ba6d5 script: Use pkh to construct p2pkh output scripts
So far we always needed to know the public key, which was not the case
for addresses that we don't own. Moving the hashing outside of the
script construction allows us to send to arbitrary addresses. I also
added the hash computation to the pubkey primitives.
2017-06-23 16:02:20 +09:30
Christian Decker
f10b779c83 pubkey: valgrind was reporting about unset memory in address parsing
This is likely due to `libbase58` implicitly relying on the passed in
buffer to be memset to 0, in order to report the correct decoded
length.
2017-06-23 16:02:20 +09:30
Christian Decker
954b2c4a67 fix: Corrently parse non-testnet p2pkh addresses
The return value of `b58check` is negative on failure, and positive
values are the address version, i.e., 0 in the case of mainnet
addresses.
2017-06-23 16:02:20 +09:30
Rusty Russell
6f181e0dc1 BOLT update for 8-byte satoshi values, and other updates.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-06-07 09:19:04 +09:30
Rusty Russell
7389aae26a Massive BOLT text underscore and formatting updates.
This brings us up to 61b5b3f7b4145c9d6d66973b6bfbf28e6c0a0791.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-06-07 09:19:04 +09:30
Christian Decker
80bf908922 script: Consolidate pubkey comparison 2017-05-20 19:59:16 +09:30
Rusty Russell
b99c5620ef struct secret: use everywhere.
We alternated between using a sha256 and using a privkey, but there are
numerous places where we have a random 32 bytes which are neither.

This fixes many of them (plus, struct privkey is now defined in terms of
struct secret).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-05-09 11:43:35 +09:30
Rusty Russell
dc562f0533 Makefiles: fix from-scratch parallel build.
1) Need config.h before wire/gen_ are compiled.
2) The rule to checkout the libbase58 submodule doesn't work, so use the older
   one-depends-on-the-other approach.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-04-01 23:59:46 +10:30
Rusty Russell
8cc7f31d44 Update wire from spec 9e0a0e893db389bfe392b2f4db8097949395fe28
Now we send genesis block in handshake.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-04-01 23:59:46 +10:30
Rusty Russell
29d6004efc bitcoin/script: update scripts to the lightningnetwork/lightning-rfc#123 version
aka "BOLT 3: Use revocation key hash rather than revocation key",
which builds on top of lightningnetwork/lightning-rfc#105 "BOLT 2,3,5:
Make htlc outputs of the commitment tx spendable with revocation key".

This affects callers, since they now need to hand us the revocation
pubkey, but commit_tx has that already anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-03-07 16:16:59 +10:30
Rusty Russell
de39752d05 bitcoin/script: add internal hash160_key helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-03-07 16:12:18 +10:30
Rusty Russell
39993f229d bitcoin/script: rename bitcoin_redeem_p2wpkh -> bitcoin_redeem_p2sh_p2wpkh
This is its full name, and less confusing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-03-07 11:35:48 +10:30
Rusty Russell
ccff3ac437 lightningd/funding_tx: fill in scriptsigs for p2sh UTXOs.
This is a bit tricky: for our signing code, we don't want scriptsigs,
but to calculate the txid, we need them.  For most transactions in lightning,
they're pure segwit so it doesn't matter, but funding transactions can
have P2SH-wrapped P2WPKH inputs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-03-07 11:31:55 +10:30
Rusty Russell
5475666b7e lightningd: simple wallet support.
This allows us to add funds via the P2SH-wrapped Segwit Transactions.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-21 15:19:02 +10:30
Rusty Russell
82f5b3ad51 bitcoin/script: bitcoin_witness_p2wpkh()
For the wallet code to use for change.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-21 15:15:29 +10:30
Rusty Russell
4f6033ba29 bitcoin: fix building of submodules libbase58 submodule.
This does it properly, as learned from Stack Overflow.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-21 15:15:28 +10:30
Rusty Russell
3e1ae177fb bitcoin/script: BOLT 3 htlc transaction support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-07 12:14:22 +10:30
Rusty Russell
6f3803aae7 bitcoin/script: BOLT 3 commitment transaction support.
This is a step away from the previous more generic script types into
specific helpers for each transaction type we need.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-07 12:14:21 +10:30
Rusty Russell
1bb66cde2a bitcoin/scrpt: add vanilla p2pkh support.
We are about to use it for our funding tx change output.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-07 12:14:21 +10:30
Rusty Russell
e899c47260 bitcoin/base58: don't segv if key_to_base58 / key_from_base58 called first.
We need to initialize b58_sha256_impl here too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-07 12:14:21 +10:30
Rusty Russell
7d68554787 type_to_string: add secp256k1_ecdsa_signature.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-02 14:48:00 +10:30
Rusty Russell
25a37fafae type_to_string: add privkey.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-02 14:48:00 +10:30
Rusty Russell
c6997f15c7 bitcoin/preimage: struct preimage.
We had a hack for 'struct rval' in protobuf_convert.h; make an
explicit header and put it in bitcoin/preimage.h.  It's not really
bitcoin-specific, but it's better than having bitcoin/script depend on
an external header.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-02 14:48:00 +10:30
Rusty Russell
999472d99a bitcoin: fix script number encoding.
Encodings are signed: we may need 5 bytes to encode giant u32s.

Reported-by: Fabrice Drouin <fabrice.drouin@acinq.fr>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-02-02 11:10:00 +10:30
Rusty Russell
8522a5ea64 struct bitcoin_tx: remove explicit lengths, use tal_len()/tal_count()
They're always tal objects, so we can simply ask tal for the length,
simplifying the API.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
8159c4458a bitcoin/script.h: remove struct bitcoin_signature
Technically this incudes the sighash flags, but we only handle SIGHASH_ALL
anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
1edce4878d bitcoin/signature.h: remove struct signature.
It's a wrapper around secp256k1_ecdsa_signature, so use that directly.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
a25e2816e9 type_to_string: add secp256k1_pubkey
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-25 11:03:55 +10:30
Rusty Russell
7b1a4fc765 utils: add tal_hex() helper.
This is a shortcut when the data being dumped is a tal array.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-10 15:19:25 +10:30
Christian Decker
452656f5a1 base58: Making check-source happy again
Trailing whitespace and include ordering was broken.
2017-01-05 12:12:30 +10:30
Rusty Russell
9df0aa7538 libbase58: add autosubmodule rule, move depends to bitcoin/Makefile
The object file should not be built inside the submodule, as that can
confuse git.

Not everything depends on the libbase58 header (CCAN doesn't), so
move that to the everything-else depends line.

The BITCOIN_SRC etc should also move to bitcoin/Makefile, but that's
a bigger change.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-05 12:11:18 +10:30
Lucas Betschart
3e6bb958eb Add libbase58 as git submodule
Pointing to the latest release (0.1.4)
2017-01-05 12:11:18 +10:30
Rusty Russell
b7789bf065 Makefile: generalize whitespace check.
Spread to individual Makefiles, and include headers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-04 14:09:20 +10:30
Rusty Russell
0861ec33a5 check-source-bolt: generalize.
This way sub-Makefiles can add their own files to check.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-04 14:09:20 +10:30
Rusty Russell
c7b69abdaa type_to_string: move formatting to appropriate files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-01-04 14:07:15 +10:30
Christian Decker
9f846925b3 bitcoin: Add comparison between pubkeys
Some of the routing messages rely on a canonical ordering of pubkeys.
2017-01-03 15:08:05 +10:30
Rusty Russell
a4fdaab5b3 Use global secp256k1_ctx instead of passing it around.
If I'd known how large this patch would be (though trivial), I'd
have done it in parts.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-12-02 18:12:58 +10:30
Rusty Russell
1f447688bc test: make generic driver for unit tests.
Not just in daemon.  This fixes 'make check' when it tries to
run 'make wire-tests'

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-12-02 18:10:13 +10:30
Rusty Russell
f5c00deec7 Remove trailing whitespace from source.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-11 09:32:04 +10:30
Rusty Russell
700c536a27 Makefile: remove all the old Elements Alpha support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-10 23:30:35 +10:30
Rusty Russell
78a0177f1c script: free redeemscript in bitcoin_witness_p2sh_p2wpkh
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-11-04 11:17:03 +10:30
Christian Decker
f4568e5c1c routing: Added IRC announcement glue
Added channel announcement serialization and parsing, as well as the
entrypoints for the IRC peer discovery. Announcements are signed by the
sending endpoint and signatures are verified before adding the channels
to the local view of the topology. We do not yet verify the existence of
the anchor transaction.
2016-09-07 23:49:39 +02:00
Rusty Russell
f90fb4934f close_shutdown: make sure script_pubkey is standard.
As per BOLT update 9c3f150d2a44af6ee2c3be03acd6ef80ea184f4e.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-31 16:06:32 +09:30
Rusty Russell
be38d3f507 Minor cleanups: things found while debugging the database code.
1. Fix #ifdef DEBUG code in signature.c so it compiles.
2. Don't set peer->closing.our_script in queue_pkt_close_shutdown: it's
   assigned in caller already.
3. Wrap setting of htlc's rval in set_htlc_rval() function.
4. Log where we were when unexpected packet comes in.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:25:13 +09:30
Rusty Russell
809caa8588 bitcoin/pullpush.[ch]: expose bitcoin-style marshal/unmarshal.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:23:45 +09:30
Rusty Russell
ec3344ce6e daemon/output_to_htlc: routines to map outputs for HTLCs for a given commit_num.
And use this to resolve old transactions by comparing outputs with
HTLCs.

Rather than remembering the output ordering for every one of their
previous commitment transactions, we just remember the commitment
number for each commitment txid, and when we see it, derive all the
HTLC scriptpubkeys and the to-us and to-them scriptpubkeys, and figure
out which is which.

This avoids us having to save information on disk, except for the
txid->commitment-number mapping (and the shachain).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-18 14:23:45 +09:30
Rusty Russell
bcd3e5f60e base58: fix check-source header order check.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-09 15:30:34 +09:30
Rusty Russell
e252f5de7d base58: remove openssl include, and undefined function declaration.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-08-09 13:10:19 +09:30
Christian Decker
1f4a056009 Switched base58 to use libbase58. 2016-08-09 13:10:19 +09:30
Rusty Russell
78174a09e2 bitcoin/varint: fix varint reading for multibyte varints.
Embarrassing error.

Reported-by: throckmorton on #lightning-dev
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-07 11:55:32 +09:30
Rusty Russell
364c2cd2c0 key_from_base58 / pubkey_from_privkey: don't support non-compressed keys.
It just clutters the API, and we don't support them on the wire anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
2a03af4486 Misc minor cleanups.
From doing a code walkthrough with Christian Decker; unnecessary const in
bitcoin/tx.c, an erroneous FIXME, a missing comment, and an unused struct.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
f2d835522c bitcoin: implement sig_valid.
Update libsecp256k1 has a normalize function, which allows us to test
if the signature was in low-S form.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
42bed80145 pubkey: don't carry around DER encoding.
We just wrap the libsecp256k1 structure, and convert to DER on demand.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
69cb158edd base58, script, protobuf_convert: don't use temporary secp256k1 context.
We use libsecp256k1 to convert signatures to DER; we were creating a
temporary one, but we really should be handing the one we have in dstate
through.  This does that, everywhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
caf50c9ae4 peer: handle fulfull and fail onchain.
We now need to use bitcoin_witness_htlc with the r value, so that API
is updated to take 'struct rval' or 'struct sha256'.

We use the nc->delay amount (ie. dstate->config.min_htlc_expiry) to
wait for a timeout refund to be buried before "failing" upstream.
This should probably be made into a clearer parameter rather than
overloading this one.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>


Header from folded patch 'dont-use-peer-nc-in-onchain-code.patch':

peer: Don't use peer->nc->delay for onchain case.

Use the config var directly.  We should be freeing peer->nc when the
connection dies anyway.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-07-01 12:00:17 +09:30
Rusty Russell
1245ffaae3 script: add check for 32-byte preimage.
We need to enforce this onchain as we do in the protocol off-chain,
otherwise we can have an onchain redemption we can't redeem upstream
via the protocol.  While Laolu points out there's a 520 byte limit on
witness stack element, that can still make for a larger tx and make
problems for the steal tx case.

The downside is that even the timeout transaction, which used to spend
the HTLC with an empty 'secret', now needs a 32-byte secret, making it
a little larger.  We create a 'bitcoin_witness_htlc' helper for this
case.

See: http://lists.linuxfoundation.org/pipermail/lightning-dev/2016-May/000529.html

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:50 +09:30
Rusty Russell
02593059cd script: rename scriptpubkey_htlc_send to/recv bitcoin_redeem_htlc_send/recv
They could be scriptpubkeys, but they're actually used inside p2wsh,
so they're really witness scripts.  We use the term "redeem" elsewhere
from when we were using p2sh, though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:50 +09:30
Rusty Russell
9eabab78ab utils: tal_hexstr() helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:28:49 +09:30
Rusty Russell
7efc0efab1 scripteq: simple helper for comparing scripts.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-05-03 11:27:56 +09:30
Rusty Russell
f4e94147a7 Remove unused script functions now we use witness.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 20:09:39 +09:30
Rusty Russell
b1700b1a91 protocol: non-HTLC commit tx outputs are p2wpkh
This is changes the payments to either party to be p2wpkh.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:57:35 +09:30
Rusty Russell
8dce2e77f7 script: 2of2 witness support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:54:35 +09:30
Rusty Russell
d26be323b6 measure_tx_cost: determine the BIP141 cost of a transaction.
BIP141 indicates that the rule for block size has changed: witness
bytes effectively count for 1, and non-witness bytes count for 4, but
the maximum total has increased to 4,000,000.

This means that fee estimates should use the witness cost (divided by
4), not the raw txlen.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:53:35 +09:30
Rusty Russell
e60b1b4efa bitcoind: use correct endianness for block hashes.
Like txids, we need to reverse them.  We didn't, but then we only used them
to pass to/from bitcoind.  We're about to get them from the block header,
so we need to fix that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:41:20 +09:30
Rusty Russell
e7b9a913a6 bitcoind: getrawblock helper.
It turns out using the verbose=false parameter, you can get the raw block
from getblock.  Do that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:40:29 +09:30
Rusty Russell
410fc3b272 misc: remove some unused functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-24 19:33:13 +09:30
Rusty Russell
d9c4960f33 bitcoin/script: support for creating p2sh-p2wpkh.
We want this because P2SH is something we can tell bitcoind to pay to;
we can't (yet?) do that with "raw" P2WPKH.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:04 +09:30
Rusty Russell
772a960c41 tx: add measure_tx_len() helper.
We currently linearize and then measure the string; this is better since
we're about to do it in a second place.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:04 +09:30
Rusty Russell
6b956ea22a varint: new file.
Move varint handling from tx.c and generalize it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:07:03 +09:30
Rusty Russell
af080d5613 bitcoin/script: helper to create ScriptCode for signing P2WPKH.
sign_tx_input() now takes a witness_script arg: P2WPKH doesn't really
have a witness_script, but for signing it behaves as if it does.

This helper constructs that "fake" witness_script.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:06:51 +09:30
Rusty Russell
df5d4e3c10 bitcoin/signature: BIP143 signature support.
We hand in the witness_script: if non-NULL, we use BIP143-style
signature hash creation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-12 13:05:51 +09:30
Rusty Russell
8545db418b bitcoin/tx: sha256_tx_for_sig() takes sighash flag.
That way it can assert (as we only support SIGHASH_ALL).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:45:53 +09:30
Rusty Russell
ee5f0e3ea6 bitcoin/tx: add helper to write blob of data.
We do this a lot.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:44:53 +09:30
Rusty Russell
58b14292ad bitcoin/tx: (optional) input amount.
We need this for signing segwitness txs.  Unfortunately, we don't have it
for transactions we received as hex, only ones we created; to make this safe
we use a pointer which is NULL if we don't know, and those will crash if
we try to sign or check their sigs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:43:53 +09:30
Rusty Russell
ed70b13041 bitcoin: add first unit test.
Should grow from here.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:42:53 +09:30
Rusty Russell
66084271c3 bitcoind: work around fundrawtransaction segwit issue.
See https://github.com/sipa/bitcaoin/issues/67

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:41:53 +09:30
Rusty Russell
587cda0ab8 tx: segregated witness encoding/decoding support.
As described in BIP144.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:39:53 +09:30
Rusty Russell
a084bb2160 bitcoin/tx: make sure we don't try to do a huge allocation on bad input tx.
This could only happen via our RPC interface (bitcoind should not give
us bad txs!) but it's better to be robust.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:36:29 +09:30
Rusty Russell
40b14981fd daemon: fix BIP68 support.
We got the -> second translation wrong by a factor of 512, and also we
need to move the median time in our tests otherwise bitcoind won't let
us spend the tx.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:34:29 +09:30
Rusty Russell
e44a7dc2d5 bitcoin/tx: remove style arg.
Without Alpha, it's superfluous.  We're about to add segwit support,
but linearization requires a more powerful approach, and segwit
signature checking is completely different and really deserves its
own function.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:33:29 +09:30
Rusty Russell
8104886503 Remove Alpha support.
I had already disabled it, and this clears the decks for Segregated Witness
which gives us everything we want.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:32:43 +09:30
Rusty Russell
15f7ec436c Fix "make check-source"
Obviously, haven't run it in a while.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:28:43 +09:30
Rusty Russell
e669baec1c bitcoin/signature: fix compilation with #define DEBUG
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-04-11 16:28:23 +09:30
Rusty Russell
b6943b9198 protocol: remove support for uncompressed pubkeys.
There's no good reason to support them, and this way every key is 33 bytes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-30 16:54:16 +10:30
Rusty Russell
c1d1b360bf daemon: add memcheck() in various places where we expect things to be initialized.
This just causes valgrind to warn sooner.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:31:15 +10:30
Rusty Russell
6750794667 Use #if instead of #ifdef (we already use -Wundef).
This avoids embarassing typos in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-27 15:00:50 +10:30
Rusty Russell
9aa0eac814 bitcoin: hand in a secp256k1_context to all routines.
We don't want to re-create them internally, ever.

The test-cli tools are patched to generate them all the time, but
they're not performance critical.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
3374ddd2a6 bitcoin: use a length arg to bitcoin_tx_from_hex
Our json parser doesn't use nul-terminated strings.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
cf547d491b bitcoin: add len arg to pubkey conversion function.
Our json parser doesn't give nul-terminated strings.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
7cf786f1f4 pull_bitcoin_tx: allocate outputs off tx itself.
All the members of the transaction should be allocated off the
transaction, as they have the same lifetime.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
3a803eefbb bitcoin/tx: move bitcoin_tx_from_file() to test-cli, expose bitcoin_tx_from_hex()
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
04fd2c861f bitcoin/base58: p2sh address support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:46 +10:30
Rusty Russell
93b5db89a8 signature: expose check_signed_hash()
This is wanted for crypto communications to check signature.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:45 +10:30
Rusty Russell
9ebbe16b1e source cleanup: sort include lines into alpha order
This makes merging easier in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
d733e82352 header cleanup: sort include lines into alpha order, after config.h
This makes merging easier in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
2e873af86f locktime: complete the set of conversion functions.
And add protobuf_convert helpers, too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4b02c6f558 locktime: nice abstractions for absolute and relative locktimes.
I got confused navigating these, especially since Alpha and Bitcoin
have diverged (BIP68 was proposed after Elements Alpha).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4c42930940 bitcoin/tx, protobuf_convert: support BIP68 as implemented.
The format for both the nSequence field and the stack arg for
OP_CHECKSEQUENCEVERIFY is either:

  Time-relative:	[Bit 22 = 1] 00000 <time-shifted-by-9>
  Block-relative:	[Bit 22 = 0] 00000 <number of blocks>

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
4e23f9916d script: encode numbers minimally.
This happens for CSV, for example (3-byte encoding), and bitcoind treats
too-long encodings as non-standard.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:38:08 +10:30
Rusty Russell
6b2d844f2a bitcoin: use ccan/mem instead of rolling own check_mem function.
Reported-by: John Newbery
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-26 21:06:23 +10:30
Rusty Russell
32fe988fe8 bitcoin: signature fixes.
The libsecp change broke signature checking.  Disable it for now,
with a big FIXME.  The next version should have a method for S value
checking, and also compact serialization.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-10-12 10:45:02 +10:30
Rusty Russell
242fa1b2dd pubkey: pubkey_eq helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:38:58 +09:30
Rusty Russell
e7856e6e69 Update libsecp to git@github.com:bitcoin/secp256k1.git 52fd03f
We want the ecdh stuff for onion routing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 16:37:21 +09:30
Rusty Russell
454a3867e5 BIP68 support (nSequence enforcement)
The latest version of the BIP doesn't use inversion, but does use
bitshifts.

It also uncovered a bug in the test scripts: the block timestamps
creep forward when we generate large numbers of blocks (UpdateTime
insists it be > GetMedianTimePast() so it's valid).  We need to take
this into account when waiting for the median to move (reduced it from
60 to 30 seconds, since that adds about 14 seconds).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-30 10:54:11 +09:30
Rusty Russell
58a62e782d bitcoin/script: don't pass value for HTLC script.
We don't need it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-09-24 14:56:01 +09:30
Rusty Russell
08ae4a687d script: HTLC support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
cf3433a0ad script: add OP_CHECKLOCKTIMEVERIFY.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
0170ad4abd script: add add_push_le32 helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-08-07 12:45:30 +09:30
Rusty Russell
c4d5a85b4e protocol: remove tx_version field.
It's trivial to add later as an optional field.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-29 12:00:49 +09:30
Rusty Russell
ee3af28980 test-cli/txid-of: simple helper to get txid.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
6a5ba591ee signature: match alpha hashing bug for multiple inputs.
https://github.com/ElementsProject/elements/issues/37

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
aa79887d79 script: use the normalized delay script form for commit output.
As documented in the paper; it's also two bytes shorter, and allows
us to use the exact same script for three cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
d053181b0b script: add standard routines for secret-or-timedelay outputs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
465c2b04e8 signature: fix -DDEBUG case, add hash printing.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-24 16:00:10 +09:30
Rusty Russell
8f64eb90af Switch over to CCAN's ripemd160.
Avoids handing naked u8 arrays around, too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-09 15:43:36 +09:30
Rusty Russell
66b1df4036 tx: locktime should be 0.
It doesn't matter until we start setting sequence numbers properly,
so hasn't been noticed until now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-03 10:44:44 +09:30
Rusty Russell
ae31431168 tx: centralize transaction writing, append amounts for alpha.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:55:11 +09:30
Rusty Russell
62a002c860 script: make DER for signature encoding optional.
Alpha does the sane thing, places signatures raw.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
faae91f3fc Schnorr signature support.
This variation is used by alpha.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
1d82bf51fc signature: fix invalid S check.
The even-S check was based on https://github.com/sipa/bitcoin/commit/a81cd9680
which was replaced by a low-S check in commit e0e14e43d9586409e42919f6cb955540134cda2a

Abstract out and fix the check.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
d20ddb5a90 Use libsecp256k1 instead of openssl for crypto.
We still use openssl for bignums (base58) and for ripemd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
fbe63124f6 Move DER encoding into bitcoin/signature.c
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:52 +09:30
Rusty Russell
20624c049f tx: prepare for Elements Alpha.
They sign, hash, and serialize differently.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-07-01 16:27:45 +09:30
Rusty Russell
61737a79d2 Fix typo.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-25 13:48:05 +09:30
Rusty Russell
602117e8bb Add valgrind memcheck helpers.
Otherwise valgrind tells you when you test a hash; you want to
know if you hash uninitialized memory long before that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-24 16:15:34 +09:30
Rusty Russell
143e7e032c Optimize revocable output a little.
Both paths do CHECKSIG, do that outside.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-23 16:05:09 +09:30
Rusty Russell
9f12b72476 Don't include mutual redemption in recovable commit tx output.
It's not clear it's needed, and without it there's a good reason to
delay dumping to the blockchain if a node becomes unreachable (since
you'll get your money faster if it comes back online).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:41:30 +09:30
Rusty Russell
ef9463f6b1 Sort include lines (ignoring hacky cli test utils).
Put ccan first, openssl next, then standard headers, then locals.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:41:28 +09:30
Rusty Russell
442f321585 Move protobuf<->bitcoin converters out of bitcoin/
They're lightning-specific.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:35:42 +09:30
Rusty Russell
612d713470 Move bitcoin stuff into bitcoin subdir.
It's not very interesting if you're looking for LN code.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-06-12 12:35:42 +09:30