rust-lightning/lightning/src/util/enforcing_trait_impls.rs

use ln::chan_utils::{HTLCOutputInCommitment, TxCreationKeys, ChannelPublicKeys, LocalCommitmentTransaction};
use ln::channelmanager::PaymentPreimage;
use ln::msgs;
use chain::keysinterface::{ChannelKeys, InMemoryChannelKeys};

use std::cmp;
use std::sync::{Mutex, Arc};

use bitcoin::blockdata::transaction::Transaction;

use secp256k1;
use secp256k1::key::{SecretKey, PublicKey};
use secp256k1::{Secp256k1, Signature};
use util::ser::{Writeable, Writer, Readable};
use std::io::Error;
use ln::msgs::DecodeError;

/// Enforces some rules on ChannelKeys calls. Eventually we will probably want to expose a variant
/// of this which would essentially be what you'd want to run on a hardware wallet.
#[derive(Clone)]
pub struct EnforcingChannelKeys {
	pub inner: InMemoryChannelKeys,
	commitment_number_obscure_and_last: Arc<Mutex<(Option<u64>, u64)>>,
}

impl EnforcingChannelKeys {
	pub fn new(inner: InMemoryChannelKeys) -> Self {
		Self {
			inner,
			commitment_number_obscure_and_last: Arc::new(Mutex::new((None, 0))),
		}
	}
}

impl EnforcingChannelKeys {
	fn check_keys<T: secp256k1::Signing + secp256k1::Verification>(&self, secp_ctx: &Secp256k1<T>,
	                                                               keys: &TxCreationKeys) {
		let revocation_base = PublicKey::from_secret_key(secp_ctx, &self.inner.revocation_base_key());
		let payment_base = PublicKey::from_secret_key(secp_ctx, &self.inner.payment_base_key());
		let htlc_base = PublicKey::from_secret_key(secp_ctx, &self.inner.htlc_base_key());

		let remote_points = self.inner.remote_channel_pubkeys.as_ref().unwrap();

		let keys_expected = TxCreationKeys::new(secp_ctx,
		                                        &keys.per_commitment_point,
		                                        &remote_points.delayed_payment_basepoint,
		                                        &remote_points.htlc_basepoint,
		                                        &revocation_base,
		                                        &payment_base,
		                                        &htlc_base).unwrap();
		if keys != &keys_expected { panic!("derived different per-tx keys") }
	}
}

impl ChannelKeys for EnforcingChannelKeys {
	fn funding_key(&self) -> &SecretKey { self.inner.funding_key() }
	fn revocation_base_key(&self) -> &SecretKey { self.inner.revocation_base_key() }
	fn payment_base_key(&self) -> &SecretKey { self.inner.payment_base_key() }
	fn delayed_payment_base_key(&self) -> &SecretKey { self.inner.delayed_payment_base_key() }
	fn htlc_base_key(&self) -> &SecretKey { self.inner.htlc_base_key() }
	fn commitment_seed(&self) -> &[u8; 32] { self.inner.commitment_seed() }
	fn pubkeys<'a>(&'a self) -> &'a ChannelPublicKeys { self.inner.pubkeys() }

	fn sign_remote_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, feerate_per_kw: u64, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], to_self_delay: u16, secp_ctx: &Secp256k1<T>) -> Result<(Signature, Vec<Signature>), ()> {
		if commitment_tx.input.len() != 1 { panic!("lightning commitment transactions have a single input"); }
		self.check_keys(secp_ctx, keys);
		let obscured_commitment_transaction_number = (commitment_tx.lock_time & 0xffffff) as u64 | ((commitment_tx.input[0].sequence as u64 & 0xffffff) << 3*8);

		{
			let mut commitment_data = self.commitment_number_obscure_and_last.lock().unwrap();
			if commitment_data.0.is_none() {
				commitment_data.0 = Some(obscured_commitment_transaction_number ^ commitment_data.1);
			}
			let commitment_number = obscured_commitment_transaction_number ^ commitment_data.0.unwrap();
			assert!(commitment_number == commitment_data.1 || commitment_number == commitment_data.1 + 1);
			commitment_data.1 = cmp::max(commitment_number, commitment_data.1)
		}

		Ok(self.inner.sign_remote_commitment(feerate_per_kw, commitment_tx, keys, htlcs, to_self_delay, secp_ctx).unwrap())
	}

	fn sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
		self.inner.sign_local_commitment(local_commitment_tx, secp_ctx)
	}

	#[cfg(test)]
	fn unsafe_sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
		self.inner.unsafe_sign_local_commitment(local_commitment_tx, secp_ctx)
	}

	fn sign_htlc_transaction<T: secp256k1::Signing>(&self, local_commitment_tx: &mut LocalCommitmentTransaction, htlc_index: u32, preimage: Option<PaymentPreimage>, local_csv: u16, secp_ctx: &Secp256k1<T>) {
		self.inner.sign_htlc_transaction(local_commitment_tx, htlc_index, preimage, local_csv, secp_ctx);
	}

	fn sign_closing_transaction<T: secp256k1::Signing>(&self, closing_tx: &Transaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
		Ok(self.inner.sign_closing_transaction(closing_tx, secp_ctx).unwrap())
	}

	fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
		self.inner.sign_channel_announcement(msg, secp_ctx)
	}

	fn set_remote_channel_pubkeys(&mut self, channel_pubkeys: &ChannelPublicKeys) {
		self.inner.set_remote_channel_pubkeys(channel_pubkeys)
	}
}

impl Writeable for EnforcingChannelKeys {
	fn write<W: Writer>(&self, writer: &mut W) -> Result<(), Error> {
		self.inner.write(writer)?;
		let (obscure, last) = *self.commitment_number_obscure_and_last.lock().unwrap();
		obscure.write(writer)?;
		last.write(writer)?;
		Ok(())
	}
}

impl Readable for EnforcingChannelKeys {
	fn read<R: ::std::io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
		let inner = Readable::read(reader)?;
		let obscure_and_last = Readable::read(reader)?;
		Ok(EnforcingChannelKeys {
			inner: inner,
			commitment_number_obscure_and_last: Arc::new(Mutex::new(obscure_and_last))
		})
	}
}
Remove signing local commitment transaction from ChannelMonitor Extend external signer interface to sign local commitment transactions on its behalf without seckey passing. This move will allow us to remove key access from ChannelMonitor hot memory in further work. Local commitment transaction should stay half-signed by remote until we need to broadcast for a channel force-close or a HTLC to timeout onchain. Add an unsafe test-only version of sign_local_commitment to fulfill our test_framework needs. 2020-03-20 18:04:01 -04:00			`use ln::chan_utils::{HTLCOutputInCommitment, TxCreationKeys, ChannelPublicKeys, LocalCommitmentTransaction};`
Remove signing htlc transaction from ChannelMonitor Extend external signer interface to sign HTLC transactions on its behalf without seckey passing. This move will allow us to remove key access access from ChannelMonitor hot memory in further work. HTLC transactions should stay half-signed by remote until we need to broadcast them for timing-out/claiming HTLCs onchain. 2020-03-21 15:39:19 -04:00			`use ln::channelmanager::PaymentPreimage;`
Sign channel_announcements via a new ChannelKeys API 2019-12-07 17:54:55 -05:00			`use ln::msgs;`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`use chain::keysinterface::{ChannelKeys, InMemoryChannelKeys};`

Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00			`use std::cmp;`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`use std::sync::{Mutex, Arc};`
Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00
			`use bitcoin::blockdata::transaction::Transaction;`

			`use secp256k1;`
construct funding redeem script in signer 2020-01-09 17:28:48 -08:00			`use secp256k1::key::{SecretKey, PublicKey};`
Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00			`use secp256k1::{Secp256k1, Signature};`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`use util::ser::{Writeable, Writer, Readable};`
			`use std::io::Error;`
			`use ln::msgs::DecodeError;`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00
			`/// Enforces some rules on ChannelKeys calls. Eventually we will probably want to expose a variant`
			`/// of this which would essentially be what you'd want to run on a hardware wallet.`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`#[derive(Clone)]`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`pub struct EnforcingChannelKeys {`
			`pub inner: InMemoryChannelKeys,`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`commitment_number_obscure_and_last: Arc<Mutex<(Option<u64>, u64)>>,`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`}`

			`impl EnforcingChannelKeys {`
			`pub fn new(inner: InMemoryChannelKeys) -> Self {`
			`Self {`
			`inner,`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`commitment_number_obscure_and_last: Arc::new(Mutex::new((None, 0))),`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`}`
			`}`
			`}`
Provide remote channel public keys to signer 2020-01-16 16:51:15 -08:00
			`impl EnforcingChannelKeys {`
			`fn check_keys<T: secp256k1::Signing + secp256k1::Verification>(&self, secp_ctx: &Secp256k1<T>,`
			`keys: &TxCreationKeys) {`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`let revocation_base = PublicKey::from_secret_key(secp_ctx, &self.inner.revocation_base_key());`
			`let payment_base = PublicKey::from_secret_key(secp_ctx, &self.inner.payment_base_key());`
			`let htlc_base = PublicKey::from_secret_key(secp_ctx, &self.inner.htlc_base_key());`
Provide remote channel public keys to signer 2020-01-16 16:51:15 -08:00
			`let remote_points = self.inner.remote_channel_pubkeys.as_ref().unwrap();`

			`let keys_expected = TxCreationKeys::new(secp_ctx,`
			`&keys.per_commitment_point,`
			`&remote_points.delayed_payment_basepoint,`
			`&remote_points.htlc_basepoint,`
			`&revocation_base,`
			`&payment_base,`
			`&htlc_base).unwrap();`
			`if keys != &keys_expected { panic!("derived different per-tx keys") }`
			`}`
			`}`

Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`impl ChannelKeys for EnforcingChannelKeys {`
			`fn funding_key(&self) -> &SecretKey { self.inner.funding_key() }`
			`fn revocation_base_key(&self) -> &SecretKey { self.inner.revocation_base_key() }`
			`fn payment_base_key(&self) -> &SecretKey { self.inner.payment_base_key() }`
			`fn delayed_payment_base_key(&self) -> &SecretKey { self.inner.delayed_payment_base_key() }`
			`fn htlc_base_key(&self) -> &SecretKey { self.inner.htlc_base_key() }`
			`fn commitment_seed(&self) -> &[u8; 32] { self.inner.commitment_seed() }`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`fn pubkeys<'a>(&'a self) -> &'a ChannelPublicKeys { self.inner.pubkeys() }`
Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00
channel value to ChannelKeys constructor 2020-01-23 13:33:31 -08:00			`fn sign_remote_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, feerate_per_kw: u64, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], to_self_delay: u16, secp_ctx: &Secp256k1<T>) -> Result<(Signature, Vec<Signature>), ()> {`
Provide remote channel public keys to signer 2020-01-16 16:51:15 -08:00			`if commitment_tx.input.len() != 1 { panic!("lightning commitment transactions have a single input"); }`
			`self.check_keys(secp_ctx, keys);`
Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00			`let obscured_commitment_transaction_number = (commitment_tx.lock_time & 0xffffff) as u64 \| ((commitment_tx.input[0].sequence as u64 & 0xffffff) << 3*8);`

			`{`
			`let mut commitment_data = self.commitment_number_obscure_and_last.lock().unwrap();`
			`if commitment_data.0.is_none() {`
			`commitment_data.0 = Some(obscured_commitment_transaction_number ^ commitment_data.1);`
			`}`
			`let commitment_number = obscured_commitment_transaction_number ^ commitment_data.0.unwrap();`
			`assert!(commitment_number == commitment_data.1 \|\| commitment_number == commitment_data.1 + 1);`
			`commitment_data.1 = cmp::max(commitment_number, commitment_data.1)`
			`}`

channel value to ChannelKeys constructor 2020-01-23 13:33:31 -08:00			`Ok(self.inner.sign_remote_commitment(feerate_per_kw, commitment_tx, keys, htlcs, to_self_delay, secp_ctx).unwrap())`
Make commitment transaction signing a part of ChannelKeys. This adds a new fn to ChannelKeys which is called when we generte a new remote commitment transaction for signing. While it may be theoretically possible to unwind state updates by disconnecting and reconnecting as well as making appropriate state machine changes, the effort required to get it correct likely outweighs the UX cost of "preflighting" the requests to hardwre wallets. 2019-11-27 16:08:48 -05:00			`}`
Sign channel_announcements via a new ChannelKeys API 2019-12-07 17:54:55 -05:00
Return Result<Signature> instead of modifying args in ChannelKeys This cleans up sign_local_commitment somewhat by returning a Result<Signaure, ()> over the local commitment transaction instead of modifying the struct which was passed in. This is the first step in making LocalCommitmentTransaction a completely pub struct, using it just to communicate enough information to the user to allow them to construct a signaure instead of having it contain a bunch of logic. This should make it much easier to implement a custom ChannelKeys by disconnecting the local commitment transaction signing from our own datastructures. 2020-04-19 17:26:41 -04:00			`fn sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {`
Drop redundant parameters in sign_local_commitment_tx The ChanKeys is created with knowledge of the Channel's value and funding redeemscript up-front, so we should not be providing it when making signing requests. 2020-04-17 21:26:38 -04:00			`self.inner.sign_local_commitment(local_commitment_tx, secp_ctx)`
Remove signing local commitment transaction from ChannelMonitor Extend external signer interface to sign local commitment transactions on its behalf without seckey passing. This move will allow us to remove key access from ChannelMonitor hot memory in further work. Local commitment transaction should stay half-signed by remote until we need to broadcast for a channel force-close or a HTLC to timeout onchain. Add an unsafe test-only version of sign_local_commitment to fulfill our test_framework needs. 2020-03-20 18:04:01 -04:00			`}`

			`#[cfg(test)]`
Return Result<Signature> instead of modifying args in ChannelKeys This cleans up sign_local_commitment somewhat by returning a Result<Signaure, ()> over the local commitment transaction instead of modifying the struct which was passed in. This is the first step in making LocalCommitmentTransaction a completely pub struct, using it just to communicate enough information to the user to allow them to construct a signaure instead of having it contain a bunch of logic. This should make it much easier to implement a custom ChannelKeys by disconnecting the local commitment transaction signing from our own datastructures. 2020-04-19 17:26:41 -04:00			`fn unsafe_sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {`
			`self.inner.unsafe_sign_local_commitment(local_commitment_tx, secp_ctx)`
Remove signing local commitment transaction from ChannelMonitor Extend external signer interface to sign local commitment transactions on its behalf without seckey passing. This move will allow us to remove key access from ChannelMonitor hot memory in further work. Local commitment transaction should stay half-signed by remote until we need to broadcast for a channel force-close or a HTLC to timeout onchain. Add an unsafe test-only version of sign_local_commitment to fulfill our test_framework needs. 2020-03-20 18:04:01 -04:00			`}`

Move HTLC tx generation in OnchainTxHandler HTLC Transaction can't be bumped without sighash changes so their gneeration is one-time for nwo. We move them in OnchainTxHandler for simplifying ChannelMonitor and to prepare storage of keys material behind one external signer interface. Some tests break due to change in transaction broadcaster order. Number of transactions may vary because of temporary anti-duplicata tweak can't dissociate between 2- broadcast from different origins (ChannelMonitor, ChannelManager) and 2-broadcast from same component. 2020-03-09 18:15:35 -04:00			`fn sign_htlc_transaction<T: secp256k1::Signing>(&self, local_commitment_tx: &mut LocalCommitmentTransaction, htlc_index: u32, preimage: Option<PaymentPreimage>, local_csv: u16, secp_ctx: &Secp256k1<T>) {`
			`self.inner.sign_htlc_transaction(local_commitment_tx, htlc_index, preimage, local_csv, secp_ctx);`
Remove signing htlc transaction from ChannelMonitor Extend external signer interface to sign HTLC transactions on its behalf without seckey passing. This move will allow us to remove key access access from ChannelMonitor hot memory in further work. HTLC transactions should stay half-signed by remote until we need to broadcast them for timing-out/claiming HTLCs onchain. 2020-03-21 15:39:19 -04:00			`}`

Remove unnecessary sign_closing_transaction arg 2020-01-23 14:32:29 -08:00			`fn sign_closing_transaction<T: secp256k1::Signing>(&self, closing_tx: &Transaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {`
			`Ok(self.inner.sign_closing_transaction(closing_tx, secp_ctx).unwrap())`
Use external key signer to generate closing transaction signatures 2019-12-13 01:57:45 -05:00			`}`

Sign channel_announcements via a new ChannelKeys API 2019-12-07 17:54:55 -05:00			`fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {`
			`self.inner.sign_channel_announcement(msg, secp_ctx)`
			`}`
construct funding redeem script in signer 2020-01-09 17:28:48 -08:00
Provide remote channel public keys to signer 2020-01-16 16:51:15 -08:00			`fn set_remote_channel_pubkeys(&mut self, channel_pubkeys: &ChannelPublicKeys) {`
			`self.inner.set_remote_channel_pubkeys(channel_pubkeys)`
construct funding redeem script in signer 2020-01-09 17:28:48 -08:00			`}`
Make ChannelKeys an API and template Channel with it. Instead of having in-memory access to the list of private keys associated with a channel, we should have a generic API which allows us to request signing, allowing the user to store private keys any way they like. The first step is the (rather mechanical) process of templating the entire tree of ChannelManager -> Channel impls by the key-providing type. In a later commit we should expose only public keys where possible. 2019-11-26 16:46:33 -05:00			`}`

Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`impl Writeable for EnforcingChannelKeys {`
			`fn write<W: Writer>(&self, writer: &mut W) -> Result<(), Error> {`
			`self.inner.write(writer)?;`
			`let (obscure, last) = *self.commitment_number_obscure_and_last.lock().unwrap();`
			`obscure.write(writer)?;`
			`last.write(writer)?;`
			`Ok(())`
			`}`
			`}`
Provide remote channel public keys to signer 2020-01-16 16:51:15 -08:00
Make Readable::read a templated on the stream, not Readable itself This makes Readable symmetric with Writeable and makes sense - something which is Readable should be Readable for any stream which implements std::io::Read, not only for a stream type it decides on. This solves some lifetime-compatibility issues in trying to read() from a LengthLimitingReader in arbitrary Readable impls. 2020-02-23 23:12:19 -05:00			`impl Readable for EnforcingChannelKeys {`
			`fn read<R: ::std::io::Read>(reader: &mut R) -> Result<Self, DecodeError> {`
Add ChannelKeys to ChannelMonitor 2020-02-04 09:15:59 -08:00			`let inner = Readable::read(reader)?;`
			`let obscure_and_last = Readable::read(reader)?;`
			`Ok(EnforcingChannelKeys {`
			`inner: inner,`
			`commitment_number_obscure_and_last: Arc::new(Mutex::new(obscure_and_last))`
			`})`
			`}`
			`}`