mirrors/rust-lightning
1
0
Fork 0
mirror of https://github.com/lightningdevkit/rust-lightning.git synced 2025-03-15 15:39:09 +01:00
Code Issues Projects Releases Packages Wiki Activity

bitcoin crate 0.28.1

Browse source
This commit is contained in:
Devrandom 2022-05-05 17:59:38 +02:00
parent e3a305cdb6
commit 28d33ff9e0
45 changed files with 374 additions and 351 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
fuzz/Cargo.toml
View file

@ -19,7 +19,7 @@ stdin_fuzz = []
[dependencies]
afl = { version = "0.4", optional = true }
lightning = { path = "../lightning", features = ["regex"] }
bitcoin = { version = "0.27", features = ["fuzztarget", "secp-lowmemory"] }
bitcoin = { version = "0.28.1", features = ["secp-lowmemory"] }
hex = "0.3"
honggfuzz = { version = "0.5", optional = true }
libfuzzer-sys = { git = "https://github.com/rust-fuzz/libfuzzer-sys.git", optional = true }

4
fuzz/src/chanmon_consistency.rs
View file

@ -53,8 +53,8 @@ use lightning::routing::router::{Route, RouteHop};
use utils::test_logger::{self, Output};
use utils::test_persister::TestPersister;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::recovery::RecoverableSignature;
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::ecdsa::RecoverableSignature;
use bitcoin::secp256k1::Secp256k1;
use std::mem;

4
fuzz/src/full_stack.rs
View file

@ -50,8 +50,8 @@ use lightning::util::ser::ReadableArgs;
use utils::test_logger;
use utils::test_persister::TestPersister;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::recovery::RecoverableSignature;
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::ecdsa::RecoverableSignature;
use bitcoin::secp256k1::Secp256k1;
use std::cell::RefCell;

2
fuzz/src/peer_crypt.rs
View file

@ -9,7 +9,7 @@
use lightning::ln::peer_channel_encryptor::PeerChannelEncryptor;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use utils::test_logger;

2
fuzz/src/router.rs
View file

@ -23,7 +23,7 @@ use lightning::util::ser::Readable;
use lightning::routing::network_graph::{NetworkGraph, RoutingFees};
use bitcoin::hashes::Hash;
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use bitcoin::network::constants::Network;
use bitcoin::blockdata::constants::genesis_block;

2
lightning-background-processor/Cargo.toml
View file

@ -14,7 +14,7 @@ all-features = true
rustdoc-args = ["--cfg", "docsrs"]
[dependencies]
bitcoin = "0.27"
bitcoin = "0.28.1"
lightning = { version = "0.0.106", path = "../lightning", features = ["std"] }
[dev-dependencies]

2
lightning-block-sync/Cargo.toml
View file

@ -18,7 +18,7 @@ rest-client = [ "serde", "serde_json", "chunked_transfer" ]
rpc-client = [ "serde", "serde_json", "chunked_transfer" ]
[dependencies]
bitcoin = "0.27"
bitcoin = "0.28.1"
lightning = { version = "0.0.106", path = "../lightning" }
futures = { version = "0.3" }
tokio = { version = "1.0", features = [ "io-util", "net", "time" ], optional = true }

17
lightning-block-sync/src/test_utils.rs
View file

@ -6,6 +6,8 @@ use bitcoin::blockdata::constants::genesis_block;
use bitcoin::hash_types::BlockHash;
use bitcoin::network::constants::Network;
use bitcoin::util::uint::Uint256;
use bitcoin::util::hash::bitcoin_merkle_root;
use bitcoin::Transaction;
use lightning::chain;
@ -37,16 +39,27 @@ impl Blockchain {
let prev_block = &self.blocks[i - 1];
let prev_blockhash = prev_block.block_hash();
let time = prev_block.header.time + height as u32;
// Must have at least one transaction, because the merkle root is not defined for an empty block
// and we would fail when we later checked, as of bitcoin crate 0.28.0.
// Note that elsewhere in tests we assume that the merkle root of an empty block is all zeros,
// but that's OK because those tests don't trigger the check.
let coinbase = Transaction {
version: 0,
lock_time: 0,
input: vec![],
output: vec![]
};
let merkle_root = bitcoin_merkle_root(vec![coinbase.txid().as_hash()].into_iter()).unwrap();
self.blocks.push(Block {
header: BlockHeader {
version: 0,
prev_blockhash,
merkle_root: Default::default(),
merkle_root: merkle_root.into(),
time,
bits,
nonce: 0,
},
txdata: vec![],
txdata: vec![coinbase],
});
}
self

2
lightning-invoice/Cargo.toml
View file

@ -20,7 +20,7 @@ std = ["bitcoin_hashes/std", "num-traits/std", "lightning/std", "bech32/std"]
[dependencies]
bech32 = { version = "0.8", default-features = false }
lightning = { version = "0.0.106", path = "../lightning", default-features = false }
secp256k1 = { version = "0.20", default-features = false, features = ["recovery", "alloc"] }
secp256k1 = { version = "0.22", default-features = false, features = ["recovery", "alloc"] }
num-traits = { version = "0.2.8", default-features = false }
bitcoin_hashes = { version = "0.10", default-features = false }
hashbrown = { version = "0.11", optional = true }

8
lightning-invoice/src/de.rs
View file

@ -19,8 +19,8 @@ use lightning::routing::router::{RouteHint, RouteHintHop};
use num_traits::{CheckedAdd, CheckedMul};
use secp256k1;
use secp256k1::recovery::{RecoveryId, RecoverableSignature};
use secp256k1::key::PublicKey;
use secp256k1::ecdsa::{RecoveryId, RecoverableSignature};
use secp256k1::PublicKey;
use super::{Invoice, Sha256, TaggedField, ExpiryTime, MinFinalCltvExpiry, Fallback, PayeePubKey, InvoiceSignature, PositiveTimestamp,
SemanticError, PrivateRoute, ParseError, ParseOrSemanticError, Description, RawTaggedField, Currency, RawHrp, SiPrefix, RawInvoice,
@ -967,7 +967,7 @@ mod test {
#[test]
fn test_payment_secret_and_features_de_and_ser() {
use lightning::ln::features::InvoiceFeatures;
use secp256k1::recovery::{RecoveryId, RecoverableSignature};
use secp256k1::ecdsa::{RecoveryId, RecoverableSignature};
use TaggedField::*;
use {SiPrefix, SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart,
Currency, Sha256, PositiveTimestamp};
@ -1014,7 +1014,7 @@ mod test {
#[test]
fn test_raw_signed_invoice_deserialization() {
use TaggedField::*;
use secp256k1::recovery::{RecoveryId, RecoverableSignature};
use secp256k1::ecdsa::{RecoveryId, RecoverableSignature};
use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256,
PositiveTimestamp};

48
lightning-invoice/src/lib.rs
View file

@ -47,9 +47,9 @@ use lightning::routing::network_graph::RoutingFees;
use lightning::routing::router::RouteHint;
use lightning::util::invoice::construct_invoice_preimage;
use secp256k1::key::PublicKey;
use secp256k1::PublicKey;
use secp256k1::{Message, Secp256k1};
use secp256k1::recovery::RecoverableSignature;
use secp256k1::ecdsa::RecoverableSignature;
use core::fmt::{Display, Formatter, self};
use core::iter::FilterMap;
@ -163,7 +163,7 @@ pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18;
/// use bitcoin_hashes::sha256;
///
/// use secp256k1::Secp256k1;
/// use secp256k1::key::SecretKey;
/// use secp256k1::SecretKey;
///
/// use lightning::ln::PaymentSecret;
///
@ -191,7 +191,7 @@ pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18;
/// .current_timestamp()
/// .min_final_cltv_expiry(144)
/// .build_signed(|hash| {
/// Secp256k1::new().sign_recoverable(hash, &private_key)
/// Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)
/// })
/// .unwrap();
///
@ -749,7 +749,7 @@ impl SignedRawInvoice {
let hash = Message::from_slice(&self.hash[..])
.expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
Ok(PayeePubKey(Secp256k1::new().recover(
Ok(PayeePubKey(Secp256k1::new().recover_ecdsa(
&hash,
&self.signature
)?))
@ -776,7 +776,7 @@ impl SignedRawInvoice {
.expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
let secp_context = Secp256k1::new();
let verification_result = secp_context.verify(
let verification_result = secp_context.verify_ecdsa(
&hash,
&self.signature.to_standard(),
pub_key
@ -1576,8 +1576,8 @@ mod test {
fn test_check_signature() {
use TaggedField::*;
use secp256k1::Secp256k1;
use secp256k1::recovery::{RecoveryId, RecoverableSignature};
use secp256k1::key::{SecretKey, PublicKey};
use secp256k1::ecdsa::{RecoveryId, RecoverableSignature};
use secp256k1::{SecretKey, PublicKey};
use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256,
PositiveTimestamp};
@ -1635,7 +1635,7 @@ mod test {
let (raw_invoice, _, _) = invoice.into_parts();
let new_signed = raw_invoice.sign::<_, ()>(|hash| {
Ok(Secp256k1::new().sign_recoverable(hash, &private_key))
Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key))
}).unwrap();
assert!(new_signed.check_signature());
@ -1646,7 +1646,7 @@ mod test {
use TaggedField::*;
use lightning::ln::features::InvoiceFeatures;
use secp256k1::Secp256k1;
use secp256k1::key::SecretKey;
use secp256k1::SecretKey;
use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice,
SemanticError};
@ -1677,7 +1677,7 @@ mod test {
let invoice = {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
@ -1686,7 +1686,7 @@ mod test {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
@ -1695,14 +1695,14 @@ mod test {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert!(Invoice::from_signed(invoice).is_ok());
// No payment secret or features
let invoice = {
let invoice = invoice_template.clone();
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
@ -1710,7 +1710,7 @@ mod test {
let invoice = {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
@ -1718,7 +1718,7 @@ mod test {
let invoice = {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
@ -1727,7 +1727,7 @@ mod test {
let mut invoice = invoice_template.clone();
invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)))
}.unwrap();
assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets));
}
@ -1764,7 +1764,7 @@ mod test {
use ::*;
use lightning::routing::router::RouteHintHop;
use std::iter::FromIterator;
use secp256k1::key::PublicKey;
use secp256k1::PublicKey;
let builder = InvoiceBuilder::new(Currency::Bitcoin)
.payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
@ -1818,7 +1818,7 @@ mod test {
use ::*;
use lightning::routing::router::RouteHintHop;
use secp256k1::Secp256k1;
use secp256k1::key::{SecretKey, PublicKey};
use secp256k1::{SecretKey, PublicKey};
use std::time::{UNIX_EPOCH, Duration};
let secp_ctx = Secp256k1::new();
@ -1897,7 +1897,7 @@ mod test {
.basic_mpp();
let invoice = builder.clone().build_signed(|hash| {
secp_ctx.sign_recoverable(hash, &private_key)
secp_ctx.sign_ecdsa_recoverable(hash, &private_key)
}).unwrap();
assert!(invoice.check_signature().is_ok());
@ -1932,7 +1932,7 @@ mod test {
fn test_default_values() {
use ::*;
use secp256k1::Secp256k1;
use secp256k1::key::SecretKey;
use secp256k1::SecretKey;
let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin)
.description("Test".into())
@ -1944,7 +1944,7 @@ mod test {
.sign::<_, ()>(|hash| {
let privkey = SecretKey::from_slice(&[41; 32]).unwrap();
let secp_ctx = Secp256k1::new();
Ok(secp_ctx.sign_recoverable(hash, &privkey))
Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey))
})
.unwrap();
let invoice = Invoice::from_signed(signed_invoice).unwrap();
@ -1958,7 +1958,7 @@ mod test {
fn test_expiration() {
use ::*;
use secp256k1::Secp256k1;
use secp256k1::key::SecretKey;
use secp256k1::SecretKey;
let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin)
.description("Test".into())
@ -1970,7 +1970,7 @@ mod test {
.sign::<_, ()>(|hash| {
let privkey = SecretKey::from_slice(&[41; 32]).unwrap();
let secp_ctx = Secp256k1::new();
Ok(secp_ctx.sign_recoverable(hash, &privkey))
Ok(secp_ctx.sign_ecdsa_recoverable(hash, &privkey))
})
.unwrap();
let invoice = Invoice::from_signed(signed_invoice).unwrap();

10
lightning-invoice/src/payment.rs
View file

@ -46,7 +46,7 @@
//! # use lightning::util::ser::{Writeable, Writer};
//! # use lightning_invoice::Invoice;
//! # use lightning_invoice::payment::{InvoicePayer, Payer, RetryAttempts, Router};
//! # use secp256k1::key::PublicKey;
//! # use secp256k1::PublicKey;
//! # use std::cell::RefCell;
//! # use std::ops::Deref;
//! #
@ -148,7 +148,7 @@ use lightning::util::events::{Event, EventHandler};
use lightning::util::logger::Logger;
use crate::sync::Mutex;
use secp256k1::key::PublicKey;
use secp256k1::PublicKey;
use core::ops::Deref;
use core::time::Duration;
@ -555,7 +555,7 @@ mod tests {
.min_final_cltv_expiry(144)
.amount_milli_satoshis(128)
.build_signed(|hash| {
Secp256k1::new().sign_recoverable(hash, &private_key)
Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)
})
.unwrap()
}
@ -580,7 +580,7 @@ mod tests {
.duration_since_epoch(duration_since_epoch())
.min_final_cltv_expiry(144)
.build_signed(|hash| {
Secp256k1::new().sign_recoverable(hash, &private_key)
Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)
})
.unwrap()
}
@ -600,7 +600,7 @@ mod tests {
.min_final_cltv_expiry(144)
.amount_milli_satoshis(128)
.build_signed(|hash| {
Secp256k1::new().sign_recoverable(hash, &private_key)
Secp256k1::new().sign_ecdsa_recoverable(hash, &private_key)
})
.unwrap()
}

2
lightning-invoice/src/utils.rs
View file

@ -19,7 +19,7 @@ use lightning::routing::scoring::Score;
use lightning::routing::network_graph::{NetworkGraph, RoutingFees};
use lightning::routing::router::{Route, RouteHint, RouteHintHop, RouteParameters, find_route};
use lightning::util::logger::Logger;
use secp256k1::key::PublicKey;
use secp256k1::PublicKey;
use core::convert::TryInto;
use core::ops::Deref;
use core::time::Duration;

2
lightning-invoice/tests/ser_de.rs
View file

@ -13,7 +13,7 @@ use lightning::routing::router::{RouteHint, RouteHintHop};
use lightning::routing::network_graph::RoutingFees;
use lightning_invoice::*;
use secp256k1::PublicKey;
use secp256k1::recovery::{RecoverableSignature, RecoveryId};
use secp256k1::ecdsa::{RecoverableSignature, RecoveryId};
use std::collections::HashSet;
use std::time::Duration;
use std::str::FromStr;

2
lightning-net-tokio/Cargo.toml
View file

@ -15,7 +15,7 @@ all-features = true
rustdoc-args = ["--cfg", "docsrs"]
[dependencies]
bitcoin = "0.27"
bitcoin = "0.28.1"
lightning = { version = "0.0.106", path = "../lightning" }
tokio = { version = "1.0", features = [ "io-util", "macros", "rt", "sync", "net", "time" ] }

4
lightning-net-tokio/src/lib.rs
View file

@ -23,7 +23,7 @@
//! # Example
//! ```
//! use std::net::TcpStream;
//! use bitcoin::secp256k1::key::PublicKey;
//! use bitcoin::secp256k1::PublicKey;
//! use lightning::util::events::{Event, EventHandler, EventsProvider};
//! use std::net::SocketAddr;
//! use std::sync::Arc;
@ -71,7 +71,7 @@
#![cfg_attr(docsrs, feature(doc_auto_cfg))]
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use tokio::net::TcpStream;
use tokio::{io, time};

2
lightning-persister/Cargo.toml
View file

@ -16,7 +16,7 @@ rustdoc-args = ["--cfg", "docsrs"]
_bench_unstable = ["lightning/_bench_unstable"]
[dependencies]
bitcoin = "0.27"
bitcoin = "0.28.1"
lightning = { version = "0.0.106", path = "../lightning" }
libc = "0.2"

8
lightning/Cargo.toml
View file

@ -38,9 +38,7 @@ grind_signatures = []
default = ["std", "grind_signatures"]
[dependencies]
bitcoin = { version = "0.27", default-features = false, features = ["secp-recovery"] }
# TODO remove this once rust-bitcoin PR #637 is released
secp256k1 = { version = "0.20.2", default-features = false, features = ["alloc"] }
bitcoin = { version = "0.28.1", default-features = false, features = ["secp-recovery"] }
hashbrown = { version = "0.11", optional = true }
hex = { version = "0.4", optional = true }
@ -52,10 +50,8 @@ core2 = { version = "0.3.0", optional = true, default-features = false }
[dev-dependencies]
hex = "0.4"
regex = "0.2.11"
# TODO remove this once rust-bitcoin PR #637 is released
secp256k1 = { version = "0.20.2", default-features = false, features = ["alloc"] }
[dev-dependencies.bitcoin]
version = "0.27"
version = "0.28.1"
default-features = false
features = ["bitcoinconsensus", "secp-recovery"]

85
lightning/src/chain/channelmonitor.rs
View file

@ -29,8 +29,8 @@ use bitcoin::hashes::Hash;
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hash_types::{Txid, BlockHash, WPubkeyHash};
use bitcoin::secp256k1::{Secp256k1,Signature};
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
use bitcoin::secp256k1::{SecretKey, PublicKey};
use bitcoin::secp256k1;
use ln::{PaymentHash, PaymentPreimage};
@ -2653,7 +2653,7 @@ impl<Signer: Sign> ChannelMonitorImpl<Signer> {
// appears to be spending the correct type (ie that the match would
// actually succeed in BIP 158/159-style filters).
if _script_pubkey.is_v0_p2wsh() {
assert_eq!(&bitcoin::Address::p2wsh(&Script::from(input.witness.last().unwrap().clone()), bitcoin::Network::Bitcoin).script_pubkey(), _script_pubkey);
assert_eq!(&bitcoin::Address::p2wsh(&Script::from(input.witness.last().unwrap().to_vec()), bitcoin::Network::Bitcoin).script_pubkey(), _script_pubkey);
} else if _script_pubkey.is_v0_p2wpkh() {
assert_eq!(&bitcoin::Address::p2wpkh(&bitcoin::PublicKey::from_slice(&input.witness.last().unwrap()).unwrap(), bitcoin::Network::Bitcoin).unwrap().script_pubkey(), _script_pubkey);
} else { panic!(); }
@ -2736,20 +2736,23 @@ impl<Signer: Sign> ChannelMonitorImpl<Signer> {
fn is_resolving_htlc_output<L: Deref>(&mut self, tx: &Transaction, height: u32, logger: &L) where L::Target: Logger {
'outer_loop: for input in &tx.input {
let mut payment_data = None;
let revocation_sig_claim = (input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::OfferedHTLC) && input.witness[1].len() == 33)
|| (input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::AcceptedHTLC) && input.witness[1].len() == 33);
let accepted_preimage_claim = input.witness.len() == 5 && HTLCType::scriptlen_to_htlctype(input.witness[4].len()) == Some(HTLCType::AcceptedHTLC);
let witness_items = input.witness.len();
let htlctype = input.witness.last().map(|w| w.len()).and_then(HTLCType::scriptlen_to_htlctype);
let prev_last_witness_len = input.witness.second_to_last().map(|w| w.len()).unwrap_or(0);
let revocation_sig_claim = (witness_items == 3 && htlctype == Some(HTLCType::OfferedHTLC) && prev_last_witness_len == 33)
|| (witness_items == 3 && htlctype == Some(HTLCType::AcceptedHTLC) && prev_last_witness_len == 33);
let accepted_preimage_claim = witness_items == 5 && htlctype == Some(HTLCType::AcceptedHTLC);
#[cfg(not(fuzzing))]
let accepted_timeout_claim = input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::AcceptedHTLC) && !revocation_sig_claim;
let offered_preimage_claim = input.witness.len() == 3 && HTLCType::scriptlen_to_htlctype(input.witness[2].len()) == Some(HTLCType::OfferedHTLC) && !revocation_sig_claim;
let accepted_timeout_claim = witness_items == 3 && htlctype == Some(HTLCType::AcceptedHTLC) && !revocation_sig_claim;
let offered_preimage_claim = witness_items == 3 && htlctype == Some(HTLCType::OfferedHTLC) && !revocation_sig_claim;
#[cfg(not(fuzzing))]
let offered_timeout_claim = input.witness.len() == 5 && HTLCType::scriptlen_to_htlctype(input.witness[4].len()) == Some(HTLCType::OfferedHTLC);
let offered_timeout_claim = witness_items == 5 && htlctype == Some(HTLCType::OfferedHTLC);
let mut payment_preimage = PaymentPreimage([0; 32]);
if accepted_preimage_claim {
payment_preimage.0.copy_from_slice(&input.witness[3]);
payment_preimage.0.copy_from_slice(input.witness.second_to_last().unwrap());
} else if offered_preimage_claim {
payment_preimage.0.copy_from_slice(&input.witness[1]);
payment_preimage.0.copy_from_slice(input.witness.second_to_last().unwrap());
}
macro_rules! log_claim {
@ -3322,15 +3325,15 @@ mod tests {
use bitcoin::blockdata::block::BlockHeader;
use bitcoin::blockdata::script::{Script, Builder};
use bitcoin::blockdata::opcodes;
use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, SigHashType};
use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, EcdsaSighashType};
use bitcoin::blockdata::transaction::OutPoint as BitcoinOutPoint;
use bitcoin::util::bip143;
use bitcoin::util::sighash;
use bitcoin::hashes::Hash;
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hashes::hex::FromHex;
use bitcoin::hash_types::{BlockHash, Txid};
use bitcoin::network::constants::Network;
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{SecretKey,PublicKey};
use bitcoin::secp256k1::Secp256k1;
use hex;
@ -3355,6 +3358,7 @@ mod tests {
use util::ser::{ReadableArgs, Writeable};
use sync::{Arc, Mutex};
use io;
use bitcoin::Witness;
use prelude::*;
fn do_test_funding_spend_refuses_updates(use_local_txn: bool) {
@ -3608,24 +3612,27 @@ mod tests {
transaction_output_index: Some($idx as u32),
};
let redeem_script = if *$weight == WEIGHT_REVOKED_OUTPUT { chan_utils::get_revokeable_redeemscript(&pubkey, 256, &pubkey) } else { chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, $opt_anchors, &pubkey, &pubkey, &pubkey) };
let sighash = hash_to_message!(&$sighash_parts.signature_hash($idx, &redeem_script, $amount, SigHashType::All)[..]);
let sig = secp_ctx.sign(&sighash, &privkey);
$sighash_parts.access_witness($idx).push(sig.serialize_der().to_vec());
$sighash_parts.access_witness($idx)[0].push(SigHashType::All as u8);
$sum_actual_sigs += $sighash_parts.access_witness($idx)[0].len();
let sighash = hash_to_message!(&$sighash_parts.segwit_signature_hash($idx, &redeem_script, $amount, EcdsaSighashType::All).unwrap()[..]);
let sig = secp_ctx.sign_ecdsa(&sighash, &privkey);
let mut ser_sig = sig.serialize_der().to_vec();
ser_sig.push(EcdsaSighashType::All as u8);
$sum_actual_sigs += ser_sig.len();
let witness = $sighash_parts.witness_mut($idx).unwrap();
witness.push(ser_sig);
if *$weight == WEIGHT_REVOKED_OUTPUT {
$sighash_parts.access_witness($idx).push(vec!(1));
witness.push(vec!(1));
} else if *$weight == weight_revoked_offered_htlc($opt_anchors) || *$weight == weight_revoked_received_htlc($opt_anchors) {
$sighash_parts.access_witness($idx).push(pubkey.clone().serialize().to_vec());
witness.push(pubkey.clone().serialize().to_vec());
} else if *$weight == weight_received_htlc($opt_anchors) {
$sighash_parts.access_witness($idx).push(vec![0]);
witness.push(vec![0]);
} else {
$sighash_parts.access_witness($idx).push(PaymentPreimage([1; 32]).0.to_vec());
witness.push(PaymentPreimage([1; 32]).0.to_vec());
}
$sighash_parts.access_witness($idx).push(redeem_script.into_bytes());
println!("witness[0] {}", $sighash_parts.access_witness($idx)[0].len());
println!("witness[1] {}", $sighash_parts.access_witness($idx)[1].len());
println!("witness[2] {}", $sighash_parts.access_witness($idx)[2].len());
witness.push(redeem_script.into_bytes());
let witness = witness.to_vec();
println!("witness[0] {}", witness[0].len());
println!("witness[1] {}", witness[1].len());
println!("witness[2] {}", witness[2].len());
}
}
@ -3644,24 +3651,24 @@ mod tests {
},
script_sig: Script::new(),
sequence: 0xfffffffd,
witness: Vec::new(),
witness: Witness::new(),
});
}
claim_tx.output.push(TxOut {
script_pubkey: script_pubkey.clone(),
value: 0,
});
let base_weight = claim_tx.get_weight();
let base_weight = claim_tx.weight();
let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT, weight_revoked_offered_htlc(opt_anchors), weight_revoked_offered_htlc(opt_anchors), weight_revoked_received_htlc(opt_anchors)];
let mut inputs_total_weight = 2; // count segwit flags
{
let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx);
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
inputs_total_weight += inp;
}
}
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs));
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs));
}
// Claim tx with 1 offered HTLCs, 3 received HTLCs
@ -3676,24 +3683,24 @@ mod tests {
},
script_sig: Script::new(),
sequence: 0xfffffffd,
witness: Vec::new(),
witness: Witness::new(),
});
}
claim_tx.output.push(TxOut {
script_pubkey: script_pubkey.clone(),
value: 0,
});
let base_weight = claim_tx.get_weight();
let base_weight = claim_tx.weight();
let inputs_weight = vec![weight_offered_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors)];
let mut inputs_total_weight = 2; // count segwit flags
{
let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx);
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
inputs_total_weight += inp;
}
}
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs));
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_sig */ (73 * inputs_weight.len() - sum_actual_sigs));
}
// Justice tx with 1 revoked HTLC-Success tx output
@ -3707,23 +3714,23 @@ mod tests {
},
script_sig: Script::new(),
sequence: 0xfffffffd,
witness: Vec::new(),
witness: Witness::new(),
});
claim_tx.output.push(TxOut {
script_pubkey: script_pubkey.clone(),
value: 0,
});
let base_weight = claim_tx.get_weight();
let base_weight = claim_tx.weight();
let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT];
let mut inputs_total_weight = 2; // count segwit flags
{
let mut sighash_parts = bip143::SigHashCache::new(&mut claim_tx);
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
inputs_total_weight += inp;
}
}
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.get_weight() + /* max_length_isg */ (73 * inputs_weight.len() - sum_actual_sigs));
assert_eq!(base_weight + inputs_total_weight as usize, claim_tx.weight() + /* max_length_isg */ (73 * inputs_weight.len() - sum_actual_sigs));
}
}

85
lightning/src/chain/keysinterface.rs
View file

@ -11,12 +11,12 @@
//! spendable on-chain outputs which the user owns and is responsible for using just as any other
//! on-chain output which is theirs.
use bitcoin::blockdata::transaction::{Transaction, TxOut, TxIn, SigHashType};
use bitcoin::blockdata::transaction::{Transaction, TxOut, TxIn, EcdsaSighashType};
use bitcoin::blockdata::script::{Script, Builder};
use bitcoin::blockdata::opcodes;
use bitcoin::network::constants::Network;
use bitcoin::util::bip32::{ExtendedPrivKey, ExtendedPubKey, ChildNumber};
use bitcoin::util::bip143;
use bitcoin::util::sighash;
use bitcoin::bech32::u5;
use bitcoin::hashes::{Hash, HashEngine};
@ -25,10 +25,10 @@ use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hashes::sha256d::Hash as Sha256dHash;
use bitcoin::hash_types::WPubkeyHash;
use bitcoin::secp256k1::key::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, Signature, Signing};
use bitcoin::secp256k1::recovery::RecoverableSignature;
use bitcoin::secp256k1;
use bitcoin::secp256k1::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Signing};
use bitcoin::secp256k1::ecdsa::RecoverableSignature;
use bitcoin::{secp256k1, Witness};
use util::{byte_utils, transaction_utils};
use util::crypto::{hkdf_extract_expand_twice, sign};
@ -588,16 +588,16 @@ impl InMemorySigner {
if spend_tx.input[input_idx].previous_output != descriptor.outpoint.into_bitcoin_outpoint() { return Err(()); }
let remotepubkey = self.pubkeys().payment_point;
let witness_script = bitcoin::Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: remotepubkey}, Network::Testnet).script_pubkey();
let sighash = hash_to_message!(&bip143::SigHashCache::new(spend_tx).signature_hash(input_idx, &witness_script, descriptor.output.value, SigHashType::All)[..]);
let witness_script = bitcoin::Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: remotepubkey}, Network::Testnet).script_pubkey();
let sighash = hash_to_message!(&sighash::SighashCache::new(spend_tx).segwit_signature_hash(input_idx, &witness_script, descriptor.output.value, EcdsaSighashType::All).unwrap()[..]);
let remotesig = sign(secp_ctx, &sighash, &self.payment_key);
let payment_script = bitcoin::Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, key: remotepubkey}, Network::Bitcoin).unwrap().script_pubkey();
let payment_script = bitcoin::Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, inner: remotepubkey}, Network::Bitcoin).unwrap().script_pubkey();
if payment_script != descriptor.output.script_pubkey { return Err(()); }
let mut witness = Vec::with_capacity(2);
witness.push(remotesig.serialize_der().to_vec());
witness[0].push(SigHashType::All as u8);
witness[0].push(EcdsaSighashType::All as u8);
witness.push(remotepubkey.serialize().to_vec());
Ok(witness)
}
@ -623,7 +623,7 @@ impl InMemorySigner {
.expect("We constructed the payment_base_key, so we can only fail here if the RNG is busted.");
let delayed_payment_pubkey = PublicKey::from_secret_key(&secp_ctx, &delayed_payment_key);
let witness_script = chan_utils::get_revokeable_redeemscript(&descriptor.revocation_pubkey, descriptor.to_self_delay, &delayed_payment_pubkey);
let sighash = hash_to_message!(&bip143::SigHashCache::new(spend_tx).signature_hash(input_idx, &witness_script, descriptor.output.value, SigHashType::All)[..]);
let sighash = hash_to_message!(&sighash::SighashCache::new(spend_tx).segwit_signature_hash(input_idx, &witness_script, descriptor.output.value, EcdsaSighashType::All).unwrap()[..]);
let local_delayedsig = sign(secp_ctx, &sighash, &delayed_payment_key);
let payment_script = bitcoin::Address::p2wsh(&witness_script, Network::Bitcoin).script_pubkey();
@ -631,7 +631,7 @@ impl InMemorySigner {
let mut witness = Vec::with_capacity(3);
witness.push(local_delayedsig.serialize_der().to_vec());
witness[0].push(SigHashType::All as u8);
witness[0].push(EcdsaSighashType::All as u8);
witness.push(vec!()); //MINIMALIF
witness.push(witness_script.clone().into_bytes());
Ok(witness)
@ -670,8 +670,8 @@ impl BaseSign for InMemorySigner {
for htlc in commitment_tx.htlcs() {
let htlc_tx = chan_utils::build_htlc_transaction(&commitment_txid, commitment_tx.feerate_per_kw(), self.holder_selected_contest_delay(), htlc, self.opt_anchors(), &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, self.opt_anchors(), &keys);
let htlc_sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All };
let htlc_sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]);
let htlc_sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]);
let holder_htlc_key = chan_utils::derive_private_key(&secp_ctx, &keys.per_commitment_point, &self.htlc_base_key).map_err(|_| ())?;
htlc_sigs.push(sign(secp_ctx, &htlc_sighash, &holder_htlc_key));
}
@ -712,8 +712,8 @@ impl BaseSign for InMemorySigner {
let counterparty_delayedpubkey = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.counterparty_pubkeys().delayed_payment_basepoint).map_err(|_| ())?;
chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.holder_selected_contest_delay(), &counterparty_delayedpubkey)
};
let mut sighash_parts = bip143::SigHashCache::new(justice_tx);
let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]);
let mut sighash_parts = sighash::SighashCache::new(justice_tx);
let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]);
return Ok(sign(secp_ctx, &sighash, &revocation_key))
}
@ -726,8 +726,8 @@ impl BaseSign for InMemorySigner {
let holder_htlcpubkey = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.pubkeys().htlc_basepoint).map_err(|_| ())?;
chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, self.opt_anchors(), &counterparty_htlcpubkey, &holder_htlcpubkey, &revocation_pubkey)
};
let mut sighash_parts = bip143::SigHashCache::new(justice_tx);
let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]);
let mut sighash_parts = sighash::SighashCache::new(justice_tx);
let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]);
return Ok(sign(secp_ctx, &sighash, &revocation_key))
}
@ -740,8 +740,8 @@ impl BaseSign for InMemorySigner {
} else { return Err(()) }
} else { return Err(()) }
} else { return Err(()) };
let mut sighash_parts = bip143::SigHashCache::new(htlc_tx);
let sighash = hash_to_message!(&sighash_parts.signature_hash(input, &witness_script, amount, SigHashType::All)[..]);
let mut sighash_parts = sighash::SighashCache::new(htlc_tx);
let sighash = hash_to_message!(&sighash_parts.segwit_signature_hash(input, &witness_script, amount, EcdsaSighashType::All).unwrap()[..]);
return Ok(sign(secp_ctx, &sighash, &htlc_key))
}
Err(())
@ -884,10 +884,10 @@ impl KeysManager {
// Note that when we aren't serializing the key, network doesn't matter
match ExtendedPrivKey::new_master(Network::Testnet, seed) {
Ok(master_key) => {
let node_secret = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(0).unwrap()).expect("Your RNG is busted").private_key.key;
let node_secret = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(0).unwrap()).expect("Your RNG is busted").private_key;
let destination_script = match master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(1).unwrap()) {
Ok(destination_key) => {
let wpubkey_hash = WPubkeyHash::hash(&ExtendedPubKey::from_private(&secp_ctx, &destination_key).public_key.to_bytes());
let wpubkey_hash = WPubkeyHash::hash(&ExtendedPubKey::from_priv(&secp_ctx, &destination_key).to_pub().to_bytes());
Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0)
.push_slice(&wpubkey_hash.into_inner())
.into_script()
@ -895,12 +895,12 @@ impl KeysManager {
Err(_) => panic!("Your RNG is busted"),
};
let shutdown_pubkey = match master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(2).unwrap()) {
Ok(shutdown_key) => ExtendedPubKey::from_private(&secp_ctx, &shutdown_key).public_key.key,
Ok(shutdown_key) => ExtendedPubKey::from_priv(&secp_ctx, &shutdown_key).public_key,
Err(_) => panic!("Your RNG is busted"),
};
let channel_master_key = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(3).unwrap()).expect("Your RNG is busted");
let rand_bytes_master_key = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(4).unwrap()).expect("Your RNG is busted");
let inbound_payment_key: SecretKey = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(5).unwrap()).expect("Your RNG is busted").private_key.key;
let inbound_payment_key: SecretKey = master_key.ckd_priv(&secp_ctx, ChildNumber::from_hardened_idx(5).unwrap()).expect("Your RNG is busted").private_key;
let mut inbound_pmt_key_bytes = [0; 32];
inbound_pmt_key_bytes.copy_from_slice(&inbound_payment_key[..]);
@ -951,7 +951,7 @@ impl KeysManager {
// entropy, everything else just ensures uniqueness. We rely on the unique_start (ie
// starting_time provided in the constructor) to be unique.
let child_privkey = self.channel_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(chan_id as u32).expect("key space exhausted")).expect("Your RNG is busted");
unique_start.input(&child_privkey.private_key.key[..]);
unique_start.input(&child_privkey.private_key[..]);
let seed = Sha256::from_engine(unique_start).into_inner();
@ -1014,7 +1014,7 @@ impl KeysManager {
previous_output: descriptor.outpoint.into_bitcoin_outpoint(),
script_sig: Script::new(),
sequence: 0,
witness: Vec::new(),
witness: Witness::new(),
});
witness_weight += StaticPaymentOutputDescriptor::MAX_WITNESS_LENGTH;
input_value += descriptor.output.value;
@ -1025,7 +1025,7 @@ impl KeysManager {
previous_output: descriptor.outpoint.into_bitcoin_outpoint(),
script_sig: Script::new(),
sequence: descriptor.to_self_delay as u32,
witness: Vec::new(),
witness: Witness::new(),
});
witness_weight += DelayedPaymentOutputDescriptor::MAX_WITNESS_LENGTH;
input_value += descriptor.output.value;
@ -1036,7 +1036,7 @@ impl KeysManager {
previous_output: outpoint.into_bitcoin_outpoint(),
script_sig: Script::new(),
sequence: 0,
witness: Vec::new(),
witness: Witness::new(),
});
witness_weight += 1 + 73 + 34;
input_value += output.value;
@ -1064,7 +1064,7 @@ impl KeysManager {
self.derive_channel_keys(descriptor.channel_value_satoshis, &descriptor.channel_keys_id),
descriptor.channel_keys_id));
}
spend_tx.input[input_idx].witness = keys_cache.as_ref().unwrap().0.sign_counterparty_payment_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?;
spend_tx.input[input_idx].witness = Witness::from_vec(keys_cache.as_ref().unwrap().0.sign_counterparty_payment_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?);
},
SpendableOutputDescriptor::DelayedPaymentOutput(descriptor) => {
if keys_cache.is_none() || keys_cache.as_ref().unwrap().1 != descriptor.channel_keys_id {
@ -1072,7 +1072,7 @@ impl KeysManager {
self.derive_channel_keys(descriptor.channel_value_satoshis, &descriptor.channel_keys_id),
descriptor.channel_keys_id));
}
spend_tx.input[input_idx].witness = keys_cache.as_ref().unwrap().0.sign_dynamic_p2wsh_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?;
spend_tx.input[input_idx].witness = Witness::from_vec(keys_cache.as_ref().unwrap().0.sign_dynamic_p2wsh_input(&spend_tx, input_idx, &descriptor, &secp_ctx)?);
},
SpendableOutputDescriptor::StaticOutput { ref output, .. } => {
let derivation_idx = if output.script_pubkey == self.destination_script {
@ -1092,29 +1092,30 @@ impl KeysManager {
Err(_) => panic!("Your rng is busted"),
}
};
let pubkey = ExtendedPubKey::from_private(&secp_ctx, &secret).public_key;
let pubkey = ExtendedPubKey::from_priv(&secp_ctx, &secret).to_pub();
if derivation_idx == 2 {
assert_eq!(pubkey.key, self.shutdown_pubkey);
assert_eq!(pubkey.inner, self.shutdown_pubkey);
}
let witness_script = bitcoin::Address::p2pkh(&pubkey, Network::Testnet).script_pubkey();
let payment_script = bitcoin::Address::p2wpkh(&pubkey, Network::Testnet).expect("uncompressed key found").script_pubkey();
if payment_script != output.script_pubkey { return Err(()); };
let sighash = hash_to_message!(&bip143::SigHashCache::new(&spend_tx).signature_hash(input_idx, &witness_script, output.value, SigHashType::All)[..]);
let sig = sign(secp_ctx, &sighash, &secret.private_key.key);
spend_tx.input[input_idx].witness.push(sig.serialize_der().to_vec());
spend_tx.input[input_idx].witness[0].push(SigHashType::All as u8);
spend_tx.input[input_idx].witness.push(pubkey.key.serialize().to_vec());
let sighash = hash_to_message!(&sighash::SighashCache::new(&spend_tx).segwit_signature_hash(input_idx, &witness_script, output.value, EcdsaSighashType::All).unwrap()[..]);
let sig = sign(secp_ctx, &sighash, &secret.private_key);
let mut sig_ser = sig.serialize_der().to_vec();
sig_ser.push(EcdsaSighashType::All as u8);
spend_tx.input[input_idx].witness.push(sig_ser);
spend_tx.input[input_idx].witness.push(pubkey.inner.serialize().to_vec());
},
}
input_idx += 1;
}
debug_assert!(expected_max_weight >= spend_tx.get_weight());
debug_assert!(expected_max_weight >= spend_tx.weight());
// Note that witnesses with a signature vary somewhat in size, so allow
// `expected_max_weight` to overshoot by up to 3 bytes per input.
debug_assert!(expected_max_weight <= spend_tx.get_weight() + descriptors.len() * 3);
debug_assert!(expected_max_weight <= spend_tx.weight() + descriptors.len() * 3);
Ok(spend_tx)
}
@ -1157,7 +1158,7 @@ impl KeysInterface for KeysManager {
let child_ix = self.rand_bytes_child_index.fetch_add(1, Ordering::AcqRel);
let child_privkey = self.rand_bytes_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(child_ix as u32).expect("key space exhausted")).expect("Your RNG is busted");
sha.input(&child_privkey.private_key.key[..]);
sha.input(&child_privkey.private_key[..]);
sha.input(b"Unique Secure Random Bytes Salt");
Sha256::from_engine(sha).into_inner()
@ -1173,7 +1174,7 @@ impl KeysInterface for KeysManager {
Recipient::Node => self.get_node_secret(Recipient::Node)?,
Recipient::PhantomNode => return Err(()),
};
Ok(self.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret))
Ok(self.secp_ctx.sign_ecdsa_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret))
}
}
@ -1241,7 +1242,7 @@ impl KeysInterface for PhantomKeysManager {
fn sign_invoice(&self, hrp_bytes: &[u8], invoice_data: &[u5], recipient: Recipient) -> Result<RecoverableSignature, ()> {
let preimage = construct_invoice_preimage(&hrp_bytes, &invoice_data);
let secret = self.get_node_secret(recipient)?;
Ok(self.inner.secp_ctx.sign_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret))
Ok(self.inner.secp_ctx.sign_ecdsa_recoverable(&hash_to_message!(&Sha256::hash(&preimage)), &secret))
}
}

4
lightning/src/chain/onchaintx.rs
View file

@ -18,7 +18,7 @@ use bitcoin::blockdata::script::Script;
use bitcoin::hash_types::Txid;
use bitcoin::secp256k1::{Secp256k1, Signature};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
use bitcoin::secp256k1;
use ln::msgs::DecodeError;
@ -394,7 +394,7 @@ impl<ChannelSigner: Sign> OnchainTxHandler<ChannelSigner> {
let transaction = cached_request.finalize_package(self, output_value, self.destination_script.clone(), logger).unwrap();
log_trace!(logger, "...with timer {} and feerate {}", new_timer.unwrap(), new_feerate);
assert!(predicted_weight >= transaction.get_weight());
assert!(predicted_weight >= transaction.weight());
return Some((new_timer, new_feerate, transaction))
}
} else {

29
lightning/src/chain/package.rs
View file

@ -12,13 +12,13 @@
//! also includes witness weight computation and fee computation methods.
use bitcoin::blockdata::constants::WITNESS_SCALE_FACTOR;
use bitcoin::blockdata::transaction::{TxOut,TxIn, Transaction, SigHashType};
use bitcoin::blockdata::transaction::{TxOut,TxIn, Transaction, EcdsaSighashType};
use bitcoin::blockdata::transaction::OutPoint as BitcoinOutPoint;
use bitcoin::blockdata::script::Script;
use bitcoin::hash_types::Txid;
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{SecretKey,PublicKey};
use ln::PaymentPreimage;
use ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment};
@ -36,6 +36,7 @@ use prelude::*;
use core::cmp;
use core::mem;
use core::ops::Deref;
use bitcoin::Witness;
const MAX_ALLOC_SIZE: usize = 64*1024;
@ -352,8 +353,9 @@ impl PackageSolvingData {
let witness_script = chan_utils::get_revokeable_redeemscript(&chan_keys.revocation_key, outp.on_counterparty_tx_csv, &chan_keys.broadcaster_delayed_payment_key);
//TODO: should we panic on signer failure ?
if let Ok(sig) = onchain_handler.signer.sign_justice_revoked_output(&bumped_tx, i, outp.amount, &outp.per_commitment_key, &onchain_handler.secp_ctx) {
bumped_tx.input[i].witness.push(sig.serialize_der().to_vec());
bumped_tx.input[i].witness[0].push(SigHashType::All as u8);
let mut ser_sig = sig.serialize_der().to_vec();
ser_sig.push(EcdsaSighashType::All as u8);
bumped_tx.input[i].witness.push(ser_sig);
bumped_tx.input[i].witness.push(vec!(1));
bumped_tx.input[i].witness.push(witness_script.clone().into_bytes());
} else { return false; }
@ -364,8 +366,9 @@ impl PackageSolvingData {
let witness_script = chan_utils::get_htlc_redeemscript_with_explicit_keys(&outp.htlc, onchain_handler.opt_anchors(), &chan_keys.broadcaster_htlc_key, &chan_keys.countersignatory_htlc_key, &chan_keys.revocation_key);
//TODO: should we panic on signer failure ?
if let Ok(sig) = onchain_handler.signer.sign_justice_revoked_htlc(&bumped_tx, i, outp.amount, &outp.per_commitment_key, &outp.htlc, &onchain_handler.secp_ctx) {
bumped_tx.input[i].witness.push(sig.serialize_der().to_vec());
bumped_tx.input[i].witness[0].push(SigHashType::All as u8);
let mut ser_sig = sig.serialize_der().to_vec();
ser_sig.push(EcdsaSighashType::All as u8);
bumped_tx.input[i].witness.push(ser_sig);
bumped_tx.input[i].witness.push(chan_keys.revocation_key.clone().serialize().to_vec());
bumped_tx.input[i].witness.push(witness_script.clone().into_bytes());
} else { return false; }
@ -376,8 +379,9 @@ impl PackageSolvingData {
let witness_script = chan_utils::get_htlc_redeemscript_with_explicit_keys(&outp.htlc, onchain_handler.opt_anchors(), &chan_keys.broadcaster_htlc_key, &chan_keys.countersignatory_htlc_key, &chan_keys.revocation_key);
if let Ok(sig) = onchain_handler.signer.sign_counterparty_htlc_transaction(&bumped_tx, i, &outp.htlc.amount_msat / 1000, &outp.per_commitment_point, &outp.htlc, &onchain_handler.secp_ctx) {
bumped_tx.input[i].witness.push(sig.serialize_der().to_vec());
bumped_tx.input[i].witness[0].push(SigHashType::All as u8);
let mut ser_sig = sig.serialize_der().to_vec();
ser_sig.push(EcdsaSighashType::All as u8);
bumped_tx.input[i].witness.push(ser_sig);
bumped_tx.input[i].witness.push(outp.preimage.0.to_vec());
bumped_tx.input[i].witness.push(witness_script.clone().into_bytes());
}
@ -389,8 +393,9 @@ impl PackageSolvingData {
bumped_tx.lock_time = outp.htlc.cltv_expiry; // Right now we don't aggregate time-locked transaction, if we do we should set lock_time before to avoid breaking hash computation
if let Ok(sig) = onchain_handler.signer.sign_counterparty_htlc_transaction(&bumped_tx, i, &outp.htlc.amount_msat / 1000, &outp.per_commitment_point, &outp.htlc, &onchain_handler.secp_ctx) {
bumped_tx.input[i].witness.push(sig.serialize_der().to_vec());
bumped_tx.input[i].witness[0].push(SigHashType::All as u8);
let mut ser_sig = sig.serialize_der().to_vec();
ser_sig.push(EcdsaSighashType::All as u8);
bumped_tx.input[i].witness.push(ser_sig);
// Due to BIP146 (MINIMALIF) this must be a zero-length element to relay.
bumped_tx.input[i].witness.push(vec![]);
bumped_tx.input[i].witness.push(witness_script.clone().into_bytes());
@ -620,7 +625,7 @@ impl PackageTemplate {
previous_output: *outpoint,
script_sig: Script::new(),
sequence: 0xfffffffd,
witness: Vec::new(),
witness: Witness::new(),
});
}
for (i, (outpoint, out)) in self.inputs.iter().enumerate() {
@ -852,7 +857,7 @@ mod tests {
use bitcoin::hashes::hex::FromHex;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::Secp256k1;
macro_rules! dumb_revk_output {

50
lightning/src/ln/chan_utils.rs
View file

@ -12,8 +12,8 @@
use bitcoin::blockdata::script::{Script,Builder};
use bitcoin::blockdata::opcodes;
use bitcoin::blockdata::transaction::{TxIn,TxOut,OutPoint,Transaction, SigHashType};
use bitcoin::util::bip143;
use bitcoin::blockdata::transaction::{TxIn,TxOut,OutPoint,Transaction, EcdsaSighashType};
use bitcoin::util::sighash;
use bitcoin::hashes::{Hash, HashEngine};
use bitcoin::hashes::sha256::Hash as Sha256;
@ -26,10 +26,10 @@ use util::ser::{Readable, Writeable, Writer};
use util::{byte_utils, transaction_utils};
use bitcoin::hash_types::WPubkeyHash;
use bitcoin::secp256k1::key::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, Signature, Message};
use bitcoin::secp256k1::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Message};
use bitcoin::secp256k1::Error as SecpError;
use bitcoin::secp256k1;
use bitcoin::{secp256k1, Witness};
use io;
use prelude::*;
@ -102,7 +102,7 @@ pub fn build_closing_transaction(to_holder_value_sat: u64, to_counterparty_value
previous_output: funding_outpoint,
script_sig: Script::new(),
sequence: 0xffffffff,
witness: Vec::new(),
witness: Witness::new(),
});
ins
};
@ -615,7 +615,7 @@ pub fn build_htlc_transaction(commitment_txid: &Txid, feerate_per_kw: u32, conte
},
script_sig: Script::new(),
sequence: if opt_anchors { 1 } else { 0 },
witness: Vec::new(),
witness: Witness::new(),
});
let weight = if htlc.offered {
@ -891,16 +891,18 @@ impl HolderCommitmentTransaction {
// First push the multisig dummy, note that due to BIP147 (NULLDUMMY) it must be a zero-length element.
let mut tx = self.inner.built.transaction.clone();
tx.input[0].witness.push(Vec::new());
let mut ser_holder_sig = holder_sig.serialize_der().to_vec();
ser_holder_sig.push(EcdsaSighashType::All as u8);
let mut ser_cp_sig = self.counterparty_sig.serialize_der().to_vec();
ser_cp_sig.push(EcdsaSighashType::All as u8);
if self.holder_sig_first {
tx.input[0].witness.push(holder_sig.serialize_der().to_vec());
tx.input[0].witness.push(self.counterparty_sig.serialize_der().to_vec());
tx.input[0].witness.push(ser_holder_sig);
tx.input[0].witness.push(ser_cp_sig);
} else {
tx.input[0].witness.push(self.counterparty_sig.serialize_der().to_vec());
tx.input[0].witness.push(holder_sig.serialize_der().to_vec());
tx.input[0].witness.push(ser_cp_sig);
tx.input[0].witness.push(ser_holder_sig);
}
tx.input[0].witness[1].push(SigHashType::All as u8);
tx.input[0].witness[2].push(SigHashType::All as u8);
tx.input[0].witness.push(funding_redeemscript.as_bytes().to_vec());
tx
@ -929,7 +931,7 @@ impl BuiltCommitmentTransaction {
///
/// This can be used to verify a signature.
pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message {
let sighash = &bip143::SigHashCache::new(&self.transaction).signature_hash(0, funding_redeemscript, channel_value_satoshis, SigHashType::All)[..];
let sighash = &sighash::SighashCache::new(&self.transaction).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..];
hash_to_message!(sighash)
}
@ -1053,7 +1055,7 @@ impl<'a> TrustedClosingTransaction<'a> {
///
/// This can be used to verify a signature.
pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message {
let sighash = &bip143::SigHashCache::new(&self.inner.built).signature_hash(0, funding_redeemscript, channel_value_satoshis, SigHashType::All)[..];
let sighash = &sighash::SighashCache::new(&self.inner.built).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..];
hash_to_message!(sighash)
}
@ -1291,7 +1293,7 @@ impl CommitmentTransaction {
script_sig: Script::new(),
sequence: ((0x80 as u32) << 8 * 3)
| ((obscured_commitment_transaction_number >> 3 * 8) as u32),
witness: Vec::new(),
witness: Witness::new(),
});
ins
};
@ -1401,7 +1403,7 @@ impl<'a> TrustedCommitmentTransaction<'a> {
///
/// The returned Vec has one entry for each HTLC, and in the same order.
///
/// This function is only valid in the holder commitment context, it always uses SigHashType::All.
/// This function is only valid in the holder commitment context, it always uses EcdsaSighashType::All.
pub fn get_htlc_sigs<T: secp256k1::Signing>(&self, htlc_base_key: &SecretKey, channel_parameters: &DirectedChannelTransactionParameters, secp_ctx: &Secp256k1<T>) -> Result<Vec<Signature>, ()> {
let inner = self.inner;
let keys = &inner.keys;
@ -1415,7 +1417,7 @@ impl<'a> TrustedCommitmentTransaction<'a> {
let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, self.opt_anchors(), &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key);
let sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, SigHashType::All)[..]);
let sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, EcdsaSighashType::All).unwrap()[..]);
ret.push(sign(secp_ctx, &sighash, &holder_htlc_key));
}
Ok(ret)
@ -1437,15 +1439,17 @@ impl<'a> TrustedCommitmentTransaction<'a> {
let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, self.opt_anchors(), &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key);
let sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All };
let sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
// First push the multisig dummy, note that due to BIP147 (NULLDUMMY) it must be a zero-length element.
htlc_tx.input[0].witness.push(Vec::new());
htlc_tx.input[0].witness.push(counterparty_signature.serialize_der().to_vec());
htlc_tx.input[0].witness.push(signature.serialize_der().to_vec());
htlc_tx.input[0].witness[1].push(sighashtype as u8);
htlc_tx.input[0].witness[2].push(SigHashType::All as u8);
let mut cp_sig_ser = counterparty_signature.serialize_der().to_vec();
cp_sig_ser.push(sighashtype as u8);
htlc_tx.input[0].witness.push(cp_sig_ser);
let mut holder_sig_ser = signature.serialize_der().to_vec();
holder_sig_ser.push(EcdsaSighashType::All as u8);
htlc_tx.input[0].witness.push(holder_sig_ser);
if this_htlc.offered {
// Due to BIP146 (MINIMALIF) this must be a zero-length element to relay.

60
lightning/src/ln/channel.rs
View file

@ -8,8 +8,8 @@
// licenses.
use bitcoin::blockdata::script::{Script,Builder};
use bitcoin::blockdata::transaction::{Transaction, SigHashType};
use bitcoin::util::bip143;
use bitcoin::blockdata::transaction::{Transaction, EcdsaSighashType};
use bitcoin::util::sighash;
use bitcoin::consensus::encode;
use bitcoin::hashes::Hash;
@ -18,8 +18,8 @@ use bitcoin::hashes::sha256d::Hash as Sha256d;
use bitcoin::hash_types::{Txid, BlockHash};
use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{Secp256k1,Signature};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::{Secp256k1,ecdsa::Signature};
use bitcoin::secp256k1;
use ln::{PaymentPreimage, PaymentHash};
@ -2044,7 +2044,7 @@ impl<Signer: Sign> Channel<Signer> {
log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.counterparty_funding_pubkey().serialize()),
encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]),
encode::serialize_hex(&funding_script), log_bytes!(self.channel_id()));
secp_check!(self.secp_ctx.verify(&sighash, &sig, self.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned());
secp_check!(self.secp_ctx.verify_ecdsa(&sighash, &sig, self.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned());
}
let counterparty_keys = self.build_remote_transaction_keys()?;
@ -2176,7 +2176,7 @@ impl<Signer: Sign> Channel<Signer> {
let initial_commitment_bitcoin_tx = trusted_tx.built_transaction();
let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.channel_value_satoshis);
// They sign our commitment transaction, allowing us to broadcast the tx if we wish.
if let Err(_) = self.secp_ctx.verify(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) {
if let Err(_) = self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) {
return Err(ChannelError::Close("Invalid funding_signed signature from peer".to_owned()));
}
}
@ -2814,7 +2814,7 @@ impl<Signer: Sign> Channel<Signer> {
log_bytes!(msg.signature.serialize_compact()[..]),
log_bytes!(self.counterparty_funding_pubkey().serialize()), encode::serialize_hex(&bitcoin_tx.transaction),
log_bytes!(sighash[..]), encode::serialize_hex(&funding_script), log_bytes!(self.channel_id()));
if let Err(_) = self.secp_ctx.verify(&sighash, &msg.signature, &self.counterparty_funding_pubkey()) {
if let Err(_) = self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.counterparty_funding_pubkey()) {
return Err((None, ChannelError::Close("Invalid commitment tx signature from peer".to_owned())));
}
bitcoin_tx.txid
@ -2864,12 +2864,12 @@ impl<Signer: Sign> Channel<Signer> {
&keys.broadcaster_delayed_payment_key, &keys.revocation_key);
let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, self.opt_anchors(), &keys);
let htlc_sighashtype = if self.opt_anchors() { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All };
let htlc_sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]);
let htlc_sighashtype = if self.opt_anchors() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]);
log_trace!(logger, "Checking HTLC tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}.",
log_bytes!(msg.htlc_signatures[idx].serialize_compact()[..]), log_bytes!(keys.countersignatory_htlc_key.serialize()),
encode::serialize_hex(&htlc_tx), log_bytes!(htlc_sighash[..]), encode::serialize_hex(&htlc_redeemscript), log_bytes!(self.channel_id()));
if let Err(_) = self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key) {
if let Err(_) = self.secp_ctx.verify_ecdsa(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key) {
return Err((None, ChannelError::Close("Invalid HTLC tx signature from peer".to_owned())));
}
htlcs_and_sigs.push((htlc, Some(msg.htlc_signatures[idx]), source));
@ -4106,15 +4106,17 @@ impl<Signer: Sign> Channel<Signer> {
let funding_key = self.get_holder_pubkeys().funding_pubkey.serialize();
let counterparty_funding_key = self.counterparty_funding_pubkey().serialize();
let mut holder_sig = sig.serialize_der().to_vec();
holder_sig.push(EcdsaSighashType::All as u8);
let mut cp_sig = counterparty_sig.serialize_der().to_vec();
cp_sig.push(EcdsaSighashType::All as u8);
if funding_key[..] < counterparty_funding_key[..] {
tx.input[0].witness.push(sig.serialize_der().to_vec());
tx.input[0].witness.push(counterparty_sig.serialize_der().to_vec());
tx.input[0].witness.push(holder_sig);
tx.input[0].witness.push(cp_sig);
} else {
tx.input[0].witness.push(counterparty_sig.serialize_der().to_vec());
tx.input[0].witness.push(sig.serialize_der().to_vec());
tx.input[0].witness.push(cp_sig);
tx.input[0].witness.push(holder_sig);
}
tx.input[0].witness[1].push(SigHashType::All as u8);
tx.input[0].witness[2].push(SigHashType::All as u8);
tx.input[0].witness.push(self.get_funding_redeemscript().into_bytes());
tx
@ -4152,14 +4154,14 @@ impl<Signer: Sign> Channel<Signer> {
}
let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.channel_value_satoshis);
match self.secp_ctx.verify(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) {
match self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.get_counterparty_pubkeys().funding_pubkey) {
Ok(_) => {},
Err(_e) => {
// The remote end may have decided to revoke their output due to inconsistent dust
// limits, so check for that case by re-checking the signature here.
closing_tx = self.build_closing_transaction(msg.fee_satoshis, true).0;
let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.channel_value_satoshis);
secp_check!(self.secp_ctx.verify(&sighash, &msg.signature, self.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned());
secp_check!(self.secp_ctx.verify_ecdsa(&sighash, &msg.signature, self.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned());
},
};
@ -5045,12 +5047,12 @@ impl<Signer: Sign> Channel<Signer> {
let msghash = hash_to_message!(&Sha256d::hash(&announcement.encode()[..])[..]);
if self.secp_ctx.verify(&msghash, &msg.node_signature, &self.get_counterparty_node_id()).is_err() {
if self.secp_ctx.verify_ecdsa(&msghash, &msg.node_signature, &self.get_counterparty_node_id()).is_err() {
return Err(ChannelError::Close(format!(
"Bad announcement_signatures. Failed to verify node_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_node_key is {:?}",
&announcement, self.get_counterparty_node_id())));
}
if self.secp_ctx.verify(&msghash, &msg.bitcoin_signature, self.counterparty_funding_pubkey()).is_err() {
if self.secp_ctx.verify_ecdsa(&msghash, &msg.bitcoin_signature, self.counterparty_funding_pubkey()).is_err() {
return Err(ChannelError::Close(format!(
"Bad announcement_signatures. Failed to verify bitcoin_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_bitcoin_key is ({:?})",
&announcement, self.counterparty_funding_pubkey())));
@ -6354,10 +6356,10 @@ mod tests {
use util::errors::APIError;
use util::test_utils;
use util::test_utils::OnGetShutdownScriptpubkey;
use bitcoin::secp256k1::{Secp256k1, Signature};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
use bitcoin::secp256k1::ffi::Signature as FFISignature;
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::recovery::RecoverableSignature;
use bitcoin::secp256k1::{SecretKey,PublicKey};
use bitcoin::secp256k1::ecdsa::RecoverableSignature;
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hashes::Hash;
use bitcoin::hash_types::WPubkeyHash;
@ -6707,9 +6709,9 @@ mod tests {
#[cfg(not(feature = "grind_signatures"))]
#[test]
fn outbound_commitment_test() {
use bitcoin::util::bip143;
use bitcoin::util::sighash;
use bitcoin::consensus::encode::serialize;
use bitcoin::blockdata::transaction::SigHashType;
use bitcoin::blockdata::transaction::EcdsaSighashType;
use bitcoin::hashes::hex::FromHex;
use bitcoin::hash_types::Txid;
use bitcoin::secp256k1::Message;
@ -6818,7 +6820,7 @@ mod tests {
let counterparty_signature = Signature::from_der(&hex::decode($counterparty_sig_hex).unwrap()[..]).unwrap();
let sighash = unsigned_tx.get_sighash_all(&redeemscript, chan.channel_value_satoshis);
log_trace!(logger, "unsigned_tx = {}", hex::encode(serialize(&unsigned_tx.transaction)));
assert!(secp_ctx.verify(&sighash, &counterparty_signature, chan.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig");
assert!(secp_ctx.verify_ecdsa(&sighash, &counterparty_signature, chan.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig");
let mut per_htlc: Vec<(HTLCOutputInCommitment, Option<Signature>)> = Vec::new();
per_htlc.clear(); // Don't warn about excess mut for no-HTLC calls
@ -6857,9 +6859,9 @@ mod tests {
chan.get_counterparty_selected_contest_delay().unwrap(),
&htlc, $opt_anchors, &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, $opt_anchors, &keys);
let htlc_sighashtype = if $opt_anchors { SigHashType::SinglePlusAnyoneCanPay } else { SigHashType::All };
let htlc_sighash = Message::from_slice(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype)[..]).unwrap();
assert!(secp_ctx.verify(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key).is_ok(), "verify counterparty htlc sig");
let htlc_sighashtype = if $opt_anchors { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
let htlc_sighash = Message::from_slice(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]).unwrap();
assert!(secp_ctx.verify_ecdsa(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key).is_ok(), "verify counterparty htlc sig");
let mut preimage: Option<PaymentPreimage> = None;
if !htlc.offered {

16
lightning/src/ln/channelmanager.rs
View file

@ -28,7 +28,7 @@ use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hashes::sha256d::Hash as Sha256dHash;
use bitcoin::hash_types::{BlockHash, Txid};
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{SecretKey,PublicKey};
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::ecdh::SharedSecret;
use bitcoin::secp256k1;
@ -2070,11 +2070,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
return_malformed_err!("invalid ephemeral pubkey", 0x8000 | 0x4000 | 6);
}
let shared_secret = {
let mut arr = [0; 32];
arr.copy_from_slice(&SharedSecret::new(&msg.onion_routing_packet.public_key.unwrap(), &self.our_network_key)[..]);
arr
};
let shared_secret = SharedSecret::new(&msg.onion_routing_packet.public_key.unwrap(), &self.our_network_key).secret_bytes();
if msg.onion_routing_packet.version != 0 {
//TODO: Spec doesn't indicate if we should only hash hop_data here (and in other
@ -2324,7 +2320,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
};
let msg_hash = Sha256dHash::hash(&unsigned.encode()[..]);
let sig = self.secp_ctx.sign(&hash_to_message!(&msg_hash[..]), &self.our_network_key);
let sig = self.secp_ctx.sign_ecdsa(&hash_to_message!(&msg_hash[..]), &self.our_network_key);
Ok(msgs::ChannelUpdate {
signature: sig,
@ -2925,11 +2921,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
if let PendingHTLCRouting::Forward { onion_packet, .. } = routing {
let phantom_secret_res = self.keys_manager.get_node_secret(Recipient::PhantomNode);
if phantom_secret_res.is_ok() && fake_scid::is_valid_phantom(&self.fake_scid_rand_bytes, short_chan_id) {
let phantom_shared_secret = {
let mut arr = [0; 32];
arr.copy_from_slice(&SharedSecret::new(&onion_packet.public_key.unwrap(), &phantom_secret_res.unwrap())[..]);
arr
};
let phantom_shared_secret = SharedSecret::new(&onion_packet.public_key.unwrap(), &phantom_secret_res.unwrap()).secret_bytes();
let next_hop = match onion_utils::decode_next_hop(phantom_shared_secret, &onion_packet.hop_data, onion_packet.hmac, payment_hash) {
Ok(res) => res,
Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code }) => {

9
lightning/src/ln/functional_test_utils.rs
View file

@ -35,7 +35,7 @@ use bitcoin::network::constants::Network;
use bitcoin::hash_types::BlockHash;
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use io;
use prelude::*;
@ -859,7 +859,7 @@ macro_rules! check_spends {
for output in $tx.output.iter() {
total_value_out += output.value;
}
let min_fee = ($tx.get_weight() as u64 + 3) / 4; // One sat per vbyte (ie per weight/4, rounded up)
let min_fee = ($tx.weight() as u64 + 3) / 4; // One sat per vbyte (ie per weight/4, rounded up)
// Input amount - output amount = fee, so check that out + min_fee is smaller than input
assert!(total_value_out + min_fee <= total_value_in);
$tx.verify(get_output).unwrap();
@ -2004,7 +2004,10 @@ pub fn check_preimage_claim<'a, 'b, 'c>(node: &Node<'a, 'b, 'c>, prev_txn: &Vec<
for tx in prev_txn {
if node_txn[0].input[0].previous_output.txid == tx.txid() {
check_spends!(node_txn[0], tx);
assert!(node_txn[0].input[0].witness[2].len() > 106); // must spend an htlc output
let mut iter = node_txn[0].input[0].witness.iter();
iter.next().expect("expected 3 witness items");
iter.next().expect("expected 3 witness items");
assert!(iter.next().expect("expected 3 witness items").len() > 106); // must spend an htlc output
assert_eq!(tx.input.len(), 1); // must spend a commitment tx
found_prev = true;

24
lightning/src/ln/functional_tests.rs
View file

@ -42,7 +42,7 @@ use bitcoin::blockdata::constants::genesis_block;
use bitcoin::network::constants::Network;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use regex;
@ -5746,8 +5746,8 @@ fn test_key_derivation_params() {
check_spends!(local_txn_1[0], chan_1.3);
// We check funding pubkey are unique
let (from_0_funding_key_0, from_0_funding_key_1) = (PublicKey::from_slice(&local_txn_0[0].input[0].witness[3][2..35]), PublicKey::from_slice(&local_txn_0[0].input[0].witness[3][36..69]));
let (from_1_funding_key_0, from_1_funding_key_1) = (PublicKey::from_slice(&local_txn_1[0].input[0].witness[3][2..35]), PublicKey::from_slice(&local_txn_1[0].input[0].witness[3][36..69]));
let (from_0_funding_key_0, from_0_funding_key_1) = (PublicKey::from_slice(&local_txn_0[0].input[0].witness.to_vec()[3][2..35]), PublicKey::from_slice(&local_txn_0[0].input[0].witness.to_vec()[3][36..69]));
let (from_1_funding_key_0, from_1_funding_key_1) = (PublicKey::from_slice(&local_txn_1[0].input[0].witness.to_vec()[3][2..35]), PublicKey::from_slice(&local_txn_1[0].input[0].witness.to_vec()[3][36..69]));
if from_0_funding_key_0 == from_1_funding_key_0
|| from_0_funding_key_0 == from_1_funding_key_1
|| from_0_funding_key_1 == from_1_funding_key_0
@ -7615,7 +7615,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() {
assert_eq!(node_txn[0].output.len(), 1);
check_spends!(node_txn[0], revoked_txn[0]);
let fee_1 = penalty_sum - node_txn[0].output[0].value;
feerate_1 = fee_1 * 1000 / node_txn[0].get_weight() as u64;
feerate_1 = fee_1 * 1000 / node_txn[0].weight() as u64;
penalty_1 = node_txn[0].txid();
node_txn.clear();
};
@ -7635,7 +7635,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() {
// Verify new bumped tx is different from last claiming transaction, we don't want spurrious rebroadcast
assert_ne!(penalty_2, penalty_1);
let fee_2 = penalty_sum - node_txn[0].output[0].value;
feerate_2 = fee_2 * 1000 / node_txn[0].get_weight() as u64;
feerate_2 = fee_2 * 1000 / node_txn[0].weight() as u64;
// Verify 25% bump heuristic
assert!(feerate_2 * 100 >= feerate_1 * 125);
node_txn.clear();
@ -7658,7 +7658,7 @@ fn test_bump_penalty_txn_on_revoked_commitment() {
// Verify new bumped tx is different from last claiming transaction, we don't want spurrious rebroadcast
assert_ne!(penalty_3, penalty_2);
let fee_3 = penalty_sum - node_txn[0].output[0].value;
feerate_3 = fee_3 * 1000 / node_txn[0].get_weight() as u64;
feerate_3 = fee_3 * 1000 / node_txn[0].weight() as u64;
// Verify 25% bump heuristic
assert!(feerate_3 * 100 >= feerate_2 * 125);
node_txn.clear();
@ -7777,7 +7777,7 @@ fn test_bump_penalty_txn_on_revoked_htlcs() {
first = node_txn[4].txid();
// Store both feerates for later comparison
let fee_1 = revoked_htlc_txn[0].output[0].value + revoked_htlc_txn[2].output[0].value - node_txn[4].output[0].value;
feerate_1 = fee_1 * 1000 / node_txn[4].get_weight() as u64;
feerate_1 = fee_1 * 1000 / node_txn[4].weight() as u64;
penalty_txn = vec![node_txn[2].clone()];
node_txn.clear();
}
@ -7817,7 +7817,7 @@ fn test_bump_penalty_txn_on_revoked_htlcs() {
// Verify bumped tx is different and 25% bump heuristic
assert_ne!(first, node_txn[0].txid());
let fee_2 = revoked_htlc_txn[0].output[0].value + revoked_htlc_txn[2].output[0].value - node_txn[0].output[0].value;
let feerate_2 = fee_2 * 1000 / node_txn[0].get_weight() as u64;
let feerate_2 = fee_2 * 1000 / node_txn[0].weight() as u64;
assert!(feerate_2 * 100 > feerate_1 * 125);
let txn = vec![node_txn[0].clone()];
node_txn.clear();
@ -7901,12 +7901,12 @@ fn test_bump_penalty_txn_on_remote_commitment() {
timeout = node_txn[6].txid();
let index = node_txn[6].input[0].previous_output.vout;
let fee = remote_txn[0].output[index as usize].value - node_txn[6].output[0].value;
feerate_timeout = fee * 1000 / node_txn[6].get_weight() as u64;
feerate_timeout = fee * 1000 / node_txn[6].weight() as u64;
preimage = node_txn[0].txid();
let index = node_txn[0].input[0].previous_output.vout;
let fee = remote_txn[0].output[index as usize].value - node_txn[0].output[0].value;
feerate_preimage = fee * 1000 / node_txn[0].get_weight() as u64;
feerate_preimage = fee * 1000 / node_txn[0].weight() as u64;
node_txn.clear();
};
@ -7925,13 +7925,13 @@ fn test_bump_penalty_txn_on_remote_commitment() {
let index = preimage_bump.input[0].previous_output.vout;
let fee = remote_txn[0].output[index as usize].value - preimage_bump.output[0].value;
let new_feerate = fee * 1000 / preimage_bump.get_weight() as u64;
let new_feerate = fee * 1000 / preimage_bump.weight() as u64;
assert!(new_feerate * 100 > feerate_timeout * 125);
assert_ne!(timeout, preimage_bump.txid());
let index = node_txn[0].input[0].previous_output.vout;
let fee = remote_txn[0].output[index as usize].value - node_txn[0].output[0].value;
let new_feerate = fee * 1000 / node_txn[0].get_weight() as u64;
let new_feerate = fee * 1000 / node_txn[0].weight() as u64;
assert!(new_feerate * 100 > feerate_preimage * 125);
assert_ne!(preimage, node_txn[0].txid());

18
lightning/src/ln/msgs.rs
View file

@ -24,8 +24,8 @@
//! raw socket events into your non-internet-facing system and then send routing events back to
//! track the network on the less-secure system.
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::Signature;
use bitcoin::secp256k1::PublicKey;
use bitcoin::secp256k1::ecdsa::Signature;
use bitcoin::secp256k1;
use bitcoin::blockdata::script::Script;
use bitcoin::hash_types::{Txid, BlockHash};
@ -1835,7 +1835,7 @@ mod tests {
use bitcoin::blockdata::opcodes;
use bitcoin::hash_types::{Txid, BlockHash};
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::{Secp256k1, Message};
use io::Cursor;
@ -1892,7 +1892,7 @@ mod tests {
($privkey: expr, $ctx: expr, $string: expr) => {
{
let sighash = Message::from_slice(&$string.into_bytes()[..]).unwrap();
$ctx.sign(&sighash, &$privkey)
$ctx.sign_ecdsa(&sighash, &$privkey)
}
}
}
@ -2155,7 +2155,7 @@ mod tests {
htlc_basepoint: pubkey_5,
first_per_commitment_point: pubkey_6,
channel_flags: if random_bit { 1 << 5 } else { 0 },
shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent },
shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent },
channel_type: if incl_chan_type { Some(ChannelTypeFeatures::empty()) } else { None },
};
let encoded_value = open_channel.encode();
@ -2211,7 +2211,7 @@ mod tests {
delayed_payment_basepoint: pubkey_4,
htlc_basepoint: pubkey_5,
first_per_commitment_point: pubkey_6,
shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent },
shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent },
channel_type: None,
};
let encoded_value = accept_channel.encode();
@ -2279,9 +2279,9 @@ mod tests {
let shutdown = msgs::Shutdown {
channel_id: [2; 32],
scriptpubkey:
if script_type == 1 { Address::p2pkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).script_pubkey() }
else if script_type == 2 { Address::p2sh(&script, Network::Testnet).script_pubkey() }
else if script_type == 3 { Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, key: pubkey_1}, Network::Testnet).unwrap().script_pubkey() }
if script_type == 1 { Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey() }
else if script_type == 2 { Address::p2sh(&script, Network::Testnet).unwrap().script_pubkey() }
else if script_type == 3 { Address::p2wpkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).unwrap().script_pubkey() }
else { Address::p2wsh(&script, Network::Testnet).script_pubkey() },
};
let encoded_value = shutdown.encode();

24
lightning/src/ln/onion_route_tests.rs
View file

@ -33,7 +33,7 @@ use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{PublicKey, SecretKey};
use bitcoin::secp256k1::{PublicKey, SecretKey};
use io;
use prelude::*;
@ -214,7 +214,7 @@ fn run_onion_failure_test_with_fail_intercept<F1,F2,F3>(_name: &str, test_case:
impl msgs::ChannelUpdate {
fn dummy(short_channel_id: u64) -> msgs::ChannelUpdate {
use bitcoin::secp256k1::ffi::Signature as FFISignature;
use bitcoin::secp256k1::Signature;
use bitcoin::secp256k1::ecdsa::Signature;
msgs::ChannelUpdate {
signature: Signature::from(unsafe { FFISignature::new() }),
contents: msgs::UnsignedChannelUpdate {
@ -371,7 +371,7 @@ fn test_onion_failure() {
// and tamper returning error message
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], NODE|2, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), NODE|2, &[0;0]);
}, ||{}, true, Some(NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: false}), Some(route.paths[0][0].short_channel_id));
// final node failure
@ -379,7 +379,7 @@ fn test_onion_failure() {
// and tamper returning error message
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], NODE|2, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), NODE|2, &[0;0]);
}, ||{
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, true, Some(NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: false}), Some(route.paths[0][1].short_channel_id));
@ -391,14 +391,14 @@ fn test_onion_failure() {
}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|2, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|NODE|2, &[0;0]);
}, ||{}, true, Some(PERM|NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: true}), Some(route.paths[0][0].short_channel_id));
// final node failure
run_onion_failure_test_with_fail_intercept("permanent_node_failure", 200, &nodes, &route, &payment_hash, &payment_secret, |_msg| {}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|2, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), PERM|NODE|2, &[0;0]);
}, ||{
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, false, Some(PERM|NODE|2), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: true}), Some(route.paths[0][1].short_channel_id));
@ -410,7 +410,7 @@ fn test_onion_failure() {
}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|3, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|NODE|3, &[0;0]);
}, ||{
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, true, Some(PERM|NODE|3), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][0].pubkey, is_permanent: true}), Some(route.paths[0][0].short_channel_id));
@ -419,7 +419,7 @@ fn test_onion_failure() {
run_onion_failure_test_with_fail_intercept("required_node_feature_missing", 200, &nodes, &route, &payment_hash, &payment_secret, |_msg| {}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|3, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), PERM|NODE|3, &[0;0]);
}, ||{
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, false, Some(PERM|NODE|3), Some(NetworkUpdate::NodeFailure{node_id: route.paths[0][1].pubkey, is_permanent: true}), Some(route.paths[0][1].short_channel_id));
@ -443,7 +443,7 @@ fn test_onion_failure() {
}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], UPDATE|7, &ChannelUpdate::dummy(short_channel_id).encode_with_len()[..]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), UPDATE|7, &ChannelUpdate::dummy(short_channel_id).encode_with_len()[..]);
}, ||{}, true, Some(UPDATE|7), Some(NetworkUpdate::ChannelUpdateMessage{msg: ChannelUpdate::dummy(short_channel_id)}), Some(short_channel_id));
let short_channel_id = channels[1].0.contents.short_channel_id;
@ -452,7 +452,7 @@ fn test_onion_failure() {
}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|8, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|8, &[0;0]);
// short_channel_id from the processing node
}, ||{}, true, Some(PERM|8), Some(NetworkUpdate::ChannelClosed{short_channel_id, is_permanent: true}), Some(short_channel_id));
@ -462,7 +462,7 @@ fn test_onion_failure() {
}, |msg| {
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|9, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[0].shared_secret.as_ref(), PERM|9, &[0;0]);
// short_channel_id from the processing node
}, ||{}, true, Some(PERM|9), Some(NetworkUpdate::ChannelClosed{short_channel_id, is_permanent: true}), Some(short_channel_id));
@ -571,7 +571,7 @@ fn test_onion_failure() {
// Tamper returning error message
let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], 23, &[0;0]);
msg.reason = onion_utils::build_first_hop_failure_packet(onion_keys[1].shared_secret.as_ref(), 23, &[0;0]);
}, ||{
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, true, Some(23), None, None);

42
lightning/src/ln/onion_utils.rs
View file

@ -22,7 +22,7 @@ use bitcoin::hashes::cmp::fixed_time_eq;
use bitcoin::hashes::hmac::{Hmac, HmacEngine};
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{SecretKey,PublicKey};
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::ecdh::SharedSecret;
use bitcoin::secp256k1;
@ -47,12 +47,12 @@ pub(super) fn gen_rho_mu_from_shared_secret(shared_secret: &[u8]) -> ([u8; 32],
assert_eq!(shared_secret.len(), 32);
({
let mut hmac = HmacEngine::<Sha256>::new(&[0x72, 0x68, 0x6f]); // rho
hmac.input(&shared_secret[..]);
hmac.input(&shared_secret);
Hmac::from_engine(hmac).into_inner()
},
{
let mut hmac = HmacEngine::<Sha256>::new(&[0x6d, 0x75]); // mu
hmac.input(&shared_secret[..]);
hmac.input(&shared_secret);
Hmac::from_engine(hmac).into_inner()
})
}
@ -61,7 +61,7 @@ pub(super) fn gen_rho_mu_from_shared_secret(shared_secret: &[u8]) -> ([u8; 32],
pub(super) fn gen_um_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] {
assert_eq!(shared_secret.len(), 32);
let mut hmac = HmacEngine::<Sha256>::new(&[0x75, 0x6d]); // um
hmac.input(&shared_secret[..]);
hmac.input(&shared_secret);
Hmac::from_engine(hmac).into_inner()
}
@ -69,7 +69,7 @@ pub(super) fn gen_um_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] {
pub(super) fn gen_ammag_from_shared_secret(shared_secret: &[u8]) -> [u8; 32] {
assert_eq!(shared_secret.len(), 32);
let mut hmac = HmacEngine::<Sha256>::new(&[0x61, 0x6d, 0x6d, 0x61, 0x67]); // ammag
hmac.input(&shared_secret[..]);
hmac.input(&shared_secret);
Hmac::from_engine(hmac).into_inner()
}
@ -84,7 +84,7 @@ pub(super) fn construct_onion_keys_callback<T: secp256k1::Signing, FType: FnMut(
let mut sha = Sha256::engine();
sha.input(&blinded_pub.serialize()[..]);
sha.input(&shared_secret[..]);
sha.input(shared_secret.as_ref());
let blinding_factor = Sha256::from_engine(sha).into_inner();
let ephemeral_pubkey = blinded_pub;
@ -103,7 +103,7 @@ pub(super) fn construct_onion_keys<T: secp256k1::Signing>(secp_ctx: &Secp256k1<T
let mut res = Vec::with_capacity(path.len());
construct_onion_keys_callback(secp_ctx, path, session_priv, |shared_secret, _blinding_factor, ephemeral_pubkey, _, _| {
let (rho, mu) = gen_rho_mu_from_shared_secret(&shared_secret[..]);
let (rho, mu) = gen_rho_mu_from_shared_secret(shared_secret.as_ref());
res.push(OnionKeys {
#[cfg(test)]
@ -347,7 +347,7 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(secp_ctx: &
let amt_to_forward = htlc_msat - route_hop.fee_msat;
htlc_msat = amt_to_forward;
let ammag = gen_ammag_from_shared_secret(&shared_secret[..]);
let ammag = gen_ammag_from_shared_secret(shared_secret.as_ref());
let mut decryption_tmp = Vec::with_capacity(packet_decrypted.len());
decryption_tmp.resize(packet_decrypted.len(), 0);
@ -361,7 +361,7 @@ pub(super) fn process_onion_failure<T: secp256k1::Signing, L: Deref>(secp_ctx: &
let failing_route_hop = if is_from_final_node { route_hop } else { &path[route_hop_idx + 1] };
if let Ok(err_packet) = msgs::DecodedOnionErrorPacket::read(&mut Cursor::new(&packet_decrypted)) {
let um = gen_um_from_shared_secret(&shared_secret[..]);
let um = gen_um_from_shared_secret(shared_secret.as_ref());
let mut hmac = HmacEngine::<Sha256>::new(&um);
hmac.input(&err_packet.encode()[32..]);
@ -627,7 +627,7 @@ mod tests {
use hex;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use super::OnionKeys;
@ -678,31 +678,31 @@ mod tests {
// Legacy packet creation test vectors from BOLT 4
let onion_keys = build_test_onion_keys();
assert_eq!(onion_keys[0].shared_secret[..], hex::decode("53eb63ea8a3fec3b3cd433b85cd62a4b145e1dda09391b348c4e1cd36a03ea66").unwrap()[..]);
assert_eq!(onion_keys[0].shared_secret.secret_bytes(), hex::decode("53eb63ea8a3fec3b3cd433b85cd62a4b145e1dda09391b348c4e1cd36a03ea66").unwrap()[..]);
assert_eq!(onion_keys[0].blinding_factor[..], hex::decode("2ec2e5da605776054187180343287683aa6a51b4b1c04d6dd49c45d8cffb3c36").unwrap()[..]);
assert_eq!(onion_keys[0].ephemeral_pubkey.serialize()[..], hex::decode("02eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619").unwrap()[..]);
assert_eq!(onion_keys[0].rho, hex::decode("ce496ec94def95aadd4bec15cdb41a740c9f2b62347c4917325fcc6fb0453986").unwrap()[..]);
assert_eq!(onion_keys[0].mu, hex::decode("b57061dc6d0a2b9f261ac410c8b26d64ac5506cbba30267a649c28c179400eba").unwrap()[..]);
assert_eq!(onion_keys[1].shared_secret[..], hex::decode("a6519e98832a0b179f62123b3567c106db99ee37bef036e783263602f3488fae").unwrap()[..]);
assert_eq!(onion_keys[1].shared_secret.secret_bytes(), hex::decode("a6519e98832a0b179f62123b3567c106db99ee37bef036e783263602f3488fae").unwrap()[..]);
assert_eq!(onion_keys[1].blinding_factor[..], hex::decode("bf66c28bc22e598cfd574a1931a2bafbca09163df2261e6d0056b2610dab938f").unwrap()[..]);
assert_eq!(onion_keys[1].ephemeral_pubkey.serialize()[..], hex::decode("028f9438bfbf7feac2e108d677e3a82da596be706cc1cf342b75c7b7e22bf4e6e2").unwrap()[..]);
assert_eq!(onion_keys[1].rho, hex::decode("450ffcabc6449094918ebe13d4f03e433d20a3d28a768203337bc40b6e4b2c59").unwrap()[..]);
assert_eq!(onion_keys[1].mu, hex::decode("05ed2b4a3fb023c2ff5dd6ed4b9b6ea7383f5cfe9d59c11d121ec2c81ca2eea9").unwrap()[..]);
assert_eq!(onion_keys[2].shared_secret[..], hex::decode("3a6b412548762f0dbccce5c7ae7bb8147d1caf9b5471c34120b30bc9c04891cc").unwrap()[..]);
assert_eq!(onion_keys[2].shared_secret.secret_bytes(), hex::decode("3a6b412548762f0dbccce5c7ae7bb8147d1caf9b5471c34120b30bc9c04891cc").unwrap()[..]);
assert_eq!(onion_keys[2].blinding_factor[..], hex::decode("a1f2dadd184eb1627049673f18c6325814384facdee5bfd935d9cb031a1698a5").unwrap()[..]);
assert_eq!(onion_keys[2].ephemeral_pubkey.serialize()[..], hex::decode("03bfd8225241ea71cd0843db7709f4c222f62ff2d4516fd38b39914ab6b83e0da0").unwrap()[..]);
assert_eq!(onion_keys[2].rho, hex::decode("11bf5c4f960239cb37833936aa3d02cea82c0f39fd35f566109c41f9eac8deea").unwrap()[..]);
assert_eq!(onion_keys[2].mu, hex::decode("caafe2820fa00eb2eeb78695ae452eba38f5a53ed6d53518c5c6edf76f3f5b78").unwrap()[..]);
assert_eq!(onion_keys[3].shared_secret[..], hex::decode("21e13c2d7cfe7e18836df50872466117a295783ab8aab0e7ecc8c725503ad02d").unwrap()[..]);
assert_eq!(onion_keys[3].shared_secret.secret_bytes(), hex::decode("21e13c2d7cfe7e18836df50872466117a295783ab8aab0e7ecc8c725503ad02d").unwrap()[..]);
assert_eq!(onion_keys[3].blinding_factor[..], hex::decode("7cfe0b699f35525029ae0fa437c69d0f20f7ed4e3916133f9cacbb13c82ff262").unwrap()[..]);
assert_eq!(onion_keys[3].ephemeral_pubkey.serialize()[..], hex::decode("031dde6926381289671300239ea8e57ffaf9bebd05b9a5b95beaf07af05cd43595").unwrap()[..]);
assert_eq!(onion_keys[3].rho, hex::decode("cbe784ab745c13ff5cffc2fbe3e84424aa0fd669b8ead4ee562901a4a4e89e9e").unwrap()[..]);
assert_eq!(onion_keys[3].mu, hex::decode("5052aa1b3d9f0655a0932e50d42f0c9ba0705142c25d225515c45f47c0036ee9").unwrap()[..]);
assert_eq!(onion_keys[4].shared_secret[..], hex::decode("b5756b9b542727dbafc6765a49488b023a725d631af688fc031217e90770c328").unwrap()[..]);
assert_eq!(onion_keys[4].shared_secret.secret_bytes(), hex::decode("b5756b9b542727dbafc6765a49488b023a725d631af688fc031217e90770c328").unwrap()[..]);
assert_eq!(onion_keys[4].blinding_factor[..], hex::decode("c96e00dddaf57e7edcd4fb5954be5b65b09f17cb6d20651b4e90315be5779205").unwrap()[..]);
assert_eq!(onion_keys[4].ephemeral_pubkey.serialize()[..], hex::decode("03a214ebd875aab6ddfd77f22c5e7311d7f77f17a169e599f157bbcdae8bf071f4").unwrap()[..]);
assert_eq!(onion_keys[4].rho, hex::decode("034e18b8cc718e8af6339106e706c52d8df89e2b1f7e9142d996acf88df8799b").unwrap()[..]);
@ -758,22 +758,22 @@ mod tests {
// Returning Errors test vectors from BOLT 4
let onion_keys = build_test_onion_keys();
let onion_error = super::build_failure_packet(&onion_keys[4].shared_secret[..], 0x2002, &[0; 0]);
let onion_error = super::build_failure_packet(onion_keys[4].shared_secret.as_ref(), 0x2002, &[0; 0]);
assert_eq!(onion_error.encode(), hex::decode("4c2fc8bc08510334b6833ad9c3e79cd1b52ae59dfe5c2a4b23ead50f09f7ee0b0002200200fe0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000").unwrap());
let onion_packet_1 = super::encrypt_failure_packet(&onion_keys[4].shared_secret[..], &onion_error.encode()[..]);
let onion_packet_1 = super::encrypt_failure_packet(onion_keys[4].shared_secret.as_ref(), &onion_error.encode()[..]);
assert_eq!(onion_packet_1.data, hex::decode("a5e6bd0c74cb347f10cce367f949098f2457d14c046fd8a22cb96efb30b0fdcda8cb9168b50f2fd45edd73c1b0c8b33002df376801ff58aaa94000bf8a86f92620f343baef38a580102395ae3abf9128d1047a0736ff9b83d456740ebbb4aeb3aa9737f18fb4afb4aa074fb26c4d702f42968888550a3bded8c05247e045b866baef0499f079fdaeef6538f31d44deafffdfd3afa2fb4ca9082b8f1c465371a9894dd8c243fb4847e004f5256b3e90e2edde4c9fb3082ddfe4d1e734cacd96ef0706bf63c9984e22dc98851bcccd1c3494351feb458c9c6af41c0044bea3c47552b1d992ae542b17a2d0bba1a096c78d169034ecb55b6e3a7263c26017f033031228833c1daefc0dedb8cf7c3e37c9c37ebfe42f3225c326e8bcfd338804c145b16e34e4").unwrap());
let onion_packet_2 = super::encrypt_failure_packet(&onion_keys[3].shared_secret[..], &onion_packet_1.data[..]);
let onion_packet_2 = super::encrypt_failure_packet(onion_keys[3].shared_secret.as_ref(), &onion_packet_1.data[..]);
assert_eq!(onion_packet_2.data, hex::decode("c49a1ce81680f78f5f2000cda36268de34a3f0a0662f55b4e837c83a8773c22aa081bab1616a0011585323930fa5b9fae0c85770a2279ff59ec427ad1bbff9001c0cd1497004bd2a0f68b50704cf6d6a4bf3c8b6a0833399a24b3456961ba00736785112594f65b6b2d44d9f5ea4e49b5e1ec2af978cbe31c67114440ac51a62081df0ed46d4a3df295da0b0fe25c0115019f03f15ec86fabb4c852f83449e812f141a9395b3f70b766ebbd4ec2fae2b6955bd8f32684c15abfe8fd3a6261e52650e8807a92158d9f1463261a925e4bfba44bd20b166d532f0017185c3a6ac7957adefe45559e3072c8dc35abeba835a8cb01a71a15c736911126f27d46a36168ca5ef7dccd4e2886212602b181463e0dd30185c96348f9743a02aca8ec27c0b90dca270").unwrap());
let onion_packet_3 = super::encrypt_failure_packet(&onion_keys[2].shared_secret[..], &onion_packet_2.data[..]);
let onion_packet_3 = super::encrypt_failure_packet(onion_keys[2].shared_secret.as_ref(), &onion_packet_2.data[..]);
assert_eq!(onion_packet_3.data, hex::decode("a5d3e8634cfe78b2307d87c6d90be6fe7855b4f2cc9b1dfb19e92e4b79103f61ff9ac25f412ddfb7466e74f81b3e545563cdd8f5524dae873de61d7bdfccd496af2584930d2b566b4f8d3881f8c043df92224f38cf094cfc09d92655989531524593ec6d6caec1863bdfaa79229b5020acc034cd6deeea1021c50586947b9b8e6faa83b81fbfa6133c0af5d6b07c017f7158fa94f0d206baf12dda6b68f785b773b360fd0497e16cc402d779c8d48d0fa6315536ef0660f3f4e1865f5b38ea49c7da4fd959de4e83ff3ab686f059a45c65ba2af4a6a79166aa0f496bf04d06987b6d2ea205bdb0d347718b9aeff5b61dfff344993a275b79717cd815b6ad4c0beb568c4ac9c36ff1c315ec1119a1993c4b61e6eaa0375e0aaf738ac691abd3263bf937e3").unwrap());
let onion_packet_4 = super::encrypt_failure_packet(&onion_keys[1].shared_secret[..], &onion_packet_3.data[..]);
let onion_packet_4 = super::encrypt_failure_packet(onion_keys[1].shared_secret.as_ref(), &onion_packet_3.data[..]);
assert_eq!(onion_packet_4.data, hex::decode("aac3200c4968f56b21f53e5e374e3a2383ad2b1b6501bbcc45abc31e59b26881b7dfadbb56ec8dae8857add94e6702fb4c3a4de22e2e669e1ed926b04447fc73034bb730f4932acd62727b75348a648a1128744657ca6a4e713b9b646c3ca66cac02cdab44dd3439890ef3aaf61708714f7375349b8da541b2548d452d84de7084bb95b3ac2345201d624d31f4d52078aa0fa05a88b4e20202bd2b86ac5b52919ea305a8949de95e935eed0319cf3cf19ebea61d76ba92532497fcdc9411d06bcd4275094d0a4a3c5d3a945e43305a5a9256e333e1f64dbca5fcd4e03a39b9012d197506e06f29339dfee3331995b21615337ae060233d39befea925cc262873e0530408e6990f1cbd233a150ef7b004ff6166c70c68d9f8c853c1abca640b8660db2921").unwrap());
let onion_packet_5 = super::encrypt_failure_packet(&onion_keys[0].shared_secret[..], &onion_packet_4.data[..]);
let onion_packet_5 = super::encrypt_failure_packet(onion_keys[0].shared_secret.as_ref(), &onion_packet_4.data[..]);
assert_eq!(onion_packet_5.data, hex::decode("9c5add3963fc7f6ed7f148623c84134b5647e1306419dbe2174e523fa9e2fbed3a06a19f899145610741c83ad40b7712aefaddec8c6baf7325d92ea4ca4d1df8bce517f7e54554608bf2bd8071a4f52a7a2f7ffbb1413edad81eeea5785aa9d990f2865dc23b4bc3c301a94eec4eabebca66be5cf638f693ec256aec514620cc28ee4a94bd9565bc4d4962b9d3641d4278fb319ed2b84de5b665f307a2db0f7fbb757366067d88c50f7e829138fde4f78d39b5b5802f1b92a8a820865af5cc79f9f30bc3f461c66af95d13e5e1f0381c184572a91dee1c849048a647a1158cf884064deddbf1b0b88dfe2f791428d0ba0f6fb2f04e14081f69165ae66d9297c118f0907705c9c4954a199bae0bb96fad763d690e7daa6cfda59ba7f2c8d11448b604d12d").unwrap());
}

6
lightning/src/ln/peer_channel_encryptor.rs
View file

@ -16,7 +16,7 @@ use bitcoin::hashes::{Hash, HashEngine};
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::ecdh::SharedSecret;
use bitcoin::secp256k1;
@ -163,7 +163,7 @@ impl PeerChannelEncryptor {
#[inline]
fn hkdf(state: &mut BidirectionalNoiseState, ss: SharedSecret) -> [u8; 32] {
let (t1, t2) = hkdf_extract_expand_twice(&state.ck, &ss[..]);
let (t1, t2) = hkdf_extract_expand_twice(&state.ck, ss.as_ref());
state.ck = t1;
t2
}
@ -473,7 +473,7 @@ impl PeerChannelEncryptor {
mod tests {
use super::LN_MAX_MSG_LEN;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use hex;

4
lightning/src/ln/peer_handler.rs
View file

@ -15,7 +15,7 @@
//! call into the provided message handlers (probably a ChannelManager and NetGraphmsgHandler) with messages
//! they should handle, and encoding/sending response messages.
use bitcoin::secp256k1::key::{SecretKey,PublicKey};
use bitcoin::secp256k1::{SecretKey,PublicKey};
use ln::features::InitFeatures;
use ln::msgs;
@ -1725,7 +1725,7 @@ mod tests {
use util::test_utils;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{SecretKey, PublicKey};
use bitcoin::secp256k1::{SecretKey, PublicKey};
use prelude::*;
use sync::{Arc, Mutex};

2
lightning/src/ln/priv_short_conf_tests.rs
View file

@ -528,7 +528,7 @@ fn test_scid_alias_returned() {
excess_data: Vec::new(),
};
let msg_hash = Sha256dHash::hash(&contents.encode()[..]);
let signature = Secp256k1::new().sign(&hash_to_message!(&msg_hash[..]), &nodes[1].keys_manager.get_node_secret(Recipient::Node).unwrap());
let signature = Secp256k1::new().sign_ecdsa(&hash_to_message!(&msg_hash[..]), &nodes[1].keys_manager.get_node_secret(Recipient::Node).unwrap());
let msg = msgs::ChannelUpdate { signature, contents };
expect_payment_failed_conditions!(nodes[0], payment_hash, false,

36
lightning/src/ln/script.rs
View file

@ -4,7 +4,7 @@ use bitcoin::blockdata::opcodes::all::OP_PUSHBYTES_0 as SEGWIT_V0;
use bitcoin::blockdata::script::{Builder, Script};
use bitcoin::hashes::Hash;
use bitcoin::hash_types::{WPubkeyHash, WScriptHash};
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use ln::features::InitFeatures;
use ln::msgs::DecodeError;
@ -68,12 +68,12 @@ impl ShutdownScript {
/// Generates a P2WPKH script pubkey from the given [`WPubkeyHash`].
pub fn new_p2wpkh(pubkey_hash: &WPubkeyHash) -> Self {
Self(ShutdownScriptImpl::Bolt2(Script::new_v0_wpkh(pubkey_hash)))
Self(ShutdownScriptImpl::Bolt2(Script::new_v0_p2wpkh(pubkey_hash)))
}
/// Generates a P2WSH script pubkey from the given [`WScriptHash`].
pub fn new_p2wsh(script_hash: &WScriptHash) -> Self {
Self(ShutdownScriptImpl::Bolt2(Script::new_v0_wsh(script_hash)))
Self(ShutdownScriptImpl::Bolt2(Script::new_v0_p2wsh(script_hash)))
}
/// Generates a witness script pubkey from the given segwit version and program.
@ -156,7 +156,7 @@ impl Into<Script> for ShutdownScript {
fn into(self) -> Script {
match self.0 {
ShutdownScriptImpl::Legacy(pubkey) =>
Script::new_v0_wpkh(&WPubkeyHash::hash(&pubkey.serialize())),
Script::new_v0_p2wpkh(&WPubkeyHash::hash(&pubkey.serialize())),
ShutdownScriptImpl::Bolt2(script_pubkey) => script_pubkey,
}
}
@ -174,19 +174,19 @@ impl core::fmt::Display for ShutdownScript{
#[cfg(test)]
mod shutdown_script_tests {
use super::ShutdownScript;
use bitcoin::bech32::u5;
use bitcoin::blockdata::opcodes;
use bitcoin::blockdata::script::{Builder, Script};
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1::key::{PublicKey, SecretKey};
use bitcoin::secp256k1::{PublicKey, SecretKey};
use ln::features::InitFeatures;
use core::convert::TryFrom;
use core::num::NonZeroU8;
use bitcoin::util::address::WitnessVersion;
fn pubkey() -> bitcoin::util::ecdsa::PublicKey {
fn pubkey() -> bitcoin::util::key::PublicKey {
let secp_ctx = Secp256k1::signing_only();
let secret_key = SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1]).unwrap();
bitcoin::util::ecdsa::PublicKey::new(PublicKey::from_secret_key(&secp_ctx, &secret_key))
bitcoin::util::key::PublicKey::new(PublicKey::from_secret_key(&secp_ctx, &secret_key))
}
fn redeem_script() -> Script {
@ -204,9 +204,9 @@ mod shutdown_script_tests {
fn generates_p2wpkh_from_pubkey() {
let pubkey = pubkey();
let pubkey_hash = pubkey.wpubkey_hash().unwrap();
let p2wpkh_script = Script::new_v0_wpkh(&pubkey_hash);
let p2wpkh_script = Script::new_v0_p2wpkh(&pubkey_hash);
let shutdown_script = ShutdownScript::new_p2wpkh_from_pubkey(pubkey.key);
let shutdown_script = ShutdownScript::new_p2wpkh_from_pubkey(pubkey.inner);
assert!(shutdown_script.is_compatible(&InitFeatures::known()));
assert!(shutdown_script.is_compatible(&InitFeatures::known().clear_shutdown_anysegwit()));
assert_eq!(shutdown_script.into_inner(), p2wpkh_script);
@ -215,7 +215,7 @@ mod shutdown_script_tests {
#[test]
fn generates_p2wpkh_from_pubkey_hash() {
let pubkey_hash = pubkey().wpubkey_hash().unwrap();
let p2wpkh_script = Script::new_v0_wpkh(&pubkey_hash);
let p2wpkh_script = Script::new_v0_p2wpkh(&pubkey_hash);
let shutdown_script = ShutdownScript::new_p2wpkh(&pubkey_hash);
assert!(shutdown_script.is_compatible(&InitFeatures::known()));
@ -227,7 +227,7 @@ mod shutdown_script_tests {
#[test]
fn generates_p2wsh_from_script_hash() {
let script_hash = redeem_script().wscript_hash();
let p2wsh_script = Script::new_v0_wsh(&script_hash);
let p2wsh_script = Script::new_v0_p2wsh(&script_hash);
let shutdown_script = ShutdownScript::new_p2wsh(&script_hash);
assert!(shutdown_script.is_compatible(&InitFeatures::known()));
@ -238,10 +238,9 @@ mod shutdown_script_tests {
#[test]
fn generates_segwit_from_non_v0_witness_program() {
let version = u5::try_from_u8(16).unwrap();
let witness_program = Script::new_witness_program(version, &[0; 40]);
let witness_program = Script::new_witness_program(WitnessVersion::V16, &[0; 40]);
let version = NonZeroU8::new(version.to_u8()).unwrap();
let version = NonZeroU8::new(WitnessVersion::V16 as u8).unwrap();
let shutdown_script = ShutdownScript::new_witness_program(version, &[0; 40]).unwrap();
assert!(shutdown_script.is_compatible(&InitFeatures::known()));
assert!(!shutdown_script.is_compatible(&InitFeatures::known().clear_shutdown_anysegwit()));
@ -262,17 +261,16 @@ mod shutdown_script_tests {
#[test]
fn fails_from_invalid_segwit_v0_witness_program() {
let witness_program = Script::new_witness_program(u5::try_from_u8(0).unwrap(), &[0; 2]);
let witness_program = Script::new_witness_program(WitnessVersion::V0, &[0; 2]);
assert!(ShutdownScript::try_from(witness_program).is_err());
}
#[test]
fn fails_from_invalid_segwit_non_v0_witness_program() {
let version = u5::try_from_u8(16).unwrap();
let witness_program = Script::new_witness_program(version, &[0; 42]);
let witness_program = Script::new_witness_program(WitnessVersion::V16, &[0; 42]);
assert!(ShutdownScript::try_from(witness_program).is_err());
let version = NonZeroU8::new(version.to_u8()).unwrap();
let version = NonZeroU8::new(WitnessVersion::V16 as u8).unwrap();
assert!(ShutdownScript::new_witness_program(version, &[0; 42]).is_err());
}
}

27
lightning/src/routing/network_graph.rs
View file

@ -10,7 +10,7 @@
//! The top-level network map tracking logic lives here.
use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE;
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use bitcoin::secp256k1::Secp256k1;
use bitcoin::secp256k1;
@ -295,7 +295,7 @@ where C::Target: chain::Access, L::Target: Logger
macro_rules! secp_verify_sig {
( $secp_ctx: expr, $msg: expr, $sig: expr, $pubkey: expr, $msg_type: expr ) => {
match $secp_ctx.verify($msg, $sig, $pubkey) {
match $secp_ctx.verify_ecdsa($msg, $sig, $pubkey) {
Ok(_) => {},
Err(_) => {
return Err(LightningError {
@ -1356,10 +1356,10 @@ impl NetworkGraph {
/// If built with `no-std`, any updates with a timestamp more than two weeks in the past or
/// materially in the future will be rejected.
pub fn update_channel_unsigned(&self, msg: &msgs::UnsignedChannelUpdate) -> Result<(), LightningError> {
self.update_channel_intern(msg, None, None::<(&secp256k1::Signature, &Secp256k1<secp256k1::VerifyOnly>)>)
self.update_channel_intern(msg, None, None::<(&secp256k1::ecdsa::Signature, &Secp256k1<secp256k1::VerifyOnly>)>)
}
fn update_channel_intern<T: secp256k1::Verification>(&self, msg: &msgs::UnsignedChannelUpdate, full_msg: Option<&msgs::ChannelUpdate>, sig_info: Option<(&secp256k1::Signature, &Secp256k1<T>)>) -> Result<(), LightningError> {
fn update_channel_intern<T: secp256k1::Verification>(&self, msg: &msgs::UnsignedChannelUpdate, full_msg: Option<&msgs::ChannelUpdate>, sig_info: Option<(&secp256k1::ecdsa::Signature, &Secp256k1<T>)>) -> Result<(), LightningError> {
let dest_node_id;
let chan_enabled = msg.flags & (1 << 1) != (1 << 1);
let chan_was_enabled;
@ -1578,10 +1578,11 @@ mod tests {
use hex;
use bitcoin::secp256k1::key::{PublicKey, SecretKey};
use bitcoin::secp256k1::{PublicKey, SecretKey};
use bitcoin::secp256k1::{All, Secp256k1};
use io;
use bitcoin::secp256k1;
use prelude::*;
use sync::Arc;
@ -1628,7 +1629,7 @@ mod tests {
f(&mut unsigned_announcement);
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_announcement.encode()[..])[..]);
NodeAnnouncement {
signature: secp_ctx.sign(&msghash, node_key),
signature: secp_ctx.sign_ecdsa(&msghash, node_key),
contents: unsigned_announcement
}
}
@ -1652,10 +1653,10 @@ mod tests {
f(&mut unsigned_announcement);
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_announcement.encode()[..])[..]);
ChannelAnnouncement {
node_signature_1: secp_ctx.sign(&msghash, node_1_key),
node_signature_2: secp_ctx.sign(&msghash, node_2_key),
bitcoin_signature_1: secp_ctx.sign(&msghash, node_1_btckey),
bitcoin_signature_2: secp_ctx.sign(&msghash, node_2_btckey),
node_signature_1: secp_ctx.sign_ecdsa(&msghash, node_1_key),
node_signature_2: secp_ctx.sign_ecdsa(&msghash, node_2_key),
bitcoin_signature_1: secp_ctx.sign_ecdsa(&msghash, node_1_btckey),
bitcoin_signature_2: secp_ctx.sign_ecdsa(&msghash, node_2_btckey),
contents: unsigned_announcement,
}
}
@ -1687,7 +1688,7 @@ mod tests {
f(&mut unsigned_channel_update);
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_channel_update.encode()[..])[..]);
ChannelUpdate {
signature: secp_ctx.sign(&msghash, node_key),
signature: secp_ctx.sign_ecdsa(&msghash, node_key),
contents: unsigned_channel_update
}
}
@ -1724,7 +1725,7 @@ mod tests {
let fake_msghash = hash_to_message!(&zero_hash);
match net_graph_msg_handler.handle_node_announcement(
&NodeAnnouncement {
signature: secp_ctx.sign(&fake_msghash, node_1_privkey),
signature: secp_ctx.sign_ecdsa(&fake_msghash, node_1_privkey),
contents: valid_announcement.contents.clone()
}) {
Ok(_) => panic!(),
@ -1963,7 +1964,7 @@ mod tests {
}, node_1_privkey, &secp_ctx);
let zero_hash = Sha256dHash::hash(&[0; 32]);
let fake_msghash = hash_to_message!(&zero_hash);
invalid_sig_channel_update.signature = secp_ctx.sign(&fake_msghash, node_1_privkey);
invalid_sig_channel_update.signature = secp_ctx.sign_ecdsa(&fake_msghash, node_1_privkey);
match net_graph_msg_handler.handle_channel_update(&invalid_sig_channel_update) {
Ok(_) => panic!(),
Err(e) => assert_eq!(e.err, "Invalid signature on channel_update message")

16
lightning/src/routing/router.rs
View file

@ -12,7 +12,7 @@
//! You probably want to create a NetGraphMsgHandler and use that as your RoutingMessageHandler and then
//! interrogate it to get routes for your own payments.
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use ln::channelmanager::ChannelDetails;
use ln::features::{ChannelFeatures, InvoiceFeatures, NodeFeatures};
@ -1721,7 +1721,7 @@ mod tests {
use hex;
use bitcoin::secp256k1::key::{PublicKey,SecretKey};
use bitcoin::secp256k1::{PublicKey,SecretKey};
use bitcoin::secp256k1::{Secp256k1, All};
use prelude::*;
@ -1780,10 +1780,10 @@ mod tests {
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_announcement.encode()[..])[..]);
let valid_announcement = ChannelAnnouncement {
node_signature_1: secp_ctx.sign(&msghash, node_1_privkey),
node_signature_2: secp_ctx.sign(&msghash, node_2_privkey),
bitcoin_signature_1: secp_ctx.sign(&msghash, node_1_privkey),
bitcoin_signature_2: secp_ctx.sign(&msghash, node_2_privkey),
node_signature_1: secp_ctx.sign_ecdsa(&msghash, node_1_privkey),
node_signature_2: secp_ctx.sign_ecdsa(&msghash, node_2_privkey),
bitcoin_signature_1: secp_ctx.sign_ecdsa(&msghash, node_1_privkey),
bitcoin_signature_2: secp_ctx.sign_ecdsa(&msghash, node_2_privkey),
contents: unsigned_announcement.clone(),
};
match net_graph_msg_handler.handle_channel_announcement(&valid_announcement) {
@ -1798,7 +1798,7 @@ mod tests {
) {
let msghash = hash_to_message!(&Sha256dHash::hash(&update.encode()[..])[..]);
let valid_channel_update = ChannelUpdate {
signature: secp_ctx.sign(&msghash, node_privkey),
signature: secp_ctx.sign_ecdsa(&msghash, node_privkey),
contents: update.clone()
};
@ -1825,7 +1825,7 @@ mod tests {
};
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_announcement.encode()[..])[..]);
let valid_announcement = NodeAnnouncement {
signature: secp_ctx.sign(&msghash, node_privkey),
signature: secp_ctx.sign_ecdsa(&msghash, node_privkey),
contents: unsigned_announcement.clone()
};

14
lightning/src/routing/scoring.rs
View file

@ -15,14 +15,14 @@
//! # Example
//!
//! ```
//! # extern crate secp256k1;
//! # extern crate bitcoin;
//! #
//! # use lightning::routing::network_graph::NetworkGraph;
//! # use lightning::routing::router::{RouteParameters, find_route};
//! # use lightning::routing::scoring::{ProbabilisticScorer, ProbabilisticScoringParameters, Scorer, ScoringParameters};
//! # use lightning::chain::keysinterface::{KeysManager, KeysInterface};
//! # use lightning::util::logger::{Logger, Record};
//! # use secp256k1::key::PublicKey;
//! # use bitcoin::secp256k1::PublicKey;
//! #
//! # struct FakeLogger {};
//! # impl Logger for FakeLogger {
@ -1778,10 +1778,10 @@ mod tests {
};
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_announcement.encode()[..])[..]);
let signed_announcement = ChannelAnnouncement {
node_signature_1: secp_ctx.sign(&msghash, &node_1_key),
node_signature_2: secp_ctx.sign(&msghash, &node_2_key),
bitcoin_signature_1: secp_ctx.sign(&msghash, &node_1_secret),
bitcoin_signature_2: secp_ctx.sign(&msghash, &node_2_secret),
node_signature_1: secp_ctx.sign_ecdsa(&msghash, &node_1_key),
node_signature_2: secp_ctx.sign_ecdsa(&msghash, &node_2_key),
bitcoin_signature_1: secp_ctx.sign_ecdsa(&msghash, &node_1_secret),
bitcoin_signature_2: secp_ctx.sign_ecdsa(&msghash, &node_2_secret),
contents: unsigned_announcement,
};
let chain_source: Option<&::util::test_utils::TestChainSource> = None;
@ -1810,7 +1810,7 @@ mod tests {
};
let msghash = hash_to_message!(&Sha256dHash::hash(&unsigned_update.encode()[..])[..]);
let signed_update = ChannelUpdate {
signature: secp_ctx.sign(&msghash, &node_key),
signature: secp_ctx.sign_ecdsa(&msghash, &node_key),
contents: unsigned_update,
};
network_graph.update_channel(&signed_update, &secp_ctx).unwrap();

6
lightning/src/util/crypto.rs
View file

@ -1,7 +1,7 @@
use bitcoin::hashes::{Hash, HashEngine};
use bitcoin::hashes::hmac::{Hmac, HmacEngine};
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1::{Message, Secp256k1, SecretKey, Signature, Signing};
use bitcoin::secp256k1::{Message, Secp256k1, SecretKey, ecdsa::Signature, Signing};
macro_rules! hkdf_extract_expand {
($salt: expr, $ikm: expr) => {{
@ -41,8 +41,8 @@ pub fn hkdf_extract_expand_thrice(salt: &[u8], ikm: &[u8]) -> ([u8; 32], [u8; 32
#[inline]
pub fn sign<C: Signing>(ctx: &Secp256k1<C>, msg: &Message, sk: &SecretKey) -> Signature {
#[cfg(feature = "grind_signatures")]
let sig = ctx.sign_low_r(msg, sk);
let sig = ctx.sign_ecdsa_low_r(msg, sk);
#[cfg(not(feature = "grind_signatures"))]
let sig = ctx.sign(msg, sk);
let sig = ctx.sign_ecdsa(msg, sk);
sig
}

12
lightning/src/util/enforcing_trait_impls.rs
View file

@ -16,12 +16,12 @@ use core::cmp;
use sync::{Mutex, Arc};
#[cfg(test)] use sync::MutexGuard;
use bitcoin::blockdata::transaction::{Transaction, SigHashType};
use bitcoin::util::bip143;
use bitcoin::blockdata::transaction::{Transaction, EcdsaSighashType};
use bitcoin::util::sighash;
use bitcoin::secp256k1;
use bitcoin::secp256k1::key::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, Signature};
use bitcoin::secp256k1::{SecretKey, PublicKey};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
use util::ser::{Writeable, Writer};
use io::Error;
@ -160,8 +160,8 @@ impl BaseSign for EnforcingSigner {
let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&this_htlc, self.opt_anchors(), &keys);
let sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, SigHashType::All)[..]);
secp_ctx.verify(&sighash, sig, &keys.countersignatory_htlc_key).unwrap();
let sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, EcdsaSighashType::All).unwrap()[..]);
secp_ctx.verify_ecdsa(&sighash, sig, &keys.countersignatory_htlc_key).unwrap();
}
Ok(self.inner.sign_holder_commitment_and_htlcs(commitment_tx, secp_ctx).unwrap())

2
lightning/src/util/events.rs
View file

@ -29,7 +29,7 @@ use bitcoin::Transaction;
use bitcoin::blockdata::script::Script;
use bitcoin::hashes::Hash;
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use io;
use prelude::*;
use core::time::Duration;

2
lightning/src/util/macro_logger.rs
View file

@ -12,7 +12,7 @@ use chain::keysinterface::SpendableOutputDescriptor;
use bitcoin::hash_types::Txid;
use bitcoin::blockdata::transaction::Transaction;
use bitcoin::secp256k1::key::PublicKey;
use bitcoin::secp256k1::PublicKey;
use routing::router::Route;
use ln::chan_utils::HTLCType;

8
lightning/src/util/message_signing.rs
View file

@ -23,7 +23,7 @@
use prelude::*;
use crate::util::zbase32;
use bitcoin::hashes::{sha256d, Hash};
use bitcoin::secp256k1::recovery::{RecoverableSignature, RecoveryId};
use bitcoin::secp256k1::ecdsa::{RecoverableSignature, RecoveryId};
use bitcoin::secp256k1::{Error, Message, PublicKey, Secp256k1, SecretKey};
static LN_MESSAGE_PREFIX: &[u8] = b"Lightning Signed Message:";
@ -57,7 +57,7 @@ pub fn sign(msg: &[u8], sk: &SecretKey) -> Result<String, Error> {
let secp_ctx = Secp256k1::signing_only();
let msg_hash = sha256d::Hash::hash(&[LN_MESSAGE_PREFIX, msg].concat());
let sig = secp_ctx.sign_recoverable(&Message::from_slice(&msg_hash)?, sk);
let sig = secp_ctx.sign_ecdsa_recoverable(&Message::from_slice(&msg_hash)?, sk);
Ok(zbase32::encode(&sigrec_encode(sig)))
}
@ -69,7 +69,7 @@ pub fn recover_pk(msg: &[u8], sig: &str) -> Result<PublicKey, Error> {
match zbase32::decode(&sig) {
Ok(sig_rec) => {
match sigrec_decode(sig_rec) {
Ok(sig) => secp_ctx.recover(&Message::from_slice(&msg_hash)?, &sig),
Ok(sig) => secp_ctx.recover_ecdsa(&Message::from_slice(&msg_hash)?, &sig),
Err(e) => Err(e)
}
},
@ -90,7 +90,7 @@ pub fn verify(msg: &[u8], sig: &str, pk: &PublicKey) -> bool {
mod test {
use core::str::FromStr;
use util::message_signing::{sign, recover_pk, verify};
use bitcoin::secp256k1::key::ONE_KEY;
use bitcoin::secp256k1::ONE_KEY;
use bitcoin::secp256k1::{PublicKey, Secp256k1};
#[test]

4
lightning/src/util/ser.rs
View file

@ -17,9 +17,9 @@ use core::hash::Hash;
use sync::Mutex;
use core::cmp;
use bitcoin::secp256k1::Signature;
use bitcoin::secp256k1::key::{PublicKey, SecretKey};
use bitcoin::secp256k1::{PublicKey, SecretKey};
use bitcoin::secp256k1::constants::{PUBLIC_KEY_SIZE, SECRET_KEY_SIZE, COMPACT_SIGNATURE_SIZE};
use bitcoin::secp256k1::ecdsa::Signature;
use bitcoin::blockdata::script::Script;
use bitcoin::blockdata::transaction::{OutPoint, Transaction, TxOut};
use bitcoin::consensus;

4
lightning/src/util/test_utils.rs
View file

@ -35,8 +35,8 @@ use bitcoin::blockdata::block::BlockHeader;
use bitcoin::network::constants::Network;
use bitcoin::hash_types::{BlockHash, Txid};
use bitcoin::secp256k1::{SecretKey, PublicKey, Secp256k1, Signature};
use bitcoin::secp256k1::recovery::RecoverableSignature;
use bitcoin::secp256k1::{SecretKey, PublicKey, Secp256k1, ecdsa::Signature};
use bitcoin::secp256k1::ecdsa::RecoverableSignature;
use regex;

13
lightning/src/util/transaction_utils.rs
View file

@ -50,7 +50,7 @@ pub(crate) fn maybe_add_change_output(tx: &mut Transaction, input_value: u64, wi
value: 0,
};
let change_len = change_output.consensus_encode(&mut sink()).unwrap();
let starting_weight = tx.get_weight() + WITNESS_FLAG_BYTES as usize + witness_max_weight;
let starting_weight = tx.weight() + WITNESS_FLAG_BYTES as usize + witness_max_weight;
let mut weight_with_change: i64 = starting_weight as i64 + change_len as i64 * 4;
// Include any extra bytes required to push an extra output.
weight_with_change += (VarInt(tx.output.len() as u64 + 1).len() - VarInt(tx.output.len() as u64).len()) as i64 * 4;
@ -77,6 +77,7 @@ mod tests {
use bitcoin::hashes::sha256d::Hash as Sha256dHash;
use bitcoin::hashes::Hash;
use bitcoin::Witness;
use hex::decode;
@ -230,7 +231,7 @@ mod tests {
let output_spk = Script::new_p2pkh(&PubkeyHash::hash(&[0; 0]));
assert_eq!(output_spk.dust_value().as_sat(), 546);
// 9 sats isn't enough to pay fee on a dummy transaction...
assert_eq!(tx.get_weight() as u64, 40); // ie 10 vbytes
assert_eq!(tx.weight() as u64, 40); // ie 10 vbytes
assert!(maybe_add_change_output(&mut tx, 9, 0, 250, output_spk.clone()).is_err());
assert_eq!(tx.wtxid(), orig_wtxid); // Failure doesn't change the transaction
// but 10-564 is, just not enough to add a change output...
@ -250,7 +251,7 @@ mod tests {
assert_eq!(tx.output.len(), 1);
assert_eq!(tx.output[0].value, 546);
assert_eq!(tx.output[0].script_pubkey, output_spk);
assert_eq!(tx.get_weight() / 4, 590-546); // New weight is exactly the fee we wanted.
assert_eq!(tx.weight() / 4, 590-546); // New weight is exactly the fee we wanted.
tx.output.pop();
assert_eq!(tx.wtxid(), orig_wtxid); // The only change is the addition of one output.
@ -260,12 +261,12 @@ mod tests {
fn test_tx_extra_outputs() {
// Check that we correctly handle existing outputs
let mut tx = Transaction { version: 2, lock_time: 0, input: vec![TxIn {
previous_output: OutPoint::new(Txid::from_hash(Sha256dHash::default()), 0), script_sig: Script::new(), witness: Vec::new(), sequence: 0,
previous_output: OutPoint::new(Txid::from_hash(Sha256dHash::default()), 0), script_sig: Script::new(), witness: Witness::new(), sequence: 0,
}], output: vec![TxOut {
script_pubkey: Builder::new().push_int(1).into_script(), value: 1000
}] };
let orig_wtxid = tx.wtxid();
let orig_weight = tx.get_weight();
let orig_weight = tx.weight();
assert_eq!(orig_weight / 4, 61);
assert_eq!(Builder::new().push_int(2).into_script().dust_value().as_sat(), 474);
@ -284,7 +285,7 @@ mod tests {
assert_eq!(tx.output.len(), 2);
assert_eq!(tx.output[1].value, 474);
assert_eq!(tx.output[1].script_pubkey, Builder::new().push_int(2).into_script());
assert_eq!(tx.get_weight() - orig_weight, 40); // Weight difference matches what we had to add above
assert_eq!(tx.weight() - orig_weight, 40); // Weight difference matches what we had to add above
tx.output.pop();
assert_eq!(tx.wtxid(), orig_wtxid); // The only change is the addition of one output.
}