From: Matt Corallo Date: Sun, 24 Dec 2023 05:55:11 +0000 (+0000) Subject: Fix `REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH` for contest delays >0x7fff X-Git-Tag: v0.0.120~18^2~3 X-Git-Url: http://git.bitcoin.ninja/?a=commitdiff_plain;h=c946edb218761c8ae7456ca9d89776410801c83a;p=rust-lightning Fix `REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH` for contest delays >0x7fff When contest delays are >= 0x8000, script pushes require an extra byte to avoid being interpreted as a negative int. Thus, for channels with CSV delays longer than ~7.5 months we may generate transactions with slightly too little fee. This isn't really a huge deal, but we should prefer to be conservative here, and slightly too high fee in the general case is better than slightly too little fee in other cases. --- diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs index 3552748b3..672e3aa86 100644 --- a/lightning/src/ln/chan_utils.rs +++ b/lightning/src/ln/chan_utils.rs @@ -485,9 +485,11 @@ impl TxCreationKeys { } /// The maximum length of a script returned by get_revokeable_redeemscript. -// Calculated as 6 bytes of opcodes, 1 byte push plus 2 bytes for contest_delay, and two public -// keys of 33 bytes (+ 1 push). -pub const REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH: usize = 6 + 3 + 34*2; +// Calculated as 6 bytes of opcodes, 1 byte push plus 3 bytes for contest_delay, and two public +// keys of 33 bytes (+ 1 push). Generally, pushes are only 2 bytes (for values below 0x7fff, i.e. +// around 7 months), however, a 7 month contest delay shouldn't result in being unable to reclaim +// on-chain funds. +pub const REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH: usize = 6 + 4 + 34*2; /// A script either spendable by the revocation /// key or the broadcaster_delayed_payment_key and satisfying the relative-locktime OP_CSV constrain.