+impl InMemoryChannelKeys {
+ /// Create a new InMemoryChannelKeys
+ pub fn new<C: Signing>(
+ secp_ctx: &Secp256k1<C>,
+ funding_key: SecretKey,
+ revocation_base_key: SecretKey,
+ payment_key: SecretKey,
+ delayed_payment_base_key: SecretKey,
+ htlc_base_key: SecretKey,
+ commitment_seed: [u8; 32],
+ channel_value_satoshis: u64,
+ key_derivation_params: (u64, u64)) -> InMemoryChannelKeys {
+ let local_channel_pubkeys =
+ InMemoryChannelKeys::make_local_keys(secp_ctx, &funding_key, &revocation_base_key,
+ &payment_key, &delayed_payment_base_key,
+ &htlc_base_key);
+ InMemoryChannelKeys {
+ funding_key,
+ revocation_base_key,
+ payment_key,
+ delayed_payment_base_key,
+ htlc_base_key,
+ commitment_seed,
+ channel_value_satoshis,
+ local_channel_pubkeys,
+ accepted_channel_data: None,
+ key_derivation_params,
+ }
+ }
+
+ fn make_local_keys<C: Signing>(secp_ctx: &Secp256k1<C>,
+ funding_key: &SecretKey,
+ revocation_base_key: &SecretKey,
+ payment_key: &SecretKey,
+ delayed_payment_base_key: &SecretKey,
+ htlc_base_key: &SecretKey) -> ChannelPublicKeys {
+ let from_secret = |s: &SecretKey| PublicKey::from_secret_key(secp_ctx, s);
+ ChannelPublicKeys {
+ funding_pubkey: from_secret(&funding_key),
+ revocation_basepoint: from_secret(&revocation_base_key),
+ payment_point: from_secret(&payment_key),
+ delayed_payment_basepoint: from_secret(&delayed_payment_base_key),
+ htlc_basepoint: from_secret(&htlc_base_key),
+ }
+ }
+
+ /// Remote pubkeys.
+ /// Will panic if on_accept wasn't called.
+ pub fn remote_pubkeys(&self) -> &ChannelPublicKeys { &self.accepted_channel_data.as_ref().unwrap().remote_channel_pubkeys }
+
+ /// The to_self_delay value specified by our counterparty and applied on locally-broadcastable
+ /// transactions, ie the amount of time that we have to wait to recover our funds if we
+ /// broadcast a transaction. You'll likely want to pass this to the
+ /// ln::chan_utils::build*_transaction functions when signing local transactions.
+ /// Will panic if on_accept wasn't called.
+ pub fn remote_to_self_delay(&self) -> u16 { self.accepted_channel_data.as_ref().unwrap().remote_to_self_delay }
+
+ /// The to_self_delay value specified by us and applied on transactions broadcastable
+ /// by our counterparty, ie the amount of time that they have to wait to recover their funds
+ /// if they broadcast a transaction.
+ /// Will panic if on_accept wasn't called.
+ pub fn local_to_self_delay(&self) -> u16 { self.accepted_channel_data.as_ref().unwrap().local_to_self_delay }
+}
+
+impl ChannelKeys for InMemoryChannelKeys {
+ fn get_per_commitment_point<T: secp256k1::Signing + secp256k1::Verification>(&self, idx: u64, secp_ctx: &Secp256k1<T>) -> PublicKey {
+ let commitment_secret = SecretKey::from_slice(&chan_utils::build_commitment_secret(&self.commitment_seed, idx)).unwrap();
+ PublicKey::from_secret_key(secp_ctx, &commitment_secret)
+ }
+
+ fn release_commitment_secret(&self, idx: u64) -> [u8; 32] {
+ chan_utils::build_commitment_secret(&self.commitment_seed, idx)
+ }
+
+ fn pubkeys(&self) -> &ChannelPublicKeys { &self.local_channel_pubkeys }
+ fn key_derivation_params(&self) -> (u64, u64) { self.key_derivation_params }
+
+ fn sign_remote_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, feerate_per_kw: u32, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], secp_ctx: &Secp256k1<T>) -> Result<(Signature, Vec<Signature>), ()> {
+ if commitment_tx.input.len() != 1 { return Err(()); }
+
+ let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key);
+ let accepted_data = self.accepted_channel_data.as_ref().expect("must accept before signing");
+ let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &accepted_data.remote_channel_pubkeys.funding_pubkey);
+
+ let commitment_sighash = hash_to_message!(&bip143::SighashComponents::new(&commitment_tx).sighash_all(&commitment_tx.input[0], &channel_funding_redeemscript, self.channel_value_satoshis)[..]);
+ let commitment_sig = secp_ctx.sign(&commitment_sighash, &self.funding_key);
+
+ let commitment_txid = commitment_tx.txid();
+
+ let mut htlc_sigs = Vec::with_capacity(htlcs.len());
+ for ref htlc in htlcs {
+ if let Some(_) = htlc.transaction_output_index {
+ let htlc_tx = chan_utils::build_htlc_transaction(&commitment_txid, feerate_per_kw, accepted_data.local_to_self_delay, htlc, &keys.a_delayed_payment_key, &keys.revocation_key);
+ let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &keys);
+ let htlc_sighash = hash_to_message!(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]);
+ let our_htlc_key = match chan_utils::derive_private_key(&secp_ctx, &keys.per_commitment_point, &self.htlc_base_key) {
+ Ok(s) => s,
+ Err(_) => return Err(()),
+ };
+ htlc_sigs.push(secp_ctx.sign(&htlc_sighash, &our_htlc_key));
+ }
+ }
+
+ Ok((commitment_sig, htlc_sigs))
+ }
+
+ fn sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key);
+ let remote_channel_data = self.accepted_channel_data.as_ref().expect("must accept before signing");
+ let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &remote_channel_data.remote_channel_pubkeys.funding_pubkey);
+
+ Ok(local_commitment_tx.get_local_sig(&self.funding_key, &channel_funding_redeemscript, self.channel_value_satoshis, secp_ctx))
+ }
+
+ #[cfg(test)]
+ fn unsafe_sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key);
+ let remote_channel_pubkeys = &self.accepted_channel_data.as_ref().expect("must accept before signing").remote_channel_pubkeys;
+ let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &remote_channel_pubkeys.funding_pubkey);
+
+ Ok(local_commitment_tx.get_local_sig(&self.funding_key, &channel_funding_redeemscript, self.channel_value_satoshis, secp_ctx))
+ }
+
+ fn sign_local_commitment_htlc_transactions<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Vec<Option<Signature>>, ()> {
+ let local_csv = self.accepted_channel_data.as_ref().unwrap().remote_to_self_delay;
+ local_commitment_tx.get_htlc_sigs(&self.htlc_base_key, local_csv, secp_ctx)
+ }
+
+ fn sign_justice_transaction<T: secp256k1::Signing + secp256k1::Verification>(&self, justice_tx: &Transaction, input: usize, amount: u64, per_commitment_key: &SecretKey, htlc: &Option<HTLCOutputInCommitment>, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ let revocation_key = match chan_utils::derive_private_revocation_key(&secp_ctx, &per_commitment_key, &self.revocation_base_key) {
+ Ok(revocation_key) => revocation_key,
+ Err(_) => return Err(())
+ };
+ let per_commitment_point = PublicKey::from_secret_key(secp_ctx, &per_commitment_key);
+ let revocation_pubkey = match chan_utils::derive_public_revocation_key(&secp_ctx, &per_commitment_point, &self.pubkeys().revocation_basepoint) {
+ Ok(revocation_pubkey) => revocation_pubkey,
+ Err(_) => return Err(())
+ };
+ let witness_script = if let &Some(ref htlc) = htlc {
+ let remote_htlcpubkey = match chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.remote_pubkeys().htlc_basepoint) {
+ Ok(remote_htlcpubkey) => remote_htlcpubkey,
+ Err(_) => return Err(())
+ };
+ let local_htlcpubkey = match chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.pubkeys().htlc_basepoint) {
+ Ok(local_htlcpubkey) => local_htlcpubkey,
+ Err(_) => return Err(())
+ };
+ chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, &remote_htlcpubkey, &local_htlcpubkey, &revocation_pubkey)
+ } else {
+ let remote_delayedpubkey = match chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.remote_pubkeys().delayed_payment_basepoint) {
+ Ok(remote_delayedpubkey) => remote_delayedpubkey,
+ Err(_) => return Err(())
+ };
+ chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.local_to_self_delay(), &remote_delayedpubkey)
+ };
+ let sighash_parts = bip143::SighashComponents::new(&justice_tx);
+ let sighash = hash_to_message!(&sighash_parts.sighash_all(&justice_tx.input[input], &witness_script, amount)[..]);
+ return Ok(secp_ctx.sign(&sighash, &revocation_key))
+ }
+
+ fn sign_remote_htlc_transaction<T: secp256k1::Signing + secp256k1::Verification>(&self, htlc_tx: &Transaction, input: usize, amount: u64, per_commitment_point: &PublicKey, htlc: &HTLCOutputInCommitment, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ if let Ok(htlc_key) = chan_utils::derive_private_key(&secp_ctx, &per_commitment_point, &self.htlc_base_key) {
+ let witness_script = if let Ok(revocation_pubkey) = chan_utils::derive_public_revocation_key(&secp_ctx, &per_commitment_point, &self.pubkeys().revocation_basepoint) {
+ if let Ok(remote_htlcpubkey) = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.remote_pubkeys().htlc_basepoint) {
+ if let Ok(local_htlcpubkey) = chan_utils::derive_public_key(&secp_ctx, &per_commitment_point, &self.pubkeys().htlc_basepoint) {
+ chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, &remote_htlcpubkey, &local_htlcpubkey, &revocation_pubkey)
+ } else { return Err(()) }
+ } else { return Err(()) }
+ } else { return Err(()) };
+ let sighash_parts = bip143::SighashComponents::new(&htlc_tx);
+ let sighash = hash_to_message!(&sighash_parts.sighash_all(&htlc_tx.input[input], &witness_script, amount)[..]);
+ return Ok(secp_ctx.sign(&sighash, &htlc_key))
+ }
+ Err(())
+ }
+
+ fn sign_closing_transaction<T: secp256k1::Signing>(&self, closing_tx: &Transaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ if closing_tx.input.len() != 1 { return Err(()); }
+ if closing_tx.input[0].witness.len() != 0 { return Err(()); }
+ if closing_tx.output.len() > 2 { return Err(()); }
+
+ let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key);
+ let remote_channel_data = self.accepted_channel_data.as_ref().expect("must accept before signing");
+ let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &remote_channel_data.remote_channel_pubkeys.funding_pubkey);
+
+ let sighash = hash_to_message!(&bip143::SighashComponents::new(closing_tx)
+ .sighash_all(&closing_tx.input[0], &channel_funding_redeemscript, self.channel_value_satoshis)[..]);
+ Ok(secp_ctx.sign(&sighash, &self.funding_key))
+ }
+
+ fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+ let msghash = hash_to_message!(&Sha256dHash::hash(&msg.encode()[..])[..]);
+ Ok(secp_ctx.sign(&msghash, &self.funding_key))
+ }
+
+ fn on_accept(&mut self, channel_pubkeys: &ChannelPublicKeys, remote_to_self_delay: u16, local_to_self_delay: u16) {
+ assert!(self.accepted_channel_data.is_none(), "Already accepted");
+ self.accepted_channel_data = Some(AcceptedChannelData {
+ remote_channel_pubkeys: channel_pubkeys.clone(),
+ remote_to_self_delay,
+ local_to_self_delay,
+ });
+ }
+}
+
+impl_writeable!(AcceptedChannelData, 0,
+ { remote_channel_pubkeys, remote_to_self_delay, local_to_self_delay });
+
+impl Writeable for InMemoryChannelKeys {
+ fn write<W: Writer>(&self, writer: &mut W) -> Result<(), Error> {
+ self.funding_key.write(writer)?;
+ self.revocation_base_key.write(writer)?;
+ self.payment_key.write(writer)?;
+ self.delayed_payment_base_key.write(writer)?;
+ self.htlc_base_key.write(writer)?;
+ self.commitment_seed.write(writer)?;
+ self.accepted_channel_data.write(writer)?;
+ self.channel_value_satoshis.write(writer)?;
+ self.key_derivation_params.0.write(writer)?;
+ self.key_derivation_params.1.write(writer)?;
+
+ Ok(())
+ }
+}
+
+impl Readable for InMemoryChannelKeys {
+ fn read<R: ::std::io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
+ let funding_key = Readable::read(reader)?;
+ let revocation_base_key = Readable::read(reader)?;
+ let payment_key = Readable::read(reader)?;
+ let delayed_payment_base_key = Readable::read(reader)?;
+ let htlc_base_key = Readable::read(reader)?;
+ let commitment_seed = Readable::read(reader)?;
+ let remote_channel_data = Readable::read(reader)?;
+ let channel_value_satoshis = Readable::read(reader)?;
+ let secp_ctx = Secp256k1::signing_only();
+ let local_channel_pubkeys =
+ InMemoryChannelKeys::make_local_keys(&secp_ctx, &funding_key, &revocation_base_key,
+ &payment_key, &delayed_payment_base_key,
+ &htlc_base_key);
+ let params_1 = Readable::read(reader)?;
+ let params_2 = Readable::read(reader)?;
+
+ Ok(InMemoryChannelKeys {
+ funding_key,
+ revocation_base_key,
+ payment_key,
+ delayed_payment_base_key,
+ htlc_base_key,
+ commitment_seed,
+ channel_value_satoshis,
+ local_channel_pubkeys,
+ accepted_channel_data: remote_channel_data,
+ key_derivation_params: (params_1, params_2),
+ })
+ }
+}