- /// Create a signature for a local commitment transaction
- ///
- /// TODO: Document the things someone using this interface should enforce before signing.
- /// TODO: Add more input vars to enable better checking (preferably removing commitment_tx and
- /// TODO: Ensure test-only version doesn't enforce uniqueness of signature when it's enforced in this method
- /// making the callee generate it via some util function we expose)!
- fn sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &mut LocalCommitmentTransaction, funding_redeemscript: &Script, channel_value_satoshis: u64, secp_ctx: &Secp256k1<T>);
+ /// Create a signature for a local commitment transaction. This will only ever be called with
+ /// the same local_commitment_tx (or a copy thereof), though there are currently no guarantees
+ /// that it will not be called multiple times.
+ //
+ // TODO: Document the things someone using this interface should enforce before signing.
+ // TODO: Add more input vars to enable better checking (preferably removing commitment_tx and
+ fn sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()>;
+
+ /// Same as sign_local_commitment, but exists only for tests to get access to local commitment
+ /// transactions which will be broadcasted later, after the channel has moved on to a newer
+ /// state. Thus, needs its own method as sign_local_commitment may enforce that we only ever
+ /// get called once.
+ #[cfg(test)]
+ fn unsafe_sign_local_commitment<T: secp256k1::Signing + secp256k1::Verification>(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()>;