use ln::channel::{INITIAL_COMMITMENT_NUMBER, ANCHOR_OUTPUT_VALUE_SATOSHI};
use core::ops::Deref;
use chain;
+use util::crypto::sign;
pub(crate) const MAX_HTLCS: u16 = 483;
-pub(super) const HTLC_SUCCESS_TX_WEIGHT: u64 = 703;
-pub(super) const HTLC_TIMEOUT_TX_WEIGHT: u64 = 663;
-
/// Gets the weight for an HTLC-Success transaction.
#[inline]
pub fn htlc_success_tx_weight(opt_anchors: bool) -> u64 {
+ const HTLC_SUCCESS_TX_WEIGHT: u64 = 703;
const HTLC_SUCCESS_ANCHOR_TX_WEIGHT: u64 = 706;
if opt_anchors { HTLC_SUCCESS_ANCHOR_TX_WEIGHT } else { HTLC_SUCCESS_TX_WEIGHT }
}
/// Gets the weight for an HTLC-Timeout transaction.
#[inline]
pub fn htlc_timeout_tx_weight(opt_anchors: bool) -> u64 {
+ const HTLC_TIMEOUT_TX_WEIGHT: u64 = 663;
const HTLC_TIMEOUT_ANCHOR_TX_WEIGHT: u64 = 666;
if opt_anchors { HTLC_TIMEOUT_ANCHOR_TX_WEIGHT } else { HTLC_TIMEOUT_TX_WEIGHT }
}
/// Implements the per-commitment secret storage scheme from
/// [BOLT 3](https://github.com/lightningnetwork/lightning-rfc/blob/dcbf8583976df087c79c3ce0b535311212e6812d/03-transactions.md#efficient-per-commitment-secret-storage).
///
-/// Allows us to keep track of all of the revocation secrets of counterarties in just 50*32 bytes
+/// Allows us to keep track of all of the revocation secrets of our counterparty in just 50*32 bytes
/// or so.
#[derive(Clone)]
-pub(crate) struct CounterpartyCommitmentSecrets {
+pub struct CounterpartyCommitmentSecrets {
old_secrets: [([u8; 32], u64); 49],
}
}
impl CounterpartyCommitmentSecrets {
- pub(crate) fn new() -> Self {
+ /// Creates a new empty `CounterpartyCommitmentSecrets` structure.
+ pub fn new() -> Self {
Self { old_secrets: [([0; 32], 1 << 48); 49], }
}
48
}
- pub(crate) fn get_min_seen_secret(&self) -> u64 {
+ /// Returns the minimum index of all stored secrets. Note that indexes start
+ /// at 1 << 48 and get decremented by one for each new secret.
+ pub fn get_min_seen_secret(&self) -> u64 {
//TODO This can be optimized?
let mut min = 1 << 48;
for &(_, idx) in self.old_secrets.iter() {
res
}
- pub(crate) fn provide_secret(&mut self, idx: u64, secret: [u8; 32]) -> Result<(), ()> {
+ /// Inserts the `secret` at `idx`. Returns `Ok(())` if the secret
+ /// was generated in accordance with BOLT 3 and is consistent with previous secrets.
+ pub fn provide_secret(&mut self, idx: u64, secret: [u8; 32]) -> Result<(), ()> {
let pos = Self::place_secret(idx);
for i in 0..pos {
let (old_secret, old_idx) = self.old_secrets[i as usize];
Ok(())
}
- /// Can only fail if idx is < get_min_seen_secret
- pub(crate) fn get_secret(&self, idx: u64) -> Option<[u8; 32]> {
+ /// Returns the secret at `idx`.
+ /// Returns `None` if `idx` is < [`CounterpartyCommitmentSecrets::get_min_seen_secret`].
+ pub fn get_secret(&self, idx: u64) -> Option<[u8; 32]> {
for i in 0..self.old_secrets.len() {
if (idx & (!((1 << i) - 1))) == self.old_secrets[i].1 {
return Some(Self::derive_secret(self.old_secrets[i].0, i as u8, idx))
pub fn dummy() -> Self {
let secp_ctx = Secp256k1::new();
let dummy_key = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
- let dummy_sig = secp_ctx.sign(&secp256k1::Message::from_slice(&[42; 32]).unwrap(), &SecretKey::from_slice(&[42; 32]).unwrap());
+ let dummy_sig = sign(&secp_ctx, &secp256k1::Message::from_slice(&[42; 32]).unwrap(), &SecretKey::from_slice(&[42; 32]).unwrap());
let keys = TxCreationKeys {
per_commitment_point: dummy_key.clone(),
/// because we are about to broadcast a holder transaction.
pub fn sign<T: secp256k1::Signing>(&self, funding_key: &SecretKey, funding_redeemscript: &Script, channel_value_satoshis: u64, secp_ctx: &Secp256k1<T>) -> Signature {
let sighash = self.get_sighash_all(funding_redeemscript, channel_value_satoshis);
- secp_ctx.sign(&sighash, funding_key)
+ sign(secp_ctx, &sighash, funding_key)
}
}
/// because we are about to broadcast a holder transaction.
pub fn sign<T: secp256k1::Signing>(&self, funding_key: &SecretKey, funding_redeemscript: &Script, channel_value_satoshis: u64, secp_ctx: &Secp256k1<T>) -> Signature {
let sighash = self.get_sighash_all(funding_redeemscript, channel_value_satoshis);
- secp_ctx.sign(&sighash, funding_key)
+ sign(secp_ctx, &sighash, funding_key)
}
}
if let &Some(ref b_htlcout) = b {
a_htlcout.cltv_expiry.cmp(&b_htlcout.cltv_expiry)
// Note that due to hash collisions, we have to have a fallback comparison
- // here for fuzztarget mode (otherwise at least chanmon_fail_consistency
+ // here for fuzzing mode (otherwise at least chanmon_fail_consistency
// may fail)!
.then(a_htlcout.payment_hash.0.cmp(&b_htlcout.payment_hash.0))
// For non-HTLC outputs, if they're copying our SPK we don't really care if we
let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, self.opt_anchors(), &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key);
let sighash = hash_to_message!(&bip143::SigHashCache::new(&htlc_tx).signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, SigHashType::All)[..]);
- ret.push(secp_ctx.sign(&sighash, &holder_htlc_key));
+ ret.push(sign(secp_ctx, &sighash, &holder_htlc_key));
}
Ok(ret)
}