// You may not use this file except in accordance with one or both of these
// licenses.
-//! Various utilities for building scripts and deriving keys related to channels. These are
+//! Various utilities for building scripts related to channels. These are
//! largely of interest for those implementing the traits on [`crate::sign`] by hand.
+use bitcoin::{PubkeyHash, WPubkeyHash};
+use bitcoin::amount::Amount;
use bitcoin::blockdata::script::{Script, ScriptBuf, Builder};
use bitcoin::blockdata::opcodes;
use bitcoin::blockdata::transaction::{TxIn,TxOut,OutPoint,Transaction};
use bitcoin::sighash;
use bitcoin::sighash::EcdsaSighashType;
-use bitcoin::address::Payload;
+use bitcoin::transaction::Version;
use bitcoin::hashes::{Hash, HashEngine};
+use bitcoin::hashes::hash160::Hash as Hash160;
use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::hashes::ripemd160::Hash as Ripemd160;
-use bitcoin::hash_types::{Txid, PubkeyHash, WPubkeyHash};
+use bitcoin::hash_types::Txid;
use crate::chain::chaininterface::fee_for_weight;
use crate::chain::package::WEIGHT_REVOKED_OUTPUT;
use crate::sign::EntropySource;
-use crate::ln::{PaymentHash, PaymentPreimage};
+use crate::ln::types::{PaymentHash, PaymentPreimage};
use crate::ln::msgs::DecodeError;
use crate::util::ser::{Readable, RequiredWrapper, Writeable, Writer};
use crate::util::transaction_utils;
use bitcoin::blockdata::locktime::absolute::LockTime;
+use bitcoin::ecdsa::Signature as BitcoinSignature;
use bitcoin::secp256k1::{SecretKey, PublicKey, Scalar};
use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Message};
use bitcoin::{secp256k1, Sequence, Witness};
-use bitcoin::PublicKey as BitcoinPublicKey;
use crate::io;
-use crate::prelude::*;
use core::cmp;
use crate::ln::chan_utils;
use crate::util::transaction_utils::sort_outputs;
use core::ops::Deref;
use crate::chain;
use crate::ln::features::ChannelTypeFeatures;
-use crate::util::crypto::{sign, sign_with_aux_rand};
+use crate::crypto::utils::{sign, sign_with_aux_rand};
+use super::channel_keys::{DelayedPaymentBasepoint, DelayedPaymentKey, HtlcKey, HtlcBasepoint, RevocationKey, RevocationBasepoint};
+
+#[allow(unused_imports)]
+use crate::prelude::*;
/// Maximum number of one-way in-flight HTLC (protocol-level value).
pub const MAX_HTLCS: u16 = 483;
}
/// Build a closing transaction
-pub fn build_closing_transaction(to_holder_value_sat: u64, to_counterparty_value_sat: u64, to_holder_script: ScriptBuf, to_counterparty_script: ScriptBuf, funding_outpoint: OutPoint) -> Transaction {
+pub fn build_closing_transaction(to_holder_value_sat: Amount, to_counterparty_value_sat: Amount, to_holder_script: ScriptBuf, to_counterparty_script: ScriptBuf, funding_outpoint: OutPoint) -> Transaction {
let txins = {
let mut ins: Vec<TxIn> = Vec::new();
ins.push(TxIn {
let mut txouts: Vec<(TxOut, ())> = Vec::new();
- if to_counterparty_value_sat > 0 {
+ if to_counterparty_value_sat > Amount::ZERO {
txouts.push((TxOut {
script_pubkey: to_counterparty_script,
value: to_counterparty_value_sat
}, ()));
}
- if to_holder_value_sat > 0 {
+ if to_holder_value_sat > Amount::ZERO {
txouts.push((TxOut {
script_pubkey: to_holder_script,
value: to_holder_value_sat
}
Transaction {
- version: 2,
+ version: Version::TWO,
lock_time: LockTime::ZERO,
input: txins,
output: outputs,
.expect("Addition only fails if the tweak is the inverse of the key. This is not possible when the tweak contains the hash of the key.")
}
-/// Derives a per-commitment-transaction public key (eg an htlc key or a delayed_payment key)
-/// from the base point and the per_commitment_key. This is the public equivalent of
-/// derive_private_key - using only public keys to derive a public key instead of private keys.
-pub fn derive_public_key<T: secp256k1::Signing>(secp_ctx: &Secp256k1<T>, per_commitment_point: &PublicKey, base_point: &PublicKey) -> PublicKey {
- let mut sha = Sha256::engine();
- sha.input(&per_commitment_point.serialize());
- sha.input(&base_point.serialize());
- let res = Sha256::from_engine(sha).to_byte_array();
-
- let hashkey = PublicKey::from_secret_key(&secp_ctx,
- &SecretKey::from_slice(&res).expect("Hashes should always be valid keys unless SHA-256 is broken"));
- base_point.combine(&hashkey)
- .expect("Addition only fails if the tweak is the inverse of the key. This is not possible when the tweak contains the hash of the key.")
-}
-
/// Derives a per-commitment-transaction revocation key from its constituent parts.
///
/// Only the cheating participant owns a valid witness to propagate a revoked
.expect("Addition only fails if the tweak is the inverse of the key. This is not possible when the tweak commits to the key.")
}
-/// Derives a per-commitment-transaction revocation public key from its constituent parts. This is
-/// the public equivalend of derive_private_revocation_key - using only public keys to derive a
-/// public key instead of private keys.
-///
-/// Only the cheating participant owns a valid witness to propagate a revoked
-/// commitment transaction, thus per_commitment_point always come from cheater
-/// and revocation_base_point always come from punisher, which is the broadcaster
-/// of the transaction spending with this key knowledge.
-///
-/// Note that this is infallible iff we trust that at least one of the two input keys are randomly
-/// generated (ie our own).
-pub fn derive_public_revocation_key<T: secp256k1::Verification>(secp_ctx: &Secp256k1<T>,
- per_commitment_point: &PublicKey, countersignatory_revocation_base_point: &PublicKey)
--> PublicKey {
- let rev_append_commit_hash_key = {
- let mut sha = Sha256::engine();
- sha.input(&countersignatory_revocation_base_point.serialize());
- sha.input(&per_commitment_point.serialize());
-
- Sha256::from_engine(sha).to_byte_array()
- };
- let commit_append_rev_hash_key = {
- let mut sha = Sha256::engine();
- sha.input(&per_commitment_point.serialize());
- sha.input(&countersignatory_revocation_base_point.serialize());
-
- Sha256::from_engine(sha).to_byte_array()
- };
-
- let countersignatory_contrib = countersignatory_revocation_base_point.clone().mul_tweak(&secp_ctx, &Scalar::from_be_bytes(rev_append_commit_hash_key).unwrap())
- .expect("Multiplying a valid public key by a hash is expected to never fail per secp256k1 docs");
- let broadcaster_contrib = per_commitment_point.clone().mul_tweak(&secp_ctx, &Scalar::from_be_bytes(commit_append_rev_hash_key).unwrap())
- .expect("Multiplying a valid public key by a hash is expected to never fail per secp256k1 docs");
- countersignatory_contrib.combine(&broadcaster_contrib)
- .expect("Addition only fails if the tweak is the inverse of the key. This is not possible when the tweak commits to the key.")
-}
-
/// The set of public keys which are used in the creation of one commitment transaction.
/// These are derived from the channel base keys and per-commitment data.
///
/// The revocation key which is used to allow the broadcaster of the commitment
/// transaction to provide their counterparty the ability to punish them if they broadcast
/// an old state.
- pub revocation_key: PublicKey,
+ pub revocation_key: RevocationKey,
/// Broadcaster's HTLC Key
- pub broadcaster_htlc_key: PublicKey,
+ pub broadcaster_htlc_key: HtlcKey,
/// Countersignatory's HTLC Key
- pub countersignatory_htlc_key: PublicKey,
+ pub countersignatory_htlc_key: HtlcKey,
/// Broadcaster's Payment Key (which isn't allowed to be spent from for some delay)
- pub broadcaster_delayed_payment_key: PublicKey,
+ pub broadcaster_delayed_payment_key: DelayedPaymentKey,
}
impl_writeable_tlv_based!(TxCreationKeys, {
/// revocation keys. This is combined with the per-commitment-secret generated by the
/// counterparty to create a secret which the counterparty can reveal to revoke previous
/// states.
- pub revocation_basepoint: PublicKey,
+ pub revocation_basepoint: RevocationBasepoint,
/// The public key on which the non-broadcaster (ie the countersignatory) receives an immediately
/// spendable primary channel balance on the broadcaster's commitment transaction. This key is
/// static across every commitment transaction.
/// The base point which is used (with derive_public_key) to derive a per-commitment payment
/// public key which receives non-HTLC-encumbered funds which are only available for spending
/// after some delay (or can be claimed via the revocation path).
- pub delayed_payment_basepoint: PublicKey,
+ pub delayed_payment_basepoint: DelayedPaymentBasepoint,
/// The base point which is used (with derive_public_key) to derive a per-commitment public key
/// which is used to encumber HTLC-in-flight outputs.
- pub htlc_basepoint: PublicKey,
+ pub htlc_basepoint: HtlcBasepoint,
}
impl_writeable_tlv_based!(ChannelPublicKeys, {
impl TxCreationKeys {
/// Create per-state keys from channel base points and the per-commitment point.
/// Key set is asymmetric and can't be used as part of counter-signatory set of transactions.
- pub fn derive_new<T: secp256k1::Signing + secp256k1::Verification>(secp_ctx: &Secp256k1<T>, per_commitment_point: &PublicKey, broadcaster_delayed_payment_base: &PublicKey, broadcaster_htlc_base: &PublicKey, countersignatory_revocation_base: &PublicKey, countersignatory_htlc_base: &PublicKey) -> TxCreationKeys {
+ pub fn derive_new<T: secp256k1::Signing + secp256k1::Verification>(secp_ctx: &Secp256k1<T>, per_commitment_point: &PublicKey, broadcaster_delayed_payment_base: &DelayedPaymentBasepoint, broadcaster_htlc_base: &HtlcBasepoint, countersignatory_revocation_base: &RevocationBasepoint, countersignatory_htlc_base: &HtlcBasepoint) -> TxCreationKeys {
TxCreationKeys {
per_commitment_point: per_commitment_point.clone(),
- revocation_key: derive_public_revocation_key(&secp_ctx, &per_commitment_point, &countersignatory_revocation_base),
- broadcaster_htlc_key: derive_public_key(&secp_ctx, &per_commitment_point, &broadcaster_htlc_base),
- countersignatory_htlc_key: derive_public_key(&secp_ctx, &per_commitment_point, &countersignatory_htlc_base),
- broadcaster_delayed_payment_key: derive_public_key(&secp_ctx, &per_commitment_point, &broadcaster_delayed_payment_base),
+ revocation_key: RevocationKey::from_basepoint(&secp_ctx, &countersignatory_revocation_base, &per_commitment_point),
+ broadcaster_htlc_key: HtlcKey::from_basepoint(&secp_ctx, &broadcaster_htlc_base, &per_commitment_point),
+ countersignatory_htlc_key: HtlcKey::from_basepoint(&secp_ctx, &countersignatory_htlc_base, &per_commitment_point),
+ broadcaster_delayed_payment_key: DelayedPaymentKey::from_basepoint(&secp_ctx, &broadcaster_delayed_payment_base, &per_commitment_point),
}
}
}
/// The maximum length of a script returned by get_revokeable_redeemscript.
-// Calculated as 6 bytes of opcodes, 1 byte push plus 2 bytes for contest_delay, and two public
-// keys of 33 bytes (+ 1 push).
-pub const REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH: usize = 6 + 3 + 34*2;
+// Calculated as 6 bytes of opcodes, 1 byte push plus 3 bytes for contest_delay, and two public
+// keys of 33 bytes (+ 1 push). Generally, pushes are only 2 bytes (for values below 0x7fff, i.e.
+// around 7 months), however, a 7 month contest delay shouldn't result in being unable to reclaim
+// on-chain funds.
+pub const REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH: usize = 6 + 4 + 34*2;
/// A script either spendable by the revocation
/// key or the broadcaster_delayed_payment_key and satisfying the relative-locktime OP_CSV constrain.
/// Encumbering a `to_holder` output on a commitment transaction or 2nd-stage HTLC transactions.
-pub fn get_revokeable_redeemscript(revocation_key: &PublicKey, contest_delay: u16, broadcaster_delayed_payment_key: &PublicKey) -> ScriptBuf {
+pub fn get_revokeable_redeemscript(revocation_key: &RevocationKey, contest_delay: u16, broadcaster_delayed_payment_key: &DelayedPaymentKey) -> ScriptBuf {
let res = Builder::new().push_opcode(opcodes::all::OP_IF)
- .push_slice(&revocation_key.serialize())
+ .push_slice(&revocation_key.to_public_key().serialize())
.push_opcode(opcodes::all::OP_ELSE)
.push_int(contest_delay as i64)
.push_opcode(opcodes::all::OP_CSV)
.push_opcode(opcodes::all::OP_DROP)
- .push_slice(&broadcaster_delayed_payment_key.serialize())
+ .push_slice(&broadcaster_delayed_payment_key.to_public_key().serialize())
.push_opcode(opcodes::all::OP_ENDIF)
.push_opcode(opcodes::all::OP_CHECKSIG)
.into_script();
/// the channel type.
pub fn get_counterparty_payment_script(channel_type_features: &ChannelTypeFeatures, payment_key: &PublicKey) -> ScriptBuf {
if channel_type_features.supports_anchors_zero_fee_htlc_tx() {
- get_to_countersignatory_with_anchors_redeemscript(payment_key).to_v0_p2wsh()
+ get_to_countersignatory_with_anchors_redeemscript(payment_key).to_p2wsh()
} else {
- ScriptBuf::new_v0_p2wpkh(&WPubkeyHash::hash(&payment_key.serialize()))
+ ScriptBuf::new_p2wpkh(&WPubkeyHash::hash(&payment_key.serialize()))
}
}
pub transaction_output_index: Option<u32>,
}
+impl HTLCOutputInCommitment {
+ /// Converts HTLC's value with millisatoshi precision into [bitcoin::Amount] with satoshi precision.
+ /// Typically this conversion is needed when transitioning from LN into base-layer Bitcoin,
+ /// e. g. in commitment transactions.
+ pub const fn to_bitcoin_amount(&self) -> Amount {
+ Amount::from_sat(self.amount_msat / 1000)
+ }
+}
+
impl_writeable_tlv_based!(HTLCOutputInCommitment, {
(0, offered, required),
(2, amount_msat, required),
});
#[inline]
-pub(crate) fn get_htlc_redeemscript_with_explicit_keys(htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_htlc_key: &PublicKey, countersignatory_htlc_key: &PublicKey, revocation_key: &PublicKey) -> ScriptBuf {
+pub(crate) fn get_htlc_redeemscript_with_explicit_keys(htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_htlc_key: &HtlcKey, countersignatory_htlc_key: &HtlcKey, revocation_key: &RevocationKey) -> ScriptBuf {
let payment_hash160 = Ripemd160::hash(&htlc.payment_hash.0[..]).to_byte_array();
if htlc.offered {
let mut bldr = Builder::new().push_opcode(opcodes::all::OP_DUP)
.push_opcode(opcodes::all::OP_HASH160)
- .push_slice(PubkeyHash::hash(&revocation_key.serialize()))
+ .push_slice(PubkeyHash::hash(&revocation_key.to_public_key().serialize()))
.push_opcode(opcodes::all::OP_EQUAL)
.push_opcode(opcodes::all::OP_IF)
.push_opcode(opcodes::all::OP_CHECKSIG)
.push_opcode(opcodes::all::OP_ELSE)
- .push_slice(countersignatory_htlc_key.serialize())
+ .push_slice(&countersignatory_htlc_key.to_public_key().serialize())
.push_opcode(opcodes::all::OP_SWAP)
.push_opcode(opcodes::all::OP_SIZE)
.push_int(32)
.push_opcode(opcodes::all::OP_DROP)
.push_int(2)
.push_opcode(opcodes::all::OP_SWAP)
- .push_slice(broadcaster_htlc_key.serialize())
+ .push_slice(&broadcaster_htlc_key.to_public_key().serialize())
.push_int(2)
.push_opcode(opcodes::all::OP_CHECKMULTISIG)
.push_opcode(opcodes::all::OP_ELSE)
} else {
let mut bldr = Builder::new().push_opcode(opcodes::all::OP_DUP)
.push_opcode(opcodes::all::OP_HASH160)
- .push_slice(PubkeyHash::hash(&revocation_key.serialize()))
+ .push_slice(&PubkeyHash::hash(&revocation_key.to_public_key().serialize()))
.push_opcode(opcodes::all::OP_EQUAL)
.push_opcode(opcodes::all::OP_IF)
.push_opcode(opcodes::all::OP_CHECKSIG)
.push_opcode(opcodes::all::OP_ELSE)
- .push_slice(countersignatory_htlc_key.serialize())
+ .push_slice(&countersignatory_htlc_key.to_public_key().serialize())
.push_opcode(opcodes::all::OP_SWAP)
.push_opcode(opcodes::all::OP_SIZE)
.push_int(32)
.push_opcode(opcodes::all::OP_EQUALVERIFY)
.push_int(2)
.push_opcode(opcodes::all::OP_SWAP)
- .push_slice(broadcaster_htlc_key.serialize())
+ .push_slice(&broadcaster_htlc_key.to_public_key().serialize())
.push_int(2)
.push_opcode(opcodes::all::OP_CHECKMULTISIG)
.push_opcode(opcodes::all::OP_ELSE)
///
/// Panics if htlc.transaction_output_index.is_none() (as such HTLCs do not appear in the
/// commitment transaction).
-pub fn build_htlc_transaction(commitment_txid: &Txid, feerate_per_kw: u32, contest_delay: u16, htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_delayed_payment_key: &PublicKey, revocation_key: &PublicKey) -> Transaction {
+pub fn build_htlc_transaction(commitment_txid: &Txid, feerate_per_kw: u32, contest_delay: u16, htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_delayed_payment_key: &DelayedPaymentKey, revocation_key: &RevocationKey) -> Transaction {
let mut txins: Vec<TxIn> = Vec::new();
txins.push(build_htlc_input(commitment_txid, htlc, channel_type_features));
));
Transaction {
- version: 2,
+ version: Version::TWO,
lock_time: LockTime::from_consensus(if htlc.offered { htlc.cltv_expiry } else { 0 }),
input: txins,
output: txouts,
}
pub(crate) fn build_htlc_output(
- feerate_per_kw: u32, contest_delay: u16, htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_delayed_payment_key: &PublicKey, revocation_key: &PublicKey
+ feerate_per_kw: u32, contest_delay: u16, htlc: &HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures, broadcaster_delayed_payment_key: &DelayedPaymentKey, revocation_key: &RevocationKey
) -> TxOut {
let weight = if htlc.offered {
htlc_timeout_tx_weight(channel_type_features)
htlc_success_tx_weight(channel_type_features)
};
let output_value = if channel_type_features.supports_anchors_zero_fee_htlc_tx() && !channel_type_features.supports_anchors_nonzero_fee_htlc_tx() {
- htlc.amount_msat / 1000
+ htlc.to_bitcoin_amount()
} else {
- let total_fee = feerate_per_kw as u64 * weight / 1000;
- htlc.amount_msat / 1000 - total_fee
+ let total_fee = Amount::from_sat(feerate_per_kw as u64 * weight / 1000);
+ htlc.to_bitcoin_amount() - total_fee
};
TxOut {
- script_pubkey: get_revokeable_redeemscript(revocation_key, contest_delay, broadcaster_delayed_payment_key).to_v0_p2wsh(),
+ script_pubkey: get_revokeable_redeemscript(revocation_key, contest_delay, broadcaster_delayed_payment_key).to_p2wsh(),
value: output_value,
}
}
let mut witness = Witness::new();
// First push the multisig dummy, note that due to BIP147 (NULLDUMMY) it must be a zero-length element.
witness.push(vec![]);
- witness.push_bitcoin_signature(&remote_sig.serialize_der(), remote_sighash_type);
- witness.push_bitcoin_signature(&local_sig.serialize_der(), EcdsaSighashType::All);
+ witness.push_ecdsa_signature(&BitcoinSignature { sig: *remote_sig, hash_ty: remote_sighash_type });
+ witness.push_ecdsa_signature(&BitcoinSignature::sighash_all(*local_sig));
if let Some(preimage) = preimage {
witness.push(preimage.0.to_vec());
} else {
/// Locates the output with an anchor script paying to `funding_pubkey` within `commitment_tx`.
pub(crate) fn get_anchor_output<'a>(commitment_tx: &'a Transaction, funding_pubkey: &PublicKey) -> Option<(u32, &'a TxOut)> {
- let anchor_script = chan_utils::get_anchor_redeemscript(funding_pubkey).to_v0_p2wsh();
+ let anchor_script = chan_utils::get_anchor_redeemscript(funding_pubkey).to_p2wsh();
commitment_tx.output.iter().enumerate()
.find(|(_, txout)| txout.script_pubkey == anchor_script)
.map(|(idx, txout)| (idx as u32, txout))
pub fn build_anchor_input_witness(funding_key: &PublicKey, funding_sig: &Signature) -> Witness {
let anchor_redeem_script = chan_utils::get_anchor_redeemscript(funding_key);
let mut ret = Witness::new();
- ret.push_bitcoin_signature(&funding_sig.serialize_der(), EcdsaSighashType::All);
+ ret.push_ecdsa_signature(&BitcoinSignature::sighash_all(*funding_sig));
ret.push(anchor_redeem_script.as_bytes());
ret
}
self.counterparty_parameters.is_some() && self.funding_outpoint.is_some()
}
+ /// Whether the channel supports zero-fee HTLC transaction anchors.
+ pub(crate) fn supports_anchors(&self) -> bool {
+ self.channel_type_features.supports_anchors_zero_fee_htlc_tx()
+ }
+
/// Convert the holder/counterparty parameters to broadcaster/countersignatory-organized parameters,
/// given that the holder is the broadcaster.
///
pub fn dummy(htlcs: &mut Vec<(HTLCOutputInCommitment, ())>) -> Self {
let secp_ctx = Secp256k1::new();
let dummy_key = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
- let dummy_sig = sign(&secp_ctx, &secp256k1::Message::from_slice(&[42; 32]).unwrap(), &SecretKey::from_slice(&[42; 32]).unwrap());
+ let dummy_sig = sign(&secp_ctx, &secp256k1::Message::from_digest([42; 32]), &SecretKey::from_slice(&[42; 32]).unwrap());
let keys = TxCreationKeys {
per_commitment_point: dummy_key.clone(),
- revocation_key: dummy_key.clone(),
- broadcaster_htlc_key: dummy_key.clone(),
- countersignatory_htlc_key: dummy_key.clone(),
- broadcaster_delayed_payment_key: dummy_key.clone(),
+ revocation_key: RevocationKey::from_basepoint(&secp_ctx, &RevocationBasepoint::from(dummy_key), &dummy_key),
+ broadcaster_htlc_key: HtlcKey::from_basepoint(&secp_ctx, &HtlcBasepoint::from(dummy_key), &dummy_key),
+ countersignatory_htlc_key: HtlcKey::from_basepoint(&secp_ctx, &HtlcBasepoint::from(dummy_key), &dummy_key),
+ broadcaster_delayed_payment_key: DelayedPaymentKey::from_basepoint(&secp_ctx, &DelayedPaymentBasepoint::from(dummy_key), &dummy_key),
};
let channel_pubkeys = ChannelPublicKeys {
funding_pubkey: dummy_key.clone(),
- revocation_basepoint: dummy_key.clone(),
+ revocation_basepoint: RevocationBasepoint::from(dummy_key),
payment_point: dummy_key.clone(),
- delayed_payment_basepoint: dummy_key.clone(),
- htlc_basepoint: dummy_key.clone()
+ delayed_payment_basepoint: DelayedPaymentBasepoint::from(dummy_key.clone()),
+ htlc_basepoint: HtlcBasepoint::from(dummy_key.clone())
};
let channel_parameters = ChannelTransactionParameters {
holder_pubkeys: channel_pubkeys.clone(),
tx.input[0].witness.push(Vec::new());
if self.holder_sig_first {
- tx.input[0].witness.push_bitcoin_signature(&holder_sig.serialize_der(), EcdsaSighashType::All);
- tx.input[0].witness.push_bitcoin_signature(&self.counterparty_sig.serialize_der(), EcdsaSighashType::All);
+ tx.input[0].witness.push_ecdsa_signature(&BitcoinSignature::sighash_all(holder_sig));
+ tx.input[0].witness.push_ecdsa_signature(&BitcoinSignature::sighash_all(self.counterparty_sig));
} else {
- tx.input[0].witness.push_bitcoin_signature(&self.counterparty_sig.serialize_der(), EcdsaSighashType::All);
- tx.input[0].witness.push_bitcoin_signature(&holder_sig.serialize_der(), EcdsaSighashType::All);
+ tx.input[0].witness.push_ecdsa_signature(&BitcoinSignature::sighash_all(self.counterparty_sig));
+ tx.input[0].witness.push_ecdsa_signature(&BitcoinSignature::sighash_all(holder_sig));
}
tx.input[0].witness.push(funding_redeemscript.as_bytes().to_vec());
///
/// This can be used to verify a signature.
pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message {
- let sighash = &sighash::SighashCache::new(&self.transaction).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..];
+ let sighash = &sighash::SighashCache::new(&self.transaction).p2wsh_signature_hash(0, funding_redeemscript, Amount::from_sat(channel_value_satoshis), EcdsaSighashType::All).unwrap()[..];
hash_to_message!(sighash)
}
/// secret key.
#[derive(Clone, Hash, PartialEq, Eq)]
pub struct ClosingTransaction {
- to_holder_value_sat: u64,
- to_counterparty_value_sat: u64,
+ to_holder_value_sat: Amount,
+ to_counterparty_value_sat: Amount,
to_holder_script: ScriptBuf,
to_counterparty_script: ScriptBuf,
built: Transaction,
to_counterparty_script: ScriptBuf,
funding_outpoint: OutPoint,
) -> Self {
+ let to_holder_value_sat = Amount::from_sat(to_holder_value_sat);
+ let to_counterparty_value_sat = Amount::from_sat(to_counterparty_value_sat);
let built = build_closing_transaction(
to_holder_value_sat, to_counterparty_value_sat,
to_holder_script.clone(), to_counterparty_script.clone(),
/// The value to be sent to the holder, or zero if the output will be omitted
pub fn to_holder_value_sat(&self) -> u64 {
- self.to_holder_value_sat
+ self.to_holder_value_sat.to_sat()
}
/// The value to be sent to the counterparty, or zero if the output will be omitted
pub fn to_counterparty_value_sat(&self) -> u64 {
- self.to_counterparty_value_sat
+ self.to_counterparty_value_sat.to_sat()
}
/// The destination of the holder's output
///
/// This can be used to verify a signature.
pub fn get_sighash_all(&self, funding_redeemscript: &Script, channel_value_satoshis: u64) -> Message {
- let sighash = &sighash::SighashCache::new(&self.inner.built).segwit_signature_hash(0, funding_redeemscript, channel_value_satoshis, EcdsaSighashType::All).unwrap()[..];
+ let sighash = &sighash::SighashCache::new(&self.inner.built).p2wsh_signature_hash(0, funding_redeemscript, Amount::from_sat(channel_value_satoshis), EcdsaSighashType::All).unwrap()[..];
hash_to_message!(sighash)
}
#[derive(Clone, Debug)]
pub struct CommitmentTransaction {
commitment_number: u64,
- to_broadcaster_value_sat: u64,
- to_countersignatory_value_sat: u64,
+ to_broadcaster_value_sat: Amount,
+ to_countersignatory_value_sat: Amount,
to_broadcaster_delay: Option<u16>, // Added in 0.0.117
feerate_per_kw: u32,
htlcs: Vec<HTLCOutputInCommitment>,
///
/// This is not exported to bindings users due to the generic though we likely should expose a version without
pub fn new_with_auxiliary_htlc_data<T>(commitment_number: u64, to_broadcaster_value_sat: u64, to_countersignatory_value_sat: u64, broadcaster_funding_key: PublicKey, countersignatory_funding_key: PublicKey, keys: TxCreationKeys, feerate_per_kw: u32, htlcs_with_aux: &mut Vec<(HTLCOutputInCommitment, T)>, channel_parameters: &DirectedChannelTransactionParameters) -> CommitmentTransaction {
+ let to_broadcaster_value_sat = Amount::from_sat(to_broadcaster_value_sat);
+ let to_countersignatory_value_sat = Amount::from_sat(to_countersignatory_value_sat);
+
// Sort outputs and populate output indices while keeping track of the auxiliary data
let (outputs, htlcs) = Self::internal_build_outputs(&keys, to_broadcaster_value_sat, to_countersignatory_value_sat, htlcs_with_aux, channel_parameters, &broadcaster_funding_key, &countersignatory_funding_key).unwrap();
fn make_transaction(obscured_commitment_transaction_number: u64, txins: Vec<TxIn>, outputs: Vec<TxOut>) -> Transaction {
Transaction {
- version: 2,
+ version: Version::TWO,
lock_time: LockTime::from_consensus(((0x20 as u32) << 8 * 3) | ((obscured_commitment_transaction_number & 0xffffffu64) as u32)),
input: txins,
output: outputs,
// - initial sorting of outputs / HTLCs in the constructor, in which case T is auxiliary data the
// caller needs to have sorted together with the HTLCs so it can keep track of the output index
// - building of a bitcoin transaction during a verify() call, in which case T is just ()
- fn internal_build_outputs<T>(keys: &TxCreationKeys, to_broadcaster_value_sat: u64, to_countersignatory_value_sat: u64, htlcs_with_aux: &mut Vec<(HTLCOutputInCommitment, T)>, channel_parameters: &DirectedChannelTransactionParameters, broadcaster_funding_key: &PublicKey, countersignatory_funding_key: &PublicKey) -> Result<(Vec<TxOut>, Vec<HTLCOutputInCommitment>), ()> {
+ fn internal_build_outputs<T>(keys: &TxCreationKeys, to_broadcaster_value_sat: Amount, to_countersignatory_value_sat: Amount, htlcs_with_aux: &mut Vec<(HTLCOutputInCommitment, T)>, channel_parameters: &DirectedChannelTransactionParameters, broadcaster_funding_key: &PublicKey, countersignatory_funding_key: &PublicKey) -> Result<(Vec<TxOut>, Vec<HTLCOutputInCommitment>), ()> {
let countersignatory_pubkeys = channel_parameters.countersignatory_pubkeys();
let contest_delay = channel_parameters.contest_delay();
let mut txouts: Vec<(TxOut, Option<&mut HTLCOutputInCommitment>)> = Vec::new();
- if to_countersignatory_value_sat > 0 {
+ if to_countersignatory_value_sat > Amount::ZERO {
let script = if channel_parameters.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
- get_to_countersignatory_with_anchors_redeemscript(&countersignatory_pubkeys.payment_point).to_v0_p2wsh()
+ get_to_countersignatory_with_anchors_redeemscript(&countersignatory_pubkeys.payment_point).to_p2wsh()
} else {
- Payload::p2wpkh(&BitcoinPublicKey::new(countersignatory_pubkeys.payment_point)).unwrap().script_pubkey()
+ ScriptBuf::new_p2wpkh(&Hash160::hash(&countersignatory_pubkeys.payment_point.serialize()).into())
};
txouts.push((
TxOut {
))
}
- if to_broadcaster_value_sat > 0 {
+ if to_broadcaster_value_sat > Amount::ZERO {
let redeem_script = get_revokeable_redeemscript(
&keys.revocation_key,
contest_delay,
);
txouts.push((
TxOut {
- script_pubkey: redeem_script.to_v0_p2wsh(),
+ script_pubkey: redeem_script.to_p2wsh(),
value: to_broadcaster_value_sat,
},
None,
}
if channel_parameters.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
- if to_broadcaster_value_sat > 0 || !htlcs_with_aux.is_empty() {
+ if to_broadcaster_value_sat > Amount::ZERO || !htlcs_with_aux.is_empty() {
let anchor_script = get_anchor_redeemscript(broadcaster_funding_key);
txouts.push((
TxOut {
- script_pubkey: anchor_script.to_v0_p2wsh(),
- value: ANCHOR_OUTPUT_VALUE_SATOSHI,
+ script_pubkey: anchor_script.to_p2wsh(),
+ value: Amount::from_sat(ANCHOR_OUTPUT_VALUE_SATOSHI),
},
None,
));
}
- if to_countersignatory_value_sat > 0 || !htlcs_with_aux.is_empty() {
+ if to_countersignatory_value_sat > Amount::ZERO || !htlcs_with_aux.is_empty() {
let anchor_script = get_anchor_redeemscript(countersignatory_funding_key);
txouts.push((
TxOut {
- script_pubkey: anchor_script.to_v0_p2wsh(),
- value: ANCHOR_OUTPUT_VALUE_SATOSHI,
+ script_pubkey: anchor_script.to_p2wsh(),
+ value: Amount::from_sat(ANCHOR_OUTPUT_VALUE_SATOSHI),
},
None,
));
for (htlc, _) in htlcs_with_aux {
let script = chan_utils::get_htlc_redeemscript(&htlc, &channel_parameters.channel_type_features(), &keys);
let txout = TxOut {
- script_pubkey: script.to_v0_p2wsh(),
- value: htlc.amount_msat / 1000,
+ script_pubkey: script.to_p2wsh(),
+ value: htlc.to_bitcoin_amount(),
};
txouts.push((txout, Some(htlc)));
}
/// The value to be sent to the broadcaster
pub fn to_broadcaster_value_sat(&self) -> u64 {
- self.to_broadcaster_value_sat
+ self.to_broadcaster_value_sat.to_sat()
}
/// The value to be sent to the counterparty
pub fn to_countersignatory_value_sat(&self) -> u64 {
- self.to_countersignatory_value_sat
+ self.to_countersignatory_value_sat.to_sat()
}
/// The feerate paid per 1000-weight-unit in this commitment transaction.
let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc, &self.channel_type_features, &keys.broadcaster_htlc_key, &keys.countersignatory_htlc_key, &keys.revocation_key);
- let sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, this_htlc.amount_msat / 1000, EcdsaSighashType::All).unwrap()[..]);
+ let sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).p2wsh_signature_hash(0, &htlc_redeemscript, this_htlc.to_bitcoin_amount(), EcdsaSighashType::All).unwrap()[..]);
ret.push(sign_with_aux_rand(secp_ctx, &sighash, &holder_htlc_key, entropy_source));
}
Ok(ret)
self.to_broadcaster_delay?,
&self.keys.broadcaster_delayed_payment_key,
);
- let revokeable_p2wsh = revokeable_redeemscript.to_v0_p2wsh();
+ let revokeable_p2wsh = revokeable_redeemscript.to_p2wsh();
let outputs = &self.inner.built.transaction.output;
outputs.iter().enumerate()
.find(|(_, out)| out.script_pubkey == revokeable_p2wsh)
value,
}];
let mut justice_tx = Transaction {
- version: 2,
+ version: Version::TWO,
lock_time: LockTime::ZERO,
input,
output,
};
let weight = justice_tx.weight().to_wu() + WEIGHT_REVOKED_OUTPUT;
- let fee = fee_for_weight(feerate_per_kw as u32, weight);
+ let fee = Amount::from_sat(fee_for_weight(feerate_per_kw as u32, weight));
justice_tx.output[0].value = value.checked_sub(fee).ok_or(())?;
Ok(justice_tx)
}
mod tests {
use super::{CounterpartyCommitmentSecrets, ChannelPublicKeys};
use crate::chain;
- use crate::prelude::*;
use crate::ln::chan_utils::{get_htlc_redeemscript, get_to_countersignatory_with_anchors_redeemscript, CommitmentTransaction, TxCreationKeys, ChannelTransactionParameters, CounterpartyChannelTransactionParameters, HTLCOutputInCommitment};
use bitcoin::secp256k1::{PublicKey, SecretKey, Secp256k1};
use crate::util::test_utils;
use bitcoin::{Network, Txid, ScriptBuf};
use bitcoin::hashes::Hash;
use bitcoin::hashes::hex::FromHex;
- use crate::ln::PaymentHash;
+ use crate::ln::types::PaymentHash;
use bitcoin::address::Payload;
use bitcoin::PublicKey as BitcoinPublicKey;
use crate::ln::features::ChannelTypeFeatures;
+ #[allow(unused_imports)]
+ use crate::prelude::*;
+
struct TestCommitmentTxBuilder {
commitment_number: u64,
holder_funding_pubkey: PublicKey,
builder.channel_parameters.channel_type_features = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
let tx = builder.build(1000, 2000);
assert_eq!(tx.built.transaction.output.len(), 4);
- assert_eq!(tx.built.transaction.output[3].script_pubkey, get_to_countersignatory_with_anchors_redeemscript(&builder.counterparty_pubkeys.payment_point).to_v0_p2wsh());
+ assert_eq!(tx.built.transaction.output[3].script_pubkey, get_to_countersignatory_with_anchors_redeemscript(&builder.counterparty_pubkeys.payment_point).to_p2wsh());
// Generate broadcaster output and anchor
let tx = builder.build(3000, 0);
let tx = builder.build(3000, 0);
let keys = &builder.keys.clone();
assert_eq!(tx.built.transaction.output.len(), 3);
- assert_eq!(tx.built.transaction.output[0].script_pubkey, get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_v0_p2wsh());
- assert_eq!(tx.built.transaction.output[1].script_pubkey, get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_v0_p2wsh());
- assert_eq!(get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_v0_p2wsh().to_hex_string(),
+ assert_eq!(tx.built.transaction.output[0].script_pubkey, get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_p2wsh());
+ assert_eq!(tx.built.transaction.output[1].script_pubkey, get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_p2wsh());
+ assert_eq!(get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_p2wsh().to_hex_string(),
"0020e43a7c068553003fe68fcae424fb7b28ec5ce48cd8b6744b3945631389bad2fb");
- assert_eq!(get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_v0_p2wsh().to_hex_string(),
+ assert_eq!(get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::only_static_remote_key(), &keys).to_p2wsh().to_hex_string(),
"0020215d61bba56b19e9eadb6107f5a85d7f99c40f65992443f69229c290165bc00d");
// Generate broadcaster output and received and offered HTLC outputs, with anchors
builder.htlcs_with_aux = vec![(received_htlc.clone(), ()), (offered_htlc.clone(), ())];
let tx = builder.build(3000, 0);
assert_eq!(tx.built.transaction.output.len(), 5);
- assert_eq!(tx.built.transaction.output[2].script_pubkey, get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_v0_p2wsh());
- assert_eq!(tx.built.transaction.output[3].script_pubkey, get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_v0_p2wsh());
- assert_eq!(get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_v0_p2wsh().to_hex_string(),
+ assert_eq!(tx.built.transaction.output[2].script_pubkey, get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_p2wsh());
+ assert_eq!(tx.built.transaction.output[3].script_pubkey, get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_p2wsh());
+ assert_eq!(get_htlc_redeemscript(&received_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_p2wsh().to_hex_string(),
"0020b70d0649c72b38756885c7a30908d912a7898dd5d79457a7280b8e9a20f3f2bc");
- assert_eq!(get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_v0_p2wsh().to_hex_string(),
+ assert_eq!(get_htlc_redeemscript(&offered_htlc, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), &keys).to_p2wsh().to_hex_string(),
"002087a3faeb1950a469c0e2db4a79b093a41b9526e5a6fc6ef5cb949bde3be379c7");
}
.unwrap()[..]).unwrap();
let pubkey_hash = BitcoinPublicKey::new(
PublicKey::from_secret_key(&Secp256k1::new(), &secret_key)).wpubkey_hash().unwrap();
- let destination_script = ScriptBuf::new_v0_p2wpkh(&pubkey_hash);
+ let destination_script = ScriptBuf::new_p2wpkh(&pubkey_hash);
let justice_tx = tx.trust().build_to_local_justice_tx(253, destination_script.clone()).unwrap();
assert_eq!(justice_tx.input.len(), 1);
assert!(justice_tx.input[0].sequence.is_rbf());
assert_eq!(justice_tx.output.len(), 1);
- assert!(justice_tx.output[0].value < 1000);
+ assert!(justice_tx.output[0].value.to_sat() < 1000);
assert_eq!(justice_tx.output[0].script_pubkey, destination_script);
}