X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;ds=sidebyside;f=lightning%2Fsrc%2Fsign%2Fmod.rs;h=988acf7cc53d48a0dbc7d9e4ed39f572bf6381fc;hb=0e22b1245af2ddd5b226d989801d5427053dd9ed;hp=6abf4bd254cb062250128280fd28c9c0a6367170;hpb=aae4e7c0cab7f30e38b06a2314eea505389eefe1;p=rust-lightning diff --git a/lightning/src/sign/mod.rs b/lightning/src/sign/mod.rs index 6abf4bd2..988acf7c 100644 --- a/lightning/src/sign/mod.rs +++ b/lightning/src/sign/mod.rs @@ -12,52 +12,75 @@ //! The provided output descriptors follow a custom LDK data format and are currently not fully //! compatible with Bitcoin Core output descriptors. -use bitcoin::blockdata::transaction::{Transaction, TxOut, TxIn, EcdsaSighashType}; -use bitcoin::blockdata::script::{Script, Builder}; +use bitcoin::bip32::{ChildNumber, ExtendedPrivKey, ExtendedPubKey}; +use bitcoin::blockdata::locktime::absolute::LockTime; use bitcoin::blockdata::opcodes; +use bitcoin::blockdata::script::{Builder, Script, ScriptBuf}; +use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut}; +use bitcoin::ecdsa::Signature as EcdsaSignature; use bitcoin::network::constants::Network; use bitcoin::psbt::PartiallySignedTransaction; -use bitcoin::util::bip32::{ExtendedPrivKey, ExtendedPubKey, ChildNumber}; -use bitcoin::util::sighash; +use bitcoin::sighash; +use bitcoin::sighash::EcdsaSighashType; use bitcoin::bech32::u5; -use bitcoin::hashes::{Hash, HashEngine}; +use bitcoin::hash_types::WPubkeyHash; use bitcoin::hashes::sha256::Hash as Sha256; use bitcoin::hashes::sha256d::Hash as Sha256dHash; -use bitcoin::hash_types::WPubkeyHash; +use bitcoin::hashes::{Hash, HashEngine}; -use bitcoin::secp256k1::{KeyPair, PublicKey, Scalar, Secp256k1, SecretKey, Signing}; use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1::ecdsa::{RecoverableSignature, Signature}; use bitcoin::secp256k1::schnorr; -use bitcoin::{PackedLockTime, secp256k1, Sequence, Witness}; +#[cfg(taproot)] +use bitcoin::secp256k1::All; +use bitcoin::secp256k1::{KeyPair, PublicKey, Scalar, Secp256k1, SecretKey, Signing}; +use bitcoin::{secp256k1, Sequence, Txid, Witness}; -use crate::util::transaction_utils; -use crate::util::crypto::{hkdf_extract_expand_twice, sign, sign_with_aux_rand}; -use crate::util::ser::{Writeable, Writer, Readable, ReadableArgs}; use crate::chain::transaction::OutPoint; -use crate::events::bump_transaction::HTLCDescriptor; +use crate::crypto::utils::{hkdf_extract_expand_twice, sign, sign_with_aux_rand}; +use crate::ln::chan_utils::{ + get_revokeable_redeemscript, make_funding_redeemscript, ChannelPublicKeys, + ChannelTransactionParameters, ClosingTransaction, CommitmentTransaction, + HTLCOutputInCommitment, HolderCommitmentTransaction, +}; use crate::ln::channel::ANCHOR_OUTPUT_VALUE_SATOSHI; -use crate::ln::{chan_utils, PaymentPreimage}; -use crate::ln::chan_utils::{HTLCOutputInCommitment, make_funding_redeemscript, ChannelPublicKeys, HolderCommitmentTransaction, ChannelTransactionParameters, CommitmentTransaction, ClosingTransaction}; +use crate::ln::channel_keys::{ + add_public_key_tweak, DelayedPaymentBasepoint, DelayedPaymentKey, HtlcBasepoint, HtlcKey, + RevocationBasepoint, RevocationKey, +}; +#[cfg(taproot)] +use crate::ln::msgs::PartialSignatureWithNonce; use crate::ln::msgs::{UnsignedChannelAnnouncement, UnsignedGossipMessage}; use crate::ln::script::ShutdownScript; +use crate::ln::{chan_utils, PaymentPreimage}; use crate::offers::invoice::UnsignedBolt12Invoice; use crate::offers::invoice_request::UnsignedInvoiceRequest; +use crate::util::ser::{Readable, ReadableArgs, Writeable, Writer}; +use crate::util::transaction_utils; -use crate::prelude::*; -use core::convert::TryInto; -use core::ops::Deref; -use core::sync::atomic::{AtomicUsize, Ordering}; +use crate::crypto::chacha20::ChaCha20; use crate::io::{self, Error}; use crate::ln::features::ChannelTypeFeatures; use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT}; +use crate::prelude::*; +use crate::sign::ecdsa::{EcdsaChannelSigner, WriteableEcdsaChannelSigner}; +#[cfg(taproot)] +use crate::sign::taproot::TaprootChannelSigner; use crate::util::atomic_counter::AtomicCounter; -use crate::util::chacha20::ChaCha20; use crate::util::invoice::construct_invoice_preimage; +use core::convert::TryInto; +use core::ops::Deref; +use core::sync::atomic::{AtomicUsize, Ordering}; +#[cfg(taproot)] +use musig2::types::{PartialSignature, PublicNonce}; pub(crate) mod type_resolver; +pub mod ecdsa; +#[cfg(taproot)] +pub mod taproot; + /// Used as initial key material, to be expanded into multiple secret keys (but not to be used /// directly). This is used within LDK to encrypt/decrypt inbound payment data. /// @@ -81,20 +104,27 @@ pub struct DelayedPaymentOutputDescriptor { pub output: TxOut, /// The revocation point specific to the commitment transaction which was broadcast. Used to /// derive the witnessScript for this output. - pub revocation_pubkey: PublicKey, + pub revocation_pubkey: RevocationKey, /// Arbitrary identification information returned by a call to [`ChannelSigner::channel_keys_id`]. /// This may be useful in re-deriving keys used in the channel to spend the output. pub channel_keys_id: [u8; 32], /// The value of the channel which this output originated from, possibly indirectly. pub channel_value_satoshis: u64, + /// The channel public keys and other parameters needed to generate a spending transaction or to provide to a re-derived signer through + /// [`ChannelSigner::provide_channel_parameters`]. + /// + /// Added as optional, but always `Some` if the descriptor was produced in v0.0.123 or later. + pub channel_transaction_parameters: Option, } + impl DelayedPaymentOutputDescriptor { /// The maximum length a well-formed witness spending one of these should have. /// Note: If you have the grind_signatures feature enabled, this will be at least 1 byte /// shorter. // Calculated as 1 byte length + 73 byte signature, 1 byte empty vec push, 1 byte length plus // redeemscript push length. - pub const MAX_WITNESS_LENGTH: usize = 1 + 73 + 1 + chan_utils::REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH + 1; + pub const MAX_WITNESS_LENGTH: u64 = + 1 + 73 + 1 + chan_utils::REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH as u64 + 1; } impl_writeable_tlv_based!(DelayedPaymentOutputDescriptor, { @@ -105,6 +135,7 @@ impl_writeable_tlv_based!(DelayedPaymentOutputDescriptor, { (8, revocation_pubkey, required), (10, channel_keys_id, required), (12, channel_value_satoshis, required), + (13, channel_transaction_parameters, option), }); pub(crate) const P2WPKH_WITNESS_WEIGHT: u64 = 1 /* num stack items */ + @@ -113,6 +144,10 @@ pub(crate) const P2WPKH_WITNESS_WEIGHT: u64 = 1 /* num stack items */ + 1 /* pubkey length */ + 33 /* pubkey */; +/// Witness weight for satisying a P2TR key-path spend. +pub(crate) const P2TR_KEY_PATH_WITNESS_WEIGHT: u64 = 1 /* witness items */ + + 1 /* schnorr sig len */ + 64 /* schnorr sig */; + /// Information about a spendable output to our "payment key". /// /// See [`SpendableOutputDescriptor::StaticPaymentOutput`] for more details on how to spend this. @@ -133,37 +168,34 @@ pub struct StaticPaymentOutputDescriptor { /// Added as optional, but always `Some` if the descriptor was produced in v0.0.117 or later. pub channel_transaction_parameters: Option, } + impl StaticPaymentOutputDescriptor { /// Returns the `witness_script` of the spendable output. /// /// Note that this will only return `Some` for [`StaticPaymentOutputDescriptor`]s that /// originated from an anchor outputs channel, as they take the form of a P2WSH script. - pub fn witness_script(&self) -> Option