X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fchain%2Fkeysinterface.rs;h=44f347abc12e133ec8d735daf1e9de6a3ce15f87;hb=7159d1546ae92281a7e0533813a6e7558f16354a;hp=544df015a8f48b404c390a63a909ec7aca3746ed;hpb=bfd4ac49950d54c13894b30f82cb01e458596452;p=rust-lightning diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs index 544df015..44f347ab 100644 --- a/lightning/src/chain/keysinterface.rs +++ b/lightning/src/chain/keysinterface.rs @@ -24,7 +24,7 @@ use util::logger::Logger; use util::ser::{Writeable, Writer, Readable}; use ln::chan_utils; -use ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment, make_funding_redeemscript, ChannelPublicKeys}; +use ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment, make_funding_redeemscript, ChannelPublicKeys, LocalCommitmentTransaction}; use ln::msgs; use std::sync::Arc; @@ -37,6 +37,7 @@ use ln::msgs::DecodeError; /// spend on-chain. The information needed to do this is provided in this enum, including the /// outpoint describing which txid and output index is available, the full output which exists at /// that txid/index, and any keys or other information required to sign. +#[derive(Clone, PartialEq)] pub enum SpendableOutputDescriptor { /// An output to a script which was provided via KeysInterface, thus you should already know /// how to spend it. No keys are provided as rust-lightning was never given any keys - only the @@ -53,7 +54,7 @@ pub enum SpendableOutputDescriptor { /// The private key which should be used to sign the transaction is provided, as well as the /// full witness redeemScript which is hashed in the output script_pubkey. /// The witness in the spending input should be: - /// + /// (MINIMALIF standard rule) /// /// Note that the nSequence field in the input must be set to_self_delay (which corresponds to /// the transaction not being broadcastable until at least to_self_delay blocks after the input @@ -115,8 +116,8 @@ impl Writeable for SpendableOutputDescriptor { } } -impl Readable for SpendableOutputDescriptor { - fn read(reader: &mut R) -> Result { +impl Readable for SpendableOutputDescriptor { + fn read(reader: &mut R) -> Result { match Readable::read(reader)? { 0u8 => Ok(SpendableOutputDescriptor::StaticOutput { outpoint: Readable::read(reader)?, @@ -214,6 +215,36 @@ pub trait ChannelKeys : Send+Clone { /// making the callee generate it via some util function we expose)! fn sign_remote_commitment(&self, feerate_per_kw: u64, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], to_self_delay: u16, secp_ctx: &Secp256k1) -> Result<(Signature, Vec), ()>; + /// Create a signature for a local commitment transaction. This will only ever be called with + /// the same local_commitment_tx (or a copy thereof), though there are currently no guarantees + /// that it will not be called multiple times. + /// + /// TODO: Document the things someone using this interface should enforce before signing. + /// TODO: Add more input vars to enable better checking (preferably removing commitment_tx and + fn sign_local_commitment(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1) -> Result; + + /// Same as sign_local_commitment, but exists only for tests to get access to local commitment + /// transactions which will be broadcasted later, after the channel has moved on to a newer + /// state. Thus, needs its own method as sign_local_commitment may enforce that we only ever + /// get called once. + #[cfg(test)] + fn unsafe_sign_local_commitment(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1) -> Result; + + /// Create a signature for each HTLC transaction spending a local commitment transaction. + /// + /// Unlike sign_local_commitment, this may be called multiple times with *different* + /// local_commitment_tx values. While this will never be called with a revoked + /// local_commitment_tx, it is possible that it is called with the second-latest + /// local_commitment_tx (only if we haven't yet revoked it) if some watchtower/secondary + /// ChannelMonitor decided to broadcast before it had been updated to the latest. + /// + /// Either an Err should be returned, or a Vec with one entry for each HTLC which exists in + /// local_commitment_tx. For those HTLCs which have transaction_output_index set to None + /// (implying they were considered dust at the time the commitment transaction was negotiated), + /// a corresponding None should be included in the return value. All other positions in the + /// return value must contain a signature. + fn sign_local_commitment_htlc_transactions(&self, local_commitment_tx: &LocalCommitmentTransaction, local_csv: u16, secp_ctx: &Secp256k1) -> Result>, ()>; + /// Create a signature for a (proposed) closing transaction. /// /// Note that, due to rounding, there may be one "missing" satoshi, and either party may have @@ -341,6 +372,27 @@ impl ChannelKeys for InMemoryChannelKeys { Ok((commitment_sig, htlc_sigs)) } + fn sign_local_commitment(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1) -> Result { + let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key); + let remote_channel_pubkeys = self.remote_channel_pubkeys.as_ref().expect("must set remote channel pubkeys before signing"); + let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &remote_channel_pubkeys.funding_pubkey); + + Ok(local_commitment_tx.get_local_sig(&self.funding_key, &channel_funding_redeemscript, self.channel_value_satoshis, secp_ctx)) + } + + #[cfg(test)] + fn unsafe_sign_local_commitment(&self, local_commitment_tx: &LocalCommitmentTransaction, secp_ctx: &Secp256k1) -> Result { + let funding_pubkey = PublicKey::from_secret_key(secp_ctx, &self.funding_key); + let remote_channel_pubkeys = self.remote_channel_pubkeys.as_ref().expect("must set remote channel pubkeys before signing"); + let channel_funding_redeemscript = make_funding_redeemscript(&funding_pubkey, &remote_channel_pubkeys.funding_pubkey); + + Ok(local_commitment_tx.get_local_sig(&self.funding_key, &channel_funding_redeemscript, self.channel_value_satoshis, secp_ctx)) + } + + fn sign_local_commitment_htlc_transactions(&self, local_commitment_tx: &LocalCommitmentTransaction, local_csv: u16, secp_ctx: &Secp256k1) -> Result>, ()> { + local_commitment_tx.get_htlc_sigs(&self.htlc_base_key, local_csv, secp_ctx) + } + fn sign_closing_transaction(&self, closing_tx: &Transaction, secp_ctx: &Secp256k1) -> Result { if closing_tx.input.len() != 1 { return Err(()); } if closing_tx.input[0].witness.len() != 0 { return Err(()); } @@ -381,8 +433,8 @@ impl Writeable for InMemoryChannelKeys { } } -impl Readable for InMemoryChannelKeys { - fn read(reader: &mut R) -> Result { +impl Readable for InMemoryChannelKeys { + fn read(reader: &mut R) -> Result { let funding_key = Readable::read(reader)?; let revocation_base_key = Readable::read(reader)?; let payment_base_key = Readable::read(reader)?; @@ -585,6 +637,6 @@ impl KeysInterface for KeysManager { let child_privkey = self.channel_id_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(child_ix as u32).expect("key space exhausted")).expect("Your RNG is busted"); sha.input(&child_privkey.private_key.key[..]); - (Sha256::from_engine(sha).into_inner()) + Sha256::from_engine(sha).into_inner() } }