X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fchain%2Fkeysinterface.rs;h=9fc00e25238dc8b375d247aec5c8114ce508f109;hb=abf4e79dcda4c97dd80dd00233de32507184543a;hp=58abe7e9ddcb2dcf71ce26ec9ddd9d1824bb2f47;hpb=f0c181e2f26ddd0853884ea652933dc3bcc22181;p=rust-lightning diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs index 58abe7e9..9fc00e25 100644 --- a/lightning/src/chain/keysinterface.rs +++ b/lightning/src/chain/keysinterface.rs @@ -137,7 +137,7 @@ impl_writeable_tlv_based!(StaticPaymentOutputDescriptor, { /// [`SpendableOutputs`]: crate::util::events::Event::SpendableOutputs #[derive(Clone, Debug, PartialEq, Eq)] pub enum SpendableOutputDescriptor { - /// An output to a script which was provided via [`KeysInterface`] directly, either from + /// An output to a script which was provided via [`SignerProvider`] directly, either from /// [`get_destination_script`] or [`get_shutdown_scriptpubkey`], thus you should already /// know how to spend it. No secret keys are provided as LDK was never given any key. /// These may include outputs from a transaction punishing our counterparty or claiming an HTLC @@ -517,7 +517,7 @@ pub trait SignerProvider { /// [`BaseSign::channel_keys_id`]. fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer; - /// Reads a [`Signer`] for this [`KeysInterface`] from the given input stream. + /// Reads a [`Signer`] for this [`SignerProvider`] from the given input stream. /// This is only called during deserialization of other objects which contain /// [`Sign`]-implementing objects (i.e., [`ChannelMonitor`]s and [`ChannelManager`]s). /// The bytes are exactly those which `::write()` writes, and @@ -545,9 +545,6 @@ pub trait SignerProvider { fn get_shutdown_scriptpubkey(&self) -> ShutdownScript; } -/// A trait to describe an object which can get user secrets and key material. -pub trait KeysInterface: EntropySource + NodeSigner + SignerProvider {} - #[derive(Clone)] /// A simple implementation of [`Sign`] that just keeps the private keys in memory. /// @@ -954,8 +951,8 @@ impl ReadableArgs for InMemorySigner { } } -/// Simple [`KeysInterface`] implementation that takes a 32-byte seed for use as a BIP 32 extended -/// key and derives keys from that. +/// Simple implementation of [`EntropySource`], [`NodeSigner`], and [`SignerProvider`] that takes a +/// 32-byte seed for use as a BIP 32 extended key and derives keys from that. /// /// Your `node_id` is seed/0'. /// Unilateral closes may use seed/1'. @@ -1072,7 +1069,9 @@ impl KeysManager { // We only seriously intend to rely on the channel_master_key for true secure // entropy, everything else just ensures uniqueness. We rely on the unique_start (ie // starting_time provided in the constructor) to be unique. - let child_privkey = self.channel_master_key.ckd_priv(&self.secp_ctx, ChildNumber::from_hardened_idx(chan_id as u32).expect("key space exhausted")).expect("Your RNG is busted"); + let child_privkey = self.channel_master_key.ckd_priv(&self.secp_ctx, + ChildNumber::from_hardened_idx((chan_id as u32) % (1 << 31)).expect("key space exhausted") + ).expect("Your RNG is busted"); unique_start.input(&child_privkey.private_key[..]); let seed = Sha256::from_engine(unique_start).into_inner(); @@ -1298,7 +1297,12 @@ impl SignerProvider for KeysManager { fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32] { let child_idx = self.channel_child_index.fetch_add(1, Ordering::AcqRel); - assert!(child_idx <= core::u32::MAX as usize); + // `child_idx` is the only thing guaranteed to make each channel unique without a restart + // (though `user_channel_id` should help, depending on user behavior). If it manages to + // roll over, we may generate duplicate keys for two different channels, which could result + // in loss of funds. Because we only support 32-bit+ systems, assert that our `AtomicUsize` + // doesn't reach `u32::MAX`. + assert!(child_idx < core::u32::MAX as usize, "2^32 channels opened without restart"); let mut id = [0; 32]; id[0..4].copy_from_slice(&(child_idx as u32).to_be_bytes()); id[4..8].copy_from_slice(&self.starting_time_nanos.to_be_bytes()); @@ -1324,8 +1328,6 @@ impl SignerProvider for KeysManager { } } -impl KeysInterface for KeysManager {} - /// Similar to [`KeysManager`], but allows the node using this struct to receive phantom node /// payments. /// @@ -1418,8 +1420,6 @@ impl SignerProvider for PhantomKeysManager { } } -impl KeysInterface for PhantomKeysManager {} - impl PhantomKeysManager { /// Constructs a [`PhantomKeysManager`] given a 32-byte seed and an additional `cross_node_seed` /// that is shared across all nodes that intend to participate in [phantom node payments]