X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannel.rs;h=26a3d2061be644cd90292ca680577830fe559b2c;hb=1228663b3e04765c6f8a243d76a1c09ef1d926bc;hp=d690ef3ea0068dfe82211f1c45d4616e9e9cb976;hpb=f5ca34601175fb56520456cf02ebe940a89ad088;p=rust-lightning diff --git a/src/ln/channel.rs b/src/ln/channel.rs index d690ef3e..26a3d206 100644 --- a/src/ln/channel.rs +++ b/src/ln/channel.rs @@ -18,9 +18,10 @@ use ln::msgs; use ln::msgs::{HandleError, MsgEncodable}; use ln::channelmonitor::ChannelMonitor; use ln::channelmanager::{PendingForwardHTLCInfo, HTLCFailReason}; -use ln::chan_utils::{TxCreationKeys,HTLCOutputInCommitment}; +use ln::chan_utils::{TxCreationKeys,HTLCOutputInCommitment,HTLC_SUCCESS_TX_WEIGHT,HTLC_TIMEOUT_TX_WEIGHT}; use ln::chan_utils; use chain::chaininterface::{FeeEstimator,ConfirmationTarget}; +use chain::transaction::OutPoint; use util::{transaction_utils,rng}; use util::sha2::Sha256; @@ -43,7 +44,7 @@ impl ChannelKeys { pub fn new_from_seed(seed: &[u8; 32]) -> Result { let mut prk = [0; 32]; hkdf_extract(Sha256::new(), b"rust-lightning key gen salt", seed, &mut prk); - let secp_ctx = Secp256k1::new(); + let secp_ctx = Secp256k1::without_caps(); let mut okm = [0; 32]; hkdf_expand(Sha256::new(), &prk, b"rust-lightning funding key info", &mut okm); @@ -254,6 +255,12 @@ pub struct Channel { channel_update_count: u32, feerate_per_kw: u64, + #[cfg(test)] + // Used in ChannelManager's tests to send a revoked transaction + pub last_local_commitment_txn: Vec, + #[cfg(not(test))] + last_local_commitment_txn: Vec, + last_sent_closing_fee: Option<(u64, u64)>, // (feerate, fee) /// The hash of the block in which the funding transaction reached our CONF_TARGET. We use this @@ -307,8 +314,6 @@ const BREAKDOWN_TIMEOUT: u16 = 6 * 24 * 7; //TODO? const MAX_LOCAL_BREAKDOWN_TIMEOUT: u16 = 6 * 24 * 14; const COMMITMENT_TX_BASE_WEIGHT: u64 = 724; const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172; -const HTLC_SUCCESS_TX_WEIGHT: u64 = 703; -const HTLC_TIMEOUT_TX_WEIGHT: u64 = 663; const SPENDING_INPUT_FOR_A_OUTPUT_WEIGHT: u64 = 79; // prevout: 36, nSequence: 4, script len: 1, witness lengths: (3+1)/4, sig: 73/4, if-selector: 1, redeemScript: (6 ops + 2*33 pubkeys + 1*2 delay)/4 const B_OUTPUT_PLUS_SPENDING_INPUT_WEIGHT: u64 = 104; // prevout: 40, nSequence: 4, script len: 1, witness lengths: 3/4, sig: 73/4, pubkey: 33/4, output: 31 (TODO: Wrong? Useless?) @@ -349,7 +354,7 @@ impl Channel { // Constructors: /// panics if channel_value_satoshis is >= (1 << 24) - pub fn new_outbound(fee_estimator: &FeeEstimator, their_node_id: PublicKey, channel_value_satoshis: u64, announce_publicly: bool, user_id: u64) -> Channel { + pub fn new_outbound(fee_estimator: &FeeEstimator, chan_keys: ChannelKeys, their_node_id: PublicKey, channel_value_satoshis: u64, announce_publicly: bool, user_id: u64) -> Channel { if channel_value_satoshis >= (1 << 24) { panic!("funding value > 2^24"); } @@ -357,19 +362,12 @@ impl Channel { let feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Normal); let background_feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Background); - let mut key_seed = [0u8; 32]; - rng::fill_bytes(&mut key_seed); - let chan_keys = match ChannelKeys::new_from_seed(&key_seed) { - Ok(key) => key, - Err(_) => panic!("RNG is busted!") - }; - let secp_ctx = Secp256k1::new(); let our_channel_monitor_claim_key_hash = Hash160::from_data(&PublicKey::from_secret_key(&secp_ctx, &chan_keys.channel_monitor_claim_key).unwrap().serialize()); let our_channel_monitor_claim_script = Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0).push_slice(&our_channel_monitor_claim_key_hash[..]).into_script(); let channel_monitor = ChannelMonitor::new(&chan_keys.revocation_base_key, &PublicKey::from_secret_key(&secp_ctx, &chan_keys.delayed_payment_base_key).unwrap(), - &PublicKey::from_secret_key(&secp_ctx, &chan_keys.htlc_base_key).unwrap(), + &chan_keys.htlc_base_key, BREAKDOWN_TIMEOUT, our_channel_monitor_claim_script); Channel { @@ -390,7 +388,9 @@ impl Channel { holding_cell_htlc_updates: Vec::new(), next_local_htlc_id: 0, next_remote_htlc_id: 0, - channel_update_count: 0, + channel_update_count: 1, + + last_local_commitment_txn: Vec::new(), last_sent_closing_fee: None, @@ -439,7 +439,7 @@ impl Channel { /// Assumes chain_hash has already been checked and corresponds with what we expect! /// Generally prefers to take the DisconnectPeer action on failure, as a notice to the sender /// that we're rejecting the new channel. - pub fn new_from_req(fee_estimator: &FeeEstimator, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, announce_publicly: bool) -> Result { + pub fn new_from_req(fee_estimator: &FeeEstimator, chan_keys: ChannelKeys, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, announce_publicly: bool) -> Result { // Check sanity of message fields: if msg.funding_satoshis >= (1 << 24) { return Err(HandleError{err: "funding value > 2^24", msg: Some(msgs::ErrorAction::DisconnectPeer{})}); @@ -479,21 +479,15 @@ impl Channel { let background_feerate = fee_estimator.get_est_sat_per_vbyte(ConfirmationTarget::Background); - let mut key_seed = [0u8; 32]; - rng::fill_bytes(&mut key_seed); - let chan_keys = match ChannelKeys::new_from_seed(&key_seed) { - Ok(key) => key, - Err(_) => panic!("RNG is busted!") - }; - let secp_ctx = Secp256k1::new(); let our_channel_monitor_claim_key_hash = Hash160::from_data(&PublicKey::from_secret_key(&secp_ctx, &chan_keys.channel_monitor_claim_key).unwrap().serialize()); let our_channel_monitor_claim_script = Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0).push_slice(&our_channel_monitor_claim_key_hash[..]).into_script(); let mut channel_monitor = ChannelMonitor::new(&chan_keys.revocation_base_key, - &PublicKey::from_secret_key(&secp_ctx, &chan_keys.delayed_payment_base_key).unwrap(), - &PublicKey::from_secret_key(&secp_ctx, &chan_keys.htlc_base_key).unwrap(), - BREAKDOWN_TIMEOUT, our_channel_monitor_claim_script); + &PublicKey::from_secret_key(&secp_ctx, &chan_keys.delayed_payment_base_key).unwrap(), + &chan_keys.htlc_base_key, + BREAKDOWN_TIMEOUT, our_channel_monitor_claim_script); channel_monitor.set_their_htlc_base_key(&msg.htlc_basepoint); + channel_monitor.set_their_to_self_delay(msg.to_self_delay); let mut chan = Channel { user_id: user_id, @@ -512,7 +506,9 @@ impl Channel { holding_cell_htlc_updates: Vec::new(), next_local_htlc_id: 0, next_remote_htlc_id: 0, - channel_update_count: 0, + channel_update_count: 1, + + last_local_commitment_txn: Vec::new(), last_sent_closing_fee: None, @@ -604,8 +600,8 @@ impl Channel { let txins = { let mut ins: Vec = Vec::new(); ins.push(TxIn { - prev_hash: self.channel_monitor.get_funding_txo().unwrap().0, - prev_index: self.channel_monitor.get_funding_txo().unwrap().1 as u32, + prev_hash: self.channel_monitor.get_funding_txo().unwrap().txid, + prev_index: self.channel_monitor.get_funding_txo().unwrap().index as u32, script_sig: Script::new(), sequence: ((0x80 as u32) << 8*3) | ((obscured_commitment_transaction_number >> 3*8) as u32), witness: Vec::new(), @@ -613,7 +609,7 @@ impl Channel { ins }; - let mut txouts: Vec<(TxOut, Option)> = Vec::new(); + let mut txouts: Vec<(TxOut, Option)> = Vec::with_capacity(self.pending_htlcs.len() + 2); let dust_limit_satoshis = if local { self.our_dust_limit_satoshis } else { self.their_dust_limit_satoshis }; let mut remote_htlc_total_msat = 0; @@ -704,8 +700,8 @@ impl Channel { transaction_utils::sort_outputs(&mut txouts); - let mut outputs: Vec = Vec::new(); - let mut htlcs_used: Vec = Vec::new(); + let mut outputs: Vec = Vec::with_capacity(txouts.len()); + let mut htlcs_used: Vec = Vec::with_capacity(txouts.len()); for (idx, out) in txouts.drain(..).enumerate() { outputs.push(out.0); if let Some(out_htlc) = out.1 { @@ -738,8 +734,8 @@ impl Channel { let txins = { let mut ins: Vec = Vec::new(); ins.push(TxIn { - prev_hash: self.channel_monitor.get_funding_txo().unwrap().0, - prev_index: self.channel_monitor.get_funding_txo().unwrap().1 as u32, + prev_hash: self.channel_monitor.get_funding_txo().unwrap().txid, + prev_index: self.channel_monitor.get_funding_txo().unwrap().index as u32, script_sig: Script::new(), sequence: 0xffffffff, witness: Vec::new(), @@ -869,40 +865,25 @@ impl Channel { /// @local is used only to convert relevant internal structures which refer to remote vs local /// to decide value of outputs and direction of HTLCs. fn build_htlc_transaction(&self, prev_hash: &Sha256dHash, htlc: &HTLCOutputInCommitment, local: bool, keys: &TxCreationKeys) -> Transaction { - let mut txins: Vec = Vec::new(); - txins.push(TxIn { - prev_hash: prev_hash.clone(), - prev_index: htlc.transaction_output_index, - script_sig: Script::new(), - sequence: 0, - witness: Vec::new(), - }); + chan_utils::build_htlc_transaction(prev_hash, self.feerate_per_kw, if local { self.their_to_self_delay } else { BREAKDOWN_TIMEOUT }, htlc, &keys.a_delayed_payment_key, &keys.revocation_key) + } - let total_fee = if htlc.offered { - self.feerate_per_kw * HTLC_TIMEOUT_TX_WEIGHT / 1000 - } else { - self.feerate_per_kw * HTLC_SUCCESS_TX_WEIGHT / 1000 - }; + fn create_htlc_tx_signature(&self, tx: &Transaction, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result<(Script, Signature, bool), HandleError> { + if tx.input.len() != 1 { + panic!("Tried to sign HTLC transaction that had input count != 1!"); + } - let mut txouts: Vec = Vec::new(); - txouts.push(TxOut { - script_pubkey: chan_utils::get_revokeable_redeemscript(&keys.revocation_key, - if local { self.their_to_self_delay } else { BREAKDOWN_TIMEOUT }, - &keys.a_delayed_payment_key).to_v0_p2wsh(), - value: htlc.amount_msat / 1000 - total_fee //TODO: BOLT 3 does not specify if we should add amount_msat before dividing or if we should divide by 1000 before subtracting (as we do here) - }); + let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &keys); - Transaction { - version: 2, - lock_time: if htlc.offered { htlc.cltv_expiry } else { 0 }, - input: txins, - output: txouts, - } + let our_htlc_key = secp_derived_key!(chan_utils::derive_private_key(&self.secp_ctx, &keys.per_commitment_point, &self.local_keys.htlc_base_key)); + let sighash = Message::from_slice(&bip143::SighashComponents::new(&tx).sighash_all(&tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); + let is_local_tx = PublicKey::from_secret_key(&self.secp_ctx, &our_htlc_key).unwrap() == keys.a_htlc_key; + Ok((htlc_redeemscript, self.secp_ctx.sign(&sighash, &our_htlc_key).unwrap(), is_local_tx)) } /// Signs a transaction created by build_htlc_transaction. If the transaction is an /// HTLC-Success transaction (ie htlc.offered is false), preimate must be set! - fn sign_htlc_transaction(&self, tx: &mut Transaction, their_sig: &Signature, preimage: &Option<[u8; 32]>, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result<(), HandleError> { + fn sign_htlc_transaction(&self, tx: &mut Transaction, their_sig: &Signature, preimage: &Option<[u8; 32]>, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result { if tx.input.len() != 1 { panic!("Tried to sign HTLC transaction that had input count != 1!"); } @@ -910,13 +891,7 @@ impl Channel { panic!("Tried to re-sign HTLC transaction"); } - let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &keys); - - let our_htlc_key = secp_derived_key!(chan_utils::derive_private_key(&self.secp_ctx, &keys.per_commitment_point, &self.local_keys.htlc_base_key)); - let sighash = Message::from_slice(&bip143::SighashComponents::new(&tx).sighash_all(&tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); - let our_sig = self.secp_ctx.sign(&sighash, &our_htlc_key).unwrap(); - - let local_tx = PublicKey::from_secret_key(&self.secp_ctx, &our_htlc_key).unwrap() == keys.a_htlc_key; + let (htlc_redeemscript, our_sig, local_tx) = self.create_htlc_tx_signature(tx, htlc, keys)?; tx.input[0].witness.push(Vec::new()); // First is the multisig dummy @@ -938,10 +913,10 @@ impl Channel { tx.input[0].witness.push(htlc_redeemscript.into_vec()); - Ok(()) + Ok(our_sig) } - pub fn get_update_fulfill_htlc(&mut self, payment_preimage_arg: [u8; 32]) -> Result, HandleError> { + pub fn get_update_fulfill_htlc(&mut self, payment_preimage_arg: [u8; 32]) -> Result, HandleError> { // Either ChannelFunded got set (which means it wont bet unset) or there is no way any // caller thought we could have something claimed (cause we wouldn't have accepted in an // incoming HTLC anyway). If we got to ShutdownComplete, callers aren't allowed to call us, @@ -1003,19 +978,21 @@ impl Channel { if htlc_amount_msat == 0 { return Err(HandleError{err: "Unable to find a pending HTLC which matched the given payment preimage", msg: None}); } - self.channel_monitor.provide_payment_preimage(&payment_preimage_arg); + self.channel_monitor.provide_payment_preimage(&payment_hash_calc, &payment_preimage_arg); - Ok(Some(msgs::UpdateFulfillHTLC { + Ok(Some((msgs::UpdateFulfillHTLC { channel_id: self.channel_id(), htlc_id: htlc_id, payment_preimage: payment_preimage_arg, - })) + }, self.channel_monitor.clone()))) } - pub fn get_update_fulfill_htlc_and_commit(&mut self, payment_preimage: [u8; 32]) -> Result, HandleError> { + pub fn get_update_fulfill_htlc_and_commit(&mut self, payment_preimage: [u8; 32]) -> Result, HandleError> { match self.get_update_fulfill_htlc(payment_preimage)? { - Some(update_fulfill_htlc) => - Ok(Some((update_fulfill_htlc, self.send_commitment_no_status_check()?))), + Some(update_fulfill_htlc) => { + let (commitment, monitor_update) = self.send_commitment_no_status_check()?; + Ok(Some((update_fulfill_htlc.0, commitment, monitor_update))) + }, None => Ok(None) } } @@ -1081,10 +1058,12 @@ impl Channel { })) } - pub fn get_update_fail_htlc_and_commit(&mut self, payment_hash: &[u8; 32], err_packet: msgs::OnionErrorPacket) -> Result, HandleError> { + pub fn get_update_fail_htlc_and_commit(&mut self, payment_hash: &[u8; 32], err_packet: msgs::OnionErrorPacket) -> Result, HandleError> { match self.get_update_fail_htlc(payment_hash, err_packet)? { - Some(update_fail_htlc) => - Ok(Some((update_fail_htlc, self.send_commitment_no_status_check()?))), + Some(update_fail_htlc) => { + let (commitment, monitor_update) = self.send_commitment_no_status_check()?; + Ok(Some((update_fail_htlc, commitment, monitor_update))) + }, None => Ok(None) } } @@ -1136,6 +1115,7 @@ impl Channel { let obscure_factor = self.get_commitment_transaction_number_obscure_factor(); self.channel_monitor.set_commitment_obscure_factor(obscure_factor); + self.channel_monitor.set_their_to_self_delay(msg.to_self_delay); self.channel_state = ChannelState::OurInitSent as u32 | ChannelState::TheirInitSent as u32; @@ -1160,7 +1140,7 @@ impl Channel { Ok((remote_initial_commitment_tx, self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key).unwrap())) } - pub fn funding_created(&mut self, msg: &msgs::FundingCreated) -> Result { + pub fn funding_created(&mut self, msg: &msgs::FundingCreated) -> Result<(msgs::FundingSigned, ChannelMonitor), HandleError> { if self.channel_outbound { return Err(HandleError{err: "Received funding_created for an outbound channel?", msg: None}); } @@ -1171,10 +1151,11 @@ impl Channel { panic!("Should not have advanced channel commitment tx numbers prior to funding_created"); } - self.channel_monitor.set_funding_info(msg.funding_txid, msg.funding_output_index); + let funding_info = OutPoint::new(msg.funding_txid, msg.funding_output_index); + self.channel_monitor.set_funding_info(funding_info); let (remote_initial_commitment_tx, our_signature) = match self.funding_created_signature(&msg.signature) { - Ok((remote_initial_commitment_tx, sig)) => (remote_initial_commitment_tx, sig), + Ok(res) => res, Err(e) => { self.channel_monitor.unset_funding_info(); return Err(e); @@ -1183,24 +1164,22 @@ impl Channel { // Now that we're past error-generating stuff, update our local state: - //TODO: Determine which tx index in remote_initial_commitment_transaction's outputs - //represent a revokeable script! - self.channel_monitor.provide_tx_info(&remote_initial_commitment_tx, 0, Vec::new()); + self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_initial_commitment_tx, Vec::new(), self.cur_remote_commitment_transaction_number); self.channel_state = ChannelState::FundingSent as u32; let funding_txo = self.channel_monitor.get_funding_txo().unwrap(); - self.channel_id = funding_txo.0.into_be() ^ Uint256::from_u64(funding_txo.1 as u64).unwrap(); //TODO: or le? + self.channel_id = funding_txo.to_channel_id(); self.cur_remote_commitment_transaction_number -= 1; self.cur_local_commitment_transaction_number -= 1; - Ok(msgs::FundingSigned { + Ok((msgs::FundingSigned { channel_id: self.channel_id, signature: our_signature - }) + }, self.channel_monitor.clone())) } /// Handles a funding_signed message from the remote end. /// If this call is successful, broadcast the funding transaction (and not before!) - pub fn funding_signed(&mut self, msg: &msgs::FundingSigned) -> Result<(), HandleError> { + pub fn funding_signed(&mut self, msg: &msgs::FundingSigned) -> Result { if !self.channel_outbound { return Err(HandleError{err: "Received funding_signed for an inbound channel?", msg: None}); } @@ -1214,16 +1193,19 @@ impl Channel { let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false).0; + let mut local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false).0; let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // They sign the "local" commitment transaction, allowing us to broadcast the tx if we wish. secp_call!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey), "Invalid funding_signed signature from peer"); + self.sign_commitment_transaction(&mut local_initial_commitment_tx, &msg.signature); + self.channel_monitor.provide_latest_local_commitment_tx_info(local_initial_commitment_tx.clone(), local_keys, self.feerate_per_kw, Vec::new()); + self.last_local_commitment_txn = vec![local_initial_commitment_tx]; self.channel_state = ChannelState::FundingSent as u32; self.cur_local_commitment_transaction_number -= 1; - Ok(()) + Ok(self.channel_monitor.clone()) } pub fn funding_locked(&mut self, msg: &msgs::FundingLocked) -> Result<(), HandleError> { @@ -1232,6 +1214,7 @@ impl Channel { self.channel_state |= ChannelState::TheirFundingLocked as u32; } else if non_shutdown_state == (ChannelState::FundingSent as u32 | ChannelState::OurFundingLocked as u32) { self.channel_state = ChannelState::ChannelFunded as u32 | (self.channel_state & BOTH_SIDES_SHUTDOWN_MASK); + self.channel_update_count += 1; } else { return Err(HandleError{err: "Peer sent a funding_locked at a strange time", msg: None}); } @@ -1259,11 +1242,11 @@ impl Channel { HTLCState::AwaitingAnnouncedRemoteRevoke => {}, HTLCState::LocalAnnounced => { if for_remote_update_check { continue; } }, HTLCState::Committed => {}, - HTLCState::RemoteRemoved => { if for_remote_update_check { continue; } }, - HTLCState::AwaitingRemoteRevokeToRemove => { if for_remote_update_check { continue; } }, - HTLCState::AwaitingRemovedRemoteRevoke => { if for_remote_update_check { continue; } }, - HTLCState::LocalRemoved => {}, - HTLCState::LocalRemovedAwaitingCommitment => { if for_remote_update_check { continue; } }, + HTLCState::RemoteRemoved => { if for_remote_update_check { continue; } }, + HTLCState::AwaitingRemoteRevokeToRemove => { if for_remote_update_check { continue; } }, + HTLCState::AwaitingRemovedRemoteRevoke => { if for_remote_update_check { continue; } }, + HTLCState::LocalRemoved => {}, + HTLCState::LocalRemovedAwaitingCommitment => { if for_remote_update_check { continue; } }, } if !htlc.outbound { inbound_htlc_count += 1; @@ -1329,8 +1312,9 @@ impl Channel { } /// Removes an outbound HTLC which has been commitment_signed by the remote end - fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<[u8; 32]>, fail_reason: Option) -> Result<(), HandleError> { - for mut htlc in self.pending_htlcs.iter_mut() { + #[inline] + fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<[u8; 32]>, fail_reason: Option) -> Result<[u8; 32], HandleError> { + for htlc in self.pending_htlcs.iter_mut() { if htlc.outbound && htlc.htlc_id == htlc_id { match check_preimage { None => {}, @@ -1349,13 +1333,13 @@ impl Channel { } else { panic!("Got a non-outbound state on an outbound HTLC"); } - return Ok(()); + return Ok(htlc.payment_hash.clone()); } } Err(HandleError{err: "Remote tried to fulfill/fail an HTLC we couldn't find", msg: None}) } - pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<(), HandleError> { + pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(HandleError{err: "Got add HTLC message when channel was not in an operational state", msg: None}); } @@ -1365,11 +1349,12 @@ impl Channel { let mut payment_hash = [0; 32]; sha.result(&mut payment_hash); - self.channel_monitor.provide_payment_preimage(&msg.payment_preimage); - self.mark_outbound_htlc_removed(msg.htlc_id, Some(payment_hash), None) + self.channel_monitor.provide_payment_preimage(&payment_hash, &msg.payment_preimage); + self.mark_outbound_htlc_removed(msg.htlc_id, Some(payment_hash), None)?; + Ok(self.channel_monitor.clone()) } - pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<(), HandleError> { + pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<[u8; 32], HandleError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(HandleError{err: "Got add HTLC message when channel was not in an operational state", msg: None}); } @@ -1382,10 +1367,11 @@ impl Channel { return Err(HandleError{err: "Got add HTLC message when channel was not in an operational state", msg: None}); } - self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason)) + self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?; + Ok(()) } - pub fn commitment_signed(&mut self, msg: &msgs::CommitmentSigned) -> Result<(msgs::RevokeAndACK, Option), HandleError> { + pub fn commitment_signed(&mut self, msg: &msgs::CommitmentSigned) -> Result<(msgs::RevokeAndACK, Option, ChannelMonitor), HandleError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(HandleError{err: "Got commitment signed message when channel was not in an operational state", msg: None}); } @@ -1393,7 +1379,7 @@ impl Channel { let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let local_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false); + let mut local_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false); let local_commitment_txid = local_commitment_tx.0.txid(); let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_commitment_tx.0).sighash_all(&local_commitment_tx.0.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); secp_call!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey), "Invalid commitment tx signature from peer"); @@ -1402,17 +1388,31 @@ impl Channel { return Err(HandleError{err: "Got wrong number of HTLC signatures from remote", msg: None}); } + let mut new_local_commitment_txn = Vec::with_capacity(local_commitment_tx.1.len() + 1); + self.sign_commitment_transaction(&mut local_commitment_tx.0, &msg.signature); + new_local_commitment_txn.push(local_commitment_tx.0.clone()); + + let mut htlcs_and_sigs = Vec::with_capacity(local_commitment_tx.1.len()); for (idx, ref htlc) in local_commitment_tx.1.iter().enumerate() { - let htlc_tx = self.build_htlc_transaction(&local_commitment_txid, htlc, true, &local_keys); + let mut htlc_tx = self.build_htlc_transaction(&local_commitment_txid, htlc, true, &local_keys); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &local_keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); secp_call!(self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &local_keys.b_htlc_key), "Invalid HTLC tx siganture from peer"); + let htlc_sig = if htlc.offered { + let htlc_sig = self.sign_htlc_transaction(&mut htlc_tx, &msg.htlc_signatures[idx], &None, htlc, &local_keys)?; + new_local_commitment_txn.push(htlc_tx); + htlc_sig + } else { + self.create_htlc_tx_signature(&htlc_tx, htlc, &local_keys)?.1 + }; + htlcs_and_sigs.push(((*htlc).clone(), msg.htlc_signatures[idx], htlc_sig)); } let next_per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &self.build_local_commitment_secret(self.cur_local_commitment_transaction_number - 1)).unwrap(); let per_commitment_secret = chan_utils::build_commitment_secret(self.local_keys.commitment_seed, self.cur_local_commitment_transaction_number + 1); // Update state now that we've passed all the can-fail calls... + self.channel_monitor.provide_latest_local_commitment_tx_info(local_commitment_tx.0, local_keys, self.feerate_per_kw, htlcs_and_sigs); let mut need_our_commitment = false; for htlc in self.pending_htlcs.iter_mut() { @@ -1436,24 +1436,26 @@ impl Channel { self.value_to_self_msat += claimed_value_msat; self.cur_local_commitment_transaction_number -= 1; + self.last_local_commitment_txn = new_local_commitment_txn; - let our_commitment_signed = if need_our_commitment && (self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == 0 { + let (our_commitment_signed, monitor_update) = if need_our_commitment && (self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == 0 { // If we're AwaitingRemoteRevoke we can't send a new commitment here, but that's ok - // we'll send one right away when we get the revoke_and_ack when we // free_holding_cell_htlcs(). - Some(self.send_commitment_no_status_check()?) - } else { None }; + let (msg, monitor) = self.send_commitment_no_status_check()?; + (Some(msg), monitor) + } else { (None, self.channel_monitor.clone()) }; Ok((msgs::RevokeAndACK { channel_id: self.channel_id, per_commitment_secret: per_commitment_secret, next_per_commitment_point: next_per_commitment_point, - }, our_commitment_signed)) + }, our_commitment_signed, monitor_update)) } /// Used to fulfill holding_cell_htlcs when we get a remote ack (or implicitly get it by them /// fulfilling or failing the last pending HTLC) - fn free_holding_cell_htlcs(&mut self) -> Result, HandleError> { + fn free_holding_cell_htlcs(&mut self) -> Result, HandleError> { if self.holding_cell_htlc_updates.len() != 0 { let mut htlc_updates = Vec::new(); mem::swap(&mut htlc_updates, &mut self.holding_cell_htlc_updates); @@ -1481,7 +1483,7 @@ impl Channel { }, &HTLCUpdateAwaitingACK::ClaimHTLC { payment_preimage, .. } => { match self.get_update_fulfill_htlc(payment_preimage) { - Ok(update_fulfill_msg_option) => update_fulfill_htlcs.push(update_fulfill_msg_option.unwrap()), + Ok(update_fulfill_msg_option) => update_fulfill_htlcs.push(update_fulfill_msg_option.unwrap().0), Err(e) => { err = Some(e); } @@ -1505,12 +1507,13 @@ impl Channel { //fail it back the route, if its a temporary issue we can ignore it... match err { None => { - Ok(Some(msgs::CommitmentUpdate { + let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; + Ok(Some((msgs::CommitmentUpdate { update_add_htlcs, update_fulfill_htlcs, update_fail_htlcs, - commitment_signed: self.send_commitment_no_status_check()? - })) + commitment_signed, + }, monitor_update))) }, Some(e) => Err(e) } @@ -1524,7 +1527,7 @@ impl Channel { /// waiting on this revoke_and_ack. The generation of this new commitment_signed may also fail, /// generating an appropriate error *after* the channel state has been updated based on the /// revoke_and_ack message. - pub fn revoke_and_ack(&mut self, msg: &msgs::RevokeAndACK) -> Result<(Option, Vec, Vec<([u8; 32], HTLCFailReason)>), HandleError> { + pub fn revoke_and_ack(&mut self, msg: &msgs::RevokeAndACK) -> Result<(Option, Vec, Vec<([u8; 32], HTLCFailReason)>, ChannelMonitor), HandleError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(HandleError{err: "Got revoke/ACK message when channel was not in an operational state", msg: None}); } @@ -1533,7 +1536,7 @@ impl Channel { return Err(HandleError{err: "Got a revoke commitment secret which didn't correspond to their current pubkey", msg: None}); } } - self.channel_monitor.provide_secret(self.cur_remote_commitment_transaction_number + 1, msg.per_commitment_secret)?; + self.channel_monitor.provide_secret(self.cur_remote_commitment_transaction_number + 1, msg.per_commitment_secret, Some((self.cur_remote_commitment_transaction_number - 1, msg.next_per_commitment_point)))?; // Update state now that we've passed all the can-fail calls... // (note that we may still fail to generate the new commitment_signed message, but that's @@ -1583,18 +1586,19 @@ impl Channel { match self.free_holding_cell_htlcs()? { Some(commitment_update) => { - Ok((Some(commitment_update), to_forward_infos, revoked_htlcs)) + Ok((Some(commitment_update.0), to_forward_infos, revoked_htlcs, commitment_update.1)) }, None => { if require_commitment { + let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; Ok((Some(msgs::CommitmentUpdate { update_add_htlcs: Vec::new(), update_fulfill_htlcs: Vec::new(), update_fail_htlcs: Vec::new(), - commitment_signed: self.send_commitment_no_status_check()? - }), to_forward_infos, revoked_htlcs)) + commitment_signed + }), to_forward_infos, revoked_htlcs, monitor_update)) } else { - Ok((None, to_forward_infos, revoked_htlcs)) + Ok((None, to_forward_infos, revoked_htlcs, self.channel_monitor.clone())) } } } @@ -1605,6 +1609,7 @@ impl Channel { return Err(HandleError{err: "Non-funding remote tried to update channel fee", msg: None}); } Channel::check_remote_fee(fee_estimator, msg.feerate_per_kw)?; + self.channel_update_count += 1; self.feerate_per_kw = msg.feerate_per_kw as u64; Ok(()) } @@ -1612,6 +1617,7 @@ impl Channel { pub fn shutdown(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::Shutdown) -> Result<(Option, Option, Vec<[u8; 32]>), HandleError> { if self.channel_state < ChannelState::FundingSent as u32 { self.channel_state = ChannelState::ShutdownComplete as u32; + self.channel_update_count += 1; return Ok((None, None, Vec::new())); } for htlc in self.pending_htlcs.iter() { @@ -1659,6 +1665,7 @@ impl Channel { // From here on out, we may not fail! self.channel_state |= ChannelState::RemoteShutdownSent as u32; + self.channel_update_count += 1; // We can't send our shutdown until we've committed all of our pending HTLCs, but the // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding @@ -1689,6 +1696,7 @@ impl Channel { }; self.channel_state |= ChannelState::LocalShutdownSent as u32; + self.channel_update_count += 1; if self.pending_htlcs.is_empty() && self.channel_outbound { // There are no more HTLCs and we're the funder, this means we start the closing_signed // dance with an initial fee proposal! @@ -1736,6 +1744,7 @@ impl Channel { if last_fee == msg.fee_satoshis { self.sign_commitment_transaction(&mut closing_tx, &msg.signature); self.channel_state = ChannelState::ShutdownComplete as u32; + self.channel_update_count += 1; return Ok((None, Some(closing_tx))); } } @@ -1780,6 +1789,7 @@ impl Channel { let our_sig = self.sign_commitment_transaction(&mut closing_tx, &msg.signature); self.channel_state = ChannelState::ShutdownComplete as u32; + self.channel_update_count += 1; Ok((Some(msgs::ClosingSigned { channel_id: self.channel_id, @@ -1800,6 +1810,13 @@ impl Channel { self.user_id } + pub fn channel_monitor(&self) -> ChannelMonitor { + if self.channel_state < ChannelState::FundingCreated as u32 { + panic!("Can't get a channel monitor until funding has been created"); + } + self.channel_monitor.clone() + } + /// Guaranteed to be Some after both FundingLocked messages have been exchanged (and, thus, /// is_usable() returns true). pub fn get_short_channel_id(&self) -> Option { @@ -1808,7 +1825,7 @@ impl Channel { /// Returns the funding_txo we either got from our peer, or were given by /// get_outbound_funding_created. - pub fn get_funding_txo(&self) -> Option<(Sha256dHash, u16)> { + pub fn get_funding_txo(&self) -> Option { self.channel_monitor.get_funding_txo() } @@ -1824,8 +1841,7 @@ impl Channel { self.channel_value_satoshis } - pub fn get_channel_update_count(&mut self) -> u32 { - self.channel_update_count += 1; //TODO: This should be base on updates, not updates *sent* + pub fn get_channel_update_count(&self) -> u32 { self.channel_update_count } @@ -1848,13 +1864,6 @@ impl Channel { res as u32 } - pub fn channel_monitor(&self) -> ChannelMonitor { - if self.channel_state < ChannelState::FundingCreated as u32 { - panic!("Can't get a channel monitor until funding has been created"); - } - self.channel_monitor.clone() - } - /// Returns true if this channel is fully established and not known to be closing. pub fn is_usable(&self) -> bool { let mask = ChannelState::ChannelFunded as u32 | BOTH_SIDES_SHUTDOWN_MASK; @@ -1891,6 +1900,7 @@ impl Channel { self.channel_state |= ChannelState::OurFundingLocked as u32; } else if non_shutdown_state == (ChannelState::FundingSent as u32 | ChannelState::TheirFundingLocked as u32) { self.channel_state = ChannelState::ChannelFunded as u32 | (self.channel_state & BOTH_SIDES_SHUTDOWN_MASK); + self.channel_update_count += 1; //TODO: Something about a state where we "lost confirmation" } else if self.channel_state < ChannelState::ChannelFunded as u32 { panic!("Started confirming a channel in a state pre-FundingSent?"); @@ -1912,16 +1922,17 @@ impl Channel { } if non_shutdown_state & !(ChannelState::TheirFundingLocked as u32) == ChannelState::FundingSent as u32 { for (ref tx, index_in_block) in txn_matched.iter().zip(indexes_of_txn_matched) { - if tx.txid() == self.channel_monitor.get_funding_txo().unwrap().0 { - let txo_idx = self.channel_monitor.get_funding_txo().unwrap().1 as usize; + if tx.txid() == self.channel_monitor.get_funding_txo().unwrap().txid { + let txo_idx = self.channel_monitor.get_funding_txo().unwrap().index as usize; if txo_idx >= tx.output.len() || tx.output[txo_idx].script_pubkey != self.get_funding_redeemscript().to_v0_p2wsh() || tx.output[txo_idx].value != self.channel_value_satoshis { self.channel_state = ChannelState::ShutdownComplete as u32; + self.channel_update_count += 1; } else { self.funding_tx_confirmations = 1; - self.short_channel_id = Some(((height as u64) << (5*8)) | + self.short_channel_id = Some(((height as u64) << (5*8)) | ((*index_in_block as u64) << (2*8)) | - ((self.channel_monitor.get_funding_txo().unwrap().1 as u64) << (2*8))); + ((self.channel_monitor.get_funding_txo().unwrap().index as u64) << (2*8))); } } } @@ -2017,7 +2028,7 @@ impl Channel { }) } - fn get_outbound_funding_created_signature(&mut self) -> Result { + fn get_outbound_funding_created_signature(&mut self) -> Result<(Signature, Transaction), HandleError> { let funding_script = self.get_funding_redeemscript(); let remote_keys = self.build_remote_transaction_keys()?; @@ -2025,7 +2036,7 @@ impl Channel { let remote_sighash = Message::from_slice(&bip143::SighashComponents::new(&remote_initial_commitment_tx).sighash_all(&remote_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // We sign the "remote" commitment transaction, allowing them to broadcast the tx if they wish. - Ok(self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key).unwrap()) + Ok((self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key).unwrap(), remote_initial_commitment_tx)) } /// Updates channel state with knowledge of the funding transaction's txid/index, and generates @@ -2034,7 +2045,7 @@ impl Channel { /// or if called on an inbound channel. /// Note that channel_id changes during this call! /// Do NOT broadcast the funding transaction until after a successful funding_signed call! - pub fn get_outbound_funding_created(&mut self, funding_txid: Sha256dHash, funding_output_index: u16) -> Result { + pub fn get_outbound_funding_created(&mut self, funding_txo: OutPoint) -> Result<(msgs::FundingCreated, ChannelMonitor), HandleError> { if !self.channel_outbound { panic!("Tried to create outbound funding_created message on an inbound channel!"); } @@ -2045,10 +2056,10 @@ impl Channel { panic!("Should not have advanced channel commitment tx numbers prior to funding_created"); } - self.channel_monitor.set_funding_info(funding_txid, funding_output_index); + self.channel_monitor.set_funding_info(funding_txo); - let our_signature = match self.get_outbound_funding_created_signature() { - Ok(sig) => sig, + let (our_signature, commitment_tx) = match self.get_outbound_funding_created_signature() { + Ok(res) => res, Err(e) => { self.channel_monitor.unset_funding_info(); return Err(e); @@ -2058,18 +2069,18 @@ impl Channel { let temporary_channel_id = self.channel_id; // Now that we're past error-generating stuff, update our local state: - + self.channel_monitor.provide_latest_remote_commitment_tx_info(&commitment_tx, Vec::new(), self.cur_remote_commitment_transaction_number); self.channel_state = ChannelState::FundingCreated as u32; let funding_txo = self.channel_monitor.get_funding_txo().unwrap(); - self.channel_id = funding_txo.0.into_be() ^ Uint256::from_u64(funding_txo.1 as u64).unwrap(); //TODO: or le? + self.channel_id = funding_txo.to_channel_id(); self.cur_remote_commitment_transaction_number -= 1; - Ok(msgs::FundingCreated { + Ok((msgs::FundingCreated { temporary_channel_id: temporary_channel_id, - funding_txid: funding_txid, - funding_output_index: funding_output_index, + funding_txid: funding_txo.txid, + funding_output_index: funding_txo.index, signature: our_signature - }) + }, self.channel_monitor.clone())) } /// Gets an UnsignedChannelAnnouncement, as well as a signature covering it using our @@ -2181,7 +2192,7 @@ impl Channel { } /// Creates a signed commitment transaction to send to the remote peer. - pub fn send_commitment(&mut self) -> Result { + pub fn send_commitment(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), HandleError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(HandleError{err: "Cannot create commitment tx until channel is fully established", msg: None}); } @@ -2201,7 +2212,7 @@ impl Channel { self.send_commitment_no_status_check() } /// Only fails in case of bad keys - fn send_commitment_no_status_check(&mut self) -> Result { + fn send_commitment_no_status_check(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), HandleError> { let funding_script = self.get_funding_redeemscript(); // We can upgrade the status of some HTLCs that are waiting on a commitment, even if we @@ -2232,23 +2243,26 @@ impl Channel { } // Update state now that we've passed all the can-fail calls... + self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_commitment_tx.0, remote_commitment_tx.1, self.cur_remote_commitment_transaction_number); self.channel_state |= ChannelState::AwaitingRemoteRevoke as u32; - Ok(msgs::CommitmentSigned { + Ok((msgs::CommitmentSigned { channel_id: self.channel_id, signature: our_sig, htlc_signatures: htlc_sigs, - }) + }, self.channel_monitor.clone())) } /// Adds a pending outbound HTLC to this channel, and creates a signed commitment transaction /// to send to the remote peer in one go. /// Shorthand for calling send_htlc() followed by send_commitment(), see docs on those for /// more info. - pub fn send_htlc_and_commit(&mut self, amount_msat: u64, payment_hash: [u8; 32], cltv_expiry: u32, onion_routing_packet: msgs::OnionPacket) -> Result, HandleError> { + pub fn send_htlc_and_commit(&mut self, amount_msat: u64, payment_hash: [u8; 32], cltv_expiry: u32, onion_routing_packet: msgs::OnionPacket) -> Result, HandleError> { match self.send_htlc(amount_msat, payment_hash, cltv_expiry, onion_routing_packet)? { - Some(update_add_htlc) => - Ok(Some((update_add_htlc, self.send_commitment_no_status_check()?))), + Some(update_add_htlc) => { + let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; + Ok(Some((update_add_htlc, commitment_signed, monitor_update))) + }, None => Ok(None) } } @@ -2274,6 +2288,7 @@ impl Channel { } else { self.channel_state |= ChannelState::LocalShutdownSent as u32; } + self.channel_update_count += 1; // We can't send our shutdown until we've committed all of our pending HTLCs, but the // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding @@ -2294,6 +2309,17 @@ impl Channel { scriptpubkey: our_closing_script, }, dropped_outbound_htlcs)) } + + /// Gets the latest commitment transaction and any dependant transactions for relay (forcing + /// shutdown of this channel - no more calls into this Channel may be made afterwards. + pub fn force_shutdown(&mut self) -> Vec { + assert!(self.channel_state != ChannelState::ShutdownComplete as u32); + self.channel_state = ChannelState::ShutdownComplete as u32; + self.channel_update_count += 1; + let mut res = Vec::new(); + mem::swap(&mut res, &mut self.last_local_commitment_txn); + res + } } #[cfg(test)] @@ -2303,9 +2329,10 @@ mod tests { use bitcoin::util::bip143; use bitcoin::network::serialize::serialize; use bitcoin::blockdata::transaction::Transaction; - use ln::channel::{Channel,HTLCOutput,HTLCState,HTLCOutputInCommitment,TxCreationKeys}; + use ln::channel::{Channel,ChannelKeys,HTLCOutput,HTLCState,HTLCOutputInCommitment,TxCreationKeys}; use ln::chan_utils; use chain::chaininterface::{FeeEstimator,ConfirmationTarget}; + use chain::transaction::OutPoint; use secp256k1::{Secp256k1,Message,Signature}; use secp256k1::key::{SecretKey,PublicKey}; use crypto::sha2::Sha256; @@ -2324,22 +2351,29 @@ mod tests { fn outbound_commitment_test() { // Test vectors from BOLT 3 Appendix C: let feeest = TestFeeEstimator{fee_est: 15000/250}; - let mut chan = Channel::new_outbound(&feeest, PublicKey::new(), 10000000, false, 42); // Nothing uses their network key in this test - chan.their_to_self_delay = 144; - chan.our_dust_limit_satoshis = 546; - let secp_ctx = Secp256k1::new(); - chan.local_keys.funding_key = SecretKey::from_slice(&secp_ctx, &hex_bytes("30ff4956bbdd3222d44cc5e8a1261dab1e07957bdac5ae88fe3261ef321f3749").unwrap()[..]).unwrap(); - assert_eq!(PublicKey::from_secret_key(&secp_ctx, &chan.local_keys.funding_key).unwrap().serialize()[..], + let chan_keys = ChannelKeys { + funding_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("30ff4956bbdd3222d44cc5e8a1261dab1e07957bdac5ae88fe3261ef321f3749").unwrap()[..]).unwrap(), + payment_base_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(), + delayed_payment_base_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("3333333333333333333333333333333333333333333333333333333333333333").unwrap()[..]).unwrap(), + htlc_base_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(), + + // These aren't set in the test vectors: + revocation_base_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(), + channel_close_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(), + channel_monitor_claim_key: SecretKey::from_slice(&secp_ctx, &hex_bytes("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(), + commitment_seed: [0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff], + }; + assert_eq!(PublicKey::from_secret_key(&secp_ctx, &chan_keys.funding_key).unwrap().serialize()[..], hex_bytes("023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb").unwrap()[..]); - chan.local_keys.payment_base_key = SecretKey::from_slice(&secp_ctx, &hex_bytes("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(); - chan.local_keys.delayed_payment_base_key = SecretKey::from_slice(&secp_ctx, &hex_bytes("3333333333333333333333333333333333333333333333333333333333333333").unwrap()[..]).unwrap(); - chan.local_keys.htlc_base_key = SecretKey::from_slice(&secp_ctx, &hex_bytes("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(); - // chan.local_keys.commitment_seed isn't derived in the test vectors :( + let mut chan = Channel::new_outbound(&feeest, chan_keys, PublicKey::new(), 10000000, false, 42); // Nothing uses their network key in this test + chan.their_to_self_delay = 144; + chan.our_dust_limit_satoshis = 546; - chan.channel_monitor.set_funding_info(Sha256dHash::from_hex("8984484a580b825b9972d7adb15050b3ab624ccd731946b3eeddb92f4e7ef6be").unwrap(), 0); + let funding_info = OutPoint::new(Sha256dHash::from_hex("8984484a580b825b9972d7adb15050b3ab624ccd731946b3eeddb92f4e7ef6be").unwrap(), 0); + chan.channel_monitor.set_funding_info(funding_info); chan.their_payment_basepoint = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&secp_ctx, &hex_bytes("4444444444444444444444444444444444444444444444444444444444444444").unwrap()[..]).unwrap()).unwrap(); assert_eq!(chan.their_payment_basepoint.serialize()[..], @@ -2838,17 +2872,17 @@ mod tests { seed[0..32].clone_from_slice(&hex_bytes("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF").unwrap()); assert_eq!(chan_utils::build_commitment_secret(seed, 281474976710655), - hex_bytes("7cc854b54e3e0dcdb010d7a3fee464a9687be6e8db3be6854c475621e007a5dc").unwrap()[..]); + hex_bytes("7cc854b54e3e0dcdb010d7a3fee464a9687be6e8db3be6854c475621e007a5dc").unwrap()[..]); assert_eq!(chan_utils::build_commitment_secret(seed, 0xaaaaaaaaaaa), - hex_bytes("56f4008fb007ca9acf0e15b054d5c9fd12ee06cea347914ddbaed70d1c13a528").unwrap()[..]); + hex_bytes("56f4008fb007ca9acf0e15b054d5c9fd12ee06cea347914ddbaed70d1c13a528").unwrap()[..]); assert_eq!(chan_utils::build_commitment_secret(seed, 0x555555555555), - hex_bytes("9015daaeb06dba4ccc05b91b2f73bd54405f2be9f217fbacd3c5ac2e62327d31").unwrap()[..]); + hex_bytes("9015daaeb06dba4ccc05b91b2f73bd54405f2be9f217fbacd3c5ac2e62327d31").unwrap()[..]); seed[0..32].clone_from_slice(&hex_bytes("0101010101010101010101010101010101010101010101010101010101010101").unwrap()); assert_eq!(chan_utils::build_commitment_secret(seed, 1), - hex_bytes("915c75942a26bb3a433a8ce2cb0427c29ec6c1775cfc78328b57f6ba7bfeaa9c").unwrap()[..]); + hex_bytes("915c75942a26bb3a433a8ce2cb0427c29ec6c1775cfc78328b57f6ba7bfeaa9c").unwrap()[..]); } #[test]