X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannelmonitor.rs;h=1e8f8038c4c1846ff5c5108606ba6a5c62c83ba1;hb=68e6beab7cfb1be6f3d6d1356c7da90b0227849a;hp=891dac807f8f59109e2c5f7209eb23c8ed903766;hpb=0553945e21539f304bef16e8c5c8939e11ee1363;p=rust-lightning diff --git a/src/ln/channelmonitor.rs b/src/ln/channelmonitor.rs index 891dac80..1e8f8038 100644 --- a/src/ln/channelmonitor.rs +++ b/src/ln/channelmonitor.rs @@ -92,9 +92,9 @@ impl SimpleManyChannelMonitor Some(orig_monitor) => return orig_monitor.insert_combine(monitor), None => {} }; - match monitor.funding_txo { - None => self.chain_monitor.watch_all_txn(), - Some(outpoint) => self.chain_monitor.install_watch_outpoint((outpoint.txid, outpoint.index as u32)), + match &monitor.funding_txo { + &None => self.chain_monitor.watch_all_txn(), + &Some((ref outpoint, ref script)) => self.chain_monitor.install_watch_outpoint((outpoint.txid, outpoint.index as u32), script), } monitors.insert(key, monitor); Ok(()) @@ -117,7 +117,7 @@ const CLTV_SHARED_CLAIM_BUFFER: u32 = 12; /// HTLC-Success transaction. const CLTV_CLAIM_BUFFER: u32 = 6; -#[derive(Clone)] +#[derive(Clone, PartialEq)] enum KeyStorage { PrivMode { revocation_base_key: SecretKey, @@ -130,7 +130,7 @@ enum KeyStorage { } } -#[derive(Clone)] +#[derive(Clone, PartialEq)] struct LocalSignedTx { /// txid of the transaction in tx, just used to make comparison faster txid: Sha256dHash, @@ -147,7 +147,7 @@ const SERIALIZATION_VERSION: u8 = 1; const MIN_SERIALIZATION_VERSION: u8 = 1; pub struct ChannelMonitor { - funding_txo: Option, + funding_txo: Option<(OutPoint, Script)>, commitment_transaction_number_obscure_factor: u64, key_storage: KeyStorage, @@ -215,6 +215,40 @@ impl Clone for ChannelMonitor { } } +#[cfg(any(test, feature = "fuzztarget"))] +/// Used only in testing and fuzztarget to check serialization roundtrips don't change the +/// underlying object +impl PartialEq for ChannelMonitor { + fn eq(&self, other: &Self) -> bool { + if self.funding_txo != other.funding_txo || + self.commitment_transaction_number_obscure_factor != other.commitment_transaction_number_obscure_factor || + self.key_storage != other.key_storage || + self.delayed_payment_base_key != other.delayed_payment_base_key || + self.their_htlc_base_key != other.their_htlc_base_key || + self.their_cur_revocation_points != other.their_cur_revocation_points || + self.our_to_self_delay != other.our_to_self_delay || + self.their_to_self_delay != other.their_to_self_delay || + self.remote_claimable_outpoints != other.remote_claimable_outpoints || + self.remote_hash_commitment_number != other.remote_hash_commitment_number || + self.prev_local_signed_commitment_tx != other.prev_local_signed_commitment_tx || + self.current_local_signed_commitment_tx != other.current_local_signed_commitment_tx || + self.payment_preimages != other.payment_preimages || + self.destination_script != other.destination_script + { + false + } else { + for (&(ref secret, ref idx), &(ref o_secret, ref o_idx)) in self.old_secrets.iter().zip(other.old_secrets.iter()) { + if secret != o_secret || idx != o_idx { + return false + } + } + let us = self.remote_commitment_txn_on_chain.lock().unwrap(); + let them = other.remote_commitment_txn_on_chain.lock().unwrap(); + *us == *them + } + } +} + impl ChannelMonitor { pub fn new(revocation_base_key: &SecretKey, delayed_payment_base_key: &PublicKey, htlc_base_key: &SecretKey, our_to_self_delay: u16, destination_script: Script) -> ChannelMonitor { ChannelMonitor { @@ -385,13 +419,12 @@ impl ChannelMonitor { } pub fn insert_combine(&mut self, mut other: ChannelMonitor) -> Result<(), HandleError> { - match self.funding_txo { - Some(txo) => if other.funding_txo.is_some() && other.funding_txo.unwrap() != txo { + if self.funding_txo.is_some() { + if other.funding_txo.is_some() && other.funding_txo.as_ref().unwrap() != self.funding_txo.as_ref().unwrap() { return Err(HandleError{err: "Funding transaction outputs are not identical!", msg: None}); - }, - None => if other.funding_txo.is_some() { - self.funding_txo = other.funding_txo; } + } else { + self.funding_txo = other.funding_txo.take(); } let other_min_secret = other.get_min_seen_secret(); let our_min_secret = self.get_min_seen_secret(); @@ -424,7 +457,8 @@ impl ChannelMonitor { /// optional, without it this monitor cannot be used in an SPV client, but you may wish to /// avoid this (or call unset_funding_info) on a monitor you wish to send to a watchtower as it /// provides slightly better privacy. - pub(super) fn set_funding_info(&mut self, funding_info: OutPoint) { + pub(super) fn set_funding_info(&mut self, funding_info: (OutPoint, Script)) { + //TODO: Need to register the given script here with a chain_monitor self.funding_txo = Some(funding_info); } @@ -441,7 +475,10 @@ impl ChannelMonitor { } pub fn get_funding_txo(&self) -> Option { - self.funding_txo + match self.funding_txo { + Some((outpoint, _)) => Some(outpoint), + None => None + } } /// Serializes into a vec, with various modes for the exposed pub fns @@ -450,12 +487,14 @@ impl ChannelMonitor { res.push(SERIALIZATION_VERSION); res.push(MIN_SERIALIZATION_VERSION); - match self.funding_txo { - Some(outpoint) => { + match &self.funding_txo { + &Some((ref outpoint, ref script)) => { res.extend_from_slice(&outpoint.txid[..]); res.extend_from_slice(&byte_utils::be16_to_array(outpoint.index)); + res.extend_from_slice(&byte_utils::be64_to_array(script.len() as u64)); + res.extend_from_slice(&script[..]); }, - None => { + &None => { // We haven't even been initialized...not sure why anyone is serializing us, but // not much to give them. return res; @@ -603,7 +642,7 @@ impl ChannelMonitor { macro_rules! read_bytes { ($byte_count: expr) => { { - if ($byte_count as usize) + read_pos > data.len() { + if ($byte_count as usize) > data.len() - read_pos { return None; } read_pos += $byte_count as usize; @@ -630,10 +669,12 @@ impl ChannelMonitor { // Technically this can fail and serialize fail a round-trip, but only for serialization of // barely-init'd ChannelMonitors that we can't do anything with. - let funding_txo = Some(OutPoint { + let outpoint = OutPoint { txid: Sha256dHash::from(read_bytes!(32)), index: byte_utils::slice_to_be16(read_bytes!(2)), - }); + }; + let script_len = byte_utils::slice_to_be64(read_bytes!(8)); + let funding_txo = Some((outpoint, Script::from(read_bytes!(script_len).to_vec()))); let commitment_transaction_number_obscure_factor = byte_utils::slice_to_be48(read_bytes!(6)); let key_storage = match read_bytes!(1)[0] { @@ -736,7 +777,14 @@ impl ChannelMonitor { () => { { let tx_len = byte_utils::slice_to_be64(read_bytes!(8)); - let tx: Transaction = unwrap_obj!(serialize::deserialize(read_bytes!(tx_len))); + let tx_ser = read_bytes!(tx_len); + let tx: Transaction = unwrap_obj!(serialize::deserialize(tx_ser)); + if serialize::serialize(&tx).unwrap() != tx_ser { + // We check that the tx re-serializes to the same form to ensure there is + // no extra data, and as rust-bitcoin doesn't handle the 0-input ambiguity + // all that well. + return None; + } let revocation_key = unwrap_obj!(PublicKey::from_slice(&secp_ctx, read_bytes!(33))); let a_htlc_key = unwrap_obj!(PublicKey::from_slice(&secp_ctx, read_bytes!(33))); @@ -869,7 +917,7 @@ impl ChannelMonitor { let commitment_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers! let per_commitment_option = self.remote_claimable_outpoints.get(&commitment_txid); - let commitment_number = (((tx.input[0].sequence as u64 & 0xffffff) << 3*8) | (tx.lock_time as u64 & 0xffffff)) ^ self.commitment_transaction_number_obscure_factor; + let commitment_number = 0xffffffffffff - ((((tx.input[0].sequence as u64 & 0xffffff) << 3*8) | (tx.lock_time as u64 & 0xffffff)) ^ self.commitment_transaction_number_obscure_factor); if commitment_number >= self.get_min_seen_secret() { let secret = self.get_secret(commitment_number).unwrap(); let per_commitment_key = ignore_error!(SecretKey::from_slice(&self.secp_ctx, &secret)); @@ -985,7 +1033,7 @@ impl ChannelMonitor { if !inputs.is_empty() || !txn_to_broadcast.is_empty() { // ie we're confident this is actually ours // We're definitely a remote commitment transaction! - // TODO: Register commitment_txid with the ChainWatchInterface! + // TODO: Register all outputs in commitment_tx with the ChainWatchInterface! self.remote_commitment_txn_on_chain.lock().unwrap().insert(commitment_txid, commitment_number); } if inputs.is_empty() { return txn_to_broadcast; } // Nothing to be done...probably a false positive/local tx @@ -1018,6 +1066,7 @@ impl ChannelMonitor { // already processed the block, resulting in the remote_commitment_txn_on_chain entry // not being generated by the above conditional. Thus, to be safe, we go ahead and // insert it here. + // TODO: Register all outputs in commitment_tx with the ChainWatchInterface! self.remote_commitment_txn_on_chain.lock().unwrap().insert(commitment_txid, commitment_number); if let Some(revocation_points) = self.their_cur_revocation_points { @@ -1191,7 +1240,7 @@ impl ChannelMonitor { fn block_connected(&self, txn_matched: &[&Transaction], height: u32, broadcaster: &BroadcasterInterface) { for tx in txn_matched { for txin in tx.input.iter() { - if self.funding_txo.is_none() || (txin.prev_hash == self.funding_txo.unwrap().txid && txin.prev_index == self.funding_txo.unwrap().index as u32) { + if self.funding_txo.is_none() || (txin.prev_hash == self.funding_txo.as_ref().unwrap().0.txid && txin.prev_index == self.funding_txo.as_ref().unwrap().0.index as u32) { let mut txn = self.check_spend_remote_transaction(tx, height); if txn.is_empty() { txn = self.check_spend_local_transaction(tx, height);