Panic if funding transaction has non-witness inputs

diff --git a/src/ln/channel.rs b/src/ln/channel.rs
index 25e981d7daa3e170c3214254b9303da0d2edf2e9..e56fbd53228be08a73b86a596571ffde0435a703 100644 (file)
--- a/src/ln/channel.rs
+++ b/src/ln/channel.rs
@@ -2827,6 +2827,16 @@ impl Channel {
                                                self.channel_update_count += 1;
                                                return Err(HandleError{err: "funding tx had wrong script/value", action: Some(ErrorAction::DisconnectPeer{msg: None})});
                                        } else {
+                                               if self.channel_outbound {
+                                                       for input in tx.input.iter() {
+                                                               if input.witness.is_empty() {
+                                                                       // We generated a malleable funding transaction, implying we've
+                                                                       // just exposed ourselves to funds loss to our counterparty.
+                                                                       #[cfg(not(feature = "fuzztarget"))]
+                                                                       panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!");
+                                                               }
+                                                       }
+                                               }
                                                self.funding_tx_confirmations = 1;
                                                self.short_channel_id = Some(((height as u64)          << (5*8)) |
                                                                             ((*index_in_block as u64) << (2*8)) |