You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
467 lines
19 KiB
467 lines
19 KiB
import asyncio
|
|
import json
|
|
import os
|
|
from typing import TYPE_CHECKING, Optional, Dict, Union
|
|
|
|
import attr
|
|
|
|
from .crypto import sha256, hash_160
|
|
from .ecc import ECPrivkey
|
|
from .bitcoin import (script_to_p2wsh, opcodes, p2wsh_nested_script, push_script,
|
|
is_segwit_address, construct_witness)
|
|
from .transaction import PartialTxInput, PartialTxOutput, PartialTransaction
|
|
from .transaction import script_GetOp, match_script_against_template, OPPushDataGeneric, OPPushDataPubkey
|
|
from .util import log_exceptions
|
|
from .lnutil import REDEEM_AFTER_DOUBLE_SPENT_DELAY, ln_dummy_address, LN_MAX_HTLC_VALUE_MSAT
|
|
from .bitcoin import dust_threshold
|
|
from .logging import Logger
|
|
from .lnutil import hex_to_bytes
|
|
from .json_db import StoredObject
|
|
from . import constants
|
|
|
|
if TYPE_CHECKING:
|
|
from .network import Network
|
|
from .wallet import Abstract_Wallet
|
|
from .lnwatcher import LNWalletWatcher
|
|
from .lnworker import LNWallet
|
|
|
|
|
|
API_URL_MAINNET = 'https://swaps.electrum.org/api'
|
|
API_URL_TESTNET = 'https://swaps.electrum.org/testnet'
|
|
API_URL_REGTEST = 'https://localhost/api'
|
|
|
|
|
|
|
|
WITNESS_TEMPLATE_SWAP = [
|
|
opcodes.OP_HASH160,
|
|
OPPushDataGeneric(lambda x: x == 20),
|
|
opcodes.OP_EQUAL,
|
|
opcodes.OP_IF,
|
|
OPPushDataPubkey,
|
|
opcodes.OP_ELSE,
|
|
OPPushDataGeneric(None),
|
|
opcodes.OP_CHECKLOCKTIMEVERIFY,
|
|
opcodes.OP_DROP,
|
|
OPPushDataPubkey,
|
|
opcodes.OP_ENDIF,
|
|
opcodes.OP_CHECKSIG
|
|
]
|
|
|
|
|
|
# The script of the reverse swaps has one extra check in it to verify
|
|
# that the length of the preimage is 32. This is required because in
|
|
# the reverse swaps the preimage is generated by the user and to
|
|
# settle the hold invoice, you need a preimage with 32 bytes . If that
|
|
# check wasn't there the user could generate a preimage with a
|
|
# different length which would still allow for claiming the onchain
|
|
# coins but the invoice couldn't be settled
|
|
|
|
WITNESS_TEMPLATE_REVERSE_SWAP = [
|
|
opcodes.OP_SIZE,
|
|
OPPushDataGeneric(None),
|
|
opcodes.OP_EQUAL,
|
|
opcodes.OP_IF,
|
|
opcodes.OP_HASH160,
|
|
OPPushDataGeneric(lambda x: x == 20),
|
|
opcodes.OP_EQUALVERIFY,
|
|
OPPushDataPubkey,
|
|
opcodes.OP_ELSE,
|
|
opcodes.OP_DROP,
|
|
OPPushDataGeneric(None),
|
|
opcodes.OP_CHECKLOCKTIMEVERIFY,
|
|
opcodes.OP_DROP,
|
|
OPPushDataPubkey,
|
|
opcodes.OP_ENDIF,
|
|
opcodes.OP_CHECKSIG
|
|
]
|
|
|
|
|
|
@attr.s
|
|
class SwapData(StoredObject):
|
|
is_reverse = attr.ib(type=bool)
|
|
locktime = attr.ib(type=int)
|
|
onchain_amount = attr.ib(type=int) # in sats
|
|
lightning_amount = attr.ib(type=int) # in sats
|
|
redeem_script = attr.ib(type=bytes, converter=hex_to_bytes)
|
|
preimage = attr.ib(type=bytes, converter=hex_to_bytes)
|
|
prepay_hash = attr.ib(type=Optional[bytes], converter=hex_to_bytes)
|
|
privkey = attr.ib(type=bytes, converter=hex_to_bytes)
|
|
lockup_address = attr.ib(type=str)
|
|
funding_txid = attr.ib(type=Optional[str])
|
|
spending_txid = attr.ib(type=Optional[str])
|
|
is_redeemed = attr.ib(type=bool)
|
|
|
|
|
|
def create_claim_tx(
|
|
*,
|
|
txin: PartialTxInput,
|
|
witness_script: bytes,
|
|
preimage: Union[bytes, int], # 0 if timing out forward-swap
|
|
privkey: bytes,
|
|
address: str,
|
|
amount_sat: int,
|
|
locktime: int,
|
|
) -> PartialTransaction:
|
|
"""Create tx to either claim successful reverse-swap,
|
|
or to get refunded for timed-out forward-swap.
|
|
"""
|
|
if is_segwit_address(txin.address):
|
|
txin.script_type = 'p2wsh'
|
|
txin.script_sig = b''
|
|
else:
|
|
txin.script_type = 'p2wsh-p2sh'
|
|
txin.redeem_script = bytes.fromhex(p2wsh_nested_script(witness_script.hex()))
|
|
txin.script_sig = bytes.fromhex(push_script(txin.redeem_script.hex()))
|
|
txin.witness_script = witness_script
|
|
txout = PartialTxOutput.from_address_and_value(address, amount_sat)
|
|
tx = PartialTransaction.from_io([txin], [txout], version=2, locktime=locktime)
|
|
#tx.set_rbf(True)
|
|
sig = bytes.fromhex(tx.sign_txin(0, privkey))
|
|
witness = [sig, preimage, witness_script]
|
|
txin.witness = bytes.fromhex(construct_witness(witness))
|
|
return tx
|
|
|
|
|
|
class SwapManager(Logger):
|
|
|
|
network: Optional['Network'] = None
|
|
lnwatcher: Optional['LNWalletWatcher'] = None
|
|
|
|
def __init__(self, *, wallet: 'Abstract_Wallet', lnworker: 'LNWallet'):
|
|
Logger.__init__(self)
|
|
self.normal_fee = 0
|
|
self.lockup_fee = 0
|
|
self.percentage = 0
|
|
self.min_amount = 0
|
|
self._max_amount = 0
|
|
self.wallet = wallet
|
|
self.lnworker = lnworker
|
|
self.swaps = self.wallet.db.get_dict('submarine_swaps') # type: Dict[str, SwapData]
|
|
self.prepayments = {} # type: Dict[bytes, bytes] # fee_preimage -> preimage
|
|
for k, swap in self.swaps.items():
|
|
if swap.is_reverse and swap.prepay_hash is not None:
|
|
self.prepayments[swap.prepay_hash] = bytes.fromhex(k)
|
|
# api url
|
|
if constants.net == constants.BitcoinMainnet:
|
|
self.api_url = API_URL_MAINNET
|
|
elif constants.net == constants.BitcoinTestnet:
|
|
self.api_url = API_URL_TESTNET
|
|
else:
|
|
self.api_url = API_URL_REGTEST
|
|
|
|
def start_network(self, *, network: 'Network', lnwatcher: 'LNWalletWatcher'):
|
|
assert network
|
|
assert lnwatcher
|
|
self.network = network
|
|
self.lnwatcher = lnwatcher
|
|
for k, swap in self.swaps.items():
|
|
if swap.is_redeemed:
|
|
continue
|
|
self.add_lnwatcher_callback(swap)
|
|
|
|
@log_exceptions
|
|
async def _claim_swap(self, swap: SwapData) -> None:
|
|
assert self.network
|
|
assert self.lnwatcher
|
|
if not self.lnwatcher.is_up_to_date():
|
|
return
|
|
current_height = self.network.get_local_height()
|
|
delta = current_height - swap.locktime
|
|
if not swap.is_reverse and delta < 0:
|
|
# too early for refund
|
|
return
|
|
txos = self.lnwatcher.get_addr_outputs(swap.lockup_address)
|
|
for txin in txos.values():
|
|
if swap.is_reverse and txin.value_sats() < swap.onchain_amount:
|
|
self.logger.info('amount too low, we should not reveal the preimage')
|
|
continue
|
|
spent_height = txin.spent_height
|
|
if spent_height is not None:
|
|
if spent_height > 0 and current_height - spent_height > REDEEM_AFTER_DOUBLE_SPENT_DELAY:
|
|
self.logger.info(f'stop watching swap {swap.lockup_address}')
|
|
self.lnwatcher.remove_callback(swap.lockup_address)
|
|
swap.is_redeemed = True
|
|
continue
|
|
amount_sat = txin.value_sats() - self.get_claim_fee()
|
|
if amount_sat < dust_threshold():
|
|
self.logger.info('utxo value below dust threshold')
|
|
continue
|
|
address = self.wallet.get_receiving_address()
|
|
if swap.is_reverse: # successful reverse swap
|
|
preimage = swap.preimage
|
|
locktime = 0
|
|
else: # timing out forward swap
|
|
preimage = 0
|
|
locktime = swap.locktime
|
|
tx = create_claim_tx(
|
|
txin=txin,
|
|
witness_script=swap.redeem_script,
|
|
preimage=preimage,
|
|
privkey=swap.privkey,
|
|
address=address,
|
|
amount_sat=amount_sat,
|
|
locktime=locktime,
|
|
)
|
|
await self.network.broadcast_transaction(tx)
|
|
# save txid
|
|
if swap.is_reverse:
|
|
swap.spending_txid = tx.txid()
|
|
else:
|
|
self.wallet.set_label(tx.txid(), 'Swap refund')
|
|
|
|
def get_claim_fee(self):
|
|
return self.wallet.config.estimate_fee(136, allow_fallback_to_static_rates=True)
|
|
|
|
def get_swap(self, payment_hash: bytes) -> Optional[SwapData]:
|
|
# for history
|
|
swap = self.swaps.get(payment_hash.hex())
|
|
if swap:
|
|
return swap
|
|
payment_hash = self.prepayments.get(payment_hash)
|
|
if payment_hash:
|
|
return self.swaps.get(payment_hash.hex())
|
|
|
|
def add_lnwatcher_callback(self, swap: SwapData) -> None:
|
|
callback = lambda: self._claim_swap(swap)
|
|
self.lnwatcher.add_callback(swap.lockup_address, callback)
|
|
|
|
async def normal_swap(self, lightning_amount: int, expected_onchain_amount: int,
|
|
password, *, tx: PartialTransaction = None) -> str:
|
|
"""send on-chain BTC, receive on Lightning
|
|
|
|
- User generates an LN invoice with RHASH, and knows preimage.
|
|
- User creates on-chain output locked to RHASH.
|
|
- Server pays LN invoice. User reveals preimage.
|
|
- Server spends the on-chain output using preimage.
|
|
"""
|
|
assert self.network
|
|
assert self.lnwatcher
|
|
privkey = os.urandom(32)
|
|
pubkey = ECPrivkey(privkey).get_public_key_bytes(compressed=True)
|
|
lnaddr, invoice = await self.lnworker.create_invoice(lightning_amount, 'swap', expiry=3600*24)
|
|
payment_hash = lnaddr.paymenthash
|
|
preimage = self.lnworker.get_preimage(payment_hash)
|
|
request_data = {
|
|
"type": "submarine",
|
|
"pairId": "BTC/BTC",
|
|
"orderSide": "sell",
|
|
"invoice": invoice,
|
|
"refundPublicKey": pubkey.hex()
|
|
}
|
|
response = await self.network._send_http_on_proxy(
|
|
'post',
|
|
self.api_url + '/createswap',
|
|
json=request_data,
|
|
timeout=30)
|
|
data = json.loads(response)
|
|
response_id = data["id"]
|
|
zeroconf = data["acceptZeroConf"]
|
|
onchain_amount = data["expectedAmount"]
|
|
locktime = data["timeoutBlockHeight"]
|
|
lockup_address = data["address"]
|
|
redeem_script = data["redeemScript"]
|
|
# verify redeem_script is built with our pubkey and preimage
|
|
redeem_script = bytes.fromhex(redeem_script)
|
|
parsed_script = [x for x in script_GetOp(redeem_script)]
|
|
if not match_script_against_template(redeem_script, WITNESS_TEMPLATE_SWAP):
|
|
raise Exception("fswap check failed: scriptcode does not match template")
|
|
if script_to_p2wsh(redeem_script.hex()) != lockup_address:
|
|
raise Exception("fswap check failed: inconsistent scriptcode and address")
|
|
if hash_160(preimage) != parsed_script[1][1]:
|
|
raise Exception("fswap check failed: our preimage not in script")
|
|
if pubkey != parsed_script[9][1]:
|
|
raise Exception("fswap check failed: our pubkey not in script")
|
|
if locktime != int.from_bytes(parsed_script[6][1], byteorder='little'):
|
|
raise Exception("fswap check failed: inconsistent locktime and script")
|
|
# check that onchain_amount is not more than what we estimated
|
|
if onchain_amount > expected_onchain_amount:
|
|
raise Exception(f"fswap check failed: onchain_amount is more than what we estimated: "
|
|
f"{onchain_amount} > {expected_onchain_amount}")
|
|
# verify that they are not locking up funds for more than a day
|
|
if locktime - self.network.get_local_height() >= 144:
|
|
raise Exception("fswap check failed: locktime too far in future")
|
|
# create funding tx
|
|
funding_output = PartialTxOutput.from_address_and_value(lockup_address, onchain_amount)
|
|
if tx is None:
|
|
tx = self.wallet.create_transaction(outputs=[funding_output], rbf=False, password=password)
|
|
else:
|
|
dummy_output = PartialTxOutput.from_address_and_value(ln_dummy_address(), expected_onchain_amount)
|
|
tx.outputs().remove(dummy_output)
|
|
tx.add_outputs([funding_output])
|
|
tx.set_rbf(False)
|
|
self.wallet.sign_transaction(tx, password)
|
|
# save swap data in wallet in case we need a refund
|
|
swap = SwapData(
|
|
redeem_script = redeem_script,
|
|
locktime = locktime,
|
|
privkey = privkey,
|
|
preimage = preimage,
|
|
prepay_hash = None,
|
|
lockup_address = lockup_address,
|
|
onchain_amount = expected_onchain_amount,
|
|
lightning_amount = lightning_amount,
|
|
is_reverse = False,
|
|
is_redeemed = False,
|
|
funding_txid = tx.txid(),
|
|
spending_txid = None,
|
|
)
|
|
self.swaps[payment_hash.hex()] = swap
|
|
self.add_lnwatcher_callback(swap)
|
|
await self.network.broadcast_transaction(tx)
|
|
return tx.txid()
|
|
|
|
async def reverse_swap(self, lightning_amount: int, expected_onchain_amount: int) -> bool:
|
|
"""send on Lightning, receive on-chain
|
|
|
|
- User generates preimage, RHASH. Sends RHASH to server.
|
|
- Server creates an LN invoice for RHASH.
|
|
- User pays LN invoice - except server needs to hold the HTLC as preimage is unknown.
|
|
- Server creates on-chain output locked to RHASH.
|
|
- User spends on-chain output, revealing preimage.
|
|
- Server fulfills HTLC using preimage.
|
|
"""
|
|
assert self.network
|
|
assert self.lnwatcher
|
|
privkey = os.urandom(32)
|
|
pubkey = ECPrivkey(privkey).get_public_key_bytes(compressed=True)
|
|
preimage = os.urandom(32)
|
|
preimage_hash = sha256(preimage)
|
|
request_data = {
|
|
"type": "reversesubmarine",
|
|
"pairId": "BTC/BTC",
|
|
"orderSide": "buy",
|
|
"invoiceAmount": lightning_amount,
|
|
"preimageHash": preimage_hash.hex(),
|
|
"claimPublicKey": pubkey.hex()
|
|
}
|
|
response = await self.network._send_http_on_proxy(
|
|
'post',
|
|
self.api_url + '/createswap',
|
|
json=request_data,
|
|
timeout=30)
|
|
data = json.loads(response)
|
|
invoice = data['invoice']
|
|
fee_invoice = data.get('minerFeeInvoice')
|
|
lockup_address = data['lockupAddress']
|
|
redeem_script = data['redeemScript']
|
|
locktime = data['timeoutBlockHeight']
|
|
onchain_amount = data["onchainAmount"]
|
|
response_id = data['id']
|
|
# verify redeem_script is built with our pubkey and preimage
|
|
redeem_script = bytes.fromhex(redeem_script)
|
|
parsed_script = [x for x in script_GetOp(redeem_script)]
|
|
if not match_script_against_template(redeem_script, WITNESS_TEMPLATE_REVERSE_SWAP):
|
|
raise Exception("rswap check failed: scriptcode does not match template")
|
|
if script_to_p2wsh(redeem_script.hex()) != lockup_address:
|
|
raise Exception("rswap check failed: inconsistent scriptcode and address")
|
|
if hash_160(preimage) != parsed_script[5][1]:
|
|
raise Exception("rswap check failed: our preimage not in script")
|
|
if pubkey != parsed_script[7][1]:
|
|
raise Exception("rswap check failed: our pubkey not in script")
|
|
if locktime != int.from_bytes(parsed_script[10][1], byteorder='little'):
|
|
raise Exception("rswap check failed: inconsistent locktime and script")
|
|
# check that the onchain amount is what we expected
|
|
if onchain_amount < expected_onchain_amount:
|
|
raise Exception(f"rswap check failed: onchain_amount is less than what we expected: "
|
|
f"{onchain_amount} < {expected_onchain_amount}")
|
|
# verify that we will have enough time to get our tx confirmed
|
|
if locktime - self.network.get_local_height() <= 60:
|
|
raise Exception("rswap check failed: locktime too close")
|
|
# verify invoice preimage_hash
|
|
lnaddr = self.lnworker._check_invoice(invoice)
|
|
invoice_amount = lnaddr.get_amount_sat()
|
|
if lnaddr.paymenthash != preimage_hash:
|
|
raise Exception("rswap check failed: inconsistent RHASH and invoice")
|
|
# check that the lightning amount is what we requested
|
|
if fee_invoice:
|
|
fee_lnaddr = self.lnworker._check_invoice(fee_invoice)
|
|
invoice_amount += fee_lnaddr.get_amount_sat()
|
|
prepay_hash = fee_lnaddr.paymenthash
|
|
else:
|
|
prepay_hash = None
|
|
if int(invoice_amount) != lightning_amount:
|
|
raise Exception(f"rswap check failed: invoice_amount ({invoice_amount}) "
|
|
f"not what we requested ({lightning_amount})")
|
|
# save swap data to wallet file
|
|
swap = SwapData(
|
|
redeem_script = redeem_script,
|
|
locktime = locktime,
|
|
privkey = privkey,
|
|
preimage = preimage,
|
|
prepay_hash = prepay_hash,
|
|
lockup_address = lockup_address,
|
|
onchain_amount = onchain_amount,
|
|
lightning_amount = lightning_amount,
|
|
is_reverse = True,
|
|
is_redeemed = False,
|
|
funding_txid = None,
|
|
spending_txid = None,
|
|
)
|
|
self.swaps[preimage_hash.hex()] = swap
|
|
# add callback to lnwatcher
|
|
self.add_lnwatcher_callback(swap)
|
|
# initiate payment.
|
|
if fee_invoice:
|
|
self.prepayments[prepay_hash] = preimage_hash
|
|
asyncio.ensure_future(self.lnworker._pay(fee_invoice, attempts=10))
|
|
# initiate payment.
|
|
success, log = await self.lnworker._pay(invoice, attempts=10)
|
|
return success
|
|
|
|
async def get_pairs(self) -> None:
|
|
assert self.network
|
|
response = await self.network._send_http_on_proxy(
|
|
'get',
|
|
self.api_url + '/getpairs',
|
|
timeout=30)
|
|
pairs = json.loads(response)
|
|
fees = pairs['pairs']['BTC/BTC']['fees']
|
|
self.percentage = fees['percentage']
|
|
self.normal_fee = fees['minerFees']['baseAsset']['normal']
|
|
self.lockup_fee = fees['minerFees']['baseAsset']['reverse']['lockup']
|
|
limits = pairs['pairs']['BTC/BTC']['limits']
|
|
self.min_amount = limits['minimal']
|
|
self._max_amount = limits['maximal']
|
|
|
|
def get_max_amount(self):
|
|
return min(self._max_amount, LN_MAX_HTLC_VALUE_MSAT // 1000)
|
|
|
|
def check_invoice_amount(self, x):
|
|
return x >= self.min_amount and x <= self._max_amount
|
|
|
|
def get_recv_amount(self, send_amount: Optional[int], is_reverse: bool) -> Optional[int]:
|
|
if send_amount is None:
|
|
return
|
|
x = send_amount
|
|
if is_reverse:
|
|
if not self.check_invoice_amount(x):
|
|
return
|
|
x = int(x * (100 - self.percentage) / 100)
|
|
x -= self.lockup_fee
|
|
x -= self.get_claim_fee()
|
|
if x < dust_threshold():
|
|
return
|
|
else:
|
|
x -= self.normal_fee
|
|
x = int(x / ((100 + self.percentage) / 100))
|
|
if not self.check_invoice_amount(x):
|
|
return
|
|
return x
|
|
|
|
def get_send_amount(self, recv_amount: Optional[int], is_reverse: bool) -> Optional[int]:
|
|
if not recv_amount:
|
|
return
|
|
x = recv_amount
|
|
if is_reverse:
|
|
x += self.lockup_fee
|
|
x += self.get_claim_fee()
|
|
x = int(x * 100 / (100 - self.percentage)) + 1
|
|
if not self.check_invoice_amount(x):
|
|
return
|
|
else:
|
|
if not self.check_invoice_amount(x):
|
|
return
|
|
x = int(x * 100 / (100 + self.percentage)) + 1
|
|
x += self.normal_fee
|
|
return x
|
|
|
|
|