From 052c9f42d4a898b5d4c9cf607e94eadb4fe94706 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Tue, 29 Aug 2017 01:25:01 +0930 Subject: [PATCH] bitcoin/script: remove routines unnecessary for modern daemon. Signed-off-by: Rusty Russell --- bitcoin/script.c | 201 +---------------------------------- bitcoin/script.h | 48 +-------- lightningd/onchain/onchain.c | 4 +- 3 files changed, 10 insertions(+), 243 deletions(-) diff --git a/bitcoin/script.c b/bitcoin/script.c index 3c0e2f6e6..e2905e891 100644 --- a/bitcoin/script.c +++ b/bitcoin/script.c @@ -182,15 +182,6 @@ u8 *bitcoin_redeem_2of2(const tal_t *ctx, return script; } -/* tal_count() gives the length of the script. */ -u8 *bitcoin_redeem_single(const tal_t *ctx, const struct pubkey *key) -{ - u8 *script = tal_arr(ctx, u8, 0); - add_push_key(&script, key); - add_op(&script, OP_CHECKSIG); - return script; -} - /* Create p2sh for this redeem script. */ u8 *scriptpubkey_p2sh(const tal_t *ctx, const u8 *redeemscript) { @@ -347,117 +338,6 @@ u8 **bitcoin_witness_2of2(const tal_t *ctx, return witness; } -/* Create a script for our HTLC output: sending. */ -u8 *bitcoin_redeem_htlc_send(const tal_t *ctx, - const struct pubkey *ourkey, - const struct pubkey *theirkey, - const struct abs_locktime *htlc_abstimeout, - const struct rel_locktime *locktime, - const struct sha256 *commit_revoke, - const struct sha256 *rhash) -{ - /* R value presented: -> them. - * Commit revocation value presented: -> them. - * HTLC times out -> us. */ - u8 *script = tal_arr(ctx, u8, 0); - struct ripemd160 ripemd; - - /* Must be 32 bytes long. */ - add_op(&script, OP_SIZE); - add_number(&script, 32); - add_op(&script, OP_EQUALVERIFY); - - add_op(&script, OP_HASH160); - add_op(&script, OP_DUP); - /* Did they supply HTLC R value? */ - ripemd160(&ripemd, rhash->u.u8, sizeof(rhash->u)); - add_push_bytes(&script, &ripemd, sizeof(ripemd)); - add_op(&script, OP_EQUAL); - add_op(&script, OP_SWAP); - /* How about commit revocation value? */ - ripemd160(&ripemd, commit_revoke->u.u8, sizeof(commit_revoke->u)); - add_push_bytes(&script, &ripemd, sizeof(ripemd)); - add_op(&script, OP_EQUAL); - add_op(&script, OP_ADD); - - /* If either matched... */ - add_op(&script, OP_IF); - add_push_key(&script, theirkey); - - add_op(&script, OP_ELSE); - - /* If HTLC times out, they can collect after a delay. */ - add_number(&script, htlc_abstimeout->locktime); - add_op(&script, OP_CHECKLOCKTIMEVERIFY); - add_number(&script, locktime->locktime); - add_op(&script, OP_CHECKSEQUENCEVERIFY); - add_op(&script, OP_2DROP); - add_push_key(&script, ourkey); - - add_op(&script, OP_ENDIF); - add_op(&script, OP_CHECKSIG); - - return script; -} - -/* Create a script for our HTLC output: receiving. */ -u8 *bitcoin_redeem_htlc_recv(const tal_t *ctx, - const struct pubkey *ourkey, - const struct pubkey *theirkey, - const struct abs_locktime *htlc_abstimeout, - const struct rel_locktime *locktime, - const struct sha256 *commit_revoke, - const struct sha256 *rhash) -{ - /* R value presented: -> us. - * Commit revocation value presented: -> them. - * HTLC times out -> them. */ - u8 *script = tal_arr(ctx, u8, 0); - struct ripemd160 ripemd; - - add_op(&script, OP_SIZE); - add_number(&script, 32); - add_op(&script, OP_EQUALVERIFY); - - add_op(&script, OP_HASH160); - add_op(&script, OP_DUP); - - /* Did we supply HTLC R value? */ - ripemd160(&ripemd, rhash->u.u8, sizeof(rhash->u)); - add_push_bytes(&script, &ripemd, sizeof(ripemd)); - add_op(&script, OP_EQUAL); - add_op(&script, OP_IF); - - add_number(&script, locktime->locktime); - add_op(&script, OP_CHECKSEQUENCEVERIFY); - /* Drop extra hash as well as locktime. */ - add_op(&script, OP_2DROP); - - add_push_key(&script, ourkey); - - add_op(&script, OP_ELSE); - - /* If they provided commit revocation, available immediately. */ - ripemd160(&ripemd, commit_revoke->u.u8, sizeof(commit_revoke->u)); - add_push_bytes(&script, &ripemd, sizeof(ripemd)); - add_op(&script, OP_EQUAL); - - add_op(&script, OP_NOTIF); - - /* Otherwise, they must wait for HTLC timeout. */ - add_number(&script, htlc_abstimeout->locktime); - add_op(&script, OP_CHECKLOCKTIMEVERIFY); - add_op(&script, OP_DROP); - add_op(&script, OP_ENDIF); - - add_push_key(&script, theirkey); - - add_op(&script, OP_ENDIF); - add_op(&script, OP_CHECKSIG); - - return script; -} - /* Create scriptcode (fake witness, basically) for P2WPKH */ u8 *p2wpkh_scriptcode(const tal_t *ctx, const struct pubkey *key) { @@ -542,73 +422,20 @@ bool is_p2wpkh(const u8 *script) return true; } -/* A common script pattern: A can have it with secret, or B can have - * it after delay. */ -u8 *bitcoin_redeem_secret_or_delay(const tal_t *ctx, - const struct pubkey *delayed_key, - const struct rel_locktime *locktime, - const struct pubkey *key_if_secret_known, - const struct sha256 *hash_of_secret) -{ - struct ripemd160 ripemd; - u8 *script = tal_arr(ctx, u8, 0); - - ripemd160(&ripemd, hash_of_secret->u.u8, sizeof(hash_of_secret->u)); - - /* If the secret is supplied.... */ - add_op(&script, OP_HASH160); - add_push_bytes(&script, ripemd.u.u8, sizeof(ripemd.u.u8)); - add_op(&script, OP_EQUAL); - add_op(&script, OP_IF); - - /* They can collect the funds. */ - add_push_key(&script, key_if_secret_known); - - add_op(&script, OP_ELSE); - - /* Other can collect after a delay. */ - add_number(&script, locktime->locktime); - add_op(&script, OP_CHECKSEQUENCEVERIFY); - add_op(&script, OP_DROP); - add_push_key(&script, delayed_key); - - add_op(&script, OP_ENDIF); - add_op(&script, OP_CHECKSIG); - - return script; -} - -u8 **bitcoin_witness_secret(const tal_t *ctx, - const void *secret, size_t secret_len, - const secp256k1_ecdsa_signature *sig, - const u8 *witnessscript) +u8 **bitcoin_witness_sig_and_empty(const tal_t *ctx, + const secp256k1_ecdsa_signature *sig, + const u8 *witnessscript) { u8 **witness = tal_arr(ctx, u8 *, 3); witness[0] = stack_sig(witness, sig); - witness[1] = tal_dup_arr(witness, u8, secret, secret_len, 0); + witness[1] = NULL; witness[2] = tal_dup_arr(witness, u8, witnessscript, tal_count(witnessscript), 0); return witness; } -u8 **bitcoin_witness_htlc(const tal_t *ctx, - const void *htlc_or_revocation_preimage, - const secp256k1_ecdsa_signature *sig, - const u8 *witnessscript) -{ - static const struct sha256 no_preimage; - - /* Use 32 zeroes if no preimage. */ - if (!htlc_or_revocation_preimage) - htlc_or_revocation_preimage = &no_preimage; - - return bitcoin_witness_secret(ctx, - htlc_or_revocation_preimage, - 32, sig, witnessscript); -} - /* BOLT #3: * * This output sends funds back to the owner of this commitment transaction, @@ -644,26 +471,6 @@ u8 *bitcoin_wscript_to_local(const tal_t *ctx, u16 to_self_delay, return script; } -u8 **bitcoin_to_local_spend_delayedkey(const tal_t *ctx, - const secp256k1_ecdsa_signature *local_delayedsig, - const u8 *wscript) -{ - /* BOLT #3: - * - * It is spent by a transaction with `nSequence` field set to - * `to_self_delay` (which can only be valid after that duration has - * passed), and witness: - * - * 0 - */ - u8 **witness = tal_arr(ctx, u8 *, 3); - - witness[0] = stack_sig(witness, local_delayedsig); - witness[1] = stack_number(witness, 0); - witness[2] = tal_dup_arr(witness, u8, wscript, tal_len(wscript), 0); - return witness; -} - u8 **bitcoin_to_local_spend_revocation(const tal_t *ctx, const secp256k1_ecdsa_signature *revocation_sig, const u8 *wscript) diff --git a/bitcoin/script.h b/bitcoin/script.h index 42b2eebbc..d01a1a616 100644 --- a/bitcoin/script.h +++ b/bitcoin/script.h @@ -20,18 +20,6 @@ u8 *bitcoin_redeem_2of2(const tal_t *ctx, const struct pubkey *key1, const struct pubkey *key2); -/* tal_count() gives the length of the script. */ -u8 *bitcoin_redeem_single(const tal_t *ctx, - const struct pubkey *key); - -/* A common script pattern: A can have it with secret, or B can have - * it after delay. */ -u8 *bitcoin_redeem_secret_or_delay(const tal_t *ctx, - const struct pubkey *delayed_key, - const struct rel_locktime *locktime, - const struct pubkey *key_if_secret_known, - const struct sha256 *hash_of_secret); - /* Create an output script using p2sh for this redeem script. */ u8 *scriptpubkey_p2sh(const tal_t *ctx, const u8 *redeemscript); @@ -57,24 +45,6 @@ u8 *bitcoin_scriptsig_p2sh_p2wpkh(const tal_t *ctx, const struct pubkey *key); /* Create scriptcode (fake witness, basically) for P2WPKH */ u8 *p2wpkh_scriptcode(const tal_t *ctx, const struct pubkey *key); -/* Create a script for our HTLC output: sending. */ -u8 *bitcoin_redeem_htlc_send(const tal_t *ctx, - const struct pubkey *ourkey, - const struct pubkey *theirkey, - const struct abs_locktime *htlc_abstimeout, - const struct rel_locktime *locktime, - const struct sha256 *commit_revoke, - const struct sha256 *rhash); - -/* Create a script for our HTLC output: receiving. */ -u8 *bitcoin_redeem_htlc_recv(const tal_t *ctx, - const struct pubkey *ourkey, - const struct pubkey *theirkey, - const struct abs_locktime *htlc_abstimeout, - const struct rel_locktime *locktime, - const struct sha256 *commit_revoke, - const struct sha256 *rhash); - /* Create an output script for a 32-byte witness program. */ u8 *scriptpubkey_p2wsh(const tal_t *ctx, const u8 *witnessscript); @@ -96,26 +66,16 @@ u8 **bitcoin_witness_p2wpkh(const tal_t *ctx, const secp256k1_ecdsa_signature *sig, const struct pubkey *key); -/* Create a witness which spends a "secret_or_delay" scriptpubkey */ -u8 **bitcoin_witness_secret(const tal_t *ctx, - const void *secret, size_t secret_len, - const secp256k1_ecdsa_signature *sig, - const u8 *witnessscript); - -/* Create a witness which spends bitcoin_redeeem_htlc_recv/send */ -u8 **bitcoin_witness_htlc(const tal_t *ctx, - const void *htlc_or_revocation_preimage, - const secp256k1_ecdsa_signature *sig, - const u8 *witnessscript); +/* Create a witness which contains sig, an empty entry, and the witnessscript */ +u8 **bitcoin_witness_sig_and_empty(const tal_t *ctx, + const secp256k1_ecdsa_signature *sig, + const u8 *witnessscript); /* BOLT #3 to-local output */ u8 *bitcoin_wscript_to_local(const tal_t *ctx, u16 to_self_delay, const struct pubkey *revocation_pubkey, const struct pubkey *local_delayedkey); -u8 **bitcoin_to_local_spend_delayedkey(const tal_t *ctx, - const secp256k1_ecdsa_signature *local_delayedsig, - const u8 *wscript); u8 **bitcoin_to_local_spend_revocation(const tal_t *ctx, const secp256k1_ecdsa_signature *revocation_sig, const u8 *wscript); diff --git a/lightningd/onchain/onchain.c b/lightningd/onchain/onchain.c index af2ae2a6b..cd7bcbbde 100644 --- a/lightningd/onchain/onchain.c +++ b/lightningd/onchain/onchain.c @@ -615,8 +615,8 @@ static struct bitcoin_tx *tx_to_us(const tal_t *ctx, tx->output[0].amount -= fee; sign_tx_input(tx, 0, NULL, wscript, privkey, pubkey, &sig); - tx->input[0].witness = bitcoin_witness_secret(tx->input, NULL, 0, - &sig, wscript); + tx->input[0].witness = bitcoin_witness_sig_and_empty(tx->input, + &sig, wscript); return tx; }