lukechilds
/
lightning
mirror of https://github.com/lukechilds/lightning.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

onchaind: use HSM for signing htlc transactions. 

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
ppa-0.6.1
Rusty Russell 7 years ago
committed by Christian Decker
parent
522b9dc96b
commit
14d6fc4a31
2 changed files with 26 additions and 40 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 57
      onchaind/onchain.c
  2. 9
      onchaind/test/run-grind_feerate.c

57
onchaind/onchain.c
View File

@ -53,9 +53,6 @@ static u32 to_self_delay[NUM_SIDES];
/* Where we send money to (our wallet) */ /* Where we send money to (our wallet) */
static struct pubkey our_wallet_pubkey; static struct pubkey our_wallet_pubkey;
/* Private key for spending HTLC outputs via HTLC txs. */
static struct privkey htlc_privkey;
/* Their revocation secret (only if they cheated). */ /* Their revocation secret (only if they cheated). */
static const struct secret *remote_per_commitment_secret; static const struct secret *remote_per_commitment_secret;
@ -353,6 +350,24 @@ static struct bitcoin_tx *tx_to_us(const tal_t *ctx,
return tx; return tx;
} }
static void hsm_sign_local_htlc_tx(struct bitcoin_tx *tx,
const u8 *wscript,
secp256k1_ecdsa_signature *sig)
{
u8 *msg = towire_hsm_sign_local_htlc_tx(NULL, commit_num,
tx, wscript,
*tx->input[0].amount);
if (!wire_sync_write(HSM_FD, take(msg)))
status_failed(STATUS_FAIL_HSM_IO,
"Writing sign_local_htlc_tx to hsm");
msg = wire_sync_read(tmpctx, HSM_FD);
if (!msg || !fromwire_hsm_sign_tx_reply(msg, sig))
status_failed(STATUS_FAIL_HSM_IO,
"Reading sign_local_htlc_tx: %s",
tal_hex(tmpctx, msg));
}
static struct tracked_output * static struct tracked_output *
new_tracked_output(struct tracked_output ***outs, new_tracked_output(struct tracked_output ***outs,
const struct bitcoin_txid *txid, const struct bitcoin_txid *txid,
@ -1147,10 +1162,7 @@ static void handle_preimage(struct tracked_output **outs,
keyset); keyset);
set_htlc_success_fee(tx, outs[i]->remote_htlc_sig, set_htlc_success_fee(tx, outs[i]->remote_htlc_sig,
outs[i]->wscript); outs[i]->wscript);
sign_tx_input(tx, 0, NULL, outs[i]->wscript, hsm_sign_local_htlc_tx(tx, outs[i]->wscript, &sig);
&htlc_privkey,
&keyset->self_htlc_key,
&sig);
tx->input[0].witness tx->input[0].witness
= bitcoin_witness_htlc_success_tx(tx->input, = bitcoin_witness_htlc_success_tx(tx->input,
&sig, &sig,
@ -1298,8 +1310,7 @@ static void resolve_our_htlc_ourcommit(struct tracked_output *out)
set_htlc_timeout_fee(tx, out->remote_htlc_sig, out->wscript); set_htlc_timeout_fee(tx, out->remote_htlc_sig, out->wscript);
sign_tx_input(tx, 0, NULL, out->wscript, &htlc_privkey, hsm_sign_local_htlc_tx(tx, out->wscript, &localsig);
&keyset->self_htlc_key, &localsig);
tx->input[0].witness tx->input[0].witness
= bitcoin_witness_htlc_timeout_tx(tx->input, = bitcoin_witness_htlc_timeout_tx(tx->input,
@ -1404,7 +1415,6 @@ static void note_missing_htlcs(u8 **htlc_scripts,
static void handle_our_unilateral(const struct bitcoin_tx *tx, static void handle_our_unilateral(const struct bitcoin_tx *tx,
u32 tx_blockheight, u32 tx_blockheight,
const struct bitcoin_txid *txid, const struct bitcoin_txid *txid,
const struct secrets *secrets,
const struct sha256 *shaseed, const struct sha256 *shaseed,
const struct basepoints basepoints[NUM_SIDES], const struct basepoints basepoints[NUM_SIDES],
const struct htlc_stub *htlcs, const struct htlc_stub *htlcs,
@ -1465,14 +1475,6 @@ static void handle_our_unilateral(const struct bitcoin_tx *tx,
type_to_string(tmpctx, struct pubkey, type_to_string(tmpctx, struct pubkey,
&keyset->other_htlc_key)); &keyset->other_htlc_key));
if (!derive_simple_privkey(&secrets->htlc_basepoint_secret,
&basepoints[LOCAL].htlc,
&local_per_commitment_point,
&htlc_privkey))
status_failed(STATUS_FAIL_INTERNAL_ERROR,
"Deriving htlc_privkey for %"PRIu64,
commit_num);
local_wscript = to_self_wscript(tmpctx, to_self_delay[LOCAL], keyset); local_wscript = to_self_wscript(tmpctx, to_self_delay[LOCAL], keyset);
/* Figure out what to-us output looks like. */ /* Figure out what to-us output looks like. */
@ -1684,7 +1686,6 @@ static void handle_their_cheat(const struct bitcoin_tx *tx,
const struct bitcoin_txid *txid, const struct bitcoin_txid *txid,
u32 tx_blockheight, u32 tx_blockheight,
const struct sha256 *revocation_preimage, const struct sha256 *revocation_preimage,
const struct secrets *secrets,
const struct basepoints basepoints[NUM_SIDES], const struct basepoints basepoints[NUM_SIDES],
const struct htlc_stub *htlcs, const struct htlc_stub *htlcs,
const bool *tell_if_missing, const bool *tell_if_missing,
@ -1893,7 +1894,6 @@ static void handle_their_cheat(const struct bitcoin_tx *tx,
static void handle_their_unilateral(const struct bitcoin_tx *tx, static void handle_their_unilateral(const struct bitcoin_tx *tx,
u32 tx_blockheight, u32 tx_blockheight,
const struct bitcoin_txid *txid, const struct bitcoin_txid *txid,
const struct secrets *secrets,
const struct pubkey *this_remote_per_commitment_point, const struct pubkey *this_remote_per_commitment_point,
const struct basepoints basepoints[NUM_SIDES], const struct basepoints basepoints[NUM_SIDES],
const struct htlc_stub *htlcs, const struct htlc_stub *htlcs,
@ -1980,14 +1980,6 @@ static void handle_their_unilateral(const struct bitcoin_tx *tx,
type_to_string(tmpctx, struct pubkey, type_to_string(tmpctx, struct pubkey,
&keyset->other_htlc_key)); &keyset->other_htlc_key));
if (!derive_simple_privkey(&secrets->htlc_basepoint_secret,
&basepoints[LOCAL].htlc,
remote_per_commitment_point,
&htlc_privkey))
status_failed(STATUS_FAIL_INTERNAL_ERROR,
"Deriving htlc_privkey for %"PRIu64,
commit_num);
remote_wscript = to_self_wscript(tmpctx, to_self_delay[REMOTE], keyset); remote_wscript = to_self_wscript(tmpctx, to_self_delay[REMOTE], keyset);
/* Figure out what to-them output looks like. */ /* Figure out what to-them output looks like. */
@ -2116,7 +2108,6 @@ int main(int argc, char *argv[])
struct basepoints basepoints[NUM_SIDES]; struct basepoints basepoints[NUM_SIDES];
struct shachain shachain; struct shachain shachain;
struct bitcoin_tx *tx; struct bitcoin_tx *tx;
struct secrets secrets;
struct sha256 shaseed; struct sha256 shaseed;
struct tracked_output **outs; struct tracked_output **outs;
struct bitcoin_txid our_broadcast_txid, txid; struct bitcoin_txid our_broadcast_txid, txid;
@ -2159,7 +2150,7 @@ int main(int argc, char *argv[])
master_badmsg(WIRE_ONCHAIN_INIT, msg); master_badmsg(WIRE_ONCHAIN_INIT, msg);
} }
derive_basepoints(&seed, NULL, &basepoints[LOCAL], &secrets, &shaseed); derive_basepoints(&seed, NULL, &basepoints[LOCAL], NULL, &shaseed);
bitcoin_txid(tx, &txid); bitcoin_txid(tx, &txid);
/* FIXME: Filter as we go, don't load them all into mem! */ /* FIXME: Filter as we go, don't load them all into mem! */
@ -2224,7 +2215,6 @@ int main(int argc, char *argv[])
if (is_local_commitment(&txid, &our_broadcast_txid)) if (is_local_commitment(&txid, &our_broadcast_txid))
handle_our_unilateral(tx, tx_blockheight, &txid, handle_our_unilateral(tx, tx_blockheight, &txid,
&secrets,
&shaseed, &shaseed,
basepoints, basepoints,
htlcs, htlcs,
@ -2244,7 +2234,6 @@ int main(int argc, char *argv[])
handle_their_cheat(tx, &txid, handle_their_cheat(tx, &txid,
tx_blockheight, tx_blockheight,
&revocation_preimage, &revocation_preimage,
&secrets,
basepoints, basepoints,
htlcs, htlcs,
tell_if_missing, tell_immediately, tell_if_missing, tell_immediately,
@ -2261,7 +2250,7 @@ int main(int argc, char *argv[])
} else if (commit_num == revocations_received(&shachain)) { } else if (commit_num == revocations_received(&shachain)) {
status_trace("Their unilateral tx, old commit point"); status_trace("Their unilateral tx, old commit point");
handle_their_unilateral(tx, tx_blockheight, handle_their_unilateral(tx, tx_blockheight,
&txid, &secrets, &txid,
&old_remote_per_commit_point, &old_remote_per_commit_point,
basepoints, basepoints,
htlcs, htlcs,
@ -2271,7 +2260,7 @@ int main(int argc, char *argv[])
} else if (commit_num == revocations_received(&shachain) + 1) { } else if (commit_num == revocations_received(&shachain) + 1) {
status_trace("Their unilateral tx, new commit point"); status_trace("Their unilateral tx, new commit point");
handle_their_unilateral(tx, tx_blockheight, handle_their_unilateral(tx, tx_blockheight,
&txid, &secrets, &txid,
&remote_per_commit_point, &remote_per_commit_point,
basepoints, basepoints,
htlcs, htlcs,

9
onchaind/test/run-grind_feerate.c
View File

@ -31,12 +31,6 @@ bool derive_keyset(const struct pubkey *per_commitment_point UNNEEDED,
const struct basepoints *other UNNEEDED, const struct basepoints *other UNNEEDED,
struct keyset *keyset UNNEEDED) struct keyset *keyset UNNEEDED)
{ fprintf(stderr, "derive_keyset called!\n"); abort(); } { fprintf(stderr, "derive_keyset called!\n"); abort(); }
/* Generated stub for derive_simple_privkey */
bool derive_simple_privkey(const struct secret *base_secret UNNEEDED,
const struct pubkey *basepoint UNNEEDED,
const struct pubkey *per_commitment_point UNNEEDED,
struct privkey *key UNNEEDED)
{ fprintf(stderr, "derive_simple_privkey called!\n"); abort(); }
/* Generated stub for fromwire_hsm_sign_tx_reply */ /* Generated stub for fromwire_hsm_sign_tx_reply */
bool fromwire_hsm_sign_tx_reply(const void *p UNNEEDED, secp256k1_ecdsa_signature *sig UNNEEDED) bool fromwire_hsm_sign_tx_reply(const void *p UNNEEDED, secp256k1_ecdsa_signature *sig UNNEEDED)
{ fprintf(stderr, "fromwire_hsm_sign_tx_reply called!\n"); abort(); } { fprintf(stderr, "fromwire_hsm_sign_tx_reply called!\n"); abort(); }
@ -118,6 +112,9 @@ u8 *to_self_wscript(const tal_t *ctx UNNEEDED,
/* Generated stub for towire_hsm_sign_delayed_payment_to_us */ /* Generated stub for towire_hsm_sign_delayed_payment_to_us */
u8 *towire_hsm_sign_delayed_payment_to_us(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, u64 input_amount UNNEEDED) u8 *towire_hsm_sign_delayed_payment_to_us(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, u64 input_amount UNNEEDED)
{ fprintf(stderr, "towire_hsm_sign_delayed_payment_to_us called!\n"); abort(); } { fprintf(stderr, "towire_hsm_sign_delayed_payment_to_us called!\n"); abort(); }
/* Generated stub for towire_hsm_sign_local_htlc_tx */
u8 *towire_hsm_sign_local_htlc_tx(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, u64 input_amount UNNEEDED)
{ fprintf(stderr, "towire_hsm_sign_local_htlc_tx called!\n"); abort(); }
/* Generated stub for towire_hsm_sign_penalty_to_us */ /* Generated stub for towire_hsm_sign_penalty_to_us */
u8 *towire_hsm_sign_penalty_to_us(const tal_t *ctx UNNEEDED, const struct secret *revocation_secret UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, u64 input_amount UNNEEDED) u8 *towire_hsm_sign_penalty_to_us(const tal_t *ctx UNNEEDED, const struct secret *revocation_secret UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, u64 input_amount UNNEEDED)
{ fprintf(stderr, "towire_hsm_sign_penalty_to_us called!\n"); abort(); } { fprintf(stderr, "towire_hsm_sign_penalty_to_us called!\n"); abort(); }

Write Preview
Loading…
Cancel
Save