Browse Source

daemon: assert that all anchor inputs are witness.

Otherwise, they're malleable.  We only care about our own anchor:
their anchor is their problem (and they'll probably get away with it).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
ppa-0.6.1
Rusty Russell 9 years ago
parent
commit
1568774e62
  1. 5
      daemon/peer.c

5
daemon/peer.c

@ -1258,6 +1258,7 @@ static void got_feerate(struct lightningd_state *dstate,
{ {
u64 fee; u64 fee;
struct bitcoin_tx *tx = bitcoin_tx(peer, 1, 1); struct bitcoin_tx *tx = bitcoin_tx(peer, 1, 1);
size_t i;
tx->output[0].script = scriptpubkey_p2sh(tx, peer->anchor.redeemscript); tx->output[0].script = scriptpubkey_p2sh(tx, peer->anchor.redeemscript);
tx->output[0].script_length = tal_count(tx->output[0].script); tx->output[0].script_length = tal_count(tx->output[0].script);
@ -1287,6 +1288,10 @@ static void got_feerate(struct lightningd_state *dstate,
/* We'll need this later, when we're told to broadcast it. */ /* We'll need this later, when we're told to broadcast it. */
peer->anchor.satoshis = tx->output[0].amount; peer->anchor.satoshis = tx->output[0].amount;
/* To avoid malleation, all inputs must be segwit! */
for (i = 0; i < tx->input_count; i++)
assert(tx->input[i].witness);
state_event(peer, BITCOIN_ANCHOR_CREATED, NULL); state_event(peer, BITCOIN_ANCHOR_CREATED, NULL);
} }

Loading…
Cancel
Save