protocol fix: use locktime from *other* side.

Which emerged clearly when setting one side's locktime differently than the other. Each side specifies the (minimum) time they need to notice a fraud attempt: this constrains the *other* side. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
9 years ago · 20bb6c65aa
4 changed files with 8 additions and 8 deletions
--- a/commit_tx.c
+++ b/commit_tx.c
@ -37,7 +37,7 @@ struct bitcoin_tx *create_commit_tx(const tal_t *ctx,
 	if (!proto_to_pubkey(theirs->final, &theirkey))
 		return tal_free(tx);

-	if (!proto_to_locktime(ours, &locktime))
+	if (!proto_to_locktime(theirs, &locktime))
 		return tal_free(tx);

 	/* First output is a P2SH to a complex redeem script (usu. for me) */
--- a/test-cli/create-commit-spend-tx.c
+++ b/test-cli/create-commit-spend-tx.c
@ -34,7 +34,7 @@ int main(int argc, char *argv[])
 	struct sha256 rhash;
 	size_t i, p2sh_out;
 	u64 fee = 10000;
-	u32 locktime_seconds;
+	u32 locktime;

 	err_set_progname(argv[0]);

@ -57,8 +57,8 @@ int main(int argc, char *argv[])

 	o1 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
-	if (!proto_to_locktime(o1, &locktime_seconds))
-		errx(1, "Invalid locktime in o1");
+	if (!proto_to_locktime(o2, &locktime))
+		errx(1, "Invalid locktime in o2");

 	/* We need our private key to spend commit output. */
 	if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
@ -89,8 +89,7 @@ int main(int argc, char *argv[])

 	/* Create redeem script */
 	redeemscript = bitcoin_redeem_revocable(ctx, &pubkey1,
-						locktime_seconds,
-						&pubkey2, &rhash);
+											locktime, &pubkey2, &rhash);

 	/* Now, create transaction to spend it. */
 	tx = bitcoin_tx(ctx, 1, 1);
--- a/test-cli/create-steal-tx.c
+++ b/test-cli/create-steal-tx.c
@ -67,7 +67,7 @@ int main(int argc, char *argv[])

 	o1 = pkt_from_file(argv[4], PKT__PKT_OPEN)->open;
 	o2 = pkt_from_file(argv[5], PKT__PKT_OPEN)->open;
-	if (!proto_to_locktime(o2, &locktime_seconds))
+	if (!proto_to_locktime(o1, &locktime_seconds))
 		errx(1, "Invalid locktime in o2");

 	if (!pubkey_from_hexstr(argv[6], &outpubkey))
--- a/test-cli/scripts/test.sh
+++ b/test-cli/scripts/test.sh
@ -61,7 +61,8 @@ B_FINALKEY=`getprivkey $B_FINALADDR`

 # Both sides say what they want from channel
 $PREFIX ./open-channel $A_SEED $A_AMOUNT $A_CHANGEPUBKEY $A_TMPKEY $A_FINALKEY $A_TXIN > A-open.pb
-$PREFIX ./open-channel $B_SEED $B_AMOUNT $B_CHANGEPUBKEY $B_TMPKEY $B_FINALKEY $B_TXIN > B-open.pb
+# B asks for a (dangerously) short locktime, for testing unilateral close.
+$PREFIX ./open-channel --locktime=60 $B_SEED $B_AMOUNT $B_CHANGEPUBKEY $B_TMPKEY $B_FINALKEY $B_TXIN > B-open.pb

 # Now sign anchor.
 $PREFIX ./open-anchor-scriptsigs A-open.pb B-open.pb $A_TXINKEY > A-anchor-scriptsigs.pb