lukechilds
/
lightning
mirror of https://github.com/lukechilds/lightning.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

test-cli/create-secret-spend-tx: more general tool to spend secret-or-delay outputs 

Immediately replaces create-commit-spend-tx and create-steal-tx.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
ppa-0.6.1
Rusty Russell 10 years ago
parent
402cd67e10
commit
7564e3f475
5 changed files with 161 additions and 264 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      Makefile
  2. 129
      test-cli/create-commit-spend-tx.c
  3. 154
      test-cli/create-secret-spend-tx.c
  4. 132
      test-cli/create-steal-tx.c
  5. 8
      test-cli/scripts/test.sh

2
Makefile
View File

@ -8,7 +8,7 @@ FEATURES := -DHAS_CSV=1 -DALPHA_TXSTYLE=1 -DUSE_SCHNORR=1
# Bitcoin uses DER for signatures # Bitcoin uses DER for signatures
#FEATURES := -DSCRIPTS_USE_DER #FEATURES := -DSCRIPTS_USE_DER
PROGRAMS := test-cli/open-channel test-cli/open-commit-sig test-cli/check-commit-sig test-cli/get-anchor-depth test-cli/create-steal-tx test-cli/create-commit-spend-tx test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx test-cli/txid-of test-cli/create-anchor-tx test-cli/open-anchor-id test-cli/open-complete test-cli/check-open-complete test-cli/open-escape-sigs test-cli/create-escape-tx test-cli/get-revocation-secret test-cli/extract-revocation-preimage PROGRAMS := test-cli/open-channel test-cli/open-commit-sig test-cli/check-commit-sig test-cli/get-anchor-depth test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx test-cli/txid-of test-cli/create-anchor-tx test-cli/open-anchor-id test-cli/open-complete test-cli/check-open-complete test-cli/open-escape-sigs test-cli/create-escape-tx test-cli/get-revocation-secret test-cli/extract-revocation-preimage test-cli/create-secret-spend-tx
BITCOIN_OBJS := bitcoin/address.o bitcoin/base58.o bitcoin/pubkey.o bitcoin/script.o bitcoin/shadouble.o bitcoin/signature.o bitcoin/tx.o BITCOIN_OBJS := bitcoin/address.o bitcoin/base58.o bitcoin/pubkey.o bitcoin/script.o bitcoin/shadouble.o bitcoin/signature.o bitcoin/tx.o

129
test-cli/create-commit-spend-tx.c
View File

@ -1,129 +0,0 @@
#include <ccan/crypto/shachain/shachain.h>
#include <ccan/short_types/short_types.h>
#include <ccan/tal/tal.h>
#include <ccan/opt/opt.h>
#include <ccan/str/hex/hex.h>
#include <ccan/err/err.h>
#include <ccan/structeq/structeq.h>
#include "lightning.pb-c.h"
#include "bitcoin/base58.h"
#include "pkt.h"
#include "bitcoin/script.h"
#include "permute_tx.h"
#include "bitcoin/signature.h"
#include "commit_tx.h"
#include "bitcoin/pubkey.h"
#include "bitcoin/privkey.h"
#include "bitcoin/address.h"
#include "opt_bits.h"
#include "find_p2sh_out.h"
#include "protobuf_convert.h"
#include <unistd.h>
int main(int argc, char *argv[])
{
const tal_t *ctx = tal_arr(NULL, char, 0);
OpenChannel *o1, *o2;
struct bitcoin_tx *commit, *tx;
struct bitcoin_signature sig;
struct privkey privkey;
bool testnet;
struct pubkey pubkey1, pubkey2, outpubkey;
u8 *redeemscript;
struct sha256 rhash;
size_t i, p2sh_out;
u64 fee = 10000;
u32 locktime;
err_set_progname(argv[0]);
/* FIXME: If we've updated channel since, we need the final
* revocation hash we sent (either update_accept or update_complete) */
opt_register_noarg("--help|-h", opt_usage_and_exit,
"<commitment-tx> <open-channel-file1> <open-channel-file2> <my-privoutkey> <someaddress> [previous-updates]\n"
"Create the transaction to spend our commit transaction",
"Print this message.");
opt_register_arg("--fee=<bits>",
opt_set_bits, opt_show_bits, &fee,
"100's of satoshi to pay in transaction fee");
opt_parse(&argc, argv, opt_log_stderr_exit);
if (argc < 6)
opt_usage_exit_fail("Expected 5+ arguments");
commit = bitcoin_tx_from_file(ctx, argv[1]);
o1 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open;
o2 = pkt_from_file(argv[3], PKT__PKT_OPEN)->open;
if (!proto_to_locktime(o2, &locktime))
errx(1, "Invalid locktime in o2");
/* We need our private key to spend commit output. */
if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey1))
errx(1, "Invalid private key '%s'", argv[4]);
if (!testnet)
errx(1, "Private key '%s' not on testnet!", argv[4]);
if (!pubkey_from_hexstr(argv[5], &outpubkey))
errx(1, "Invalid bitcoin pubkey '%s'", argv[5]);
/* Get pubkeys */
if (!proto_to_pubkey(o1->final, &pubkey2))
errx(1, "Invalid o1 final pubkey");
if (pubkey_len(&pubkey1) != pubkey_len(&pubkey2)
|| memcmp(pubkey1.key, pubkey2.key, pubkey_len(&pubkey2)) != 0)
errx(1, "o1 pubkey != this privkey");
if (!proto_to_pubkey(o2->final, &pubkey2))
errx(1, "Invalid o2 final pubkey");
/* o1 gives us the revocation hash */
proto_to_sha256(o1->revocation_hash, &rhash);
/* Latest revocation hash comes from last update. */
for (i = 6; i < argc; i++) {
Update *u = pkt_from_file(argv[i], PKT__PKT_UPDATE)->update;
proto_to_sha256(u->revocation_hash, &rhash);
}
/* Create redeem script */
redeemscript = bitcoin_redeem_secret_or_delay(ctx, &pubkey1, locktime,
&pubkey2, &rhash);
/* Now, create transaction to spend it. */
tx = bitcoin_tx(ctx, 1, 1);
bitcoin_txid(commit, &tx->input[0].txid);
p2sh_out = find_p2sh_out(commit, redeemscript);
tx->input[0].index = p2sh_out;
tx->input[0].input_amount = commit->output[p2sh_out].amount;
tx->fee = fee;
/* Sequence number is inverted timeout. */
tx->input[0].sequence_number = ~locktime;
if (commit->output[p2sh_out].amount <= fee)
errx(1, "Amount of %llu won't exceed fee",
(unsigned long long)commit->output[p2sh_out].amount);
tx->output[0].amount = commit->output[p2sh_out].amount - fee;
tx->output[0].script = scriptpubkey_p2sh(tx,
bitcoin_redeem_single(tx, &outpubkey));
tx->output[0].script_length = tal_count(tx->output[0].script);
/* Now get signature, to set up input script. */
if (!sign_tx_input(tx, tx, 0, redeemscript, tal_count(redeemscript),
&privkey, &pubkey1, &sig.sig))
errx(1, "Could not sign tx");
sig.stype = SIGHASH_ALL;
tx->input[0].script = scriptsig_p2sh_secret(tx, NULL, 0, &sig,
redeemscript,
tal_count(redeemscript));
tx->input[0].script_length = tal_count(tx->input[0].script);
/* Print it out in hex. */
if (!bitcoin_tx_write(STDOUT_FILENO, tx))
err(1, "Writing out transaction");
tal_free(ctx);
return 0;
}

154
test-cli/create-secret-spend-tx.c
View File

@ -0,0 +1,154 @@
#include <ccan/crypto/shachain/shachain.h>
#include <ccan/short_types/short_types.h>
#include <ccan/tal/tal.h>
#include <ccan/opt/opt.h>
#include <ccan/str/hex/hex.h>
#include <ccan/err/err.h>
#include <ccan/structeq/structeq.h>
#include "bitcoin/base58.h"
#include "pkt.h"
#include "bitcoin/script.h"
#include "permute_tx.h"
#include "bitcoin/signature.h"
#include "commit_tx.h"
#include "bitcoin/pubkey.h"
#include "bitcoin/privkey.h"
#include "bitcoin/address.h"
#include "opt_bits.h"
#include "find_p2sh_out.h"
#include "protobuf_convert.h"
#include <unistd.h>
int main(int argc, char *argv[])
{
const tal_t *ctx = tal_arr(NULL, char, 0);
struct bitcoin_tx *intx, *tx;
struct bitcoin_signature sig;
struct privkey privkey;
bool testnet;
struct pubkey pubkey, other_pubkey, dst_pubkey;
u8 *redeemscript;
struct sha256 shash, blob;
u64 fee = 10000;
u32 locktime;
bool use_secret = false, use_hash = false, hash_secret = false;
err_set_progname(argv[0]);
/* There are two cases: if we have the secret, and if we don't. */
opt_register_noarg("--help|-h", opt_usage_and_exit,
"<txin> <other-key> <delay> <privkey> <dstpubkey> <secret-or-hash>\n"
"Create the transaction to spend a time-or-secret-locked output",
"Print this message.");
opt_register_arg("--fee=<bits>",
opt_set_bits, opt_show_bits, &fee,
"100's of satoshi to pay in transaction fee");
opt_register_noarg("--secret",
opt_set_bool, &use_secret,
"We have the secret");
opt_register_noarg("--no-secret",
opt_set_bool, &use_hash,
"We do not have the secret");
opt_register_noarg("--hash-secret",
opt_set_bool, &hash_secret,
"We have the secret, but don't use it");
opt_parse(&argc, argv, opt_log_stderr_exit);
if (argc != 7)
opt_usage_exit_fail("Expected 6 arguments");
if (hash_secret)
use_hash = true;
if (!use_secret && !use_hash)
opt_usage_exit_fail("Need --secret, --no-secret or --hash_secret");
intx = bitcoin_tx_from_file(ctx, argv[1]);
if (!pubkey_from_hexstr(argv[2], &other_pubkey))
errx(1, "Invalid bitcoin pubkey '%s'", argv[2]);
locktime = atoi(argv[3]);
if (!locktime)
errx(1, "Invalid locktime '%s'", argv[3]);
/* Seconds offset for locktime. */
locktime += 500000000;
/* We need our private key to spend output. */
if (!key_from_base58(argv[4], strlen(argv[4]), &testnet, &privkey, &pubkey))
errx(1, "Invalid private key '%s'", argv[4]);
if (!testnet)
errx(1, "Private key '%s' not on testnet!", argv[4]);
if (!pubkey_from_hexstr(argv[5], &dst_pubkey))
errx(1, "Invalid bitcoin pubkey '%s'", argv[5]);
if (!hex_decode(argv[6], strlen(argv[6]), &blob, sizeof(blob)))
errx(1, "Invalid %s '%s' - need 256 hex bits", argv[6],
use_hash ? "secrethash" : "secret");
if (hash_secret || use_secret)
sha256(&shash, &blob, sizeof(blob));
else
shash = blob;
/* Create redeem script */
if (use_secret) {
redeemscript = bitcoin_redeem_secret_or_delay(ctx, &other_pubkey,
locktime,
&pubkey, &shash);
} else {
redeemscript = bitcoin_redeem_secret_or_delay(ctx, &pubkey,
locktime,
&other_pubkey,
&shash);
}
/* Now, create transaction to spend it. */
tx = bitcoin_tx(ctx, 1, 1);
bitcoin_txid(intx, &tx->input[0].txid);
tx->input[0].index = find_p2sh_out(intx, redeemscript);
tx->input[0].input_amount = intx->output[tx->input[0].index].amount;
tx->fee = fee;
/* Sequence number is inverted timeout. */
if (use_hash)
tx->input[0].sequence_number = ~locktime;
if (tx->input[0].input_amount <= tx->fee)
errx(1, "Amount of %llu won't exceed fee",
(unsigned long long)tx->input[0].input_amount);
tx->output[0].amount = tx->input[0].input_amount - tx->fee;
tx->output[0].script = scriptpubkey_p2sh(tx,
bitcoin_redeem_single(tx, &dst_pubkey));
tx->output[0].script_length = tal_count(tx->output[0].script);
/* Now get signature, to set up input script. */
sig.stype = SIGHASH_ALL;
if (!sign_tx_input(tx, tx, 0, redeemscript, tal_count(redeemscript),
&privkey, &pubkey, &sig.sig))
errx(1, "Could not sign tx");
if (use_secret) {
tx->input[0].script
= scriptsig_p2sh_secret(tx,
&blob, sizeof(blob), &sig,
redeemscript,
tal_count(redeemscript));
} else {
tx->input[0].script
= scriptsig_p2sh_secret(tx,
NULL, 0, &sig,
redeemscript,
tal_count(redeemscript));
}
tx->input[0].script_length = tal_count(tx->input[0].script);
/* Print it out in hex. */
if (!bitcoin_tx_write(STDOUT_FILENO, tx))
err(1, "Writing out transaction");
tal_free(ctx);
return 0;
}

132
test-cli/create-steal-tx.c
View File

@ -1,132 +0,0 @@
#include <ccan/crypto/shachain/shachain.h>
#include <ccan/short_types/short_types.h>
#include <ccan/tal/tal.h>
#include <ccan/opt/opt.h>
#include <ccan/str/hex/hex.h>
#include <ccan/err/err.h>
#include "lightning.pb-c.h"
#include "bitcoin/base58.h"
#include "pkt.h"
#include "bitcoin/script.h"
#include "permute_tx.h"
#include "bitcoin/signature.h"
#include "commit_tx.h"
#include "bitcoin/pubkey.h"
#include "bitcoin/privkey.h"
#include "protobuf_convert.h"
#include <unistd.h>
int main(int argc, char *argv[])
{
const tal_t *ctx = tal_arr(NULL, char, 0);
struct sha256 revoke_preimage, revoke_hash;
OpenChannel *o1, *o2;
Pkt *pkt;
struct bitcoin_tx *commit, *tx;
u8 *redeemscript, *p2sh;
size_t i;
struct pubkey pubkey1, pubkey2, outpubkey;
struct bitcoin_signature sig;
struct privkey privkey;
bool testnet;
u32 locktime_seconds;
err_set_progname(argv[0]);
opt_register_noarg("--help|-h", opt_usage_and_exit,
"<commit-tx> <revocation-preimage> <final-privkey> <open-channel-file1> <open-channel-file2> <outpubkey>\n"
"Create a transaction which spends commit-tx's revocable output, and sends it P2SH to outpubkey",
"Print this message.");
opt_parse(&argc, argv, opt_log_stderr_exit);
if (argc != 7)
opt_usage_exit_fail("Expected 6 arguments");
commit = bitcoin_tx_from_file(ctx, argv[1]);
pkt = any_pkt_from_file(argv[2]);
switch (pkt->pkt_case) {
case PKT__PKT_UPDATE_SIGNATURE:
proto_to_sha256(pkt->update_signature->revocation_preimage,
&revoke_preimage);
break;
case PKT__PKT_UPDATE_COMPLETE:
proto_to_sha256(pkt->update_complete->revocation_preimage,
&revoke_preimage);
break;
default:
errx(1, "Expected update or update-complete in %s", argv[2]);
}
if (!key_from_base58(argv[3], strlen(argv[3]), &testnet, &privkey, &pubkey1))
errx(1, "Invalid private key '%s'", argv[3]);
if (!testnet)
errx(1, "Private key '%s' not on testnet!", argv[3]);
o1 = pkt_from_file(argv[4], PKT__PKT_OPEN)->open;
o2 = pkt_from_file(argv[5], PKT__PKT_OPEN)->open;
if (!proto_to_locktime(o1, &locktime_seconds))
errx(1, "Invalid locktime in o2");
if (!pubkey_from_hexstr(argv[6], &outpubkey))
errx(1, "Invalid bitcoin pubkey '%s'", argv[6]);
/* Get pubkeys */
if (!proto_to_pubkey(o1->final, &pubkey2))
errx(1, "Invalid o1 final pubkey");
if (pubkey_len(&pubkey1) != pubkey_len(&pubkey2)
|| memcmp(pubkey1.key, pubkey2.key, pubkey_len(&pubkey2)) != 0)
errx(1, "o1 pubkey != this privkey");
if (!proto_to_pubkey(o2->final, &pubkey2))
errx(1, "Invalid o2 final pubkey");
/* Now, which commit output? Match redeem script. */
sha256(&revoke_hash, &revoke_preimage, sizeof(revoke_preimage));
redeemscript = bitcoin_redeem_secret_or_delay(ctx, &pubkey2,
locktime_seconds,
&pubkey1, &revoke_hash);
p2sh = scriptpubkey_p2sh(ctx, redeemscript);
for (i = 0; i < commit->output_count; i++) {
if (commit->output[i].script_length != tal_count(p2sh))
continue;
if (memcmp(commit->output[i].script, p2sh, tal_count(p2sh)) == 0)
break;
}
if (i == commit->output_count)
errx(1, "No matching output in %s", argv[1]);
tx = bitcoin_tx(ctx, 1, 1);
bitcoin_txid(commit, &tx->input[0].txid);
tx->input[0].index = i;
tx->input[0].input_amount = commit->output[i].amount;
/* Leave 10,000 satoshi as fee. */
tx->fee = 10000;
tx->output[0].amount = commit->output[i].amount - tx->fee;
tx->output[0].script = scriptpubkey_p2sh(tx,
bitcoin_redeem_single(tx, &outpubkey));
tx->output[0].script_length = tal_count(tx->output[0].script);
/* Now get signature, to set up input script. */
if (!sign_tx_input(tx, tx, 0, redeemscript, tal_count(redeemscript),
&privkey, &pubkey1, &sig.sig))
errx(1, "Could not sign tx");
sig.stype = SIGHASH_ALL;
tx->input[0].script = scriptsig_p2sh_secret(tx,
&revoke_preimage,
sizeof(revoke_preimage),
&sig,
redeemscript,
tal_count(redeemscript));
tx->input[0].script_length = tal_count(tx->input[0].script);
/* Print it out in hex. */
if (!bitcoin_tx_write(STDOUT_FILENO, tx))
err(1, "Writing out transaction");
tal_free(ctx);
return 0;
}

8
test-cli/scripts/test.sh
View File

@ -77,10 +77,12 @@ B_ESCSECRET=112233445566778899aabbccddeeff00112233445566778899aabbccddeeff0f
A_CHANGEPUBKEY=`getpubkey $A_CHANGEADDR` A_CHANGEPUBKEY=`getpubkey $A_CHANGEADDR`
A_TMPKEY=`getprivkey $A_TMPADDR` A_TMPKEY=`getprivkey $A_TMPADDR`
A_FINALKEY=`getprivkey $A_FINALADDR` A_FINALKEY=`getprivkey $A_FINALADDR`
A_FINALPUBKEY=`getpubkey $A_FINALADDR`
B_CHANGEPUBKEY=`getpubkey $B_CHANGEADDR` B_CHANGEPUBKEY=`getpubkey $B_CHANGEADDR`
B_TMPKEY=`getprivkey $B_TMPADDR` B_TMPKEY=`getprivkey $B_TMPADDR`
B_FINALKEY=`getprivkey $B_FINALADDR` B_FINALKEY=`getprivkey $B_FINALADDR`
B_FINALPUBKEY=`getpubkey $B_FINALADDR`
# Both sides say what they want from channel # Both sides say what they want from channel
# FIXME: Use pubkeys for tmpkey and finalkey here! # FIXME: Use pubkeys for tmpkey and finalkey here!
@ -157,7 +159,8 @@ if [ x"$1" = x--steal ]; then
$CLI sendrawtransaction `cut -d: -f1 A-commit-1.tx` > A-commit-1.txid $CLI sendrawtransaction `cut -d: -f1 A-commit-1.tx` > A-commit-1.txid
# B uses the preimage from A-update-sig-2 to cash in. # B uses the preimage from A-update-sig-2 to cash in.
$PREFIX ./create-steal-tx A-commit-1.tx A-update-sig-2.pb $B_FINALKEY B-open.pb A-open.pb $B_CHANGEPUBKEY > B-commit-steal.tx $PREFIX ./extract-revocation-preimage A-update-sig-2.pb > A-revocation-1
$PREFIX ./create-secret-spend-tx --secret A-commit-1.tx $A_FINALPUBKEY 60 $B_FINALKEY $B_CHANGEPUBKEY `cat A-revocation-1` > B-commit-steal.tx
$CLI sendrawtransaction `cut -d: -f1 B-commit-steal.tx` > B-commit-steal.txid $CLI sendrawtransaction `cut -d: -f1 B-commit-steal.tx` > B-commit-steal.txid
exit 0 exit 0
@ -165,7 +168,8 @@ fi
if [ x"$1" = x--unilateral ]; then if [ x"$1" = x--unilateral ]; then
$CLI sendrawtransaction `cut -d: -f1 A-commit-2.tx` > A-commit-2.txid $CLI sendrawtransaction `cut -d: -f1 A-commit-2.tx` > A-commit-2.txid
$PREFIX ./create-commit-spend-tx A-commit-2.tx A-open.pb B-open.pb $A_FINALKEY $A_CHANGEPUBKEY A-update-1.pb A-update-2.pb > A-spend.tx $PREFIX ./get-revocation-secret --hash $A_SEED 2 > A-commit-2.rhash
$PREFIX ./create-secret-spend-tx --no-secret A-commit-2.tx $B_FINALPUBKEY 60 $A_FINALKEY $A_CHANGEPUBKEY `cat A-commit-2.rhash` > A-spend.tx
send_after_delay `cut -d: -f1 A-spend.tx` > A-spend.txid send_after_delay `cut -d: -f1 A-spend.tx` > A-spend.txid
exit 0 exit 0
fi fi

Write Preview
Loading…
Cancel
Save