hsmd: take option_anchor_outputs flag for HTLC signatures.

They are to be signed with SIGHASH_SINGLE|SIGHASH_ANYONECANPAY. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
4 years ago · 7a2f964d43
6 changed files with 59 additions and 17 deletions
--- a/channeld/channeld.c
+++ b/channeld/channeld.c
@ -883,7 +883,8 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
 		wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
 							  txs[i+1]->wtx->inputs[0].index);
 		msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], wscript,
-						     &peer->remote_per_commit);
+						     &peer->remote_per_commit,
+						     false /* FIXME-anchor */);

 		msg = hsm_req(tmpctx, take(msg));
 		if (!fromwire_hsm_sign_tx_reply(msg, &sig))
--- a/hsmd/hsm_wire.csv
+++ b/hsmd/hsm_wire.csv
@ -119,6 +119,7 @@ msgdata,hsm_sign_remote_htlc_to_us,remote_per_commitment_point,pubkey,
 msgdata,hsm_sign_remote_htlc_to_us,tx,bitcoin_tx,
 msgdata,hsm_sign_remote_htlc_to_us,wscript_len,u16,
 msgdata,hsm_sign_remote_htlc_to_us,wscript,u8,wscript_len
+msgdata,hsm_sign_remote_htlc_to_us,option_anchor_outputs,bool,

 msgtype,hsm_sign_penalty_to_us,14
 msgdata,hsm_sign_penalty_to_us,revocation_secret,secret,
@ -132,6 +133,7 @@ msgdata,hsm_sign_local_htlc_tx,commit_num,u64,
 msgdata,hsm_sign_local_htlc_tx,tx,bitcoin_tx,
 msgdata,hsm_sign_local_htlc_tx,wscript_len,u16,
 msgdata,hsm_sign_local_htlc_tx,wscript,u8,wscript_len
+msgdata,hsm_sign_local_htlc_tx,option_anchor_outputs,bool,

 # Openingd/channeld asks HSM to sign the other sides' commitment tx.
 msgtype,hsm_sign_remote_commitment_tx,19
@ -146,6 +148,7 @@ msgdata,hsm_sign_remote_htlc_tx,tx,bitcoin_tx,
 msgdata,hsm_sign_remote_htlc_tx,len,u16,
 msgdata,hsm_sign_remote_htlc_tx,wscript,u8,len
 msgdata,hsm_sign_remote_htlc_tx,remote_per_commit_point,pubkey,
+msgdata,hsm_sign_remote_htlc_tx,option_anchor_outputs,bool,

 # closingd asks HSM to sign mutual close tx.
 msgtype,hsm_sign_mutual_close_tx,21
--- a/hsmd/hsmd.c
+++ b/hsmd/hsmd.c
@ -1034,10 +1034,12 @@ static struct io_plan *handle_sign_remote_htlc_tx(struct io_conn *conn,
 	u8 *wscript;
 	struct privkey htlc_privkey;
 	struct pubkey htlc_pubkey;
+	bool option_anchor_outputs;

 	if (!fromwire_hsm_sign_remote_htlc_tx(tmpctx, msg_in,
 					      &tx, &wscript,
-					      &remote_per_commit_point))
+					      &remote_per_commit_point,
+					      &option_anchor_outputs))
 		return bad_req(conn, c, msg_in);
 	tx->chainparams = c->chainparams;
 	get_channel_seed(&c->id, c->dbid, &channel_seed);
@ -1056,8 +1058,16 @@ static struct io_plan *handle_sign_remote_htlc_tx(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in,
 				   "Failed deriving htlc pubkey");

+	/* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #3:
+	 * ## HTLC-Timeout and HTLC-Success Transactions
+	 *...
+	 * * if `option_anchor_outputs` applies to this commitment transaction,
+	 *   `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used.
+	 */
 	sign_tx_input(tx, 0, NULL, wscript, &htlc_privkey, &htlc_pubkey,
-		      SIGHASH_ALL, &sig);
+		      option_anchor_outputs
+		      ? (SIGHASH_SINGLE|SIGHASH_ANYONECANPAY)
+		      : SIGHASH_ALL, &sig);

 	return req_reply(conn, c, take(towire_hsm_sign_tx_reply(NULL, &sig)));
 }
@ -1070,7 +1080,8 @@ static struct io_plan *handle_sign_to_us_tx(struct io_conn *conn,
 					    const u8 *msg_in,
 					    struct bitcoin_tx *tx,
 					    const struct privkey *privkey,
-					    const u8 *wscript)
+					    const u8 *wscript,
+					    enum sighash_type sighash_type)
 {
 	struct bitcoin_signature sig;
 	struct pubkey pubkey;
@ -1081,7 +1092,7 @@ static struct io_plan *handle_sign_to_us_tx(struct io_conn *conn,
 	if (tx->wtx->num_inputs != 1)
 		return bad_req_fmt(conn, c, msg_in, "bad txinput count");

-	sign_tx_input(tx, 0, NULL, wscript, privkey, &pubkey, SIGHASH_ALL, &sig);
+	sign_tx_input(tx, 0, NULL, wscript, privkey, &pubkey, sighash_type, &sig);

 	return req_reply(conn, c, take(towire_hsm_sign_tx_reply(NULL, &sig)));
 }
@ -1139,7 +1150,8 @@ static struct io_plan *handle_sign_delayed_payment_to_us(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in, "failed deriving privkey");

 	return handle_sign_to_us_tx(conn, c, msg_in,
-				    tx, &privkey, wscript);
+				    tx, &privkey, wscript,
+				    SIGHASH_ALL);
 }

 /*~ This is used when a commitment transaction is onchain, and has an HTLC
@ -1155,10 +1167,12 @@ static struct io_plan *handle_sign_remote_htlc_to_us(struct io_conn *conn,
 	struct pubkey remote_per_commitment_point;
 	struct privkey privkey;
 	u8 *wscript;
+	bool option_anchor_outputs;

 	if (!fromwire_hsm_sign_remote_htlc_to_us(tmpctx, msg_in,
 						 &remote_per_commitment_point,
-						 &tx, &wscript))
+						 &tx, &wscript,
+						 &option_anchor_outputs))
 		return bad_req(conn, c, msg_in);

 	tx->chainparams = c->chainparams;
@ -1176,8 +1190,17 @@ static struct io_plan *handle_sign_remote_htlc_to_us(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in,
 				   "Failed deriving htlc privkey");

+	/* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #3:
+	 * ## HTLC-Timeout and HTLC-Success Transactions
+	 *...
+	 * * if `option_anchor_outputs` applies to this commitment transaction,
+	 *   `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used.
+	 */
 	return handle_sign_to_us_tx(conn, c, msg_in,
-				    tx, &privkey, wscript);
+				    tx, &privkey, wscript,
+				    option_anchor_outputs
+				    ? (SIGHASH_SINGLE|SIGHASH_ANYONECANPAY)
+				    : SIGHASH_ALL);
 }

 /*~ This is used when the remote peer's commitment transaction is revoked;
@ -1219,7 +1242,8 @@ static struct io_plan *handle_sign_penalty_to_us(struct io_conn *conn,
 				   "Failed deriving revocation privkey");

 	return handle_sign_to_us_tx(conn, c, msg_in,
-				    tx, &privkey, wscript);
+				    tx, &privkey, wscript,
+				    SIGHASH_ALL);
 }

 /*~ This is used when a commitment transaction is onchain, and has an HTLC
@ -1238,9 +1262,11 @@ static struct io_plan *handle_sign_local_htlc_tx(struct io_conn *conn,
 	struct bitcoin_signature sig;
 	struct privkey htlc_privkey;
 	struct pubkey htlc_pubkey;
+	bool option_anchor_outputs;

 	if (!fromwire_hsm_sign_local_htlc_tx(tmpctx, msg_in,
-					     &commit_num, &tx, &wscript))
+					     &commit_num, &tx, &wscript,
+					     &option_anchor_outputs))
 		return bad_req(conn, c, msg_in);

 	tx->chainparams = c->chainparams;
@ -1274,8 +1300,18 @@ static struct io_plan *handle_sign_local_htlc_tx(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in, "bad txinput count");

 	/* FIXME: Check that output script is correct! */
+
+	/* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #3:
+	 * ## HTLC-Timeout and HTLC-Success Transactions
+	 *...
+	 * * if `option_anchor_outputs` applies to this commitment transaction,
+	 *   `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is used.
+	 */
 	sign_tx_input(tx, 0, NULL, wscript, &htlc_privkey, &htlc_pubkey,
-		      SIGHASH_ALL, &sig);
+		      option_anchor_outputs
+		      ? (SIGHASH_SINGLE|SIGHASH_ANYONECANPAY)
+		      : SIGHASH_ALL,
+		      &sig);

 	return req_reply(conn, c, take(towire_hsm_sign_tx_reply(NULL, &sig)));
 }
--- a/onchaind/onchaind.c
+++ b/onchaind/onchaind.c
@ -574,7 +574,8 @@ static u8 *remote_htlc_to_us(const tal_t *ctx,
 {
 	return towire_hsm_sign_remote_htlc_to_us(ctx,
 						 remote_per_commitment_point,
-						 tx, wscript);
+						 tx, wscript,
+						 false /* FIXME-anchor */);
 }

 static u8 *penalty_to_us(const tal_t *ctx,
@ -678,7 +679,8 @@ static void hsm_sign_local_htlc_tx(struct bitcoin_tx *tx,
 				   struct bitcoin_signature *sig)
 {
 	u8 *msg = towire_hsm_sign_local_htlc_tx(NULL, commit_num,
-						tx, wscript);
+						tx, wscript,
+						false /* FIXME-anchor */);

 	if (!wire_sync_write(HSM_FD, take(msg)))
 		status_failed(STATUS_FAIL_HSM_IO,
--- a/onchaind/test/run-grind_feerate-bug.c
+++ b/onchaind/test/run-grind_feerate-bug.c
@ -231,7 +231,7 @@ u8 *towire_hsm_sign_delayed_payment_to_us(const tal_t *ctx UNNEEDED, u64 commit_
 u8 *towire_hsm_sign_penalty_to_us(const tal_t *ctx UNNEEDED, const struct secret *revocation_secret UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_penalty_to_us called!\n"); abort(); }
 /* Generated stub for towire_hsm_sign_remote_htlc_to_us */
-u8 *towire_hsm_sign_remote_htlc_to_us(const tal_t *ctx UNNEEDED, const struct pubkey *remote_per_commitment_point UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
+u8 *towire_hsm_sign_remote_htlc_to_us(const tal_t *ctx UNNEEDED, const struct pubkey *remote_per_commitment_point UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, bool option_anchor_outputs UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_remote_htlc_to_us called!\n"); abort(); }
 /* Generated stub for towire_onchain_add_utxo */
 u8 *towire_onchain_add_utxo(const tal_t *ctx UNNEEDED, const struct bitcoin_txid *prev_out_tx UNNEEDED, u32 prev_out_index UNNEEDED, const struct pubkey *per_commit_point UNNEEDED, struct amount_sat value UNNEEDED, u32 blockheight UNNEEDED, const u8 *scriptpubkey UNNEEDED)
@ -294,7 +294,7 @@ void towire_u8_array(u8 **pptr UNNEEDED, const u8 *arr UNNEEDED, size_t num UNNE
 /* AUTOGENERATED MOCKS END */

 /* Stubs which do get called. */
-u8 *towire_hsm_sign_local_htlc_tx(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
+u8 *towire_hsm_sign_local_htlc_tx(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, bool option_anchor_outputs UNNEEDED)
 {
 	return NULL;
 }
--- a/onchaind/test/run-grind_feerate.c
+++ b/onchaind/test/run-grind_feerate.c
@ -245,13 +245,13 @@ u8 *towire_hsm_get_per_commitment_point(const tal_t *ctx UNNEEDED, u64 n UNNEEDE
 u8 *towire_hsm_sign_delayed_payment_to_us(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_delayed_payment_to_us called!\n"); abort(); }
 /* Generated stub for towire_hsm_sign_local_htlc_tx */
-u8 *towire_hsm_sign_local_htlc_tx(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
+u8 *towire_hsm_sign_local_htlc_tx(const tal_t *ctx UNNEEDED, u64 commit_num UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, bool option_anchor_outputs UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_local_htlc_tx called!\n"); abort(); }
 /* Generated stub for towire_hsm_sign_penalty_to_us */
 u8 *towire_hsm_sign_penalty_to_us(const tal_t *ctx UNNEEDED, const struct secret *revocation_secret UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_penalty_to_us called!\n"); abort(); }
 /* Generated stub for towire_hsm_sign_remote_htlc_to_us */
-u8 *towire_hsm_sign_remote_htlc_to_us(const tal_t *ctx UNNEEDED, const struct pubkey *remote_per_commitment_point UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED)
+u8 *towire_hsm_sign_remote_htlc_to_us(const tal_t *ctx UNNEEDED, const struct pubkey *remote_per_commitment_point UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const u8 *wscript UNNEEDED, bool option_anchor_outputs UNNEEDED)
 { fprintf(stderr, "towire_hsm_sign_remote_htlc_to_us called!\n"); abort(); }
 /* Generated stub for towire_onchain_add_utxo */
 u8 *towire_onchain_add_utxo(const tal_t *ctx UNNEEDED, const struct bitcoin_txid *prev_out_tx UNNEEDED, u32 prev_out_index UNNEEDED, const struct pubkey *per_commit_point UNNEEDED, struct amount_sat value UNNEEDED, u32 blockheight UNNEEDED, const u8 *scriptpubkey UNNEEDED)