diff --git a/Makefile b/Makefile index e7ab93c79..05e5aea6e 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ FEATURES := -DHAS_CSV=1 -DALPHA_TXSTYLE=1 -DUSE_SCHNORR=1 # Bitcoin uses DER for signatures #FEATURES := -DSCRIPTS_USE_DER -PROGRAMS := test-cli/open-channel test-cli/open-anchor-scriptsigs test-cli/leak-anchor-sigs test-cli/open-commit-sig test-cli/check-commit-sig test-cli/check-anchor-scriptsigs test-cli/get-anchor-depth test-cli/create-steal-tx test-cli/create-commit-spend-tx test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx +PROGRAMS := test-cli/open-channel test-cli/open-anchor-scriptsigs test-cli/open-commit-sig test-cli/check-commit-sig test-cli/check-anchor-scriptsigs test-cli/get-anchor-depth test-cli/create-steal-tx test-cli/create-commit-spend-tx test-cli/close-channel test-cli/create-close-tx test-cli/update-channel test-cli/update-channel-accept test-cli/update-channel-signature test-cli/update-channel-complete test-cli/create-commit-tx BITCOIN_OBJS := bitcoin/address.o bitcoin/base58.o bitcoin/pubkey.o bitcoin/script.o bitcoin/shadouble.o bitcoin/signature.o bitcoin/tx.o @@ -50,7 +50,7 @@ distclean: clean $(RM) lightning.pb-c.c lightning.pb-c.h ccan/config.h clean: - $(RM) $(PROGRAMS) + $(RM) $(PROGRAMS) test-cli/leak-anchor-sigs $(RM) bitcoin/*.o *.o $(CCAN_OBJS) ccan-tal.o: $(CCANDIR)/ccan/tal/tal.c diff --git a/anchor.c b/anchor.c index a0184144a..a1d1ecd51 100644 --- a/anchor.c +++ b/anchor.c @@ -161,26 +161,7 @@ bool anchor_add_scriptsigs(struct bitcoin_tx *anchor, return true; } -void anchor_txid(struct bitcoin_tx *anchor, - const char *leakfile1, const char *leakfile2, - const size_t *inmap, - struct sha256_double *txid) +void anchor_txid(struct bitcoin_tx *anchor, struct sha256_double *txid) { - Pkt *p1, *p2; - LeakAnchorSigsAndPretendWeDidnt *leak1, *leak2; - - p1 = pkt_from_file(leakfile1, PKT__PKT_OMG_FAIL); - p2 = pkt_from_file(leakfile2, PKT__PKT_OMG_FAIL); - leak1 = p1->omg_fail; - leak2 = p2->omg_fail; - - if (!anchor_add_scriptsigs(anchor, leak1->sigs, leak2->sigs, inmap)) - errx(1, "Expected %llu total inputs, not %zu + %zu", - (long long)anchor->input_count, - leak1->sigs->n_script, leak2->sigs->n_script); - bitcoin_txid(anchor, txid); - - pkt__free_unpacked(p1, NULL); - pkt__free_unpacked(p2, NULL); } diff --git a/anchor.h b/anchor.h index e15626211..e1bfe3cf7 100644 --- a/anchor.h +++ b/anchor.h @@ -27,7 +27,5 @@ bool anchor_add_scriptsigs(struct bitcoin_tx *anchor, /* We wouldn't need the leak files if we had normalized txids! */ void anchor_txid(struct bitcoin_tx *anchor, - const char *leakfile1, const char *leakfile2, - const size_t *inmap, struct sha256_double *txid); #endif /* LIGHTNING_ANCHOR_H */ diff --git a/lightning.pb-c.c b/lightning.pb-c.c index 7e1ab2faf..2962b6741 100644 --- a/lightning.pb-c.c +++ b/lightning.pb-c.c @@ -394,49 +394,6 @@ void open_anchor_scriptsigs__free_unpacked assert(message->base.descriptor == &open_anchor_scriptsigs__descriptor); protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); } -void leak_anchor_sigs_and_pretend_we_didnt__init - (LeakAnchorSigsAndPretendWeDidnt *message) -{ - static LeakAnchorSigsAndPretendWeDidnt init_value = LEAK_ANCHOR_SIGS_AND_PRETEND_WE_DIDNT__INIT; - *message = init_value; -} -size_t leak_anchor_sigs_and_pretend_we_didnt__get_packed_size - (const LeakAnchorSigsAndPretendWeDidnt *message) -{ - assert(message->base.descriptor == &leak_anchor_sigs_and_pretend_we_didnt__descriptor); - return protobuf_c_message_get_packed_size ((const ProtobufCMessage*)(message)); -} -size_t leak_anchor_sigs_and_pretend_we_didnt__pack - (const LeakAnchorSigsAndPretendWeDidnt *message, - uint8_t *out) -{ - assert(message->base.descriptor == &leak_anchor_sigs_and_pretend_we_didnt__descriptor); - return protobuf_c_message_pack ((const ProtobufCMessage*)message, out); -} -size_t leak_anchor_sigs_and_pretend_we_didnt__pack_to_buffer - (const LeakAnchorSigsAndPretendWeDidnt *message, - ProtobufCBuffer *buffer) -{ - assert(message->base.descriptor == &leak_anchor_sigs_and_pretend_we_didnt__descriptor); - return protobuf_c_message_pack_to_buffer ((const ProtobufCMessage*)message, buffer); -} -LeakAnchorSigsAndPretendWeDidnt * - leak_anchor_sigs_and_pretend_we_didnt__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data) -{ - return (LeakAnchorSigsAndPretendWeDidnt *) - protobuf_c_message_unpack (&leak_anchor_sigs_and_pretend_we_didnt__descriptor, - allocator, len, data); -} -void leak_anchor_sigs_and_pretend_we_didnt__free_unpacked - (LeakAnchorSigsAndPretendWeDidnt *message, - ProtobufCAllocator *allocator) -{ - assert(message->base.descriptor == &leak_anchor_sigs_and_pretend_we_didnt__descriptor); - protobuf_c_message_free_unpacked ((ProtobufCMessage*)message, allocator); -} void open_complete__init (OpenComplete *message) { @@ -1722,44 +1679,6 @@ const ProtobufCMessageDescriptor open_anchor_scriptsigs__descriptor = (ProtobufCMessageInit) open_anchor_scriptsigs__init, NULL,NULL,NULL /* reserved[123] */ }; -static const ProtobufCFieldDescriptor leak_anchor_sigs_and_pretend_we_didnt__field_descriptors[1] = -{ - { - "sigs", - 1, - PROTOBUF_C_LABEL_REQUIRED, - PROTOBUF_C_TYPE_MESSAGE, - 0, /* quantifier_offset */ - offsetof(LeakAnchorSigsAndPretendWeDidnt, sigs), - &open_anchor_scriptsigs__descriptor, - NULL, - 0, /* flags */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, -}; -static const unsigned leak_anchor_sigs_and_pretend_we_didnt__field_indices_by_name[] = { - 0, /* field[0] = sigs */ -}; -static const ProtobufCIntRange leak_anchor_sigs_and_pretend_we_didnt__number_ranges[1 + 1] = -{ - { 1, 0 }, - { 0, 1 } -}; -const ProtobufCMessageDescriptor leak_anchor_sigs_and_pretend_we_didnt__descriptor = -{ - PROTOBUF_C__MESSAGE_DESCRIPTOR_MAGIC, - "leak_anchor_sigs_and_pretend_we_didnt", - "LeakAnchorSigsAndPretendWeDidnt", - "LeakAnchorSigsAndPretendWeDidnt", - "", - sizeof(LeakAnchorSigsAndPretendWeDidnt), - 1, - leak_anchor_sigs_and_pretend_we_didnt__field_descriptors, - leak_anchor_sigs_and_pretend_we_didnt__field_indices_by_name, - 1, leak_anchor_sigs_and_pretend_we_didnt__number_ranges, - (ProtobufCMessageInit) leak_anchor_sigs_and_pretend_we_didnt__init, - NULL,NULL,NULL /* reserved[123] */ -}; static const ProtobufCFieldDescriptor open_complete__field_descriptors[1] = { { @@ -2306,7 +2225,7 @@ const ProtobufCMessageDescriptor error__descriptor = (ProtobufCMessageInit) error__init, NULL,NULL,NULL /* reserved[123] */ }; -static const ProtobufCFieldDescriptor pkt__field_descriptors[16] = +static const ProtobufCFieldDescriptor pkt__field_descriptors[15] = { { "update", @@ -2404,18 +2323,6 @@ static const ProtobufCFieldDescriptor pkt__field_descriptors[16] = 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ 0,NULL,NULL /* reserved1,reserved2, etc */ }, - { - "omg_fail", - 205, - PROTOBUF_C_LABEL_OPTIONAL, - PROTOBUF_C_TYPE_MESSAGE, - offsetof(Pkt, pkt_case), - offsetof(Pkt, omg_fail), - &leak_anchor_sigs_and_pretend_we_didnt__descriptor, - NULL, - 0 | PROTOBUF_C_FIELD_FLAG_ONEOF, /* flags */ - 0,NULL,NULL /* reserved1,reserved2, etc */ - }, { "new_anchor", 301, @@ -2502,14 +2409,13 @@ static const ProtobufCFieldDescriptor pkt__field_descriptors[16] = }, }; static const unsigned pkt__field_indices_by_name[] = { - 13, /* field[13] = close */ - 14, /* field[14] = close_complete */ - 15, /* field[15] = error */ - 9, /* field[9] = new_anchor */ - 11, /* field[11] = new_anchor_accept */ - 10, /* field[10] = new_anchor_ack */ - 12, /* field[12] = new_anchor_complete */ - 8, /* field[8] = omg_fail */ + 12, /* field[12] = close */ + 13, /* field[13] = close_complete */ + 14, /* field[14] = error */ + 8, /* field[8] = new_anchor */ + 10, /* field[10] = new_anchor_accept */ + 9, /* field[9] = new_anchor_ack */ + 11, /* field[11] = new_anchor_complete */ 4, /* field[4] = open */ 6, /* field[6] = open_anchor_scriptsigs */ 5, /* field[5] = open_commit_sig */ @@ -2523,10 +2429,10 @@ static const ProtobufCIntRange pkt__number_ranges[5 + 1] = { { 1, 0 }, { 201, 4 }, - { 301, 9 }, - { 401, 13 }, - { 1000, 15 }, - { 0, 16 } + { 301, 8 }, + { 401, 12 }, + { 1000, 14 }, + { 0, 15 } }; const ProtobufCMessageDescriptor pkt__descriptor = { @@ -2536,7 +2442,7 @@ const ProtobufCMessageDescriptor pkt__descriptor = "Pkt", "", sizeof(Pkt), - 16, + 15, pkt__field_descriptors, pkt__field_indices_by_name, 5, pkt__number_ranges, diff --git a/lightning.pb-c.h b/lightning.pb-c.h index cb18af640..abf25539e 100644 --- a/lightning.pb-c.h +++ b/lightning.pb-c.h @@ -24,7 +24,6 @@ typedef struct _Anchor Anchor; typedef struct _OpenChannel OpenChannel; typedef struct _OpenCommitSig OpenCommitSig; typedef struct _OpenAnchorScriptsigs OpenAnchorScriptsigs; -typedef struct _LeakAnchorSigsAndPretendWeDidnt LeakAnchorSigsAndPretendWeDidnt; typedef struct _OpenComplete OpenComplete; typedef struct _Update Update; typedef struct _UpdateAccept UpdateAccept; @@ -248,25 +247,6 @@ struct _OpenAnchorScriptsigs , 0,NULL } -/* - * BROKEN AND INSECURE!!! - * This should not exist; it's completely insecure! But we need to sign - * the commitment transaction before we sign the anchor transaction, which - * doesn't work at all with current bitcoin (as we don't know the anchor - * txid until it's signed by both sides, and then we'd have to worry about - * malleability anyway). So for testing, we send the scriptsigs for the - * anchor transaction's inputs immediately. - */ -struct _LeakAnchorSigsAndPretendWeDidnt -{ - ProtobufCMessage base; - OpenAnchorScriptsigs *sigs; -}; -#define LEAK_ANCHOR_SIGS_AND_PRETEND_WE_DIDNT__INIT \ - { PROTOBUF_C_MESSAGE_INIT (&leak_anchor_sigs_and_pretend_we_didnt__descriptor) \ - , NULL } - - /* * Indicates we've seen transaction reach min-depth. */ @@ -489,7 +469,6 @@ struct _Error typedef enum { PKT__PKT__NOT_SET = 0, PKT__PKT_OPEN = 201, - PKT__PKT_OMG_FAIL = 205, PKT__PKT_OPEN_COMMIT_SIG = 202, PKT__PKT_OPEN_ANCHOR_SCRIPTSIGS = 203, PKT__PKT_OPEN_COMPLETE = 204, @@ -518,7 +497,6 @@ struct _Pkt * Opening */ OpenChannel *open; - LeakAnchorSigsAndPretendWeDidnt *omg_fail; OpenCommitSig *open_commit_sig; OpenAnchorScriptsigs *open_anchor_scriptsigs; OpenComplete *open_complete; @@ -723,25 +701,6 @@ OpenAnchorScriptsigs * void open_anchor_scriptsigs__free_unpacked (OpenAnchorScriptsigs *message, ProtobufCAllocator *allocator); -/* LeakAnchorSigsAndPretendWeDidnt methods */ -void leak_anchor_sigs_and_pretend_we_didnt__init - (LeakAnchorSigsAndPretendWeDidnt *message); -size_t leak_anchor_sigs_and_pretend_we_didnt__get_packed_size - (const LeakAnchorSigsAndPretendWeDidnt *message); -size_t leak_anchor_sigs_and_pretend_we_didnt__pack - (const LeakAnchorSigsAndPretendWeDidnt *message, - uint8_t *out); -size_t leak_anchor_sigs_and_pretend_we_didnt__pack_to_buffer - (const LeakAnchorSigsAndPretendWeDidnt *message, - ProtobufCBuffer *buffer); -LeakAnchorSigsAndPretendWeDidnt * - leak_anchor_sigs_and_pretend_we_didnt__unpack - (ProtobufCAllocator *allocator, - size_t len, - const uint8_t *data); -void leak_anchor_sigs_and_pretend_we_didnt__free_unpacked - (LeakAnchorSigsAndPretendWeDidnt *message, - ProtobufCAllocator *allocator); /* OpenComplete methods */ void open_complete__init (OpenComplete *message); @@ -1037,9 +996,6 @@ typedef void (*OpenCommitSig_Closure) typedef void (*OpenAnchorScriptsigs_Closure) (const OpenAnchorScriptsigs *message, void *closure_data); -typedef void (*LeakAnchorSigsAndPretendWeDidnt_Closure) - (const LeakAnchorSigsAndPretendWeDidnt *message, - void *closure_data); typedef void (*OpenComplete_Closure) (const OpenComplete *message, void *closure_data); @@ -1097,7 +1053,6 @@ extern const ProtobufCMessageDescriptor anchor__descriptor; extern const ProtobufCMessageDescriptor open_channel__descriptor; extern const ProtobufCMessageDescriptor open_commit_sig__descriptor; extern const ProtobufCMessageDescriptor open_anchor_scriptsigs__descriptor; -extern const ProtobufCMessageDescriptor leak_anchor_sigs_and_pretend_we_didnt__descriptor; extern const ProtobufCMessageDescriptor open_complete__descriptor; extern const ProtobufCMessageDescriptor update__descriptor; extern const ProtobufCMessageDescriptor update_accept__descriptor; diff --git a/lightning.proto b/lightning.proto index 6c823658a..53db7dc7e 100644 --- a/lightning.proto +++ b/lightning.proto @@ -99,18 +99,6 @@ message open_anchor_scriptsigs { repeated bytes script = 1; } -// BROKEN AND INSECURE!!! -// -// This should not exist; it's completely insecure! But we need to sign -// the commitment transaction before we sign the anchor transaction, which -// doesn't work at all with current bitcoin (as we don't know the anchor -// txid until it's signed by both sides, and then we'd have to worry about -// malleability anyway). So for testing, we send the scriptsigs for the -// anchor transaction's inputs immediately. -message leak_anchor_sigs_and_pretend_we_didnt { - required open_anchor_scriptsigs sigs = 1; -} - // Indicates we've seen transaction reach min-depth. message open_complete { // Block it went into. @@ -202,7 +190,6 @@ message pkt { oneof pkt { // Opening open_channel open = 201; - leak_anchor_sigs_and_pretend_we_didnt omg_fail = 205; open_commit_sig open_commit_sig = 202; open_anchor_scriptsigs open_anchor_scriptsigs = 203; open_complete open_complete = 204; diff --git a/pkt.c b/pkt.c index cb49f75dc..9b4943f8c 100644 --- a/pkt.c +++ b/pkt.c @@ -110,16 +110,6 @@ struct pkt *open_anchor_sig_pkt(const tal_t *ctx, u8 **sigs, size_t num_sigs) return to_pkt(ctx, PKT__PKT_OPEN_ANCHOR_SCRIPTSIGS, &o); } -struct pkt *leak_anchor_sigs_and_pretend_we_didnt_pkt(const tal_t *ctx, - OpenAnchorScriptsigs *s) -{ - LeakAnchorSigsAndPretendWeDidnt omg_fail - = LEAK_ANCHOR_SIGS_AND_PRETEND_WE_DIDNT__INIT; - - omg_fail.sigs = s; - return to_pkt(ctx, PKT__PKT_OMG_FAIL, &omg_fail); -} - struct pkt *open_commit_sig_pkt(const tal_t *ctx, const struct signature *sig) { OpenCommitSig o = OPEN_COMMIT_SIG__INIT; diff --git a/pkt.h b/pkt.h index c8ff0fa48..2b65edbdc 100644 --- a/pkt.h +++ b/pkt.h @@ -54,15 +54,6 @@ struct pkt *openchannel_pkt(const tal_t *ctx, */ struct pkt *open_anchor_sig_pkt(const tal_t *ctx, u8 **sigs, size_t num_sigs); -/** - * leak_anchor_sigs_and_pretend_we_didnt_pkt - leak anchor scriptsigs - * @ctx: tal context to allocate off. - * @s: OpenAnchorSig. - */ -struct pkt *leak_anchor_sigs_and_pretend_we_didnt_pkt(const tal_t *ctx, - OpenAnchorScriptsigs *s); - - /** * open_commit_sig_pkt - create an open_commit_sig message * @ctx: tal context to allocate off. diff --git a/test-cli/HOWTO-USE.md b/test-cli/HOWTO-USE.md index 2963b300b..a3289ffac 100644 --- a/test-cli/HOWTO-USE.md +++ b/test-cli/HOWTO-USE.md @@ -76,44 +76,30 @@ B: test-cli/open-anchor-scriptsigs B-open.pb A-open.pb ... > B-anchor-scriptsigs.pb -STEP 3 (The INSECURE hack!) ------- -Because we don't have tx normalization or equivalent, we need to -share the signed anchor inputs so the other side can create the -first commitment transaction. - -A: - - test-cli/leak-anchor-sigs A-anchor-scriptsigs.pb > A-leak-anchor-sigs.pb - -B: - - test-cli/leak-anchor-sigs B-anchor-scriptsigs.pb > B-leak-anchor-sigs.pb - -STEP 4 +STEP 3 ------ Now both sides create the commitment transaction signatures which spend the transaction output: A: - test-cli/open-commit-sig A-open.pb B-open.pb A-leak-anchor-sigs.pb B-leak-anchor-sigs.pb > A-commit-sig.pb + test-cli/open-commit-sig A-open.pb B-open.pb > A-commit-sig.pb B: - test-cli/open-commit-sig B-open.pb A-open.ob B-leak-anchor-sigs.pb A-leak-anchor-sigs.pb > B-commit-sig.pb + test-cli/open-commit-sig B-open.pb A-open.ob > B-commit-sig.pb -STEP 5 +STEP 4 ------ Check the commitment signatures from the other side, and produce commit txs. A: - test-cli/check-commit-sig A-open.pb B-open.pb B-commit-sig.pb A-leak-anchor-sigs.pb B-leak-anchor-sigs.pb > A-commit-0.tx + test-cli/check-commit-sig A-open.pb B-open.pb B-commit-sig.pb > A-commit-0.tx B: - test-cli/check-commit-sig B-open.pb A-open.pb A-commit-sig.pb B-leak-anchor-sigs.pb A-leak-anchor-sigs.pb > B-commit-0.tx + test-cli/check-commit-sig B-open.pb A-open.pb A-commit-sig.pb > B-commit-0.tx -STEP 6 +STEP 5 ------ Check the anchor signatures from the other side, and use them to generate the anchor transaction (as a hex string, suitable for bitcoind). @@ -129,7 +115,7 @@ They should be identical: cmp A-anchor.tx B-anchor.tx || echo FAIL -STEP 7 +STEP 6 ------ Broadcast the anchor transaction: diff --git a/test-cli/check-commit-sig.c b/test-cli/check-commit-sig.c index f722b1af0..9593478c8 100644 --- a/test-cli/check-commit-sig.c +++ b/test-cli/check-commit-sig.c @@ -35,14 +35,14 @@ int main(int argc, char *argv[]) err_set_progname(argv[0]); opt_register_noarg("--help|-h", opt_usage_and_exit, - " \n" + " \n" "Output the commitment transaction if both signatures are valid", "Print this message."); opt_parse(&argc, argv, opt_log_stderr_exit); - if (argc != 7) - opt_usage_exit_fail("Expected 6 arguments"); + if (argc != 5) + opt_usage_exit_fail("Expected 4 arguments"); o1 = pkt_from_file(argv[1], PKT__PKT_OPEN)->open; o2 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open; @@ -61,7 +61,7 @@ int main(int argc, char *argv[]) anchor = anchor_tx_create(ctx, o1, o2, &inmap, &outmap); if (!anchor) errx(1, "Failed transaction merge"); - anchor_txid(anchor, argv[5], argv[6], inmap, &txid); + anchor_txid(anchor, &txid); /* Now create our commitment tx. */ proto_to_sha256(o1->revocation_hash, &rhash); diff --git a/test-cli/open-commit-sig.c b/test-cli/open-commit-sig.c index 113a95997..d959cc286 100644 --- a/test-cli/open-commit-sig.c +++ b/test-cli/open-commit-sig.c @@ -36,14 +36,14 @@ int main(int argc, char *argv[]) err_set_progname(argv[0]); opt_register_noarg("--help|-h", opt_usage_and_exit, - " \n" + " \n" "Create the signature needed for the commit transaction", "Print this message."); opt_parse(&argc, argv, opt_log_stderr_exit); - if (argc != 6) - opt_usage_exit_fail("Expected 5 arguments"); + if (argc != 4) + opt_usage_exit_fail("Expected 3 arguments"); o1 = pkt_from_file(argv[1], PKT__PKT_OPEN)->open; o2 = pkt_from_file(argv[2], PKT__PKT_OPEN)->open; @@ -59,7 +59,7 @@ int main(int argc, char *argv[]) errx(1, "Failed transaction merge"); /* Get the transaction ID of the anchor. */ - anchor_txid(anchor, argv[4], argv[5], inmap, &txid); + anchor_txid(anchor, &txid); /* Now create THEIR commitment tx to spend 2/2 output of anchor. */ proto_to_sha256(o2->revocation_hash, &rhash); diff --git a/test-cli/scripts/test.sh b/test-cli/scripts/test.sh index 3ab06e563..72e9fa4a7 100755 --- a/test-cli/scripts/test.sh +++ b/test-cli/scripts/test.sh @@ -68,18 +68,14 @@ $PREFIX ./open-channel --locktime=60 $B_SEED $B_AMOUNT $B_CHANGEPUBKEY $B_TMPKEY $PREFIX ./open-anchor-scriptsigs A-open.pb B-open.pb $A_TXINKEY > A-anchor-scriptsigs.pb $PREFIX ./open-anchor-scriptsigs B-open.pb A-open.pb $B_TXINKEY > B-anchor-scriptsigs.pb -# Now leak that signature. -$PREFIX ./leak-anchor-sigs A-anchor-scriptsigs.pb > A-leak-anchor-sigs.pb -$PREFIX ./leak-anchor-sigs B-anchor-scriptsigs.pb > B-leak-anchor-sigs.pb - # Now create commit signature -$PREFIX ./open-commit-sig A-open.pb B-open.pb $A_TMPKEY A-leak-anchor-sigs.pb B-leak-anchor-sigs.pb > A-commit-sig.pb +$PREFIX ./open-commit-sig A-open.pb B-open.pb $A_TMPKEY > A-commit-sig.pb -$PREFIX ./open-commit-sig B-open.pb A-open.pb $B_TMPKEY B-leak-anchor-sigs.pb A-leak-anchor-sigs.pb > B-commit-sig.pb +$PREFIX ./open-commit-sig B-open.pb A-open.pb $B_TMPKEY > B-commit-sig.pb # Now check it. -$PREFIX ./check-commit-sig A-open.pb B-open.pb B-commit-sig.pb $A_TMPKEY A-leak-anchor-sigs.pb B-leak-anchor-sigs.pb > A-commit.tx -$PREFIX ./check-commit-sig B-open.pb A-open.pb A-commit-sig.pb $B_TMPKEY B-leak-anchor-sigs.pb A-leak-anchor-sigs.pb > B-commit.tx +$PREFIX ./check-commit-sig A-open.pb B-open.pb B-commit-sig.pb $A_TMPKEY > A-commit.tx +$PREFIX ./check-commit-sig B-open.pb A-open.pb A-commit-sig.pb $B_TMPKEY > B-commit.tx # Now check anchor sigs and make sure they're the same. $PREFIX ./check-anchor-scriptsigs A-open.pb B-open.pb A-anchor-scriptsigs.pb B-anchor-scriptsigs.pb > A-anchor.tx