diff --git a/bitcoin/test/run-bitcoin_block_from_hex.c b/bitcoin/test/run-bitcoin_block_from_hex.c index c1f9aeffd..a53136ae0 100644 --- a/bitcoin/test/run-bitcoin_block_from_hex.c +++ b/bitcoin/test/run-bitcoin_block_from_hex.c @@ -42,6 +42,11 @@ u8 *fromwire_tal_arrn(const tal_t *ctx UNNEEDED, /* Generated stub for fromwire_u16 */ u16 fromwire_u16(const u8 **cursor UNNEEDED, size_t *max UNNEEDED) { fprintf(stderr, "fromwire_u16 called!\n"); abort(); } +/* Generated stub for psbt_add_output */ +struct wally_psbt_output *psbt_add_output(struct wally_psbt *psbt UNNEEDED, + struct wally_tx_output *output UNNEEDED, + size_t insert_at UNNEEDED) +{ fprintf(stderr, "psbt_add_output called!\n"); abort(); } /* Generated stub for towire_amount_sat */ void towire_amount_sat(u8 **pptr UNNEEDED, const struct amount_sat sat UNNEEDED) { fprintf(stderr, "towire_amount_sat called!\n"); abort(); } diff --git a/bitcoin/test/run-tx-encode.c b/bitcoin/test/run-tx-encode.c index 59a4bd1c2..56cdc5b94 100644 --- a/bitcoin/test/run-tx-encode.c +++ b/bitcoin/test/run-tx-encode.c @@ -43,6 +43,11 @@ u8 *fromwire_tal_arrn(const tal_t *ctx UNNEEDED, /* Generated stub for fromwire_u16 */ u16 fromwire_u16(const u8 **cursor UNNEEDED, size_t *max UNNEEDED) { fprintf(stderr, "fromwire_u16 called!\n"); abort(); } +/* Generated stub for psbt_add_output */ +struct wally_psbt_output *psbt_add_output(struct wally_psbt *psbt UNNEEDED, + struct wally_tx_output *output UNNEEDED, + size_t insert_at UNNEEDED) +{ fprintf(stderr, "psbt_add_output called!\n"); abort(); } /* Generated stub for towire_amount_sat */ void towire_amount_sat(u8 **pptr UNNEEDED, const struct amount_sat sat UNNEEDED) { fprintf(stderr, "towire_amount_sat called!\n"); abort(); } diff --git a/bitcoin/tx.c b/bitcoin/tx.c index 60196634d..f15ab4894 100644 --- a/bitcoin/tx.c +++ b/bitcoin/tx.c @@ -1,6 +1,7 @@ #include #include #include +#include #include #include #include @@ -16,10 +17,11 @@ #define SEGREGATED_WITNESS_FLAG 0x1 int bitcoin_tx_add_output(struct bitcoin_tx *tx, const u8 *script, - struct amount_sat amount) + u8 *wscript, struct amount_sat amount) { size_t i = tx->wtx->num_outputs; struct wally_tx_output *output; + struct wally_psbt_output *psbt_out; int ret; u64 satoshis = amount.satoshis; /* Raw: low-level helper */ const struct chainparams *chainparams = tx->chainparams; @@ -48,6 +50,14 @@ int bitcoin_tx_add_output(struct bitcoin_tx *tx, const u8 *script, ret = wally_tx_add_output(tx->wtx, output); assert(ret == WALLY_OK); + psbt_out = psbt_add_output(tx->psbt, output, i); + if (wscript) { + ret = wally_psbt_output_set_witness_script(psbt_out, + wscript, + tal_bytelen(wscript)); + assert(ret == WALLY_OK); + } + wally_tx_output_free(output); bitcoin_tx_output_set_amount(tx, i, amount); @@ -59,7 +69,7 @@ int bitcoin_tx_add_multi_outputs(struct bitcoin_tx *tx, { for (size_t j = 0; j < tal_count(outputs); j++) bitcoin_tx_add_output(tx, outputs[j]->script, - outputs[j]->amount); + NULL, outputs[j]->amount); return tx->wtx->num_outputs; } @@ -124,7 +134,6 @@ static int elements_tx_add_fee_output(struct bitcoin_tx *tx) { struct amount_sat fee = bitcoin_tx_compute_fee(tx); int pos; - struct witscript *w; /* If we aren't using elements, we don't add explicit fee outputs */ if (!chainparams->is_elements || amount_sat_eq(fee, AMOUNT_SAT(0))) @@ -136,18 +145,9 @@ static int elements_tx_add_fee_output(struct bitcoin_tx *tx) break; } - if (pos == tx->wtx->num_outputs) { - w = tal(tx->output_witscripts, struct witscript); - w->ptr = tal_arr(w, u8, 0); - - /* Make sure we have a place to stash the witness script in. */ - if (tal_count(tx->output_witscripts) < pos + 1) { - tal_resize(&tx->output_witscripts, pos + 1); - } - tx->output_witscripts[pos] = w; - - return bitcoin_tx_add_output(tx, NULL, fee); - } else { + if (pos == tx->wtx->num_outputs) + return bitcoin_tx_add_output(tx, NULL, NULL, fee); + else { bitcoin_tx_output_set_amount(tx, pos, fee); return pos; } @@ -177,6 +177,7 @@ int bitcoin_tx_add_input(struct bitcoin_tx *tx, const struct bitcoin_txid *txid, tx->input_amounts[i] = tal_free(tx->input_amounts[i]); tx->input_amounts[i] = tal_dup(tx, struct amount_sat, &amount); + return i; } @@ -189,9 +190,6 @@ bool bitcoin_tx_check(const struct bitcoin_tx *tx) if (tal_count(tx->input_amounts) != tx->wtx->num_inputs) return false; - if (tal_count(tx->output_witscripts) != tx->wtx->num_outputs) - return false; - if (wally_tx_get_length(tx->wtx, flags, &written) != WALLY_OK) return false; @@ -240,6 +238,38 @@ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx, return res; } +struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx, + const struct bitcoin_tx *tx, + int outnum) +{ + struct witscript *wit; + struct wally_psbt_output *out; + assert(outnum < tx->psbt->num_outputs); + out = &tx->psbt->outputs[outnum]; + + if (out->witness_script_len == 0) + return NULL; + + wit = tal(ctx, struct witscript); + wit->ptr = tal_dup_arr(ctx, u8, out->witness_script, out->witness_script_len, 0); + + return wit; +} + +const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx, + const struct bitcoin_tx *tx) +{ + size_t i; + struct witscript **witscripts; + witscripts = tal_arr(ctx, struct witscript *, tx->wtx->num_outputs); + + for (i = 0; i < tx->wtx->num_outputs; i++) + witscripts[i] = bitcoin_tx_output_get_witscript(witscripts, tx, i); + + return cast_const2(const struct witscript **, witscripts); +} + + /* FIXME(cdecker) Make the caller pass in a reference to amount_asset, and * return false if unintelligible/encrypted. (WARN UNUSED). */ struct amount_asset bitcoin_tx_output_get_amount(const struct bitcoin_tx *tx, @@ -446,7 +476,6 @@ struct bitcoin_tx *bitcoin_tx(const tal_t *ctx, tx->input_amounts = tal_arrz(tx, struct amount_sat*, input_count); tx->wtx->locktime = nlocktime; tx->wtx->version = 2; - tx->output_witscripts = tal_arrz(tx, struct witscript*, output_count); tx->chainparams = chainparams; ret = wally_psbt_init_alloc(input_count, output_count, @@ -459,12 +488,9 @@ struct bitcoin_tx *bitcoin_tx(const tal_t *ctx, void bitcoin_tx_finalize(struct bitcoin_tx *tx) { - size_t num_outputs, num_inputs; + size_t num_inputs; elements_tx_add_fee_output(tx); - num_outputs = tx->wtx->num_outputs; - tal_resize(&(tx->output_witscripts), num_outputs); - num_inputs = tx->wtx->num_inputs; tal_resize(&tx->input_amounts, num_inputs); assert(bitcoin_tx_check(tx)); @@ -539,8 +565,6 @@ struct bitcoin_tx *bitcoin_tx_from_hex(const tal_t *ctx, const char *hex, tal_free(linear_tx); - tx->output_witscripts = - tal_arrz(tx, struct witscript *, tx->wtx->num_outputs); tx->input_amounts = tal_arrz(tx, struct amount_sat *, tx->wtx->num_inputs); diff --git a/bitcoin/tx.h b/bitcoin/tx.h index 057d50286..be7d71539 100644 --- a/bitcoin/tx.h +++ b/bitcoin/tx.h @@ -30,9 +30,6 @@ struct bitcoin_tx { struct amount_sat **input_amounts; struct wally_tx *wtx; - /* Need the output wscripts in the HSM to validate transaction */ - struct witscript **output_witscripts; - /* Keep a reference to the ruleset we have to abide by */ const struct chainparams *chainparams; @@ -78,6 +75,7 @@ struct bitcoin_tx *pull_bitcoin_tx(const tal_t *ctx, const u8 **cursor, size_t *max); /* Add one output to tx. */ int bitcoin_tx_add_output(struct bitcoin_tx *tx, const u8 *script, + u8 *wscript, struct amount_sat amount); /* Add mutiple output to tx. */ @@ -109,6 +107,15 @@ void bitcoin_tx_output_set_amount(struct bitcoin_tx *tx, int outnum, */ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum); +/** + * Helper to get a witness script for an output. + */ +struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum); + +/** + * Helper to get all witness scripts for a transaction. + */ +const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx, const struct bitcoin_tx *tx); /** bitcoin_tx_output_get_amount_sat - Helper to get transaction output's amount * * Internally we use a `wally_tx` to represent the transaction. The diff --git a/channeld/channeld.c b/channeld/channeld.c index 10e603d7a..cbc3c9282 100644 --- a/channeld/channeld.c +++ b/channeld/channeld.c @@ -837,13 +837,14 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, size_t i; struct pubkey local_htlckey; const u8 *msg; + const struct witscript **ws; secp256k1_ecdsa_signature *htlc_sigs; + ws = bitcoin_tx_get_witscripts(tmpctx, txs[0]); msg = towire_hsm_sign_remote_commitment_tx(NULL, txs[0], &peer->channel->funding_pubkey[REMOTE], *txs[0]->input_amounts[0], - (const struct witscript **) txs[0]->output_witscripts, - &peer->remote_per_commit, + ws, &peer->remote_per_commit, peer->channel->option_static_remotekey); msg = hsm_req(tmpctx, take(msg)); @@ -879,8 +880,11 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, for (i = 0; i < tal_count(htlc_sigs); i++) { struct bitcoin_signature sig; - msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], - txs[i+1]->output_witscripts[0]->ptr, + struct witscript *w; + + w = bitcoin_tx_output_get_witscript(tmpctx, txs[0], + txs[i+1]->wtx->inputs[0].index); + msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], w->ptr, *txs[i+1]->input_amounts[0], &peer->remote_per_commit); @@ -895,11 +899,10 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, type_to_string(tmpctx, struct bitcoin_signature, &sig), type_to_string(tmpctx, struct bitcoin_tx, txs[1+i]), - tal_hex(tmpctx, txs[i+1]->output_witscripts[0]->ptr), + tal_hex(tmpctx, w->ptr), type_to_string(tmpctx, struct pubkey, &local_htlckey)); - assert(check_tx_sig(txs[1+i], 0, NULL, - txs[i+1]->output_witscripts[0]->ptr, + assert(check_tx_sig(txs[1+i], 0, NULL, w->ptr, &local_htlckey, &sig)); } @@ -1346,19 +1349,23 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg) */ for (i = 0; i < tal_count(htlc_sigs); i++) { struct bitcoin_signature sig; + struct witscript *w; + + w = bitcoin_tx_output_get_witscript(tmpctx, txs[0], + txs[i+1]->wtx->inputs[0].index); /* SIGHASH_ALL is implied. */ sig.s = htlc_sigs[i]; sig.sighash_type = SIGHASH_ALL; - if (!check_tx_sig(txs[1+i], 0, NULL, txs[1+i]->output_witscripts[0]->ptr, + if (!check_tx_sig(txs[1+i], 0, NULL, w->ptr, &remote_htlckey, &sig)) peer_failed(peer->pps, &peer->channel_id, "Bad commit_sig signature %s for htlc %s wscript %s key %s", type_to_string(msg, struct bitcoin_signature, &sig), type_to_string(msg, struct bitcoin_tx, txs[1+i]), - tal_hex(msg, txs[1+i]->output_witscripts[0]->ptr), + tal_hex(msg, w->ptr), type_to_string(msg, struct pubkey, &remote_htlckey)); } diff --git a/channeld/commit_tx.c b/channeld/commit_tx.c index 718500b92..b3cdebf25 100644 --- a/channeld/commit_tx.c +++ b/channeld/commit_tx.c @@ -36,8 +36,7 @@ size_t commit_tx_num_untrimmed(const struct htlc **htlcs, static void add_offered_htlc_out(struct bitcoin_tx *tx, size_t n, const struct htlc *htlc, - const struct keyset *keyset, - struct witscript *o_wscript) + const struct keyset *keyset) { struct ripemd160 ripemd; u8 *wscript, *p2wsh; @@ -46,19 +45,16 @@ static void add_offered_htlc_out(struct bitcoin_tx *tx, size_t n, ripemd160(&ripemd, htlc->rhash.u.u8, sizeof(htlc->rhash.u.u8)); wscript = htlc_offered_wscript(tx, &ripemd, keyset); p2wsh = scriptpubkey_p2wsh(tx, wscript); - bitcoin_tx_add_output(tx, p2wsh, amount); + bitcoin_tx_add_output(tx, p2wsh, wscript, amount); SUPERVERBOSE("# HTLC %" PRIu64 " offered %s wscript %s\n", htlc->id, type_to_string(tmpctx, struct amount_sat, &amount), tal_hex(wscript, wscript)); - o_wscript->ptr = tal_dup_arr(o_wscript, u8, wscript, - tal_count(wscript), 0); tal_free(wscript); } static void add_received_htlc_out(struct bitcoin_tx *tx, size_t n, const struct htlc *htlc, - const struct keyset *keyset, - struct witscript *o_wscript) + const struct keyset *keyset) { struct ripemd160 ripemd; u8 *wscript, *p2wsh; @@ -69,15 +65,13 @@ static void add_received_htlc_out(struct bitcoin_tx *tx, size_t n, p2wsh = scriptpubkey_p2wsh(tx, wscript); amount = amount_msat_to_sat_round_down(htlc->amount); - bitcoin_tx_add_output(tx, p2wsh, amount); + bitcoin_tx_add_output(tx, p2wsh, wscript, amount); SUPERVERBOSE("# HTLC %"PRIu64" received %s wscript %s\n", htlc->id, type_to_string(tmpctx, struct amount_sat, &amount), tal_hex(wscript, wscript)); - o_wscript->ptr = tal_dup_arr(o_wscript, u8, - wscript, tal_count(wscript), 0); tal_free(wscript); } @@ -177,10 +171,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx, continue; if (trim(htlcs[i], feerate_per_kw, dust_limit, side)) continue; - tx->output_witscripts[n] = - tal(tx->output_witscripts, struct witscript); - add_offered_htlc_out(tx, n, htlcs[i], - keyset, tx->output_witscripts[n]); + add_offered_htlc_out(tx, n, htlcs[i], keyset); (*htlcmap)[n] = htlcs[i]; cltvs[n] = abs_locktime_to_blocks(&htlcs[i]->expiry); n++; @@ -196,10 +187,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx, continue; if (trim(htlcs[i], feerate_per_kw, dust_limit, side)) continue; - tx->output_witscripts[n] = - tal(tx->output_witscripts, struct witscript); - add_received_htlc_out(tx, n, htlcs[i], keyset, - tx->output_witscripts[n]); + add_received_htlc_out(tx, n, htlcs[i], keyset); (*htlcmap)[n] = htlcs[i]; cltvs[n] = abs_locktime_to_blocks(&htlcs[i]->expiry); n++; @@ -216,7 +204,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx, u8 *p2wsh = scriptpubkey_p2wsh(tx, wscript); struct amount_sat amount = amount_msat_to_sat_round_down(self_pay); - bitcoin_tx_add_output(tx, p2wsh, amount); + bitcoin_tx_add_output(tx, p2wsh, wscript, amount); /* Add a dummy entry to the htlcmap so we can recognize it later */ (*htlcmap)[n] = direct_outputs ? dummy_to_local : NULL; /* We don't assign cltvs[n]: if we use it, order doesn't matter. @@ -224,11 +212,6 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx, SUPERVERBOSE("# to-local amount %s wscript %s\n", type_to_string(tmpctx, struct amount_sat, &amount), tal_hex(tmpctx, wscript)); - tx->output_witscripts[n] = - tal(tx->output_witscripts, struct witscript); - tx->output_witscripts[n]->ptr = - tal_dup_arr(tx->output_witscripts[n], u8, - wscript, tal_count(wscript), 0); n++; } @@ -249,7 +232,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx, * This output sends funds to the other peer and thus is a simple * P2WPKH to `remotepubkey`. */ - int pos = bitcoin_tx_add_output(tx, p2wpkh, amount); + int pos = bitcoin_tx_add_output(tx, p2wpkh, NULL, amount); assert(pos == n); (*htlcmap)[n] = direct_outputs ? dummy_to_remote : NULL; /* We don't assign cltvs[n]: if we use it, order doesn't matter. diff --git a/channeld/full_channel.c b/channeld/full_channel.c index 7fb55836e..3e8e57109 100644 --- a/channeld/full_channel.c +++ b/channeld/full_channel.c @@ -237,7 +237,6 @@ static void add_htlcs(struct bitcoin_tx ***txs, for (i = 0; i < tal_count(htlcmap); i++) { const struct htlc *htlc = htlcmap[i]; struct bitcoin_tx *tx; - struct witscript *witscript; if (!htlc) continue; @@ -256,13 +255,6 @@ static void add_htlcs(struct bitcoin_tx ***txs, feerate_per_kw, keyset); } - /* Re-use the previously-generated witness script */ - witscript = (*txs)[0]->output_witscripts[i]; - tx->output_witscripts[0] = - tal(tx->output_witscripts, struct witscript); - tx->output_witscripts[0]->ptr = - tal_dup_arr(tx->output_witscripts[0], u8, - witscript->ptr, tal_count(witscript->ptr), 0); /* Append to array. */ tal_arr_expand(txs, tx); diff --git a/channeld/watchtower.c b/channeld/watchtower.c index 7fbc5a9c4..99622781a 100644 --- a/channeld/watchtower.c +++ b/channeld/watchtower.c @@ -71,7 +71,7 @@ penalty_tx_create(const tal_t *ctx, bitcoin_tx_add_input(tx, commitment_txid, to_them_outnum, 0xFFFFFFFF, to_them_sats, NULL); - bitcoin_tx_add_output(tx, final_scriptpubkey, to_them_sats); + bitcoin_tx_add_output(tx, final_scriptpubkey, NULL, to_them_sats); /* Worst-case sig is 73 bytes */ weight = bitcoin_tx_weight(tx) + 1 + 3 + 73 + 0 + tal_count(wscript); diff --git a/common/close_tx.c b/common/close_tx.c index caf42fe7c..0bb31b2de 100644 --- a/common/close_tx.c +++ b/common/close_tx.c @@ -44,14 +44,14 @@ struct bitcoin_tx *create_close_tx(const tal_t *ctx, if (amount_sat_greater_eq(to_us, dust_limit)) { script = tal_dup_talarr(tx, u8, our_script); /* One output is to us. */ - bitcoin_tx_add_output(tx, script, to_us); + bitcoin_tx_add_output(tx, script, NULL, to_us); num_outputs++; } if (amount_sat_greater_eq(to_them, dust_limit)) { script = tal_dup_talarr(tx, u8, their_script); /* Other output is to them. */ - bitcoin_tx_add_output(tx, script, to_them); + bitcoin_tx_add_output(tx, script, NULL, to_them); num_outputs++; } diff --git a/common/funding_tx.c b/common/funding_tx.c index f75cbd9d2..cc6111029 100644 --- a/common/funding_tx.c +++ b/common/funding_tx.c @@ -33,7 +33,7 @@ struct bitcoin_tx *funding_tx(const tal_t *ctx, wscript = bitcoin_redeem_2of2(tx, local_fundingkey, remote_fundingkey); SUPERVERBOSE("# funding witness script = %s\n", tal_hex(wscript, wscript)); - bitcoin_tx_add_output(tx, scriptpubkey_p2wsh(tx, wscript), funding); + bitcoin_tx_add_output(tx, scriptpubkey_p2wsh(tx, wscript), wscript, funding); tal_free(wscript); if (has_change) { @@ -41,7 +41,7 @@ struct bitcoin_tx *funding_tx(const tal_t *ctx, map[0] = int2ptr(0); map[1] = int2ptr(1); bitcoin_tx_add_output(tx, scriptpubkey_p2wpkh(tx, changekey), - change); + NULL, change); permute_outputs(tx, NULL, map); *outnum = (map[0] == int2ptr(0) ? 0 : 1); } else { diff --git a/common/htlc_tx.c b/common/htlc_tx.c index f4844b09e..c59976009 100644 --- a/common/htlc_tx.c +++ b/common/htlc_tx.c @@ -60,17 +60,12 @@ static struct bitcoin_tx *htlc_tx(const tal_t *ctx, wscript = bitcoin_wscript_htlc_tx(tx, to_self_delay, revocation_pubkey, local_delayedkey); - bitcoin_tx_add_output(tx, scriptpubkey_p2wsh(tx, wscript), amount); + bitcoin_tx_add_output(tx, scriptpubkey_p2wsh(tx, wscript), + wscript, amount); bitcoin_tx_finalize(tx); assert(bitcoin_tx_check(tx)); - tx->output_witscripts[0] = - tal(tx->output_witscripts, struct witscript); - tx->output_witscripts[0]->ptr = - tal_dup_arr(tx->output_witscripts[0], u8, - wscript, tal_count(wscript), 0); - tal_free(wscript); return tx; diff --git a/common/initial_commit_tx.c b/common/initial_commit_tx.c index 448621610..4a020f9d1 100644 --- a/common/initial_commit_tx.c +++ b/common/initial_commit_tx.c @@ -176,13 +176,8 @@ struct bitcoin_tx *initial_commit_tx(const tal_t *ctx, u8 *wscript = to_self_wscript(tmpctx, to_self_delay, keyset); amount = amount_msat_to_sat_round_down(self_pay); int pos = bitcoin_tx_add_output( - tx, scriptpubkey_p2wsh(tx, wscript), amount); + tx, scriptpubkey_p2wsh(tx, wscript), wscript, amount); assert(pos == n); - tx->output_witscripts[n] = - tal(tx->output_witscripts, struct witscript); - tx->output_witscripts[n]->ptr = - tal_dup_arr(tx->output_witscripts[n], u8, - wscript, tal_count(wscript), 0); output_order[n] = dummy_local; n++; } @@ -204,7 +199,7 @@ struct bitcoin_tx *initial_commit_tx(const tal_t *ctx, amount = amount_msat_to_sat_round_down(other_pay); int pos = bitcoin_tx_add_output( tx, scriptpubkey_p2wpkh(tx, &keyset->other_payment_key), - amount); + NULL, amount); assert(pos == n); output_order[n] = dummy_remote; n++; diff --git a/common/permute_tx.c b/common/permute_tx.c index 291667394..369b11781 100644 --- a/common/permute_tx.c +++ b/common/permute_tx.c @@ -84,11 +84,13 @@ void permute_inputs(struct bitcoin_tx *tx, const void **map) } static void swap_wally_outputs(struct wally_tx_output *outputs, - const void **map, - u32 *cltvs, - size_t i1, size_t i2) + struct wally_tx_output *psbt_global_outs, + struct wally_psbt_output *psbt_outs, + const void **map, u32 *cltvs, + size_t i1, size_t i2) { struct wally_tx_output tmpoutput; + struct wally_psbt_output tmppsbtout; if (i1 == i2) return; @@ -97,6 +99,16 @@ static void swap_wally_outputs(struct wally_tx_output *outputs, outputs[i1] = outputs[i2]; outputs[i2] = tmpoutput; + /* For the PSBT, we swap the psbt outputs and + * the global tx's outputs */ + tmpoutput = psbt_global_outs[i1]; + psbt_global_outs[i1] = psbt_global_outs[i2]; + psbt_global_outs[i2] = tmpoutput; + + tmppsbtout = psbt_outs[i1]; + psbt_outs[i1] = psbt_outs[i2]; + psbt_outs[i2] = tmppsbtout; + if (map) { const void *tmp = map[i1]; map[i1] = map[i2]; @@ -174,13 +186,9 @@ void permute_outputs(struct bitcoin_tx *tx, u32 *cltvs, const void **map) num_outputs - i); /* Swap best into first place. */ - swap_wally_outputs(tx->wtx->outputs, map, cltvs, i, best_pos); - - /* If output_witscripts are present, swap them to match. */ - if (tx->output_witscripts) { - struct witscript *tmp = tx->output_witscripts[i]; - tx->output_witscripts[i] = tx->output_witscripts[best_pos]; - tx->output_witscripts[best_pos] = tmp; - } + swap_wally_outputs(tx->wtx->outputs, + tx->psbt->tx->outputs, + tx->psbt->outputs, + map, cltvs, i, best_pos); } } diff --git a/common/withdraw_tx.c b/common/withdraw_tx.c index 1aee140bd..46fdddcee 100644 --- a/common/withdraw_tx.c +++ b/common/withdraw_tx.c @@ -38,7 +38,7 @@ struct bitcoin_tx *withdraw_tx(const tal_t *ctx, map[i] = int2ptr(i); bitcoin_tx_add_output(tx, scriptpubkey_p2wpkh(tmpctx, changekey), - change); + NULL, change); assert(tx->wtx->num_outputs == output_count); permute_outputs(tx, NULL, map); diff --git a/devtools/mkclose.c b/devtools/mkclose.c index 56d76cc90..227f980bd 100644 --- a/devtools/mkclose.c +++ b/devtools/mkclose.c @@ -139,7 +139,7 @@ int main(int argc, char *argv[]) u8 *script = scriptpubkey_p2wpkh(NULL, &outkey[LOCAL]); printf("# local witness script: %s\n", tal_hex(NULL, script)); /* One output is to us. */ - bitcoin_tx_add_output(tx, script, + bitcoin_tx_add_output(tx, script, NULL, amount_msat_to_sat_round_down(local_msat)); num_outputs++; } else @@ -149,7 +149,7 @@ int main(int argc, char *argv[]) u8 *script = scriptpubkey_p2wpkh(NULL, &outkey[REMOTE]); printf("# remote witness script: %s\n", tal_hex(NULL, script)); /* Other output is to them. */ - bitcoin_tx_add_output(tx, script, + bitcoin_tx_add_output(tx, script, NULL, amount_msat_to_sat_round_down(remote_msat)); num_outputs++; } else diff --git a/devtools/mkcommit.c b/devtools/mkcommit.c index 0279e225f..b02dd9a1e 100644 --- a/devtools/mkcommit.c +++ b/devtools/mkcommit.c @@ -465,6 +465,7 @@ int main(int argc, char *argv[]) for (size_t i = 0; i < tal_count(htlcmap); i++) { struct bitcoin_signature local_htlc_sig, remote_htlc_sig; struct amount_sat amt; + struct witscript *w; if (!htlcmap[i]) continue; @@ -476,17 +477,15 @@ int main(int argc, char *argv[]) local_txs[1+i]->input_amounts[0] = tal_dup(local_txs[1+i], struct amount_sat, &amt); - printf("# wscript: %s\n", tal_hex(NULL, local_txs[1+i]->output_witscripts[1+i]->ptr)); + w = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i); + printf("# wscript: %s\n", tal_hex(NULL, w->ptr)); - bitcoin_tx_hash_for_sig(local_txs[1+i], 0, - local_txs[1+i]->output_witscripts[1+i]->ptr, + bitcoin_tx_hash_for_sig(local_txs[1+i], 0, w->ptr, SIGHASH_ALL, &hash); - sign_tx_input(local_txs[1+i], 0, NULL, - local_txs[1+i]->output_witscripts[1+i]->ptr, + sign_tx_input(local_txs[1+i], 0, NULL, w->ptr, &local_htlc_privkey, &local_htlc_pubkey, SIGHASH_ALL, &local_htlc_sig); - sign_tx_input(local_txs[1+i], 0, NULL, - local_txs[1+i]->output_witscripts[1+i]->ptr, + sign_tx_input(local_txs[1+i], 0, NULL, w->ptr, &remote_htlc_privkey, &remote_htlc_pubkey, SIGHASH_ALL, &remote_htlc_sig); printf("localsig_on_local output %zu: %s\n", @@ -498,13 +497,13 @@ int main(int argc, char *argv[]) witness = bitcoin_witness_htlc_timeout_tx(NULL, &local_htlc_sig, &remote_htlc_sig, - local_txs[1+i]->output_witscripts[1+i]->ptr); + w->ptr); else witness = bitcoin_witness_htlc_success_tx(NULL, &local_htlc_sig, &remote_htlc_sig, preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)), - local_txs[1+i]->output_witscripts[1+i]->ptr); + w->ptr); bitcoin_tx_input_set_witness(local_txs[1+i], 0, witness); printf("htlc tx for output %zu: %s\n", i, tal_hex(NULL, linearize_tx(NULL, local_txs[1+i]))); @@ -581,6 +580,7 @@ int main(int argc, char *argv[]) for (size_t i = 0; i < tal_count(htlcmap); i++) { struct bitcoin_signature local_htlc_sig, remote_htlc_sig; struct amount_sat amt; + struct witscript *w; if (!htlcmap[i]) continue; @@ -592,16 +592,14 @@ int main(int argc, char *argv[]) remote_txs[1+i]->input_amounts[0] = tal_dup(remote_txs[1+i], struct amount_sat, &amt); - printf("# wscript: %s\n", tal_hex(NULL, remote_txs[1+i]->output_witscripts[1+i]->ptr)); - bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, - remote_txs[1+i]->output_witscripts[1+i]->ptr, + w = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i); + printf("# wscript: %s\n", tal_hex(NULL, w->ptr)); + bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, w->ptr, SIGHASH_ALL, &hash); - sign_tx_input(remote_txs[1+i], 0, NULL, - remote_txs[1+i]->output_witscripts[1+i]->ptr, + sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr, &local_htlc_privkey, &local_htlc_pubkey, SIGHASH_ALL, &local_htlc_sig); - sign_tx_input(remote_txs[1+i], 0, NULL, - remote_txs[1+i]->output_witscripts[1+i]->ptr, + sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr, &remote_htlc_privkey, &remote_htlc_pubkey, SIGHASH_ALL, &remote_htlc_sig); printf("localsig_on_remote output %zu: %s\n", @@ -613,13 +611,13 @@ int main(int argc, char *argv[]) witness = bitcoin_witness_htlc_timeout_tx(NULL, &remote_htlc_sig, &local_htlc_sig, - remote_txs[1+i]->output_witscripts[1+i]->ptr); + w->ptr); else witness = bitcoin_witness_htlc_success_tx(NULL, &remote_htlc_sig, &local_htlc_sig, preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)), - remote_txs[1+i]->output_witscripts[1+i]->ptr); + w->ptr); bitcoin_tx_input_set_witness(remote_txs[1+i], 0, witness); printf("htlc tx for output %zu: %s\n", i, tal_hex(NULL, linearize_tx(NULL, remote_txs[1+i]))); diff --git a/onchaind/onchaind.c b/onchaind/onchaind.c index 04457ca70..af2bfddd2 100644 --- a/onchaind/onchaind.c +++ b/onchaind/onchaind.c @@ -495,7 +495,7 @@ static void set_htlc_success_fee(struct bitcoin_tx *tx, if (!grind_htlc_tx_fee(&fee, tx, remotesig, wscript, weight)) status_failed(STATUS_FAIL_INTERNAL_ERROR, "htlc_success_fee can't be found " - " for tx %s, signature %s, wscript %s", + "for tx %s, signature %s, wscript %s", type_to_string(tmpctx, struct bitcoin_tx, tx), type_to_string(tmpctx, @@ -611,7 +611,7 @@ static struct bitcoin_tx *tx_to_us(const tal_t *ctx, out->sat, NULL); bitcoin_tx_add_output( - tx, scriptpubkey_p2wpkh(tx, &our_wallet_pubkey), out->sat); + tx, scriptpubkey_p2wpkh(tx, &our_wallet_pubkey), NULL, out->sat); /* Worst-case sig is 73 bytes */ weight = bitcoin_tx_weight(tx) + 1 + 3 + 73 + 0 + tal_count(wscript); diff --git a/openingd/openingd.c b/openingd/openingd.c index e89bf7258..9bc335209 100644 --- a/openingd/openingd.c +++ b/openingd/openingd.c @@ -667,6 +667,7 @@ static bool funder_finalize_channel_setup(struct state *state, struct channel_id id_in; const u8 *wscript; char *err_reason; + const struct witscript **ws; struct wally_tx_output *direct_outputs[NUM_SIDES]; /*~ Now we can initialize the `struct channel`. This represents @@ -732,11 +733,12 @@ static bool funder_finalize_channel_setup(struct state *state, * witness script. It also needs the amount of the funding output, * as segwit signatures commit to that as well, even though it doesn't * explicitly appear in the transaction itself. */ + ws = bitcoin_tx_get_witscripts(tmpctx, *tx); msg = towire_hsm_sign_remote_commitment_tx(NULL, *tx, &state->channel->funding_pubkey[REMOTE], state->channel->funding, - (const struct witscript **) (*tx)->output_witscripts, + ws, &state->first_per_commitment_point[REMOTE], state->channel->option_static_remotekey); @@ -911,6 +913,7 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg) struct bitcoin_signature theirsig, sig; struct bitcoin_tx *local_commit, *remote_commit; struct bitcoin_blkid chain_hash; + const struct witscript **ws; u8 *msg; const u8 *wscript; u8 channel_flags; @@ -1267,11 +1270,12 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg) } /* Make HSM sign it */ + ws = bitcoin_tx_get_witscripts(tmpctx, remote_commit); msg = towire_hsm_sign_remote_commitment_tx(NULL, remote_commit, &state->channel->funding_pubkey[REMOTE], state->channel->funding, - (const struct witscript **) remote_commit->output_witscripts, + ws, &state->first_per_commitment_point[REMOTE], state->channel->option_static_remotekey);