From d8d1014ca449a6d0ce6deb06accc8846ef8c1fb0 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Fri, 14 Aug 2020 03:15:02 +0930 Subject: [PATCH] channeld: implement htlc sig checking changes for option_anchor_outputs. This is best done by passing `struct bitcoin_signature` around instead of raw signatures. We still save raw sigs to the db, and of course the wire protocol uses them. Signed-off-by: Rusty Russell --- channeld/channel_wire.csv | 4 +- channeld/channeld.c | 81 ++++++++++++++++++--------- lightningd/channel.c | 2 +- lightningd/channel.h | 4 +- lightningd/peer_htlcs.c | 5 +- onchaind/onchain_wire.csv | 2 +- onchaind/onchaind.c | 17 +++--- onchaind/test/run-grind_feerate-bug.c | 2 +- onchaind/test/run-grind_feerate.c | 2 +- wallet/test/run-wallet.c | 4 +- wallet/wallet.c | 29 +++++++--- wallet/wallet.h | 2 +- 12 files changed, 97 insertions(+), 57 deletions(-) diff --git a/channeld/channel_wire.csv b/channeld/channel_wire.csv index cc055904e..e36dd67b7 100644 --- a/channeld/channel_wire.csv +++ b/channeld/channel_wire.csv @@ -116,7 +116,7 @@ msgdata,channel_sending_commitsig,num_changed,u16, msgdata,channel_sending_commitsig,changed,changed_htlc,num_changed msgdata,channel_sending_commitsig,commit_sig,bitcoin_signature, msgdata,channel_sending_commitsig,num_htlc_sigs,u16, -msgdata,channel_sending_commitsig,htlc_sigs,secp256k1_ecdsa_signature,num_htlc_sigs +msgdata,channel_sending_commitsig,htlc_sigs,bitcoin_signature,num_htlc_sigs # Wait for reply, to make sure it's on disk before we send commit. msgtype,channel_sending_commitsig_reply,1120 @@ -127,7 +127,7 @@ msgdata,channel_got_commitsig,commitnum,u64, msgdata,channel_got_commitsig,fee_states,fee_states, msgdata,channel_got_commitsig,signature,bitcoin_signature, msgdata,channel_got_commitsig,num_htlcs,u16, -msgdata,channel_got_commitsig,htlc_signature,secp256k1_ecdsa_signature,num_htlcs +msgdata,channel_got_commitsig,htlc_signature,bitcoin_signature,num_htlcs # RCVD_ADD_COMMIT: we're now committed to their new offered HTLCs. msgdata,channel_got_commitsig,num_added,u16, msgdata,channel_got_commitsig,added,added_htlc,num_added diff --git a/channeld/channeld.c b/channeld/channeld.c index 1d5189639..4705da04e 100644 --- a/channeld/channeld.c +++ b/channeld/channeld.c @@ -738,7 +738,7 @@ static u8 *sending_commitsig_msg(const tal_t *ctx, const struct fee_states *fee_states, const struct htlc **changed_htlcs, const struct bitcoin_signature *commit_sig, - const secp256k1_ecdsa_signature *htlc_sigs) + const struct bitcoin_signature *htlc_sigs) { struct changed_htlc *changed; u8 *msg; @@ -827,7 +827,7 @@ static u8 *master_wait_sync_reply(const tal_t *ctx, } /* Returns HTLC sigs, sets commit_sig */ -static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, +static struct bitcoin_signature *calc_commitsigs(const tal_t *ctx, const struct peer *peer, struct bitcoin_tx **txs, const u8 *funding_wscript, @@ -838,7 +838,7 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, size_t i; struct pubkey local_htlckey; const u8 *msg; - secp256k1_ecdsa_signature *htlc_sigs; + struct bitcoin_signature *htlc_sigs; msg = towire_hsm_sign_remote_commitment_tx(NULL, txs[0], &peer->channel->funding_pubkey[REMOTE], @@ -874,10 +874,9 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, * - MUST include one `htlc_signature` for every HTLC transaction * corresponding to the ordering of the commitment transaction */ - htlc_sigs = tal_arr(ctx, secp256k1_ecdsa_signature, tal_count(txs) - 1); + htlc_sigs = tal_arr(ctx, struct bitcoin_signature, tal_count(txs) - 1); for (i = 0; i < tal_count(htlc_sigs); i++) { - struct bitcoin_signature sig; u8 *wscript; wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0], @@ -887,22 +886,21 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx, false /* FIXME-anchor */); msg = hsm_req(tmpctx, take(msg)); - if (!fromwire_hsm_sign_tx_reply(msg, &sig)) + if (!fromwire_hsm_sign_tx_reply(msg, &htlc_sigs[i])) status_failed(STATUS_FAIL_HSM_IO, "Bad sign_remote_htlc_tx reply: %s", tal_hex(tmpctx, msg)); - htlc_sigs[i] = sig.s; status_debug("Creating HTLC signature %s for tx %s wscript %s key %s", type_to_string(tmpctx, struct bitcoin_signature, - &sig), + &htlc_sigs[i]), type_to_string(tmpctx, struct bitcoin_tx, txs[1+i]), tal_hex(tmpctx, wscript), type_to_string(tmpctx, struct pubkey, &local_htlckey)); assert(check_tx_sig(txs[1+i], 0, NULL, wscript, &local_htlckey, - &sig)); + &htlc_sigs[i])); } return htlc_sigs; @@ -929,12 +927,48 @@ static void maybe_send_ping(struct peer *peer) peer->expecting_pong = true; } +/* Peer protocol doesn't want sighash flags. */ +static secp256k1_ecdsa_signature *raw_sigs(const tal_t *ctx, + const struct bitcoin_signature *sigs) +{ + secp256k1_ecdsa_signature *raw; + + raw = tal_arr(ctx, secp256k1_ecdsa_signature, tal_count(sigs)); + for (size_t i = 0; i < tal_count(sigs); i++) + raw[i] = sigs[i].s; + return raw; +} + +static struct bitcoin_signature *unraw_sigs(const tal_t *ctx, + const secp256k1_ecdsa_signature *raw, + bool option_anchor_outputs) +{ + struct bitcoin_signature *sigs; + + sigs = tal_arr(ctx, struct bitcoin_signature, tal_count(raw)); + for (size_t i = 0; i < tal_count(raw); i++) { + sigs[i].s = raw[i]; + + /* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #3: + * ## HTLC-Timeout and HTLC-Success Transactions + *... + * * if `option_anchor_outputs` applies to this commitment + * transaction, `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is + * used. + */ + if (option_anchor_outputs) + sigs[i].sighash_type = SIGHASH_SINGLE|SIGHASH_ANYONECANPAY; + else + sigs[i].sighash_type = SIGHASH_ALL; + } + return sigs; +} + static void send_commit(struct peer *peer) { u8 *msg; const struct htlc **changed_htlcs; - struct bitcoin_signature commit_sig; - secp256k1_ecdsa_signature *htlc_sigs; + struct bitcoin_signature commit_sig, *htlc_sigs; struct bitcoin_tx **txs; const u8 *funding_wscript; const struct htlc **htlc_map; @@ -1067,7 +1101,7 @@ static void send_commit(struct peer *peer) msg = towire_commitment_signed(NULL, &peer->channel_id, &commit_sig.s, - htlc_sigs); + raw_sigs(tmpctx, htlc_sigs)); sync_crypto_write_no_delay(peer->pps, take(msg)); maybe_send_shutdown(peer); @@ -1187,7 +1221,7 @@ static void marshall_htlc_info(const tal_t *ctx, static void send_revocation(struct peer *peer, const struct bitcoin_signature *commit_sig, - const secp256k1_ecdsa_signature *htlc_sigs, + const struct bitcoin_signature *htlc_sigs, const struct htlc **changed_htlcs, const struct bitcoin_tx *committx) { @@ -1244,7 +1278,8 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg) { struct channel_id channel_id; struct bitcoin_signature commit_sig; - secp256k1_ecdsa_signature *htlc_sigs; + secp256k1_ecdsa_signature *raw_sigs; + struct bitcoin_signature *htlc_sigs; struct pubkey remote_htlckey; struct bitcoin_tx **txs; const struct htlc **htlc_map, **changed_htlcs; @@ -1279,12 +1314,13 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg) } if (!fromwire_commitment_signed(tmpctx, msg, - &channel_id, &commit_sig.s, &htlc_sigs)) + &channel_id, &commit_sig.s, &raw_sigs)) peer_failed(peer->pps, &peer->channel_id, "Bad commit_sig %s", tal_hex(msg, msg)); /* SIGHASH_ALL is implied. */ commit_sig.sighash_type = SIGHASH_ALL; + htlc_sigs = unraw_sigs(tmpctx, raw_sigs, false /* FIXME-anchor */); txs = channel_txs(tmpctx, &htlc_map, NULL, @@ -1353,22 +1389,17 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg) * - MUST fail the channel. */ for (i = 0; i < tal_count(htlc_sigs); i++) { - struct bitcoin_signature sig; u8 *wscript; wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0], txs[i+1]->wtx->inputs[0].index); - /* SIGHASH_ALL is implied. */ - sig.s = htlc_sigs[i]; - sig.sighash_type = SIGHASH_ALL; - if (!check_tx_sig(txs[1+i], 0, NULL, wscript, - &remote_htlckey, &sig)) + &remote_htlckey, &htlc_sigs[i])) peer_failed(peer->pps, &peer->channel_id, "Bad commit_sig signature %s for htlc %s wscript %s key %s", - type_to_string(msg, struct bitcoin_signature, &sig), + type_to_string(msg, struct bitcoin_signature, &htlc_sigs[i]), type_to_string(msg, struct bitcoin_tx, txs[1+i]), tal_hex(msg, wscript), type_to_string(msg, struct pubkey, @@ -2088,8 +2119,7 @@ static void send_fail_or_fulfill(struct peer *peer, const struct htlc *h) static void resend_commitment(struct peer *peer, const struct changed_htlc *last) { size_t i; - struct bitcoin_signature commit_sig; - secp256k1_ecdsa_signature *htlc_sigs; + struct bitcoin_signature commit_sig, *htlc_sigs; u8 *msg; struct bitcoin_tx **txs; const u8 *funding_wscript; @@ -2185,7 +2215,8 @@ static void resend_commitment(struct peer *peer, const struct changed_htlc *last htlc_sigs = calc_commitsigs(tmpctx, peer, txs, funding_wscript, htlc_map, peer->next_index[REMOTE]-1, &commit_sig); msg = towire_commitment_signed(NULL, &peer->channel_id, - &commit_sig.s, htlc_sigs); + &commit_sig.s, + raw_sigs(tmpctx, htlc_sigs)); sync_crypto_write(peer->pps, take(msg)); /* If we have already received the revocation for the previous, the diff --git a/lightningd/channel.c b/lightningd/channel.c index 0e04efbb6..0f6bd2603 100644 --- a/lightningd/channel.c +++ b/lightningd/channel.c @@ -170,7 +170,7 @@ struct channel *new_channel(struct peer *peer, u64 dbid, struct bitcoin_tx *last_tx, const struct bitcoin_signature *last_sig, /* NULL or stolen */ - secp256k1_ecdsa_signature *last_htlc_sigs, + const struct bitcoin_signature *last_htlc_sigs, const struct channel_info *channel_info, /* NULL or stolen */ u8 *remote_shutdown_scriptpubkey, diff --git a/lightningd/channel.h b/lightningd/channel.h index b605d6b4a..ea9e2f814 100644 --- a/lightningd/channel.h +++ b/lightningd/channel.h @@ -82,7 +82,7 @@ struct channel { struct bitcoin_tx *last_tx; enum wallet_tx_type last_tx_type; struct bitcoin_signature last_sig; - secp256k1_ecdsa_signature *last_htlc_sigs; + const struct bitcoin_signature *last_htlc_sigs; /* Keys for channel */ struct channel_info channel_info; @@ -166,7 +166,7 @@ struct channel *new_channel(struct peer *peer, u64 dbid, struct bitcoin_tx *last_tx STEALS, const struct bitcoin_signature *last_sig, /* NULL or stolen */ - secp256k1_ecdsa_signature *last_htlc_sigs STEALS, + const struct bitcoin_signature *last_htlc_sigs STEALS, const struct channel_info *channel_info, /* NULL or stolen */ u8 *remote_shutdown_scriptpubkey STEALS, diff --git a/lightningd/peer_htlcs.c b/lightningd/peer_htlcs.c index 3d6a0eead..128b19269 100644 --- a/lightningd/peer_htlcs.c +++ b/lightningd/peer_htlcs.c @@ -1700,7 +1700,7 @@ void peer_sending_commitsig(struct channel *channel, const u8 *msg) struct changed_htlc *changed_htlcs; size_t i, maxid = 0, num_local_added = 0; struct bitcoin_signature commit_sig; - secp256k1_ecdsa_signature *htlc_sigs; + struct bitcoin_signature *htlc_sigs; struct lightningd *ld = channel->peer->ld; struct penalty_base *pbase; @@ -1890,8 +1890,7 @@ void peer_got_commitsig(struct channel *channel, const u8 *msg) { u64 commitnum; struct fee_states *fee_states; - struct bitcoin_signature commit_sig; - secp256k1_ecdsa_signature *htlc_sigs; + struct bitcoin_signature commit_sig, *htlc_sigs; struct added_htlc *added; struct fulfilled_htlc *fulfilled; struct failed_htlc **failed; diff --git a/onchaind/onchain_wire.csv b/onchaind/onchain_wire.csv index 1921fb0a1..1e5388d1d 100644 --- a/onchaind/onchain_wire.csv +++ b/onchaind/onchain_wire.csv @@ -39,7 +39,7 @@ msgdata,onchain_init,locktime,u32, msgdata,onchain_init,tx_blockheight,u32, msgdata,onchain_init,reasonable_depth,u32, msgdata,onchain_init,num_htlc_sigs,u16, -msgdata,onchain_init,htlc_signature,secp256k1_ecdsa_signature,num_htlc_sigs +msgdata,onchain_init,htlc_signature,bitcoin_signature,num_htlc_sigs msgdata,onchain_init,num_htlcs,u64, msgdata,onchain_init,min_possible_feerate,u32, msgdata,onchain_init,max_possible_feerate,u32, diff --git a/onchaind/onchaind.c b/onchaind/onchaind.c index ec7cf9a57..4e717b254 100644 --- a/onchaind/onchaind.c +++ b/onchaind/onchaind.c @@ -732,7 +732,7 @@ new_tracked_output(struct tracked_output ***outs, enum output_type output_type, const struct htlc_stub *htlc, const u8 *wscript, - const secp256k1_ecdsa_signature *remote_htlc_sig) + const struct bitcoin_signature *remote_htlc_sig TAKES) { struct tracked_output *out = tal(*outs, struct tracked_output); @@ -754,13 +754,10 @@ new_tracked_output(struct tracked_output ***outs, if (htlc) out->htlc = *htlc; out->wscript = tal_steal(out, wscript); - if (remote_htlc_sig) { - struct bitcoin_signature *sig; - sig = tal(out, struct bitcoin_signature); - sig->s = *remote_htlc_sig; - sig->sighash_type = SIGHASH_ALL; - out->remote_htlc_sig = sig; - } else + if (remote_htlc_sig) + out->remote_htlc_sig = tal_dup(out, struct bitcoin_signature, + remote_htlc_sig); + else out->remote_htlc_sig = NULL; tal_arr_expand(outs, out); @@ -2153,7 +2150,7 @@ static void handle_our_unilateral(const struct tx_parts *tx, const struct htlc_stub *htlcs, const bool *tell_if_missing, const bool *tell_immediately, - const secp256k1_ecdsa_signature *remote_htlc_sigs, + const struct bitcoin_signature *remote_htlc_sigs, struct tracked_output **outs, bool is_replay) { @@ -3195,7 +3192,7 @@ int main(int argc, char *argv[]) struct tx_parts *tx; struct tracked_output **outs; struct bitcoin_txid our_broadcast_txid, tmptxid; - secp256k1_ecdsa_signature *remote_htlc_sigs; + struct bitcoin_signature *remote_htlc_sigs; struct amount_sat funding; u64 num_htlcs; u8 *scriptpubkey[NUM_SIDES]; diff --git a/onchaind/test/run-grind_feerate-bug.c b/onchaind/test/run-grind_feerate-bug.c index 0620631a7..4b21ade63 100644 --- a/onchaind/test/run-grind_feerate-bug.c +++ b/onchaind/test/run-grind_feerate-bug.c @@ -50,7 +50,7 @@ bool fromwire_onchain_dev_memleak(const void *p UNNEEDED) bool fromwire_onchain_htlc(const void *p UNNEEDED, struct htlc_stub *htlc UNNEEDED, bool *tell_if_missing UNNEEDED, bool *tell_immediately UNNEEDED) { fprintf(stderr, "fromwire_onchain_htlc called!\n"); abort(); } /* Generated stub for fromwire_onchain_init */ -bool fromwire_onchain_init(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, struct shachain *shachain UNNEEDED, const struct chainparams **chainparams UNNEEDED, struct amount_sat *funding_amount_satoshi UNNEEDED, struct amount_msat *our_msat UNNEEDED, struct pubkey *old_remote_per_commitment_point UNNEEDED, struct pubkey *remote_per_commitment_point UNNEEDED, u32 *local_to_self_delay UNNEEDED, u32 *remote_to_self_delay UNNEEDED, u32 *delayed_to_us_feerate UNNEEDED, u32 *htlc_feerate UNNEEDED, u32 *penalty_feerate UNNEEDED, struct amount_sat *local_dust_limit_satoshi UNNEEDED, struct bitcoin_txid *our_broadcast_txid UNNEEDED, u8 **local_scriptpubkey UNNEEDED, u8 **remote_scriptpubkey UNNEEDED, struct pubkey *ourwallet_pubkey UNNEEDED, enum side *opener UNNEEDED, struct basepoints *local_basepoints UNNEEDED, struct basepoints *remote_basepoints UNNEEDED, struct tx_parts **tx_parts UNNEEDED, u32 *locktime UNNEEDED, u32 *tx_blockheight UNNEEDED, u32 *reasonable_depth UNNEEDED, secp256k1_ecdsa_signature **htlc_signature UNNEEDED, u64 *num_htlcs UNNEEDED, u32 *min_possible_feerate UNNEEDED, u32 *max_possible_feerate UNNEEDED, struct pubkey **possible_remote_per_commit_point UNNEEDED, bool *option_static_remotekey UNNEEDED, bool *option_anchor_outputs UNNEEDED, bool *is_replay UNNEEDED) +bool fromwire_onchain_init(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, struct shachain *shachain UNNEEDED, const struct chainparams **chainparams UNNEEDED, struct amount_sat *funding_amount_satoshi UNNEEDED, struct amount_msat *our_msat UNNEEDED, struct pubkey *old_remote_per_commitment_point UNNEEDED, struct pubkey *remote_per_commitment_point UNNEEDED, u32 *local_to_self_delay UNNEEDED, u32 *remote_to_self_delay UNNEEDED, u32 *delayed_to_us_feerate UNNEEDED, u32 *htlc_feerate UNNEEDED, u32 *penalty_feerate UNNEEDED, struct amount_sat *local_dust_limit_satoshi UNNEEDED, struct bitcoin_txid *our_broadcast_txid UNNEEDED, u8 **local_scriptpubkey UNNEEDED, u8 **remote_scriptpubkey UNNEEDED, struct pubkey *ourwallet_pubkey UNNEEDED, enum side *opener UNNEEDED, struct basepoints *local_basepoints UNNEEDED, struct basepoints *remote_basepoints UNNEEDED, struct tx_parts **tx_parts UNNEEDED, u32 *locktime UNNEEDED, u32 *tx_blockheight UNNEEDED, u32 *reasonable_depth UNNEEDED, struct bitcoin_signature **htlc_signature UNNEEDED, u64 *num_htlcs UNNEEDED, u32 *min_possible_feerate UNNEEDED, u32 *max_possible_feerate UNNEEDED, struct pubkey **possible_remote_per_commit_point UNNEEDED, bool *option_static_remotekey UNNEEDED, bool *option_anchor_outputs UNNEEDED, bool *is_replay UNNEEDED) { fprintf(stderr, "fromwire_onchain_init called!\n"); abort(); } /* Generated stub for fromwire_onchain_known_preimage */ bool fromwire_onchain_known_preimage(const void *p UNNEEDED, struct preimage *preimage UNNEEDED, bool *is_replay UNNEEDED) diff --git a/onchaind/test/run-grind_feerate.c b/onchaind/test/run-grind_feerate.c index 552967b24..f46bc5a82 100644 --- a/onchaind/test/run-grind_feerate.c +++ b/onchaind/test/run-grind_feerate.c @@ -54,7 +54,7 @@ bool fromwire_onchain_dev_memleak(const void *p UNNEEDED) bool fromwire_onchain_htlc(const void *p UNNEEDED, struct htlc_stub *htlc UNNEEDED, bool *tell_if_missing UNNEEDED, bool *tell_immediately UNNEEDED) { fprintf(stderr, "fromwire_onchain_htlc called!\n"); abort(); } /* Generated stub for fromwire_onchain_init */ -bool fromwire_onchain_init(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, struct shachain *shachain UNNEEDED, const struct chainparams **chainparams UNNEEDED, struct amount_sat *funding_amount_satoshi UNNEEDED, struct amount_msat *our_msat UNNEEDED, struct pubkey *old_remote_per_commitment_point UNNEEDED, struct pubkey *remote_per_commitment_point UNNEEDED, u32 *local_to_self_delay UNNEEDED, u32 *remote_to_self_delay UNNEEDED, u32 *delayed_to_us_feerate UNNEEDED, u32 *htlc_feerate UNNEEDED, u32 *penalty_feerate UNNEEDED, struct amount_sat *local_dust_limit_satoshi UNNEEDED, struct bitcoin_txid *our_broadcast_txid UNNEEDED, u8 **local_scriptpubkey UNNEEDED, u8 **remote_scriptpubkey UNNEEDED, struct pubkey *ourwallet_pubkey UNNEEDED, enum side *opener UNNEEDED, struct basepoints *local_basepoints UNNEEDED, struct basepoints *remote_basepoints UNNEEDED, struct tx_parts **tx_parts UNNEEDED, u32 *locktime UNNEEDED, u32 *tx_blockheight UNNEEDED, u32 *reasonable_depth UNNEEDED, secp256k1_ecdsa_signature **htlc_signature UNNEEDED, u64 *num_htlcs UNNEEDED, u32 *min_possible_feerate UNNEEDED, u32 *max_possible_feerate UNNEEDED, struct pubkey **possible_remote_per_commit_point UNNEEDED, bool *option_static_remotekey UNNEEDED, bool *option_anchor_outputs UNNEEDED, bool *is_replay UNNEEDED) +bool fromwire_onchain_init(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, struct shachain *shachain UNNEEDED, const struct chainparams **chainparams UNNEEDED, struct amount_sat *funding_amount_satoshi UNNEEDED, struct amount_msat *our_msat UNNEEDED, struct pubkey *old_remote_per_commitment_point UNNEEDED, struct pubkey *remote_per_commitment_point UNNEEDED, u32 *local_to_self_delay UNNEEDED, u32 *remote_to_self_delay UNNEEDED, u32 *delayed_to_us_feerate UNNEEDED, u32 *htlc_feerate UNNEEDED, u32 *penalty_feerate UNNEEDED, struct amount_sat *local_dust_limit_satoshi UNNEEDED, struct bitcoin_txid *our_broadcast_txid UNNEEDED, u8 **local_scriptpubkey UNNEEDED, u8 **remote_scriptpubkey UNNEEDED, struct pubkey *ourwallet_pubkey UNNEEDED, enum side *opener UNNEEDED, struct basepoints *local_basepoints UNNEEDED, struct basepoints *remote_basepoints UNNEEDED, struct tx_parts **tx_parts UNNEEDED, u32 *locktime UNNEEDED, u32 *tx_blockheight UNNEEDED, u32 *reasonable_depth UNNEEDED, struct bitcoin_signature **htlc_signature UNNEEDED, u64 *num_htlcs UNNEEDED, u32 *min_possible_feerate UNNEEDED, u32 *max_possible_feerate UNNEEDED, struct pubkey **possible_remote_per_commit_point UNNEEDED, bool *option_static_remotekey UNNEEDED, bool *option_anchor_outputs UNNEEDED, bool *is_replay UNNEEDED) { fprintf(stderr, "fromwire_onchain_init called!\n"); abort(); } /* Generated stub for fromwire_onchain_known_preimage */ bool fromwire_onchain_known_preimage(const void *p UNNEEDED, struct preimage *preimage UNNEEDED, bool *is_replay UNNEEDED) diff --git a/wallet/test/run-wallet.c b/wallet/test/run-wallet.c index 6fadfe9dd..0c544a654 100644 --- a/wallet/test/run-wallet.c +++ b/wallet/test/run-wallet.c @@ -115,7 +115,7 @@ void fatal(const char *fmt UNNEEDED, ...) bool fromwire_channel_dev_memleak_reply(const void *p UNNEEDED, bool *leak UNNEEDED) { fprintf(stderr, "fromwire_channel_dev_memleak_reply called!\n"); abort(); } /* Generated stub for fromwire_channel_got_commitsig */ -bool fromwire_channel_got_commitsig(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *commitnum UNNEEDED, struct fee_states **fee_states UNNEEDED, struct bitcoin_signature *signature UNNEEDED, secp256k1_ecdsa_signature **htlc_signature UNNEEDED, struct added_htlc **added UNNEEDED, struct fulfilled_htlc **fulfilled UNNEEDED, struct failed_htlc ***failed UNNEEDED, struct changed_htlc **changed UNNEEDED, struct bitcoin_tx **tx UNNEEDED) +bool fromwire_channel_got_commitsig(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *commitnum UNNEEDED, struct fee_states **fee_states UNNEEDED, struct bitcoin_signature *signature UNNEEDED, struct bitcoin_signature **htlc_signature UNNEEDED, struct added_htlc **added UNNEEDED, struct fulfilled_htlc **fulfilled UNNEEDED, struct failed_htlc ***failed UNNEEDED, struct changed_htlc **changed UNNEEDED, struct bitcoin_tx **tx UNNEEDED) { fprintf(stderr, "fromwire_channel_got_commitsig called!\n"); abort(); } /* Generated stub for fromwire_channel_got_revoke */ bool fromwire_channel_got_revoke(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *revokenum UNNEEDED, struct secret *per_commitment_secret UNNEEDED, struct pubkey *next_per_commit_point UNNEEDED, struct fee_states **fee_states UNNEEDED, struct changed_htlc **changed UNNEEDED, struct penalty_base **pbase UNNEEDED, struct bitcoin_tx **penalty_tx UNNEEDED) @@ -124,7 +124,7 @@ bool fromwire_channel_got_revoke(const tal_t *ctx UNNEEDED, const void *p UNNEED bool fromwire_channel_offer_htlc_reply(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *id UNNEEDED, u8 **failuremsg UNNEEDED, wirestring **failurestr UNNEEDED) { fprintf(stderr, "fromwire_channel_offer_htlc_reply called!\n"); abort(); } /* Generated stub for fromwire_channel_sending_commitsig */ -bool fromwire_channel_sending_commitsig(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *commitnum UNNEEDED, struct penalty_base **pbase UNNEEDED, struct fee_states **fee_states UNNEEDED, struct changed_htlc **changed UNNEEDED, struct bitcoin_signature *commit_sig UNNEEDED, secp256k1_ecdsa_signature **htlc_sigs UNNEEDED) +bool fromwire_channel_sending_commitsig(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, u64 *commitnum UNNEEDED, struct penalty_base **pbase UNNEEDED, struct fee_states **fee_states UNNEEDED, struct changed_htlc **changed UNNEEDED, struct bitcoin_signature *commit_sig UNNEEDED, struct bitcoin_signature **htlc_sigs UNNEEDED) { fprintf(stderr, "fromwire_channel_sending_commitsig called!\n"); abort(); } /* Generated stub for fromwire_connect_peer_connected */ bool fromwire_connect_peer_connected(const tal_t *ctx UNNEEDED, const void *p UNNEEDED, struct node_id *id UNNEEDED, struct wireaddr_internal *addr UNNEEDED, struct per_peer_state **pps UNNEEDED, u8 **features UNNEEDED) diff --git a/wallet/wallet.c b/wallet/wallet.c index 7f9d7d909..950818914 100644 --- a/wallet/wallet.c +++ b/wallet/wallet.c @@ -1013,20 +1013,32 @@ done: return peer; } -static secp256k1_ecdsa_signature * -wallet_htlc_sigs_load(const tal_t *ctx, struct wallet *w, u64 channelid) +static struct bitcoin_signature * +wallet_htlc_sigs_load(const tal_t *ctx, struct wallet *w, u64 channelid, + bool option_anchor_outputs) { struct db_stmt *stmt; + struct bitcoin_signature *htlc_sigs = tal_arr(ctx, struct bitcoin_signature, 0); stmt = db_prepare_v2( w->db, SQL("SELECT signature FROM htlc_sigs WHERE channelid = ?")); - secp256k1_ecdsa_signature *htlc_sigs = tal_arr(ctx, secp256k1_ecdsa_signature, 0); db_bind_u64(stmt, 0, channelid); db_query_prepared(stmt); while (db_step(stmt)) { - secp256k1_ecdsa_signature sig; - db_column_signature(stmt, 0, &sig); + struct bitcoin_signature sig; + db_column_signature(stmt, 0, &sig.s); + /* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #3: + * ## HTLC-Timeout and HTLC-Success Transactions + *... + * * if `option_anchor_outputs` applies to this commitment + * transaction, `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` is + * used. + */ + if (option_anchor_outputs) + sig.sighash_type = SIGHASH_SINGLE|SIGHASH_ANYONECANPAY; + else + sig.sighash_type = SIGHASH_ALL; tal_arr_expand(&htlc_sigs, sig); } tal_free(stmt); @@ -1264,7 +1276,8 @@ static struct channel *wallet_stmt2channel(struct wallet *w, struct db_stmt *stm db_column_psbt_to_tx(tmpctx, stmt, 33), &last_sig, wallet_htlc_sigs_load(tmpctx, w, - db_column_u64(stmt, 0)), + db_column_u64(stmt, 0), + db_column_int(stmt, 47)), &channel_info, remote_shutdown_scriptpubkey, local_shutdown_scriptpubkey, @@ -3067,7 +3080,7 @@ wallet_payment_list(const tal_t *ctx, } void wallet_htlc_sigs_save(struct wallet *w, u64 channel_id, - secp256k1_ecdsa_signature *htlc_sigs) + const struct bitcoin_signature *htlc_sigs) { /* Clear any existing HTLC sigs for this channel */ struct db_stmt *stmt = db_prepare_v2( @@ -3081,7 +3094,7 @@ void wallet_htlc_sigs_save(struct wallet *w, u64 channel_id, SQL("INSERT INTO htlc_sigs (channelid, " "signature) VALUES (?, ?)")); db_bind_u64(stmt, 0, channel_id); - db_bind_signature(stmt, 1, &htlc_sigs[i]); + db_bind_signature(stmt, 1, &htlc_sigs[i].s); db_exec_prepared_v2(take(stmt)); } } diff --git a/wallet/wallet.h b/wallet/wallet.h index a68432fea..333d8ec6c 100644 --- a/wallet/wallet.h +++ b/wallet/wallet.h @@ -1111,7 +1111,7 @@ const struct wallet_payment **wallet_payment_list(const tal_t *ctx, * wallet_htlc_sigs_save - Store the latest HTLC sigs for the channel */ void wallet_htlc_sigs_save(struct wallet *w, u64 channel_id, - secp256k1_ecdsa_signature *htlc_sigs); + const struct bitcoin_signature *htlc_sigs); /** * wallet_network_check - Check that the wallet is setup for this chain