diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index 6c1d4348dc1..37c0e8ee840 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -193,9 +193,14 @@ impl KeysInterface for KeyProvider { ShutdownScript::new_p2wpkh(&pubkey_hash) } - fn get_channel_signer(&self, _inbound: bool, channel_value_satoshis: u64) -> EnforcingSigner { + fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] { + let id = self.rand_bytes_id.fetch_add(1, atomic::Ordering::Relaxed) as u8; + [id; 32] + } + + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer { let secp_ctx = Secp256k1::signing_only(); - let id = self.rand_bytes_id.fetch_add(1, atomic::Ordering::Relaxed); + let id = channel_keys_id[0]; let keys = InMemorySigner::new( &secp_ctx, self.get_node_secret(Recipient::Node).unwrap(), @@ -204,9 +209,9 @@ impl KeysInterface for KeyProvider { SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, self.node_id]).unwrap(), SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, self.node_id]).unwrap(), SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, self.node_id]).unwrap(), - [id as u8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, self.node_id], + [id, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, self.node_id], channel_value_satoshis, - [0; 32], + channel_keys_id, ); let revoked_commitment = self.make_enforcement_state_cell(keys.commitment_seed); EnforcingSigner::new_with_revoked(keys, revoked_commitment, false) diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs index b6292c608b5..fbe854e01c0 100644 --- a/fuzz/src/full_stack.rs +++ b/fuzz/src/full_stack.rs @@ -263,6 +263,7 @@ struct KeyProvider { node_secret: SecretKey, inbound_payment_key: KeyMaterial, counter: AtomicU64, + signer_state: RefCell>)>> } impl KeysInterface for KeyProvider { type Signer = EnforcingSigner; @@ -297,10 +298,17 @@ impl KeysInterface for KeyProvider { ShutdownScript::new_p2wpkh(&pubkey_hash) } - fn get_channel_signer(&self, inbound: bool, channel_value_satoshis: u64) -> EnforcingSigner { + fn generate_channel_keys_id(&self, inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] { let ctr = self.counter.fetch_add(1, Ordering::Relaxed) as u8; + self.signer_state.borrow_mut().insert(ctr, (inbound, Arc::new(Mutex::new(EnforcementState::new())))); + [ctr; 32] + } + + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer { let secp_ctx = Secp256k1::signing_only(); - EnforcingSigner::new(if inbound { + let ctr = channel_keys_id[0]; + let (inbound, state) = self.signer_state.borrow().get(&ctr).unwrap().clone(); + EnforcingSigner::new_with_revoked(if inbound { InMemorySigner::new( &secp_ctx, self.node_secret.clone(), @@ -311,7 +319,7 @@ impl KeysInterface for KeyProvider { SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, ctr]).unwrap(), [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, ctr], channel_value_satoshis, - [0; 32], + channel_keys_id, ) } else { InMemorySigner::new( @@ -324,9 +332,9 @@ impl KeysInterface for KeyProvider { SecretKey::from_slice(&[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 11, ctr]).unwrap(), [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 12, ctr], channel_value_satoshis, - [0; 32], + channel_keys_id, ) - }) + }, state, false) } fn get_secure_random_bytes(&self) -> [u8; 32] { @@ -390,7 +398,12 @@ pub fn do_test(data: &[u8], logger: &Arc) { let monitor = Arc::new(chainmonitor::ChainMonitor::new(None, broadcast.clone(), Arc::clone(&logger), fee_est.clone(), Arc::new(TestPersister { update_ret: Mutex::new(ChannelMonitorUpdateStatus::Completed) }))); - let keys_manager = Arc::new(KeyProvider { node_secret: our_network_key.clone(), inbound_payment_key: KeyMaterial(inbound_payment_key.try_into().unwrap()), counter: AtomicU64::new(0) }); + let keys_manager = Arc::new(KeyProvider { + node_secret: our_network_key.clone(), + inbound_payment_key: KeyMaterial(inbound_payment_key.try_into().unwrap()), + counter: AtomicU64::new(0), + signer_state: RefCell::new(HashMap::new()) + }); let mut config = UserConfig::default(); config.channel_config.forwarding_fee_proportional_millionths = slice_to_be32(get_slice!(4)); config.channel_handshake_config.announced_channel = get_slice!(1)[0] != 0; diff --git a/fuzz/src/onion_message.rs b/fuzz/src/onion_message.rs index 8fa6e4231be..b1f8fc33637 100644 --- a/fuzz/src/onion_message.rs +++ b/fuzz/src/onion_message.rs @@ -111,7 +111,9 @@ impl KeysInterface for KeyProvider { fn get_shutdown_scriptpubkey(&self) -> ShutdownScript { unreachable!() } - fn get_channel_signer(&self, _inbound: bool, _channel_value_satoshis: u64) -> EnforcingSigner { + fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] { unreachable!() } + + fn derive_channel_signer(&self, _channel_value_satoshis: u64, _channel_keys_id: [u8; 32]) -> Self::Signer { unreachable!() } diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs index 92f1a8df45d..585b64646d9 100644 --- a/lightning/src/chain/channelmonitor.rs +++ b/lightning/src/chain/channelmonitor.rs @@ -291,7 +291,7 @@ struct CounterpartyCommitmentParameters { impl Writeable for CounterpartyCommitmentParameters { fn write(&self, w: &mut W) -> Result<(), io::Error> { - w.write_all(&byte_utils::be64_to_array(0))?; + w.write_all(&(0 as u64).to_be_bytes())?; write_tlv_fields!(w, { (0, self.counterparty_delayed_payment_base_key, required), (2, self.counterparty_htlc_base_key, required), @@ -945,7 +945,7 @@ impl Writeable for ChannelMonitorImpl { self.channel_keys_id.write(writer)?; self.holder_revocation_basepoint.write(writer)?; writer.write_all(&self.funding_info.0.txid[..])?; - writer.write_all(&byte_utils::be16_to_array(self.funding_info.0.index))?; + writer.write_all(&self.funding_info.0.index.to_be_bytes())?; self.funding_info.1.write(writer)?; self.current_counterparty_commitment_txid.write(writer)?; self.prev_counterparty_commitment_txid.write(writer)?; @@ -972,24 +972,24 @@ impl Writeable for ChannelMonitorImpl { }, } - writer.write_all(&byte_utils::be16_to_array(self.on_holder_tx_csv))?; + writer.write_all(&self.on_holder_tx_csv.to_be_bytes())?; self.commitment_secrets.write(writer)?; macro_rules! serialize_htlc_in_commitment { ($htlc_output: expr) => { writer.write_all(&[$htlc_output.offered as u8; 1])?; - writer.write_all(&byte_utils::be64_to_array($htlc_output.amount_msat))?; - writer.write_all(&byte_utils::be32_to_array($htlc_output.cltv_expiry))?; + writer.write_all(&$htlc_output.amount_msat.to_be_bytes())?; + writer.write_all(&$htlc_output.cltv_expiry.to_be_bytes())?; writer.write_all(&$htlc_output.payment_hash.0[..])?; $htlc_output.transaction_output_index.write(writer)?; } } - writer.write_all(&byte_utils::be64_to_array(self.counterparty_claimable_outpoints.len() as u64))?; + writer.write_all(&(self.counterparty_claimable_outpoints.len() as u64).to_be_bytes())?; for (ref txid, ref htlc_infos) in self.counterparty_claimable_outpoints.iter() { writer.write_all(&txid[..])?; - writer.write_all(&byte_utils::be64_to_array(htlc_infos.len() as u64))?; + writer.write_all(&(htlc_infos.len() as u64).to_be_bytes())?; for &(ref htlc_output, ref htlc_source) in htlc_infos.iter() { debug_assert!(htlc_source.is_none() || Some(**txid) == self.current_counterparty_commitment_txid || Some(**txid) == self.prev_counterparty_commitment_txid, @@ -999,13 +999,13 @@ impl Writeable for ChannelMonitorImpl { } } - writer.write_all(&byte_utils::be64_to_array(self.counterparty_commitment_txn_on_chain.len() as u64))?; + writer.write_all(&(self.counterparty_commitment_txn_on_chain.len() as u64).to_be_bytes())?; for (ref txid, commitment_number) in self.counterparty_commitment_txn_on_chain.iter() { writer.write_all(&txid[..])?; writer.write_all(&byte_utils::be48_to_array(*commitment_number))?; } - writer.write_all(&byte_utils::be64_to_array(self.counterparty_hash_commitment_number.len() as u64))?; + writer.write_all(&(self.counterparty_hash_commitment_number.len() as u64).to_be_bytes())?; for (ref payment_hash, commitment_number) in self.counterparty_hash_commitment_number.iter() { writer.write_all(&payment_hash.0[..])?; writer.write_all(&byte_utils::be48_to_array(*commitment_number))?; @@ -1023,7 +1023,7 @@ impl Writeable for ChannelMonitorImpl { writer.write_all(&byte_utils::be48_to_array(self.current_counterparty_commitment_number))?; writer.write_all(&byte_utils::be48_to_array(self.current_holder_commitment_number))?; - writer.write_all(&byte_utils::be64_to_array(self.payment_preimages.len() as u64))?; + writer.write_all(&(self.payment_preimages.len() as u64).to_be_bytes())?; for payment_preimage in self.payment_preimages.values() { writer.write_all(&payment_preimage.0[..])?; } @@ -1044,15 +1044,15 @@ impl Writeable for ChannelMonitorImpl { } } - writer.write_all(&byte_utils::be64_to_array(self.pending_events.len() as u64))?; + writer.write_all(&(self.pending_events.len() as u64).to_be_bytes())?; for event in self.pending_events.iter() { event.write(writer)?; } self.best_block.block_hash().write(writer)?; - writer.write_all(&byte_utils::be32_to_array(self.best_block.height()))?; + writer.write_all(&self.best_block.height().to_be_bytes())?; - writer.write_all(&byte_utils::be64_to_array(self.onchain_events_awaiting_threshold_conf.len() as u64))?; + writer.write_all(&(self.onchain_events_awaiting_threshold_conf.len() as u64).to_be_bytes())?; for ref entry in self.onchain_events_awaiting_threshold_conf.iter() { entry.write(writer)?; } @@ -3789,7 +3789,9 @@ impl<'a, K: KeysInterface> ReadableArgs<&'a K> return Err(DecodeError::InvalidValue); } } - let onchain_tx_handler: OnchainTxHandler = ReadableArgs::read(reader, keys_manager)?; + let onchain_tx_handler: OnchainTxHandler = ReadableArgs::read( + reader, (keys_manager, channel_value_satoshis, channel_keys_id) + )?; let lockdown_from_offchain = Readable::read(reader)?; let holder_tx_signed = Readable::read(reader)?; diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs index 9f81976906c..677b36ad682 100644 --- a/lightning/src/chain/keysinterface.rs +++ b/lightning/src/chain/keysinterface.rs @@ -31,7 +31,7 @@ use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1::ecdsa::RecoverableSignature; use bitcoin::{PackedLockTime, secp256k1, Sequence, Witness}; -use crate::util::{byte_utils, transaction_utils}; +use crate::util::transaction_utils; use crate::util::crypto::{hkdf_extract_expand_twice, sign}; use crate::util::ser::{Writeable, Writer, Readable, ReadableArgs}; @@ -43,6 +43,7 @@ use crate::ln::msgs::UnsignedChannelAnnouncement; use crate::ln::script::ShutdownScript; use crate::prelude::*; +use core::convert::TryInto; use core::sync::atomic::{AtomicUsize, Ordering}; use crate::io::{self, Error}; use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT}; @@ -161,7 +162,7 @@ pub enum SpendableOutputDescriptor { /// /// To derive the revocation_pubkey provided here (which is used in the witness /// script generation), you must pass the counterparty revocation_basepoint (which appears in the - /// call to Sign::ready_channel) and the provided per_commitment point + /// call to Sign::provide_channel_parameters) and the provided per_commitment point /// to chan_utils::derive_public_revocation_key. /// /// The witness script which is hashed and included in the output script_pubkey may be @@ -368,24 +369,22 @@ pub trait BaseSign { -> Result<(Signature, Signature), ()>; /// Set the counterparty static channel data, including basepoints, - /// counterparty_selected/holder_selected_contest_delay and funding outpoint. - /// This is done as soon as the funding outpoint is known. Since these are static channel data, - /// they MUST NOT be allowed to change to different values once set. + /// counterparty_selected/holder_selected_contest_delay and funding outpoint. Since these are + /// static channel data, they MUST NOT be allowed to change to different values once set, as LDK + /// may call this method more than once. /// /// channel_parameters.is_populated() MUST be true. - /// - /// We bind holder_selected_contest_delay late here for API convenience. - /// - /// Will be called before any signatures are applied. - fn ready_channel(&mut self, channel_parameters: &ChannelTransactionParameters); + fn provide_channel_parameters(&mut self, channel_parameters: &ChannelTransactionParameters); } -/// A cloneable signer. +/// A writeable signer. +/// +/// There will always be two instances of a signer per channel, one occupied by the +/// [`ChannelManager`] and another by the channel's [`ChannelMonitor`]. /// -/// Although we require signers to be cloneable, it may be useful for developers to be able to use -/// signers in an un-sized way, for example as `dyn BaseSign`. Therefore we separate the Clone trait, -/// which implies Sized, into this derived trait. -pub trait Sign: BaseSign + Writeable + Clone { +/// [`ChannelManager`]: crate::ln::channelmanager::ChannelManager +/// [`ChannelMonitor`]: crate::chain::channelmonitor::ChannelMonitor +pub trait Sign: BaseSign + Writeable { } /// Specifies the recipient of an invoice, to indicate to [`KeysInterface::sign_invoice`] what node @@ -402,7 +401,7 @@ pub enum Recipient { /// A trait to describe an object which can get user secrets and key material. pub trait KeysInterface { - /// A type which implements Sign which will be returned by get_channel_signer. + /// A type which implements Sign which will be returned by derive_channel_signer. type Signer : Sign; /// Get node secret key based on the provided [`Recipient`]. @@ -445,11 +444,20 @@ pub trait KeysInterface { /// This method should return a different value each time it is called, to avoid linking /// on-chain funds across channels as controlled to the same user. fn get_shutdown_scriptpubkey(&self) -> ShutdownScript; - /// Get a new set of Sign for per-channel secrets. These MUST be unique even if you - /// restarted with some stale data! + /// Generates a unique `channel_keys_id` that can be used to obtain a `Signer` through + /// [`KeysInterface::derive_channel_signer`]. The `user_channel_id` is provided to allow + /// implementations of `KeysInterface` to maintain a mapping between it and the generated + /// `channel_keys_id`. /// /// This method must return a different value each time it is called. - fn get_channel_signer(&self, inbound: bool, channel_value_satoshis: u64) -> Self::Signer; + fn generate_channel_keys_id(&self, inbound: bool, channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32]; + /// Derives the private key material backing a `Signer`. + /// + /// To derive a new `Signer`, a fresh `channel_keys_id` should be obtained through + /// [`KeysInterface::generate_channel_keys_id`]. Otherwise, an existing `Signer` can be + /// re-derived from its `channel_keys_id`, which can be obtained through its trait method + /// [`BaseSign::channel_keys_id`]. + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer; /// Gets a unique, cryptographically-secure, random 32 byte value. This is used for encrypting /// onion packets and for temporary channel IDs. There is no requirement that these be /// persisted anywhere, though they must be unique across restarts. @@ -463,6 +471,9 @@ pub trait KeysInterface { /// The bytes are exactly those which `::write()` writes, and /// contain no versioning scheme. You may wish to include your own version prefix and ensure /// you've read all of the provided bytes to ensure no corruption occurred. + /// + /// This method is slowly being phased out -- it will only be called when reading objects + /// written by LDK versions prior to 0.0.113. fn read_chan_signer(&self, reader: &[u8]) -> Result; /// Sign an invoice. @@ -571,39 +582,39 @@ impl InMemorySigner { } /// Counterparty pubkeys. - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn counterparty_pubkeys(&self) -> &ChannelPublicKeys { &self.get_channel_parameters().counterparty_parameters.as_ref().unwrap().pubkeys } /// The contest_delay value specified by our counterparty and applied on holder-broadcastable /// transactions, ie the amount of time that we have to wait to recover our funds if we /// broadcast a transaction. - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn counterparty_selected_contest_delay(&self) -> u16 { self.get_channel_parameters().counterparty_parameters.as_ref().unwrap().selected_contest_delay } /// The contest_delay value specified by us and applied on transactions broadcastable /// by our counterparty, ie the amount of time that they have to wait to recover their funds /// if they broadcast a transaction. - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn holder_selected_contest_delay(&self) -> u16 { self.get_channel_parameters().holder_selected_contest_delay } /// Whether the holder is the initiator - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn is_outbound(&self) -> bool { self.get_channel_parameters().is_outbound_from_holder } /// Funding outpoint - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn funding_outpoint(&self) -> &OutPoint { self.get_channel_parameters().funding_outpoint.as_ref().unwrap() } /// Obtain a ChannelTransactionParameters for this channel, to be used when verifying or /// building transactions. /// - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn get_channel_parameters(&self) -> &ChannelTransactionParameters { self.channel_parameters.as_ref().unwrap() } /// Whether anchors should be used. - /// Will panic if ready_channel wasn't called. + /// Will panic if provide_channel_parameters wasn't called. pub fn opt_anchors(&self) -> bool { self.get_channel_parameters().opt_anchors.is_some() } @@ -807,8 +818,12 @@ impl BaseSign for InMemorySigner { Ok((sign(secp_ctx, &msghash, &self.node_secret), sign(secp_ctx, &msghash, &self.funding_key))) } - fn ready_channel(&mut self, channel_parameters: &ChannelTransactionParameters) { - assert!(self.channel_parameters.is_none(), "Acceptance already noted"); + fn provide_channel_parameters(&mut self, channel_parameters: &ChannelTransactionParameters) { + assert!(self.channel_parameters.is_none() || self.channel_parameters.as_ref().unwrap() == channel_parameters); + if self.channel_parameters.is_some() { + // The channel parameters were already set and they match, return early. + return; + } assert!(channel_parameters.is_populated(), "Channel parameters must be fully populated"); self.channel_parameters = Some(channel_parameters.clone()); } @@ -955,8 +970,8 @@ impl KeysManager { inbound_pmt_key_bytes.copy_from_slice(&inbound_payment_key[..]); let mut rand_bytes_unique_start = Sha256::engine(); - rand_bytes_unique_start.input(&byte_utils::be64_to_array(starting_time_secs)); - rand_bytes_unique_start.input(&byte_utils::be32_to_array(starting_time_nanos)); + rand_bytes_unique_start.input(&starting_time_secs.to_be_bytes()); + rand_bytes_unique_start.input(&starting_time_nanos.to_be_bytes()); rand_bytes_unique_start.input(seed); let mut res = KeysManager { @@ -987,13 +1002,8 @@ impl KeysManager { } } /// Derive an old Sign containing per-channel secrets based on a key derivation parameters. - /// - /// Key derivation parameters are accessible through a per-channel secrets - /// Sign::channel_keys_id and is provided inside DynamicOuputP2WSH in case of - /// onchain output detection for which a corresponding delayed_payment_key must be derived. pub fn derive_channel_keys(&self, channel_value_satoshis: u64, params: &[u8; 32]) -> InMemorySigner { - let chan_id = byte_utils::slice_to_be64(¶ms[0..8]); - assert!(chan_id <= core::u32::MAX as u64); // Otherwise the params field wasn't created by us + let chan_id = u64::from_be_bytes(params[0..8].try_into().unwrap()); let mut unique_start = Sha256::engine(); unique_start.input(params); unique_start.input(&self.seed); @@ -1209,14 +1219,19 @@ impl KeysInterface for KeysManager { ShutdownScript::new_p2wpkh_from_pubkey(self.shutdown_pubkey.clone()) } - fn get_channel_signer(&self, _inbound: bool, channel_value_satoshis: u64) -> Self::Signer { - let child_ix = self.channel_child_index.fetch_add(1, Ordering::AcqRel); - assert!(child_ix <= core::u32::MAX as usize); + fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32] { + let child_idx = self.channel_child_index.fetch_add(1, Ordering::AcqRel); + assert!(child_idx <= core::u32::MAX as usize); let mut id = [0; 32]; - id[0..8].copy_from_slice(&byte_utils::be64_to_array(child_ix as u64)); - id[8..16].copy_from_slice(&byte_utils::be64_to_array(self.starting_time_nanos as u64)); - id[16..24].copy_from_slice(&byte_utils::be64_to_array(self.starting_time_secs)); - self.derive_channel_keys(channel_value_satoshis, &id) + id[0..4].copy_from_slice(&(child_idx as u32).to_be_bytes()); + id[4..8].copy_from_slice(&self.starting_time_nanos.to_be_bytes()); + id[8..16].copy_from_slice(&self.starting_time_secs.to_be_bytes()); + id[16..32].copy_from_slice(&user_channel_id.to_be_bytes()); + id + } + + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer { + self.derive_channel_keys(channel_value_satoshis, &channel_keys_id) } fn get_secure_random_bytes(&self) -> [u8; 32] { @@ -1309,8 +1324,12 @@ impl KeysInterface for PhantomKeysManager { self.inner.get_shutdown_scriptpubkey() } - fn get_channel_signer(&self, inbound: bool, channel_value_satoshis: u64) -> Self::Signer { - self.inner.get_channel_signer(inbound, channel_value_satoshis) + fn generate_channel_keys_id(&self, inbound: bool, channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32] { + self.inner.generate_channel_keys_id(inbound, channel_value_satoshis, user_channel_id) + } + + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> Self::Signer { + self.inner.derive_channel_signer(channel_value_satoshis, channel_keys_id) } fn get_secure_random_bytes(&self) -> [u8; 32] { diff --git a/lightning/src/chain/onchaintx.rs b/lightning/src/chain/onchaintx.rs index 2ce2ed41ba1..a0850dfb2ef 100644 --- a/lightning/src/chain/onchaintx.rs +++ b/lightning/src/chain/onchaintx.rs @@ -21,6 +21,7 @@ use bitcoin::hash_types::{Txid, BlockHash}; use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature}; use bitcoin::secp256k1; +use crate::chain::keysinterface::BaseSign; use crate::ln::msgs::DecodeError; use crate::ln::PaymentPreimage; #[cfg(anchors)] @@ -36,7 +37,6 @@ use crate::chain::package::PackageSolvingData; use crate::chain::package::PackageTemplate; use crate::util::logger::Logger; use crate::util::ser::{Readable, ReadableArgs, MaybeReadable, Writer, Writeable, VecWriter}; -use crate::util::byte_utils; use crate::io; use crate::prelude::*; @@ -271,29 +271,29 @@ impl OnchainTxHandler { (key_data.0.len() as u32).write(writer)?; writer.write_all(&key_data.0[..])?; - writer.write_all(&byte_utils::be64_to_array(self.pending_claim_requests.len() as u64))?; + writer.write_all(&(self.pending_claim_requests.len() as u64).to_be_bytes())?; for (ref ancestor_claim_txid, request) in self.pending_claim_requests.iter() { ancestor_claim_txid.write(writer)?; request.write(writer)?; } - writer.write_all(&byte_utils::be64_to_array(self.claimable_outpoints.len() as u64))?; + writer.write_all(&(self.claimable_outpoints.len() as u64).to_be_bytes())?; for (ref outp, ref claim_and_height) in self.claimable_outpoints.iter() { outp.write(writer)?; claim_and_height.0.write(writer)?; claim_and_height.1.write(writer)?; } - writer.write_all(&byte_utils::be64_to_array(self.locktimed_packages.len() as u64))?; + writer.write_all(&(self.locktimed_packages.len() as u64).to_be_bytes())?; for (ref locktime, ref packages) in self.locktimed_packages.iter() { locktime.write(writer)?; - writer.write_all(&byte_utils::be64_to_array(packages.len() as u64))?; + writer.write_all(&(packages.len() as u64).to_be_bytes())?; for ref package in packages.iter() { package.write(writer)?; } } - writer.write_all(&byte_utils::be64_to_array(self.onchain_events_awaiting_threshold_conf.len() as u64))?; + writer.write_all(&(self.onchain_events_awaiting_threshold_conf.len() as u64).to_be_bytes())?; for ref entry in self.onchain_events_awaiting_threshold_conf.iter() { entry.write(writer)?; } @@ -303,8 +303,12 @@ impl OnchainTxHandler { } } -impl<'a, K: KeysInterface> ReadableArgs<&'a K> for OnchainTxHandler { - fn read(reader: &mut R, keys_manager: &'a K) -> Result { +impl<'a, K: KeysInterface> ReadableArgs<(&'a K, u64, [u8; 32])> for OnchainTxHandler { + fn read(reader: &mut R, args: (&'a K, u64, [u8; 32])) -> Result { + let keys_manager = args.0; + let channel_value_satoshis = args.1; + let channel_keys_id = args.2; + let _ver = read_ver_prefix!(reader, SERIALIZATION_VERSION); let destination_script = Readable::read(reader)?; @@ -316,16 +320,21 @@ impl<'a, K: KeysInterface> ReadableArgs<&'a K> for OnchainTxHandler { let channel_parameters = Readable::read(reader)?; + // Read the serialized signer bytes, but don't deserialize them, as we'll obtain our signer + // by re-deriving the private key material. let keys_len: u32 = Readable::read(reader)?; - let mut keys_data = Vec::with_capacity(cmp::min(keys_len as usize, MAX_ALLOC_SIZE)); - while keys_data.len() != keys_len as usize { + let mut bytes_read = 0; + while bytes_read != keys_len as usize { // Read 1KB at a time to avoid accidentally allocating 4GB on corrupted channel keys let mut data = [0; 1024]; - let read_slice = &mut data[0..cmp::min(1024, keys_len as usize - keys_data.len())]; + let bytes_to_read = cmp::min(1024, keys_len as usize - bytes_read); + let read_slice = &mut data[0..bytes_to_read]; reader.read_exact(read_slice)?; - keys_data.extend_from_slice(read_slice); + bytes_read += bytes_to_read; } - let signer = keys_manager.read_chan_signer(&keys_data)?; + + let mut signer = keys_manager.derive_channel_signer(channel_value_satoshis, channel_keys_id); + signer.provide_channel_parameters(&channel_parameters); let pending_claim_requests_len: u64 = Readable::read(reader)?; let mut pending_claim_requests = HashMap::with_capacity(cmp::min(pending_claim_requests_len as usize, MAX_ALLOC_SIZE / 128)); diff --git a/lightning/src/chain/package.rs b/lightning/src/chain/package.rs index 1307ad0eb3f..7ccabb50b6c 100644 --- a/lightning/src/chain/package.rs +++ b/lightning/src/chain/package.rs @@ -27,7 +27,6 @@ use crate::ln::msgs::DecodeError; use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, MIN_RELAY_FEE_SAT_PER_1000_WEIGHT}; use crate::chain::keysinterface::Sign; use crate::chain::onchaintx::OnchainTxHandler; -use crate::util::byte_utils; use crate::util::logger::Logger; use crate::util::ser::{Readable, Writer, Writeable}; @@ -774,7 +773,7 @@ impl PackageTemplate { impl Writeable for PackageTemplate { fn write(&self, writer: &mut W) -> Result<(), io::Error> { - writer.write_all(&byte_utils::be64_to_array(self.inputs.len() as u64))?; + writer.write_all(&(self.inputs.len() as u64).to_be_bytes())?; for (ref outpoint, ref rev_outp) in self.inputs.iter() { outpoint.write(writer)?; rev_outp.write(writer)?; diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs index 7fc817995fb..77aec9f23da 100644 --- a/lightning/src/ln/chan_utils.rs +++ b/lightning/src/ln/chan_utils.rs @@ -24,7 +24,7 @@ use bitcoin::hash_types::{Txid, PubkeyHash}; use crate::ln::{PaymentHash, PaymentPreimage}; use crate::ln::msgs::DecodeError; use crate::util::ser::{Readable, Writeable, Writer}; -use crate::util::{byte_utils, transaction_utils}; +use crate::util::transaction_utils; use bitcoin::secp256k1::{SecretKey, PublicKey, Scalar}; use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature, Message}; @@ -310,7 +310,7 @@ impl Writeable for CounterpartyCommitmentSecrets { fn write(&self, writer: &mut W) -> Result<(), io::Error> { for &(ref secret, ref idx) in self.old_secrets.iter() { writer.write_all(secret)?; - writer.write_all(&byte_utils::be64_to_array(*idx))?; + writer.write_all(&idx.to_be_bytes())?; } write_tlv_fields!(writer, {}); Ok(()) @@ -763,7 +763,7 @@ pub fn build_anchor_input_witness(funding_key: &PublicKey, funding_sig: &Signatu /// /// Normally, this is converted to the broadcaster/countersignatory-organized DirectedChannelTransactionParameters /// before use, via the as_holder_broadcastable and as_counterparty_broadcastable functions. -#[derive(Clone)] +#[derive(Clone, PartialEq)] pub struct ChannelTransactionParameters { /// Holder public keys pub holder_pubkeys: ChannelPublicKeys, @@ -787,7 +787,7 @@ pub struct ChannelTransactionParameters { } /// Late-bound per-channel counterparty data used to build transactions. -#[derive(Clone)] +#[derive(Clone, PartialEq)] pub struct CounterpartyChannelTransactionParameters { /// Counter-party public keys pub pubkeys: ChannelPublicKeys, @@ -1627,8 +1627,8 @@ mod tests { let seed = [42; 32]; let network = Network::Testnet; let keys_provider = test_utils::TestKeysInterface::new(&seed, network); - let signer = keys_provider.get_channel_signer(false, 3000); - let counterparty_signer = keys_provider.get_channel_signer(false, 3000); + let signer = keys_provider.derive_channel_signer(3000, keys_provider.generate_channel_keys_id(false, 1_000_000, 0)); + let counterparty_signer = keys_provider.derive_channel_signer(3000, keys_provider.generate_channel_keys_id(true, 1_000_000, 1)); let delayed_payment_base = &signer.pubkeys().delayed_payment_basepoint; let per_commitment_secret = SecretKey::from_slice(&hex::decode("1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100").unwrap()[..]).unwrap(); let per_commitment_point = PublicKey::from_secret_key(&secp_ctx, &per_commitment_secret); @@ -1724,9 +1724,9 @@ mod tests { assert_eq!(tx.built.transaction.output[0].script_pubkey, get_htlc_redeemscript(&received_htlc, false, &keys).to_v0_p2wsh()); assert_eq!(tx.built.transaction.output[1].script_pubkey, get_htlc_redeemscript(&offered_htlc, false, &keys).to_v0_p2wsh()); assert_eq!(get_htlc_redeemscript(&received_htlc, false, &keys).to_v0_p2wsh().to_hex(), - "002085cf52e41ba7c099a39df504e7b61f6de122971ceb53b06731876eaeb85e8dc5"); + "0020e43a7c068553003fe68fcae424fb7b28ec5ce48cd8b6744b3945631389bad2fb"); assert_eq!(get_htlc_redeemscript(&offered_htlc, false, &keys).to_v0_p2wsh().to_hex(), - "002049f0736bb335c61a04d2623a24df878a7592a3c51fa7258d41b2c85318265e73"); + "0020215d61bba56b19e9eadb6107f5a85d7f99c40f65992443f69229c290165bc00d"); // Generate broadcaster output and received and offered HTLC outputs, with anchors channel_parameters.opt_anchors = Some(()); @@ -1743,9 +1743,9 @@ mod tests { assert_eq!(tx.built.transaction.output[2].script_pubkey, get_htlc_redeemscript(&received_htlc, true, &keys).to_v0_p2wsh()); assert_eq!(tx.built.transaction.output[3].script_pubkey, get_htlc_redeemscript(&offered_htlc, true, &keys).to_v0_p2wsh()); assert_eq!(get_htlc_redeemscript(&received_htlc, true, &keys).to_v0_p2wsh().to_hex(), - "002067114123af3f95405bae4fd930fc95de03e3c86baaee8b2dd29b43dd26cf613c"); + "0020b70d0649c72b38756885c7a30908d912a7898dd5d79457a7280b8e9a20f3f2bc"); assert_eq!(get_htlc_redeemscript(&offered_htlc, true, &keys).to_v0_p2wsh().to_hex(), - "0020a06e3b0d4fcf704f2b9c41e16a70099e39989466c3142b8573a1154542f28f57"); + "002087a3faeb1950a469c0e2db4a79b093a41b9526e5a6fc6ef5cb949bde3be379c7"); } #[test] diff --git a/lightning/src/ln/chanmon_update_fail_tests.rs b/lightning/src/ln/chanmon_update_fail_tests.rs index b1b6b79712d..8cf08fd65c5 100644 --- a/lightning/src/ln/chanmon_update_fail_tests.rs +++ b/lightning/src/ln/chanmon_update_fail_tests.rs @@ -112,7 +112,7 @@ fn test_monitor_and_persister_update_fail() { let mut w = test_utils::TestVecWriter(Vec::new()); monitor.write(&mut w).unwrap(); let new_monitor = <(BlockHash, ChannelMonitor)>::read( - &mut io::Cursor::new(&w.0), &test_utils::OnlyReadsKeysInterface {}).unwrap().1; + &mut io::Cursor::new(&w.0), nodes[0].keys_manager).unwrap().1; assert!(new_monitor == *monitor); let chain_mon = test_utils::TestChainMonitor::new(Some(&chain_source), &tx_broadcaster, &logger, &chanmon_cfgs[0].fee_estimator, &persister, &node_cfgs[0].keys_manager); assert_eq!(chain_mon.watch_channel(outpoint, new_monitor), ChannelMonitorUpdateStatus::Completed); diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 5cc4f4a364b..81372ee3da8 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -34,7 +34,7 @@ use crate::chain::BestBlock; use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, LowerBoundedFeeEstimator}; use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, ChannelMonitorUpdateStep, LATENCY_GRACE_PERIOD_BLOCKS}; use crate::chain::transaction::{OutPoint, TransactionData}; -use crate::chain::keysinterface::{Sign, KeysInterface}; +use crate::chain::keysinterface::{Sign, KeysInterface, BaseSign}; use crate::util::events::ClosureReason; use crate::util::ser::{Readable, ReadableArgs, Writeable, Writer, VecWriter}; use crate::util::logger::Logger; @@ -737,6 +737,10 @@ pub(super) struct Channel { // We track whether we already emitted a `ChannelReady` event. channel_ready_event_emitted: bool, + + /// The unique identifier used to re-derive the private key material for the channel through + /// [`KeysInterface::derive_channel_signer`]. + channel_keys_id: [u8; 32], } #[cfg(any(test, fuzzing))] @@ -909,7 +913,8 @@ impl Channel { let opt_anchors = false; // TODO - should be based on features let holder_selected_contest_delay = config.channel_handshake_config.our_to_self_delay; - let holder_signer = keys_provider.get_channel_signer(false, channel_value_satoshis); + let channel_keys_id = keys_provider.generate_channel_keys_id(false, channel_value_satoshis, user_id); + let holder_signer = keys_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id); let pubkeys = holder_signer.pubkeys().clone(); if !their_features.supports_wumbo() && channel_value_satoshis > MAX_FUNDING_SATOSHIS_NO_WUMBO { @@ -1071,6 +1076,7 @@ impl Channel { historical_inbound_htlc_fulfills: HashSet::new(), channel_type: Self::get_initial_channel_type(&config), + channel_keys_id, }) } @@ -1153,7 +1159,8 @@ impl Channel { return Err(ChannelError::Close("Channel Type was not understood - we require static remote key".to_owned())); } - let holder_signer = keys_provider.get_channel_signer(true, msg.funding_satoshis); + let channel_keys_id = keys_provider.generate_channel_keys_id(true, msg.funding_satoshis, user_id); + let holder_signer = keys_provider.derive_channel_signer(msg.funding_satoshis, channel_keys_id); let pubkeys = holder_signer.pubkeys().clone(); let counterparty_pubkeys = ChannelPublicKeys { funding_pubkey: msg.funding_pubkey, @@ -1417,6 +1424,7 @@ impl Channel { historical_inbound_htlc_fulfills: HashSet::new(), channel_type, + channel_keys_id, }; Ok(chan) @@ -2190,7 +2198,13 @@ impl Channel { &self.get_counterparty_pubkeys().funding_pubkey } - pub fn funding_created(&mut self, msg: &msgs::FundingCreated, best_block: BestBlock, logger: &L) -> Result<(msgs::FundingSigned, ChannelMonitor, Option), ChannelError> where L::Target: Logger { + pub fn funding_created( + &mut self, msg: &msgs::FundingCreated, best_block: BestBlock, keys_source: &K, logger: &L + ) -> Result<(msgs::FundingSigned, ChannelMonitor<::Signer>, Option), ChannelError> + where + K::Target: KeysInterface, + L::Target: Logger + { if self.is_outbound() { return Err(ChannelError::Close("Received funding_created for an outbound channel?".to_owned())); } @@ -2213,7 +2227,7 @@ impl Channel { self.channel_transaction_parameters.funding_outpoint = Some(funding_txo); // This is an externally observable change before we finish all our checks. In particular // funding_created_signature may fail. - self.holder_signer.ready_channel(&self.channel_transaction_parameters); + self.holder_signer.provide_channel_parameters(&self.channel_transaction_parameters); let (counterparty_initial_commitment_txid, initial_commitment_tx, signature) = match self.funding_created_signature(&msg.signature, logger) { Ok(res) => res, @@ -2245,7 +2259,9 @@ impl Channel { let funding_txo_script = funding_redeemscript.to_v0_p2wsh(); let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound()); let shutdown_script = self.shutdown_scriptpubkey.clone().map(|script| script.into_inner()); - let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), self.holder_signer.clone(), + let mut monitor_signer = keys_source.derive_channel_signer(self.channel_value_satoshis, self.channel_keys_id); + monitor_signer.provide_channel_parameters(&self.channel_transaction_parameters); + let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), monitor_signer, shutdown_script, self.get_holder_selected_contest_delay(), &self.destination_script, (funding_txo, funding_txo_script.clone()), &self.channel_transaction_parameters, @@ -2270,7 +2286,13 @@ impl Channel { /// Handles a funding_signed message from the remote end. /// If this call is successful, broadcast the funding transaction (and not before!) - pub fn funding_signed(&mut self, msg: &msgs::FundingSigned, best_block: BestBlock, logger: &L) -> Result<(ChannelMonitor, Transaction, Option), ChannelError> where L::Target: Logger { + pub fn funding_signed( + &mut self, msg: &msgs::FundingSigned, best_block: BestBlock, keys_source: &K, logger: &L + ) -> Result<(ChannelMonitor<::Signer>, Transaction, Option), ChannelError> + where + K::Target: KeysInterface, + L::Target: Logger + { if !self.is_outbound() { return Err(ChannelError::Close("Received funding_signed for an inbound channel?".to_owned())); } @@ -2322,7 +2344,9 @@ impl Channel { let funding_txo_script = funding_redeemscript.to_v0_p2wsh(); let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound()); let shutdown_script = self.shutdown_scriptpubkey.clone().map(|script| script.into_inner()); - let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), self.holder_signer.clone(), + let mut monitor_signer = keys_source.derive_channel_signer(self.channel_value_satoshis, self.channel_keys_id); + monitor_signer.provide_channel_parameters(&self.channel_transaction_parameters); + let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), monitor_signer, shutdown_script, self.get_holder_selected_contest_delay(), &self.destination_script, (funding_txo, funding_txo_script), &self.channel_transaction_parameters, @@ -5248,7 +5272,7 @@ impl Channel { } self.channel_transaction_parameters.funding_outpoint = Some(funding_txo); - self.holder_signer.ready_channel(&self.channel_transaction_parameters); + self.holder_signer.provide_channel_parameters(&self.channel_transaction_parameters); let signature = match self.get_outbound_funding_created_signature(logger) { Ok(res) => res, @@ -5934,7 +5958,7 @@ impl Channel { } } -const SERIALIZATION_VERSION: u8 = 2; +const SERIALIZATION_VERSION: u8 = 3; const MIN_SERIALIZATION_VERSION: u8 = 2; impl_writeable_tlv_based_enum!(InboundHTLCRemovalReason,; @@ -5996,7 +6020,7 @@ impl Writeable for Channel { // Note that we write out as if remove_uncommitted_htlcs_and_mark_paused had just been // called. - write_ver_prefix!(writer, SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION); + write_ver_prefix!(writer, MIN_SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION); // `user_id` used to be a single u64 value. In order to remain backwards compatible with // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We write @@ -6278,6 +6302,7 @@ impl Writeable for Channel { (21, self.outbound_scid_alias, required), (23, channel_ready_event_emitted, option), (25, user_id_high_opt, option), + (27, self.channel_keys_id, required), }); Ok(()) @@ -6314,16 +6339,20 @@ impl<'a, K: Deref> ReadableArgs<(&'a K, u32)> for Channel<::read(reader) { @@ -6541,6 +6570,7 @@ impl<'a, K: Deref> ReadableArgs<(&'a K, u32)> for Channel< = None; + let mut channel_keys_id: Option<[u8; 32]> = None; read_tlv_fields!(reader, { (0, announcement_sigs, option), @@ -6560,8 +6590,25 @@ impl<'a, K: Deref> ReadableArgs<(&'a K, u32)> for Channel<= (ChannelState::FundingCreated as u32) { + holder_signer.provide_channel_parameters(&channel_parameters); + } + (channel_keys_id, holder_signer) + } else { + // `keys_data` can be `None` if we had corrupted data. + let keys_data = keys_data.ok_or(DecodeError::InvalidValue)?; + let holder_signer = keys_source.read_chan_signer(&keys_data)?; + (holder_signer.channel_keys_id(), holder_signer) + }; + if let Some(preimages) = preimages_opt { let mut iter = preimages.into_iter(); for htlc in pending_outbound_htlcs.iter_mut() { @@ -6711,6 +6758,7 @@ impl<'a, K: Deref> ReadableArgs<(&'a K, u32)> for Channel< InMemorySigner { + fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] { + self.signer.channel_keys_id() + } + fn derive_channel_signer(&self, _channel_value_satoshis: u64, _channel_keys_id: [u8; 32]) -> Self::Signer { self.signer.clone() } fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] } @@ -7018,10 +7069,10 @@ mod tests { }]}; let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 }; let funding_created_msg = node_a_chan.get_outbound_funding_created(tx.clone(), funding_outpoint, &&logger).unwrap(); - let (funding_signed_msg, _, _) = node_b_chan.funding_created(&funding_created_msg, best_block, &&logger).unwrap(); + let (funding_signed_msg, _, _) = node_b_chan.funding_created(&funding_created_msg, best_block, &&keys_provider, &&logger).unwrap(); // Node B --> Node A: funding signed - let _ = node_a_chan.funding_signed(&funding_signed_msg, best_block, &&logger); + let _ = node_a_chan.funding_signed(&funding_signed_msg, best_block, &&keys_provider, &&logger); // Now disconnect the two nodes and check that the commitment point in // Node B's channel_reestablish message is sane. @@ -7291,7 +7342,7 @@ mod tests { selected_contest_delay: 144 }); chan.channel_transaction_parameters.funding_outpoint = Some(funding_info); - signer.ready_channel(&chan.channel_transaction_parameters); + signer.provide_channel_parameters(&chan.channel_transaction_parameters); assert_eq!(counterparty_pubkeys.payment_point.serialize()[..], hex::decode("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]); diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 306739ad6e0..1e833b7046d 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -54,7 +54,7 @@ use crate::ln::wire::Encode; use crate::chain::keysinterface::{Sign, KeysInterface, KeysManager, Recipient}; use crate::util::config::{UserConfig, ChannelConfig}; use crate::util::events::{Event, EventHandler, EventsProvider, MessageSendEvent, MessageSendEventsProvider, ClosureReason, HTLCDestination}; -use crate::util::{byte_utils, events}; +use crate::util::events; use crate::util::wakers::{Future, Notifier}; use crate::util::scid_utils::fake_scid; use crate::util::ser::{BigSize, FixedLengthReader, Readable, ReadableArgs, MaybeReadable, Writeable, Writer, VecWriter}; @@ -2053,7 +2053,7 @@ impl ChannelManager ChannelManager amt_msat { return Err(ReceiveError { err_code: 19, - err_data: byte_utils::be64_to_array(amt_msat).to_vec(), + err_data: amt_msat.to_be_bytes().to_vec(), msg: "Upstream node sent less than we were supposed to receive in payment", }); } @@ -3451,9 +3451,9 @@ impl ChannelManager { - let mut htlc_msat_height_data = byte_utils::be64_to_array($htlc.value).to_vec(); + let mut htlc_msat_height_data = $htlc.value.to_be_bytes().to_vec(); htlc_msat_height_data.extend_from_slice( - &byte_utils::be32_to_array(self.best_block.read().unwrap().height()), + &self.best_block.read().unwrap().height().to_be_bytes(), ); failed_forwards.push((HTLCSource::PreviousHopData(HTLCPreviousHopData { short_channel_id: $htlc.prev_hop.short_channel_id, @@ -3909,9 +3909,8 @@ impl ChannelManager ChannelManager ChannelManager return Err(MsgHandleErrInternal::send_err_msg_no_close("Failed to find corresponding channel".to_owned(), msg.temporary_channel_id)) } @@ -4887,7 +4885,7 @@ impl ChannelManager update, Err(e) => try_chan_entry!(self, Err(e), chan), }; @@ -6283,8 +6281,8 @@ where // number of blocks we generally consider it to take to do a commitment update, // just give up on it and fail the HTLC. if height >= htlc.cltv_expiry - HTLC_FAIL_BACK_BUFFER { - let mut htlc_msat_height_data = byte_utils::be64_to_array(htlc.value).to_vec(); - htlc_msat_height_data.extend_from_slice(&byte_utils::be32_to_array(height)); + let mut htlc_msat_height_data = htlc.value.to_be_bytes().to_vec(); + htlc_msat_height_data.extend_from_slice(&height.to_be_bytes()); timed_out_htlcs.push((HTLCSource::PreviousHopData(htlc.prev_hop.clone()), payment_hash.clone(), HTLCFailReason::reason(0x4000 | 15, htlc_msat_height_data), diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs index c0d6eb2cd69..2010a691d3a 100644 --- a/lightning/src/ln/functional_tests.rs +++ b/lightning/src/ln/functional_tests.rs @@ -30,7 +30,7 @@ use crate::ln::features::{ChannelFeatures, NodeFeatures}; use crate::ln::msgs; use crate::ln::msgs::{ChannelMessageHandler, RoutingMessageHandler, ErrorAction}; use crate::util::enforcing_trait_impls::EnforcingSigner; -use crate::util::{byte_utils, test_utils}; +use crate::util::test_utils; use crate::util::events::{Event, MessageSendEvent, MessageSendEventsProvider, PaymentPurpose, ClosureReason, HTLCDestination}; use crate::util::errors::APIError; use crate::util::ser::{Writeable, ReadableArgs}; @@ -4100,8 +4100,8 @@ fn do_test_htlc_timeout(send_partial_mpp: bool) { nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &htlc_timeout_updates.update_fail_htlcs[0]); commitment_signed_dance!(nodes[0], nodes[1], htlc_timeout_updates.commitment_signed, false); // 100_000 msat as u64, followed by the height at which we failed back above - let mut expected_failure_data = byte_utils::be64_to_array(100_000).to_vec(); - expected_failure_data.extend_from_slice(&byte_utils::be32_to_array(block_count - 1)); + let mut expected_failure_data = (100_000 as u64).to_be_bytes().to_vec(); + expected_failure_data.extend_from_slice(&(block_count - 1).to_be_bytes()); expect_payment_failed!(nodes[0], our_payment_hash, true, 0x4000 | 15, &expected_failure_data[..]); } @@ -4803,7 +4803,7 @@ fn test_duplicate_payment_hash_one_failure_one_success() { assert_eq!(htlc_success_txn[2], commitment_txn[0]); assert_eq!(htlc_success_txn[3], htlc_success_txn[0]); assert_eq!(htlc_success_txn[4], htlc_success_txn[1]); - assert_ne!(htlc_success_txn[0].input[0].previous_output, htlc_timeout_tx.input[0].previous_output); + assert_ne!(htlc_success_txn[1].input[0].previous_output, htlc_timeout_tx.input[0].previous_output); mine_transaction(&nodes[1], &htlc_timeout_tx); connect_blocks(&nodes[1], ANTI_REORG_DELAY - 1); @@ -4826,7 +4826,7 @@ fn test_duplicate_payment_hash_one_failure_one_success() { // Solve 2nd HTLC by broadcasting on B's chain HTLC-Success Tx from C // Note that the fee paid is effectively double as the HTLC value (including the nodes[1] fee // and nodes[2] fee) is rounded down and then claimed in full. - mine_transaction(&nodes[1], &htlc_success_txn[0]); + mine_transaction(&nodes[1], &htlc_success_txn[1]); expect_payment_forwarded!(nodes[1], nodes[0], nodes[2], Some(196*2), true, true); let updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -6974,8 +6974,8 @@ fn test_check_htlc_underpaying() { commitment_signed_dance!(nodes[0], nodes[1], commitment_signed, false, true); // 10_000 msat as u64, followed by a height of CHAN_CONFIRM_DEPTH as u32 - let mut expected_failure_data = byte_utils::be64_to_array(10_000).to_vec(); - expected_failure_data.extend_from_slice(&byte_utils::be32_to_array(CHAN_CONFIRM_DEPTH)); + let mut expected_failure_data = (10_000 as u64).to_be_bytes().to_vec(); + expected_failure_data.extend_from_slice(&CHAN_CONFIRM_DEPTH.to_be_bytes()); expect_payment_failed!(nodes[0], our_payment_hash, true, 0x4000|15, &expected_failure_data[..]); } @@ -8131,7 +8131,7 @@ fn test_update_err_monitor_lockdown() { let mut w = test_utils::TestVecWriter(Vec::new()); monitor.write(&mut w).unwrap(); let new_monitor = <(BlockHash, channelmonitor::ChannelMonitor)>::read( - &mut io::Cursor::new(&w.0), &test_utils::OnlyReadsKeysInterface {}).unwrap().1; + &mut io::Cursor::new(&w.0), nodes[0].keys_manager).unwrap().1; assert!(new_monitor == *monitor); let watchtower = test_utils::TestChainMonitor::new(Some(&chain_source), &chanmon_cfgs[0].tx_broadcaster, &logger, &chanmon_cfgs[0].fee_estimator, &persister, &node_cfgs[0].keys_manager); assert_eq!(watchtower.watch_channel(outpoint, new_monitor), ChannelMonitorUpdateStatus::Completed); @@ -8195,7 +8195,7 @@ fn test_concurrent_monitor_claim() { let mut w = test_utils::TestVecWriter(Vec::new()); monitor.write(&mut w).unwrap(); let new_monitor = <(BlockHash, channelmonitor::ChannelMonitor)>::read( - &mut io::Cursor::new(&w.0), &test_utils::OnlyReadsKeysInterface {}).unwrap().1; + &mut io::Cursor::new(&w.0), nodes[0].keys_manager).unwrap().1; assert!(new_monitor == *monitor); let watchtower = test_utils::TestChainMonitor::new(Some(&chain_source), &chanmon_cfgs[0].tx_broadcaster, &logger, &chanmon_cfgs[0].fee_estimator, &persister, &node_cfgs[0].keys_manager); assert_eq!(watchtower.watch_channel(outpoint, new_monitor), ChannelMonitorUpdateStatus::Completed); @@ -8224,7 +8224,7 @@ fn test_concurrent_monitor_claim() { let mut w = test_utils::TestVecWriter(Vec::new()); monitor.write(&mut w).unwrap(); let new_monitor = <(BlockHash, channelmonitor::ChannelMonitor)>::read( - &mut io::Cursor::new(&w.0), &test_utils::OnlyReadsKeysInterface {}).unwrap().1; + &mut io::Cursor::new(&w.0), nodes[0].keys_manager).unwrap().1; assert!(new_monitor == *monitor); let watchtower = test_utils::TestChainMonitor::new(Some(&chain_source), &chanmon_cfgs[0].tx_broadcaster, &logger, &chanmon_cfgs[0].fee_estimator, &persister, &node_cfgs[0].keys_manager); assert_eq!(watchtower.watch_channel(outpoint, new_monitor), ChannelMonitorUpdateStatus::Completed); diff --git a/lightning/src/ln/onion_route_tests.rs b/lightning/src/ln/onion_route_tests.rs index 2bf36ffba89..b69f57403ca 100644 --- a/lightning/src/ln/onion_route_tests.rs +++ b/lightning/src/ln/onion_route_tests.rs @@ -25,7 +25,7 @@ use crate::ln::msgs::{ChannelMessageHandler, ChannelUpdate}; use crate::ln::wire::Encode; use crate::util::events::{Event, HTLCDestination, MessageSendEvent, MessageSendEventsProvider}; use crate::util::ser::{Writeable, Writer}; -use crate::util::{byte_utils, test_utils}; +use crate::util::test_utils; use crate::util::config::{UserConfig, ChannelConfig}; use crate::util::errors::APIError; @@ -1053,8 +1053,8 @@ fn test_phantom_final_incorrect_cltv_expiry() { commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false); // Ensure the payment fails with the expected error. - let expected_cltv = 82; - let error_data = byte_utils::be32_to_array(expected_cltv).to_vec(); + let expected_cltv: u32 = 82; + let error_data = expected_cltv.to_be_bytes().to_vec(); let mut fail_conditions = PaymentFailedConditions::new() .blamed_scid(phantom_scid) .expected_htlc_error_data(18, &error_data); @@ -1144,10 +1144,8 @@ fn test_phantom_failure_too_low_recv_amt() { commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false); // Ensure the payment fails with the expected error. - let mut error_data = byte_utils::be64_to_array(bad_recv_amt_msat).to_vec(); - error_data.extend_from_slice( - &byte_utils::be32_to_array(nodes[1].node.best_block.read().unwrap().height()), - ); + let mut error_data = bad_recv_amt_msat.to_be_bytes().to_vec(); + error_data.extend_from_slice(&nodes[1].node.best_block.read().unwrap().height().to_be_bytes()); let mut fail_conditions = PaymentFailedConditions::new() .blamed_scid(phantom_scid) .expected_htlc_error_data(0x4000 | 15, &error_data); @@ -1242,10 +1240,8 @@ fn test_phantom_failure_reject_payment() { commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false); // Ensure the payment fails with the expected error. - let mut error_data = byte_utils::be64_to_array(recv_amt_msat).to_vec(); - error_data.extend_from_slice( - &byte_utils::be32_to_array(nodes[1].node.best_block.read().unwrap().height()), - ); + let mut error_data = recv_amt_msat.to_be_bytes().to_vec(); + error_data.extend_from_slice(&nodes[1].node.best_block.read().unwrap().height().to_be_bytes()); let mut fail_conditions = PaymentFailedConditions::new() .blamed_scid(phantom_scid) .expected_htlc_error_data(0x4000 | 15, &error_data); diff --git a/lightning/src/util/byte_utils.rs b/lightning/src/util/byte_utils.rs index 1ab6384e3b8..419a6b73a69 100644 --- a/lightning/src/util/byte_utils.rs +++ b/lightning/src/util/byte_utils.rs @@ -17,34 +17,6 @@ pub fn slice_to_be48(v: &[u8]) -> u64 { ((v[5] as u64) << 8*0) } #[inline] -pub fn slice_to_be64(v: &[u8]) -> u64 { - ((v[0] as u64) << 8*7) | - ((v[1] as u64) << 8*6) | - ((v[2] as u64) << 8*5) | - ((v[3] as u64) << 8*4) | - ((v[4] as u64) << 8*3) | - ((v[5] as u64) << 8*2) | - ((v[6] as u64) << 8*1) | - ((v[7] as u64) << 8*0) -} - -#[inline] -pub fn be16_to_array(u: u16) -> [u8; 2] { - let mut v = [0; 2]; - v[0] = ((u >> 8*1) & 0xff) as u8; - v[1] = ((u >> 8*0) & 0xff) as u8; - v -} -#[inline] -pub fn be32_to_array(u: u32) -> [u8; 4] { - let mut v = [0; 4]; - v[0] = ((u >> 8*3) & 0xff) as u8; - v[1] = ((u >> 8*2) & 0xff) as u8; - v[2] = ((u >> 8*1) & 0xff) as u8; - v[3] = ((u >> 8*0) & 0xff) as u8; - v -} -#[inline] pub fn be48_to_array(u: u64) -> [u8; 6] { assert!(u & 0xffff_0000_0000_0000 == 0); let mut v = [0; 6]; @@ -56,31 +28,14 @@ pub fn be48_to_array(u: u64) -> [u8; 6] { v[5] = ((u >> 8*0) & 0xff) as u8; v } -#[inline] -pub fn be64_to_array(u: u64) -> [u8; 8] { - let mut v = [0; 8]; - v[0] = ((u >> 8*7) & 0xff) as u8; - v[1] = ((u >> 8*6) & 0xff) as u8; - v[2] = ((u >> 8*5) & 0xff) as u8; - v[3] = ((u >> 8*4) & 0xff) as u8; - v[4] = ((u >> 8*3) & 0xff) as u8; - v[5] = ((u >> 8*2) & 0xff) as u8; - v[6] = ((u >> 8*1) & 0xff) as u8; - v[7] = ((u >> 8*0) & 0xff) as u8; - v -} #[cfg(test)] mod tests { use super::*; - + #[test] fn test_all() { assert_eq!(slice_to_be48(&[0xde, 0xad, 0xbe, 0xef, 0x1b, 0xad]), 0xdeadbeef1bad); - assert_eq!(slice_to_be64(&[0xde, 0xad, 0xbe, 0xef, 0x1b, 0xad, 0x1d, 0xea]), 0xdeadbeef1bad1dea); - assert_eq!(be16_to_array(0xdead), [0xde, 0xad]); - assert_eq!(be32_to_array(0xdeadbeef), [0xde, 0xad, 0xbe, 0xef]); assert_eq!(be48_to_array(0xdeadbeef1bad), [0xde, 0xad, 0xbe, 0xef, 0x1b, 0xad]); - assert_eq!(be64_to_array(0xdeadbeef1bad1dea), [0xde, 0xad, 0xbe, 0xef, 0x1b, 0xad, 0x1d, 0xea]); } } diff --git a/lightning/src/util/enforcing_trait_impls.rs b/lightning/src/util/enforcing_trait_impls.rs index 55bad7f63f2..21ef5d4b178 100644 --- a/lightning/src/util/enforcing_trait_impls.rs +++ b/lightning/src/util/enforcing_trait_impls.rs @@ -215,8 +215,8 @@ impl BaseSign for EnforcingSigner { self.inner.sign_channel_announcement(msg, secp_ctx) } - fn ready_channel(&mut self, channel_parameters: &ChannelTransactionParameters) { - self.inner.ready_channel(channel_parameters) + fn provide_channel_parameters(&mut self, channel_parameters: &ChannelTransactionParameters) { + self.inner.provide_channel_parameters(channel_parameters) } } diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs index 89bf27de280..17bdb06c73f 100644 --- a/lightning/src/util/test_utils.rs +++ b/lightning/src/util/test_utils.rs @@ -80,7 +80,8 @@ impl keysinterface::KeysInterface for OnlyReadsKeysInterface { fn get_inbound_payment_key_material(&self) -> KeyMaterial { unreachable!(); } fn get_destination_script(&self) -> Script { unreachable!(); } fn get_shutdown_scriptpubkey(&self) -> ShutdownScript { unreachable!(); } - fn get_channel_signer(&self, _inbound: bool, _channel_value_satoshis: u64) -> EnforcingSigner { unreachable!(); } + fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] { unreachable!(); } + fn derive_channel_signer(&self, _channel_value_satoshis: u64, _channel_keys_id: [u8; 32]) -> Self::Signer { unreachable!(); } fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] } fn read_chan_signer(&self, mut reader: &[u8]) -> Result { @@ -629,8 +630,12 @@ impl keysinterface::KeysInterface for TestKeysInterface { } } - fn get_channel_signer(&self, inbound: bool, channel_value_satoshis: u64) -> EnforcingSigner { - let keys = self.backing.get_channel_signer(inbound, channel_value_satoshis); + fn generate_channel_keys_id(&self, inbound: bool, channel_value_satoshis: u64, user_channel_id: u128) -> [u8; 32] { + self.backing.generate_channel_keys_id(inbound, channel_value_satoshis, user_channel_id) + } + + fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> EnforcingSigner { + let keys = self.backing.derive_channel_signer(channel_value_satoshis, channel_keys_id); let state = self.make_enforcement_state_cell(keys.commitment_seed); EnforcingSigner::new_with_revoked(keys, state, self.disable_revocation_policy_check) }