Implement key wrappers for Payment, Delayed and Htlc keys.

lightningdevkit · Nov 2, 2023 · 282cc5f · 282cc5f
1 parent 415cbf0
commit 282cc5f
Show file tree

Hide file tree

Showing 8 changed files with 325 additions and 114 deletions.
diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs
@@ -35,8 +35,8 @@ use bitcoin::{secp256k1, EcdsaSighashType};
 use crate::ln::channel::INITIAL_COMMITMENT_NUMBER;
 use crate::ln::{PaymentHash, PaymentPreimage};
 use crate::ln::msgs::DecodeError;
-use crate::ln::chan_utils;
-use crate::ln::chan_utils::{CommitmentTransaction, CounterpartyCommitmentSecrets, HTLCOutputInCommitment, HTLCClaim, ChannelTransactionParameters, HolderCommitmentTransaction, TxCreationKeys};
+use crate::ln::channel_keys::{DelayedPaymentKey, DelayedPaymentBasepoint, HtlcKey, HtlcBasepoint};
+use crate::ln::chan_utils::{self,CommitmentTransaction, CounterpartyCommitmentSecrets, HTLCOutputInCommitment, HTLCClaim, ChannelTransactionParameters, HolderCommitmentTransaction, TxCreationKeys};
 use crate::ln::channelmanager::{HTLCSource, SentHTLCId};
 use crate::chain;
 use crate::chain::{BestBlock, WatchedOutput};
@@ -240,7 +240,7 @@ struct HolderSignedTx {
 	revocation_key: PublicKey,
 	a_htlc_key: PublicKey,
 	b_htlc_key: PublicKey,
-	delayed_payment_key: PublicKey,
+	delayed_payment_key: DelayedPaymentKey,
 	per_commitment_point: PublicKey,
 	htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>,
 	to_self_value_sat: u64,
@@ -277,8 +277,8 @@ impl HolderSignedTx {
 /// justice or 2nd-stage preimage/timeout transactions.
 #[derive(Clone, PartialEq, Eq)]
 struct CounterpartyCommitmentParameters {
-	counterparty_delayed_payment_base_key: PublicKey,
-	counterparty_htlc_base_key: PublicKey,
+	counterparty_delayed_payment_base_key: DelayedPaymentBasepoint,
+	counterparty_htlc_base_key: HtlcBasepoint,
 	on_counterparty_tx_csv: u16,
 }
 
@@ -1162,8 +1162,8 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitor<Signer> {
 			let holder_commitment_tx = HolderSignedTx {
 				txid,
 				revocation_key: tx_keys.revocation_key,
-				a_htlc_key: tx_keys.broadcaster_htlc_key,
-				b_htlc_key: tx_keys.countersignatory_htlc_key,
+				a_htlc_key: tx_keys.broadcaster_htlc_key.to_public_key(),
+				b_htlc_key: tx_keys.countersignatory_htlc_key.to_public_key(),
 				delayed_payment_key: tx_keys.broadcaster_delayed_payment_key,
 				per_commitment_point: tx_keys.per_commitment_point,
 				htlc_outputs: Vec::new(), // There are never any HTLCs in the initial commitment transactions
@@ -2493,8 +2493,8 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
 		let mut new_holder_commitment_tx = HolderSignedTx {
 			txid,
 			revocation_key: tx_keys.revocation_key,
-			a_htlc_key: tx_keys.broadcaster_htlc_key,
-			b_htlc_key: tx_keys.countersignatory_htlc_key,
+			a_htlc_key: tx_keys.broadcaster_htlc_key.to_public_key(),
+			b_htlc_key: tx_keys.countersignatory_htlc_key.to_public_key(),
 			delayed_payment_key: tx_keys.broadcaster_delayed_payment_key,
 			per_commitment_point: tx_keys.per_commitment_point,
 			htlc_outputs,
@@ -2926,9 +2926,10 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
 		let revocation_pubkey = chan_utils::derive_public_revocation_key(
 			&self.onchain_tx_handler.secp_ctx, &their_per_commitment_point,
 			&self.holder_revocation_basepoint);
-		let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx,
-			&their_per_commitment_point,
-			&self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+		let delayed_payment_basepoint = DelayedPaymentBasepoint::from(self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+		let delayed_key = DelayedPaymentKey::from_basepoint(&self.onchain_tx_handler.secp_ctx,
+			&delayed_payment_basepoint,
+			&their_per_commitment_point);
 		let revokeable_redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey,
 			self.counterparty_commitment_params.on_counterparty_tx_csv, &delayed_key);
 
@@ -2992,7 +2993,7 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
 			let per_commitment_key = ignore_error!(SecretKey::from_slice(&secret));
 			let per_commitment_point = PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key);
 			let revocation_pubkey = chan_utils::derive_public_revocation_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
-			let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx, &PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key), &self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+			let delayed_key = DelayedPaymentKey::from_basepoint(&self.onchain_tx_handler.secp_ctx, &self.counterparty_commitment_params.counterparty_delayed_payment_base_key, &PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key));
 
 			let revokeable_redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.counterparty_commitment_params.on_counterparty_tx_csv, &delayed_key);
 			let revokeable_p2wsh = revokeable_redeemscript.to_v0_p2wsh();
@@ -3106,9 +3107,9 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
 		if let Some(transaction) = tx {
 			let revocation_pubkey = chan_utils::derive_public_revocation_key(
 				&self.onchain_tx_handler.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
-			let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx,
-				&per_commitment_point,
-				&self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+
+			let delayed_key = DelayedPaymentKey::from_basepoint(&self.onchain_tx_handler.secp_ctx, &self.counterparty_commitment_params.counterparty_delayed_payment_base_key, &per_commitment_point);
+
 			let revokeable_p2wsh = chan_utils::get_revokeable_redeemscript(&revocation_pubkey,
 				self.counterparty_commitment_params.on_counterparty_tx_csv,
 				&delayed_key).to_v0_p2wsh();
@@ -4504,8 +4505,8 @@ mod tests {
 	use crate::chain::transaction::OutPoint;
 	use crate::sign::InMemorySigner;
 	use crate::ln::{PaymentPreimage, PaymentHash};
-	use crate::ln::chan_utils;
-	use crate::ln::chan_utils::{HTLCOutputInCommitment, ChannelPublicKeys, ChannelTransactionParameters, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters};
+	use crate::ln::channel_keys::{DelayedPaymentBasepoint, DelayedPaymentKey, HtlcBasepoint};
+	use crate::ln::chan_utils::{self,HTLCOutputInCommitment, ChannelPublicKeys, ChannelTransactionParameters, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters};
 	use crate::ln::channelmanager::{PaymentSendFailure, PaymentId, RecipientOnionFields};
 	use crate::ln::functional_test_utils::*;
 	use crate::ln::script::ShutdownScript;
@@ -4673,8 +4674,8 @@ mod tests {
 			funding_pubkey: PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[44; 32]).unwrap()),
 			revocation_basepoint: PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[45; 32]).unwrap()),
 			payment_point: PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[46; 32]).unwrap()),
-			delayed_payment_basepoint: PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[47; 32]).unwrap()),
-			htlc_basepoint: PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[48; 32]).unwrap())
+			delayed_payment_basepoint: DelayedPaymentBasepoint::from(PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[47; 32]).unwrap())),
+			htlc_basepoint: HtlcBasepoint::from(PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[48; 32]).unwrap()))
 		};
 		let funding_outpoint = OutPoint { txid: Txid::all_zeros(), index: u16::max_value() };
 		let channel_parameters = ChannelTransactionParameters {
@@ -4764,6 +4765,7 @@ mod tests {
 		let privkey = SecretKey::from_slice(&hex::decode("0101010101010101010101010101010101010101010101010101010101010101").unwrap()[..]).unwrap();
 		let pubkey = PublicKey::from_secret_key(&secp_ctx, &privkey);
 
+		use crate::ln::channel_keys::{HtlcKey, HtlcBasepoint};
 		macro_rules! sign_input {
 			($sighash_parts: expr, $idx: expr, $amount: expr, $weight: expr, $sum_actual_sigs: expr, $opt_anchors: expr) => {
 				let htlc = HTLCOutputInCommitment {
@@ -4773,7 +4775,7 @@ mod tests {
 					payment_hash: PaymentHash([1; 32]),
 					transaction_output_index: Some($idx as u32),
 				};
-				let redeem_script = if *$weight == WEIGHT_REVOKED_OUTPUT { chan_utils::get_revokeable_redeemscript(&pubkey, 256, &pubkey) } else { chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, $opt_anchors, &pubkey, &pubkey, &pubkey) };
+				let redeem_script = if *$weight == WEIGHT_REVOKED_OUTPUT { chan_utils::get_revokeable_redeemscript(&pubkey, 256, &DelayedPaymentKey::from_basepoint(&secp_ctx, &DelayedPaymentBasepoint::from(pubkey), &pubkey)) } else { chan_utils::get_htlc_redeemscript_with_explicit_keys(&htlc, $opt_anchors, &HtlcKey::from_basepoint(&secp_ctx, &HtlcBasepoint::from(pubkey), &pubkey), &HtlcKey::from_basepoint(&secp_ctx, &HtlcBasepoint::from(pubkey), &pubkey), &pubkey) };
 				let sighash = hash_to_message!(&$sighash_parts.segwit_signature_hash($idx, &redeem_script, $amount, EcdsaSighashType::All).unwrap()[..]);
 				let sig = secp_ctx.sign_ecdsa(&sighash, &privkey);
 				let mut ser_sig = sig.serialize_der().to_vec();

diff --git a/lightning/src/chain/package.rs b/lightning/src/chain/package.rs
@@ -21,8 +21,8 @@ use bitcoin::hash_types::Txid;
 use bitcoin::secp256k1::{SecretKey,PublicKey};
 
 use crate::ln::PaymentPreimage;
-use crate::ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment};
-use crate::ln::chan_utils;
+use crate::ln::chan_utils::{self,TxCreationKeys, HTLCOutputInCommitment};
+use crate::ln::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint};
 use crate::ln::msgs::DecodeError;
 use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, MIN_RELAY_FEE_SAT_PER_1000_WEIGHT, compute_feerate_sat_per_1000_weight, FEERATE_FLOOR_SATS_PER_KW};
 use crate::sign::WriteableEcdsaChannelSigner;
@@ -114,8 +114,8 @@ const HIGH_FREQUENCY_BUMP_INTERVAL: u32 = 1;
 #[derive(Clone, PartialEq, Eq)]
 pub(crate) struct RevokedOutput {
 	per_commitment_point: PublicKey,
-	counterparty_delayed_payment_base_key: PublicKey,
-	counterparty_htlc_base_key: PublicKey,
+	counterparty_delayed_payment_base_key: DelayedPaymentBasepoint,
+	counterparty_htlc_base_key: HtlcBasepoint,
 	per_commitment_key: SecretKey,
 	weight: u64,
 	amount: u64,
@@ -124,7 +124,7 @@ pub(crate) struct RevokedOutput {
 }
 
 impl RevokedOutput {
-	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, per_commitment_key: SecretKey, amount: u64, on_counterparty_tx_csv: u16, is_counterparty_balance_on_anchors: bool) -> Self {
+	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: DelayedPaymentBasepoint, counterparty_htlc_base_key: HtlcBasepoint, per_commitment_key: SecretKey, amount: u64, on_counterparty_tx_csv: u16, is_counterparty_balance_on_anchors: bool) -> Self {
 		RevokedOutput {
 			per_commitment_point,
 			counterparty_delayed_payment_base_key,
@@ -160,16 +160,16 @@ impl_writeable_tlv_based!(RevokedOutput, {
 #[derive(Clone, PartialEq, Eq)]
 pub(crate) struct RevokedHTLCOutput {
 	per_commitment_point: PublicKey,
-	counterparty_delayed_payment_base_key: PublicKey,
-	counterparty_htlc_base_key: PublicKey,
+	counterparty_delayed_payment_base_key: DelayedPaymentBasepoint,
+	counterparty_htlc_base_key: HtlcBasepoint,
 	per_commitment_key: SecretKey,
 	weight: u64,
 	amount: u64,
 	htlc: HTLCOutputInCommitment,
 }
 
 impl RevokedHTLCOutput {
-	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, per_commitment_key: SecretKey, amount: u64, htlc: HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures) -> Self {
+	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: DelayedPaymentBasepoint, counterparty_htlc_base_key: HtlcBasepoint, per_commitment_key: SecretKey, amount: u64, htlc: HTLCOutputInCommitment, channel_type_features: &ChannelTypeFeatures) -> Self {
 		let weight = if htlc.offered { weight_revoked_offered_htlc(channel_type_features) } else { weight_revoked_received_htlc(channel_type_features) };
 		RevokedHTLCOutput {
 			per_commitment_point,
@@ -204,15 +204,15 @@ impl_writeable_tlv_based!(RevokedHTLCOutput, {
 #[derive(Clone, PartialEq, Eq)]
 pub(crate) struct CounterpartyOfferedHTLCOutput {
 	per_commitment_point: PublicKey,
-	counterparty_delayed_payment_base_key: PublicKey,
-	counterparty_htlc_base_key: PublicKey,
+	counterparty_delayed_payment_base_key: DelayedPaymentBasepoint,
+	counterparty_htlc_base_key: HtlcBasepoint,
 	preimage: PaymentPreimage,
 	htlc: HTLCOutputInCommitment,
 	channel_type_features: ChannelTypeFeatures,
 }
 
 impl CounterpartyOfferedHTLCOutput {
-	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, preimage: PaymentPreimage, htlc: HTLCOutputInCommitment, channel_type_features: ChannelTypeFeatures) -> Self {
+	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: DelayedPaymentBasepoint, counterparty_htlc_base_key: HtlcBasepoint, preimage: PaymentPreimage, htlc: HTLCOutputInCommitment, channel_type_features: ChannelTypeFeatures) -> Self {
 		CounterpartyOfferedHTLCOutput {
 			per_commitment_point,
 			counterparty_delayed_payment_base_key,
@@ -282,14 +282,14 @@ impl Readable for CounterpartyOfferedHTLCOutput {
 #[derive(Clone, PartialEq, Eq)]
 pub(crate) struct CounterpartyReceivedHTLCOutput {
 	per_commitment_point: PublicKey,
-	counterparty_delayed_payment_base_key: PublicKey,
-	counterparty_htlc_base_key: PublicKey,
+	counterparty_delayed_payment_base_key: DelayedPaymentBasepoint,
+	counterparty_htlc_base_key: HtlcBasepoint,
 	htlc: HTLCOutputInCommitment,
 	channel_type_features: ChannelTypeFeatures,
 }
 
 impl CounterpartyReceivedHTLCOutput {
-	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, htlc: HTLCOutputInCommitment, channel_type_features: ChannelTypeFeatures) -> Self {
+	pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: DelayedPaymentBasepoint, counterparty_htlc_base_key: HtlcBasepoint, htlc: HTLCOutputInCommitment, channel_type_features: ChannelTypeFeatures) -> Self {
 		CounterpartyReceivedHTLCOutput {
 			per_commitment_point,
 			counterparty_delayed_payment_base_key,
@@ -1190,6 +1190,7 @@ mod tests {
 	use crate::chain::Txid;
 	use crate::ln::chan_utils::HTLCOutputInCommitment;
 	use crate::ln::{PaymentPreimage, PaymentHash};
+	use crate::ln::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint};
 
 	use bitcoin::blockdata::constants::WITNESS_SCALE_FACTOR;
 	use bitcoin::blockdata::script::Script;
@@ -1206,7 +1207,7 @@ mod tests {
 			{
 				let dumb_scalar = SecretKey::from_slice(&hex::decode("0101010101010101010101010101010101010101010101010101010101010101").unwrap()[..]).unwrap();
 				let dumb_point = PublicKey::from_secret_key(&$secp_ctx, &dumb_scalar);
-				PackageSolvingData::RevokedOutput(RevokedOutput::build(dumb_point, dumb_point, dumb_point, dumb_scalar, 0, 0, $is_counterparty_balance_on_anchors))
+				PackageSolvingData::RevokedOutput(RevokedOutput::build(dumb_point, DelayedPaymentBasepoint::from(dumb_point), HtlcBasepoint::from(dumb_point), dumb_scalar, 0, 0, $is_counterparty_balance_on_anchors))
 			}
 		}
 	}
@@ -1218,7 +1219,7 @@ mod tests {
 				let dumb_point = PublicKey::from_secret_key(&$secp_ctx, &dumb_scalar);
 				let hash = PaymentHash([1; 32]);
 				let htlc = HTLCOutputInCommitment { offered: true, amount_msat: $amt, cltv_expiry: 0, payment_hash: hash, transaction_output_index: None };
-				PackageSolvingData::CounterpartyReceivedHTLCOutput(CounterpartyReceivedHTLCOutput::build(dumb_point, dumb_point, dumb_point, htlc, $opt_anchors))
+				PackageSolvingData::CounterpartyReceivedHTLCOutput(CounterpartyReceivedHTLCOutput::build(dumb_point, DelayedPaymentBasepoint::from(dumb_point), HtlcBasepoint::from(dumb_point), htlc, $opt_anchors))
 			}
 		}
 	}
@@ -1231,7 +1232,7 @@ mod tests {
 				let hash = PaymentHash([1; 32]);
 				let preimage = PaymentPreimage([2;32]);
 				let htlc = HTLCOutputInCommitment { offered: false, amount_msat: $amt, cltv_expiry: 1000, payment_hash: hash, transaction_output_index: None };
-				PackageSolvingData::CounterpartyOfferedHTLCOutput(CounterpartyOfferedHTLCOutput::build(dumb_point, dumb_point, dumb_point, preimage, htlc, $opt_anchors))
+				PackageSolvingData::CounterpartyOfferedHTLCOutput(CounterpartyOfferedHTLCOutput::build(dumb_point, DelayedPaymentBasepoint::from(dumb_point), HtlcBasepoint::from(dumb_point), preimage, htlc, $opt_anchors))
 			}
 		}
 	}