@@ -1321,6 +1321,7 @@ static struct bitcoin_signature *calc_commitsigs(const tal_t *ctx,
13211321 struct bitcoin_tx * * txs ,
13221322 const u8 * funding_wscript ,
13231323 const struct htlc * * htlc_map ,
1324+ const struct pubkey * remote_per_commit ,
13241325 u64 commit_index ,
13251326 struct bitcoin_signature * commit_sig )
13261327{
@@ -1333,7 +1334,7 @@ static struct bitcoin_signature *calc_commitsigs(const tal_t *ctx,
13331334 htlcs = collect_htlcs (tmpctx , htlc_map );
13341335 msg = towire_hsmd_sign_remote_commitment_tx (NULL , txs [0 ],
13351336 & peer -> channel -> funding_pubkey [REMOTE ],
1336- & peer -> remote_per_commit ,
1337+ remote_per_commit ,
13371338 channel_has (peer -> channel ,
13381339 OPT_STATIC_REMOTEKEY ),
13391340 commit_index ,
@@ -1357,7 +1358,7 @@ static struct bitcoin_signature *calc_commitsigs(const tal_t *ctx,
13571358 dump_htlcs (peer -> channel , "Sending commit_sig" );
13581359
13591360 if (!derive_simple_key (& peer -> channel -> basepoints [LOCAL ].htlc ,
1360- & peer -> remote_per_commit ,
1361+ remote_per_commit ,
13611362 & local_htlckey ))
13621363 status_failed (STATUS_FAIL_INTERNAL_ERROR ,
13631364 "Deriving local_htlckey" );
@@ -1377,7 +1378,7 @@ static struct bitcoin_signature *calc_commitsigs(const tal_t *ctx,
13771378 wscript = bitcoin_tx_output_get_witscript (tmpctx , txs [0 ],
13781379 txs [i + 1 ]-> wtx -> inputs [0 ].index );
13791380 msg = towire_hsmd_sign_remote_htlc_tx (NULL , txs [i + 1 ], wscript ,
1380- & peer -> remote_per_commit ,
1381+ remote_per_commit ,
13811382 channel_has_anchors (peer -> channel ));
13821383
13831384 msg = hsm_req (tmpctx , take (msg ));
@@ -1530,6 +1531,32 @@ static u8 *send_commit_part(const tal_t *ctx,
15301531 int local_anchor_outnum ;
15311532 struct tlv_commitment_signed_tlvs * cs_tlv
15321533 = tlv_commitment_signed_tlvs_new (tmpctx );
1534+ const struct pubkey * remote_per_commit = NULL ;
1535+
1536+ status_debug ("send_commit_part: "
1537+ "remote_index=%" PRIu64 " "
1538+ "remote_next_index=%" PRIu64 " "
1539+ "old_remote_per_commit=%s "
1540+ "remote_per_commit=%s" ,
1541+ remote_index ,
1542+ peer -> next_index [REMOTE ],
1543+ type_to_string (tmpctx , struct pubkey , & peer -> old_remote_per_commit ),
1544+ type_to_string (tmpctx , struct pubkey , & peer -> remote_per_commit ));
1545+
1546+ /* We need to be able to sign at the current commitment number for retries
1547+ * and splice candidates or the next commitment number for state advances
1548+ */
1549+ if (remote_index == peer -> next_index [REMOTE ] - 1 )
1550+ remote_per_commit = & peer -> old_remote_per_commit ;
1551+ else if (remote_index == peer -> next_index [REMOTE ])
1552+ remote_per_commit = & peer -> remote_per_commit ;
1553+ else {
1554+ status_broken ("send_commit_part called with remote_index=%" PRIu64 " "
1555+ "when peer->next_index[REMOTE]=%" PRIu64 "" ,
1556+ remote_index ,
1557+ peer -> next_index [REMOTE ]);
1558+ abort ();
1559+ }
15331560
15341561 /* In theory, peer will ignore TLV 1 as unknown, but while
15351562 * spec is in flux this is dangerous, as it may change: so don't
@@ -1546,12 +1573,12 @@ static u8 *send_commit_part(const tal_t *ctx,
15461573
15471574 txs = channel_txs (tmpctx , funding , funding_sats , & htlc_map ,
15481575 direct_outputs , & funding_wscript ,
1549- peer -> channel , & peer -> remote_per_commit ,
1576+ peer -> channel , remote_per_commit ,
15501577 remote_index , REMOTE ,
15511578 splice_amnt , remote_splice_amnt , & local_anchor_outnum );
15521579 htlc_sigs =
15531580 calc_commitsigs (tmpctx , peer , txs , funding_wscript , htlc_map ,
1554- remote_index , & commit_sig );
1581+ remote_per_commit , remote_index , & commit_sig );
15551582
15561583 if (direct_outputs [LOCAL ] != NULL ) {
15571584 pbase = penalty_base_new (tmpctx , remote_index ,
0 commit comments