adds payment_hashes and commit_num to sign_holder_commitment_tx (#26)

Author: ksedgwic

contrib/remote_hsmd/hsmd.c

@@ -752,11 +752,14 @@ static struct io_plan *handle_sign_commitment_tx(struct io_conn *conn,
 	u64 dbid;
 	struct bitcoin_tx *tx;
 	struct bitcoin_signature sig;
+	struct sha256 *rhashes;
+	u64 commit_num;
 
 	if (!fromwire_hsmd_sign_commitment_tx(tmpctx, msg_in,
 					     &peer_id, &dbid,
 					     &tx,
-					     &remote_funding_pubkey))
+					     &remote_funding_pubkey,
+					     &rhashes, &commit_num))
 		return bad_req(conn, c, msg_in);
 
 	tx->chainparams = c->chainparams;
@@ -768,7 +771,8 @@ static struct io_plan *handle_sign_commitment_tx(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in, "tx must have > 0 outputs");
 
 	proxy_stat rv = proxy_handle_sign_commitment_tx(
-		tx, &remote_funding_pubkey, &peer_id, dbid, &sig);
+		tx, &remote_funding_pubkey, &peer_id, dbid,
+		rhashes, commit_num, &sig);
 	if (PROXY_PERMANENT(rv))
 		status_failed(STATUS_FAIL_INTERNAL_ERROR,
 		              "proxy_%s failed: %s", __FUNCTION__,
@@ -821,7 +825,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 		tx, &remote_funding_pubkey,
 		&c->id, c->dbid,
 		&remote_per_commit,
-		option_static_remotekey,
 		rhashes, commit_num,
 		&sig);
 	if (PROXY_PERMANENT(rv))

contrib/remote_hsmd/proxy.cc

@@ -691,24 +691,21 @@ proxy_stat proxy_handle_sign_remote_commitment_tx(
 	struct node_id *peer_id,
 	u64 dbid,
 	const struct pubkey *remote_per_commit,
-	bool option_static_remotekey,
 	struct sha256 *rhashes, u64 commit_num,
 	struct bitcoin_signature *o_sig)
 {
 	STATUS_DEBUG(
 		"%s:%d %s { "
 		"\"self_id\":%s, \"peer_id\":%s, \"dbid\":%" PRIu64 ", "
 		"\"counterparty_funding_pubkey\":%s, "
-		"\"remote_per_commit\":%s, "
-		"\"option_static_remotekey\":%s, \"tx\":%s, "
+		"\"remote_per_commit\":%s, \"tx\":%s, "
 		"\"rhashes\":%s, \"commit_num\":%" PRIu64 " }",
 		__FILE__, __LINE__, __FUNCTION__,
 		dump_node_id(&self_id).c_str(),
 		dump_node_id(peer_id).c_str(),
 		dbid,
 		dump_pubkey(counterparty_funding_pubkey).c_str(),
 		dump_pubkey(remote_per_commit).c_str(),
-		(option_static_remotekey ? "true" : "false"),
 		dump_tx(tx).c_str(),
 		dump_rhashes(rhashes, tal_count(rhashes)).c_str(),
 		commit_num
@@ -1020,25 +1017,31 @@ proxy_stat proxy_handle_sign_commitment_tx(
 	const struct pubkey *counterparty_funding_pubkey,
 	struct node_id *peer_id,
 	u64 dbid,
+	struct sha256 *rhashes, u64 commit_num,
 	struct bitcoin_signature *o_sig)
 {
 	STATUS_DEBUG(
 		"%s:%d %s { "
 		"\"self_id\":%s, \"peer_id\":%s, \"dbid\":%" PRIu64 ", "
-		"\"counterparty_funding_pubkey\":%s, \"tx\":%s }",
+		"\"counterparty_funding_pubkey\":%s, \"tx\":%s, "
+		"\"rhashes\":%s, \"commit_num\":%" PRIu64 " }",
 		__FILE__, __LINE__, __FUNCTION__,
 		dump_node_id(&self_id).c_str(),
 		dump_node_id(peer_id).c_str(),
 		dbid,
 		dump_pubkey(counterparty_funding_pubkey).c_str(),
-		dump_tx(tx).c_str()
+		dump_tx(tx).c_str(),
+		dump_rhashes(rhashes, tal_count(rhashes)).c_str(),
+		commit_num
 		);
 
 	last_message = "";
 	SignHolderCommitmentTxRequest req;
 	marshal_node_id(&self_id, req.mutable_node_id());
 	marshal_channel_nonce(peer_id, dbid, req.mutable_channel_nonce());
 	marshal_single_input_tx(tx, NULL, req.mutable_tx());
+	marshal_rhashes(rhashes, req.mutable_payment_hashes());
+	req.set_commit_num(commit_num);
 
 	ClientContext context;
 	SignatureReply rsp;

contrib/remote_hsmd/proxy.hpp

@@ -91,7 +91,6 @@ proxy_stat proxy_handle_sign_remote_commitment_tx(
 	struct node_id *peer_id,
 	u64 dbid,
 	const struct pubkey *remote_per_commit,
-	bool option_static_remotekey,
 	struct sha256 *rhashes,
 	u64 commit_num,
 	struct bitcoin_signature *o_sig);
@@ -130,6 +129,8 @@ proxy_stat proxy_handle_sign_commitment_tx(
 	const struct pubkey *remote_funding_pubkey,
 	struct node_id *peer_id,
 	u64 dbid,
+	struct sha256 *rhashes,
+	u64 commit_num,
 	struct bitcoin_signature *o_sig);
 
 proxy_stat proxy_handle_cannouncement_sig(

hsmd/hsmd.c

@@ -984,13 +984,16 @@ static struct io_plan *handle_sign_commitment_tx(struct io_conn *conn,
 	struct secret channel_seed;
 	struct bitcoin_tx *tx;
 	struct bitcoin_signature sig;
+	struct sha256 *rhashes;
+	u64 commit_num;
 	struct secrets secrets;
 	const u8 *funding_wscript;
 
 	if (!fromwire_hsmd_sign_commitment_tx(tmpctx, msg_in,
 					     &peer_id, &dbid,
 					     &tx,
-					     &remote_funding_pubkey))
+					     &remote_funding_pubkey,
+					     &rhashes, &commit_num))
 		return bad_req(conn, c, msg_in);
 
 	tx->chainparams = c->chainparams;

hsmd/hsmd_wire.csv

@@ -133,6 +133,9 @@ msgdata,hsmd_sign_commitment_tx,peer_id,node_id,
 msgdata,hsmd_sign_commitment_tx,channel_dbid,u64,
 msgdata,hsmd_sign_commitment_tx,tx,bitcoin_tx,
 msgdata,hsmd_sign_commitment_tx,remote_funding_key,pubkey,
+msgdata,hsmd_sign_commitment_tx,num_htlc_rhash,u16,
+msgdata,hsmd_sign_commitment_tx,htlc_rhash,sha256,num_htlc_rhash
+msgdata,hsmd_sign_commitment_tx,commit_num,u64,
 
 msgtype,hsmd_sign_commitment_tx_reply,105
 msgdata,hsmd_sign_commitment_tx_reply,sig,bitcoin_signature,

hsmd/hsmd_wiregen.c

@@ -186,13 +186,56 @@ static void sign_last_tx(struct channel *channel)
 	struct bitcoin_signature sig;
 	u8 *msg, **witness;
 
+	struct htlc_in_map *htlcs_in = &channel->peer->ld->htlcs_in;
+	struct htlc_out_map *htlcs_out = &channel->peer->ld->htlcs_out;
+
+	// Count how many payment hashes we will be sending.
+	size_t num_entries = 0;
+	struct htlc_in_map_iter ini;
+	struct htlc_in *hin;
+	for (hin = htlc_in_map_first(htlcs_in, &ini);
+	     hin;
+	     hin = htlc_in_map_next(htlcs_in, &ini))
+		if (hin->key.channel == channel)
+			++num_entries;
+	struct htlc_out_map_iter outi;
+	struct htlc_out *hout;
+	for (hout = htlc_out_map_first(htlcs_out, &outi);
+	     hout;
+	     hout = htlc_out_map_next(htlcs_out, &outi))
+		if (hout->key.channel == channel)
+			++num_entries;
+
+	// Gather the payment hashes.
+	struct sha256 *rhashes = tal_arrz(tmpctx, struct sha256, num_entries);
+	size_t nrhash = 0;
+	for (hin = htlc_in_map_first(htlcs_in, &ini);
+	     hin;
+	     hin = htlc_in_map_next(htlcs_in, &ini)) {
+		if (hin->key.channel != channel)
+			continue;
+		memcpy(&rhashes[nrhash], &hin->payment_hash, sizeof(rhashes[nrhash]));
+		++nrhash;
+	}
+	for (hout = htlc_out_map_first(htlcs_out, &outi);
+	     hout;
+	     hout = htlc_out_map_next(htlcs_out, &outi)) {
+		if (hout->key.channel != channel)
+			continue;
+		memcpy(&rhashes[nrhash], &hout->payment_hash, sizeof(rhashes[nrhash]));
+		++nrhash;
+	}
+	assert(nrhash == num_entries);
+
+	u64 commit_index = channel->next_index[LOCAL] - 1;
+
 	assert(!channel->last_tx->wtx->inputs[0].witness);
 	msg = towire_hsmd_sign_commitment_tx(tmpctx,
 					    &channel->peer->id,
 					    channel->dbid,
 					    channel->last_tx,
-					    &channel->channel_info
-					    .remote_fundingkey);
+					    &channel->channel_info.remote_fundingkey,
+					    rhashes, commit_index);
 
 	if (!wire_sync_write(ld->hsm_fd, take(msg)))
 		fatal("Could not write to HSM: %s", strerror(errno));

hsmd/hsmd_wiregen.h

@@ -638,7 +638,7 @@ u8 *towire_gossipd_get_incoming_channels(const tal_t *ctx UNNEEDED)
 u8 *towire_hsmd_sign_bolt12(const tal_t *ctx UNNEEDED, const wirestring *messagename UNNEEDED, const wirestring *fieldname UNNEEDED, const struct sha256 *merkleroot UNNEEDED, const u8 *publictweak UNNEEDED)
 { fprintf(stderr, "towire_hsmd_sign_bolt12 called!\n"); abort(); }
 /* Generated stub for towire_hsmd_sign_commitment_tx */
-u8 *towire_hsmd_sign_commitment_tx(const tal_t *ctx UNNEEDED, const struct node_id *peer_id UNNEEDED, u64 channel_dbid UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const struct pubkey *remote_funding_key UNNEEDED)
+u8 *towire_hsmd_sign_commitment_tx(const tal_t *ctx UNNEEDED, const struct node_id *peer_id UNNEEDED, u64 channel_dbid UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const struct pubkey *remote_funding_key UNNEEDED, const struct sha256 *htlc_rhash UNNEEDED, u64 commit_num UNNEEDED)
 { fprintf(stderr, "towire_hsmd_sign_commitment_tx called!\n"); abort(); }
 /* Generated stub for towire_hsmd_sign_invoice */
 u8 *towire_hsmd_sign_invoice(const tal_t *ctx UNNEEDED, const u8 *u5bytes UNNEEDED, const u8 *hrp UNNEEDED)

lightningd/peer_control.c

@@ -789,7 +789,7 @@ u8 *towire_gossipd_get_stripped_cupdate(const tal_t *ctx UNNEEDED, const struct
 u8 *towire_hsmd_get_output_scriptpubkey(const tal_t *ctx UNNEEDED, u64 channel_id UNNEEDED, const struct node_id *peer_id UNNEEDED, const struct pubkey *commitment_point UNNEEDED)
 { fprintf(stderr, "towire_hsmd_get_output_scriptpubkey called!\n"); abort(); }
 /* Generated stub for towire_hsmd_sign_commitment_tx */
-u8 *towire_hsmd_sign_commitment_tx(const tal_t *ctx UNNEEDED, const struct node_id *peer_id UNNEEDED, u64 channel_dbid UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const struct pubkey *remote_funding_key UNNEEDED)
+u8 *towire_hsmd_sign_commitment_tx(const tal_t *ctx UNNEEDED, const struct node_id *peer_id UNNEEDED, u64 channel_dbid UNNEEDED, const struct bitcoin_tx *tx UNNEEDED, const struct pubkey *remote_funding_key UNNEEDED, const struct sha256 *htlc_rhash UNNEEDED, u64 commit_num UNNEEDED)
 { fprintf(stderr, "towire_hsmd_sign_commitment_tx called!\n"); abort(); }
 /* Generated stub for towire_incorrect_cltv_expiry */
 u8 *towire_incorrect_cltv_expiry(const tal_t *ctx UNNEEDED, u32 cltv_expiry UNNEEDED, const u8 *channel_update UNNEEDED)