Policy recompose (#21)

* added payment_hashmap, commit_num and feerate_per_kw to SignCounterpartyCommitmentTx

* removed feerate from API extension, not needed for commitment only

Author: ksedgwic

channeld/channeld.c

@@ -840,10 +840,22 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
 	const u8 *msg;
 	secp256k1_ecdsa_signature *htlc_sigs;
 
+	size_t num_entries = tal_count(htlc_map);
+	struct sha256 *rhashes = tal_arrz(tmpctx, struct sha256, num_entries);
+	size_t nrhash = 0;
+	for (size_t ndx = 0; ndx < num_entries; ++ndx) {
+		if (htlc_map[ndx]) {
+			memcpy(&rhashes[nrhash], &htlc_map[ndx]->rhash, sizeof(rhashes[nrhash]));
+			++nrhash;
+		}
+	}
+	tal_resize(&rhashes, nrhash);
+
 	msg = towire_hsm_sign_remote_commitment_tx(NULL, txs[0],
 						   &peer->channel->funding_pubkey[REMOTE],
 						   &peer->remote_per_commit,
-						   peer->channel->option_static_remotekey);
+						   peer->channel->option_static_remotekey,
+						   rhashes, commit_index);
 
 	msg = hsm_req(tmpctx, take(msg));
 	if (!fromwire_hsm_sign_tx_reply(msg, commit_sig))

contrib/remote_hsmd/NOTES.md

@@ -86,4 +86,4 @@ Some popular tests:
 rust-lightning-signer
 ----------------------------------------------------------------
 
-    cargo run --bin server |& tee log3
+    cargo run --bin server -- --no-persist --test-mode |& tee log3

contrib/remote_hsmd/dump.cc

@@ -467,3 +467,16 @@ string dump_tx(const struct bitcoin_tx *tx)
 	ostrm << " }";
 	return ostrm.str();
 }
+
+string dump_rhashes(const struct sha256 *rhashes, size_t num_rhashes)
+{
+	ostringstream ostrm;
+	ostrm << "[";
+	for (size_t ii = 0; ii < num_rhashes; ii++) {
+		if (ii != 0)
+			ostrm << ",";
+		ostrm << dump_hex(&rhashes[ii], sizeof(rhashes[ii]));
+	}
+	ostrm << "]";
+	return ostrm.str();
+}

contrib/remote_hsmd/dump.hpp

@@ -36,5 +36,6 @@ std::string dump_wally_tx_outputs(const struct wally_tx_output *outputs,
 std::string dump_wally_tx(const struct wally_tx *wtx);
 std::string dump_wally_psbt(const struct wally_psbt *psbt);
 std::string dump_tx(const struct bitcoin_tx *tx);
+std::string dump_rhashes(const struct sha256 *rhashes, size_t num_rhashes);
 
 #endif /* LIGHTNING_CONTRIB_REMOTE_HSMD_DUMP_H */

contrib/remote_hsmd/hsmd.c

@@ -686,12 +686,15 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 	struct bitcoin_signature sig;
 	struct pubkey remote_per_commit;
 	bool option_static_remotekey;
+	struct sha256 *rhashes;
+	u64 commit_num;
 
 	if (!fromwire_hsm_sign_remote_commitment_tx(tmpctx, msg_in,
 						    &tx,
 						    &remote_funding_pubkey,
 						    &remote_per_commit,
-						    &option_static_remotekey))
+						    &option_static_remotekey,
+						    &rhashes, &commit_num))
 		bad_req(conn, c, msg_in);
 	tx->chainparams = c->chainparams;
 
@@ -706,6 +709,7 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 		&c->id, c->dbid,
 		&remote_per_commit,
 		option_static_remotekey,
+		rhashes, commit_num,
 		&sig);
 	if (PROXY_PERMANENT(rv))
 		status_failed(STATUS_FAIL_INTERNAL_ERROR,

contrib/remote_hsmd/proxy.cc

@@ -210,6 +210,15 @@ void marshal_single_input_tx(struct bitcoin_tx const *tx,
 	}
 }
 
+void marshal_rhashes(const struct sha256 *rhashes,
+		     RepeatedPtrField<string> *payment_hashes)
+{
+	for (size_t ii = 0; ii < tal_count(rhashes); ++ii) {
+		payment_hashes->Add(string((const char *) &rhashes[ii],
+					   sizeof(struct sha256)));
+	}
+}
+
 void unmarshal_secret(Secret const &ss, struct secret *o_sp)
 {
 	assert(ss.data().size() == sizeof(o_sp->data));
@@ -671,22 +680,26 @@ proxy_stat proxy_handle_sign_remote_commitment_tx(
 	u64 dbid,
 	const struct pubkey *remote_per_commit,
 	bool option_static_remotekey,
+	struct sha256 *rhashes, u64 commit_num,
 	struct bitcoin_signature *o_sig)
 {
 	STATUS_DEBUG(
 		"%s:%d %s { "
 		"\"self_id\":%s, \"peer_id\":%s, \"dbid\":%" PRIu64 ", "
 		"\"counterparty_funding_pubkey\":%s, "
 		"\"remote_per_commit\":%s, "
-		"\"option_static_remotekey\":%s, \"tx\":%s }",
+		"\"option_static_remotekey\":%s, \"tx\":%s, "
+		"\"rhashes\":%s, \"commit_num\":%" PRIu64 " }",
 		__FILE__, __LINE__, __FUNCTION__,
 		dump_node_id(&self_id).c_str(),
 		dump_node_id(peer_id).c_str(),
 		dbid,
 		dump_pubkey(counterparty_funding_pubkey).c_str(),
 		dump_pubkey(remote_per_commit).c_str(),
 		(option_static_remotekey ? "true" : "false"),
-		dump_tx(tx).c_str()
+		dump_tx(tx).c_str(),
+		dump_rhashes(rhashes, tal_count(rhashes)).c_str(),
+		commit_num
 		);
 
 	last_message = "";
@@ -696,6 +709,8 @@ proxy_stat proxy_handle_sign_remote_commitment_tx(
 	marshal_pubkey(remote_per_commit,
 		       req.mutable_remote_per_commit_point());
 	marshal_single_input_tx(tx, NULL, req.mutable_tx());
+	marshal_rhashes(rhashes, req.mutable_payment_hashes());
+	req.set_commit_num(commit_num);
 
 	ClientContext context;
 	SignatureReply rsp;

contrib/remote_hsmd/proxy.hpp

@@ -88,6 +88,8 @@ proxy_stat proxy_handle_sign_remote_commitment_tx(
 	u64 dbid,
 	const struct pubkey *remote_per_commit,
 	bool option_static_remotekey,
+	struct sha256 *rhashes,
+	u64 commit_num,
 	struct bitcoin_signature *o_sig);
 
 proxy_stat proxy_handle_get_per_commitment_point(

hsmd/hsm_wire.csv

@@ -169,6 +169,9 @@ msgdata,hsm_sign_remote_commitment_tx,tx,bitcoin_tx,
 msgdata,hsm_sign_remote_commitment_tx,remote_funding_key,pubkey,
 msgdata,hsm_sign_remote_commitment_tx,remote_per_commit,pubkey,
 msgdata,hsm_sign_remote_commitment_tx,option_static_remotekey,bool,
+msgdata,hsm_sign_remote_commitment_tx,num_htlc_rhash,u16,
+msgdata,hsm_sign_remote_commitment_tx,htlc_rhash,sha256,num_htlc_rhash
+msgdata,hsm_sign_remote_commitment_tx,commit_num,u64,
 
 # channeld asks HSM to sign remote HTLC tx.
 msgtype,hsm_sign_remote_htlc_tx,20

hsmd/hsmd.c

@@ -988,12 +988,15 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 	const u8 *funding_wscript;
 	struct pubkey remote_per_commit;
 	bool option_static_remotekey;
+	struct sha256 *htlc_rhash;
+	u64 commit_num;
 
 	if (!fromwire_hsm_sign_remote_commitment_tx(tmpctx, msg_in,
 						    &tx,
 						    &remote_funding_pubkey,
 						    &remote_per_commit,
-						    &option_static_remotekey))
+						    &option_static_remotekey,
+						    &htlc_rhash, &commit_num))
 		return bad_req(conn, c, msg_in);
 	tx->chainparams = c->chainparams;
 

openingd/openingd.c

@@ -751,7 +751,8 @@ static bool funder_finalize_channel_setup(struct state *state,
 						   *tx,
 						   &state->channel->funding_pubkey[REMOTE],
 						   &state->first_per_commitment_point[REMOTE],
-						   state->channel->option_static_remotekey);
+						   state->channel->option_static_remotekey,
+						   NULL, 0);
 
 	wire_sync_write(HSM_FD, take(msg));
 	msg = wire_sync_read(tmpctx, HSM_FD);
@@ -1296,7 +1297,8 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
 						   remote_commit,
 						   &state->channel->funding_pubkey[REMOTE],
 						   &state->first_per_commitment_point[REMOTE],
-						   state->channel->option_static_remotekey);
+						   state->channel->option_static_remotekey,
+						   NULL, 0);
 
 	wire_sync_write(HSM_FD, take(msg));
 	msg = wire_sync_read(tmpctx, HSM_FD);