Sign channel_announcements via a new ChannelKeys API

TheBlueMatt · TheBlueMatt · commit b1ed0ee0339d · 2019-12-12T14:36:41.000-05:00
diff --git a/lightning/src/chain/keysinterface.rs b/lightning/src/chain/keysinterface.rs
@@ -12,6 +12,7 @@ use bitcoin::util::bip143;
 use bitcoin_hashes::{Hash, HashEngine};
 use bitcoin_hashes::sha256::HashEngine as Sha256State;
 use bitcoin_hashes::sha256::Hash as Sha256;
+use bitcoin_hashes::sha256d::Hash as Sha256dHash;
 use bitcoin_hashes::hash160::Hash as Hash160;
 
 use secp256k1::key::{SecretKey, PublicKey};
@@ -20,9 +21,11 @@ use secp256k1;
 
 use util::byte_utils;
 use util::logger::Logger;
+use util::ser::Writeable;
 
 use ln::chan_utils;
 use ln::chan_utils::{TxCreationKeys, HTLCOutputInCommitment};
+use ln::msgs;
 
 use std::sync::Arc;
 use std::sync::atomic::{AtomicUsize, Ordering};
@@ -140,6 +143,14 @@ pub trait ChannelKeys : Send {
 	/// TODO: Add more input vars to enable better checking (preferably removing commitment_tx and
 	/// making the callee generate it via some util function we expose)!
 	fn sign_remote_commitment<T: secp256k1::Signing>(&self, channel_value_satoshis: u64, channel_funding_script: &Script, feerate_per_kw: u64, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], to_self_delay: u16, secp_ctx: &Secp256k1<T>) -> Result<(Signature, Vec<Signature>), ()>;
+
+	/// Signs a channel announcement message with our funding key, proving it comes from one
+	/// of the channel participants.
+	///
+	/// Note that if this fails or is rejected, the channel will not be publicly announced and
+	/// our counterparty may (though likely will not) close the channel on us for violating the
+	/// protocol.
+	fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()>;
 }
 
 #[derive(Clone)]
@@ -167,7 +178,6 @@ impl ChannelKeys for InMemoryChannelKeys {
 	fn htlc_base_key(&self) -> &SecretKey { &self.htlc_base_key }
 	fn commitment_seed(&self) -> &[u8; 32] { &self.commitment_seed }
 
-
 	fn sign_remote_commitment<T: secp256k1::Signing>(&self, channel_value_satoshis: u64, channel_funding_script: &Script, feerate_per_kw: u64, commitment_tx: &Transaction, keys: &TxCreationKeys, htlcs: &[&HTLCOutputInCommitment], to_self_delay: u16, secp_ctx: &Secp256k1<T>) -> Result<(Signature, Vec<Signature>), ()> {
 		if commitment_tx.input.len() != 1 { return Err(()); }
 		let commitment_sighash = hash_to_message!(&bip143::SighashComponents::new(&commitment_tx).sighash_all(&commitment_tx.input[0], &channel_funding_script, channel_value_satoshis)[..]);
@@ -191,6 +201,11 @@ impl ChannelKeys for InMemoryChannelKeys {
 
 		Ok((commitment_sig, htlc_sigs))
 	}
+
+	fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+		let msghash = hash_to_message!(&Sha256dHash::hash(&msg.encode()[..])[..]);
+		Ok(secp_ctx.sign(&msghash, &self.funding_key))
+	}
 }
 
 impl_writeable!(InMemoryChannelKeys, 0, {
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -3310,8 +3310,8 @@ impl<ChanSigner: ChannelKeys> Channel<ChanSigner> {
 			excess_data: Vec::new(),
 		};
 
-		let msghash = hash_to_message!(&Sha256dHash::hash(&msg.encode()[..])[..]);
-		let sig = self.secp_ctx.sign(&msghash, self.local_keys.funding_key());
+		let sig = self.local_keys.sign_channel_announcement(&msg, &self.secp_ctx)
+			.map_err(|_| ChannelError::Ignore("Signer rejected channel_announcement"))?;
 
 		Ok((msg, sig))
 	}
diff --git a/lightning/src/util/enforcing_trait_impls.rs b/lightning/src/util/enforcing_trait_impls.rs
@@ -1,4 +1,5 @@
 use ln::chan_utils::{HTLCOutputInCommitment, TxCreationKeys};
+use ln::msgs;
 use chain::keysinterface::{ChannelKeys, InMemoryChannelKeys};
 
 use std::cmp;
@@ -50,6 +51,10 @@ impl ChannelKeys for EnforcingChannelKeys {
 
 		Ok(self.inner.sign_remote_commitment(channel_value_satoshis, channel_funding_script, feerate_per_kw, commitment_tx, keys, htlcs, to_self_delay, secp_ctx).unwrap())
 	}
+
+	fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {
+		self.inner.sign_channel_announcement(msg, secp_ctx)
+	}
 }
 
 impl_writeable!(EnforcingChannelKeys, 0, {

Original file line number	Diff line number	Diff line change
`@@ -3310,8 +3310,8 @@ impl<ChanSigner: ChannelKeys> Channel<ChanSigner> {`
`3310`	`3310`	`excess_data: Vec::new(),`
`3311`	`3311`	`};`
`3312`	`3312`
`3313`		`- let msghash = hash_to_message!(&Sha256dHash::hash(&msg.encode()[..])[..]);`
`3314`		`- let sig = self.secp_ctx.sign(&msghash, self.local_keys.funding_key());`
	`3313`	`+ let sig = self.local_keys.sign_channel_announcement(&msg, &self.secp_ctx)`
	`3314`	`+ .map_err(\|_\| ChannelError::Ignore("Signer rejected channel_announcement"))?;`
`3315`	`3315`
`3316`	`3316`	`Ok((msg, sig))`
`3317`	`3317`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`use ln::chan_utils::{HTLCOutputInCommitment, TxCreationKeys};`
	`2`	`+use ln::msgs;`
`2`	`3`	`use chain::keysinterface::{ChannelKeys, InMemoryChannelKeys};`
`3`	`4`
`4`	`5`	`use std::cmp;`
`@@ -50,6 +51,10 @@ impl ChannelKeys for EnforcingChannelKeys {`
`50`	`51`
`51`	`52`	`Ok(self.inner.sign_remote_commitment(channel_value_satoshis, channel_funding_script, feerate_per_kw, commitment_tx, keys, htlcs, to_self_delay, secp_ctx).unwrap())`
`52`	`53`	`}`
	`54`	`+`
	`55`	`+ fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()> {`
	`56`	`+ self.inner.sign_channel_announcement(msg, secp_ctx)`
	`57`	`+ }`
`53`	`58`	`}`
`54`	`59`
`55`	`60`	`impl_writeable!(EnforcingChannelKeys, 0, {`