discovery: modify message validation to match BOLT-0007
This commit implements the simplification within the latest version of BOLT-0007. With this change, we simply sign the message hash directly with the bitcoin keys, rather than signing the node keys themselves.
This commit is contained in:
Olaoluwa Osuntokun
parent
5fa345310b
commit
240f34ccf6
@ -11,29 +11,29 @@ import (
|
|||||||
// that node signatures covers the announcement message, and that the bitcoin
|
// that node signatures covers the announcement message, and that the bitcoin
|
||||||
// signatures covers the node keys.
|
// signatures covers the node keys.
|
||||||
func (d *AuthenticatedGossiper) validateChannelAnn(a *lnwire.ChannelAnnouncement) error {
|
func (d *AuthenticatedGossiper) validateChannelAnn(a *lnwire.ChannelAnnouncement) error {
|
||||||
// First we'll verify that the passed bitcoin key signature is indeed a
|
// First, we'll compute the digest (h) which is to be signed by each of
|
||||||
// signature over the digest of the node signature.
|
// the keys included within the node announcement message. This hash
|
||||||
sigHash := chainhash.DoubleHashB(a.NodeID1.SerializeCompressed())
|
// digest includes all the keys, so the (up to 4 signatures) will
|
||||||
if !a.BitcoinSig1.Verify(sigHash, copyPubKey(a.BitcoinKey1)) {
|
// attest to the validity of each of the keys.
|
||||||
return errors.New("can't verify first bitcoin signature")
|
|
||||||
}
|
|
||||||
|
|
||||||
// If that checks out, then we'll verify that the second bitcoin
|
|
||||||
// signature is a valid signature of the bitcoin public key over the
|
|
||||||
// second node signature.
|
|
||||||
sigHash = chainhash.DoubleHashB(a.NodeID2.SerializeCompressed())
|
|
||||||
if !a.BitcoinSig2.Verify(sigHash, copyPubKey(a.BitcoinKey2)) {
|
|
||||||
return errors.New("can't verify second bitcoin signature")
|
|
||||||
}
|
|
||||||
|
|
||||||
// With the first two bitcoin signatures verified, we'll reconstruct
|
|
||||||
// the original digest of the channel announcement message.
|
|
||||||
data, err := a.DataToSign()
|
data, err := a.DataToSign()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
dataHash := chainhash.DoubleHashB(data)
|
dataHash := chainhash.DoubleHashB(data)
|
||||||
|
|
||||||
|
// First we'll verify that the passed bitcoin key signature is indeed a
|
||||||
|
// signature over the computed hash digest.
|
||||||
|
if !a.BitcoinSig1.Verify(dataHash, copyPubKey(a.BitcoinKey1)) {
|
||||||
|
return errors.New("can't verify first bitcoin signature")
|
||||||
|
}
|
||||||
|
|
||||||
|
// If that checks out, then we'll verify that the second bitcoin
|
||||||
|
// signature is a valid signature of the bitcoin public key over hash
|
||||||
|
// digest as well.
|
||||||
|
if !a.BitcoinSig2.Verify(dataHash, copyPubKey(a.BitcoinKey2)) {
|
||||||
|
return errors.New("can't verify second bitcoin signature")
|
||||||
|
}
|
||||||
|
|
||||||
// Both node signatures attached should indeed be a valid signature
|
// Both node signatures attached should indeed be a valid signature
|
||||||
// over the selected digest of the channel announcement signature.
|
// over the selected digest of the channel announcement signature.
|
||||||
if !a.NodeSig1.Verify(dataHash, copyPubKey(a.NodeID1)) {
|
if !a.NodeSig1.Verify(dataHash, copyPubKey(a.NodeID1)) {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user