discovery: modify message validation to match BOLT-0007

This commit implements the simplification within the latest version of
BOLT-0007. With this change, we simply sign the message hash directly
with the bitcoin keys, rather than signing the node keys themselves.
This commit is contained in:
Olaoluwa Osuntokun 2017-08-21 23:15:16 -07:00
parent 5fa345310b
commit 240f34ccf6
No known key found for this signature in database
GPG Key ID: 9CC5B105D03521A2

@ -11,29 +11,29 @@ import (
// that node signatures covers the announcement message, and that the bitcoin // that node signatures covers the announcement message, and that the bitcoin
// signatures covers the node keys. // signatures covers the node keys.
func (d *AuthenticatedGossiper) validateChannelAnn(a *lnwire.ChannelAnnouncement) error { func (d *AuthenticatedGossiper) validateChannelAnn(a *lnwire.ChannelAnnouncement) error {
// First we'll verify that the passed bitcoin key signature is indeed a // First, we'll compute the digest (h) which is to be signed by each of
// signature over the digest of the node signature. // the keys included within the node announcement message. This hash
sigHash := chainhash.DoubleHashB(a.NodeID1.SerializeCompressed()) // digest includes all the keys, so the (up to 4 signatures) will
if !a.BitcoinSig1.Verify(sigHash, copyPubKey(a.BitcoinKey1)) { // attest to the validity of each of the keys.
return errors.New("can't verify first bitcoin signature")
}
// If that checks out, then we'll verify that the second bitcoin
// signature is a valid signature of the bitcoin public key over the
// second node signature.
sigHash = chainhash.DoubleHashB(a.NodeID2.SerializeCompressed())
if !a.BitcoinSig2.Verify(sigHash, copyPubKey(a.BitcoinKey2)) {
return errors.New("can't verify second bitcoin signature")
}
// With the first two bitcoin signatures verified, we'll reconstruct
// the original digest of the channel announcement message.
data, err := a.DataToSign() data, err := a.DataToSign()
if err != nil { if err != nil {
return err return err
} }
dataHash := chainhash.DoubleHashB(data) dataHash := chainhash.DoubleHashB(data)
// First we'll verify that the passed bitcoin key signature is indeed a
// signature over the computed hash digest.
if !a.BitcoinSig1.Verify(dataHash, copyPubKey(a.BitcoinKey1)) {
return errors.New("can't verify first bitcoin signature")
}
// If that checks out, then we'll verify that the second bitcoin
// signature is a valid signature of the bitcoin public key over hash
// digest as well.
if !a.BitcoinSig2.Verify(dataHash, copyPubKey(a.BitcoinKey2)) {
return errors.New("can't verify second bitcoin signature")
}
// Both node signatures attached should indeed be a valid signature // Both node signatures attached should indeed be a valid signature
// over the selected digest of the channel announcement signature. // over the selected digest of the channel announcement signature.
if !a.NodeSig1.Verify(dataHash, copyPubKey(a.NodeID1)) { if !a.NodeSig1.Verify(dataHash, copyPubKey(a.NodeID1)) {