lnwallet: properly derive key tweaks in newHtlcResolution

This commit fixes an existing bug where we attempted to re-use the same
commitTweak value when creating an HTLC resolution. Instead, we now
create the commit tweak value factoring the key that is to be used for
signing.
This commit is contained in:
Olaoluwa Osuntokun 2017-09-29 20:23:07 -07:00
parent 53181f3ec3
commit 30d5b90626
No known key found for this signature in database
GPG Key ID: 964EA263DD637C21

@ -3412,7 +3412,7 @@ type OutgoingHtlcResolution struct {
// caller to sweep an outgoing HTLC present on either their, or the remote // caller to sweep an outgoing HTLC present on either their, or the remote
// party's commitment transaction. // party's commitment transaction.
func newHtlcResolution(signer Signer, localChanCfg *channeldb.ChannelConfig, func newHtlcResolution(signer Signer, localChanCfg *channeldb.ChannelConfig,
commitHash chainhash.Hash, htlc *channeldb.HTLC, commitTweak []byte, commitHash chainhash.Hash, htlc *channeldb.HTLC, commitPoint,
delayKey, localKey, remoteKey *btcec.PublicKey, revokeKey *btcec.PublicKey, delayKey, localKey, remoteKey *btcec.PublicKey, revokeKey *btcec.PublicKey,
feePewKw, dustLimit btcutil.Amount, csvDelay uint32) (*OutgoingHtlcResolution, error) { feePewKw, dustLimit btcutil.Amount, csvDelay uint32) (*OutgoingHtlcResolution, error) {
@ -3445,9 +3445,11 @@ func newHtlcResolution(signer Signer, localChanCfg *channeldb.ChannelConfig,
if err != nil { if err != nil {
return nil, err return nil, err
} }
timeoutTweak := SingleTweakBytes(commitPoint,
localChanCfg.PaymentBasePoint)
timeoutSignDesc := SignDescriptor{ timeoutSignDesc := SignDescriptor{
PubKey: localChanCfg.PaymentBasePoint, PubKey: localChanCfg.PaymentBasePoint,
SingleTweak: commitTweak, SingleTweak: timeoutTweak,
WitnessScript: htlcCreationScript, WitnessScript: htlcCreationScript,
Output: &wire.TxOut{ Output: &wire.TxOut{
Value: int64(htlc.Amt.ToSatoshis()), Value: int64(htlc.Amt.ToSatoshis()),
@ -3480,12 +3482,14 @@ func newHtlcResolution(signer Signer, localChanCfg *channeldb.ChannelConfig,
return nil, err return nil, err
} }
delayTweak := SingleTweakBytes(commitPoint,
localChanCfg.DelayBasePoint)
return &OutgoingHtlcResolution{ return &OutgoingHtlcResolution{
Expiry: htlc.RefundTimeout, Expiry: htlc.RefundTimeout,
SignedTimeoutTx: timeoutTx, SignedTimeoutTx: timeoutTx,
SweepSignDesc: SignDescriptor{ SweepSignDesc: SignDescriptor{
PubKey: localChanCfg.DelayBasePoint, PubKey: localChanCfg.DelayBasePoint,
SingleTweak: commitTweak, SingleTweak: delayTweak,
WitnessScript: htlcSweepScript, WitnessScript: htlcSweepScript,
Output: &wire.TxOut{ Output: &wire.TxOut{
PkScript: htlcScriptHash, PkScript: htlcScriptHash,
@ -3508,8 +3512,6 @@ func extractHtlcResolutions(feePerKw btcutil.Amount, ourCommit bool,
// As uusal, we start by re-generating the key-ring required to // As uusal, we start by re-generating the key-ring required to
// reconstruct the pkScripts used, and sign any transactions or inputs // reconstruct the pkScripts used, and sign any transactions or inputs
// required to sweep all funds. // required to sweep all funds.
commitTweak := SingleTweakBytes(commitPoint,
localChanCfg.PaymentBasePoint)
localKey := TweakPubKey(localChanCfg.PaymentBasePoint, commitPoint) localKey := TweakPubKey(localChanCfg.PaymentBasePoint, commitPoint)
delayKey := TweakPubKey(localChanCfg.DelayBasePoint, commitPoint) delayKey := TweakPubKey(localChanCfg.DelayBasePoint, commitPoint)
remoteKey := TweakPubKey(remoteChanCfg.PaymentBasePoint, commitPoint) remoteKey := TweakPubKey(remoteChanCfg.PaymentBasePoint, commitPoint)
@ -3539,7 +3541,7 @@ func extractHtlcResolutions(feePerKw btcutil.Amount, ourCommit bool,
} }
ohr, err := newHtlcResolution( ohr, err := newHtlcResolution(
signer, localChanCfg, commitHash, htlc, commitTweak, signer, localChanCfg, commitHash, htlc, commitPoint,
delayKey, localKey, remoteKey, revokeKey, feePerKw, delayKey, localKey, remoteKey, revokeKey, feePerKw,
dustLimit, uint32(csvDelay), dustLimit, uint32(csvDelay),
) )