lnwallet: properly use the lsat 6-bytes of the sha hash for state hints

This commit fixes an existing w.r.t the way that we constructed all
commitment transactions. We were computing the hash that the obfsucator
was derived form correctly, but we were using the first 6-bytes, rather
than the last 6 bytes.
This commit is contained in:
Olaoluwa Osuntokun 2017-09-12 17:38:26 +02:00
parent 25766fc9ca
commit 5bb3efba4c
No known key found for this signature in database
GPG Key ID: 964EA263DD637C21

@ -1347,7 +1347,7 @@ func (l *LightningWallet) deriveMasterRevocationRoot() (*btcec.PrivateKey, error
// state hints from the root to be used for a new channel. The obsfucsator is
// generated via the following computation:
//
// * sha256(initiatorKey || responderKey)[:6]
// * sha256(initiatorKey || responderKey)[26:]
// * where both keys are the multi-sig keys of the respective parties
//
// The first 6 bytes of the resulting hash are used as the state hint.
@ -1359,7 +1359,7 @@ func deriveStateHintObfuscator(key1, key2 *btcec.PublicKey) [StateHintSize]byte
sha := h.Sum(nil)
var obfuscator [StateHintSize]byte
copy(obfuscator[:], sha[:])
copy(obfuscator[:], sha[26:])
return obfuscator
}