funding: modify fundingManager config to use SignMessage for ann's

This commit modifies the fundingManager config to use the a SignMesage
function rather than two distinct functions for singing one half the
channel announcement proofs. This change unifies the signing of
messages under a single abstraction: the MessageSigner interface.
This commit is contained in:
Olaoluwa Osuntokun 2017-04-14 11:17:41 -07:00
parent 9205d3c0a7
commit eb37dba3f6
No known key found for this signature in database
GPG Key ID: 9CC5B105D03521A2
3 changed files with 36 additions and 33 deletions

@ -140,18 +140,11 @@ type fundingConfig struct {
// so that the channel creation process can be completed.
Notifier chainntnfs.ChainNotifier
// SignNodeKey is used to generate a signature of a given node identity
// public key signed under the passed node funding key. This function
// closure is used to generate one half the channel proof which attests
// the target nodeKey is indeed in control of the channel funding key
// in question.
SignNodeKey func(nodeKey, fundingKey *btcec.PublicKey) (*btcec.Signature, error)
// SignAnnouncement is used to generate the signatures for channel
// update, and node announcements, and also to generate the proof for
// the channel announcements. The key used to generate this signature
// is the identity public key of the running daemon.
SignAnnouncement func(msg lnwire.Message) (*btcec.Signature, error)
// SignMessage signs an arbitrary method with a given public key. The
// actual digest signed is the double sha-256 of the message. In the
// case that the private key corresponding to the passed public key
// cannot be located, then an error is returned.
SignMessage func(pubKey *btcec.PublicKey, msg []byte) (*btcec.Signature, error)
// SendAnnouncement is used by the FundingManager to announce newly
// created channels to the rest of the Lightning Network.
@ -1064,7 +1057,7 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
chanFlags = 1
}
// TODO(roasbeef): add real sig, populate proper FeeSchema
// TODO(roasbeef): populate proper FeeSchema
chanUpdateAnn := &lnwire.ChannelUpdateAnnouncement{
ShortChannelID: chanID,
Timestamp: uint32(time.Now().Unix()),
@ -1077,9 +1070,13 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
// With the channel update announcement constructed, we'll generate a
// signature that signs a double-sha digest of the announcement.
// This'll serve to authenticate this announcement and other Other
// future updates we may send.
chanUpdateAnn.Signature, err = f.cfg.SignAnnouncement(chanUpdateAnn)
// This'll serve to authenticate this announcement and any other future
// updates we may send.
chanUpdateMsg, err := chanUpdateAnn.DataToSign()
if err != nil {
return nil, err
}
chanUpdateAnn.Signature, err = f.cfg.SignMessage(f.cfg.IDKey, chanUpdateMsg)
if err != nil {
return nil, errors.Errorf("unable to generate channel "+
"update announcement signature: %v", err)
@ -1092,12 +1089,16 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
// public key under the funding key itself.
// TODO(roasbeef): need to revisit, ensure signatures are signed
// properly
nodeSig, err := f.cfg.SignAnnouncement(chanAnn)
chanAnnMsg, err := chanAnn.DataToSign()
if err != nil {
return nil, err
}
nodeSig, err := f.cfg.SignMessage(f.cfg.IDKey, chanAnnMsg)
if err != nil {
return nil, errors.Errorf("unable to generate node "+
"signature for channel announcement: %v", err)
}
bitcoinSig, err := f.cfg.SignNodeKey(localPubKey, localFundingKey)
bitcoinSig, err := f.cfg.SignMessage(localFundingKey, selfBytes)
if err != nil {
return nil, errors.Errorf("unable to generate bitcoin "+
"signature for node public key: %v", err)

6
lnd.go

@ -138,6 +138,7 @@ func lndMain() error {
}
signer := wc
bio := wc
fundingSigner := wc
// Create, and start the lnwallet, which handles the core payment
// channel logic, and exposes control via proxy state machines.
@ -159,9 +160,8 @@ func lndMain() error {
net.JoinHostPort("", strconv.Itoa(cfg.PeerPort)),
}
fundingSigner := btcwallet.NewFundingSigner(wc)
server, err := newServer(defaultListenAddrs, notifier, bio, wallet,
chanDB, fundingSigner)
server, err := newServer(defaultListenAddrs, notifier, bio,
fundingSigner, wallet, chanDB)
if err != nil {
srvrLog.Errorf("unable to create server: %v\n", err)
return err

@ -18,7 +18,6 @@ import (
"github.com/lightningnetwork/lnd/discovery"
"github.com/lightningnetwork/lnd/lnrpc"
"github.com/lightningnetwork/lnd/lnwallet"
"github.com/lightningnetwork/lnd/lnwallet/btcwallet"
"github.com/lightningnetwork/lnd/lnwire"
"github.com/lightningnetwork/lnd/routing"
"github.com/roasbeef/btcd/btcec"
@ -39,6 +38,10 @@ type server struct {
// connections.
identityPriv *btcec.PrivateKey
// nodeSigner is an implementation of the MessageSigner implementation
// that's backed by the identituy private key of the running lnd node.
nodeSigner *nodeSigner
// lightningID is the sha256 of the public key corresponding to our
// long-term identity private key.
lightningID [32]byte
@ -96,8 +99,8 @@ type server struct {
// newServer creates a new instance of the server which is to listen using the
// passed listener address.
func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
bio lnwallet.BlockChainIO, wallet *lnwallet.LightningWallet,
chanDB *channeldb.DB, fundingSigner *btcwallet.FundingSigner) (*server, error) {
bio lnwallet.BlockChainIO, fundingSigner lnwallet.MessageSigner,
wallet *lnwallet.LightningWallet, chanDB *channeldb.DB) (*server, error) {
privKey, err := wallet.GetIdentitykey()
if err != nil {
@ -125,6 +128,7 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
htlcSwitch: newHtlcSwitch(),
identityPriv: privKey,
nodeSigner: newNodeSigner(privKey),
// TODO(roasbeef): derive proper onion key based on rotation
// schedule
@ -200,8 +204,8 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
// Initialize graph with authenticated lightning node. We need to
// generate a valid signature in order for other nodes on the network
// to accept our announcement.
messageSigner := lnwallet.NewMessageSigner(s.identityPriv)
self.AuthSig, err = discovery.SignAnnouncement(messageSigner,
self.AuthSig, err = discovery.SignAnnouncement(s.nodeSigner,
s.identityPriv.PubKey(),
&lnwire.NodeAnnouncement{
Timestamp: uint32(self.LastUpdate.Unix()),
Addresses: self.Addresses,
@ -258,14 +262,12 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
IDKey: s.identityPriv.PubKey(),
Wallet: wallet,
Notifier: s.chainNotifier,
SignNodeKey: func(nodeKey,
fundingKey *btcec.PublicKey) (*btcec.Signature, error) {
SignMessage: func(pubKey *btcec.PublicKey, msg []byte) (*btcec.Signature, error) {
if pubKey.IsEqual(s.identityPriv.PubKey()) {
return s.nodeSigner.SignMessage(pubKey, msg)
}
data := nodeKey.SerializeCompressed()
return fundingSigner.SignData(data, fundingKey)
},
SignAnnouncement: func(msg lnwire.Message) (*btcec.Signature, error) {
return discovery.SignAnnouncement(messageSigner, msg)
return fundingSigner.SignMessage(pubKey, msg)
},
SendAnnouncement: func(msg lnwire.Message) error {
s.discoverSrv.ProcessLocalAnnouncement(msg,