funding: modify fundingManager config to use SignMessage for ann's

This commit modifies the fundingManager config to use the a SignMesage
function rather than two distinct functions for singing one half the
channel announcement proofs. This change unifies the signing of
messages under a single abstraction: the MessageSigner interface.

fundingmanager.go

@@ -140,18 +140,11 @@ type fundingConfig struct {
 	// so that the channel creation process can be completed.
 	Notifier chainntnfs.ChainNotifier
 
-	// SignNodeKey is used to generate a signature of a given node identity
-	// public key signed under the passed node funding key. This function
-	// closure is used to generate one half the channel proof which attests
-	// the target nodeKey is indeed in control of the channel funding key
-	// in question.
-	SignNodeKey func(nodeKey, fundingKey *btcec.PublicKey) (*btcec.Signature, error)
-
-	// SignAnnouncement is used to generate the signatures for channel
-	// update, and node announcements, and also to generate the proof for
-	// the channel announcements. The key used to generate this signature
-	// is the identity public key of the running daemon.
-	SignAnnouncement func(msg lnwire.Message) (*btcec.Signature, error)
+	// SignMessage signs an arbitrary method with a given public key. The
+	// actual digest signed is the double sha-256 of the message. In the
+	// case that the private key corresponding to the passed public key
+	// cannot be located, then an error is returned.
+	SignMessage func(pubKey *btcec.PublicKey, msg []byte) (*btcec.Signature, error)
 
 	// SendAnnouncement is used by the FundingManager to announce newly
 	// created channels to the rest of the Lightning Network.
@@ -1064,7 +1057,7 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
 		chanFlags = 1
 	}
 
-	// TODO(roasbeef): add real sig, populate proper FeeSchema
+	// TODO(roasbeef): populate proper FeeSchema
 	chanUpdateAnn := &lnwire.ChannelUpdateAnnouncement{
 		ShortChannelID:            chanID,
 		Timestamp:                 uint32(time.Now().Unix()),
@@ -1077,9 +1070,13 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
 
 	// With the channel update announcement constructed, we'll generate a
 	// signature that signs a double-sha digest of the announcement.
-	// This'll serve to authenticate this announcement and other Other
-	// future updates we may send.
-	chanUpdateAnn.Signature, err = f.cfg.SignAnnouncement(chanUpdateAnn)
+	// This'll serve to authenticate this announcement and any other future
+	// updates we may send.
+	chanUpdateMsg, err := chanUpdateAnn.DataToSign()
+	if err != nil {
+		return nil, err
+	}
+	chanUpdateAnn.Signature, err = f.cfg.SignMessage(f.cfg.IDKey, chanUpdateMsg)
 	if err != nil {
 		return nil, errors.Errorf("unable to generate channel "+
 			"update announcement signature: %v", err)
@@ -1092,12 +1089,16 @@ func (f *fundingManager) newChanAnnouncement(localPubKey, remotePubKey *btcec.Pu
 	// public key under the funding key itself.
 	// TODO(roasbeef): need to revisit, ensure signatures are signed
 	// properly
-	nodeSig, err := f.cfg.SignAnnouncement(chanAnn)
+	chanAnnMsg, err := chanAnn.DataToSign()
+	if err != nil {
+		return nil, err
+	}
+	nodeSig, err := f.cfg.SignMessage(f.cfg.IDKey, chanAnnMsg)
 	if err != nil {
 		return nil, errors.Errorf("unable to generate node "+
 			"signature for channel announcement: %v", err)
 	}
-	bitcoinSig, err := f.cfg.SignNodeKey(localPubKey, localFundingKey)
+	bitcoinSig, err := f.cfg.SignMessage(localFundingKey, selfBytes)
 	if err != nil {
 		return nil, errors.Errorf("unable to generate bitcoin "+
 			"signature for node public key: %v", err)

lnd.go

@@ -138,6 +138,7 @@ func lndMain() error {
 	}
 	signer := wc
 	bio := wc
+	fundingSigner := wc
 
 	// Create, and start the lnwallet, which handles the core payment
 	// channel logic, and exposes control via proxy state machines.
@@ -159,9 +160,8 @@ func lndMain() error {
 		net.JoinHostPort("", strconv.Itoa(cfg.PeerPort)),
 	}
 
-	fundingSigner := btcwallet.NewFundingSigner(wc)
-	server, err := newServer(defaultListenAddrs, notifier, bio, wallet,
-		chanDB, fundingSigner)
+	server, err := newServer(defaultListenAddrs, notifier, bio,
+		fundingSigner, wallet, chanDB)
 	if err != nil {
 		srvrLog.Errorf("unable to create server: %v\n", err)
 		return err

server.go

@@ -18,7 +18,6 @@ import (
 	"github.com/lightningnetwork/lnd/discovery"
 	"github.com/lightningnetwork/lnd/lnrpc"
 	"github.com/lightningnetwork/lnd/lnwallet"
-	"github.com/lightningnetwork/lnd/lnwallet/btcwallet"
 	"github.com/lightningnetwork/lnd/lnwire"
 	"github.com/lightningnetwork/lnd/routing"
 	"github.com/roasbeef/btcd/btcec"
@@ -39,6 +38,10 @@ type server struct {
 	// connections.
 	identityPriv *btcec.PrivateKey
 
+	// nodeSigner is an implementation of the MessageSigner implementation
+	// that's backed by the identituy private key of the running lnd node.
+	nodeSigner *nodeSigner
+
 	// lightningID is the sha256 of the public key corresponding to our
 	// long-term identity private key.
 	lightningID [32]byte
@@ -96,8 +99,8 @@ type server struct {
 // newServer creates a new instance of the server which is to listen using the
 // passed listener address.
 func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
-	bio lnwallet.BlockChainIO, wallet *lnwallet.LightningWallet,
-	chanDB *channeldb.DB, fundingSigner *btcwallet.FundingSigner) (*server, error) {
+	bio lnwallet.BlockChainIO, fundingSigner lnwallet.MessageSigner,
+	wallet *lnwallet.LightningWallet, chanDB *channeldb.DB) (*server, error) {
 
 	privKey, err := wallet.GetIdentitykey()
 	if err != nil {
@@ -125,6 +128,7 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
 		htlcSwitch:  newHtlcSwitch(),
 
 		identityPriv: privKey,
+		nodeSigner:   newNodeSigner(privKey),
 
 		// TODO(roasbeef): derive proper onion key based on rotation
 		// schedule
@@ -200,8 +204,8 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
 	// Initialize graph with authenticated lightning node. We need to
 	// generate a valid signature in order for other nodes on the network
 	// to accept our announcement.
-	messageSigner := lnwallet.NewMessageSigner(s.identityPriv)
-	self.AuthSig, err = discovery.SignAnnouncement(messageSigner,
+	self.AuthSig, err = discovery.SignAnnouncement(s.nodeSigner,
+		s.identityPriv.PubKey(),
 		&lnwire.NodeAnnouncement{
 			Timestamp: uint32(self.LastUpdate.Unix()),
 			Addresses: self.Addresses,
@@ -258,14 +262,12 @@ func newServer(listenAddrs []string, notifier chainntnfs.ChainNotifier,
 		IDKey:    s.identityPriv.PubKey(),
 		Wallet:   wallet,
 		Notifier: s.chainNotifier,
-		SignNodeKey: func(nodeKey,
-			fundingKey *btcec.PublicKey) (*btcec.Signature, error) {
+		SignMessage: func(pubKey *btcec.PublicKey, msg []byte) (*btcec.Signature, error) {
+			if pubKey.IsEqual(s.identityPriv.PubKey()) {
+				return s.nodeSigner.SignMessage(pubKey, msg)
+			}
 
-			data := nodeKey.SerializeCompressed()
-			return fundingSigner.SignData(data, fundingKey)
-		},
-		SignAnnouncement: func(msg lnwire.Message) (*btcec.Signature, error) {
-			return discovery.SignAnnouncement(messageSigner, msg)
+			return fundingSigner.SignMessage(pubKey, msg)
 		},
 		SendAnnouncement: func(msg lnwire.Message) error {
 			s.discoverSrv.ProcessLocalAnnouncement(msg,