Commit Graph

43 Commits

Author SHA1 Message Date
Conner Fromknecht
1eba460a2c
lnwallet/script_utils_test: use exposed CommitScriptUnencumbered 2018-07-24 16:54:30 -07:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
Conner Fromknecht
2843df88c0
lnwallet/script_utils_test: use public commit script helpers 2018-07-03 17:07:48 -07:00
Dimitris Tsapakidis
4009f7f874 multi: fix typos in comments 2018-04-17 19:03:27 -07:00
Olaoluwa Osuntokun
a0dc06b954
lnwallet: update script_utils and tests due to SignDescriptor API change 2018-03-06 16:04:01 -05:00
practicalswift
a93736d21e multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
Jim Posen
916b83a6ee lnwallet: Implement test vectors from BOLT 03, Appendix C.
Appendix C of BOLT 03 contains a series of test vectors asserting that
commitment, HTLC success, and HTLC timeout transactions are created
correctly. Here the test cases are transcribed to Go structs and
verified.

We also break out some logic need to tests that bypass the constructor
and remove some redundant fields.
2018-01-31 14:30:56 -08:00
Olaoluwa Osuntokun
30c4196f91
lnwallet: remove the closeObserver from the channel state machine
In this PR, we entirely remove the closeObserver from the channel state
machine. It was added very early on before most of the other aspects of
the daemon were built out. This goroutine was responsible for
dispatching notifications to outside parties if the commitment
transaction was spent at all. This had several issues, since it was
linked to the *lifetime* of the channel state machine itself. As a
result of this linkage, we had to do weird stuff like hand off in
memory pointers to the state machine in order to ensure notifications
were properly dispatched.
2018-01-22 19:19:47 -08:00
Olaoluwa Osuntokun
1d7a1ac0ee
lnwallet: update channel state machine tests to use distinct keys
In this commit, we update the channel state machine tests to use a new
key for each purpose. Before this commit, the same key would be used
the entire time. As a result, a few bugs slipped by that would’ve been
detected if we used fresh keys for each purpose. Additionally, this
reflect the real world case as we always use distinct keys for each
purpose to avoid key re-use.
2018-01-22 19:19:32 -08:00
Jim Posen
0becaddcd5 lnwallet: Move mocks to separate file and augment mockSigner.
To implement the BOLT 03 test vectors, a more powerful mockSigner is
required. The new version of mockSigner stores multiple keys and signs
the transaction outputs with the appropriate one.
2018-01-22 19:00:28 -08:00
Olaoluwa Osuntokun
9777176d7d
lnwallet: don't use persistent pointer to funding tx within channel state machine
This commit fixes a lingering bug that could at times cause
incompatibilities with other implementations when attempting a
cooperative channel close. Before this commit, we would use a pointer
to the funding txin everywhere. As a result, each time we made a new
state, or verified one, we would modify the sequence field of the main
txin of the commitment transaction. Due to this if we updated the
channel, then went to do a cooperative channel closure, the sequence of
the txin would still be set to the value we used as the state hint.

To remedy this, we now copy the txin each time when making the
commitment transaction, and also the cooperative closure transaction.
This avoids accidentally mutating the txin itself.

Fixes #502.
2017-12-22 19:26:35 +01:00
Olaoluwa Osuntokun
d7cdf822e3
lnwallet: update commitmentKeyRing to account for distinct HTLC keys
In this commit, we update all the key derivation within the state
machine to account for the recent spec change which introduces a
distinct key for usages within all HTLC scripts. This change means that
the commitment payment and delay base points, are only required to be
online in the case that a party is forced to go to chain.

We introduce an additional local tweak to the keyring for the HTLC
tweak. Additionally, two new keys have been added: a local and a remote
HTLC key. Generation of sender/receiver HTLC scripts now use the local
and remote HTLC keys rather than the “payment” key for each party.
Finally, when creating/verifying signatures for second-level HTLC
transactions, we use these the distinct HTLC keys, rather than re-using
the payment keys.
2017-11-16 20:00:03 -08:00
Jim Posen
a13ad0a339 multi: Fix various typos. 2017-10-25 13:20:54 -07:00
Jim Posen
bd497438af lnwallet: Pass around key ring instead of individual keys.
The signatures of some functions/methods in lnwallet are simplified by
passing in a commitmentKeyRing argument instead of multiple keys.
2017-10-19 22:23:14 -07:00
Jim Posen
7807150e73 lnwallet: Implement BOLT-03 key derivation test vectors. 2017-10-05 16:54:38 -07:00
Olaoluwa Osuntokun
ca45ae7524
lnwallet: update TestCommitmentSpendValidation due to new commitment scripts 2017-07-30 17:49:25 -07:00
Olaoluwa Osuntokun
016f56e8e3
lnwallet: update TestRevocationKeyDerivation to use new derivation 2017-07-30 17:49:22 -07:00
Olaoluwa Osuntokun
44ffcf2156
lnwallet: add new test case to exercise singly tweaked key derivation 2017-07-30 17:49:19 -07:00
Olaoluwa Osuntokun
5b6cc5e92d
lnwallet: TestHTLCSenderSpendValidation for new HTLC scripts 2017-07-30 17:49:16 -07:00
Olaoluwa Osuntokun
7c035a4729
lnwallet: update TestHTLCSenderSpendValidation for new scripts 2017-07-30 17:49:13 -07:00
Olaoluwa Osuntokun
c4866723d1
lnwallet: add redemption+spend tests for the second-level HTLC txns 2017-07-30 17:49:09 -07:00
Olaoluwa Osuntokun
1a9ada4897
lnwallet: move stateHintTests global var into TestCommitTxStateHint 2017-07-30 17:49:06 -07:00
Olaoluwa Osuntokun
1be4d67ce4
multi: run all test instances in parallel 2017-06-17 01:00:07 +02:00
Olaoluwa Osuntokun
f217093c00
multi: replace usage of fastsha256 with crypto/sha256
This commit removes all instances of the fastsha256 library and
replaces it with the sha256 library in the standard library. This
change should see a number of performance improvements as the standard
library has highly optimized assembly instructions with use vectorized
instructions as the platform supports.
2017-03-15 18:56:41 -07:00
Christopher Jämthagen
242c656fd6 lnwallet: use DefaultDustLimit() instead of hard-coded values 2017-03-09 15:32:31 -08:00
Christopher Jämthagen
52b56b8cf2 lnwallet+test: no dust outputs in commitment transaction + tests
Currently non-HTLC outputs will be accepted in the commitment
transaction as long as it is non-zero. We change this by not allowing
outputs with a value lower than the dust limit. The value of such
an output will go towards transaction fees.
2017-03-09 15:32:31 -08:00
Christopher Jämthagen
cf306098c5 lnwallet: extend test to check for valid locktime and sequence 2017-02-22 15:46:59 -08:00
Christopher Jämthagen
0410ea7374 test: Add table driven tests for script_utils
Add table-driven tests for testing GetStateHint and SetStateHint in package lnwallet.
2017-02-22 15:46:59 -08:00
Christopher Jämthagen
42b3b54e3c lnwallet: allow maximum state size to be used + tests
Add tests to assert maximum state can be used. Also test
that more than one input in the commitment transaction
will fail and that having state number larger than
maxStateHint will fail.
2017-02-22 15:46:59 -08:00
Christopher Jämthagen
873211c02f Use 48-bit commitment transaction numbers
Fix SetStateNumHint and GetStateNumHint to properly
set and get the stateNumHints using the lower 24 bits
of the locktime of the commitment transaction as the
lower 24 bits of the obfuscated state number and the
lower 24 bits of the sequence field as the higher 24
bits.
2017-02-22 15:46:59 -08:00
Olaoluwa Osuntokun
384fe61e73
multi: fix go vet warnings throughout code base 2017-02-16 19:33:19 +08:00
Trevin Hofmann
40c7bac3aa multi: fix a variety of typos throughout the repo 2017-01-17 17:02:56 -08:00
Olaoluwa Osuntokun
5affed38fc
multi: update btcsuite API's to latest upstream changes
This commit makes a large number of minor changes concerning API usage
within the deamon to match the latest version on the upstream btcsuite
libraries.

The major changes are the switch from wire.ShaHash to chainhash.Hash,
and that wire.NewMsgTx() now takes a paramter indicating the version of
the transaction to be created.
2017-01-05 13:56:34 -08:00
Olaoluwa Osuntokun
c81e0a3ebb
lnwallet: convert CommitSpendRevoke+CommitSpendNoDelay to use Signer
This commit converts the rearming two commitment spend functions to use
the lnwallet.Signer interface directly rather than manually manage
private keys during the signing process. This commit is in preparation
for implementation of fully automated revoked uncooperative closure
detection and retribution.
2016-11-18 15:23:50 -08:00
Olaoluwa Osuntokun
22074eb737
lnwallet: integrate obfuscated state hints into funding workflow
This commit finalizes the implementation of #58 by integrating passing
around the obfuscate state hints into the funding workflow of the
wallet, and also the daemon’s funding manager.

In order to amend the tests, the functions to set and receive the state
hints are now publicly exported.
2016-11-16 12:54:39 -08:00
Olaoluwa Osuntokun
d43ef24ed3
lnwallet: add utility functions for obfuscated commitment state hints
This commit adds two utility functions along with corresponding tests
for adding obfuscated state number hints to each commitment
transaction.

Such a feature reduces the search time to recover the necessary
material to punish a counterpaty for broadcasting an invalid state from
O(N), to O(1), where N is the number of states in the channel’s
transcript. By encoding the obsfucated state number, either side is
able to quickly obtain the ncessary state to excerise “justice”.
2016-11-14 18:35:10 -08:00
andrew.shvv
e515710a7d multi: use witnessScript everywhere instead of redeemScript
This commit consists of a mass variable renaming to call the pkScript being executed for segwit outputs the `witnessScript` instead of `redeemScript`. The latter naming convention is generally considered to be reserved for the context of BIP 16 execution. With segwit to be deployed soon, we should be using the correct terminology uniformly through the codebase. 

In addition some minor typos throughout the codebase has been fixed.
2016-10-15 16:02:09 -07:00
Olaoluwa Osuntokun
f972378140
lnwallet: modify CommitSpendTimeout to expect proper input sequence num and tx version 2016-09-12 19:07:20 -07:00
Olaoluwa Osuntokun
e858bb5ca2
lnwallet: convert CommitSpendTimeout to user the Signer interface 2016-09-12 19:07:12 -07:00
Olaoluwa Osuntokun
564316a846
lnwallet: publicly export several functions within script_utils.go 2016-09-08 12:25:44 -07:00
Olaoluwa Osuntokun
1b490c52ed
lnwallet: createCommitTx now a revocation key 2016-06-30 12:12:19 -07:00
Olaoluwa Osuntokun
f3a6f8ffe6
lnd: implement the sendcoins RPC request
This commit implements the “send coins” RPC request which was
introduced at both the lnrpc and command line level in a prior commit.

A small refactoring has taken place w.r.t to sendmany+sendcoins in
order to eliminate some code duplication.
2016-06-29 11:31:34 -07:00
Olaoluwa Osuntokun
e22734f9cf
lnwallet: update HTLC+commitment scripts
This commit updates the previous HTLC and commitment scripts to their
current latest evolution.

The HTLC scripts have been optimized for space savings, the
functionality itself has remained relatively unchanged. A trade off was
made to add additional bytes into the sigScript in order to avoid
extraneous CHECKSIG’s. The rationale is that an extra 1-2 bytes in the
sigScript to guide execution, are worthwhile since they’re in the
witness, and witness data may be pruned in the near future.

The primary change is within the commitment transaction itself. Instead
of using revocation hashes, we now use signature based revocation. This
saves space in the Script, and optimizes away an extra hashing
operation. Elkrem/shachain is still used but, we now use the pre-images
to homomorphically derive a public key which the other party will be
able to sign with, once we disclose the pre-image itself.

Finally, we have switched to using SHA-256 everywhere uniformly for
both revocation hashes, and payment hashes. The rationale is that the
output of ripemd160 is too small for modern security margins, and that
other coins/chains are more likely to have SHA-256 implemented, than
ripemd160.

A set of tests has also been included which contain (mostly) exhaustive
tests of all possible redemption paths for both commitment and HTLC.
2016-06-27 11:35:32 -07:00