1 /* Code to make a commitment tx, useful for generating test cases.
2 *
3 * For example, in the spec tests we use the following:
4 *
5 * lightning/devtools/mkcommit 0 41085b995c1f591cfc3ae79ccde012bf0b37c7bde23d80a61c9732bdd6210b2f 0 999878sat 253 999878sat local \
6 5 546 9998sat \
7 6 546 9998sat \
8 0000000000000000000000000000000000000000000000000000000000000020 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000021 0000000000000000000000000000000000000000000000000000000000000022 0000000000000000000000000000000000000000000000000000000000000023 0000000000000000000000000000000000000000000000000000000000000024 \
9 0000000000000000000000000000000000000000000000000000000000000010 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 0000000000000000000000000000000000000000000000000000000000000011 0000000000000000000000000000000000000000000000000000000000000012 0000000000000000000000000000000000000000000000000000000000000013 0000000000000000000000000000000000000000000000000000000000000014
10 */
11 #include <bitcoin/chainparams.h>
12 #include <bitcoin/script.h>
13 #include <ccan/cast/cast.h>
14 #include <ccan/err/err.h>
15 #include <ccan/opt/opt.h>
16 #include <ccan/str/hex/hex.h>
17 #include <ccan/tal/str/str.h>
18 #include <channeld/full_channel.h>
19 #include <common/blockheight_states.h>
20 #include <common/channel_type.h>
21 #include <common/fee_states.h>
22 #include <common/htlc_wire.h>
23 #include <common/key_derive.h>
24 #include <common/status.h>
25 #include <common/type_to_string.h>
26 #include <common/version.h>
27 #include <inttypes.h>
28 #include <stdio.h>
29
30 static bool verbose = false;
31
status_fmt(enum log_level level,const struct node_id * node_id,const char * fmt,...)32 void status_fmt(enum log_level level,
33 const struct node_id *node_id,
34 const char *fmt, ...)
35 {
36 if (verbose) {
37 va_list ap;
38
39 va_start(ap, fmt);
40 printf("#TRACE: ");
41 vprintf(fmt, ap);
42 printf("\n");
43 va_end(ap);
44 }
45 }
46
status_failed(enum status_failreason reason,const char * fmt,...)47 void status_failed(enum status_failreason reason, const char *fmt, ...)
48 {
49 abort();
50 }
51
parse_secrets(char * argv[],struct secrets * secrets,struct sha256 * seed,const char * desc)52 static int parse_secrets(char *argv[],
53 struct secrets *secrets,
54 struct sha256 *seed,
55 const char *desc)
56 {
57 int argnum = 0;
58 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
59 &secrets->funding_privkey,
60 sizeof(secrets->funding_privkey)))
61 errx(1, "Parsing %s.funding_privkey", desc);
62 argnum++;
63 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
64 seed, sizeof(*seed)))
65 errx(1, "Parsing %s seed", desc);
66 argnum++;
67 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
68 &secrets->revocation_basepoint_secret,
69 sizeof(secrets->revocation_basepoint_secret)))
70 errx(1, "Parsing %s.revocation_basepoint_secret", desc);
71 argnum++;
72 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
73 &secrets->payment_basepoint_secret,
74 sizeof(secrets->payment_basepoint_secret)))
75 errx(1, "Parsing %s.payment_basepoint_secret", desc);
76 argnum++;
77 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
78 &secrets->delayed_payment_basepoint_secret,
79 sizeof(secrets->delayed_payment_basepoint_secret)))
80 errx(1, "Parsing %s.delayed_payment_basepoint_secret", desc);
81 argnum++;
82 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
83 &secrets->htlc_basepoint_secret,
84 sizeof(secrets->htlc_basepoint_secret)))
85 errx(1, "Parsing %s.htlc_basepoint_secret", desc);
86 argnum++;
87 return argnum;
88 }
89
print_basepoints(const char * desc,const struct secrets * secrets,const struct sha256 * shaseed,const struct basepoints * basepoints,const struct pubkey * fundingkey,u64 commitnum)90 static void print_basepoints(const char *desc,
91 const struct secrets *secrets,
92 const struct sha256 *shaseed,
93 const struct basepoints *basepoints,
94 const struct pubkey *fundingkey,
95 u64 commitnum)
96 {
97 struct secret per_commitment_secret;
98 struct pubkey per_commitment_point;
99
100 printf("## %s\n", desc);
101 printf("# funding_privkey=%s\n",
102 type_to_string(NULL, struct secret, &secrets->funding_privkey.secret));
103 printf("funding_pubkey=%s\n",
104 type_to_string(NULL, struct pubkey, fundingkey));
105 printf("# revocation_basepoint_secret=%s\n",
106 type_to_string(NULL, struct secret,
107 &secrets->revocation_basepoint_secret));
108 printf("revocation_basepoint=%s\n",
109 type_to_string(NULL, struct pubkey, &basepoints->revocation));
110 printf("# payment_basepoint_secret=%s\n",
111 type_to_string(NULL, struct secret,
112 &secrets->payment_basepoint_secret));
113 printf("payment_basepoint=%s\n",
114 type_to_string(NULL, struct pubkey, &basepoints->payment));
115 printf("# delayed_payment_basepoint_secret=%s\n",
116 type_to_string(NULL, struct secret,
117 &secrets->delayed_payment_basepoint_secret));
118 printf("delayed_payment_basepoint=%s\n",
119 type_to_string(NULL, struct pubkey, &basepoints->delayed_payment));
120 printf("# htlc_basepoint_secret=%s\n",
121 type_to_string(NULL, struct secret,
122 &secrets->htlc_basepoint_secret));
123 printf("htlc_basepoint=%s\n",
124 type_to_string(NULL, struct pubkey, &basepoints->htlc));
125 if (!per_commit_secret(shaseed, &per_commitment_secret, commitnum))
126 errx(1, "Bad deriving %s per_commitment_secret #%"PRIu64,
127 desc, commitnum);
128 if (!per_commit_point(shaseed, &per_commitment_point, commitnum))
129 errx(1, "Bad deriving %s per_commitment_point #%"PRIu64,
130 desc, commitnum);
131 printf("# shachain seed=%s\n",
132 type_to_string(NULL, struct sha256, shaseed));
133 printf("# per_commitment_secret %"PRIu64"=%s\n",
134 commitnum,
135 type_to_string(NULL, struct secret, &per_commitment_secret));
136 printf("per_commitment_point %"PRIu64"=%s\n\n",
137 commitnum,
138 type_to_string(NULL, struct pubkey, &per_commitment_point));
139 }
140
parse_config(char * argv[],struct channel_config * config,const char * desc)141 static int parse_config(char *argv[],
142 struct channel_config *config,
143 const char *desc)
144 {
145 int argnum = 0;
146
147 config->id = 0;
148 /* FIXME: Allow overriding these on cmdline! */
149 config->max_htlc_value_in_flight = AMOUNT_MSAT(-1ULL);
150 config->htlc_minimum = AMOUNT_MSAT(0);
151 config->max_accepted_htlcs = 483;
152 config->max_dust_htlc_exposure_msat = AMOUNT_MSAT(-1ULL);
153
154 config->to_self_delay = atoi(argv[argnum]);
155 argnum++;
156 if (!parse_amount_sat(&config->dust_limit,
157 argv[argnum], strlen(argv[argnum])))
158 errx(1, "Bad %s dustlimit", desc);
159 argnum++;
160 if (!parse_amount_sat(&config->channel_reserve,
161 argv[argnum], strlen(argv[argnum])))
162 errx(1, "Bad %s reserve", desc);
163 argnum++;
164 return argnum;
165 }
166
parse_htlc(char * argv[],struct existing_htlc *** htlcs)167 static int parse_htlc(char *argv[], struct existing_htlc ***htlcs)
168 {
169 struct existing_htlc *exist = tal(*htlcs, struct existing_htlc);
170 int argnum = 0;
171
172 exist->id = tal_count(*htlcs);
173 if (streq(argv[argnum], "local"))
174 exist->state = SENT_ADD_ACK_REVOCATION;
175 else if (streq(argv[argnum], "remote"))
176 exist->state = RCVD_ADD_ACK_REVOCATION;
177 else
178 errx(1, "Bad htlc offer: %s should be 'local' or 'remote'",
179 argv[argnum]);
180 argnum++;
181 exist->payment_preimage = tal(*htlcs, struct preimage);
182 if (!hex_decode(argv[argnum], strlen(argv[argnum]),
183 exist->payment_preimage, sizeof(*exist->payment_preimage)))
184 errx(1, "Bad payment-preimage %s", argv[argnum]);
185
186 sha256(&exist->payment_hash, exist->payment_preimage,
187 sizeof(*exist->payment_preimage));
188 argnum++;
189 if (!parse_amount_msat(&exist->amount,
190 argv[argnum], strlen(argv[argnum])))
191 errx(1, "Bad htlc amount %s", argv[argnum]);
192 argnum++;
193 exist->cltv_expiry = atoi(argv[argnum]);
194 argnum++;
195
196 printf("# HTLC %"PRIu64": %s amount=%s preimage=%s payment_hash=%s cltv=%u\n",
197 exist->id, argv[0],
198 type_to_string(tmpctx, struct amount_msat, &exist->amount),
199 type_to_string(tmpctx, struct preimage, exist->payment_preimage),
200 type_to_string(tmpctx, struct sha256, &exist->payment_hash),
201 exist->cltv_expiry);
202
203 tal_arr_expand(htlcs, exist);
204 return argnum;
205 }
206
preimage_of(const struct sha256 * hash,const struct existing_htlc ** htlcs)207 static const struct preimage *preimage_of(const struct sha256 *hash,
208 const struct existing_htlc **htlcs)
209 {
210 for (size_t i = 0; i < tal_count(htlcs); i++)
211 if (sha256_eq(hash, &htlcs[i]->payment_hash))
212 return htlcs[i]->payment_preimage;
213 abort();
214 }
215
sig_as_hex(const struct bitcoin_signature * sig)216 static char *sig_as_hex(const struct bitcoin_signature *sig)
217 {
218 u8 compact_sig[64];
219
220 secp256k1_ecdsa_signature_serialize_compact(secp256k1_ctx,
221 compact_sig,
222 &sig->s);
223 return tal_hexstr(NULL, compact_sig, sizeof(compact_sig));
224 }
225
226
sig_notation(const struct sha256_double * hash,const struct privkey * privkey,const struct bitcoin_signature * sig)227 static char *sig_notation(const struct sha256_double *hash,
228 const struct privkey *privkey,
229 const struct bitcoin_signature *sig)
230 {
231 const char *pstr = tal_hexstr(NULL, privkey->secret.data, sizeof(privkey->secret.data));
232 const char *hstr = type_to_string(NULL, struct sha256_double, hash);
233
234 if (verbose)
235 return tal_fmt(NULL,
236 "SIG(%s:%s)\n privkey: %s\n tx_hash: %s\n"
237 " sig: %s",
238 pstr, hstr, pstr, hstr, sig_as_hex(sig));
239
240 return tal_fmt(NULL, "SIG(%s:%s)", pstr, hstr);
241 }
242
main(int argc,char * argv[])243 int main(int argc, char *argv[])
244 {
245 struct secrets local, remote;
246 struct sha256 localseed, remoteseed;
247 struct basepoints localbase, remotebase;
248 struct pubkey funding_localkey, funding_remotekey;
249 u64 commitnum;
250 struct amount_sat funding_amount;
251 struct channel_id cid;
252 struct bitcoin_outpoint funding;
253 u32 feerate_per_kw;
254 struct pubkey local_per_commit_point, remote_per_commit_point;
255 struct bitcoin_signature local_sig, remote_sig;
256 struct channel_config localconfig, remoteconfig;
257 struct amount_msat local_msat, remote_msat;
258 int argnum;
259 struct bitcoin_tx **local_txs, **remote_txs;
260 enum side fee_payer;
261 u8 **witness;
262 const u8 *funding_wscript;
263 struct channel *channel;
264 struct existing_htlc **htlcs = tal_arr(NULL, struct existing_htlc *, 0);
265 const struct htlc **htlcmap;
266 struct privkey local_htlc_privkey, remote_htlc_privkey;
267 struct pubkey local_htlc_pubkey, remote_htlc_pubkey;
268 bool option_static_remotekey = false, option_anchor_outputs = false;
269 const struct channel_type *channel_type;
270 struct sha256_double hash;
271 u32 blockheight = 0;
272
273 setup_locale();
274 chainparams = chainparams_for_network("bitcoin");
275
276 secp256k1_ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY |
277 SECP256K1_CONTEXT_SIGN);
278
279 opt_register_noarg("--help|-h", opt_usage_and_exit,
280 "<commitnum> <funding-txid> <funding-txout> <funding-amount> <feerate-per-kw> <local-msat> <fee-payer> <localconfig> <remoteconfig> <localsecrets> <remotesecrets> [<htlc>...]\n"
281 "Where <config> are:\n"
282 " <to-self-delay>\n"
283 " <dustlimit>\n"
284 " <reserve-sat>\n"
285 "Where <secrets> are:\n"
286 " <funding-privkey>\n"
287 " <shachain-seed>\n"
288 " <revocation-base-secret>\n"
289 " <payment-base-secret>\n"
290 " <delayed-payment-base-secret>\n"
291 " <htlc-base-secret>\n"
292 "Where <htlc>s are:\n"
293 " <offer-side>\n"
294 " <payment-preimage>\n"
295 " <amount-msat>\n"
296 " <cltv-expiry>\n",
297 "Show this message");
298 opt_register_noarg("-v|--verbose", opt_set_bool, &verbose,
299 "Increase verbosity");
300 opt_register_noarg("--option-static-remotekey", opt_set_bool,
301 &option_static_remotekey,
302 "Use option_static_remotekey generation rules");
303 opt_register_noarg("--option-anchor-outputs", opt_set_bool,
304 &option_anchor_outputs,
305 "Use option_anchor_outputs generation rules");
306 opt_register_version();
307
308 opt_parse(&argc, argv, opt_log_stderr_exit);
309
310 if (argc < 1 + 7 + 3*2 + 6*2)
311 opt_usage_exit_fail("Too few arguments");
312
313 argnum = 1;
314 commitnum = atol(argv[argnum++]);
315 if (!bitcoin_txid_from_hex(argv[argnum],
316 strlen(argv[argnum]), &funding.txid))
317 errx(1, "Bad funding-txid");
318 argnum++;
319 funding.n = atoi(argv[argnum++]);
320 if (!parse_amount_sat(&funding_amount, argv[argnum], strlen(argv[argnum])))
321 errx(1, "Bad funding-amount");
322 argnum++;
323 feerate_per_kw = atoi(argv[argnum++]);
324 if (!parse_amount_msat(&local_msat,
325 argv[argnum], strlen(argv[argnum])))
326 errx(1, "Bad local-msat");
327 argnum++;
328 if (streq(argv[argnum], "local"))
329 fee_payer = LOCAL;
330 else if (streq(argv[argnum], "remote"))
331 fee_payer = REMOTE;
332 else
333 errx(1, "fee-payer must be 'local' or 'remote'");
334 argnum++;
335
336 argnum += parse_config(argv + argnum, &localconfig, "local");
337 argnum += parse_config(argv + argnum, &remoteconfig, "remote");
338
339 argnum += parse_secrets(argv + argnum, &local, &localseed, "local");
340 argnum += parse_secrets(argv + argnum, &remote, &remoteseed, "remote");
341
342 if (!amount_sat_sub_msat(&remote_msat, funding_amount, local_msat))
343 errx(1, "Can't afford local_msat");
344
345 if (option_anchor_outputs) {
346 printf("Using option-anchor-outputs\n");
347 option_static_remotekey = true;
348 }
349 if (option_static_remotekey)
350 printf("Using option-static-remotekey\n");
351
352 printf("## HTLCs\n");
353 while (argnum < argc) {
354 if (argnum + 4 > argc)
355 opt_usage_exit_fail("Too few arguments for htlc");
356 argnum += parse_htlc(argv + argnum, &htlcs);
357 }
358 printf("\n");
359
360 if (!pubkey_from_privkey(&local.funding_privkey, &funding_localkey)
361 || !pubkey_from_secret(&local.revocation_basepoint_secret,
362 &localbase.revocation)
363 || !pubkey_from_secret(&local.payment_basepoint_secret,
364 &localbase.payment)
365 || !pubkey_from_secret(&local.delayed_payment_basepoint_secret,
366 &localbase.delayed_payment)
367 || !pubkey_from_secret(&local.htlc_basepoint_secret,
368 &localbase.htlc))
369 errx(1, "Bad deriving local basepoints");
370
371 if (!pubkey_from_privkey(&remote.funding_privkey, &funding_remotekey)
372 || !pubkey_from_secret(&remote.revocation_basepoint_secret,
373 &remotebase.revocation)
374 || !pubkey_from_secret(&remote.payment_basepoint_secret,
375 &remotebase.payment)
376 || !pubkey_from_secret(&remote.delayed_payment_basepoint_secret,
377 &remotebase.delayed_payment)
378 || !pubkey_from_secret(&remote.htlc_basepoint_secret,
379 &remotebase.htlc))
380 errx(1, "Bad deriving remote basepoints");
381
382 print_basepoints("local",
383 &local, &localseed,
384 &localbase, &funding_localkey, commitnum);
385 print_basepoints("remote",
386 &remote, &remoteseed,
387 &remotebase, &funding_remotekey, commitnum);
388
389 /* FIXME: option for v2? */
390 derive_channel_id(&cid, &funding);
391
392 if (option_anchor_outputs)
393 channel_type = channel_type_anchor_outputs(NULL);
394 else if (option_static_remotekey)
395 channel_type = channel_type_static_remotekey(NULL);
396 else
397 channel_type = channel_type_none(NULL);
398
399 channel = new_full_channel(NULL,
400 &cid,
401 &funding, 1,
402 take(new_height_states(NULL, fee_payer,
403 &blockheight)),
404 0, /* Defaults to no lease */
405 funding_amount,
406 local_msat,
407 take(new_fee_states(NULL, fee_payer,
408 &feerate_per_kw)),
409 &localconfig, &remoteconfig,
410 &localbase, &remotebase,
411 &funding_localkey, &funding_remotekey,
412 channel_type,
413 false,
414 fee_payer);
415
416 if (!channel_force_htlcs(channel,
417 cast_const2(const struct existing_htlc **, htlcs)))
418 errx(1, "Cannot add HTLCs");
419
420 /* Create the local commitment_tx */
421 if (!per_commit_point(&localseed, &local_per_commit_point, commitnum))
422 errx(1, "Bad deriving local per-commitment-point");
423
424 local_txs = channel_txs(NULL, &htlcmap, NULL, &funding_wscript, channel,
425 &local_per_commit_point, commitnum,
426 LOCAL);
427
428 printf("## local_commitment\n"
429 "# input amount %s, funding_wscript %s, pubkey %s\n",
430 type_to_string(NULL, struct amount_sat, &funding_amount),
431 tal_hex(NULL, funding_wscript),
432 type_to_string(NULL, struct pubkey, &funding_localkey));
433 printf("# unsigned local commitment tx: %s\n",
434 tal_hex(NULL, linearize_tx(NULL, local_txs[0])));
435
436 /* Get the hash out, for printing */
437 bitcoin_tx_hash_for_sig(local_txs[0], 0, funding_wscript,
438 SIGHASH_ALL, &hash);
439 sign_tx_input(local_txs[0], 0, NULL, funding_wscript,
440 &local.funding_privkey,
441 &funding_localkey,
442 SIGHASH_ALL,
443 &local_sig);
444 printf("localsig_on_local: %s\n", sig_notation(&hash,
445 &local.funding_privkey,
446 &local_sig));
447
448 sign_tx_input(local_txs[0], 0, NULL, funding_wscript,
449 &remote.funding_privkey,
450 &funding_remotekey,
451 SIGHASH_ALL,
452 &remote_sig);
453 printf("remotesig_on_local: %s\n", sig_notation(&hash,
454 &remote.funding_privkey,
455 &remote_sig));
456
457 witness =
458 bitcoin_witness_2of2(NULL, &local_sig, &remote_sig,
459 &funding_localkey, &funding_remotekey);
460 bitcoin_tx_input_set_witness(local_txs[0], 0, take(witness));
461
462 printf("# signed local commitment: %s\n",
463 tal_hex(NULL, linearize_tx(NULL, local_txs[0])));
464
465 if (!derive_simple_privkey(&local.htlc_basepoint_secret,
466 &localbase.htlc,
467 &local_per_commit_point,
468 &local_htlc_privkey))
469 errx(1, "Failure deriving local htlc privkey");
470
471 if (!derive_simple_key(&localbase.htlc,
472 &local_per_commit_point,
473 &local_htlc_pubkey))
474 errx(1, "Failure deriving local htlc pubkey");
475
476 if (!derive_simple_privkey(&remote.htlc_basepoint_secret,
477 &remotebase.htlc,
478 &local_per_commit_point,
479 &remote_htlc_privkey))
480 errx(1, "Failure deriving remote htlc privkey");
481
482 if (!derive_simple_key(&remotebase.htlc,
483 &local_per_commit_point,
484 &remote_htlc_pubkey))
485 errx(1, "Failure deriving remote htlc pubkey");
486
487 for (size_t i = 0; i < tal_count(htlcmap); i++) {
488 struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
489 u8 *wscript;
490
491 if (!htlcmap[i])
492 continue;
493 printf("# Output %zu: %s HTLC %"PRIu64"\n",
494 i, side_to_str(htlc_owner(htlcmap[i])), htlcmap[i]->id);
495 printf("# unsigned htlc tx for output %zu: %s\n",
496 i, tal_hex(NULL, linearize_tx(NULL, local_txs[1+i])));
497
498 wscript = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i);
499 printf("# wscript: %s\n", tal_hex(NULL, wscript));
500
501 bitcoin_tx_hash_for_sig(local_txs[1+i], 0, wscript,
502 SIGHASH_ALL, &hash);
503 sign_tx_input(local_txs[1+i], 0, NULL, wscript,
504 &local_htlc_privkey, &local_htlc_pubkey,
505 SIGHASH_ALL, &local_htlc_sig);
506 sign_tx_input(local_txs[1+i], 0, NULL, wscript,
507 &remote_htlc_privkey, &remote_htlc_pubkey,
508 SIGHASH_ALL, &remote_htlc_sig);
509 printf("localsig_on_local output %zu: %s\n",
510 i, sig_notation(&hash, &local_htlc_privkey, &local_htlc_sig));
511 printf("remotesig_on_local output %zu: %s\n",
512 i, sig_notation(&hash, &remote_htlc_privkey, &remote_htlc_sig));
513
514 if (htlc_owner(htlcmap[i]) == LOCAL)
515 witness = bitcoin_witness_htlc_timeout_tx(NULL,
516 &local_htlc_sig,
517 &remote_htlc_sig,
518 wscript);
519 else
520 witness = bitcoin_witness_htlc_success_tx(NULL,
521 &local_htlc_sig,
522 &remote_htlc_sig,
523 preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
524 wscript);
525 bitcoin_tx_input_set_witness(local_txs[1+i], 0, witness);
526 printf("htlc tx for output %zu: %s\n",
527 i, tal_hex(NULL, linearize_tx(NULL, local_txs[1+i])));
528 }
529 printf("\n");
530
531 /* Create the remote commitment tx */
532 if (!per_commit_point(&remoteseed, &remote_per_commit_point, commitnum))
533 errx(1, "Bad deriving remote per-commitment-point");
534 remote_txs = channel_txs(NULL, &htlcmap, NULL, &funding_wscript, channel,
535 &remote_per_commit_point, commitnum,
536 REMOTE);
537
538 printf("## remote_commitment\n"
539 "# input amount %s, funding_wscript %s, key %s\n",
540 type_to_string(NULL, struct amount_sat, &funding_amount),
541 tal_hex(NULL, funding_wscript),
542 type_to_string(NULL, struct pubkey, &funding_remotekey));
543 printf("# unsigned remote commitment tx: %s\n",
544 tal_hex(NULL, linearize_tx(NULL, remote_txs[0])));
545
546 bitcoin_tx_hash_for_sig(remote_txs[0], 0, funding_wscript,
547 SIGHASH_ALL, &hash);
548 sign_tx_input(remote_txs[0], 0, NULL, funding_wscript,
549 &local.funding_privkey,
550 &funding_localkey,
551 SIGHASH_ALL,
552 &local_sig);
553 printf("localsig_on_remote: %s\n", sig_notation(&hash,
554 &local.funding_privkey,
555 &local_sig));
556
557 sign_tx_input(remote_txs[0], 0, NULL, funding_wscript,
558 &remote.funding_privkey,
559 &funding_remotekey,
560 SIGHASH_ALL,
561 &remote_sig);
562 printf("remotesig_on_remote: %s\n", sig_notation(&hash,
563 &remote.funding_privkey,
564 &remote_sig));
565
566 witness =
567 bitcoin_witness_2of2(NULL, &local_sig, &remote_sig,
568 &funding_localkey, &funding_remotekey);
569 bitcoin_tx_input_set_witness(remote_txs[0], 0, witness);
570
571 printf("# signed remote commitment: %s\n",
572 tal_hex(NULL, linearize_tx(NULL, remote_txs[0])));
573
574 if (!derive_simple_privkey(&local.htlc_basepoint_secret,
575 &localbase.htlc,
576 &remote_per_commit_point,
577 &local_htlc_privkey))
578 errx(1, "Failure deriving local htlc privkey");
579
580 if (!derive_simple_key(&localbase.htlc,
581 &remote_per_commit_point,
582 &local_htlc_pubkey))
583 errx(1, "Failure deriving local htlc pubkey");
584
585 if (!derive_simple_privkey(&remote.htlc_basepoint_secret,
586 &remotebase.htlc,
587 &remote_per_commit_point,
588 &remote_htlc_privkey))
589 errx(1, "Failure deriving remote htlc privkey");
590
591 if (!derive_simple_key(&remotebase.htlc,
592 &remote_per_commit_point,
593 &remote_htlc_pubkey))
594 errx(1, "Failure deriving remote htlc pubkey");
595
596 for (size_t i = 0; i < tal_count(htlcmap); i++) {
597 struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
598 u8 *wscript;
599
600 if (!htlcmap[i])
601 continue;
602 printf("# Output %zu: %s HTLC %"PRIu64"\n",
603 i, side_to_str(htlc_owner(htlcmap[i])), htlcmap[i]->id);
604 printf("# unsigned htlc tx for output %zu: %s\n",
605 i, tal_hex(NULL, linearize_tx(NULL, remote_txs[1+i])));
606
607 wscript = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i);
608 printf("# wscript: %s\n", tal_hex(NULL, wscript));
609 bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, wscript,
610 SIGHASH_ALL, &hash);
611 sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
612 &local_htlc_privkey, &local_htlc_pubkey,
613 SIGHASH_ALL, &local_htlc_sig);
614 sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
615 &remote_htlc_privkey, &remote_htlc_pubkey,
616 SIGHASH_ALL, &remote_htlc_sig);
617 printf("localsig_on_remote output %zu: %s\n",
618 i, sig_notation(&hash, &local_htlc_privkey, &local_htlc_sig));
619 printf("remotesig_on_remote output %zu: %s\n",
620 i, sig_notation(&hash, &remote_htlc_privkey, &remote_htlc_sig));
621
622 if (htlc_owner(htlcmap[i]) == REMOTE)
623 witness = bitcoin_witness_htlc_timeout_tx(NULL,
624 &remote_htlc_sig,
625 &local_htlc_sig,
626 wscript);
627 else
628 witness = bitcoin_witness_htlc_success_tx(NULL,
629 &remote_htlc_sig,
630 &local_htlc_sig,
631 preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
632 wscript);
633 bitcoin_tx_input_set_witness(remote_txs[1+i], 0, witness);
634 printf("htlc tx for output %zu: %s\n",
635 i, tal_hex(NULL, linearize_tx(NULL, remote_txs[1+i])));
636 }
637 printf("\n");
638
639 return 0;
640 }
641