1 /* For example, in the spec tests we use the following channels:
2  *
3  * lightning/devtools/mkgossip 103x1x0 06226e46111a0b59caaf126043eb5bbf28c34f3a5e332a1fc7b2b73cf188910f 0000000000000000000000000000000000000000000000000000000000000002 0000000000000000000000000000000000000000000000000000000000000003 0000000000000000000000000000000000000000000000000000000000000010 0000000000000000000000000000000000000000000000000000000000000020 "" 1565587763 144 0 1000 10 "" "01080808082607" 1565587763 48 0 100 11 100000 "0151b6887026070220014c4e1cc141001e6f65fffec8a825260703c43068ceb641d7b25c3a26070441cf248da2034dfa9351a9e946d71ce86f561f50b67753fd8e385d44647bf62cdb91032607"
4  *
5  * lightning/devtools/mkgossip 109x1x0 06226e46111a0b59caaf126043eb5bbf28c34f3a5e332a1fc7b2b73cf188910f 0000000000000000000000000000000000000000000000000000000000000004 0000000000000000000000000000000000000000000000000000000000000005 0000000000000000000000000000000000000000000000000000000000000030 0000000000000000000000000000000000000000000000000000000000000040 "" 1565587764 144 0 1000 10 "" "" 1565587765 48 0 100 11 100000 022a03b0c0000300d000000000240020012607
6  *
7  * lightning/devtools/mkgossip 115x1x0 06226e46111a0b59caaf126043eb5bbf28c34f3a5e332a1fc7b2b73cf188910f 0000000000000000000000000000000000000000000000000000000000000003 0000000000000000000000000000000000000000000000000000000000000004 0000000000000000000000000000000000000000000000000000000000000050 0000000000000000000000000000000000000000000000000000000000000060 "" 1565597764 144 0 1000 10 "" "0441cf248da2034dfa9351a9e946d71ce86f561f50b67753fd8e385d44647bf62cdb91032607" 1565597765 48 0 100 11 100000 ""
8  */
9 #include "config.h"
10 #include <assert.h>
11 #include <ccan/crc32c/crc32c.h>
12 #include <ccan/err/err.h>
13 #include <ccan/opt/opt.h>
14 #include <ccan/str/hex/hex.h>
15 #include <ccan/tal/str/str.h>
16 #include <common/type_to_string.h>
17 #include <inttypes.h>
18 #include <stdio.h>
19 #include <wire/peer_wire.h>
20 
21 static bool verbose = false;
22 
23 struct update_opts {
24 	u32 timestamp;
25 	u32 cltv_expiry_delta;
26 	struct amount_msat min;
27 	struct amount_msat feebase;
28 	u32 fee_proportional_millionths;
29 	struct amount_msat *max;
30 	u8 *addresses;
31 };
32 
parse_options(char * argv[],struct update_opts * opts,const char * desc)33 static int parse_options(char *argv[], struct update_opts *opts,
34 			 const char *desc)
35 {
36 	int argnum = 0;
37 
38 	opts->timestamp = atol(argv[argnum++]);
39 	if (!opts->timestamp)
40 		errx(1, "Bad %s.timestamp", desc);
41 	opts->cltv_expiry_delta = atol(argv[argnum++]);
42 	if (!opts->cltv_expiry_delta)
43 		errx(1, "Bad %s.cltv_expiry_delta", desc);
44 	if (!parse_amount_msat(&opts->min, argv[argnum], strlen(argv[argnum])))
45 		errx(1, "Bad %s.min", desc);
46 	argnum++;
47 	if (!parse_amount_msat(&opts->feebase,
48 			       argv[argnum], strlen(argv[argnum])))
49 		errx(1, "Bad %s.feebase", desc);
50 	argnum++;
51 	opts->fee_proportional_millionths = atol(argv[argnum++]);
52 	if (!opts->fee_proportional_millionths)
53 		errx(1, "Bad %s.fee_proportional_millionths", desc);
54 
55 	if (streq(argv[argnum], ""))
56 		opts->max = NULL;
57 	else {
58 		opts->max = tal(NULL, struct amount_msat);
59 		if (!parse_amount_msat(opts->max,
60 				       argv[argnum], strlen(argv[argnum])))
61 			errx(1, "Bad %s.max", desc);
62 	}
63 	argnum++;
64 	opts->addresses = tal_hexdata(NULL, argv[argnum], strlen(argv[argnum]));
65 	if (!opts->addresses)
66 			errx(1, "Bad %s.addresses", desc);
67 	argnum++;
68 	return argnum;
69 }
70 
sig_as_hex(const secp256k1_ecdsa_signature * sig)71 static char *sig_as_hex(const secp256k1_ecdsa_signature *sig)
72 {
73 	u8 compact_sig[64];
74 
75 	secp256k1_ecdsa_signature_serialize_compact(secp256k1_ctx,
76 						    compact_sig,
77 						    sig);
78 	return tal_hexstr(NULL, compact_sig, sizeof(compact_sig));
79 }
80 
sig_notation(const struct privkey * privkey,struct sha256_double * hash,const secp256k1_ecdsa_signature * sig)81 static char *sig_notation(const struct privkey *privkey,
82 			  struct sha256_double *hash,
83 			  const secp256k1_ecdsa_signature *sig)
84 {
85 	const char *pstr = tal_hexstr(NULL, privkey->secret.data,
86 				      sizeof(privkey->secret.data));
87 	const char *hstr =
88 		type_to_string(NULL, struct sha256_double, hash);
89 
90 	if (verbose)
91 		return tal_fmt(NULL,
92 			       "SIG(%s:%s)\n"
93 			       "   -- privkey= %s\n"
94 			       "   -- tx_hash= %s\n"
95 			       "   -- computed_sig= %s",
96 			       pstr, hstr, pstr, hstr, sig_as_hex(sig));
97 
98 	return tal_fmt(NULL, "SIG(%s:%s)", pstr, hstr);
99 }
100 
101 /* BOLT #7:
102  *
103  * The checksum of a `channel_update` is the CRC32C checksum as specified in
104  * [RFC3720](https://tools.ietf.org/html/rfc3720#appendix-B.4) of this
105  * `channel_update` without its `signature` and `timestamp` fields.
106  */
crc32_of_update(const u8 * channel_update)107 static u32 crc32_of_update(const u8 *channel_update)
108 {
109 	u32 sum;
110 
111 	/* BOLT #7:
112 	 *
113 	 * 1. type: 258 (`channel_update`)
114 	 * 2. data:
115 	 *    * [`signature`:`signature`]
116 	 *    * [`chain_hash`:`chain_hash`]
117 	 *    * [`short_channel_id`:`short_channel_id`]
118 	 *    * [`u32`:`timestamp`]
119 	 *...
120 	 */
121 	/* We already checked it's valid before accepting */
122 	assert(tal_count(channel_update) > 2 + 64 + 32 + 8 + 4);
123 	sum = crc32c(0, channel_update + 2 + 64, 32 + 8);
124 	sum = crc32c(sum, channel_update + 2 + 64 + 32 + 8 + 4,
125 		     tal_count(channel_update) - (64 + 2 + 32 + 8 + 4));
126 	return sum;
127 }
128 
print_update(const struct bitcoin_blkid * chainhash,const struct short_channel_id * scid,const struct update_opts * opts,bool is_lesser_key,const struct privkey * privkey)129 static void print_update(const struct bitcoin_blkid *chainhash,
130 			 const struct short_channel_id *scid,
131 			 const struct update_opts *opts,
132 			 bool is_lesser_key,
133 			 const struct privkey *privkey)
134 {
135 	/* 2 bytes msg type + 64 bytes of signature */
136 	const size_t channel_update_offset = 2 + 64;
137 	struct sha256_double hash;
138 	secp256k1_ecdsa_signature sig;
139 	u8 *cupdate;
140 
141 	memset(&sig, 0, sizeof(sig));
142 	if (opts->max) {
143 		cupdate = towire_channel_update_option_channel_htlc_max
144 			(NULL, &sig, chainhash, scid, opts->timestamp,
145 			 ROUTING_OPT_HTLC_MAX_MSAT,
146 			 is_lesser_key ? 0 : ROUTING_FLAGS_DIRECTION,
147 			 opts->cltv_expiry_delta,
148 			 opts->min,
149 			 opts->feebase.millisatoshis, /* Raw: devtools code */
150 			 opts->fee_proportional_millionths,
151 			 *opts->max);
152 	} else {
153 		cupdate = towire_channel_update
154 			(NULL, &sig, chainhash, scid, opts->timestamp,
155 			 0,
156 			 is_lesser_key ? 0 : ROUTING_FLAGS_DIRECTION,
157 			 opts->cltv_expiry_delta,
158 			 opts->min,
159 			 opts->feebase.millisatoshis, /* Raw: devtools code */
160 			 opts->fee_proportional_millionths);
161 	}
162 	sha256_double(&hash, cupdate + channel_update_offset,
163 		      tal_count(cupdate) - channel_update_offset);
164 	sign_hash(privkey, &hash, &sig);
165 
166 	printf("type=channel_update\n");
167 	printf("   signature=%s\n", sig_notation(privkey, &hash, &sig));
168 	printf("   chain_hash=%s\n", tal_hexstr(NULL, chainhash, sizeof(*chainhash)));
169 	printf("   short_channel_id=%s\n", short_channel_id_to_str(NULL, scid));
170 	printf("   timestamp=%u\n", opts->timestamp);
171 	printf("   message_flags=%u\n",
172 	       opts->max ? ROUTING_OPT_HTLC_MAX_MSAT : 0);
173 	printf("   channel_flags=%u\n",
174 	       is_lesser_key ? 0 : ROUTING_FLAGS_DIRECTION);
175 	printf("   cltv_expiry_delta=%u\n",
176 	       opts->cltv_expiry_delta);
177 	printf("   htlc_minimum_msat=%"PRIu64"\n",
178 	       opts->min.millisatoshis);  /* Raw: devtools code */
179 	printf("   fee_base_msat=%"PRIu64"\n",
180 	       opts->feebase.millisatoshis);  /* Raw: devtools code */
181 	printf("   fee_proportional_millionths=%u\n",
182 	       opts->fee_proportional_millionths);
183 	if (opts->max)
184 		printf("   htlc_maximum_msat=%"PRIu64"\n",
185 		       opts->max->millisatoshis);  /* Raw: devtools code */
186 	printf("# crc32c checksum: %08x\n", crc32_of_update(cupdate));
187 }
188 
print_nannounce(const struct node_id * nodeid,const struct update_opts * opts,const struct privkey * privkey)189 static void print_nannounce(const struct node_id *nodeid,
190 			    const struct update_opts *opts,
191 			    const struct privkey *privkey)
192 {
193 	/* 2 bytes msg type + 64 bytes of signature */
194 	const size_t node_announcement_offset = 2 + 64;
195 	struct sha256_double hash;
196 	secp256k1_ecdsa_signature sig;
197 	char alias[33];
198 	struct tlv_node_ann_tlvs *tlvs;
199 	u8 *nannounce;
200 
201 	memset(&sig, 0, sizeof(sig));
202 	assert(hex_str_size(sizeof(*nodeid)) >= sizeof(alias));
203 	hex_encode(nodeid, hex_data_size(sizeof(alias)), alias, sizeof(alias));
204 	tlvs = tlv_node_ann_tlvs_new(NULL);
205 	nannounce = towire_node_announcement(NULL, &sig, NULL, opts->timestamp,
206 					     nodeid, nodeid->k, (u8 *)alias,
207 					     opts->addresses,
208 					     tlvs);
209 	sha256_double(&hash, nannounce + node_announcement_offset,
210 		      tal_count(nannounce) - node_announcement_offset);
211 	sign_hash(privkey, &hash, &sig);
212 
213 	printf("type=node_announcement\n");
214 	printf("   signature=%s\n", sig_notation(privkey, &hash, &sig));
215 	printf("   features=%s\n", tal_hex(NULL, NULL));
216 	printf("   timestamp=%u\n", opts->timestamp);
217 	printf("   node_id=%s\n", node_id_to_hexstr(NULL, nodeid));
218 	printf("   rgb_color=%s\n", tal_hexstr(NULL, nodeid->k, 3));
219 	printf("   alias=%s\n", tal_hexstr(NULL, alias, 32));
220 	printf("   addresses=%s\n", tal_hex(NULL, opts->addresses));
221 
222 	if (tlvs->option_will_fund) {
223 		struct lease_rates *rates = tlvs->option_will_fund;
224 		printf("	TLV option_will_fund\n");
225 		printf("	lease_fee_basis=%d\n",
226 		       rates->lease_fee_basis);
227 		printf("	lease_fee_base_sat=%d\n",
228 		       rates->lease_fee_base_sat);
229 		printf("	funding_weight=%d\n",
230 		       rates->funding_weight);
231 		printf("	channel_fee_max_proportional_thousandths=%d\n",
232 		       rates->channel_fee_max_proportional_thousandths);
233 		printf("	channel_fee_max_base_msat=%d\n",
234 		       rates->channel_fee_max_base_msat);
235 	}
236 	tal_free(tlvs);
237 }
238 
main(int argc,char * argv[])239 int main(int argc, char *argv[])
240 {
241 	struct privkey node_privkey[2], funding_privkey[2];
242 	struct pubkey node[2], bitcoin[2];
243 	struct node_id nodeid[2];
244 	int lesser_key;
245 	struct short_channel_id scid;
246 	struct bitcoin_blkid chainhash;
247 	secp256k1_ecdsa_signature nodesig[2], bitcoinsig[2];
248 	const u8 *features;
249 	u8 *cannounce;
250 	/* 2 bytes msg type + 256 bytes of signatures */
251 	const size_t channel_announcement_offset = 2 + 256;
252 	int argnum;
253 	struct sha256_double hash;
254 	struct update_opts opts[2];
255 
256 	setup_locale();
257 
258 	secp256k1_ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY |
259 						 SECP256K1_CONTEXT_SIGN);
260 
261 	if (argc < 8 + 7 * 2)
262 		errx(1, "Usage: mkgossip <scid> <chainhash> <node-privkey1> <node-privkey2> <node1-funding-privkey> <node2-funding-privkey> <features-hex> update-opts-1 update-opts-2\n"
263 			"Where <update-opts> is:\n"
264 			"   <timestamp>\n"
265 			"   <cltv_expiry_delta>\n"
266 			"   <htlc_minimum_msat>\n"
267 			"   <fee_base_msat>\n"
268 			"   <fee_proportional_millionths>\n"
269 			"   <htlc_maximum_msat-or-empty>\n"
270 			"   <hex-addrstr>");
271 
272 	opt_register_noarg("-v|--verbose", opt_set_bool, &verbose,
273 			   "Increase verbosity");
274 
275 	opt_parse(&argc, argv, opt_log_stderr_exit);
276 
277 	argnum = 1;
278 	if (!short_channel_id_from_str(argv[argnum], strlen(argv[argnum]), &scid))
279 		errx(1, "Bad scid");
280 	argnum++;
281 	/* Don't do endian-reversing insanity here! */
282 	if (!hex_decode(argv[argnum], strlen(argv[argnum]),
283 			&chainhash, sizeof(chainhash)))
284 		errx(1, "Parsing chainhash");
285 	argnum++;
286 	if (!hex_decode(argv[argnum], strlen(argv[argnum]),
287 			&node_privkey[0], sizeof(node_privkey[0])))
288 		errx(1, "Parsing node-privkey1");
289 	argnum++;
290 	if (!hex_decode(argv[argnum], strlen(argv[argnum]),
291 			&node_privkey[1], sizeof(node_privkey[2])))
292 		errx(1, "Parsing node-privkey2");
293 	argnum++;
294 	if (!hex_decode(argv[argnum], strlen(argv[argnum]),
295 			&funding_privkey[0], sizeof(funding_privkey[0])))
296 		errx(1, "Parsing funding-privkey1");
297 	argnum++;
298 	if (!hex_decode(argv[argnum], strlen(argv[argnum]),
299 			&funding_privkey[1], sizeof(funding_privkey[2])))
300 		errx(1, "Parsing funding-privkey2");
301 	argnum++;
302 	features = tal_hexdata(NULL, argv[argnum], strlen(argv[argnum]));
303 	if (!features)
304 		errx(1, "Parsing hexfeatures");
305 	argnum++;
306 
307 	argnum += parse_options(argv + argnum, &opts[0], "update-opts1");
308 	argnum += parse_options(argv + argnum, &opts[1], "update-opts2");
309 
310 	if (!pubkey_from_privkey(&node_privkey[0], &node[0])
311 	    || !pubkey_from_privkey(&node_privkey[1], &node[1])
312 	    || !pubkey_from_privkey(&funding_privkey[0], &bitcoin[0])
313 	    || !pubkey_from_privkey(&funding_privkey[1], &bitcoin[1]))
314 		errx(1, "Bad privkeys");
315 
316 	lesser_key = pubkey_idx(&node[0], &node[1]);
317 	node_id_from_pubkey(&nodeid[0], &node[0]);
318 	node_id_from_pubkey(&nodeid[1], &node[1]);
319 
320 	/* First make msg with dummy sigs. */
321 	memset(nodesig, 0, sizeof(nodesig));
322 	memset(bitcoinsig, 0, sizeof(bitcoinsig));
323 
324 	cannounce = towire_channel_announcement(NULL,
325 						&nodesig[lesser_key],
326 						&nodesig[!lesser_key],
327 						&bitcoinsig[lesser_key],
328 						&bitcoinsig[!lesser_key],
329 						features, &chainhash,
330 						&scid,
331 						&nodeid[lesser_key],
332 						&nodeid[!lesser_key],
333 						&bitcoin[lesser_key],
334 						&bitcoin[!lesser_key]);
335 	sha256_double(&hash, cannounce + channel_announcement_offset,
336 		      tal_count(cannounce) - channel_announcement_offset);
337 	sign_hash(&node_privkey[0], &hash, &nodesig[0]);
338 	sign_hash(&funding_privkey[0], &hash, &bitcoinsig[0]);
339 	sign_hash(&node_privkey[1], &hash, &nodesig[1]);
340 	sign_hash(&funding_privkey[1], &hash, &bitcoinsig[1]);
341 
342 	printf("type=channel_announcement\n");
343 	printf("   node_signature_1=%s\n",
344 	       sig_notation(&node_privkey[lesser_key], &hash, &nodesig[lesser_key]));
345 	printf("   node_signature_2=%s\n",
346 	       sig_notation(&node_privkey[!lesser_key], &hash, &nodesig[!lesser_key]));
347 	printf("   bitcoin_signature_1=%s\n",
348 	       sig_notation(&funding_privkey[lesser_key], &hash, &bitcoinsig[lesser_key]));
349 	printf("   bitcoin_signature_2=%s\n",
350 	       sig_notation(&funding_privkey[!lesser_key], &hash, &bitcoinsig[!lesser_key]));
351 	printf("   features=%s\n", tal_hex(NULL, features));
352 	printf("   chain_hash=%s\n", tal_hexstr(NULL, &chainhash, sizeof(chainhash)));
353 	printf("   short_channel_id=%s\n", short_channel_id_to_str(NULL, &scid));
354 	printf("   node_id_1=%s\n",
355 	       node_id_to_hexstr(NULL, &nodeid[lesser_key]));
356 	printf("   node_id_2=%s\n",
357 	       node_id_to_hexstr(NULL, &nodeid[!lesser_key]));
358 	printf("   bitcoin_key_1=%s\n",
359 	       pubkey_to_hexstr(NULL, &bitcoin[lesser_key]));
360 	printf("   bitcoin_key_2=%s\n",
361 	       pubkey_to_hexstr(NULL, &bitcoin[!lesser_key]));
362 
363 	printf("\n#Node 1:\n");
364 	print_update(&chainhash, &scid, &opts[0], lesser_key == 0,
365 		     &node_privkey[0]);
366 	print_nannounce(&nodeid[0], &opts[0], &node_privkey[0]);
367 
368 	printf("\n#Node 2:\n");
369 	print_update(&chainhash, &scid, &opts[1], lesser_key == 1,
370 		     &node_privkey[1]);
371 
372 	print_nannounce(&nodeid[1], &opts[1], &node_privkey[1]);
373 
374 	return 0;
375 }
376