lnwire: update Sig to support both ECDSA and schnorr sigs

In this commit, we update the Sig type to support ECDSA and schnorr
signatures. We need to do this as the HTLC signatures will become
schnorr sigs for taproot channels. The current spec draft opts to
overload this field since both the sigs are actually 64 bytes in length.
The only consideration with this move is that callers need to "coerce" a
sig to the proper type if they need schnorr signatures.

watchtower/blob/justice_kit.go

@@ -398,7 +398,7 @@ func (b *JusticeKit) encodeV0(w io.Writer) error {
 	}
 
 	// Write 64-byte revocation signature for commit to-local output.
-	_, err = w.Write(b.CommitToLocalSig[:])
+	_, err = w.Write(b.CommitToLocalSig.RawBytes())
 	if err != nil {
 		return err
 	}
@@ -410,7 +410,7 @@ func (b *JusticeKit) encodeV0(w io.Writer) error {
 	}
 
 	// Write 64-byte commit to-remote signature, which may be blank.
-	_, err = w.Write(b.CommitToRemoteSig[:])
+	_, err = w.Write(b.CommitToRemoteSig.RawBytes())
 	return err
 }
 
@@ -472,14 +472,20 @@ func (b *JusticeKit) decodeV0(r io.Reader) error {
 	}
 
 	// Read 64-byte revocation signature for commit to-local output.
-	_, err = io.ReadFull(r, b.CommitToLocalSig[:])
+	var localSig [64]byte
+	_, err = io.ReadFull(r, localSig[:])
+	if err != nil {
+		return err
+	}
+
+	b.CommitToLocalSig, err = lnwire.NewSigFromWireECDSA(localSig[:])
 	if err != nil {
 		return err
 	}
 
 	var (
 		commitToRemotePubkey PubKey
-		commitToRemoteSig    lnwire.Sig
+		commitToRemoteSig    [64]byte
 	)
 
 	// Read 33-byte commit to-remote public key, which may be discarded.
@@ -498,7 +504,12 @@ func (b *JusticeKit) decodeV0(r io.Reader) error {
 	// valid compressed public key was read from the reader.
 	if btcec.IsCompressedPubKey(commitToRemotePubkey[:]) {
 		b.CommitToRemotePubKey = commitToRemotePubkey
-		b.CommitToRemoteSig = commitToRemoteSig
+		b.CommitToRemoteSig, err = lnwire.NewSigFromWireECDSA(
+			commitToRemoteSig[:],
+		)
+		if err != nil {
+			return err
+		}
 	}
 
 	return nil

watchtower/blob/justice_kit_test.go

@@ -28,8 +28,10 @@ func makePubKey(i uint64) blob.PubKey {
 }
 
 func makeSig(i int) lnwire.Sig {
-	var sig lnwire.Sig
-	binary.BigEndian.PutUint64(sig[:8], uint64(i))
+	var sigBytes [64]byte
+	binary.BigEndian.PutUint64(sigBytes[:8], uint64(i))
+
+	sig, _ := lnwire.NewSigFromWireECDSA(sigBytes[:])
 	return sig
 }
 

watchtower/lookout/justice_descriptor_test.go

@@ -320,8 +320,8 @@ func testJusticeDescriptor(t *testing.T, blobType blob.Type) {
 	require.Nil(t, err)
 
 	// Complete our justice kit by copying the signatures into the payload.
-	copy(justiceKit.CommitToLocalSig[:], toLocalSig[:])
-	copy(justiceKit.CommitToRemoteSig[:], toRemoteSig[:])
+	justiceKit.CommitToLocalSig = toLocalSig
+	justiceKit.CommitToRemoteSig = toRemoteSig
 
 	justiceDesc := &lookout.JusticeDescriptor{
 		BreachedCommitTx: breachTxn,

watchtower/lookout/lookout_test.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/btcsuite/btcd/wire"
 	"github.com/lightningnetwork/lnd/chainntnfs"
+	"github.com/lightningnetwork/lnd/lnwire"
 	"github.com/lightningnetwork/lnd/watchtower/blob"
 	"github.com/lightningnetwork/lnd/watchtower/lookout"
 	"github.com/lightningnetwork/lnd/watchtower/wtdb"
@@ -57,6 +58,12 @@ func makeArray64(i uint64) [64]byte {
 	return arr
 }
 
+func makeTestSig(i uint64) lnwire.Sig {
+	sigBytes := makeArray64(i)
+	sig, _ := lnwire.NewSigFromWireECDSA(sigBytes[:])
+	return sig
+}
+
 func makeAddrSlice(size int) []byte {
 	addr := make([]byte, size)
 	if _, err := io.ReadFull(rand.Reader, addr); err != nil {
@@ -141,7 +148,7 @@ func TestLookoutBreachMatching(t *testing.T) {
 		RevocationPubKey: makePubKey(1),
 		LocalDelayPubKey: makePubKey(1),
 		CSVDelay:         144,
-		CommitToLocalSig: makeArray64(1),
+		CommitToLocalSig: makeTestSig(1),
 	}
 	blob2 := &blob.JusticeKit{
 		BlobType:         blobType,
@@ -149,7 +156,7 @@ func TestLookoutBreachMatching(t *testing.T) {
 		RevocationPubKey: makePubKey(2),
 		LocalDelayPubKey: makePubKey(2),
 		CSVDelay:         144,
-		CommitToLocalSig: makeArray64(2),
+		CommitToLocalSig: makeTestSig(2),
 	}
 
 	key1 := blob.NewBreachKeyFromHash(&hash1)

watchtower/wtclient/backup_task.go

@@ -369,24 +369,26 @@ func (t *backupTask) craftSessionPayload(
 
 		// Re-encode the DER signature into a fixed-size 64 byte
 		// signature.
-		signature, err := lnwire.NewSigFromRawSignature(rawSignature)
+		signature, err := lnwire.NewSigFromECDSARawSignature(
+			rawSignature,
+		)
 		if err != nil {
 			return hint, nil, err
 		}
 
 		// Finally, copy the serialized signature into the justice kit,
 		// using the input's witness type to select the appropriate
-		// field.
+		// field
 		switch inp.WitnessType() {
 		case input.CommitmentRevoke:
-			copy(justiceKit.CommitToLocalSig[:], signature[:])
+			justiceKit.CommitToLocalSig = signature
 
 		case input.CommitSpendNoDelayTweakless:
 			fallthrough
 		case input.CommitmentNoDelay:
 			fallthrough
 		case input.CommitmentToRemoteConfirmed:
-			copy(justiceKit.CommitToRemoteSig[:], signature[:])
+			justiceKit.CommitToRemoteSig = signature
 		default:
 			return hint, nil, fmt.Errorf("invalid witness type: %v",
 				inp.WitnessType())

watchtower/wtclient/backup_task_internal_test.go

@@ -618,8 +618,9 @@ func testBackupTask(t *testing.T, test backupTaskTest) {
 	// moment, it is tested indirectly by other packages and integration
 	// tests.
 	// TODO(conner): include signature validation checks
-
-	emptyToLocalSig := bytes.Equal(jKit.CommitToLocalSig[:], zeroSig[:])
+	emptyToLocalSig := bytes.Equal(
+		jKit.CommitToLocalSig.RawBytes(), zeroSig[:],
+	)
 	if hasToLocal {
 		require.False(t, emptyToLocalSig, "to-local signature should "+
 			"not be empty")
@@ -628,7 +629,9 @@ func testBackupTask(t *testing.T, test backupTaskTest) {
 			"be empty")
 	}
 
-	emptyToRemoteSig := bytes.Equal(jKit.CommitToRemoteSig[:], zeroSig[:])
+	emptyToRemoteSig := bytes.Equal(
+		jKit.CommitToRemoteSig.RawBytes(), zeroSig[:],
+	)
 	if hasToRemote {
 		require.False(t, emptyToRemoteSig, "to-remote signature "+
 			"should not be empty")