highperfocused/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-08-29 23:21:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

input/size: assert witness size constants

Browse Source 
This commit introduces a new test case that asserts all of the witness
size constants currently in the codebase. We also reintroduce the
AcceptedHtlcSuccessWitnessSize and OfferedHtlcTimeoutWitnessSize
constants that were recently removed for the sake of completeness.

In asserting the witnes sizes, there were three uncovered discrepancies:
 * OfferedHtlcSuccessWitnessSize overestimated by about 30% because it
   included an extra signature in the calculation.

 * ToLocalPenaltyWitnessSize was underestimated by one byte, because it
   was missing the length byte for the OP_TRUE. This has implications
   the watchtower protocol since the client and server are assumed to
   share the same weight estimates used for signing. This commit keeps
   the current behavior, with the intention of rolling out negotiation
   for which weight estimate to use for a given session.

 * AcceptedHtlcScriptSize was underestimated by one byte because it was
   missing a length byte for the value 32 pushed on the stack when
   asserting the preimage's length. This affects all AcceptedHtlc*
   witness sizes.
This commit is contained in:
Conner Fromknecht
2020-04-05 17:07:14 -07:00
parent f2b6e2af04
commit c1b9b272cd
7 changed files with 648 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
watchtower/lookout/justice_descriptor.go
View File

@@ -225,6 +225,12 @@ func (p *JusticeDescriptor) assembleJusticeTxn(txWeight int64,
// CreateJusticeTxn computes the justice transaction that sweeps a breaching
// commitment transaction. The justice transaction is constructed by assembling
// the witnesses using data provided by the client in a prior state update.
//
// NOTE: An older version of ToLocalPenaltyWitnessSize underestimated the size
// of the witness by one byte, which could cause the signature(s) to break if
// the tower is reconstructing with the newer constant because the output values
// might differ. This method retains that original behavior to not invalidate
// historical signatures.
func (p *JusticeDescriptor) CreateJusticeTxn() (*wire.MsgTx, error) {
var (
sweepInputs = make([]*breachedInput, 0, 2)
@@ -256,7 +262,13 @@ func (p *JusticeDescriptor) CreateJusticeTxn() (*wire.MsgTx, error) {
if err != nil {
return nil, err
}
weightEstimate.AddWitnessInput(input.ToLocalPenaltyWitnessSize)
// An older ToLocalPenaltyWitnessSize constant used to underestimate the
// size by one byte. The diferrence in weight can cause different output
// values on the sweep transaction, so we mimic the original bug to
// avoid invalidating signatures by older clients.
weightEstimate.AddWitnessInput(input.ToLocalPenaltyWitnessSize - 1)
sweepInputs = append(sweepInputs, toLocalInput)
// If the justice kit specifies that we have to sweep the to-remote

8
watchtower/lookout/justice_descriptor_test.go
View File

@@ -144,7 +144,13 @@ func testJusticeDescriptor(t *testing.T, blobType blob.Type) {
// Compute the weight estimate for our justice transaction.
var weightEstimate input.TxWeightEstimator
weightEstimate.AddWitnessInput(input.ToLocalPenaltyWitnessSize)
// An older ToLocalPenaltyWitnessSize constant used to underestimate the
// size by one byte. The diferrence in weight can cause different output
// values on the sweep transaction, so we mimic the original bug and
// create signatures using the original weight estimate.
weightEstimate.AddWitnessInput(input.ToLocalPenaltyWitnessSize - 1)
weightEstimate.AddWitnessInput(input.P2WKHWitnessSize)
weightEstimate.AddP2WKHOutput()
if blobType.Has(blob.FlagReward) {

9
watchtower/wtclient/backup_task.go
View File

@@ -141,7 +141,14 @@ func (t *backupTask) bindSession(session *wtdb.ClientSessionBody) error {
// Next, add the contribution from the inputs that are present on this
// breach transaction.
if t.toLocalInput != nil {
weightEstimate.AddWitnessInput(input.ToLocalPenaltyWitnessSize)
// An older ToLocalPenaltyWitnessSize constant used to
// underestimate the size by one byte. The diferrence in weight
// can cause different output values on the sweep transaction,
// so we mimic the original bug and create signatures using the
// original weight estimate.
weightEstimate.AddWitnessInput(
input.ToLocalPenaltyWitnessSize - 1,
)
}
if t.toRemoteInput != nil {
weightEstimate.AddWitnessInput(input.P2WKHWitnessSize)