From 66bde4bd9f96b41b02bbc36c02c19579f7d054c4 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Mon, 12 Dec 2022 16:36:04 +1030 Subject: [PATCH] lightningd: only allow closing to native segwit Signed-off-by: Rusty Russell Changelog-Removed: JSON-RPC: `close` `destination` no longer allows p2pkh or p2sh addresses (deprecated v0.11.0) --- common/shutdown_scriptpubkey.c | 4 ++-- common/shutdown_scriptpubkey.h | 5 ++++- lightningd/channel_control.c | 2 +- lightningd/closing_control.c | 4 ++-- lightningd/dual_open_control.c | 2 +- openingd/openingd.c | 2 +- 6 files changed, 11 insertions(+), 8 deletions(-) diff --git a/common/shutdown_scriptpubkey.c b/common/shutdown_scriptpubkey.c index 4a09ef30a..d7497f295 100644 --- a/common/shutdown_scriptpubkey.c +++ b/common/shutdown_scriptpubkey.c @@ -48,9 +48,9 @@ static bool is_valid_witnessprog(const u8 *scriptpubkey) bool valid_shutdown_scriptpubkey(const u8 *scriptpubkey, bool anysegwit, - bool anchors) + bool allow_oldstyle) { - if (!anchors) { + if (allow_oldstyle) { if (is_p2pkh(scriptpubkey, NULL) || is_p2sh(scriptpubkey, NULL)) return true; diff --git a/common/shutdown_scriptpubkey.h b/common/shutdown_scriptpubkey.h index e8c1fac1c..a4a9d295d 100644 --- a/common/shutdown_scriptpubkey.h +++ b/common/shutdown_scriptpubkey.h @@ -16,8 +16,11 @@ * - if the `scriptpubkey` is not in one of the above forms: * - SHOULD send a `warning` */ + +/* We still allow them to specify an old-style P2PKH or P2SH (though we + * never will send such a thing!) if they're not using anchors. */ bool valid_shutdown_scriptpubkey(const u8 *scriptpubkey, bool anysegwit, - bool anchors); + bool allow_oldstyle); #endif /* LIGHTNING_COMMON_SHUTDOWN_SCRIPTPUBKEY_H */ diff --git a/lightningd/channel_control.c b/lightningd/channel_control.c index 9bfcf9310..e9f545723 100644 --- a/lightningd/channel_control.c +++ b/lightningd/channel_control.c @@ -315,7 +315,7 @@ static void peer_got_shutdown(struct channel *channel, const u8 *msg) * - if the `scriptpubkey` is not in one of the above forms: * - SHOULD send a `warning`. */ - if (!valid_shutdown_scriptpubkey(scriptpubkey, anysegwit, anchors)) { + if (!valid_shutdown_scriptpubkey(scriptpubkey, anysegwit, !anchors)) { u8 *warning = towire_warningfmt(NULL, &channel->cid, "Bad shutdown scriptpubkey %s", diff --git a/lightningd/closing_control.c b/lightningd/closing_control.c index 00204067a..03b6565ad 100644 --- a/lightningd/closing_control.c +++ b/lightningd/closing_control.c @@ -724,11 +724,11 @@ static struct command_result *json_close(struct command *cmd, channel->peer->their_features, OPT_SHUTDOWN_ANYSEGWIT); if (!valid_shutdown_scriptpubkey(channel->shutdown_scriptpubkey[LOCAL], - anysegwit, !deprecated_apis)) { + anysegwit, false)) { /* Explicit check for future segwits. */ if (!anysegwit && valid_shutdown_scriptpubkey(channel->shutdown_scriptpubkey - [LOCAL], true, !deprecated_apis)) { + [LOCAL], true, false)) { return command_fail(cmd, JSONRPC2_INVALID_PARAMS, "Peer does not allow v1+ shutdown addresses"); } diff --git a/lightningd/dual_open_control.c b/lightningd/dual_open_control.c index 468333f35..c65b2bd29 100644 --- a/lightningd/dual_open_control.c +++ b/lightningd/dual_open_control.c @@ -1364,7 +1364,7 @@ static void handle_peer_wants_to_close(struct subd *dualopend, * - if the `scriptpubkey` is not in one of the above forms: * - SHOULD send a `warning` */ - if (!valid_shutdown_scriptpubkey(scriptpubkey, anysegwit, anchors)) { + if (!valid_shutdown_scriptpubkey(scriptpubkey, anysegwit, !anchors)) { u8 *warning = towire_warningfmt(NULL, &channel->cid, "Bad shutdown scriptpubkey %s", diff --git a/openingd/openingd.c b/openingd/openingd.c index e9de31a3d..2f0b7a08f 100644 --- a/openingd/openingd.c +++ b/openingd/openingd.c @@ -311,7 +311,7 @@ static void set_remote_upfront_shutdown(struct state *state, = tal_steal(state, shutdown_scriptpubkey); if (shutdown_scriptpubkey - && !valid_shutdown_scriptpubkey(shutdown_scriptpubkey, anysegwit, anchors)) + && !valid_shutdown_scriptpubkey(shutdown_scriptpubkey, anysegwit, !anchors)) peer_failed_err(state->pps, &state->channel_id, "Unacceptable upfront_shutdown_script %s",