tx: strip out witscript

now that witness script data is saved into the tx/psbt which is serialized across the wire, there's no reason to use witscript to do this. good bye witscript!
2025-12-19 23:24:27 +01:00 · 2020-05-21 13:27:54 +09:30
parent 559f88faa1
commit bf4cac7fb8
8 changed files with 33 additions and 99 deletions
--- a/bitcoin/tx.c
+++ b/bitcoin/tx.c
@@ -242,38 +242,20 @@ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx,
 	return res;
 }
-struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx,
+u8 *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx,
 						  const struct bitcoin_tx *tx,
 				    int outnum)
 {
 	struct witscript *wit;
 	struct wally_psbt_output *out;
 	assert(outnum < tx->psbt->num_outputs);
 	out = &tx->psbt->outputs[outnum];
 	if (out->witness_script_len == 0)
 		return NULL;
-	wit = tal(ctx, struct witscript);
+	return tal_dup_arr(ctx, u8, out->witness_script, out->witness_script_len, 0);
 	wit->ptr = tal_dup_arr(ctx, u8, out->witness_script, out->witness_script_len, 0);
 	return wit;
 }
 const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx,
 						   const struct bitcoin_tx *tx)
 {
 	size_t i;
 	struct witscript **witscripts;
 	witscripts = tal_arr(ctx, struct witscript *, tx->wtx->num_outputs);
 	for (i = 0; i < tx->wtx->num_outputs; i++)
 		witscripts[i] = bitcoin_tx_output_get_witscript(witscripts, tx, i);
 	return cast_const2(const struct witscript **, witscripts);
 }
 /* FIXME(cdecker) Make the caller pass in a reference to amount_asset, and
 * return false if unintelligible/encrypted. (WARN UNUSED). */
 struct amount_asset bitcoin_tx_output_get_amount(const struct bitcoin_tx *tx,
@@ -722,24 +704,3 @@ void towire_bitcoin_tx_output(u8 **pptr, const struct bitcoin_tx_output *output)
 	towire_u16(pptr, tal_count(output->script));
 	towire_u8_array(pptr, output->script, tal_count(output->script));
 }
 void towire_witscript(u8 **pptr, const struct witscript *script)
 {
 	if (script == NULL) {
 		towire_u16(pptr, 0);
 	} else {
 		assert(script->ptr != NULL);
 		towire_u16(pptr, tal_count(script->ptr));
 		towire_u8_array(pptr, script->ptr, tal_count(script->ptr));
 	}
 }
 struct witscript *fromwire_witscript(const tal_t *ctx, const u8 **cursor, size_t *max)
 {
 	struct witscript *retval = tal(ctx, struct witscript);
 	u16 len = fromwire_u16(cursor, max);
 	retval->ptr = fromwire_tal_arrn(retval, cursor, max, len);
 	if (!*cursor)
 		return tal_free(retval);
 	return retval;
 }
--- a/bitcoin/tx.h
+++ b/bitcoin/tx.h
@@ -14,10 +14,6 @@
 #define BITCOIN_TX_DEFAULT_SEQUENCE 0xFFFFFFFF
 struct wally_psbt;
 struct witscript {
    u8 *ptr;
 };
 struct bitcoin_txid {
 	struct sha256_double shad;
 };
@@ -110,12 +106,8 @@ const u8 *bitcoin_tx_output_get_script(const tal_t *ctx, const struct bitcoin_tx
 /**
 * Helper to get a witness script for an output.
 */
-struct witscript *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum);
+u8 *bitcoin_tx_output_get_witscript(const tal_t *ctx, const struct bitcoin_tx *tx, int outnum);
 /**
 * Helper to get all witness scripts for a transaction.
 */
 const struct witscript **bitcoin_tx_get_witscripts(const tal_t *ctx, const struct bitcoin_tx *tx);
 /** bitcoin_tx_output_get_amount_sat - Helper to get transaction output's amount
 *
 * Internally we use a `wally_tx` to represent the transaction. The
@@ -199,12 +191,8 @@ struct bitcoin_tx *fromwire_bitcoin_tx(const tal_t *ctx,
 				       const u8 **cursor, size_t *max);
 struct bitcoin_tx_output *fromwire_bitcoin_tx_output(const tal_t *ctx,
 						     const u8 **cursor, size_t *max);
 struct witscript *fromwire_witscript(const tal_t *ctx,
 				     const u8 **cursor, size_t *max);
 void towire_bitcoin_txid(u8 **pptr, const struct bitcoin_txid *txid);
 void towire_bitcoin_tx(u8 **pptr, const struct bitcoin_tx *tx);
 void towire_bitcoin_tx_output(u8 **pptr, const struct bitcoin_tx_output *output);
 void towire_witscript(u8 **pptr, const struct witscript *script);
 #endif /* LIGHTNING_BITCOIN_TX_H */
--- a/channeld/channeld.c
+++ b/channeld/channeld.c
@@ -837,14 +837,12 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
 	size_t i;
 	struct pubkey local_htlckey;
 	const u8 *msg;
 	const struct witscript **ws;
 	secp256k1_ecdsa_signature *htlc_sigs;
 	ws = bitcoin_tx_get_witscripts(tmpctx, txs[0]);
 	msg = towire_hsm_sign_remote_commitment_tx(NULL, txs[0],
 						   &peer->channel->funding_pubkey[REMOTE],
 						   *txs[0]->input_amounts[0],
-						   ws, &peer->remote_per_commit,
+						   &peer->remote_per_commit,
 						   peer->channel->option_static_remotekey);
 	msg = hsm_req(tmpctx, take(msg));
@@ -880,11 +878,11 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
 	for (i = 0; i < tal_count(htlc_sigs); i++) {
 		struct bitcoin_signature sig;
-		struct witscript *w;
+		u8 *wscript;
-		w = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
+		wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
 							  txs[i+1]->wtx->inputs[0].index);
-		msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], w->ptr,
+		msg = towire_hsm_sign_remote_htlc_tx(NULL, txs[i + 1], wscript,
 						     *txs[i+1]->input_amounts[0],
 						     &peer->remote_per_commit);
@@ -899,10 +897,10 @@ static secp256k1_ecdsa_signature *calc_commitsigs(const tal_t *ctx,
 			     type_to_string(tmpctx, struct bitcoin_signature,
 					    &sig),
 			     type_to_string(tmpctx, struct bitcoin_tx, txs[1+i]),
-			     tal_hex(tmpctx, w->ptr),
+			     tal_hex(tmpctx, wscript),
 			     type_to_string(tmpctx, struct pubkey,
 					    &local_htlckey));
-		assert(check_tx_sig(txs[1+i], 0, NULL, w->ptr,
+		assert(check_tx_sig(txs[1+i], 0, NULL, wscript,
 				    &local_htlckey,
 				    &sig));
 	}
@@ -1349,23 +1347,23 @@ static void handle_peer_commit_sig(struct peer *peer, const u8 *msg)
 	 */
 	for (i = 0; i < tal_count(htlc_sigs); i++) {
 		struct bitcoin_signature sig;
-		struct witscript *w;
+		u8 *wscript;
-		w = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
+		wscript = bitcoin_tx_output_get_witscript(tmpctx, txs[0],
 							  txs[i+1]->wtx->inputs[0].index);
 		/* SIGHASH_ALL is implied. */
 		sig.s = htlc_sigs[i];
 		sig.sighash_type = SIGHASH_ALL;
-		if (!check_tx_sig(txs[1+i], 0, NULL, w->ptr,
+		if (!check_tx_sig(txs[1+i], 0, NULL, wscript,
 				  &remote_htlckey, &sig))
 			peer_failed(peer->pps,
 				    &peer->channel_id,
 				    "Bad commit_sig signature %s for htlc %s wscript %s key %s",
 				    type_to_string(msg, struct bitcoin_signature, &sig),
 				    type_to_string(msg, struct bitcoin_tx, txs[1+i]),
-				    tal_hex(msg, w->ptr),
+				    tal_hex(msg, wscript),
 				    type_to_string(msg, struct pubkey,
 						   &remote_htlckey));
 	}
--- a/devtools/mkcommit.c
+++ b/devtools/mkcommit.c
@@ -465,7 +465,7 @@ int main(int argc, char *argv[])
 	for (size_t i = 0; i < tal_count(htlcmap); i++) {
 		struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
 		struct amount_sat amt;
-		struct witscript *w;
+		u8 *wscript;
 		if (!htlcmap[i])
 			continue;
@@ -477,15 +477,15 @@ int main(int argc, char *argv[])
 		local_txs[1+i]->input_amounts[0]
 			= tal_dup(local_txs[1+i], struct amount_sat, &amt);
-		w = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i);
+		wscript = bitcoin_tx_output_get_witscript(NULL, local_txs[1+i], 1+i);
-		printf("# wscript: %s\n", tal_hex(NULL, w->ptr));
+		printf("# wscript: %s\n", tal_hex(NULL, wscript));
-		bitcoin_tx_hash_for_sig(local_txs[1+i], 0, w->ptr,
+		bitcoin_tx_hash_for_sig(local_txs[1+i], 0, wscript,
 					SIGHASH_ALL, &hash);
-		sign_tx_input(local_txs[1+i], 0, NULL, w->ptr,
+		sign_tx_input(local_txs[1+i], 0, NULL, wscript,
 			      &local_htlc_privkey, &local_htlc_pubkey,
 			      SIGHASH_ALL, &local_htlc_sig);
-		sign_tx_input(local_txs[1+i], 0, NULL, w->ptr,
+		sign_tx_input(local_txs[1+i], 0, NULL, wscript,
 			      &remote_htlc_privkey, &remote_htlc_pubkey,
 			      SIGHASH_ALL, &remote_htlc_sig);
 		printf("localsig_on_local output %zu: %s\n",
@@ -497,13 +497,13 @@ int main(int argc, char *argv[])
 			witness = bitcoin_witness_htlc_timeout_tx(NULL,
 								  &local_htlc_sig,
 								  &remote_htlc_sig,
-								  w->ptr);
+								  wscript);
 		else
 			witness = bitcoin_witness_htlc_success_tx(NULL,
 								  &local_htlc_sig,
 								  &remote_htlc_sig,
 								  preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
-								  w->ptr);
+								  wscript);
 		bitcoin_tx_input_set_witness(local_txs[1+i], 0, witness);
 		printf("htlc tx for output %zu: %s\n",
 		       i, tal_hex(NULL, linearize_tx(NULL, local_txs[1+i])));
@@ -580,7 +580,7 @@ int main(int argc, char *argv[])
 	for (size_t i = 0; i < tal_count(htlcmap); i++) {
 		struct bitcoin_signature local_htlc_sig, remote_htlc_sig;
 		struct amount_sat amt;
-		struct witscript *w;
+		u8 *wscript;
 		if (!htlcmap[i])
 			continue;
@@ -592,14 +592,14 @@ int main(int argc, char *argv[])
 		remote_txs[1+i]->input_amounts[0]
 			= tal_dup(remote_txs[1+i], struct amount_sat, &amt);
-		w = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i);
+		wscript = bitcoin_tx_output_get_witscript(NULL, remote_txs[1+i], 1+i);
-		printf("# wscript: %s\n", tal_hex(NULL, w->ptr));
+		printf("# wscript: %s\n", tal_hex(NULL, wscript));
-		bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, w->ptr,
+		bitcoin_tx_hash_for_sig(remote_txs[1+i], 0, wscript,
 					SIGHASH_ALL, &hash);
-		sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr,
+		sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
 			      &local_htlc_privkey, &local_htlc_pubkey,
 			      SIGHASH_ALL, &local_htlc_sig);
-		sign_tx_input(remote_txs[1+i], 0, NULL, w->ptr,
+		sign_tx_input(remote_txs[1+i], 0, NULL, wscript,
 			      &remote_htlc_privkey, &remote_htlc_pubkey,
 			      SIGHASH_ALL, &remote_htlc_sig);
 		printf("localsig_on_remote output %zu: %s\n",
@@ -611,13 +611,13 @@ int main(int argc, char *argv[])
 			witness = bitcoin_witness_htlc_timeout_tx(NULL,
 								  &remote_htlc_sig,
 								  &local_htlc_sig,
-								  w->ptr);
+								  wscript);
 		else
 			witness = bitcoin_witness_htlc_success_tx(NULL,
 								  &remote_htlc_sig,
 								  &local_htlc_sig,
 								  preimage_of(&htlcmap[i]->rhash, cast_const2(const struct existing_htlc **, htlcs)),
-								  w->ptr);
+								  wscript);
 		bitcoin_tx_input_set_witness(remote_txs[1+i], 0, witness);
 		printf("htlc tx for output %zu: %s\n",
 		       i, tal_hex(NULL, linearize_tx(NULL, remote_txs[1+i])));
--- a/hsmd/hsm_wire.csv
+++ b/hsmd/hsm_wire.csv
@@ -159,8 +159,6 @@ msgtype,hsm_sign_remote_commitment_tx,19
 msgdata,hsm_sign_remote_commitment_tx,tx,bitcoin_tx,
 msgdata,hsm_sign_remote_commitment_tx,remote_funding_key,pubkey,
 msgdata,hsm_sign_remote_commitment_tx,funding_amount,amount_sat,
 msgdata,hsm_sign_remote_commitment_tx,num_witscripts,u16,
 msgdata,hsm_sign_remote_commitment_tx,output_witscripts,witscript,num_witscripts
 msgdata,hsm_sign_remote_commitment_tx,remote_per_commit,pubkey,
 msgdata,hsm_sign_remote_commitment_tx,option_static_remotekey,bool,
--- a/hsmd/hsmd.c
+++ b/hsmd/hsmd.c
@@ -996,7 +996,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 	struct bitcoin_signature sig;
 	struct secrets secrets;
 	const u8 *funding_wscript;
 	struct witscript **output_witscripts;
 	struct pubkey remote_per_commit;
 	bool option_static_remotekey;
@@ -1004,7 +1003,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 						    &tx,
 						    &remote_funding_pubkey,
 						    &funding,
 						    &output_witscripts,
 						    &remote_per_commit,
 						    &option_static_remotekey))
 		return bad_req(conn, c, msg_in);
@@ -1015,8 +1013,6 @@ static struct io_plan *handle_sign_remote_commitment_tx(struct io_conn *conn,
 		return bad_req_fmt(conn, c, msg_in, "tx must have 1 input");
 	if (tx->wtx->num_outputs == 0)
 		return bad_req_fmt(conn, c, msg_in, "tx must have > 0 outputs");
 	if (tal_count(output_witscripts) != tx->wtx->num_outputs)
 		return bad_req_fmt(conn, c, msg_in, "tx must have matching witscripts");
 	get_channel_seed(&c->id, c->dbid, &channel_seed);
 	derive_basepoints(&channel_seed,
--- a/openingd/openingd.c
+++ b/openingd/openingd.c
@@ -667,7 +667,6 @@ static bool funder_finalize_channel_setup(struct state *state,
 	struct channel_id id_in;
 	const u8 *wscript;
 	char *err_reason;
 	const struct witscript **ws;
 	struct wally_tx_output *direct_outputs[NUM_SIDES];
 	/*~ Now we can initialize the `struct channel`.  This represents
@@ -733,12 +732,10 @@ static bool funder_finalize_channel_setup(struct state *state,
 	 * witness script.  It also needs the amount of the funding output,
 	 * as segwit signatures commit to that as well, even though it doesn't
 	 * explicitly appear in the transaction itself. */
 	ws = bitcoin_tx_get_witscripts(tmpctx, *tx);
 	msg = towire_hsm_sign_remote_commitment_tx(NULL,
 						   *tx,
 						   &state->channel->funding_pubkey[REMOTE],
 						   state->channel->funding,
 						   ws,
 						   &state->first_per_commitment_point[REMOTE],
 						   state->channel->option_static_remotekey);
@@ -913,7 +910,6 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
 	struct bitcoin_signature theirsig, sig;
 	struct bitcoin_tx *local_commit, *remote_commit;
 	struct bitcoin_blkid chain_hash;
 	const struct witscript **ws;
 	u8 *msg;
 	const u8 *wscript;
 	u8 channel_flags;
@@ -1270,12 +1266,10 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
 	}
 	/* Make HSM sign it */
 	ws = bitcoin_tx_get_witscripts(tmpctx, remote_commit);
 	msg = towire_hsm_sign_remote_commitment_tx(NULL,
 						   remote_commit,
 						   &state->channel->funding_pubkey[REMOTE],
 						   state->channel->funding,
 						   ws,
 						   &state->first_per_commitment_point[REMOTE],
 						   state->channel->option_static_remotekey);
--- a/tools/generate-wire.py
+++ b/tools/generate-wire.py
@@ -231,7 +231,6 @@ class Type(FieldSet):
        'exclude_entry',
        'fee_states',
        'onionreply',
        'witscript',
        'feature_set',
        'onionmsg_path',
        'route_hop',