untested: fix the commit-to-no-taptree musig implementation

instagibbs · Feb 21, 2023 · 23278da · 23278da
1 parent 9dfb3ef
commit 23278da
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 11 deletions.
diff --git a/bitcoin/signature.c b/bitcoin/signature.c
@@ -216,6 +216,8 @@ void bipmusig_finalize_keys(struct pubkey *agg_pk,
     int i, ok;
     unsigned char taptweak_preimage[64];
     secp256k1_xonly_pubkey agg_x_key;
+	struct pubkey tmp_inner_pubkey;
+	size_t key_len = 33;
     assert(n_pubkeys <= 100);
 
     /* Sorting moves pubkeys themselves, we copy and discard after */
@@ -244,26 +246,29 @@ void bipmusig_finalize_keys(struct pubkey *agg_pk,
 
     assert(ok);
 
-	if (inner_pubkey) {
-		ok = secp256k1_musig_pubkey_get(secp256k1_ctx,
-			&inner_pubkey->pubkey,
-			keyagg_cache);
+	ok = secp256k1_musig_pubkey_get(secp256k1_ctx,
+		&tmp_inner_pubkey.pubkey,
+		keyagg_cache);
 
-		assert(ok);
-	}
-
-    ok = secp256k1_xonly_pubkey_serialize(secp256k1_ctx, taptweak_preimage, &agg_x_key);
+	assert(ok);
 
-    assert(ok);
+	if (inner_pubkey) {
+		*inner_pubkey = tmp_inner_pubkey;
+	}
 
     if (!tap_merkle_root) {
         /* No-tapscript recommended commitment: Q = P + int(hashTapTweak(bytes(P)))G */
-        ok = wally_tagged_hash(taptweak_preimage, 32, "TapTweak", tap_tweak_out);
+		ok = secp256k1_ec_pubkey_serialize(secp256k1_ctx, taptweak_preimage, &key_len, &tmp_inner_pubkey.pubkey, SECP256K1_EC_COMPRESSED);
+		assert(key_len == 33);
+        ok = wally_tagged_hash(taptweak_preimage, key_len, "TapTweak", tap_tweak_out);
         assert(ok == WALLY_OK);
         ok = secp256k1_musig_pubkey_xonly_tweak_add(secp256k1_ctx, &(agg_pk->pubkey), keyagg_cache, tap_tweak_out);
         assert(ok);
     } else {
-        /* Otherwise: Q = P + int(hashTapTweak(bytes(P)||tap_merkle_root))G */
+		ok = secp256k1_xonly_pubkey_serialize(secp256k1_ctx, taptweak_preimage, &agg_x_key);
+		assert(ok);
+
+        /* Otherwise: Q = P + int(hashTapTweak(p||tap_merkle_root))G */
         memcpy(taptweak_preimage + 32, tap_merkle_root->u.u8, sizeof(tap_merkle_root->u.u8));
         ok = wally_tagged_hash(taptweak_preimage, sizeof(taptweak_preimage), "TapTweak", tap_tweak_out);
         assert(ok == WALLY_OK);

diff --git a/tests/test_eltoo.py b/tests/test_eltoo.py
@@ -113,6 +113,8 @@ def test_eltoo_base_reestablishment(node_factory, bitcoind):
     l1.daemon.wait_for_log('Reconnected, and reestablished')
     l2.daemon.wait_for_log('Reconnected, and reestablished')
 
+    from pdb import set_trace
+    set_trace()
     l1_update_tx = l1.rpc.listpeers(l2.info['id'])["peers"][0]["channels"][0]['last_update_tx']
     l1_settle_tx = l1.rpc.listpeers(l2.info['id'])["peers"][0]["channels"][0]['last_settle_tx']