lnwire: update Sig to support both ECDSA and schnorr sigs

In this commit, we update the Sig type to support ECDSA and schnorr signatures. We need to do this as the HTLC signatures will become schnorr sigs for taproot channels. The current spec draft opts to overload this field since both the sigs are actually 64 bytes in length. The only consideration with this move is that callers need to "coerce" a sig to the proper type if they need schnorr signatures.
lightningnetwork · Mar 15, 2023 · 5e7a97c · 5e7a97c
1 parent df453ac
commit 5e7a97c
Show file tree

Hide file tree

Showing 29 changed files with 297 additions and 126 deletions.
diff --git a/channeldb/graph.go b/channeldb/graph.go
@@ -2726,7 +2726,7 @@ func (l *LightningNode) NodeAnnouncement(signed bool) (*lnwire.NodeAnnouncement,
 		return nodeAnn, nil
 	}
 
-	sig, err := lnwire.NewSigFromRawSignature(l.AuthSigBytes)
+	sig, err := lnwire.NewSigFromECDSARawSignature(l.AuthSigBytes)
 	if err != nil {
 		return nil, err
 	}

diff --git a/discovery/gossiper.go b/discovery/gossiper.go
@@ -2201,25 +2201,25 @@ func (d *AuthenticatedGossiper) updateChannel(info *channeldb.ChannelEdgeInfo,
 			BitcoinKey2:     info.BitcoinKey2Bytes,
 			ExtraOpaqueData: edge.ExtraOpaqueData,
 		}
-		chanAnn.NodeSig1, err = lnwire.NewSigFromRawSignature(
+		chanAnn.NodeSig1, err = lnwire.NewSigFromECDSARawSignature(
 			info.AuthProof.NodeSig1Bytes,
 		)
 		if err != nil {
 			return nil, nil, err
 		}
-		chanAnn.NodeSig2, err = lnwire.NewSigFromRawSignature(
+		chanAnn.NodeSig2, err = lnwire.NewSigFromECDSARawSignature(
 			info.AuthProof.NodeSig2Bytes,
 		)
 		if err != nil {
 			return nil, nil, err
 		}
-		chanAnn.BitcoinSig1, err = lnwire.NewSigFromRawSignature(
+		chanAnn.BitcoinSig1, err = lnwire.NewSigFromECDSARawSignature(
 			info.AuthProof.BitcoinSig1Bytes,
 		)
 		if err != nil {
 			return nil, nil, err
 		}
-		chanAnn.BitcoinSig2, err = lnwire.NewSigFromRawSignature(
+		chanAnn.BitcoinSig2, err = lnwire.NewSigFromECDSARawSignature(
 			info.AuthProof.BitcoinSig2Bytes,
 		)
 		if err != nil {

diff --git a/htlcswitch/link_test.go b/htlcswitch/link_test.go
@@ -5374,9 +5374,15 @@ func TestChannelLinkFail(t *testing.T) {
 
 				// Flip a bit on the signature, rendering it
 				// invalid.
-				sig[19] ^= 1
+				sigCopy := sig.Copy()
+				copyBytes := sigCopy.RawBytes()
+				copyBytes[19] ^= 1
+				modifiedSig, err := lnwire.NewSigFromWireECDSA(
+					copyBytes,
+				)
+				require.NoError(t, err)
 				commitSig := &lnwire.CommitSig{
-					CommitSig: sig,
+					CommitSig: modifiedSig,
 					HtlcSigs:  htlcSigs,
 				}
 

diff --git a/lnrpc/routerrpc/router_backend.go b/lnrpc/routerrpc/router_backend.go
@@ -1283,7 +1283,7 @@ func marshallChannelUpdate(update *lnwire.ChannelUpdate) *lnrpc.ChannelUpdate {
 	}
 
 	return &lnrpc.ChannelUpdate{
-		Signature:       update.Signature[:],
+		Signature:       update.Signature.RawBytes(),
 		ChainHash:       update.ChainHash[:],
 		ChanId:          update.ShortChannelID.ToUint64(),
 		Timestamp:       update.Timestamp,

diff --git a/lnrpc/signrpc/signer_server.go b/lnrpc/signrpc/signer_server.go
@@ -713,7 +713,7 @@ func (s *Server) VerifyMessage(_ context.Context,
 	}
 
 	// The signature must be fixed-size LN wire format encoded.
-	wireSig, err := lnwire.NewSigFromRawSignature(in.Signature)
+	wireSig, err := lnwire.NewSigFromECDSARawSignature(in.Signature)
 	if err != nil {
 		return nil, fmt.Errorf("failed to decode signature: %v", err)
 	}

diff --git a/lnwallet/chancloser/chancloser.go b/lnwallet/chancloser/chancloser.go
@@ -785,16 +785,18 @@ func (c *ChanCloser) proposeCloseSigned(fee btcutil.Amount) (*lnwire.ClosingSign
 		return nil, err
 	}
 
-	// We'll note our last signature and proposed fee so when the remote party
-	// responds we'll be able to decide if we've agreed on fees or not.
+	// We'll note our last signature and proposed fee so when the remote
+	// party responds we'll be able to decide if we've agreed on fees or
+	// not.
 	c.lastFeeProposal = fee
+
 	parsedSig, err := lnwire.NewSigFromSignature(rawSig)
 	if err != nil {
 		return nil, err
 	}
 
-	chancloserLog.Infof("ChannelPoint(%v): proposing fee of %v sat to close "+
-		"chan", c.chanPoint, int64(fee))
+	chancloserLog.Infof("ChannelPoint(%v): proposing fee of %v sat to "+
+		"close chan", c.chanPoint, int64(fee))
 
 	// We'll assemble a ClosingSigned message using this information and return
 	// it to the caller so we can kick off the final stage of the channel

diff --git a/lnwallet/channel.go b/lnwallet/channel.go
@@ -320,7 +320,7 @@ type PaymentDescriptor struct {
 	// local node. This signature is generated by the remote node and
 	// stored by the local node in the case that local node needs to
 	// broadcast their commitment transaction.
-	sig *ecdsa.Signature
+	sig input.Signature
 
 	// addCommitHeight[Remote|Local] encodes the height of the commitment
 	// which included this HTLC on either the remote or local commitment
@@ -4333,7 +4333,7 @@ func genHtlcSigValidationJobs(localCommitmentView *commitment,
 		var (
 			htlcIndex uint64
 			sigHash   func() ([]byte, error)
-			sig       *ecdsa.Signature
+			sig       input.Signature
 			err       error
 		)
 

diff --git a/lnwallet/channel_test.go b/lnwallet/channel_test.go
@@ -5331,7 +5331,11 @@ func TestInvalidCommitSigError(t *testing.T) {
 
 	// Before the signature gets to Bob, we'll mutate it, such that the
 	// signature is now actually invalid.
-	aliceSig[0] ^= 88
+	aliceSigCopy := aliceSig.Copy()
+	aliceSigCopyBytes := aliceSigCopy.RawBytes()
+	aliceSigCopyBytes[0] ^= 88
+	aliceSig, err = lnwire.NewSigFromWireECDSA(aliceSigCopyBytes)
+	require.NoError(t, err)
 
 	// Bob should reject this new state, and return the proper error.
 	err = bobChannel.ReceiveNewCommitment(aliceSig, aliceHtlcSigs)

diff --git a/lnwallet/rpcwallet/rpcwallet.go b/lnwallet/rpcwallet/rpcwallet.go
@@ -453,11 +453,20 @@ func (r *RPCKeyRing) SignMessage(keyLoc keychain.KeyLocator,
 			"signer instance: %v", err)
 	}
 
-	wireSig, err := lnwire.NewSigFromRawSignature(resp.Signature)
+	wireSig, err := lnwire.NewSigFromECDSARawSignature(resp.Signature)
 	if err != nil {
-		return nil, fmt.Errorf("error parsing raw signature: %v", err)
+		return nil, fmt.Errorf("unable to create sig: %w", err)
 	}
-	return wireSig.ToSignature()
+	sig, err := wireSig.ToSignature()
+	if err != nil {
+		return nil, fmt.Errorf("unable to parse sig: %w", err)
+	}
+	ecdsaSig, ok := sig.(*ecdsa.Signature)
+	if !ok {
+		return nil, fmt.Errorf("unexpected signature type: %T", sig)
+	}
+
+	return ecdsaSig, nil
 }
 
 // SignMessageCompact signs the given message, single or double SHA256 hashing

diff --git a/lnwallet/sigpool.go b/lnwallet/sigpool.go
@@ -5,7 +5,6 @@ import (
 	"sync"
 
 	"github.com/btcsuite/btcd/btcec/v2"
-	"github.com/btcsuite/btcd/btcec/v2/ecdsa"
 	"github.com/btcsuite/btcd/wire"
 	"github.com/lightningnetwork/lnd/input"
 	"github.com/lightningnetwork/lnd/lnwire"
@@ -36,7 +35,7 @@ type VerifyJob struct {
 
 	// Sig is the raw signature generated using the above public key.  This
 	// is the signature to be verified.
-	Sig *ecdsa.Signature
+	Sig input.Signature
 
 	// SigHash is a function closure generates the sighashes that the
 	// passed signature is known to have signed.

diff --git a/lnwire/fuzz_test.go b/lnwire/fuzz_test.go
@@ -383,7 +383,10 @@ func FuzzNodeAnnouncement(f *testing.F) {
 			t.Fatal("new message was not NodeAnnouncement")
 		}
 
-		if !bytes.Equal(first.Signature[:], second.Signature[:]) {
+		if !bytes.Equal(
+			first.Signature.RawBytes(),
+			second.Signature.RawBytes(),
+		) {
 			shouldPanic = true
 		}
 

diff --git a/lnwire/lnwire.go b/lnwire/lnwire.go
@@ -183,7 +183,7 @@ func WriteElement(w *bytes.Buffer, element interface{}) error {
 
 	case Sig:
 		// Write buffer
-		if _, err := w.Write(e[:]); err != nil {
+		if _, err := w.Write(e.bytes[:]); err != nil {
 			return err
 		}
 
@@ -618,7 +618,7 @@ func ReadElement(r io.Reader, element interface{}) error {
 		*e = sigs
 
 	case *Sig:
-		if _, err := io.ReadFull(r, e[:]); err != nil {
+		if _, err := io.ReadFull(r, e.bytes[:]); err != nil {
 			return err
 		}