Merge pull request #2005 from arik-so/2023-01-taproot-message-types

Update messages for Taproot types.

Author: TheBlueMatt

.github/workflows/build.yml

@@ -180,6 +180,15 @@ jobs:
           cargo check --no-default-features --features=futures --release
           cargo doc --release
           RUSTDOCFLAGS="--cfg=anchors" cargo doc --release
+      - name: Run cargo check for Taproot build.
+        run: |
+          cargo check --release
+          cargo check --no-default-features --features=no-std --release
+          cargo check --no-default-features --features=futures --release
+          cargo doc --release
+        env:
+          RUSTFLAGS: '--cfg=anchors --cfg=taproot'
+          RUSTDOCFLAGS: '--cfg=anchors --cfg=taproot'
 
   fuzz:
     runs-on: ubuntu-latest

ci/ci-tests.sh

@@ -94,4 +94,6 @@ fi
 echo -e "\n\nTest anchors builds"
 pushd lightning
 RUSTFLAGS="$RUSTFLAGS --cfg=anchors" cargo test --verbose --color always -p lightning
+echo -e "\n\nTest Taproot builds"
+RUSTFLAGS="$RUSTFLAGS --cfg=anchors --cfg=taproot" cargo test --verbose --color always -p lightning
 popd

lightning/Cargo.toml

@@ -56,3 +56,6 @@ regex = "1.5.6"
 version = "0.29.0"
 default-features = false
 features = ["bitcoinconsensus", "secp-recovery"]
+
+[target.'cfg(taproot)'.dependencies]
+musig2 = { git = "https://github.com/arik-so/rust-musig2", rev = "27797d7" }

lightning/src/ln/channel.rs

@@ -2362,7 +2362,9 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 
 		Ok((msgs::FundingSigned {
 			channel_id: self.channel_id,
-			signature
+			signature,
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
 		}, channel_monitor))
 	}
 
@@ -3918,6 +3920,8 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 			channel_id: self.channel_id,
 			per_commitment_secret,
 			next_per_commitment_point,
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		}
 	}
 
@@ -5364,6 +5368,8 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 				None => Builder::new().into_script(),
 			}),
 			channel_type: Some(self.channel_type.clone()),
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		}
 	}
 
@@ -5428,7 +5434,11 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 			temporary_channel_id,
 			funding_txid: funding_txo.txid,
 			funding_output_index: funding_txo.index,
-			signature
+			signature,
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		})
 	}
 
@@ -5947,6 +5957,8 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 			channel_id: self.channel_id,
 			signature,
 			htlc_signatures,
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
 		}, (counterparty_commitment_txid, commitment_stats.htlcs_included)))
 	}
 

lightning/src/ln/functional_tests.rs

@@ -738,7 +738,9 @@ fn test_update_fee_that_funder_cannot_afford() {
 	let commit_signed_msg = msgs::CommitmentSigned {
 		channel_id: chan.2,
 		signature: res.0,
-		htlc_signatures: res.1
+		htlc_signatures: res.1,
+		#[cfg(taproot)]
+		partial_signature_with_nonce: None,
 	};
 
 	let update_fee = msgs::UpdateFee {
@@ -1458,7 +1460,9 @@ fn test_fee_spike_violation_fails_htlc() {
 	let commit_signed_msg = msgs::CommitmentSigned {
 		channel_id: chan.2,
 		signature: res.0,
-		htlc_signatures: res.1
+		htlc_signatures: res.1,
+		#[cfg(taproot)]
+		partial_signature_with_nonce: None,
 	};
 
 	// Send the commitment_signed message to the nodes[1].
@@ -1469,7 +1473,9 @@ fn test_fee_spike_violation_fails_htlc() {
 	let raa_msg = msgs::RevokeAndACK {
 		channel_id: chan.2,
 		per_commitment_secret: local_secret,
-		next_per_commitment_point: next_local_point
+		next_per_commitment_point: next_local_point,
+		#[cfg(taproot)]
+		next_local_nonce: None,
 	};
 	nodes[1].node.handle_revoke_and_ack(&nodes[0].node.get_our_node_id(), &raa_msg);
 
@@ -7497,7 +7503,13 @@ fn test_counterparty_raa_skip_no_crash() {
 	}
 
 	nodes[1].node.handle_revoke_and_ack(&nodes[0].node.get_our_node_id(),
-		&msgs::RevokeAndACK { channel_id, per_commitment_secret, next_per_commitment_point });
+		&msgs::RevokeAndACK {
+			channel_id,
+			per_commitment_secret,
+			next_per_commitment_point,
+			#[cfg(taproot)]
+			next_local_nonce: None,
+		});
 	assert_eq!(check_closed_broadcast!(nodes[1], true).unwrap().data, "Received an unexpected revoke_and_ack");
 	check_added_monitors!(nodes[1], 1);
 	check_closed_event!(nodes[1], 1, ClosureReason::ProcessingError { err: "Received an unexpected revoke_and_ack".to_string() });

lightning/src/ln/msgs.rs

@@ -51,6 +51,11 @@ use crate::routing::gossip::NodeId;
 /// 21 million * 10^8 * 1000
 pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000;
 
+#[cfg(taproot)]
+/// A partial signature that also contains the Musig2 nonce its signer used
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct PartialSignatureWithNonce(pub musig2::types::PartialSignature, pub musig2::types::PublicNonce);
+
 /// An error in decoding a message or struct.
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub enum DecodeError {
@@ -244,6 +249,9 @@ pub struct AcceptChannel {
 	/// our feature bits with our counterparty's feature bits from the [`Init`] message.
 	/// This is required to match the equivalent field in [`OpenChannel::channel_type`].
 	pub channel_type: Option<ChannelTypeFeatures>,
+	#[cfg(taproot)]
+	/// Next nonce the channel initiator should use to create a funding output signature against
+	pub next_local_nonce: Option<musig2::types::PublicNonce>,
 }
 
 /// A [`funding_created`] message to be sent to or received from a peer.
@@ -259,6 +267,12 @@ pub struct FundingCreated {
 	pub funding_output_index: u16,
 	/// The signature of the channel initiator (funder) on the initial commitment transaction
 	pub signature: Signature,
+	#[cfg(taproot)]
+	/// The partial signature of the channel initiator (funder)
+	pub partial_signature_with_nonce: Option<PartialSignatureWithNonce>,
+	#[cfg(taproot)]
+	/// Next nonce the channel acceptor should use to finalize the funding output signature
+	pub next_local_nonce: Option<musig2::types::PublicNonce>
 }
 
 /// A [`funding_signed`] message to be sent to or received from a peer.
@@ -270,6 +284,9 @@ pub struct FundingSigned {
 	pub channel_id: [u8; 32],
 	/// The signature of the channel acceptor (fundee) on the initial commitment transaction
 	pub signature: Signature,
+	#[cfg(taproot)]
+	/// The partial signature of the channel acceptor (fundee)
+	pub partial_signature_with_nonce: Option<PartialSignatureWithNonce>,
 }
 
 /// A [`channel_ready`] message to be sent to or received from a peer.
@@ -409,6 +426,9 @@ pub struct CommitmentSigned {
 	pub signature: Signature,
 	/// Signatures on the HTLC transactions
 	pub htlc_signatures: Vec<Signature>,
+	#[cfg(taproot)]
+	/// The partial Taproot signature on the commitment transaction
+	pub partial_signature_with_nonce: Option<PartialSignatureWithNonce>,
 }
 
 /// A [`revoke_and_ack`] message to be sent to or received from a peer.
@@ -422,6 +442,9 @@ pub struct RevokeAndACK {
 	pub per_commitment_secret: [u8; 32],
 	/// The next sender-broadcast commitment transaction's per-commitment point
 	pub next_per_commitment_point: PublicKey,
+	#[cfg(taproot)]
+	/// Musig nonce the recipient should use in their next commitment signature message
+	pub next_local_nonce: Option<musig2::types::PublicNonce>
 }
 
 /// An [`update_fee`] message to be sent to or received from a peer
@@ -1288,7 +1311,28 @@ impl Readable for OptionalField<u64> {
 	}
 }
 
+#[cfg(not(taproot))]
+impl_writeable_msg!(AcceptChannel, {
+	temporary_channel_id,
+	dust_limit_satoshis,
+	max_htlc_value_in_flight_msat,
+	channel_reserve_satoshis,
+	htlc_minimum_msat,
+	minimum_depth,
+	to_self_delay,
+	max_accepted_htlcs,
+	funding_pubkey,
+	revocation_basepoint,
+	payment_point,
+	delayed_payment_basepoint,
+	htlc_basepoint,
+	first_per_commitment_point,
+	shutdown_scriptpubkey
+}, {
+	(1, channel_type, option),
+});
 
+#[cfg(taproot)]
 impl_writeable_msg!(AcceptChannel, {
 	temporary_channel_id,
 	dust_limit_satoshis,
@@ -1307,6 +1351,7 @@ impl_writeable_msg!(AcceptChannel, {
 	shutdown_scriptpubkey
 }, {
 	(1, channel_type, option),
+	(4, next_local_nonce, option),
 });
 
 impl_writeable_msg!(AnnouncementSignatures, {
@@ -1363,30 +1408,60 @@ impl_writeable!(ClosingSignedFeeRange, {
 	max_fee_satoshis
 });
 
+#[cfg(not(taproot))]
 impl_writeable_msg!(CommitmentSigned, {
 	channel_id,
 	signature,
 	htlc_signatures
 }, {});
 
+#[cfg(taproot)]
+impl_writeable_msg!(CommitmentSigned, {
+	channel_id,
+	signature,
+	htlc_signatures
+}, {
+	(2, partial_signature_with_nonce, option)
+});
+
 impl_writeable!(DecodedOnionErrorPacket, {
 	hmac,
 	failuremsg,
 	pad
 });
 
+#[cfg(not(taproot))]
 impl_writeable_msg!(FundingCreated, {
 	temporary_channel_id,
 	funding_txid,
 	funding_output_index,
 	signature
 }, {});
+#[cfg(taproot)]
+impl_writeable_msg!(FundingCreated, {
+	temporary_channel_id,
+	funding_txid,
+	funding_output_index,
+	signature
+}, {
+	(2, partial_signature_with_nonce, option),
+	(4, next_local_nonce, option)
+});
 
+#[cfg(not(taproot))]
 impl_writeable_msg!(FundingSigned, {
 	channel_id,
 	signature
 }, {});
 
+#[cfg(taproot)]
+impl_writeable_msg!(FundingSigned, {
+	channel_id,
+	signature
+}, {
+	(2, partial_signature_with_nonce, option)
+});
+
 impl_writeable_msg!(ChannelReady, {
 	channel_id,
 	next_per_commitment_point,
@@ -1446,12 +1521,22 @@ impl_writeable_msg!(OpenChannel, {
 	(1, channel_type, option),
 });
 
+#[cfg(not(taproot))]
 impl_writeable_msg!(RevokeAndACK, {
 	channel_id,
 	per_commitment_secret,
 	next_per_commitment_point
 }, {});
 
+#[cfg(taproot)]
+impl_writeable_msg!(RevokeAndACK, {
+	channel_id,
+	per_commitment_secret,
+	next_per_commitment_point
+}, {
+	(4, next_local_nonce, option)
+});
+
 impl_writeable_msg!(Shutdown, {
 	channel_id,
 	scriptpubkey
@@ -2444,6 +2529,8 @@ mod tests {
 			first_per_commitment_point: pubkey_6,
 			shutdown_scriptpubkey: if shutdown { OptionalField::Present(Address::p2pkh(&::bitcoin::PublicKey{compressed: true, inner: pubkey_1}, Network::Testnet).script_pubkey()) } else { OptionalField::Absent },
 			channel_type: None,
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		};
 		let encoded_value = accept_channel.encode();
 		let mut target_value = hex::decode("020202020202020202020202020202020202020202020202020202020202020212345678901234562334032891223698321446687011447600083a840000034d000c89d4c0bcc0bc031b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f024d4b6cd1361032ca9bd2aeb9d900aa4d45d9ead80ac9423374c451a7254d076602531fe6068134503d2723133227c867ac8fa6c83c537e9a44c3c5bdbdcb1fe33703462779ad4aad39514614751a71085f2f10e1c7a593e4e030efb5b8721ce55b0b0362c0a046dacce86ddd0343c6d3c7c79c2208ba0d9c9cf24a6d046d21d21f90f703f006a18d5653c4edf5391ff23a61f03ff83d237e880ee61187fa9f379a028e0a").unwrap();
@@ -2469,6 +2556,10 @@ mod tests {
 			funding_txid: Txid::from_hex("c2d4449afa8d26140898dd54d3390b057ba2a5afcf03ba29d7dc0d8b9ffe966e").unwrap(),
 			funding_output_index: 255,
 			signature: sig_1,
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		};
 		let encoded_value = funding_created.encode();
 		let target_value = hex::decode("02020202020202020202020202020202020202020202020202020202020202026e96fe9f8b0ddcd729ba03cfafa5a27b050b39d354dd980814268dfa9a44d4c200ffd977cb9b53d93a6ff64bb5f1e158b4094b66e798fb12911168a3ccdf80a83096340a6a95da0ae8d9f776528eecdbb747eb6b545495a4319ed5378e35b21e073a").unwrap();
@@ -2483,6 +2574,8 @@ mod tests {
 		let funding_signed = msgs::FundingSigned {
 			channel_id: [2; 32],
 			signature: sig_1,
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
 		};
 		let encoded_value = funding_signed.encode();
 		let target_value = hex::decode("0202020202020202020202020202020202020202020202020202020202020202d977cb9b53d93a6ff64bb5f1e158b4094b66e798fb12911168a3ccdf80a83096340a6a95da0ae8d9f776528eecdbb747eb6b545495a4319ed5378e35b21e073a").unwrap();
@@ -2646,6 +2739,8 @@ mod tests {
 			channel_id: [2; 32],
 			signature: sig_1,
 			htlc_signatures: if htlcs { vec![sig_2, sig_3, sig_4] } else { Vec::new() },
+			#[cfg(taproot)]
+			partial_signature_with_nonce: None,
 		};
 		let encoded_value = commitment_signed.encode();
 		let mut target_value = hex::decode("0202020202020202020202020202020202020202020202020202020202020202d977cb9b53d93a6ff64bb5f1e158b4094b66e798fb12911168a3ccdf80a83096340a6a95da0ae8d9f776528eecdbb747eb6b545495a4319ed5378e35b21e073a").unwrap();
@@ -2671,6 +2766,8 @@ mod tests {
 			channel_id: [2; 32],
 			per_commitment_secret: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1],
 			next_per_commitment_point: pubkey_1,
+			#[cfg(taproot)]
+			next_local_nonce: None,
 		};
 		let encoded_value = raa.encode();
 		let target_value = hex::decode("02020202020202020202020202020202020202020202020202020202020202020101010101010101010101010101010101010101010101010101010101010101031b84c5567b126440995d3ed5aaba0565d71e1834604819ff9c17f5e9d5dd078f").unwrap();