Introduce MuSig2-related types for Taproot channels.

Author: arik-so

lightning/Cargo.toml

@@ -56,3 +56,6 @@ regex = "1.5.6"
 version = "0.29.0"
 default-features = false
 features = ["bitcoinconsensus", "secp-recovery"]
+
+[target.'cfg(taproot)'.dependencies]
+musig2 = { git = "https://github.com/arik-so/rust-musig2", rev = "a3edc36" }

lightning/src/ln/msgs.rs

@@ -51,6 +51,11 @@ use crate::routing::gossip::NodeId;
 /// 21 million * 10^8 * 1000
 pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000;
 
+/// A partial signature that also contains the Musig2 nonce its signer used
+#[cfg(taproot)]
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct PartialSignatureWithNonce(pub(crate) musig2::types::PartialSignature, pub(crate) musig2::types::PublicNonce);
+
 /// An error in decoding a message or struct.
 #[derive(Clone, Debug, PartialEq, Eq)]
 pub enum DecodeError {

lightning/src/util/ser.rs

@@ -38,6 +38,8 @@ use bitcoin::hash_types::{Txid, BlockHash};
 use core::marker::Sized;
 use core::time::Duration;
 use crate::ln::msgs::DecodeError;
+#[cfg(taproot)]
+use crate::ln::msgs::PartialSignatureWithNonce;
 use crate::ln::{PaymentPreimage, PaymentHash, PaymentSecret};
 
 use crate::util::byte_utils::{be48_to_array, slice_to_be48};
@@ -574,6 +576,7 @@ impl_array!(16); // for IPv6
 impl_array!(32); // for channel id & hmac
 impl_array!(PUBLIC_KEY_SIZE); // for PublicKey
 impl_array!(64); // for ecdsa::Signature and schnorr::Signature
+impl_array!(66); // for MuSig2 nonces
 impl_array!(1300); // for OnionPacket.hop_data
 
 impl Writeable for [u16; 8] {
@@ -861,6 +864,48 @@ impl Readable for SecretKey {
 	}
 }
 
+#[cfg(taproot)]
+impl Writeable for musig2::types::PublicNonce {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.serialize().to_vec().write(w)
+	}
+
+	fn serialized_length(&self) -> usize {
+		PUBLIC_KEY_SIZE * 2
+	}
+}
+
+#[cfg(taproot)]
+impl Readable for musig2::types::PublicNonce {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let buf: [u8; PUBLIC_KEY_SIZE * 2] = Readable::read(r)?;
+		let nonce = musig2::types::PublicNonce::from_slice(&buf).unwrap();
+		Ok(nonce)
+	}
+}
+
+#[cfg(taproot)]
+impl Writeable for PartialSignatureWithNonce {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.0.serialize().write(w)?;
+		self.1.write(w)
+	}
+
+	fn serialized_length(&self) -> usize {
+		SECRET_KEY_SIZE + self.1.serialized_length()
+	}
+}
+
+#[cfg(taproot)]
+impl Readable for PartialSignatureWithNonce {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let partial_signature_buf: [u8; SECRET_KEY_SIZE] = Readable::read(r)?;
+		let partial_signature: musig2::types::PartialSignature = musig2::types::PartialSignature::from_slice(&partial_signature_buf).unwrap();
+		let public_nonce: musig2::types::PublicNonce = Readable::read(r)?;
+		Ok(PartialSignatureWithNonce(partial_signature, public_nonce))
+	}
+}
+
 impl Writeable for Sha256dHash {
 	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
 		w.write_all(&self[..])
@@ -1277,7 +1322,7 @@ mod tests {
 	fn bigsize_encoding_decoding() {
 		let values = vec![0, 252, 253, 65535, 65536, 4294967295, 4294967296, 18446744073709551615];
 		let bytes = vec![
-			"00", 
+			"00",
 			"fc",
 			"fd00fd",
 			"fdffff",
@@ -1286,7 +1331,7 @@ mod tests {
 			"ff0000000100000000",
 			"ffffffffffffffffff"
 		];
-		for i in 0..=7 {	
+		for i in 0..=7 {
 			let mut stream = crate::io::Cursor::new(::hex::decode(bytes[i]).unwrap());
 			assert_eq!(super::BigSize::read(&mut stream).unwrap().0, values[i]);
 			let mut stream = super::VecWriter(Vec::new());