Wrapped Channel Signer Type #2441
Conversation
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
3 times, most recently
from
5a0b475 to
4c05087
Compare
| @@ -738,7 +738,7 @@ fn test_update_fee_that_funder_cannot_afford() { | |||
| &mut htlcs, | |||
| &local_chan.context.channel_transaction_parameters.as_counterparty_broadcastable() | |||
| ); | |||
| local_chan_signer.sign_counterparty_commitment(&commitment_tx, Vec::new(), &secp_ctx).unwrap() | |||
| local_chan_signer.as_ecdsa().unwrap().sign_counterparty_commitment(&commitment_tx, Vec::new(), &secp_ctx).unwrap() | |||
There was a problem hiding this comment.
Should we be unwraping here? Shouldn't we do a get and then Err if its wrong (presumably taproot will use different messages?
There was a problem hiding this comment.
I believe it's a panic-worthy exception because as_ecdsa() should never even be called within a Taproot impl context. But happy to adjust, or to replace it with an expect().
There was a problem hiding this comment.
Well, its obviously unreachable today, but looking forward ISTM it will be reachable, so worth handling.
There was a problem hiding this comment.
Now that I'm about to address this, I'm noticing that this particular comment was left in a test. Are you saying we should be matching Errs in unit tests for this, too? I would think that an expect() should be enough, no?
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
from
b2b0239 to
a6f5df6
Compare
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
from
a6f5df6 to
9549888
Compare
Codecov ReportPatch coverage:
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. Additional details and impacted files@@ Coverage Diff @@
## main #2441 +/- ##
=======================================
Coverage 90.58% 90.58%
=======================================
Files 106 107 +1
Lines 56467 56479 +12
Branches 56467 56479 +12
=======================================
+ Hits 51149 51161 +12
Misses 5318 5318
☔ View full report in Codecov by Sentry. |
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
2 times, most recently
from
d011755 to
c1faff0
Compare
|
Can you squash fixup commits and mark this not-draft if you're finished with it? |
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
from
8dc3262 to
5588f53
Compare
|
It would be much easier to undraft if every rebase on main didn't immediately break the lifetimes. |
|
Only true fixup commits I'm seeing are the match arm one and the EcdsaChannelSigner type. The other fixes are independent of, but necessary for, the changes in this PR. |
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
from
f14f568 to
805e825
Compare
| @@ -6631,7 +6665,8 @@ impl<Signer: WriteableEcdsaChannelSigner> Writeable for Channel<Signer> { | |||
| self.context.latest_monitor_update_id.write(writer)?; | |||
|
|
|||
| let mut key_data = VecWriter(Vec::new()); | |||
| self.context.holder_signer.write(&mut key_data)?; | |||
| // TODO: Introduce serialization distinction for non-ECDSA signers. | |||
| self.context.holder_signer.as_ecdsa().expect("Only ECDSA signers may be serialized").write(&mut key_data)?; | |||
There was a problem hiding this comment.
We should be checking the type here with if let rather than asserting. The TODO seems irrelevant since we won't be serializing other signer types? We'd just want to make sure we fail to read new signer types on old versions, which should already be handled with ChannelTypeFeatures.
There was a problem hiding this comment.
We will need to specify for other types though that the serialization data is to be skipped, which is slightly more involved. For that reason I think unwrap is correct here for the time being.
There was a problem hiding this comment.
Can you mark the new TODOs that we need to address in #2512 in some way so that we can easily grep to ensure we've fixed all of them?
| } | ||
| } | ||
|
|
||
| pub(crate) fn as_mut_ecdsa(&mut self) -> Option<&mut ECS> { |
There was a problem hiding this comment.
Nit: this is unused at the moment, maybe remove it?
There was a problem hiding this comment.
I think this method should stay just such that external contributors can have access to it.
| let node_chanmgrs = create_node_chanmgrs(3, &node_cfgs, &[None, None, None]); | ||
| let (persister, chain_monitor, nodes_0_deserialized); | ||
| let nodes_0_deserialized; |
There was a problem hiding this comment.
Can you move this commit up to the top?
The persister and chain_monitor variables must be declared before the node channel manager is initialized to avoid out of order deallocation.
Introduce a Taproot feature on bits 30/31 for initialization, node, and channel type contexts.
Benchmarks were failing because node config and channel monitor configs were tied to the same lifetime. Introducing a separate lifetime allows to avoid out-of-order deallocation errors.
Rather than using a holder_signer of a specific signer type in Channel and ChannelContext, this allows us to hold an enum such that depending on the type of channel, the appropriate signer could be held in its respective variant. Doing so required the reparametrization of Channel from using a Signer to using the SignerProvider trait. This percolated down to the ChannelManager and multiple tests. Now, when accessign various signer methods, there is a distinction between accessing methods defined for all signers on ChannelSigner, and accessing type-specific methods using accessors such as `as_ecdsa`.
Remove a bunch of unnecessary ChannelManager imports.
arik-so
force-pushed
the
2023-07-taproot-signer-wrapped
branch
from
805e825 to
6a2f43d
Compare
| ).map_err(|_| ChannelError::Close("Failed to validate revocation from peer".to_owned()))?; | ||
| match &self.context.holder_signer { | ||
| ChannelSignerType::Ecdsa(ecdsa) => { | ||
| ecdsa.validate_counterparty_revocation( |
There was a problem hiding this comment.
isn't this fn the same for ecdsa and taproot?
There was a problem hiding this comment.
unfortunately not, because of the nonce that needs to be processed in the Taproot variant
| @@ -0,0 +1,32 @@ | |||
| use crate::sign::{ChannelSigner, EcdsaChannelSigner}; | |||
|
|
|||
| pub(crate) enum ChannelSignerType<ECS: EcdsaChannelSigner> { | |||
There was a problem hiding this comment.
I guess the anticipated next step is to move this bound to just be a SignerProvider to simplify the bounds when we add the taproot variant?
There was a problem hiding this comment.
oooh, that's an interesting idea! I'll give that a try.
Supersedes #2289.