multi: remove tweakless special casing

Now that whether or not a the key is tweakless or not is entirely determined by the channel type and derived keys, we don't have to specify whether it is tweakless or not. This information is carried by the sign descriptor. Co-authored-by: Joost Jager <joost.jager@gmail.com>
lightningnetwork · Dec 19, 2019 · 2703a10 · 2703a10
1 parent d808d13
commit 2703a10
Show file tree

Hide file tree

Showing 14 changed files with 174 additions and 229 deletions.
diff --git a/breacharbiter.go b/breacharbiter.go
@@ -943,15 +943,11 @@ func newRetributionInfo(chanPoint *wire.OutPoint,
 
 	// First, record the breach information for the local channel point if
 	// it is not considered dust, which is signaled by a non-nil sign
-	// descriptor. Here we use CommitmentNoDelay (or
-	// CommitmentNoDelayTweakless for newer commitments) since this output
-	// belongs to us and has no time-based constraints on spending.
+	// descriptor. Here we use CommitmentNoDelay (also for tweakless
+	// commitments) since this output belongs to us and has no time-based
+	// constraints on spending.
 	if breachInfo.LocalOutputSignDesc != nil {
 		witnessType := input.CommitmentNoDelay
-		if breachInfo.LocalOutputSignDesc.SingleTweak == nil {
-			witnessType = input.CommitSpendNoDelayTweakless
-		}
-
 		localOutput := makeBreachedOutput(
 			&breachInfo.LocalOutpoint,
 			witnessType,

diff --git a/breacharbiter_test.go b/breacharbiter_test.go
@@ -146,7 +146,7 @@ var (
 		{
 			amt:         btcutil.Amount(1e7),
 			outpoint:    breachOutPoints[0],
-			witnessType: input.CommitSpendNoDelayTweakless,
+			witnessType: input.CommitmentNoDelay,
 			signDesc: input.SignDescriptor{
 				WitnessScript: []byte{
 					0x00, 0x14, 0xee, 0x91, 0x41, 0x7e,

diff --git a/contractcourt/commit_sweep_resolver.go b/contractcourt/commit_sweep_resolver.go
@@ -184,8 +184,6 @@ func (c *commitSweepResolver) Resolve() (ContractResolver, error) {
 	switch {
 	case isLocalCommitTx:
 		witnessType = input.CommitmentTimeLock
-	case c.commitResolution.SelfOutputSignDesc.SingleTweak == nil:
-		witnessType = input.CommitSpendNoDelayTweakless
 	default:
 		witnessType = input.CommitmentNoDelay
 	}

diff --git a/htlcswitch/interfaces.go b/htlcswitch/interfaces.go
@@ -175,7 +175,7 @@ type TowerClient interface {
 	// successful unless the tower is unavailable and client is force quit,
 	// or the justice transaction would create dust outputs when trying to
 	// abide by the negotiated policy. If the channel we're trying to back
-	// up doesn't have a tweak for the remote party's output, then
-	// isTweakless should be true.
-	BackupState(*lnwire.ChannelID, *lnwallet.BreachRetribution, bool) error
+	// up doesn't have a tweak for the remote party's output, then the
+	// SingleTweak should be nil.
+	BackupState(*lnwire.ChannelID, *lnwallet.BreachRetribution) error
 }
diff --git a/htlcswitch/link.go b/htlcswitch/link.go
@@ -1798,10 +1798,9 @@ func (l *channelLink) handleUpstreamMsg(msg lnwire.Message) {
 				return
 			}
 
-			chanType := l.channel.State().ChanType
 			chanID := l.ChanID()
 			err = l.cfg.TowerClient.BackupState(
-				&chanID, breachInfo, chanType.IsTweakless(),
+				&chanID, breachInfo,
 			)
 			if err != nil {
 				l.fail(LinkFailureError{code: ErrInternalError},

diff --git a/input/script_utils.go b/input/script_utils.go
@@ -903,14 +903,15 @@ func CommitSpendRevoke(signer Signer, signDesc *SignDescriptor,
 
 // CommitSpendNoDelay constructs a valid witness allowing a node to spend their
 // settled no-delay output on the counterparty's commitment transaction. If the
-// tweakless field is true, then we'll omit the set where we tweak the pubkey
-// with a random set of bytes, and use it directly in the witness stack.
+// passed sign descriptor has a nil SingleTweak, then we'll omit the set where
+// we tweak the pubkey with a random set of bytes, and use it directly in the
+// witness stack.
 //
 // NOTE: The passed SignDescriptor should include the raw (untweaked) public
 // key of the receiver and also the proper single tweak value based on the
 // current commitment point.
 func CommitSpendNoDelay(signer Signer, signDesc *SignDescriptor,
-	sweepTx *wire.MsgTx, tweakless bool) (wire.TxWitness, error) {
+	sweepTx *wire.MsgTx) (wire.TxWitness, error) {
 
 	if signDesc.KeyDesc.PubKey == nil {
 		return nil, fmt.Errorf("cannot generate witness with nil " +
@@ -930,18 +931,18 @@ func CommitSpendNoDelay(signer Signer, signDesc *SignDescriptor,
 	witness := make([][]byte, 2)
 	witness[0] = append(sweepSig, byte(signDesc.HashType))
 
-	switch tweakless {
+	switch {
 	// If we're tweaking the key, then we use the tweaked public key as the
 	// last item in the witness stack which was originally used to created
 	// the pkScript we're spending.
-	case false:
+	case signDesc.SingleTweak != nil:
 		witness[1] = TweakPubKeyWithTweak(
 			signDesc.KeyDesc.PubKey, signDesc.SingleTweak,
 		).SerializeCompressed()
 
 	// Otherwise, we can just use the raw pubkey, since there's no random
 	// value to be combined.
-	case true:
+	default:
 		witness[1] = signDesc.KeyDesc.PubKey.SerializeCompressed()
 	}
 

diff --git a/input/witnessgen.go b/input/witnessgen.go
@@ -54,7 +54,7 @@ const (
 
 	// CommitmentNoDelay is a witness that allows us to spend a settled
 	// no-delay output immediately on a counterparty's commitment
-	// transaction.
+	// transaction, tweaked or tweakless.
 	CommitmentNoDelay StandardWitnessType = 1
 
 	// CommitmentRevoke is a witness that allows us to sweep the settled
@@ -114,11 +114,6 @@ const (
 	// output that sends to a nested P2SH script that pays to a key solely
 	// under our control. The witness generated needs to include the
 	NestedWitnessKeyHash StandardWitnessType = 11
-
-	// CommitSpendNoDelayTweakless is similar to the CommitSpendNoDelay
-	// type, but it omits the tweak that randomizes the key we need to
-	// spend with a channel peer supplied set of randomness.
-	CommitSpendNoDelayTweakless StandardWitnessType = 12
 )
 
 // String returns a human readable version of the target WitnessType.
@@ -132,9 +127,6 @@ func (wt StandardWitnessType) String() string {
 	case CommitmentNoDelay:
 		return "CommitmentNoDelay"
 
-	case CommitSpendNoDelayTweakless:
-		return "CommitmentNoDelayTweakless"
-
 	case CommitmentRevoke:
 		return "CommitmentRevoke"
 
@@ -198,17 +190,7 @@ func (wt StandardWitnessType) WitnessGenerator(signer Signer,
 			}, nil
 
 		case CommitmentNoDelay:
-			witness, err := CommitSpendNoDelay(signer, desc, tx, false)
-			if err != nil {
-				return nil, err
-			}
-
-			return &Script{
-				Witness: witness,
-			}, nil
-
-		case CommitSpendNoDelayTweakless:
-			witness, err := CommitSpendNoDelay(signer, desc, tx, true)
+			witness, err := CommitSpendNoDelay(signer, desc, tx)
 			if err != nil {
 				return nil, err
 			}
@@ -311,8 +293,6 @@ func (wt StandardWitnessType) SizeUpperBound() (int, bool, error) {
 	switch wt {
 
 	// Outputs on a remote commitment transaction that pay directly to us.
-	case CommitSpendNoDelayTweakless:
-		fallthrough
 	case WitnessKeyHash:
 		fallthrough
 	case CommitmentNoDelay:

diff --git a/lnwallet/channel_test.go b/lnwallet/channel_test.go
@@ -5239,7 +5239,7 @@ func TestChannelUnilateralClosePendingCommit(t *testing.T) {
 	})
 	aliceSignDesc.SigHashes = txscript.NewTxSigHashes(sweepTx)
 	sweepTx.TxIn[0].Witness, err = input.CommitSpendNoDelay(
-		aliceChannel.Signer, &aliceSignDesc, sweepTx, false,
+		aliceChannel.Signer, &aliceSignDesc, sweepTx,
 	)
 	if err != nil {
 		t.Fatalf("unable to generate sweep witness: %v", err)

diff --git a/lnwallet/transactions_test.go b/lnwallet/transactions_test.go
@@ -1219,7 +1219,7 @@ func testSpendValidation(t *testing.T, tweakless bool) {
 		signDesc.SingleTweak = bobCommitTweak
 	}
 	bobRegularSpend, err := input.CommitSpendNoDelay(
-		bobSigner, signDesc, sweepTx, tweakless,
+		bobSigner, signDesc, sweepTx,
 	)
 	if err != nil {
 		t.Fatalf("unable to create bob regular spend: %v", err)

diff --git a/watchtower/lookout/justice_descriptor_test.go b/watchtower/lookout/justice_descriptor_test.go
@@ -254,7 +254,7 @@ func testJusticeDescriptor(t *testing.T, blobType blob.Type) {
 	// DER-encoded signature under the to-remote pubkey. The sighash flag is
 	// also present, so we trim it.
 	toRemoteWitness, err := input.CommitSpendNoDelay(
-		signer, toRemoteSignDesc, justiceTxn, false,
+		signer, toRemoteSignDesc, justiceTxn,
 	)
 	if err != nil {
 		t.Fatalf("unable to sign to-remote input: %v", err)

diff --git a/watchtower/wtclient/backup_task.go b/watchtower/wtclient/backup_task.go
@@ -54,7 +54,7 @@ type backupTask struct {
 // variables.
 func newBackupTask(chanID *lnwire.ChannelID,
 	breachInfo *lnwallet.BreachRetribution,
-	sweepPkScript []byte, isTweakless bool) *backupTask {
+	sweepPkScript []byte) *backupTask {
 
 	// Parse the non-dust outputs from the breach transaction,
 	// simultaneously computing the total amount contained in the inputs
@@ -86,9 +86,6 @@ func newBackupTask(chanID *lnwire.ChannelID,
 	}
 	if breachInfo.LocalOutputSignDesc != nil {
 		witnessType := input.CommitmentNoDelay
-		if isTweakless {
-			witnessType = input.CommitSpendNoDelayTweakless
-		}
 
 		toRemoteInput = input.NewBaseInput(
 			&breachInfo.LocalOutpoint,
@@ -277,8 +274,6 @@ func (t *backupTask) craftSessionPayload(
 		case input.CommitmentRevoke:
 			copy(justiceKit.CommitToLocalSig[:], signature[:])
 
-		case input.CommitSpendNoDelayTweakless:
-			fallthrough
 		case input.CommitmentNoDelay:
 			copy(justiceKit.CommitToRemoteSig[:], signature[:])
 		}