f - Check KeysInterface::get_shutdown_scriptpubkey

jkczyz · jkczyz · commit 05d73ed390ab · 2021-07-29T23:05:05.000-05:00
Check that the user-provided shutdown_scriptpubkey is compatible with
the counterparty's features (option_shutdown_anysegwit).

TODO: Implement for ChannelManager::close_channel
TODO: Add unit tests
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -567,7 +567,7 @@ impl<Signer: Sign> Channel<Signer> {
 	}
 
 	// Constructors:
-	pub fn new_outbound<K: Deref, F: Deref>(fee_estimator: &F, keys_provider: &K, counterparty_node_id: PublicKey, channel_value_satoshis: u64, push_msat: u64, user_id: u64, config: &UserConfig) -> Result<Channel<Signer>, APIError>
+	pub fn new_outbound<K: Deref, F: Deref>(fee_estimator: &F, keys_provider: &K, counterparty_node_id: PublicKey, their_features: InitFeatures, channel_value_satoshis: u64, push_msat: u64, user_id: u64, config: &UserConfig) -> Result<Channel<Signer>, APIError>
 	where K::Target: KeysInterface<Signer = Signer>,
 	      F::Target: FeeEstimator,
 	{
@@ -597,9 +597,13 @@ impl<Signer: Sign> Channel<Signer> {
 
 		let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey {
 			Some(keys_provider.get_shutdown_scriptpubkey())
-		} else {
-			None
-		};
+		} else { None };
+
+		if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
+			if !shutdown_scriptpubkey.is_compatible(&their_features) {
+				return Err(APIError::APIMisuseError { err: format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex()) });
+			}
+		}
 
 		Ok(Channel {
 			user_id,
@@ -843,14 +847,18 @@ impl<Signer: Sign> Channel<Signer> {
 			}
 		} else { None };
 
-		let mut secp_ctx = Secp256k1::new();
-		secp_ctx.seeded_randomize(&keys_provider.get_secure_random_bytes());
-
 		let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey {
 			Some(keys_provider.get_shutdown_scriptpubkey())
-		} else {
-			None
-		};
+		} else { None };
+
+		if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
+			if !shutdown_scriptpubkey.is_compatible(&their_features) {
+				return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex())));
+			}
+		}
+
+		let mut secp_ctx = Secp256k1::new();
+		secp_ctx.seeded_randomize(&keys_provider.get_secure_random_bytes());
 
 		let chan = Channel {
 			user_id,
@@ -3262,6 +3270,23 @@ impl<Signer: Sign> Channel<Signer> {
 			self.counterparty_shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
 		}
 
+		// If we have any LocalAnnounced updates we'll probably just get back a update_fail_htlc
+		// immediately after the commitment dance, but we can send a Shutdown cause we won't send
+		// any further commitment updates after we set LocalShutdownSent.
+		let send_shutdown = (self.channel_state & ChannelState::LocalShutdownSent as u32) != ChannelState::LocalShutdownSent as u32;
+
+		let shutdown_scriptpubkey = match self.shutdown_scriptpubkey {
+			Some(_) => None,
+			None => {
+				assert!(send_shutdown);
+				let shutdown_scriptpubkey = keys_provider.get_shutdown_scriptpubkey();
+				if !shutdown_scriptpubkey.is_compatible(their_features) {
+					return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex())));
+				}
+				Some(shutdown_scriptpubkey)
+			},
+		};
+
 		// From here on out, we may not fail!
 
 		self.channel_state |= ChannelState::RemoteShutdownSent as u32;
@@ -3282,15 +3307,9 @@ impl<Signer: Sign> Channel<Signer> {
 			}
 		});
 
-		// If we have any LocalAnnounced updates we'll probably just get back a update_fail_htlc
-		// immediately after the commitment dance, but we can send a Shutdown cause we won't send
-		// any further commitment updates after we set LocalShutdownSent.
-		let send_shutdown = (self.channel_state & ChannelState::LocalShutdownSent as u32) != ChannelState::LocalShutdownSent as u32;
-		let monitor_update = match self.shutdown_scriptpubkey {
-			Some(_) => None,
-			None => {
-				assert!(send_shutdown);
-				self.shutdown_scriptpubkey = Some(keys_provider.get_shutdown_scriptpubkey());
+		let monitor_update = match shutdown_scriptpubkey {
+			Some(shutdown_scriptpubkey) => {
+				self.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
 				self.latest_monitor_update_id += 1;
 				Some(ChannelMonitorUpdate {
 					update_id: self.latest_monitor_update_id,
@@ -3299,6 +3318,7 @@ impl<Signer: Sign> Channel<Signer> {
 					}],
 				})
 			},
+			None => None,
 		};
 		let shutdown = if send_shutdown {
 			Some(msgs::Shutdown {
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -1156,8 +1156,13 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 			return Err(APIError::APIMisuseError { err: format!("Channel value must be at least 1000 satoshis. It was {}", channel_value_satoshis) });
 		}
 
+		let their_features = {
+			let per_peer_state = self.per_peer_state.read().unwrap();
+			let peer_state = per_peer_state.get(&their_network_key).unwrap().lock().unwrap();
+			peer_state.latest_features.clone()
+		};
 		let config = if override_config.is_some() { override_config.as_ref().unwrap() } else { &self.default_configuration };
-		let channel = Channel::new_outbound(&self.fee_estimator, &self.keys_manager, their_network_key, channel_value_satoshis, push_msat, user_id, config)?;
+		let channel = Channel::new_outbound(&self.fee_estimator, &self.keys_manager, their_network_key, their_features, channel_value_satoshis, push_msat, user_id, config)?;
 		let res = channel.get_open_channel(self.genesis_hash.clone());
 
 		let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(&self.total_consistency_lock, &self.persistence_notifier);
