Create Taproot feature and introduce signer type enum #2289
Conversation
arik-so
changed the title
lightning/src/sign/taproot.rs
Outdated
| use crate::ln::PaymentPreimage; | ||
| use crate::sign::ChannelSigner; | ||
|
|
||
| pub trait TaprootSigner: ChannelSigner { |
There was a problem hiding this comment.
We should add an implementation in the same pr, no? There's a bunch of TODOs here related to the new code - even if it's behind a feature flag let's commit complete code.
lightning/src/sign/taproot.rs
Outdated
| use crate::sign::ChannelSigner; | ||
|
|
||
| pub trait TaprootSigner: ChannelSigner { | ||
| fn generate_local_nonce_pair(&self, secp_ctx: &Secp256k1<secp256k1::All>) -> PublicNonce; |
There was a problem hiding this comment.
Should we have some kind of id here so that later references to the Dane nonce pair can use the same id for derivation? Also this needs docs.
lightning/src/sign/mod.rs
Outdated
| @@ -53,6 +53,9 @@ use crate::util::atomic_counter::AtomicCounter; | |||
| use crate::util::chacha20::ChaCha20; | |||
| use crate::util::invoice::construct_invoice_preimage; | |||
|
|
|||
| #[cfg(all(anchors, taproot))] | |||
There was a problem hiding this comment.
We should add a CI test of the new flag.
lightning/src/sign/taproot.rs
Outdated
| /// revoked the state which they eventually broadcast. It's not a _holder_ secret key and does | ||
| /// not allow the spending of any funds by itself (you need our holder `revocation_secret` to do | ||
| /// so). | ||
| fn sign_justice_revoked_output(&self, justice_tx: &Transaction, input: usize, amount: u64, |
There was a problem hiding this comment.
I know the existing signer doesn't but can we specify in these docs exactly when we call all these methods?
| @@ -384,6 +384,9 @@ mod sealed { | |||
| define_feature!(27, ShutdownAnySegwit, [InitContext, NodeContext], | |||
| "Feature flags for `opt_shutdown_anysegwit`.", set_shutdown_any_segwit_optional, | |||
| set_shutdown_any_segwit_required, supports_shutdown_anysegwit, requires_shutdown_anysegwit); | |||
| define_feature!(31, Taproot, [InitContext, NodeContext, ChannelTypeContext], | |||
There was a problem hiding this comment.
I think the extension-bolt should be updated to mark INC: https://github.com/lightning/bolts/pull/995/files#diff-5005c17d0f8887bea09bff54878cb0bdb2bb3d632b1813a2622560e842a0d322R362
lightning/src/sign/taproot.rs
Outdated
| /// Note that all the relevant preimages will be provided, but there may also be additional | ||
| /// irrelevant or duplicate preimages. | ||
| // | ||
| // TODO: Document the things someone using this interface should enforce before signing. |
There was a problem hiding this comment.
The signer should verify we’re spending a P2TR.
lightning/src/sign/taproot.rs
Outdated
| // TODO: Document the things someone using this interface should enforce before signing. | ||
| fn partially_sign_counterparty_commitment(&self, commitment_tx: &CommitmentTransaction, | ||
| preimages: Vec<PaymentPreimage>, secp_ctx: &Secp256k1<secp256k1::All>, | ||
| ) -> Result<(PartialSignature, Vec<Signature>), ()>; |
There was a problem hiding this comment.
Do we expect this method to return Signature for each, if yes also the inclusion_proof for the script path as we expect this method to be use internally by LDK for on-chain claims?
lightning/src/sign/taproot.rs
Outdated
| /// It may be called multiple times for same output(s) if a fee-bump is needed with regards | ||
| /// to an upcoming timelock expiration. | ||
| /// | ||
| /// Amount is value of the output spent by this input, committed to in the BIP 143 signature. |
There was a problem hiding this comment.
BIP341 signature if we’re talking about PT2R outputs no ?
|
CC @devrandom any idea what y'all need on the signing API side for VLS? |
|
Or @ksedgwic |
|
FYI, everyone, slow down a bit. This PR is a draft for a reason. I'm gonna have tons of revisions to the signer trait. In fact, I think I'll move it to a separate PR. |
arik-so
force-pushed
the
2023-05-taproot-signer
branch
from
28e4d38 to
1c80b04
Compare
arik-so
force-pushed
the
2023-05-taproot-signer
branch
3 times, most recently
from
5abe515 to
fcd0322
Compare
Codecov ReportPatch coverage:
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. Additional details and impacted files@@ Coverage Diff @@
## main #2289 +/- ##
==========================================
+ Coverage 91.50% 91.96% +0.46%
==========================================
Files 104 105 +1
Lines 52087 69041 +16954
Branches 52087 69041 +16954
==========================================
+ Hits 47660 63491 +15831
- Misses 4427 5550 +1123
☔ View full report in Codecov by Sentry. |
arik-so
changed the title
|
Ok, I decided to move the Taproot trait definition into a separate PR, which will also add a variant to the signer type enum introduced here. |
| } | ||
|
|
||
| /// Helper trait for accessing common channel signer methods between different implementations | ||
| pub trait AsChannelSigner { |
There was a problem hiding this comment.
I don't think this needs to be public, right?
There was a problem hiding this comment.
Oh I guess it doesn't matter since we make the module pub(crate).
There was a problem hiding this comment.
It actually does, unfortunately. Rust is complaining that ChannelSigner (public) inherits from a trait that would otherwise have a lower visibility, which is a no-no. Thankfully, the compiler doesn't yet detect that that's meaningless. So 🤫
There was a problem hiding this comment.
I think this means a downstream crate is unable to implement ChannelSigner (you've sealed it). Instead, you can impl<C: ChannelSigner> AsChannelSigner for C and not inherit.
There was a problem hiding this comment.
Not inheriting will break the functionality, unfortunately. It's a crucial aspect. But I have a different idea.
There was a problem hiding this comment.
Why is the inheritance critical here? Maybe we don't land this PR until we get a few more commits so that reviewers can better understand where its going?
There was a problem hiding this comment.
Because without inheritance, this won't work: https://stackoverflow.com/questions/28632968/why-doesnt-rust-support-trait-object-upcasting/28664881#28664881
There was a problem hiding this comment.
Huh, TIL, but you can take that sample and simply remove the extension and it still compiles?
trait Base {
fn a(&self) -> ();
}
trait AsBase {
fn as_base(&self) -> &dyn Base;
}
impl<T: Base> AsBase for T {
fn as_base(&self) -> &dyn Base {
self
}
}
There was a problem hiding this comment.
Here's a more self-contained example of what we're trying to achieve: https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=4d9d295a47d6da11e2fd58c27ffc3fda
There was a problem hiding this comment.
The issue is the Bar(Box<dyn Bar>), which seems like it should be fixed instead of adding a new public trait. ISTM we should just include additional commits here so that the whole context can be reviewed, rather than reviewing something in part that doesn't make sense on its own.
arik-so
force-pushed
the
2023-05-taproot-signer
branch
from
fcd0322 to
cc6add5
Compare
| } | ||
|
|
||
| /// Helper trait for accessing common channel signer methods between different implementations | ||
| pub trait AsChannelSigner { |
There was a problem hiding this comment.
I think this means a downstream crate is unable to implement ChannelSigner (you've sealed it). Instead, you can impl<C: ChannelSigner> AsChannelSigner for C and not inherit.
| @@ -4196,7 +4197,7 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> { | |||
|
|
|||
| let channel_ready = if msg.next_local_commitment_number == 1 && INITIAL_COMMITMENT_NUMBER - self.cur_holder_commitment_transaction_number == 1 { | |||
| // We should never have to worry about MonitorUpdateInProgress resending ChannelReady | |||
| let next_per_commitment_point = self.holder_signer.get_per_commitment_point(self.cur_holder_commitment_transaction_number, &self.secp_ctx); | |||
| let next_per_commitment_point = self.holder_signer.as_ref().get_per_commitment_point(self.cur_holder_commitment_transaction_number, &self.secp_ctx); | |||
There was a problem hiding this comment.
While you're at it can we clean up a lot of the long lines in this file (that are now worse).
arik-so
force-pushed
the
2023-05-taproot-signer
branch
from
8135406 to
b8ee6bd
Compare
| @@ -384,6 +384,9 @@ mod sealed { | |||
| define_feature!(27, ShutdownAnySegwit, [InitContext, NodeContext], | |||
| "Feature flags for `opt_shutdown_anysegwit`.", set_shutdown_any_segwit_optional, | |||
| set_shutdown_any_segwit_required, supports_shutdown_anysegwit, requires_shutdown_anysegwit); | |||
| define_feature!(31, Taproot, [InitContext, NodeContext, ChannelTypeContext], | |||
There was a problem hiding this comment.
Should we add a TODO(taproot) to the module docs above to remember to document support for simple taproot channels when the time comes?
|
Implemented in another PR. |
No description provided.