Validate counterparty revocation (#29)

* set the rsignerd logging level to DEBUG

* implemented hsmd validate_counterparty_revocation

* added rerun-failed-tests

Author: ksedgwic

channeld/channeld.c

@@ -1732,6 +1732,15 @@ static void handle_peer_revoke_and_ack(struct peer *peer, const u8 *msg)
 				 "Unexpected revoke_and_ack");
 	}
 
+	const u8 *msg2 = towire_hsmd_validate_revocation(tmpctx,
+							peer->next_index[REMOTE] - 2,
+							&old_commit_secret);
+	msg2 = hsm_req(tmpctx, take(msg2));
+	if (!fromwire_hsmd_validate_revocation_reply(msg2))
+		status_failed(STATUS_FAIL_HSM_IO,
+			      "Bad hsm_validate_revocation_reply: %s",
+			      tal_hex(tmpctx, msg));
+
 	/* BOLT #2:
 	 *
 	 * A receiving node:

contrib/pyln-testing/pyln/testing/utils.py

@@ -519,6 +519,8 @@ def __init__(self, rsignerd_dir, rsignerd_port):
         TailableProc.__init__(self, rsignerd_dir)
         self.executable = env("REMOTE_SIGNER_CMD", 'rsignerd')
         self.opts = [
+            '--log-level-console=DEBUG',
+            '--log-level-disk=TRACE',
             '--datadir={}'.format(rsignerd_dir),
             '--port={}'.format(rsignerd_port),
         ]

contrib/remote_hsmd/NOTES.md

@@ -32,6 +32,10 @@ Run all of the integration tests:
 Run a single test:
 
     ./contrib/remote_hsmd/scripts/run-one-test $THETEST |& tee log
+    
+Re-run failures from prior run:
+
+    ./contrib/remote_hsmd/scripts/rerun-failed-tests < log |& tee log2
 
 Some popular tests:
 

contrib/remote_hsmd/hsmd.c

@@ -848,6 +848,34 @@ static struct io_plan *handle_validate_commitment_tx(struct io_conn *conn,
 				      NULL, old_secret, &next_per_commitment_point)));
 }
 
+/* Validate the peer's signatures for our commitment and htlc txs. */
+static struct io_plan *handle_validate_revocation(struct io_conn *conn,
+						     struct client *c,
+						     const u8 *msg_in)
+{
+	u64 revoke_num;
+	struct secret old_secret;
+
+	if (!fromwire_hsmd_validate_revocation(msg_in,
+					       &revoke_num, &old_secret))
+		bad_req(conn, c, msg_in);
+
+	proxy_stat rv = proxy_handle_validate_revocation(
+		&c->id, c->dbid,
+		revoke_num, &old_secret);
+	if (PROXY_PERMANENT(rv))
+		status_failed(STATUS_FAIL_INTERNAL_ERROR,
+		              "proxy_%s failed: %s", __FUNCTION__,
+			      proxy_last_message());
+	else if (!PROXY_SUCCESS(rv))
+		return bad_req_fmt(conn, c, msg_in,
+				   "proxy_%s error: %s", __FUNCTION__,
+				   proxy_last_message());
+
+	return req_reply(conn, c,
+			 take(towire_hsmd_validate_revocation_reply(NULL)));
+}
+
 /*~ This is used by channeld to create signatures for the remote peer's
  * commitment transaction.  It's functionally identical to signing our own,
  * but we expect to do this repeatedly as commitment transactions are
@@ -1636,6 +1664,7 @@ static bool check_client_capabilities(struct client *client,
 	case WIRE_HSMD_SIGN_REMOTE_COMMITMENT_TX:
 	case WIRE_HSMD_SIGN_REMOTE_HTLC_TX:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX:
+	case WIRE_HSMD_VALIDATE_REVOCATION:
 		return (client->capabilities & HSM_CAP_SIGN_REMOTE_TX) != 0;
 
 	case WIRE_HSMD_SIGN_MUTUAL_CLOSE_TX:
@@ -1670,6 +1699,7 @@ static bool check_client_capabilities(struct client *client,
 	case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX_REPLY:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX_REPLY:
+	case WIRE_HSMD_VALIDATE_REVOCATION_REPLY:
 	case WIRE_HSMD_SIGN_TX_REPLY:
 	case WIRE_HSMD_GET_PER_COMMITMENT_POINT_REPLY:
 	case WIRE_HSMD_CHECK_FUTURE_SECRET_REPLY:
@@ -1749,6 +1779,9 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX:
 		return handle_validate_commitment_tx(conn, c, c->msg_in);
 
+	case WIRE_HSMD_VALIDATE_REVOCATION:
+		return handle_validate_revocation(conn, c, c->msg_in);
+
 	case WIRE_HSMD_SIGN_DELAYED_PAYMENT_TO_US:
 		return handle_sign_delayed_payment_to_us(conn, c, c->msg_in);
 
@@ -1800,6 +1833,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX_REPLY:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX_REPLY:
+	case WIRE_HSMD_VALIDATE_REVOCATION_REPLY:
 	case WIRE_HSMD_SIGN_TX_REPLY:
 	case WIRE_HSMD_GET_PER_COMMITMENT_POINT_REPLY:
 	case WIRE_HSMD_CHECK_FUTURE_SECRET_REPLY:

contrib/remote_hsmd/proxy.cc

@@ -1201,6 +1201,52 @@ proxy_stat proxy_handle_validate_commitment_tx(
 	}
 }
 
+proxy_stat proxy_handle_validate_revocation(
+	struct node_id *peer_id,
+	u64 dbid,
+	u64 revoke_num,
+	struct secret *old_secret)
+{
+	STATUS_DEBUG(
+		"%s:%d %s { "
+		"\"self_id\":%s, \"peer_id\":%s, \"dbid\":%" PRIu64 ", "
+		"\"revoke_num\":%" PRIu64 ", "
+		"\"old_secret\":%s }",
+		__FILE__, __LINE__, __FUNCTION__,
+		dump_node_id(&self_id).c_str(),
+		dump_node_id(peer_id).c_str(),
+		dbid,
+		revoke_num,
+		dump_secret(old_secret).c_str()
+		);
+
+	last_message = "";
+	ValidateCounterpartyRevocationRequest req;
+	marshal_node_id(&self_id, req.mutable_node_id());
+	marshal_channel_nonce(peer_id, dbid, req.mutable_channel_nonce());
+	req.set_revoke_num(revoke_num);
+	marshal_secret(old_secret, req.mutable_old_secret());
+
+	ClientContext context;
+	ValidateCounterpartyRevocationReply rsp;
+	Status status = stub->ValidateCounterpartyRevocation(&context, req, &rsp);
+	if (status.ok()) {
+		STATUS_DEBUG("%s:%d %s { "
+			     "\"self_id\":%s } ",
+			     __FILE__, __LINE__, __FUNCTION__,
+			     dump_node_id(&self_id).c_str());
+		last_message = "success";
+		return PROXY_OK;
+	} else {
+		status_unusual("%s:%d %s: self_id=%s %s",
+			       __FILE__, __LINE__, __FUNCTION__,
+			       dump_node_id(&self_id).c_str(),
+			       status.error_message().c_str());
+		last_message = status.error_message();
+		return map_status(status);
+	}
+}
+
 proxy_stat proxy_handle_cannouncement_sig(
 	struct node_id *peer_id,
 	u64 dbid,

contrib/remote_hsmd/proxy.hpp

@@ -144,6 +144,12 @@ proxy_stat proxy_handle_validate_commitment_tx(
 	struct secret **o_old_secret,
 	struct pubkey *next_per_commitment_point);
 
+proxy_stat proxy_handle_validate_revocation(
+	struct node_id *peer_id,
+	u64 dbid,
+	u64 revoke_num,
+	struct secret *old_secret);
+
 proxy_stat proxy_handle_cannouncement_sig(
 	struct node_id *peer_id,
 	u64 dbid,

contrib/remote_hsmd/scripts/rerun-failed-tests

@@ -0,0 +1,18 @@
+#!/usr/bin/sh
+
+echo "accepts log w/ failures on stdin"
+
+TESTS=`awk '/^FAILED tests/ {print $2}'`
+
+PYTHONPATH=\
+$PWD/contrib/pyln-client:\
+$PWD/contrib/pyln-testing:\
+$PWD/contrib/pyln-proto \
+TEST_DEBUG=1 \
+DEVELOPER=1 \
+VALGRIND=0 \
+SUBDAEMON='hsmd:remote_hsmd' \
+REMOTE_SIGNER_CMD=$(pwd)/../rust-lightning-signer/target/debug/server \
+pytest \
+$TESTS \
+-n=32 --timeout=300 --timeout_method=thread

contrib/remote_hsmd/scripts/run-all-tests

@@ -3,7 +3,7 @@
 SUBDAEMON='hsmd:remote_hsmd' \
 REMOTE_SIGNER_CMD=$(pwd)/../rust-lightning-signer/target/debug/server \
 make \
--j32 PYTEST_PAR=64 \
+-j16 PYTEST_PAR=32 \
 DEVELOPER=1 \
 VALGRIND=0 \
 SLOW_MACHINE=0 \

contrib/remote_hsmd/scripts/run-one-test

@@ -14,4 +14,4 @@ SUBDAEMON='hsmd:remote_hsmd' \
 REMOTE_SIGNER_CMD=$(pwd)/../rust-lightning-signer/target/debug/server \
 pytest \
 $THETEST \
--v --timeout=300 --timeout_method=thread -x -s
+-v --timeout=300 --timeout_method=thread -x

hsmd/hsmd.c

@@ -657,6 +657,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMD_READY_CHANNEL:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX:
+	case WIRE_HSMD_VALIDATE_REVOCATION:
 	case WIRE_HSMD_SIGN_PENALTY_TO_US:
 	case WIRE_HSMD_SIGN_REMOTE_COMMITMENT_TX:
 	case WIRE_HSMD_SIGN_REMOTE_HTLC_TX:
@@ -694,6 +695,7 @@ static struct io_plan *handle_client(struct io_conn *conn, struct client *c)
 	case WIRE_HSMSTATUS_CLIENT_BAD_REQUEST:
 	case WIRE_HSMD_SIGN_COMMITMENT_TX_REPLY:
 	case WIRE_HSMD_VALIDATE_COMMITMENT_TX_REPLY:
+	case WIRE_HSMD_VALIDATE_REVOCATION_REPLY:
 	case WIRE_HSMD_SIGN_TX_REPLY:
 	case WIRE_HSMD_GET_PER_COMMITMENT_POINT_REPLY:
 	case WIRE_HSMD_CHECK_FUTURE_SECRET_REPLY: