lnwallet: hook up aux signer, add error

Author: guggero

chainreg/chainregistry.go

@@ -64,8 +64,14 @@ type Config struct {
 	// state.
 	ChanStateDB *channeldb.ChannelStateDB
 
+	// AuxLeafStore is an optional store that can be used to store auxiliary
+	// leaves for certain custom channel types.
 	AuxLeafStore fn.Option[lnwallet.AuxLeafStore]
 
+	// AuxSigner is an optional signer that can be used to sign auxiliary
+	// leaves for certain custom channel types.
+	AuxSigner fn.Option[lnwallet.AuxSigner]
+
 	// BlockCache is the main cache for storing block information.
 	BlockCache *blockcache.BlockCache
 

config_builder.go

@@ -107,7 +107,7 @@ type DatabaseBuilder interface {
 type WalletConfigBuilder interface {
 	// BuildWalletConfig is responsible for creating or unlocking and then
 	// fully initializing a wallet.
-	BuildWalletConfig(context.Context, *DatabaseInstances,
+	BuildWalletConfig(context.Context, *DatabaseInstances, *AuxComponents,
 		*rpcperms.InterceptorChain,
 		[]*ListenerWithSignal) (*chainreg.PartialChainControl,
 		*btcwallet.Config, func(), error)
@@ -149,15 +149,31 @@ type ImplementationCfg struct {
 	// implementation.
 	ChainControlBuilder
 
+	// AuxComponents is a set of auxiliary components that can be used by
+	// lnd for certain custom channel types.
+	AuxComponents
+}
+
+// AuxComponents is a set of auxiliary components that can be used by lnd for
+// certain custom channel types.
+type AuxComponents struct {
+	// AuxLeafStore is an optional data source that can be used by custom
+	// channels to fetch+store various data.
+	AuxLeafStore fn.Option[lnwallet.AuxLeafStore]
+
 	// MsgRouter is an optional message router that if set will be used in
 	// place of a new balnk default message router.
 	MsgRouter fn.Option[protofsm.MsgRouter]
 
 	// AuxFundingController is an optional controller that can be used to
-	// modify the way we handle certain custom chanenl types. It's also
+	// modify the way we handle certain custom channel types. It's also
 	// able to automatically handle new custom protocol messages related to
 	// the funding process.
 	AuxFundingController fn.Option[funding.AuxFundingController]
+
+	// AuxSigner is an optional signer that can be used to sign auxiliary
+	// leaves for certain custom channel types.
+	AuxSigner fn.Option[lnwallet.AuxSigner]
 }
 
 // DefaultWalletImpl is the default implementation of our normal, btcwallet
@@ -242,7 +258,8 @@ func (d *DefaultWalletImpl) Permissions() map[string][]bakery.Op {
 //
 // NOTE: This is part of the WalletConfigBuilder interface.
 func (d *DefaultWalletImpl) BuildWalletConfig(ctx context.Context,
-	dbs *DatabaseInstances, interceptorChain *rpcperms.InterceptorChain,
+	dbs *DatabaseInstances, aux *AuxComponents,
+	interceptorChain *rpcperms.InterceptorChain,
 	grpcListeners []*ListenerWithSignal) (*chainreg.PartialChainControl,
 	*btcwallet.Config, func(), error) {
 
@@ -561,7 +578,8 @@ func (d *DefaultWalletImpl) BuildWalletConfig(ctx context.Context,
 		BtcdMode:                    d.cfg.BtcdMode,
 		HeightHintDB:                dbs.HeightHintDB,
 		ChanStateDB:                 dbs.ChanStateDB.ChannelStateDB(),
-		AuxLeafStore:                dbs.AuxLeafStore,
+		AuxLeafStore:                aux.AuxLeafStore,
+		AuxSigner:                   aux.AuxSigner,
 		NeutrinoCS:                  neutrinoCS,
 		ActiveNetParams:             d.cfg.ActiveNetParams,
 		FeeURL:                      d.cfg.FeeURL,
@@ -621,8 +639,9 @@ func (d *DefaultWalletImpl) BuildWalletConfig(ctx context.Context,
 
 // proxyBlockEpoch proxies a block epoch subsections to the underlying neutrino
 // rebroadcaster client.
-func proxyBlockEpoch(notifier chainntnfs.ChainNotifier,
-) func() (*blockntfns.Subscription, error) {
+func proxyBlockEpoch(
+	notifier chainntnfs.ChainNotifier) func() (*blockntfns.Subscription,
+	error) {
 
 	return func() (*blockntfns.Subscription, error) {
 		blockEpoch, err := notifier.RegisterBlockEpochNtfn(
@@ -714,6 +733,7 @@ func (d *DefaultWalletImpl) BuildChainControl(
 		NetParams:             *walletConfig.NetParams,
 		CoinSelectionStrategy: walletConfig.CoinSelectionStrategy,
 		AuxLeafStore:          partialChainControl.Cfg.AuxLeafStore,
+		AuxSigner:             partialChainControl.Cfg.AuxSigner,
 	}
 
 	// The broadcast is already always active for neutrino nodes, so we
@@ -893,10 +913,6 @@ type DatabaseInstances struct {
 	// for native SQL queries for tables that already support it. This may
 	// be nil if the use-native-sql flag was not set.
 	NativeSQLStore *sqldb.BaseDB
-
-	// AuxLeafStore is an optional data source that can be used by custom
-	// channels to fetch+store various data.
-	AuxLeafStore fn.Option[lnwallet.AuxLeafStore]
 }
 
 // DefaultDatabaseBuilder is a type that builds the default database backends

contractcourt/chain_arbitrator.go

@@ -218,7 +218,13 @@ type ChainArbitratorConfig struct {
 	// lower package.
 	QueryIncomingCircuit func(circuit models.CircuitKey) *models.CircuitKey
 
+	// AuxLeafStore is an optional store that can be used to store auxiliary
+	// leaves for certain custom channel types.
 	AuxLeafStore fn.Option[lnwallet.AuxLeafStore]
+
+	// AuxSigner is an optional signer that can be used to sign auxiliary
+	// leaves for certain custom channel types.
+	AuxSigner fn.Option[lnwallet.AuxSigner]
 }
 
 // ChainArbitrator is a sub-system that oversees the on-chain resolution of all
@@ -301,8 +307,16 @@ func (a *arbChannel) NewAnchorResolutions() (*lnwallet.AnchorResolutions,
 		return nil, err
 	}
 
+	var chanOpts []lnwallet.ChannelOpt
+	a.c.cfg.AuxLeafStore.WhenSome(func(s lnwallet.AuxLeafStore) {
+		chanOpts = append(chanOpts, lnwallet.WithLeafStore(s))
+	})
+	a.c.cfg.AuxSigner.WhenSome(func(s lnwallet.AuxSigner) {
+		chanOpts = append(chanOpts, lnwallet.WithAuxSigner(s))
+	})
+
 	chanMachine, err := lnwallet.NewLightningChannel(
-		a.c.cfg.Signer, channel, nil,
+		a.c.cfg.Signer, channel, nil, chanOpts...,
 	)
 	if err != nil {
 		return nil, err
@@ -350,11 +364,14 @@ func (a *arbChannel) ForceCloseChan() (*lnwallet.LocalForceCloseSummary, error)
 	a.c.cfg.AuxLeafStore.WhenSome(func(s lnwallet.AuxLeafStore) {
 		chanOpts = append(chanOpts, lnwallet.WithLeafStore(s))
 	})
+	a.c.cfg.AuxSigner.WhenSome(func(s lnwallet.AuxSigner) {
+		chanOpts = append(chanOpts, lnwallet.WithAuxSigner(s))
+	})
 
 	// Finally, we'll force close the channel completing
 	// the force close workflow.
 	chanMachine, err := lnwallet.NewLightningChannel(
-		a.c.cfg.Signer, channel, nil,
+		a.c.cfg.Signer, channel, nil, chanOpts...,
 	)
 	if err != nil {
 		return nil, err

funding/manager.go

@@ -548,7 +548,13 @@ type Config struct {
 	// the funding process.
 	AuxFundingController fn.Option[AuxFundingController]
 
+	// AuxLeafStore is an optional store that can be used to store auxiliary
+	// leaves for certain custom channel types.
 	AuxLeafStore fn.Option[lnwallet.AuxLeafStore]
+
+	// AuxSigner is an optional signer that can be used to sign auxiliary
+	// leaves for certain custom channel types.
+	AuxSigner fn.Option[lnwallet.AuxSigner]
 }
 
 // Manager acts as an orchestrator/bridge between the wallet's
@@ -1078,6 +1084,9 @@ func (f *Manager) advanceFundingState(channel *channeldb.OpenChannel,
 	f.cfg.AuxLeafStore.WhenSome(func(s lnwallet.AuxLeafStore) {
 		chanOpts = append(chanOpts, lnwallet.WithLeafStore(s))
 	})
+	f.cfg.AuxSigner.WhenSome(func(s lnwallet.AuxSigner) {
+		chanOpts = append(chanOpts, lnwallet.WithAuxSigner(s))
+	})
 
 	// We create the state-machine object which wraps the database state.
 	lnChannel, err := lnwallet.NewLightningChannel(

lnd.go

@@ -437,7 +437,8 @@ func Main(cfg *Config, lisCfg ListenerCfg, implCfg *ImplementationCfg,
 	defer cleanUp()
 
 	partialChainControl, walletConfig, cleanUp, err := implCfg.BuildWalletConfig(
-		ctx, dbs, interceptorChain, grpcListeners,
+		ctx, dbs, &implCfg.AuxComponents, interceptorChain,
+		grpcListeners,
 	)
 	if err != nil {
 		return mkErr("error creating wallet config: %v", err)

lnwallet/aux_signer.go

@@ -1,6 +1,8 @@
 package lnwallet
 
 import (
+	"github.com/btcsuite/btcd/wire"
+	"github.com/lightningnetwork/lnd/channeldb"
 	"github.com/lightningnetwork/lnd/fn"
 	"github.com/lightningnetwork/lnd/input"
 	"github.com/lightningnetwork/lnd/tlv"
@@ -75,6 +77,9 @@ type AuxSigJobResp struct {
 	// blob
 	SigBlob fn.Option[tlv.Blob]
 
+	// HtlcIndex is the index of the HTLC that was signed.
+	HtlcIndex uint64
+
 	// Err is the error that occurred when executing the specified
 	// signature job. In the case that no error occurred, this value will
 	// be nil.
@@ -122,19 +127,24 @@ func NewAuxVerifyJob(sig fn.Option[tlv.Blob], keyRing CommitmentKeyRing,
 type AuxSigner interface {
 	// SubmitSecondLevelSigBatch takes a batch of aux sign jobs and
 	// processes them asynchronously.
-	SubmitSecondLevelSigBatch(sigJob []AuxSigJob)
+	SubmitSecondLevelSigBatch(chanState *channeldb.OpenChannel,
+		commitTx *wire.MsgTx, sigJob []AuxSigJob) error
 
 	// PackSigs takes a series of aux signatures and packs them into a
 	// single blob that can be sent alongside the CommitSig messages.
-	PackSigs([]fn.Option[tlv.Blob]) fn.Option[tlv.Blob]
+	PackSigs(map[input.HtlcIndex]fn.Option[tlv.Blob]) (fn.Option[tlv.Blob],
+		error)
 
 	// UnpackSigs takes a packed blob of signatures and returns the
 	// original signatures for each HTLC, keyed by HTLC index.
-	UnpackSigs(fn.Option[tlv.Blob]) map[input.HtlcIndex]fn.Option[tlv.Blob]
+	UnpackSigs(
+		fn.Option[tlv.Blob]) (map[input.HtlcIndex]fn.Option[tlv.Blob],
+		error)
 
 	// VerifySecondLevelSigs attemps to synchronously verify a batch of aux
 	// sig jobs.
 	//
 	// TODO(roasbeef): go w/ the same async model?
-	VerifySecondLevelSigs(verifyJob []AuxVerifyJob) error
+	VerifySecondLevelSigs(chanState *channeldb.OpenChannel,
+		commitTx *wire.MsgTx, verifyJob []AuxVerifyJob) error
 }

lnwallet/channel.go

@@ -1462,7 +1462,7 @@ func WithLeafStore(store AuxLeafStore) ChannelOpt {
 	}
 }
 
-// WithAuxsigner is used to specify a custom aux signer for the channel.
+// WithAuxSigner is used to specify a custom aux signer for the channel.
 func WithAuxSigner(signer AuxSigner) ChannelOpt {
 	return func(o *channelOpts) {
 		o.auxSigner = fn.Some[AuxSigner](signer)
@@ -3775,7 +3775,8 @@ func genRemoteHtlcSigJobs(keyRing *CommitmentKeyRing,
 func (lc *LightningChannel) createCommitDiff(
 	newCommit *commitment, commitSig lnwire.Sig,
 	htlcSigs []lnwire.Sig,
-	auxSigs []fn.Option[tlv.Blob]) (*channeldb.CommitDiff, error) {
+	auxSigs map[input.HtlcIndex]fn.Option[tlv.Blob]) (*channeldb.CommitDiff,
+	error) {
 
 	// First, we need to convert the funding outpoint into the ID that's
 	// used on the wire to identify this channel. We'll use this shortly
@@ -3898,9 +3899,10 @@ func (lc *LightningChannel) createCommitDiff(
 	// disk.
 	diskCommit := newCommit.toDiskCommit(false)
 
-	auxSigBlob := fn.MapOptionZ(lc.auxSigner, func(a AuxSigner) tlv.Blob {
-		return a.PackSigs(auxSigs).UnwrapOr(nil)
-	})
+	auxSigBlob, err := packSigs(auxSigs, lc.auxSigner)
+	if err != nil {
+		return nil, fmt.Errorf("error packing aux sigs: %w", err)
+	}
 
 	return &channeldb.CommitDiff{
 		Commitment: *diskCommit,
@@ -4491,9 +4493,15 @@ func (lc *LightningChannel) SignNextCommitment() (*NewCommitState, error) {
 	}
 	lc.sigPool.SubmitSignBatch(sigBatch)
 
-	lc.auxSigner.WhenSome(func(a AuxSigner) {
-		a.SubmitSecondLevelSigBatch(auxSigBatch)
+	err = fn.MapOptionZ(lc.auxSigner, func(a AuxSigner) error {
+		return a.SubmitSecondLevelSigBatch(
+			lc.channelState, newCommitView.txn, auxSigBatch,
+		)
 	})
+	if err != nil {
+		return nil, fmt.Errorf("error submitting second level sig "+
+			"batch: %w", err)
+	}
 
 	// While the jobs are being carried out, we'll Sign their version of
 	// the new commitment transaction while we're waiting for the rest of
@@ -4545,7 +4553,9 @@ func (lc *LightningChannel) SignNextCommitment() (*NewCommitState, error) {
 	// With the jobs sorted, we'll now iterate through all the responses to
 	// gather each of the signatures in order.
 	htlcSigs = make([]lnwire.Sig, 0, len(sigBatch))
-	auxSigs := make([]fn.Option[tlv.Blob], 0, len(auxSigBatch))
+	auxSigs := make(
+		map[input.HtlcIndex]fn.Option[tlv.Blob], len(auxSigBatch),
+	)
 	for i := range sigBatch {
 		htlcSigJob := sigBatch[i]
 		jobResp := <-htlcSigJob.Resp
@@ -4573,7 +4583,7 @@ func (lc *LightningChannel) SignNextCommitment() (*NewCommitState, error) {
 			return nil, auxJobResp.Err
 		}
 
-		auxSigs = append(auxSigs, auxJobResp.SigBlob)
+		auxSigs[auxJobResp.HtlcIndex] = auxJobResp.SigBlob
 	}
 
 	// As we're about to proposer a new commitment state for the remote
@@ -5116,11 +5126,11 @@ func genHtlcSigValidationJobs(chanState *channeldb.OpenChannel,
 
 	// If we have a sig blob, then we'll attempt to map that to individual
 	// blobs for each HTLC we might need a signature for.
-	auxHtlcSigs := fn.MapOptionZ(auxSigner,
-		func(a AuxSigner) map[input.HtlcIndex]fn.Option[tlv.Blob] {
-			return a.UnpackSigs(sigBlob)
-		},
-	)
+	auxHtlcSigs, err := unpackSigs(sigBlob, auxSigner)
+	if err != nil {
+		return nil, nil, fmt.Errorf("error unpacking aux sigs: %w",
+			err)
+	}
 
 	// We'll iterate through each output in the commitment transaction,
 	// populating the sigHash closure function if it's detected to be an
@@ -5682,7 +5692,9 @@ func (lc *LightningChannel) ReceiveNewCommitment(commitSigs *CommitSigs) error {
 	// Now that we know all the normal sigs are valid, we'll also verify
 	// the aux jobs, if any exist.
 	err = fn.MapOptionZ(lc.auxSigner, func(a AuxSigner) error {
-		return a.VerifySecondLevelSigs(auxVerifyJobs)
+		return a.VerifySecondLevelSigs(
+			lc.channelState, localCommitTx, auxVerifyJobs,
+		)
 	})
 	if err != nil {
 		return fmt.Errorf("unable to validate aux sigs: %w", err)

lnwallet/commitment.go

@@ -835,6 +835,37 @@ func updateAuxBlob(chanState *channeldb.OpenChannel,
 	)
 }
 
+// packSigs is a helper function that attempts to pack a series of aux
+// signatures and packs them into a single blob that can be sent alongside the
+// CommitSig messages.
+func packSigs(auxSigs map[input.HtlcIndex]fn.Option[tlv.Blob],
+	signer fn.Option[AuxSigner]) (tlv.Blob, error) {
+
+	if signer.IsNone() {
+		return nil, nil
+	}
+
+	blobOption, err := signer.UnsafeFromSome().PackSigs(auxSigs)
+	if err != nil {
+		return nil, fmt.Errorf("error packing aux sigs: %w", err)
+	}
+
+	return blobOption.UnwrapOr(nil), nil
+}
+
+// unpackSigs is a helper function that takes a packed blob of signatures and
+// returns the original signatures for each HTLC, keyed by HTLC index.
+func unpackSigs(blob fn.Option[tlv.Blob],
+	signer fn.Option[AuxSigner]) (map[input.HtlcIndex]fn.Option[tlv.Blob],
+	error) {
+
+	if signer.IsNone() {
+		return nil, nil
+	}
+
+	return signer.UnsafeFromSome().UnpackSigs(blob)
+}
+
 // createUnsignedCommitmentTx generates the unsigned commitment transaction for
 // a commitment view and returns it as part of the unsignedCommitmentTx. The
 // passed in balances should be balances *before* subtracting any commitment

lnwallet/config.go

@@ -64,5 +64,11 @@ type Config struct {
 	// coins when funding a transaction.
 	CoinSelectionStrategy wallet.CoinSelectionStrategy
 
+	// AuxLeafStore is an optional store that can be used to store auxiliary
+	// leaves for certain custom channel types.
 	AuxLeafStore fn.Option[AuxLeafStore]
+
+	// AuxSigner is an optional signer that can be used to sign auxiliary
+	// leaves for certain custom channel types.
+	AuxSigner fn.Option[AuxSigner]
 }

lnwallet/wallet.go

@@ -2550,6 +2550,9 @@ func (l *LightningWallet) ValidateChannel(channelState *channeldb.OpenChannel,
 	l.Cfg.AuxLeafStore.WhenSome(func(s AuxLeafStore) {
 		chanOpts = append(chanOpts, WithLeafStore(s))
 	})
+	l.Cfg.AuxSigner.WhenSome(func(s AuxSigner) {
+		chanOpts = append(chanOpts, WithAuxSigner(s))
+	})
 
 	// First, we'll obtain a fully signed commitment transaction so we can
 	// pass into it on the chanvalidate package for verification.