Modify codecs to handle new fields for HtlcSuccessTx, HtlcTimeoutTx and ClaimHtlcTimeoutTx

We previously saved the redeem script in the InputInfo class: we'll extract these fields from
the redeem script (which would be an HTLC offered or received script) or witness of data persisted with older codecs.

Author: sstone

eclair-core/src/main/scala/fr/acinq/eclair/SpendFromChannelAddress.scala

@@ -4,7 +4,6 @@ import fr.acinq.bitcoin.scalacompat.Crypto.PublicKey
 import fr.acinq.bitcoin.scalacompat.{ByteVector64, DeterministicWallet, OutPoint, Satoshi, SatoshiLong, Script, ScriptWitness, Transaction, TxIn, TxOut, addressToPublicKeyScript}
 import fr.acinq.eclair.blockchain.fee.FeeratePerKw
 import fr.acinq.eclair.channel.{ChannelConfig, Helpers}
-import fr.acinq.eclair.transactions.Scripts.multiSig2of2
 import fr.acinq.eclair.transactions.Transactions._
 import fr.acinq.eclair.transactions.{Scripts, Transactions}
 import scodec.bits.ByteVector

eclair-core/src/main/scala/fr/acinq/eclair/transactions/Scripts.scala

@@ -204,7 +204,18 @@ object Scripts {
    */
   def witnessAnchor(localSig: ByteVector64, anchorScript: ByteVector): ScriptWitness = ScriptWitness(der(localSig) :: anchorScript :: Nil)
 
-  def htlcOffered(keys: CommitmentPublicKeys, paymentHash: ByteVector32, commitmentFormat: CommitmentFormat): Seq[ScriptElt] = {
+  case class RipemdOfPaymentHash(ripemdHash: ByteVector) {
+    require(ripemdHash.size == 20)
+  }
+
+  object RipemdOfPaymentHash {
+    def apply(paymentHash: ByteVector32): RipemdOfPaymentHash = RipemdOfPaymentHash(Crypto.ripemd160(paymentHash))
+
+    // this value cannot be generated with a real payment hash
+    val empty: RipemdOfPaymentHash = RipemdOfPaymentHash(ByteVector.fill(20)(0))
+  }
+
+  def htlcOffered(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash, commitmentFormat: CommitmentFormat): Seq[ScriptElt] = {
     val addCsvDelay = commitmentFormat match {
       case DefaultCommitmentFormat => false
       case _: AnchorOutputsCommitmentFormat | SimpleTaprootChannelCommitmentFormat => true
@@ -220,7 +231,7 @@ object Scripts {
             // To me via HTLC-timeout transaction (timelocked).
             OP_DROP :: OP_2 :: OP_SWAP :: OP_PUSHDATA(keys.localHtlcPublicKey) :: OP_2 :: OP_CHECKMULTISIG ::
         OP_ELSE ::
-            OP_HASH160 :: OP_PUSHDATA(Crypto.ripemd160(paymentHash)) :: OP_EQUALVERIFY ::
+            OP_HASH160 :: OP_PUSHDATA(paymentHash.ripemdHash) :: OP_EQUALVERIFY ::
             OP_CHECKSIG ::
         OP_ENDIF ::
     (if (addCsvDelay) {
@@ -232,6 +243,46 @@ object Scripts {
     // @formatter:on
   }
 
+  def htlcOffered(keys: CommitmentPublicKeys, paymentHash: ByteVector32, commitmentFormat: CommitmentFormat): Seq[ScriptElt] =
+    htlcOffered(keys, RipemdOfPaymentHash(paymentHash), commitmentFormat)
+
+  // @formatter::off
+  def extractHtlcInfoFromHtlcOfferedScript(script: Seq[ScriptElt]): Option[RipemdOfPaymentHash] = script match {
+    case OP_DUP :: OP_HASH160 :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_IF ::
+      OP_CHECKSIG ::
+      OP_ELSE ::
+      OP_PUSHDATA(_, _) :: OP_SWAP :: OP_SIZE :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_NOTIF ::
+      // To me via HTLC-timeout transaction (timelocked).
+      OP_DROP :: OP_2 :: OP_SWAP :: OP_PUSHDATA(_, _) :: OP_2 :: OP_CHECKMULTISIG ::
+      OP_ELSE ::
+      OP_HASH160 :: OP_PUSHDATA(ripemdOfPaymentHash, _) :: OP_EQUALVERIFY :: OP_CHECKSIG ::
+      OP_ENDIF ::
+      OP_ENDIF :: Nil if ripemdOfPaymentHash.size == 20 => {
+      Some(RipemdOfPaymentHash(ripemdOfPaymentHash))
+    }
+    case OP_DUP :: OP_HASH160 :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_IF ::
+      OP_CHECKSIG ::
+      OP_ELSE ::
+      OP_PUSHDATA(_, _) :: OP_SWAP :: OP_SIZE :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_NOTIF ::
+      // To me via HTLC-timeout transaction (timelocked).
+      OP_DROP :: OP_2 :: OP_SWAP :: OP_PUSHDATA(_, _) :: OP_2 :: OP_CHECKMULTISIG ::
+      OP_ELSE ::
+      OP_HASH160 :: OP_PUSHDATA(ripemdOfPaymentHash, _) :: OP_EQUALVERIFY :: OP_CHECKSIG ::
+      OP_ENDIF ::
+      OP_1 :: OP_CHECKSEQUENCEVERIFY :: OP_DROP ::
+      OP_ENDIF :: Nil if ripemdOfPaymentHash.size == 20 => {
+      Some(RipemdOfPaymentHash(ripemdOfPaymentHash))
+    }
+    case _ => None
+  }
+  // @formatter::on
+
+  def extractHtlcInfoFromHtlcOfferedScript(script: ByteVector): Option[RipemdOfPaymentHash] = extractHtlcInfoFromHtlcOfferedScript(Script.parse(script))
+
   /**
    * This is the witness script of the 2nd-stage HTLC Success transaction (consumes htlcOffered script from commit tx)
    */
@@ -261,7 +312,7 @@ object Scripts {
   /** Extract payment preimages from a (potentially batched) claim HTLC transaction's witnesses. */
   def extractPreimagesFromClaimHtlcSuccess(tx: Transaction): Set[ByteVector32] = tx.txIn.map(_.witness).collect(extractPreimageFromClaimHtlcSuccess).toSet
 
-  def htlcReceived(keys: CommitmentPublicKeys, paymentHash: ByteVector32, lockTime: CltvExpiry, commitmentFormat: CommitmentFormat): Seq[ScriptElt] = {
+  def htlcReceived(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash, lockTime: CltvExpiry, commitmentFormat: CommitmentFormat): Seq[ScriptElt] = {
     val addCsvDelay = commitmentFormat match {
       case DefaultCommitmentFormat => false
       case _: AnchorOutputsCommitmentFormat | SimpleTaprootChannelCommitmentFormat => true
@@ -275,7 +326,7 @@ object Scripts {
         OP_PUSHDATA(keys.remoteHtlcPublicKey) :: OP_SWAP :: OP_SIZE :: encodeNumber(32) :: OP_EQUAL ::
         OP_IF ::
             // To me via HTLC-success transaction.
-            OP_HASH160 :: OP_PUSHDATA(Crypto.ripemd160(paymentHash)) :: OP_EQUALVERIFY ::
+            OP_HASH160 :: OP_PUSHDATA(paymentHash.ripemdHash) :: OP_EQUALVERIFY ::
             OP_2 :: OP_SWAP :: OP_PUSHDATA(keys.localHtlcPublicKey) :: OP_2 :: OP_CHECKMULTISIG ::
         OP_ELSE ::
             // To you after timeout.
@@ -291,6 +342,48 @@ object Scripts {
     // @formatter:on
   }
 
+  // @formatter:off
+  def extractHtlcInfoFromHtlcReceived(script: Seq[ScriptElt]): Option[(RipemdOfPaymentHash, CltvExpiry)] = script match {
+    case OP_DUP :: OP_HASH160 :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_IF ::
+        OP_CHECKSIG ::
+      OP_ELSE ::
+        OP_PUSHDATA(_, _) :: OP_SWAP :: OP_SIZE :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+        OP_IF ::
+          // To me via HTLC-success transaction.
+          OP_HASH160 :: OP_PUSHDATA(ripemdHash, _) :: OP_EQUALVERIFY ::
+          OP_2 :: OP_SWAP :: OP_PUSHDATA(_, _) :: OP_2 :: OP_CHECKMULTISIG ::
+        OP_ELSE ::
+          // To you after timeout.
+          OP_DROP :: OP_PUSHDATA(rawExpiry, _) :: OP_CHECKLOCKTIMEVERIFY :: OP_DROP ::
+          OP_CHECKSIG ::
+        OP_ENDIF ::
+        OP_1 :: OP_CHECKSEQUENCEVERIFY :: OP_DROP ::
+      OP_ENDIF :: Nil if ripemdHash.size == 20 => Some(RipemdOfPaymentHash(ripemdHash), CltvExpiry(Script.decodeNumber(rawExpiry, false)))
+    case OP_DUP :: OP_HASH160 :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+      OP_IF ::
+        OP_CHECKSIG ::
+      OP_ELSE ::
+        OP_PUSHDATA(_, _) :: OP_SWAP :: OP_SIZE :: OP_PUSHDATA(_, _) :: OP_EQUAL ::
+        OP_IF ::
+          // To me via HTLC-success transaction.
+          OP_HASH160 :: OP_PUSHDATA(ripemdHash, _) :: OP_EQUALVERIFY ::
+          OP_2 :: OP_SWAP :: OP_PUSHDATA(_, _) :: OP_2 :: OP_CHECKMULTISIG ::
+        OP_ELSE ::
+          // To you after timeout.
+          OP_DROP :: OP_PUSHDATA(rawExpiry, _) :: OP_CHECKLOCKTIMEVERIFY :: OP_DROP ::
+          OP_CHECKSIG ::
+        OP_ENDIF ::
+      OP_ENDIF :: Nil if ripemdHash.size == 20 => Some(RipemdOfPaymentHash(ripemdHash), CltvExpiry(Script.decodeNumber(rawExpiry, false)))
+    case _ => None
+  }
+  // @formatter:on
+
+  def extractHtlcInfoFromHtlcReceived(script: ByteVector): Option[(RipemdOfPaymentHash, CltvExpiry)] = extractHtlcInfoFromHtlcReceived(Script.parse(script))
+
+  def htlcReceived(keys: CommitmentPublicKeys, paymentHash: ByteVector32, lockTime: CltvExpiry, commitmentFormat: CommitmentFormat): Seq[ScriptElt] =
+    htlcReceived(keys, RipemdOfPaymentHash(paymentHash), lockTime, commitmentFormat)
+
   /**
    * This is the witness script of the 2nd-stage HTLC Timeout transaction (consumes htlcOffered script from commit tx)
    */
@@ -445,10 +538,10 @@ object Scripts {
      *
      * @return a script used to create a "spend offered HTLC" leaf in a script tree
      */
-    private def offeredHtlcSuccess(keys: CommitmentPublicKeys, paymentHash: ByteVector32): Seq[ScriptElt] = {
+    private def offeredHtlcSuccess(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash): Seq[ScriptElt] = {
       // @formatter:off
       OP_SIZE :: encodeNumber(32) :: OP_EQUALVERIFY ::
-      OP_HASH160 :: OP_PUSHDATA(Crypto.ripemd160(paymentHash)) :: OP_EQUALVERIFY ::
+      OP_HASH160 :: OP_PUSHDATA(paymentHash.ripemdHash) :: OP_EQUALVERIFY ::
       OP_PUSHDATA(keys.remoteHtlcPublicKey.xOnly) :: OP_CHECKSIGVERIFY ::
       OP_1 :: OP_CHECKSEQUENCEVERIFY :: Nil
       // @formatter:on
@@ -457,13 +550,15 @@ object Scripts {
     /**
      * Script tree used for offered HTLCs.
      */
-    def offeredHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: ByteVector32): ScriptTree.Branch = {
+    def offeredHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash): ScriptTree.Branch = {
       new ScriptTree.Branch(
         new ScriptTree.Leaf(offeredHtlcTimeout(keys)),
         new ScriptTree.Leaf(offeredHtlcSuccess(keys, paymentHash)),
       )
     }
 
+    def offeredHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: ByteVector32): ScriptTree.Branch = offeredHtlcScriptTree(keys, RipemdOfPaymentHash(paymentHash))
+
     /**
      * Script used for offered HTLCs.
      */
@@ -491,10 +586,10 @@ object Scripts {
      *
      * miniscript: and_v(v:hash160(H),and_v(v:pk(local_key),pk(remote_key)))
      */
-    private def receivedHtlcSuccess(keys: CommitmentPublicKeys, paymentHash: ByteVector32): Seq[ScriptElt] = {
+    private def receivedHtlcSuccess(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash): Seq[ScriptElt] = {
       // @formatter:off
       OP_SIZE :: encodeNumber(32) :: OP_EQUALVERIFY ::
-      OP_HASH160 :: OP_PUSHDATA(Crypto.ripemd160(paymentHash)) :: OP_EQUALVERIFY ::
+      OP_HASH160 :: OP_PUSHDATA(paymentHash.ripemdHash) :: OP_EQUALVERIFY ::
       OP_PUSHDATA(keys.localHtlcPublicKey.xOnly) :: OP_CHECKSIGVERIFY ::
       OP_PUSHDATA(keys.remoteHtlcPublicKey.xOnly) :: OP_CHECKSIG :: Nil
       // @formatter:on
@@ -503,13 +598,16 @@ object Scripts {
     /**
      * Script tree used for received HTLCs.
      */
-    def receivedHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: ByteVector32, expiry: CltvExpiry): ScriptTree.Branch = {
+    def receivedHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: RipemdOfPaymentHash, expiry: CltvExpiry): ScriptTree.Branch = {
       new ScriptTree.Branch(
         new ScriptTree.Leaf(receivedHtlcTimeout(keys, expiry)),
         new ScriptTree.Leaf(receivedHtlcSuccess(keys, paymentHash)),
       )
     }
 
+    def receivedHtlcScriptTree(keys: CommitmentPublicKeys, paymentHash: ByteVector32, expiry: CltvExpiry): ScriptTree.Branch =
+      receivedHtlcScriptTree(keys, RipemdOfPaymentHash(paymentHash), expiry)
+
     /**
      * Script used for received HTLCs.
      */

eclair-core/src/main/scala/fr/acinq/eclair/transactions/Transactions.scala

@@ -131,16 +131,6 @@ object Transactions {
 
   case class InputInfo(outPoint: OutPoint, txOut: TxOut)
 
-  case class InputInfoWithRedeemInfo(outPoint: OutPoint, txOut: TxOut, redeemInfo: RedeemInfo) {
-    val inputInfo: InputInfo = InputInfo(outPoint, txOut)
-  }
-
-  object InputInfoWithRedeemInfo {
-    def apply(outPoint: OutPoint, txOut: TxOut, redeemScript: ByteVector): InputInfoWithRedeemInfo = InputInfoWithRedeemInfo(outPoint, txOut, SegwitV0(Script.parse(redeemScript)))
-    def apply(outPoint: OutPoint, txOut: TxOut, redeemScript: Seq[ScriptElt]): InputInfoWithRedeemInfo = InputInfoWithRedeemInfo(outPoint, txOut, SegwitV0(redeemScript))
-    def apply(outPoint: OutPoint, txOut: TxOut, internalKey: XonlyPublicKey, scriptTree: ScriptTree, leafHash: ByteVector32): InputInfoWithRedeemInfo = InputInfoWithRedeemInfo(outPoint, txOut, RedeemInfo.TaprootScriptPath(internalKey, scriptTree, leafHash))
-  }
-
   /** Owner of a given transaction (local/remote). */
   sealed trait TxOwner
   object TxOwner {
@@ -292,17 +282,10 @@ object Transactions {
     override val desc: String = "htlc-success"
   }
 
-  case class HtlcTimeoutTx(input: InputInfo, tx: Transaction, htlcId: Long, confirmationTarget: ConfirmationTarget.Absolute, paymentHash: ByteVector32) extends HtlcTx {
+  case class HtlcTimeoutTx(input: InputInfo, tx: Transaction, htlcId: Long, confirmationTarget: ConfirmationTarget.Absolute, paymentHash: RipemdOfPaymentHash) extends HtlcTx {
     override val desc: String = "htlc-timeout"
   }
 
-  case class LegacyHtlcTimeoutTx(input: InputInfoWithRedeemScript, tx: Transaction, htlcId: Long, confirmationTarget: ConfirmationTarget.Absolute) {
-    def this(htlcTimeOutTx: HtlcTimeoutTx) = this(new InputInfoWithRedeemScript(htlcTimeOutTx.input), htlcTimeOutTx.tx, htlcTimeOutTx.htlcId, htlcTimeOutTx.confirmationTarget)
-
-    val ripemdOfPaymentHash: RipemdOfPaymentHash = Scripts.extractHtlcInfoFromHtlcOfferedScript(input.redeemScript).getOrElse(RipemdOfPaymentHash.empty)
-    val htlcTimeOutTx: HtlcTimeoutTx = HtlcTimeoutTx(input.inputInfo, tx, htlcId, confirmationTarget, ripemdOfPaymentHash)
-  }
-
   case class HtlcDelayedTx(input: InputInfo, tx: Transaction) extends TransactionWithInputInfo {
     override val desc: String = "htlc-delayed"
   }
@@ -317,7 +300,7 @@ object Transactions {
     override val desc: String = "claim-htlc-success"
   }
 
-  case class ClaimHtlcTimeoutTx(input: InputInfo, tx: Transaction, htlcId: Long, paymentHash: ByteVector32, cltvExpiry: CltvExpiry, confirmationTarget: ConfirmationTarget.Absolute) extends ClaimHtlcTx {
+  case class ClaimHtlcTimeoutTx(input: InputInfo, tx: Transaction, htlcId: Long, paymentHash: RipemdOfPaymentHash, cltvExpiry: CltvExpiry, confirmationTarget: ConfirmationTarget.Absolute) extends ClaimHtlcTx {
     override val desc: String = "claim-htlc-timeout"
   }
 
@@ -641,7 +624,7 @@ object Transactions {
       txOut = output.htlcTimeoutOutput.txOut :: Nil,
       lockTime = htlc.cltvExpiry.toLong
     )
-    Right(HtlcTimeoutTx(input, tx, htlc.id, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)), htlc.paymentHash))
+    Right(HtlcTimeoutTx(input, tx, htlc.id, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)), RipemdOfPaymentHash(htlc.paymentHash)))
   }
 
   private def makeHtlcSuccessTx(commitTx: Transaction,
@@ -716,12 +699,12 @@ object Transactions {
           txOut = TxOut(0 sat, localFinalScriptPubKey) :: Nil,
           lockTime = htlc.cltvExpiry.toLong
         )
-        val unsignedClaimTx = ClaimHtlcTimeoutTx(input, unsignedTx, htlc.id, htlc.paymentHash, htlc.cltvExpiry, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)))
+        val unsignedClaimTx = ClaimHtlcTimeoutTx(input, unsignedTx, htlc.id, RipemdOfPaymentHash(htlc.paymentHash), htlc.cltvExpiry, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)))
         val solver = Solver.ClaimHtlcTimeout(RemoteCommitmentKeys(Left(PlaceHolderPubKey), PlaceHolderPubKey, PlaceHolderPubKey, PrivateKey(ByteVector32.One), PlaceHolderPubKey, PlaceHolderPubKey), unsignedClaimTx, commitmentFormat)
         val dummySignedTx = solver.addSig(unsignedClaimTx, SolverData.SingleSig(PlaceHolderSig))
         skipTxIfBelowDust(dummySignedTx, feeratePerKw, dustLimit).map { amount =>
           val tx = unsignedTx.copy(txOut = TxOut(amount, localFinalScriptPubKey) :: Nil)
-          ClaimHtlcTimeoutTx(input, tx, htlc.id, htlc.paymentHash, htlc.cltvExpiry, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)))
+          ClaimHtlcTimeoutTx(input, tx, htlc.id, RipemdOfPaymentHash(htlc.paymentHash), htlc.cltvExpiry, ConfirmationTarget.Absolute(BlockHeight(htlc.cltvExpiry.toLong)))
         }
     }.getOrElse(Left(OutputNotFound))
   }