From e8939e26bc8fdf90a2f7b8aec38e5171a54764b4 Mon Sep 17 00:00:00 2001 From: Alec Chen Date: Mon, 10 Jun 2024 15:01:11 -0700 Subject: [PATCH 1/3] Allow toggling specific signing methods in test channel signer --- fuzz/src/chanmon_consistency.rs | 7 +-- lightning/src/chain/channelmonitor.rs | 6 ++ lightning/src/ln/channel.rs | 6 ++ lightning/src/ln/functional_test_utils.rs | 71 +++++++++++++++++++++++ lightning/src/util/test_channel_signer.rs | 56 +++++++++++++++++- lightning/src/util/test_utils.rs | 11 +++- 6 files changed, 149 insertions(+), 8 deletions(-) diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index c4d179e745c..423e69eb8f6 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -396,12 +396,7 @@ impl SignerProvider for KeyProvider { let inner: InMemorySigner = ReadableArgs::read(&mut reader, self)?; let state = self.make_enforcement_state_cell(inner.commitment_seed); - Ok(TestChannelSigner { - inner, - state, - disable_revocation_policy_check: false, - available: Arc::new(Mutex::new(true)), - }) + Ok(TestChannelSigner::new_with_revoked(inner, state, false)) } fn get_destination_script(&self, _channel_keys_id: [u8; 32]) -> Result { diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs index cd6061a2030..5cc8030a6a1 100644 --- a/lightning/src/chain/channelmonitor.rs +++ b/lightning/src/chain/channelmonitor.rs @@ -1928,6 +1928,12 @@ impl ChannelMonitor { let inner = self.inner.lock().unwrap(); f(&inner.onchain_tx_handler.signer); } + + #[cfg(test)] + pub fn do_mut_signer_call ()>(&self, mut f: F) { + let mut inner = self.inner.lock().unwrap(); + f(&mut inner.onchain_tx_handler.signer); + } } impl ChannelMonitorImpl { diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 57fbe51626b..b6004debd7a 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -2122,6 +2122,12 @@ impl ChannelContext where SP::Target: SignerProvider { return &self.holder_signer } + /// Returns the holder signer for this channel. + #[cfg(test)] + pub fn get_mut_signer(&mut self) -> &mut ChannelSignerType { + return &mut self.holder_signer + } + /// Only allowed immediately after deserialization if get_outbound_scid_alias returns 0, /// indicating we were written by LDK prior to 0.0.106 which did not set outbound SCID aliases /// or prior to any channel actions during `Channel` initialization. diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs index 7e57f20595a..d46588b105a 100644 --- a/lightning/src/ln/functional_test_utils.rs +++ b/lightning/src/ln/functional_test_utils.rs @@ -31,6 +31,8 @@ use crate::util::errors::APIError; use crate::util::logger::Logger; use crate::util::scid_utils; use crate::util::test_channel_signer::TestChannelSigner; +#[cfg(test)] +use crate::util::test_channel_signer::SignerOp; use crate::util::test_utils; use crate::util::test_utils::{panicking, TestChainMonitor, TestScorer, TestKeysInterface}; use crate::util::ser::{ReadableArgs, Writeable}; @@ -523,6 +525,75 @@ impl<'a, 'b, 'c> Node<'a, 'b, 'c> { .insert(channel_keys_id.unwrap()); } } + + /// Toggles this node's signer to be available for the given signer operation. + /// This is useful for testing behavior for restoring an async signer that previously + /// could not return a signature immediately. + #[cfg(test)] + pub fn enable_channel_signer_op(&self, peer_id: &PublicKey, chan_id: &ChannelId, signer_op: SignerOp) { + self.set_channel_signer_ops(peer_id, chan_id, signer_op, true); + } + + /// Toggles this node's signer to be unavailable, returning `Err` for the given signer operation. + /// This is useful for testing behavior for an async signer that cannot return a signature + /// immediately. + #[cfg(test)] + pub fn disable_channel_signer_op(&self, peer_id: &PublicKey, chan_id: &ChannelId, signer_op: SignerOp) { + self.set_channel_signer_ops(peer_id, chan_id, signer_op, false); + } + + /// Changes the channel signer's availability for the specified peer, channel, and signer + /// operation. + /// + /// For the specified signer operation, when `available` is set to `true`, the channel signer + /// will behave normally, returning `Ok`. When set to `false`, and the channel signer will + /// act like an off-line remote signer, returning `Err`. This applies to the signer in all + /// relevant places, i.e. the channel manager, chain monitor, and the keys manager. + #[cfg(test)] + fn set_channel_signer_ops(&self, peer_id: &PublicKey, chan_id: &ChannelId, signer_op: SignerOp, available: bool) { + use crate::sign::ChannelSigner; + log_debug!(self.logger, "Setting channel signer for {} as available={}", chan_id, available); + + let per_peer_state = self.node.per_peer_state.read().unwrap(); + let mut chan_lock = per_peer_state.get(peer_id).unwrap().lock().unwrap(); + + let mut channel_keys_id = None; + if let Some(chan) = chan_lock.channel_by_id.get_mut(chan_id).map(|phase| phase.context_mut()) { + let signer = chan.get_mut_signer().as_mut_ecdsa().unwrap(); + if available { + signer.enable_op(signer_op); + } else { + signer.disable_op(signer_op); + } + channel_keys_id = Some(chan.channel_keys_id); + } + + let monitor = self.chain_monitor.chain_monitor.list_monitors().into_iter() + .find(|(_, channel_id)| *channel_id == *chan_id) + .and_then(|(funding_txo, _)| self.chain_monitor.chain_monitor.get_monitor(funding_txo).ok()); + if let Some(monitor) = monitor { + monitor.do_mut_signer_call(|signer| { + channel_keys_id = channel_keys_id.or(Some(signer.inner.channel_keys_id())); + if available { + signer.enable_op(signer_op); + } else { + signer.disable_op(signer_op); + } + }); + } + + let channel_keys_id = channel_keys_id.unwrap(); + let mut unavailable_signers_ops = self.keys_manager.unavailable_signers_ops.lock().unwrap(); + let entry = unavailable_signers_ops.entry(channel_keys_id).or_insert(new_hash_set()); + if available { + entry.remove(&signer_op); + if entry.is_empty() { + unavailable_signers_ops.remove(&channel_keys_id); + } + } else { + entry.insert(signer_op); + }; + } } /// If we need an unsafe pointer to a `Node` (ie to reference it in a thread diff --git a/lightning/src/util/test_channel_signer.rs b/lightning/src/util/test_channel_signer.rs index 2009e4d0b08..2ee6a3a68f5 100644 --- a/lightning/src/util/test_channel_signer.rs +++ b/lightning/src/util/test_channel_signer.rs @@ -18,7 +18,7 @@ use crate::sign::ecdsa::EcdsaChannelSigner; #[allow(unused_imports)] use crate::prelude::*; -use core::cmp; +use core::{cmp, fmt}; use crate::sync::{Mutex, Arc}; #[cfg(test)] use crate::sync::MutexGuard; @@ -74,6 +74,46 @@ pub struct TestChannelSigner { /// When `true` (the default), the signer will respond immediately with signatures. When `false`, /// the signer will return an error indicating that it is unavailable. pub available: Arc>, + /// Set of signer operations that are disabled. If an operation is disabled, + /// the signer will return `Err` when the corresponding method is called. + pub disabled_signer_ops: Arc>>, +} + +#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] +pub enum SignerOp { + GetPerCommitmentPoint, + ReleaseCommitmentSecret, + ValidateHolderCommitment, + SignCounterpartyCommitment, + ValidateCounterpartyRevocation, + SignHolderCommitment, + SignJusticeRevokedOutput, + SignJusticeRevokedHtlc, + SignHolderHtlcTransaction, + SignCounterpartyHtlcTransaction, + SignClosingTransaction, + SignHolderAnchorInput, + SignChannelAnnouncementWithFundingKey, +} + +impl fmt::Display for SignerOp { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match self { + SignerOp::GetPerCommitmentPoint => write!(f, "get_per_commitment_point"), + SignerOp::ReleaseCommitmentSecret => write!(f, "release_commitment_secret"), + SignerOp::ValidateHolderCommitment => write!(f, "validate_holder_commitment"), + SignerOp::SignCounterpartyCommitment => write!(f, "sign_counterparty_commitment"), + SignerOp::ValidateCounterpartyRevocation => write!(f, "validate_counterparty_revocation"), + SignerOp::SignHolderCommitment => write!(f, "sign_holder_commitment"), + SignerOp::SignJusticeRevokedOutput => write!(f, "sign_justice_revoked_output"), + SignerOp::SignJusticeRevokedHtlc => write!(f, "sign_justice_revoked_htlc"), + SignerOp::SignHolderHtlcTransaction => write!(f, "sign_holder_htlc_transaction"), + SignerOp::SignCounterpartyHtlcTransaction => write!(f, "sign_counterparty_htlc_transaction"), + SignerOp::SignClosingTransaction => write!(f, "sign_closing_transaction"), + SignerOp::SignHolderAnchorInput => write!(f, "sign_holder_anchor_input"), + SignerOp::SignChannelAnnouncementWithFundingKey => write!(f, "sign_channel_announcement_with_funding_key"), + } + } } impl PartialEq for TestChannelSigner { @@ -91,6 +131,7 @@ impl TestChannelSigner { state, disable_revocation_policy_check: false, available: Arc::new(Mutex::new(true)), + disabled_signer_ops: Arc::new(Mutex::new(new_hash_set())), } } @@ -105,6 +146,7 @@ impl TestChannelSigner { state, disable_revocation_policy_check, available: Arc::new(Mutex::new(true)), + disabled_signer_ops: Arc::new(Mutex::new(new_hash_set())), } } @@ -123,6 +165,18 @@ impl TestChannelSigner { pub fn set_available(&self, available: bool) { *self.available.lock().unwrap() = available; } + + pub fn enable_op(&mut self, signer_op: SignerOp) { + self.disabled_signer_ops.lock().unwrap().remove(&signer_op); + } + + pub fn disable_op(&mut self, signer_op: SignerOp) { + self.disabled_signer_ops.lock().unwrap().insert(signer_op); + } + + fn is_signer_available(&self, signer_op: SignerOp) -> bool { + !self.disabled_signer_ops.lock().unwrap().contains(&signer_op) + } } impl ChannelSigner for TestChannelSigner { diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs index f6616a8e5d2..afdcbbac370 100644 --- a/lightning/src/util/test_utils.rs +++ b/lightning/src/util/test_utils.rs @@ -79,6 +79,8 @@ use std::time::{SystemTime, UNIX_EPOCH}; use bitcoin::psbt::Psbt; use bitcoin::Sequence; +use super::test_channel_signer::SignerOp; + pub fn pubkey(byte: u8) -> PublicKey { let secp_ctx = Secp256k1::new(); PublicKey::from_secret_key(&secp_ctx, &privkey(byte)) @@ -1215,6 +1217,7 @@ pub struct TestKeysInterface { enforcement_states: Mutex>>>, expectations: Mutex>>, pub unavailable_signers: Mutex>, + pub unavailable_signers_ops: Mutex>>, } impl EntropySource for TestKeysInterface { @@ -1273,10 +1276,15 @@ impl SignerProvider for TestKeysInterface { fn derive_channel_signer(&self, channel_value_satoshis: u64, channel_keys_id: [u8; 32]) -> TestChannelSigner { let keys = self.backing.derive_channel_signer(channel_value_satoshis, channel_keys_id); let state = self.make_enforcement_state_cell(keys.commitment_seed); - let signer = TestChannelSigner::new_with_revoked(keys, state, self.disable_revocation_policy_check); + let mut signer = TestChannelSigner::new_with_revoked(keys, state, self.disable_revocation_policy_check); if self.unavailable_signers.lock().unwrap().contains(&channel_keys_id) { signer.set_available(false); } + if let Some(ops) = self.unavailable_signers_ops.lock().unwrap().get(&channel_keys_id) { + for &op in ops { + signer.disable_op(op); + } + } signer } @@ -1316,6 +1324,7 @@ impl TestKeysInterface { enforcement_states: Mutex::new(new_hash_map()), expectations: Mutex::new(None), unavailable_signers: Mutex::new(new_hash_set()), + unavailable_signers_ops: Mutex::new(new_hash_map()), } } From 1fb2b8e0ffdd0d50a60480ee8f71e0266ac06373 Mon Sep 17 00:00:00 2001 From: Alec Chen Date: Mon, 17 Jun 2024 14:28:21 -0700 Subject: [PATCH 2/3] Refactor tests to use specific async signing ops --- lightning/src/ln/async_signer_tests.rs | 55 ++++++++++++++++------- lightning/src/util/test_channel_signer.rs | 16 +++---- 2 files changed, 47 insertions(+), 24 deletions(-) diff --git a/lightning/src/ln/async_signer_tests.rs b/lightning/src/ln/async_signer_tests.rs index 8e929fe844d..b6e5a222d27 100644 --- a/lightning/src/ln/async_signer_tests.rs +++ b/lightning/src/ln/async_signer_tests.rs @@ -20,6 +20,7 @@ use crate::events::{Event, MessageSendEvent, MessageSendEventsProvider, ClosureR use crate::ln::functional_test_utils::*; use crate::ln::msgs::ChannelMessageHandler; use crate::ln::channelmanager::{PaymentId, RecipientOnionFields}; +use crate::util::test_channel_signer::SignerOp; #[test] fn test_async_commitment_signature_for_funding_created() { @@ -43,7 +44,7 @@ fn test_async_commitment_signature_for_funding_created() { // But! Let's make node[0]'s signer be unavailable: we should *not* broadcast a funding_created // message... let (temporary_channel_id, tx, _) = create_funding_transaction(&nodes[0], &nodes[1].node.get_our_node_id(), 100000, 42); - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &temporary_channel_id, false); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[0].node.funding_transaction_generated(&temporary_channel_id, &nodes[1].node.get_our_node_id(), tx.clone()).unwrap(); check_added_monitors(&nodes[0], 0); @@ -57,7 +58,7 @@ fn test_async_commitment_signature_for_funding_created() { channels[0].channel_id }; - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[0].node.signer_unblocked(Some((nodes[1].node.get_our_node_id(), chan_id))); let mut funding_created_msg = get_event_msg!(nodes[0], MessageSendEvent::SendFundingCreated, nodes[1].node.get_our_node_id()); @@ -98,7 +99,7 @@ fn test_async_commitment_signature_for_funding_signed() { // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should // *not* broadcast a `funding_signed`... - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].disable_channel_signer_op(&nodes[0].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); check_added_monitors(&nodes[1], 1); @@ -111,7 +112,7 @@ fn test_async_commitment_signature_for_funding_signed() { assert_eq!(channels.len(), 1, "expected one channel, not {}", channels.len()); channels[0].channel_id }; - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].enable_channel_signer_op(&nodes[0].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); expect_channel_pending_event(&nodes[1], &nodes[0].node.get_our_node_id()); @@ -152,14 +153,14 @@ fn test_async_commitment_signature_for_commitment_signed() { // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); check_added_monitors(dst, 1); get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); let events = dst.node.get_and_clear_pending_msg_events(); @@ -215,7 +216,7 @@ fn test_async_commitment_signature_for_funding_signed_0conf() { // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should // *not* broadcast a `funding_signed`... - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].disable_channel_signer_op(&nodes[0].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); check_added_monitors(&nodes[1], 1); @@ -230,7 +231,7 @@ fn test_async_commitment_signature_for_funding_signed_0conf() { }; // At this point, we basically expect the channel to open like a normal zero-conf channel. - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].enable_channel_signer_op(&nodes[0].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); let (funding_signed, channel_ready_1) = { @@ -299,7 +300,7 @@ fn test_async_commitment_signature_for_peer_disconnect() { // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); check_added_monitors(dst, 1); @@ -314,7 +315,7 @@ fn test_async_commitment_signature_for_peer_disconnect() { reconnect_nodes(reconnect_args); // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); { @@ -366,7 +367,6 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { route_payment(&nodes[0], &[&nodes[1]], 1_000_000); let error_message = "Channel force-closed"; - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, false); if remote_commitment { // Make the counterparty broadcast its latest commitment. @@ -375,6 +375,8 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { check_closed_broadcast(&nodes[1], 1, true); check_closed_event(&nodes[1], 1, ClosureReason::HolderForceClosed { broadcasted_latest_txn: Some(true) }, false, &[nodes[0].node.get_our_node_id()], 100_000); } else { + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderHtlcTransaction); // We'll connect blocks until the sender has to go onchain to time out the HTLC. connect_blocks(&nodes[0], TEST_FINAL_CLTV + LATENCY_GRACE_PERIOD_BLOCKS + 1); @@ -383,7 +385,8 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); // Mark it as available now, we should see the signed commitment transaction. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderHtlcTransaction); get_monitor!(nodes[0], chan_id).signer_unblocked(nodes[0].tx_broadcaster, nodes[0].fee_estimator, &nodes[0].logger); } @@ -409,7 +412,13 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { // Mark it as unavailable again to now test the HTLC transaction. We'll mine the commitment such // that the HTLC transaction is retried. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, false); + let sign_htlc_op = if remote_commitment { + SignerOp::SignCounterpartyHtlcTransaction + } else { + SignerOp::SignHolderHtlcTransaction + }; + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, sign_htlc_op); mine_transaction(&nodes[0], &commitment_tx); check_added_monitors(&nodes[0], 1); @@ -426,10 +435,12 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { if anchors && !remote_commitment { handle_bump_htlc_event(&nodes[0], 1); } - assert!(nodes[0].tx_broadcaster.txn_broadcast().is_empty()); + let txn = nodes[0].tx_broadcaster.txn_broadcast(); + assert!(txn.is_empty(), "expected no transaction to be broadcast, got {:?}", txn); // Mark it as available now, we should see the signed HTLC transaction. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, sign_htlc_op); get_monitor!(nodes[0], chan_id).signer_unblocked(nodes[0].tx_broadcaster, nodes[0].fee_estimator, &nodes[0].logger); if anchors && !remote_commitment { @@ -443,9 +454,21 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { } #[test] -fn test_async_holder_signatures() { +fn test_async_holder_signatures_no_anchors() { do_test_async_holder_signatures(false, false); +} + +#[test] +fn test_async_holder_signatures_remote_commitment_no_anchors() { do_test_async_holder_signatures(false, true); +} + +#[test] +fn test_async_holder_signatures_anchors() { do_test_async_holder_signatures(true, false); +} + +#[test] +fn test_async_holder_signatures_remote_commitment_anchors() { do_test_async_holder_signatures(true, true); } diff --git a/lightning/src/util/test_channel_signer.rs b/lightning/src/util/test_channel_signer.rs index 2ee6a3a68f5..5f509f7752d 100644 --- a/lightning/src/util/test_channel_signer.rs +++ b/lightning/src/util/test_channel_signer.rs @@ -203,7 +203,7 @@ impl ChannelSigner for TestChannelSigner { } fn validate_counterparty_revocation(&self, idx: u64, _secret: &SecretKey) -> Result<(), ()> { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::ValidateCounterpartyRevocation) { return Err(()); } let mut state = self.state.lock().unwrap(); @@ -226,7 +226,7 @@ impl EcdsaChannelSigner for TestChannelSigner { self.verify_counterparty_commitment_tx(commitment_tx, secp_ctx); { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignCounterpartyCommitment) { return Err(()); } let mut state = self.state.lock().unwrap(); @@ -245,7 +245,7 @@ impl EcdsaChannelSigner for TestChannelSigner { } fn sign_holder_commitment(&self, commitment_tx: &HolderCommitmentTransaction, secp_ctx: &Secp256k1) -> Result { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignHolderCommitment) { return Err(()); } let trusted_tx = self.verify_holder_commitment_tx(commitment_tx, secp_ctx); @@ -266,14 +266,14 @@ impl EcdsaChannelSigner for TestChannelSigner { } fn sign_justice_revoked_output(&self, justice_tx: &Transaction, input: usize, amount: u64, per_commitment_key: &SecretKey, secp_ctx: &Secp256k1) -> Result { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignJusticeRevokedOutput) { return Err(()); } Ok(EcdsaChannelSigner::sign_justice_revoked_output(&self.inner, justice_tx, input, amount, per_commitment_key, secp_ctx).unwrap()) } fn sign_justice_revoked_htlc(&self, justice_tx: &Transaction, input: usize, amount: u64, per_commitment_key: &SecretKey, htlc: &HTLCOutputInCommitment, secp_ctx: &Secp256k1) -> Result { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignJusticeRevokedHtlc) { return Err(()); } Ok(EcdsaChannelSigner::sign_justice_revoked_htlc(&self.inner, justice_tx, input, amount, per_commitment_key, htlc, secp_ctx).unwrap()) @@ -283,7 +283,7 @@ impl EcdsaChannelSigner for TestChannelSigner { &self, htlc_tx: &Transaction, input: usize, htlc_descriptor: &HTLCDescriptor, secp_ctx: &Secp256k1 ) -> Result { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignHolderHtlcTransaction) { return Err(()); } let state = self.state.lock().unwrap(); @@ -319,7 +319,7 @@ impl EcdsaChannelSigner for TestChannelSigner { } fn sign_counterparty_htlc_transaction(&self, htlc_tx: &Transaction, input: usize, amount: u64, per_commitment_point: &PublicKey, htlc: &HTLCOutputInCommitment, secp_ctx: &Secp256k1) -> Result { - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignCounterpartyHtlcTransaction) { return Err(()); } Ok(EcdsaChannelSigner::sign_counterparty_htlc_transaction(&self.inner, htlc_tx, input, amount, per_commitment_point, htlc, secp_ctx).unwrap()) @@ -338,7 +338,7 @@ impl EcdsaChannelSigner for TestChannelSigner { // As long as our minimum dust limit is enforced and is greater than our anchor output // value, an anchor output can only have an index within [0, 1]. assert!(anchor_tx.input[input].previous_output.vout == 0 || anchor_tx.input[input].previous_output.vout == 1); - if !*self.available.lock().unwrap() { + if !self.is_signer_available(SignerOp::SignHolderAnchorInput) { return Err(()); } EcdsaChannelSigner::sign_holder_anchor_input(&self.inner, anchor_tx, input, secp_ctx) From 21eeca4adde98c91267291bd49c8d4ee423776b5 Mon Sep 17 00:00:00 2001 From: Alec Chen Date: Mon, 10 Jun 2024 17:18:52 -0700 Subject: [PATCH 3/3] Remove global availability logic for testing async signing --- lightning/src/chain/channelmonitor.rs | 6 ---- lightning/src/ln/channel.rs | 6 ---- lightning/src/ln/functional_test_utils.rs | 41 ----------------------- lightning/src/util/test_channel_signer.rs | 14 -------- lightning/src/util/test_utils.rs | 3 -- 5 files changed, 70 deletions(-) diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs index 5cc8030a6a1..a037a965a8f 100644 --- a/lightning/src/chain/channelmonitor.rs +++ b/lightning/src/chain/channelmonitor.rs @@ -1923,12 +1923,6 @@ impl ChannelMonitor { self.inner.lock().unwrap().counterparty_payment_script = script; } - #[cfg(test)] - pub fn do_signer_call ()>(&self, mut f: F) { - let inner = self.inner.lock().unwrap(); - f(&inner.onchain_tx_handler.signer); - } - #[cfg(test)] pub fn do_mut_signer_call ()>(&self, mut f: F) { let mut inner = self.inner.lock().unwrap(); diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index b6004debd7a..4dfe970304c 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -2116,12 +2116,6 @@ impl ChannelContext where SP::Target: SignerProvider { self.outbound_scid_alias } - /// Returns the holder signer for this channel. - #[cfg(test)] - pub fn get_signer(&self) -> &ChannelSignerType { - return &self.holder_signer - } - /// Returns the holder signer for this channel. #[cfg(test)] pub fn get_mut_signer(&mut self) -> &mut ChannelSignerType { diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs index d46588b105a..8c08d37f5f6 100644 --- a/lightning/src/ln/functional_test_utils.rs +++ b/lightning/src/ln/functional_test_utils.rs @@ -484,47 +484,6 @@ impl<'a, 'b, 'c> Node<'a, 'b, 'c> { pub fn get_block_header(&self, height: u32) -> Header { self.blocks.lock().unwrap()[height as usize].0.header } - /// Changes the channel signer's availability for the specified peer and channel. - /// - /// When `available` is set to `true`, the channel signer will behave normally. When set to - /// `false`, the channel signer will act like an off-line remote signer and will return `Err` for - /// several of the signing methods. Currently, only `get_per_commitment_point` and - /// `release_commitment_secret` are affected by this setting. - #[cfg(test)] - pub fn set_channel_signer_available(&self, peer_id: &PublicKey, chan_id: &ChannelId, available: bool) { - use crate::sign::ChannelSigner; - log_debug!(self.logger, "Setting channel signer for {} as available={}", chan_id, available); - - let per_peer_state = self.node.per_peer_state.read().unwrap(); - let chan_lock = per_peer_state.get(peer_id).unwrap().lock().unwrap(); - - let mut channel_keys_id = None; - if let Some(chan) = chan_lock.channel_by_id.get(chan_id).map(|phase| phase.context()) { - chan.get_signer().as_ecdsa().unwrap().set_available(available); - channel_keys_id = Some(chan.channel_keys_id); - } - - let mut monitor = None; - for (funding_txo, channel_id) in self.chain_monitor.chain_monitor.list_monitors() { - if *chan_id == channel_id { - monitor = self.chain_monitor.chain_monitor.get_monitor(funding_txo).ok(); - } - } - if let Some(monitor) = monitor { - monitor.do_signer_call(|signer| { - channel_keys_id = channel_keys_id.or(Some(signer.inner.channel_keys_id())); - signer.set_available(available) - }); - } - - if available { - self.keys_manager.unavailable_signers.lock().unwrap() - .remove(channel_keys_id.as_ref().unwrap()); - } else { - self.keys_manager.unavailable_signers.lock().unwrap() - .insert(channel_keys_id.unwrap()); - } - } /// Toggles this node's signer to be available for the given signer operation. /// This is useful for testing behavior for restoring an async signer that previously diff --git a/lightning/src/util/test_channel_signer.rs b/lightning/src/util/test_channel_signer.rs index 5f509f7752d..884acc2c2ea 100644 --- a/lightning/src/util/test_channel_signer.rs +++ b/lightning/src/util/test_channel_signer.rs @@ -71,9 +71,6 @@ pub struct TestChannelSigner { /// Channel state used for policy enforcement pub state: Arc>, pub disable_revocation_policy_check: bool, - /// When `true` (the default), the signer will respond immediately with signatures. When `false`, - /// the signer will return an error indicating that it is unavailable. - pub available: Arc>, /// Set of signer operations that are disabled. If an operation is disabled, /// the signer will return `Err` when the corresponding method is called. pub disabled_signer_ops: Arc>>, @@ -130,7 +127,6 @@ impl TestChannelSigner { inner, state, disable_revocation_policy_check: false, - available: Arc::new(Mutex::new(true)), disabled_signer_ops: Arc::new(Mutex::new(new_hash_set())), } } @@ -145,7 +141,6 @@ impl TestChannelSigner { inner, state, disable_revocation_policy_check, - available: Arc::new(Mutex::new(true)), disabled_signer_ops: Arc::new(Mutex::new(new_hash_set())), } } @@ -157,15 +152,6 @@ impl TestChannelSigner { self.state.lock().unwrap() } - /// Marks the signer's availability. - /// - /// When `true`, methods are forwarded to the underlying signer as normal. When `false`, some - /// methods will return `Err` indicating that the signer is unavailable. Intended to be used for - /// testing asynchronous signing. - pub fn set_available(&self, available: bool) { - *self.available.lock().unwrap() = available; - } - pub fn enable_op(&mut self, signer_op: SignerOp) { self.disabled_signer_ops.lock().unwrap().remove(&signer_op); } diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs index afdcbbac370..2a11a91f294 100644 --- a/lightning/src/util/test_utils.rs +++ b/lightning/src/util/test_utils.rs @@ -1277,9 +1277,6 @@ impl SignerProvider for TestKeysInterface { let keys = self.backing.derive_channel_signer(channel_value_satoshis, channel_keys_id); let state = self.make_enforcement_state_cell(keys.commitment_seed); let mut signer = TestChannelSigner::new_with_revoked(keys, state, self.disable_revocation_policy_check); - if self.unavailable_signers.lock().unwrap().contains(&channel_keys_id) { - signer.set_available(false); - } if let Some(ops) = self.unavailable_signers_ops.lock().unwrap().get(&channel_keys_id) { for &op in ops { signer.disable_op(op);