Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bolt-simple-taproot: fix, clarify and add things #3

Open
wants to merge 22 commits into
base: simple-taproot-chans
Choose a base branch
from
Open

bolt-simple-taproot: fix, clarify and add things #3

wants to merge 22 commits into from

Conversation

antonilol
Copy link

@antonilol antonilol commented Aug 13, 2022
edited
Loading

lightning#995

i read through the document again and found many things that i would change.

notable changes:

  • use of htlc keys in anchors to have a higher chance of them being able to be swept to minimize utxo set bloat
  • use of revocation key in the to_remote script (explanation in the document and in this comment)

one question:
is this correct? (lines +844, +845)

  * saves storage for both channel peers as (just like with other outputs) only the
   TapTweak has to be remembered

Roasbeef and others added 10 commits May 29, 2022 17:57
@Roasbeef
bolt-simple-taproot: taprooty level 1
ec8c7b4
@antonilol
bolt-simple-taproot: fix and make scripts smaller
dba17e7 
+ script layout and readability
@Roasbeef
Merge pull request #1 from antonilol/taproot-channel-fixes
bf65824 
fix and make scripts smaller
@Roasbeef
bolt-simple-taproot: remove NUMS point usage
749ee9e 
We'll just re-use the funding key instead. Alternatively, we could use
the _other_ party's key here.
@Roasbeef
bolt-simple-taproot: remove feature bit from node ann
78e0c97 
Doesn't add anything atm, so might as well drop it.
@Roasbeef
bolt-simple-taproot: fix typos
20a6072
@Roasbeef
bolt-simple-taproot: specify revoke_and_ack nonce replacement
1acc073
@Roasbeef
bolt-simple-taproot: tighten up language re sigs
3f6d9af
@Roasbeef
bolt-simple-taproot: only need to send once nonce w/ sig/revoke
48af68a
@Roasbeef
bolt-simple-taproot: use new signing+verification nonce terminology
4ab4b8f 
This also adds the new partial signature encoding which uses the final
nonce which is needed for final signature combination.
@antonilol
Copy link
Author

rebased (2 days ago) on your most recent commit in lightning#995, can you review my changes?

Roasbeef
Roasbeef requested changes Nov 11, 2022
View reviewed changes
bolt-simple-taproot.md Outdated

The to remote output has the following form:

* `OP_1 to_remote_output_key`
* where:
* `to_remote_output_key = combined_funding_key + tagged_hash("TapTweak", combined_funding_key || to_remote_script_root)`
* `to_remote_output_key = revocationpubkey + tagged_hash("TapTweak", revocationpubkey || to_remote_script_root)`
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This'll end up breaking the deterministic nature of the output, which is important for things like SCB recovery. If this changes every state, then a party that has lost data (but knows the funding keys) can't find it on chain. As is, they just needs this static information that never changes and they can detect this output. For the history here, see the static_remote_key feature bit/saga.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good point, reverting this change

arik-so and others added 11 commits November 18, 2022 14:47
@arik-so
Rename musig2_nonce to next_local_nonce
75a10ea
@arik-so
Don't demand recalculation of combined funding pubkey where it's alre…
a7d5471 
…ady known.
@arik-so
Fix channel typo
2461f06
@arik-so
Remove received public nonce storage prescriptivism.
95d2b99
@arik-so
Don't tack recipient requirements onto the sender's requirements sect…
0f861b6 
…ion.
@arik-so
Re-split channel ready and channel reëstablish.
cfe4afc
@arik-so
Extend signature field deprecation to funding_created and `funding_…
eb4a355 
…signed`.
@arik-so
Add TLV type introduction section.
ec894dd
@Roasbeef
bolt-simple-taproot: make funding symmetric, add new type for shutdown
19632bb 
In this commit, we build off the prior JIT nonce proposal modifying the
following:

  * The funding flow returns to being symmetric. Both `open_channel` and
    `accept_channel` carry nonces.

  * The `shutdown` message once again transmit a nonce that'll be used
    by both sides to sign the shutdown transaction. A symmetric nonce
    approach is used here as both sides already know what the other will
    use for their nonce, and there's only a single message to sign.

  * The `closing_signed` message now only carries a 32-byte
    `partial_sig` value, as the nonces has already been transmitted
    ahead of time. Additionally, the existing "negotiation" feature has
    been done away with. Cooperative close will now always succeed after
    a single round, as the initiator is the only that ultimately pays
    fees.
@Roasbeef
Merge pull request lightning#5 from Roasbeef/taproot-chans-remix
d89c743 
bolt-simple-taproot: make funding symmetric, add new type for shutdown
@antonilol
bolt-simple-taproot: fix, clarify and add things
b7485d3 
- clarify `output_key_y_parity`
- add usage of htlc keys for anchors in case no balance output exists
- fix `2:` -> `2.` markdown ordered list
- clarify `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` usage in HTLC second level txs
@antonilol antonilol requested a review from Roasbeef March 13, 2023 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Roasbeef Roasbeef Awaiting requested review from Roasbeef

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@antonilol @Roasbeef @arik-so