Archives
/
xmr-btc-swap
mirror of https://github.com/comit-network/xmr-btc-swap
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
wallet-refresh
dependabot/cargo/reqwest-0.12.0
dependabot/cargo/mockito-1.3.1
dependabot/cargo/bdk-0.29.0
cooperative-xmr-redeem
staging
rpc-server
roc
kill-monero-rpc-on-signal-receive
bump-rustc-version-for-release-bins-ci
change-xmr-node-moneroworld
wallet-force-sync-on-first-subscribe
rpc-server-tracing-log-files
dependabot/cargo/libp2p-0.48.0
0.11.x
trying
wait-for-cancel-timelock-when-enc-sig-fails
bungy-corrupted-database
feature/libp2p-release
sqlite
sqlite2
print-priv-view-key
docs
relay-fee-debug
rendezvous-demo
rendezvous-asb-refactor
rendezvous-cli
swap-setup-proto-rishab
cleanup-module-boundaries
debug-remodel-tor
swap-setup-proto
discover-makers-cli
quote-protocol-refactor
debug-remodel-tor-same-port
small-ux-improvements
quote-websocket
random-branch
xmr-adaptor-signatures
xmr-adaptor-signatures-publish-on-testnet
refactor-network-code
no-transfer-proof-failure
on-chain-protocol
remove-bytes-serde-module
remodel-tor
quad9-dns
quote-protocol-libp2p-relay
asb-systemd-setup
manual-sync
fix-confirmations
test-refactor
demo
0.10.0
0.10.1
0.10.2
0.11.0
0.11.1
0.12.0
0.12.1
0.12.2
0.12.3
0.4.0
0.5.0
0.6.0
0.7.0
0.8.0
0.8.1
0.8.2
0.8.3
0.9.0
preview
v0.1
v0.2
v0.3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5a3675a06f'
${ noResults }
xmr-btc-swap/swap/src/bitcoin/refund.rs

155 lines
4.5 KiB
Rust
Raw Blame History

use crate::bitcoin::wallet::Watchable;
use crate::bitcoin::{
verify_sig, Address, Amount, EmptyWitnessStack, NoInputs, NotThreeWitnesses, PublicKey,
TooManyInputs, Transaction, TxCancel,
};
use crate::{bitcoin, monero};
use ::bitcoin::util::bip143::SigHashCache;
use ::bitcoin::{Script, SigHash, SigHashType, Txid};
use anyhow::{bail, Context, Result};
use bdk::miniscript::{Descriptor, DescriptorTrait};
use ecdsa_fun::Signature;
use std::collections::HashMap;
#[derive(Debug)]
pub struct TxRefund {
inner: Transaction,
digest: SigHash,
cancel_output_descriptor: Descriptor<::bitcoin::PublicKey>,
watch_script: Script,
}
impl TxRefund {
pub fn new(tx_cancel: &TxCancel, refund_address: &Address, spending_fee: Amount) -> Self {
let tx_refund = tx_cancel.build_spend_transaction(refund_address, None, spending_fee);
let digest = SigHashCache::new(&tx_refund).signature_hash(
0, // Only one input: cancel transaction
&tx_cancel.output_descriptor.script_code(),
tx_cancel.amount().as_sat(),
SigHashType::All,
);
Self {
inner: tx_refund,
digest,
cancel_output_descriptor: tx_cancel.output_descriptor.clone(),
watch_script: refund_address.script_pubkey(),
}
}
pub fn txid(&self) -> Txid {
self.inner.txid()
}
pub fn digest(&self) -> SigHash {
self.digest
}
pub fn add_signatures(
self,
(A, sig_a): (PublicKey, Signature),
(B, sig_b): (PublicKey, Signature),
) -> Result<Transaction> {
let satisfier = {
let mut satisfier = HashMap::with_capacity(2);
let A = ::bitcoin::PublicKey {
compressed: true,
key: A.0.into(),
};
let B = ::bitcoin::PublicKey {
compressed: true,
key: B.0.into(),
};
// The order in which these are inserted doesn't matter
satisfier.insert(A, (sig_a.into(), ::bitcoin::SigHashType::All));
satisfier.insert(B, (sig_b.into(), ::bitcoin::SigHashType::All));
satisfier
};
let mut tx_refund = self.inner;
self.cancel_output_descriptor
.satisfy(&mut tx_refund.input[0], satisfier)?;
Ok(tx_refund)
}
pub fn extract_monero_private_key(
&self,
published_refund_tx: bitcoin::Transaction,
s_a: monero::Scalar,
a: bitcoin::SecretKey,
S_b_bitcoin: bitcoin::PublicKey,
) -> Result<monero::PrivateKey> {
let s_a = monero::PrivateKey { scalar: s_a };
let tx_refund_sig = self
.extract_signature_by_key(published_refund_tx, a.public())
.context("Failed to extract signature from Bitcoin refund tx")?;
let tx_refund_encsig = a.encsign(S_b_bitcoin, self.digest());
let s_b = bitcoin::recover(S_b_bitcoin, tx_refund_sig, tx_refund_encsig)
.context("Failed to recover Monero secret key from Bitcoin signature")?;
let s_b = monero::private_key_from_secp256k1_scalar(s_b.into());
let spend_key = s_a + s_b;
Ok(spend_key)
}
fn extract_signature_by_key(
&self,
candidate_transaction: Transaction,
B: PublicKey,
) -> Result<Signature> {
let input = match candidate_transaction.input.as_slice() {
[input] => input,
[] => bail!(NoInputs),
[inputs @ ..] => bail!(TooManyInputs(inputs.len())),
};
let sigs = match input
.witness
.iter()
.map(|vec| vec.as_slice())
.collect::<Vec<_>>()
.as_slice()
{
[sig_1, sig_2, _script] => [sig_1, sig_2]
.iter()
.map(|sig| {
bitcoin::secp256k1::Signature::from_der(&sig[..sig.len() - 1])
.map(Signature::from)
})
.collect::<std::result::Result<Vec<_>, _>>(),
[] => bail!(EmptyWitnessStack),
[witnesses @ ..] => bail!(NotThreeWitnesses(witnesses.len())),
}?;
let sig = sigs
.into_iter()
.find(|sig| verify_sig(&B, &self.digest(), sig).is_ok())
.context("Neither signature on witness stack verifies against B")?;
Ok(sig)
}
pub fn weight() -> usize {
548
}
}
impl Watchable for TxRefund {
fn id(&self) -> Txid {
self.txid()
}
fn script(&self) -> Script {
self.watch_script.clone()
}
}
Reference in New Issue View Git Blame Copy Permalink