From 763d774a6d66b4f7e47abf4ab654ddea7a700ef5 Mon Sep 17 00:00:00 2001 From: Olaoluwa Osuntokun Date: Sun, 2 Jul 2023 21:11:25 -0400 Subject: [PATCH] lnwallet: return structured error from VerifyCommitSig --- lnwallet/musig_session.go | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/lnwallet/musig_session.go b/lnwallet/musig_session.go index afa62ee8fd..9ddc12ab2e 100644 --- a/lnwallet/musig_session.go +++ b/lnwallet/musig_session.go @@ -408,6 +408,23 @@ func WithLocalCounterNonce(targetHeight uint64, } } +// invalidPartialSigError is used to return additional debug information to a +// caller that encounters an invalid partial sig. +type invalidPartialSigError struct { + partialSig []byte + sigHash []byte + signingNonce [musig2.PubNonceSize]byte + verificationNonce [musig2.PubNonceSize]byte +} + +// Error returns the error string for the partial sig error. +func (i invalidPartialSigError) Error() string { + return fmt.Sprintf("invalid partial sig: partial_sig=%x, "+ + "sig_hash=%x, signing_nonce=%x, verification_nonce=%x", + i.partialSig, i.sigHash, i.signingNonce[:], + i.verificationNonce[:]) +} + // VerifyCommitSig attempts to verify the passed partial signature against the // passed commitment transaction. A keyspend sighash is assumed to generate the // signed message. As we never re-use nonces, a new verification nonce (our @@ -450,8 +467,17 @@ func (m *MusigSession) VerifyCommitSig(commitTx *wire.MsgTx, walletLog.Infof("Verifying new musig2 sig for session=%x, nonce=%s", m.session.SessionID[:], m.nonces.String()) + if partialSig == nil { + return nil, fmt.Errorf("partial sig not set") + } + if !partialSig.Verify(sigHash, m.remoteKey.PubKey) { - return nil, fmt.Errorf("invalid partial commit sig") + return nil, &invalidPartialSigError{ + partialSig: partialSig.Serialize(), + sigHash: sigHash, + verificationNonce: m.nonces.VerificationNonce.PubNonce, + signingNonce: m.nonces.SigningNonce.PubNonce, + } } nonceOpts := []musig2.NonceGenOption{