funding proof signature fix

cashubtc · Jul 29, 2024 · 4ce0b7b · 4ce0b7b
1 parent ff125d6
commit 4ce0b7b
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 7 deletions.
diff --git a/cashu/core/crypto/dlc.py b/cashu/core/crypto/dlc.py
@@ -62,10 +62,31 @@ def merkle_verify(root: bytes, leaf_hash: bytes, proof: List[bytes]) -> bool:
 def list_hash(leaves: List[str]) -> List[bytes]:
     return [sha256(leaf.encode()).digest() for leaf in leaves]
 
-def sign_dlc(dlc_root: str, privkey: PrivateKey) -> bytes:
-    dlc_root_hash = sha256(bytes.fromhex(dlc_root)).digest()
-    return privkey.schnorr_sign(dlc_root_hash, None, raw=True)
+def sign_dlc(
+    dlc_root: str,
+    funding_amount: int,
+    fa_unit: str,
+    privkey: PrivateKey,
+) -> bytes:
+    message = (
+        bytes.fromhex(dlc_root)
+        +str(funding_amount).encode("utf-8")
+        +fa_unit.encode("utf-8")
+    )
+    message_hash = sha256(message).digest()
+    return privkey.schnorr_sign(message_hash, None, raw=True)
 
-def verify_dlc_signature(dlc_root: str, signature: bytes, pubkey: PublicKey) -> bool:
-    dlc_root_hash = sha256(bytes.fromhex(dlc_root)).digest()
-    return pubkey.schnorr_verify(dlc_root_hash, signature, None, raw=True)
+def verify_dlc_signature(
+    dlc_root: str,
+    funding_amount: int,
+    fa_unit: str,
+    signature: bytes,
+    pubkey: PublicKey,
+) -> bool:
+    message = (
+        bytes.fromhex(dlc_root)
+        +str(funding_amount).encode("utf-8")
+        +fa_unit.encode("utf-8")
+    )
+    message_hash = sha256(message).digest()
+    return pubkey.schnorr_verify(message_hash, signature, None, raw=True)
diff --git a/cashu/mint/ledger.py b/cashu/mint/ledger.py
@@ -1113,7 +1113,12 @@ async def register_dlc(self, request: PostDlcRegistrationRequest):
                 # At this point we can put this dlc into the funded list and create a signature for it
                 # We use the funding proof private key
                 '''
-                signature = dlc.sign_dlc(registration.dlc_root, self.funding_proof_private_key)
+                signature = sign_dlc(
+                        registration.dlc_root,
+                        registration.funding_amount,
+                        registration.unit,
+                        self.funding_proof_private_key
+                    )
                 funding_proof = DlcFundingProof(
                     dlc_root=registration.dlc_root,
                     signature=signature.hex()