From 26ca0186a8214de6b4816eff2efd811035e6b312 Mon Sep 17 00:00:00 2001
From: Alec Chen <30279834+alecchendev@users.noreply.github.com>
Date: Mon, 16 Dec 2024 15:45:29 -0600
Subject: [PATCH] [remotesigning] Don't recognize L1 wallet signing job as PSBT
 (#144)

When we added L1 wallet signing job validation, we forgot to update how
we recognize whether a signing job is for a force close claim or not.
This would mean some L1 wallet signing jobs would fail because we'd try
to calculate the sighash as if it were a PSBT, which it's not. This is
fixed here by checking the end of the derivation *plus* that it's not an
L1 wallet signing job.
---
 remotesigning/validator.go | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/remotesigning/validator.go b/remotesigning/validator.go
index 6aa2e66..f9429fb 100644
--- a/remotesigning/validator.go
+++ b/remotesigning/validator.go
@@ -36,6 +36,16 @@ func (v MultiValidator) ShouldSign(webhookEvent webhooks.WebhookEvent) bool {
 	return true
 }
 
+func isL1WalletSigningJob(job SigningJob) bool {
+	return strings.HasPrefix(job.DerivationPath, "m/84")
+}
+
+func isForceClosureClaimSigningJob(job SigningJob) bool {
+	return !isL1WalletSigningJob(job) &&
+		(strings.HasSuffix(job.DerivationPath, "/2") ||
+		strings.HasSuffix(job.DerivationPath, "/3"))
+}
+
 type HashValidator struct{}
 
 func (v HashValidator) ShouldSign(webhookEvent webhooks.WebhookEvent) bool {
@@ -53,7 +63,7 @@ func (v HashValidator) ShouldSign(webhookEvent webhooks.WebhookEvent) bool {
 }
 
 func ValidateWitnessHash(signing *SigningJob) bool {
-	if strings.HasSuffix(signing.DerivationPath, "/2") || strings.HasSuffix(signing.DerivationPath, "/3") {
+	if isForceClosureClaimSigningJob(*signing) {
 		msg, err := CalculateWitnessHashPSBT(*signing.Transaction)
 		if err != nil {
 			return false
@@ -92,7 +102,7 @@ func (v DestinationValidator) ShouldSign(webhookEvent webhooks.WebhookEvent) boo
 		return true
 	}
 	for _, signing := range request.SigningJobs {
-		if strings.HasPrefix(signing.DerivationPath, "m/84") {
+		if isL1WalletSigningJob(signing) {
 			publicKey, err := DerivePublicKey(v.masterSeed, signing.DerivationPath, &chaincfg.MainNetParams)
 			if err != nil {
 				return false