lightsparkdev · zhenlu · May 20, 2024 · May 20, 2024
diff --git a/Cargo.toml b/Cargo.toml
@@ -17,12 +17,12 @@ wasm-bindgen = "0.2.87"
 # all the `std::fmt` and `std::panicking` infrastructure, so isn't great for
 # code size when deploying.
 console_error_panic_hook = { version = "0.1.6", optional = true }
-bitcoin = "0.31.1"
+bitcoin = "0.32.0"
 bip39 = { "version" = "2.0.0", features = ["rand"]}
-ecies = { "version" = "0.2.6", default-features = false, features = ["pure"]}
+ecies = { "version" = "0.2.7", default-features = false, features = ["pure"]}
 lightspark-remote-signing = "=0.3.0"
-serde_json = "1.0.107"
-serde = "1.0.188"
+serde_json = "1.0.117"
+serde = "1.0.202"
 bitcoin-bech32 = "0.13.0"
 
 [features]

diff --git a/src/crypto.rs b/src/crypto.rs
@@ -3,7 +3,7 @@ use std::str::FromStr as _;
 use std::sync::Arc;
 
 use bitcoin::bip32::{DerivationPath, Xpub};
-use bitcoin::hashes::sha256;
+use bitcoin::hashes::{sha256, Hash};
 use bitcoin::secp256k1::ecdsa::Signature;
 use bitcoin::secp256k1::{Message, PublicKey, Scalar, Secp256k1, SecretKey};
 use bitcoin::{
@@ -18,7 +18,7 @@ use crate::signer::Network;
 #[derive(Clone, Copy, Debug)]
 pub enum CryptoError {
     Secp256k1Error(bitcoin::secp256k1::Error),
-    RustSecp256k1Error(ecies::SecpError),
+    RustSecp256k1Error,
     InvalidPublicKeyScriptError,
     KeyDerivationError,
     KeyTweakError,
@@ -44,7 +44,7 @@ impl fmt::Display for CryptoError {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         match self {
             Self::Secp256k1Error(err) => write!(f, "Secp256k1 error {}", err),
-            Self::RustSecp256k1Error(err) => write!(f, "Rust Secp256k1 error {}", err),
+            Self::RustSecp256k1Error => write!(f, "Rust Secp256k1 error"),
             Self::InvalidPublicKeyScriptError => write!(f, "Invalid public key script"),
             Self::KeyDerivationError => write!(f, "Key derivation error"),
             Self::KeyTweakError => write!(f, "Key tweak error"),
@@ -57,7 +57,8 @@ impl std::error::Error for CryptoError {}
 pub fn sign_ecdsa(msg: Vec<u8>, private_key_bytes: Vec<u8>) -> Result<Vec<u8>, CryptoError> {
     let secp = Secp256k1::new();
     let sk = SecretKey::from_slice(&private_key_bytes).map_err(CryptoError::Secp256k1Error)?;
-    let msg = Message::from_hashed_data::<sha256::Hash>(&msg);
+    let digest = sha256::Hash::hash(&msg);
+    let msg = Message::from_digest(digest.to_byte_array());
     let signature = secp.sign_ecdsa(&msg, &sk);
     Ok(signature.serialize_der().to_vec())
 }
@@ -69,21 +70,22 @@ pub fn verify_ecdsa(
 ) -> Result<bool, CryptoError> {
     let secp = Secp256k1::new();
     let pk = PublicKey::from_slice(&public_key_bytes).map_err(CryptoError::Secp256k1Error)?;
-    let msg = Message::from_hashed_data::<sha256::Hash>(&msg);
+    let digest = sha256::Hash::hash(&msg);
+    let msg = Message::from_digest(digest.to_byte_array());
     let sig = Signature::from_der(&signature_bytes).map_err(CryptoError::Secp256k1Error)?;
     let result = secp.verify_ecdsa(&msg, &sig, &pk).is_ok();
     Ok(result)
 }
 
 pub fn encrypt_ecies(msg: Vec<u8>, public_key_bytes: Vec<u8>) -> Result<Vec<u8>, CryptoError> {
-    encrypt(&public_key_bytes, &msg).map_err(CryptoError::RustSecp256k1Error)
+    encrypt(&public_key_bytes, &msg).map_err(|_| CryptoError::RustSecp256k1Error)
 }
 
 pub fn decrypt_ecies(
     cipher_text: Vec<u8>,
     private_key_bytes: Vec<u8>,
 ) -> Result<Vec<u8>, CryptoError> {
-    decrypt(&private_key_bytes, &cipher_text).map_err(CryptoError::RustSecp256k1Error)
+    decrypt(&private_key_bytes, &cipher_text).map_err(|_| CryptoError::RustSecp256k1Error)
 }
 
 pub fn generate_keypair() -> Result<Arc<KeyPair>, CryptoError> {

diff --git a/src/funds_recovery_kit.rs b/src/funds_recovery_kit.rs
@@ -1,15 +1,14 @@
 use std::fmt;
 
-use bitcoin::bip32;
 use bitcoin::consensus::encode;
 use bitcoin::hashes::hex::FromHex;
 use bitcoin::hashes::{sha512, Hash, HashEngine, Hmac, HmacEngine};
 use bitcoin::secp256k1::{Scalar, Secp256k1, SecretKey};
 use bitcoin::sighash;
 use bitcoin::sighash::EcdsaSighashType;
 use bitcoin::PrivateKey;
-use bitcoin::PublicKey;
 use bitcoin::Witness;
+use bitcoin::{bip32, CompressedPublicKey};
 use bitcoin::{Amount, Script, Transaction};
 use serde::{Deserialize, Serialize};
 use std::str::FromStr;
@@ -542,12 +541,10 @@ fn sign_counterparty_sweep_transaction(
         ))?
         .witness
         .to_vec();
-    let pubkey = PublicKey::from_slice(new_witness[1].as_slice()).map_err(|_| {
+    let pubkey = CompressedPublicKey::from_slice(new_witness[1].as_slice()).map_err(|_| {
         FundsRecoveryKitInternalError::from("Could not generate pubkey from witness")
     })?;
-    let script = bitcoin::Address::p2wpkh(&pubkey, network)
-        .unwrap()
-        .script_pubkey();
+    let script = bitcoin::Address::p2wpkh(&pubkey, network).script_pubkey();
     let sighash = sighash::SighashCache::new(transaction.clone())
         .p2wpkh_signature_hash(0, &script, amount, EcdsaSighashType::All)
         .map_err(|e| FundsRecoveryKitInternalError::from(e.to_string().as_str()))?;

diff --git a/src/signer.rs b/src/signer.rs
@@ -3,10 +3,9 @@ use std::str::FromStr;
 use std::sync::Arc;
 
 use bitcoin::bip32::{DerivationPath, Xpriv, Xpub};
-use bitcoin::hashes::{sha512, Hash, HashEngine, Hmac, HmacEngine};
+use bitcoin::hashes::{sha256, sha512, Hash, HashEngine, Hmac, HmacEngine};
 use bitcoin::secp256k1::ecdh::SharedSecret;
 use bitcoin::secp256k1::ecdsa::Signature;
-use bitcoin::secp256k1::hashes::sha256;
 use bitcoin::secp256k1::{Message, PublicKey, Scalar, Secp256k1, SecretKey};
 use rand_core::{OsRng, RngCore};
 use wasm_bindgen::prelude::*;
@@ -199,7 +198,8 @@ impl LightsparkSigner {
                 secp.sign_ecdsa(&msg, &signing_key)
             }
             false => {
-                let msg = Message::from_hashed_data::<sha256::Hash>(message.as_slice());
+                let digest = sha256::Hash::hash(&message);
+                let msg = Message::from_digest(digest.to_byte_array());
                 secp.sign_ecdsa(&msg, &signing_key)
             }
         };
@@ -375,7 +375,8 @@ impl LightsparkSigner {
         unsigned_invoice: String,
     ) -> Result<Arc<InvoiceSignature>, LightsparkSignerError> {
         let signing_key = self.node_private_key.private_key;
-        let msg = Message::from_hashed_data::<sha256::Hash>(unsigned_invoice.as_bytes());
+        let digest = sha256::Hash::hash(unsigned_invoice.as_bytes());
+        let msg = Message::from_digest(digest.to_byte_array());
         let secp = Secp256k1::new();
         let sig = secp
             .sign_ecdsa_recoverable(&msg, &signing_key)
@@ -413,7 +414,8 @@ impl LightsparkSigner {
         unsigned_invoice: String,
     ) -> Result<InvoiceSignature, LightsparkSignerError> {
         let signing_key = self.node_private_key.private_key;
-        let msg = Message::from_hashed_data::<sha256::Hash>(unsigned_invoice.as_bytes());
+        let digest = sha256::Hash::hash(unsigned_invoice.as_bytes());
+        let msg = Message::from_digest(*digest.as_byte_array());
         let secp = Secp256k1::new();
         let sig = secp
             .sign_ecdsa_recoverable(&msg, &signing_key)
@@ -504,7 +506,8 @@ mod tests {
             .derive_key_and_sign(message.to_vec(), "m".to_owned(), false, None, None)
             .unwrap();
         let signature = Signature::from_compact(signature_bytes.as_slice()).unwrap();
-        let msg = Message::from_hashed_data::<sha256::Hash>(message);
+        let digest = sha256::Hash::hash(message);
+        let msg = Message::from_digest(digest.to_byte_array());
         let secp = Secp256k1::new();
         assert!(secp
             .verify_ecdsa(&msg, &signature, &verification_key)