Allow to construct ShutdownScript from OP_RETURN script

tnull · tnull · commit dfcd328ec83b · 2025-06-16T11:32:54.000+02:00
We add a new `ShutdownScript::new_op_return` constructor and extend the
`is_bolt_compliant` check to enforce the new rules introduced by
`option_simple_close`.
diff --git a/lightning/src/ln/script.rs b/lightning/src/ln/script.rs
@@ -1,8 +1,9 @@
 //! Abstractions for scripts used in the Lightning Network.
 
+use bitcoin::blockdata::script::Instruction;
 use bitcoin::hashes::Hash;
-use bitcoin::opcodes::all::OP_PUSHBYTES_0 as SEGWIT_V0;
-use bitcoin::script::{Script, ScriptBuf};
+use bitcoin::opcodes::all::{OP_PUSHBYTES_0 as SEGWIT_V0, OP_RETURN};
+use bitcoin::script::{PushBytes, Script, ScriptBuf};
 use bitcoin::secp256k1::PublicKey;
 use bitcoin::{WPubkeyHash, WScriptHash, WitnessProgram};
 
@@ -75,6 +76,20 @@ impl ShutdownScript {
 		Self(ShutdownScriptImpl::Bolt2(ScriptBuf::new_p2wsh(script_hash)))
 	}
 
+	/// Generates an `OP_RETURN` script pubkey from the given `data` bytes.
+	///
+	/// This is only needed and valid for channels supporting `option_simple_close`. Please refer
+	/// to [BOLT-2] for more information.
+	///
+	/// Note this only supports creating a script with data of up to 76 bytes length via
+	/// [`PushBytes`].
+	///
+	/// [BOLT-2]: https://github.com/lightning/bolts/blob/master/02-peer-protocol.md#closing-negotiation-closing_complete-and-closing_sig
+	pub fn new_op_return<T: AsRef<PushBytes>>(data: T) -> Self {
+		let script = ScriptBuf::new_op_return(data);
+		Self(ShutdownScriptImpl::Bolt2(script))
+	}
+
 	/// Generates a witness script pubkey from the given segwit version and program.
 	///
 	/// Note for version-zero witness scripts you must use [`ShutdownScript::new_p2wpkh`] or
@@ -116,10 +131,48 @@ impl ShutdownScript {
 /// Check if a given script is compliant with BOLT 2's shutdown script requirements for the given
 /// counterparty features.
 pub(crate) fn is_bolt2_compliant(script: &Script, features: &InitFeatures) -> bool {
+	// BOLT2:
+	// 1. `OP_0` `20` 20-bytes (version 0 pay to witness pubkey hash), OR
+	// 2. `OP_0` `32` 32-bytes (version 0 pay to witness script hash), OR
 	if script.is_p2pkh() || script.is_p2sh() || script.is_p2wpkh() || script.is_p2wsh() {
 		true
-	} else if features.supports_shutdown_anysegwit() {
-		script.is_witness_program() && script.as_bytes()[0] != SEGWIT_V0.to_u8()
+	} else if features.supports_shutdown_anysegwit() && script.is_witness_program() {
+		// 3. if (and only if) `option_shutdown_anysegwit` is negotiated:
+		//    * `OP_1` through `OP_16` inclusive, followed by a single push of 2 to 40 bytes
+		//     (witness program versions 1 through 16)
+		script.as_bytes()[0] != SEGWIT_V0.to_u8()
+	} else if features.supports_simple_close() && script.is_op_return() {
+		// 4. if (and only if) `option_simple_close` is negotiated:
+		let mut instruction_iter = script.instructions();
+		if let Some(Ok(Instruction::Op(opcode))) = instruction_iter.next() {
+			// * `OP_RETURN` followed by one of:
+			if opcode != OP_RETURN {
+				return false;
+			}
+
+			match instruction_iter.next() {
+				Some(Ok(Instruction::PushBytes(bytes))) => {
+					// * `6` to `75` inclusive followed by exactly that many bytes
+					if (6..=75).contains(&bytes.len()) {
+						return instruction_iter.next().is_none();
+					}
+
+					// While `rust-bitcoin` doesn't allow to construct `PushBytes` from arrays
+					// longer than 75 bytes, itself curiously interprets `OP_PUSHDATA1` as
+					// `Instruction::PushBytes`, having us land here in this case, too.
+					//
+					// * `76` followed by `76` to `80` followed by exactly that many bytes
+					if (76..=80).contains(&bytes.len()) {
+						return instruction_iter.next().is_none();
+					}
+
+					false
+				},
+				_ => false,
+			}
+		} else {
+			false
+		}
 	} else {
 		false
 	}
@@ -142,7 +195,7 @@ impl TryFrom<(ScriptBuf, &InitFeatures)> for ShutdownScript {
 	type Error = InvalidShutdownScript;
 
 	fn try_from((script, features): (ScriptBuf, &InitFeatures)) -> Result<Self, Self::Error> {
-		if is_bolt2_compliant(&script, features) && script.is_witness_program() {
+		if is_bolt2_compliant(&script, features) {
 			Ok(Self(ShutdownScriptImpl::Bolt2(script)))
 		} else {
 			Err(InvalidShutdownScript { script })
@@ -210,6 +263,13 @@ mod shutdown_script_tests {
 		features
 	}
 
+	#[cfg(simple_close)]
+	fn simple_close_features() -> InitFeatures {
+		let mut features = InitFeatures::empty();
+		features.set_simple_close_optional();
+		features
+	}
+
 	#[test]
 	fn generates_p2wpkh_from_pubkey() {
 		let pubkey = pubkey();
@@ -246,6 +306,29 @@ mod shutdown_script_tests {
 		assert!(ShutdownScript::try_from(p2wsh_script).is_ok());
 	}
 
+	#[cfg(simple_close)]
+	#[test]
+	fn generates_op_return_from_data() {
+		let data = [6; 6];
+		let op_return_script = ScriptBuf::new_op_return(&data);
+		let shutdown_script = ShutdownScript::new_op_return(&data);
+		assert!(shutdown_script.is_compatible(&simple_close_features()));
+		assert!(!shutdown_script.is_compatible(&InitFeatures::empty()));
+		assert_eq!(shutdown_script.into_inner(), op_return_script);
+		assert!(ShutdownScript::try_from(op_return_script).is_ok());
+
+		let mut pushdata_vec = Builder::new()
+			.push_opcode(opcodes::all::OP_RETURN)
+			.push_opcode(opcodes::all::OP_PUSHDATA1)
+			.into_bytes();
+		pushdata_vec.push(80);
+		pushdata_vec.extend_from_slice(&[1u8; 80]);
+		let pushdata_script = ScriptBuf::from_bytes(pushdata_vec);
+		let pushdata_shutdown_script = ShutdownScript::try_from(pushdata_script).unwrap();
+		assert!(pushdata_shutdown_script.is_compatible(&simple_close_features()));
+		assert!(!pushdata_shutdown_script.is_compatible(&InitFeatures::empty()));
+	}
+
 	#[test]
 	fn generates_segwit_from_non_v0_witness_program() {
 		let witness_program = WitnessProgram::new(WitnessVersion::V16, &[0; 40]).unwrap();
@@ -258,7 +341,21 @@ mod shutdown_script_tests {
 
 	#[test]
 	fn fails_from_unsupported_script() {
-		let op_return = ScriptBuf::new_op_return(&[0; 42]);
+		// For `option_simple_close` we assert we fail when:
+		//
+		// - The first byte of the OP_RETURN data (interpreted as u8 int) is not equal to the
+		// remaining number of bytes (i.e., `[5; 6]` would succeed here).
+		let op_return = ScriptBuf::new_op_return(&[5; 5]);
 		assert!(ShutdownScript::try_from(op_return).is_err());
+
+		// - The OP_RETURN data will fail if it's longer than 80 bytes.
+		let mut pushdata_vec = Builder::new()
+			.push_opcode(opcodes::all::OP_RETURN)
+			.push_opcode(opcodes::all::OP_PUSHDATA1)
+			.into_bytes();
+		pushdata_vec.push(81);
+		pushdata_vec.extend_from_slice(&[1u8; 81]);
+		let pushdata_script = ScriptBuf::from_bytes(pushdata_vec);
+		assert!(ShutdownScript::try_from(pushdata_script).is_err());
 	}
 }
