From a668141966f2a4a0c0106cc85639aac2f4995c02 Mon Sep 17 00:00:00 2001 From: Oliver Gugger Date: Thu, 31 Jul 2025 15:48:18 +0200 Subject: [PATCH 1/4] itest+make: add lnd remote signing mode This commit adds a new flag to the integration test suite that starts the single lnd node (alice) either in normal or in remote-signing mode. In remote-signing mode, alice is actually a watch-only node that is connected to a seconardy signer node over RPC. --- itest/test_harness.go | 61 +++++++++++++++++++++++++++++++++++++++---- make/testing_flags.mk | 5 ++++ 2 files changed, 61 insertions(+), 5 deletions(-) diff --git a/itest/test_harness.go b/itest/test_harness.go index 9e5559a5f..0c6d3262d 100644 --- a/itest/test_harness.go +++ b/itest/test_harness.go @@ -18,6 +18,8 @@ import ( "github.com/lightninglabs/taproot-assets/taprpc" unirpc "github.com/lightninglabs/taproot-assets/taprpc/universerpc" "github.com/lightningnetwork/lnd/build" + "github.com/lightningnetwork/lnd/lnrpc" + "github.com/lightningnetwork/lnd/lnrpc/walletrpc" "github.com/lightningnetwork/lnd/lntest" "github.com/lightningnetwork/lnd/lntest/node" "github.com/lightningnetwork/lnd/lntest/port" @@ -40,13 +42,24 @@ var ( // noDelete is a command line flag for disabling deleting the tapd // data directories. - noDelete = flag.Bool("nodelete", false, "Set to true to keep all "+ - "tapd data directories after completing the tests") + noDelete = flag.Bool( + "nodelete", false, "Set to true to keep all tapd data "+ + "directories after completing the tests", + ) // logLevel is a command line flag for setting the log level of the // integration test output. - logLevel = flag.String("loglevel", "info", "Set the log level of the "+ - "integration test output") + logLevel = flag.String( + "loglevel", "info", "Set the log level of the integration "+ + "test output", + ) + + // lndRemoteSigner is a command line flag that indicates whether the + // lnd instances should be set up to use a remote signer. + lndRemoteSigner = flag.Bool( + "lndremotesigner", false, "if true, the lnd instances will "+ + "be set up to use a remote signer", + ) ) const ( @@ -303,7 +316,45 @@ func setupHarnesses(t *testing.T, ht *harnessTest, proofCourier = universeServer } - alice := lndHarness.NewNodeWithCoins("Alice", nil) + var alice *node.HarnessNode + if *lndRemoteSigner { + signer := lndHarness.NewNode("Signer", nil) + + rpcAccts := signer.RPC.ListAccounts( + &walletrpc.ListAccountsRequest{}, + ) + + watchOnlyAccounts, err := walletrpc.AccountsToWatchOnly( + rpcAccts.Accounts, + ) + require.NoError(t, err) + alice = lndHarness.NewNodeRemoteSigner( + "WatchOnly", []string{ + "--remotesigner.enable", + fmt.Sprintf( + "--remotesigner.rpchost=localhost:%d", + signer.Cfg.RPCPort, + ), + fmt.Sprintf( + "--remotesigner.tlscertpath=%s", + signer.Cfg.TLSCertPath, + ), + fmt.Sprintf( + "--remotesigner.macaroonpath=%s", + signer.Cfg.AdminMacPath, + ), + }, + []byte("itestpassword"), &lnrpc.WatchOnly{ + MasterKeyBirthdayTimestamp: 0, + MasterKeyFingerprint: nil, + Accounts: watchOnlyAccounts, + }, + ) + + lndHarness.FundNumCoins(alice, 5) + } else { + alice = lndHarness.NewNodeWithCoins("Alice", nil) + } // Create a tapd that uses Alice and connect it to the universe server. tapdHarness := setupTapdHarness( diff --git a/make/testing_flags.mk b/make/testing_flags.mk index 546f63e97..6d6e76a27 100644 --- a/make/testing_flags.mk +++ b/make/testing_flags.mk @@ -62,6 +62,11 @@ ifneq ($(nodelete),) ITEST_FLAGS += -nodelete endif +# Run the lnd node in remote signing mode. +ifneq ($(remote-signing),) +ITEST_FLAGS += -lndremotesigner +endif + # Run the optional tests. ifneq ($(optional),) ITEST_FLAGS += -optional -postgrestimeout=240m From 75c999f3994691004a92072c010e448eef6d2293 Mon Sep 17 00:00:00 2001 From: Oliver Gugger Date: Thu, 31 Jul 2025 15:53:11 +0200 Subject: [PATCH 2/4] GitHub: run itests in lnd remote signing mode To make sure `tapd` works when the connected `lnd` node is running in remote-signing mode, we add a new CI target that runs all integration tests in that mode. --- .github/workflows/main.yaml | 43 +++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 538524d81..e5c6b8384 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -316,6 +316,49 @@ jobs: format: 'golang' parallel: true + ######################## + # run integration tests with lnd remote-signer + ######################## + integration-test-lnd-remote-signer: + name: run itests with lnd remote-signer + runs-on: ubuntu-latest + steps: + - name: cleanup space + run: rm -rf /opt/hostedtoolcache + + - name: git checkout + uses: actions/checkout@v4 + + - name: Setup go ${{ env.GO_VERSION }} + uses: actions/setup-go@v5 + with: + go-version: '${{ env.GO_VERSION }}' + + - name: run itest + run: make itest-parallel remote-signing=1 + + - name: Zip log files on failure + if: ${{ failure() }} + run: 7z a logs-itest-lnd-remotesigner.zip itest/**/*.log + + - name: Upload log files on failure + uses: actions/upload-artifact@v4 + if: ${{ failure() }} + with: + name: logs-itest-lnd-remotesigner + path: logs-itest-lnd-remotesigner.zip + retention-days: 5 + + - name: Send coverage + uses: coverallsapp/github-action@v2 + if: ${{ success() }} + continue-on-error: true + with: + file: itest/coverage.txt + flag-name: 'itest' + format: 'golang' + parallel: true + ######################## # run integration tests with Postgres backend ######################## From 9eb6a5ed5ac6bf13ce39a747607f3452cb5239b7 Mon Sep 17 00:00:00 2001 From: Oliver Gugger Date: Mon, 4 Aug 2025 14:10:36 +0200 Subject: [PATCH 3/4] mod+itest: bump lnd, fix itests in remote-signing mode --- go.mod | 4 ++-- go.sum | 8 ++++---- itest/mint_fund_seal_test.go | 4 ++-- itest/multisig.go | 9 +++++++++ itest/psbt_test.go | 4 ++-- 5 files changed, 19 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index 40be67915..9657a51c7 100644 --- a/go.mod +++ b/go.mod @@ -27,10 +27,10 @@ require ( github.com/lib/pq v1.10.9 github.com/lightninglabs/aperture v0.3.13-beta github.com/lightninglabs/lightning-node-connect/hashmailrpc v1.0.3 - github.com/lightninglabs/lndclient v0.19.0-9 + github.com/lightninglabs/lndclient v0.19.0-11 github.com/lightninglabs/neutrino/cache v1.1.2 github.com/lightninglabs/taproot-assets/taprpc v1.0.9 - github.com/lightningnetwork/lnd v0.19.3-beta.rc1.0.20250812194315-c3226e8c2223 + github.com/lightningnetwork/lnd v0.19.3-beta github.com/lightningnetwork/lnd/cert v1.2.2 github.com/lightningnetwork/lnd/clock v1.1.1 github.com/lightningnetwork/lnd/fn/v2 v2.0.8 diff --git a/go.sum b/go.sum index 9b566bedc..e8794e7ef 100644 --- a/go.sum +++ b/go.sum @@ -1140,8 +1140,8 @@ github.com/lightninglabs/lightning-node-connect/hashmailrpc v1.0.3 h1:NuDp6Z+QNM github.com/lightninglabs/lightning-node-connect/hashmailrpc v1.0.3/go.mod h1:bDnEKRN1u13NFBuy/C+bFLhxA5bfd3clT25y76QY0AM= github.com/lightninglabs/lightning-node-connect/mailbox v1.0.1 h1:RWmohykp3n/DTMWY8b18RNTEcLDf+KT/AZHKYdOObkM= github.com/lightninglabs/lightning-node-connect/mailbox v1.0.1/go.mod h1:NYtNexZE9gO1eOeegTxmIW9fqanl7eZ9cOrE9yewSAk= -github.com/lightninglabs/lndclient v0.19.0-9 h1:ell27omDoks79upoAsO/7QY40O93ud4tAtBXXZilqok= -github.com/lightninglabs/lndclient v0.19.0-9/go.mod h1:35d50tEMFxlJlKTZGYA6EdOllPsbxS4FUmEVbETUx+Q= +github.com/lightninglabs/lndclient v0.19.0-11 h1:/WwowlNff19lb7DXzq3c6L4nRMvwBZjbjLOy1/u4a5Y= +github.com/lightninglabs/lndclient v0.19.0-11/go.mod h1:cicoJY1AwZuRVXGD8Knp50TRT7TGBmw1k37uPQsGQiw= github.com/lightninglabs/migrate/v4 v4.18.2-9023d66a-fork-pr-2 h1:eFjp1dIB2BhhQp/THKrjLdlYuPugO9UU4kDqu91OX/Q= github.com/lightninglabs/migrate/v4 v4.18.2-9023d66a-fork-pr-2/go.mod h1:99BKpIi6ruaaXRM1A77eqZ+FWPQ3cfRa+ZVy5bmWMaY= github.com/lightninglabs/neutrino v0.16.1 h1:5Kz4ToxncEVkpKC6fwUjXKtFKJhuxlG3sBB3MdJTJjs= @@ -1152,8 +1152,8 @@ github.com/lightninglabs/protobuf-go-hex-display v1.34.2-hex-display h1:w7FM5LH9 github.com/lightninglabs/protobuf-go-hex-display v1.34.2-hex-display/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= github.com/lightningnetwork/lightning-onion v1.2.1-0.20240712235311-98bd56499dfb h1:yfM05S8DXKhuCBp5qSMZdtSwvJ+GFzl94KbXMNB1JDY= github.com/lightningnetwork/lightning-onion v1.2.1-0.20240712235311-98bd56499dfb/go.mod h1:c0kvRShutpj3l6B9WtTsNTBUtjSmjZXbJd9ZBRQOSKI= -github.com/lightningnetwork/lnd v0.19.3-beta.rc1.0.20250812194315-c3226e8c2223 h1:CBN1ju+LQL+jTfneGabUTFoHYuAnFeHv3j5+09wtOCo= -github.com/lightningnetwork/lnd v0.19.3-beta.rc1.0.20250812194315-c3226e8c2223/go.mod h1:MNRzea8Yrgk+ohyUhK7JSpoigE4T9JgerMQQUxMbl9I= +github.com/lightningnetwork/lnd v0.19.3-beta h1:sBOIn+0ZIkvEJh05VPJRSOOhWbJn2EoGtyUAaq/Fgk8= +github.com/lightningnetwork/lnd v0.19.3-beta/go.mod h1:MNRzea8Yrgk+ohyUhK7JSpoigE4T9JgerMQQUxMbl9I= github.com/lightningnetwork/lnd/cert v1.2.2 h1:71YK6hogeJtxSxw2teq3eGeuy4rHGKcFf0d0Uy4qBjI= github.com/lightningnetwork/lnd/cert v1.2.2/go.mod h1:jQmFn/Ez4zhDgq2hnYSw8r35bqGVxViXhX6Cd7HXM6U= github.com/lightningnetwork/lnd/clock v1.1.1 h1:OfR3/zcJd2RhH0RU+zX/77c0ZiOnIMsDIBjgjWdZgA0= diff --git a/itest/mint_fund_seal_test.go b/itest/mint_fund_seal_test.go index c850a5cff..54414d9e2 100644 --- a/itest/mint_fund_seal_test.go +++ b/itest/mint_fund_seal_test.go @@ -597,7 +597,7 @@ func deriveRandomKey(t *testing.T, ctxt context.Context, keyRing *lndservices.LndRpcKeyRing) keychain.KeyDescriptor { var ( - randFam = test.RandInt31n(math.MaxInt32) + randFam = test.RandInt31n(math.MaxInt8) randInd = test.RandInt31n(255) desc keychain.KeyDescriptor err error @@ -605,7 +605,7 @@ func deriveRandomKey(t *testing.T, ctxt context.Context, // Ensure that we use a different key family from tapd. for randFam == asset.TaprootAssetsKeyFamily { - randFam = test.RandInt31n(math.MaxInt32) + randFam = test.RandInt31n(math.MaxInt8) } desc, err = keyRing.DeriveNextKey( diff --git a/itest/multisig.go b/itest/multisig.go index 28aa64c72..18f716d88 100644 --- a/itest/multisig.go +++ b/itest/multisig.go @@ -489,6 +489,15 @@ func FinalizePacket(t *testing.T, lnd *rpc.HarnessRPC, return signedPacket } +// FinalizeFullySigned is a helper function that finalizes a PSBT packet +// that is already fully signed. It will return the finalized packet. +func FinalizeFullySigned(t *testing.T, pkt *psbt.Packet) *psbt.Packet { + err := psbt.MaybeFinalizeAll(pkt) + require.NoError(t, err) + + return pkt +} + // PublishAndLogTransferOption defines a functional option for // PublishAndLogTransfer. type PublishAndLogTransferOption func(*publishAndLogTransferOptions) diff --git a/itest/psbt_test.go b/itest/psbt_test.go index 5c4935fd6..ea645dce5 100644 --- a/itest/psbt_test.go +++ b/itest/psbt_test.go @@ -1149,7 +1149,7 @@ func testPsbtInteractiveAltLeafAnchoring(t *harnessTest) { require.NoError(t.t, err) commitPacket = signPacket(t.t, senderLnd, commitPacket) - commitPacket = FinalizePacket(t.t, senderLnd.RPC, commitPacket) + commitPacket = FinalizeFullySigned(t.t, commitPacket) publishResp := PublishAndLogTransfer( t.t, sender, commitPacket, []*tappsbt.VPacket{activePacket}, []*tappsbt.VPacket{passivePacket}, commitResp, @@ -2795,7 +2795,7 @@ func testPsbtExternalCommit(t *harnessTest) { t.Logf("Committed transaction: %v", toJSON(t.t, commitResp)) btcPacket = signPacket(t.t, aliceLnd, btcPacket) - btcPacket = FinalizePacket(t.t, aliceLnd.RPC, btcPacket) + btcPacket = FinalizeFullySigned(t.t, btcPacket) transferLabel := "itest-psbt-external-commit" From 1e2cb4a6c295963d2e7aa5702dae2e61839272a0 Mon Sep 17 00:00:00 2001 From: Oliver Gugger Date: Thu, 7 Aug 2025 09:29:52 +0200 Subject: [PATCH 4/4] docs: add release notes --- docs/release-notes/release-notes-0.7.0.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/docs/release-notes/release-notes-0.7.0.md b/docs/release-notes/release-notes-0.7.0.md index 17578b0ed..d0cbad5d2 100644 --- a/docs/release-notes/release-notes-0.7.0.md +++ b/docs/release-notes/release-notes-0.7.0.md @@ -100,6 +100,12 @@ controls whether the peer's identity public key is sent to the local price oracle when querying asset price rates. +- A [bug in `btcwallet` and `lnd` was fixed that prevented `tapd` from running + properly when connected to an `lnd` node that is running in remote-signing + mode](https://github.com/lightninglabs/taproot-assets/pull/1694). A new + integration test suite now asserts that `tapd` fully supports remote-signing + `lnd` backends. + ## RPC Additions - The [price oracle RPC calls now have an intent, optional peer ID and metadata @@ -119,12 +125,15 @@ when requesting quotes. The field can contain optional user or authentication information that helps the price oracle to decide on the optimal price rate to return. + - [Rename](https://github.com/lightninglabs/taproot-assets/pull/1682) the `MintAsset` RPC message field from `universe_commitments` to `enable_supply_commitments`. + - The `SubscribeSendEvents` RPC now supports [historical event replay of completed sends with efficient database-level filtering](https://github.com/lightninglabs/taproot-assets/pull/1685). + - [Add universe RPC endpoint FetchSupplyLeaves](https://github.com/lightninglabs/taproot-assets/pull/1693) that allows users to fetch the supply leaves of a universe supply commitment. This is useful for verification. @@ -175,7 +184,9 @@ the default "all script key types" [to the value `bip86`](https://github.com/lightninglabs/taproot-assets/pull/1690) to match the default value of the RPC interface. -- [Add universe supply commit subcommand fetchleaves](https://github.com/lightninglabs/taproot-assets/pull/1693) + +- [Add universe supply commit subcommand + `fetchleaves`](https://github.com/lightninglabs/taproot-assets/pull/1693) that allows users to fetch the supply leaves of a universe supply commitment. This is useful for verification.