Copyright	(c) 2025 Jared Tobin
License	MIT
Maintainer	Jared Tobin <jared@ppad.tech>
Safe Haskell	None
Language	Haskell2010

Lightning.Protocol.BOLT3.Scripts

Contents

Funding output
to_local output
to_remote output
Anchor outputs
Offered HTLC output
Received HTLC output
HTLC-timeout/success output (same as to_local)
P2WSH helpers

Description

Script templates for BOLT #3 transaction outputs.

Includes witness scripts for:

Funding output (2-of-2 multisig)
to_local output (revocable with CSV delay)
to_remote output (P2WPKH or anchored)
Anchor outputs
Offered HTLC outputs
Received HTLC outputs
HTLC-timeout/success output (revocable with delay)

Synopsis

funding_script :: FundingPubkey -> FundingPubkey -> Script
funding_witness :: ByteString -> ByteString -> Witness
to_local_script :: RevocationPubkey -> ToSelfDelay -> LocalDelayedPubkey -> Script
to_local_witness_spend :: ByteString -> Witness
to_local_witness_revoke :: ByteString -> Witness
to_remote_script :: RemotePubkey -> ChannelFeatures -> Script
to_remote_witness :: ByteString -> RemotePubkey -> ChannelFeatures -> Witness
anchor_script :: FundingPubkey -> Script
anchor_witness_owner :: ByteString -> Witness
anchor_witness_anyone :: Witness
offered_htlc_script :: RevocationPubkey -> RemoteHtlcPubkey -> LocalHtlcPubkey -> PaymentHash -> ChannelFeatures -> Script
offered_htlc_witness_preimage :: ByteString -> PaymentPreimage -> Witness
offered_htlc_witness_revoke :: ByteString -> Pubkey -> Witness
received_htlc_script :: RevocationPubkey -> RemoteHtlcPubkey -> LocalHtlcPubkey -> PaymentHash -> CltvExpiry -> ChannelFeatures -> Script
received_htlc_witness_timeout :: ByteString -> Witness
received_htlc_witness_revoke :: ByteString -> Pubkey -> Witness
htlc_output_script :: RevocationPubkey -> ToSelfDelay -> LocalDelayedPubkey -> Script
htlc_output_witness_spend :: ByteString -> Witness
htlc_output_witness_revoke :: ByteString -> Witness
to_p2wsh :: Script -> Script
witness_script_hash :: Script -> ByteString

Funding output

funding_script :: FundingPubkey -> FundingPubkey -> Script Source #

Funding output witness script (2-of-2 multisig).

Script: 2 pubkey1 pubkey2 2 OP_CHECKMULTISIG

Where pubkey1 is lexicographically lesser.

>>> funding_script pk1 pk2
Script "R!<pk_lesser>!<pk_greater>R\xae"

funding_witness :: ByteString -> ByteString -> Witness Source #

Witness for spending funding output.

Witness: 0 sig1 sig2

Signatures ordered to match pubkey order in script.

>>> funding_witness sig1 sig2
Witness ["", sig1, sig2]

to_local output

to_local_script :: RevocationPubkey -> ToSelfDelay -> LocalDelayedPubkey -> Script Source #

to_local witness script (revocable with CSV delay).

Script:

OP_IF
    revocationpubkey
OP_ELSE
    to_self_delay
    OP_CHECKSEQUENCEVERIFY
    OP_DROP
    local_delayedpubkey
OP_ENDIF
OP_CHECKSIG

>>> to_local_script revpk delay localpk
Script "c!<revpk>g<delay>\xb2u!<localpk>h\xac"

to_local_witness_spend :: ByteString -> Witness Source #

Witness for delayed spend of to_local output.

Input nSequence must be set to to_self_delay.

Witness: local_delayedsig <>

>>> to_local_witness_spend sig
Witness [sig, ""]

to_local_witness_revoke :: ByteString -> Witness Source #

Witness for revocation spend of to_local output.

Witness: revocation_sig 1

>>> to_local_witness_revoke sig
Witness [sig, "\x01"]

to_remote output

to_remote_script :: RemotePubkey -> ChannelFeatures -> Script Source #

to_remote witness script.

With option_anchors:

remotepubkey OP_CHECKSIGVERIFY 1 OP_CHECKSEQUENCEVERIFY

Without option_anchors: P2WPKH (just the pubkey hash).

>>> to_remote_script pk (ChannelFeatures True)
Script "!<pk>\xadQ\xb2"

to_remote_witness :: ByteString -> RemotePubkey -> ChannelFeatures -> Witness Source #

Witness for spending to_remote output.

With option_anchors (P2WSH), input nSequence must be 1. Witness: remote_sig (witness script appended by caller)

Without option_anchors (P2WPKH): Witness: remote_sig remotepubkey

>>> to_remote_witness sig pk (ChannelFeatures False)
Witness [sig, pk]

Anchor outputs

anchor_script :: FundingPubkey -> Script Source #

Anchor output witness script.

Script:

funding_pubkey OP_CHECKSIG OP_IFDUP
OP_NOTIF
    OP_16 OP_CHECKSEQUENCEVERIFY
OP_ENDIF

>>> anchor_script fundpk
Script "!<fundpk>\xac\x73d`\xb2h"

anchor_witness_owner :: ByteString -> Witness Source #

Witness for owner to spend anchor output.

Witness: sig

>>> anchor_witness_owner sig
Witness [sig]

anchor_witness_anyone :: Witness Source #

Witness for anyone to sweep anchor output after 16 blocks.

Witness: <>

>>> anchor_witness_anyone
Witness [""]

Offered HTLC output

offered_htlc_script :: RevocationPubkey -> RemoteHtlcPubkey -> LocalHtlcPubkey -> PaymentHash -> ChannelFeatures -> Script Source #

Offered HTLC witness script.

Without option_anchors:

OP_DUP OP_HASH160 RIPEMD160(SHA256(revocationpubkey)) OP_EQUAL
OP_IF
    OP_CHECKSIG
OP_ELSE
    remote_htlcpubkey OP_SWAP OP_SIZE 32 OP_EQUAL
    OP_NOTIF
        OP_DROP 2 OP_SWAP local_htlcpubkey 2 OP_CHECKMULTISIG
    OP_ELSE
        OP_HASH160 RIPEMD160(payment_hash) OP_EQUALVERIFY
        OP_CHECKSIG
    OP_ENDIF
OP_ENDIF

With option_anchors, adds 1 OP_CHECKSEQUENCEVERIFY OP_DROP before final OP_ENDIF.

offered_htlc_witness_preimage :: ByteString -> PaymentPreimage -> Witness Source #

Witness for remote node to claim offered HTLC with preimage.

With option_anchors, input nSequence must be 1.

Witness: remotehtlcsig payment_preimage

>>> offered_htlc_witness_preimage sig preimage
Witness [sig, preimage]

offered_htlc_witness_revoke :: ByteString -> Pubkey -> Witness Source #

Witness for revocation spend of offered HTLC.

Witness: revocation_sig revocationpubkey

>>> offered_htlc_witness_revoke sig revpk
Witness [sig, revpk]

Received HTLC output

received_htlc_script :: RevocationPubkey -> RemoteHtlcPubkey -> LocalHtlcPubkey -> PaymentHash -> CltvExpiry -> ChannelFeatures -> Script Source #

Received HTLC witness script.

Without option_anchors:

OP_DUP OP_HASH160 RIPEMD160(SHA256(revocationpubkey)) OP_EQUAL
OP_IF
    OP_CHECKSIG
OP_ELSE
    remote_htlcpubkey OP_SWAP OP_SIZE 32 OP_EQUAL
    OP_IF
        OP_HASH160 RIPEMD160(payment_hash) OP_EQUALVERIFY
        2 OP_SWAP local_htlcpubkey 2 OP_CHECKMULTISIG
    OP_ELSE
        OP_DROP cltv_expiry OP_CHECKLOCKTIMEVERIFY OP_DROP
        OP_CHECKSIG
    OP_ENDIF
OP_ENDIF

With option_anchors, adds 1 OP_CHECKSEQUENCEVERIFY OP_DROP before final OP_ENDIF.

received_htlc_witness_timeout :: ByteString -> Witness Source #

Witness for remote node to timeout received HTLC.

With option_anchors, input nSequence must be 1.

Witness: remotehtlcsig <>

>>> received_htlc_witness_timeout sig
Witness [sig, ""]

received_htlc_witness_revoke :: ByteString -> Pubkey -> Witness Source #

Witness for revocation spend of received HTLC.

Witness: revocation_sig revocationpubkey

>>> received_htlc_witness_revoke sig revpk
Witness [sig, revpk]

HTLC-timeout/success output (same as to_local)

htlc_output_script :: RevocationPubkey -> ToSelfDelay -> LocalDelayedPubkey -> Script Source #

HTLC output witness script (same structure as to_local).

Used for HTLC-timeout and HTLC-success transaction outputs.

Script:

OP_IF
    revocationpubkey
OP_ELSE
    to_self_delay
    OP_CHECKSEQUENCEVERIFY
    OP_DROP
    local_delayedpubkey
OP_ENDIF
OP_CHECKSIG

htlc_output_witness_spend :: ByteString -> Witness Source #

Witness for delayed spend of HTLC output.

Input nSequence must be set to to_self_delay.

Witness: local_delayedsig 0

htlc_output_witness_revoke :: ByteString -> Witness Source #

Witness for revocation spend of HTLC output.

Witness: revocationsig 1

P2WSH helpers

to_p2wsh :: Script -> Script Source #

Convert a witness script to P2WSH scriptPubKey.

P2WSH format: OP_0 32-byte-hash

>>> to_p2wsh some_witness_script
Script "\x00\x20<32-byte-hash>"

witness_script_hash :: Script -> ByteString Source #

Compute SHA256 hash of a witness script.

>>> witness_script_hash (Script "some_script")
<32-byte SHA256 hash>