Commit Graph

257 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
6d97bcbacd
lnwallet+contractcourt: publicly export DeriveCommitmentKeys use in chain watcher
In this commit, we consolidate the number of areas where we derive our
commitment keys. Before this commit, the `isOurCommitment` function in
the chain watcher used a custom routine to derive the expected
scripts/keys for our commitment at that height. With the recent changes,
we now have additional logic in `DeriveCommitmentKeys` that wasn't
copied over to this area. As a result, the prior logic would erroneously
detect if it was our commitment that had hit the chain or not.

In this commit, we remove the old custom code, and use
`DeriveCommitmentKeys` wihtin the chain watcher as well. This ensures
that we only need to maintain the key derivation code in a single place,
preventing future bugs of this nature.
2019-09-25 18:26:13 -07:00
Olaoluwa Osuntokun
d22f2a1936
contractcourt: don't wait for DLP point if commit is tweakless on remote close
In this commit, we update the logic in the `chainWatcher` to no longer
wait until the DLP point has been populated in the database before we
dispatch the force close summary to any registered clients. Instead, we
can sweep immediately, as we have all the information we need to sweep
the funds (just our key).
2019-09-25 18:25:52 -07:00
Olaoluwa Osuntokun
fdec603279
contractcourt: update the commitSweepResolver to be aware of tweakless commits
In this commit, we update the `commitSweepResolver` to be aware of
tweakless commitments. We'll now use the new behavior of the uni close
summary (leaving out the single tweak) to detect if we're dealing with a
new, or modern commitment. Depending on the commitment type, we'll then
set the witness type accordingly so we can generate the proper signature
within the sweeper.
2019-09-25 18:25:49 -07:00
Olaoluwa Osuntokun
0b62126067
multi: update funding workflow to be aware of new tweakless commits
In this commit, we update the funding workflow to be aware of the new
channel type that doesn't tweak the remote party's output within the
non-delay script on their commitment transaction. To do this, we now
allow the caller of `InnitChannelReservation` to signal if they want the
old or new (tweakless) commitment style.

The funding tests are also updated to test both funding variants, as
we'll still need to understand the legacy format for older nodes.
2019-09-25 18:25:46 -07:00
Olaoluwa Osuntokun
c57bb9d86b
Merge pull request #3480 from Roasbeef/proper-resolution-supplements
contractcourt: supplement resolvers with confirmed commit set HTLCs
2019-09-25 17:08:35 -07:00
Olaoluwa Osuntokun
d0df5a4ddd
contractcourt: supplement resolvers with confirmed commit set HTLCs
In this commit, we fix an existing bug in the package, causing
resolutions to be restarted without their required supplementary
information. This can happen if a distinct HTLC set gets confirmed
compared to the HTLCs that we may have had our commitment at time of
close. Due to this bug, on restart certain HTLCS would be rejected as
they would present their state to the invoice registry, but be rejected
due to checks such as amount value.

To fix this, we'll now pass in the set of confirmed HTLCs into the
resolvers when we re-launch them, giving us access to all the
information we need to supplement the HTLCS.

We also add a new test that ensures that the proper fields of a resolver
are set after a restart.
2019-09-25 16:05:25 -07:00
Olaoluwa Osuntokun
c3bf8d2054
contractcourt: create new channel arb test context struct
In this commit, we create a new channel arb test context struct as the
current `createTestChannelArbitrator` has several return parameters, and
upcoming changes will likely at first glance need to add one or more
additional parameters. Rather than extend the existing set of return
parameters, we opt to instead create this struct that wraps the existing
state.

Along the way we add several new utility methods to this context, and
use them in the existing tests where applicable:
  * `AssertStateTransitions`
  * `AssertState`
  * `Restart`
  * `CleanUp`
2019-09-25 16:05:21 -07:00
Johan T. Halseth
2a6ad6e634
channeldb+lnwallet: don't pass isRestoredChan to ChanSyncMsg
Since we have access to the internal state of the channel, we can
instead get it directly instead of passing it in as a parameter.
2019-09-25 14:04:44 +02:00
Johan T. Halseth
2cb80c4449
contractcourt/chain_arbitrator: mark commitment broadcasted before publish
Before publishing the close tx to the network and commit to the
StateCommitmentBroadcasted state, we mark the commitment as broadcasted
and store it to the db. This ensures it will get re-published on startup
if we go down.
2019-09-25 14:04:44 +02:00
Johan T. Halseth
d75feeb953
contractcourt/chain_arbitrator_test: add TestChainArbitratorRepublishCommitment
TestChainArbitratorRepulishCommitment testst that the chain arbitrator
will republish closing transactions for channels marked
CommitementBroadcast in the database at startup.
2019-09-25 14:04:43 +02:00
Johan T. Halseth
425afd28ea
contractcourt/chain_arbitrator: republish closeTx for open channels 2019-09-25 14:04:43 +02:00
Johan T. Halseth
02b2787e44
multi: make MarkCommitmentBroadcasted take closeTx 2019-09-25 14:04:43 +02:00
Johan T. Halseth
eb1b84c0b4
channeldb+lnwallet: make ChanSyncMsg method on OpenChannel 2019-09-25 14:04:42 +02:00
Johan T. Halseth
ce9f7faff2
contractcourt/channel_arbitrator: handle breach channel at startup
Earlier the channel arbitrator would fail to recognize channels pending
close that were in the breached state. This lead to the state machine
not progressing correctly, and in some cases crashing since we would
attempt to force close an already closed channel.

A test TestChannelArbitratorForceCloseBreachedChannel is added to
exercise one of these scenarios.
2019-09-18 13:05:35 +02:00
Johan T. Halseth
26b7ec1b94
contractcourt/channel_arbitrator: define and react to breachClose
Earlier we would not react to breaches, as these are handled by other
subsystems. Now we advances our state machine in case of breach, such
that we'll gracefully exit, and won't have leftover state in case of a
restart.

A simple test TestChannelArbitratorBreachClose to exercise this behavior
is added.
2019-09-18 13:05:35 +02:00
Conner Fromknecht
551693e1b8
Merge pull request #3496 from joostjager/fix-incoming-dust
cnct: do not create an action for incoming dust htlcs
2019-09-16 12:31:37 -07:00
Joost Jager
4e140213f9
htlcswitch+invoices: circuit key based hodl notifications
This commit modifies hodl htlc notification from invoice registry from a
single notification per hash to distinct notifications per htlc. This
prepares for htlc-specific information (accept height) to be added to the
notification.
2019-09-16 10:10:14 +02:00
Conner Fromknecht
72c5d11a1c
Merge pull request #3502 from joostjager/err-returns
multi: fix dropped errors
2019-09-13 11:24:04 -07:00
Joost Jager
be7fc9dd3e
cnct: do not create an action for incoming dust htlcs
This commit fixes the 'unable to find incoming resolution' error that
occured when trying to resolve incoming htlcs below the dust limit that
are not actually present on the commitment tx.
2019-09-13 12:31:26 +02:00
Joost Jager
3131bc4d64
cnct/test: test outgoing dust htlc resolution 2019-09-13 12:31:24 +02:00
Joost Jager
d553c304b2
cnct: log resolver type on error 2019-09-13 12:31:22 +02:00
Joost Jager
1e0ed1e52f
multi: fix dropped errors 2019-09-13 09:50:38 +02:00
Lars Lehtonen
3b29ecb921 routing: Fix dropped errors in tests.
lnd: Fix dropped errors in tests.

contractcourt: Fix dropped errors in tests.

htlcswitch: Fix dropped errors in tests.

invoices: Fix dropped error in tests.

lnwallet: Fix dropped errors in tests.

macaroons: Fix dropped error in tests.
2019-09-13 06:28:05 +00:00
Joost Jager
ecd3c59f7a
cnct: do not log resolver shutting down as error 2019-09-11 15:54:41 +02:00
Joost Jager
3186c0f3a2
cnct: use resolverType type 2019-09-10 17:22:01 +02:00
Joost Jager
3d7de2ad39
multi: remove dead code 2019-09-10 17:21:59 +02:00
Joost Jager
d6d9ec6aa5
invoices: replay awareness
Previously the invoice registry wasn't aware of replayed htlcs. This was
dealt with by keeping the invoice accept/settle logic idempotent, so
that a replay wouldn't have an effect.

This mechanism has two limitations:

1. No accurate tracking of the total amount paid to an invoice. The total
amount couldn't just be increased with every htlc received, because it
could be a replay which would lead to counting the htlc amount multiple
times. Therefore the total amount was set to the amount of the first
htlc that was received, even though there may have been multiple htlcs
paying to the invoice.

2. Impossible to check htlc expiry consistently for hodl invoices. When
an htlc is new, its expiry needs to be checked against the invoice cltv
delta. But for a replay, that check must be skipped. The htlc was
accepted in time, the invoice was moved to the accepted state and a
replay some blocks later shouldn't lead to that htlc being cancelled.
Because the invoice registry couldn't recognize replays, it stopped
checking htlc expiry heights when the invoice reached the accepted
state. This prevents hold htlcs from being cancelled after a restart.
But unfortunately this also caused additional htlcs to be accepted on an
already accepted invoice without their expiry being checked.

In this commit, the invoice registry starts to persistently track htlcs
so that replays can be recognized. For replays, an htlc resolution
action is returned early. This fixes both limitations mentioned above.
2019-09-04 19:20:31 +02:00
Joost Jager
c1345a4117
multi: use separate cltv expiry field from invoice
Now that the Invoice struct contains the decoded final cltv delta value,
the decoding of payment requests can be removed from the invoice
registry.
2019-09-04 19:20:19 +02:00
Joost Jager
05e6b62cb2
cnct+htlcswitch+invoices: report circuit key to invoice registry
Currently the invoice registry cannot tell apart the htlcs that pay to
an invoice. Because htlcs may also be replayed on startup, it isn't
possible to determine the total amount paid to an invoice.

This commit is a first step towards fixing that. It reports the circuit
keys of htlcs to the invoice registry, which forms the basis for
accurate invoice accounting.
2019-09-04 19:20:13 +02:00
Joost Jager
5871d69bde
cnct: convert supplement functions to methods 2019-09-04 19:20:11 +02:00
Olaoluwa Osuntokun
23cc8389f2
multi: add TLV awareness to htlcswitch, pass extra EOB to the invoice registry
In this commit, we update the `HopIterator` to gain awareness of the new
TLV hop payload. The default `HopIterator` will now hide the details of
the TLV from the caller, and return the same `ForwardingInfo` struct in
a uniform manner. We also add a new method: `ExtraOnionBlob` to allow
the caller to obtain the raw EOB (the serialized TLV stream) to pass
around.

Within the link, we'll now pass the EOB information into the invoice
registry. This allows the registry to parse out any additional
information from the EOB that it needs to settle the payment, such as a
preimage shard in the AMP case.
2019-08-22 18:53:05 -07:00
Johan T. Halseth
ed8d635cf1
contractcourt/briefcase: avoid bucket modification in ForEach loop
Since the contents were deleted before the bucket was deleted, we just
delete the bucket immediately.
2019-06-14 21:09:02 +02:00
Olaoluwa Osuntokun
0343327994
Merge pull request #3026 from wpaulino/sweeper-fee-preference
sweep: add support for multiple fee preferences to UtxoSweeper
2019-05-27 16:02:37 -07:00
Olaoluwa Osuntokun
2011ccc571
contractcourt: write confirmed CommitSet to disk before MarkChannelClosed
In this commit, we make a series of changes to ensure that we'll be able
to properly survive restarts if we crash right after we call
MarkChannelClosed. In order to ensure we can survive restarts, we'll now
long the confirmed CommitSet to disk right before we close the channel.
Upon restart, we'll read these from disk so we can pick up where we left
over.

Additionally, we also will now consult the legacy chain actions if it
turns out that the channel has been closed, but we don't have a
confCommitSet written to disk. This will only be the case for nodes that
had pending close channels before this commitment.
2019-05-27 15:26:46 -07:00
Olaoluwa Osuntokun
364c0dd9f1
contractcourt: add storage for the confirmed CommitSet
In this commit, we add storage to the Briefcase for reading/writing a
confirmed CommitSet. This will be used in follow up commits to ensure
that we're able to survive restarts after we mark a channel as pending
closed. Along the way, we also re-add the FetchChainActions struct as
legacy nodes will need this storage.
2019-05-27 15:26:44 -07:00
Olaoluwa Osuntokun
086f4eb8b3
contractcourt: add new TestChannelArbitratorDanglingCommitForceClose test 2019-05-27 15:26:43 -07:00
Olaoluwa Osuntokun
b4a116fd07
contractcourt: update TestChannelArbitratorLocalForceClosePendingHtlc to assert resolution msg delivery 2019-05-27 15:26:42 -07:00
Olaoluwa Osuntokun
ea7bae8492
contractcourt: remove the now unused chain actions methods
We still keep the `actionsBucketKey` variable around so current
contracts will clean up the existing state once they've been fully
resolved.
2019-05-27 15:26:41 -07:00
Olaoluwa Osuntokun
087e22d817
contractcourt: obtain supplementary HTLC info from the htlcSets
Since we no longer have up to date chain actions on disk, we'll use the
HTLC sets in memory which contain the necessary information we need to
in order to obtain the HTLC amounts.
2019-05-27 15:26:40 -07:00
Olaoluwa Osuntokun
8a34b1ae88
contractcourt: only send resolution messages if we have any to send 2019-05-27 15:26:39 -07:00
Olaoluwa Osuntokun
877b8c55d3
contractcourt: stop writing chain actions to disk
We don't need them as we'll just reconstruct the chain actions once a
commitment has actually confirmed.
2019-05-27 15:26:38 -07:00
Olaoluwa Osuntokun
fb91f0be70
contractcourt: reconstruct chain actions at time of commitment confirmation
In this commit, we change the behavior of the channel arb to no longer
write chain actions to disk. Instead, using the new CommitSet struct,
we'll replay our set of prior actions based on what actually got into
the chain. As a result, we no longer need to write the chain actions at
all, instead they're reconstructed at run time to determine decisions,
and before any commitments are broadcast in order to determine if we
need to go to chain at all.
2019-05-27 15:26:37 -07:00
Olaoluwa Osuntokun
fc617cd041
contractcourt: add new checkLocalChainActions method use in main state step
In this commit, we add a new `checkLocalChainActions` method. This
method differs from the existing `checkChainActions` method in that it's
only concerned with actions we should take on chain for our local state
based on the local _and_ remote state. This change ensures that we'll
now to go to chain order to cancel an HTLC that was on the remote
party's commitment transaction, but not our own.
2019-05-27 15:26:36 -07:00
Olaoluwa Osuntokun
5f0fad85be multi: address lingering TODO by no longer wiping out local HTLCs on remote close
In this commit, we fix a lingering TOOD statement in the channel arb.
Before this commitment, we would simply wipe our our local HTLC set of
the HTLC set that was on the remote commitment transaction on force
close. This was incorrect as if our commitment transaction had an HTLC
that the remote commitment didn't, then we would fail to cancel that
back, and cause both channels to time out on chain.

In order to remedy this, we introduce a new `HtlcSetKey` struct to track
all 3 possible in-flight set of HTLCs: ours, theirs, and their pending.

We also we start to tack on additional data to all the unilateral close
messages we send to subscribers. This new data is the CommitSet, or the
set of valid commitments at channel closure time. This new information
will be used by the channel arb in an upcoming commit to ensure it will
cancel back HTLCs in the case of split commitment state.

Finally, we start to thread through an optional *CommitSet to the
advanceState method. This additional information will give the channel
arb addition information it needs to ensure it properly cancels back
HTLCs that are about to time out or may time out depending on which
commitment is played.

Within the htlcswitch pakage, we modify the `SignNextCommitment` method
to return the new set of pending HTLCs for the remote party's commitment
transaction and `ReceiveRevocation` to return the latest set of
commitment transactions on the remote party's commitment as well. This
is a preparatory change which is part of a larger change to address a
lingering TODO in the cnct.

Additionally, rather than just send of the set of HTLCs after the we
revoke, we'll also send of the set of HTLCs after the remote party
revokes, and we create a pending commitment state for it.
2019-05-27 14:34:13 -07:00
Wilmer Paulino
5172a5e255
multi: support arbitrary client fee preferences to UtxoSweeper
In this commit, we introduce support for arbitrary client fee
preferences when accepting input sweep requests. This is possible with
the addition of fee rate buckets. Fee rate buckets are buckets that
contain inputs with similar fee rates within a specific range, e.g.,
1-10 sat/vbyte, 11-20 sat/vbyte, etc. Having these buckets allows us to
batch and sweep inputs from different clients with similar fee rates
within a single transaction, allowing us to save on chain fees.

With this addition, we can now get rid of the UtxoSweeper's default fee
preference. As of this commit, any clients using the it to sweep inputs
specify the same fee preference to not change their behavior. Each of
these can be fine-tuned later on given their use cases.
2019-05-24 15:30:38 -07:00
Joost Jager
3d17c2bcfe
cnct/test: add incoming contest resolver test 2019-05-15 14:42:18 +02:00
Joost Jager
16ff4e3ffa
cnct/test: extend mockWitnessBeacon 2019-05-15 14:42:15 +02:00
Joost Jager
064e8492de
cnct+htlcswitch+invoices: move invoice parameter check out of link
This commit is the final step in making the link unaware of invoices. It
now purely offers the htlc to the invoice registry and follows
instructions from the invoice registry about how and when to respond to
the htlc.

The change also fixes a bug where upon restart, hodl htlcs were
subjected to the invoice minimum cltv delta requirement again. If the
block height has increased in the mean while, the htlc would be canceled
back.

Furthermore the invoice registry interaction is aligned between link and
contract resolvers.
2019-05-15 14:42:12 +02:00
Joost Jager
d8dac49112
cnct: add invoice registry interface
Create an interface type to be able to mock the registry in unit tests.
2019-05-15 14:42:01 +02:00
Joost Jager
1a80a1e540
witness_beacon: do not look up invoice preimages
This commit isolates preimages of forwarded htlcs from invoice
preimages. The reason to do this is to prevent the incoming contest
resolver from settling exit hop htlcs for which the invoice isn't marked
as settled.
2019-05-15 14:41:58 +02:00