Commit Graph

576 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
be63c7d286
htlcswitch: properly convert multi-hop malformed HTLC failures
In this commit, we now properly convert multi-hop malformed HTLC
failures. Before this commit, we wouldn't properly add a layer of
encryption to these errors meaning that the destination would fail to
decrypt the error as it was actually plaintext.

To remedy this, we'll now check if we need to convert an error, and if
so we'll encrypt it as if it we were the source of the error (the true
source is our direct channel peer).
2019-04-30 20:13:37 -07:00
Olaoluwa Osuntokun
cdc4aca40f
htlcswitch: properly handle direct link malformed HTLC failures
In this commit, we fix a bug that caused us to be unable to properly
handle malformed HTLC failures from our direct link. Before this commit,
we would attempt to decrypt it and fail since it wasn't well formed. In
this commit, if its an error for a local payment, and it needed to be
converted, then we'll decode it w/o decrypting since it's already
plaintext.
2019-04-30 20:13:36 -07:00
Olaoluwa Osuntokun
c67ca0a329
htlcswitch: add new EncryptMalformedError method to ErrorEncrypter
In this commit, we add a new method to the ErrorEncrypter interface:
`EncryptMalformedError`. This takes a raw error (no encryption or MAC),
and encrypts it as if we were the originator of this error. This will be
used by the switch to convert malformed fail errors to regular fully
encrypted errors.
2019-04-30 20:13:35 -07:00
Olaoluwa Osuntokun
649e080da6
htlcswitch: for UpdateFailMalformedHTLC packets mark fail as needing conversion
In this commit, we start the first phase of fixing an existing bug
within the switch. As is, we don't properly convert
`UpdateFailMalformedHTLC` to regular `UpdateFailHTLC` messages that are
fully encrypted. When we receive a `UpdateFailMalformedHTLC` today,
we'll convert it into a regular fail message by simply encoding the
failure message raw. This failure message doesn't have  a MAC yet, so if
we sent it backwards, then the destination wouldn't be able to decrypt
it. We can recognize this type of failure as it'll be the same size as
the raw failure message max size, but it has 4 extra bytes for the
encoding. When we come across this message, we'll mark is as needing
conversion so the switch can take care of it.
2019-04-30 20:13:34 -07:00
Olaoluwa Osuntokun
8418dc5530
Merge pull request #2939 from Roasbeef/hodl-htlc-fix
htlcswitch: only perform CLTV checks for HTLCs with open invoices
2019-04-15 12:52:45 -07:00
Joost Jager
40cea6b487
htlcswitch/test: increase test timeout for hodl invoice tests 2019-04-12 09:01:05 +02:00
Olaoluwa Osuntokun
5d68f0f9eb
htlcswitch: only perform CLTV checks for HTLCs with open invoices
In this commit, we fix a bug that would cause a node with a hodl HTLC to
cancel back the HTLC upon restart if the invoice has been settled, but
the HTLC is still present on the commitment transaction. A fix for the
HTLC still being present (not triggering a new commitment) has been
fixed recently. However, for older nodes with a lingering HTLC, on
restart it would be failed back.

In this commit, we make the check stricter by only performing these
checks for HTLCs that are in the open state. This ensures that we'll
only check this constraints the first time around, before the HTLC has
been transitioned to the accepted state.
2019-04-11 17:53:25 -07:00
Conner Fromknecht
057bed2b92
htlcswitch/link: delay restored channel reestablish
This commit adds a brief delay when sending our channel reestablish
message if the link contains a restored channel to ensure we first have
a stable connection. Sending the message will cause the remote peer to
force close the channel, which currently may not be resumed reliably if
the connection is being torn town simultaneously. This delay can be
removed after the force close is reliable, but in the meantime it
improves the reliability of successfully closing out the channel and
allows the `channel_backup_restore/restore_during_creation` to pass
reliably.
2019-04-11 15:42:02 -07:00
Olaoluwa Osuntokun
bc425b1a77
Merge pull request #2918 from joostjager/hodl-drop-fix
htlcswitch: ensure commit tx gets updated after settle hodl invoice
2019-04-11 15:38:56 -07:00
Olaoluwa Osuntokun
5ac9ba6472
htlcswitch: synchronously send the chan sync message to the remote peer
In this commit, we modify the starting link logic to always send the
chan sync message to the remote peer in a synchronous manner. Otherwise,
it's possible that we fail very quickly below this block, and don't ever
send the message to the remote peer.
2019-04-10 18:01:52 -07:00
Joost Jager
72c86fbf5d
htlcswitch/test: test revocation window exhaustion 2019-04-10 21:30:31 +02:00
Joost Jager
6d2dfed03d
htlcswitch: increase batch counter for exit hop settle and fail
The idea of the batch counter is to increase it for commit tx updates,
so that if the commit tx cannot be updated immediately (revocation
window exhausted), the batch ticker makes sure it happens later.

The batch counter was increased for forwarded htlcs, but not for exit hop
resolutions.

This lead to the situation where the commitment tx would not be updated,
even though the htlc was settled locally. When no other changes happen
on the channel, the htlc eventually reaches its expiry and the channel
is force closed.
2019-04-10 21:04:51 +02:00
Joost Jager
038ce342b3
htlcswitch: do not check final cltv for accepted invoices 2019-04-08 18:16:21 +02:00
Joost Jager
206d93d856
htlcswitch/test: test zero value for outbound cltv reject delta 2019-04-05 11:36:18 +02:00
Joost Jager
1b2816006f
htlcswitch/test: align test invoice cltv expiry 2019-04-05 11:36:16 +02:00
Joost Jager
af7d0e5ff5
htlcswitch/test: convert TestChannelLinkSingleHopPayment to two hop network 2019-04-05 11:36:13 +02:00
Joost Jager
037913fd28
link: rewrite height comparisons without subtraction
Prevent the case where a uint32 wrap around could happen.
2019-04-05 11:36:10 +02:00
Joost Jager
ab4da0f53d
cnct: define separate broadcast delta for outgoing htlcs
This commits exposes the various parameters around going to chain and
accepting htlcs in a clear way.

In addition to this, it reverts those parameters to what they were
before the merge of commit d1076271456bdab1625ea6b52b93ca3e1bd9aed9.
2019-04-05 11:36:07 +02:00
Olaoluwa Osuntokun
893cff60c4
Merge pull request #2839 from joostjager/htlc-expiry-check
link: increase expiry grace delta for exit hop and forwarded htlcs
2019-04-01 18:15:56 -07:00
Olaoluwa Osuntokun
1afec1342b
htlcswitch: update syncChanStates for new ChanSyncMsg API 2019-03-28 17:53:56 -07:00
Johan T. Halseth
59e3390f6c
Merge pull request #2750 from cryptagoras/patch-1
htlcswitch/switch: log target node on insufficient cap error
2019-03-27 15:10:08 +01:00
Joost Jager
cd535b9401
link: increase expiry grace delta
This commit increase the expiry grace delta to a value above the
broadcast delta. This prevents htlcs from being accepted that would
immediately trigger a channel force close.

A correct delta is generated in server.go where there is access to
the broadcast delta and passed via the peer to the links.

Co-authored-by: Jim Posen <jim.posen@gmail.com>
2019-03-26 18:42:00 +01:00
Joost Jager
e6fbbaa1dc
link: also check expiry grace delta for forwarded htlcs
Previously there was no minimum remaining blocks requirement on
forwarded htlcs, which may cause channel arbitrator to force
close the channel directly after forwarding the htlc.

Co-authored-by: Jim Posen <jim.posen@gmail.com>
2019-03-26 18:41:41 +01:00
cryptagoras
a50428ca96 htlcswitch/switch: log target node on insufficient cap error 2019-03-25 18:25:58 +02:00
Joost Jager
0823c79e4e
htlcswitch/test: hodl invoice test 2019-03-15 10:09:20 +01:00
Joost Jager
32f2b047e8
htlcswitch: hodl invoice
This commit modifies the invoice registry to handle invoices for which
the preimage is not known yet (hodl invoices). In that case, the
resolution channel passed in from links and resolvers is stored until we
either learn the preimage or want to cancel the htlc.
2019-03-15 10:09:17 +01:00
Joost Jager
1f41a2abce
htlcswitch: abtract invoice from link
This commit detaches signaling the invoice registry that an htlc was
locked in from the actually settling of the htlc.

It is a preparation for hodl invoices.
2019-03-15 10:09:15 +01:00
Joost Jager
aeb35d9898
htlcswitch/test: use real invoice registry with temp db as mock
In further commits the behaviour of invoice registry becomes more
intrinsically connected to the link. This commit prepares for that by
allowing link and registry to be tested as a single unit.
2019-03-15 10:09:12 +01:00
Joost Jager
e464ed18c7
htlcswitch/test: make unknown hash test independent of mock
In the TestChannelLinkMultiHopUnknownPaymentHash test, a preimage was
modified to trigger an unknown payment hash failure. The way the mock is
implemented, it would take the hash of that modified preimage and store
it. It basically stores a completely different invoice. For this test,
it is just as good to store no invoice at all.
2019-03-15 10:09:09 +01:00
Joost Jager
c23bb5b3f1
htlcswitch: extract settle invoice into method 2019-03-15 10:09:03 +01:00
Joost Jager
19f79613df
channeldb: store hold invoice 2019-03-15 10:08:55 +01:00
Joost Jager
4141773e90
htlcswitch: resolve invoice cancelation race condition
Previously it could happen that an invoice was open at the time of the
LookupInvoice call, the htlc was settled because of that, but when the
SettleInvoice call was made eventually, it would fail because the
invoice was canceled in the mean time. The htlc would then be settled,
but the invoice not marked as such.
2019-03-15 10:08:46 +01:00
Joost Jager
eb598ec7a4
htlcswitch: extract exit hop processing to method 2019-03-15 10:08:43 +01:00
Joost Jager
9643b45dbc
htlcswitch/test: move preimage cache to server level
In this commit the preimage cache is instantiated on the mock server
level where it belongs. Previously it was a cache shared across all mock
servers.
2019-03-15 10:08:40 +01:00
Conner Fromknecht
f39edd8000
peer: add SendMessageLazy 2019-03-05 17:08:22 -08:00
Valentine Wallace
f0e668974e htlcswitch/link: verify an htlc is not too large in HtlcSatifiesPolicy
Before forwarding an HTLC, ensure that the amount to forward
including fees does not exceed the max HTLC set for the channel
link.
2019-02-21 18:45:37 -08:00
Valentine Wallace
833c31eaca htlcswitch/link_test+test_utils: add max htlc to forwarding policies 2019-02-21 18:39:32 -08:00
Valentine Wallace
20b3114100 htlcswitch+lnwallet+peer: default max htlc in fwding policy of new chans
In this commit, we set a default max HTLC in the forwarding
policies of newly open channels.

The ForwardingPolicy's MaxHTLC field (added in this commit)
will later be used to decide whether an HTLC satisfies our policy before
forwarding it.

To ensure the ForwardingPolicy's MaxHTLC default matches the max HTLC
advertised in the ChannelUpdate sent out for this channel,  we also add
a MaxPendingAmount() function to the lnwallet.Channel.
2019-02-21 18:39:32 -08:00
Olaoluwa Osuntokun
cbe0bf6a22
Merge pull request #2501 from cfromknecht/batch-preimage-writes
htlcswitch: batch preimage writes/consistency fix
2019-02-21 17:00:00 -08:00
Conner Fromknecht
3428fde5ab
htlcswitch/link_test: batch preimage write test 2019-02-19 17:06:28 -08:00
Conner Fromknecht
76cecb1396
htlcswitch/link: batch write to preimage cache
This commit makes use of the batched AddWitness
method of the WitnessCache, in order to avoid
performing one write for each accepted preimage.

Additionally, this fixes an existing hole in the
consistency guarantees since the batched writes
are now guaranteed to take place before accepting
the next CommitSig. Previously, these writes were
processed in an unsynchronized go routine that
could be delayed arbitrarily long before being
executed.

With this change, the async_payments_benchmarks
actually shows a slight improvement in
performance, presumably because we no longer do
an individual write per preimage, even though
the execution is now explicitly in the critical
path. There is likely also a marginal performance
improvement from the reduction in goroutine
overhead.
2019-02-19 17:06:15 -08:00
Conner Fromknecht
29f07a58cb
cnct+lnwl+hswc: use lntypes.Preimage for witness beacon 2019-02-19 17:06:00 -08:00
Conner Fromknecht
30f61b7630
multi: make AddPreimage variadic, optimistically compute key
In this commit, we modify the WitnessCache's
AddPreimage method to accept a variadic number
of preimages. This enables callers to batch
preimage writes in performance critical areas
of the codebase, e.g. the htlcswitch.

Additionally, we lift the computation of the
witnesses' keys outside of the db transaction.
This saves us from having to do hashing inside
and blocking other callers, and limits extraneous
blocking at the call site.
2019-02-19 17:05:04 -08:00
Wilmer Paulino
abdd01ed9a
ticker+htlcswitch: rename Mock -> Force 2019-02-12 16:05:24 -08:00
Joost Jager
077852cd4e
htlcswitch/test: test canceled invoice 2019-02-06 07:29:35 +01:00
Joost Jager
f80fb286d8
htlcswitch/test: add two hop network 2019-02-06 07:29:32 +01:00
Joost Jager
524d2465e0
htlcswitch/test: extract generic hop network 2019-02-06 07:29:29 +01:00
Joost Jager
9cac0efab7
htlcswitch/test: create preparePayment function 2019-02-06 07:29:26 +01:00
Joost Jager
e7907e0e7c
htlcswitch/test: add waitForPaymentResult helper function 2019-02-06 07:29:24 +01:00
Joost Jager
afd2d69906
htlcswitch/test: convert makePayment into function 2019-02-06 07:29:21 +01:00
Joost Jager
1b87fbfab2
invoices+htlcswitch+lnrpc: cancel invoice 2019-02-06 07:29:18 +01:00
Valentine Wallace
bdd8ce14c9 switch: notify the ChannelNotifier on newly active/inactive channels. 2019-02-05 18:17:54 -08:00
Valentine Wallace
f6cffa8f4b htlcswitch/link: add ChannelPoint() to retrieve the channel outpoint.
This function will be used in the switch to retrieve the channel point for a link,
allowing the switch to retrieve individual channels from the database.
2019-02-05 18:17:54 -08:00
Joost Jager
bacd92418a
invoices: use lntypes.Hash and lntypes.Preimage
Previously chainhash.Hash was used, which converts to/from string in
reversed format. Payment hashes and preimages are supposed to be
non-reversed.
2019-02-01 09:42:29 +01:00
Joost Jager
9e012ecc93
multi: move Input interface and related code
This commit is a step to split the lnwallet package. It puts the Input
interface and implementations in a separate package along with all their
dependencies from lnwallet.
2019-01-31 13:25:33 +01:00
orbitalturtle
08750f180b multi: deprecate IncorrectHtlcAmount onion error
In this commit, we deprecate the `IncorrectHtlcAmount` onion error.
We'll still decode this error to use when retrying paths, but we'll no
longer send this ourselves. The `UnknownPaymentHash` error has been
amended to also include the value of the payment as well. This allows us
to worry about one less error.
2019-01-29 18:21:13 -08:00
Olaoluwa Osuntokun
9c59ac4383
Merge pull request #2397 from halseth/reject-commitment-expected-fee-reset-bug
[bugfix] Process fee updates as any other update message
2019-01-14 17:06:27 -08:00
Wilmer Paulino
b951f06456
multi: move CsvDelay into ChannelConstraints 2019-01-11 16:58:15 -08:00
Conner Fromknecht
6ae77bc3cb
htlcswitch/switch_test: adds HasActiveLink unit test 2019-01-10 16:34:03 -08:00
Conner Fromknecht
164250d1cd
htlcswitch/switch: check EligibleToForward in HasActiveLink
This commit modifies the behavior of the
HasActiveLink method within the switch to
only return true if the link is in the
link index and is eligible to forward
HTLCs.

The prior version returns true whenever
the link is found in the link index,
which may return true for pending
channels that are not actually active.
2019-01-10 16:34:02 -08:00
Johan T. Halseth
480f43f1dc
lnwallet/channel: add lnwire<->PaymentDescriptor FeeUpdate conversion
This commit adds conversion between the lnwire.UpdateFee message and the
new FeeUpdate PaymentDescriptor. We re-purpose the existing Amount field
in the PaymentDescriptor stuct to hold the feerate.
2019-01-10 12:26:33 +01:00
Conner Fromknecht
75ec66d9b3
Merge pull request #1975 from halseth/fwdtrigger-force
[tests] Force tick on FwdEventTicker
2019-01-07 17:46:58 -08:00
Joost Jager
5515713b88
channeldb: convert settled boolean to state
This commit is a preparation for the addition of new invoice
states. A database migration is not needed because we keep
the same field length and values.
2019-01-04 07:53:55 +01:00
Joost Jager
6c027e2bc9 htlcswitch: remove lnrpc dependency
This commits removes an unwanted dependency that prevents
moving parts of rpcserver to a sub server.
2019-01-03 09:07:56 +01:00
Johan T. Halseth
c9868aae8f
htlcswitch test: add fwdinglog inspection on triggered FwdEventTicker 2018-12-20 08:57:22 +01:00
Joost Jager
91f3df07e4
lnwallet: prevent static fee estimator fees from being modified
Modifying the static fees is not thread safe. In this commit the fees
are made immutable.
2018-12-18 10:50:05 +01:00
Joost Jager
423dd8ab9b
lnwallet: expose relay fee on fee estimators 2018-12-18 10:50:04 +01:00
Olaoluwa Osuntokun
152fc8b1f1
Merge pull request #2329 from Roasbeef/global-sig-pool
multi: replace per channel sigPool with global daemon level sigPool
2018-12-17 16:33:56 -08:00
Wilmer Paulino
e71151f56a htlcswitch/link: return FinalFailExpiryTooSoon for last htlc
In this commit, we fix a minor discrepancy with the spec. We should
return a FinalFailExpiryTooSoon error, rather than a
FinalFailIncorrectCltvExpiry error, when the last HTLC of a route (exit
hop) has an expiration height that is deemed too soon by the final
destination of the HTLC.
2018-12-17 15:26:11 -05:00
Olaoluwa Osuntokun
fa160f559c
multi: replace per channel sigPool with global daemon level sigPool
In this commit, we remove the per channel `sigPool` within the
`lnwallet.LightningChannel` struct. With this change, we ensure that as
the number of channels grows, the number of gouroutines idling in the
sigPool stays constant. It's the case that currently on the daemon, most
channels are likely inactive, with only a hand full actually
consistently carrying out channel updates. As a result, this change
should reduce the amount of idle CPU usage, as we have less active
goroutines in select loops.

In order to make this change, the `SigPool` itself has been publicly
exported such that outside callers can make a `SigPool` and pass it into
newly created channels. Since the sig pool now lives outside the
channel, we were also able to do away with the Stop() method on the
channel all together.

Finally, the server is the sub-system that is currently responsible for
managing the `SigPool` within lnd.
2018-12-16 15:40:14 -08:00
Olaoluwa Osuntokun
da973315d4
hltcswitch: use build package to detect debug build 2018-12-03 20:40:12 -08:00
Offer Markovich
6e8dd9e00f htlcswitch: verify test are running with "debug" tag
Per team decision all tests should run with "debug" flag.
Makefile updated accordingly.

A developer may still run the test from command line by "go test ...."

The commit protects against this and issue an error if needed.
2018-12-03 19:53:36 -08:00
Olaoluwa Osuntokun
1fd3aac925
multi: switch from bolt packge to bbolt package for all imports 2018-11-29 20:33:49 -08:00
Johan T. Halseth
a9bd6100ff
htlcswitch/link: remove handled TODO 2018-11-21 10:28:57 +01:00
Johan T. Halseth
676a1b1407
lnwallet+link: make ChanSyncMsg take channel state as arg
This lets us get the channel reestablish message without creating the LightningChannel struct first.
2018-11-21 10:28:56 +01:00
Alex Bosworth
2d8e239fe9
Move pewpew diff log into debug log 2018-11-01 17:46:03 -07:00
Joost Jager
1d97cf1229
htlcswitch+routing: implement expiry_too_far failure
In this commit we add a check to HtlcSatifiesPolicy to verify that the
time lock for the outgoing htlc that is requested in the onion packet
isn't too far in the future.

Without this check, anyone could force an unreasonably long time lock on
the forwarding node.
2018-10-15 08:51:08 +02:00
Olaoluwa Osuntokun
3fda1029c0
Merge pull request #1786 from Roasbeef/golang-1.1
build+docs: bump to golang 1.11
2018-10-08 13:26:07 +09:00
Olaoluwa Osuntokun
f07260afbc
htlcswitch: fix lint under go 1.11 2018-10-07 14:37:41 +09:00
Olaoluwa Osuntokun
d8e6085c17
multi: update to go 1.11 gofmt 2018-10-07 14:37:38 +09:00
Conner Fromknecht
59b459674d
multi: init subsystem loggers via build pkg 2018-10-05 13:04:45 +09:00
Conner Fromknecht
ece3051237
htlcswitch/hodl: switch from debug tag to dev 2018-10-05 13:04:45 +09:00
Johan T. Halseth
54a608d09d
htlcswitch+discovery mock: adhere to new lnpeer interface 2018-09-28 09:05:18 +02:00
maurycy
ac24b12bf2
multi: fix various typos in comments 2018-09-07 06:51:49 +02:00
Wilmer Paulino
33dda07b62
htlcswitch: return concrete error from GetLinksByInterface 2018-08-28 20:34:18 -07:00
Olaoluwa Osuntokun
19552b0dbf
htlcswitch+funding+discovery: update mock peers to add new QuitSignal method 2018-08-25 17:30:15 -07:00
Olaoluwa Osuntokun
5cf911a762
Merge pull request #1764 from cfromknecht/isolate-fwdpkg-to-live-links
htlcswitch/link: only resovle+gc fwdpkgs for live channels
2018-08-24 17:42:44 -07:00
Conner Fromknecht
22793e4418
htlcswitch/link_test: increase fwdpkg gc interval
In this commit, we increase the fwdpkg gc interval
to avoid having it conflict with switch tests that
inspect forwarding packages. The current timeout is
a little too short on travis, and sporadically fails
TestChannelLinkCleanupSpuriousResponses, which was
added recently.
2018-08-24 12:54:24 -07:00
Conner Fromknecht
9c5c1d0cb5
htlcswitch/switch: prevent panic for unknown error decryptor 2018-08-22 10:26:27 -07:00
Conner Fromknecht
b59fea460a
htlcswitch/switch: make local response handling async
This commit moves the logic handling responses to
locally-initiated payments to be asynchronous. The
reordering of operations into handleLocalDispatch
brings a serious performance burden to the switch's
main event loop. However, the at-most once semantics
of circuit map and idempotency of cleanup methods
allows concurrent operations to run in parallel.

Prior to this commit, the async_payments_benchmark
would timeout due to the forcibly serial nature of
the prior design. With this change, there is no
perceptible difference in the benchmark OMM, even
though we've added two extra db calls.
2018-08-22 10:26:26 -07:00
Conner Fromknecht
5dc2a4a4b8
htlcswitch/control_tower: use one db txn for transitions
Composes the new payment status helper methods such that
we only require one db txn per state transition. This
also allows us to remove the exclusive lock from the
control tower, and enable more concurrent requests.
2018-08-21 19:23:25 -07:00
Conner Fromknecht
2dd8f07014
htlcswitch/switch: use non-strict PaymentControl 2018-08-21 19:23:25 -07:00
Conner Fromknecht
2027444a56
htlcswitch/control_tower_test: test strict and non-strict ctrltwrs 2018-08-21 19:23:25 -07:00
Conner Fromknecht
98d2ffbfd0
htlcswitch/control_tower: add strict mode toggling 2018-08-21 19:23:24 -07:00
Conner Fromknecht
971ae3c744
htlcswitch/control_tower_test: move from switch_control_test 2018-08-21 19:23:24 -07:00
Conner Fromknecht
8b2237fc1d
htlcswitch/control_tower: move from switch_control 2018-08-21 19:23:24 -07:00
Conner Fromknecht
3f0dfd4e4b
htlcswitch/switch_control_test: extend tests + godocs 2018-08-21 19:23:24 -07:00
Conner Fromknecht
875128539c
htlcswitch/switch_control: expand godocs and add ErrUnknownPaymentStatus 2018-08-21 19:23:24 -07:00
Conner Fromknecht
9b52c510e9
htlcswitch/mock: remove new line to satisfy linter 2018-08-21 19:23:24 -07:00
Conner Fromknecht
d6083e0d66
htlcswitch/switch: reorder persistent calls and app ntfn...
for Settle/Fail responses.
2018-08-21 19:23:24 -07:00