Commit Graph

179 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
9d5b0885d4
lnwallet/channel: add r-preimages to the PaymentDescriptor for settles 2016-09-21 19:49:07 -07:00
Olaoluwa Osuntokun
7310d0a0f7
lnwallet: remove extraneous logging messages 2016-09-21 19:48:46 -07:00
Olaoluwa Osuntokun
49ce1040d4
lnwallet: adopt simple fee structure for commitment transactions
This commit modifies the prior funding workflow to account for fees
when creating the funding output. As a stop gap, the current fee for
the commitment transaction is now hard-coded at 5k satoshis. Once the
fee models are in place this should instead be some high multiple of
the current “average” fee rate within the network, continuing, the
proper fee should be adjusted from the commitment transaction has
outputs are added/removed.
2016-09-12 19:08:01 -07:00
Olaoluwa Osuntokun
d0353b2864
lnwallet: add ability to trigger a force closure within channel state machine
This commit introduces the concept of a manually initiated “force”
closer within the channel state machine. A force closure is a closure
initiated by a  local subsystem which broadcasts the current commitment
state directly on-chain rather than attempting to cooperatively
negotiate a closure with the remote party.

A force closure returns a ForceCloseSummary which includes all the
details required for claiming all rightfully owned outputs within the
broadcast commitment transaction.

Additionally two new publicly exported channels are introduced, one
which is closed due a locally initiated force closure, and the other
which is closed once we detect that the remote party has executed a
unilateral closure by broadcasting their version of the commitment
transaction.
2016-09-12 19:07:35 -07:00
Olaoluwa Osuntokun
024deb93f3
lnwallet: modify btcwallet's SignOutputRaw method to get proper pubkey
This commit slightly modifies btcwallet’s SignOutputRaw method to work
properly in the case that the pkScript of the output being spent isn’t
one of the template pkScripts (p2pkh, multi-sig, etc). Rather than
examining the address, we now attempt to find the private key which
matches the public key passed within the sign descriptor.
2016-09-12 19:07:24 -07:00
Olaoluwa Osuntokun
f972378140
lnwallet: modify CommitSpendTimeout to expect proper input sequence num and tx version 2016-09-12 19:07:20 -07:00
Olaoluwa Osuntokun
e858bb5ca2
lnwallet: convert CommitSpendTimeout to user the Signer interface 2016-09-12 19:07:12 -07:00
Olaoluwa Osuntokun
affd7793b3
lnwallet: add htlc persistence, state log restoration to channel state machine
This commit adds full persistence logic of the current lowest
un-revoked height within each commitment chain. The newly added
channeldb methods for record state transitions within both commitment
chains are now utilized. This un-settled HTLC state is now read upon
initialization, with the proper log entries inserted into the state
update log which reflect the garbage collected log right before the
restart.

A new set of tests have been added to exercise a few edge cases around
HTLC persistence to ensure the in-memory log is properly restored based
on the on-disk snapshot.
2016-09-12 19:07:04 -07:00
Olaoluwa Osuntokun
6684f6aedf
channeldb: implement commitment state update log
This commit implements a state update log which is intended the record
the relevant information for each state transition on disk. For each
state transition a delta should be written recording the new state. A
new method is also provided which is able to retrieve a previous
channel state based on a state update #.

At the moment no measures has been taken to optimize the space
utilization of each update on disk. There are several low-hanging
fruits which can be addressed at a later point. Ultimately the update
log itself should be implemented with an append-only flat file at the
storage level. In any case, the high level abstraction should be able
to maintained independent of differences in the on-disk format itself.
2016-09-12 19:06:44 -07:00
Olaoluwa Osuntokun
e536e1afb1
lnwallet: eliminate flaky assert within integration tests
This commit removes a flaky assertion within the interaction tests. Due
to differences in final coin selection across tests due to the
pseudo-random nature of map iterations, a single output might be
selected rather than two as we previously expected.

Additionally a duplicate test has been removed, and the locked output tests
simplified a bit.
2016-09-08 13:10:51 -07:00
Olaoluwa Osuntokun
671098325d
lnwallet: refactor all wallet/channel interaction to use the WalletController.
This commit performs a major refactor of the current wallet,
reservation, and channel code in order to call into a WalletController
implementation rather than directly into btcwallet.

The current set of wallets tests have been modified in order to test
against *all* registered WalletController implementations rather than
only btcwallet. As a result, all future WalletControllers primary need
to ensure that their implementation passes the current set of tests
(which will be expanded into the future), providing an easy path of
integration assurance.

Rather than directly holding the private keys throughout funding and
channel creation, the burden of securing keys has been shifted to the
specified WalletController and Signer interfaces. All signing is done
via the Signer interface rather than directly, increasing flexibility
dramatically.

During channel funding, rather than creating a txscript.Engine to
verify commitment signatures, regular ECDSA sig verification is now
used instead. This is faster and more efficient.

Finally certain fields/methods within ChannelReservation and
LightningChannel have been exposed publicly in order to restrict the
amount of modifications the prior tests needed to undergo in order to
support testing directly agains the WalletController interface.
2016-09-08 12:25:54 -07:00
Olaoluwa Osuntokun
99fdb3a3a9
lnwallet: modify elkrem root derivation, derive from root HD seed
This commit modifies the elkrem root derivation for each newly created
channel. First a master elkrem root is derived from the rood HD seed
generated from private wallet data. Next, a HKDF is used with the
secret being the master elkrem root.
2016-09-08 12:25:49 -07:00
Olaoluwa Osuntokun
564316a846
lnwallet: publicly export several functions within script_utils.go 2016-09-08 12:25:44 -07:00
Olaoluwa Osuntokun
044b65317a
lnwallet: remove setup.go
This file is no longer needed as each implementation of the
WalletController is expected to handle its own set up via an instance
of the WalletDriver factory struct.
2016-09-08 12:25:40 -07:00
Olaoluwa Osuntokun
773c831561
lnwallet: replace naive coin selection a size+fee aware version 2016-09-08 12:25:36 -07:00
Olaoluwa Osuntokun
6a1d8d0682
lnwallet: add a BtcWallet implementation of WalletController
This commit adds the first concrete implementation of the
WalletController interface: BtcWallet. This implementation is simply a
series of wrapper functions are the base btcwallet struct.

Additionally, for ease of use both the BlockChain IO and Signer
interface are also implemented by BtcWallet. Finally a new WalletDriver
implementation has been implemented, and will be register by the init()
method within this new package.
2016-09-08 12:25:32 -07:00
Olaoluwa Osuntokun
5449ba2b34
lnwallet: revamp interfaces, add BlockChainIO and Singer
This commit revamps the previous WalletController interface, edging it
closer to a more complete version.

Additionally, this commit also introduces two new interfaces:
BlockchainIO, and Singer along with a new factor driver struct, the
WalletDriver.

This BlockChainIO abstracts read-only access to the blockchain, while
the Singer interface abstracts the signing of inputs from the base
wallet paving the way to hardware wallets, air-gapped signing, etc.

Finally, in order to provide an easy method for selecting a particular
concrete implementation of a WalletController interface, the concept of
registering “WalletDriver”s has been introduced. A wallet driver is
essentially the encapsulation of a factory function capable of create a
new instance of a Wallet Controller.
2016-09-08 12:25:28 -07:00
Olaoluwa Osuntokun
a87ddeabdc
lnwallet: remove interaction with the btcutil.coinset package
This commit removes the wrapper functions used to rely on the coinset
package for coin selection. In a future commit the prior behavior will
be replaced by a custom coin selection implementation which estimates
the size of the funding transaction.
2016-09-08 12:25:24 -07:00
Olaoluwa Osuntokun
8bbd010f74
lnwallet: use the ChainNotifier interface throughout instead of BtcdNotifier
This commit refactors the code within lnwallet interacting with the
ChainNotifier to accept, and call against the implementation rather
than a single concrete implementation.

LightningWallet no longer creates it’s own BtcdNotifier implementation
doing construction, now instead accepting a pre-started `ChainNotifier`
interface.  All imports have been updated to reflect the new naming
scheme.
2016-09-01 19:13:19 -07:00
Olaoluwa Osuntokun
04e7a88a83
lnwallet: fix bug in lockTimeToSequence function
This commit fixes a bug in the lockTimeToSequence function when mapping
a block-based relative lock time to the proper sequence number.

Applying the mask isn’t necessary since the values are expected to be
blow 65K blocks.
2016-08-25 16:25:32 -07:00
Olaoluwa Osuntokun
4104a9bcde
lnwallet: never create zero-value outputs within the commitment transaction 2016-07-27 12:15:50 -07:00
Olaoluwa Osuntokun
c0614c0478
lnwallet: add basic tests for cooperative channel closure
This commit adds a basic test for cooperative channel closure. The
current test ensures correctness of the cooperative closure procedure
initiated by either the channel initiator, or the channel responder.
2016-07-27 11:32:35 -07:00
Olaoluwa Osuntokun
e01dd7f18d
lnwallet: properly make channelState an enum by using iota 2016-07-27 11:29:49 -07:00
Olaoluwa Osuntokun
8a56fbf196
lnwallet: switch name of package logger to avoid module collision 2016-07-27 11:29:07 -07:00
Olaoluwa Osuntokun
c8e58147b6
add glide dependency management for fully reproducible builds
This commit adds glide integration in order to make lnd builds fully
reproducible. Rather than using “go get” users should now manually pull down
the repo, use glide to fetch+install the dependancies, then manually install
all related binaries.

With this change we no longer have to chase dependancies making breaking API
changes under us. We can manually update the managed dependancies once a new
stable release of a defendant package is released.

Additionally, reproducible builds are a strong requirement in order to securely
distribute future major releases of lnd.
2016-07-22 18:53:35 -07:00
Olaoluwa Osuntokun
2bb65a3fb8
lnwallet: add PendingUpdates method to channel state machine
This commit adds a new method, “PendingUpdates” to the channel state
machine which is intended to be a source to give callers a hint as to
when an additional commitment signature should be sent independent of
any request/response book keeping.
2016-07-21 16:52:18 -07:00
Olaoluwa Osuntokun
4063171918
lnwallet: partition state update logs within channel state machine
This commit patrons the state update logs properly within the channel
state machine. This change fixes a number of bugs caused by treating a
central log as two logically distinct logs. Rather than having a bit
indicating if the entry is incoming/outgoing, an entry is added to a
remote or local log depending on which modification method is used.

As a result the code is much easier to follow due to separation of
concerts.

Finally, when attempting to sign a new update with an exhausted
renovation window a distinct error is returned in order to allow higher
level callers to properly back-off and handle the protocol event.
2016-07-21 16:50:38 -07:00
Olaoluwa Osuntokun
b60270f3f7
lnwallet: include htlcs to settle in returned set of htlc's to forward
This commit fixes a slight bug in the channel state machine’s code
executed when processing a revocation messages. With this commit after
processing a revocation, log entries which we should forward to the
downstream or upstream peer for settling/adding HTLC’s are now properly
returned.

The testa have also been updated to ensure to correct htlc’s are
returned “for forwarding”.
2016-07-16 18:12:49 -07:00
Olaoluwa Osuntokun
2c303a1879
lnwallet: AddHTLC now returns log index of created log entry 2016-07-16 18:02:09 -07:00
Olaoluwa Osuntokun
a14246c5bb
lnwallet: use two-value read from conf channel to detect closure 2016-07-14 16:17:10 -07:00
Olaoluwa Osuntokun
7dea354711
lnwallet: properly handle HTLC settles in channel state-machine
We no longer track HTLC’s by their r-hash within the log into the
index, as we may have multiple HTLC’s that can be redeemed by the same
pre-image. Instead we now use a separate index which is keyed by a
log-index.

Additionally, the SettleHTLC method now also returns the index of the
HTLC being settled which allows the remote party to quickly locate the
HTLC within their log.

This commit also introduces a few trace/debug log messages which will
likely be pruned in the near future
2016-07-12 17:35:57 -07:00
Olaoluwa Osuntokun
06f062e678
lnwallet: sync revocation state after receiving a revocation 2016-07-12 17:32:42 -07:00
Olaoluwa Osuntokun
14d669dfd1
lnwallet: decrease initial revocation window to 4 2016-07-12 17:31:01 -07:00
Olaoluwa Osuntokun
94c242073a
lnwallet: finish initial draft of LightningChannel state machine
This commit finishes the initial draft of the commitment state machine.
A full re-write of the prior protocol which combines aspects of the
former ‘lnstate’ package has replaced the prior un-finished
stop-and-wait protocol.

This new protocol is designed to operate in an asynchronous environment
and to facilitate non-blocking batched and pipelined updates to the
committed channel states. The protocol is also de-synchronized meaning
that either side can propose new commitment states independent of the
actions of the other party.

The state machine implemented is very similar to that of c-lightning,
however we allow multiple unrevoked commentates in order to minimize
blocking, and also to reduce latency across several hops in a
bi-directional setting.

The current implementation consists of 3 main data structures: a
commitment chain which consist of unrevoked commitment transactions
(one for each side), and a (mostly) append-only log of HTLC updates
shared between both sides. New commitments proposed index into the log
denoting which updates they include, this allows both parties to
progress chains independent of one another. Revoked commitments, reduce
the length of the chain by one, and free up space within the revocation
window.

At this point only basic tests are in place for the state machine,
however more extensive testing infrastructure along with formal proofs
using PlusCall are planned.
2016-07-05 17:02:03 -07:00
Olaoluwa Osuntokun
8775107454
lnwallet: keep commitments cold at all times, store sig instead
This commit changes prior behavior which stored a “hot” commitment
transaction, meaning one which all the sigScript fully assembled and
able to be broadcast.

Instead, we now store the current signature for our commitment
transaction as a separate field within the database and within memory.
As a result, this eliminates a class of bugs which would erroneously
broadcast a fully loaded commitment transaction, either leading to a
loss of funds, or suspending availability to funds for a period of
time.
2016-07-05 16:55:47 -07:00
Olaoluwa Osuntokun
f03122e697
lnwallet: correct comment in revoke derivation explanation 2016-07-05 16:49:27 -07:00
Olaoluwa Osuntokun
2c187209eb
lnwallet: update internal wallet reservations to use revoke keys
This update the wallet to implement the new single funder workflow
which uses revocation keys rather than revocation hashes for the
commitment transactions.
2016-06-30 12:13:50 -07:00
Olaoluwa Osuntokun
1b490c52ed
lnwallet: createCommitTx now a revocation key 2016-06-30 12:12:19 -07:00
Olaoluwa Osuntokun
d85719b5a7
lnwallet: add elkrem root derivation function
The derivation is current bed on an HKDF invocation using our private
key as the secret, and the node’s channel multi-sig key as the salt.
This scheme allows us to derive the key on the fly given data known to
only us and the remote node.

The current derivation is just a place-holder and will be re-visited at
a later time.
2016-06-30 12:09:42 -07:00
Olaoluwa Osuntokun
78346c81e7
lnwallet: update reservation workflow to revoke keys
With this commit, the reservation workflow for the single funder use
case is now aware of the usage of revocation keys.

The changes are relatively minor:
  * contributions now have RevocationKeys instead of RevocationHashes
  * CompleteReservationSingle now takes the initiators revocation key
2016-06-30 12:02:51 -07:00
Olaoluwa Osuntokun
f3a6f8ffe6
lnd: implement the sendcoins RPC request
This commit implements the “send coins” RPC request which was
introduced at both the lnrpc and command line level in a prior commit.

A small refactoring has taken place w.r.t to sendmany+sendcoins in
order to eliminate some code duplication.
2016-06-29 11:31:34 -07:00
Olaoluwa Osuntokun
e22734f9cf
lnwallet: update HTLC+commitment scripts
This commit updates the previous HTLC and commitment scripts to their
current latest evolution.

The HTLC scripts have been optimized for space savings, the
functionality itself has remained relatively unchanged. A trade off was
made to add additional bytes into the sigScript in order to avoid
extraneous CHECKSIG’s. The rationale is that an extra 1-2 bytes in the
sigScript to guide execution, are worthwhile since they’re in the
witness, and witness data may be pruned in the near future.

The primary change is within the commitment transaction itself. Instead
of using revocation hashes, we now use signature based revocation. This
saves space in the Script, and optimizes away an extra hashing
operation. Elkrem/shachain is still used but, we now use the pre-images
to homomorphically derive a public key which the other party will be
able to sign with, once we disclose the pre-image itself.

Finally, we have switched to using SHA-256 everywhere uniformly for
both revocation hashes, and payment hashes. The rationale is that the
output of ripemd160 is too small for modern security margins, and that
other coins/chains are more likely to have SHA-256 implemented, than
ripemd160.

A set of tests has also been included which contain (mostly) exhaustive
tests of all possible redemption paths for both commitment and HTLC.
2016-06-27 11:35:32 -07:00
Olaoluwa Osuntokun
ac8736ff99
lnwallet: convert commitment no-delay output to p2wsh 2016-06-27 11:21:13 -07:00
Olaoluwa Osuntokun
05fb9b5a6d
lnwallet: payment and revocation hashes are now 32 bytes
This unifies some inconstancies across the code-base with hashes being
32 vs 20 bytes. All hashes, whether payment or revocation are now
uniformly 32 bytes everywhere. As a result, only OP_SHA256 will be used
within commitment and HTLC scripts. The rationale for using sha256
instead of hash160 for the HTLC payment pre-image is that alternative
chains are more likely to have sha256 implemented, rather than
ripemd160.

A forthcoming commit will update the current commitment, and HTLC
scripts.
2016-06-26 23:04:14 -07:00
Olaoluwa Osuntokun
77a006f03b
lnwallet: ChannelPoint() now returns a pointer to outpoint 2016-06-22 22:15:13 -07:00
Olaoluwa Osuntokun
e17bdf08ea
lnwallet: expose db channel deletion+snapshotting 2016-06-22 22:12:37 -07:00
Olaoluwa Osuntokun
31e5466692
lnd: introduce the fundingManager
This commit introduces the fundingManger which is used as a bridge
between the wallet’s internal ‘ChannelReservation’ workflow, and the
wire protocol’s funding messages.

 The funding manger is responsible for progressing the workflow, and
communicating any errors generated during the workflow back to the
source peer.
2016-06-21 13:13:49 -07:00
Olaoluwa Osuntokun
25577b6cd5
lnwallet: add test cases for single funder workflow
This commit adds additional test cases to test both cases (initiator vs
responder) for a single funder channel workflow. Additionally, the
previous dual funder tests have been extended in order to detect proper
funding channel broadcast, and the ChainNotifier’s role in notifying
upstream callers that a funding transaction has been embedded in the
chain at a sufficient depth.

At this point the tests certainly need to be cleaned up. bobNode should
be replaced with a second instance of the wallet modeling a remote
peer.
2016-06-21 13:13:45 -07:00
Olaoluwa Osuntokun
3a14fe8ba5
lnwallet: add support for single funder workflow
This commit modifies the existing workflow to add additional paths to
be used when on the responding side of a single funder workflow.

Additionally, several bugs encountered within the existing dual funder
workflow logic have been fixed, and modified to account for the wallet
being on the igniting side of a single funder workflow.
2016-06-21 13:13:41 -07:00
Olaoluwa Osuntokun
4a6a2d6cd4
lnwallet: correct inputs scripts for nested P2SH spend
The previous logic incorrectly assumed the returned address was already
a p2wkh address. Instead, a p2sh address was returned. So we now
correctly craft both the sigScript and witness stack for a nested p2sh
spend.
2016-06-21 13:13:33 -07:00