Commit Graph

109 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
fb91f0be70
contractcourt: reconstruct chain actions at time of commitment confirmation
In this commit, we change the behavior of the channel arb to no longer
write chain actions to disk. Instead, using the new CommitSet struct,
we'll replay our set of prior actions based on what actually got into
the chain. As a result, we no longer need to write the chain actions at
all, instead they're reconstructed at run time to determine decisions,
and before any commitments are broadcast in order to determine if we
need to go to chain at all.
2019-05-27 15:26:37 -07:00
Olaoluwa Osuntokun
fc617cd041
contractcourt: add new checkLocalChainActions method use in main state step
In this commit, we add a new `checkLocalChainActions` method. This
method differs from the existing `checkChainActions` method in that it's
only concerned with actions we should take on chain for our local state
based on the local _and_ remote state. This change ensures that we'll
now to go to chain order to cancel an HTLC that was on the remote
party's commitment transaction, but not our own.
2019-05-27 15:26:36 -07:00
Olaoluwa Osuntokun
5f0fad85be multi: address lingering TODO by no longer wiping out local HTLCs on remote close
In this commit, we fix a lingering TOOD statement in the channel arb.
Before this commitment, we would simply wipe our our local HTLC set of
the HTLC set that was on the remote commitment transaction on force
close. This was incorrect as if our commitment transaction had an HTLC
that the remote commitment didn't, then we would fail to cancel that
back, and cause both channels to time out on chain.

In order to remedy this, we introduce a new `HtlcSetKey` struct to track
all 3 possible in-flight set of HTLCs: ours, theirs, and their pending.

We also we start to tack on additional data to all the unilateral close
messages we send to subscribers. This new data is the CommitSet, or the
set of valid commitments at channel closure time. This new information
will be used by the channel arb in an upcoming commit to ensure it will
cancel back HTLCs in the case of split commitment state.

Finally, we start to thread through an optional *CommitSet to the
advanceState method. This additional information will give the channel
arb addition information it needs to ensure it properly cancels back
HTLCs that are about to time out or may time out depending on which
commitment is played.

Within the htlcswitch pakage, we modify the `SignNextCommitment` method
to return the new set of pending HTLCs for the remote party's commitment
transaction and `ReceiveRevocation` to return the latest set of
commitment transactions on the remote party's commitment as well. This
is a preparatory change which is part of a larger change to address a
lingering TODO in the cnct.

Additionally, rather than just send of the set of HTLCs after the we
revoke, we'll also send of the set of HTLCs after the remote party
revokes, and we create a pending commitment state for it.
2019-05-27 14:34:13 -07:00
Joost Jager
1a80a1e540
witness_beacon: do not look up invoice preimages
This commit isolates preimages of forwarded htlcs from invoice
preimages. The reason to do this is to prevent the incoming contest
resolver from settling exit hop htlcs for which the invoice isn't marked
as settled.
2019-05-15 14:41:58 +02:00
Joost Jager
6886a0117f
cnct: always create incoming contest resolver
One of the first things the incoming contest resolver does is checking
if the preimage is available and if it is, convert itself into a success
resolver.

This behaviour makes it unnecessary to already determine earlier in the
process whether an incoming contest or a success resolver is needed.

By having all incoming htlcs go through the incoming contest resolver,
the number of execution paths is reduced and it becomes easier to
ascertain that the implemented logic is correct.

The only functional change in this commit is that a forwarded htlc for
which is the preimage is known, is no longer settled when the htlc is
already expired. Previously a success resolver would be instantiated
directly, skipping the expiry height check.

This created a risk that the success resolver would never finish,
because an expired htlc could already have been swept by the remote
party and there is no detection of this remote spend in the success
resolver currently.

With the new change, the general direction that an expired htlc
shouldn't be settled and instead given up on is implemented more
consistently.

This commit prepares for fixing edges cases related to hodl
invoice on-chain resolution.
2019-05-15 14:41:47 +02:00
Joost Jager
86eb0a3383
cnct: log go to chain reason
This commit adds logging of the reason to go to chain for a channel.
This can help users to find out the reason why a channels forced closed.

To get all go to chain reasons, an optimization to break early is
removed. This optimization was not significant, because the normal flow
already examined all htlcs. In the exceptional case where we need to go
to chain, it does not weigh up against logging all go to chain reasons.
2019-04-08 10:34:41 +02:00
Joost Jager
ab4da0f53d
cnct: define separate broadcast delta for outgoing htlcs
This commits exposes the various parameters around going to chain and
accepting htlcs in a clear way.

In addition to this, it reverts those parameters to what they were
before the merge of commit d1076271456bdab1625ea6b52b93ca3e1bd9aed9.
2019-04-05 11:36:07 +02:00
Jim Posen
d107627145
contractcourt: remove broadcastRedeemMultiplier
The multiplier doesn't make sense because funds may be equally at risk
by failing to broadcast to chain regardless of whether the HTLC is a
redeem or a timeout.
2019-03-26 14:31:51 +01:00
Conner Fromknecht
29f07a58cb
cnct+lnwl+hswc: use lntypes.Preimage for witness beacon 2019-02-19 17:06:00 -08:00
Conner Fromknecht
30f61b7630
multi: make AddPreimage variadic, optimistically compute key
In this commit, we modify the WitnessCache's
AddPreimage method to accept a variadic number
of preimages. This enables callers to batch
preimage writes in performance critical areas
of the codebase, e.g. the htlcswitch.

Additionally, we lift the computation of the
witnesses' keys outside of the db transaction.
This saves us from having to do hashing inside
and blocking other callers, and limits extraneous
blocking at the call site.
2019-02-19 17:05:04 -08:00
Joost Jager
55aee9c703
cnct: expose non-incubating htlcs after channel force close
In this commit we fix a reporting gap that previously existed for htlcs
that were still contested.
2019-02-01 09:36:47 +01:00
Joost Jager
9abe06f3c8
cnct: finish channel arbitrator in StateFullyResolved
Previously the arbitrator wasn't advanced to the final stage after
the last contract resolved.

Also channel arbitrator now does not ignore a log error anymore
unresolved contracts cannot be retrieved.
2019-02-01 09:10:04 +01:00
Wilmer Paulino
974e0f2df5
cnct: make original htlc amt available for contract resolvers
Previously, contract resolvers that needed to publish a second level tx,
did not have access to the original htlc amount.

This commit reconstructs this amount from data that is already persisted
in arbitrator log.

Co-authored-by: Joost Jager <joost.jager@gmail.com>
2019-01-22 20:47:17 -08:00
Wilmer Paulino
93754f8d37
lnwallet: add HtlcPoint() resolution helper methods
Co-authored-by: Joost Jager <joost.jager@gmail.com>
2019-01-22 20:47:13 -08:00
Wilmer Paulino
865f7568d6
cnct: extract relaunching of resolvers to method
Co-authored-by: Joost Jager <joost.jager@gmail.com>
2019-01-22 20:46:14 -08:00
Wilmer Paulino
60036aca1d
contractcourt/channel_arbitrator: prevent force closing same channel twice
In this commit, we prevent the ChainArbitrator from sending a force
close request for a channel if it has previously already sent one. We do
this to prevent blocking the caller of ForceCloseContract.
2018-12-10 20:37:58 -08:00
Olaoluwa Osuntokun
6afee3d099
Merge pull request #1856 from maurycy/typos
multi: fix various typos in comments
2018-09-27 20:38:10 -07:00
Johan T. Halseth
3a67fe2552
contractcourt+server: make IncubateOutputs take broadcastHeight 2018-09-20 12:54:48 +02:00
maurycy
ac24b12bf2
multi: fix various typos in comments 2018-09-07 06:51:49 +02:00
Conner Fromknecht
d706e40ff7
contractcourt/channel_arbitrator: handle onchain close race on restart 2018-09-03 23:12:57 -07:00
Johan T. Halseth
4933120d38
contractcourt/channel arbitrator: add coopCloseTrigger on startup for pendingClose channel 2018-08-23 10:04:43 +02:00
Johan T. Halseth
ed5db96e05
contractcourt/channel_arbittrator: ignore noResolutions error on startup 2018-08-23 00:03:22 +02:00
Johan T. Halseth
f2a033e965
contractcourt/channel_arbitrator: override trigger on startup if IsClosing
At ChannelArbitrator startup we now check the database close status of
the channel. If we detect that the channel is closed, but our state
machine hasn't advanced to reflect that (possibly because of a shutdown
before the state transition was finished), we manually trigger the state
transition to recover.
2018-08-23 00:03:22 +02:00
Johan T. Halseth
1758ad829f
contractcourt/[chain|channel]_arbitrator: define IsPendingClose 2018-08-23 00:03:22 +02:00
Johan T. Halseth
75df58c68b
contractcourt: move responsibility for closing force closes to chanArb
This commit moves the responsibility for closing local and remote force
closes in the database from the chain watcher to the channel arbitrator.

We do this because we previously would close the channel in the
database, before sending the event to the channel arbitrator. This could
lead to a situation where the channel was marked closed, but the channel
arbitrator didn't receive the event before shutdown. As we don't listen
for chain events for channels that are closed, those channels would be
stuck in the pending close state forever, as the channel arbitrator
state machine wouldn't progress.

We fix this by letting the ChannelArbitrator close the channel in the
database. After the contract resolutions are logged (in the state
callback before transitioning to StateContractClosed) we mark the
channel closed in the database. This way we make sure that it is marked
closed only if the resolutions have been successfully persisted.
2018-08-23 00:03:21 +02:00
Johan T. Halseth
ad1d78884a
contractcourt: move responsibility for closing coop close channel to chanArb 2018-08-23 00:03:21 +02:00
Johan T. Halseth
3549f2bc17
contractcourt/[channel|chain]_arbitrator: define MarkChannelClosed 2018-08-22 23:51:04 +02:00
Johan T. Halseth
06c683d48d
contractcourt/channel_arbitrator: move next state commit out of stateStep 2018-08-22 23:51:04 +02:00
Johan T. Halseth
6df302d7f5
contractcourt/channel_arbitrator: remove state callback
This commit removes the state callback, and instead logs the contract
resolutions directly after receiving the unilateral close event. The
resolutions won't change so there's not really necessary to wait to log
them, and this greatly simplifies the code.
2018-08-22 23:51:04 +02:00
Johan T. Halseth
245dae0071
contractcourt/channel_arbitrator: properly commit to next state 2018-08-22 23:51:04 +02:00
Olaoluwa Osuntokun
c6950fcc2f
contractcourt: update channel arbitrator unit tests due to recent API changes 2018-07-31 21:29:01 -07:00
Wilmer Paulino
d26050f711
contractcourt: use MarkChannelResolved for coop channel closures
In this commit, we alter cooperative channel closures to also use
MarkChannelResolved in order to unify the logic for the different types
of channel closures.
2018-07-17 17:35:28 -07:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
Johan T. Halseth
d787e74125
contractcourt/channel_arbitrator: stop block epoch on channel attendant exit 2018-06-21 11:13:46 +01:00
Johan T. Halseth
327420d854
contractcourt/channel_arbitrator: Cancel block epoch in case of error in Start() 2018-06-19 12:20:30 +01:00
maurycy
3be08e69cf multi: 64bit aligment of atomic vars on arm/x86-32 2018-06-04 20:02:34 -07:00
Johan T. Halseth
1f746c3fda
contractcourt/chan_arb: specify that ForceCloseChan removes link from
switch
2018-05-25 06:54:05 +02:00
Johan T. Halseth
ddf62bbeea
contractcourt/channel_arbitrator: remove unused transationTrigger 2018-04-25 09:37:25 +02:00
Johan T. Halseth
5f1da5b5f4
contractcourt/channel_arbitrator: remove unused CloseChannel method from config 2018-04-25 09:37:24 +02:00
Johan T. Halseth
70e8087731
contractcourt/channel_arbitrator: mark channel commitment broadcasted instead of closed after broadcast 2018-04-25 09:37:24 +02:00
Johan T. Halseth
d2d87758f7
contractcourt/channel_arbitrator: only act on close signal from chain_watcher
This commit changes the channel arbitrator state machine to only care
about commitment transactions that are being confirmed on-chain
according to the chain_watcher. This is meant to handles the cases where
we would broadcast our commitment, expecting it to get confirmed, but
instead a competing transaction was confirmed.

This commit readies the ChannelArbitrator state machine for the change
that will make the ChainWatcher only notify on confirmed commitments.

The state machine has gotten a new state, StateCommitmentBroadcasted,
which we'll transition to after we have broadcasted our own commitment.
From this state we'll go to the StateContractClosed state regardless of
which commitment the ChainWatcher notifies about, unifying the contract
resolution betweee the local and remote force close.
2018-04-25 09:37:23 +02:00
Johan T. Halseth
a60e621b5f
contractcourt/channel_arbitrator: specify that height is triggerHeight, advance from height of event not current height 2018-04-25 09:37:23 +02:00
Johan T. Halseth
40b8cf0adb
contractcourt/channel_arbitrator: rename UnilateralClose -> RemoteUnilateralClose 2018-04-25 09:37:22 +02:00
Johan T. Halseth
24e8bace9c
contractcourt/channel_arbitrator: add missing return after forceClose request 2018-04-25 09:37:21 +02:00
Johan T. Halseth
0b2e6d1776
contractcourt/channel_arbitrator: removed unused bestHash parameter 2018-04-25 09:37:21 +02:00
Johan T. Halseth
9b9fada675
contractcourt: remove unecessary contractRes check
This commit removes a short circuit checking if the contract resolver
after a unilateral close is empty. After removing this, the state
machine will advance the state from StateDefault->ContractClosed, in
which the stateCallback will be called, logging the state needed to
advance. Since this logged state is empty, the state machine will go
directly to StateFullyResolved, which will trigger the
MarkChannelResolved call. This means the behaviour is kept.
2018-04-25 09:37:21 +02:00
Dimitris Tsapakidis
4009f7f874 multi: fix typos in comments 2018-04-17 19:03:27 -07:00
Johan T. Halseth
c5169a79f5
contractcourt/channel_arbitrator: add missing return on resolver exit
This commit adds a missing return to the resolveContract method, that
will ensure the goroutine exits if the ChannelArbitrator shuts down.
This fixes a potential deadlock during the integration tests.

We also promote some of the logs to Debug from Trace.
2018-04-13 11:33:09 +02:00
Johan T. Halseth
8e77e1e6eb
lnwallet/channel: add NewLocalForceCloseSummary
This commit renames ForceCloseSummary to LocalForceCloseSummary, and
adds a new method NewLocalForceCloseSummary that can be used to derive a
LocalForceCloseSummary if our commitment transaction gets confirmed
in-chain. It is meant to accompany the NewUnilateralCloseSummary method,
which is used for the same purpose in the event of a remote commitment
being seen in-chain.
2018-04-06 09:46:30 +02:00
Johan T. Halseth
d216416db8
contractcourt/channel_arbitrator: ignore ErrDoubleSpend on force close
This commit mitigates a problem within the ChannelArbitrator, where
after a restart we would start up in the state StateBroadcastCommit but
fail to broadcast out commitment because a conflicting transaction (most
likely our own commitment) was already broadcast. A more complete fix
for this case will be added later, but this commit let the
ChannelArbitrator continue, trying to close out the channel.
2018-03-29 11:15:41 +02:00
Johan T. Halseth
2ae1b7dbbe
contractcourt: remove TODO for checking double spends from PublishTx 2018-02-14 12:34:41 +01:00
Daniel McNally
8543497dcc multi: fixing it's/its typos in comments 2018-02-06 19:13:07 -08:00
practicalswift
a93736d21e multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
Olaoluwa Osuntokun
5df6704a9c
contractcourt: make synchronous chain watcher notifications optional
In this commit, we modify the way that notifications are dispatched
within the chainWatcher. Before we would *always* wait for an ack back
before we started to clean up he database state. This would at times
lead to deadlocks. To remedy this, we now allow callers to decide if
they want notifications to be sync or not. The only current caller that
requires this is the breach arbiter.
2018-01-22 19:19:58 -08:00
Olaoluwa Osuntokun
783f01e1c7
multi: fix linter warnings 2018-01-22 19:19:56 -08:00
Olaoluwa Osuntokun
723bfb0eac
contractcourt: channel arbitrators now exit on co-op close of the channel 2018-01-22 19:19:52 -08:00
Olaoluwa Osuntokun
754d1c1c38
contractcourt: when handling a remote force close, use their view of the HTLC's 2018-01-22 19:19:49 -08:00
Olaoluwa Osuntokun
63f7bf4e65
contractcourt: integrate notifications of the chainWatcher with each channel arb
In this commit, we modify the construction of the channel arbitrator to
accept a pointer to an event stream from the chain watcher that’s been
assigned to that channel. As a result, we no longer need a fresh
unilateral close signal, as the one we get from the chain watcher will
*always* be up to date.

For each active channel, we’ll now create a chainWatcher instance that
will be around until the channel is fully closed on chain.
2018-01-22 19:19:48 -08:00
Olaoluwa Osuntokun
d64ffcb6c8
contractcourt: add new ChannelArbitrator struct
In this commit, we add the primary struct of the package with a full
implementation. The duty of the ChannelArbitrator is to watch the set
of active contracts on a comment transaction and act accordingly if any
of their redemption criteria have been met. Potential criteria include:
an HTLC about to time out, and HTLC about to time out that we know the
preiamge to, or the remote party going to chain (forcing us to resolve
all pending contracts on chain).

The primary goroutine of this struct implements a persistent state
machine in order to ensure that mid contract resolution, we’re able to
properly survive restarts without losing our place, or forgetting about
a pending contract.

A ChannelArbitrator will stay alive until all contracts have been fully
resolved. This means that outside sub-systems no longer need to worry
about remembering to mark a channel as fully resolved, as it’s the job
of the ChannelArbitrator to do this task.
2018-01-22 19:19:34 -08:00