Commit Graph

4748 Commits

Author SHA1 Message Date
Johan T. Halseth
afccca59c4
lnd_test: add testDataLossProtection
This commit adds the integration test testDataLossProtection, that
ensures that when a node loses state, the channel counterparty will
force close the channel, and they both can recover their funds.
2018-07-31 15:16:24 +02:00
Johan T. Halseth
00154bda24
contractcourt/chain_watcher: attempt dispatchRemoteClose using data loss commitPoint
This commit makes the chainwatcher attempt to dispatch a remote close
when it detects a remote state with a state number higher than our
known remote state. This can mean that we lost some state, and we check
the database for (hopefully) a data loss commit point retrieved during
channel sync with the remote peer. If this commit point is found in the
database we use it to try to recover our funds from the commitment.
2018-07-31 15:16:24 +02:00
Johan T. Halseth
ebed786b2a
htlcswitch/link: inspect sync errors, force close channel
This commit makes the link inspect the error encountered during channel
sync, force closing the channel if we detect a remote data loss.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
410b730778
lnwallet/channel test: add TestChanSyncFailure 2018-07-31 15:16:23 +02:00
Johan T. Halseth
78a4a15bb4
lnwallet/channel: check validity of received commitPoint
This commit adds a check for the LocalUnrevokedCommitPoint sent to us by
the remote during channel reestablishment, ensuring it is the same point
as they have previously sent us.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
a2f2d28d0b
lnwallet/channel: enumerate error cases from remote chain desync
This commit enumerates the various error cases we can encounter when we
compare our remote commit chain to the view the remote communicates to us
via msg.NextLocalCommitHeight.

We now compare this height to our remote tail and tip height, returning
relevant error in case of a unrecoverable desync, and re-send a
commitment signature (including log updates) in case we owe one.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
f1757d6da4
lnwallet/channel: enumerate error cases from local chain desync
This commit enumerates the various error cases we can encounter when we
compare our local commit chain to the view the remote communicates to us
via msg.RemoteCommitTailHeight.

We now compare this height to our local tail height (note that there's
never a local "tip" at this point), returning relevant error in case of
a unrecoverable desync, and re-send a revocation in case we owe one.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
7fb3be84df
lnwallet/channel test: rename ErrCommitSyncDataLoss->ErrCommitSyncLocalDataLoss 2018-07-31 15:16:23 +02:00
Johan T. Halseth
48f1458ae5
lnwallet/channel: define channel sync errors
This commit defines a few new errors that we can potentially encounter
during channel reestablishment:
* ErrInvalidLocalUnrevokedCommitPoint
* ErrCommitSyncLocalDataLoss
* ErrCommitSyncRemoteDataLoss

in addition to the already defined errors
* ErrInvalidLastCommitSecret
* ErrCannotSyncCommitChains
2018-07-31 15:16:23 +02:00
Johan T. Halseth
3825ca71dd
lnwallet/channel: reduce scope of commitSecretCorrect 2018-07-31 15:16:22 +02:00
Johan T. Halseth
6cdf0e2d6e
channeldb/channel: methods for marking borked+dataloss commitPoint in db 2018-07-31 15:16:22 +02:00
Johan T. Halseth
ea6aca26a5
channeldb: make chanStatus unexported
Since the ChanStatus field can be changed from concurrent callers, we
make it unexported and add the method ChanStatus() for safe retrieval.
2018-07-31 15:07:30 +02:00
Johan T. Halseth
b437d03174
fundingmanager test: add TestFundingManagerMaxPendingChannels 2018-07-31 14:53:22 +02:00
Johan T. Halseth
8b6e7b24aa
fundingmanager: count channels pending open when checking MaxPending 2018-07-31 14:53:22 +02:00
Johan T. Halseth
3afa16b7a6
mock: make ListUnspentWitness return new outpoints each call 2018-07-31 14:53:21 +02:00
Johan T. Halseth
5b77ebddb2
lnwallet test: account for funding tx being published by fundingmanager 2018-07-31 14:53:21 +02:00
Johan T. Halseth
b885e8d288
fundingmanager test: check reservation canceled after tx broadcast 2018-07-31 14:53:21 +02:00
Johan T. Halseth
2a77b57788
lnwallet + funding: move funding tx publish to fundingmgr
This commit moves the responsibility for publishing the funding tx to
the network from the wallet to the funding manager. This is done to
distinguish the failure of completing the reservation within the wallet
and failure of publishing the transaction.

Earlier we could fail to broadcast the transaction, which would cause us
to fail the funding flow. This is not something we can do directly,
since the CompeteReservation call will mark the channel IsPending in the
databas.e
2018-07-31 14:53:21 +02:00
Johan T. Halseth
8865bcf3d9
fundingmanager: delete active reservation after channel is in DB
This commit makes sure we delete a pending channel from the set of
activeReservations within the fundingmanager immediately after the
channel is moved to the openChannelBucket in the DB. Previously we
wouldn't do this before the funding tx was confirmed, making it possible
that failing the funding flow at a later point would try to cancel a
non-existent reservation context.
2018-07-31 14:53:21 +02:00
Johan T. Halseth
eed052eba5
lnwallet/channel: extract local balance from spend instead of stored commit 2018-07-31 08:27:03 +02:00
Johan T. Halseth
2626bba105
contractcourt/chain_watcher: use commitPoint directly instead of isPendingCommit 2018-07-31 08:27:03 +02:00
Johan T. Halseth
d9e9b6197c
lnwallet/channel test: take commitPoint in NewUnilateralCloseSummary 2018-07-31 08:27:03 +02:00
Johan T. Halseth
06ceba429f
lnwallet/channel: make NewUnilateralCloseSummary take commitPoint 2018-07-31 08:27:03 +02:00
Johan T. Halseth
f8751350bc
lnd_test: set --nolisten for node being cheated
In this commit we modify the integration tests slightly, by setting the
parties that gets breached during the breach tests to --nolisten. We do
this to ensure that once the data protection logic is in place, they
nodes won't automatically connect, detect the state desync and recover
before we are able to trigger the breach.
2018-07-31 08:27:03 +02:00
Johan T. Halseth
22e21da370
htlcswitch tests: add missing OnChannelFailure to test link configs 2018-07-31 08:27:03 +02:00
Johan T. Halseth
c48ecb85f6
Merge pull request #1657 from cfromknecht/resend-ann-copy-key
discovery/gossiper: copy bolt key to prevent panic
2018-07-31 08:26:23 +02:00
Conner Fromknecht
0efe5ca49d
peer: only pass duration to htlcswitch.NewBatchTicker 2018-07-30 22:33:37 -07:00
Conner Fromknecht
3ed2241a94
htlcswitch/link_test: only pass duration to NewBatchTicker 2018-07-30 22:33:37 -07:00
Conner Fromknecht
5af19bb2b4
htlcswitch/link: reusable BatchTicker
This commit modifies the default BatchTicker
implementation such that it will generate a
new ticker with each call to Start(). This
allows us to create a new ticker after
releasing an old one due to the batch
being empty.
2018-07-30 22:33:37 -07:00
Conner Fromknecht
bd9a6bd625
htlcswitch/link: conditional batch ticker
In this commit, we prevent the htlcManager from
being woken up by the batchTicker when there is no
work to be done. Profiling has shown a significant
portion of CPU time idling, since the batch ticker
endlessly demands resources. We resolve this by only
selecting on the batch ticker when we have a
non-empty batch of downstream packets from the
switch.
2018-07-30 21:44:49 -07:00
Conner Fromknecht
54c4b09f87
discovery/gossiper: copy bolt key to prevent panic
Corrects an instance that holds a reference to a boltdb
byte slice after returning from the transaction. This
can cause panics under certain conditions, which is
avoided by creating a copy of the key.
2018-07-30 18:30:19 -07:00
Olaoluwa Osuntokun
2e6e2a06c1
Merge pull request #1655 from Roasbeef/send-to-route-defense
routing: ensure generateSphinxPacket can handle being passed empty set of routes
2018-07-30 18:56:57 -04:00
Wilmer Paulino
c61b037628 discovery/syncer: store chunk size within gossiperSyncerCfg
In this commit, we allow the gossiper syncer to store the chunk size for
its respective encoding type. We do this to prevent a race condition
that would arise within the unit tests by modifying the values of the
encodingTypeToChunkSize map to allow for easier testing.
2018-07-30 13:49:36 -07:00
Olaoluwa Osuntokun
a6c814010c
routing: exit gracefully if generateSphinxPacket is passed a nil set of hops 2018-07-30 13:41:06 -07:00
Olaoluwa Osuntokun
c903a9a711
routing: add new TestEmptyRoutesGenerateSphinxPacket test 2018-07-30 13:40:25 -07:00
Olaoluwa Osuntokun
205a32380a
Merge pull request #1582 from halseth/lnd-test-assert-waiting-close
[integration tests] assert waiting close also for force closes
2018-07-30 14:51:43 -04:00
Olaoluwa Osuntokun
804598057d
Merge pull request #1643 from cfromknecht/fail-expiry-too-soon
[htlcswitch/link] use FailFinalExpiryTooSoon as exit hop
2018-07-29 23:05:35 -04:00
Conner Fromknecht
d76bacee0e
htlcswitch/link: send FailFinalExpiryTooSoon from exit hop
This commit corrects our exit hop logic to return
FailFinalExpiryTooSoon if the following check is true:
   pd.Timeout-expiryGraceDelta <= heightNow

Previously we returned FailFinalIncorrectCltvExpiry, which
should only be returned if the packet was misconstructed.
2018-07-27 15:52:09 -07:00
Conner Fromknecht
982a09ac60
htlcswitch/link_test: check for FailFinalExpiryTooSoon 2018-07-27 15:50:00 -07:00
Johan T. Halseth
92b0b10dc7
Merge pull request #1613 from halseth/rpctest-increase-timeout
make: if timeout not set, use 20m instead of default 10m
2018-07-26 21:52:13 +02:00
Johan T. Halseth
44982ea98d
make: if timeout not set, use 20m instead of default 10m
go test's default timeout is 10m, which is no longer enough during
integration tests. This commit increases it to 20m.
2018-07-26 13:29:23 +02:00
Johan T. Halseth
45a1fa54d8
lnd_test: check close status also for force closes
This commit makes sure the channels that are force closed also are put
into the state "waiting close" before the commitment transaction is
confirmed, and exits this state when it confirms.

This was previously not checked, as this check was added before the
"waiting close" state was introduced.
2018-07-26 09:18:42 +02:00
Johan T. Halseth
f73a2f362e
lnd_test: correct that Bob can sweep immediately
This commit fixes a flake within the integration tests, where we would
mine a set of blocks before checking if Bob's sweep tx was in the
mempool. Usually this would pass since the blocks were generated before
the tx hit the miner's mempool, but sometimes it was mined and then we
would check the mempool.

This commit fixes this by correctly waiting immediately for Bob to sweep
his funds, as they are not time locked.
2018-07-26 09:18:42 +02:00
Olaoluwa Osuntokun
098cd940e3
Merge pull request #1622 from cfromknecht/hide-hodl-config-production
Hide hodl config production
2018-07-25 20:33:16 -07:00
Olaoluwa Osuntokun
b8c3987fd7
Merge pull request #1618 from cfromknecht/resolver-subscribe-order
contractcourt/contract_resolvers: fix subscribe preimage race
2018-07-25 20:29:14 -07:00
Stefan Menzel
e776a06cfb rpc: disallow a negative invoice amount in AddInvoice 2018-07-25 20:11:46 -07:00
Olaoluwa Osuntokun
8cd6eebadc
Merge pull request #1617 from cfromknecht/to-local-script-size
lnwallet/size: correct commit to-local and 2nd stage script/witness sizes
2018-07-25 17:16:15 -07:00
Conner Fromknecht
a5e841c6b7
htlcswitch/hodl/config_production: hide cli hodl flags in prod
This commit replaces the debug Config struct with an empty
one, so that the command line flags are hidden in production
builds.

Production help before commit:

Tor:
      --tor.active
      --tor.socks=
      --tor.dns=
      --tor.streamisolation
      --tor.control=
      --tor.v2
      --tor.v2privatekeypath=
      --tor.v3

hodl:
      --hodl.exit-settle
      --hodl.add-incoming
      --hodl.settle-incoming
      --hodl.fail-incoming
      --hodl.add-outgoing
      --hodl.settle-outgoing
      --hodl.fail-outgoing
      --hodl.commit
      --hodl.bogus-settle

Help Options:
  -h, --help

Production help after commit:

Tor:
      --tor.active
      --tor.socks=
      --tor.dns=
      --tor.streamisolation
      --tor.control=
      --tor.v2
      --tor.v2privatekeypath=
      --tor.v3

Help Options:
  -h, --help
2018-07-25 03:33:36 -07:00
Conner Fromknecht
0df2bcd18c
htlcswitch/hodl/config_debug: only expose hodl flags in debug
This commit places hodl command line flags behind the debug flag,
so that they're only accessible during testing builds.
2018-07-25 03:30:12 -07:00
Conner Fromknecht
aa6e5bdd2a
contractcourt/contract_resolvers: fix subscribe preimage race
This commit fixes a potential race condition within the
IncomingContestResolver, that could cause us to miss a
preimage that was delivered in time.

Currently we query the db for the preimage, and then
subscribe for notifications. This permits the following
ordering of events:
 - query for preimage, returns nothing
 - preimage is added and delivered to subscribers
 - subscribe to preimages
 - preimage never comes through!!

We fix this by reordering to subscribe for preimages and
then query just in case it already exists. The effect is
that the query will always return a valid read of the
preimages that are currently queued for delivery.
2018-07-25 03:15:51 -07:00