Commit Graph

149 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
7dea354711
lnwallet: properly handle HTLC settles in channel state-machine
We no longer track HTLC’s by their r-hash within the log into the
index, as we may have multiple HTLC’s that can be redeemed by the same
pre-image. Instead we now use a separate index which is keyed by a
log-index.

Additionally, the SettleHTLC method now also returns the index of the
HTLC being settled which allows the remote party to quickly locate the
HTLC within their log.

This commit also introduces a few trace/debug log messages which will
likely be pruned in the near future
2016-07-12 17:35:57 -07:00
Olaoluwa Osuntokun
06f062e678
lnwallet: sync revocation state after receiving a revocation 2016-07-12 17:32:42 -07:00
Olaoluwa Osuntokun
14d669dfd1
lnwallet: decrease initial revocation window to 4 2016-07-12 17:31:01 -07:00
Olaoluwa Osuntokun
94c242073a
lnwallet: finish initial draft of LightningChannel state machine
This commit finishes the initial draft of the commitment state machine.
A full re-write of the prior protocol which combines aspects of the
former ‘lnstate’ package has replaced the prior un-finished
stop-and-wait protocol.

This new protocol is designed to operate in an asynchronous environment
and to facilitate non-blocking batched and pipelined updates to the
committed channel states. The protocol is also de-synchronized meaning
that either side can propose new commitment states independent of the
actions of the other party.

The state machine implemented is very similar to that of c-lightning,
however we allow multiple unrevoked commentates in order to minimize
blocking, and also to reduce latency across several hops in a
bi-directional setting.

The current implementation consists of 3 main data structures: a
commitment chain which consist of unrevoked commitment transactions
(one for each side), and a (mostly) append-only log of HTLC updates
shared between both sides. New commitments proposed index into the log
denoting which updates they include, this allows both parties to
progress chains independent of one another. Revoked commitments, reduce
the length of the chain by one, and free up space within the revocation
window.

At this point only basic tests are in place for the state machine,
however more extensive testing infrastructure along with formal proofs
using PlusCall are planned.
2016-07-05 17:02:03 -07:00
Olaoluwa Osuntokun
8775107454
lnwallet: keep commitments cold at all times, store sig instead
This commit changes prior behavior which stored a “hot” commitment
transaction, meaning one which all the sigScript fully assembled and
able to be broadcast.

Instead, we now store the current signature for our commitment
transaction as a separate field within the database and within memory.
As a result, this eliminates a class of bugs which would erroneously
broadcast a fully loaded commitment transaction, either leading to a
loss of funds, or suspending availability to funds for a period of
time.
2016-07-05 16:55:47 -07:00
Olaoluwa Osuntokun
f03122e697
lnwallet: correct comment in revoke derivation explanation 2016-07-05 16:49:27 -07:00
Olaoluwa Osuntokun
2c187209eb
lnwallet: update internal wallet reservations to use revoke keys
This update the wallet to implement the new single funder workflow
which uses revocation keys rather than revocation hashes for the
commitment transactions.
2016-06-30 12:13:50 -07:00
Olaoluwa Osuntokun
1b490c52ed
lnwallet: createCommitTx now a revocation key 2016-06-30 12:12:19 -07:00
Olaoluwa Osuntokun
d85719b5a7
lnwallet: add elkrem root derivation function
The derivation is current bed on an HKDF invocation using our private
key as the secret, and the node’s channel multi-sig key as the salt.
This scheme allows us to derive the key on the fly given data known to
only us and the remote node.

The current derivation is just a place-holder and will be re-visited at
a later time.
2016-06-30 12:09:42 -07:00
Olaoluwa Osuntokun
78346c81e7
lnwallet: update reservation workflow to revoke keys
With this commit, the reservation workflow for the single funder use
case is now aware of the usage of revocation keys.

The changes are relatively minor:
  * contributions now have RevocationKeys instead of RevocationHashes
  * CompleteReservationSingle now takes the initiators revocation key
2016-06-30 12:02:51 -07:00
Olaoluwa Osuntokun
f3a6f8ffe6
lnd: implement the sendcoins RPC request
This commit implements the “send coins” RPC request which was
introduced at both the lnrpc and command line level in a prior commit.

A small refactoring has taken place w.r.t to sendmany+sendcoins in
order to eliminate some code duplication.
2016-06-29 11:31:34 -07:00
Olaoluwa Osuntokun
e22734f9cf
lnwallet: update HTLC+commitment scripts
This commit updates the previous HTLC and commitment scripts to their
current latest evolution.

The HTLC scripts have been optimized for space savings, the
functionality itself has remained relatively unchanged. A trade off was
made to add additional bytes into the sigScript in order to avoid
extraneous CHECKSIG’s. The rationale is that an extra 1-2 bytes in the
sigScript to guide execution, are worthwhile since they’re in the
witness, and witness data may be pruned in the near future.

The primary change is within the commitment transaction itself. Instead
of using revocation hashes, we now use signature based revocation. This
saves space in the Script, and optimizes away an extra hashing
operation. Elkrem/shachain is still used but, we now use the pre-images
to homomorphically derive a public key which the other party will be
able to sign with, once we disclose the pre-image itself.

Finally, we have switched to using SHA-256 everywhere uniformly for
both revocation hashes, and payment hashes. The rationale is that the
output of ripemd160 is too small for modern security margins, and that
other coins/chains are more likely to have SHA-256 implemented, than
ripemd160.

A set of tests has also been included which contain (mostly) exhaustive
tests of all possible redemption paths for both commitment and HTLC.
2016-06-27 11:35:32 -07:00
Olaoluwa Osuntokun
ac8736ff99
lnwallet: convert commitment no-delay output to p2wsh 2016-06-27 11:21:13 -07:00
Olaoluwa Osuntokun
05fb9b5a6d
lnwallet: payment and revocation hashes are now 32 bytes
This unifies some inconstancies across the code-base with hashes being
32 vs 20 bytes. All hashes, whether payment or revocation are now
uniformly 32 bytes everywhere. As a result, only OP_SHA256 will be used
within commitment and HTLC scripts. The rationale for using sha256
instead of hash160 for the HTLC payment pre-image is that alternative
chains are more likely to have sha256 implemented, rather than
ripemd160.

A forthcoming commit will update the current commitment, and HTLC
scripts.
2016-06-26 23:04:14 -07:00
Olaoluwa Osuntokun
77a006f03b
lnwallet: ChannelPoint() now returns a pointer to outpoint 2016-06-22 22:15:13 -07:00
Olaoluwa Osuntokun
e17bdf08ea
lnwallet: expose db channel deletion+snapshotting 2016-06-22 22:12:37 -07:00
Olaoluwa Osuntokun
31e5466692
lnd: introduce the fundingManager
This commit introduces the fundingManger which is used as a bridge
between the wallet’s internal ‘ChannelReservation’ workflow, and the
wire protocol’s funding messages.

 The funding manger is responsible for progressing the workflow, and
communicating any errors generated during the workflow back to the
source peer.
2016-06-21 13:13:49 -07:00
Olaoluwa Osuntokun
25577b6cd5
lnwallet: add test cases for single funder workflow
This commit adds additional test cases to test both cases (initiator vs
responder) for a single funder channel workflow. Additionally, the
previous dual funder tests have been extended in order to detect proper
funding channel broadcast, and the ChainNotifier’s role in notifying
upstream callers that a funding transaction has been embedded in the
chain at a sufficient depth.

At this point the tests certainly need to be cleaned up. bobNode should
be replaced with a second instance of the wallet modeling a remote
peer.
2016-06-21 13:13:45 -07:00
Olaoluwa Osuntokun
3a14fe8ba5
lnwallet: add support for single funder workflow
This commit modifies the existing workflow to add additional paths to
be used when on the responding side of a single funder workflow.

Additionally, several bugs encountered within the existing dual funder
workflow logic have been fixed, and modified to account for the wallet
being on the igniting side of a single funder workflow.
2016-06-21 13:13:41 -07:00
Olaoluwa Osuntokun
4a6a2d6cd4
lnwallet: correct inputs scripts for nested P2SH spend
The previous logic incorrectly assumed the returned address was already
a p2wkh address. Instead, a p2sh address was returned. So we now
correctly craft both the sigScript and witness stack for a nested p2sh
spend.
2016-06-21 13:13:33 -07:00
Olaoluwa Osuntokun
d52955b146
lnwallet: extract coin selection to distinct method
This is required since for single funder channels, we don’t contribute
any funds so we don’t need to select any change or coins for input into
the funding transaction.
2016-06-21 13:13:29 -07:00
Olaoluwa Osuntokun
e62fc414cb
lnwallet: add single funder workflow to ChannelReservation
This commit adds 3 methods to lnwallet.ChannelReservation intended to
facilitating a single funder channel workflow between two nodes. A
single funder workflow is characterized as the initiator committing all
the funds to a channel, with the responder only providing public keys,
and a revocation hash.

The workflow remains the same for the initiator of the funding
transaction, however for the responder, the following methods are
instead called in order:
  * .ProcessSingleConribution()
  * .CompleteSingleContribution()
  * .FinalizeReservation()

These methods are required for the responder as they are never able to
construct the full funding transaction, and only receive the out point
of the funding transaction once available.
2016-06-21 13:13:26 -07:00
Olaoluwa Osuntokun
45236fa092
lnwallet: implement cooperative closure for LightningChannel
A cooperative closure of a LightningChannel proceeds in two steps.
First, the party who wishes to close the channel sends a signature for
the closing transaction. Next, the responder reconstructs the closing
transaction identically as the initiator did using a canonical
input/output ordering, and the currently settled balance within the
channel. At this point, the responder then broadcasts the closure
transaction. It is the responsibility of the initiator to watch for
this transaction broadcast within the network to clean up any resources
they committed to the active channel.
2016-06-21 13:13:22 -07:00
Olaoluwa Osuntokun
27e6839060
lnwallet: publicly export constructor for LightningChannel 2016-06-21 13:13:18 -07:00
Olaoluwa Osuntokun
507520cda9
lnwallet: move channelState from channeldb to channel.go 2016-06-21 13:13:14 -07:00
Olaoluwa Osuntokun
fcff17c336
multi: change all imports to roasbeef's forks
This commit will allow the general public to build lnd without jumping
through hoops setting up their local git branches nicely with all of
our forks.
2016-05-15 17:22:37 +03:00
Olaoluwa Osuntokun
c6eedafb9a
lnwallet: update reservation workflow to be segwitty
Only nested p2sh or pure witness outputs are used when selecting coins
for inputs to a funding transaction.

The funding transaction output now uses p2wsh rather than regular p2sh.

All tests have been updated accordingly.
2016-05-03 20:06:58 -07:00
Olaoluwa Osuntokun
4b4c0f73b0
lnwallet: add ListUnspentWitness for funding tx coin selection 2016-05-03 20:06:49 -07:00
Olaoluwa Osuntokun
0e74672797
lnwallet: use InputScripts struct within ChannelReservation
This allows the reservation workflow to support pure witness program
outputs, as well as witness programs nested within p2sh.
2016-05-03 20:06:44 -07:00
Olaoluwa Osuntokun
eeb2887fe9
lnwallet: segwit-ify all scripts and signing utils 2016-05-03 20:06:39 -07:00
Olaoluwa Osuntokun
163eb8dcb8
lnwallet: remove FundingType enum
Removing as segwit is now the path forward.
2016-05-03 20:06:30 -07:00
Tadge Dryja
71231c477c make imports lowercase 2016-04-30 20:24:57 -07:00
Olaoluwa Osuntokun
1a96e4f7a6 lnwallet: default to p2wkh address for generated change+delivery addresses 2016-04-24 20:27:56 -07:00
Olaoluwa Osuntokun
0e607c1939 lnwallet: during shutdown properly wait for all goroutines to exit 2016-04-24 12:39:43 -07:00
Olaoluwa Osuntokun
1e35018e89 lnwallet: fix compile errors against btcd's segwit branch 2016-04-12 21:37:08 -07:00
Olaoluwa Osuntokun
f9a8dcbc9c lnwallet: add ListUnspentWitness to WalletController
This method has been added in order to allow lnd to collect eligible
unspent witness programs outputs from the wallet controller for use as
inputs to the funding transaction.

Additionally, the change address functions now also specify whether the
generated change address should be payable to a witness program or not.
2016-04-12 21:36:41 -07:00
Olaoluwa Osuntokun
10d52611cd lnwallet: introduce WalletController interface as a "base wallet"
The WalletController will serve as a layer of separation between “base”
Bitcoin wallet logic, and the higher level Lightning Network logic. As
a result LightningWallet will no behave as an overly wallet, relying on
the lower wallet for basic services such as new address, signing etc.

Within this higher level lies the awareness of channel types, chain
monitoring, HTLCs, and so on.
2016-03-24 16:19:57 -07:00
Olaoluwa Osuntokun
7420503c7a lnwallet: publicly export WaddrmgrEncryptorDecryptor 2016-03-24 14:32:44 -07:00
Olaoluwa Osuntokun
082a8a34e3 lnwallet: update tests and workflow to new OpenChannel struct 2016-03-24 00:01:35 -07:00
Olaoluwa Osuntokun
983294c444 lnwallet: set OpenChannel's internal db pointer 2016-03-24 00:01:17 -07:00
Olaoluwa Osuntokun
4b16763f4d lnwallet: update channel.go to new OpenChannel fields
Simply to compile, channel.go will be replaced with lnstate soon
enough.
2016-03-24 00:00:59 -07:00
Olaoluwa Osuntokun
fe6d71e95e lnwallet: accept channeldb as a param in constructor
lnwallet is no longer responsible for creating/opening channeldb. The
call is now expected to do so.
2016-03-22 18:48:18 -07:00
Olaoluwa Osuntokun
8feb86c4aa multi: create lnd's logging infrastructure 2016-03-22 18:43:10 -07:00
mkl
e07086a523 Integrate basic configuration functionality 2016-03-22 13:28:56 -07:00
Olaoluwa Osuntokun
1944003fde lnwallet: update to use new btcdnotify.NewBtcdNotifier API 2016-02-26 17:38:31 -08:00
Olaoluwa Osuntokun
25c1b7a491 lnwallet: update chainNotifier assignment to new BtcdNotifier constructor 2016-02-26 17:38:31 -08:00
Tadge Dryja
0d3639435f can sync with segnet in hard mode
lots of changes but they seem to work
2016-02-15 22:13:17 -08:00
Olaoluwa Osuntokun
ab16933575 lnwallet: commit tx should have final sequence num 2016-02-05 20:24:32 -08:00
Olaoluwa Osuntokun
81a4887d11 lnwallet: move lockTimeToSequence to script_utils.go 2016-02-05 20:24:17 -08:00
Olaoluwa Osuntokun
fa05ee9a22 lnwallet: move pubKey comparison for funding output spend into spendMultiSig func
* This change makes the spendMultiSig function testable independent of
the reservation workflow.
2016-02-05 12:33:22 -08:00