Commit Graph

8259 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
94c242073a
lnwallet: finish initial draft of LightningChannel state machine
This commit finishes the initial draft of the commitment state machine.
A full re-write of the prior protocol which combines aspects of the
former ‘lnstate’ package has replaced the prior un-finished
stop-and-wait protocol.

This new protocol is designed to operate in an asynchronous environment
and to facilitate non-blocking batched and pipelined updates to the
committed channel states. The protocol is also de-synchronized meaning
that either side can propose new commitment states independent of the
actions of the other party.

The state machine implemented is very similar to that of c-lightning,
however we allow multiple unrevoked commentates in order to minimize
blocking, and also to reduce latency across several hops in a
bi-directional setting.

The current implementation consists of 3 main data structures: a
commitment chain which consist of unrevoked commitment transactions
(one for each side), and a (mostly) append-only log of HTLC updates
shared between both sides. New commitments proposed index into the log
denoting which updates they include, this allows both parties to
progress chains independent of one another. Revoked commitments, reduce
the length of the chain by one, and free up space within the revocation
window.

At this point only basic tests are in place for the state machine,
however more extensive testing infrastructure along with formal proofs
using PlusCall are planned.
2016-07-05 17:02:03 -07:00
Olaoluwa Osuntokun
8775107454
lnwallet: keep commitments cold at all times, store sig instead
This commit changes prior behavior which stored a “hot” commitment
transaction, meaning one which all the sigScript fully assembled and
able to be broadcast.

Instead, we now store the current signature for our commitment
transaction as a separate field within the database and within memory.
As a result, this eliminates a class of bugs which would erroneously
broadcast a fully loaded commitment transaction, either leading to a
loss of funds, or suspending availability to funds for a period of
time.
2016-07-05 16:55:47 -07:00
Olaoluwa Osuntokun
f03122e697
lnwallet: correct comment in revoke derivation explanation 2016-07-05 16:49:27 -07:00
Olaoluwa Osuntokun
1f7d9b6425
channeldb: also store their current revocation hash
We now also store their current revocation hash which is given to us
along with the revocation key once an initial HTLC is added to a
commitment transaction.
2016-07-05 16:48:31 -07:00
Olaoluwa Osuntokun
06af4b130f
channeldb: remove theirCommitTx, store latest commit sig 2016-07-05 16:44:52 -07:00
Olaoluwa Osuntokun
927db9cfd5
lnd: update the FundingManager to new revoke key funding workflow 2016-06-30 12:15:06 -07:00
Olaoluwa Osuntokun
2c187209eb
lnwallet: update internal wallet reservations to use revoke keys
This update the wallet to implement the new single funder workflow
which uses revocation keys rather than revocation hashes for the
commitment transactions.
2016-06-30 12:13:50 -07:00
Olaoluwa Osuntokun
1b490c52ed
lnwallet: createCommitTx now a revocation key 2016-06-30 12:12:19 -07:00
Olaoluwa Osuntokun
d85719b5a7
lnwallet: add elkrem root derivation function
The derivation is current bed on an HKDF invocation using our private
key as the secret, and the node’s channel multi-sig key as the salt.
This scheme allows us to derive the key on the fly given data known to
only us and the remote node.

The current derivation is just a place-holder and will be re-visited at
a later time.
2016-06-30 12:09:42 -07:00
Olaoluwa Osuntokun
78346c81e7
lnwallet: update reservation workflow to revoke keys
With this commit, the reservation workflow for the single funder use
case is now aware of the usage of revocation keys.

The changes are relatively minor:
  * contributions now have RevocationKeys instead of RevocationHashes
  * CompleteReservationSingle now takes the initiators revocation key
2016-06-30 12:02:51 -07:00
Olaoluwa Osuntokun
6dcefac868
lnwire: update CommitRevocation for revoke key scheme
With this commit a revocation message now carries 3 items:

  1. A pre-image revoking the lowest unrevoked commitment transaction
in the commitment chain.
  2. A new key which extends the current revocation window by 1. This
key is to be used for new commitment transactions.
  3. A new hash which also extends the current revocation window by 1.
This hash is to be used for new HTLC revocation hashes.
2016-06-30 11:59:46 -07:00
Olaoluwa Osuntokun
7c7ed5e638
lnwire: add a LogIndex field to CommitSignature
This commit updates the CommitSignature message to match the latest
version of the state-machine protocol. The log index specifies up to
which index in the receiver’s HTLC log the sender’s signature covers.
2016-06-30 11:58:39 -07:00
Olaoluwa Osuntokun
bba9b665ef
lnwire: all hashes within the protocol are now 32-bytes
We now enforce that the site of all revocation pre-images+hashes (used
for HTLC’s) are now 32-bytes.

Additionally, all payment pre-images are now required to be 32-bytes
not he wire. There also exists a Script level enforcement of the
payment pre-image size at a lower level.

This commit serves to unify the sizes of all hashes/pre-images across
the codebase.
2016-06-30 11:53:21 -07:00
Olaoluwa Osuntokun
fd02c1c1aa
lnwire: update single funder workflow to use revocation keys
This commit updates the messages sent during a single funder workflow
to utilize revocation keys rather than revocation hashes. This now
matches the latest updates to the commitment transaction.

The changes to the workflow are as follows:
  * the response message now carries the responder’s revocation key
  * the complete message now carries the initiator’s revocation key

Once the initiator receives the response message, it can construct both
versions of the commitment transaction as it now knows the responder’s
commitment key. The initiator then sends their initial revocation key
over to the responder allowing it to construct the commitment
transactions and give the initiator a sig for their version.
2016-06-30 11:50:27 -07:00
Olaoluwa Osuntokun
582b83ada3
channeldb: update channel state to revocation keys + new elkrem API
This commit updates the stored on-disk channel state to store a current
revocation key rather than a revocation hash. This change coincides
with the new commitment transaction format which uses revocation keys
rather than hashes.

Additionally, this commit updates the decoding/encoding of local+remote
elkrem trees to the latest changes in the elkrem API.
2016-06-30 11:40:12 -07:00
Olaoluwa Osuntokun
381474fc8e
elkrem: add method to export sender root
As noted in the comment on the method, this serialization method isn’t
strictly necessary assuming the root is derived via a cryptographically
secure, yet deterministic procedure. The method is supplied only for
convenience.
2016-06-30 11:34:53 -07:00
Olaoluwa Osuntokun
14f12fbb7d
elkrem: remote commented out encode/decode for sender 2016-06-30 11:32:11 -07:00
Olaoluwa Osuntokun
102a0f6689
elkrem: sync with upstream onehop branch
This commit syncs the version of elkrem currently checked into master
with the version that has been developed in the upstream master branch.
2016-06-29 16:55:49 -07:00
Olaoluwa Osuntokun
96667cbc4a
cmd/lncli: update action func to new upstream signature
The upstream cli repo has changed the signature for the ‘Action’ to
return an additional error. Thankfully this was done in a backwards
compatible manner.

This commit updates all the command action functions to adhere to the
new function signature.

In the future we’ll have proper dependency management so cases like
this will be avoided all together.
2016-06-29 13:01:40 -07:00
Olaoluwa Osuntokun
f7543b39a4
lnstate: remove package
This commit removes the lnstate package. The package was originally
created by Joseph to draft some ideas he was developing w.r.t to the
Lightning Network link-layer protocol. However, we recently *completely
re-designed* the protocol after an involved white-board session.
Therefore, this package can now be removed as it’s obsolete.

A series of commits will be landing in the near future which implement,
test, and hookup this new and improved wire protocol.
2016-06-29 11:33:56 -07:00
Olaoluwa Osuntokun
f3a6f8ffe6
lnd: implement the sendcoins RPC request
This commit implements the “send coins” RPC request which was
introduced at both the lnrpc and command line level in a prior commit.

A small refactoring has taken place w.r.t to sendmany+sendcoins in
order to eliminate some code duplication.
2016-06-29 11:31:34 -07:00
Olaoluwa Osuntokun
e391cf088e
cmd/lncli: add support for the sendcoins RPC 2016-06-29 11:29:29 -07:00
Olaoluwa Osuntokun
6e5fb13a0d
lnrpc: add new SendCoins RPC to service
This commit adds a new RPC to the RPC server: “sendcoins”. This RPC is
identical to “sendmany” with one small change: the level of send
parallelization is 1. This is useful when one wishes to simply send
coins to a friend and/or a payment.
2016-06-29 11:28:23 -07:00
Olaoluwa Osuntokun
e22734f9cf
lnwallet: update HTLC+commitment scripts
This commit updates the previous HTLC and commitment scripts to their
current latest evolution.

The HTLC scripts have been optimized for space savings, the
functionality itself has remained relatively unchanged. A trade off was
made to add additional bytes into the sigScript in order to avoid
extraneous CHECKSIG’s. The rationale is that an extra 1-2 bytes in the
sigScript to guide execution, are worthwhile since they’re in the
witness, and witness data may be pruned in the near future.

The primary change is within the commitment transaction itself. Instead
of using revocation hashes, we now use signature based revocation. This
saves space in the Script, and optimizes away an extra hashing
operation. Elkrem/shachain is still used but, we now use the pre-images
to homomorphically derive a public key which the other party will be
able to sign with, once we disclose the pre-image itself.

Finally, we have switched to using SHA-256 everywhere uniformly for
both revocation hashes, and payment hashes. The rationale is that the
output of ripemd160 is too small for modern security margins, and that
other coins/chains are more likely to have SHA-256 implemented, than
ripemd160.

A set of tests has also been included which contain (mostly) exhaustive
tests of all possible redemption paths for both commitment and HTLC.
2016-06-27 11:35:32 -07:00
Olaoluwa Osuntokun
ac8736ff99
lnwallet: convert commitment no-delay output to p2wsh 2016-06-27 11:21:13 -07:00
Olaoluwa Osuntokun
05fb9b5a6d
lnwallet: payment and revocation hashes are now 32 bytes
This unifies some inconstancies across the code-base with hashes being
32 vs 20 bytes. All hashes, whether payment or revocation are now
uniformly 32 bytes everywhere. As a result, only OP_SHA256 will be used
within commitment and HTLC scripts. The rationale for using sha256
instead of hash160 for the HTLC payment pre-image is that alternative
chains are more likely to have sha256 implemented, rather than
ripemd160.

A forthcoming commit will update the current commitment, and HTLC
scripts.
2016-06-26 23:04:14 -07:00
Olaoluwa Osuntokun
1a48db3039
channeldb: stored un-revoked hashes are now 32 bytes 2016-06-26 22:59:02 -07:00
Olaoluwa Osuntokun
914159cb87
lnd: list active channels in response to listpeers cmd 2016-06-22 22:22:44 -07:00
Olaoluwa Osuntokun
e61a03a372
lnd: add support for channel state snapshots in peer 2016-06-22 22:22:09 -07:00
Olaoluwa Osuntokun
2e706f39b9
lnd: delete channel state from db after close 2016-06-22 22:20:37 -07:00
Olaoluwa Osuntokun
77a006f03b
lnwallet: ChannelPoint() now returns a pointer to outpoint 2016-06-22 22:15:13 -07:00
Olaoluwa Osuntokun
e17bdf08ea
lnwallet: expose db channel deletion+snapshotting 2016-06-22 22:12:37 -07:00
Olaoluwa Osuntokun
2ea21422b5
lnrpc: make remote_id and channel_point strings in ActiveChannel 2016-06-22 22:06:42 -07:00
Olaoluwa Osuntokun
b88b2d4c91
channeldb: implement snapshots for active channels 2016-06-22 22:05:53 -07:00
Olaoluwa Osuntokun
07bc7bbd42
channeldb: sent internal db pointer in FetchOpenChannels
This commit fixes a bug which would potentially cause a panic if a
channel returned from FetchOpenChannels attempted to access the
internal pointer to the database.

To fix this bug, the pointer is now properly set once the channel has
been loaded from the database.
2016-06-22 22:01:32 -07:00
Olaoluwa Osuntokun
6b53b393df
cmd/lncli: add json attribute tag for anonymous ChannelPoint struct 2016-06-22 21:48:39 -07:00
Olaoluwa Osuntokun
210c32d890
channeldb: add doc strings to finalize funcs/structs 2016-06-22 17:15:52 -07:00
Olaoluwa Osuntokun
f1f27b2046
channeldb: add ability to close active channels
This commit introduces the concept of “closing” an already active
channel. Closing a channel causes all the channel state to be purged
from the database, and also triggers the creation of a small “summary”
kept concerning details of the previously open channel.

This commit also updates the previous test case(s), and includes the
close channel bucket in the database deletion in the .Wipe() method.
2016-06-22 16:16:43 -07:00
Olaoluwa Osuntokun
7e09a70706
cmd/lncli: properly reverse user txid input
This commit fixes a bug introduced within a prior commit. The prior
commit failed to drollery reverse the txid string taken in as user
input, therefore in order to properly close a channel, the user needed
to manually reverse the txid themselves.

With this change, `wire.NewShaHashFromStr` is used which properly
reverses the string within the constructor. This allows the string
reported not be directly used to the close an active channel.

This commit also corrects a few logging messages.
2016-06-22 11:10:33 -07:00
Olaoluwa Osuntokun
8066195d23
cmd/lncli: implement remaining RPC commands
Currently positional arguments *are not* supported, and all arguments
must be passed via unix-style command line arguments.

In a later commit support for concurrent positional, and manually
specified arguments will be added.
2016-06-21 13:14:19 -07:00
Olaoluwa Osuntokun
cf32b07f61
lnrpc: recompile protobufs to new RPC spec 2016-06-21 13:14:10 -07:00
Olaoluwa Osuntokun
1188fd2bf6
lnd: implement open+close channel workflow in daemon
This commit adds the necessary plumbing within the server, peer, and
rpcServer to handle opening and cooperatively closing a channel with a
remote peer.

Many new data structures have been added to the peer in order to allow
it to efficiently manage opening+.losing new/existing lightning
channels. Additional documentation has been added to several methods
within the peer struct, with some minor renaming along with way. The
peer has also gained a dedicated goroutine whose job it is to manage
any requests pertaining to opening, or closing any channels with the
remote peer.

The messages have been added to lnrpc define the requests and responses
to channel open+close messages. Additional channel logic has been added
between the rpcServer, peer, and server in order to properly manage the
necessary synchronization.
2016-06-21 13:14:05 -07:00
Olaoluwa Osuntokun
9ef7e23384
lnd: implement connectpeer and listpeers RPC calls 2016-06-21 13:14:01 -07:00
Olaoluwa Osuntokun
c7e9bb8c58
lnrpc: implement wallet balance RPC call 2016-06-21 13:13:57 -07:00
Olaoluwa Osuntokun
9c0566cb42
lnd: create logger for fundingManger add closures 2016-06-21 13:13:53 -07:00
Olaoluwa Osuntokun
31e5466692
lnd: introduce the fundingManager
This commit introduces the fundingManger which is used as a bridge
between the wallet’s internal ‘ChannelReservation’ workflow, and the
wire protocol’s funding messages.

 The funding manger is responsible for progressing the workflow, and
communicating any errors generated during the workflow back to the
source peer.
2016-06-21 13:13:49 -07:00
Olaoluwa Osuntokun
25577b6cd5
lnwallet: add test cases for single funder workflow
This commit adds additional test cases to test both cases (initiator vs
responder) for a single funder channel workflow. Additionally, the
previous dual funder tests have been extended in order to detect proper
funding channel broadcast, and the ChainNotifier’s role in notifying
upstream callers that a funding transaction has been embedded in the
chain at a sufficient depth.

At this point the tests certainly need to be cleaned up. bobNode should
be replaced with a second instance of the wallet modeling a remote
peer.
2016-06-21 13:13:45 -07:00
Olaoluwa Osuntokun
3a14fe8ba5
lnwallet: add support for single funder workflow
This commit modifies the existing workflow to add additional paths to
be used when on the responding side of a single funder workflow.

Additionally, several bugs encountered within the existing dual funder
workflow logic have been fixed, and modified to account for the wallet
being on the igniting side of a single funder workflow.
2016-06-21 13:13:41 -07:00
Olaoluwa Osuntokun
4a6a2d6cd4
lnwallet: correct inputs scripts for nested P2SH spend
The previous logic incorrectly assumed the returned address was already
a p2wkh address. Instead, a p2sh address was returned. So we now
correctly craft both the sigScript and witness stack for a nested p2sh
spend.
2016-06-21 13:13:33 -07:00
Olaoluwa Osuntokun
d52955b146
lnwallet: extract coin selection to distinct method
This is required since for single funder channels, we don’t contribute
any funds so we don’t need to select any change or coins for input into
the funding transaction.
2016-06-21 13:13:29 -07:00