In this commit, we begin to enforce a maximum channel commitment fee for
channel initiators when attempting to update their commitment fee. Now,
if the new commitment fee happens to exceed their maximum, then a fee
update of the maximum fee allocation will be proposed instead if needed.
A default of up to 50% of the channel initiator's balance is enforced
for the maximum channel commitment fee. It can be modified through the
`--max-channel-fee-allocation` CLI flag.
In this commit, we add a new build tag protected sub-config for legacy
protocol features. The goal of this addition is to be able to default to
new feature within lnd, but expose hooks at the config level to allow
integration tests to force the old behavior to ensure that we're able to
support both the old+new versions.
htlcs
config: Adding RejectHTLC field in config struct
This commit adds a RejectHTLC field in the config struct in config.go.
This allows the user to run lnd as a node that does not accept onward
HTLCs.
htlcswitch/switch: Adding a field RejectHTLC to the switch config
This commit adds a field RejectHTLC to the switch config. When the
switch receives an HTLC it will check this flag and if the HTLC is not
from the source hop, the HTLC will be rejected.
htlcswitch/switch: adding check for RejectHTLC flag and incomingChanID
This commit adds a check when receiving UpdateAddHTLC. The check looks
for the RejectHTLC flag set and whether the HTLC is from the sourceHop
(the local switch). If the HTLC is not from the sourceHop, then we
reject the HTLC and return a FailChannelDisabled error.
server: adding RejectHTLC field to initialization of switch
lnd_test: adding test for RejectHTLC
This commit adds a test which tests that a node with the --rejecthtlc
flag will reject any onward HTLCs but still can receive direct HTLCs and
can send HTLCs.
Debug invoices are rarely used nowadays, but keep asking for maintenance
every time refactoring in primarily the invoice registry occurs. We have
passed the cost/benefit tipping point, so therefore the debug invoice
concept is removed in this commit.
Previously the debughtlc flag also controlled whether hodl masks were
active. It is safe to remove that additional condition because the hodl
masks are still guarded by the dev build tag.
This commit adds the ignore-historical-filters CLI option, initially
defaulting to false. Users may use this option to prevent lnd from doing
historical gossip dumps to peers that set their `gossip_timestamp_range`
in the past. Enabling this option will result in lower bandwidth and
memory consumption. Down the road the plan is to make this default to
true.
With the introduction of the WatchtowerClient RPC subserver, the lnd
configuration flag to specify private watchtowers for the client is no
longer needed and can lead to confusion upon users. Therefore, we remove
the flag completely, and only rely on the watchtower client being active
through a new --wtclient.active flag.
Start the Prometheus exporter in rpcserver.go if monitoring is enabled through the
build tag. Also allow users to specify what address they want the Prometheus
exporter to be listening on.
This commit exposes the three main parameters that influence mission
control and path finding to the user as command line or config file
flags. It allows for fine-tuning for optimal results.
This commit fixes a bug where it was impossible to run lnd in litecoin's
simnet mode because of code duplication. As a result `numNets > 1`
conditional was always true when running lnd with `cfg.Litecoin.SimNet`
flag.
This commits exposes the various parameters around going to chain and
accepting htlcs in a clear way.
In addition to this, it reverts those parameters to what they were
before the merge of commit d1076271456bdab1625ea6b52b93ca3e1bd9aed9.
This commit adds optional jitter to our initial reconnection to our
persistent peers. Currently we will attempt reconnections to all peers
simultaneously, which results in large amount of contention as the
number of channels a node has grows.
We resolve this by adding a randomized delay between 0 and 30 seconds
for all persistent peers. This spreads out the load and contention to
resources such as the database, read/write pools, and memory
allocations. On my node, this allows to start up with about 80% of the
memory burst compared to the all-at-once approach.
This also has a second-order effect in better distributing messages sent
at constant intervals, such as pings. This reduces the concurrent jobs
submitted to the read and write pools at any given time, resulting in
better reuse of read/write buffers and fewer bursty allocation and
garbage collection cycles.
In this commit, we replace the NoChanUpdates flag with a flag that
allows us to specify the number of peers we want to actively receive new
graph updates from. This will be required when integrating the new
gossiper SyncManager subsystem with the rest of lnd.
In this commit, we add a new config option: `backupfilepath` for the new
SCB implementation. This argument allows users to specify a custom
location for the SCB file such as NFS or distinct partition.
Exposes the three parameters that dictate
the behavior of the channel status manager:
* --chan-enable-timeout
* --chan-disable-timeout
* --chan-status-sample-interval
In this commit, we increase the default trickle delay from 30s to 1m30s.
We do this as before we implement the new INV gossip mechanism, we want
to de-emphasise the quick propagation of updates through the network
which eats up bandwidth.
When Tor is enabled, this change allows manual hidden service
configuration by defaulting to listening for p2p connections on
the loopback address. It also allows overriding this manually
for situations where the Tor daemon is running on another machine,
such as when using Whonix or OnionPi-like systems.
In this commit, we add the glue infrastructure to make the sub RPC
server system work properly. Our high level goal is the following: using
only the lnrpc package (with no visibility into the sub RPC servers),
the RPC server is able to find, create, run, and manage the entire set
of present and future sub RPC servers. In order to achieve this, we use
the reflect package and build tags heavily to permit a loosely coupled
configuration parsing system for the sub RPC servers.
We start with a new `subRpcServerConfigs` struct which is _always_
present. This struct has its own group, and will house a series of
sub-configs, one for each sub RPC server. Each sub-config is actually
gated behind a build flag, and can be used to allow users on the command
line or in the config to specify arguments related to the sub-server. If
the config isn't present, then we don't attempt to parse it at all, if
it is, then that means the RPC server has been registered, and we should
parse the contents of its config.
The `subRpcServerConfigs` struct has two main methods:
`PopulateDependancies` and `FetchConfig`. The `PopulateDependancies` is
used to dynamically locate and set the config fields for each new
sub-server. As the config may not actually have any fields (if the build
flag is off), we use the reflect pacakge to determine if things are
compiled in or not, then if so, we dynamically set each of the config
parameters. The `PopulateDependancies` method implements the
`lnrpc.SubServerConfigDispatcher` interface. Our goal is to allow sub
servers to look up their actual config in this main config struct. We
achieve this by using reflect to look up the target field _as if it were
a key in a map_. If the field is found, then we check if it has any
actual attributes (it won't if the build flag is off), if it is, then we
return it as we expect it to be populated already.
This PR adds the configuration needed to run LND with Litecoin on simnet. The change is minimal and has no impact for users that don't enable this mode. When using this configuration, the user is being warned that this mode is not officially supported.
This commit renames the confusing noencryptwallet
flag to noseedbackup, since this highlights the more
crucial information of the flags behavior to the user.
The description has also been capitalized to urge
the user think twice about what they're doing.
In this commit, we defer creating the base lnd directory until all flag
parsing is done. We do this as it's possible that the config file
specifies a lnddir, but it isn't actually used as the directory has
already been created.
Due to recent changes to the BitcoindClient interface, we now require
the backing bitcoind to use different hosts for its ZMQ raw block and
raw transaction notifications. This was needed as the notification queue
maintained by the bitcoind node would sometimes overflow with
transactions and cause block notifications to be dropped/missed.
In this commit, we expand extractBitcoindRPCParams to account for this.
In the event that the default Tor DNS host wouldn't resolve, it would
prevent `lnd` from starting due to the failed lookup. This should fail
silently as it's only crucial during bootstrapping. However, if the user
has explicitly modified this, we should let them know of the error
immediately.
In this commit, we update all the lncfg methods used to properly pass in
a new resolver. This is required in order to ensure that we don't leak
our DNS queries if Tor mode is active.
In this commit, we update the set of Tor flags to use sane defaults when
not specified. We also include some new flags related to the recent
onion services changes. This allows users to easily get set up on Tor by
only specifying the tor.active flag. If needed, the defaults can still
be overridden.
In this commit, we add a new command line option to allow (ideally
routing nodes) to disable receiving up-to-date channel updates all
together. This may be desired as it'll allow routing nodes to save on
bandwidth as they don't need the channel updates to passively forward
HTLCs. In the scenario that they _do_ want to update their routing
policies, the first failed HTLC due to policy inconsistency will then
allow the routing node to propagate the new update to potential nodes
trying to route through it.
In this commit we add a new command line option (and a sane default) to
allow users to specify the *smallest* inbound channel that they'll
accept. Having a higher-ish limit lets users limit their channels, and
also avoid a series of very low value "spam" channels.
The new option is --minchansize, and expressed in satoshis. If we
receive an inbound channel request for a value smaller than this, then
we'll immediately reject it.
lnd can't detect bitcoind configuration if the config file has spaces around the = character, e.g.:
```
zmqpubrawblock = tcp://127.0.0.1:28332
zmqpubrawtx = tcp://127.0.0.1:28332
rpcuser = rpcuser
```
I had to dig into the source code to understand what was wrong.
This patch solves this problem, bitcoind's config parsing source code can be seen at https://github.com/bitcoin/bitcoin/blob/master/src/util.cpp
Fixed formatting for autopilot config params, as well as added check for
`MaxChannels` param which was presumably a mistaken copypaste from the
`MaxChannelSize' param.
In this commit, we wrap up the prior ones and introduce config
settings, as well as proper generation for a new invoice-only macaroon.
All prior invoice path rules are also properly enforced of this new
invoice.macaroon.
In this commit, we add two new configuration parameters to allow users
to specify the min and max size that the autopilot agent will create.
This is useful as now users can set the values to more or less the same
size, which will allow them to control the size of each created
channel.
Before this commit, if this wasn’t set, then the agent would try to
shove as much money into a channel up until the max chan size. This was
nice on testnet, but on main net, users will likely not want all their
funds to be in a single channel, and instead be distributed across many
channels. With things like AMP, have more channels becomes more
desirable.
In this commit, we ensure all paths to directories and files related to
LND are cleand and expanded before attempting to use them.
For example, in POSIX systems:
- ~/lnd.conf would be expanded to /home/user/lnd.conf
- $HOME/lnd.conf would be expanded to /home/user/lnd.conf
Since we're now able to create a base LND directory that no longer lives
under the OS specific application data directory, we modify
cleanAndExpandPath to replace the `~` in a path to the current user's
home directory, rather than the user's application data directory.
In this commit, we introduce a new flag `--lnddir` that allows us to
set a different base directory, other than the OS specific application
data directory, for all related lnd files and directories.
This commit adds the `tlsextraip` flag to the cli to add an
ip to the generated certificate. This is usefull when using
a loadbalancer to access the node.
This commit adds the `lnnet` package which contains an
implementation of the newly created LightningNet interface which
multiplexes the Dial and DNS-related functions to use net
by default and torsvc if a flag is specified. This modularization
makes for cleaner code.
This commit adds a new interface named NetInterface and two
implementations of it: RegularNet & TorProxyNet. These two structs
are used in config.go in an attempt to clean up the code and
abstract away the dialer and DNS functions.
This commit adds a new module named 'torsvc' which houses all Tor
functionality in an attempt to isolate it and make it reusable in
other projecs. Some additional tweaks were made to config.go and
to the bootstrapper.
This commit adds Tor support. Users can set the --TorSocks flag
to specify which port Tor's SOCKS5 proxy is listening on so that
lnd can connect to it. When this flag is set, ALL traffic gets
routed over Tor including DNS traffic. Special functions for
DNS lookups were added, and since Tor doesn't natively support
SRV requests, the proxySRV function routes connects us to
a DNS server via Tor and SRV requests can be issued directly
to the DNS server.
Co-authored-by: MeshCollider <dobsonsa68@gmail.com>
In this commit, we add an additional constraint to the RPC
configuration parsing. Before this commit, it was possible to start lnd
with either RPC server listening on an external interface *without*
authentication disabled. After this commit, if a user tries to start
the RPC server listening on an external interface without any sort of
RPC authentication, then the daemon will fail to start up.
This commit causes the configuration parser to accept the values of
RPCUser, RPCPass, and (for the bitcoind back-end) ZMQPath configured
in lnd.conf or on the command line ONLY when all are specified. It
causes the configuration parser to look in btcd.conf or bitcoin.conf
ONLY when none are specified, and causes an error to be returned when
only some are specified, as users have done so erroneously and the
lack of clear feedback has caused difficulties.
In this commit, we add 6 new integration tests to test the various
actions that may need to be performed when either side goes on-chain to
fully resolve HTLC’s. Many of the tests are mirrors of each other as
they test sweeping/resolving HTLC’s from both commitment transactions.
This commit removes the `peerport` and `rpcport` config options and
adds `listen`, `rpclisten`, and `restlisten` options to allow setting
one or multiple interfaces to listen on for incoming connections.
It also adds a `nolisten` option to allow disabling the listener for
incoming peer connections.
This commit factors out the btcd and ltcd options into their own sections
similar to neutrino, and adds a bitcoind section as well. Now, you specify
node options similarly to:
--ltcd.rpchost=...
or
--btcd.rpcuser=...
or
--bitcoind.zmqpath=...
For Bitcoin, you specify an alternate back-end to btcd as follows:
--bitcoin.node=bitcoind
or
--bitcoin.node=neutrino
You can also specify the default option:
--bitcoin.node=btcd
For Litecoin, only `btcd` mode is valid, and corresponds to the `ltcd`
section. For example:
--litecoin.node=btcd
--ltcd.rpchost=...
The new code also attempts to read the correct options and auth info
from bitcoin.conf just as it does from btcd.conf/ltcd.conf.
This commit moves the definition of DefaultNumChanConfs into
the chainConfig (such that it is set as e.g.
"--bitcoin.defaultchanconfs"), making it possible to set
individually for different chains.
It also adds the flag DefaultRemoteDelay to the chainConfig,
which can be used to set the CSV delay we will require the remote
to wait before retrieving its own funds in case of an
uncooperative close of the channel.
Both these are set 0 by default (if not specified by the user),
which in that case we will dynamically set the values, scaling
them according to the channel size.
This commit moves the forwarding policy rules for Bitcoin
and Litecoin, previously defined in the chainregistry, to
config.go, making them possible to define by the user.
We validate that the TimeLockDelta set is at least 4, the
other rules we let the user specify arbitrarily, even 0.
In this commit, we increase the default number of confirmations we
require for funding flows from 1 to 3. The value of 1 was rather
unstable on testnet due to the frequent multi-block re-orgs.
Additionally, a value of 3 ensures our funding transaction is
sufficiently buried before we deem is usable.