Commit Graph

10224 Commits

Author SHA1 Message Date
Conner Fromknecht
a0e54a9650
watchtower/lookout: use correct to-local-penalty size for anchors
This commit fixes the to-local-witness estimate to use the correct
witness size estimate for anchor channels. We retain the off-by-one bug
from the original constant otherwise.
2020-09-15 12:48:23 -04:00
Conner Fromknecht
d440cc4024
watchtower/lookout/justice_descriptor: anchor justice txn
This commit modifies the JusticeDescriptor to support creation of
justice transactions spending from anchor commitments. Rather than the
unencumbered p2wkh scripts from before, the tower will now use the
to-remote-confirmed that includes the additional CSV delay of 1. This
also requires setting the sequence number appropriately on the to-remote
input.
2020-09-15 12:44:00 -04:00
Conner Fromknecht
cfbde5d2ce
watchtower/lookout/justice_descriptor_test: use require 2020-09-15 12:43:52 -04:00
Conner Fromknecht
ac2e1d7d96
watchtower/blob/justice_kit: conditional anchor to-remote script
This commit modifies the ToRemoteWitnessScript function to be
conditioned on the blob type, and return either the legacy or anchor
to-remote script. The same witness satisfies either script, so no
changes are necessary to ToRemoteWitnessStack.
2020-09-15 12:43:44 -04:00
Conner Fromknecht
ffe15e2820
watchtower/blob/justice_kit: add BlobType to JusticeKit struct
This is preparation for later commits where the values returned by
member methods will need to be conditioned on the blob type used during
decryption.
2020-09-15 12:43:37 -04:00
Conner Fromknecht
b82695dbcc
watchtower/blob/justice_kit_test: convert to require
This is also a prepatory step to making
TestJusticeKitRemoteWitnessConstruction parameteried by the blob type so
we can test both anchor and legacy witness construction.
2020-09-15 12:43:26 -04:00
Conner Fromknecht
0477c80732
watchtower/blob/type: add new FlagAnchorChannel 2020-09-15 12:43:20 -04:00
Conner Fromknecht
ed67ce7678
watchtower/blob/type: remove use of iota for flag constants 2020-09-15 12:43:06 -04:00
Johan T. Halseth
b8eb41f947
Merge pull request #4591 from hsjoberg/walletloader-unload
lnd: Call loader.UnloadWallet on shutdown
2020-09-15 13:54:46 +02:00
Joost Jager
cf6eee80db
Merge pull request #2428 from joostjager/letsencrypt
lnrpc: let's encrypt certificates
2020-09-15 13:08:15 +02:00
Oliver Gugger
904055cf4f
Merge pull request #4601 from guggero/psbt-final-tx-raw
PSBT funding: allow final TX to be specified as raw wire format transaction
2020-09-15 10:07:52 +02:00
Joost Jager
403d72b468
lnrpc: lets encrypt
This commit enables lnd to request and renew a Let's Encrypt
certificate. This certificate is used both for the grpc as well as the
rest listeners. It allows clients to connect without having a copy of
the (public) server certificate.

Co-authored-by: Vegard Engen <vegard@engen.priv.no>
2020-09-15 09:59:09 +02:00
Oliver Gugger
107e135df9
itest: test PSBT funding flow with raw final TX
As we already create two channels in our PSBT funding flow itest we can
easily just submit the final transaction for the second channel in the
raw wire format to test this new functionality.
2020-09-15 08:30:23 +02:00
Oliver Gugger
5375f88b55
lnwallet+rpcserver: allow final raw tx to be specified
With this commit we allow the final transaction of a PSBT funding flow
to also be specified as a raw wire format transaction.
2020-09-15 08:30:23 +02:00
Oliver Gugger
1c832cbce7
chanfunding: verify inputs are signed in raw tx 2020-09-15 08:30:22 +02:00
Oliver Gugger
d581cd02fc
chanfunding: extract FinalizeRawTX into own method
As a preparation to also allow the final TX to be specified in the raw
wire format, we extract the check of the final transaction into its own
method.
2020-09-15 08:30:22 +02:00
Oliver Gugger
154dc1af66
lncli: allow final transaction as raw hex in PSBT funding flow 2020-09-15 08:30:21 +02:00
Oliver Gugger
c4ada8a592
lnrpc: add final raw TX to PSBT finalize 2020-09-15 08:30:21 +02:00
Oliver Gugger
7f68649b44
mod: update btcwallet and psbt library version 2020-09-15 08:29:56 +02:00
Olaoluwa Osuntokun
ffe7c3e626
Merge pull request #4473 from yyforyongyu/allow-no-auth-private-addr
lncfg: allow no auth on private addresses
2020-09-14 19:03:27 -07:00
András Bánki-Horváth
dea6d91431
Merge pull request #4603 from bhandras/fix_help
config: prevent displaying usage twice if --help was requested
2020-09-14 18:58:21 +02:00
Andras Banki-Horvath
b778b25866
config: prevent displaying usage twice if --help was requested 2020-09-14 15:18:41 +02:00
Joost Jager
999ffffa37
lnd: join imports to form three groups
In line with https://github.com/pavius/impi
2020-09-14 14:52:07 +02:00
Oliver Gugger
9ea836c237
Merge pull request #4614 from guggero/printmacaroon-fix
lncli: print all permission actions
2020-09-14 13:41:05 +02:00
András Bánki-Horváth
d62b93e012
Merge pull request #4607 from bhandras/routing_experiments
lncli: add outgoing_chanid to queryroutes
2020-09-14 13:26:56 +02:00
Carla Kirk-Cohen
db0802bc8d
Merge pull request #4440 from carlaKC/4165-ratelimit
chanfitness: Rate limit in memory events based on peer flap rate
2020-09-14 13:11:07 +02:00
Hampus Sjöberg
6dd1555e66 lnd: Call loader.UnloadWallet on shutdown
This is required to make restart work for LndMobile builds.
Not calling UnloadWallet would make `UnlockWallet` stall forever as
the file is already opened.
2020-09-14 12:32:48 +02:00
Andras Banki-Horvath
4ffe744364
lncli: add outgoing_chanid to queryroutes 2020-09-14 11:36:06 +02:00
Oliver Gugger
384ab9f616
lncli: print all permission actions
Due to a misunderstanding about how the entities/actions are encoded
inside the macaroon, only the first action was printed per entity.
Even though we add them as separate pairs in the macaroon service (for
example "offchain:read" and "offchain:write"), they are grouped in the
serialized macaroon ("offchain:read,write").
2020-09-14 10:55:19 +02:00
Conner Fromknecht
c704c5747a
Merge pull request #4558 from halseth/anchors-spec
[anchor commitment] Make the anchor commitment type spec compliant
2020-09-11 15:43:56 -04:00
Conner Fromknecht
3c606bd9c0
Merge pull request #4542 from Crypt-iQ/mock_signer_cleanup_0817
multi: remove mock.go
2020-09-11 13:16:17 -04:00
Johan T. Halseth
bf18929f0e
peer/brontide: fix pubkey log 2020-09-11 11:10:58 +02:00
Johan T. Halseth
a48c369250
lnwallet: check coop close fee negative balance
Also modify the test to check for this condition.
2020-09-11 11:10:58 +02:00
Johan T. Halseth
09a126b29f
lnwallet: add anchor size back to balance on coop close
To be spec compliant, we require the initiator to not pay the anchor
values into fees on coop close. We extract the balance calculation into
commitment.go, and add back the value of the anchors to the initiator's
balance.
2020-09-11 11:10:58 +02:00
Johan T. Halseth
07a57ae778
lnwallet: extract coop close balance calc into method 2020-09-11 11:10:58 +02:00
Johan T. Halseth
724f439b0b
lnwire: update anchor bit to spec 2020-09-11 11:10:58 +02:00
Johan T. Halseth
517fcd691a
channeldb: correct anchor comment 2020-09-11 11:10:58 +02:00
Olaoluwa Osuntokun
bc6e528887
Merge pull request #4604 from janoside/fix-sample-conf
docs: fix "tor.active" item in sample-lnd.conf
2020-09-10 18:49:24 -07:00
Olaoluwa Osuntokun
f80549d6e5
Merge pull request #4464 from guggero/macaroon-interceptor
Advanced macaroons 2/2: Custom macaroon validator for external subservers
2020-09-10 12:49:34 -07:00
Oliver Gugger
061040c57b
rpcserver: export MainRPCServerPermissions
To be able to properly delegate requests to the correct component in LiT we
need to know all URIs of lnd and the other subservers.
2020-09-10 10:25:38 +02:00
Oliver Gugger
8988a01d7e
lnd+rpcserver: allow external subservers to specify macaroon validator
Give the external subservers the possibility to also use their own
validator to check any macaroons attached to calls to their registered
gRPC URIs.
This allows them to have their own root key ID database and permission
entities.
2020-09-10 10:24:10 +02:00
Oliver Gugger
c3227057f4
macaroons: allow external validators to be registered
When external subservers register themselves to be served through the
same gRPC interface as the main lnd RPC, their requests are also
intercepted by the main lnd macaroon interceptor.
If the external subservers want to use their own macaroons that are
independent of lnd's, they need a way to overwrite the default validator
of the macaroon interceptor. We add this mechanism with the concept of
external validators.
2020-09-10 10:24:09 +02:00
Oliver Gugger
d4c4cf01f0
lnd+macaroons: specify location when creating macaroon service
To allow the macaroon service to be used in other projects, we want the
location to be passed in as a parameter instead of being hard coded.
2020-09-10 10:24:08 +02:00
Dan Janosik
52c7a1519f
docs: fix "tor.active" item in sample-lnd.conf
When starting up with lnd.conf that contains the sample line
"tor.active", lnd crashes and prints the error:

malformed key=value (tor.active)

Using "tor.active=true" instead works as expected.
2020-09-09 16:27:57 -04:00
Oliver Gugger
8668248d96
Merge pull request #4310 from guggero/lncli-profiles
lncli: add profiles for easy multi-node management
2020-09-09 09:00:27 +02:00
carla
e2c0604657
multi: add flap count and last flap time to listpeers 2020-09-08 15:01:06 +02:00
carla
6cf66aea47
chanfitness: cool down flap count for rate limiting
Since we store all-time flap count for a peer, we add a cooldown factor
which will discount poor flap counts in the past. This is only applied
to peers that have not flapped for at least a cooldown period, so that
we do not downgrade our rate limiting for badly behaved peers.
2020-09-08 15:01:02 +02:00
carla
a550ca3d64
multi: store peer flap rate on disk on best effort basis
Since we will use peer flap rate to determine how we rate limit, we
store this value on disk per peer per channel. This allows us to
restart with memory of our peers past behaviour, so we don't give badly
behaving peers have a fresh start on restart. Last flap timestamp is
stored with our flap count so that we can degrade this all time flap
count over time for peers that have not recently flapped.
2020-09-08 13:49:46 +02:00
carla
70bca1f350
chanfitness: add flap count based rate limiting
To prevent flapping peers from endlessly dos-ing us with online and
offline events, we rate limit the number of events we will store per
period using their flap rate to determine how often we will add their
events to our in memory list of online events.

Since we are tracking online events, we need to track the aggregate
change over the rate limited period, otherwise we will lose track of
a peer's current state. For example, if we store an online event, then
do not store the subsequent offline event, we will believe that the
peer is online when they actually aren't. To address this, we "stage"
a single event which keeps track of all the events that occurred while
we were rate limiting the peer. At the end of the rate limting period,
we will store the last state for that peer, thereby ensureing that
we maintain our record of their most recent state.
2020-09-08 13:47:20 +02:00
carla
8b09b2d716
chanfitness: record timestamped flap count for peers
In preparation for storing our flap count on disk, we start tracking
flap count per-peer.
2020-09-08 13:47:19 +02:00