Commit Graph

89 Commits

Author SHA1 Message Date
Conner Fromknecht
d0d2ca403d
multi: rename ReadTx to RTx 2020-05-26 18:20:37 -07:00
carla
75370ce6b4
multi: update WalletController PublishTransaction to include label
Add label parameter to PublishTransaction in WalletController
interface. A labels package is added to store generic labels that are
used for the different types of transactions that are published by lnd.

To keep commit size down, the two endpoints that require a label
parameter be passed down have a todo added, which will be removed in
subsequent commits.
2020-05-19 13:30:00 +02:00
Andras Banki-Horvath
556e3525ea misc: fix error formatting in multiple files 2020-04-24 19:15:08 +02:00
Olaoluwa Osuntokun
071c7cbe78
lnd: convert to use new kvdb abstraction 2020-03-18 19:35:23 -07:00
Johan T. Halseth
ad8e9f30c6
lnwallet+breacharbiter: record local csv delay 2020-03-09 12:59:34 +01:00
Olaoluwa Osuntokun
777ed104a3
chainfee: create new chainfee package extracting fees from lnwallet
In this commit, we create a new chainfee package, that houses all fee
related functionality used within the codebase. The creation of this new
package furthers our long-term goal of extracting functionality from the
bloated `lnwallet` package into new distinct packages. Additionally,
this new packages resolves a class of import cycle that could arise if a
new package that was imported by something in `lnwallet` wanted to use
the existing fee related functions in the prior `lnwallet` package.
2019-10-31 16:41:57 -07:00
Oliver Gugger
fb0051a318
input+sweep: rework witness type into an interface 2019-10-14 15:32:54 +02:00
Olaoluwa Osuntokun
a58cfa65ff
lnwallet+breacharbiter: update breach logic to be aware of new commitment format
In this commit, we update the brar logic in the channel state machine,
and also the brar itself to be aware of the new commitment format.
Similar to the unilateral close summary, we'll now blank out the
SingleTweak field in `NewBreachRetribution` if it's a tweakless
commitment. The brar will then use this to properly identify the
commitment type, to ensure we use the proper witness generation function
when we're handling our own breach.
2019-09-25 18:25:58 -07:00
Federico Bond
aea52f4bef multi: replace manual CAS with sync.Once in component start/stop
This guarantees callers that the method will not return until it
has executed completely at least once.
2019-05-30 17:14:04 -03:00
Johan T. Halseth
b53899c43c
lnd: rename package main->lnd 2019-04-23 20:57:33 +02:00
Conner Fromknecht
997aa3ecf0
breacharbiter: detect all spends, add terminal states
This commit modifies the breach arbiter to monitor
all breached inputs for spends and remove them from
the set of inputs to be swept if they are spent to
a terminal state. Prior, we would only watch for
spends on htlcs that may need to transition and
sweep the corresponding second-level htlc.

With these changes, we will no monitor commitment
outputs for spends, as well as spends from the
second level htlcs themselves. If either of these
is detected, we remove them from the set of inputs
to sweep via the justice transaction because there
is nothing the breach arbiter can do.

This functionality will be needed when adding
watchtower support, as the breach arbiter must
detect the case when the tower sweeps on behalf of
the user and stop pursuing the sweep itself. In
addition, this now properly handles the potential
case where somehow the remote party is able to sweep
the their commitment or second-level htlc to their
wallet, and prevent the breach arbiter from trying
to sweep the outputs as it would now.

Note that in the latter event, the internal
accounting may still be incorrect, as it is assumed
that all breached funds return to the victim.
However, these issues will deferred and fixed at a
later date, as the more crucial aspect is that the
breach arbiter doesn't blow up as a result of towers
sweeping channels.
2019-03-19 19:22:35 -07:00
Conner Fromknecht
3641beb002
breacharbiter: capitalize "unable to" error msgs 2019-03-19 19:21:03 -07:00
Joost Jager
9e012ecc93
multi: move Input interface and related code
This commit is a step to split the lnwallet package. It puts the Input
interface and implementations in a separate package along with all their
dependencies from lnwallet.
2019-01-31 13:25:33 +01:00
Olaoluwa Osuntokun
c18e166e03
lnwallet+sweep: extend the WitnessGenerator type to return an InputScript
In this commit, we extend the WitnessGenerator type to now return an
InputScript. This allows it to be more encompassing, as now callers can
expect a sigScript to be populated if the input being swept requires a
sigScript field.

Along the way, we've also renamed input.BuildWitness to
input.CraftInputScript.  We also take a step towards allowing the
sweeper to sweep transactions for n2pwkh outputs. We do so by modifying
the BuiltWitness method to instead return an InputScript. Additionally,
when populating inputs if a sigScript is present, it will now be
populated.
2019-01-09 15:55:19 -08:00
Joost Jager
e43e89514f
sweep+utxonursery+cnct+breacharbiter: add height hint to input
This commit is a preparation for the implementation of remote spend
detection. Remote spends may happen before we broadcast our own sweep
tx. This calls for accurate height hints.
2018-12-18 10:50:11 +01:00
Olaoluwa Osuntokun
1fd3aac925
multi: switch from bolt packge to bbolt package for all imports 2018-11-29 20:33:49 -08:00
Joost Jager
7d69df77ed
sweep: create new Input interface
This commit introduces a common interface for sweep
inputs. It eliminates the type checking from UtxoSweeper.

Also the formerly present Amount() getter is removed. It was redundant
because this value is present in SignDesc().Output.Value as well.
2018-10-17 12:44:33 +02:00
Joost Jager
9fcc7ee390
utxonursery: move spendable output structs to sweep package
This commit moves the output structs to a new package as a
preparation for moving more logic into that package.
2018-10-17 12:44:33 +02:00
Conner Fromknecht
10b35a8f20
main: remove disable log in testing + clean up imports 2018-10-05 13:04:45 +09:00
maurycy
ac24b12bf2
multi: fix various typos in comments 2018-09-07 06:51:49 +02:00
Wilmer Paulino
a63677a381
multi: switch to transaction weight to calculate transaction fees
Due to a recent change within the codebase to return estimated fee rates
in sat/kw, this commit ensures that we use this fee rate properly by
calculing a transaction's fees using its weight. This includes all of
the different transactions that are created within lnd (funding, sweeps,
etc.). On-chain transactions still rely on a sat/vbyte fee rate since it's
required by btcwallet.
2018-08-09 17:29:50 -07:00
Olaoluwa Osuntokun
ab5b8b8fac
breacharbiter: use the pkScript of the breached output for spend ntnfs 2018-07-31 21:28:59 -07:00
Olaoluwa Osuntokun
62ab7424af
breacharbiter: update second level pkScript as well
In this commit, we update the convertToSecondLevelRevoke function to
also upgrade the second level pkScript as well. This is required as
we'll need to use this for a confirmation notification once we sweep the
output in the case that the remote party goes to the second layer.
2018-07-31 21:28:59 -07:00
Olaoluwa Osuntokun
2d421b8e3c
breacharbiter: update breachArbiter to register for conf's using pkScripts 2018-07-31 21:28:51 -07:00
Conner Fromknecht
d41d63a409
breacharbiter: use ToLocalPenaltyWitnessSize for stage 2 htlcs 2018-07-24 22:53:17 -07:00
Johan T. Halseth
57e829f47e
multi: remove mempool bool from RegisterSpendNtfn 2018-07-22 23:09:08 +02:00
Johan T. Halseth
8cff5eae6c
breacharbiter: make the second level check use confirmed spends 2018-07-22 23:09:08 +02:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
Johan T. Halseth
3bdc968f39
breacharbiter: wait on spend events instead of timeout
This commit handles a racy condition within the breacharbiter's justice
tx procedure. For backends that have no mempool we would check if an
HTLC output was spent and then try broadcasting the justice tx, but this
would fail since we wouldn't detect the spend before it was in a block.
The result was that we would continuously attempt to broadcast the
transaction, effectively ending up in an endless (until the second-level
tx actually comfirmed) loop.

Instead we now register for spend notifications in case broadcasting the
transaction fails, and then wait for any of the notifications to be
sent before trying again.

This is a necessary step to be able to make lnd work well only with
confimed transactions, and was a better solution than introducing
timeouts within the broadcast loop (which complicates integration
tests).
2018-06-15 12:11:13 +02:00
maurycy
3be08e69cf multi: 64bit aligment of atomic vars on arm/x86-32 2018-06-04 20:02:34 -07:00
Johan T. Halseth
69a76a808f
breacharbiter: add todo for removing IsPending check 2018-05-23 12:11:19 +02:00
Johan T. Halseth
b9970aec47
breacharbiter: receive breaches to ACK on separate channel
This commit changes how the breachArbiter gets notified about channel
breaches. Previously it would need to SubscribeToChannelEvents to get
get notified if any breach happened, now we send all seen breaches on a
new channel ContractBreaches.

By having the breachArbiter subscribe to channel events, we risked
events getting lost when we were either starting up or shutting down,
since events could happen before we had been able to subscribe, or right
after we had cancelled our subscription.

Now it is the server's responsibility to reliably forward events from
the ChainArbitrator to the breachArbiter, and forward the ACK the
breachArbiter responds with. This makes sure that the messages aren't
lost in the event of starting up or shutting down, since the connection
between the subsystems now are static.

A result of this change is that the internals of the breachArbiter can
be simplified significantly, as we will get all channel breaches
forwarded on one channel. This lets us get rid of the observer
goroutines, and we spin up goroutines handling the channel breaches only
when they happen.
2018-05-02 08:43:30 +02:00
Johan T. Halseth
2fdc5992a4
breacharbiter: rename UnilateralClose -> RemoteUnilateralClose
Also ensure we exit on LocalUnilateralClose.
2018-04-25 09:37:22 +02:00
Johan T. Halseth
8b02064c7b
multi: provide mempool=true to RegisterSpendNtfn 2018-04-03 11:24:07 +02:00
Johan T. Halseth
2fa2b545fc
breacharbiter: reuse spend events instead of re-registering
This commit fixes a broadcast loop within the breach arbiter, that would
occur when HTLC outputs had been taken to the second level. The breach
arbiter would register for a spend event, but would immediately go on to
create and publish the justice, without waiting for the response to be
received on the spend channel. This lead to a race, where the outpoint
could actually already have been spent, but the notification would
arrive after the breach arbiter checked the channel, and publishing the
justice TX would fail because it was a double spend. This would create a
"broadcast loop", as seen in the logs from the integration test
revoked_uncooperative_close_retribution_remote_hodl.

This is fixed by reusing an existing spend event for the outputs,
meaning we will actually receive on the first channel we initiated,
making the broadcast loop more likely to terminate.
2018-03-23 13:36:57 +01:00
Olaoluwa Osuntokun
800eea931f
build+multi: switch from bolt to bbolt
In this commit, we switch from boltbd/bolt to coreos/bbolt as the
former is no longer being actively maintained.
2018-03-10 19:01:13 -08:00
Johan T. Halseth
d4cedc2917
breacharbiter: use EstimateFeePerVSize 2018-02-26 22:42:26 +01:00
Johan T. Halseth
cabc07ea7d
breacharbiter: check ErrDoubleSpend from PublishTransaction 2018-02-14 12:34:42 +01:00
Conner Fromknecht
3021a246f1
breacharbiter: avoid infinite loop in exactRetribution
After a shutdown has been initiated, both registrations
for spend ntfns and publishing txns can fail. The current
behavior in the face of such failures is to continue trying,
which is fine if we are online. However, this causes an
infinite loop during shutdown, and lnd cannot exit since
the routine is tracked by the brar's waitgroup.

A simple fix is to select on the brar's quit channel after
detecting a failure from either, allowing the breach arbiter
to break out of this death cycle.
2018-02-07 17:42:48 -08:00
Olaoluwa Osuntokun
2faafbcd93
breacharbiter: properly account for second-level spends during breach remedy
In this commit, we address an un accounted for case during the breach
remedy process. If the remote node actually went directly to the second
layer during a channel breach attempt, then we wouldn’t properly be
able to sweep with out justice transaction, as some HTLC inputs may
actually be spent at that point.

In order to address this case, we’ll now catch the transaction
rejection, then check to see which input was spent, promote that to a
second level spend, and repeat as necessary. At the end of this loop,
any inputs which have been spent to the second level will have had the
prevouts and witnesses updated.

In order to perform this transition, we now also store the second level
witness script in the database. This allow us to modify the sign desc
with the proper input value, as well as witness script.
2018-01-22 19:20:01 -08:00
Olaoluwa Osuntokun
4e6c816d11
breacharbiter: correct weight estimation for inputs in justice tx
Before this commit, we had the weight estimates flipped. When sweeping
w/o any delay, we’re spending a regular P2WKH output. When we’re
sweeping their CSV delayed output, we’ll using the entire to-local
script, so we need to properly account for that.
2018-01-22 19:20:01 -08:00
Olaoluwa Osuntokun
7b675446f0
breacharbiter: properly accept new incoming channels for watching 2018-01-22 19:20:00 -08:00
Olaoluwa Osuntokun
0d75dde153
breacharbiter: also listen for the co-op chan close signal 2018-01-22 19:19:55 -08:00
Olaoluwa Osuntokun
a0cc1d1b2d
breacharbiter: utilize new channel on-chain event stream to watch for breaches
In this commit, we modify the breach arbiter to no longer require
holding a channel object directly in order to receive new notifications
about possible breaches. Instead, we’ll contact the chain arbiter to
request a new channel event subscription.

As a result of the new architecture, we no longer need to receive a
handoff once the new channel comes online, as the chainWatcher will
always be active and watching the channel until it’s been closed.
2018-01-22 19:19:50 -08:00
Olaoluwa Osuntokun
94504a9d41
breacharbiter: notify the ChainArbitrator of fresh signals for a channel on startup 2018-01-22 19:19:37 -08:00
Olaoluwa Osuntokun
367231320b
breacharbiter: no longer watch for pending close, ChannelArbitrator will
In this commit, we remove all the code win the BreachArbiter that was
dedicated to sweeping output on the remote party’s commitment
transaction, and also responding to unilateral channel closes. We no
longer need to do this, as this is now the duty of the
ChannelArbitrator.
2018-01-22 19:19:36 -08:00
Conner Fromknecht
fb228a0f7d
breacharbiter: reliable handoff from wallet 2018-01-05 13:46:36 -08:00
Matt Drollette
adf0d98194 multi: fix several typos in godoc comments 2017-12-17 18:40:05 -08:00
Olaoluwa Osuntokun
923cbe62a0
breacharbiter: also cancel the channel's observer in case of close, or hand-off 2017-11-23 23:10:16 -06:00
Olaoluwa Osuntokun
1d65839bca
peer: update cooperative closure unit tests to latest negotiation policy
With the new negotiation policy, we instead just need to ensure that
our fee inches closer to the other party’s with each iteration, and
that it’s within the proper bounds.
2017-11-23 23:10:15 -06:00