Commit Graph

407 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
8b06817482
lnwallet: modify NewUnilateralCloseSummary to be aware of pending remote commits
In this commit, we modify the NewUnilateralCloseSummary to be able to
distinguish between a unilateral closure using the lowest+highest
commitment the remote party possesses. Before this commit, if the remote
party broadcast their highest commitment, when they have a lower
unrevoked commitment, then this function would fail to find the proper
output, leaving funds on the chain.

To fix this, it's now the duty of the caller to pass remotePendingCommit
with the proper value. The caller should use the lowest unrevoked
commitment, and the height hint of the broadcast commitment to discern
if this is a pending commitment or not.
2018-05-03 21:29:28 -07:00
Conner Fromknecht
cae1d468e7
lnwallet/channel: expose NextLocalHtlcIndex 2018-05-02 01:12:17 -07:00
Olaoluwa Osuntokun
c7c25445eb
lnwallet: add new test to ensure channel is able to update fees in both directions
Closes #1145.
2018-05-01 17:35:42 -07:00
Vegard Engen
d7a254328e Take into account that the new fee will not come in addition to old fee when updating commit fee 2018-04-29 22:42:20 +00:00
Johan T. Halseth
b7bb53a8b8
channeldb/channel: add property ChanStatus in place of IsBorked to OpenChannel
This commit changes the bool `IsBorked` in OpenChannel to a `ChanStatus`
struct, of type ChannelStatus. This is used to indicated that a channel
that is technically still open, is either borked, or has had a
commitment broadcasted, but is not confirmed on-chain yet.

The ChannelStatus type has the value 1 for the status Borked, meaning it
is backwards compatible with the old database format.
2018-04-25 09:37:23 +02:00
Johan T. Halseth
3d0cb16677
lnwallet/channel: clearify that the spendDetails is spending funding outpoint 2018-04-25 09:37:22 +02:00
Dimitris Tsapakidis
4009f7f874 multi: fix typos in comments 2018-04-17 19:03:27 -07:00
practicalswift
663c396235 multi: fix a-vs-an typos 2018-04-17 19:02:04 -07:00
Johan T. Halseth
8e77e1e6eb
lnwallet/channel: add NewLocalForceCloseSummary
This commit renames ForceCloseSummary to LocalForceCloseSummary, and
adds a new method NewLocalForceCloseSummary that can be used to derive a
LocalForceCloseSummary if our commitment transaction gets confirmed
in-chain. It is meant to accompany the NewUnilateralCloseSummary method,
which is used for the same purpose in the event of a remote commitment
being seen in-chain.
2018-04-06 09:46:30 +02:00
Olaoluwa Osuntokun
065b39bc0b
Merge pull request #1025 from Roasbeef/incoming-htlc-breach-retribution
lnwallet+test: properly generate the sender HTLC script in a contract breach scenario
2018-04-05 17:58:31 -07:00
Olaoluwa Osuntokun
f79af461d3
lnwallet: in NewBreachRetribution create the htlcRetributions slice to capacity, not length
In this commit, we fix an existing bug in the NewBreachRetribution
method. Rather than creating the slice to the proper length, we instead
now create it to the proper _capacity_. As we'll now properly filter out
any dust HTLCs, before this commit, even if no HTLCs were added, then
the slice would still have a full length, meaning callers could actually
interact with _blank_ HtlcRetribution structs.

The fix is simple: create the slice with the proper capacity, and append
to the end of it.
2018-04-05 16:19:49 -07:00
Olaoluwa Osuntokun
c393475d39
lnwallet: ensure that we skip dust HTLC's in NewBreachRetribution 2018-04-04 18:41:38 -07:00
Olaoluwa Osuntokun
4e44528bff
lnwallet: fix ordering of keys when we generate the sender script during a breach
In this commit, we fix an existing within lnd. Before this commit,
within NewBreachRetribution the order of the keys when generating the
sender HTLC script was incorrect. As in this case, the remote party is
the sender, their key should be first. However, the order was swapped,
meaning that at breach time, our transaction would be rejected as it had
the incorrect witness script.

The fix is simple: swap the ordering of the keys. After this commit, the
test extension added in the prior commit now passes.
2018-04-04 18:41:37 -07:00
Olaoluwa Osuntokun
1c5d62a804
lnwallet: add new concrete error InvalidHtlcSigError for failed htlc sig validation
In this commit we add a new error: InvalidHtlcSigError. This error will
be returned when we're unable to validate an HTLC signature sent by the
remote party. This will allow other nodes to more easily debug _why_ the
signature was rejected.
2018-04-04 17:41:10 -07:00
Olaoluwa Osuntokun
6103ccb081
lnwallet: ensure we only accept/produce sane commitments
In this commit, we add an additional check within CreateCommitTx to
ensure that we will never create or accept a commitment transaction that
wasn't valid by consensus. To enforce this check, we use the
blockchain.CheckTransactionSanity method.
2018-03-27 15:37:15 -07:00
Johan T. Halseth
a6e7dce7b7
lnwallet/channel: reject received commitment with too many htlc sigs
This commit adds a check that will make LightningChannel reject a
received commitment if it is accompanied with too many HTLC signatures.
This enforces the requirement in BOLT-2, saying:

if num_htlcs is not equal to the number of HTLC outputs in the local commitment transaction:
    * MUST fail the channel.

A test exercising the behaviour is added.
2018-03-22 14:58:22 +01:00
Johan T. Halseth
70b86e596e
lnwallet/channel: use remote dustlimit when generating HTLC sigs
This commit fixes an issue which would arise in some cases when the
local and remote dust limits would differ, resulting in lnd not
producing the expected number of HTLC signatures. This was a result of
checking dust against the local instead of the remote dust limit.

A test exercising the scenario is added.
2018-03-22 14:58:22 +01:00
Johan T. Halseth
263d6b9c1f
lnwallet/channel: don't accept immediately on empty htlc sigs
This commit fixes an issue where we would blindly accept a commitment
which came without any accompanying HTLC signatures. A test exercising
the scenario is added.
2018-03-22 14:58:22 +01:00
Johan T. Halseth
241c79397f
lnwallet/channel: fix crash on receiving too few HTLC sigs
This commit fixes an out of bounds error that would occur in the case
where we received a new commitment where the accompanying HTLC sigs were
too few. Now we'll just reject such an commitment.

A test exercising the behavior is also added.
2018-03-22 14:58:22 +01:00
Conner Fromknecht
d420266911
lnwallet/channel: expose API changes to channel state transitions 2018-03-09 17:35:53 -08:00
Conner Fromknecht
53e4422a2e
lnwallet/channel: integrate fwdpkgs w/ in-mem buffering 2018-03-09 14:45:30 -08:00
Olaoluwa Osuntokun
b8d0df998a
lnwallet: when validating fee updates, ensure newFee < balance 2018-03-08 12:50:49 -05:00
Olaoluwa Osuntokun
ac90a8288e
lnwallet: precalculate fees in mSAT to avoid multiple conversions 2018-03-08 12:50:49 -05:00
Olaoluwa Osuntokun
217166fb10
lnwallet: within validateCommitmentSanity check for balance underflow
In this commit, we add an additional check within
validateCommitmentSanity due to the recent change to unsigned integers
for peer balances in the channel state machine. If after evaluation
(just applying HTLC updates), the balances are negative, then we’ll
return ErrBelowChanReserve.
2018-03-08 12:50:48 -05:00
Olaoluwa Osuntokun
5f5e4554cb
lnwallet: if the initiator is unable to pay fees, then consume their entire output
In this commit, we add logic to account for an edge case in the
protocol. If they initiator if unable to pay the fees for a commitment,
then their *entire* output is meant to go to fees. The recent change to
properly interpret balances as unsigned integers (within the protocol)
let to the discovery of this missed edge case.
2018-03-08 12:50:48 -05:00
Olaoluwa Osuntokun
22ee0a7576
lnwallet: update state machine due to channeldb and SignDescriptor changes 2018-03-06 16:04:02 -05:00
Johan T. Halseth
1f839d2526
lnwallet/channel: denominate in fee rate types 2018-02-26 22:42:25 +01:00
Johan T. Halseth
7b9f098fe6
lnwallet: fully validate all channel constraints in validateCommitmentSanity
This commit introduces changes to the validateCommitmentSanity
function to fully validate all channel constraints.
validateCommitmentSanity now validates that the
MaxPendingAmount, ChanReserve, MinHTLC, & MaxAcceptedHTLCs
limits are all adhered to during the lifetime of a channel.

When applying a set of updates, the channel constraints are
validated from the point-of-view of either the local or the
remote node, to make sure the updates will be accepted.

Co-authored-by: nsa <elzeigel@gmail.com>
2018-02-08 18:35:25 -05:00
Johan T. Halseth
1873fe1381
lnwallet/channel: move common calculation of balance into computeView
This commit moves common logic used to calculate the state
of a commitment after applying a set of HTLC updates, into
the new method computeView. This method can be used when
calculating the available balance, validating the sanity
of a commitment after applying a set of updates, and also
when creating a new commitment, reducing the duplication
of this logic.
2018-02-08 18:35:25 -05:00
Johan T. Halseth
98d28611e4
lnwallet/channel: let evaluateHTLCView take mutate boolean
This commit adds a new boolean parameter mutateState to
evalueteHTLCView, that let us call it without neccessarily
mutating the addHeight/removeHeight of the HTLCs, which is
useful when evaluating the commitment validity without
mutating the state.
2018-02-08 18:35:25 -05:00
Olaoluwa Osuntokun
9c483c38b1
lnwallet: update state machine to use new lnwire.Sig everywhere 2018-02-06 20:14:31 -08:00
Daniel McNally
8543497dcc multi: fixing it's/its typos in comments 2018-02-06 19:13:07 -08:00
practicalswift
a93736d21e multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
Johan T. Halseth
83b368d20e
lnwallet/channel: use remoteACKedIndex instead of logIndex in
availableBalance
2018-02-02 21:16:37 -05:00
Jim Posen
916b83a6ee lnwallet: Implement test vectors from BOLT 03, Appendix C.
Appendix C of BOLT 03 contains a series of test vectors asserting that
commitment, HTLC success, and HTLC timeout transactions are created
correctly. Here the test cases are transcribed to Go structs and
verified.

We also break out some logic need to tests that bypass the constructor
and remove some redundant fields.
2018-01-31 14:30:56 -08:00
Olaoluwa Osuntokun
f85f1f97ca
lnwallet: add the second level witness script to the HtlcRetribution
In this commit, we add the second level witness script to the
HtlcRetribution struct. We do this as it’s possible that we when
attempt to sweep funds after a channel breach, then the remote party
has already gone to the second layer. In this case, we’ll then need to
update our SignDesc and also the witness, in order to do that we need
this script that’ll get us pass the second layer P2WSH check.
2018-01-22 19:19:58 -08:00
Olaoluwa Osuntokun
1604c75a9c
lnwallet: modify CreateCloseProposal to also return the close txid and local balance 2018-01-22 19:19:53 -08:00
Olaoluwa Osuntokun
5bbe126c34
lnwallet: add new NewUnilateralCloseSummary function
In this commit, we add a new function that allows a caller to create a
UnilateralCloseSummary with the proper materials. This will be used
within a new sub-system to be added in a later commit to properly
dispatch notifications when on-chain events happen for a channel.
2018-01-22 19:19:47 -08:00
Olaoluwa Osuntokun
341c1678fc
lnwallet: publicly export NewBreachRetribution 2018-01-22 19:19:47 -08:00
Olaoluwa Osuntokun
30c4196f91
lnwallet: remove the closeObserver from the channel state machine
In this PR, we entirely remove the closeObserver from the channel state
machine. It was added very early on before most of the other aspects of
the daemon were built out. This goroutine was responsible for
dispatching notifications to outside parties if the commitment
transaction was spent at all. This had several issues, since it was
linked to the *lifetime* of the channel state machine itself. As a
result of this linkage, we had to do weird stuff like hand off in
memory pointers to the state machine in order to ensure notifications
were properly dispatched.
2018-01-22 19:19:47 -08:00
Olaoluwa Osuntokun
b5496c52a2
lnwallet: newHtlcResolution now returns both incoming and outgoing HTLC resolutions
In this commit, we’ve added a new HtlcResolutions struct to house both
the incoming and outgoing HTLC resolutions. This struct will now be
coupled with the object that returns when we detect that a commitment
transaction was closed on chain. For incoming HTLC’s, we’ll check the
preimage cache to see if we can claim the HTLC on-chain. If we can,
then we’ll copy of the preimage, and make a proper incoming HTLC
resolution.
2018-01-22 19:19:32 -08:00
Olaoluwa Osuntokun
d98026f579
lnwallet: modify OutgoingHtlcResolution to also account for remote force closes
In this commit, we modify the OutgoingHtlcResolution struct to detect
if this is the remote party’s commitment transaction or not. With this
change, we’ll now be able to properly time out an HTLC that was
detected on the commitment transaction of the remote peer.
Additionally, we now populate the CsvDelay (if local commitment) and
the ClaimOutpoint (as we may be sweeping directly from the commitment
transaction now.
2018-01-22 19:19:32 -08:00
Olaoluwa Osuntokun
bcfe7192d7
lnwallet: add new IncomingHtlcResolution for resolving incoming HTLC's on-chain
In this commit, we add a new IncomingHtlcResolution struct. This is the
opposite of the existing OutgoingHtlcResolution struct. The items in
this new struct allow callers to sweep an incoming HTLC that we know
the preimage to. These will always be created when a commitment goes
on-chain. However, if we know the preimage, then that will be populated
in place of all zeroes in the Preimage field.
2018-01-22 19:19:31 -08:00
Olaoluwa Osuntokun
ecf6d758a2
lnwallet: add distinct CommitOutputResolution for resolving commit outputs on-chain
In this commit, we modify both the ForceCloseSummary, and the
UnilateralClosureSummary to return the items needed to sweep the
commitment output distinctly. By doing this, it’s now possible to pass
a dedicated struct to a sub-system in order to allow it to sweep a
commitment output. As the maturity delay is a part of this new struct,
this tells the caller if this was on the local commitment (CSV
required) or on the remote commitment (no CSV required).
2018-01-22 19:19:31 -08:00
Olaoluwa Osuntokun
42cd2fa5be
lnwallet: add new ActiveHtlcs to channel state machine
In this commit, we’ve added a new method to the channel state machine:
ActiveHtlcs. This method will allow callers to poll the state of the
channel to retrieve the set of HTLC’s active on *both* commitment
transactions.
2018-01-22 19:19:31 -08:00
Olaoluwa Osuntokun
5f6c15cfa4
lnwallet: RevokeCurrentCommitment now returns the set of active HTLC's
In this commit, we modify the RevokeCurrentCommitment method to now
return the set of active HTLC’s. This will be used by callers in the
future to update other sub-systems when the set of HTLC’s on the
commitment changes, and can also be used on the RPC level to
synchronize systems level integration tests.
2018-01-22 19:19:30 -08:00
Olaoluwa Osuntokun
75d2f09d4c
lnwallet: add a PreimageCache instead of a FeeEstimator as LightningChannel dep 2018-01-22 19:19:29 -08:00
Olaoluwa Osuntokun
9a76b3ee58
lnwallet: only forward freshly locked in HTLC's in ReceiveRevocation
This commit fixes a nasty bug that has been lingering within lnd, and
has been noticed due to the added retransmission logic. Before this
commit, upon a restart, if we had an active HTLC and received a new
commitment update, then we would re-forward ALL active HTLC’s. This
could at times lead to a nasty cycle:
  * We re-forward an HTLC already processed.
  * We then notice that the time-lock is out of date (retransmitted
HTLC), so we go to fail it.
  * This is detected as a replay attack, so we send an
UpdateMalformedHTLC
  * This second failure ends up creating a nil entry in the log,
leading to a panic.
  * Remote party disconnects.
  * Upon reconnect we send again as we need to retransmit the changes,
this goes on forever.

In order to fix this, we now ensure that we only forward HTLC’s that
have been newly locked in at this next state. With this, we now avoid
the loop described above, and also ensure that we don’t accidentally
attempt an HTLC replay attack on our selves.

Fixes #528.

Fixes #545.
2018-01-08 19:50:25 -08:00
Olaoluwa Osuntokun
b4bdd55081
lnwallet: if we fail to validate a remote commit sig, return detailed error
In this commit, we add a new detailed error that’s to be returned
when/if the remote peer sends us an invalid commit signature. The new
error contains the transaction that we attempted to validate the
signature over, the sighs, and the state number. Returning this
additional information will serve to aide in debugging any
cross-implementation issues.
2018-01-08 19:50:22 -08:00
Olaoluwa Osuntokun
95de109844
lnwallet: return our final local balance from CompleteCooperativeClose
In this commit, add an additional return value to
CompleteCooperativeClose. We’ll now report to the caller our final
balance in the cooperative closure transaction. We report this as
depending on if we’re the initiator or not, our final balance may not
exactly match the balance we had in the last state.
2018-01-08 19:50:20 -08:00
Conner Fromknecht
9703ab9161
lnwallet/channel: exposes channelState via State for testing 2018-01-05 13:47:17 -08:00
Conner Fromknecht
bb8c5f82da
lnwallet/channel: delete state after ack from breach arb 2018-01-05 13:47:16 -08:00
Olaoluwa Osuntokun
9777176d7d
lnwallet: don't use persistent pointer to funding tx within channel state machine
This commit fixes a lingering bug that could at times cause
incompatibilities with other implementations when attempting a
cooperative channel close. Before this commit, we would use a pointer
to the funding txin everywhere. As a result, each time we made a new
state, or verified one, we would modify the sequence field of the main
txin of the commitment transaction. Due to this if we updated the
channel, then went to do a cooperative channel closure, the sequence of
the txin would still be set to the value we used as the state hint.

To remedy this, we now copy the txin each time when making the
commitment transaction, and also the cooperative closure transaction.
This avoids accidentally mutating the txin itself.

Fixes #502.
2017-12-22 19:26:35 +01:00
Matt Drollette
adf0d98194 multi: fix several typos in godoc comments 2017-12-17 18:40:05 -08:00
Jim Posen
e66f3a37a3 lnwallet: Remove rHashMap.
rHashMap in LightningChannel is no longer needed since HTLCs are now
identified by ID/index instead of payment hash.
2017-12-14 17:53:58 -08:00
Jim Posen
317b44e220 lnwallet: Change channel update methods to accept HTLC ID.
Previously, some methods on a LightningChannel like SettleHTLC and
FailHTLC would identify HTLCs by payment hash. This would not always
work correctly if there are multiple HTLCs with the same payment hash,
so instead we change these methods to identify HTLCs by their unique
identifiers instead.
2017-12-14 17:53:58 -08:00
Olaoluwa Osuntokun
ef520f49c3
lnwallet: during channel resynchronization detect lack of commitment window
In this commit, we extend the ProcessChanSyncMsg to detect a case where
we don’t have the necessary revocation window to send out a new commit.
This can arise if the remote party sends us a new state, but we haven’t
yet fully processed their FundingLocked message yet, so we would be
unable to create a new commitment state.

We fix this by enumerating each of our actions in the case of an error.
If we get ErrNoWindow, then this indicates that we can’t give the
remote party the commitment we would like to optimistically send over.
This isn’t an issue though, as in the next round, we’ll resynchronize
our state.
2017-12-11 15:42:15 -08:00
Olaoluwa Osuntokun
62da377f78
lnwallet: properly reject new commitment if next revocation point isn't known 2017-12-11 15:32:31 -08:00
Olaoluwa Osuntokun
ff6993bb5d
lnwallet: ensure the onion blob is copied over properly when restore log updates
In this commit, we fix an existing bug that would cause issues within
the switch due to a value not being properly set. Before this commit we
would copy a byte array into a slice without first creating the
necessary capacity for that slice. To fix this, we’ll now ensure that
the blob has the proper capacity before copying over. Several tests
have been updated to always set a fake onion blob.
2017-12-10 16:14:41 -08:00
Olaoluwa Osuntokun
5b4aa82667
lnwallet: don't sign new commitment if next revocation point is unknown
In this commit, we extend the initial check within SignNextCommitment
to bail out early if we don’t yet know the commitment point of the
remote party. This prevents a class of nil pointer panics if we attempt
to create a new state without yet having received the FundingLocked
message.
2017-12-10 16:10:57 -08:00
Olaoluwa Osuntokun
d6dcc4276c
lnwallet: add new IsPending method to the channel state machine
The IsPending method will allow callers to determine if a channel has
been fully confirmed or not.
2017-12-06 16:43:01 -08:00
Conner Fromknecht
e8590b12ba
lnwallet/channel: handle error from sigpool start 2017-12-02 17:16:43 -08:00
Olaoluwa Osuntokun
c27e87f168
lnwallet: update UpdateFee msg usage to latest API changes 2017-11-30 22:10:42 -08:00
Olaoluwa Osuntokun
4bec706b11
lnwallet: fix bug in htlcIsDust, outgoing HTLC on remote commit is htlcSuccess 2017-11-30 22:09:49 -08:00
Olaoluwa Osuntokun
94ba7f964d
channel: properly roll over fee from commit tx during co-op chan close
In this commit, we fix an existing bug within our cooperative channel
closing transaction generation. Before this commit, we wouldn’t account
for the fee already allocated within the commitment transaction. As a
result, we would calculate the evaluated balance considering the fee
incorrectly. In this commit, we fix this by adding the commitment fee
to the balance of the initiator when crafting the closing transaction
2017-11-29 16:14:22 -08:00
Olaoluwa Osuntokun
63c8c299ed
lnwallet: use remote height as reference when gauging channel breaches 2017-11-28 12:26:02 -08:00
Olaoluwa Osuntokun
483dc3f96a
lnwallet: only the initiator needs to validate new fee updates
In this commit, we fix an existing bug, as only the initiator needs to
validate any new fee updates. If the initiator sends an invalid fee,
then it will be rejected by the responder as it may put them below
their required reserve.
2017-11-27 12:24:08 -08:00
Olaoluwa Osuntokun
3e90000e2a
lnwallet: reject UpdateFee messages if it puts initiator below the water
In this commit, we ensure that we reject any UpdateFee messages if
after applying the update, the initiator doesn’t have enough funds to
actually pay for the new commitment state.

A test has been added to exercise this new behavior.
2017-11-26 14:08:59 -06:00
Olaoluwa Osuntokun
7d3e1308e4
lnwallet: add ability to properly retransmit UpdateFee state transitions
In this commit, we update the retransmission logic to ensure that we
properly retransmit any sent UpdateFee messages as part of a state
transition. When creating a CommitDiff, if we have a pending fee
update, then we’ll add that to the set of logs updates. When restoring
the commit diff from disk, if we encounter an UpdateFee entry, then
we’ll apply that as waiting to be ACK’d and skip adding it as a log
entry.

A new test has been added to excessive this new behavior.
2017-11-26 14:08:58 -06:00
Olaoluwa Osuntokun
5a1a3c7277
lnwallet: add IsInitiator and CommitFeeRate methods to LightningChannel 2017-11-23 23:10:18 -06:00
Olaoluwa Osuntokun
39295dc5aa
lnwallet+peer: add new ResetState method to channel state machine
In this commit, we add a new ResetState method to the channel state
machine which will reset the state of the channel to `channelOpen`. We
add this as before this commit, it was possible for a channel to shift
into the closing state, the closing negotiation be cancelled for
whatever reason, resulting the the channel held by the breachArbiter
unable to act to potential on-chain events.
2017-11-23 23:10:16 -06:00
Olaoluwa Osuntokun
98cba87fb1
lnwallet: decouple closeObserver from main quit channel in LightningChannel
In this commit, we fix an existing bug that had ramifications within
the operation of the lnd daemon. Before this commit, if the Stop()
method was called, then the closeObserver would exit as well. This
means that would no longer be watching for channel breaches on-chain,
and could miss either a cooperative channel closure or an actual
contract breach.

To fix this, we now introduce a new method to stop for closeObserver:
CancelObserver(). This should ONLY be called once either: the contract
has been fully settled on-chain, or whom ever is watching the relevant
signals has a newer version of the channel that it will watch instead.
2017-11-23 23:10:07 -06:00
Olaoluwa Osuntokun
98a8951e5b
lnwallet: CompleteCooperativeClose now accepts final fee in btcutil.Amount 2017-11-23 23:10:07 -06:00
Olaoluwa Osuntokun
e96c62db65
lnwallet: no longer return fee from CreateCloseProposal
In this commit, we modify CreateCloseProposal to no longer return the
same fee passed in. In the past, this method accepted a fee rat rather
than an absolute fee, and would return the computed absolute fee. Now
that the method takes the absolute fee directly, this is unnecessary.
2017-11-23 23:10:06 -06:00
Olaoluwa Osuntokun
9f215723a6
lnwallet: verify new optional ChannelReestablish fields in ProcessChanSyncMsg
In this commit, we add fully verification (other than checking the
commitment point matches after the fact) of the new optional fields
added to the lnwire.ChannelReestablish message. Two scenarios can
arise: we realize the remote party is on a prior state (and possibly
lost data), or we realize that *we* are on a prior state with the
remote party verifiably proving that they’re on a newer state.
2017-11-16 20:00:05 -08:00
Olaoluwa Osuntokun
a655396616
lnwallet: add optional data loss support to ChanSyncMsg()
In this commit we extend the set of fields populated within the
returned lnwire.ChannelReestablish to populate the optional data loss
fields. This entails included the commitment secret of the most
recently revoked remote commitment transaction and also our current
unrevoked commitment point.
2017-11-16 20:00:04 -08:00
Olaoluwa Osuntokun
d7cdf822e3
lnwallet: update commitmentKeyRing to account for distinct HTLC keys
In this commit, we update all the key derivation within the state
machine to account for the recent spec change which introduces a
distinct key for usages within all HTLC scripts. This change means that
the commitment payment and delay base points, are only required to be
online in the case that a party is forced to go to chain.

We introduce an additional local tweak to the keyring for the HTLC
tweak. Additionally, two new keys have been added: a local and a remote
HTLC key. Generation of sender/receiver HTLC scripts now use the local
and remote HTLC keys rather than the “payment” key for each party.
Finally, when creating/verifying signatures for second-level HTLC
transactions, we use these the distinct HTLC keys, rather than re-using
the payment keys.
2017-11-16 20:00:03 -08:00
Olaoluwa Osuntokun
010815e280
lnwallet: no need to grab mutex in ProcessChanSyncMsg as is init method
In this method we fix an existing deadlock within the unit tests when
running with the race condition detector on. We don’t need to grab the
mutex within the ProcessChanSyncMsg method as this should be the very
first method called when initializing the channel if a channel state
sync is needed.
2017-11-11 15:50:33 -08:00
Olaoluwa Osuntokun
861412529d
lnwallet: add select on quit when waiting for job from sigPool
In this commit we ensure that the channel is always able to exit by
adding a select statement with a quit case when we’re waiting on the
result of a job that was previously sent into the sigPool.
2017-11-11 15:00:50 -08:00
Olaoluwa Osuntokun
3f4b1592a3
lnwallet: add logging error message is unable to carry HTLC in state machine 2017-11-10 19:51:13 -08:00
Olaoluwa Osuntokun
c8479410d2
lnwallet: remove availableLocalBalance field, add new AvailableBalance method
In this commit we do away with the existing availableLocalBalance
attribute and instead add a new, more accurate AvailableBalance method.
The new method will compute the available balance within the channel ,
assuming a new state was created at the instance the method was called.
This new method will now properly account for HTLC fees.

AvailableBalance is now called within AddHTLC in order to ensure we
don’t add any HTLC’s that are unable to be paid for from the PoV of the
fees on the commitment transaction.
2017-11-10 19:50:58 -08:00
Olaoluwa Osuntokun
ded7c11bfe
lnwallet: update channelState interaction to respect new db commitment format 2017-11-10 19:50:57 -08:00
Olaoluwa Osuntokun
b50a94aeab
lnwallet: update ReceiveRevocation to use new DB API's
We no longer need to manually pass in the channel delta to
AppendToRevocationLog (now called AdvanceCommitChainTail) as the
pointers on-disk will be updated atomically.
2017-11-10 19:50:57 -08:00
Olaoluwa Osuntokun
4fa714afce
lnwallet: update RevokeCurrentCommitment to use new DB API's
In this commit we update the RevokeCurrentCommitment method to properly
use the new database UpdateCommitment method along with properly
converting the in-memory commitment to its corresponding on-disk
format.
2017-11-10 19:50:56 -08:00
Olaoluwa Osuntokun
563c07ffa2
lnwallet: re-write and rename LastCounters to ChanSyncMsg
The new version has additional comments, and is also a bit simpler that
the prior version.
2017-11-10 19:50:56 -08:00
Olaoluwa Osuntokun
b5476b2767
lnwallet: re-write and rename ReceiveReestablish to ProcessChanSyncMsg
In this commit we complete the partially completed ReceiveReestablish
method and rename it to ProcessChanSyncMsg. The new version now
properly implements retransmission as defined within BOLT#2.

Additionally, we’ve added a new case which will optimistically try and
force a resynchronization of the commitment states if we detect we can
deliver a new commitment signature sooner than later after realizing
that we need to retransmit our last revocation message when we recevied
a new state transition.
2017-11-10 19:50:55 -08:00
Olaoluwa Osuntokun
769fe5cc13
lnwallet: when signing a new commitment state, store a CommitDiff 2017-11-10 19:50:55 -08:00
Olaoluwa Osuntokun
611412bab0
lnwallet: add new createCommitDiff method
This commit adds a new method: createCommitDiff. The method will, given
a newly constructed commitment, its signature, and HTLC signatures will
create a channeldb.CommitDiff. The CommitDiff created is to be stored
on disk, as it can be used in the case that the remote party didn’t
receive our CommitSig message and also forgot all the updates that we
queued with the update.
2017-11-10 19:50:55 -08:00
Olaoluwa Osuntokun
e50b3e6517
lnwallet: populate htlc indexes within constructed commitment states 2017-11-10 19:50:54 -08:00
Olaoluwa Osuntokun
9c015a5824
lnwallet: revamp restoring channel state from disk after a restart
In this commit we complexly revamp the process of restoring all channel
state back into memory after a restart. We’ll now properly do the
following: restore the pending “dangling” commit of the remote party
into the in-memory commitment chain, re-populate all active HTLC’s back
into their respective update logs with the proper indexes/counters, and
properly restore the current commitment of the remote party back in
memory.
2017-11-10 19:50:54 -08:00
Olaoluwa Osuntokun
4b71e87b77
lnwallet: add new restoreHtlc method to the updateLog
This commit adds a new method to the updateLog which will be used when
restoring the state of a channel from disk after a restart. This new
method will add an entry to the updateLog without incrementing either
of the counters as the HTLC already comes pre populated with its
historical index.
2017-11-10 19:50:53 -08:00
Olaoluwa Osuntokun
51618f2ae3
lnwallet: modify populateHtlcIndexes to use info in commitment
It wasn’t necessary to pass in the dust limit, or the commitment itself
as it is already contained within the commitment struct.
2017-11-10 19:50:53 -08:00
Olaoluwa Osuntokun
60b814b4aa
lnwallet: group commitmentKeyRing and deriveCommitmentKey in file 2017-11-10 19:50:52 -08:00
Olaoluwa Osuntokun
d790eeb375
lnwallet: add [our|their]HtlcIndex to the commitment struct
With these new fields, we’ll be able to properly reconstruct the log
state after a restart, as each commitment will now note both the
current HTLC and log index.
2017-11-10 19:50:52 -08:00
Olaoluwa Osuntokun
145cd0b2b6
lnwallet: export HtlcWeight and CommitWeight publicly 2017-11-10 19:50:51 -08:00
Andrey Samokhvalov
9247168c5d not finished index persistence 2017-11-09 16:38:58 -08:00
Andrey Samokhvalov
28dd6e5d84 channeldb+lnwallet: add remote pending commiment persistance 2017-11-09 16:38:58 -08:00
Andrey Samokhvalov
a10ed36e8f htlcswitch+lnwallet: add malformed payment descriptor 2017-11-09 16:38:58 -08:00
Andrey Samokhvalov
e29193d550 htlcswitch+channel: remove cancel reasons from channel link 2017-11-09 16:38:58 -08:00
Andrey Samokhvalov
1b4e723a5d htlcswicth+channel: switch to store onion blobs in payment descriptor
After addition of the retransmission logic in the channel link, we
should make the onion blobs persistant, the proper way to do this is
include the onion blobs in the payment descriptor rather than storing
them in the distinct struct in the channel link.
2017-11-09 16:38:57 -08:00
Andrey Samokhvalov
d70ffe93e4 htlcswitch+channel: add channel states synchronization
In this commit BOLT№2 retranmission logic for the channel link have
been added. Now if channel link have been initialised with the
'SyncState' field than it will send the lnwire.ChannelReestablish
message and will be waiting for receiving the same message from remote
side. Exchange of this message allow both sides understand which
updates they should exchange with each other in order sync their
states.
2017-11-09 16:38:57 -08:00
Jim Posen
a13ad0a339 multi: Fix various typos. 2017-10-25 13:20:54 -07:00
Jim Posen
2b58a39d30 lnwallet: Simplify updateLog struct by removing redundant pointers.
The updateLog struct contains pointers that refer to the state of the
commitment chains. Instead, query the commitments directly.
2017-10-25 13:11:46 -07:00
Olaoluwa Osuntokun
3b94e5df4d
lnwallet: introduce distinct HTLC counter+index on top of updateLog
In this commit, we fix an existing derivation from the commitment state
machine as defined within the specification. Before this commit, we
only kept a single counter which both HTLC adds and fails/settles would
share. This was valid in the prior pre-spec iteration of the state
machine. However in the current draft of the spec, only a distinct
counter for HTLCs are used throughout.

This would cause an incompatibility, as if we mixed adds and settles
during an exchange, then our counter values would differ with other
implementations. To remedy this, we now introduce a distinct HTLC
counter and index within the updateLog.

Each Add will increment both the log counter, and the HTLC counter.
Each Settle/Fail will only increment the log counter. Inbound
Settle/Fails will index into the HTLC index as to target the proper
HTLC. The PaymentDescriptor type has been extended with an additional
field (HltcIndex) which itself tracks the index of an incoming/outgoing
HTLC.
2017-10-22 18:36:57 -07:00
Jim Posen
7c1ae8bda3 lnwallet: Split tx generation code out of fetchCommitmentView.
This moves the commitment transaction generation code out of
fetchCommitmentView into createCommitmentTx. Aside from being a pretty
clean logical split, this allows the transaction generation code to be
unit tested more effectively.
2017-10-19 22:23:14 -07:00
Jim Posen
bd497438af lnwallet: Pass around key ring instead of individual keys.
The signatures of some functions/methods in lnwallet are simplified by
passing in a commitmentKeyRing argument instead of multiple keys.
2017-10-19 22:23:14 -07:00
Jim Posen
3151a3a596 lnwallet: Refactor commitment key generation code.
Create struct holding all commitment keys to clean up code and avoid
deriving keys multiple times.
2017-10-19 22:23:14 -07:00
Laura Cressman
156772d04a channeldb: use binary.Read/Write with bools in channel.go
Use binary.Read/Write in functions to serialize and deserialize
channel close summary and HTLC boolean data, as well as in
methods to put and fetch channel funding info. Remove lnd
implementations of readBool and writeBool as they are no
longer needed. Also fix a few minor typos.
2017-10-02 23:13:47 -07:00
flaurida
e106cfdef1 lnwallet: replace sort.Sort with sort.Slice in channel.go
Use sort.Slice in SignNextCommitment function in lnwallet/channel.go,
as part of the move to use new language features. Remove
sortableSignBatch type wrapper for slice of signJobs since it is
no longer needed to sort jobs according to their output indices.
Also fix a few minor typos in channel.go and sigpool.go.
2017-10-02 23:13:47 -07:00
Johan T. Halseth
6b3844ea66
lnwallet: add getter for channelState.RemoteNextCommitment 2017-10-02 13:29:32 +02:00
Olaoluwa Osuntokun
30d5b90626
lnwallet: properly derive key tweaks in newHtlcResolution
This commit fixes an existing bug where we attempted to re-use the same
commitTweak value when creating an HTLC resolution. Instead, we now
create the commit tweak value factoring the key that is to be used for
signing.
2017-09-29 20:27:19 -07:00
Olaoluwa Osuntokun
dc764c992c
lnwallet: fix bug in extractHtlcResolutions, ensure slice is contiguous
This commit fixes an existing bug within extractHtlcResolutions. The
prior code would use an index to assign the returned
OutgoingHtlcResolutions into a single slice. However, this is invalid
as there are two cases where an HTLC might be skipped: if it’s an
incoming HTLC, or if the HLTC itself is dust from the PoV of the
commitment chain.

To fix this, we now instead use append to add items to the slice. This
ensure that we don’t have any “empty” items in between fully populated
items.
2017-09-29 14:32:22 -07:00
Olaoluwa Osuntokun
2141b481ef
lnwallet: properly set the pkScript within an HTLC resolution 2017-09-29 14:28:19 -07:00
Olaoluwa Osuntokun
0086e6e427
lnwallet: in extractHtlcResolutions use csvDelay gated on commitment ownership
This commit fixes a bug wherein we would use the incorrect csvDelay
when crafting HTLC resolutions after a unilateral channel closure.
Previously, we would always use the csvDelay of the local party, as in
the force close case that’s the correct value. However, a unilateral
channel closure instead requires the _remote_ delay.
2017-09-26 19:06:55 -07:00
Olaoluwa Osuntokun
21782374c9
lnwallet: properly use delayKey for htlc-timeout tx in newHtlcResolution
This commit fixes an existing bug when crafting the HTLC resolution in
the face of a commitment broadcast. Previously, we we’re using the
localKey which is incorrect, as directly below we properly use the
delayKey when crafting the secondLevelHtlcScript to sign.
2017-09-26 18:31:22 -07:00
Olaoluwa Osuntokun
8a682d9ec3
lnwallet: add a MaturityDelay field to UnilateralCloseSummary
This commit adds a new field: MaturityDelay, to the
UnilateralCloseSummary struct. This new field will be required, in an
upcoming update as it’s needed in order to properly sweep the
second-level HTLC outputs after MaturityDelay blocks has passed since
confirmation.
2017-09-26 18:00:24 -07:00
Olaoluwa Osuntokun
34604f6214
lnwallet: properly use the p2wkh script in SignDesc for retributions
This commit fixes a minor bug (that doesn’t affect anything atm) when
crafting the SignDesc for sweeping breached outputs. Previously, we
would take the p2wkh script and then p2wsh-ify that, placing that into
the SignDesc. This is incorrect as the p2wkh script is “injected” into
the sighash when signing, and thus doesn’t need another encoding layer.
2017-09-26 17:57:29 -07:00
Olaoluwa Osuntokun
1d487ea78b Merge pull request #341 from cfromknecht/breach-filter-commit-dust
Breach Arbiter Ignore Dust Commitment Outputs
2017-09-26 17:10:12 -07:00
Conner Fromknecht
223f77d135
lnwallet/channel: filter commitment outputs if dust 2017-09-25 18:57:03 -07:00
Olaoluwa Osuntokun
21d151d2ce
lnwallet: ensure the goroutines of all channels are stopped after test execution 2017-09-24 20:20:15 -07:00
Olaoluwa Osuntokun
9164cc218a
lnwallet: modify ReceiveFailHTLC to return value of HTLC failed 2017-09-24 20:17:53 -07:00
Olaoluwa Osuntokun
f576a74bf6
lnwallet: modify SettleHTLC to return value of HTLC settled
This commit adds an additional return value to SettleHTLC in order to
make way for an upcoming change to modify the way bandwidth status from
the link to the switch is reported.
2017-09-24 20:17:14 -07:00
Olaoluwa Osuntokun
815826caac
lnwallet: remove public LocalAvailableBalance method from channel
This commit removes the current active LocalAvailableBalance method
from the channel state machine itself. We still maintain the internal
availableLocalBalance method locally as this is used to ensure that we
don’t add an HTLC which puts our available balance below zero.
2017-09-24 20:13:04 -07:00
Conner Fromknecht
faf1d40bd0
lnwallet/channel: adds directionality htlc retributions
This commit also adds an incoming flag to
        HtlcRetribution struct to allow the breach arbiter to
        generate the appropriate witness based on the htlc's
        directionality.

        It also ensures that the size of the htlc retribution
        slice is now determined by the size of the number of
        htlcs present in the revoked snapshot, which fixes a
        minor bug that could lead to nil pointer deferences.
2017-09-19 19:18:20 -07:00
Olaoluwa Osuntokun
a52d405998
lnwallet: ensure HTLC values are properly converted to SAT in commit tx
This commit fixes a bug within the HTLC construction and commitment
transaction construction that would result in HTLC _values_ within the
commitment transaction being off by a factor of 1000. This was due to
the fact that we failed to convert the amount of an HTLC, in mSAT, to
SAT before placing it as an output within the commitment transaction.
When attempt to locate the output index of a particular half, we use
the unconverted amount, meaning it was unnoticed.

This commit adds a new assertion within the TestSimpleAddSettleWorkflow
test to ensure that the HTLC is found within the commitment transaction
with the proper value in satoshi.
2017-08-30 15:34:18 -07:00
Olaoluwa Osuntokun
6e54aba7ac
lnwallet: convert channel state machine accounting to milli-satoshi 2017-08-22 00:52:50 -07:00
Johan T. Halseth
b9516b7cdd
lnwallet: make CreateCloseProposal take absolute fee instead of fee rate 2017-08-11 12:09:39 +02:00
Olaoluwa Osuntokun
43b736225b
multi: add new method to generate fresh node announcments 2017-08-04 18:32:33 -07:00
Olaoluwa Osuntokun
db793991ac
lnwallet: don't add trimmed HTLC value to initiator commitment fees
This commit fixes a lingering bug in the way the internal channel state
machine handled fee calculation. Previously, we would count the dust
HTLC’s that were trimmed towards the fee that the initiator paid. This
is invalid as otherwise, the initiator would always benefit from dust
HTLC’s. Instead, we now simply “donate” the dust HTLC’s to the miner in
the commitment transaction. This change puts us in compliance with
BOLT-0003.
2017-07-31 20:41:23 -07:00
Olaoluwa Osuntokun
5ece7fec2d
lnwallet: add a String() method to updateType 2017-07-31 20:37:51 -07:00
Olaoluwa Osuntokun
747e0f57d1
multi: fix linter errors 2017-07-30 18:22:45 -07:00
Olaoluwa Osuntokun
899fa1ea3e
lnwallet: properly populate the signDesc within UnilateralCloseSummary
This commit modifies the closeObserver code to populate the signDesc in
the case we have a non-trimmed balance. Additionally, we now also add a
*wire.OutPoint field to the struct in order to allow receivers of the
message to construct a witness that can spend the newly created output
to their wallet.
2017-07-30 17:52:18 -07:00
Olaoluwa Osuntokun
8a23de5303
lnwallet: consult current state instead of revocation log during unilateral closure 2017-07-30 17:52:14 -07:00
Olaoluwa Osuntokun
8121bc77ce
lnwallet: add delivery scripts as a param to CreateCloseProposal+ CompleteCooperativeClose
This commit modifies the methods that transition the state of the
channel into an active closing state. With the new commitment design,
the delivery scripts are no longer pre-committed to the initial funding
messages. Instead, the scripts are sent at the instant that either side
decides to shutdown within the Shutdown message.
2017-07-30 17:51:05 -07:00
Olaoluwa Osuntokun
40e9120c04
lnwallet: populate HTLC resolutions after observing a unilateral channel close 2017-07-30 17:51:02 -07:00
Olaoluwa Osuntokun
01aa4eb2ae
lnwallet: populate HTLC resolutions within the ForceCloseSummary 2017-07-30 17:50:59 -07:00
Olaoluwa Osuntokun
83e0116d7e
lnwallet: extend the UnilateralCloseSummary to include HTLC resolutions
This commit adds a new companion struct: OutgoingHtlcResolution to the
commitment state machine. The purpose of this struct is the provide the
caller with the information necessary to sweep all outgoing HTLC’s in
the case of a broadcast up-to-date commitment transaction.

The HTLC resolutions allow a caller to sweep an outgoing HTLC into
their wallet after the absolute timeout of the HTLc has passed. This is
a two step process, with the first portion consisting of broadcasting
the HTLC timeout transaction itself, and the second portion consisting
of claiming the HTLC itself after a CSV delay.
2017-07-30 17:50:55 -07:00
Olaoluwa Osuntokun
a4c07d061e
lnwallet: the BreachRetribution struct is now aware of HTLC outputs
This commit adds awareness of active HTLC outputs to the
BreachRetribution struct. Previously, in the case of a breach, the
struct was only populated with enough information to sweep the two
commitment outputs. With this commit, the struct now has enough
information to sweep _all_ outputs within the commitment transaction.
2017-07-30 17:50:51 -07:00
Olaoluwa Osuntokun
5a78f80ffe
lnwallet: update restoreStateLogs to be aware of new commitment scheme 2017-07-30 17:50:47 -07:00
Olaoluwa Osuntokun
b9da43a2b8
lnwallet: update fetchCommitmentView due to new commitment design
This commit updates the central fetchCommitmentView method to manage
and derive the necessary easy required to create new commitments due to
the new state machine design within the specification. Each state now
requires us to derive a number of keys for each commitment state:
localDelay, remoteDelay, localKey, remoteKey, the commitment point, and
finally the revocation key itself.
2017-07-30 17:50:43 -07:00
Olaoluwa Osuntokun
3a052d2874
lnwallet: when creating new states, dispatch HTLC signing to sigPool 2017-07-30 17:50:40 -07:00
Olaoluwa Osuntokun
f569b80a80
lnwallet: when verifying new states, dispatch HTLC sig validation to sigPool 2017-07-30 17:50:37 -07:00
Olaoluwa Osuntokun
cd8672f824
lnwallet: update CreateCommitTx due to new key derivation 2017-07-30 17:50:34 -07:00
Olaoluwa Osuntokun
e314b83559
lnwallet: update HTLC script generation to account for new covenant HTLC's
This commit updates the set of functions tasked with generating HTLC’s
scripts for new commitments to now adhere to the new commitment
transaction design. With this change, the process of claiming an HTLC
now requires a second-level HTLC transaction, which solves a prior
issues due to the tight coupling of the timeout and delay clauses when
claiming an HTLC.
2017-07-30 17:50:31 -07:00
Olaoluwa Osuntokun
8b9a58cb15
lnwallet: add a sigPool instances to the state machine struct 2017-07-30 17:50:27 -07:00
Olaoluwa Osuntokun
4c9bd9dc54
lnwallet: when handling possible channel breach, only log if contract breach 2017-07-30 17:50:24 -07:00
Olaoluwa Osuntokun
e56258917e
lnwallet: introduce populateHtlcIndexes for tracking HTLC indexes in commitments
This commit adds a new method to the commitment struct:
populateHtlcIndexes.  populateHtlcIndexes modifies the set of HTLC's
locked-into the target view to have full indexing information
populated. This information is required as we need to keep track of the
indexes of each HTLC in order to properly write the current state to
disk, and also to locate the PaymentDescriptor corresponding to HTLC
outputs in the commitment transaction.

We also modify toChannelDelta to take not of these new changes, and
access the appropriate index directly.
2017-07-30 17:50:21 -07:00
Olaoluwa Osuntokun
549688d793
lnwallet: remove isDustLocal and isDustRemote, replace w/ htlcIsDust
This commit modifies the way we account for dust HTLC’s within the
commitment state machine when creating and validating new states.
Previously, an HTLC was dust if the amount of the HTLC was below the
dustLimit of the commitment chain. Now, with the HTLC covenant
transaction, the value of the HTLC also needs to cover the required fee
of the HTLC covenant transaction at the specified fee rate of the
commitment chain.

As a result, we now determine if an HTLC is dust or not, only at the
commitment site, using the new htlcIsDust function.
2017-07-30 17:50:16 -07:00
Olaoluwa Osuntokun
91165d98bb
lnwallet: eliminate the InitialRevocationWindow within the state machine
This commit modifies the current core channel state machine in order to
may a step towards BOLT-0002 and BOLT-0003 compliance. In this change,
we abandon the prior revocation window, in favor of a fixed revocation
window of size two. The revocation window will be filled at the start
of the lifetime of the channel, and never extended from there until the
channel has been fully closed.

We now maintain two variables, the current un-revoked commitment point,
and the next commitment point to use when creating a new state. The
next commitment point must initially be inserted into the channel state
with the InitNextRevocation method.

A major difference between the prior revocation key handling is that
the remote party now instead sends us the _commitment point_ in
isolation, which we then use locally (with our revocation base point)
to create the next full revocation key for _their_ commitment
transaction.
2017-07-30 17:50:13 -07:00
Olaoluwa Osuntokun
c7df82ab68
lnwallet: update the LightningChannel API usage for recent channels changes
This commit updates much of the state interaction within the
LightningChannel structure to account for the recent changes within the
chanenldb involving the OpenChannel struct, namely the introduction of
ChannelConfig and ChannelConstraints.
2017-07-30 17:50:10 -07:00