Commit Graph

7727 Commits

Author SHA1 Message Date
Joost Jager
c8fa51f865
invoices: refactor invoice update callback
This commit refactors the invoice registry accept/settle logic so that
it doesn't rely anymore on a set of error values to indirectly
communicate from the update callback to the main function what action is
required on the htlc.
2019-09-04 19:20:27 +02:00
Joost Jager
144856757d
channeldb+invoices: move invoice cancel logic into registry
This commit is a continuation of the centralization of invoice state
transition logic in the invoice registry.
2019-09-04 19:20:25 +02:00
Joost Jager
416bc8c68c
channeldb+invoices: move hold invoice settle logic into registry
This commit is a continuation of the centralization of invoice state
transition logic in the invoice registry.
2019-09-04 19:20:23 +02:00
Joost Jager
ad3522f1a6
channeldb+invoices: move invoice accept or settle logic into registry
As the logic around invoice mutations gets more complex, the friction
caused by having this logic split between invoice registry and channeldb
becomes more apparent. This commit brings a clearer separation of
concerns by centralizing the accept/settle logic in the invoice
registry.

The original AcceptOrSettle method is renamed to UpdateInvoice because
the update to perform is controlled by the callback.
2019-09-04 19:20:21 +02:00
Joost Jager
c1345a4117
multi: use separate cltv expiry field from invoice
Now that the Invoice struct contains the decoded final cltv delta value,
the decoding of payment requests can be removed from the invoice
registry.
2019-09-04 19:20:19 +02:00
Joost Jager
4105142c96
channeldb+invoices: add invoice htlcs
This commit adds a set of htlcs to the Invoice struct and
serializes/deserializes this set to/from disk. It is a preparation for
accurate invoice accounting across restarts of lnd.

A migration is added for the invoice htlcs.

In addition to these changes, separate final cltv delta and expiry
invoice fields are created and populated. Previously it was required
to decode this from the stored payment request. The reason to create
a combined commit is to prevent multiple migrations.
2019-09-04 19:20:17 +02:00
Joost Jager
061b34b924
channeldb: add int64 to codec 2019-09-04 19:20:15 +02:00
Joost Jager
05e6b62cb2
cnct+htlcswitch+invoices: report circuit key to invoice registry
Currently the invoice registry cannot tell apart the htlcs that pay to
an invoice. Because htlcs may also be replayed on startup, it isn't
possible to determine the total amount paid to an invoice.

This commit is a first step towards fixing that. It reports the circuit
keys of htlcs to the invoice registry, which forms the basis for
accurate invoice accounting.
2019-09-04 19:20:13 +02:00
Joost Jager
5871d69bde
cnct: convert supplement functions to methods 2019-09-04 19:20:11 +02:00
Joost Jager
4fe846af6e
invoices/test: extend hodl invoice test
Add logic to specifically exercise the replay behavior of invoice
registry for hodl invoices.
2019-09-04 19:20:09 +02:00
Joost Jager
43bad4af9f
invoices: always check htlc amt with invoice amount
Previously a check was made for accepted and settled invoices against
the paid amount. This opens up a probe vector where an attacker can pay
to an invoice with an amt that is higher than the invoice amount and
find out if the invoice is already paid or not.
2019-09-04 19:20:07 +02:00
Joost Jager
762609a169
channeldb: fix suppressed error 2019-09-04 19:20:05 +02:00
Joost Jager
d98a22879f
invoices/test: clarify test parameters 2019-09-04 19:20:04 +02:00
Olaoluwa Osuntokun
ebb3e987b1
lnrpc/routerrpc: complete JSON naming for mc responses 2019-08-23 16:36:35 -07:00
Olaoluwa Osuntokun
557083c41b
Merge pull request #3372 from joostjager/mc-successes
routing: process payment successes in mission control
2019-08-23 16:33:18 -07:00
Olaoluwa Osuntokun
441b15055b
channeldb: properly compare payment attempts in serialization test 2019-08-23 12:50:25 -07:00
Joost Jager
ff0c5a0d5e
routing: process successes in mission control
This commit modifies paymentLifecycle so that it not only feeds
failures into mission control, but successes as well.
This allows for more accurate probability estimates. Previously,
the success probability for a successful pair and a pair with
no history was equal. There was no force that pushed towards
previously successful routes.
2019-08-23 09:15:41 +02:00
Joost Jager
2594abfba1
routing/test: remove unused parameter in mission control test 2019-08-23 09:15:39 +02:00
Olaoluwa Osuntokun
64c7a0faa8
Merge pull request #3362 from Roasbeef/tlv-onion-payload
multi: update the switch+router to be aware of the new TLV EOB format
2019-08-22 19:10:19 -07:00
Olaoluwa Osuntokun
b1aea41d20
lntest/itest: force dave to use the legacy onion payload in multi-hop pay test
In this commit, we force Dave to use the legacy onion payload for the
multi-hop test to ensure that we're able to properly mix the old and new
formats, and have all nodes properly decode+forward the HTLC.
2019-08-22 18:53:10 -07:00
Olaoluwa Osuntokun
653d557fec
config: add new legacy protocol build tag protected sub-config for legacy onion
In this commit, we add a new build tag protected sub-config for legacy
protocol features. The goal of this addition is to be able to default to
new feature within lnd, but expose hooks at the config level to allow
integration tests to force the old behavior to ensure that we're able to
support both the old+new versions.
2019-08-22 18:53:08 -07:00
Olaoluwa Osuntokun
1345ca2038
server: set new optional global TLV feature bit by default 2019-08-22 18:53:07 -07:00
Olaoluwa Osuntokun
9145c0fd38
lnwire: add new TLV onion feature bits 2019-08-22 18:53:06 -07:00
Olaoluwa Osuntokun
23cc8389f2
multi: add TLV awareness to htlcswitch, pass extra EOB to the invoice registry
In this commit, we update the `HopIterator` to gain awareness of the new
TLV hop payload. The default `HopIterator` will now hide the details of
the TLV from the caller, and return the same `ForwardingInfo` struct in
a uniform manner. We also add a new method: `ExtraOnionBlob` to allow
the caller to obtain the raw EOB (the serialized TLV stream) to pass
around.

Within the link, we'll now pass the EOB information into the invoice
registry. This allows the registry to parse out any additional
information from the EOB that it needs to settle the payment, such as a
preimage shard in the AMP case.
2019-08-22 18:53:05 -07:00
Olaoluwa Osuntokun
c78e3aaa9d
channeldb: update route.Hop serialization to include new EOB related fields
We also include a migration for the existing routes stored on disk.
2019-08-22 18:53:04 -07:00
Olaoluwa Osuntokun
763cb6c09d
lnrpc+lnrpc/routerrpc: add a new TLV record field to the Hop proto
In this commit, we add a new field to the Hop proto to allow callers to
be able to specify TLV records for the SendToRoute call, and also to be
able to display TLV records that were used during regular path finding.

We also update SendPayment to support dest TLV records.
2019-08-22 18:53:03 -07:00
Olaoluwa Osuntokun
4697cfde30
routing: extend path finding to be TLV-EOB aware, allow dest TLV records
In this commit, we extend the path finding to be able to recognize when
a node needs the new TLV format, or the legacy format based on the
feature bits they expose. We also extend the `LightningPayment` struct
to allow the caller to specify an arbitrary set of TLV records which can
be used for a number of use-cases including various variants of
spontaneous payments.
2019-08-22 18:53:01 -07:00
Olaoluwa Osuntokun
5b4c8ac232
routing/route+tlv: add new TLV-EOB awareness to Hop+Route
In this commit, we extend the Hop struct to carry an arbitrary set of
TLV values, and add a new field that allows us to distinguish between
the modern and legacy TLV payload.

We add a new `PackPayload` method that will be used to encode the
combined required routing TLV fields along any set of TLV fields that
were specified as part of path finding.

Finally, the `ToSphinxPath` has been extended to be able to recognize if
a hop needs the modern, or legacy payload.
2019-08-22 18:53:00 -07:00
Olaoluwa Osuntokun
e60b36751c
tlv: display the unknown primitive type in MakePrimitiveRecord error message 2019-08-22 18:52:59 -07:00
Olaoluwa Osuntokun
aea529d9f6
tlv: add new Type() and Encode() methods to Record
In this commit, we add two new method so the `Record` struct: Type() and
Encode(). These are useful when a caller is handling a record and may
not know its underlying type and may need to encode a record in
isolation.
2019-08-22 18:52:58 -07:00
Olaoluwa Osuntokun
ac6f56566e build: point to latest lightning-onion w/ EOB support 2019-08-22 18:52:53 -07:00
Wilmer Paulino
2e122a807b
Merge pull request #3406 from cfromknecht/die-spew
pilot+discovery: die spew
2019-08-22 15:33:56 -07:00
Olaoluwa Osuntokun
0a5080c144
Merge pull request #3424 from cfromknecht/tlv-limit-decode
tlv: limit decoded record size
2019-08-21 18:17:38 -07:00
Conner Fromknecht
1cc48ceaf5
tlv/stream: create MaxRecordSize, remove lnwire import, add test 2019-08-21 18:12:57 -07:00
nsa
dfd1b38648
tlv: fix panic with large length
This commit fixes a panic where a large length in a record could
cause the DVarBytes function to fail to allocate a byte slice.
2019-08-21 16:48:23 -07:00
Wilmer Paulino
c4ba5577cc
Merge pull request #3366 from wpaulino/prevent-initial-gossip-sync-broadcast
discovery: prevent broadcast of anns received during initial graph sync
2019-08-21 13:07:14 -07:00
Wilmer Paulino
e15e524637
discovery: prevent broadcast of anns received during initial graph sync
There's no need to broadcast these as we assume that online nodes have
already received them. For nodes that were offline, they should receive
them as part of their initial graph sync.
2019-08-21 12:06:33 -07:00
Olaoluwa Osuntokun
216d1e8017
Merge pull request #3419 from Roasbeef/sign-create-key-if-not-found
lnwallet: when signing create account if not found
2019-08-20 20:53:01 -07:00
Olaoluwa Osuntokun
cc4daa04ad
lnwallet: when signing create account if not found
In this commit, we address an edge case that can happen a user rescans
w/ their seed, while retaining their existing `channel.db`. Once they
rescan, if they go to sign for a channel sweep for example, the
commitment key family (actually an account) may not yet have been
created, causing the signing attempt to fail.

We remedy this always creating the account if we go to sign, and the
account isn't found. The change has been structured to make this the
exception, so we'll avoid always needing to do 2 DB hits (check if
account exists, sign), each time we sign.

A new test has been added to exercise this behavior. If the diff from
the `signer.go` file is removed, then the test will fail.
2019-08-20 19:08:03 -07:00
Olaoluwa Osuntokun
2f8d3c4526
Merge pull request #3256 from joostjager/failure-attribution
routing: failure attribution
2019-08-20 16:53:56 -07:00
Conner Fromknecht
c9a6d5bad5
utxonursery: demote building nursery report log to debug
Log can be pretty spammy when using the pendingchannels rpc, which
creates a log for each closing channel. Should help clear up logs for
more pertinent information.
2019-08-20 14:13:05 -07:00
Conner Fromknecht
e2a53f71d0
pilot+discovery: remove info spews 2019-08-20 14:13:05 -07:00
Olaoluwa Osuntokun
701244012a
Merge pull request #3402 from joostjager/remove-debug-invoice
multi: remove debug invoices
2019-08-19 18:42:34 -07:00
Joost Jager
d9ec158412
routing: stricter payment result interpretation
This commit overhauls the interpretation of failed payments. It changes
the interpretation rules so that we always apply the strongest possible
set of penalties, without making assumptions that would hurt good nodes.

Main changes are:

- Apply different rule sets for intermediate and final nodes. Both types
of nodes have different sets of failures that we expect. Penalize nodes
that send unexpected failure messages.

- Distinguish between direct payments and multi-hop payments. For direct
payments, we can infer more about the performance of our peer because we
trust ourselves.

- In many cases it is impossible for the sender to determine which of
the two nodes in a pair is responsible for the failure. In this
situation, we now penalize bidirectionally. This does not hurt the good
node of the pair, because only its connection to a bad node is
penalized.

- Previously we always penalized the outgoing connection of the
reporting node. This is incorrect for policy related failures. For
policy related failures, it could also be that the reporting node
received a wrongly crafted htlc from its predecessor. By penalizing the
incoming channel, we surely hit the responsible node.

- FailExpiryTooSoon is a failure that could have been caused by any node
up to the reporting node by delaying forwarding of the htlc. We don't
know which node is responsible, therefore we now penalize all node pairs
in the route.
2019-08-17 10:24:09 +02:00
Joost Jager
e7a457f1ce
routing: query bandwidth hints before each payment attempt
Previously the bandwidth hints were only queried once per payment. This
did not allow for concurrent payments changing channel balances.
2019-08-17 10:24:07 +02:00
Joost Jager
67e40d4433
htlcswitch: always assume an onion error for malformed htlc failures
Previously a temporary channel failure was returning for unexpected
malformed htlc failures. This is not what we want to communicate to the
sender, because the sender may apply a penalty to us only.

Returning the temporary channel failure is especially problematic if we
ourselves are the sender and the malformed htlc failure comes from our
direct peer. When interpretating the failure, we aren't able to
distinguish anymore between our channel not having enough balance and
our peer sending an unexpected failure back.
2019-08-17 10:24:05 +02:00
Joost Jager
e135cf7326
routing: penalize all node pairs for unknown outcomes
When an undecryptable failure comes back for a payment attempt, we
previously only penalized our own outgoing connection. However,
any node could have caused this failure. It is therefore better to
penalize all node connections along the route. Then at least we know for
sure that we will hit the responsible node.
2019-08-17 10:24:03 +02:00
Joost Jager
c39d7a29cd
routing/test: do not test local channel mission control
This commit updates existing tests to not rely on mission control for
pruning of local channels. Information about local channels should
already be up to date before path finding starts. If not, the problem
should be fixed where bandwidth hints are set up.
2019-08-17 10:24:01 +02:00
Joost Jager
45dacd0df1
routing: isolate failure interpretation from mission control
This commit moves the payment outcome interpretation logic into a
separate file. Also, mission control isn't updated directly anymore, but
results are stored in an interpretedResult struct. This allows the
mission control state to be locked for a minimum amount of time and
makes it easier to unit test the result interpretation.
2019-08-17 10:23:59 +02:00
Joost Jager
e7af6a077a
routing: convert to nillable failure reason
This commit converts several functions from returning a bool and a
failure reason to a nillable failure reason as return parameter. This
will take away confusion about the interpretation of the two separate
values.
2019-08-17 10:23:57 +02:00