Commit Graph

456 Commits

Author SHA1 Message Date
Olaoluwa Osuntokun
777ed104a3
chainfee: create new chainfee package extracting fees from lnwallet
In this commit, we create a new chainfee package, that houses all fee
related functionality used within the codebase. The creation of this new
package furthers our long-term goal of extracting functionality from the
bloated `lnwallet` package into new distinct packages. Additionally,
this new packages resolves a class of import cycle that could arise if a
new package that was imported by something in `lnwallet` wanted to use
the existing fee related functions in the prior `lnwallet` package.
2019-10-31 16:41:57 -07:00
Olaoluwa Osuntokun
a73ee28e46
multi: convert the existing channeldb.ChannelType uint8 into a bit field
In this commit, we convert the existing `channeldb.ChannelType` type
into a _bit field_. This doesn't require us to change the current
serialization or interpretation or the type as it is, since all the
current defined values us a distinct bit. This PR lays the ground work
for any future changes that may introduce new channel types (like anchor
outputs), and also any changes that may modify the existing invariants
around channels (if we're the initiator, we always have the funding
transaction).
2019-10-31 16:34:37 -07:00
Conner Fromknecht
dbc0e88584
Merge pull request #3564 from joostjager/htlcswitch-logging
build+htlcswitch+lnwallet: add prefix logger
2019-10-16 13:00:36 +02:00
Olaoluwa Osuntokun
c03fb8aca0
Merge pull request #3561 from Roasbeef/chan-validation-cleanup
chanvalidate: create new channel validation package
2019-10-04 12:32:07 -07:00
Johan T. Halseth
6765b8668a
Merge pull request #3574 from wpaulino/max-fee-allocation-fee-floor
htlcswitch: enforce fee floor on max fee allocation
2019-10-04 14:12:02 +02:00
Wilmer Paulino
fa96d707c5
lnwallet: enforce fee floor on max fee allocation
Without this, it was possible for a combination of our balance and max
fee allocation to result in a fee rate below the fee floor causing the
remote party to reject the update and close the channel.
2019-10-03 20:13:26 -04:00
Olaoluwa Osuntokun
1e67040145
lnwallet: copy commitment transaction in getSignedCommitTx
In this commit, we move to make a full deep copy of the commitment
transaction in `getSignedCommitTx` to ensure that we don't mutate the
commitment on disk, possibly resulting in a "hot commitment".
2019-10-03 16:23:10 -07:00
Joost Jager
b58dbb2d70
multi: fix canceled spelling 2019-10-03 17:27:36 +02:00
Joost Jager
57562d6c4d
lnwallet: create channel specific log methods 2019-10-03 10:22:01 +02:00
Olaoluwa Osuntokun
6d97bcbacd
lnwallet+contractcourt: publicly export DeriveCommitmentKeys use in chain watcher
In this commit, we consolidate the number of areas where we derive our
commitment keys. Before this commit, the `isOurCommitment` function in
the chain watcher used a custom routine to derive the expected
scripts/keys for our commitment at that height. With the recent changes,
we now have additional logic in `DeriveCommitmentKeys` that wasn't
copied over to this area. As a result, the prior logic would erroneously
detect if it was our commitment that had hit the chain or not.

In this commit, we remove the old custom code, and use
`DeriveCommitmentKeys` wihtin the chain watcher as well. This ensures
that we only need to maintain the key derivation code in a single place,
preventing future bugs of this nature.
2019-09-25 18:26:13 -07:00
Olaoluwa Osuntokun
a58cfa65ff
lnwallet+breacharbiter: update breach logic to be aware of new commitment format
In this commit, we update the brar logic in the channel state machine,
and also the brar itself to be aware of the new commitment format.
Similar to the unilateral close summary, we'll now blank out the
SingleTweak field in `NewBreachRetribution` if it's a tweakless
commitment. The brar will then use this to properly identify the
commitment type, to ensure we use the proper witness generation function
when we're handling our own breach.
2019-09-25 18:25:58 -07:00
Olaoluwa Osuntokun
b399203e71
lnwallet: update channel state machine to be aware of tweakless commits
In this commit, we update the channel state machine to be aware of
tweakless commits. In several areas, we'll now check the channel's type
to see if it's `SingleFunderTweakless`. If so, then we'll opt to use the
remote party's non-delay based point directly in the script, skipping
any additional cryptographic operations. Along the way we move the
`validateCommitmentSanity` method to be defined _before_ it's used as is
cutomary within the codebase.

Notably, within the `NewUnilateralCloseSummary` method, we'll now _blank
out_ the `SingleTweak` value if the commitment is tweakless. This
indicates to callers the witness type they should map to, as the value
isn't needed at all any longer when sweeping a non-delay output.

We also update the signing+verification tests to also test that we're
able to properly generate a valid witness for the new tweakless
commitment format.
2019-09-25 18:25:43 -07:00
Johan T. Halseth
2a6ad6e634
channeldb+lnwallet: don't pass isRestoredChan to ChanSyncMsg
Since we have access to the internal state of the channel, we can
instead get it directly instead of passing it in as a parameter.
2019-09-25 14:04:44 +02:00
Johan T. Halseth
6e361d04cf
lnwallet+link: move marking channel states to link
Instead of marking the database state when processing the channel
reestablishment message, we wait for the result of this processing to
arrive in the link, and mark it accordingly in the database here.

We do this move the logic determining whether we should force close the
channel or not, and what state to mark it in the DB, to the same place,
as these need to be consistent.
2019-09-25 14:04:43 +02:00
Johan T. Halseth
f40f4620f7
lnwallet/channel: make ErrCommitSyncLocalDataLoss type
This commit converts the ErrCommitSyncLocalDataLoss error into a struct,
that also holds the received last unrevoked commit point from the remote
party.
2019-09-25 14:04:43 +02:00
Johan T. Halseth
02b2787e44
multi: make MarkCommitmentBroadcasted take closeTx 2019-09-25 14:04:43 +02:00
Johan T. Halseth
eb1b84c0b4
channeldb+lnwallet: make ChanSyncMsg method on OpenChannel 2019-09-25 14:04:42 +02:00
Johan T. Halseth
c308042ae0
lnwallet/channel: add missing chanpoint to log 2019-09-19 10:40:32 +02:00
Joost Jager
3d7de2ad39
multi: remove dead code 2019-09-10 17:21:59 +02:00
Wilmer Paulino
59d19e0ca9
lnwallet: add MaxFeeRate method to LightningChannel 2019-09-03 16:49:54 -07:00
Conner Fromknecht
b26b88a1e2
lnwallet/channel: use proper commitment output sorting 2019-06-05 08:35:06 +02:00
Olaoluwa Osuntokun
5f0fad85be multi: address lingering TODO by no longer wiping out local HTLCs on remote close
In this commit, we fix a lingering TOOD statement in the channel arb.
Before this commitment, we would simply wipe our our local HTLC set of
the HTLC set that was on the remote commitment transaction on force
close. This was incorrect as if our commitment transaction had an HTLC
that the remote commitment didn't, then we would fail to cancel that
back, and cause both channels to time out on chain.

In order to remedy this, we introduce a new `HtlcSetKey` struct to track
all 3 possible in-flight set of HTLCs: ours, theirs, and their pending.

We also we start to tack on additional data to all the unilateral close
messages we send to subscribers. This new data is the CommitSet, or the
set of valid commitments at channel closure time. This new information
will be used by the channel arb in an upcoming commit to ensure it will
cancel back HTLCs in the case of split commitment state.

Finally, we start to thread through an optional *CommitSet to the
advanceState method. This additional information will give the channel
arb addition information it needs to ensure it properly cancels back
HTLCs that are about to time out or may time out depending on which
commitment is played.

Within the htlcswitch pakage, we modify the `SignNextCommitment` method
to return the new set of pending HTLCs for the remote party's commitment
transaction and `ReceiveRevocation` to return the latest set of
commitment transactions on the remote party's commitment as well. This
is a preparatory change which is part of a larger change to address a
lingering TODO in the cnct.

Additionally, rather than just send of the set of HTLCs after the we
revoke, we'll also send of the set of HTLCs after the remote party
revokes, and we create a pending commitment state for it.
2019-05-27 14:34:13 -07:00
Joost Jager
d55a8b7b29
channel+cnct: remove preimage from channel and resolution
Now that the success resolver preimage field is always populated by the
incoming contest resolver, preimage lookups earlier in the
process (channel and channel arbitrator) can mostly be removed.
2019-05-15 14:41:49 +02:00
Olaoluwa Osuntokun
c722f2c064
contractcourt: only look for local force close for non-recovered channel
In this commit, we modify the main `closeObserver` dispatch loop to only
look for the local force close if we didn't recover the channel. We do
this, as for a recovered channel, it isn't possible for us to force
close from a recovered channel.
2019-03-28 17:53:59 -07:00
Olaoluwa Osuntokun
4ff4e1b0de
lnwallet: account for case where remote party has 2 unrevoked commits in DLP 2019-03-28 17:53:55 -07:00
Olaoluwa Osuntokun
fc8337b146
lnwallet: send invalid commitment secret if restored chan in ChanSyncMsg
In this commit, we modify the `ChanSyncMsg` to send an invalid
commitment secret in `ChanSyncMsg`. We do this in order to force the
remote party to force close off-chain, if we're restoring a channel from
scratch and we never had any state updates within the channel. We need
to do this, as otherwise the remote party will think we can resume as
they're able to verify their own commit secret for state zero.
2019-03-28 17:53:54 -07:00
Olaoluwa Osuntokun
3e866c6cc5
lnwallet: add additional comment for case in ProcessChanSyncMsg 2019-03-28 17:53:53 -07:00
Olaoluwa Osuntokun
90d8a46ec6
lnwallet: allow DLP trigger transition in ProcessChanSyncMsg if chan restored
In this commit, we modify an existing case in `ProcessChanSyncMsg` to enter the DLP workflow if we detect that this is a restored channel.
2019-03-28 17:53:51 -07:00
Olaoluwa Osuntokun
dac35c46f3
lnwallet: properly examine and check error from AppendRemoteCommitChain 2019-03-08 19:15:07 -08:00
Olaoluwa Osuntokun
49c38ed56d
lnwallet: update line wrapping to project style where needed 2019-03-08 19:15:06 -08:00
Olaoluwa Osuntokun
a6cf6f4237
lnwallet+peer: remove unnecessary MaxPendingAmount method
We don't need this method, as we can directly access it from the peer
via public fields with its current usage.
2019-02-25 12:51:31 -03:00
Valentine Wallace
20b3114100 htlcswitch+lnwallet+peer: default max htlc in fwding policy of new chans
In this commit, we set a default max HTLC in the forwarding
policies of newly open channels.

The ForwardingPolicy's MaxHTLC field (added in this commit)
will later be used to decide whether an HTLC satisfies our policy before
forwarding it.

To ensure the ForwardingPolicy's MaxHTLC default matches the max HTLC
advertised in the ChannelUpdate sent out for this channel,  we also add
a MaxPendingAmount() function to the lnwallet.Channel.
2019-02-21 18:39:32 -08:00
Conner Fromknecht
29f07a58cb
cnct+lnwl+hswc: use lntypes.Preimage for witness beacon 2019-02-19 17:06:00 -08:00
Olaoluwa Osuntokun
948646b58b
Merge pull request #2481 from joostjager/move-input
multi: move input to separate package
2019-01-31 16:48:31 -08:00
Joost Jager
9e012ecc93
multi: move Input interface and related code
This commit is a step to split the lnwallet package. It puts the Input
interface and implementations in a separate package along with all their
dependencies from lnwallet.
2019-01-31 13:25:33 +01:00
Johan T. Halseth
47918bd6ce
lnwallet/channel: add restoration sanity check
To avoid more bugs slipping through where the logIndex is not set, we
panic to catch this. This was earlier done for Adds and the htlcCounter,
which did lead us to find the resulting retoration bug.
2019-01-31 09:24:50 +01:00
Johan T. Halseth
b593c1c7c7
lnwallet/channel: set logIndex for restored FeeUpdate
Earlier versions did not write the log index to disk for fee updates, so
they will be unset. To account for this we set them to to current update
log index.
2019-01-31 09:24:49 +01:00
Olaoluwa Osuntokun
9e5723e1bc
lnwallet: modify ForceClose to disallow closing if local data loss
In this commit, we ensure that if a channel is detected to have local
data loss, then we don't allow a force close attempt, as this may not be
possible, or cause us to play an invalid state.
2019-01-28 20:24:42 -08:00
Wilmer Paulino
93754f8d37
lnwallet: add HtlcPoint() resolution helper methods
Co-authored-by: Joost Jager <joost.jager@gmail.com>
2019-01-22 20:47:13 -08:00
Olaoluwa Osuntokun
9c59ac4383
Merge pull request #2397 from halseth/reject-commitment-expected-fee-reset-bug
[bugfix] Process fee updates as any other update message
2019-01-14 17:06:27 -08:00
Olaoluwa Osuntokun
400a1d3282
Merge pull request #2431 from cfromknecht/keyring-remote-delay-retribution
lnwallet: Add keyring and remote CSV delay to BreachRetribution
2019-01-11 15:33:16 -08:00
Conner Fromknecht
eb2f5cecf6
multi: remove breach tx arg from NewBreachRetribution args
This commit removes the breach transaction from the
arguments passed to NewBreachRetribution. We already
keep all prior remote commitments on disk in the
commitment log, and load that transaction from disk
inside the method. In practice, the one loaded from
disk will be the same one that is passed in by the
caller, so there should be no change in behavior
as we've already derived the appropriate state number.

This changes makes integration with the watchtower
client simpler, since we no longer need to acquire
the breaching commitment transaction to be able to
construct the BreachRetribution. This simplifies
not only the logic surrounding transient backsups,
but also on startup (and later, retroactively
backing up historic updates).
2019-01-10 13:13:38 -08:00
Johan T. Halseth
dadfcefc07
lnwallet/channel: don't return feePerKw from computeView
Since the feerate is part of the computed view now, we don't have to
pass the found feerate as a distinct parameter.
2019-01-10 12:31:12 +01:00
Johan T. Halseth
6ffd354d63
lnwallet/channel: add fee updates to update logs
Instead of special casing the UpdateFee messages, we instead add them to
the update logs like any other HTLC update message. This lets us avoid
having to keep an extra set of variables to keep track of the fee
updates, and instead reuse the commit/ack logic used for other updates.

This fixes a bug where we would reset the pendingFeeUpdate variable
after signing our next commitment, which would make us calculate the new
fee incorrectly if the remote sent a commitment concurrently.

When restoring state logs, we also make sure to re-add any fee updates.
2019-01-10 12:31:12 +01:00
Johan T. Halseth
810c56cdb9
lnwallet/channel: process FeeUpdate found in update log
This commit makes the evaluateHTLCView method process any found
FeeUpdates in the logs, by returning the last set feerate.
2019-01-10 12:31:11 +01:00
Johan T. Halseth
277949cb0e
lnwallet/channel: remove FeeUpdates when compacting logs
When compacting the update logs we remove any fee updates when they
remove height is passed. We do this since we'll assume fee updates are
added and removed at the same commit height, as they will apply for all
commitments following the fee update.
2019-01-10 12:26:41 +01:00
Johan T. Halseth
480f43f1dc
lnwallet/channel: add lnwire<->PaymentDescriptor FeeUpdate conversion
This commit adds conversion between the lnwire.UpdateFee message and the
new FeeUpdate PaymentDescriptor. We re-purpose the existing Amount field
in the PaymentDescriptor stuct to hold the feerate.
2019-01-10 12:26:33 +01:00
Johan T. Halseth
36857a1042
lnwallet/channel: add new PaymentDescriptor type FeeUpdate
This commit adds a new updateType that can be used for
PaymentDescriptors: FeeUpdate. We repurpose the fields of the existing
PaymentDescriptor struct such that we can easily re-use the commit/ack
logic used for other update types also for fee updates.
2019-01-10 12:23:56 +01:00
Conner Fromknecht
cd54625c2d
lnwallet/channel: add keyring + remote csv to breach info 2019-01-07 17:15:33 -08:00
Alex Bosworth
a78e13929e
lnwallet: fix trivial comment typo 2019-01-06 11:39:12 -08:00
Olaoluwa Osuntokun
fa160f559c
multi: replace per channel sigPool with global daemon level sigPool
In this commit, we remove the per channel `sigPool` within the
`lnwallet.LightningChannel` struct. With this change, we ensure that as
the number of channels grows, the number of gouroutines idling in the
sigPool stays constant. It's the case that currently on the daemon, most
channels are likely inactive, with only a hand full actually
consistently carrying out channel updates. As a result, this change
should reduce the amount of idle CPU usage, as we have less active
goroutines in select loops.

In order to make this change, the `SigPool` itself has been publicly
exported such that outside callers can make a `SigPool` and pass it into
newly created channels. Since the sig pool now lives outside the
channel, we were also able to do away with the Stop() method on the
channel all together.

Finally, the server is the sub-system that is currently responsible for
managing the `SigPool` within lnd.
2018-12-16 15:40:14 -08:00
Olaoluwa Osuntokun
42c4597921
Merge pull request #1937 from halseth/data-loss-protect-resending
Data loss protect resending
2018-11-25 20:47:16 -06:00
Johan T. Halseth
5c294601f0
lnwallet/channel: remove startingHeight from commitmentChain
Field is not being used.
2018-11-23 08:58:45 +01:00
Johan T. Halseth
a9f93b2988
contractcourt/chain_watcher: add channel sync message to CloseChannelSummary 2018-11-21 10:28:56 +01:00
Johan T. Halseth
676a1b1407
lnwallet+link: make ChanSyncMsg take channel state as arg
This lets us get the channel reestablish message without creating the LightningChannel struct first.
2018-11-21 10:28:56 +01:00
Olaoluwa Osuntokun
6aa7c09308
lnwallet: properly set the short chan ID for remote unilateral close summaries
In this commit, we fix an existing bug wherein we wouldn't set the short
channel ID for the close summary in the database in the case that the
remote party force closed. The fix is simple, ensure that within
NewUnilateralCloseSummary we properly set the short channel ID. A test
has also been added in this commit, which fails without the
modifications to lnwallet/channel.go.

Fixes #2072.
2018-10-19 13:49:15 -07:00
maurycy
ac24b12bf2
multi: fix various typos in comments 2018-09-07 06:51:49 +02:00
Johan T. Halseth
f4f7b64b2d
lnwallet/channel: add FwdMinHtlc(), returning MinHTLC from localChanCfg 2018-08-23 07:50:17 +02:00
Conner Fromknecht
05308ec22c
lnwallet/channel: concrete HTLC errors and ack AddRefs 2018-08-21 00:31:41 -07:00
Olaoluwa Osuntokun
b06dabfcb9 lnwallet: properly set auxiliary channel recovery info in NewUnilateralCloseSummary
In this commit, we fix a slight bug by ensuring that the revocation info
at the final state of the channel, as well as the local chan config is
properly set within the channel close summary created within
NewUnilateralCloseSummary. Before this commit, for all cooperative close
transactions, this state would _only_ include the pubkey itself, which
in some cases may not be sufficient to re-derive the key if needed.
2018-08-14 19:11:18 -07:00
Conner Fromknecht
cf2c371042
multi: fix linting errors 2018-08-02 18:20:50 -07:00
Olaoluwa Osuntokun
343c1b80d2
lnwallet: update NewBreachRetribution to include pkScripts for htlc outputs
In this commit, we update the NewBreachRetribution method to include
pkScripts for htlc outputs. We do this now, as the breach arbiter will
need the raw pkScript when attempting to request spend notifications for
each HTLC.
2018-07-31 21:28:57 -07:00
Olaoluwa Osuntokun
8dd0b56d35
lnwallet: publicy export WitnessScriptHash and GenMultiSigScript
In this commit, we export WitnessScriptHash and GenMultiSigScript as
external sub-systems may now need to use these methods in order to be
able to watch for confirmations based on the script of a transaction.
2018-07-31 21:28:50 -07:00
Olaoluwa Osuntokun
a5174a2228
Merge pull request #1543 from cfromknecht/wtblob
[watchtower/blob]: Blob of Justice encryption/decryption and v0 plaintext encoding
2018-07-31 20:55:29 -07:00
Johan T. Halseth
78a4a15bb4
lnwallet/channel: check validity of received commitPoint
This commit adds a check for the LocalUnrevokedCommitPoint sent to us by
the remote during channel reestablishment, ensuring it is the same point
as they have previously sent us.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
a2f2d28d0b
lnwallet/channel: enumerate error cases from remote chain desync
This commit enumerates the various error cases we can encounter when we
compare our remote commit chain to the view the remote communicates to us
via msg.NextLocalCommitHeight.

We now compare this height to our remote tail and tip height, returning
relevant error in case of a unrecoverable desync, and re-send a
commitment signature (including log updates) in case we owe one.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
f1757d6da4
lnwallet/channel: enumerate error cases from local chain desync
This commit enumerates the various error cases we can encounter when we
compare our local commit chain to the view the remote communicates to us
via msg.RemoteCommitTailHeight.

We now compare this height to our local tail height (note that there's
never a local "tip" at this point), returning relevant error in case of
a unrecoverable desync, and re-send a revocation in case we owe one.
2018-07-31 15:16:23 +02:00
Johan T. Halseth
48f1458ae5
lnwallet/channel: define channel sync errors
This commit defines a few new errors that we can potentially encounter
during channel reestablishment:
* ErrInvalidLocalUnrevokedCommitPoint
* ErrCommitSyncLocalDataLoss
* ErrCommitSyncRemoteDataLoss

in addition to the already defined errors
* ErrInvalidLastCommitSecret
* ErrCannotSyncCommitChains
2018-07-31 15:16:23 +02:00
Johan T. Halseth
3825ca71dd
lnwallet/channel: reduce scope of commitSecretCorrect 2018-07-31 15:16:22 +02:00
Johan T. Halseth
eed052eba5
lnwallet/channel: extract local balance from spend instead of stored commit 2018-07-31 08:27:03 +02:00
Johan T. Halseth
06ceba429f
lnwallet/channel: make NewUnilateralCloseSummary take commitPoint 2018-07-31 08:27:03 +02:00
Conner Fromknecht
b0379dfa59
lnwallet/channel: use exposed CommitScriptUnencumbered 2018-07-24 16:54:30 -07:00
Olaoluwa Osuntokun
6f60f139f4 multi: switch over import paths from roasbeef/* to btcsuite/* 2018-07-13 17:05:39 -07:00
Conner Fromknecht
bb808a1937
lnwallet/channel: use public variant of script helpers 2018-07-03 17:07:48 -07:00
Olaoluwa Osuntokun
8885c3de8d
server: defer cancelling the outbound connection until the tie-breaker 2018-06-10 23:02:22 -07:00
maurycy
3be08e69cf multi: 64bit aligment of atomic vars on arm/x86-32 2018-06-04 20:02:34 -07:00
Johan T. Halseth
07629e5da1
lnwallet/channel: use FullySynced to check chanSync special case
We check if the channel is FullySynced instead of comparing the local
and remote commit chain heights, as the heights might not be in sync.
Instead we call FullySynced which recently was modified to use compare
the message indexes instead, which is _should_ really be in sync between
the chains.

The test TestChanSyncOweRevocationAndCommitForceTransition is altered to
ensure the two chains at different heights before the test is started, to
trigger the case that would previously fail to resend the commitment
signature.
2018-06-04 15:09:51 +02:00
Olaoluwa Osuntokun
31aa8553e7
Merge pull request #1294 from halseth/add-commit-height
lnwallet/channel: set add heights based on the locked in commits
2018-05-29 15:46:39 -07:00
Johan T. Halseth
cb52151123
lnwallet/channel: set add heights based on the locked in commits
This commit fixes a bug which would cause the add heights of the HTLCs
in the update log to be set wrongly. At times, an add height could be
incorrecly set, leading to the HTLCs not being accounted for correctly
during evaluating the HTLC views. This was caused by the assumption that
if the HTLC was not on the pending remote commit, then it was locked in
on both the local and the remote commit, which is not always true.

Instead of making this assumption, we instead now inspect the three
commits: the local, remote and pending remote; and set the add heights
accordingly. This should ensure that HTLCs are subtracted from the
balances only when they are first added.
2018-05-29 08:35:01 +02:00
Conner Fromknecht
e693f89cb0
lnwallet/channel: locked in settle/fail 2018-05-28 13:17:28 -07:00
Olaoluwa Osuntokun
04f576ee6e
lnwallet: reject duplicate fails for the same HTLC 2018-05-25 20:26:01 -07:00
Olaoluwa Osuntokun
28f37def7c
lnwallet: reject duplicate settles for the same HTLC 2018-05-25 20:26:01 -07:00
Olaoluwa Osuntokun
b6d046ad84
lnwallet: mark HTLCs modified for updates restored in restoreStageLogs 2018-05-25 20:26:01 -07:00
Olaoluwa Osuntokun
1f1f22cfe8
lnwallet: clear modified HTLCs within updateLog.removeHtlcs 2018-05-25 20:26:00 -07:00
Olaoluwa Osuntokun
56ebd6de8d
lnwallet: add new modified HTLC index to the updateLog
In this commit, we add a new index to the HTLC log. This new index is
meant to ensure that we don't attempt to modify and HTLC twice. An HTLC
modification is either a fail or a settle. This is the first in a series
of commits to fix an existing bug in the state machine that can cause a
panic if a remote node attempts to settle an HTLC twice.
2018-05-25 20:25:55 -07:00
Johan T. Halseth
9ddd484524
lnwallet/channel: export method MarkCommitmentBroadcasted 2018-05-22 12:03:35 +02:00
Johan T. Halseth
7cd783d7bb
lnwallet/channel: remove unused method DeleteState 2018-05-22 11:51:30 +02:00
Olaoluwa Osuntokun
95293f5102
lnwallet: add assertion in createCommitmentTx to detect overdraw attempts
In this commit, we add a precautionary assertion at the end of
createCommitmentTx. This assertion is meant to ensure that we don't
accept or propose a commitment transaction that attempts to send out
more than it was funded with.
2018-05-21 16:52:57 -07:00
Olaoluwa Osuntokun
0570e80fd2
lnwallet: check commitment sanity within createCommitmentTx
In this commit, we move the check to CheckTransactionSanity into
createCommitmentTx. We do this as within wallet.go (during the funding
process) we actually end up calling this helper function twice, and also
moving it up until right when we create the fully commitment transaction
ensures we making our assertion against the final version.
2018-05-21 16:47:08 -07:00
Johan T. Halseth
9c7163187b
lnwallet/channel: don't restore htlcs uneccessary
This commit removes redundant HTLC restoring. We don't have to restore
outgoing HTLCs from the local commitment, as we _know_ they will always
be added to the remote commitment first. Also, when receiving
Settles/Fails, they will be removed from the local commitment first.
This way we can be sure that outgoing HTLCs found on the local
commitment always will be found on the remote commitment

Similarly we don't have to restore incoming HTLCs from the remote
commitment, as they will be added to the local commitment first.
2018-05-16 21:02:17 +02:00
Johan T. Halseth
c1e96e01e6
lnwallet/channel: remove restoreHtlc from pendingRemoteCommit
This commit removes the stage during updateLog restoration where we
would attempt to restore incoming HLTCs from the pendingRemoteCommit, in
addition to update our log and htlc counter to reflect this state. The
reason we can safely remove this is to observe that a pending remote
commit is always created from a commitDiff which only contains updates
made by _us_, and thus only taken from the localUpdateLog. The same can
be said for the counters, when creating a commitDiff we'll always use
the remoteACKedIndex as the index into the remoteUpdateLog, meaning that
all potential updates will already be included in the remote commit that
has been ACKed.
2018-05-16 21:02:17 +02:00
Johan T. Halseth
902e1e77cb
lnwallet/channel: init localUpdateLog with index from remoteCommit,
remoteUpdateLog from localCommit

This commit fixes a bug within channel.go that would lead to the
content of the update logs and their indexes getting out of sync during
restores.

The scenario that could occur was that the localUpdateLog was initiated
with a log index taken from the localCommitment. Updates we send (which
are added to the localUpdateLog) will be added to the remote commitment
first. The problem happened when an update was sent and added to the
remote commitment, but not ACKed. Since it was not ACKed, we would not
add it to our local commitment. During a restart/restore we would init
the localUpdateLog with a height too low, such that when going through
the outgoing HTLCs on the remote commitment, we would restore an HTLC at
an index higher than our local log HTLC counter.

The symmetric change is done to the remoteUpdateLog.
2018-05-16 20:53:33 +02:00
Conner Fromknecht
f963f91a3c
multi: use mutex-guarded ShortChanID() on OpenChannel 2018-05-09 16:06:49 -07:00
Johan T. Halseth
71228a6b06
lnwallet/channel: don't use commit height to determine FullySynced
This commit removes a faulty check we did to determine if the channel
commitments were fully synced. We assumed that if out local commitment
chain had a height higher than the remote, then we would have state
updates present in our chain but not in theirs, and owed a commitment.
However, there were cases where this wasn't true, and we would send a
new commitment even though we had no new updates to sign. This is a
protocol violation.

Now we don't longer check the heights to determine if we are fully
synced. A consequence of this is that we also need to check if we have
any pending fee updates that are nopt yet signed, as those are
considered non-empty updates.
2018-05-09 08:47:21 +02:00
Johan T. Halseth
9324bf7b1d
lnwallet/channel: return error in case of htlc index mismatch
This commit make us return an error in case a restored HTLC from a
pending remote commit has an index that is different from our local
update log index. It is appended with the assumption that these indexes
are the same, and if they are not we cannot really continue.
2018-05-08 13:41:52 +02:00
Johan T. Halseth
7e1f2a7dc3
lnwallet/channel: remove unused arguments 2018-05-08 13:41:52 +02:00
Johan T. Halseth
aa1c2cdf81
lnwallet/channel: add more info in case of crash
This commit adds a call to panic in case the HTLC we are looking for is
not found in the update log. It _should_ always be there, but we have
seen crashes resulting from it not being found. Since it will crash with
a nil pointer dereference below, we instead call panic giving us a bit
more information to work with.
2018-05-08 13:41:52 +02:00
Johan T. Halseth
1d676b77e1
lnwallet/channel: log pending remote commit during restore 2018-05-08 13:41:51 +02:00
Johan T. Halseth
1d172428c4
lnwallet/channel: return missing errors
This commit corrects a few cases where we would encounter errors, but
return nil by mistake.
2018-05-08 13:41:51 +02:00
Olaoluwa Osuntokun
8b06817482
lnwallet: modify NewUnilateralCloseSummary to be aware of pending remote commits
In this commit, we modify the NewUnilateralCloseSummary to be able to
distinguish between a unilateral closure using the lowest+highest
commitment the remote party possesses. Before this commit, if the remote
party broadcast their highest commitment, when they have a lower
unrevoked commitment, then this function would fail to find the proper
output, leaving funds on the chain.

To fix this, it's now the duty of the caller to pass remotePendingCommit
with the proper value. The caller should use the lowest unrevoked
commitment, and the height hint of the broadcast commitment to discern
if this is a pending commitment or not.
2018-05-03 21:29:28 -07:00