From: Joy Wang Date: Thu, 20 Jan 2022 08:10:03 +0000 (-0800) Subject: Add commit_upfront_shutdown_pubkey to ChannelHandshakeConfig X-Git-Url: http://git.bitcoin.ninja/?a=commitdiff_plain;h=b59ba6157e069f38d20039bc305c43df1ca263d0;p=rust-lightning Add commit_upfront_shutdown_pubkey to ChannelHandshakeConfig --- diff --git a/lightning/src/ln/chanmon_update_fail_tests.rs b/lightning/src/ln/chanmon_update_fail_tests.rs index 236b1e498..0d65796eb 100644 --- a/lightning/src/ln/chanmon_update_fail_tests.rs +++ b/lightning/src/ln/chanmon_update_fail_tests.rs @@ -2461,7 +2461,7 @@ fn test_temporary_error_during_shutdown() { // Test that temporary failures when updating the monitor's shutdown script delay cooperative // close. let mut config = test_default_channel_config(); - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let chanmon_cfgs = create_chanmon_cfgs(2); let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); @@ -2516,7 +2516,7 @@ fn test_permanent_error_during_sending_shutdown() { // Test that permanent failures when updating the monitor's shutdown script result in a force // close when initiating a cooperative close. let mut config = test_default_channel_config(); - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let chanmon_cfgs = create_chanmon_cfgs(2); let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); @@ -2537,7 +2537,7 @@ fn test_permanent_error_during_handling_shutdown() { // Test that permanent failures when updating the monitor's shutdown script result in a force // close when handling a cooperative close. let mut config = test_default_channel_config(); - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let chanmon_cfgs = create_chanmon_cfgs(2); let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 03633cec1..6b4dc331d 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -39,7 +39,7 @@ use util::events::ClosureReason; use util::ser::{Readable, ReadableArgs, Writeable, Writer, VecWriter}; use util::logger::Logger; use util::errors::APIError; -use util::config::{UserConfig,ChannelConfig}; +use util::config::{UserConfig,ChannelConfig,ChannelHandshakeConfig}; use util::scid_utils::scid_from_parts; use io; @@ -751,7 +751,7 @@ impl Channel { let mut secp_ctx = Secp256k1::new(); secp_ctx.seeded_randomize(&keys_provider.get_secure_random_bytes()); - let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey { + let shutdown_scriptpubkey = if config.own_channel_config.commit_upfront_shutdown_pubkey { Some(keys_provider.get_shutdown_scriptpubkey()) } else { None }; @@ -1046,7 +1046,7 @@ impl Channel { } } else { None }; - let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey { + let shutdown_scriptpubkey = if config.own_channel_config.commit_upfront_shutdown_pubkey { Some(keys_provider.get_shutdown_scriptpubkey()) } else { None }; @@ -5450,6 +5450,7 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<(&'a K, u32)> for Channel let user_id = Readable::read(reader)?; let mut config = Some(ChannelConfig::default()); + let mut handshake_config = Some(ChannelHandshakeConfig::default()); if ver == 1 { // Read the old serialization of the ChannelConfig from version 0.0.98. config.as_mut().unwrap().forwarding_fee_proportional_millionths = Readable::read(reader)?; @@ -5460,6 +5461,8 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<(&'a K, u32)> for Channel // Read the 8 bytes of backwards-compatibility ChannelConfig data. let mut _val: u64 = Readable::read(reader)?; } + + handshake_config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?; let channel_id = Readable::read(reader)?; let channel_state = Readable::read(reader)?; diff --git a/lightning/src/ln/shutdown_tests.rs b/lightning/src/ln/shutdown_tests.rs index b712212ab..b248c51ec 100644 --- a/lightning/src/ln/shutdown_tests.rs +++ b/lightning/src/ln/shutdown_tests.rs @@ -404,7 +404,7 @@ fn test_upfront_shutdown_script() { let mut config = UserConfig::default(); config.channel_options.announced_channel = true; config.peer_channel_config_limits.force_announced_channel_preference = false; - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let user_cfgs = [None, Some(config), None]; let chanmon_cfgs = create_chanmon_cfgs(3); let node_cfgs = create_node_cfgs(3, &chanmon_cfgs); @@ -569,7 +569,7 @@ fn test_segwit_v0_shutdown_script() { let mut config = UserConfig::default(); config.channel_options.announced_channel = true; config.peer_channel_config_limits.force_announced_channel_preference = false; - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let user_cfgs = [None, Some(config), None]; let chanmon_cfgs = create_chanmon_cfgs(3); let node_cfgs = create_node_cfgs(3, &chanmon_cfgs); @@ -604,7 +604,7 @@ fn test_anysegwit_shutdown_script() { let mut config = UserConfig::default(); config.channel_options.announced_channel = true; config.peer_channel_config_limits.force_announced_channel_preference = false; - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let user_cfgs = [None, Some(config), None]; let chanmon_cfgs = create_chanmon_cfgs(3); let node_cfgs = create_node_cfgs(3, &chanmon_cfgs); @@ -639,7 +639,7 @@ fn test_unsupported_anysegwit_shutdown_script() { let mut config = UserConfig::default(); config.channel_options.announced_channel = true; config.peer_channel_config_limits.force_announced_channel_preference = false; - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let user_cfgs = [None, Some(config), None]; let chanmon_cfgs = create_chanmon_cfgs(3); let mut node_cfgs = create_node_cfgs(3, &chanmon_cfgs); @@ -681,7 +681,7 @@ fn test_invalid_shutdown_script() { let mut config = UserConfig::default(); config.channel_options.announced_channel = true; config.peer_channel_config_limits.force_announced_channel_preference = false; - config.channel_options.commit_upfront_shutdown_pubkey = false; + config.own_channel_config.commit_upfront_shutdown_pubkey = false; let user_cfgs = [None, Some(config), None]; let chanmon_cfgs = create_chanmon_cfgs(3); let node_cfgs = create_node_cfgs(3, &chanmon_cfgs); diff --git a/lightning/src/util/config.rs b/lightning/src/util/config.rs index c591cacb3..d8e542a3d 100644 --- a/lightning/src/util/config.rs +++ b/lightning/src/util/config.rs @@ -47,6 +47,18 @@ pub struct ChannelHandshakeConfig { /// Default value: 1. If the value is less than 1, it is ignored and set to 1, as is required /// by the protocol. pub our_htlc_minimum_msat: u64, + /// When set, we commit to an upfront shutdown_pubkey at channel open. If our counterparty + /// supports it, they will then enforce the mutual-close output to us matches what we provided + /// at intialization, preventing us from closing to an alternate pubkey. + /// + /// This is set to true by default to provide a slight increase in security, though ultimately + /// any attacker who is able to take control of a channel can just as easily send the funds via + /// lightning payments, so we never require that our counterparties support this option. + /// + /// This cannot be changed after a channel has been initialized. + /// + /// Default value: true. + pub commit_upfront_shutdown_pubkey: bool } impl Default for ChannelHandshakeConfig { @@ -55,6 +67,7 @@ impl Default for ChannelHandshakeConfig { minimum_depth: 6, our_to_self_delay: BREAKDOWN_TIMEOUT, our_htlc_minimum_msat: 1, + commit_upfront_shutdown_pubkey: true } } } @@ -195,18 +208,8 @@ pub struct ChannelConfig { /// /// Default value: false. pub announced_channel: bool, - /// When set, we commit to an upfront shutdown_pubkey at channel open. If our counterparty - /// supports it, they will then enforce the mutual-close output to us matches what we provided - /// at intialization, preventing us from closing to an alternate pubkey. - /// - /// This is set to true by default to provide a slight increase in security, though ultimately - /// any attacker who is able to take control of a channel can just as easily send the funds via - /// lightning payments, so we never require that our counterparties support this option. - /// - /// This cannot be changed after a channel has been initialized. - /// - /// Default value: true. - pub commit_upfront_shutdown_pubkey: bool, + /// This value is moved to ChannelHandshakeConfig, optional here for old serialiization + pub commit_upfront_shutdown_pubkey: Option, /// Limit our total exposure to in-flight HTLCs which are burned to fees as they are too /// small to claim on-chain. /// @@ -256,7 +259,7 @@ impl Default for ChannelConfig { forwarding_fee_base_msat: 1000, cltv_expiry_delta: 6 * 12, // 6 blocks/hour * 12 hours announced_channel: false, - commit_upfront_shutdown_pubkey: true, + commit_upfront_shutdown_pubkey: Some(true), max_dust_htlc_exposure_msat: 5_000_000, force_close_avoidance_max_fee_satoshis: 1000, } @@ -269,7 +272,7 @@ impl_writeable_tlv_based!(ChannelConfig, { (2, cltv_expiry_delta, required), (3, force_close_avoidance_max_fee_satoshis, (default_value, 1000)), (4, announced_channel, required), - (6, commit_upfront_shutdown_pubkey, required), + (6, commit_upfront_shutdown_pubkey, option), (8, forwarding_fee_base_msat, required), });