Matt Corallo [Wed, 21 Apr 2021 00:11:54 +0000 (00:11 +0000)]
Fix (and test) panic when our counterparty uses a bogus funding tx
During the block API refactor, we started calling
Channel::force_shutdown when a channel is closed due to a bogus
funding tx. However, we still set the channel's state to Shutdown
prior to doing so, leading to an assertion in force_shutdown (that
the channel is not already closed).
This removes the state-set call and adds a (long-overdue) test for
this case.
Define a separate trait akin to chain::Listen for notifying when
transactions have been confirmed on chain or unconfirmed during a chain
reorganization. Whereas chain::Listen is used for block-oriented chain
sources, chain::Confirm is used for chain sources supplying data for
activity related to transactions and outputs registered via
chain::Filter.
Matt Corallo [Wed, 21 Apr 2021 21:50:41 +0000 (21:50 +0000)]
[peer_handler] Take the peers lock before getting messages to send
Previously, if a user simultaneously called
`PeerHandler::process_events()` from two threads, we'd race, which
ended up sending messages out-of-order in the real world.
Specifically, we first called `get_and_clear_pending_msg_events`,
then take the `peers` lock and push the messages we got into the
sending queue. Two threads may both get some set of messages to
send, but then race each other into the `peers` lock and send the
messages in random order.
Because we already hold the `peers` lock when calling most message
handler functions, we can simply take the lock before calling
`get_and_clear_pending_msg_events`, solving the race.
Matt Corallo [Tue, 13 Apr 2021 23:38:31 +0000 (19:38 -0400)]
Use a trait to handle ChannelManager persistence instead of an Fn
This avoids having to write new support for closures in the C
bindings generation but, more importantly, we really need to also
be handling Events in the same trait, so it makes sense to go ahead
and convert it.
For compatibility, the trait is implemented for any matching
closure.
This test failed when ConnectionStyle was set to a SkippingBlocks
variant because of a bug in ChannelMonitor::update_best_block.
Parameterize the test with these styles to catch any regressions.
Define an Electrum-friendly interface for ChannelMonitor where txids of
relevant transactions can be obtained. For any of these transactions
that are re-orged out of the chain, users must call
transaction_unconfirmed.
There is a possible race condition when both the latest block hash and
height are needed. Combine these in one struct and place them behind a
single lock.
Jeffrey Czyz [Wed, 31 Mar 2021 17:54:01 +0000 (13:54 -0400)]
Add txid to on-chain event tracking
When using Electrum, transactions are individually unconfirmed during a
reorg rather than by block. Store the txid of the transaction creating
the on-chain event so that it can be used to determine which events need
to be removed when a transaction is unconfirmed.
Jeffrey Czyz [Wed, 31 Mar 2021 17:23:57 +0000 (13:23 -0400)]
Flatten onchain_events_waiting_threshold_conf
Rather than mapping height to a vector of events, use a single vector
for all events. This allows for easily processing events by either
height or transaction. The latter will be used for an interface suitable
for Electrum.
Matt Corallo [Mon, 12 Apr 2021 17:48:29 +0000 (13:48 -0400)]
Return ChannelMonitors in a Vec, not HashMap when loading from disk
There's little reason for the HashMap - the ChannelMonitors are
already unique (enforced by file names), and the eventual HashMap
that users need when deserializing the `ChannelManager` is a
slightly different form (it requires no BlockHash entry).
Matt Corallo [Fri, 26 Mar 2021 22:07:24 +0000 (18:07 -0400)]
Take the full funding transaction from the user on generation
Instead of relying on the user to ensure the funding transaction is
correct (and panicing when it is confirmed), we should check it is
correct when it is generated. By taking the full funding transaciton
from the user on generation, we can also handle broadcasting for
them instead of doing so via an event.
Matt Corallo [Fri, 5 Mar 2021 02:42:42 +0000 (21:42 -0500)]
Don't clone Features during Dijkstras graph walk
We currently copy the features objects in each channel as we walk
the graph during route calculation. This implies a significant
amount of malloc traffic as the features flags object are stored
on the heap.
Instead, because they features being referenced are in the network
graph which we hold a reference to, we can simply store references
to them.
This nontrivially improves our get_route benchmark by around 5%.
Matt Corallo [Sat, 27 Mar 2021 16:49:42 +0000 (12:49 -0400)]
[router] Avoid re-processing peers when a score component decreases
While walking the graph doing Dijkstra's, we may decrease the
amount being sent along one path, and not others, based on the
htlc_minimum_msat value. This may result in a lower relative fees
on that path in comparison to others. In the extreme, this may
result in finding a second path to a node with a lower fee than the
first path found (normally impossible in a Dijkstra's
implementation, as we walk next hops in fee-order).
In such a case, we end up with parts of our state invalid as
further hops beyond that node have been filled in using the
original total fee information.
Instead, we simply track which nodes have been processed and ignore
and further updates to them (as it implies we've reduced the amount
we're sending to find a lower absolute fee, but a higher relative
fee, which isn't a better route).
We check that we are in exactly this case in test builds with new
in-line assertions. Note that these assertions successfully detect
the bug in the previous commit.
Sadly this requires an extra HashMap lookup every time we pop an
element off of our heap, though we can skip a number of heap pushes
during the channel walking.
Matt Corallo [Sat, 27 Mar 2021 01:50:54 +0000 (21:50 -0400)]
Add a random real-world-network-graph test for the router
This is the same code as was recently failing in our benchmarks,
adapted to use a random starting seed instead of a fixed one and
a smaller iteration to reduce runtime.
Matt Corallo [Sat, 27 Mar 2021 16:27:44 +0000 (12:27 -0400)]
[router] Calc min-to-node fees based on min value, not est value
When walking the network graph to calculate a route, we always
calculate the minimum fee which is required to make one further
hop. This avoids some extra hop processing at the end of each path
selection loop (saving around 10% runtime in our benchmarks).
However, if we use the real value which we expect
to send over a channel in that calculation, we may find an
alternate path to the same node which is more expensive but
capacity-constrained, resulting in us considering it cheaper as the
relative fee paid will be lower.
Instead, we can use the `minimal_value_contribution_msat`, which is
a constant through an entire path finding iteration, as the amount,
preventing any basis change in the relative fee paid.
Matt Corallo [Sat, 27 Mar 2021 02:56:37 +0000 (22:56 -0400)]
[router] Make Dijkstra's path scoring non-decreasing + consistent
Currently, the "best source" for a given node tracked during
Dijkstra's is updated with a different critera from the heap
sorting, resulting in loops in calculated paths.
This adds a test for the specific failure currently seen, utilizing
the new path-htlc-minimum tracking in the heap entries in place of
the per-hop htlc-minimum values which the MPP changeset partially
used.
Matt Corallo [Sat, 27 Mar 2021 02:31:57 +0000 (22:31 -0400)]
[router] Avoid re-selecting the same path over and over again
If we walk the network graph and find a route that meets are
payment amount and has a liquidiy limit far in excess of our
payment amount, we may select the same path several times in the
main path-gathering loop.
Instead, if the path we selected was not limited by the available
liquidity, we set the middle hop in the path's liquidity available
to zero, disabling that channel in future path finding steps.
Matt Corallo [Sat, 27 Mar 2021 02:53:35 +0000 (22:53 -0400)]
[router] Track full-path htlc-minimum-msat while graph-walking
Previously, we'd happily send funds through a path where, while
generating the path, in some middle hope we reduce the value being
sent to meet an htlc_maximum, making a later hop invalid due to it
no longer meeting its htlc_minimum. Instead, we need to track the
path's htlc-minimum while we're transiting the graph.
Matt Corallo [Sat, 27 Mar 2021 02:51:41 +0000 (22:51 -0400)]
[router] Do not fail if we are exactly (or 3x) limited by a maximum
The new MPP routing algorithm attempts to build paths with a higher
value than our payment to find paths which may allow us to pay a
fee to meet an htlc_minimum limit. This is great if we're
min-bounded, however it results in us rejecting paths where we are
bounded by a maximum near the end of the path, with fees, and then
bounded by a minimum earlier in the path. Further, it means we will
not find the cheapest path where paths have a lower relative fee
but a higher absolute fee.
Instead, we calculate routes using the actual amount we wish to
send. To maintain the previous behavior of searching for cheaper
paths where we can "pay the difference" to meet an htlc_minimum, we
detect if we were minimum-bounded during graph walking and, if we
are, we walk the graph again with a higher value.