Matt Corallo [Wed, 26 Jan 2022 00:10:19 +0000 (00:10 +0000)]
Avoid overflow in addition when checking counterparty feerates
This is harmless outside of debug builds - the feerate will
overflow causing it to either spuriously fail the first check, or
correctly pass it and fail the second check. In debug builds,
however, it panics due to integer overflow.
Found by the `full_stack_target` fuzz test in the
Chaincode-provided continuous fuzzing. Thanks Chaincode!
Matt Corallo [Thu, 20 Jan 2022 23:42:56 +0000 (23:42 +0000)]
Increase our PING_TIMER to ten seconds, from five.
Because many lightning nodes can take quite some time to respond to
pings, the five second ping timer can sometimes cause spurious
disconnects even though a peer is online. However, in part as a
response to mobile users where a connection may be lost as result
of only a short time with the app in a "paused" state, we had a
rather aggressive ping time to ensure we would disconnect quickly.
However, since we now just used a fixed time for the "went to
sleep" detection, we can somewhat increase the ping timer. We still
want to be fairly aggressive to avoid sending HTLCs to a peer that
is offline, but the tradeoff between spurious disconnections and
stuck payments is likely doesn't need to be quite as aggressive.
Matt Corallo [Sun, 26 Sep 2021 00:09:17 +0000 (00:09 +0000)]
Avoid disconnecting all peers if user code is slow
In the sample client (and likely other downstream users), event
processing may block on slow operations (e.g. Bitcoin Core RPCs)
and ChannelManager persistence may take some time. This should be
fine, except that we consider this a case of possible backgrounding
and disconnect all of our peers when it happens.
Instead, we here avoid considering event processing time in the
time between PeerManager events.
dependabot[bot] [Tue, 18 Jan 2022 22:05:49 +0000 (22:05 +0000)]
Update hex requirement from 0.3 to 0.4
Updates the requirements on [hex](https://github.com/KokaKiwi/rust-hex) to permit the latest version.
- [Release notes](https://github.com/KokaKiwi/rust-hex/releases)
- [Commits](https://github.com/KokaKiwi/rust-hex/compare/v0.3...v0.4.3)
Matt Corallo [Wed, 12 Jan 2022 19:58:08 +0000 (19:58 +0000)]
Make lockorder consistent in channelmanager
This resolves a lockorder inversion in
`ChannelManager::finalize_claims` where `pending_outbound_payments`
is locked after `pending_events`, opposite of, for example, the
lockorder in `ChannelManager::fail_htlc_backwards_internal` where
`pending_outbound_payments` is locked at the top of the
`HTLCSource::OutboundRoute` handling and then `pending_events` is
locked at the end.
Matt Corallo [Fri, 7 Jan 2022 20:11:31 +0000 (20:11 +0000)]
Rely on Error/Warning message data lengths being correct
In https://github.com/lightning/bolts/pull/950, the (somewhat
strange) requirement that error messages be handled even if the
length field is set larger than the size of the package was
removed. Here we change the code to drop the special handling for
this, opting to just fail to read the message if the length is
incorrect.
Matt Corallo [Thu, 30 Sep 2021 22:45:07 +0000 (22:45 +0000)]
Convert `shutdown` invalid script checks to warning messages
As required by the warning messages PR, we should simply warn our
counterparty in this case and let them try again, continuing to try
to use the channel until they tell us otherwise.
Matt Corallo [Sat, 18 Dec 2021 19:52:11 +0000 (19:52 +0000)]
Swap around generic argument ordering in InvoicePayer for bindings
The bindings generation really should support generic bounds other
than Deref::Target in where clauses, but currently does not. To
avoid needing to add support during the current release process,
we simply swap around the arguments to move them to the first <>
instead of the where.
Matt Corallo [Fri, 17 Dec 2021 22:38:46 +0000 (22:38 +0000)]
Swap around generic argument ordering in DefaultRouter for bindings
The bindings generation really should support default generic types
in where clauses, but currently does not. To avoid needing to add
support during the current release process, we simply swap around
the arguments to move them to the first <> instead of the where.
Add new invoice CreationError::InvalidAmount for use in checking `create_inbound_payment`
in an invoice creation utility. Note that if the error type of `create_inbound_payment` ever
changed, we'd be forced to update the invoice utility's callsite to handle the new error
Matt Corallo [Tue, 14 Dec 2021 01:33:37 +0000 (01:33 +0000)]
Reject channel_update messages with timestamps too old or new
Because we time out channel info that is older than two weeks now,
we should also reject new channel info that is older than two
weeks, in addition to rejecting future channel info.
Matt Corallo [Sat, 4 Dec 2021 23:41:37 +0000 (23:41 +0000)]
Use `Event::PaymentFailed` in `InvoicePayer` to remove retry count
This finally fixes the bug described in the previous commits where
we retry a payment after its retry count has expired due to early
removal of the payment from the retry count tracking map. A test is
also added which demonstrates the bug in previous versions and
which passes now.
Matt Corallo [Fri, 10 Dec 2021 00:28:24 +0000 (00:28 +0000)]
Expose an event when a payment has failed and retries complete
When a payment fails, a payer needs to know when they can consider
a payment as fully-failed, and when only some of the HTLCs in the
payment have failed. This isn't possible with the current event
scheme, as discovered recently and as described in the previous
commit.
This adds a new event which describes when a payment is fully and
irrevocably failed, generating it only after the payment has
expired or been marked as expired with
`ChannelManager::mark_retries_exceeded` *and* all HTLCs for it
have failed. With this, a payer can more simply deduce when a
payment has failed and use that to remove payment state or
finalize a payment failure.
Matt Corallo [Fri, 3 Dec 2021 19:57:37 +0000 (19:57 +0000)]
Add a variant to `PendingOutboundPayment` for retries-exceeded
When a payer gives up trying to retry a payment, they don't know
for sure what the current state of the event queue is.
Specifically, they cannot be sure that there are not multiple
additional `PaymentPathFailed` or even `PaymentSuccess` events
pending which they will see later. Thus, they have a very hard
time identifying whether a payment has truly failed (and informing
the UI of that fact) or if it is still pending. See [1] for more
information.
In order to avoid this mess, we will resolve it here by having the
payer give `ChannelManager` a bit more information - when they
have given up on a payment - and using that to generate a
`PaymentFailed` event when all paths have failed.
This commit adds the neccessary storage and changes for the new
state inside `ChannelManager` and a public method to mark a payment
as failed, the next few commits will add the new `Event` and use
the new features in our `PaymentRetrier`.
Matt Corallo [Tue, 7 Dec 2021 19:17:57 +0000 (19:17 +0000)]
Upgrade to codecov uploader v2
Some time ago codecov stopped supporting their old v1 uploader, and
it seems they've now finally turned it off, so we aren't getting
any coverage reports anymore. Hopefully upgrading is pretty trivial.