From 2322c2365c0bb91ce7440b9971a0bc43f1bd4dc8 Mon Sep 17 00:00:00 2001 From: Antoine Riard Date: Thu, 1 Aug 2019 10:54:02 -0400 Subject: [PATCH] Make get_latest_local_commitment_txn public You may use it to get a broadcastable local toxic tx in case of fallen-behind, i.e when receiving a channel_reestablish with a proof that our remote side knows a higher revocation secret than the local commitment number we are aware of. Broadcasting these transactions are UNSAFE, as they allow remote side to punish you. Nevertheless you may want to broadcast them if remote don't close channel with his higher commitment transaction after a substantial amount of time (a month or even a year) to get back funds. Best may be to contact out-of-band the other node operator to coordinate with him if option is available to you. In any-case, choice is up to the user. Also, log toxic commitment tx id in channel_reestablish sending back ChannelError::CloseDelayBroadcast --- src/ln/channelmanager.rs | 5 ++++- src/ln/channelmonitor.rs | 13 ++++++++++--- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/src/ln/channelmanager.rs b/src/ln/channelmanager.rs index 2b22cbd89..a957a96df 100644 --- a/src/ln/channelmanager.rs +++ b/src/ln/channelmanager.rs @@ -494,7 +494,10 @@ macro_rules! try_chan_entry { } } } - let mut shutdown_res = chan.force_shutdown(); // We drop closing transactions as they are toxic datas and MUST NOT be broadcast + let mut shutdown_res = chan.force_shutdown(); + if shutdown_res.0.len() >= 1 { + log_error!($self, "You have a toxic local commitment transaction {} avaible in channel monitor, read comment in ChannelMonitor::get_latest_local_commitment_txn to be informed of manual action to take", shutdown_res.0[0].txid()); + } shutdown_res.0.clear(); return Err(MsgHandleErrInternal::from_finish_shutdown(msg, channel_id, shutdown_res, $self.get_channel_update(&chan).ok())) } diff --git a/src/ln/channelmonitor.rs b/src/ln/channelmonitor.rs index e0ffe8098..18319633f 100644 --- a/src/ln/channelmonitor.rs +++ b/src/ln/channelmonitor.rs @@ -2051,9 +2051,16 @@ impl ChannelMonitor { None } - /// Used by ChannelManager deserialization to broadcast the latest local state if it's copy of - /// the Channel was out-of-date. - pub(super) fn get_latest_local_commitment_txn(&self) -> Vec { + /// Used by ChannelManager deserialization to broadcast the latest local state if its copy of + /// the Channel was out-of-date. You may use it to get a broadcastable local toxic tx in case of + /// fallen-behind, i.e when receiving a channel_reestablish with a proof that our remote side knows + /// a higher revocation secret than the local commitment number we are aware of. Broadcasting these + /// transactions are UNSAFE, as they allow remote side to punish you. Nevertheless you may want to + /// broadcast them if remote don't close channel with his higher commitment transaction after a + /// substantial amount of time (a month or even a year) to get back funds. Best may be to contact + /// out-of-band the other node operator to coordinate with him if option is available to you. + /// In any-case, choice is up to the user. + pub fn get_latest_local_commitment_txn(&self) -> Vec { if let &Some(ref local_tx) = &self.current_local_signed_commitment_tx { let mut res = vec![local_tx.tx.clone()]; match self.key_storage { -- 2.39.5