From ad5f72894c9fa501e3d71fee7f12f8cfdc9dd55e Mon Sep 17 00:00:00 2001 From: Antoine Riard Date: Thu, 9 Apr 2020 21:51:29 -0400 Subject: [PATCH] Document exactly our CLTV sanitization policy for final incoming HTLCs We want to avoid a third-party channel closure, where a random node by sending us a payment expiring at current height, would trigger our onchain logic to close the channel due to a near-expiration. --- lightning/src/ln/channel.rs | 2 -- lightning/src/ln/channelmanager.rs | 6 +++++- lightning/src/util/events.rs | 5 +++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index f44109432..efc3a151c 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -1727,8 +1727,6 @@ impl Channel { return Err(ChannelError::Close("Remote provided CLTV expiry in seconds instead of block height")); } - //TODO: Check msg.cltv_expiry further? Do this in channel manager? - if self.channel_state & ChannelState::LocalShutdownSent as u32 != 0 { if let PendingHTLCStatus::Forward(_) = pending_forward_state { panic!("ChannelManager shouldn't be trying to add a forwardable HTLC after we've started closing"); diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 8086fe3a9..939b61e4d 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -1039,7 +1039,11 @@ impl ChannelMan // OUR PAYMENT! // final_expiry_too_soon - if (msg.cltv_expiry as u64) < self.latest_block_height.load(Ordering::Acquire) as u64 + (CLTV_CLAIM_BUFFER + LATENCY_GRACE_PERIOD_BLOCKS) as u64 { + // We have to have some headroom to broadcast on chain if we have the preimage, so make sure we have at least + // HTLC_FAIL_BACK_BUFFER blocks to go. + // Also, ensure that, in the case of an unknown payment hash, our payment logic has enough time to fail the HTLC backward + // before our onchain logic triggers a channel closure (see HTLC_FAIL_BACK_BUFFER rational). + if (msg.cltv_expiry as u64) <= self.latest_block_height.load(Ordering::Acquire) as u64 + HTLC_FAIL_BACK_BUFFER as u64 + 1 { return_err!("The final CLTV expiry is too soon to handle", 17, &[0;0]); } // final_incorrect_htlc_amount diff --git a/lightning/src/util/events.rs b/lightning/src/util/events.rs index ca6355af0..43a2dc3bd 100644 --- a/lightning/src/util/events.rs +++ b/lightning/src/util/events.rs @@ -51,8 +51,9 @@ pub enum Event { }, /// Indicates we've received money! Just gotta dig out that payment preimage and feed it to /// ChannelManager::claim_funds to get it.... - /// Note that if the preimage is not known or the amount paid is incorrect, you must call - /// ChannelManager::fail_htlc_backwards to free up resources for this HTLC. + /// Note that if the preimage is not known or the amount paid is incorrect, you should call + /// ChannelManager::fail_htlc_backwards to free up resources for this HTLC and avoid + /// network congestion. /// The amount paid should be considered 'incorrect' when it is less than or more than twice /// the amount expected. /// If you fail to call either ChannelManager::claim_funds or -- 2.39.5