4 * This release is almost entirely focused on a new API in the
5 `lightning-invoice` crate - the `InvoicePayer`. `InvoicePayer` is a
6 struct which takes a reference to a `ChannelManager` and a `NetworkGraph`
7 and retries payments as paths fail. It limits retries to a configurable
8 number, but is not serialized to disk and may retry additional times across
9 a serialization/load. In order to learn about failed payments, it must
10 receive `Event`s directly from the `ChannelManager`, wrapping a
11 user-provided `EventHandler` which it provides all unhandled events to
13 * `get_route` has been renamed `find_route` (#1059) and now takes a `Payee`
14 struct in replacement of a number of its long list of arguments (#1134).
15 `Payee` is further stored in the `Route` object returned and provided in the
16 `RouteParameters` contained in `Event::PaymentPathFailed` (#1059).
17 * `ChannelMonitor`s must now be persisted after calls which provide new block
18 data, prior to `MonitorEvent`s being passed back to `ChannelManager` for
19 processing. If you are using a `ChainMonitor` this is handled for you.
20 The `Persist` API has been updated to `Option`ally take the
21 `ChannelMonitorUpdate` as persistence events that result from chain data no
22 longer have a corresponding update (#1108).
23 * `routing::Score` now has a `payment_path_failed` method which it can use to
24 learn which channels often fail payments. It is automatically called by
25 `InvoicePayer` for failed payment paths (#1144).
26 * The default `Scorer` implementation is now a type alias to a type generic
27 across different clocks and supports serialization to persist scoring data
28 across restarts (#1146).
29 * `Event::PaymentSent` now includes the full fee which was spent across all
30 payment paths which were fulfilled or pending when the payment was fulfilled
32 * `NetGraphMsgHandler` now takes a `Deref` to the `NetworkGraph`, allowing for
33 shared references to the graph data to make serialization and references to
34 the graph data in the `InvoicePayer`'s `Router` simpler (#1149).
35 * `routing::Score::channel_penalty_msat` has been updated to provide the
36 `NodeId` of both the source and destination nodes of a channel (#1133).
39 * Delay disconnecting peers if we receive messages from them even if it takes
40 a while to receive a pong from them. Further, avoid sending too many gossip
41 messages between pings to ensure we should always receive pongs in a timely
42 manner. Together, these should significantly reduce instances of us failing
43 to remain connected to a peer during initial gossip sync (#1137).
44 * If a payment is sent, creating an outbound HTLC and sending it to our
45 counterparty (implying the `ChannelMonitor` was persisted on disk), but the
46 `ChannelManager` was not persisted prior to shutdown/crash, no
47 `Event::PaymentPathFailed` event will be generated if the HTLC is eventually
48 failed on chain (#1104).
50 ## Serialization Compatibility
51 * All above new Events/fields are ignored by prior clients. All above new
52 Events/fields are not present when reading objects serialized by prior
53 versions of the library.
54 * Payments for which a `Route` was generated using a previous version or for
55 which the payment was originally sent by a previous version of the library
56 will not be retried by an `InvoicePayer`.
58 This release was singularly focused and some contributions by third parties
60 In total, this release features 38 files changed, 4414 insertions, and 969
61 deletions in 71 commits from 2 authors, in alphabetical order:
67 # 0.0.102 - 2021-10-18
70 * `get_route` now takes a `Score` as an argument. `Score` is queried during
71 the route-finding process, returning the absolute amounts which you are
72 willing to pay to avoid routing over a given channel. As a default, a
73 `Scorer` is provided which returns a constant amount, with a suggested
74 default of 500 msat. This translates to a willingness to pay up to 500 msat
75 in additional fees per hop in order to avoid additional hops (#1124).
76 * `Event::PaymentPathFailed` now contains a `short_channel_id` field which may
77 be filled in with a channel that can be "blamed" for the payment failure.
78 Payment retries should likely avoid the given channel for some time (#1077).
79 * `PublicKey`s in `NetworkGraph` have been replaced with a `NodeId` struct
80 which contains only a simple `[u8; 33]`, substantially improving
81 `NetworkGraph` deserialization performance (#1107).
82 * `ChainMonitor`'s `HashMap` of `ChannelMonitor`s is now private, exposed via
83 `Chainmonitor::get_monitor` and `ChainMonitor::list_monitors` instead
85 * When an outbound channel is closed prior to the broadcasting of its funding
86 transaction, but after you call
87 `ChannelManager::funding_transaction_generated`, a new event type,
88 `Event::DiscardFunding`, is generated, informing you the transaction was not
89 broadcasted and that you can spend the same inputs again elsewhere (#1098).
90 * `ChannelManager::create_channel` now returns the temporary channel ID which
91 may later appear in `Event::ChannelClosed` or `ChannelDetails` prior to the
92 channel being funded (#1121).
93 * `Event::PaymentSent` now contains the payment hash as well as the payment
95 * `ReadOnlyNetworkGraph::get_addresses` now returns owned `NetAddress` rather
96 than references. As a side-effect this method is now exposed in foreign
97 language bindings (#1115).
98 * The `Persist` and `ChannelMonitorUpdateErr` types have moved to the
99 `lightning::chain::chainmonitor` and `lightning::chain` modules,
100 respectively (#1112).
101 * `ChannelManager::send_payment` now returns a `PaymentId` which identifies a
102 payment (whether MPP or not) and can be used to retry the full payment or
103 MPP parts through `retry_payment` (#1096). Note that doing so is currently
104 *not* crash safe, and you may find yourself sending twice. It is recommended
105 that you *not* use the `retry_payment` API until the next release.
108 * Due to an earlier fix for the Lightning dust inflation vulnerability tracked
109 in CVE-2021-41591/CVE-2021-41592/CVE-2021-41593 in 0.0.100, we required
110 counterparties to accept a dust limit slightly lower than the dust limit now
111 required by other implementations. This appeared as, at least, latest lnd
112 always refusing to accept channels opened by LDK clients (#1065).
113 * If there are multiple channels available to the same counterparty,
114 `get_route` would only consider the channel listed last as available for
116 * `Persist` implementations returning
117 `ChannelMonitorUpdateErr::TemporaryFailure` from `watch_channel` previously
118 resulted in the `ChannelMonitor` not being stored at all, resulting in a
119 panic after monitor updating is complete (#1112).
120 * If payments are pending awaiting forwarding at startup, an
121 `Event::PendingHTLCsForwardable` event will always be provided. This ensures
122 user code calls `ChannelManager::process_pending_htlc_fowards` even if it
123 shut down while awaiting the batching timer during the previous run (#1076).
124 * If a call to `ChannelManager::send_payment` failed due to lack of
125 availability of funds locally, LDK would store the payment as pending
126 forever, with no ability to retry or fail it, leaking memory (#1109).
128 ## Serialization Compatibility
129 * All above new Events/fields are ignored by prior clients. All above new
130 Events/fields, except for `Event::PaymentSent::payment_hash` are not present
131 when reading objects serialized by prior versions of the library.
133 In total, this release features 32 files changed, 2248 insertions, and 1483
134 deletions in 51 commits from 7 authors, in alphabetical order:
145 # 0.0.101 - 2021-09-23
148 * Custom message types are now supported directly in the `PeerManager`,
149 allowing you to send and receive messages of any type that is not natively
150 understood by LDK. This requires a new type bound on `PeerManager`, a
151 `CustomMessageHandler`. `IgnoringMessageHandler` provides a simple default
152 for this new bound for ignoring unknown messages (#1031, #1074).
153 * Route graph updates as a result of failed payments are no longer provided as
154 `MessageSendEvent::PaymentFailureNetworkUpdate` but instead included in a
155 new field in the `Event::PaymentFailed` events. Generally, this means route
156 graph updates are no longer handled as a part of the `PeerManager` but
157 instead through the new `EventHandler` implementation for
158 `NetGraphMsgHandler`. To make this easy, a new parameter to
159 `lightning-background-processor::BackgroundProcessor::start` is added, which
160 contains an `Option`al `NetGraphmsgHandler`. If provided as `Some`, relevant
161 events will be processed by the `NetGraphMsgHandler` prior to normal event
163 * `NetworkGraph` is now, itself, thread-safe. Accordingly, most functions now
164 take `&self` instead of `&mut self` and the graph data can be accessed
165 through `NetworkGraph.read_only` (#1043).
166 * The balances available on-chain to claim after a channel has been closed are
167 now exposed via `ChannelMonitor::get_claimable_balances` and
168 `ChainMonitor::get_claimable_balances`. The second can be used to get
169 information about all closed channels which still have on-chain balances
170 associated with them. See enum variants of `ln::channelmonitor::Balance` and
171 method documentation for the above methods for more information on the types
172 of balances exposed (#1034).
173 * When one HTLC of a multi-path payment fails, the new field `all_paths_failed`
174 in `Event::PaymentFailed` is set to `false`. This implies that the payment
175 has not failed, but only one part. Payment resolution is only indicated by an
176 `Event::PaymentSent` event or an `Event::PaymentFailed` with
177 `all_paths_failed` set to `true`, which is also set for the last remaining
178 part of a multi-path payment (#1053).
179 * To better capture the context described above, `Event::PaymentFailed` has
180 been renamed to `Event::PaymentPathFailed` (#1084).
181 * A new event, `ChannelClosed`, is provided by `ChannelManager` when a channel
182 is closed, including a reason and error message (if relevant, #997).
183 * `lightning-invoice` now considers invoices with sub-millisatoshi precision
184 to be invalid, and requires millisatoshi values during construction (thus
185 you must call `amount_milli_satoshis` instead of `amount_pico_btc`, #1057).
186 * The `BaseSign` interface now includes two new hooks which provide additional
187 information about commitment transaction signatures and revocation secrets
188 provided by our counterparty, allowing additional verification (#1039).
189 * The `BaseSign` interface now includes additional information for cooperative
190 close transactions, making it easier for a signer to verify requests (#1064).
191 * `Route` has two additional helper methods to get fees and amounts (#1063).
192 * `Txid` and `Transaction` objects can now be deserialized from responses when
193 using the HTTP client in the `lightning-block-sync` crate (#1037, #1061).
196 * Fix a panic when reading a lightning invoice with a non-recoverable
197 signature. Further, restrict lightning invoice parsing to require payment
198 secrets and better handle a few edge cases as required by BOLT 11 (#1057).
199 * Fix a panic when receiving multiple messages (such as HTLC fulfill messages)
200 after a call to `chain::Watch::update_channel` returned
201 `Err(ChannelMonitorUpdateErr::TemporaryFailure)` with no
202 `ChannelManager::channel_monitor_updated` call in between (#1066).
203 * For multi-path payments, `Event::PaymentSent` is no longer generated
204 multiple times, once for each independent part (#1053).
205 * Multi-hop route hints in invoices are now considered in the default router
206 provided via `get_route` (#1040).
207 * The time peers have to respond to pings has been increased when building
208 with debug assertions enabled. This avoids peer disconnections on slow hosts
209 when running in debug mode (#1051).
210 * The timeout for the first byte of a response for requests from the
211 `lightning-block-sync` crate has been increased to 300 seconds to better
212 handle the long hangs in Bitcoin Core when it syncs to disk (#1090).
214 ## Serialization Compatibility
215 * Due to a bug in 0.0.100, `Event`s written by 0.0.101 which are of a type not
216 understood by 0.0.100 may lead to `Err(DecodeError::InvalidValue)` or corrupt
217 deserialized objects in 0.100. Such `Event`s will lead to an
218 `Err(DecodeError::InvalidValue)` in versions prior to 0.0.100. The only such
219 new event written by 0.0.101 is `Event::ChannelClosed` (#1087).
220 * Payments that were initiated in versions prior to 0.0.101 may still
221 generate duplicate `PaymentSent` `Event`s or may have spurious values for
222 `Event::PaymentPathFailed::all_paths_failed` (#1053).
223 * The return values of `ChannelMonitor::get_claimable_balances` (and, thus,
224 `ChainMonitor::get_claimable_balances`) may be spurious for channels where
225 the spend of the funding transaction appeared on chain while running a
226 version prior to 0.0.101. `Balance` information should only be relied upon
227 for channels that were closed while running 0.0.101+ (#1034).
228 * Payments failed while running versions prior to 0.0.101 will never have a
229 `Some` for the `network_update` field (#1043).
231 In total, this release features 67 files changed, 4980 insertions, 1888
232 deletions in 89 commits from 12 authors, in alphabetical order:
240 * Sergi Delgado Segura
247 # 0.0.100 - 2021-08-17
250 * The `lightning` crate can now be built in no_std mode, making it easy to
251 target embedded hardware for rust users. Note that mutexes are replaced with
252 no-ops for such builds (#1008, #1028).
253 * LDK now supports sending and receiving "keysend" payments. This includes
254 modifications to `lightning::util::events::Event::PaymentReceived` to
255 indicate the type of payment (#967).
256 * A new variant, `lightning::util::events::Event::PaymentForwarded` has been
257 added which indicates a forwarded payment has been successfully claimed and
258 we've received a forwarding fee (#1004).
259 * `lightning::chain::keysinterface::KeysInterface::get_shutdown_pubkey` has
260 been renamed to `get_shutdown_scriptpubkey`, returns a script, and is now
261 called on channel open only if
262 `lightning::util::config::ChannelConfig::commit_upfront_shutdown_pubkey` is
264 * Closing-signed negotiation is now more configurable, with an explicit
265 `lightning::util::config::ChannelConfig::force_close_avoidance_max_fee_satoshis`
266 field allowing you to select the maximum amount you are willing to pay to
267 avoid a force-closure. Further, we are now less restrictive on the fee
268 placed on the closing transaction when we are not the party paying it. To
269 control the feerate paid on a channel at close-time, use
270 `ChannelManager::close_channel_with_target_feerate` instead of
271 `close_channel` (#1011).
272 * `lightning_background_processor::BackgroundProcessor` now stops the
273 background thread when dropped (#1007). It is marked `#[must_use]` so that
274 Rust users will receive a compile-time warning when it is immediately
275 dropped after construction (#1029).
276 * Total potential funds burn on force-close due to dust outputs is now limited
277 to `lightning::util::config::ChannelConfig::max_dust_htlc_exposure_msat` per
279 * The interval on which
280 `lightning::ln::peer_handler::PeerManager::timer_tick_occurred` should be
281 called has been reduced to once every five seconds (#1035) and
282 `lightning::ln::channelmanager::ChannelManager::timer_tick_occurred` should
283 now be called on startup in addition to once per minute (#985).
284 * The rust-bitcoin and bech32 dependencies have been updated to their
285 respective latest versions (0.27 and 0.8, #1012).
288 * Fix panic when reading invoices generated by some versions of c-lightning
290 * Fix panic when attempting to validate a signed message of incorrect length
292 * Do not ignore the route hints in invoices when the invoice is over 250k
294 * Fees are automatically updated on outbound channels to ensure commitment
295 transactions are always broadcastable (#985).
296 * Fixes a rare case where a `lightning::util::events::Event::SpendableOutputs`
297 event is not generated after a counterparty commitment transaction is
298 confirmed in a reorg when a conflicting local commitment transaction is
299 removed in the same reorg (#1022).
300 * Fixes a remotely-triggerable force-closure of an origin channel after an
301 HTLC was forwarded over a next-hop channel and the next-hop channel was
302 force-closed by our counterparty (#1025).
303 * Fixes a rare force-closure case when sending a payment as a channel fundee
304 when overdrawing our remaining balance. Instead the send will fail (#998).
305 * Fixes a rare force-closure case when a payment was claimed prior to a
306 peer disconnection or restart, and later failed (#977).
308 ## Serialization Compatibility
309 * Pending inbound keysend payments which have neither been failed nor claimed
310 when serialized will result in a `ChannelManager` which is not readable on
311 pre-0.0.100 clients (#967).
313 `lightning::chain::keysinterface::KeysInterface::get_shutdown_scriptpubkey`
314 has been updated to return a script instead of only a `PublicKey`,
315 `ChannelManager`s constructed with custom `KeysInterface` implementations on
316 0.0.100 and later versions will not be readable on previous versions.
317 `ChannelManager`s created with 0.0.99 and prior versions will remain readable
318 even after the a serialization roundtrip on 0.0.100, as long as no new
319 channels are opened. Further, users using a
320 `lightning::chain::keysinterface::KeysManager` as their `KeysInterface` will
321 have `ChannelManager`s which are readable on prior versions as well (#1019).
322 * `ChannelMonitorUpdate`s created by 0.0.100 and later for channels when
323 `lightning::util::config::ChannelConfig::commit_upfront_shutdown_pubkey` is
324 not set may not be readable by versions prior to 0.0.100 (#1019).
325 * HTLCs which were in the process of being claimed on-chain when a pre-0.0.100
326 `ChannelMonitor` was serialized may generate `PaymentForwarded` events with
327 spurious `fee_earned_msat` values. This only applies to payments which were
328 unresolved at the time of the upgrade (#1004).
329 * 0.0.100 clients with pending `Event::PaymentForwarded` events at
330 serialization-time will generate serialized `ChannelManager` objects which
331 0.0.99 and earlier clients cannot read. The likelihood of this can be reduced
332 by ensuring you process all pending events immediately before serialization
333 (as is done by the `lightning-background-processor` crate, #1004).
336 In total, this release features 59 files changed, 5861 insertions, and 2082
337 deletions in 95 commits from 6 authors.
340 # 0.0.99 - 2021-07-09
344 * `lightning_block_sync::poll::Validate` is now public, allowing you to
345 implement the `lightning_block_sync::poll::Poll` trait without
346 `lightning_block_sync::poll::ChainPoller` (#956).
347 * `lightning::ln::peer_handler::PeerManager` no longer requires that no calls
348 are made to referencing the same `SocketDescriptor` after
349 `disconnect_socket` returns. This makes the API significantly less
350 deadlock-prone and simplifies `SocketDescriptor` implementations
351 significantly. The relevant changes have been made to `lightning_net_tokio`
352 and `PeerManager` documentation has been substantially rewritten (#957).
353 * `lightning::util::message_signing`'s `sign` and `verify` methods now take
354 secret and public keys by reference instead of value (#974).
355 * Substantially more information is now exposed about channels in
356 `ChannelDetails`. See documentation for more info (#984 and #988).
357 * The latest best block seen is now exposed in
358 `ChannelManager::current_best_block` and
359 `ChannelMonitor::current_best_block` (#984).
360 * Feerates charged when forwarding payments over channels is now set in
361 `ChannelConfig::fee_base_msat` when the channel is opened. For existing
362 channels, the value is set to the value provided in
363 `ChannelManagerReadArgs::default_config::channel_options` the first time the
364 `ChannelManager` is loaded in 0.0.99 (#975).
365 * We now reject HTLCs which are received to be forwarded over private channels
366 unless `UserConfig::accept_forwards_to_priv_channels` is set. Note that
367 `UserConfig` is never serialized and must be provided via
368 `ChannelManagerReadArgs::default_config` at each start (#975).
372 * We now forward gossip messages to peers instead of only relaying
373 locally-generated gossip or sending gossip messages during initial sync
375 * Correctly send `channel_update` messages to direct peers on private channels
376 (#949). Without this, a private node connected to an LDK node over a private
377 channel cannot receive funds as it does not know which fees the LDK node
379 * `lightning::ln::channelmanager::ChannelManager` no longer expects to be
380 persisted spuriously after we receive a `channel_update` message about any
381 channel in the routing gossip (#972).
382 * Asynchronous `ChannelMonitor` updates (using the
383 `ChannelMonitorUpdateErr::TemporaryFailure` return variant) no longer cause
384 spurious HTLC forwarding failures (#954).
385 * Transaction provided via `ChannelMonitor::transactions_confirmed`
386 after `ChannelMonitor::best_block_updated` was called for a much later
387 block now trigger all relevant actions as of the later block. Previously
388 some transaction broadcasts or other responses required an additional
389 block be provided via `ChannelMonitor::best_block_updated` (#970).
390 * We no longer panic in rare cases when an invoice contained last-hop route
391 hints which were unusable (#958).
393 ## Node Compatibility
395 * We now accept spurious `funding_locked` messages sent prior to
396 `channel_reestablish` messages after reconnect. This is a
397 [known, long-standing bug in lnd](https://github.com/lightningnetwork/lnd/issues/4006)
399 * We now set the `first_blocknum` and `number_of_blocks` fields in
400 `reply_channel_range` messages to values which c-lightning versions prior to
401 0.10 accepted. This avoids spurious force-closes from such nodes (#961).
403 ## Serialization Compatibility
405 * Due to a bug discovered in 0.0.98, if a `ChannelManager` is serialized on
406 version 0.0.98 while an `Event::PaymentSent` is pending processing, the
407 `ChannelManager` will fail to deserialize both on version 0.0.98 and later
408 versions. If you have such a `ChannelManager` available, a simple patch will
409 allow it to deserialize. Please file an issue if you need assistance (#973).
411 # 0.0.98 - 2021-06-11
413 0.0.98 should be considered a release candidate to the first alpha release of
414 Rust-Lightning and the broader LDK. It represents several years of work
415 designing and fine-tuning a flexible API for integrating lightning into any
416 application. LDK should make it easy to build a lightning node or client which
417 meets specific requirements that other lightning node software cannot. As
418 lightning continues to evolve, and new use-cases for lightning develop, the API
419 of LDK will continue to change and expand. However, starting with version 0.1,
420 objects serialized with prior versions will be readable with the latest LDK.
421 While Rust-Lightning is approaching the 0.1 milestone, language bindings
422 components of LDK available at https://github.com/lightningdevkit are still of
423 varying quality. Some are also approaching an 0.1 release, while others are
424 still much more experimental. Please note that, at 0.0.98, using Rust-Lightning
425 on mainnet is *strongly* discouraged.