1 // This file is Copyright its original authors, visible in version control
4 // This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
5 // or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
6 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
7 // You may not use this file except in accordance with one or both of these
10 //! The logic to build claims and bump in-flight transactions until confirmations.
12 //! OnchainTxHandler objects are fully-part of ChannelMonitor and encapsulates all
13 //! building, tracking, bumping and notifications functions.
15 use bitcoin::blockdata::transaction::Transaction;
16 use bitcoin::blockdata::transaction::OutPoint as BitcoinOutPoint;
17 use bitcoin::blockdata::script::Script;
19 use bitcoin::hash_types::{Txid, BlockHash};
21 use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
22 use bitcoin::secp256k1;
24 use crate::chain::keysinterface::{ChannelSigner, EntropySource, SignerProvider};
25 use crate::ln::msgs::DecodeError;
26 use crate::ln::PaymentPreimage;
28 use crate::ln::chan_utils::{self, HTLCOutputInCommitment};
29 use crate::ln::chan_utils::{ChannelTransactionParameters, HolderCommitmentTransaction};
31 use crate::chain::chaininterface::ConfirmationTarget;
32 use crate::chain::chaininterface::{FeeEstimator, BroadcasterInterface, LowerBoundedFeeEstimator};
33 use crate::chain::channelmonitor::{ANTI_REORG_DELAY, CLTV_SHARED_CLAIM_BUFFER};
34 use crate::chain::keysinterface::WriteableEcdsaChannelSigner;
36 use crate::chain::package::PackageSolvingData;
37 use crate::chain::package::PackageTemplate;
38 use crate::util::logger::Logger;
39 use crate::util::ser::{Readable, ReadableArgs, MaybeReadable, Writer, Writeable, VecWriter};
42 use crate::prelude::*;
43 use alloc::collections::BTreeMap;
46 use core::mem::replace;
49 use bitcoin::hashes::Hash;
51 const MAX_ALLOC_SIZE: usize = 64*1024;
53 /// An entry for an [`OnchainEvent`], stating the block height when the event was observed and the
54 /// transaction causing it.
56 /// Used to determine when the on-chain event can be considered safe from a chain reorganization.
57 #[derive(PartialEq, Eq)]
58 struct OnchainEventEntry {
61 block_hash: Option<BlockHash>, // Added as optional, will be filled in for any entry generated on 0.0.113 or after
65 impl OnchainEventEntry {
66 fn confirmation_threshold(&self) -> u32 {
67 self.height + ANTI_REORG_DELAY - 1
70 fn has_reached_confirmation_threshold(&self, height: u32) -> bool {
71 height >= self.confirmation_threshold()
75 /// Upon discovering of some classes of onchain tx by ChannelMonitor, we may have to take actions on it
76 /// once they mature to enough confirmations (ANTI_REORG_DELAY)
77 #[derive(PartialEq, Eq)]
79 /// Outpoint under claim process by our own tx, once this one get enough confirmations, we remove it from
80 /// bump-txn candidate buffer.
82 package_id: PackageID,
84 /// Claim tx aggregate multiple claimable outpoints. One of the outpoint may be claimed by a counterparty party tx.
85 /// In this case, we need to drop the outpoint and regenerate a new claim tx. By safety, we keep tracking
86 /// the outpoint to be sure to resurect it back to the claim tx if reorgs happen.
88 package: PackageTemplate,
92 impl Writeable for OnchainEventEntry {
93 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
94 write_tlv_fields!(writer, {
95 (0, self.txid, required),
96 (1, self.block_hash, option),
97 (2, self.height, required),
98 (4, self.event, required),
104 impl MaybeReadable for OnchainEventEntry {
105 fn read<R: io::Read>(reader: &mut R) -> Result<Option<Self>, DecodeError> {
106 let mut txid = Txid::all_zeros();
108 let mut block_hash = None;
109 let mut event = None;
110 read_tlv_fields!(reader, {
112 (1, block_hash, option),
113 (2, height, required),
114 (4, event, ignorable),
116 if let Some(ev) = event {
117 Ok(Some(Self { txid, height, block_hash, event: ev }))
124 impl_writeable_tlv_based_enum_upgradable!(OnchainEvent,
126 (0, package_id, required),
128 (1, ContentiousOutpoint) => {
129 (0, package, required),
133 impl Readable for Option<Vec<Option<(usize, Signature)>>> {
134 fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
135 match Readable::read(reader)? {
138 let vlen: u64 = Readable::read(reader)?;
139 let mut ret = Vec::with_capacity(cmp::min(vlen as usize, MAX_ALLOC_SIZE / ::core::mem::size_of::<Option<(usize, Signature)>>()));
141 ret.push(match Readable::read(reader)? {
143 1u8 => Some((<u64 as Readable>::read(reader)? as usize, Readable::read(reader)?)),
144 _ => return Err(DecodeError::InvalidValue)
149 _ => Err(DecodeError::InvalidValue),
154 impl Writeable for Option<Vec<Option<(usize, Signature)>>> {
155 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
159 (vec.len() as u64).write(writer)?;
160 for opt in vec.iter() {
162 &Some((ref idx, ref sig)) => {
164 (*idx as u64).write(writer)?;
167 &None => 0u8.write(writer)?,
171 &None => 0u8.write(writer)?,
178 /// The claim commonly referred to as the pre-signed second-stage HTLC transaction.
179 pub(crate) struct ExternalHTLCClaim {
180 pub(crate) commitment_txid: Txid,
181 pub(crate) per_commitment_number: u64,
182 pub(crate) htlc: HTLCOutputInCommitment,
183 pub(crate) preimage: Option<PaymentPreimage>,
184 pub(crate) counterparty_sig: Signature,
187 // Represents the different types of claims for which events are yielded externally to satisfy said
190 pub(crate) enum ClaimEvent {
191 /// Event yielded to signal that the commitment transaction fee must be bumped to claim any
192 /// encumbered funds and proceed to HTLC resolution, if any HTLCs exist.
194 package_target_feerate_sat_per_1000_weight: u32,
195 commitment_tx: Transaction,
196 anchor_output_idx: u32,
198 /// Event yielded to signal that the commitment transaction has confirmed and its HTLCs must be
199 /// resolved by broadcasting a transaction with sufficient fee to claim them.
201 target_feerate_sat_per_1000_weight: u32,
202 htlcs: Vec<ExternalHTLCClaim>,
206 /// Represents the different ways an output can be claimed (i.e., spent to an address under our
207 /// control) onchain.
208 pub(crate) enum OnchainClaim {
209 /// A finalized transaction pending confirmation spending the output to claim.
212 /// An event yielded externally to signal additional inputs must be added to a transaction
213 /// pending confirmation spending the output to claim.
217 /// An internal identifier to track pending package claims within the `OnchainTxHandler`.
218 type PackageID = [u8; 32];
220 /// OnchainTxHandler receives claiming requests, aggregates them if it's sound, broadcast and
221 /// do RBF bumping if possible.
223 pub struct OnchainTxHandler<ChannelSigner: WriteableEcdsaChannelSigner> {
224 destination_script: Script,
225 holder_commitment: HolderCommitmentTransaction,
226 // holder_htlc_sigs and prev_holder_htlc_sigs are in the order as they appear in the commitment
227 // transaction outputs (hence the Option<>s inside the Vec). The first usize is the index in
228 // the set of HTLCs in the HolderCommitmentTransaction.
229 holder_htlc_sigs: Option<Vec<Option<(usize, Signature)>>>,
230 prev_holder_commitment: Option<HolderCommitmentTransaction>,
231 prev_holder_htlc_sigs: Option<Vec<Option<(usize, Signature)>>>,
233 pub(super) signer: ChannelSigner,
234 pub(crate) channel_transaction_parameters: ChannelTransactionParameters,
236 // Used to track claiming requests. If claim tx doesn't confirm before height timer expiration we need to bump
237 // it (RBF or CPFP). If an input has been part of an aggregate tx at first claim try, we need to keep it within
238 // another bumped aggregate tx to comply with RBF rules. We may have multiple claiming txn in the flight for the
239 // same set of outpoints. One of the outpoints may be spent by a transaction not issued by us. That's why at
240 // block connection we scan all inputs and if any of them is among a set of a claiming request we test for set
241 // equality between spending transaction and claim request. If true, it means transaction was one our claiming one
242 // after a security delay of 6 blocks we remove pending claim request. If false, it means transaction wasn't and
243 // we need to regenerate new claim request with reduced set of still-claimable outpoints.
244 // Key is identifier of the pending claim request, i.e the txid of the initial claiming transaction generated by
245 // us and is immutable until all outpoint of the claimable set are post-anti-reorg-delay solved.
246 // Entry is cache of elements need to generate a bumped claiming transaction (see ClaimTxBumpMaterial)
247 #[cfg(test)] // Used in functional_test to verify sanitization
248 pub(crate) pending_claim_requests: HashMap<PackageID, PackageTemplate>,
250 pending_claim_requests: HashMap<PackageID, PackageTemplate>,
252 pending_claim_events: HashMap<PackageID, ClaimEvent>,
254 // Used to link outpoints claimed in a connected block to a pending claim request.
255 // Key is outpoint than monitor parsing has detected we have keys/scripts to claim
256 // Value is (pending claim request identifier, confirmation_block), identifier
257 // is txid of the initial claiming transaction and is immutable until outpoint is
258 // post-anti-reorg-delay solved, confirmaiton_block is used to erase entry if
259 // block with output gets disconnected.
260 #[cfg(test)] // Used in functional_test to verify sanitization
261 pub claimable_outpoints: HashMap<BitcoinOutPoint, (PackageID, u32)>,
263 claimable_outpoints: HashMap<BitcoinOutPoint, (PackageID, u32)>,
265 locktimed_packages: BTreeMap<u32, Vec<PackageTemplate>>,
267 onchain_events_awaiting_threshold_conf: Vec<OnchainEventEntry>,
269 pub(super) secp_ctx: Secp256k1<secp256k1::All>,
272 const SERIALIZATION_VERSION: u8 = 1;
273 const MIN_SERIALIZATION_VERSION: u8 = 1;
275 impl<ChannelSigner: WriteableEcdsaChannelSigner> OnchainTxHandler<ChannelSigner> {
276 pub(crate) fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
277 write_ver_prefix!(writer, SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION);
279 self.destination_script.write(writer)?;
280 self.holder_commitment.write(writer)?;
281 self.holder_htlc_sigs.write(writer)?;
282 self.prev_holder_commitment.write(writer)?;
283 self.prev_holder_htlc_sigs.write(writer)?;
285 self.channel_transaction_parameters.write(writer)?;
287 let mut key_data = VecWriter(Vec::new());
288 self.signer.write(&mut key_data)?;
289 assert!(key_data.0.len() < core::usize::MAX);
290 assert!(key_data.0.len() < core::u32::MAX as usize);
291 (key_data.0.len() as u32).write(writer)?;
292 writer.write_all(&key_data.0[..])?;
294 writer.write_all(&(self.pending_claim_requests.len() as u64).to_be_bytes())?;
295 for (ref ancestor_claim_txid, request) in self.pending_claim_requests.iter() {
296 ancestor_claim_txid.write(writer)?;
297 request.write(writer)?;
300 writer.write_all(&(self.claimable_outpoints.len() as u64).to_be_bytes())?;
301 for (ref outp, ref claim_and_height) in self.claimable_outpoints.iter() {
303 claim_and_height.0.write(writer)?;
304 claim_and_height.1.write(writer)?;
307 writer.write_all(&(self.locktimed_packages.len() as u64).to_be_bytes())?;
308 for (ref locktime, ref packages) in self.locktimed_packages.iter() {
309 locktime.write(writer)?;
310 writer.write_all(&(packages.len() as u64).to_be_bytes())?;
311 for ref package in packages.iter() {
312 package.write(writer)?;
316 writer.write_all(&(self.onchain_events_awaiting_threshold_conf.len() as u64).to_be_bytes())?;
317 for ref entry in self.onchain_events_awaiting_threshold_conf.iter() {
318 entry.write(writer)?;
321 write_tlv_fields!(writer, {});
326 impl<'a, 'b, ES: EntropySource, SP: SignerProvider> ReadableArgs<(&'a ES, &'b SP, u64, [u8; 32])> for OnchainTxHandler<SP::Signer> {
327 fn read<R: io::Read>(reader: &mut R, args: (&'a ES, &'b SP, u64, [u8; 32])) -> Result<Self, DecodeError> {
328 let entropy_source = args.0;
329 let signer_provider = args.1;
330 let channel_value_satoshis = args.2;
331 let channel_keys_id = args.3;
333 let _ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
335 let destination_script = Readable::read(reader)?;
337 let holder_commitment = Readable::read(reader)?;
338 let holder_htlc_sigs = Readable::read(reader)?;
339 let prev_holder_commitment = Readable::read(reader)?;
340 let prev_holder_htlc_sigs = Readable::read(reader)?;
342 let channel_parameters = Readable::read(reader)?;
344 // Read the serialized signer bytes, but don't deserialize them, as we'll obtain our signer
345 // by re-deriving the private key material.
346 let keys_len: u32 = Readable::read(reader)?;
347 let mut bytes_read = 0;
348 while bytes_read != keys_len as usize {
349 // Read 1KB at a time to avoid accidentally allocating 4GB on corrupted channel keys
350 let mut data = [0; 1024];
351 let bytes_to_read = cmp::min(1024, keys_len as usize - bytes_read);
352 let read_slice = &mut data[0..bytes_to_read];
353 reader.read_exact(read_slice)?;
354 bytes_read += bytes_to_read;
357 let mut signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
358 signer.provide_channel_parameters(&channel_parameters);
360 let pending_claim_requests_len: u64 = Readable::read(reader)?;
361 let mut pending_claim_requests = HashMap::with_capacity(cmp::min(pending_claim_requests_len as usize, MAX_ALLOC_SIZE / 128));
362 for _ in 0..pending_claim_requests_len {
363 pending_claim_requests.insert(Readable::read(reader)?, Readable::read(reader)?);
366 let claimable_outpoints_len: u64 = Readable::read(reader)?;
367 let mut claimable_outpoints = HashMap::with_capacity(cmp::min(pending_claim_requests_len as usize, MAX_ALLOC_SIZE / 128));
368 for _ in 0..claimable_outpoints_len {
369 let outpoint = Readable::read(reader)?;
370 let ancestor_claim_txid = Readable::read(reader)?;
371 let height = Readable::read(reader)?;
372 claimable_outpoints.insert(outpoint, (ancestor_claim_txid, height));
375 let locktimed_packages_len: u64 = Readable::read(reader)?;
376 let mut locktimed_packages = BTreeMap::new();
377 for _ in 0..locktimed_packages_len {
378 let locktime = Readable::read(reader)?;
379 let packages_len: u64 = Readable::read(reader)?;
380 let mut packages = Vec::with_capacity(cmp::min(packages_len as usize, MAX_ALLOC_SIZE / core::mem::size_of::<PackageTemplate>()));
381 for _ in 0..packages_len {
382 packages.push(Readable::read(reader)?);
384 locktimed_packages.insert(locktime, packages);
387 let waiting_threshold_conf_len: u64 = Readable::read(reader)?;
388 let mut onchain_events_awaiting_threshold_conf = Vec::with_capacity(cmp::min(waiting_threshold_conf_len as usize, MAX_ALLOC_SIZE / 128));
389 for _ in 0..waiting_threshold_conf_len {
390 if let Some(val) = MaybeReadable::read(reader)? {
391 onchain_events_awaiting_threshold_conf.push(val);
395 read_tlv_fields!(reader, {});
397 let mut secp_ctx = Secp256k1::new();
398 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
400 Ok(OnchainTxHandler {
404 prev_holder_commitment,
405 prev_holder_htlc_sigs,
407 channel_transaction_parameters: channel_parameters,
410 pending_claim_requests,
411 onchain_events_awaiting_threshold_conf,
413 pending_claim_events: HashMap::new(),
419 impl<ChannelSigner: WriteableEcdsaChannelSigner> OnchainTxHandler<ChannelSigner> {
420 pub(crate) fn new(destination_script: Script, signer: ChannelSigner, channel_parameters: ChannelTransactionParameters, holder_commitment: HolderCommitmentTransaction, secp_ctx: Secp256k1<secp256k1::All>) -> Self {
424 holder_htlc_sigs: None,
425 prev_holder_commitment: None,
426 prev_holder_htlc_sigs: None,
428 channel_transaction_parameters: channel_parameters,
429 pending_claim_requests: HashMap::new(),
430 claimable_outpoints: HashMap::new(),
431 locktimed_packages: BTreeMap::new(),
432 onchain_events_awaiting_threshold_conf: Vec::new(),
434 pending_claim_events: HashMap::new(),
440 pub(crate) fn get_prev_holder_commitment_to_self_value(&self) -> Option<u64> {
441 self.prev_holder_commitment.as_ref().map(|commitment| commitment.to_broadcaster_value_sat())
444 pub(crate) fn get_cur_holder_commitment_to_self_value(&self) -> u64 {
445 self.holder_commitment.to_broadcaster_value_sat()
449 pub(crate) fn get_and_clear_pending_claim_events(&mut self) -> Vec<ClaimEvent> {
450 let mut ret = HashMap::new();
451 swap(&mut ret, &mut self.pending_claim_events);
452 ret.into_iter().map(|(_, event)| event).collect::<Vec<_>>()
455 /// Lightning security model (i.e being able to redeem/timeout HTLC or penalize counterparty
456 /// onchain) lays on the assumption of claim transactions getting confirmed before timelock
457 /// expiration (CSV or CLTV following cases). In case of high-fee spikes, claim tx may get stuck
458 /// in the mempool, so you need to bump its feerate quickly using Replace-By-Fee or
459 /// Child-Pay-For-Parent.
461 /// Panics if there are signing errors, because signing operations in reaction to on-chain
462 /// events are not expected to fail, and if they do, we may lose funds.
463 fn generate_claim<F: Deref, L: Deref>(&mut self, cur_height: u32, cached_request: &PackageTemplate, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L) -> Option<(Option<u32>, u64, OnchainClaim)>
464 where F::Target: FeeEstimator,
467 let request_outpoints = cached_request.outpoints();
468 if request_outpoints.is_empty() {
469 // Don't prune pending claiming request yet, we may have to resurrect HTLCs. Untractable
470 // packages cannot be aggregated and will never be split, so we cannot end up with an
472 debug_assert!(cached_request.is_malleable());
475 // If we've seen transaction inclusion in the chain for all outpoints in our request, we
476 // don't need to continue generating more claims. We'll keep tracking the request to fully
477 // remove it once it reaches the confirmation threshold, or to generate a new claim if the
478 // transaction is reorged out.
479 let mut all_inputs_have_confirmed_spend = true;
480 for outpoint in request_outpoints.iter() {
481 if let Some(first_claim_txid_height) = self.claimable_outpoints.get(*outpoint) {
482 // We check for outpoint spends within claims individually rather than as a set
483 // since requests can have outpoints split off.
484 if !self.onchain_events_awaiting_threshold_conf.iter()
485 .any(|event_entry| if let OnchainEvent::Claim { package_id } = event_entry.event {
486 first_claim_txid_height.0 == package_id
488 // The onchain event is not a claim, keep seeking until we find one.
492 // Either we had no `OnchainEvent::Claim`, or we did but none matched the
493 // outpoint's registered spend.
494 all_inputs_have_confirmed_spend = false;
497 // The request's outpoint spend does not exist yet.
498 all_inputs_have_confirmed_spend = false;
501 if all_inputs_have_confirmed_spend {
505 // Compute new height timer to decide when we need to regenerate a new bumped version of the claim tx (if we
506 // didn't receive confirmation of it before, or not enough reorg-safe depth on top of it).
507 let new_timer = Some(cached_request.get_height_timer(cur_height));
508 if cached_request.is_malleable() {
510 { // Attributes are not allowed on if expressions on our current MSRV of 1.41.
511 if cached_request.requires_external_funding() {
512 let target_feerate_sat_per_1000_weight = cached_request
513 .compute_package_feerate(fee_estimator, ConfirmationTarget::HighPriority);
514 if let Some(htlcs) = cached_request.construct_malleable_package_with_external_funding(self) {
517 target_feerate_sat_per_1000_weight as u64,
518 OnchainClaim::Event(ClaimEvent::BumpHTLC {
519 target_feerate_sat_per_1000_weight,
529 let predicted_weight = cached_request.package_weight(&self.destination_script);
530 if let Some((output_value, new_feerate)) = cached_request.compute_package_output(
531 predicted_weight, self.destination_script.dust_value().to_sat(), fee_estimator, logger,
533 assert!(new_feerate != 0);
535 let transaction = cached_request.finalize_malleable_package(self, output_value, self.destination_script.clone(), logger).unwrap();
536 log_trace!(logger, "...with timer {} and feerate {}", new_timer.unwrap(), new_feerate);
537 assert!(predicted_weight >= transaction.weight());
538 return Some((new_timer, new_feerate, OnchainClaim::Tx(transaction)));
541 // Untractable packages cannot have their fees bumped through Replace-By-Fee. Some
542 // packages may support fee bumping through Child-Pays-For-Parent, indicated by those
543 // which require external funding.
545 let inputs = cached_request.inputs();
547 let mut inputs = cached_request.inputs();
548 debug_assert_eq!(inputs.len(), 1);
549 let tx = match cached_request.finalize_untractable_package(self, logger) {
553 if !cached_request.requires_external_funding() {
554 return Some((None, 0, OnchainClaim::Tx(tx)));
557 return inputs.find_map(|input| match input {
558 // Commitment inputs with anchors support are the only untractable inputs supported
559 // thus far that require external funding.
560 PackageSolvingData::HolderFundingOutput(..) => {
561 debug_assert_eq!(tx.txid(), self.holder_commitment.trust().txid(),
562 "Holder commitment transaction mismatch");
563 // We'll locate an anchor output we can spend within the commitment transaction.
564 let funding_pubkey = &self.channel_transaction_parameters.holder_pubkeys.funding_pubkey;
565 match chan_utils::get_anchor_output(&tx, funding_pubkey) {
566 // An anchor output was found, so we should yield a funding event externally.
568 // TODO: Use a lower confirmation target when both our and the
569 // counterparty's latest commitment don't have any HTLCs present.
570 let conf_target = ConfirmationTarget::HighPriority;
571 let package_target_feerate_sat_per_1000_weight = cached_request
572 .compute_package_feerate(fee_estimator, conf_target);
575 package_target_feerate_sat_per_1000_weight as u64,
576 OnchainClaim::Event(ClaimEvent::BumpCommitment {
577 package_target_feerate_sat_per_1000_weight,
578 commitment_tx: tx.clone(),
579 anchor_output_idx: idx,
583 // An anchor output was not found. There's nothing we can do other than
584 // attempt to broadcast the transaction with its current fee rate and hope
585 // it confirms. This is essentially the same behavior as a commitment
586 // transaction without anchor outputs.
587 None => Some((None, 0, OnchainClaim::Tx(tx.clone()))),
591 debug_assert!(false, "Only HolderFundingOutput inputs should be untractable and require external funding");
599 /// Upon channelmonitor.block_connected(..) or upon provision of a preimage on the forward link
600 /// for this channel, provide new relevant on-chain transactions and/or new claim requests.
601 /// Together with `update_claims_view_from_matched_txn` this used to be named
602 /// `block_connected`, but it is now also used for claiming an HTLC output if we receive a
603 /// preimage after force-close.
605 /// `conf_height` represents the height at which the request was generated. This
606 /// does not need to equal the current blockchain tip height, which should be provided via
607 /// `cur_height`, however it must never be higher than `cur_height`.
608 pub(crate) fn update_claims_view_from_requests<B: Deref, F: Deref, L: Deref>(
609 &mut self, requests: Vec<PackageTemplate>, conf_height: u32, cur_height: u32,
610 broadcaster: &B, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
612 B::Target: BroadcasterInterface,
613 F::Target: FeeEstimator,
616 log_debug!(logger, "Updating claims view at height {} with {} claim requests", cur_height, requests.len());
617 let mut preprocessed_requests = Vec::with_capacity(requests.len());
618 let mut aggregated_request = None;
620 // Try to aggregate outputs if their timelock expiration isn't imminent (package timelock
621 // <= CLTV_SHARED_CLAIM_BUFFER) and they don't require an immediate nLockTime (aggregable).
622 for req in requests {
623 // Don't claim a outpoint twice that would be bad for privacy and may uselessly lock a CPFP input for a while
624 if let Some(_) = self.claimable_outpoints.get(req.outpoints()[0]) {
625 log_info!(logger, "Ignoring second claim for outpoint {}:{}, already registered its claiming request", req.outpoints()[0].txid, req.outpoints()[0].vout);
627 let timelocked_equivalent_package = self.locktimed_packages.iter().map(|v| v.1.iter()).flatten()
628 .find(|locked_package| locked_package.outpoints() == req.outpoints());
629 if let Some(package) = timelocked_equivalent_package {
630 log_info!(logger, "Ignoring second claim for outpoint {}:{}, we already have one which we're waiting on a timelock at {} for.",
631 req.outpoints()[0].txid, req.outpoints()[0].vout, package.package_timelock());
635 if req.package_timelock() > cur_height + 1 {
636 log_info!(logger, "Delaying claim of package until its timelock at {} (current height {}), the following outpoints are spent:", req.package_timelock(), cur_height);
637 for outpoint in req.outpoints() {
638 log_info!(logger, " Outpoint {}", outpoint);
640 self.locktimed_packages.entry(req.package_timelock()).or_insert(Vec::new()).push(req);
644 log_trace!(logger, "Test if outpoint can be aggregated with expiration {} against {}", req.timelock(), cur_height + CLTV_SHARED_CLAIM_BUFFER);
645 if req.timelock() <= cur_height + CLTV_SHARED_CLAIM_BUFFER || !req.aggregable() {
646 // Don't aggregate if outpoint package timelock is soon or marked as non-aggregable
647 preprocessed_requests.push(req);
648 } else if aggregated_request.is_none() {
649 aggregated_request = Some(req);
651 aggregated_request.as_mut().unwrap().merge_package(req);
655 if let Some(req) = aggregated_request {
656 preprocessed_requests.push(req);
659 // Claim everything up to and including cur_height + 1
660 let remaining_locked_packages = self.locktimed_packages.split_off(&(cur_height + 2));
661 for (pop_height, mut entry) in self.locktimed_packages.iter_mut() {
662 log_trace!(logger, "Restoring delayed claim of package(s) at their timelock at {}.", pop_height);
663 preprocessed_requests.append(&mut entry);
665 self.locktimed_packages = remaining_locked_packages;
667 // Generate claim transactions and track them to bump if necessary at
668 // height timer expiration (i.e in how many blocks we're going to take action).
669 for mut req in preprocessed_requests {
670 if let Some((new_timer, new_feerate, claim)) = self.generate_claim(cur_height, &req, &*fee_estimator, &*logger) {
671 req.set_timer(new_timer);
672 req.set_feerate(new_feerate);
673 let package_id = match claim {
674 OnchainClaim::Tx(tx) => {
675 log_info!(logger, "Broadcasting onchain {}", log_tx!(tx));
676 broadcaster.broadcast_transaction(&tx);
677 tx.txid().into_inner()
680 OnchainClaim::Event(claim_event) => {
681 log_info!(logger, "Yielding onchain event to spend inputs {:?}", req.outpoints());
682 let package_id = match claim_event {
683 ClaimEvent::BumpCommitment { ref commitment_tx, .. } => commitment_tx.txid().into_inner(),
684 ClaimEvent::BumpHTLC { ref htlcs, .. } => {
685 // Use the same construction as a lightning channel id to generate
686 // the package id for this request based on the first HTLC. It
687 // doesn't matter what we use as long as it's unique per request.
688 let mut package_id = [0; 32];
689 package_id[..].copy_from_slice(&htlcs[0].commitment_txid[..]);
690 let htlc_output_index = htlcs[0].htlc.transaction_output_index.unwrap();
691 package_id[30] ^= ((htlc_output_index >> 8) & 0xff) as u8;
692 package_id[31] ^= ((htlc_output_index >> 0) & 0xff) as u8;
696 self.pending_claim_events.insert(package_id, claim_event);
700 for k in req.outpoints() {
701 log_info!(logger, "Registering claiming request for {}:{}", k.txid, k.vout);
702 self.claimable_outpoints.insert(k.clone(), (package_id, conf_height));
704 self.pending_claim_requests.insert(package_id, req);
709 /// Upon channelmonitor.block_connected(..) or upon provision of a preimage on the forward link
710 /// for this channel, provide new relevant on-chain transactions and/or new claim requests.
711 /// Together with `update_claims_view_from_requests` this used to be named `block_connected`,
712 /// but it is now also used for claiming an HTLC output if we receive a preimage after force-close.
714 /// `conf_height` represents the height at which the transactions in `txn_matched` were
715 /// confirmed. This does not need to equal the current blockchain tip height, which should be
716 /// provided via `cur_height`, however it must never be higher than `cur_height`.
717 pub(crate) fn update_claims_view_from_matched_txn<B: Deref, F: Deref, L: Deref>(
718 &mut self, txn_matched: &[&Transaction], conf_height: u32, conf_hash: BlockHash,
719 cur_height: u32, broadcaster: &B, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
721 B::Target: BroadcasterInterface,
722 F::Target: FeeEstimator,
725 log_debug!(logger, "Updating claims view at height {} with {} matched transactions in block {}", cur_height, txn_matched.len(), conf_height);
726 let mut bump_candidates = HashMap::new();
727 for tx in txn_matched {
728 // Scan all input to verify is one of the outpoint spent is of interest for us
729 let mut claimed_outputs_material = Vec::new();
730 for inp in &tx.input {
731 if let Some(first_claim_txid_height) = self.claimable_outpoints.get(&inp.previous_output) {
732 // If outpoint has claim request pending on it...
733 if let Some(request) = self.pending_claim_requests.get_mut(&first_claim_txid_height.0) {
734 //... we need to verify equality between transaction outpoints and claim request
735 // outpoints to know if transaction is the original claim or a bumped one issued
737 let mut are_sets_equal = true;
738 let mut tx_inputs = tx.input.iter().map(|input| &input.previous_output).collect::<Vec<_>>();
739 tx_inputs.sort_unstable();
740 for request_input in request.outpoints() {
741 if tx_inputs.binary_search(&request_input).is_err() {
742 are_sets_equal = false;
747 macro_rules! clean_claim_request_after_safety_delay {
749 let entry = OnchainEventEntry {
752 block_hash: Some(conf_hash),
753 event: OnchainEvent::Claim { package_id: first_claim_txid_height.0 }
755 if !self.onchain_events_awaiting_threshold_conf.contains(&entry) {
756 self.onchain_events_awaiting_threshold_conf.push(entry);
761 // If this is our transaction (or our counterparty spent all the outputs
762 // before we could anyway with same inputs order than us), wait for
763 // ANTI_REORG_DELAY and clean the RBF tracking map.
765 clean_claim_request_after_safety_delay!();
766 } else { // If false, generate new claim request with update outpoint set
767 let mut at_least_one_drop = false;
768 for input in tx.input.iter() {
769 if let Some(package) = request.split_package(&input.previous_output) {
770 claimed_outputs_material.push(package);
771 at_least_one_drop = true;
773 // If there are no outpoints left to claim in this request, drop it entirely after ANTI_REORG_DELAY.
774 if request.outpoints().is_empty() {
775 clean_claim_request_after_safety_delay!();
778 //TODO: recompute soonest_timelock to avoid wasting a bit on fees
779 if at_least_one_drop {
780 bump_candidates.insert(first_claim_txid_height.0.clone(), request.clone());
783 break; //No need to iterate further, either tx is our or their
785 panic!("Inconsistencies between pending_claim_requests map and claimable_outpoints map");
789 for package in claimed_outputs_material.drain(..) {
790 let entry = OnchainEventEntry {
793 block_hash: Some(conf_hash),
794 event: OnchainEvent::ContentiousOutpoint { package },
796 if !self.onchain_events_awaiting_threshold_conf.contains(&entry) {
797 self.onchain_events_awaiting_threshold_conf.push(entry);
802 // After security delay, either our claim tx got enough confs or outpoint is definetely out of reach
803 let onchain_events_awaiting_threshold_conf =
804 self.onchain_events_awaiting_threshold_conf.drain(..).collect::<Vec<_>>();
805 for entry in onchain_events_awaiting_threshold_conf {
806 if entry.has_reached_confirmation_threshold(cur_height) {
808 OnchainEvent::Claim { package_id } => {
809 // We may remove a whole set of claim outpoints here, as these one may have
810 // been aggregated in a single tx and claimed so atomically
811 if let Some(request) = self.pending_claim_requests.remove(&package_id) {
812 for outpoint in request.outpoints() {
813 log_debug!(logger, "Removing claim tracking for {} due to maturation of claim package {}.",
814 outpoint, log_bytes!(package_id));
815 self.claimable_outpoints.remove(outpoint);
817 self.pending_claim_events.remove(&package_id);
821 OnchainEvent::ContentiousOutpoint { package } => {
822 log_debug!(logger, "Removing claim tracking due to maturation of claim tx for outpoints:");
823 log_debug!(logger, " {:?}", package.outpoints());
824 self.claimable_outpoints.remove(package.outpoints()[0]);
828 self.onchain_events_awaiting_threshold_conf.push(entry);
832 // Check if any pending claim request must be rescheduled
833 for (first_claim_txid, ref request) in self.pending_claim_requests.iter() {
834 if let Some(h) = request.timer() {
836 bump_candidates.insert(*first_claim_txid, (*request).clone());
841 // Build, bump and rebroadcast tx accordingly
842 log_trace!(logger, "Bumping {} candidates", bump_candidates.len());
843 for (first_claim_txid, request) in bump_candidates.iter() {
844 if let Some((new_timer, new_feerate, bump_claim)) = self.generate_claim(cur_height, &request, &*fee_estimator, &*logger) {
846 OnchainClaim::Tx(bump_tx) => {
847 log_info!(logger, "Broadcasting RBF-bumped onchain {}", log_tx!(bump_tx));
848 broadcaster.broadcast_transaction(&bump_tx);
851 OnchainClaim::Event(claim_event) => {
852 log_info!(logger, "Yielding RBF-bumped onchain event to spend inputs {:?}", request.outpoints());
853 self.pending_claim_events.insert(*first_claim_txid, claim_event);
856 if let Some(request) = self.pending_claim_requests.get_mut(first_claim_txid) {
857 request.set_timer(new_timer);
858 request.set_feerate(new_feerate);
864 pub(crate) fn transaction_unconfirmed<B: Deref, F: Deref, L: Deref>(
868 fee_estimator: &LowerBoundedFeeEstimator<F>,
871 B::Target: BroadcasterInterface,
872 F::Target: FeeEstimator,
875 let mut height = None;
876 for entry in self.onchain_events_awaiting_threshold_conf.iter() {
877 if entry.txid == *txid {
878 height = Some(entry.height);
883 if let Some(height) = height {
884 self.block_disconnected(height, broadcaster, fee_estimator, logger);
888 pub(crate) fn block_disconnected<B: Deref, F: Deref, L: Deref>(&mut self, height: u32, broadcaster: B, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: L)
889 where B::Target: BroadcasterInterface,
890 F::Target: FeeEstimator,
893 let mut bump_candidates = HashMap::new();
894 let onchain_events_awaiting_threshold_conf =
895 self.onchain_events_awaiting_threshold_conf.drain(..).collect::<Vec<_>>();
896 for entry in onchain_events_awaiting_threshold_conf {
897 if entry.height >= height {
898 //- our claim tx on a commitment tx output
899 //- resurect outpoint back in its claimable set and regenerate tx
901 OnchainEvent::ContentiousOutpoint { package } => {
902 if let Some(ancestor_claimable_txid) = self.claimable_outpoints.get(package.outpoints()[0]) {
903 if let Some(request) = self.pending_claim_requests.get_mut(&ancestor_claimable_txid.0) {
904 request.merge_package(package);
905 // Using a HashMap guarantee us than if we have multiple outpoints getting
906 // resurrected only one bump claim tx is going to be broadcast
907 bump_candidates.insert(ancestor_claimable_txid.clone(), request.clone());
914 self.onchain_events_awaiting_threshold_conf.push(entry);
917 for (_first_claim_txid_height, request) in bump_candidates.iter_mut() {
918 if let Some((new_timer, new_feerate, bump_claim)) = self.generate_claim(height, &request, fee_estimator, &&*logger) {
919 request.set_timer(new_timer);
920 request.set_feerate(new_feerate);
922 OnchainClaim::Tx(bump_tx) => {
923 log_info!(logger, "Broadcasting onchain {}", log_tx!(bump_tx));
924 broadcaster.broadcast_transaction(&bump_tx);
927 OnchainClaim::Event(claim_event) => {
928 log_info!(logger, "Yielding onchain event after reorg to spend inputs {:?}", request.outpoints());
929 self.pending_claim_events.insert(_first_claim_txid_height.0, claim_event);
934 for (ancestor_claim_txid, request) in bump_candidates.drain() {
935 self.pending_claim_requests.insert(ancestor_claim_txid.0, request);
937 //TODO: if we implement cross-block aggregated claim transaction we need to refresh set of outpoints and regenerate tx but
938 // right now if one of the outpoint get disconnected, just erase whole pending claim request.
939 let mut remove_request = Vec::new();
940 self.claimable_outpoints.retain(|_, ref v|
942 remove_request.push(v.0.clone());
945 for req in remove_request {
946 self.pending_claim_requests.remove(&req);
950 pub(crate) fn is_output_spend_pending(&self, outpoint: &BitcoinOutPoint) -> bool {
951 self.claimable_outpoints.get(outpoint).is_some()
954 pub(crate) fn get_relevant_txids(&self) -> Vec<(Txid, Option<BlockHash>)> {
955 let mut txids: Vec<(Txid, Option<BlockHash>)> = self.onchain_events_awaiting_threshold_conf
957 .map(|entry| (entry.txid, entry.block_hash))
959 txids.sort_unstable_by_key(|(txid, _)| *txid);
964 pub(crate) fn provide_latest_holder_tx(&mut self, tx: HolderCommitmentTransaction) {
965 self.prev_holder_commitment = Some(replace(&mut self.holder_commitment, tx));
966 self.holder_htlc_sigs = None;
969 // Normally holder HTLCs are signed at the same time as the holder commitment tx. However,
970 // in some configurations, the holder commitment tx has been signed and broadcast by a
971 // ChannelMonitor replica, so we handle that case here.
972 fn sign_latest_holder_htlcs(&mut self) {
973 if self.holder_htlc_sigs.is_none() {
974 let (_sig, sigs) = self.signer.sign_holder_commitment_and_htlcs(&self.holder_commitment, &self.secp_ctx).expect("sign holder commitment");
975 self.holder_htlc_sigs = Some(Self::extract_holder_sigs(&self.holder_commitment, sigs));
979 // Normally only the latest commitment tx and HTLCs need to be signed. However, in some
980 // configurations we may have updated our holder commitment but a replica of the ChannelMonitor
981 // broadcast the previous one before we sync with it. We handle that case here.
982 fn sign_prev_holder_htlcs(&mut self) {
983 if self.prev_holder_htlc_sigs.is_none() {
984 if let Some(ref holder_commitment) = self.prev_holder_commitment {
985 let (_sig, sigs) = self.signer.sign_holder_commitment_and_htlcs(holder_commitment, &self.secp_ctx).expect("sign previous holder commitment");
986 self.prev_holder_htlc_sigs = Some(Self::extract_holder_sigs(holder_commitment, sigs));
991 fn extract_holder_sigs(holder_commitment: &HolderCommitmentTransaction, sigs: Vec<Signature>) -> Vec<Option<(usize, Signature)>> {
992 let mut ret = Vec::new();
993 for (htlc_idx, (holder_sig, htlc)) in sigs.iter().zip(holder_commitment.htlcs().iter()).enumerate() {
994 let tx_idx = htlc.transaction_output_index.unwrap();
995 if ret.len() <= tx_idx as usize { ret.resize(tx_idx as usize + 1, None); }
996 ret[tx_idx as usize] = Some((htlc_idx, holder_sig.clone()));
1001 //TODO: getting lastest holder transactions should be infallible and result in us "force-closing the channel", but we may
1002 // have empty holder commitment transaction if a ChannelMonitor is asked to force-close just after Channel::get_outbound_funding_created,
1003 // before providing a initial commitment transaction. For outbound channel, init ChannelMonitor at Channel::funding_signed, there is nothing
1004 // to monitor before.
1005 pub(crate) fn get_fully_signed_holder_tx(&mut self, funding_redeemscript: &Script) -> Transaction {
1006 let (sig, htlc_sigs) = self.signer.sign_holder_commitment_and_htlcs(&self.holder_commitment, &self.secp_ctx).expect("signing holder commitment");
1007 self.holder_htlc_sigs = Some(Self::extract_holder_sigs(&self.holder_commitment, htlc_sigs));
1008 self.holder_commitment.add_holder_sig(funding_redeemscript, sig)
1011 #[cfg(any(test, feature="unsafe_revoked_tx_signing"))]
1012 pub(crate) fn get_fully_signed_copy_holder_tx(&mut self, funding_redeemscript: &Script) -> Transaction {
1013 let (sig, htlc_sigs) = self.signer.unsafe_sign_holder_commitment_and_htlcs(&self.holder_commitment, &self.secp_ctx).expect("sign holder commitment");
1014 self.holder_htlc_sigs = Some(Self::extract_holder_sigs(&self.holder_commitment, htlc_sigs));
1015 self.holder_commitment.add_holder_sig(funding_redeemscript, sig)
1018 pub(crate) fn get_fully_signed_htlc_tx(&mut self, outp: &::bitcoin::OutPoint, preimage: &Option<PaymentPreimage>) -> Option<Transaction> {
1019 let mut htlc_tx = None;
1020 let commitment_txid = self.holder_commitment.trust().txid();
1021 // Check if the HTLC spends from the current holder commitment
1022 if commitment_txid == outp.txid {
1023 self.sign_latest_holder_htlcs();
1024 if let &Some(ref htlc_sigs) = &self.holder_htlc_sigs {
1025 let &(ref htlc_idx, ref htlc_sig) = htlc_sigs[outp.vout as usize].as_ref().unwrap();
1026 let trusted_tx = self.holder_commitment.trust();
1027 let counterparty_htlc_sig = self.holder_commitment.counterparty_htlc_sigs[*htlc_idx];
1028 htlc_tx = Some(trusted_tx
1029 .get_signed_htlc_tx(&self.channel_transaction_parameters.as_holder_broadcastable(), *htlc_idx, &counterparty_htlc_sig, htlc_sig, preimage));
1032 // If the HTLC doesn't spend the current holder commitment, check if it spends the previous one
1033 if htlc_tx.is_none() && self.prev_holder_commitment.is_some() {
1034 let commitment_txid = self.prev_holder_commitment.as_ref().unwrap().trust().txid();
1035 if commitment_txid == outp.txid {
1036 self.sign_prev_holder_htlcs();
1037 if let &Some(ref htlc_sigs) = &self.prev_holder_htlc_sigs {
1038 let &(ref htlc_idx, ref htlc_sig) = htlc_sigs[outp.vout as usize].as_ref().unwrap();
1039 let holder_commitment = self.prev_holder_commitment.as_ref().unwrap();
1040 let trusted_tx = holder_commitment.trust();
1041 let counterparty_htlc_sig = holder_commitment.counterparty_htlc_sigs[*htlc_idx];
1042 htlc_tx = Some(trusted_tx
1043 .get_signed_htlc_tx(&self.channel_transaction_parameters.as_holder_broadcastable(), *htlc_idx, &counterparty_htlc_sig, htlc_sig, preimage));
1051 pub(crate) fn generate_external_htlc_claim(
1052 &self, outp: &::bitcoin::OutPoint, preimage: &Option<PaymentPreimage>
1053 ) -> Option<ExternalHTLCClaim> {
1054 let find_htlc = |holder_commitment: &HolderCommitmentTransaction| -> Option<ExternalHTLCClaim> {
1055 let trusted_tx = holder_commitment.trust();
1056 if outp.txid != trusted_tx.txid() {
1059 trusted_tx.htlcs().iter().enumerate()
1060 .find(|(_, htlc)| if let Some(output_index) = htlc.transaction_output_index {
1061 output_index == outp.vout
1065 .map(|(htlc_idx, htlc)| {
1066 let counterparty_htlc_sig = holder_commitment.counterparty_htlc_sigs[htlc_idx];
1068 commitment_txid: trusted_tx.txid(),
1069 per_commitment_number: trusted_tx.commitment_number(),
1071 preimage: *preimage,
1072 counterparty_sig: counterparty_htlc_sig,
1076 // Check if the HTLC spends from the current holder commitment or the previous one otherwise.
1077 find_htlc(&self.holder_commitment)
1078 .or_else(|| self.prev_holder_commitment.as_ref().map(|c| find_htlc(c)).flatten())
1081 pub(crate) fn opt_anchors(&self) -> bool {
1082 self.channel_transaction_parameters.opt_anchors.is_some()
1085 #[cfg(any(test,feature = "unsafe_revoked_tx_signing"))]
1086 pub(crate) fn unsafe_get_fully_signed_htlc_tx(&mut self, outp: &::bitcoin::OutPoint, preimage: &Option<PaymentPreimage>) -> Option<Transaction> {
1087 let latest_had_sigs = self.holder_htlc_sigs.is_some();
1088 let prev_had_sigs = self.prev_holder_htlc_sigs.is_some();
1089 let ret = self.get_fully_signed_htlc_tx(outp, preimage);
1090 if !latest_had_sigs {
1091 self.holder_htlc_sigs = None;
1094 self.prev_holder_htlc_sigs = None;