1 // This file is Copyright its original authors, visible in version control
4 // This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
5 // or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
6 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
7 // You may not use this file except in accordance with one or both of these
10 use bitcoin::blockdata::constants::ChainHash;
11 use bitcoin::blockdata::script::{Script, ScriptBuf, Builder};
12 use bitcoin::blockdata::transaction::Transaction;
14 use bitcoin::sighash::EcdsaSighashType;
15 use bitcoin::consensus::encode;
17 use bitcoin::hashes::Hash;
18 use bitcoin::hashes::sha256::Hash as Sha256;
19 use bitcoin::hashes::sha256d::Hash as Sha256d;
20 use bitcoin::hash_types::{Txid, BlockHash};
22 use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE;
23 use bitcoin::secp256k1::{PublicKey,SecretKey};
24 use bitcoin::secp256k1::{Secp256k1,ecdsa::Signature};
25 use bitcoin::secp256k1;
27 use crate::ln::{ChannelId, PaymentPreimage, PaymentHash};
28 use crate::ln::features::{ChannelTypeFeatures, InitFeatures};
30 use crate::ln::msgs::DecodeError;
31 use crate::ln::script::{self, ShutdownScript};
32 use crate::ln::channelmanager::{self, CounterpartyForwardingInfo, PendingHTLCStatus, HTLCSource, SentHTLCId, HTLCFailureMsg, PendingHTLCInfo, RAACommitmentOrder, BREAKDOWN_TIMEOUT, MIN_CLTV_EXPIRY_DELTA, MAX_LOCAL_BREAKDOWN_TIMEOUT, ChannelShutdownState};
33 use crate::ln::chan_utils::{CounterpartyCommitmentSecrets, TxCreationKeys, HTLCOutputInCommitment, htlc_success_tx_weight, htlc_timeout_tx_weight, make_funding_redeemscript, ChannelPublicKeys, CommitmentTransaction, HolderCommitmentTransaction, ChannelTransactionParameters, CounterpartyChannelTransactionParameters, MAX_HTLCS, get_commitment_transaction_number_obscure_factor, ClosingTransaction};
34 use crate::ln::chan_utils;
35 use crate::ln::onion_utils::HTLCFailReason;
36 use crate::chain::BestBlock;
37 use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, LowerBoundedFeeEstimator};
38 use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, ChannelMonitorUpdateStep, LATENCY_GRACE_PERIOD_BLOCKS, CLOSED_CHANNEL_UPDATE_ID};
39 use crate::chain::transaction::{OutPoint, TransactionData};
40 use crate::sign::ecdsa::{EcdsaChannelSigner, WriteableEcdsaChannelSigner};
41 use crate::sign::{EntropySource, ChannelSigner, SignerProvider, NodeSigner, Recipient};
42 use crate::events::ClosureReason;
43 use crate::routing::gossip::NodeId;
44 use crate::util::ser::{Readable, ReadableArgs, Writeable, Writer};
45 use crate::util::logger::{Logger, Record, WithContext};
46 use crate::util::errors::APIError;
47 use crate::util::config::{UserConfig, ChannelConfig, LegacyChannelConfig, ChannelHandshakeConfig, ChannelHandshakeLimits, MaxDustHTLCExposure};
48 use crate::util::scid_utils::scid_from_parts;
51 use crate::prelude::*;
52 use core::{cmp,mem,fmt};
53 use core::convert::TryInto;
55 #[cfg(any(test, fuzzing, debug_assertions))]
56 use crate::sync::Mutex;
57 use crate::sign::type_resolver::ChannelSignerType;
59 use super::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint, RevocationBasepoint};
62 pub struct ChannelValueStat {
63 pub value_to_self_msat: u64,
64 pub channel_value_msat: u64,
65 pub channel_reserve_msat: u64,
66 pub pending_outbound_htlcs_amount_msat: u64,
67 pub pending_inbound_htlcs_amount_msat: u64,
68 pub holding_cell_outbound_amount_msat: u64,
69 pub counterparty_max_htlc_value_in_flight_msat: u64, // outgoing
70 pub counterparty_dust_limit_msat: u64,
73 pub struct AvailableBalances {
74 /// The amount that would go to us if we close the channel, ignoring any on-chain fees.
75 pub balance_msat: u64,
76 /// Total amount available for our counterparty to send to us.
77 pub inbound_capacity_msat: u64,
78 /// Total amount available for us to send to our counterparty.
79 pub outbound_capacity_msat: u64,
80 /// The maximum value we can assign to the next outbound HTLC
81 pub next_outbound_htlc_limit_msat: u64,
82 /// The minimum value we can assign to the next outbound HTLC
83 pub next_outbound_htlc_minimum_msat: u64,
86 #[derive(Debug, Clone, Copy, PartialEq)]
88 // Inbound states mirroring InboundHTLCState
90 AwaitingRemoteRevokeToAnnounce,
91 // Note that we do not have a AwaitingAnnouncedRemoteRevoke variant here as it is universally
92 // handled the same as `Committed`, with the only exception in `InboundHTLCState` being the
93 // distinction of when we allow ourselves to forward the HTLC. Because we aren't "forwarding"
94 // the fee update anywhere, we can simply consider the fee update `Committed` immediately
95 // instead of setting it to AwaitingAnnouncedRemoteRevoke.
97 // Outbound state can only be `LocalAnnounced` or `Committed`
101 enum InboundHTLCRemovalReason {
102 FailRelay(msgs::OnionErrorPacket),
103 FailMalformed(([u8; 32], u16)),
104 Fulfill(PaymentPreimage),
107 /// Represents the resolution status of an inbound HTLC.
109 enum InboundHTLCResolution {
110 /// Resolved implies the action we must take with the inbound HTLC has already been determined,
111 /// i.e., we already know whether it must be failed back or forwarded.
113 // TODO: Once this variant is removed, we should also clean up
114 // [`MonitorRestoreUpdates::accepted_htlcs`] as the path will be unreachable.
116 pending_htlc_status: PendingHTLCStatus,
118 /// Pending implies we will attempt to resolve the inbound HTLC once it has been fully committed
119 /// to by both sides of the channel, i.e., once a `revoke_and_ack` has been processed by both
120 /// nodes for the state update in which it was proposed.
122 update_add_htlc: msgs::UpdateAddHTLC,
126 impl_writeable_tlv_based_enum!(InboundHTLCResolution,
128 (0, pending_htlc_status, required),
131 (0, update_add_htlc, required),
135 enum InboundHTLCState {
136 /// Offered by remote, to be included in next local commitment tx. I.e., the remote sent an
137 /// update_add_htlc message for this HTLC.
138 RemoteAnnounced(InboundHTLCResolution),
139 /// Included in a received commitment_signed message (implying we've
140 /// revoke_and_ack'd it), but the remote hasn't yet revoked their previous
141 /// state (see the example below). We have not yet included this HTLC in a
142 /// commitment_signed message because we are waiting on the remote's
143 /// aforementioned state revocation. One reason this missing remote RAA
144 /// (revoke_and_ack) blocks us from constructing a commitment_signed message
145 /// is because every time we create a new "state", i.e. every time we sign a
146 /// new commitment tx (see [BOLT #2]), we need a new per_commitment_point,
147 /// which are provided one-at-a-time in each RAA. E.g., the last RAA they
148 /// sent provided the per_commitment_point for our current commitment tx.
149 /// The other reason we should not send a commitment_signed without their RAA
150 /// is because their RAA serves to ACK our previous commitment_signed.
152 /// Here's an example of how an HTLC could come to be in this state:
153 /// remote --> update_add_htlc(prev_htlc) --> local
154 /// remote --> commitment_signed(prev_htlc) --> local
155 /// remote <-- revoke_and_ack <-- local
156 /// remote <-- commitment_signed(prev_htlc) <-- local
157 /// [note that here, the remote does not respond with a RAA]
158 /// remote --> update_add_htlc(this_htlc) --> local
159 /// remote --> commitment_signed(prev_htlc, this_htlc) --> local
160 /// Now `this_htlc` will be assigned this state. It's unable to be officially
161 /// accepted, i.e. included in a commitment_signed, because we're missing the
162 /// RAA that provides our next per_commitment_point. The per_commitment_point
163 /// is used to derive commitment keys, which are used to construct the
164 /// signatures in a commitment_signed message.
165 /// Implies AwaitingRemoteRevoke.
167 /// [BOLT #2]: https://github.com/lightning/bolts/blob/master/02-peer-protocol.md
168 AwaitingRemoteRevokeToAnnounce(InboundHTLCResolution),
169 /// Included in a received commitment_signed message (implying we've revoke_and_ack'd it).
170 /// We have also included this HTLC in our latest commitment_signed and are now just waiting
171 /// on the remote's revoke_and_ack to make this HTLC an irrevocable part of the state of the
172 /// channel (before it can then get forwarded and/or removed).
173 /// Implies AwaitingRemoteRevoke.
174 AwaitingAnnouncedRemoteRevoke(InboundHTLCResolution),
176 /// Removed by us and a new commitment_signed was sent (if we were AwaitingRemoteRevoke when we
177 /// created it we would have put it in the holding cell instead). When they next revoke_and_ack
179 /// Note that we have to keep an eye on the HTLC until we've received a broadcastable
180 /// commitment transaction without it as otherwise we'll have to force-close the channel to
181 /// claim it before the timeout (obviously doesn't apply to revoked HTLCs that we can't claim
182 /// anyway). That said, ChannelMonitor does this for us (see
183 /// ChannelMonitor::should_broadcast_holder_commitment_txn) so we actually remove the HTLC from
184 /// our own local state before then, once we're sure that the next commitment_signed and
185 /// ChannelMonitor::provide_latest_local_commitment_tx will not include this HTLC.
186 LocalRemoved(InboundHTLCRemovalReason),
189 /// Exposes the state of pending inbound HTLCs.
191 /// At a high level, an HTLC being forwarded from one Lightning node to another Lightning node goes
192 /// through the following states in the state machine:
193 /// - Announced for addition by the originating node through the update_add_htlc message.
194 /// - Added to the commitment transaction of the receiving node and originating node in turn
195 /// through the exchange of commitment_signed and revoke_and_ack messages.
196 /// - Announced for resolution (fulfillment or failure) by the receiving node through either one of
197 /// the update_fulfill_htlc, update_fail_htlc, and update_fail_malformed_htlc messages.
198 /// - Removed from the commitment transaction of the originating node and receiving node in turn
199 /// through the exchange of commitment_signed and revoke_and_ack messages.
201 /// This can be used to inspect what next message an HTLC is waiting for to advance its state.
202 #[derive(Clone, Debug, PartialEq)]
203 pub enum InboundHTLCStateDetails {
204 /// We have added this HTLC in our commitment transaction by receiving commitment_signed and
205 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
206 /// before this HTLC is included on the remote commitment transaction.
207 AwaitingRemoteRevokeToAdd,
208 /// This HTLC has been included in the commitment_signed and revoke_and_ack messages on both sides
209 /// and is included in both commitment transactions.
211 /// This HTLC is now safe to either forward or be claimed as a payment by us. The HTLC will
212 /// remain in this state until the forwarded upstream HTLC has been resolved and we resolve this
213 /// HTLC correspondingly, or until we claim it as a payment. If it is part of a multipart
214 /// payment, it will only be claimed together with other required parts.
216 /// We have received the preimage for this HTLC and it is being removed by fulfilling it with
217 /// update_fulfill_htlc. This HTLC is still on both commitment transactions, but we are awaiting
218 /// the appropriate revoke_and_ack's from the remote before this HTLC is removed from the remote
219 /// commitment transaction after update_fulfill_htlc.
220 AwaitingRemoteRevokeToRemoveFulfill,
221 /// The HTLC is being removed by failing it with update_fail_htlc or update_fail_malformed_htlc.
222 /// This HTLC is still on both commitment transactions, but we are awaiting the appropriate
223 /// revoke_and_ack's from the remote before this HTLC is removed from the remote commitment
225 AwaitingRemoteRevokeToRemoveFail,
228 impl From<&InboundHTLCState> for Option<InboundHTLCStateDetails> {
229 fn from(state: &InboundHTLCState) -> Option<InboundHTLCStateDetails> {
231 InboundHTLCState::RemoteAnnounced(_) => None,
232 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) =>
233 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
234 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) =>
235 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
236 InboundHTLCState::Committed =>
237 Some(InboundHTLCStateDetails::Committed),
238 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(_)) =>
239 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail),
240 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed(_)) =>
241 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail),
242 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(_)) =>
243 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFulfill),
248 impl_writeable_tlv_based_enum_upgradable!(InboundHTLCStateDetails,
249 (0, AwaitingRemoteRevokeToAdd) => {},
250 (2, Committed) => {},
251 (4, AwaitingRemoteRevokeToRemoveFulfill) => {},
252 (6, AwaitingRemoteRevokeToRemoveFail) => {};
255 struct InboundHTLCOutput {
259 payment_hash: PaymentHash,
260 state: InboundHTLCState,
263 /// Exposes details around pending inbound HTLCs.
264 #[derive(Clone, Debug, PartialEq)]
265 pub struct InboundHTLCDetails {
267 /// The IDs are incremented by 1 starting from 0 for each offered HTLC.
268 /// They are unique per channel and inbound/outbound direction, unless an HTLC was only announced
269 /// and not part of any commitment transaction.
271 /// The amount in msat.
272 pub amount_msat: u64,
273 /// The block height at which this HTLC expires.
274 pub cltv_expiry: u32,
275 /// The payment hash.
276 pub payment_hash: PaymentHash,
277 /// The state of the HTLC in the state machine.
279 /// Determines on which commitment transactions the HTLC is included and what message the HTLC is
280 /// waiting for to advance to the next state.
282 /// See [`InboundHTLCStateDetails`] for information on the specific states.
284 /// LDK will always fill this field in, but when downgrading to prior versions of LDK, new
285 /// states may result in `None` here.
286 pub state: Option<InboundHTLCStateDetails>,
287 /// Whether the HTLC has an output below the local dust limit. If so, the output will be trimmed
288 /// from the local commitment transaction and added to the commitment transaction fee.
289 /// For non-anchor channels, this takes into account the cost of the second-stage HTLC
290 /// transactions as well.
292 /// When the local commitment transaction is broadcasted as part of a unilateral closure,
293 /// the value of this HTLC will therefore not be claimable but instead burned as a transaction
296 /// Note that dust limits are specific to each party. An HTLC can be dust for the local
297 /// commitment transaction but not for the counterparty's commitment transaction and vice versa.
301 impl_writeable_tlv_based!(InboundHTLCDetails, {
302 (0, htlc_id, required),
303 (2, amount_msat, required),
304 (4, cltv_expiry, required),
305 (6, payment_hash, required),
306 (7, state, upgradable_option),
307 (8, is_dust, required),
310 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
311 enum OutboundHTLCState {
312 /// Added by us and included in a commitment_signed (if we were AwaitingRemoteRevoke when we
313 /// created it we would have put it in the holding cell instead). When they next revoke_and_ack
314 /// we will promote to Committed (note that they may not accept it until the next time we
315 /// revoke, but we don't really care about that:
316 /// * they've revoked, so worst case we can announce an old state and get our (option on)
317 /// money back (though we won't), and,
318 /// * we'll send them a revoke when they send a commitment_signed, and since only they're
319 /// allowed to remove it, the "can only be removed once committed on both sides" requirement
320 /// doesn't matter to us and it's up to them to enforce it, worst-case they jump ahead but
321 /// we'll never get out of sync).
322 /// Note that we Box the OnionPacket as it's rather large and we don't want to blow up
323 /// OutboundHTLCOutput's size just for a temporary bit
324 LocalAnnounced(Box<msgs::OnionPacket>),
326 /// Remote removed this (outbound) HTLC. We're waiting on their commitment_signed to finalize
327 /// the change (though they'll need to revoke before we fail the payment).
328 RemoteRemoved(OutboundHTLCOutcome),
329 /// Remote removed this and sent a commitment_signed (implying we've revoke_and_ack'ed it), but
330 /// the remote side hasn't yet revoked their previous state, which we need them to do before we
331 /// can do any backwards failing. Implies AwaitingRemoteRevoke.
332 /// We also have not yet removed this HTLC in a commitment_signed message, and are waiting on a
333 /// remote revoke_and_ack on a previous state before we can do so.
334 AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome),
335 /// Remote removed this and sent a commitment_signed (implying we've revoke_and_ack'ed it), but
336 /// the remote side hasn't yet revoked their previous state, which we need them to do before we
337 /// can do any backwards failing. Implies AwaitingRemoteRevoke.
338 /// We have removed this HTLC in our latest commitment_signed and are now just waiting on a
339 /// revoke_and_ack to drop completely.
340 AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome),
343 /// Exposes the state of pending outbound HTLCs.
345 /// At a high level, an HTLC being forwarded from one Lightning node to another Lightning node goes
346 /// through the following states in the state machine:
347 /// - Announced for addition by the originating node through the update_add_htlc message.
348 /// - Added to the commitment transaction of the receiving node and originating node in turn
349 /// through the exchange of commitment_signed and revoke_and_ack messages.
350 /// - Announced for resolution (fulfillment or failure) by the receiving node through either one of
351 /// the update_fulfill_htlc, update_fail_htlc, and update_fail_malformed_htlc messages.
352 /// - Removed from the commitment transaction of the originating node and receiving node in turn
353 /// through the exchange of commitment_signed and revoke_and_ack messages.
355 /// This can be used to inspect what next message an HTLC is waiting for to advance its state.
356 #[derive(Clone, Debug, PartialEq)]
357 pub enum OutboundHTLCStateDetails {
358 /// We are awaiting the appropriate revoke_and_ack's from the remote before the HTLC is added
359 /// on the remote's commitment transaction after update_add_htlc.
360 AwaitingRemoteRevokeToAdd,
361 /// The HTLC has been added to the remote's commitment transaction by sending commitment_signed
362 /// and receiving revoke_and_ack in return.
364 /// The HTLC will remain in this state until the remote node resolves the HTLC, or until we
365 /// unilaterally close the channel due to a timeout with an uncooperative remote node.
367 /// The HTLC has been fulfilled successfully by the remote with a preimage in update_fulfill_htlc,
368 /// and we removed the HTLC from our commitment transaction by receiving commitment_signed and
369 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
370 /// for the removal from its commitment transaction.
371 AwaitingRemoteRevokeToRemoveSuccess,
372 /// The HTLC has been failed by the remote with update_fail_htlc or update_fail_malformed_htlc,
373 /// and we removed the HTLC from our commitment transaction by receiving commitment_signed and
374 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
375 /// for the removal from its commitment transaction.
376 AwaitingRemoteRevokeToRemoveFailure,
379 impl From<&OutboundHTLCState> for OutboundHTLCStateDetails {
380 fn from(state: &OutboundHTLCState) -> OutboundHTLCStateDetails {
382 OutboundHTLCState::LocalAnnounced(_) =>
383 OutboundHTLCStateDetails::AwaitingRemoteRevokeToAdd,
384 OutboundHTLCState::Committed =>
385 OutboundHTLCStateDetails::Committed,
386 // RemoteRemoved states are ignored as the state is transient and the remote has not committed to
388 OutboundHTLCState::RemoteRemoved(_) =>
389 OutboundHTLCStateDetails::Committed,
390 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_)) =>
391 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveSuccess,
392 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Failure(_)) =>
393 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFailure,
394 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) =>
395 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveSuccess,
396 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Failure(_)) =>
397 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFailure,
402 impl_writeable_tlv_based_enum_upgradable!(OutboundHTLCStateDetails,
403 (0, AwaitingRemoteRevokeToAdd) => {},
404 (2, Committed) => {},
405 (4, AwaitingRemoteRevokeToRemoveSuccess) => {},
406 (6, AwaitingRemoteRevokeToRemoveFailure) => {};
410 #[cfg_attr(test, derive(Debug, PartialEq))]
411 enum OutboundHTLCOutcome {
412 /// LDK version 0.0.105+ will always fill in the preimage here.
413 Success(Option<PaymentPreimage>),
414 Failure(HTLCFailReason),
417 impl From<Option<HTLCFailReason>> for OutboundHTLCOutcome {
418 fn from(o: Option<HTLCFailReason>) -> Self {
420 None => OutboundHTLCOutcome::Success(None),
421 Some(r) => OutboundHTLCOutcome::Failure(r)
426 impl<'a> Into<Option<&'a HTLCFailReason>> for &'a OutboundHTLCOutcome {
427 fn into(self) -> Option<&'a HTLCFailReason> {
429 OutboundHTLCOutcome::Success(_) => None,
430 OutboundHTLCOutcome::Failure(ref r) => Some(r)
435 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
436 struct OutboundHTLCOutput {
440 payment_hash: PaymentHash,
441 state: OutboundHTLCState,
443 blinding_point: Option<PublicKey>,
444 skimmed_fee_msat: Option<u64>,
447 /// Exposes details around pending outbound HTLCs.
448 #[derive(Clone, Debug, PartialEq)]
449 pub struct OutboundHTLCDetails {
451 /// The IDs are incremented by 1 starting from 0 for each offered HTLC.
452 /// They are unique per channel and inbound/outbound direction, unless an HTLC was only announced
453 /// and not part of any commitment transaction.
455 /// Not present when we are awaiting a remote revocation and the HTLC is not added yet.
456 pub htlc_id: Option<u64>,
457 /// The amount in msat.
458 pub amount_msat: u64,
459 /// The block height at which this HTLC expires.
460 pub cltv_expiry: u32,
461 /// The payment hash.
462 pub payment_hash: PaymentHash,
463 /// The state of the HTLC in the state machine.
465 /// Determines on which commitment transactions the HTLC is included and what message the HTLC is
466 /// waiting for to advance to the next state.
468 /// See [`OutboundHTLCStateDetails`] for information on the specific states.
470 /// LDK will always fill this field in, but when downgrading to prior versions of LDK, new
471 /// states may result in `None` here.
472 pub state: Option<OutboundHTLCStateDetails>,
473 /// The extra fee being skimmed off the top of this HTLC.
474 pub skimmed_fee_msat: Option<u64>,
475 /// Whether the HTLC has an output below the local dust limit. If so, the output will be trimmed
476 /// from the local commitment transaction and added to the commitment transaction fee.
477 /// For non-anchor channels, this takes into account the cost of the second-stage HTLC
478 /// transactions as well.
480 /// When the local commitment transaction is broadcasted as part of a unilateral closure,
481 /// the value of this HTLC will therefore not be claimable but instead burned as a transaction
484 /// Note that dust limits are specific to each party. An HTLC can be dust for the local
485 /// commitment transaction but not for the counterparty's commitment transaction and vice versa.
489 impl_writeable_tlv_based!(OutboundHTLCDetails, {
490 (0, htlc_id, required),
491 (2, amount_msat, required),
492 (4, cltv_expiry, required),
493 (6, payment_hash, required),
494 (7, state, upgradable_option),
495 (8, skimmed_fee_msat, required),
496 (10, is_dust, required),
499 /// See AwaitingRemoteRevoke ChannelState for more info
500 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
501 enum HTLCUpdateAwaitingACK {
502 AddHTLC { // TODO: Time out if we're getting close to cltv_expiry
506 payment_hash: PaymentHash,
508 onion_routing_packet: msgs::OnionPacket,
509 // The extra fee we're skimming off the top of this HTLC.
510 skimmed_fee_msat: Option<u64>,
511 blinding_point: Option<PublicKey>,
514 payment_preimage: PaymentPreimage,
519 err_packet: msgs::OnionErrorPacket,
524 sha256_of_onion: [u8; 32],
528 macro_rules! define_state_flags {
529 ($flag_type_doc: expr, $flag_type: ident, [$(($flag_doc: expr, $flag: ident, $value: expr, $get: ident, $set: ident, $clear: ident)),+], $extra_flags: expr) => {
530 #[doc = $flag_type_doc]
531 #[derive(Copy, Clone, Debug, PartialEq, PartialOrd, Eq)]
532 struct $flag_type(u32);
537 const $flag: $flag_type = $flag_type($value);
540 /// All flags that apply to the specified [`ChannelState`] variant.
542 const ALL: $flag_type = Self($(Self::$flag.0 | )* $extra_flags);
545 fn new() -> Self { Self(0) }
548 fn from_u32(flags: u32) -> Result<Self, ()> {
549 if flags & !Self::ALL.0 != 0 {
552 Ok($flag_type(flags))
557 fn is_empty(&self) -> bool { self.0 == 0 }
559 fn is_set(&self, flag: Self) -> bool { *self & flag == flag }
561 fn set(&mut self, flag: Self) { *self |= flag }
563 fn clear(&mut self, flag: Self) -> Self { self.0 &= !flag.0; *self }
567 define_state_flags!($flag_type, Self::$flag, $get, $set, $clear);
570 impl core::ops::BitOr for $flag_type {
572 fn bitor(self, rhs: Self) -> Self::Output { Self(self.0 | rhs.0) }
574 impl core::ops::BitOrAssign for $flag_type {
575 fn bitor_assign(&mut self, rhs: Self) { self.0 |= rhs.0; }
577 impl core::ops::BitAnd for $flag_type {
579 fn bitand(self, rhs: Self) -> Self::Output { Self(self.0 & rhs.0) }
581 impl core::ops::BitAndAssign for $flag_type {
582 fn bitand_assign(&mut self, rhs: Self) { self.0 &= rhs.0; }
585 ($flag_type_doc: expr, $flag_type: ident, $flags: tt) => {
586 define_state_flags!($flag_type_doc, $flag_type, $flags, 0);
588 ($flag_type: ident, $flag: expr, $get: ident, $set: ident, $clear: ident) => {
591 fn $get(&self) -> bool { self.is_set($flag_type::new() | $flag) }
593 fn $set(&mut self) { self.set($flag_type::new() | $flag) }
595 fn $clear(&mut self) -> Self { self.clear($flag_type::new() | $flag) }
598 ($flag_type_doc: expr, FUNDED_STATE, $flag_type: ident, $flags: tt) => {
599 define_state_flags!($flag_type_doc, $flag_type, $flags, FundedStateFlags::ALL.0);
601 define_state_flags!($flag_type, FundedStateFlags::PEER_DISCONNECTED,
602 is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected);
603 define_state_flags!($flag_type, FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS,
604 is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress);
605 define_state_flags!($flag_type, FundedStateFlags::REMOTE_SHUTDOWN_SENT,
606 is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent);
607 define_state_flags!($flag_type, FundedStateFlags::LOCAL_SHUTDOWN_SENT,
608 is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent);
610 impl core::ops::BitOr<FundedStateFlags> for $flag_type {
612 fn bitor(self, rhs: FundedStateFlags) -> Self::Output { Self(self.0 | rhs.0) }
614 impl core::ops::BitOrAssign<FundedStateFlags> for $flag_type {
615 fn bitor_assign(&mut self, rhs: FundedStateFlags) { self.0 |= rhs.0; }
617 impl core::ops::BitAnd<FundedStateFlags> for $flag_type {
619 fn bitand(self, rhs: FundedStateFlags) -> Self::Output { Self(self.0 & rhs.0) }
621 impl core::ops::BitAndAssign<FundedStateFlags> for $flag_type {
622 fn bitand_assign(&mut self, rhs: FundedStateFlags) { self.0 &= rhs.0; }
624 impl PartialEq<FundedStateFlags> for $flag_type {
625 fn eq(&self, other: &FundedStateFlags) -> bool { self.0 == other.0 }
627 impl From<FundedStateFlags> for $flag_type {
628 fn from(flags: FundedStateFlags) -> Self { Self(flags.0) }
633 /// We declare all the states/flags here together to help determine which bits are still available
636 pub const OUR_INIT_SENT: u32 = 1 << 0;
637 pub const THEIR_INIT_SENT: u32 = 1 << 1;
638 pub const FUNDING_NEGOTIATED: u32 = 1 << 2;
639 pub const AWAITING_CHANNEL_READY: u32 = 1 << 3;
640 pub const THEIR_CHANNEL_READY: u32 = 1 << 4;
641 pub const OUR_CHANNEL_READY: u32 = 1 << 5;
642 pub const CHANNEL_READY: u32 = 1 << 6;
643 pub const PEER_DISCONNECTED: u32 = 1 << 7;
644 pub const MONITOR_UPDATE_IN_PROGRESS: u32 = 1 << 8;
645 pub const AWAITING_REMOTE_REVOKE: u32 = 1 << 9;
646 pub const REMOTE_SHUTDOWN_SENT: u32 = 1 << 10;
647 pub const LOCAL_SHUTDOWN_SENT: u32 = 1 << 11;
648 pub const SHUTDOWN_COMPLETE: u32 = 1 << 12;
649 pub const WAITING_FOR_BATCH: u32 = 1 << 13;
653 "Flags that apply to all [`ChannelState`] variants in which the channel is funded.",
655 ("Indicates the remote side is considered \"disconnected\" and no updates are allowed \
656 until after we've done a `channel_reestablish` dance.", PEER_DISCONNECTED, state_flags::PEER_DISCONNECTED,
657 is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected),
658 ("Indicates the user has told us a `ChannelMonitor` update is pending async persistence \
659 somewhere and we should pause sending any outbound messages until they've managed to \
660 complete it.", MONITOR_UPDATE_IN_PROGRESS, state_flags::MONITOR_UPDATE_IN_PROGRESS,
661 is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress),
662 ("Indicates we received a `shutdown` message from the remote end. If set, they may not add \
663 any new HTLCs to the channel, and we are expected to respond with our own `shutdown` \
664 message when possible.", REMOTE_SHUTDOWN_SENT, state_flags::REMOTE_SHUTDOWN_SENT,
665 is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent),
666 ("Indicates we sent a `shutdown` message. At this point, we may not add any new HTLCs to \
667 the channel.", LOCAL_SHUTDOWN_SENT, state_flags::LOCAL_SHUTDOWN_SENT,
668 is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent)
673 "Flags that only apply to [`ChannelState::NegotiatingFunding`].",
674 NegotiatingFundingFlags, [
675 ("Indicates we have (or are prepared to) send our `open_channel`/`accept_channel` message.",
676 OUR_INIT_SENT, state_flags::OUR_INIT_SENT, is_our_init_sent, set_our_init_sent, clear_our_init_sent),
677 ("Indicates we have received their `open_channel`/`accept_channel` message.",
678 THEIR_INIT_SENT, state_flags::THEIR_INIT_SENT, is_their_init_sent, set_their_init_sent, clear_their_init_sent)
683 "Flags that only apply to [`ChannelState::AwaitingChannelReady`].",
684 FUNDED_STATE, AwaitingChannelReadyFlags, [
685 ("Indicates they sent us a `channel_ready` message. Once both `THEIR_CHANNEL_READY` and \
686 `OUR_CHANNEL_READY` are set, our state moves on to `ChannelReady`.",
687 THEIR_CHANNEL_READY, state_flags::THEIR_CHANNEL_READY,
688 is_their_channel_ready, set_their_channel_ready, clear_their_channel_ready),
689 ("Indicates we sent them a `channel_ready` message. Once both `THEIR_CHANNEL_READY` and \
690 `OUR_CHANNEL_READY` are set, our state moves on to `ChannelReady`.",
691 OUR_CHANNEL_READY, state_flags::OUR_CHANNEL_READY,
692 is_our_channel_ready, set_our_channel_ready, clear_our_channel_ready),
693 ("Indicates the channel was funded in a batch and the broadcast of the funding transaction \
694 is being held until all channels in the batch have received `funding_signed` and have \
695 their monitors persisted.", WAITING_FOR_BATCH, state_flags::WAITING_FOR_BATCH,
696 is_waiting_for_batch, set_waiting_for_batch, clear_waiting_for_batch)
701 "Flags that only apply to [`ChannelState::ChannelReady`].",
702 FUNDED_STATE, ChannelReadyFlags, [
703 ("Indicates that we have sent a `commitment_signed` but are awaiting the responding \
704 `revoke_and_ack` message. During this period, we can't generate new `commitment_signed` \
705 messages as we'd be unable to determine which HTLCs they included in their `revoke_and_ack` \
706 implicit ACK, so instead we have to hold them away temporarily to be sent later.",
707 AWAITING_REMOTE_REVOKE, state_flags::AWAITING_REMOTE_REVOKE,
708 is_awaiting_remote_revoke, set_awaiting_remote_revoke, clear_awaiting_remote_revoke)
712 // Note that the order of this enum is implicitly defined by where each variant is placed. Take this
713 // into account when introducing new states and update `test_channel_state_order` accordingly.
714 #[derive(Copy, Clone, Debug, PartialEq, PartialOrd, Eq)]
716 /// We are negotiating the parameters required for the channel prior to funding it.
717 NegotiatingFunding(NegotiatingFundingFlags),
718 /// We have sent `funding_created` and are awaiting a `funding_signed` to advance to
719 /// `AwaitingChannelReady`. Note that this is nonsense for an inbound channel as we immediately generate
720 /// `funding_signed` upon receipt of `funding_created`, so simply skip this state.
722 /// We've received/sent `funding_created` and `funding_signed` and are thus now waiting on the
723 /// funding transaction to confirm.
724 AwaitingChannelReady(AwaitingChannelReadyFlags),
725 /// Both we and our counterparty consider the funding transaction confirmed and the channel is
727 ChannelReady(ChannelReadyFlags),
728 /// We've successfully negotiated a `closing_signed` dance. At this point, the `ChannelManager`
729 /// is about to drop us, but we store this anyway.
733 macro_rules! impl_state_flag {
734 ($get: ident, $set: ident, $clear: ident, [$($state: ident),+]) => {
736 fn $get(&self) -> bool {
739 ChannelState::$state(flags) => flags.$get(),
748 ChannelState::$state(flags) => flags.$set(),
750 _ => debug_assert!(false, "Attempted to set flag on unexpected ChannelState"),
754 fn $clear(&mut self) {
757 ChannelState::$state(flags) => { let _ = flags.$clear(); },
759 _ => debug_assert!(false, "Attempted to clear flag on unexpected ChannelState"),
763 ($get: ident, $set: ident, $clear: ident, FUNDED_STATES) => {
764 impl_state_flag!($get, $set, $clear, [AwaitingChannelReady, ChannelReady]);
766 ($get: ident, $set: ident, $clear: ident, $state: ident) => {
767 impl_state_flag!($get, $set, $clear, [$state]);
772 fn from_u32(state: u32) -> Result<Self, ()> {
774 state_flags::FUNDING_NEGOTIATED => Ok(ChannelState::FundingNegotiated),
775 state_flags::SHUTDOWN_COMPLETE => Ok(ChannelState::ShutdownComplete),
777 if val & state_flags::AWAITING_CHANNEL_READY == state_flags::AWAITING_CHANNEL_READY {
778 AwaitingChannelReadyFlags::from_u32(val & !state_flags::AWAITING_CHANNEL_READY)
779 .map(|flags| ChannelState::AwaitingChannelReady(flags))
780 } else if val & state_flags::CHANNEL_READY == state_flags::CHANNEL_READY {
781 ChannelReadyFlags::from_u32(val & !state_flags::CHANNEL_READY)
782 .map(|flags| ChannelState::ChannelReady(flags))
783 } else if let Ok(flags) = NegotiatingFundingFlags::from_u32(val) {
784 Ok(ChannelState::NegotiatingFunding(flags))
792 fn to_u32(&self) -> u32 {
794 ChannelState::NegotiatingFunding(flags) => flags.0,
795 ChannelState::FundingNegotiated => state_flags::FUNDING_NEGOTIATED,
796 ChannelState::AwaitingChannelReady(flags) => state_flags::AWAITING_CHANNEL_READY | flags.0,
797 ChannelState::ChannelReady(flags) => state_flags::CHANNEL_READY | flags.0,
798 ChannelState::ShutdownComplete => state_flags::SHUTDOWN_COMPLETE,
802 fn is_pre_funded_state(&self) -> bool {
803 matches!(self, ChannelState::NegotiatingFunding(_)|ChannelState::FundingNegotiated)
806 fn is_both_sides_shutdown(&self) -> bool {
807 self.is_local_shutdown_sent() && self.is_remote_shutdown_sent()
810 fn with_funded_state_flags_mask(&self) -> FundedStateFlags {
812 ChannelState::AwaitingChannelReady(flags) => FundedStateFlags((*flags & FundedStateFlags::ALL).0),
813 ChannelState::ChannelReady(flags) => FundedStateFlags((*flags & FundedStateFlags::ALL).0),
814 _ => FundedStateFlags::new(),
818 fn can_generate_new_commitment(&self) -> bool {
820 ChannelState::ChannelReady(flags) =>
821 !flags.is_set(ChannelReadyFlags::AWAITING_REMOTE_REVOKE) &&
822 !flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into()) &&
823 !flags.is_set(FundedStateFlags::PEER_DISCONNECTED.into()),
825 debug_assert!(false, "Can only generate new commitment within ChannelReady");
831 impl_state_flag!(is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected, FUNDED_STATES);
832 impl_state_flag!(is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress, FUNDED_STATES);
833 impl_state_flag!(is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent, FUNDED_STATES);
834 impl_state_flag!(is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent, FUNDED_STATES);
835 impl_state_flag!(is_our_channel_ready, set_our_channel_ready, clear_our_channel_ready, AwaitingChannelReady);
836 impl_state_flag!(is_their_channel_ready, set_their_channel_ready, clear_their_channel_ready, AwaitingChannelReady);
837 impl_state_flag!(is_waiting_for_batch, set_waiting_for_batch, clear_waiting_for_batch, AwaitingChannelReady);
838 impl_state_flag!(is_awaiting_remote_revoke, set_awaiting_remote_revoke, clear_awaiting_remote_revoke, ChannelReady);
841 pub const INITIAL_COMMITMENT_NUMBER: u64 = (1 << 48) - 1;
843 pub const DEFAULT_MAX_HTLCS: u16 = 50;
845 pub(crate) fn commitment_tx_base_weight(channel_type_features: &ChannelTypeFeatures) -> u64 {
846 const COMMITMENT_TX_BASE_WEIGHT: u64 = 724;
847 const COMMITMENT_TX_BASE_ANCHOR_WEIGHT: u64 = 1124;
848 if channel_type_features.supports_anchors_zero_fee_htlc_tx() { COMMITMENT_TX_BASE_ANCHOR_WEIGHT } else { COMMITMENT_TX_BASE_WEIGHT }
852 const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172;
854 pub const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172;
856 pub const ANCHOR_OUTPUT_VALUE_SATOSHI: u64 = 330;
858 /// The percentage of the channel value `holder_max_htlc_value_in_flight_msat` used to be set to,
859 /// before this was made configurable. The percentage was made configurable in LDK 0.0.107,
860 /// although LDK 0.0.104+ enabled serialization of channels with a different value set for
861 /// `holder_max_htlc_value_in_flight_msat`.
862 pub const MAX_IN_FLIGHT_PERCENT_LEGACY: u8 = 10;
864 /// Maximum `funding_satoshis` value according to the BOLT #2 specification, if
865 /// `option_support_large_channel` (aka wumbo channels) is not supported.
867 pub const MAX_FUNDING_SATOSHIS_NO_WUMBO: u64 = (1 << 24) - 1;
869 /// Total bitcoin supply in satoshis.
870 pub const TOTAL_BITCOIN_SUPPLY_SATOSHIS: u64 = 21_000_000 * 1_0000_0000;
872 /// The maximum network dust limit for standard script formats. This currently represents the
873 /// minimum output value for a P2SH output before Bitcoin Core 22 considers the entire
874 /// transaction non-standard and thus refuses to relay it.
875 /// We also use this as the maximum counterparty `dust_limit_satoshis` allowed, given many
876 /// implementations use this value for their dust limit today.
877 pub const MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS: u64 = 546;
879 /// The maximum channel dust limit we will accept from our counterparty.
880 pub const MAX_CHAN_DUST_LIMIT_SATOSHIS: u64 = MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS;
882 /// The dust limit is used for both the commitment transaction outputs as well as the closing
883 /// transactions. For cooperative closing transactions, we require segwit outputs, though accept
884 /// *any* segwit scripts, which are allowed to be up to 42 bytes in length.
885 /// In order to avoid having to concern ourselves with standardness during the closing process, we
886 /// simply require our counterparty to use a dust limit which will leave any segwit output
888 /// See <https://github.com/lightning/bolts/issues/905> for more details.
889 pub const MIN_CHAN_DUST_LIMIT_SATOSHIS: u64 = 354;
891 // Just a reasonable implementation-specific safe lower bound, higher than the dust limit.
892 pub const MIN_THEIR_CHAN_RESERVE_SATOSHIS: u64 = 1000;
894 /// Used to return a simple Error back to ChannelManager. Will get converted to a
895 /// msgs::ErrorAction::SendErrorMessage or msgs::ErrorAction::IgnoreError as appropriate with our
896 /// channel_id in ChannelManager.
897 pub(super) enum ChannelError {
903 impl fmt::Debug for ChannelError {
904 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
906 &ChannelError::Ignore(ref e) => write!(f, "Ignore : {}", e),
907 &ChannelError::Warn(ref e) => write!(f, "Warn : {}", e),
908 &ChannelError::Close(ref e) => write!(f, "Close : {}", e),
913 impl fmt::Display for ChannelError {
914 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
916 &ChannelError::Ignore(ref e) => write!(f, "{}", e),
917 &ChannelError::Warn(ref e) => write!(f, "{}", e),
918 &ChannelError::Close(ref e) => write!(f, "{}", e),
923 pub(super) struct WithChannelContext<'a, L: Deref> where L::Target: Logger {
925 pub peer_id: Option<PublicKey>,
926 pub channel_id: Option<ChannelId>,
929 impl<'a, L: Deref> Logger for WithChannelContext<'a, L> where L::Target: Logger {
930 fn log(&self, mut record: Record) {
931 record.peer_id = self.peer_id;
932 record.channel_id = self.channel_id;
933 self.logger.log(record)
937 impl<'a, 'b, L: Deref> WithChannelContext<'a, L>
938 where L::Target: Logger {
939 pub(super) fn from<S: Deref>(logger: &'a L, context: &'b ChannelContext<S>) -> Self
940 where S::Target: SignerProvider
944 peer_id: Some(context.counterparty_node_id),
945 channel_id: Some(context.channel_id),
950 macro_rules! secp_check {
951 ($res: expr, $err: expr) => {
954 Err(_) => return Err(ChannelError::Close($err)),
959 /// The "channel disabled" bit in channel_update must be set based on whether we are connected to
960 /// our counterparty or not. However, we don't want to announce updates right away to avoid
961 /// spamming the network with updates if the connection is flapping. Instead, we "stage" updates to
962 /// our channel_update message and track the current state here.
963 /// See implementation at [`super::channelmanager::ChannelManager::timer_tick_occurred`].
964 #[derive(Clone, Copy, PartialEq)]
965 pub(super) enum ChannelUpdateStatus {
966 /// We've announced the channel as enabled and are connected to our peer.
968 /// Our channel is no longer live, but we haven't announced the channel as disabled yet.
970 /// Our channel is live again, but we haven't announced the channel as enabled yet.
972 /// We've announced the channel as disabled.
976 /// We track when we sent an `AnnouncementSignatures` to our peer in a few states, described here.
978 pub enum AnnouncementSigsState {
979 /// We have not sent our peer an `AnnouncementSignatures` yet, or our peer disconnected since
980 /// we sent the last `AnnouncementSignatures`.
982 /// We sent an `AnnouncementSignatures` to our peer since the last time our peer disconnected.
983 /// This state never appears on disk - instead we write `NotSent`.
985 /// We sent a `CommitmentSigned` after the last `AnnouncementSignatures` we sent. Because we
986 /// only ever have a single `CommitmentSigned` pending at once, if we sent one after sending
987 /// `AnnouncementSignatures` then we know the peer received our `AnnouncementSignatures` if
988 /// they send back a `RevokeAndACK`.
989 /// This state never appears on disk - instead we write `NotSent`.
991 /// We received a `RevokeAndACK`, effectively ack-ing our `AnnouncementSignatures`, at this
992 /// point we no longer need to re-send our `AnnouncementSignatures` again on reconnect.
996 /// An enum indicating whether the local or remote side offered a given HTLC.
1002 /// An enum gathering stats on pending HTLCs, either inbound or outbound side.
1005 pending_htlcs_value_msat: u64,
1006 on_counterparty_tx_dust_exposure_msat: u64,
1007 on_holder_tx_dust_exposure_msat: u64,
1008 holding_cell_msat: u64,
1009 on_holder_tx_holding_cell_htlcs_count: u32, // dust HTLCs *non*-included
1012 /// An enum gathering stats on commitment transaction, either local or remote.
1013 struct CommitmentStats<'a> {
1014 tx: CommitmentTransaction, // the transaction info
1015 feerate_per_kw: u32, // the feerate included to build the transaction
1016 total_fee_sat: u64, // the total fee included in the transaction
1017 num_nondust_htlcs: usize, // the number of HTLC outputs (dust HTLCs *non*-included)
1018 htlcs_included: Vec<(HTLCOutputInCommitment, Option<&'a HTLCSource>)>, // the list of HTLCs (dust HTLCs *included*) which were not ignored when building the transaction
1019 local_balance_msat: u64, // local balance before fees *not* considering dust limits
1020 remote_balance_msat: u64, // remote balance before fees *not* considering dust limits
1021 outbound_htlc_preimages: Vec<PaymentPreimage>, // preimages for successful offered HTLCs since last commitment
1022 inbound_htlc_preimages: Vec<PaymentPreimage>, // preimages for successful received HTLCs since last commitment
1025 /// Used when calculating whether we or the remote can afford an additional HTLC.
1026 struct HTLCCandidate {
1028 origin: HTLCInitiator,
1031 impl HTLCCandidate {
1032 fn new(amount_msat: u64, origin: HTLCInitiator) -> Self {
1040 /// A return value enum for get_update_fulfill_htlc. See UpdateFulfillCommitFetch variants for
1042 enum UpdateFulfillFetch {
1044 monitor_update: ChannelMonitorUpdate,
1045 htlc_value_msat: u64,
1046 msg: Option<msgs::UpdateFulfillHTLC>,
1051 /// The return type of get_update_fulfill_htlc_and_commit.
1052 pub enum UpdateFulfillCommitFetch {
1053 /// Indicates the HTLC fulfill is new, and either generated an update_fulfill message, placed
1054 /// it in the holding cell, or re-generated the update_fulfill message after the same claim was
1055 /// previously placed in the holding cell (and has since been removed).
1057 /// The ChannelMonitorUpdate which places the new payment preimage in the channel monitor
1058 monitor_update: ChannelMonitorUpdate,
1059 /// The value of the HTLC which was claimed, in msat.
1060 htlc_value_msat: u64,
1062 /// Indicates the HTLC fulfill is duplicative and already existed either in the holding cell
1063 /// or has been forgotten (presumably previously claimed).
1067 /// The return value of `monitor_updating_restored`
1068 pub(super) struct MonitorRestoreUpdates {
1069 pub raa: Option<msgs::RevokeAndACK>,
1070 pub commitment_update: Option<msgs::CommitmentUpdate>,
1071 pub order: RAACommitmentOrder,
1072 pub accepted_htlcs: Vec<(PendingHTLCInfo, u64)>,
1073 pub failed_htlcs: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
1074 pub finalized_claimed_htlcs: Vec<HTLCSource>,
1075 pub pending_update_adds: Vec<msgs::UpdateAddHTLC>,
1076 pub funding_broadcastable: Option<Transaction>,
1077 pub channel_ready: Option<msgs::ChannelReady>,
1078 pub announcement_sigs: Option<msgs::AnnouncementSignatures>,
1081 /// The return value of `signer_maybe_unblocked`
1083 pub(super) struct SignerResumeUpdates {
1084 pub commitment_update: Option<msgs::CommitmentUpdate>,
1085 pub funding_signed: Option<msgs::FundingSigned>,
1086 pub channel_ready: Option<msgs::ChannelReady>,
1089 /// The return value of `channel_reestablish`
1090 pub(super) struct ReestablishResponses {
1091 pub channel_ready: Option<msgs::ChannelReady>,
1092 pub raa: Option<msgs::RevokeAndACK>,
1093 pub commitment_update: Option<msgs::CommitmentUpdate>,
1094 pub order: RAACommitmentOrder,
1095 pub announcement_sigs: Option<msgs::AnnouncementSignatures>,
1096 pub shutdown_msg: Option<msgs::Shutdown>,
1099 /// The result of a shutdown that should be handled.
1101 pub(crate) struct ShutdownResult {
1102 pub(crate) closure_reason: ClosureReason,
1103 /// A channel monitor update to apply.
1104 pub(crate) monitor_update: Option<(PublicKey, OutPoint, ChannelId, ChannelMonitorUpdate)>,
1105 /// A list of dropped outbound HTLCs that can safely be failed backwards immediately.
1106 pub(crate) dropped_outbound_htlcs: Vec<(HTLCSource, PaymentHash, PublicKey, ChannelId)>,
1107 /// An unbroadcasted batch funding transaction id. The closure of this channel should be
1108 /// propagated to the remainder of the batch.
1109 pub(crate) unbroadcasted_batch_funding_txid: Option<Txid>,
1110 pub(crate) channel_id: ChannelId,
1111 pub(crate) user_channel_id: u128,
1112 pub(crate) channel_capacity_satoshis: u64,
1113 pub(crate) counterparty_node_id: PublicKey,
1114 pub(crate) unbroadcasted_funding_tx: Option<Transaction>,
1115 pub(crate) channel_funding_txo: Option<OutPoint>,
1118 /// If the majority of the channels funds are to the fundee and the initiator holds only just
1119 /// enough funds to cover their reserve value, channels are at risk of getting "stuck". Because the
1120 /// initiator controls the feerate, if they then go to increase the channel fee, they may have no
1121 /// balance but the fundee is unable to send a payment as the increase in fee more than drains
1122 /// their reserve value. Thus, neither side can send a new HTLC and the channel becomes useless.
1123 /// Thus, before sending an HTLC when we are the initiator, we check that the feerate can increase
1124 /// by this multiple without hitting this case, before sending.
1125 /// This multiple is effectively the maximum feerate "jump" we expect until more HTLCs flow over
1126 /// the channel. Sadly, there isn't really a good number for this - if we expect to have no new
1127 /// HTLCs for days we may need this to suffice for feerate increases across days, but that may
1128 /// leave the channel less usable as we hold a bigger reserve.
1129 #[cfg(any(fuzzing, test))]
1130 pub const FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE: u64 = 2;
1131 #[cfg(not(any(fuzzing, test)))]
1132 const FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE: u64 = 2;
1134 /// If we fail to see a funding transaction confirmed on-chain within this many blocks after the
1135 /// channel creation on an inbound channel, we simply force-close and move on.
1136 /// This constant is the one suggested in BOLT 2.
1137 pub(crate) const FUNDING_CONF_DEADLINE_BLOCKS: u32 = 2016;
1139 /// In case of a concurrent update_add_htlc proposed by our counterparty, we might
1140 /// not have enough balance value remaining to cover the onchain cost of this new
1141 /// HTLC weight. If this happens, our counterparty fails the reception of our
1142 /// commitment_signed including this new HTLC due to infringement on the channel
1144 /// To prevent this case, we compute our outbound update_fee with an HTLC buffer of
1145 /// size 2. However, if the number of concurrent update_add_htlc is higher, this still
1146 /// leads to a channel force-close. Ultimately, this is an issue coming from the
1147 /// design of LN state machines, allowing asynchronous updates.
1148 pub(crate) const CONCURRENT_INBOUND_HTLC_FEE_BUFFER: u32 = 2;
1150 /// When a channel is opened, we check that the funding amount is enough to pay for relevant
1151 /// commitment transaction fees, with at least this many HTLCs present on the commitment
1152 /// transaction (not counting the value of the HTLCs themselves).
1153 pub(crate) const MIN_AFFORDABLE_HTLC_COUNT: usize = 4;
1155 /// When a [`Channel`] has its [`ChannelConfig`] updated, its existing one is stashed for up to this
1156 /// number of ticks to allow forwarding HTLCs by nodes that have yet to receive the new
1157 /// ChannelUpdate prompted by the config update. This value was determined as follows:
1159 /// * The expected interval between ticks (1 minute).
1160 /// * The average convergence delay of updates across the network, i.e., ~300 seconds on average
1161 /// for a node to see an update as seen on `<https://arxiv.org/pdf/2205.12737.pdf>`.
1162 /// * `EXPIRE_PREV_CONFIG_TICKS` = convergence_delay / tick_interval
1163 pub(crate) const EXPIRE_PREV_CONFIG_TICKS: usize = 5;
1165 /// The number of ticks that may elapse while we're waiting for a response to a
1166 /// [`msgs::RevokeAndACK`] or [`msgs::ChannelReestablish`] message before we attempt to disconnect
1169 /// See [`ChannelContext::sent_message_awaiting_response`] for more information.
1170 pub(crate) const DISCONNECT_PEER_AWAITING_RESPONSE_TICKS: usize = 2;
1172 /// The number of ticks that may elapse while we're waiting for an unfunded outbound/inbound channel
1173 /// to be promoted to a [`Channel`] since the unfunded channel was created. An unfunded channel
1174 /// exceeding this age limit will be force-closed and purged from memory.
1175 pub(crate) const UNFUNDED_CHANNEL_AGE_LIMIT_TICKS: usize = 60;
1177 /// Number of blocks needed for an output from a coinbase transaction to be spendable.
1178 pub(crate) const COINBASE_MATURITY: u32 = 100;
1180 struct PendingChannelMonitorUpdate {
1181 update: ChannelMonitorUpdate,
1184 impl_writeable_tlv_based!(PendingChannelMonitorUpdate, {
1185 (0, update, required),
1188 /// The `ChannelPhase` enum describes the current phase in life of a lightning channel with each of
1189 /// its variants containing an appropriate channel struct.
1190 pub(super) enum ChannelPhase<SP: Deref> where SP::Target: SignerProvider {
1191 UnfundedOutboundV1(OutboundV1Channel<SP>),
1192 UnfundedInboundV1(InboundV1Channel<SP>),
1193 #[cfg(dual_funding)]
1194 UnfundedOutboundV2(OutboundV2Channel<SP>),
1195 #[cfg(dual_funding)]
1196 UnfundedInboundV2(InboundV2Channel<SP>),
1197 Funded(Channel<SP>),
1200 impl<'a, SP: Deref> ChannelPhase<SP> where
1201 SP::Target: SignerProvider,
1202 <SP::Target as SignerProvider>::EcdsaSigner: ChannelSigner,
1204 pub fn context(&'a self) -> &'a ChannelContext<SP> {
1206 ChannelPhase::Funded(chan) => &chan.context,
1207 ChannelPhase::UnfundedOutboundV1(chan) => &chan.context,
1208 ChannelPhase::UnfundedInboundV1(chan) => &chan.context,
1209 #[cfg(dual_funding)]
1210 ChannelPhase::UnfundedOutboundV2(chan) => &chan.context,
1211 #[cfg(dual_funding)]
1212 ChannelPhase::UnfundedInboundV2(chan) => &chan.context,
1216 pub fn context_mut(&'a mut self) -> &'a mut ChannelContext<SP> {
1218 ChannelPhase::Funded(ref mut chan) => &mut chan.context,
1219 ChannelPhase::UnfundedOutboundV1(ref mut chan) => &mut chan.context,
1220 ChannelPhase::UnfundedInboundV1(ref mut chan) => &mut chan.context,
1221 #[cfg(dual_funding)]
1222 ChannelPhase::UnfundedOutboundV2(ref mut chan) => &mut chan.context,
1223 #[cfg(dual_funding)]
1224 ChannelPhase::UnfundedInboundV2(ref mut chan) => &mut chan.context,
1229 /// Contains all state common to unfunded inbound/outbound channels.
1230 pub(super) struct UnfundedChannelContext {
1231 /// A counter tracking how many ticks have elapsed since this unfunded channel was
1232 /// created. If this unfunded channel reaches peer has yet to respond after reaching
1233 /// `UNFUNDED_CHANNEL_AGE_LIMIT_TICKS`, it will be force-closed and purged from memory.
1235 /// This is so that we don't keep channels around that haven't progressed to a funded state
1236 /// in a timely manner.
1237 unfunded_channel_age_ticks: usize,
1240 impl UnfundedChannelContext {
1241 /// Determines whether we should force-close and purge this unfunded channel from memory due to it
1242 /// having reached the unfunded channel age limit.
1244 /// This should be called on every [`super::channelmanager::ChannelManager::timer_tick_occurred`].
1245 pub fn should_expire_unfunded_channel(&mut self) -> bool {
1246 self.unfunded_channel_age_ticks += 1;
1247 self.unfunded_channel_age_ticks >= UNFUNDED_CHANNEL_AGE_LIMIT_TICKS
1251 /// Contains everything about the channel including state, and various flags.
1252 pub(super) struct ChannelContext<SP: Deref> where SP::Target: SignerProvider {
1253 config: LegacyChannelConfig,
1255 // Track the previous `ChannelConfig` so that we can continue forwarding HTLCs that were
1256 // constructed using it. The second element in the tuple corresponds to the number of ticks that
1257 // have elapsed since the update occurred.
1258 prev_config: Option<(ChannelConfig, usize)>,
1260 inbound_handshake_limits_override: Option<ChannelHandshakeLimits>,
1264 /// The current channel ID.
1265 channel_id: ChannelId,
1266 /// The temporary channel ID used during channel setup. Value kept even after transitioning to a final channel ID.
1267 /// Will be `None` for channels created prior to 0.0.115.
1268 temporary_channel_id: Option<ChannelId>,
1269 channel_state: ChannelState,
1271 // When we reach max(6 blocks, minimum_depth), we need to send an AnnouncementSigs message to
1272 // our peer. However, we want to make sure they received it, or else rebroadcast it when we
1274 // We do so here, see `AnnouncementSigsSent` for more details on the state(s).
1275 // Note that a number of our tests were written prior to the behavior here which retransmits
1276 // AnnouncementSignatures until after an RAA completes, so the behavior is short-circuited in
1278 #[cfg(any(test, feature = "_test_utils"))]
1279 pub(crate) announcement_sigs_state: AnnouncementSigsState,
1280 #[cfg(not(any(test, feature = "_test_utils")))]
1281 announcement_sigs_state: AnnouncementSigsState,
1283 secp_ctx: Secp256k1<secp256k1::All>,
1284 channel_value_satoshis: u64,
1286 latest_monitor_update_id: u64,
1288 holder_signer: ChannelSignerType<SP>,
1289 shutdown_scriptpubkey: Option<ShutdownScript>,
1290 destination_script: ScriptBuf,
1292 // Our commitment numbers start at 2^48-1 and count down, whereas the ones used in transaction
1293 // generation start at 0 and count up...this simplifies some parts of implementation at the
1294 // cost of others, but should really just be changed.
1296 cur_holder_commitment_transaction_number: u64,
1297 cur_counterparty_commitment_transaction_number: u64,
1298 value_to_self_msat: u64, // Excluding all pending_htlcs, fees, and anchor outputs
1299 pending_inbound_htlcs: Vec<InboundHTLCOutput>,
1300 pending_outbound_htlcs: Vec<OutboundHTLCOutput>,
1301 holding_cell_htlc_updates: Vec<HTLCUpdateAwaitingACK>,
1303 /// When resending CS/RAA messages on channel monitor restoration or on reconnect, we always
1304 /// need to ensure we resend them in the order we originally generated them. Note that because
1305 /// there can only ever be one in-flight CS and/or one in-flight RAA at any time, it is
1306 /// sufficient to simply set this to the opposite of any message we are generating as we
1307 /// generate it. ie when we generate a CS, we set this to RAAFirst as, if there is a pending
1308 /// in-flight RAA to resend, it will have been the first thing we generated, and thus we should
1310 resend_order: RAACommitmentOrder,
1312 monitor_pending_channel_ready: bool,
1313 monitor_pending_revoke_and_ack: bool,
1314 monitor_pending_commitment_signed: bool,
1316 // TODO: If a channel is drop'd, we don't know whether the `ChannelMonitor` is ultimately
1317 // responsible for some of the HTLCs here or not - we don't know whether the update in question
1318 // completed or not. We currently ignore these fields entirely when force-closing a channel,
1319 // but need to handle this somehow or we run the risk of losing HTLCs!
1320 monitor_pending_forwards: Vec<(PendingHTLCInfo, u64)>,
1321 monitor_pending_failures: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
1322 monitor_pending_finalized_fulfills: Vec<HTLCSource>,
1323 monitor_pending_update_adds: Vec<msgs::UpdateAddHTLC>,
1325 /// If we went to send a commitment update (ie some messages then [`msgs::CommitmentSigned`])
1326 /// but our signer (initially) refused to give us a signature, we should retry at some point in
1327 /// the future when the signer indicates it may have a signature for us.
1329 /// This flag is set in such a case. Note that we don't need to persist this as we'll end up
1330 /// setting it again as a side-effect of [`Channel::channel_reestablish`].
1331 signer_pending_commitment_update: bool,
1332 /// Similar to [`Self::signer_pending_commitment_update`] but we're waiting to send either a
1333 /// [`msgs::FundingCreated`] or [`msgs::FundingSigned`] depending on if this channel is
1334 /// outbound or inbound.
1335 signer_pending_funding: bool,
1337 // pending_update_fee is filled when sending and receiving update_fee.
1339 // Because it follows the same commitment flow as HTLCs, `FeeUpdateState` is either `Outbound`
1340 // or matches a subset of the `InboundHTLCOutput` variants. It is then updated/used when
1341 // generating new commitment transactions with exactly the same criteria as inbound/outbound
1342 // HTLCs with similar state.
1343 pending_update_fee: Option<(u32, FeeUpdateState)>,
1344 // If a `send_update_fee()` call is made with ChannelState::AwaitingRemoteRevoke set, we place
1345 // it here instead of `pending_update_fee` in the same way as we place outbound HTLC updates in
1346 // `holding_cell_htlc_updates` instead of `pending_outbound_htlcs`. It is released into
1347 // `pending_update_fee` with the same criteria as outbound HTLC updates but can be updated by
1348 // further `send_update_fee` calls, dropping the previous holding cell update entirely.
1349 holding_cell_update_fee: Option<u32>,
1350 next_holder_htlc_id: u64,
1351 next_counterparty_htlc_id: u64,
1352 feerate_per_kw: u32,
1354 /// The timestamp set on our latest `channel_update` message for this channel. It is updated
1355 /// when the channel is updated in ways which may impact the `channel_update` message or when a
1356 /// new block is received, ensuring it's always at least moderately close to the current real
1358 update_time_counter: u32,
1360 #[cfg(debug_assertions)]
1361 /// Max to_local and to_remote outputs in a locally-generated commitment transaction
1362 holder_max_commitment_tx_output: Mutex<(u64, u64)>,
1363 #[cfg(debug_assertions)]
1364 /// Max to_local and to_remote outputs in a remote-generated commitment transaction
1365 counterparty_max_commitment_tx_output: Mutex<(u64, u64)>,
1367 last_sent_closing_fee: Option<(u64, Signature)>, // (fee, holder_sig)
1368 target_closing_feerate_sats_per_kw: Option<u32>,
1370 /// If our counterparty sent us a closing_signed while we were waiting for a `ChannelMonitor`
1371 /// update, we need to delay processing it until later. We do that here by simply storing the
1372 /// closing_signed message and handling it in `maybe_propose_closing_signed`.
1373 pending_counterparty_closing_signed: Option<msgs::ClosingSigned>,
1375 /// The minimum and maximum absolute fee, in satoshis, we are willing to place on the closing
1376 /// transaction. These are set once we reach `closing_negotiation_ready`.
1378 pub(crate) closing_fee_limits: Option<(u64, u64)>,
1380 closing_fee_limits: Option<(u64, u64)>,
1382 /// If we remove an HTLC (or fee update), commit, and receive our counterparty's
1383 /// `revoke_and_ack`, we remove all knowledge of said HTLC (or fee update). However, the latest
1384 /// local commitment transaction that we can broadcast still contains the HTLC (or old fee)
1385 /// until we receive a further `commitment_signed`. Thus we are not eligible for initiating the
1386 /// `closing_signed` negotiation if we're expecting a counterparty `commitment_signed`.
1388 /// To ensure we don't send a `closing_signed` too early, we track this state here, waiting
1389 /// until we see a `commitment_signed` before doing so.
1391 /// We don't bother to persist this - we anticipate this state won't last longer than a few
1392 /// milliseconds, so any accidental force-closes here should be exceedingly rare.
1393 expecting_peer_commitment_signed: bool,
1395 /// The hash of the block in which the funding transaction was included.
1396 funding_tx_confirmed_in: Option<BlockHash>,
1397 funding_tx_confirmation_height: u32,
1398 short_channel_id: Option<u64>,
1399 /// Either the height at which this channel was created or the height at which it was last
1400 /// serialized if it was serialized by versions prior to 0.0.103.
1401 /// We use this to close if funding is never broadcasted.
1402 channel_creation_height: u32,
1404 counterparty_dust_limit_satoshis: u64,
1407 pub(super) holder_dust_limit_satoshis: u64,
1409 holder_dust_limit_satoshis: u64,
1412 pub(super) counterparty_max_htlc_value_in_flight_msat: u64,
1414 counterparty_max_htlc_value_in_flight_msat: u64,
1417 pub(super) holder_max_htlc_value_in_flight_msat: u64,
1419 holder_max_htlc_value_in_flight_msat: u64,
1421 /// minimum channel reserve for self to maintain - set by them.
1422 counterparty_selected_channel_reserve_satoshis: Option<u64>,
1425 pub(super) holder_selected_channel_reserve_satoshis: u64,
1427 holder_selected_channel_reserve_satoshis: u64,
1429 counterparty_htlc_minimum_msat: u64,
1430 holder_htlc_minimum_msat: u64,
1432 pub counterparty_max_accepted_htlcs: u16,
1434 counterparty_max_accepted_htlcs: u16,
1435 holder_max_accepted_htlcs: u16,
1436 minimum_depth: Option<u32>,
1438 counterparty_forwarding_info: Option<CounterpartyForwardingInfo>,
1440 pub(crate) channel_transaction_parameters: ChannelTransactionParameters,
1441 funding_transaction: Option<Transaction>,
1442 is_batch_funding: Option<()>,
1444 counterparty_cur_commitment_point: Option<PublicKey>,
1445 counterparty_prev_commitment_point: Option<PublicKey>,
1446 counterparty_node_id: PublicKey,
1448 counterparty_shutdown_scriptpubkey: Option<ScriptBuf>,
1450 commitment_secrets: CounterpartyCommitmentSecrets,
1452 channel_update_status: ChannelUpdateStatus,
1453 /// Once we reach `closing_negotiation_ready`, we set this, indicating if closing_signed does
1454 /// not complete within a single timer tick (one minute), we should force-close the channel.
1455 /// This prevents us from keeping unusable channels around forever if our counterparty wishes
1457 /// Note that this field is reset to false on deserialization to give us a chance to connect to
1458 /// our peer and start the closing_signed negotiation fresh.
1459 closing_signed_in_flight: bool,
1461 /// Our counterparty's channel_announcement signatures provided in announcement_signatures.
1462 /// This can be used to rebroadcast the channel_announcement message later.
1463 announcement_sigs: Option<(Signature, Signature)>,
1465 // We save these values so we can make sure `next_local_commit_tx_fee_msat` and
1466 // `next_remote_commit_tx_fee_msat` properly predict what the next commitment transaction fee will
1467 // be, by comparing the cached values to the fee of the tranaction generated by
1468 // `build_commitment_transaction`.
1469 #[cfg(any(test, fuzzing))]
1470 next_local_commitment_tx_fee_info_cached: Mutex<Option<CommitmentTxInfoCached>>,
1471 #[cfg(any(test, fuzzing))]
1472 next_remote_commitment_tx_fee_info_cached: Mutex<Option<CommitmentTxInfoCached>>,
1474 /// lnd has a long-standing bug where, upon reconnection, if the channel is not yet confirmed
1475 /// they will not send a channel_reestablish until the channel locks in. Then, they will send a
1476 /// channel_ready *before* sending the channel_reestablish (which is clearly a violation of
1477 /// the BOLT specs). We copy c-lightning's workaround here and simply store the channel_ready
1478 /// message until we receive a channel_reestablish.
1480 /// See-also <https://github.com/lightningnetwork/lnd/issues/4006>
1481 pub workaround_lnd_bug_4006: Option<msgs::ChannelReady>,
1483 /// An option set when we wish to track how many ticks have elapsed while waiting for a response
1484 /// from our counterparty after sending a message. If the peer has yet to respond after reaching
1485 /// `DISCONNECT_PEER_AWAITING_RESPONSE_TICKS`, a reconnection should be attempted to try to
1486 /// unblock the state machine.
1488 /// This behavior is mostly motivated by a lnd bug in which we don't receive a message we expect
1489 /// to in a timely manner, which may lead to channels becoming unusable and/or force-closed. An
1490 /// example of such can be found at <https://github.com/lightningnetwork/lnd/issues/7682>.
1492 /// This is currently only used when waiting for a [`msgs::ChannelReestablish`] or
1493 /// [`msgs::RevokeAndACK`] message from the counterparty.
1494 sent_message_awaiting_response: Option<usize>,
1496 #[cfg(any(test, fuzzing))]
1497 // When we receive an HTLC fulfill on an outbound path, we may immediately fulfill the
1498 // corresponding HTLC on the inbound path. If, then, the outbound path channel is
1499 // disconnected and reconnected (before we've exchange commitment_signed and revoke_and_ack
1500 // messages), they may re-broadcast their update_fulfill_htlc, causing a duplicate claim. This
1501 // is fine, but as a sanity check in our failure to generate the second claim, we check here
1502 // that the original was a claim, and that we aren't now trying to fulfill a failed HTLC.
1503 historical_inbound_htlc_fulfills: HashSet<u64>,
1505 /// This channel's type, as negotiated during channel open
1506 channel_type: ChannelTypeFeatures,
1508 // Our counterparty can offer us SCID aliases which they will map to this channel when routing
1509 // outbound payments. These can be used in invoice route hints to avoid explicitly revealing
1510 // the channel's funding UTXO.
1512 // We also use this when sending our peer a channel_update that isn't to be broadcasted
1513 // publicly - allowing them to re-use their map of SCID -> channel for channel_update ->
1514 // associated channel mapping.
1516 // We only bother storing the most recent SCID alias at any time, though our counterparty has
1517 // to store all of them.
1518 latest_inbound_scid_alias: Option<u64>,
1520 // We always offer our counterparty a static SCID alias, which we recognize as for this channel
1521 // if we see it in HTLC forwarding instructions. We don't bother rotating the alias given we
1522 // don't currently support node id aliases and eventually privacy should be provided with
1523 // blinded paths instead of simple scid+node_id aliases.
1524 outbound_scid_alias: u64,
1526 // We track whether we already emitted a `ChannelPending` event.
1527 channel_pending_event_emitted: bool,
1529 // We track whether we already emitted a `ChannelReady` event.
1530 channel_ready_event_emitted: bool,
1532 /// Some if we initiated to shut down the channel.
1533 local_initiated_shutdown: Option<()>,
1535 /// The unique identifier used to re-derive the private key material for the channel through
1536 /// [`SignerProvider::derive_channel_signer`].
1538 channel_keys_id: [u8; 32],
1540 pub channel_keys_id: [u8; 32],
1542 /// If we can't release a [`ChannelMonitorUpdate`] until some external action completes, we
1543 /// store it here and only release it to the `ChannelManager` once it asks for it.
1544 blocked_monitor_updates: Vec<PendingChannelMonitorUpdate>,
1547 impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider {
1548 fn new_for_inbound_channel<'a, ES: Deref, F: Deref, L: Deref>(
1549 fee_estimator: &'a LowerBoundedFeeEstimator<F>,
1550 entropy_source: &'a ES,
1551 signer_provider: &'a SP,
1552 counterparty_node_id: PublicKey,
1553 their_features: &'a InitFeatures,
1555 config: &'a UserConfig,
1556 current_chain_height: u32,
1559 our_funding_satoshis: u64,
1560 counterparty_pubkeys: ChannelPublicKeys,
1561 channel_type: ChannelTypeFeatures,
1562 holder_selected_channel_reserve_satoshis: u64,
1563 msg_channel_reserve_satoshis: u64,
1565 open_channel_fields: msgs::CommonOpenChannelFields,
1566 ) -> Result<ChannelContext<SP>, ChannelError>
1568 ES::Target: EntropySource,
1569 F::Target: FeeEstimator,
1571 SP::Target: SignerProvider,
1573 let logger = WithContext::from(logger, Some(counterparty_node_id), Some(open_channel_fields.temporary_channel_id));
1574 let announced_channel = if (open_channel_fields.channel_flags & 1) == 1 { true } else { false };
1576 let channel_value_satoshis = our_funding_satoshis.saturating_add(open_channel_fields.funding_satoshis);
1578 let channel_keys_id = signer_provider.generate_channel_keys_id(true, channel_value_satoshis, user_id);
1579 let holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
1580 let pubkeys = holder_signer.pubkeys().clone();
1582 if config.channel_handshake_config.our_to_self_delay < BREAKDOWN_TIMEOUT {
1583 return Err(ChannelError::Close(format!("Configured with an unreasonable our_to_self_delay ({}) putting user funds at risks. It must be greater than {}", config.channel_handshake_config.our_to_self_delay, BREAKDOWN_TIMEOUT)));
1586 // Check sanity of message fields:
1587 if channel_value_satoshis > config.channel_handshake_limits.max_funding_satoshis {
1588 return Err(ChannelError::Close(format!(
1589 "Per our config, funding must be at most {}. It was {}. Peer contribution: {}. Our contribution: {}",
1590 config.channel_handshake_limits.max_funding_satoshis, channel_value_satoshis,
1591 open_channel_fields.funding_satoshis, our_funding_satoshis)));
1593 if channel_value_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
1594 return Err(ChannelError::Close(format!("Funding must be smaller than the total bitcoin supply. It was {}", channel_value_satoshis)));
1596 if msg_channel_reserve_satoshis > channel_value_satoshis {
1597 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must be no greater than channel_value_satoshis: {}", msg_channel_reserve_satoshis, channel_value_satoshis)));
1599 let full_channel_value_msat = (channel_value_satoshis - msg_channel_reserve_satoshis) * 1000;
1600 if msg_push_msat > full_channel_value_msat {
1601 return Err(ChannelError::Close(format!("push_msat {} was larger than channel amount minus reserve ({})", msg_push_msat, full_channel_value_msat)));
1603 if open_channel_fields.dust_limit_satoshis > channel_value_satoshis {
1604 return Err(ChannelError::Close(format!("dust_limit_satoshis {} was larger than channel_value_satoshis {}. Peer never wants payout outputs?", open_channel_fields.dust_limit_satoshis, channel_value_satoshis)));
1606 if open_channel_fields.htlc_minimum_msat >= full_channel_value_msat {
1607 return Err(ChannelError::Close(format!("Minimum htlc value ({}) was larger than full channel value ({})", open_channel_fields.htlc_minimum_msat, full_channel_value_msat)));
1609 Channel::<SP>::check_remote_fee(&channel_type, fee_estimator, open_channel_fields.commitment_feerate_sat_per_1000_weight, None, &&logger)?;
1611 let max_counterparty_selected_contest_delay = u16::min(config.channel_handshake_limits.their_to_self_delay, MAX_LOCAL_BREAKDOWN_TIMEOUT);
1612 if open_channel_fields.to_self_delay > max_counterparty_selected_contest_delay {
1613 return Err(ChannelError::Close(format!("They wanted our payments to be delayed by a needlessly long period. Upper limit: {}. Actual: {}", max_counterparty_selected_contest_delay, open_channel_fields.to_self_delay)));
1615 if open_channel_fields.max_accepted_htlcs < 1 {
1616 return Err(ChannelError::Close("0 max_accepted_htlcs makes for a useless channel".to_owned()));
1618 if open_channel_fields.max_accepted_htlcs > MAX_HTLCS {
1619 return Err(ChannelError::Close(format!("max_accepted_htlcs was {}. It must not be larger than {}", open_channel_fields.max_accepted_htlcs, MAX_HTLCS)));
1622 // Now check against optional parameters as set by config...
1623 if channel_value_satoshis < config.channel_handshake_limits.min_funding_satoshis {
1624 return Err(ChannelError::Close(format!("Funding satoshis ({}) is less than the user specified limit ({})", channel_value_satoshis, config.channel_handshake_limits.min_funding_satoshis)));
1626 if open_channel_fields.htlc_minimum_msat > config.channel_handshake_limits.max_htlc_minimum_msat {
1627 return Err(ChannelError::Close(format!("htlc_minimum_msat ({}) is higher than the user specified limit ({})", open_channel_fields.htlc_minimum_msat, config.channel_handshake_limits.max_htlc_minimum_msat)));
1629 if open_channel_fields.max_htlc_value_in_flight_msat < config.channel_handshake_limits.min_max_htlc_value_in_flight_msat {
1630 return Err(ChannelError::Close(format!("max_htlc_value_in_flight_msat ({}) is less than the user specified limit ({})", open_channel_fields.max_htlc_value_in_flight_msat, config.channel_handshake_limits.min_max_htlc_value_in_flight_msat)));
1632 if msg_channel_reserve_satoshis > config.channel_handshake_limits.max_channel_reserve_satoshis {
1633 return Err(ChannelError::Close(format!("channel_reserve_satoshis ({}) is higher than the user specified limit ({})", msg_channel_reserve_satoshis, config.channel_handshake_limits.max_channel_reserve_satoshis)));
1635 if open_channel_fields.max_accepted_htlcs < config.channel_handshake_limits.min_max_accepted_htlcs {
1636 return Err(ChannelError::Close(format!("max_accepted_htlcs ({}) is less than the user specified limit ({})", open_channel_fields.max_accepted_htlcs, config.channel_handshake_limits.min_max_accepted_htlcs)));
1638 if open_channel_fields.dust_limit_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1639 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is less than the implementation limit ({})", open_channel_fields.dust_limit_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
1641 if open_channel_fields.dust_limit_satoshis > MAX_CHAN_DUST_LIMIT_SATOSHIS {
1642 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is greater than the implementation limit ({})", open_channel_fields.dust_limit_satoshis, MAX_CHAN_DUST_LIMIT_SATOSHIS)));
1645 // Convert things into internal flags and prep our state:
1647 if config.channel_handshake_limits.force_announced_channel_preference {
1648 if config.channel_handshake_config.announced_channel != announced_channel {
1649 return Err(ChannelError::Close("Peer tried to open channel but their announcement preference is different from ours".to_owned()));
1653 if holder_selected_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1654 // Protocol level safety check in place, although it should never happen because
1655 // of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
1656 return Err(ChannelError::Close(format!("Suitable channel reserve not found. remote_channel_reserve was ({}). dust_limit_satoshis is ({}).", holder_selected_channel_reserve_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
1658 if holder_selected_channel_reserve_satoshis * 1000 >= full_channel_value_msat {
1659 return Err(ChannelError::Close(format!("Suitable channel reserve not found. remote_channel_reserve was ({})msats. Channel value is ({} - {})msats.", holder_selected_channel_reserve_satoshis * 1000, full_channel_value_msat, msg_push_msat)));
1661 if msg_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1662 log_debug!(logger, "channel_reserve_satoshis ({}) is smaller than our dust limit ({}). We can broadcast stale states without any risk, implying this channel is very insecure for our counterparty.",
1663 msg_channel_reserve_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
1665 if holder_selected_channel_reserve_satoshis < open_channel_fields.dust_limit_satoshis {
1666 return Err(ChannelError::Close(format!("Dust limit ({}) too high for the channel reserve we require the remote to keep ({})", open_channel_fields.dust_limit_satoshis, holder_selected_channel_reserve_satoshis)));
1669 // check if the funder's amount for the initial commitment tx is sufficient
1670 // for full fee payment plus a few HTLCs to ensure the channel will be useful.
1671 let anchor_outputs_value = if channel_type.supports_anchors_zero_fee_htlc_tx() {
1672 ANCHOR_OUTPUT_VALUE_SATOSHI * 2
1676 let funders_amount_msat = open_channel_fields.funding_satoshis * 1000 - msg_push_msat;
1677 let commitment_tx_fee = commit_tx_fee_msat(open_channel_fields.commitment_feerate_sat_per_1000_weight, MIN_AFFORDABLE_HTLC_COUNT, &channel_type) / 1000;
1678 if (funders_amount_msat / 1000).saturating_sub(anchor_outputs_value) < commitment_tx_fee {
1679 return Err(ChannelError::Close(format!("Funding amount ({} sats) can't even pay fee for initial commitment transaction fee of {} sats.", (funders_amount_msat / 1000).saturating_sub(anchor_outputs_value), commitment_tx_fee)));
1682 let to_remote_satoshis = funders_amount_msat / 1000 - commitment_tx_fee - anchor_outputs_value;
1683 // While it's reasonable for us to not meet the channel reserve initially (if they don't
1684 // want to push much to us), our counterparty should always have more than our reserve.
1685 if to_remote_satoshis < holder_selected_channel_reserve_satoshis {
1686 return Err(ChannelError::Close("Insufficient funding amount for initial reserve".to_owned()));
1689 let counterparty_shutdown_scriptpubkey = if their_features.supports_upfront_shutdown_script() {
1690 match &open_channel_fields.shutdown_scriptpubkey {
1691 &Some(ref script) => {
1692 // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
1693 if script.len() == 0 {
1696 if !script::is_bolt2_compliant(&script, their_features) {
1697 return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided an unacceptable scriptpubkey format: {}", script)))
1699 Some(script.clone())
1702 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
1704 return Err(ChannelError::Close("Peer is signaling upfront_shutdown but we don't get any script. Use 0-length script to opt-out".to_owned()));
1709 let shutdown_scriptpubkey = if config.channel_handshake_config.commit_upfront_shutdown_pubkey {
1710 match signer_provider.get_shutdown_scriptpubkey() {
1711 Ok(scriptpubkey) => Some(scriptpubkey),
1712 Err(_) => return Err(ChannelError::Close("Failed to get upfront shutdown scriptpubkey".to_owned())),
1716 if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
1717 if !shutdown_scriptpubkey.is_compatible(&their_features) {
1718 return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer: {}", shutdown_scriptpubkey)));
1722 let destination_script = match signer_provider.get_destination_script(channel_keys_id) {
1723 Ok(script) => script,
1724 Err(_) => return Err(ChannelError::Close("Failed to get destination script".to_owned())),
1727 let mut secp_ctx = Secp256k1::new();
1728 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
1730 let minimum_depth = if is_0conf {
1733 Some(cmp::max(config.channel_handshake_config.minimum_depth, 1))
1736 let value_to_self_msat = our_funding_satoshis * 1000 + msg_push_msat;
1738 // TODO(dual_funding): Checks for `funding_feerate_sat_per_1000_weight`?
1740 let channel_context = ChannelContext {
1743 config: LegacyChannelConfig {
1744 options: config.channel_config.clone(),
1746 commit_upfront_shutdown_pubkey: config.channel_handshake_config.commit_upfront_shutdown_pubkey,
1751 inbound_handshake_limits_override: None,
1753 temporary_channel_id: Some(open_channel_fields.temporary_channel_id),
1754 channel_id: open_channel_fields.temporary_channel_id,
1755 channel_state: ChannelState::NegotiatingFunding(
1756 NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT
1758 announcement_sigs_state: AnnouncementSigsState::NotSent,
1761 latest_monitor_update_id: 0,
1763 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
1764 shutdown_scriptpubkey,
1767 cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1768 cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1771 pending_inbound_htlcs: Vec::new(),
1772 pending_outbound_htlcs: Vec::new(),
1773 holding_cell_htlc_updates: Vec::new(),
1774 pending_update_fee: None,
1775 holding_cell_update_fee: None,
1776 next_holder_htlc_id: 0,
1777 next_counterparty_htlc_id: 0,
1778 update_time_counter: 1,
1780 resend_order: RAACommitmentOrder::CommitmentFirst,
1782 monitor_pending_channel_ready: false,
1783 monitor_pending_revoke_and_ack: false,
1784 monitor_pending_commitment_signed: false,
1785 monitor_pending_forwards: Vec::new(),
1786 monitor_pending_failures: Vec::new(),
1787 monitor_pending_finalized_fulfills: Vec::new(),
1788 monitor_pending_update_adds: Vec::new(),
1790 signer_pending_commitment_update: false,
1791 signer_pending_funding: false,
1794 #[cfg(debug_assertions)]
1795 holder_max_commitment_tx_output: Mutex::new((value_to_self_msat, (channel_value_satoshis * 1000 - msg_push_msat).saturating_sub(value_to_self_msat))),
1796 #[cfg(debug_assertions)]
1797 counterparty_max_commitment_tx_output: Mutex::new((value_to_self_msat, (channel_value_satoshis * 1000 - msg_push_msat).saturating_sub(value_to_self_msat))),
1799 last_sent_closing_fee: None,
1800 pending_counterparty_closing_signed: None,
1801 expecting_peer_commitment_signed: false,
1802 closing_fee_limits: None,
1803 target_closing_feerate_sats_per_kw: None,
1805 funding_tx_confirmed_in: None,
1806 funding_tx_confirmation_height: 0,
1807 short_channel_id: None,
1808 channel_creation_height: current_chain_height,
1810 feerate_per_kw: open_channel_fields.commitment_feerate_sat_per_1000_weight,
1811 channel_value_satoshis,
1812 counterparty_dust_limit_satoshis: open_channel_fields.dust_limit_satoshis,
1813 holder_dust_limit_satoshis: MIN_CHAN_DUST_LIMIT_SATOSHIS,
1814 counterparty_max_htlc_value_in_flight_msat: cmp::min(open_channel_fields.max_htlc_value_in_flight_msat, channel_value_satoshis * 1000),
1815 holder_max_htlc_value_in_flight_msat: get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &config.channel_handshake_config),
1816 counterparty_selected_channel_reserve_satoshis: Some(msg_channel_reserve_satoshis),
1817 holder_selected_channel_reserve_satoshis,
1818 counterparty_htlc_minimum_msat: open_channel_fields.htlc_minimum_msat,
1819 holder_htlc_minimum_msat: if config.channel_handshake_config.our_htlc_minimum_msat == 0 { 1 } else { config.channel_handshake_config.our_htlc_minimum_msat },
1820 counterparty_max_accepted_htlcs: open_channel_fields.max_accepted_htlcs,
1821 holder_max_accepted_htlcs: cmp::min(config.channel_handshake_config.our_max_accepted_htlcs, MAX_HTLCS),
1824 counterparty_forwarding_info: None,
1826 channel_transaction_parameters: ChannelTransactionParameters {
1827 holder_pubkeys: pubkeys,
1828 holder_selected_contest_delay: config.channel_handshake_config.our_to_self_delay,
1829 is_outbound_from_holder: false,
1830 counterparty_parameters: Some(CounterpartyChannelTransactionParameters {
1831 selected_contest_delay: open_channel_fields.to_self_delay,
1832 pubkeys: counterparty_pubkeys,
1834 funding_outpoint: None,
1835 channel_type_features: channel_type.clone()
1837 funding_transaction: None,
1838 is_batch_funding: None,
1840 counterparty_cur_commitment_point: Some(open_channel_fields.first_per_commitment_point),
1841 counterparty_prev_commitment_point: None,
1842 counterparty_node_id,
1844 counterparty_shutdown_scriptpubkey,
1846 commitment_secrets: CounterpartyCommitmentSecrets::new(),
1848 channel_update_status: ChannelUpdateStatus::Enabled,
1849 closing_signed_in_flight: false,
1851 announcement_sigs: None,
1853 #[cfg(any(test, fuzzing))]
1854 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
1855 #[cfg(any(test, fuzzing))]
1856 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
1858 workaround_lnd_bug_4006: None,
1859 sent_message_awaiting_response: None,
1861 latest_inbound_scid_alias: None,
1862 outbound_scid_alias: 0,
1864 channel_pending_event_emitted: false,
1865 channel_ready_event_emitted: false,
1867 #[cfg(any(test, fuzzing))]
1868 historical_inbound_htlc_fulfills: new_hash_set(),
1873 local_initiated_shutdown: None,
1875 blocked_monitor_updates: Vec::new(),
1881 fn new_for_outbound_channel<'a, ES: Deref, F: Deref>(
1882 fee_estimator: &'a LowerBoundedFeeEstimator<F>,
1883 entropy_source: &'a ES,
1884 signer_provider: &'a SP,
1885 counterparty_node_id: PublicKey,
1886 their_features: &'a InitFeatures,
1887 funding_satoshis: u64,
1890 config: &'a UserConfig,
1891 current_chain_height: u32,
1892 outbound_scid_alias: u64,
1893 temporary_channel_id: Option<ChannelId>,
1894 holder_selected_channel_reserve_satoshis: u64,
1895 channel_keys_id: [u8; 32],
1896 holder_signer: <SP::Target as SignerProvider>::EcdsaSigner,
1897 pubkeys: ChannelPublicKeys,
1898 ) -> Result<ChannelContext<SP>, APIError>
1900 ES::Target: EntropySource,
1901 F::Target: FeeEstimator,
1902 SP::Target: SignerProvider,
1904 // This will be updated with the counterparty contribution if this is a dual-funded channel
1905 let channel_value_satoshis = funding_satoshis;
1907 let holder_selected_contest_delay = config.channel_handshake_config.our_to_self_delay;
1909 if !their_features.supports_wumbo() && channel_value_satoshis > MAX_FUNDING_SATOSHIS_NO_WUMBO {
1910 return Err(APIError::APIMisuseError{err: format!("funding_value must not exceed {}, it was {}", MAX_FUNDING_SATOSHIS_NO_WUMBO, channel_value_satoshis)});
1912 if channel_value_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
1913 return Err(APIError::APIMisuseError{err: format!("funding_value must be smaller than the total bitcoin supply, it was {}", channel_value_satoshis)});
1915 let channel_value_msat = channel_value_satoshis * 1000;
1916 if push_msat > channel_value_msat {
1917 return Err(APIError::APIMisuseError { err: format!("Push value ({}) was larger than channel_value ({})", push_msat, channel_value_msat) });
1919 if holder_selected_contest_delay < BREAKDOWN_TIMEOUT {
1920 return Err(APIError::APIMisuseError {err: format!("Configured with an unreasonable our_to_self_delay ({}) putting user funds at risks", holder_selected_contest_delay)});
1923 let channel_type = get_initial_channel_type(&config, their_features);
1924 debug_assert!(channel_type.is_subset(&channelmanager::provided_channel_type_features(&config)));
1926 let (commitment_conf_target, anchor_outputs_value_msat) = if channel_type.supports_anchors_zero_fee_htlc_tx() {
1927 (ConfirmationTarget::AnchorChannelFee, ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000)
1929 (ConfirmationTarget::NonAnchorChannelFee, 0)
1931 let commitment_feerate = fee_estimator.bounded_sat_per_1000_weight(commitment_conf_target);
1933 let value_to_self_msat = channel_value_satoshis * 1000 - push_msat;
1934 let commitment_tx_fee = commit_tx_fee_msat(commitment_feerate, MIN_AFFORDABLE_HTLC_COUNT, &channel_type);
1935 if value_to_self_msat.saturating_sub(anchor_outputs_value_msat) < commitment_tx_fee {
1936 return Err(APIError::APIMisuseError{ err: format!("Funding amount ({}) can't even pay fee for initial commitment transaction fee of {}.", value_to_self_msat / 1000, commitment_tx_fee / 1000) });
1939 let mut secp_ctx = Secp256k1::new();
1940 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
1942 let shutdown_scriptpubkey = if config.channel_handshake_config.commit_upfront_shutdown_pubkey {
1943 match signer_provider.get_shutdown_scriptpubkey() {
1944 Ok(scriptpubkey) => Some(scriptpubkey),
1945 Err(_) => return Err(APIError::ChannelUnavailable { err: "Failed to get shutdown scriptpubkey".to_owned()}),
1949 if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
1950 if !shutdown_scriptpubkey.is_compatible(&their_features) {
1951 return Err(APIError::IncompatibleShutdownScript { script: shutdown_scriptpubkey.clone() });
1955 let destination_script = match signer_provider.get_destination_script(channel_keys_id) {
1956 Ok(script) => script,
1957 Err(_) => return Err(APIError::ChannelUnavailable { err: "Failed to get destination script".to_owned()}),
1960 let temporary_channel_id = temporary_channel_id.unwrap_or_else(|| ChannelId::temporary_from_entropy_source(entropy_source));
1965 config: LegacyChannelConfig {
1966 options: config.channel_config.clone(),
1967 announced_channel: config.channel_handshake_config.announced_channel,
1968 commit_upfront_shutdown_pubkey: config.channel_handshake_config.commit_upfront_shutdown_pubkey,
1973 inbound_handshake_limits_override: Some(config.channel_handshake_limits.clone()),
1975 channel_id: temporary_channel_id,
1976 temporary_channel_id: Some(temporary_channel_id),
1977 channel_state: ChannelState::NegotiatingFunding(NegotiatingFundingFlags::OUR_INIT_SENT),
1978 announcement_sigs_state: AnnouncementSigsState::NotSent,
1980 // We'll add our counterparty's `funding_satoshis` when we receive `accept_channel2`.
1981 channel_value_satoshis,
1983 latest_monitor_update_id: 0,
1985 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
1986 shutdown_scriptpubkey,
1989 cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1990 cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1993 pending_inbound_htlcs: Vec::new(),
1994 pending_outbound_htlcs: Vec::new(),
1995 holding_cell_htlc_updates: Vec::new(),
1996 pending_update_fee: None,
1997 holding_cell_update_fee: None,
1998 next_holder_htlc_id: 0,
1999 next_counterparty_htlc_id: 0,
2000 update_time_counter: 1,
2002 resend_order: RAACommitmentOrder::CommitmentFirst,
2004 monitor_pending_channel_ready: false,
2005 monitor_pending_revoke_and_ack: false,
2006 monitor_pending_commitment_signed: false,
2007 monitor_pending_forwards: Vec::new(),
2008 monitor_pending_failures: Vec::new(),
2009 monitor_pending_finalized_fulfills: Vec::new(),
2010 monitor_pending_update_adds: Vec::new(),
2012 signer_pending_commitment_update: false,
2013 signer_pending_funding: false,
2015 // We'll add our counterparty's `funding_satoshis` to these max commitment output assertions
2016 // when we receive `accept_channel2`.
2017 #[cfg(debug_assertions)]
2018 holder_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
2019 #[cfg(debug_assertions)]
2020 counterparty_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
2022 last_sent_closing_fee: None,
2023 pending_counterparty_closing_signed: None,
2024 expecting_peer_commitment_signed: false,
2025 closing_fee_limits: None,
2026 target_closing_feerate_sats_per_kw: None,
2028 funding_tx_confirmed_in: None,
2029 funding_tx_confirmation_height: 0,
2030 short_channel_id: None,
2031 channel_creation_height: current_chain_height,
2033 feerate_per_kw: commitment_feerate,
2034 counterparty_dust_limit_satoshis: 0,
2035 holder_dust_limit_satoshis: MIN_CHAN_DUST_LIMIT_SATOSHIS,
2036 counterparty_max_htlc_value_in_flight_msat: 0,
2037 // We'll adjust this to include our counterparty's `funding_satoshis` when we
2038 // receive `accept_channel2`.
2039 holder_max_htlc_value_in_flight_msat: get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &config.channel_handshake_config),
2040 counterparty_selected_channel_reserve_satoshis: None, // Filled in in accept_channel
2041 holder_selected_channel_reserve_satoshis,
2042 counterparty_htlc_minimum_msat: 0,
2043 holder_htlc_minimum_msat: if config.channel_handshake_config.our_htlc_minimum_msat == 0 { 1 } else { config.channel_handshake_config.our_htlc_minimum_msat },
2044 counterparty_max_accepted_htlcs: 0,
2045 holder_max_accepted_htlcs: cmp::min(config.channel_handshake_config.our_max_accepted_htlcs, MAX_HTLCS),
2046 minimum_depth: None, // Filled in in accept_channel
2048 counterparty_forwarding_info: None,
2050 channel_transaction_parameters: ChannelTransactionParameters {
2051 holder_pubkeys: pubkeys,
2052 holder_selected_contest_delay: config.channel_handshake_config.our_to_self_delay,
2053 is_outbound_from_holder: true,
2054 counterparty_parameters: None,
2055 funding_outpoint: None,
2056 channel_type_features: channel_type.clone()
2058 funding_transaction: None,
2059 is_batch_funding: None,
2061 counterparty_cur_commitment_point: None,
2062 counterparty_prev_commitment_point: None,
2063 counterparty_node_id,
2065 counterparty_shutdown_scriptpubkey: None,
2067 commitment_secrets: CounterpartyCommitmentSecrets::new(),
2069 channel_update_status: ChannelUpdateStatus::Enabled,
2070 closing_signed_in_flight: false,
2072 announcement_sigs: None,
2074 #[cfg(any(test, fuzzing))]
2075 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
2076 #[cfg(any(test, fuzzing))]
2077 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
2079 workaround_lnd_bug_4006: None,
2080 sent_message_awaiting_response: None,
2082 latest_inbound_scid_alias: None,
2083 outbound_scid_alias,
2085 channel_pending_event_emitted: false,
2086 channel_ready_event_emitted: false,
2088 #[cfg(any(test, fuzzing))]
2089 historical_inbound_htlc_fulfills: new_hash_set(),
2094 blocked_monitor_updates: Vec::new(),
2095 local_initiated_shutdown: None,
2099 /// Allowed in any state (including after shutdown)
2100 pub fn get_update_time_counter(&self) -> u32 {
2101 self.update_time_counter
2104 pub fn get_latest_monitor_update_id(&self) -> u64 {
2105 self.latest_monitor_update_id
2108 pub fn should_announce(&self) -> bool {
2109 self.config.announced_channel
2112 pub fn is_outbound(&self) -> bool {
2113 self.channel_transaction_parameters.is_outbound_from_holder
2116 /// Gets the fee we'd want to charge for adding an HTLC output to this Channel
2117 /// Allowed in any state (including after shutdown)
2118 pub fn get_outbound_forwarding_fee_base_msat(&self) -> u32 {
2119 self.config.options.forwarding_fee_base_msat
2122 /// Returns true if we've ever received a message from the remote end for this Channel
2123 pub fn have_received_message(&self) -> bool {
2124 self.channel_state > ChannelState::NegotiatingFunding(NegotiatingFundingFlags::OUR_INIT_SENT)
2127 /// Returns true if this channel is fully established and not known to be closing.
2128 /// Allowed in any state (including after shutdown)
2129 pub fn is_usable(&self) -> bool {
2130 matches!(self.channel_state, ChannelState::ChannelReady(_)) &&
2131 !self.channel_state.is_local_shutdown_sent() &&
2132 !self.channel_state.is_remote_shutdown_sent() &&
2133 !self.monitor_pending_channel_ready
2136 /// shutdown state returns the state of the channel in its various stages of shutdown
2137 pub fn shutdown_state(&self) -> ChannelShutdownState {
2138 match self.channel_state {
2139 ChannelState::AwaitingChannelReady(_)|ChannelState::ChannelReady(_) =>
2140 if self.channel_state.is_local_shutdown_sent() && !self.channel_state.is_remote_shutdown_sent() {
2141 ChannelShutdownState::ShutdownInitiated
2142 } else if (self.channel_state.is_local_shutdown_sent() || self.channel_state.is_remote_shutdown_sent()) && !self.closing_negotiation_ready() {
2143 ChannelShutdownState::ResolvingHTLCs
2144 } else if (self.channel_state.is_local_shutdown_sent() || self.channel_state.is_remote_shutdown_sent()) && self.closing_negotiation_ready() {
2145 ChannelShutdownState::NegotiatingClosingFee
2147 ChannelShutdownState::NotShuttingDown
2149 ChannelState::ShutdownComplete => ChannelShutdownState::ShutdownComplete,
2150 _ => ChannelShutdownState::NotShuttingDown,
2154 fn closing_negotiation_ready(&self) -> bool {
2155 let is_ready_to_close = match self.channel_state {
2156 ChannelState::AwaitingChannelReady(flags) =>
2157 flags & FundedStateFlags::ALL == FundedStateFlags::LOCAL_SHUTDOWN_SENT | FundedStateFlags::REMOTE_SHUTDOWN_SENT,
2158 ChannelState::ChannelReady(flags) =>
2159 flags == FundedStateFlags::LOCAL_SHUTDOWN_SENT | FundedStateFlags::REMOTE_SHUTDOWN_SENT,
2162 self.pending_inbound_htlcs.is_empty() &&
2163 self.pending_outbound_htlcs.is_empty() &&
2164 self.pending_update_fee.is_none() &&
2168 /// Returns true if this channel is currently available for use. This is a superset of
2169 /// is_usable() and considers things like the channel being temporarily disabled.
2170 /// Allowed in any state (including after shutdown)
2171 pub fn is_live(&self) -> bool {
2172 self.is_usable() && !self.channel_state.is_peer_disconnected()
2175 // Public utilities:
2177 pub fn channel_id(&self) -> ChannelId {
2181 // Return the `temporary_channel_id` used during channel establishment.
2183 // Will return `None` for channels created prior to LDK version 0.0.115.
2184 pub fn temporary_channel_id(&self) -> Option<ChannelId> {
2185 self.temporary_channel_id
2188 pub fn minimum_depth(&self) -> Option<u32> {
2192 /// Gets the "user_id" value passed into the construction of this channel. It has no special
2193 /// meaning and exists only to allow users to have a persistent identifier of a channel.
2194 pub fn get_user_id(&self) -> u128 {
2198 /// Gets the channel's type
2199 pub fn get_channel_type(&self) -> &ChannelTypeFeatures {
2203 /// Gets the channel's `short_channel_id`.
2205 /// Will return `None` if the channel hasn't been confirmed yet.
2206 pub fn get_short_channel_id(&self) -> Option<u64> {
2207 self.short_channel_id
2210 /// Allowed in any state (including after shutdown)
2211 pub fn latest_inbound_scid_alias(&self) -> Option<u64> {
2212 self.latest_inbound_scid_alias
2215 /// Allowed in any state (including after shutdown)
2216 pub fn outbound_scid_alias(&self) -> u64 {
2217 self.outbound_scid_alias
2220 /// Returns the holder signer for this channel.
2222 pub fn get_signer(&self) -> &ChannelSignerType<SP> {
2223 return &self.holder_signer
2226 /// Only allowed immediately after deserialization if get_outbound_scid_alias returns 0,
2227 /// indicating we were written by LDK prior to 0.0.106 which did not set outbound SCID aliases
2228 /// or prior to any channel actions during `Channel` initialization.
2229 pub fn set_outbound_scid_alias(&mut self, outbound_scid_alias: u64) {
2230 debug_assert_eq!(self.outbound_scid_alias, 0);
2231 self.outbound_scid_alias = outbound_scid_alias;
2234 /// Returns the funding_txo we either got from our peer, or were given by
2235 /// get_funding_created.
2236 pub fn get_funding_txo(&self) -> Option<OutPoint> {
2237 self.channel_transaction_parameters.funding_outpoint
2240 /// Returns the height in which our funding transaction was confirmed.
2241 pub fn get_funding_tx_confirmation_height(&self) -> Option<u32> {
2242 let conf_height = self.funding_tx_confirmation_height;
2243 if conf_height > 0 {
2250 /// Returns the block hash in which our funding transaction was confirmed.
2251 pub fn get_funding_tx_confirmed_in(&self) -> Option<BlockHash> {
2252 self.funding_tx_confirmed_in
2255 /// Returns the current number of confirmations on the funding transaction.
2256 pub fn get_funding_tx_confirmations(&self, height: u32) -> u32 {
2257 if self.funding_tx_confirmation_height == 0 {
2258 // We either haven't seen any confirmation yet, or observed a reorg.
2262 height.checked_sub(self.funding_tx_confirmation_height).map_or(0, |c| c + 1)
2265 fn get_holder_selected_contest_delay(&self) -> u16 {
2266 self.channel_transaction_parameters.holder_selected_contest_delay
2269 fn get_holder_pubkeys(&self) -> &ChannelPublicKeys {
2270 &self.channel_transaction_parameters.holder_pubkeys
2273 pub fn get_counterparty_selected_contest_delay(&self) -> Option<u16> {
2274 self.channel_transaction_parameters.counterparty_parameters
2275 .as_ref().map(|params| params.selected_contest_delay)
2278 fn get_counterparty_pubkeys(&self) -> &ChannelPublicKeys {
2279 &self.channel_transaction_parameters.counterparty_parameters.as_ref().unwrap().pubkeys
2282 /// Allowed in any state (including after shutdown)
2283 pub fn get_counterparty_node_id(&self) -> PublicKey {
2284 self.counterparty_node_id
2287 /// Allowed in any state (including after shutdown)
2288 pub fn get_holder_htlc_minimum_msat(&self) -> u64 {
2289 self.holder_htlc_minimum_msat
2292 /// Allowed in any state (including after shutdown), but will return none before TheirInitSent
2293 pub fn get_holder_htlc_maximum_msat(&self) -> Option<u64> {
2294 self.get_htlc_maximum_msat(self.holder_max_htlc_value_in_flight_msat)
2297 /// Allowed in any state (including after shutdown)
2298 pub fn get_announced_htlc_max_msat(&self) -> u64 {
2300 // Upper bound by capacity. We make it a bit less than full capacity to prevent attempts
2301 // to use full capacity. This is an effort to reduce routing failures, because in many cases
2302 // channel might have been used to route very small values (either by honest users or as DoS).
2303 self.channel_value_satoshis * 1000 * 9 / 10,
2305 self.counterparty_max_htlc_value_in_flight_msat
2309 /// Allowed in any state (including after shutdown)
2310 pub fn get_counterparty_htlc_minimum_msat(&self) -> u64 {
2311 self.counterparty_htlc_minimum_msat
2314 /// Allowed in any state (including after shutdown), but will return none before TheirInitSent
2315 pub fn get_counterparty_htlc_maximum_msat(&self) -> Option<u64> {
2316 self.get_htlc_maximum_msat(self.counterparty_max_htlc_value_in_flight_msat)
2319 fn get_htlc_maximum_msat(&self, party_max_htlc_value_in_flight_msat: u64) -> Option<u64> {
2320 self.counterparty_selected_channel_reserve_satoshis.map(|counterparty_reserve| {
2321 let holder_reserve = self.holder_selected_channel_reserve_satoshis;
2323 (self.channel_value_satoshis - counterparty_reserve - holder_reserve) * 1000,
2324 party_max_htlc_value_in_flight_msat
2329 pub fn get_value_satoshis(&self) -> u64 {
2330 self.channel_value_satoshis
2333 pub fn get_fee_proportional_millionths(&self) -> u32 {
2334 self.config.options.forwarding_fee_proportional_millionths
2337 pub fn get_cltv_expiry_delta(&self) -> u16 {
2338 cmp::max(self.config.options.cltv_expiry_delta, MIN_CLTV_EXPIRY_DELTA)
2341 pub fn get_max_dust_htlc_exposure_msat<F: Deref>(&self,
2342 fee_estimator: &LowerBoundedFeeEstimator<F>) -> u64
2343 where F::Target: FeeEstimator
2345 match self.config.options.max_dust_htlc_exposure {
2346 MaxDustHTLCExposure::FeeRateMultiplier(multiplier) => {
2347 let feerate_per_kw = fee_estimator.bounded_sat_per_1000_weight(
2348 ConfirmationTarget::OnChainSweep) as u64;
2349 feerate_per_kw.saturating_mul(multiplier)
2351 MaxDustHTLCExposure::FixedLimitMsat(limit) => limit,
2355 /// Returns the previous [`ChannelConfig`] applied to this channel, if any.
2356 pub fn prev_config(&self) -> Option<ChannelConfig> {
2357 self.prev_config.map(|prev_config| prev_config.0)
2360 // Checks whether we should emit a `ChannelPending` event.
2361 pub(crate) fn should_emit_channel_pending_event(&mut self) -> bool {
2362 self.is_funding_broadcast() && !self.channel_pending_event_emitted
2365 // Returns whether we already emitted a `ChannelPending` event.
2366 pub(crate) fn channel_pending_event_emitted(&self) -> bool {
2367 self.channel_pending_event_emitted
2370 // Remembers that we already emitted a `ChannelPending` event.
2371 pub(crate) fn set_channel_pending_event_emitted(&mut self) {
2372 self.channel_pending_event_emitted = true;
2375 // Checks whether we should emit a `ChannelReady` event.
2376 pub(crate) fn should_emit_channel_ready_event(&mut self) -> bool {
2377 self.is_usable() && !self.channel_ready_event_emitted
2380 // Remembers that we already emitted a `ChannelReady` event.
2381 pub(crate) fn set_channel_ready_event_emitted(&mut self) {
2382 self.channel_ready_event_emitted = true;
2385 /// Tracks the number of ticks elapsed since the previous [`ChannelConfig`] was updated. Once
2386 /// [`EXPIRE_PREV_CONFIG_TICKS`] is reached, the previous config is considered expired and will
2387 /// no longer be considered when forwarding HTLCs.
2388 pub fn maybe_expire_prev_config(&mut self) {
2389 if self.prev_config.is_none() {
2392 let prev_config = self.prev_config.as_mut().unwrap();
2394 if prev_config.1 == EXPIRE_PREV_CONFIG_TICKS {
2395 self.prev_config = None;
2399 /// Returns the current [`ChannelConfig`] applied to the channel.
2400 pub fn config(&self) -> ChannelConfig {
2404 /// Updates the channel's config. A bool is returned indicating whether the config update
2405 /// applied resulted in a new ChannelUpdate message.
2406 pub fn update_config(&mut self, config: &ChannelConfig) -> bool {
2407 let did_channel_update =
2408 self.config.options.forwarding_fee_proportional_millionths != config.forwarding_fee_proportional_millionths ||
2409 self.config.options.forwarding_fee_base_msat != config.forwarding_fee_base_msat ||
2410 self.config.options.cltv_expiry_delta != config.cltv_expiry_delta;
2411 if did_channel_update {
2412 self.prev_config = Some((self.config.options, 0));
2413 // Update the counter, which backs the ChannelUpdate timestamp, to allow the relay
2414 // policy change to propagate throughout the network.
2415 self.update_time_counter += 1;
2417 self.config.options = *config;
2421 /// Returns true if funding_signed was sent/received and the
2422 /// funding transaction has been broadcast if necessary.
2423 pub fn is_funding_broadcast(&self) -> bool {
2424 !self.channel_state.is_pre_funded_state() &&
2425 !matches!(self.channel_state, ChannelState::AwaitingChannelReady(flags) if flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH))
2428 /// Transaction nomenclature is somewhat confusing here as there are many different cases - a
2429 /// transaction is referred to as "a's transaction" implying that a will be able to broadcast
2430 /// the transaction. Thus, b will generally be sending a signature over such a transaction to
2431 /// a, and a can revoke the transaction by providing b the relevant per_commitment_secret. As
2432 /// such, a transaction is generally the result of b increasing the amount paid to a (or adding
2434 /// @local is used only to convert relevant internal structures which refer to remote vs local
2435 /// to decide value of outputs and direction of HTLCs.
2436 /// @generated_by_local is used to determine *which* HTLCs to include - noting that the HTLC
2437 /// state may indicate that one peer has informed the other that they'd like to add an HTLC but
2438 /// have not yet committed it. Such HTLCs will only be included in transactions which are being
2439 /// generated by the peer which proposed adding the HTLCs, and thus we need to understand both
2440 /// which peer generated this transaction and "to whom" this transaction flows.
2442 fn build_commitment_transaction<L: Deref>(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool, logger: &L) -> CommitmentStats
2443 where L::Target: Logger
2445 let mut included_dust_htlcs: Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)> = Vec::new();
2446 let num_htlcs = self.pending_inbound_htlcs.len() + self.pending_outbound_htlcs.len();
2447 let mut included_non_dust_htlcs: Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)> = Vec::with_capacity(num_htlcs);
2449 let broadcaster_dust_limit_satoshis = if local { self.holder_dust_limit_satoshis } else { self.counterparty_dust_limit_satoshis };
2450 let mut remote_htlc_total_msat = 0;
2451 let mut local_htlc_total_msat = 0;
2452 let mut value_to_self_msat_offset = 0;
2454 let mut feerate_per_kw = self.feerate_per_kw;
2455 if let Some((feerate, update_state)) = self.pending_update_fee {
2456 if match update_state {
2457 // Note that these match the inclusion criteria when scanning
2458 // pending_inbound_htlcs below.
2459 FeeUpdateState::RemoteAnnounced => { debug_assert!(!self.is_outbound()); !generated_by_local },
2460 FeeUpdateState::AwaitingRemoteRevokeToAnnounce => { debug_assert!(!self.is_outbound()); !generated_by_local },
2461 FeeUpdateState::Outbound => { assert!(self.is_outbound()); generated_by_local },
2463 feerate_per_kw = feerate;
2467 log_trace!(logger, "Building commitment transaction number {} (really {} xor {}) for channel {} for {}, generated by {} with fee {}...",
2468 commitment_number, (INITIAL_COMMITMENT_NUMBER - commitment_number),
2469 get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound()),
2471 if local { "us" } else { "remote" }, if generated_by_local { "us" } else { "remote" }, feerate_per_kw);
2473 macro_rules! get_htlc_in_commitment {
2474 ($htlc: expr, $offered: expr) => {
2475 HTLCOutputInCommitment {
2477 amount_msat: $htlc.amount_msat,
2478 cltv_expiry: $htlc.cltv_expiry,
2479 payment_hash: $htlc.payment_hash,
2480 transaction_output_index: None
2485 macro_rules! add_htlc_output {
2486 ($htlc: expr, $outbound: expr, $source: expr, $state_name: expr) => {
2487 if $outbound == local { // "offered HTLC output"
2488 let htlc_in_tx = get_htlc_in_commitment!($htlc, true);
2489 let htlc_tx_fee = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2492 feerate_per_kw as u64 * htlc_timeout_tx_weight(self.get_channel_type()) / 1000
2494 if $htlc.amount_msat / 1000 >= broadcaster_dust_limit_satoshis + htlc_tx_fee {
2495 log_trace!(logger, " ...including {} {} HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2496 included_non_dust_htlcs.push((htlc_in_tx, $source));
2498 log_trace!(logger, " ...including {} {} dust HTLC {} (hash {}) with value {} due to dust limit", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2499 included_dust_htlcs.push((htlc_in_tx, $source));
2502 let htlc_in_tx = get_htlc_in_commitment!($htlc, false);
2503 let htlc_tx_fee = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2506 feerate_per_kw as u64 * htlc_success_tx_weight(self.get_channel_type()) / 1000
2508 if $htlc.amount_msat / 1000 >= broadcaster_dust_limit_satoshis + htlc_tx_fee {
2509 log_trace!(logger, " ...including {} {} HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2510 included_non_dust_htlcs.push((htlc_in_tx, $source));
2512 log_trace!(logger, " ...including {} {} dust HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2513 included_dust_htlcs.push((htlc_in_tx, $source));
2519 let mut inbound_htlc_preimages: Vec<PaymentPreimage> = Vec::new();
2521 for ref htlc in self.pending_inbound_htlcs.iter() {
2522 let (include, state_name) = match htlc.state {
2523 InboundHTLCState::RemoteAnnounced(_) => (!generated_by_local, "RemoteAnnounced"),
2524 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) => (!generated_by_local, "AwaitingRemoteRevokeToAnnounce"),
2525 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) => (true, "AwaitingAnnouncedRemoteRevoke"),
2526 InboundHTLCState::Committed => (true, "Committed"),
2527 InboundHTLCState::LocalRemoved(_) => (!generated_by_local, "LocalRemoved"),
2531 add_htlc_output!(htlc, false, None, state_name);
2532 remote_htlc_total_msat += htlc.amount_msat;
2534 log_trace!(logger, " ...not including inbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, &htlc.payment_hash, htlc.amount_msat, state_name);
2536 &InboundHTLCState::LocalRemoved(ref reason) => {
2537 if generated_by_local {
2538 if let &InboundHTLCRemovalReason::Fulfill(preimage) = reason {
2539 inbound_htlc_preimages.push(preimage);
2540 value_to_self_msat_offset += htlc.amount_msat as i64;
2550 let mut outbound_htlc_preimages: Vec<PaymentPreimage> = Vec::new();
2552 for ref htlc in self.pending_outbound_htlcs.iter() {
2553 let (include, state_name) = match htlc.state {
2554 OutboundHTLCState::LocalAnnounced(_) => (generated_by_local, "LocalAnnounced"),
2555 OutboundHTLCState::Committed => (true, "Committed"),
2556 OutboundHTLCState::RemoteRemoved(_) => (generated_by_local, "RemoteRemoved"),
2557 OutboundHTLCState::AwaitingRemoteRevokeToRemove(_) => (generated_by_local, "AwaitingRemoteRevokeToRemove"),
2558 OutboundHTLCState::AwaitingRemovedRemoteRevoke(_) => (false, "AwaitingRemovedRemoteRevoke"),
2561 let preimage_opt = match htlc.state {
2562 OutboundHTLCState::RemoteRemoved(OutboundHTLCOutcome::Success(p)) => p,
2563 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(p)) => p,
2564 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(p)) => p,
2568 if let Some(preimage) = preimage_opt {
2569 outbound_htlc_preimages.push(preimage);
2573 add_htlc_output!(htlc, true, Some(&htlc.source), state_name);
2574 local_htlc_total_msat += htlc.amount_msat;
2576 log_trace!(logger, " ...not including outbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, &htlc.payment_hash, htlc.amount_msat, state_name);
2578 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_))|OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) => {
2579 value_to_self_msat_offset -= htlc.amount_msat as i64;
2581 OutboundHTLCState::RemoteRemoved(OutboundHTLCOutcome::Success(_)) => {
2582 if !generated_by_local {
2583 value_to_self_msat_offset -= htlc.amount_msat as i64;
2591 let value_to_self_msat: i64 = (self.value_to_self_msat - local_htlc_total_msat) as i64 + value_to_self_msat_offset;
2592 assert!(value_to_self_msat >= 0);
2593 // Note that in case they have several just-awaiting-last-RAA fulfills in-progress (ie
2594 // AwaitingRemoteRevokeToRemove or AwaitingRemovedRemoteRevoke) we may have allowed them to
2595 // "violate" their reserve value by couting those against it. Thus, we have to convert
2596 // everything to i64 before subtracting as otherwise we can overflow.
2597 let value_to_remote_msat: i64 = (self.channel_value_satoshis * 1000) as i64 - (self.value_to_self_msat as i64) - (remote_htlc_total_msat as i64) - value_to_self_msat_offset;
2598 assert!(value_to_remote_msat >= 0);
2600 #[cfg(debug_assertions)]
2602 // Make sure that the to_self/to_remote is always either past the appropriate
2603 // channel_reserve *or* it is making progress towards it.
2604 let mut broadcaster_max_commitment_tx_output = if generated_by_local {
2605 self.holder_max_commitment_tx_output.lock().unwrap()
2607 self.counterparty_max_commitment_tx_output.lock().unwrap()
2609 debug_assert!(broadcaster_max_commitment_tx_output.0 <= value_to_self_msat as u64 || value_to_self_msat / 1000 >= self.counterparty_selected_channel_reserve_satoshis.unwrap() as i64);
2610 broadcaster_max_commitment_tx_output.0 = cmp::max(broadcaster_max_commitment_tx_output.0, value_to_self_msat as u64);
2611 debug_assert!(broadcaster_max_commitment_tx_output.1 <= value_to_remote_msat as u64 || value_to_remote_msat / 1000 >= self.holder_selected_channel_reserve_satoshis as i64);
2612 broadcaster_max_commitment_tx_output.1 = cmp::max(broadcaster_max_commitment_tx_output.1, value_to_remote_msat as u64);
2615 let total_fee_sat = commit_tx_fee_sat(feerate_per_kw, included_non_dust_htlcs.len(), &self.channel_transaction_parameters.channel_type_features);
2616 let anchors_val = if self.channel_transaction_parameters.channel_type_features.supports_anchors_zero_fee_htlc_tx() { ANCHOR_OUTPUT_VALUE_SATOSHI * 2 } else { 0 } as i64;
2617 let (value_to_self, value_to_remote) = if self.is_outbound() {
2618 (value_to_self_msat / 1000 - anchors_val - total_fee_sat as i64, value_to_remote_msat / 1000)
2620 (value_to_self_msat / 1000, value_to_remote_msat / 1000 - anchors_val - total_fee_sat as i64)
2623 let mut value_to_a = if local { value_to_self } else { value_to_remote };
2624 let mut value_to_b = if local { value_to_remote } else { value_to_self };
2625 let (funding_pubkey_a, funding_pubkey_b) = if local {
2626 (self.get_holder_pubkeys().funding_pubkey, self.get_counterparty_pubkeys().funding_pubkey)
2628 (self.get_counterparty_pubkeys().funding_pubkey, self.get_holder_pubkeys().funding_pubkey)
2631 if value_to_a >= (broadcaster_dust_limit_satoshis as i64) {
2632 log_trace!(logger, " ...including {} output with value {}", if local { "to_local" } else { "to_remote" }, value_to_a);
2637 if value_to_b >= (broadcaster_dust_limit_satoshis as i64) {
2638 log_trace!(logger, " ...including {} output with value {}", if local { "to_remote" } else { "to_local" }, value_to_b);
2643 let num_nondust_htlcs = included_non_dust_htlcs.len();
2645 let channel_parameters =
2646 if local { self.channel_transaction_parameters.as_holder_broadcastable() }
2647 else { self.channel_transaction_parameters.as_counterparty_broadcastable() };
2648 let tx = CommitmentTransaction::new_with_auxiliary_htlc_data(commitment_number,
2655 &mut included_non_dust_htlcs,
2658 let mut htlcs_included = included_non_dust_htlcs;
2659 // The unwrap is safe, because all non-dust HTLCs have been assigned an output index
2660 htlcs_included.sort_unstable_by_key(|h| h.0.transaction_output_index.unwrap());
2661 htlcs_included.append(&mut included_dust_htlcs);
2669 local_balance_msat: value_to_self_msat as u64,
2670 remote_balance_msat: value_to_remote_msat as u64,
2671 inbound_htlc_preimages,
2672 outbound_htlc_preimages,
2677 /// Creates a set of keys for build_commitment_transaction to generate a transaction which our
2678 /// counterparty will sign (ie DO NOT send signatures over a transaction created by this to
2679 /// our counterparty!)
2680 /// The result is a transaction which we can revoke broadcastership of (ie a "local" transaction)
2681 /// TODO Some magic rust shit to compile-time check this?
2682 fn build_holder_transaction_keys(&self, commitment_number: u64) -> TxCreationKeys {
2683 let per_commitment_point = self.holder_signer.as_ref().get_per_commitment_point(commitment_number, &self.secp_ctx);
2684 let delayed_payment_base = &self.get_holder_pubkeys().delayed_payment_basepoint;
2685 let htlc_basepoint = &self.get_holder_pubkeys().htlc_basepoint;
2686 let counterparty_pubkeys = self.get_counterparty_pubkeys();
2688 TxCreationKeys::derive_new(&self.secp_ctx, &per_commitment_point, delayed_payment_base, htlc_basepoint, &counterparty_pubkeys.revocation_basepoint, &counterparty_pubkeys.htlc_basepoint)
2692 /// Creates a set of keys for build_commitment_transaction to generate a transaction which we
2693 /// will sign and send to our counterparty.
2694 /// If an Err is returned, it is a ChannelError::Close (for get_funding_created)
2695 fn build_remote_transaction_keys(&self) -> TxCreationKeys {
2696 let revocation_basepoint = &self.get_holder_pubkeys().revocation_basepoint;
2697 let htlc_basepoint = &self.get_holder_pubkeys().htlc_basepoint;
2698 let counterparty_pubkeys = self.get_counterparty_pubkeys();
2700 TxCreationKeys::derive_new(&self.secp_ctx, &self.counterparty_cur_commitment_point.unwrap(), &counterparty_pubkeys.delayed_payment_basepoint, &counterparty_pubkeys.htlc_basepoint, revocation_basepoint, htlc_basepoint)
2703 /// Gets the redeemscript for the funding transaction output (ie the funding transaction output
2704 /// pays to get_funding_redeemscript().to_v0_p2wsh()).
2705 /// Panics if called before accept_channel/InboundV1Channel::new
2706 pub fn get_funding_redeemscript(&self) -> ScriptBuf {
2707 make_funding_redeemscript(&self.get_holder_pubkeys().funding_pubkey, self.counterparty_funding_pubkey())
2710 fn counterparty_funding_pubkey(&self) -> &PublicKey {
2711 &self.get_counterparty_pubkeys().funding_pubkey
2714 pub fn get_feerate_sat_per_1000_weight(&self) -> u32 {
2718 pub fn get_dust_buffer_feerate(&self, outbound_feerate_update: Option<u32>) -> u32 {
2719 // When calculating our exposure to dust HTLCs, we assume that the channel feerate
2720 // may, at any point, increase by at least 10 sat/vB (i.e 2530 sat/kWU) or 25%,
2721 // whichever is higher. This ensures that we aren't suddenly exposed to significantly
2722 // more dust balance if the feerate increases when we have several HTLCs pending
2723 // which are near the dust limit.
2724 let mut feerate_per_kw = self.feerate_per_kw;
2725 // If there's a pending update fee, use it to ensure we aren't under-estimating
2726 // potential feerate updates coming soon.
2727 if let Some((feerate, _)) = self.pending_update_fee {
2728 feerate_per_kw = cmp::max(feerate_per_kw, feerate);
2730 if let Some(feerate) = outbound_feerate_update {
2731 feerate_per_kw = cmp::max(feerate_per_kw, feerate);
2733 let feerate_plus_quarter = feerate_per_kw.checked_mul(1250).map(|v| v / 1000);
2734 cmp::max(2530, feerate_plus_quarter.unwrap_or(u32::max_value()))
2737 /// Get forwarding information for the counterparty.
2738 pub fn counterparty_forwarding_info(&self) -> Option<CounterpartyForwardingInfo> {
2739 self.counterparty_forwarding_info.clone()
2742 /// Returns a HTLCStats about inbound pending htlcs
2743 fn get_inbound_pending_htlc_stats(&self, outbound_feerate_update: Option<u32>) -> HTLCStats {
2745 let mut stats = HTLCStats {
2746 pending_htlcs: context.pending_inbound_htlcs.len() as u32,
2747 pending_htlcs_value_msat: 0,
2748 on_counterparty_tx_dust_exposure_msat: 0,
2749 on_holder_tx_dust_exposure_msat: 0,
2750 holding_cell_msat: 0,
2751 on_holder_tx_holding_cell_htlcs_count: 0,
2754 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2757 let dust_buffer_feerate = context.get_dust_buffer_feerate(outbound_feerate_update) as u64;
2758 (dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000,
2759 dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000)
2761 let counterparty_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.counterparty_dust_limit_satoshis;
2762 let holder_dust_limit_success_sat = htlc_success_dust_limit + context.holder_dust_limit_satoshis;
2763 for ref htlc in context.pending_inbound_htlcs.iter() {
2764 stats.pending_htlcs_value_msat += htlc.amount_msat;
2765 if htlc.amount_msat / 1000 < counterparty_dust_limit_timeout_sat {
2766 stats.on_counterparty_tx_dust_exposure_msat += htlc.amount_msat;
2768 if htlc.amount_msat / 1000 < holder_dust_limit_success_sat {
2769 stats.on_holder_tx_dust_exposure_msat += htlc.amount_msat;
2775 /// Returns a HTLCStats about pending outbound htlcs, *including* pending adds in our holding cell.
2776 fn get_outbound_pending_htlc_stats(&self, outbound_feerate_update: Option<u32>) -> HTLCStats {
2778 let mut stats = HTLCStats {
2779 pending_htlcs: context.pending_outbound_htlcs.len() as u32,
2780 pending_htlcs_value_msat: 0,
2781 on_counterparty_tx_dust_exposure_msat: 0,
2782 on_holder_tx_dust_exposure_msat: 0,
2783 holding_cell_msat: 0,
2784 on_holder_tx_holding_cell_htlcs_count: 0,
2787 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2790 let dust_buffer_feerate = context.get_dust_buffer_feerate(outbound_feerate_update) as u64;
2791 (dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000,
2792 dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000)
2794 let counterparty_dust_limit_success_sat = htlc_success_dust_limit + context.counterparty_dust_limit_satoshis;
2795 let holder_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.holder_dust_limit_satoshis;
2796 for ref htlc in context.pending_outbound_htlcs.iter() {
2797 stats.pending_htlcs_value_msat += htlc.amount_msat;
2798 if htlc.amount_msat / 1000 < counterparty_dust_limit_success_sat {
2799 stats.on_counterparty_tx_dust_exposure_msat += htlc.amount_msat;
2801 if htlc.amount_msat / 1000 < holder_dust_limit_timeout_sat {
2802 stats.on_holder_tx_dust_exposure_msat += htlc.amount_msat;
2806 for update in context.holding_cell_htlc_updates.iter() {
2807 if let &HTLCUpdateAwaitingACK::AddHTLC { ref amount_msat, .. } = update {
2808 stats.pending_htlcs += 1;
2809 stats.pending_htlcs_value_msat += amount_msat;
2810 stats.holding_cell_msat += amount_msat;
2811 if *amount_msat / 1000 < counterparty_dust_limit_success_sat {
2812 stats.on_counterparty_tx_dust_exposure_msat += amount_msat;
2814 if *amount_msat / 1000 < holder_dust_limit_timeout_sat {
2815 stats.on_holder_tx_dust_exposure_msat += amount_msat;
2817 stats.on_holder_tx_holding_cell_htlcs_count += 1;
2824 /// Returns information on all pending inbound HTLCs.
2825 pub fn get_pending_inbound_htlc_details(&self) -> Vec<InboundHTLCDetails> {
2826 let mut holding_cell_states = new_hash_map();
2827 for holding_cell_update in self.holding_cell_htlc_updates.iter() {
2828 match holding_cell_update {
2829 HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
2830 holding_cell_states.insert(
2832 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFulfill,
2835 HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } => {
2836 holding_cell_states.insert(
2838 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail,
2841 HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } => {
2842 holding_cell_states.insert(
2844 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail,
2848 HTLCUpdateAwaitingACK::AddHTLC { .. } => {},
2851 let mut inbound_details = Vec::new();
2852 let htlc_success_dust_limit = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2855 let dust_buffer_feerate = self.get_dust_buffer_feerate(None) as u64;
2856 dust_buffer_feerate * htlc_success_tx_weight(self.get_channel_type()) / 1000
2858 let holder_dust_limit_success_sat = htlc_success_dust_limit + self.holder_dust_limit_satoshis;
2859 for htlc in self.pending_inbound_htlcs.iter() {
2860 if let Some(state_details) = (&htlc.state).into() {
2861 inbound_details.push(InboundHTLCDetails{
2862 htlc_id: htlc.htlc_id,
2863 amount_msat: htlc.amount_msat,
2864 cltv_expiry: htlc.cltv_expiry,
2865 payment_hash: htlc.payment_hash,
2866 state: Some(holding_cell_states.remove(&htlc.htlc_id).unwrap_or(state_details)),
2867 is_dust: htlc.amount_msat / 1000 < holder_dust_limit_success_sat,
2874 /// Returns information on all pending outbound HTLCs.
2875 pub fn get_pending_outbound_htlc_details(&self) -> Vec<OutboundHTLCDetails> {
2876 let mut outbound_details = Vec::new();
2877 let htlc_timeout_dust_limit = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2880 let dust_buffer_feerate = self.get_dust_buffer_feerate(None) as u64;
2881 dust_buffer_feerate * htlc_success_tx_weight(self.get_channel_type()) / 1000
2883 let holder_dust_limit_timeout_sat = htlc_timeout_dust_limit + self.holder_dust_limit_satoshis;
2884 for htlc in self.pending_outbound_htlcs.iter() {
2885 outbound_details.push(OutboundHTLCDetails{
2886 htlc_id: Some(htlc.htlc_id),
2887 amount_msat: htlc.amount_msat,
2888 cltv_expiry: htlc.cltv_expiry,
2889 payment_hash: htlc.payment_hash,
2890 skimmed_fee_msat: htlc.skimmed_fee_msat,
2891 state: Some((&htlc.state).into()),
2892 is_dust: htlc.amount_msat / 1000 < holder_dust_limit_timeout_sat,
2895 for holding_cell_update in self.holding_cell_htlc_updates.iter() {
2896 if let HTLCUpdateAwaitingACK::AddHTLC {
2902 } = *holding_cell_update {
2903 outbound_details.push(OutboundHTLCDetails{
2905 amount_msat: amount_msat,
2906 cltv_expiry: cltv_expiry,
2907 payment_hash: payment_hash,
2908 skimmed_fee_msat: skimmed_fee_msat,
2909 state: Some(OutboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
2910 is_dust: amount_msat / 1000 < holder_dust_limit_timeout_sat,
2917 /// Get the available balances, see [`AvailableBalances`]'s fields for more info.
2918 /// Doesn't bother handling the
2919 /// if-we-removed-it-already-but-haven't-fully-resolved-they-can-still-send-an-inbound-HTLC
2920 /// corner case properly.
2921 pub fn get_available_balances<F: Deref>(&self, fee_estimator: &LowerBoundedFeeEstimator<F>)
2922 -> AvailableBalances
2923 where F::Target: FeeEstimator
2925 let context = &self;
2926 // Note that we have to handle overflow due to the above case.
2927 let inbound_stats = context.get_inbound_pending_htlc_stats(None);
2928 let outbound_stats = context.get_outbound_pending_htlc_stats(None);
2930 let mut balance_msat = context.value_to_self_msat;
2931 for ref htlc in context.pending_inbound_htlcs.iter() {
2932 if let InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(_)) = htlc.state {
2933 balance_msat += htlc.amount_msat;
2936 balance_msat -= outbound_stats.pending_htlcs_value_msat;
2938 let outbound_capacity_msat = context.value_to_self_msat
2939 .saturating_sub(outbound_stats.pending_htlcs_value_msat)
2941 context.counterparty_selected_channel_reserve_satoshis.unwrap_or(0) * 1000);
2943 let mut available_capacity_msat = outbound_capacity_msat;
2945 let anchor_outputs_value_msat = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2946 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
2950 if context.is_outbound() {
2951 // We should mind channel commit tx fee when computing how much of the available capacity
2952 // can be used in the next htlc. Mirrors the logic in send_htlc.
2954 // The fee depends on whether the amount we will be sending is above dust or not,
2955 // and the answer will in turn change the amount itself — making it a circular
2957 // This complicates the computation around dust-values, up to the one-htlc-value.
2958 let mut real_dust_limit_timeout_sat = context.holder_dust_limit_satoshis;
2959 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2960 real_dust_limit_timeout_sat += context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000;
2963 let htlc_above_dust = HTLCCandidate::new(real_dust_limit_timeout_sat * 1000, HTLCInitiator::LocalOffered);
2964 let mut max_reserved_commit_tx_fee_msat = context.next_local_commit_tx_fee_msat(htlc_above_dust, Some(()));
2965 let htlc_dust = HTLCCandidate::new(real_dust_limit_timeout_sat * 1000 - 1, HTLCInitiator::LocalOffered);
2966 let mut min_reserved_commit_tx_fee_msat = context.next_local_commit_tx_fee_msat(htlc_dust, Some(()));
2967 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2968 max_reserved_commit_tx_fee_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
2969 min_reserved_commit_tx_fee_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
2972 // We will first subtract the fee as if we were above-dust. Then, if the resulting
2973 // value ends up being below dust, we have this fee available again. In that case,
2974 // match the value to right-below-dust.
2975 let mut capacity_minus_commitment_fee_msat: i64 = available_capacity_msat as i64 -
2976 max_reserved_commit_tx_fee_msat as i64 - anchor_outputs_value_msat as i64;
2977 if capacity_minus_commitment_fee_msat < (real_dust_limit_timeout_sat as i64) * 1000 {
2978 let one_htlc_difference_msat = max_reserved_commit_tx_fee_msat - min_reserved_commit_tx_fee_msat;
2979 debug_assert!(one_htlc_difference_msat != 0);
2980 capacity_minus_commitment_fee_msat += one_htlc_difference_msat as i64;
2981 capacity_minus_commitment_fee_msat = cmp::min(real_dust_limit_timeout_sat as i64 * 1000 - 1, capacity_minus_commitment_fee_msat);
2982 available_capacity_msat = cmp::max(0, cmp::min(capacity_minus_commitment_fee_msat, available_capacity_msat as i64)) as u64;
2984 available_capacity_msat = capacity_minus_commitment_fee_msat as u64;
2987 // If the channel is inbound (i.e. counterparty pays the fee), we need to make sure
2988 // sending a new HTLC won't reduce their balance below our reserve threshold.
2989 let mut real_dust_limit_success_sat = context.counterparty_dust_limit_satoshis;
2990 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2991 real_dust_limit_success_sat += context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000;
2994 let htlc_above_dust = HTLCCandidate::new(real_dust_limit_success_sat * 1000, HTLCInitiator::LocalOffered);
2995 let max_reserved_commit_tx_fee_msat = context.next_remote_commit_tx_fee_msat(htlc_above_dust, None);
2997 let holder_selected_chan_reserve_msat = context.holder_selected_channel_reserve_satoshis * 1000;
2998 let remote_balance_msat = (context.channel_value_satoshis * 1000 - context.value_to_self_msat)
2999 .saturating_sub(inbound_stats.pending_htlcs_value_msat);
3001 if remote_balance_msat < max_reserved_commit_tx_fee_msat + holder_selected_chan_reserve_msat + anchor_outputs_value_msat {
3002 // If another HTLC's fee would reduce the remote's balance below the reserve limit
3003 // we've selected for them, we can only send dust HTLCs.
3004 available_capacity_msat = cmp::min(available_capacity_msat, real_dust_limit_success_sat * 1000 - 1);
3008 let mut next_outbound_htlc_minimum_msat = context.counterparty_htlc_minimum_msat;
3010 // If we get close to our maximum dust exposure, we end up in a situation where we can send
3011 // between zero and the remaining dust exposure limit remaining OR above the dust limit.
3012 // Because we cannot express this as a simple min/max, we prefer to tell the user they can
3013 // send above the dust limit (as the router can always overpay to meet the dust limit).
3014 let mut remaining_msat_below_dust_exposure_limit = None;
3015 let mut dust_exposure_dust_limit_msat = 0;
3016 let max_dust_htlc_exposure_msat = context.get_max_dust_htlc_exposure_msat(fee_estimator);
3018 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3019 (context.counterparty_dust_limit_satoshis, context.holder_dust_limit_satoshis)
3021 let dust_buffer_feerate = context.get_dust_buffer_feerate(None) as u64;
3022 (context.counterparty_dust_limit_satoshis + dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3023 context.holder_dust_limit_satoshis + dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3025 let on_counterparty_dust_htlc_exposure_msat = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
3026 if on_counterparty_dust_htlc_exposure_msat as i64 + htlc_success_dust_limit as i64 * 1000 - 1 > max_dust_htlc_exposure_msat.try_into().unwrap_or(i64::max_value()) {
3027 remaining_msat_below_dust_exposure_limit =
3028 Some(max_dust_htlc_exposure_msat.saturating_sub(on_counterparty_dust_htlc_exposure_msat));
3029 dust_exposure_dust_limit_msat = cmp::max(dust_exposure_dust_limit_msat, htlc_success_dust_limit * 1000);
3032 let on_holder_dust_htlc_exposure_msat = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
3033 if on_holder_dust_htlc_exposure_msat as i64 + htlc_timeout_dust_limit as i64 * 1000 - 1 > max_dust_htlc_exposure_msat.try_into().unwrap_or(i64::max_value()) {
3034 remaining_msat_below_dust_exposure_limit = Some(cmp::min(
3035 remaining_msat_below_dust_exposure_limit.unwrap_or(u64::max_value()),
3036 max_dust_htlc_exposure_msat.saturating_sub(on_holder_dust_htlc_exposure_msat)));
3037 dust_exposure_dust_limit_msat = cmp::max(dust_exposure_dust_limit_msat, htlc_timeout_dust_limit * 1000);
3040 if let Some(remaining_limit_msat) = remaining_msat_below_dust_exposure_limit {
3041 if available_capacity_msat < dust_exposure_dust_limit_msat {
3042 available_capacity_msat = cmp::min(available_capacity_msat, remaining_limit_msat);
3044 next_outbound_htlc_minimum_msat = cmp::max(next_outbound_htlc_minimum_msat, dust_exposure_dust_limit_msat);
3048 available_capacity_msat = cmp::min(available_capacity_msat,
3049 context.counterparty_max_htlc_value_in_flight_msat - outbound_stats.pending_htlcs_value_msat);
3051 if outbound_stats.pending_htlcs + 1 > context.counterparty_max_accepted_htlcs as u32 {
3052 available_capacity_msat = 0;
3056 inbound_capacity_msat: cmp::max(context.channel_value_satoshis as i64 * 1000
3057 - context.value_to_self_msat as i64
3058 - context.get_inbound_pending_htlc_stats(None).pending_htlcs_value_msat as i64
3059 - context.holder_selected_channel_reserve_satoshis as i64 * 1000,
3061 outbound_capacity_msat,
3062 next_outbound_htlc_limit_msat: available_capacity_msat,
3063 next_outbound_htlc_minimum_msat,
3068 pub fn get_holder_counterparty_selected_channel_reserve_satoshis(&self) -> (u64, Option<u64>) {
3069 let context = &self;
3070 (context.holder_selected_channel_reserve_satoshis, context.counterparty_selected_channel_reserve_satoshis)
3073 /// Get the commitment tx fee for the local's (i.e. our) next commitment transaction based on the
3074 /// number of pending HTLCs that are on track to be in our next commitment tx.
3076 /// Optionally includes the `HTLCCandidate` given by `htlc` and an additional non-dust HTLC if
3077 /// `fee_spike_buffer_htlc` is `Some`.
3079 /// The first extra HTLC is useful for determining whether we can accept a further HTLC, the
3080 /// second allows for creating a buffer to ensure a further HTLC can always be accepted/added.
3082 /// Dust HTLCs are excluded.
3083 fn next_local_commit_tx_fee_msat(&self, htlc: HTLCCandidate, fee_spike_buffer_htlc: Option<()>) -> u64 {
3084 let context = &self;
3085 assert!(context.is_outbound());
3087 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3090 (context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3091 context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3093 let real_dust_limit_success_sat = htlc_success_dust_limit + context.holder_dust_limit_satoshis;
3094 let real_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.holder_dust_limit_satoshis;
3096 let mut addl_htlcs = 0;
3097 if fee_spike_buffer_htlc.is_some() { addl_htlcs += 1; }
3099 HTLCInitiator::LocalOffered => {
3100 if htlc.amount_msat / 1000 >= real_dust_limit_timeout_sat {
3104 HTLCInitiator::RemoteOffered => {
3105 if htlc.amount_msat / 1000 >= real_dust_limit_success_sat {
3111 let mut included_htlcs = 0;
3112 for ref htlc in context.pending_inbound_htlcs.iter() {
3113 if htlc.amount_msat / 1000 < real_dust_limit_success_sat {
3116 // We include LocalRemoved HTLCs here because we may still need to broadcast a commitment
3117 // transaction including this HTLC if it times out before they RAA.
3118 included_htlcs += 1;
3121 for ref htlc in context.pending_outbound_htlcs.iter() {
3122 if htlc.amount_msat / 1000 < real_dust_limit_timeout_sat {
3126 OutboundHTLCState::LocalAnnounced {..} => included_htlcs += 1,
3127 OutboundHTLCState::Committed => included_htlcs += 1,
3128 OutboundHTLCState::RemoteRemoved {..} => included_htlcs += 1,
3129 // We don't include AwaitingRemoteRevokeToRemove HTLCs because our next commitment
3130 // transaction won't be generated until they send us their next RAA, which will mean
3131 // dropping any HTLCs in this state.
3136 for htlc in context.holding_cell_htlc_updates.iter() {
3138 &HTLCUpdateAwaitingACK::AddHTLC { amount_msat, .. } => {
3139 if amount_msat / 1000 < real_dust_limit_timeout_sat {
3144 _ => {}, // Don't include claims/fails that are awaiting ack, because once we get the
3145 // ack we're guaranteed to never include them in commitment txs anymore.
3149 let num_htlcs = included_htlcs + addl_htlcs;
3150 let res = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs, &context.channel_type);
3151 #[cfg(any(test, fuzzing))]
3154 if fee_spike_buffer_htlc.is_some() {
3155 fee = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs - 1, &context.channel_type);
3157 let total_pending_htlcs = context.pending_inbound_htlcs.len() + context.pending_outbound_htlcs.len()
3158 + context.holding_cell_htlc_updates.len();
3159 let commitment_tx_info = CommitmentTxInfoCached {
3161 total_pending_htlcs,
3162 next_holder_htlc_id: match htlc.origin {
3163 HTLCInitiator::LocalOffered => context.next_holder_htlc_id + 1,
3164 HTLCInitiator::RemoteOffered => context.next_holder_htlc_id,
3166 next_counterparty_htlc_id: match htlc.origin {
3167 HTLCInitiator::LocalOffered => context.next_counterparty_htlc_id,
3168 HTLCInitiator::RemoteOffered => context.next_counterparty_htlc_id + 1,
3170 feerate: context.feerate_per_kw,
3172 *context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = Some(commitment_tx_info);
3177 /// Get the commitment tx fee for the remote's next commitment transaction based on the number of
3178 /// pending HTLCs that are on track to be in their next commitment tx
3180 /// Optionally includes the `HTLCCandidate` given by `htlc` and an additional non-dust HTLC if
3181 /// `fee_spike_buffer_htlc` is `Some`.
3183 /// The first extra HTLC is useful for determining whether we can accept a further HTLC, the
3184 /// second allows for creating a buffer to ensure a further HTLC can always be accepted/added.
3186 /// Dust HTLCs are excluded.
3187 fn next_remote_commit_tx_fee_msat(&self, htlc: HTLCCandidate, fee_spike_buffer_htlc: Option<()>) -> u64 {
3188 let context = &self;
3189 assert!(!context.is_outbound());
3191 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3194 (context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3195 context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3197 let real_dust_limit_success_sat = htlc_success_dust_limit + context.counterparty_dust_limit_satoshis;
3198 let real_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.counterparty_dust_limit_satoshis;
3200 let mut addl_htlcs = 0;
3201 if fee_spike_buffer_htlc.is_some() { addl_htlcs += 1; }
3203 HTLCInitiator::LocalOffered => {
3204 if htlc.amount_msat / 1000 >= real_dust_limit_success_sat {
3208 HTLCInitiator::RemoteOffered => {
3209 if htlc.amount_msat / 1000 >= real_dust_limit_timeout_sat {
3215 // When calculating the set of HTLCs which will be included in their next commitment_signed, all
3216 // non-dust inbound HTLCs are included (as all states imply it will be included) and only
3217 // committed outbound HTLCs, see below.
3218 let mut included_htlcs = 0;
3219 for ref htlc in context.pending_inbound_htlcs.iter() {
3220 if htlc.amount_msat / 1000 <= real_dust_limit_timeout_sat {
3223 included_htlcs += 1;
3226 for ref htlc in context.pending_outbound_htlcs.iter() {
3227 if htlc.amount_msat / 1000 <= real_dust_limit_success_sat {
3230 // We only include outbound HTLCs if it will not be included in their next commitment_signed,
3231 // i.e. if they've responded to us with an RAA after announcement.
3233 OutboundHTLCState::Committed => included_htlcs += 1,
3234 OutboundHTLCState::RemoteRemoved {..} => included_htlcs += 1,
3235 OutboundHTLCState::LocalAnnounced { .. } => included_htlcs += 1,
3240 let num_htlcs = included_htlcs + addl_htlcs;
3241 let res = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs, &context.channel_type);
3242 #[cfg(any(test, fuzzing))]
3245 if fee_spike_buffer_htlc.is_some() {
3246 fee = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs - 1, &context.channel_type);
3248 let total_pending_htlcs = context.pending_inbound_htlcs.len() + context.pending_outbound_htlcs.len();
3249 let commitment_tx_info = CommitmentTxInfoCached {
3251 total_pending_htlcs,
3252 next_holder_htlc_id: match htlc.origin {
3253 HTLCInitiator::LocalOffered => context.next_holder_htlc_id + 1,
3254 HTLCInitiator::RemoteOffered => context.next_holder_htlc_id,
3256 next_counterparty_htlc_id: match htlc.origin {
3257 HTLCInitiator::LocalOffered => context.next_counterparty_htlc_id,
3258 HTLCInitiator::RemoteOffered => context.next_counterparty_htlc_id + 1,
3260 feerate: context.feerate_per_kw,
3262 *context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = Some(commitment_tx_info);
3267 fn if_unbroadcasted_funding<F, O>(&self, f: F) -> Option<O> where F: Fn() -> Option<O> {
3268 match self.channel_state {
3269 ChannelState::FundingNegotiated => f(),
3270 ChannelState::AwaitingChannelReady(flags) =>
3271 if flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH) ||
3272 flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into())
3282 /// Returns the transaction if there is a pending funding transaction that is yet to be
3284 pub fn unbroadcasted_funding(&self) -> Option<Transaction> {
3285 self.if_unbroadcasted_funding(|| self.funding_transaction.clone())
3288 /// Returns the transaction ID if there is a pending funding transaction that is yet to be
3290 pub fn unbroadcasted_funding_txid(&self) -> Option<Txid> {
3291 self.if_unbroadcasted_funding(||
3292 self.channel_transaction_parameters.funding_outpoint.map(|txo| txo.txid)
3296 /// Returns whether the channel is funded in a batch.
3297 pub fn is_batch_funding(&self) -> bool {
3298 self.is_batch_funding.is_some()
3301 /// Returns the transaction ID if there is a pending batch funding transaction that is yet to be
3303 pub fn unbroadcasted_batch_funding_txid(&self) -> Option<Txid> {
3304 self.unbroadcasted_funding_txid().filter(|_| self.is_batch_funding())
3307 /// Gets the latest commitment transaction and any dependent transactions for relay (forcing
3308 /// shutdown of this channel - no more calls into this Channel may be made afterwards except
3309 /// those explicitly stated to be allowed after shutdown completes, eg some simple getters).
3310 /// Also returns the list of payment_hashes for channels which we can safely fail backwards
3311 /// immediately (others we will have to allow to time out).
3312 pub fn force_shutdown(&mut self, should_broadcast: bool, closure_reason: ClosureReason) -> ShutdownResult {
3313 // Note that we MUST only generate a monitor update that indicates force-closure - we're
3314 // called during initialization prior to the chain_monitor in the encompassing ChannelManager
3315 // being fully configured in some cases. Thus, its likely any monitor events we generate will
3316 // be delayed in being processed! See the docs for `ChannelManagerReadArgs` for more.
3317 assert!(!matches!(self.channel_state, ChannelState::ShutdownComplete));
3319 // We go ahead and "free" any holding cell HTLCs or HTLCs we haven't yet committed to and
3320 // return them to fail the payment.
3321 let mut dropped_outbound_htlcs = Vec::with_capacity(self.holding_cell_htlc_updates.len());
3322 let counterparty_node_id = self.get_counterparty_node_id();
3323 for htlc_update in self.holding_cell_htlc_updates.drain(..) {
3325 HTLCUpdateAwaitingACK::AddHTLC { source, payment_hash, .. } => {
3326 dropped_outbound_htlcs.push((source, payment_hash, counterparty_node_id, self.channel_id));
3331 let monitor_update = if let Some(funding_txo) = self.get_funding_txo() {
3332 // If we haven't yet exchanged funding signatures (ie channel_state < AwaitingChannelReady),
3333 // returning a channel monitor update here would imply a channel monitor update before
3334 // we even registered the channel monitor to begin with, which is invalid.
3335 // Thus, if we aren't actually at a point where we could conceivably broadcast the
3336 // funding transaction, don't return a funding txo (which prevents providing the
3337 // monitor update to the user, even if we return one).
3338 // See test_duplicate_chan_id and test_pre_lockin_no_chan_closed_update for more.
3339 if !self.channel_state.is_pre_funded_state() {
3340 self.latest_monitor_update_id = CLOSED_CHANNEL_UPDATE_ID;
3341 Some((self.get_counterparty_node_id(), funding_txo, self.channel_id(), ChannelMonitorUpdate {
3342 update_id: self.latest_monitor_update_id,
3343 counterparty_node_id: Some(self.counterparty_node_id),
3344 updates: vec![ChannelMonitorUpdateStep::ChannelForceClosed { should_broadcast }],
3345 channel_id: Some(self.channel_id()),
3349 let unbroadcasted_batch_funding_txid = self.unbroadcasted_batch_funding_txid();
3350 let unbroadcasted_funding_tx = self.unbroadcasted_funding();
3352 self.channel_state = ChannelState::ShutdownComplete;
3353 self.update_time_counter += 1;
3357 dropped_outbound_htlcs,
3358 unbroadcasted_batch_funding_txid,
3359 channel_id: self.channel_id,
3360 user_channel_id: self.user_id,
3361 channel_capacity_satoshis: self.channel_value_satoshis,
3362 counterparty_node_id: self.counterparty_node_id,
3363 unbroadcasted_funding_tx,
3364 channel_funding_txo: self.get_funding_txo(),
3368 /// Only allowed after [`Self::channel_transaction_parameters`] is set.
3369 fn get_funding_signed_msg<L: Deref>(&mut self, logger: &L) -> (CommitmentTransaction, Option<msgs::FundingSigned>) where L::Target: Logger {
3370 let counterparty_keys = self.build_remote_transaction_keys();
3371 let counterparty_initial_commitment_tx = self.build_commitment_transaction(self.cur_counterparty_commitment_transaction_number + 1, &counterparty_keys, false, false, logger).tx;
3373 let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust();
3374 let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction();
3375 log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}",
3376 &self.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction));
3378 match &self.holder_signer {
3379 // TODO (arik): move match into calling method for Taproot
3380 ChannelSignerType::Ecdsa(ecdsa) => {
3381 let funding_signed = ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), Vec::new(), &self.secp_ctx)
3382 .map(|(signature, _)| msgs::FundingSigned {
3383 channel_id: self.channel_id(),
3386 partial_signature_with_nonce: None,
3390 if funding_signed.is_none() {
3391 #[cfg(not(async_signing))] {
3392 panic!("Failed to get signature for funding_signed");
3394 #[cfg(async_signing)] {
3395 log_trace!(logger, "Counterparty commitment signature not available for funding_signed message; setting signer_pending_funding");
3396 self.signer_pending_funding = true;
3398 } else if self.signer_pending_funding {
3399 log_trace!(logger, "Counterparty commitment signature available for funding_signed message; clearing signer_pending_funding");
3400 self.signer_pending_funding = false;
3403 // We sign "counterparty" commitment transaction, allowing them to broadcast the tx if they wish.
3404 (counterparty_initial_commitment_tx, funding_signed)
3406 // TODO (taproot|arik)
3412 /// If we receive an error message when attempting to open a channel, it may only be a rejection
3413 /// of the channel type we tried, not of our ability to open any channel at all. We can see if a
3414 /// downgrade of channel features would be possible so that we can still open the channel.
3415 pub(crate) fn maybe_downgrade_channel_features<F: Deref>(
3416 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>
3419 F::Target: FeeEstimator
3421 if !self.is_outbound() ||
3423 self.channel_state, ChannelState::NegotiatingFunding(flags)
3424 if flags == NegotiatingFundingFlags::OUR_INIT_SENT
3429 if self.channel_type == ChannelTypeFeatures::only_static_remote_key() {
3430 // We've exhausted our options
3433 // We support opening a few different types of channels. Try removing our additional
3434 // features one by one until we've either arrived at our default or the counterparty has
3437 // Due to the order below, we may not negotiate `option_anchors_zero_fee_htlc_tx` if the
3438 // counterparty doesn't support `option_scid_privacy`. Since `get_initial_channel_type`
3439 // checks whether the counterparty supports every feature, this would only happen if the
3440 // counterparty is advertising the feature, but rejecting channels proposing the feature for
3442 if self.channel_type.supports_anchors_zero_fee_htlc_tx() {
3443 self.channel_type.clear_anchors_zero_fee_htlc_tx();
3444 self.feerate_per_kw = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::NonAnchorChannelFee);
3445 assert!(!self.channel_transaction_parameters.channel_type_features.supports_anchors_nonzero_fee_htlc_tx());
3446 } else if self.channel_type.supports_scid_privacy() {
3447 self.channel_type.clear_scid_privacy();
3449 self.channel_type = ChannelTypeFeatures::only_static_remote_key();
3451 self.channel_transaction_parameters.channel_type_features = self.channel_type.clone();
3456 // Internal utility functions for channels
3458 /// Returns the value to use for `holder_max_htlc_value_in_flight_msat` as a percentage of the
3459 /// `channel_value_satoshis` in msat, set through
3460 /// [`ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel`]
3462 /// The effective percentage is lower bounded by 1% and upper bounded by 100%.
3464 /// [`ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel`]: crate::util::config::ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel
3465 fn get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis: u64, config: &ChannelHandshakeConfig) -> u64 {
3466 let configured_percent = if config.max_inbound_htlc_value_in_flight_percent_of_channel < 1 {
3468 } else if config.max_inbound_htlc_value_in_flight_percent_of_channel > 100 {
3471 config.max_inbound_htlc_value_in_flight_percent_of_channel as u64
3473 channel_value_satoshis * 10 * configured_percent
3476 /// Returns a minimum channel reserve value the remote needs to maintain,
3477 /// required by us according to the configured or default
3478 /// [`ChannelHandshakeConfig::their_channel_reserve_proportional_millionths`]
3480 /// Guaranteed to return a value no larger than channel_value_satoshis
3482 /// This is used both for outbound and inbound channels and has lower bound
3483 /// of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`.
3484 pub(crate) fn get_holder_selected_channel_reserve_satoshis(channel_value_satoshis: u64, config: &UserConfig) -> u64 {
3485 let calculated_reserve = channel_value_satoshis.saturating_mul(config.channel_handshake_config.their_channel_reserve_proportional_millionths as u64) / 1_000_000;
3486 cmp::min(channel_value_satoshis, cmp::max(calculated_reserve, MIN_THEIR_CHAN_RESERVE_SATOSHIS))
3489 /// This is for legacy reasons, present for forward-compatibility.
3490 /// LDK versions older than 0.0.104 don't know how read/handle values other than default
3491 /// from storage. Hence, we use this function to not persist default values of
3492 /// `holder_selected_channel_reserve_satoshis` for channels into storage.
3493 pub(crate) fn get_legacy_default_holder_selected_channel_reserve_satoshis(channel_value_satoshis: u64) -> u64 {
3494 let (q, _) = channel_value_satoshis.overflowing_div(100);
3495 cmp::min(channel_value_satoshis, cmp::max(q, 1000))
3498 /// Returns a minimum channel reserve value each party needs to maintain, fixed in the spec to a
3499 /// default of 1% of the total channel value.
3501 /// Guaranteed to return a value no larger than channel_value_satoshis
3503 /// This is used both for outbound and inbound channels and has lower bound
3504 /// of `dust_limit_satoshis`.
3505 #[cfg(dual_funding)]
3506 fn get_v2_channel_reserve_satoshis(channel_value_satoshis: u64, dust_limit_satoshis: u64) -> u64 {
3507 // Fixed at 1% of channel value by spec.
3508 let (q, _) = channel_value_satoshis.overflowing_div(100);
3509 cmp::min(channel_value_satoshis, cmp::max(q, dust_limit_satoshis))
3512 // Get the fee cost in SATS of a commitment tx with a given number of HTLC outputs.
3513 // Note that num_htlcs should not include dust HTLCs.
3515 fn commit_tx_fee_sat(feerate_per_kw: u32, num_htlcs: usize, channel_type_features: &ChannelTypeFeatures) -> u64 {
3516 feerate_per_kw as u64 * (commitment_tx_base_weight(channel_type_features) + num_htlcs as u64 * COMMITMENT_TX_WEIGHT_PER_HTLC) / 1000
3519 // Get the fee cost in MSATS of a commitment tx with a given number of HTLC outputs.
3520 // Note that num_htlcs should not include dust HTLCs.
3521 pub(crate) fn commit_tx_fee_msat(feerate_per_kw: u32, num_htlcs: usize, channel_type_features: &ChannelTypeFeatures) -> u64 {
3522 // Note that we need to divide before multiplying to round properly,
3523 // since the lowest denomination of bitcoin on-chain is the satoshi.
3524 (commitment_tx_base_weight(channel_type_features) + num_htlcs as u64 * COMMITMENT_TX_WEIGHT_PER_HTLC) * feerate_per_kw as u64 / 1000 * 1000
3527 /// Context for dual-funded channels.
3528 #[cfg(dual_funding)]
3529 pub(super) struct DualFundingChannelContext {
3530 /// The amount in satoshis we will be contributing to the channel.
3531 pub our_funding_satoshis: u64,
3532 /// The amount in satoshis our counterparty will be contributing to the channel.
3533 pub their_funding_satoshis: u64,
3534 /// The funding transaction locktime suggested by the initiator. If set by us, it is always set
3535 /// to the current block height to align incentives against fee-sniping.
3536 pub funding_tx_locktime: u32,
3537 /// The feerate set by the initiator to be used for the funding transaction.
3538 pub funding_feerate_sat_per_1000_weight: u32,
3541 // Holder designates channel data owned for the benefit of the user client.
3542 // Counterparty designates channel data owned by the another channel participant entity.
3543 pub(super) struct Channel<SP: Deref> where SP::Target: SignerProvider {
3544 pub context: ChannelContext<SP>,
3545 #[cfg(dual_funding)]
3546 pub dual_funding_channel_context: Option<DualFundingChannelContext>,
3549 #[cfg(any(test, fuzzing))]
3550 struct CommitmentTxInfoCached {
3552 total_pending_htlcs: usize,
3553 next_holder_htlc_id: u64,
3554 next_counterparty_htlc_id: u64,
3558 /// Contents of a wire message that fails an HTLC backwards. Useful for [`Channel::fail_htlc`] to
3559 /// fail with either [`msgs::UpdateFailMalformedHTLC`] or [`msgs::UpdateFailHTLC`] as needed.
3560 trait FailHTLCContents {
3561 type Message: FailHTLCMessageName;
3562 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message;
3563 fn to_inbound_htlc_state(self) -> InboundHTLCState;
3564 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK;
3566 impl FailHTLCContents for msgs::OnionErrorPacket {
3567 type Message = msgs::UpdateFailHTLC;
3568 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message {
3569 msgs::UpdateFailHTLC { htlc_id, channel_id, reason: self }
3571 fn to_inbound_htlc_state(self) -> InboundHTLCState {
3572 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(self))
3574 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK {
3575 HTLCUpdateAwaitingACK::FailHTLC { htlc_id, err_packet: self }
3578 impl FailHTLCContents for ([u8; 32], u16) {
3579 type Message = msgs::UpdateFailMalformedHTLC;
3580 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message {
3581 msgs::UpdateFailMalformedHTLC {
3584 sha256_of_onion: self.0,
3585 failure_code: self.1
3588 fn to_inbound_htlc_state(self) -> InboundHTLCState {
3589 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed(self))
3591 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK {
3592 HTLCUpdateAwaitingACK::FailMalformedHTLC {
3594 sha256_of_onion: self.0,
3595 failure_code: self.1
3600 trait FailHTLCMessageName {
3601 fn name() -> &'static str;
3603 impl FailHTLCMessageName for msgs::UpdateFailHTLC {
3604 fn name() -> &'static str {
3608 impl FailHTLCMessageName for msgs::UpdateFailMalformedHTLC {
3609 fn name() -> &'static str {
3610 "update_fail_malformed_htlc"
3614 impl<SP: Deref> Channel<SP> where
3615 SP::Target: SignerProvider,
3616 <SP::Target as SignerProvider>::EcdsaSigner: WriteableEcdsaChannelSigner
3618 fn check_remote_fee<F: Deref, L: Deref>(
3619 channel_type: &ChannelTypeFeatures, fee_estimator: &LowerBoundedFeeEstimator<F>,
3620 feerate_per_kw: u32, cur_feerate_per_kw: Option<u32>, logger: &L
3621 ) -> Result<(), ChannelError> where F::Target: FeeEstimator, L::Target: Logger,
3623 let lower_limit_conf_target = if channel_type.supports_anchors_zero_fee_htlc_tx() {
3624 ConfirmationTarget::MinAllowedAnchorChannelRemoteFee
3626 ConfirmationTarget::MinAllowedNonAnchorChannelRemoteFee
3628 let lower_limit = fee_estimator.bounded_sat_per_1000_weight(lower_limit_conf_target);
3629 if feerate_per_kw < lower_limit {
3630 if let Some(cur_feerate) = cur_feerate_per_kw {
3631 if feerate_per_kw > cur_feerate {
3633 "Accepting feerate that may prevent us from closing this channel because it's higher than what we have now. Had {} s/kW, now {} s/kW.",
3634 cur_feerate, feerate_per_kw);
3638 return Err(ChannelError::Close(format!("Peer's feerate much too low. Actual: {}. Our expected lower limit: {}", feerate_per_kw, lower_limit)));
3644 fn get_closing_scriptpubkey(&self) -> ScriptBuf {
3645 // The shutdown scriptpubkey is set on channel opening when option_upfront_shutdown_script
3646 // is signaled. Otherwise, it is set when sending a shutdown message. Calling this method
3647 // outside of those situations will fail.
3648 self.context.shutdown_scriptpubkey.clone().unwrap().into_inner()
3652 fn get_closing_transaction_weight(&self, a_scriptpubkey: Option<&Script>, b_scriptpubkey: Option<&Script>) -> u64 {
3657 1 + // script length (0)
3661 )*4 + // * 4 for non-witness parts
3662 2 + // witness marker and flag
3663 1 + // witness element count
3664 4 + // 4 element lengths (2 sigs, multisig dummy, and witness script)
3665 self.context.get_funding_redeemscript().len() as u64 + // funding witness script
3666 2*(1 + 71); // two signatures + sighash type flags
3667 if let Some(spk) = a_scriptpubkey {
3668 ret += ((8+1) + // output values and script length
3669 spk.len() as u64) * 4; // scriptpubkey and witness multiplier
3671 if let Some(spk) = b_scriptpubkey {
3672 ret += ((8+1) + // output values and script length
3673 spk.len() as u64) * 4; // scriptpubkey and witness multiplier
3679 fn build_closing_transaction(&self, proposed_total_fee_satoshis: u64, skip_remote_output: bool) -> (ClosingTransaction, u64) {
3680 assert!(self.context.pending_inbound_htlcs.is_empty());
3681 assert!(self.context.pending_outbound_htlcs.is_empty());
3682 assert!(self.context.pending_update_fee.is_none());
3684 let mut total_fee_satoshis = proposed_total_fee_satoshis;
3685 let mut value_to_holder: i64 = (self.context.value_to_self_msat as i64) / 1000 - if self.context.is_outbound() { total_fee_satoshis as i64 } else { 0 };
3686 let mut value_to_counterparty: i64 = ((self.context.channel_value_satoshis * 1000 - self.context.value_to_self_msat) as i64 / 1000) - if self.context.is_outbound() { 0 } else { total_fee_satoshis as i64 };
3688 if value_to_holder < 0 {
3689 assert!(self.context.is_outbound());
3690 total_fee_satoshis += (-value_to_holder) as u64;
3691 } else if value_to_counterparty < 0 {
3692 assert!(!self.context.is_outbound());
3693 total_fee_satoshis += (-value_to_counterparty) as u64;
3696 if skip_remote_output || value_to_counterparty as u64 <= self.context.holder_dust_limit_satoshis {
3697 value_to_counterparty = 0;
3700 if value_to_holder as u64 <= self.context.holder_dust_limit_satoshis {
3701 value_to_holder = 0;
3704 assert!(self.context.shutdown_scriptpubkey.is_some());
3705 let holder_shutdown_script = self.get_closing_scriptpubkey();
3706 let counterparty_shutdown_script = self.context.counterparty_shutdown_scriptpubkey.clone().unwrap();
3707 let funding_outpoint = self.funding_outpoint().into_bitcoin_outpoint();
3709 let closing_transaction = ClosingTransaction::new(value_to_holder as u64, value_to_counterparty as u64, holder_shutdown_script, counterparty_shutdown_script, funding_outpoint);
3710 (closing_transaction, total_fee_satoshis)
3713 fn funding_outpoint(&self) -> OutPoint {
3714 self.context.channel_transaction_parameters.funding_outpoint.unwrap()
3717 /// Claims an HTLC while we're disconnected from a peer, dropping the [`ChannelMonitorUpdate`]
3720 /// The [`ChannelMonitor`] for this channel MUST be updated out-of-band with the preimage
3721 /// provided (i.e. without calling [`crate::chain::Watch::update_channel`]).
3723 /// The HTLC claim will end up in the holding cell (because the caller must ensure the peer is
3725 pub fn claim_htlc_while_disconnected_dropping_mon_update<L: Deref>
3726 (&mut self, htlc_id_arg: u64, payment_preimage_arg: PaymentPreimage, logger: &L)
3727 where L::Target: Logger {
3728 // Assert that we'll add the HTLC claim to the holding cell in `get_update_fulfill_htlc`
3729 // (see equivalent if condition there).
3730 assert!(!self.context.channel_state.can_generate_new_commitment());
3731 let mon_update_id = self.context.latest_monitor_update_id; // Forget the ChannelMonitor update
3732 let fulfill_resp = self.get_update_fulfill_htlc(htlc_id_arg, payment_preimage_arg, logger);
3733 self.context.latest_monitor_update_id = mon_update_id;
3734 if let UpdateFulfillFetch::NewClaim { msg, .. } = fulfill_resp {
3735 assert!(msg.is_none()); // The HTLC must have ended up in the holding cell.
3739 fn get_update_fulfill_htlc<L: Deref>(&mut self, htlc_id_arg: u64, payment_preimage_arg: PaymentPreimage, logger: &L) -> UpdateFulfillFetch where L::Target: Logger {
3740 // Either ChannelReady got set (which means it won't be unset) or there is no way any
3741 // caller thought we could have something claimed (cause we wouldn't have accepted in an
3742 // incoming HTLC anyway). If we got to ShutdownComplete, callers aren't allowed to call us,
3744 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
3745 panic!("Was asked to fulfill an HTLC when channel was not in an operational state");
3748 // ChannelManager may generate duplicate claims/fails due to HTLC update events from
3749 // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop
3750 // these, but for now we just have to treat them as normal.
3752 let mut pending_idx = core::usize::MAX;
3753 let mut htlc_value_msat = 0;
3754 for (idx, htlc) in self.context.pending_inbound_htlcs.iter().enumerate() {
3755 if htlc.htlc_id == htlc_id_arg {
3756 debug_assert_eq!(htlc.payment_hash, PaymentHash(Sha256::hash(&payment_preimage_arg.0[..]).to_byte_array()));
3757 log_debug!(logger, "Claiming inbound HTLC id {} with payment hash {} with preimage {}",
3758 htlc.htlc_id, htlc.payment_hash, payment_preimage_arg);
3760 InboundHTLCState::Committed => {},
3761 InboundHTLCState::LocalRemoved(ref reason) => {
3762 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
3764 log_warn!(logger, "Have preimage and want to fulfill HTLC with payment hash {} we already failed against channel {}", &htlc.payment_hash, &self.context.channel_id());
3765 debug_assert!(false, "Tried to fulfill an HTLC that was already failed");
3767 return UpdateFulfillFetch::DuplicateClaim {};
3770 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3771 // Don't return in release mode here so that we can update channel_monitor
3775 htlc_value_msat = htlc.amount_msat;
3779 if pending_idx == core::usize::MAX {
3780 #[cfg(any(test, fuzzing))]
3781 // If we failed to find an HTLC to fulfill, make sure it was previously fulfilled and
3782 // this is simply a duplicate claim, not previously failed and we lost funds.
3783 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3784 return UpdateFulfillFetch::DuplicateClaim {};
3787 // Now update local state:
3789 // We have to put the payment_preimage in the channel_monitor right away here to ensure we
3790 // can claim it even if the channel hits the chain before we see their next commitment.
3791 self.context.latest_monitor_update_id += 1;
3792 let monitor_update = ChannelMonitorUpdate {
3793 update_id: self.context.latest_monitor_update_id,
3794 counterparty_node_id: Some(self.context.counterparty_node_id),
3795 updates: vec![ChannelMonitorUpdateStep::PaymentPreimage {
3796 payment_preimage: payment_preimage_arg.clone(),
3798 channel_id: Some(self.context.channel_id()),
3801 if !self.context.channel_state.can_generate_new_commitment() {
3802 // Note that this condition is the same as the assertion in
3803 // `claim_htlc_while_disconnected_dropping_mon_update` and must match exactly -
3804 // `claim_htlc_while_disconnected_dropping_mon_update` would not work correctly if we
3805 // do not not get into this branch.
3806 for pending_update in self.context.holding_cell_htlc_updates.iter() {
3807 match pending_update {
3808 &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
3809 if htlc_id_arg == htlc_id {
3810 // Make sure we don't leave latest_monitor_update_id incremented here:
3811 self.context.latest_monitor_update_id -= 1;
3812 #[cfg(any(test, fuzzing))]
3813 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3814 return UpdateFulfillFetch::DuplicateClaim {};
3817 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } |
3818 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } =>
3820 if htlc_id_arg == htlc_id {
3821 log_warn!(logger, "Have preimage and want to fulfill HTLC with pending failure against channel {}", &self.context.channel_id());
3822 // TODO: We may actually be able to switch to a fulfill here, though its
3823 // rare enough it may not be worth the complexity burden.
3824 debug_assert!(false, "Tried to fulfill an HTLC that was already failed");
3825 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3831 log_trace!(logger, "Adding HTLC claim to holding_cell in channel {}! Current state: {}", &self.context.channel_id(), self.context.channel_state.to_u32());
3832 self.context.holding_cell_htlc_updates.push(HTLCUpdateAwaitingACK::ClaimHTLC {
3833 payment_preimage: payment_preimage_arg, htlc_id: htlc_id_arg,
3835 #[cfg(any(test, fuzzing))]
3836 self.context.historical_inbound_htlc_fulfills.insert(htlc_id_arg);
3837 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3839 #[cfg(any(test, fuzzing))]
3840 self.context.historical_inbound_htlc_fulfills.insert(htlc_id_arg);
3843 let htlc = &mut self.context.pending_inbound_htlcs[pending_idx];
3844 if let InboundHTLCState::Committed = htlc.state {
3846 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3847 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3849 log_trace!(logger, "Upgrading HTLC {} to LocalRemoved with a Fulfill in channel {}!", &htlc.payment_hash, &self.context.channel_id);
3850 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(payment_preimage_arg.clone()));
3853 UpdateFulfillFetch::NewClaim {
3856 msg: Some(msgs::UpdateFulfillHTLC {
3857 channel_id: self.context.channel_id(),
3858 htlc_id: htlc_id_arg,
3859 payment_preimage: payment_preimage_arg,
3864 pub fn get_update_fulfill_htlc_and_commit<L: Deref>(&mut self, htlc_id: u64, payment_preimage: PaymentPreimage, logger: &L) -> UpdateFulfillCommitFetch where L::Target: Logger {
3865 let release_cs_monitor = self.context.blocked_monitor_updates.is_empty();
3866 match self.get_update_fulfill_htlc(htlc_id, payment_preimage, logger) {
3867 UpdateFulfillFetch::NewClaim { mut monitor_update, htlc_value_msat, msg } => {
3868 // Even if we aren't supposed to let new monitor updates with commitment state
3869 // updates run, we still need to push the preimage ChannelMonitorUpdateStep no
3870 // matter what. Sadly, to push a new monitor update which flies before others
3871 // already queued, we have to insert it into the pending queue and update the
3872 // update_ids of all the following monitors.
3873 if release_cs_monitor && msg.is_some() {
3874 let mut additional_update = self.build_commitment_no_status_check(logger);
3875 // build_commitment_no_status_check may bump latest_monitor_id but we want them
3876 // to be strictly increasing by one, so decrement it here.
3877 self.context.latest_monitor_update_id = monitor_update.update_id;
3878 monitor_update.updates.append(&mut additional_update.updates);
3880 let new_mon_id = self.context.blocked_monitor_updates.get(0)
3881 .map(|upd| upd.update.update_id).unwrap_or(monitor_update.update_id);
3882 monitor_update.update_id = new_mon_id;
3883 for held_update in self.context.blocked_monitor_updates.iter_mut() {
3884 held_update.update.update_id += 1;
3887 debug_assert!(false, "If there is a pending blocked monitor we should have MonitorUpdateInProgress set");
3888 let update = self.build_commitment_no_status_check(logger);
3889 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
3895 self.monitor_updating_paused(false, msg.is_some(), false, Vec::new(), Vec::new(), Vec::new());
3896 UpdateFulfillCommitFetch::NewClaim { monitor_update, htlc_value_msat, }
3898 UpdateFulfillFetch::DuplicateClaim {} => UpdateFulfillCommitFetch::DuplicateClaim {},
3902 /// We can only have one resolution per HTLC. In some cases around reconnect, we may fulfill
3903 /// an HTLC more than once or fulfill once and then attempt to fail after reconnect. We cannot,
3904 /// however, fail more than once as we wait for an upstream failure to be irrevocably committed
3905 /// before we fail backwards.
3907 /// If we do fail twice, we `debug_assert!(false)` and return `Ok(None)`. Thus, this will always
3908 /// return `Ok(_)` if preconditions are met. In any case, `Err`s will only be
3909 /// [`ChannelError::Ignore`].
3910 pub fn queue_fail_htlc<L: Deref>(&mut self, htlc_id_arg: u64, err_packet: msgs::OnionErrorPacket, logger: &L)
3911 -> Result<(), ChannelError> where L::Target: Logger {
3912 self.fail_htlc(htlc_id_arg, err_packet, true, logger)
3913 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
3916 /// Used for failing back with [`msgs::UpdateFailMalformedHTLC`]. For now, this is used when we
3917 /// want to fail blinded HTLCs where we are not the intro node.
3919 /// See [`Self::queue_fail_htlc`] for more info.
3920 pub fn queue_fail_malformed_htlc<L: Deref>(
3921 &mut self, htlc_id_arg: u64, failure_code: u16, sha256_of_onion: [u8; 32], logger: &L
3922 ) -> Result<(), ChannelError> where L::Target: Logger {
3923 self.fail_htlc(htlc_id_arg, (sha256_of_onion, failure_code), true, logger)
3924 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
3927 /// We can only have one resolution per HTLC. In some cases around reconnect, we may fulfill
3928 /// an HTLC more than once or fulfill once and then attempt to fail after reconnect. We cannot,
3929 /// however, fail more than once as we wait for an upstream failure to be irrevocably committed
3930 /// before we fail backwards.
3932 /// If we do fail twice, we `debug_assert!(false)` and return `Ok(None)`. Thus, this will always
3933 /// return `Ok(_)` if preconditions are met. In any case, `Err`s will only be
3934 /// [`ChannelError::Ignore`].
3935 fn fail_htlc<L: Deref, E: FailHTLCContents + Clone>(
3936 &mut self, htlc_id_arg: u64, err_contents: E, mut force_holding_cell: bool,
3938 ) -> Result<Option<E::Message>, ChannelError> where L::Target: Logger {
3939 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
3940 panic!("Was asked to fail an HTLC when channel was not in an operational state");
3943 // ChannelManager may generate duplicate claims/fails due to HTLC update events from
3944 // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop
3945 // these, but for now we just have to treat them as normal.
3947 let mut pending_idx = core::usize::MAX;
3948 for (idx, htlc) in self.context.pending_inbound_htlcs.iter().enumerate() {
3949 if htlc.htlc_id == htlc_id_arg {
3951 InboundHTLCState::Committed => {},
3952 InboundHTLCState::LocalRemoved(ref reason) => {
3953 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
3955 debug_assert!(false, "Tried to fail an HTLC that was already failed");
3960 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3961 return Err(ChannelError::Ignore(format!("Unable to find a pending HTLC which matched the given HTLC ID ({})", htlc.htlc_id)));
3967 if pending_idx == core::usize::MAX {
3968 #[cfg(any(test, fuzzing))]
3969 // If we failed to find an HTLC to fail, make sure it was previously fulfilled and this
3970 // is simply a duplicate fail, not previously failed and we failed-back too early.
3971 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3975 if !self.context.channel_state.can_generate_new_commitment() {
3976 debug_assert!(force_holding_cell, "!force_holding_cell is only called when emptying the holding cell, so we shouldn't end up back in it!");
3977 force_holding_cell = true;
3980 // Now update local state:
3981 if force_holding_cell {
3982 for pending_update in self.context.holding_cell_htlc_updates.iter() {
3983 match pending_update {
3984 &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
3985 if htlc_id_arg == htlc_id {
3986 #[cfg(any(test, fuzzing))]
3987 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3991 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } |
3992 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } =>
3994 if htlc_id_arg == htlc_id {
3995 debug_assert!(false, "Tried to fail an HTLC that was already failed");
3996 return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID".to_owned()));
4002 log_trace!(logger, "Placing failure for HTLC ID {} in holding cell in channel {}.", htlc_id_arg, &self.context.channel_id());
4003 self.context.holding_cell_htlc_updates.push(err_contents.to_htlc_update_awaiting_ack(htlc_id_arg));
4007 log_trace!(logger, "Failing HTLC ID {} back with {} message in channel {}.", htlc_id_arg,
4008 E::Message::name(), &self.context.channel_id());
4010 let htlc = &mut self.context.pending_inbound_htlcs[pending_idx];
4011 htlc.state = err_contents.clone().to_inbound_htlc_state();
4014 Ok(Some(err_contents.to_message(htlc_id_arg, self.context.channel_id())))
4017 // Message handlers:
4018 /// Updates the state of the channel to indicate that all channels in the batch have received
4019 /// funding_signed and persisted their monitors.
4020 /// The funding transaction is consequently allowed to be broadcast, and the channel can be
4021 /// treated as a non-batch channel going forward.
4022 pub fn set_batch_ready(&mut self) {
4023 self.context.is_batch_funding = None;
4024 self.context.channel_state.clear_waiting_for_batch();
4027 /// Unsets the existing funding information.
4029 /// This must only be used if the channel has not yet completed funding and has not been used.
4031 /// Further, the channel must be immediately shut down after this with a call to
4032 /// [`ChannelContext::force_shutdown`].
4033 pub fn unset_funding_info(&mut self, temporary_channel_id: ChannelId) {
4034 debug_assert!(matches!(
4035 self.context.channel_state, ChannelState::AwaitingChannelReady(_)
4037 self.context.channel_transaction_parameters.funding_outpoint = None;
4038 self.context.channel_id = temporary_channel_id;
4041 /// Handles a channel_ready message from our peer. If we've already sent our channel_ready
4042 /// and the channel is now usable (and public), this may generate an announcement_signatures to
4044 pub fn channel_ready<NS: Deref, L: Deref>(
4045 &mut self, msg: &msgs::ChannelReady, node_signer: &NS, chain_hash: ChainHash,
4046 user_config: &UserConfig, best_block: &BestBlock, logger: &L
4047 ) -> Result<Option<msgs::AnnouncementSignatures>, ChannelError>
4049 NS::Target: NodeSigner,
4052 if self.context.channel_state.is_peer_disconnected() {
4053 self.context.workaround_lnd_bug_4006 = Some(msg.clone());
4054 return Err(ChannelError::Ignore("Peer sent channel_ready when we needed a channel_reestablish. The peer is likely lnd, see https://github.com/lightningnetwork/lnd/issues/4006".to_owned()));
4057 if let Some(scid_alias) = msg.short_channel_id_alias {
4058 if Some(scid_alias) != self.context.short_channel_id {
4059 // The scid alias provided can be used to route payments *from* our counterparty,
4060 // i.e. can be used for inbound payments and provided in invoices, but is not used
4061 // when routing outbound payments.
4062 self.context.latest_inbound_scid_alias = Some(scid_alias);
4066 // Our channel_ready shouldn't have been sent if we are waiting for other channels in the
4067 // batch, but we can receive channel_ready messages.
4068 let mut check_reconnection = false;
4069 match &self.context.channel_state {
4070 ChannelState::AwaitingChannelReady(flags) => {
4071 let flags = flags.clone().clear(FundedStateFlags::ALL.into());
4072 debug_assert!(!flags.is_set(AwaitingChannelReadyFlags::OUR_CHANNEL_READY) || !flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
4073 if flags.clone().clear(AwaitingChannelReadyFlags::WAITING_FOR_BATCH) == AwaitingChannelReadyFlags::THEIR_CHANNEL_READY {
4074 // If we reconnected before sending our `channel_ready` they may still resend theirs.
4075 check_reconnection = true;
4076 } else if flags.clone().clear(AwaitingChannelReadyFlags::WAITING_FOR_BATCH).is_empty() {
4077 self.context.channel_state.set_their_channel_ready();
4078 } else if flags == AwaitingChannelReadyFlags::OUR_CHANNEL_READY {
4079 self.context.channel_state = ChannelState::ChannelReady(self.context.channel_state.with_funded_state_flags_mask().into());
4080 self.context.update_time_counter += 1;
4082 // We're in `WAITING_FOR_BATCH`, so we should wait until we're ready.
4083 debug_assert!(flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
4086 // If we reconnected before sending our `channel_ready` they may still resend theirs.
4087 ChannelState::ChannelReady(_) => check_reconnection = true,
4088 _ => return Err(ChannelError::Close("Peer sent a channel_ready at a strange time".to_owned())),
4090 if check_reconnection {
4091 // They probably disconnected/reconnected and re-sent the channel_ready, which is
4092 // required, or they're sending a fresh SCID alias.
4093 let expected_point =
4094 if self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 {
4095 // If they haven't ever sent an updated point, the point they send should match
4097 self.context.counterparty_cur_commitment_point
4098 } else if self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 2 {
4099 // If we've advanced the commitment number once, the second commitment point is
4100 // at `counterparty_prev_commitment_point`, which is not yet revoked.
4101 debug_assert!(self.context.counterparty_prev_commitment_point.is_some());
4102 self.context.counterparty_prev_commitment_point
4104 // If they have sent updated points, channel_ready is always supposed to match
4105 // their "first" point, which we re-derive here.
4106 Some(PublicKey::from_secret_key(&self.context.secp_ctx, &SecretKey::from_slice(
4107 &self.context.commitment_secrets.get_secret(INITIAL_COMMITMENT_NUMBER - 1).expect("We should have all prev secrets available")
4108 ).expect("We already advanced, so previous secret keys should have been validated already")))
4110 if expected_point != Some(msg.next_per_commitment_point) {
4111 return Err(ChannelError::Close("Peer sent a reconnect channel_ready with a different point".to_owned()));
4116 self.context.counterparty_prev_commitment_point = self.context.counterparty_cur_commitment_point;
4117 self.context.counterparty_cur_commitment_point = Some(msg.next_per_commitment_point);
4119 log_info!(logger, "Received channel_ready from peer for channel {}", &self.context.channel_id());
4121 Ok(self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block.height, logger))
4124 pub fn update_add_htlc<F, FE: Deref, L: Deref>(
4125 &mut self, msg: &msgs::UpdateAddHTLC, mut pending_forward_status: PendingHTLCStatus,
4126 create_pending_htlc_status: F, fee_estimator: &LowerBoundedFeeEstimator<FE>, logger: &L
4127 ) -> Result<(), ChannelError>
4128 where F: for<'a> Fn(&'a Self, PendingHTLCStatus, u16) -> PendingHTLCStatus,
4129 FE::Target: FeeEstimator, L::Target: Logger,
4131 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4132 return Err(ChannelError::Close("Got add HTLC message when channel was not in an operational state".to_owned()));
4134 // We can't accept HTLCs sent after we've sent a shutdown.
4135 if self.context.channel_state.is_local_shutdown_sent() {
4136 pending_forward_status = create_pending_htlc_status(self, pending_forward_status, 0x4000|8);
4138 // If the remote has sent a shutdown prior to adding this HTLC, then they are in violation of the spec.
4139 if self.context.channel_state.is_remote_shutdown_sent() {
4140 return Err(ChannelError::Close("Got add HTLC message when channel was not in an operational state".to_owned()));
4142 if self.context.channel_state.is_peer_disconnected() {
4143 return Err(ChannelError::Close("Peer sent update_add_htlc when we needed a channel_reestablish".to_owned()));
4145 if msg.amount_msat > self.context.channel_value_satoshis * 1000 {
4146 return Err(ChannelError::Close("Remote side tried to send more than the total value of the channel".to_owned()));
4148 if msg.amount_msat == 0 {
4149 return Err(ChannelError::Close("Remote side tried to send a 0-msat HTLC".to_owned()));
4151 if msg.amount_msat < self.context.holder_htlc_minimum_msat {
4152 return Err(ChannelError::Close(format!("Remote side tried to send less than our minimum HTLC value. Lower limit: ({}). Actual: ({})", self.context.holder_htlc_minimum_msat, msg.amount_msat)));
4155 let inbound_stats = self.context.get_inbound_pending_htlc_stats(None);
4156 let outbound_stats = self.context.get_outbound_pending_htlc_stats(None);
4157 if inbound_stats.pending_htlcs + 1 > self.context.holder_max_accepted_htlcs as u32 {
4158 return Err(ChannelError::Close(format!("Remote tried to push more than our max accepted HTLCs ({})", self.context.holder_max_accepted_htlcs)));
4160 if inbound_stats.pending_htlcs_value_msat + msg.amount_msat > self.context.holder_max_htlc_value_in_flight_msat {
4161 return Err(ChannelError::Close(format!("Remote HTLC add would put them over our max HTLC value ({})", self.context.holder_max_htlc_value_in_flight_msat)));
4164 // Check holder_selected_channel_reserve_satoshis (we're getting paid, so they have to at least meet
4165 // the reserve_satoshis we told them to always have as direct payment so that they lose
4166 // something if we punish them for broadcasting an old state).
4167 // Note that we don't really care about having a small/no to_remote output in our local
4168 // commitment transactions, as the purpose of the channel reserve is to ensure we can
4169 // punish *them* if they misbehave, so we discount any outbound HTLCs which will not be
4170 // present in the next commitment transaction we send them (at least for fulfilled ones,
4171 // failed ones won't modify value_to_self).
4172 // Note that we will send HTLCs which another instance of rust-lightning would think
4173 // violate the reserve value if we do not do this (as we forget inbound HTLCs from the
4174 // Channel state once they will not be present in the next received commitment
4176 let mut removed_outbound_total_msat = 0;
4177 for ref htlc in self.context.pending_outbound_htlcs.iter() {
4178 if let OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_)) = htlc.state {
4179 removed_outbound_total_msat += htlc.amount_msat;
4180 } else if let OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) = htlc.state {
4181 removed_outbound_total_msat += htlc.amount_msat;
4185 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
4186 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4189 let dust_buffer_feerate = self.context.get_dust_buffer_feerate(None) as u64;
4190 (dust_buffer_feerate * htlc_timeout_tx_weight(self.context.get_channel_type()) / 1000,
4191 dust_buffer_feerate * htlc_success_tx_weight(self.context.get_channel_type()) / 1000)
4193 let exposure_dust_limit_timeout_sats = htlc_timeout_dust_limit + self.context.counterparty_dust_limit_satoshis;
4194 if msg.amount_msat / 1000 < exposure_dust_limit_timeout_sats {
4195 let on_counterparty_tx_dust_htlc_exposure_msat = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat + msg.amount_msat;
4196 if on_counterparty_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
4197 log_info!(logger, "Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on counterparty commitment tx",
4198 on_counterparty_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
4199 pending_forward_status = create_pending_htlc_status(self, pending_forward_status, 0x1000|7);
4203 let exposure_dust_limit_success_sats = htlc_success_dust_limit + self.context.holder_dust_limit_satoshis;
4204 if msg.amount_msat / 1000 < exposure_dust_limit_success_sats {
4205 let on_holder_tx_dust_htlc_exposure_msat = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat + msg.amount_msat;
4206 if on_holder_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
4207 log_info!(logger, "Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on holder commitment tx",
4208 on_holder_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
4209 pending_forward_status = create_pending_htlc_status(self, pending_forward_status, 0x1000|7);
4213 let pending_value_to_self_msat =
4214 self.context.value_to_self_msat + inbound_stats.pending_htlcs_value_msat - removed_outbound_total_msat;
4215 let pending_remote_value_msat =
4216 self.context.channel_value_satoshis * 1000 - pending_value_to_self_msat;
4217 if pending_remote_value_msat < msg.amount_msat {
4218 return Err(ChannelError::Close("Remote HTLC add would overdraw remaining funds".to_owned()));
4221 // Check that the remote can afford to pay for this HTLC on-chain at the current
4222 // feerate_per_kw, while maintaining their channel reserve (as required by the spec).
4224 let remote_commit_tx_fee_msat = if self.context.is_outbound() { 0 } else {
4225 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
4226 self.context.next_remote_commit_tx_fee_msat(htlc_candidate, None) // Don't include the extra fee spike buffer HTLC in calculations
4228 let anchor_outputs_value_msat = if !self.context.is_outbound() && self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4229 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
4233 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(anchor_outputs_value_msat) < remote_commit_tx_fee_msat {
4234 return Err(ChannelError::Close("Remote HTLC add would not leave enough to pay for fees".to_owned()));
4236 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(remote_commit_tx_fee_msat).saturating_sub(anchor_outputs_value_msat) < self.context.holder_selected_channel_reserve_satoshis * 1000 {
4237 return Err(ChannelError::Close("Remote HTLC add would put them under remote reserve value".to_owned()));
4241 let anchor_outputs_value_msat = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4242 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
4246 if !self.context.is_outbound() {
4247 // `Some(())` is for the fee spike buffer we keep for the remote. This deviates from
4248 // the spec because the fee spike buffer requirement doesn't exist on the receiver's
4249 // side, only on the sender's. Note that with anchor outputs we are no longer as
4250 // sensitive to fee spikes, so we need to account for them.
4251 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
4252 let mut remote_fee_cost_incl_stuck_buffer_msat = self.context.next_remote_commit_tx_fee_msat(htlc_candidate, Some(()));
4253 if !self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4254 remote_fee_cost_incl_stuck_buffer_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
4256 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(self.context.holder_selected_channel_reserve_satoshis * 1000).saturating_sub(anchor_outputs_value_msat) < remote_fee_cost_incl_stuck_buffer_msat {
4257 // Note that if the pending_forward_status is not updated here, then it's because we're already failing
4258 // the HTLC, i.e. its status is already set to failing.
4259 log_info!(logger, "Attempting to fail HTLC due to fee spike buffer violation in channel {}. Rebalancing is required.", &self.context.channel_id());
4260 pending_forward_status = create_pending_htlc_status(self, pending_forward_status, 0x1000|7);
4263 // Check that they won't violate our local required channel reserve by adding this HTLC.
4264 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
4265 let local_commit_tx_fee_msat = self.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
4266 if self.context.value_to_self_msat < self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000 + local_commit_tx_fee_msat + anchor_outputs_value_msat {
4267 return Err(ChannelError::Close("Cannot accept HTLC that would put our balance under counterparty-announced channel reserve value".to_owned()));
4270 if self.context.next_counterparty_htlc_id != msg.htlc_id {
4271 return Err(ChannelError::Close(format!("Remote skipped HTLC ID (skipped ID: {})", self.context.next_counterparty_htlc_id)));
4273 if msg.cltv_expiry >= 500000000 {
4274 return Err(ChannelError::Close("Remote provided CLTV expiry in seconds instead of block height".to_owned()));
4277 if self.context.channel_state.is_local_shutdown_sent() {
4278 if let PendingHTLCStatus::Forward(_) = pending_forward_status {
4279 panic!("ChannelManager shouldn't be trying to add a forwardable HTLC after we've started closing");
4283 // Now update local state:
4284 self.context.next_counterparty_htlc_id += 1;
4285 self.context.pending_inbound_htlcs.push(InboundHTLCOutput {
4286 htlc_id: msg.htlc_id,
4287 amount_msat: msg.amount_msat,
4288 payment_hash: msg.payment_hash,
4289 cltv_expiry: msg.cltv_expiry,
4290 state: InboundHTLCState::RemoteAnnounced(InboundHTLCResolution::Resolved {
4291 pending_htlc_status: pending_forward_status
4297 /// Marks an outbound HTLC which we have received update_fail/fulfill/malformed
4299 fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<PaymentPreimage>, fail_reason: Option<HTLCFailReason>) -> Result<&OutboundHTLCOutput, ChannelError> {
4300 assert!(!(check_preimage.is_some() && fail_reason.is_some()), "cannot fail while we have a preimage");
4301 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
4302 if htlc.htlc_id == htlc_id {
4303 let outcome = match check_preimage {
4304 None => fail_reason.into(),
4305 Some(payment_preimage) => {
4306 let payment_hash = PaymentHash(Sha256::hash(&payment_preimage.0[..]).to_byte_array());
4307 if payment_hash != htlc.payment_hash {
4308 return Err(ChannelError::Close(format!("Remote tried to fulfill HTLC ({}) with an incorrect preimage", htlc_id)));
4310 OutboundHTLCOutcome::Success(Some(payment_preimage))
4314 OutboundHTLCState::LocalAnnounced(_) =>
4315 return Err(ChannelError::Close(format!("Remote tried to fulfill/fail HTLC ({}) before it had been committed", htlc_id))),
4316 OutboundHTLCState::Committed => {
4317 htlc.state = OutboundHTLCState::RemoteRemoved(outcome);
4319 OutboundHTLCState::AwaitingRemoteRevokeToRemove(_) | OutboundHTLCState::AwaitingRemovedRemoteRevoke(_) | OutboundHTLCState::RemoteRemoved(_) =>
4320 return Err(ChannelError::Close(format!("Remote tried to fulfill/fail HTLC ({}) that they'd already fulfilled/failed", htlc_id))),
4325 Err(ChannelError::Close("Remote tried to fulfill/fail an HTLC we couldn't find".to_owned()))
4328 pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<(HTLCSource, u64, Option<u64>), ChannelError> {
4329 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4330 return Err(ChannelError::Close("Got fulfill HTLC message when channel was not in an operational state".to_owned()));
4332 if self.context.channel_state.is_peer_disconnected() {
4333 return Err(ChannelError::Close("Peer sent update_fulfill_htlc when we needed a channel_reestablish".to_owned()));
4336 self.mark_outbound_htlc_removed(msg.htlc_id, Some(msg.payment_preimage), None).map(|htlc| (htlc.source.clone(), htlc.amount_msat, htlc.skimmed_fee_msat))
4339 pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> {
4340 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4341 return Err(ChannelError::Close("Got fail HTLC message when channel was not in an operational state".to_owned()));
4343 if self.context.channel_state.is_peer_disconnected() {
4344 return Err(ChannelError::Close("Peer sent update_fail_htlc when we needed a channel_reestablish".to_owned()));
4347 self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?;
4351 pub fn update_fail_malformed_htlc(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> {
4352 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4353 return Err(ChannelError::Close("Got fail malformed HTLC message when channel was not in an operational state".to_owned()));
4355 if self.context.channel_state.is_peer_disconnected() {
4356 return Err(ChannelError::Close("Peer sent update_fail_malformed_htlc when we needed a channel_reestablish".to_owned()));
4359 self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?;
4363 pub fn commitment_signed<L: Deref>(&mut self, msg: &msgs::CommitmentSigned, logger: &L) -> Result<Option<ChannelMonitorUpdate>, ChannelError>
4364 where L::Target: Logger
4366 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4367 return Err(ChannelError::Close("Got commitment signed message when channel was not in an operational state".to_owned()));
4369 if self.context.channel_state.is_peer_disconnected() {
4370 return Err(ChannelError::Close("Peer sent commitment_signed when we needed a channel_reestablish".to_owned()));
4372 if self.context.channel_state.is_both_sides_shutdown() && self.context.last_sent_closing_fee.is_some() {
4373 return Err(ChannelError::Close("Peer sent commitment_signed after we'd started exchanging closing_signeds".to_owned()));
4376 let funding_script = self.context.get_funding_redeemscript();
4378 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
4380 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, false, logger);
4381 let commitment_txid = {
4382 let trusted_tx = commitment_stats.tx.trust();
4383 let bitcoin_tx = trusted_tx.built_transaction();
4384 let sighash = bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
4386 log_trace!(logger, "Checking commitment tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}",
4387 log_bytes!(msg.signature.serialize_compact()[..]),
4388 log_bytes!(self.context.counterparty_funding_pubkey().serialize()), encode::serialize_hex(&bitcoin_tx.transaction),
4389 log_bytes!(sighash[..]), encode::serialize_hex(&funding_script), &self.context.channel_id());
4390 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.counterparty_funding_pubkey()) {
4391 return Err(ChannelError::Close("Invalid commitment tx signature from peer".to_owned()));
4395 let mut htlcs_cloned: Vec<_> = commitment_stats.htlcs_included.iter().map(|htlc| (htlc.0.clone(), htlc.1.map(|h| h.clone()))).collect();
4397 // If our counterparty updated the channel fee in this commitment transaction, check that
4398 // they can actually afford the new fee now.
4399 let update_fee = if let Some((_, update_state)) = self.context.pending_update_fee {
4400 update_state == FeeUpdateState::RemoteAnnounced
4403 debug_assert!(!self.context.is_outbound());
4404 let counterparty_reserve_we_require_msat = self.context.holder_selected_channel_reserve_satoshis * 1000;
4405 if commitment_stats.remote_balance_msat < commitment_stats.total_fee_sat * 1000 + counterparty_reserve_we_require_msat {
4406 return Err(ChannelError::Close("Funding remote cannot afford proposed new fee".to_owned()));
4409 #[cfg(any(test, fuzzing))]
4411 if self.context.is_outbound() {
4412 let projected_commit_tx_info = self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap().take();
4413 *self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = None;
4414 if let Some(info) = projected_commit_tx_info {
4415 let total_pending_htlcs = self.context.pending_inbound_htlcs.len() + self.context.pending_outbound_htlcs.len()
4416 + self.context.holding_cell_htlc_updates.len();
4417 if info.total_pending_htlcs == total_pending_htlcs
4418 && info.next_holder_htlc_id == self.context.next_holder_htlc_id
4419 && info.next_counterparty_htlc_id == self.context.next_counterparty_htlc_id
4420 && info.feerate == self.context.feerate_per_kw {
4421 assert_eq!(commitment_stats.total_fee_sat, info.fee / 1000);
4427 if msg.htlc_signatures.len() != commitment_stats.num_nondust_htlcs {
4428 return Err(ChannelError::Close(format!("Got wrong number of HTLC signatures ({}) from remote. It must be {}", msg.htlc_signatures.len(), commitment_stats.num_nondust_htlcs)));
4431 // Up to LDK 0.0.115, HTLC information was required to be duplicated in the
4432 // `htlcs_and_sigs` vec and in the `holder_commitment_tx` itself, both of which were passed
4433 // in the `ChannelMonitorUpdate`. In 0.0.115, support for having a separate set of
4434 // outbound-non-dust-HTLCSources in the `ChannelMonitorUpdate` was added, however for
4435 // backwards compatibility, we never use it in production. To provide test coverage, here,
4436 // we randomly decide (in test/fuzzing builds) to use the new vec sometimes.
4437 #[allow(unused_assignments, unused_mut)]
4438 let mut separate_nondust_htlc_sources = false;
4439 #[cfg(all(feature = "std", any(test, fuzzing)))] {
4440 use core::hash::{BuildHasher, Hasher};
4441 // Get a random value using the only std API to do so - the DefaultHasher
4442 let rand_val = std::collections::hash_map::RandomState::new().build_hasher().finish();
4443 separate_nondust_htlc_sources = rand_val % 2 == 0;
4446 let mut nondust_htlc_sources = Vec::with_capacity(htlcs_cloned.len());
4447 let mut htlcs_and_sigs = Vec::with_capacity(htlcs_cloned.len());
4448 for (idx, (htlc, mut source_opt)) in htlcs_cloned.drain(..).enumerate() {
4449 if let Some(_) = htlc.transaction_output_index {
4450 let htlc_tx = chan_utils::build_htlc_transaction(&commitment_txid, commitment_stats.feerate_per_kw,
4451 self.context.get_counterparty_selected_contest_delay().unwrap(), &htlc, &self.context.channel_type,
4452 &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
4454 let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &self.context.channel_type, &keys);
4455 let htlc_sighashtype = if self.context.channel_type.supports_anchors_zero_fee_htlc_tx() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
4456 let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]);
4457 log_trace!(logger, "Checking HTLC tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}.",
4458 log_bytes!(msg.htlc_signatures[idx].serialize_compact()[..]), log_bytes!(keys.countersignatory_htlc_key.to_public_key().serialize()),
4459 encode::serialize_hex(&htlc_tx), log_bytes!(htlc_sighash[..]), encode::serialize_hex(&htlc_redeemscript), &self.context.channel_id());
4460 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key.to_public_key()) {
4461 return Err(ChannelError::Close("Invalid HTLC tx signature from peer".to_owned()));
4463 if !separate_nondust_htlc_sources {
4464 htlcs_and_sigs.push((htlc, Some(msg.htlc_signatures[idx]), source_opt.take()));
4467 htlcs_and_sigs.push((htlc, None, source_opt.take()));
4469 if separate_nondust_htlc_sources {
4470 if let Some(source) = source_opt.take() {
4471 nondust_htlc_sources.push(source);
4474 debug_assert!(source_opt.is_none(), "HTLCSource should have been put somewhere");
4477 let holder_commitment_tx = HolderCommitmentTransaction::new(
4478 commitment_stats.tx,
4480 msg.htlc_signatures.clone(),
4481 &self.context.get_holder_pubkeys().funding_pubkey,
4482 self.context.counterparty_funding_pubkey()
4485 self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, commitment_stats.outbound_htlc_preimages)
4486 .map_err(|_| ChannelError::Close("Failed to validate our commitment".to_owned()))?;
4488 // Update state now that we've passed all the can-fail calls...
4489 let mut need_commitment = false;
4490 if let &mut Some((_, ref mut update_state)) = &mut self.context.pending_update_fee {
4491 if *update_state == FeeUpdateState::RemoteAnnounced {
4492 *update_state = FeeUpdateState::AwaitingRemoteRevokeToAnnounce;
4493 need_commitment = true;
4497 for htlc in self.context.pending_inbound_htlcs.iter_mut() {
4498 let htlc_resolution = if let &InboundHTLCState::RemoteAnnounced(ref resolution) = &htlc.state {
4499 Some(resolution.clone())
4501 if let Some(htlc_resolution) = htlc_resolution {
4502 log_trace!(logger, "Updating HTLC {} to AwaitingRemoteRevokeToAnnounce due to commitment_signed in channel {}.",
4503 &htlc.payment_hash, &self.context.channel_id);
4504 htlc.state = InboundHTLCState::AwaitingRemoteRevokeToAnnounce(htlc_resolution);
4505 need_commitment = true;
4508 let mut claimed_htlcs = Vec::new();
4509 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
4510 if let &mut OutboundHTLCState::RemoteRemoved(ref mut outcome) = &mut htlc.state {
4511 log_trace!(logger, "Updating HTLC {} to AwaitingRemoteRevokeToRemove due to commitment_signed in channel {}.",
4512 &htlc.payment_hash, &self.context.channel_id);
4513 // Grab the preimage, if it exists, instead of cloning
4514 let mut reason = OutboundHTLCOutcome::Success(None);
4515 mem::swap(outcome, &mut reason);
4516 if let OutboundHTLCOutcome::Success(Some(preimage)) = reason {
4517 // If a user (a) receives an HTLC claim using LDK 0.0.104 or before, then (b)
4518 // upgrades to LDK 0.0.114 or later before the HTLC is fully resolved, we could
4519 // have a `Success(None)` reason. In this case we could forget some HTLC
4520 // claims, but such an upgrade is unlikely and including claimed HTLCs here
4521 // fixes a bug which the user was exposed to on 0.0.104 when they started the
4523 claimed_htlcs.push((SentHTLCId::from_source(&htlc.source), preimage));
4525 htlc.state = OutboundHTLCState::AwaitingRemoteRevokeToRemove(reason);
4526 need_commitment = true;
4530 self.context.latest_monitor_update_id += 1;
4531 let mut monitor_update = ChannelMonitorUpdate {
4532 update_id: self.context.latest_monitor_update_id,
4533 counterparty_node_id: Some(self.context.counterparty_node_id),
4534 updates: vec![ChannelMonitorUpdateStep::LatestHolderCommitmentTXInfo {
4535 commitment_tx: holder_commitment_tx,
4536 htlc_outputs: htlcs_and_sigs,
4538 nondust_htlc_sources,
4540 channel_id: Some(self.context.channel_id()),
4543 self.context.cur_holder_commitment_transaction_number -= 1;
4544 self.context.expecting_peer_commitment_signed = false;
4545 // Note that if we need_commitment & !AwaitingRemoteRevoke we'll call
4546 // build_commitment_no_status_check() next which will reset this to RAAFirst.
4547 self.context.resend_order = RAACommitmentOrder::CommitmentFirst;
4549 if self.context.channel_state.is_monitor_update_in_progress() {
4550 // In case we initially failed monitor updating without requiring a response, we need
4551 // to make sure the RAA gets sent first.
4552 self.context.monitor_pending_revoke_and_ack = true;
4553 if need_commitment && !self.context.channel_state.is_awaiting_remote_revoke() {
4554 // If we were going to send a commitment_signed after the RAA, go ahead and do all
4555 // the corresponding HTLC status updates so that
4556 // get_last_commitment_update_for_send includes the right HTLCs.
4557 self.context.monitor_pending_commitment_signed = true;
4558 let mut additional_update = self.build_commitment_no_status_check(logger);
4559 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4560 // strictly increasing by one, so decrement it here.
4561 self.context.latest_monitor_update_id = monitor_update.update_id;
4562 monitor_update.updates.append(&mut additional_update.updates);
4564 log_debug!(logger, "Received valid commitment_signed from peer in channel {}, updated HTLC state but awaiting a monitor update resolution to reply.",
4565 &self.context.channel_id);
4566 return Ok(self.push_ret_blockable_mon_update(monitor_update));
4569 let need_commitment_signed = if need_commitment && !self.context.channel_state.is_awaiting_remote_revoke() {
4570 // If we're AwaitingRemoteRevoke we can't send a new commitment here, but that's ok -
4571 // we'll send one right away when we get the revoke_and_ack when we
4572 // free_holding_cell_htlcs().
4573 let mut additional_update = self.build_commitment_no_status_check(logger);
4574 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4575 // strictly increasing by one, so decrement it here.
4576 self.context.latest_monitor_update_id = monitor_update.update_id;
4577 monitor_update.updates.append(&mut additional_update.updates);
4581 log_debug!(logger, "Received valid commitment_signed from peer in channel {}, updating HTLC state and responding with{} a revoke_and_ack.",
4582 &self.context.channel_id(), if need_commitment_signed { " our own commitment_signed and" } else { "" });
4583 self.monitor_updating_paused(true, need_commitment_signed, false, Vec::new(), Vec::new(), Vec::new());
4584 return Ok(self.push_ret_blockable_mon_update(monitor_update));
4587 /// Public version of the below, checking relevant preconditions first.
4588 /// If we're not in a state where freeing the holding cell makes sense, this is a no-op and
4589 /// returns `(None, Vec::new())`.
4590 pub fn maybe_free_holding_cell_htlcs<F: Deref, L: Deref>(
4591 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
4592 ) -> (Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>)
4593 where F::Target: FeeEstimator, L::Target: Logger
4595 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) && self.context.channel_state.can_generate_new_commitment() {
4596 self.free_holding_cell_htlcs(fee_estimator, logger)
4597 } else { (None, Vec::new()) }
4600 /// Frees any pending commitment updates in the holding cell, generating the relevant messages
4601 /// for our counterparty.
4602 fn free_holding_cell_htlcs<F: Deref, L: Deref>(
4603 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
4604 ) -> (Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>)
4605 where F::Target: FeeEstimator, L::Target: Logger
4607 assert!(!self.context.channel_state.is_monitor_update_in_progress());
4608 if self.context.holding_cell_htlc_updates.len() != 0 || self.context.holding_cell_update_fee.is_some() {
4609 log_trace!(logger, "Freeing holding cell with {} HTLC updates{} in channel {}", self.context.holding_cell_htlc_updates.len(),
4610 if self.context.holding_cell_update_fee.is_some() { " and a fee update" } else { "" }, &self.context.channel_id());
4612 let mut monitor_update = ChannelMonitorUpdate {
4613 update_id: self.context.latest_monitor_update_id + 1, // We don't increment this yet!
4614 counterparty_node_id: Some(self.context.counterparty_node_id),
4615 updates: Vec::new(),
4616 channel_id: Some(self.context.channel_id()),
4619 let mut htlc_updates = Vec::new();
4620 mem::swap(&mut htlc_updates, &mut self.context.holding_cell_htlc_updates);
4621 let mut update_add_count = 0;
4622 let mut update_fulfill_count = 0;
4623 let mut update_fail_count = 0;
4624 let mut htlcs_to_fail = Vec::new();
4625 for htlc_update in htlc_updates.drain(..) {
4626 // Note that this *can* fail, though it should be due to rather-rare conditions on
4627 // fee races with adding too many outputs which push our total payments just over
4628 // the limit. In case it's less rare than I anticipate, we may want to revisit
4629 // handling this case better and maybe fulfilling some of the HTLCs while attempting
4630 // to rebalance channels.
4631 let fail_htlc_res = match &htlc_update {
4632 &HTLCUpdateAwaitingACK::AddHTLC {
4633 amount_msat, cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet,
4634 skimmed_fee_msat, blinding_point, ..
4636 match self.send_htlc(
4637 amount_msat, *payment_hash, cltv_expiry, source.clone(), onion_routing_packet.clone(),
4638 false, skimmed_fee_msat, blinding_point, fee_estimator, logger
4640 Ok(_) => update_add_count += 1,
4643 ChannelError::Ignore(ref msg) => {
4644 log_info!(logger, "Failed to send HTLC with payment_hash {} due to {} in channel {}", &payment_hash, msg, &self.context.channel_id());
4645 // If we fail to send here, then this HTLC should
4646 // be failed backwards. Failing to send here
4647 // indicates that this HTLC may keep being put back
4648 // into the holding cell without ever being
4649 // successfully forwarded/failed/fulfilled, causing
4650 // our counterparty to eventually close on us.
4651 htlcs_to_fail.push((source.clone(), *payment_hash));
4654 panic!("Got a non-IgnoreError action trying to send holding cell HTLC");
4661 &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, htlc_id, .. } => {
4662 // If an HTLC claim was previously added to the holding cell (via
4663 // `get_update_fulfill_htlc`, then generating the claim message itself must
4664 // not fail - any in between attempts to claim the HTLC will have resulted
4665 // in it hitting the holding cell again and we cannot change the state of a
4666 // holding cell HTLC from fulfill to anything else.
4667 let mut additional_monitor_update =
4668 if let UpdateFulfillFetch::NewClaim { monitor_update, .. } =
4669 self.get_update_fulfill_htlc(htlc_id, *payment_preimage, logger)
4670 { monitor_update } else { unreachable!() };
4671 update_fulfill_count += 1;
4672 monitor_update.updates.append(&mut additional_monitor_update.updates);
4675 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, ref err_packet } => {
4676 Some(self.fail_htlc(htlc_id, err_packet.clone(), false, logger)
4677 .map(|fail_msg_opt| fail_msg_opt.map(|_| ())))
4679 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, failure_code, sha256_of_onion } => {
4680 Some(self.fail_htlc(htlc_id, (sha256_of_onion, failure_code), false, logger)
4681 .map(|fail_msg_opt| fail_msg_opt.map(|_| ())))
4684 if let Some(res) = fail_htlc_res {
4686 Ok(fail_msg_opt) => {
4687 // If an HTLC failure was previously added to the holding cell (via
4688 // `queue_fail_{malformed_}htlc`) then generating the fail message itself must
4689 // not fail - we should never end up in a state where we double-fail
4690 // an HTLC or fail-then-claim an HTLC as it indicates we didn't wait
4691 // for a full revocation before failing.
4692 debug_assert!(fail_msg_opt.is_some());
4693 update_fail_count += 1;
4695 Err(ChannelError::Ignore(_)) => {},
4697 panic!("Got a non-IgnoreError action trying to fail holding cell HTLC");
4702 if update_add_count == 0 && update_fulfill_count == 0 && update_fail_count == 0 && self.context.holding_cell_update_fee.is_none() {
4703 return (None, htlcs_to_fail);
4705 let update_fee = if let Some(feerate) = self.context.holding_cell_update_fee.take() {
4706 self.send_update_fee(feerate, false, fee_estimator, logger)
4711 let mut additional_update = self.build_commitment_no_status_check(logger);
4712 // build_commitment_no_status_check and get_update_fulfill_htlc may bump latest_monitor_id
4713 // but we want them to be strictly increasing by one, so reset it here.
4714 self.context.latest_monitor_update_id = monitor_update.update_id;
4715 monitor_update.updates.append(&mut additional_update.updates);
4717 log_debug!(logger, "Freeing holding cell in channel {} resulted in {}{} HTLCs added, {} HTLCs fulfilled, and {} HTLCs failed.",
4718 &self.context.channel_id(), if update_fee.is_some() { "a fee update, " } else { "" },
4719 update_add_count, update_fulfill_count, update_fail_count);
4721 self.monitor_updating_paused(false, true, false, Vec::new(), Vec::new(), Vec::new());
4722 (self.push_ret_blockable_mon_update(monitor_update), htlcs_to_fail)
4728 /// Handles receiving a remote's revoke_and_ack. Note that we may return a new
4729 /// commitment_signed message here in case we had pending outbound HTLCs to add which were
4730 /// waiting on this revoke_and_ack. The generation of this new commitment_signed may also fail,
4731 /// generating an appropriate error *after* the channel state has been updated based on the
4732 /// revoke_and_ack message.
4733 pub fn revoke_and_ack<F: Deref, L: Deref>(&mut self, msg: &msgs::RevokeAndACK,
4734 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L, hold_mon_update: bool,
4735 ) -> Result<(Vec<(HTLCSource, PaymentHash)>, Option<ChannelMonitorUpdate>), ChannelError>
4736 where F::Target: FeeEstimator, L::Target: Logger,
4738 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4739 return Err(ChannelError::Close("Got revoke/ACK message when channel was not in an operational state".to_owned()));
4741 if self.context.channel_state.is_peer_disconnected() {
4742 return Err(ChannelError::Close("Peer sent revoke_and_ack when we needed a channel_reestablish".to_owned()));
4744 if self.context.channel_state.is_both_sides_shutdown() && self.context.last_sent_closing_fee.is_some() {
4745 return Err(ChannelError::Close("Peer sent revoke_and_ack after we'd started exchanging closing_signeds".to_owned()));
4748 let secret = secp_check!(SecretKey::from_slice(&msg.per_commitment_secret), "Peer provided an invalid per_commitment_secret".to_owned());
4750 if let Some(counterparty_prev_commitment_point) = self.context.counterparty_prev_commitment_point {
4751 if PublicKey::from_secret_key(&self.context.secp_ctx, &secret) != counterparty_prev_commitment_point {
4752 return Err(ChannelError::Close("Got a revoke commitment secret which didn't correspond to their current pubkey".to_owned()));
4756 if !self.context.channel_state.is_awaiting_remote_revoke() {
4757 // Our counterparty seems to have burned their coins to us (by revoking a state when we
4758 // haven't given them a new commitment transaction to broadcast). We should probably
4759 // take advantage of this by updating our channel monitor, sending them an error, and
4760 // waiting for them to broadcast their latest (now-revoked claim). But, that would be a
4761 // lot of work, and there's some chance this is all a misunderstanding anyway.
4762 // We have to do *something*, though, since our signer may get mad at us for otherwise
4763 // jumping a remote commitment number, so best to just force-close and move on.
4764 return Err(ChannelError::Close("Received an unexpected revoke_and_ack".to_owned()));
4767 #[cfg(any(test, fuzzing))]
4769 *self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = None;
4770 *self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = None;
4773 match &self.context.holder_signer {
4774 ChannelSignerType::Ecdsa(ecdsa) => {
4775 ecdsa.validate_counterparty_revocation(
4776 self.context.cur_counterparty_commitment_transaction_number + 1,
4778 ).map_err(|_| ChannelError::Close("Failed to validate revocation from peer".to_owned()))?;
4780 // TODO (taproot|arik)
4785 self.context.commitment_secrets.provide_secret(self.context.cur_counterparty_commitment_transaction_number + 1, msg.per_commitment_secret)
4786 .map_err(|_| ChannelError::Close("Previous secrets did not match new one".to_owned()))?;
4787 self.context.latest_monitor_update_id += 1;
4788 let mut monitor_update = ChannelMonitorUpdate {
4789 update_id: self.context.latest_monitor_update_id,
4790 counterparty_node_id: Some(self.context.counterparty_node_id),
4791 updates: vec![ChannelMonitorUpdateStep::CommitmentSecret {
4792 idx: self.context.cur_counterparty_commitment_transaction_number + 1,
4793 secret: msg.per_commitment_secret,
4795 channel_id: Some(self.context.channel_id()),
4798 // Update state now that we've passed all the can-fail calls...
4799 // (note that we may still fail to generate the new commitment_signed message, but that's
4800 // OK, we step the channel here and *then* if the new generation fails we can fail the
4801 // channel based on that, but stepping stuff here should be safe either way.
4802 self.context.channel_state.clear_awaiting_remote_revoke();
4803 self.context.sent_message_awaiting_response = None;
4804 self.context.counterparty_prev_commitment_point = self.context.counterparty_cur_commitment_point;
4805 self.context.counterparty_cur_commitment_point = Some(msg.next_per_commitment_point);
4806 self.context.cur_counterparty_commitment_transaction_number -= 1;
4808 if self.context.announcement_sigs_state == AnnouncementSigsState::Committed {
4809 self.context.announcement_sigs_state = AnnouncementSigsState::PeerReceived;
4812 log_trace!(logger, "Updating HTLCs on receipt of RAA in channel {}...", &self.context.channel_id());
4813 let mut to_forward_infos = Vec::new();
4814 let mut pending_update_adds = Vec::new();
4815 let mut revoked_htlcs = Vec::new();
4816 let mut finalized_claimed_htlcs = Vec::new();
4817 let mut update_fail_htlcs = Vec::new();
4818 let mut update_fail_malformed_htlcs = Vec::new();
4819 let mut require_commitment = false;
4820 let mut value_to_self_msat_diff: i64 = 0;
4823 // Take references explicitly so that we can hold multiple references to self.context.
4824 let pending_inbound_htlcs: &mut Vec<_> = &mut self.context.pending_inbound_htlcs;
4825 let pending_outbound_htlcs: &mut Vec<_> = &mut self.context.pending_outbound_htlcs;
4826 let expecting_peer_commitment_signed = &mut self.context.expecting_peer_commitment_signed;
4828 // We really shouldnt have two passes here, but retain gives a non-mutable ref (Rust bug)
4829 pending_inbound_htlcs.retain(|htlc| {
4830 if let &InboundHTLCState::LocalRemoved(ref reason) = &htlc.state {
4831 log_trace!(logger, " ...removing inbound LocalRemoved {}", &htlc.payment_hash);
4832 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
4833 value_to_self_msat_diff += htlc.amount_msat as i64;
4835 *expecting_peer_commitment_signed = true;
4839 pending_outbound_htlcs.retain(|htlc| {
4840 if let &OutboundHTLCState::AwaitingRemovedRemoteRevoke(ref outcome) = &htlc.state {
4841 log_trace!(logger, " ...removing outbound AwaitingRemovedRemoteRevoke {}", &htlc.payment_hash);
4842 if let OutboundHTLCOutcome::Failure(reason) = outcome.clone() { // We really want take() here, but, again, non-mut ref :(
4843 revoked_htlcs.push((htlc.source.clone(), htlc.payment_hash, reason));
4845 finalized_claimed_htlcs.push(htlc.source.clone());
4846 // They fulfilled, so we sent them money
4847 value_to_self_msat_diff -= htlc.amount_msat as i64;
4852 for htlc in pending_inbound_htlcs.iter_mut() {
4853 let swap = if let &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) = &htlc.state {
4855 } else if let &InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) = &htlc.state {
4859 let mut state = InboundHTLCState::Committed;
4860 mem::swap(&mut state, &mut htlc.state);
4862 if let InboundHTLCState::AwaitingRemoteRevokeToAnnounce(resolution) = state {
4863 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce {} to AwaitingAnnouncedRemoteRevoke", &htlc.payment_hash);
4864 htlc.state = InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution);
4865 require_commitment = true;
4866 } else if let InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution) = state {
4868 InboundHTLCResolution::Resolved { pending_htlc_status } =>
4869 match pending_htlc_status {
4870 PendingHTLCStatus::Fail(fail_msg) => {
4871 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to LocalRemoved due to PendingHTLCStatus indicating failure", &htlc.payment_hash);
4872 require_commitment = true;
4874 HTLCFailureMsg::Relay(msg) => {
4875 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(msg.reason.clone()));
4876 update_fail_htlcs.push(msg)
4878 HTLCFailureMsg::Malformed(msg) => {
4879 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed((msg.sha256_of_onion, msg.failure_code)));
4880 update_fail_malformed_htlcs.push(msg)
4884 PendingHTLCStatus::Forward(forward_info) => {
4885 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to Committed, attempting to forward", &htlc.payment_hash);
4886 to_forward_infos.push((forward_info, htlc.htlc_id));
4887 htlc.state = InboundHTLCState::Committed;
4890 InboundHTLCResolution::Pending { update_add_htlc } => {
4891 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to Committed", &htlc.payment_hash);
4892 pending_update_adds.push(update_add_htlc);
4893 htlc.state = InboundHTLCState::Committed;
4899 for htlc in pending_outbound_htlcs.iter_mut() {
4900 if let OutboundHTLCState::LocalAnnounced(_) = htlc.state {
4901 log_trace!(logger, " ...promoting outbound LocalAnnounced {} to Committed", &htlc.payment_hash);
4902 htlc.state = OutboundHTLCState::Committed;
4903 *expecting_peer_commitment_signed = true;
4905 if let &mut OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref mut outcome) = &mut htlc.state {
4906 log_trace!(logger, " ...promoting outbound AwaitingRemoteRevokeToRemove {} to AwaitingRemovedRemoteRevoke", &htlc.payment_hash);
4907 // Grab the preimage, if it exists, instead of cloning
4908 let mut reason = OutboundHTLCOutcome::Success(None);
4909 mem::swap(outcome, &mut reason);
4910 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(reason);
4911 require_commitment = true;
4915 self.context.value_to_self_msat = (self.context.value_to_self_msat as i64 + value_to_self_msat_diff) as u64;
4917 if let Some((feerate, update_state)) = self.context.pending_update_fee {
4918 match update_state {
4919 FeeUpdateState::Outbound => {
4920 debug_assert!(self.context.is_outbound());
4921 log_trace!(logger, " ...promoting outbound fee update {} to Committed", feerate);
4922 self.context.feerate_per_kw = feerate;
4923 self.context.pending_update_fee = None;
4924 self.context.expecting_peer_commitment_signed = true;
4926 FeeUpdateState::RemoteAnnounced => { debug_assert!(!self.context.is_outbound()); },
4927 FeeUpdateState::AwaitingRemoteRevokeToAnnounce => {
4928 debug_assert!(!self.context.is_outbound());
4929 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce fee update {} to Committed", feerate);
4930 require_commitment = true;
4931 self.context.feerate_per_kw = feerate;
4932 self.context.pending_update_fee = None;
4937 let release_monitor = self.context.blocked_monitor_updates.is_empty() && !hold_mon_update;
4938 let release_state_str =
4939 if hold_mon_update { "Holding" } else if release_monitor { "Releasing" } else { "Blocked" };
4940 macro_rules! return_with_htlcs_to_fail {
4941 ($htlcs_to_fail: expr) => {
4942 if !release_monitor {
4943 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
4944 update: monitor_update,
4946 return Ok(($htlcs_to_fail, None));
4948 return Ok(($htlcs_to_fail, Some(monitor_update)));
4953 self.context.monitor_pending_update_adds.append(&mut pending_update_adds);
4955 if self.context.channel_state.is_monitor_update_in_progress() {
4956 // We can't actually generate a new commitment transaction (incl by freeing holding
4957 // cells) while we can't update the monitor, so we just return what we have.
4958 if require_commitment {
4959 self.context.monitor_pending_commitment_signed = true;
4960 // When the monitor updating is restored we'll call
4961 // get_last_commitment_update_for_send(), which does not update state, but we're
4962 // definitely now awaiting a remote revoke before we can step forward any more, so
4964 let mut additional_update = self.build_commitment_no_status_check(logger);
4965 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4966 // strictly increasing by one, so decrement it here.
4967 self.context.latest_monitor_update_id = monitor_update.update_id;
4968 monitor_update.updates.append(&mut additional_update.updates);
4970 self.context.monitor_pending_forwards.append(&mut to_forward_infos);
4971 self.context.monitor_pending_failures.append(&mut revoked_htlcs);
4972 self.context.monitor_pending_finalized_fulfills.append(&mut finalized_claimed_htlcs);
4973 log_debug!(logger, "Received a valid revoke_and_ack for channel {} but awaiting a monitor update resolution to reply.", &self.context.channel_id());
4974 return_with_htlcs_to_fail!(Vec::new());
4977 match self.free_holding_cell_htlcs(fee_estimator, logger) {
4978 (Some(mut additional_update), htlcs_to_fail) => {
4979 // free_holding_cell_htlcs may bump latest_monitor_id multiple times but we want them to be
4980 // strictly increasing by one, so decrement it here.
4981 self.context.latest_monitor_update_id = monitor_update.update_id;
4982 monitor_update.updates.append(&mut additional_update.updates);
4984 log_debug!(logger, "Received a valid revoke_and_ack for channel {} with holding cell HTLCs freed. {} monitor update.",
4985 &self.context.channel_id(), release_state_str);
4987 self.monitor_updating_paused(false, true, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
4988 return_with_htlcs_to_fail!(htlcs_to_fail);
4990 (None, htlcs_to_fail) => {
4991 if require_commitment {
4992 let mut additional_update = self.build_commitment_no_status_check(logger);
4994 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4995 // strictly increasing by one, so decrement it here.
4996 self.context.latest_monitor_update_id = monitor_update.update_id;
4997 monitor_update.updates.append(&mut additional_update.updates);
4999 log_debug!(logger, "Received a valid revoke_and_ack for channel {}. Responding with a commitment update with {} HTLCs failed. {} monitor update.",
5000 &self.context.channel_id(),
5001 update_fail_htlcs.len() + update_fail_malformed_htlcs.len(),
5004 self.monitor_updating_paused(false, true, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
5005 return_with_htlcs_to_fail!(htlcs_to_fail);
5007 log_debug!(logger, "Received a valid revoke_and_ack for channel {} with no reply necessary. {} monitor update.",
5008 &self.context.channel_id(), release_state_str);
5010 self.monitor_updating_paused(false, false, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
5011 return_with_htlcs_to_fail!(htlcs_to_fail);
5017 /// Queues up an outbound update fee by placing it in the holding cell. You should call
5018 /// [`Self::maybe_free_holding_cell_htlcs`] in order to actually generate and send the
5019 /// commitment update.
5020 pub fn queue_update_fee<F: Deref, L: Deref>(&mut self, feerate_per_kw: u32,
5021 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L)
5022 where F::Target: FeeEstimator, L::Target: Logger
5024 let msg_opt = self.send_update_fee(feerate_per_kw, true, fee_estimator, logger);
5025 assert!(msg_opt.is_none(), "We forced holding cell?");
5028 /// Adds a pending update to this channel. See the doc for send_htlc for
5029 /// further details on the optionness of the return value.
5030 /// If our balance is too low to cover the cost of the next commitment transaction at the
5031 /// new feerate, the update is cancelled.
5033 /// You MUST call [`Self::send_commitment_no_state_update`] prior to any other calls on this
5034 /// [`Channel`] if `force_holding_cell` is false.
5035 fn send_update_fee<F: Deref, L: Deref>(
5036 &mut self, feerate_per_kw: u32, mut force_holding_cell: bool,
5037 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
5038 ) -> Option<msgs::UpdateFee>
5039 where F::Target: FeeEstimator, L::Target: Logger
5041 if !self.context.is_outbound() {
5042 panic!("Cannot send fee from inbound channel");
5044 if !self.context.is_usable() {
5045 panic!("Cannot update fee until channel is fully established and we haven't started shutting down");
5047 if !self.context.is_live() {
5048 panic!("Cannot update fee while peer is disconnected/we're awaiting a monitor update (ChannelManager should have caught this)");
5051 // Before proposing a feerate update, check that we can actually afford the new fee.
5052 let inbound_stats = self.context.get_inbound_pending_htlc_stats(Some(feerate_per_kw));
5053 let outbound_stats = self.context.get_outbound_pending_htlc_stats(Some(feerate_per_kw));
5054 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
5055 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, true, logger);
5056 let buffer_fee_msat = commit_tx_fee_sat(feerate_per_kw, commitment_stats.num_nondust_htlcs + outbound_stats.on_holder_tx_holding_cell_htlcs_count as usize + CONCURRENT_INBOUND_HTLC_FEE_BUFFER as usize, self.context.get_channel_type()) * 1000;
5057 let holder_balance_msat = commitment_stats.local_balance_msat - outbound_stats.holding_cell_msat;
5058 if holder_balance_msat < buffer_fee_msat + self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000 {
5059 //TODO: auto-close after a number of failures?
5060 log_debug!(logger, "Cannot afford to send new feerate at {}", feerate_per_kw);
5064 // Note, we evaluate pending htlc "preemptive" trimmed-to-dust threshold at the proposed `feerate_per_kw`.
5065 let holder_tx_dust_exposure = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
5066 let counterparty_tx_dust_exposure = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
5067 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
5068 if holder_tx_dust_exposure > max_dust_htlc_exposure_msat {
5069 log_debug!(logger, "Cannot afford to send new feerate at {} without infringing max dust htlc exposure", feerate_per_kw);
5072 if counterparty_tx_dust_exposure > max_dust_htlc_exposure_msat {
5073 log_debug!(logger, "Cannot afford to send new feerate at {} without infringing max dust htlc exposure", feerate_per_kw);
5077 if self.context.channel_state.is_awaiting_remote_revoke() || self.context.channel_state.is_monitor_update_in_progress() {
5078 force_holding_cell = true;
5081 if force_holding_cell {
5082 self.context.holding_cell_update_fee = Some(feerate_per_kw);
5086 debug_assert!(self.context.pending_update_fee.is_none());
5087 self.context.pending_update_fee = Some((feerate_per_kw, FeeUpdateState::Outbound));
5089 Some(msgs::UpdateFee {
5090 channel_id: self.context.channel_id,
5095 /// Removes any uncommitted inbound HTLCs and resets the state of uncommitted outbound HTLC
5096 /// updates, to be used on peer disconnection. After this, update_*_htlc messages need to be
5098 /// No further message handling calls may be made until a channel_reestablish dance has
5100 /// May return `Err(())`, which implies [`ChannelContext::force_shutdown`] should be called immediately.
5101 pub fn remove_uncommitted_htlcs_and_mark_paused<L: Deref>(&mut self, logger: &L) -> Result<(), ()> where L::Target: Logger {
5102 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
5103 if self.context.channel_state.is_pre_funded_state() {
5107 if self.context.channel_state.is_peer_disconnected() {
5108 // While the below code should be idempotent, it's simpler to just return early, as
5109 // redundant disconnect events can fire, though they should be rare.
5113 if self.context.announcement_sigs_state == AnnouncementSigsState::MessageSent || self.context.announcement_sigs_state == AnnouncementSigsState::Committed {
5114 self.context.announcement_sigs_state = AnnouncementSigsState::NotSent;
5117 // Upon reconnect we have to start the closing_signed dance over, but shutdown messages
5118 // will be retransmitted.
5119 self.context.last_sent_closing_fee = None;
5120 self.context.pending_counterparty_closing_signed = None;
5121 self.context.closing_fee_limits = None;
5123 let mut inbound_drop_count = 0;
5124 self.context.pending_inbound_htlcs.retain(|htlc| {
5126 InboundHTLCState::RemoteAnnounced(_) => {
5127 // They sent us an update_add_htlc but we never got the commitment_signed.
5128 // We'll tell them what commitment_signed we're expecting next and they'll drop
5129 // this HTLC accordingly
5130 inbound_drop_count += 1;
5133 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_)|InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) => {
5134 // We received a commitment_signed updating this HTLC and (at least hopefully)
5135 // sent a revoke_and_ack (which we can re-transmit) and have heard nothing
5136 // in response to it yet, so don't touch it.
5139 InboundHTLCState::Committed => true,
5140 InboundHTLCState::LocalRemoved(_) => {
5141 // We (hopefully) sent a commitment_signed updating this HTLC (which we can
5142 // re-transmit if needed) and they may have even sent a revoke_and_ack back
5143 // (that we missed). Keep this around for now and if they tell us they missed
5144 // the commitment_signed we can re-transmit the update then.
5149 self.context.next_counterparty_htlc_id -= inbound_drop_count;
5151 if let Some((_, update_state)) = self.context.pending_update_fee {
5152 if update_state == FeeUpdateState::RemoteAnnounced {
5153 debug_assert!(!self.context.is_outbound());
5154 self.context.pending_update_fee = None;
5158 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
5159 if let OutboundHTLCState::RemoteRemoved(_) = htlc.state {
5160 // They sent us an update to remove this but haven't yet sent the corresponding
5161 // commitment_signed, we need to move it back to Committed and they can re-send
5162 // the update upon reconnection.
5163 htlc.state = OutboundHTLCState::Committed;
5167 self.context.sent_message_awaiting_response = None;
5169 self.context.channel_state.set_peer_disconnected();
5170 log_trace!(logger, "Peer disconnection resulted in {} remote-announced HTLC drops on channel {}", inbound_drop_count, &self.context.channel_id());
5174 /// Indicates that a ChannelMonitor update is in progress and has not yet been fully persisted.
5175 /// This must be called before we return the [`ChannelMonitorUpdate`] back to the
5176 /// [`ChannelManager`], which will call [`Self::monitor_updating_restored`] once the monitor
5177 /// update completes (potentially immediately).
5178 /// The messages which were generated with the monitor update must *not* have been sent to the
5179 /// remote end, and must instead have been dropped. They will be regenerated when
5180 /// [`Self::monitor_updating_restored`] is called.
5182 /// [`ChannelManager`]: super::channelmanager::ChannelManager
5183 /// [`chain::Watch`]: crate::chain::Watch
5184 /// [`ChannelMonitorUpdateStatus::InProgress`]: crate::chain::ChannelMonitorUpdateStatus::InProgress
5185 fn monitor_updating_paused(&mut self, resend_raa: bool, resend_commitment: bool,
5186 resend_channel_ready: bool, mut pending_forwards: Vec<(PendingHTLCInfo, u64)>,
5187 mut pending_fails: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
5188 mut pending_finalized_claimed_htlcs: Vec<HTLCSource>
5190 self.context.monitor_pending_revoke_and_ack |= resend_raa;
5191 self.context.monitor_pending_commitment_signed |= resend_commitment;
5192 self.context.monitor_pending_channel_ready |= resend_channel_ready;
5193 self.context.monitor_pending_forwards.append(&mut pending_forwards);
5194 self.context.monitor_pending_failures.append(&mut pending_fails);
5195 self.context.monitor_pending_finalized_fulfills.append(&mut pending_finalized_claimed_htlcs);
5196 self.context.channel_state.set_monitor_update_in_progress();
5199 /// Indicates that the latest ChannelMonitor update has been committed by the client
5200 /// successfully and we should restore normal operation. Returns messages which should be sent
5201 /// to the remote side.
5202 pub fn monitor_updating_restored<L: Deref, NS: Deref>(
5203 &mut self, logger: &L, node_signer: &NS, chain_hash: ChainHash,
5204 user_config: &UserConfig, best_block_height: u32
5205 ) -> MonitorRestoreUpdates
5208 NS::Target: NodeSigner
5210 assert!(self.context.channel_state.is_monitor_update_in_progress());
5211 self.context.channel_state.clear_monitor_update_in_progress();
5213 // If we're past (or at) the AwaitingChannelReady stage on an outbound channel, try to
5214 // (re-)broadcast the funding transaction as we may have declined to broadcast it when we
5215 // first received the funding_signed.
5216 let mut funding_broadcastable =
5217 if self.context.is_outbound() &&
5218 (matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(flags) if !flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH)) ||
5219 matches!(self.context.channel_state, ChannelState::ChannelReady(_)))
5221 self.context.funding_transaction.take()
5223 // That said, if the funding transaction is already confirmed (ie we're active with a
5224 // minimum_depth over 0) don't bother re-broadcasting the confirmed funding tx.
5225 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) && self.context.minimum_depth != Some(0) {
5226 funding_broadcastable = None;
5229 // We will never broadcast the funding transaction when we're in MonitorUpdateInProgress
5230 // (and we assume the user never directly broadcasts the funding transaction and waits for
5231 // us to do it). Thus, we can only ever hit monitor_pending_channel_ready when we're
5232 // * an inbound channel that failed to persist the monitor on funding_created and we got
5233 // the funding transaction confirmed before the monitor was persisted, or
5234 // * a 0-conf channel and intended to send the channel_ready before any broadcast at all.
5235 let channel_ready = if self.context.monitor_pending_channel_ready {
5236 assert!(!self.context.is_outbound() || self.context.minimum_depth == Some(0),
5237 "Funding transaction broadcast by the local client before it should have - LDK didn't do it!");
5238 self.context.monitor_pending_channel_ready = false;
5239 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5240 Some(msgs::ChannelReady {
5241 channel_id: self.context.channel_id(),
5242 next_per_commitment_point,
5243 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5247 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block_height, logger);
5249 let mut accepted_htlcs = Vec::new();
5250 mem::swap(&mut accepted_htlcs, &mut self.context.monitor_pending_forwards);
5251 let mut failed_htlcs = Vec::new();
5252 mem::swap(&mut failed_htlcs, &mut self.context.monitor_pending_failures);
5253 let mut finalized_claimed_htlcs = Vec::new();
5254 mem::swap(&mut finalized_claimed_htlcs, &mut self.context.monitor_pending_finalized_fulfills);
5255 let mut pending_update_adds = Vec::new();
5256 mem::swap(&mut pending_update_adds, &mut self.context.monitor_pending_update_adds);
5258 if self.context.channel_state.is_peer_disconnected() {
5259 self.context.monitor_pending_revoke_and_ack = false;
5260 self.context.monitor_pending_commitment_signed = false;
5261 return MonitorRestoreUpdates {
5262 raa: None, commitment_update: None, order: RAACommitmentOrder::RevokeAndACKFirst,
5263 accepted_htlcs, failed_htlcs, finalized_claimed_htlcs, pending_update_adds,
5264 funding_broadcastable, channel_ready, announcement_sigs
5268 let raa = if self.context.monitor_pending_revoke_and_ack {
5269 Some(self.get_last_revoke_and_ack())
5271 let commitment_update = if self.context.monitor_pending_commitment_signed {
5272 self.get_last_commitment_update_for_send(logger).ok()
5274 if commitment_update.is_some() {
5275 self.mark_awaiting_response();
5278 self.context.monitor_pending_revoke_and_ack = false;
5279 self.context.monitor_pending_commitment_signed = false;
5280 let order = self.context.resend_order.clone();
5281 log_debug!(logger, "Restored monitor updating in channel {} resulting in {}{} commitment update and {} RAA, with {} first",
5282 &self.context.channel_id(), if funding_broadcastable.is_some() { "a funding broadcastable, " } else { "" },
5283 if commitment_update.is_some() { "a" } else { "no" }, if raa.is_some() { "an" } else { "no" },
5284 match order { RAACommitmentOrder::CommitmentFirst => "commitment", RAACommitmentOrder::RevokeAndACKFirst => "RAA"});
5285 MonitorRestoreUpdates {
5286 raa, commitment_update, order, accepted_htlcs, failed_htlcs, finalized_claimed_htlcs,
5287 pending_update_adds, funding_broadcastable, channel_ready, announcement_sigs
5291 pub fn update_fee<F: Deref, L: Deref>(&mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, msg: &msgs::UpdateFee, logger: &L) -> Result<(), ChannelError>
5292 where F::Target: FeeEstimator, L::Target: Logger
5294 if self.context.is_outbound() {
5295 return Err(ChannelError::Close("Non-funding remote tried to update channel fee".to_owned()));
5297 if self.context.channel_state.is_peer_disconnected() {
5298 return Err(ChannelError::Close("Peer sent update_fee when we needed a channel_reestablish".to_owned()));
5300 Channel::<SP>::check_remote_fee(&self.context.channel_type, fee_estimator, msg.feerate_per_kw, Some(self.context.feerate_per_kw), logger)?;
5302 self.context.pending_update_fee = Some((msg.feerate_per_kw, FeeUpdateState::RemoteAnnounced));
5303 self.context.update_time_counter += 1;
5304 // Check that we won't be pushed over our dust exposure limit by the feerate increase.
5305 if !self.context.channel_type.supports_anchors_zero_fee_htlc_tx() {
5306 let inbound_stats = self.context.get_inbound_pending_htlc_stats(None);
5307 let outbound_stats = self.context.get_outbound_pending_htlc_stats(None);
5308 let holder_tx_dust_exposure = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
5309 let counterparty_tx_dust_exposure = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
5310 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
5311 if holder_tx_dust_exposure > max_dust_htlc_exposure_msat {
5312 return Err(ChannelError::Close(format!("Peer sent update_fee with a feerate ({}) which may over-expose us to dust-in-flight on our own transactions (totaling {} msat)",
5313 msg.feerate_per_kw, holder_tx_dust_exposure)));
5315 if counterparty_tx_dust_exposure > max_dust_htlc_exposure_msat {
5316 return Err(ChannelError::Close(format!("Peer sent update_fee with a feerate ({}) which may over-expose us to dust-in-flight on our counterparty's transactions (totaling {} msat)",
5317 msg.feerate_per_kw, counterparty_tx_dust_exposure)));
5323 /// Indicates that the signer may have some signatures for us, so we should retry if we're
5325 #[cfg(async_signing)]
5326 pub fn signer_maybe_unblocked<L: Deref>(&mut self, logger: &L) -> SignerResumeUpdates where L::Target: Logger {
5327 let commitment_update = if self.context.signer_pending_commitment_update {
5328 self.get_last_commitment_update_for_send(logger).ok()
5330 let funding_signed = if self.context.signer_pending_funding && !self.context.is_outbound() {
5331 self.context.get_funding_signed_msg(logger).1
5333 let channel_ready = if funding_signed.is_some() {
5334 self.check_get_channel_ready(0)
5337 log_trace!(logger, "Signer unblocked with {} commitment_update, {} funding_signed and {} channel_ready",
5338 if commitment_update.is_some() { "a" } else { "no" },
5339 if funding_signed.is_some() { "a" } else { "no" },
5340 if channel_ready.is_some() { "a" } else { "no" });
5342 SignerResumeUpdates {
5349 fn get_last_revoke_and_ack(&self) -> msgs::RevokeAndACK {
5350 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5351 let per_commitment_secret = self.context.holder_signer.as_ref().release_commitment_secret(self.context.cur_holder_commitment_transaction_number + 2);
5352 msgs::RevokeAndACK {
5353 channel_id: self.context.channel_id,
5354 per_commitment_secret,
5355 next_per_commitment_point,
5357 next_local_nonce: None,
5361 /// Gets the last commitment update for immediate sending to our peer.
5362 fn get_last_commitment_update_for_send<L: Deref>(&mut self, logger: &L) -> Result<msgs::CommitmentUpdate, ()> where L::Target: Logger {
5363 let mut update_add_htlcs = Vec::new();
5364 let mut update_fulfill_htlcs = Vec::new();
5365 let mut update_fail_htlcs = Vec::new();
5366 let mut update_fail_malformed_htlcs = Vec::new();
5368 for htlc in self.context.pending_outbound_htlcs.iter() {
5369 if let &OutboundHTLCState::LocalAnnounced(ref onion_packet) = &htlc.state {
5370 update_add_htlcs.push(msgs::UpdateAddHTLC {
5371 channel_id: self.context.channel_id(),
5372 htlc_id: htlc.htlc_id,
5373 amount_msat: htlc.amount_msat,
5374 payment_hash: htlc.payment_hash,
5375 cltv_expiry: htlc.cltv_expiry,
5376 onion_routing_packet: (**onion_packet).clone(),
5377 skimmed_fee_msat: htlc.skimmed_fee_msat,
5378 blinding_point: htlc.blinding_point,
5383 for htlc in self.context.pending_inbound_htlcs.iter() {
5384 if let &InboundHTLCState::LocalRemoved(ref reason) = &htlc.state {
5386 &InboundHTLCRemovalReason::FailRelay(ref err_packet) => {
5387 update_fail_htlcs.push(msgs::UpdateFailHTLC {
5388 channel_id: self.context.channel_id(),
5389 htlc_id: htlc.htlc_id,
5390 reason: err_packet.clone()
5393 &InboundHTLCRemovalReason::FailMalformed((ref sha256_of_onion, ref failure_code)) => {
5394 update_fail_malformed_htlcs.push(msgs::UpdateFailMalformedHTLC {
5395 channel_id: self.context.channel_id(),
5396 htlc_id: htlc.htlc_id,
5397 sha256_of_onion: sha256_of_onion.clone(),
5398 failure_code: failure_code.clone(),
5401 &InboundHTLCRemovalReason::Fulfill(ref payment_preimage) => {
5402 update_fulfill_htlcs.push(msgs::UpdateFulfillHTLC {
5403 channel_id: self.context.channel_id(),
5404 htlc_id: htlc.htlc_id,
5405 payment_preimage: payment_preimage.clone(),
5412 let update_fee = if self.context.is_outbound() && self.context.pending_update_fee.is_some() {
5413 Some(msgs::UpdateFee {
5414 channel_id: self.context.channel_id(),
5415 feerate_per_kw: self.context.pending_update_fee.unwrap().0,
5419 log_trace!(logger, "Regenerating latest commitment update in channel {} with{} {} update_adds, {} update_fulfills, {} update_fails, and {} update_fail_malformeds",
5420 &self.context.channel_id(), if update_fee.is_some() { " update_fee," } else { "" },
5421 update_add_htlcs.len(), update_fulfill_htlcs.len(), update_fail_htlcs.len(), update_fail_malformed_htlcs.len());
5422 let commitment_signed = if let Ok(update) = self.send_commitment_no_state_update(logger).map(|(cu, _)| cu) {
5423 if self.context.signer_pending_commitment_update {
5424 log_trace!(logger, "Commitment update generated: clearing signer_pending_commitment_update");
5425 self.context.signer_pending_commitment_update = false;
5429 #[cfg(not(async_signing))] {
5430 panic!("Failed to get signature for new commitment state");
5432 #[cfg(async_signing)] {
5433 if !self.context.signer_pending_commitment_update {
5434 log_trace!(logger, "Commitment update awaiting signer: setting signer_pending_commitment_update");
5435 self.context.signer_pending_commitment_update = true;
5440 Ok(msgs::CommitmentUpdate {
5441 update_add_htlcs, update_fulfill_htlcs, update_fail_htlcs, update_fail_malformed_htlcs, update_fee,
5446 /// Gets the `Shutdown` message we should send our peer on reconnect, if any.
5447 pub fn get_outbound_shutdown(&self) -> Option<msgs::Shutdown> {
5448 if self.context.channel_state.is_local_shutdown_sent() {
5449 assert!(self.context.shutdown_scriptpubkey.is_some());
5450 Some(msgs::Shutdown {
5451 channel_id: self.context.channel_id,
5452 scriptpubkey: self.get_closing_scriptpubkey(),
5457 /// May panic if some calls other than message-handling calls (which will all Err immediately)
5458 /// have been called between remove_uncommitted_htlcs_and_mark_paused and this call.
5460 /// Some links printed in log lines are included here to check them during build (when run with
5461 /// `cargo doc --document-private-items`):
5462 /// [`super::channelmanager::ChannelManager::force_close_without_broadcasting_txn`] and
5463 /// [`super::channelmanager::ChannelManager::force_close_all_channels_without_broadcasting_txn`].
5464 pub fn channel_reestablish<L: Deref, NS: Deref>(
5465 &mut self, msg: &msgs::ChannelReestablish, logger: &L, node_signer: &NS,
5466 chain_hash: ChainHash, user_config: &UserConfig, best_block: &BestBlock
5467 ) -> Result<ReestablishResponses, ChannelError>
5470 NS::Target: NodeSigner
5472 if !self.context.channel_state.is_peer_disconnected() {
5473 // While BOLT 2 doesn't indicate explicitly we should error this channel here, it
5474 // almost certainly indicates we are going to end up out-of-sync in some way, so we
5475 // just close here instead of trying to recover.
5476 return Err(ChannelError::Close("Peer sent a loose channel_reestablish not after reconnect".to_owned()));
5479 if msg.next_local_commitment_number >= INITIAL_COMMITMENT_NUMBER || msg.next_remote_commitment_number >= INITIAL_COMMITMENT_NUMBER ||
5480 msg.next_local_commitment_number == 0 {
5481 return Err(ChannelError::Close("Peer sent an invalid channel_reestablish to force close in a non-standard way".to_owned()));
5484 let our_commitment_transaction = INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number - 1;
5485 if msg.next_remote_commitment_number > 0 {
5486 let expected_point = self.context.holder_signer.as_ref().get_per_commitment_point(INITIAL_COMMITMENT_NUMBER - msg.next_remote_commitment_number + 1, &self.context.secp_ctx);
5487 let given_secret = SecretKey::from_slice(&msg.your_last_per_commitment_secret)
5488 .map_err(|_| ChannelError::Close("Peer sent a garbage channel_reestablish with unparseable secret key".to_owned()))?;
5489 if expected_point != PublicKey::from_secret_key(&self.context.secp_ctx, &given_secret) {
5490 return Err(ChannelError::Close("Peer sent a garbage channel_reestablish with secret key not matching the commitment height provided".to_owned()));
5492 if msg.next_remote_commitment_number > our_commitment_transaction {
5493 macro_rules! log_and_panic {
5494 ($err_msg: expr) => {
5495 log_error!(logger, $err_msg, &self.context.channel_id, log_pubkey!(self.context.counterparty_node_id));
5496 panic!($err_msg, &self.context.channel_id, log_pubkey!(self.context.counterparty_node_id));
5499 log_and_panic!("We have fallen behind - we have received proof that if we broadcast our counterparty is going to claim all our funds.\n\
5500 This implies you have restarted with lost ChannelMonitor and ChannelManager state, the first of which is a violation of the LDK chain::Watch requirements.\n\
5501 More specifically, this means you have a bug in your implementation that can cause loss of funds, or you are running with an old backup, which is unsafe.\n\
5502 If you have restored from an old backup and wish to force-close channels and return to operation, you should start up, call\n\
5503 ChannelManager::force_close_without_broadcasting_txn on channel {} with counterparty {} or\n\
5504 ChannelManager::force_close_all_channels_without_broadcasting_txn, then reconnect to peer(s).\n\
5505 Note that due to a long-standing bug in lnd you may have to reach out to peers running lnd-based nodes to ask them to manually force-close channels\n\
5506 See https://github.com/lightningdevkit/rust-lightning/issues/1565 for more info.");
5510 // Before we change the state of the channel, we check if the peer is sending a very old
5511 // commitment transaction number, if yes we send a warning message.
5512 if msg.next_remote_commitment_number + 1 < our_commitment_transaction {
5513 return Err(ChannelError::Warn(format!(
5514 "Peer attempted to reestablish channel with a very old local commitment transaction: {} (received) vs {} (expected)",
5515 msg.next_remote_commitment_number,
5516 our_commitment_transaction
5520 // Go ahead and unmark PeerDisconnected as various calls we may make check for it (and all
5521 // remaining cases either succeed or ErrorMessage-fail).
5522 self.context.channel_state.clear_peer_disconnected();
5523 self.context.sent_message_awaiting_response = None;
5525 let shutdown_msg = self.get_outbound_shutdown();
5527 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block.height, logger);
5529 if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(_)) {
5530 // If we're waiting on a monitor update, we shouldn't re-send any channel_ready's.
5531 if !self.context.channel_state.is_our_channel_ready() ||
5532 self.context.channel_state.is_monitor_update_in_progress() {
5533 if msg.next_remote_commitment_number != 0 {
5534 return Err(ChannelError::Close("Peer claimed they saw a revoke_and_ack but we haven't sent channel_ready yet".to_owned()));
5536 // Short circuit the whole handler as there is nothing we can resend them
5537 return Ok(ReestablishResponses {
5538 channel_ready: None,
5539 raa: None, commitment_update: None,
5540 order: RAACommitmentOrder::CommitmentFirst,
5541 shutdown_msg, announcement_sigs,
5545 // We have OurChannelReady set!
5546 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5547 return Ok(ReestablishResponses {
5548 channel_ready: Some(msgs::ChannelReady {
5549 channel_id: self.context.channel_id(),
5550 next_per_commitment_point,
5551 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5553 raa: None, commitment_update: None,
5554 order: RAACommitmentOrder::CommitmentFirst,
5555 shutdown_msg, announcement_sigs,
5559 let required_revoke = if msg.next_remote_commitment_number == our_commitment_transaction {
5560 // Remote isn't waiting on any RevokeAndACK from us!
5561 // Note that if we need to repeat our ChannelReady we'll do that in the next if block.
5563 } else if msg.next_remote_commitment_number + 1 == our_commitment_transaction {
5564 if self.context.channel_state.is_monitor_update_in_progress() {
5565 self.context.monitor_pending_revoke_and_ack = true;
5568 Some(self.get_last_revoke_and_ack())
5571 debug_assert!(false, "All values should have been handled in the four cases above");
5572 return Err(ChannelError::Close(format!(
5573 "Peer attempted to reestablish channel expecting a future local commitment transaction: {} (received) vs {} (expected)",
5574 msg.next_remote_commitment_number,
5575 our_commitment_transaction
5579 // We increment cur_counterparty_commitment_transaction_number only upon receipt of
5580 // revoke_and_ack, not on sending commitment_signed, so we add one if have
5581 // AwaitingRemoteRevoke set, which indicates we sent a commitment_signed but haven't gotten
5582 // the corresponding revoke_and_ack back yet.
5583 let is_awaiting_remote_revoke = self.context.channel_state.is_awaiting_remote_revoke();
5584 if is_awaiting_remote_revoke && !self.is_awaiting_monitor_update() {
5585 self.mark_awaiting_response();
5587 let next_counterparty_commitment_number = INITIAL_COMMITMENT_NUMBER - self.context.cur_counterparty_commitment_transaction_number + if is_awaiting_remote_revoke { 1 } else { 0 };
5589 let channel_ready = if msg.next_local_commitment_number == 1 && INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number == 1 {
5590 // We should never have to worry about MonitorUpdateInProgress resending ChannelReady
5591 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5592 Some(msgs::ChannelReady {
5593 channel_id: self.context.channel_id(),
5594 next_per_commitment_point,
5595 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5599 if msg.next_local_commitment_number == next_counterparty_commitment_number {
5600 if required_revoke.is_some() {
5601 log_debug!(logger, "Reconnected channel {} with only lost outbound RAA", &self.context.channel_id());
5603 log_debug!(logger, "Reconnected channel {} with no loss", &self.context.channel_id());
5606 Ok(ReestablishResponses {
5607 channel_ready, shutdown_msg, announcement_sigs,
5608 raa: required_revoke,
5609 commitment_update: None,
5610 order: self.context.resend_order.clone(),
5612 } else if msg.next_local_commitment_number == next_counterparty_commitment_number - 1 {
5613 if required_revoke.is_some() {
5614 log_debug!(logger, "Reconnected channel {} with lost outbound RAA and lost remote commitment tx", &self.context.channel_id());
5616 log_debug!(logger, "Reconnected channel {} with only lost remote commitment tx", &self.context.channel_id());
5619 if self.context.channel_state.is_monitor_update_in_progress() {
5620 self.context.monitor_pending_commitment_signed = true;
5621 Ok(ReestablishResponses {
5622 channel_ready, shutdown_msg, announcement_sigs,
5623 commitment_update: None, raa: None,
5624 order: self.context.resend_order.clone(),
5627 Ok(ReestablishResponses {
5628 channel_ready, shutdown_msg, announcement_sigs,
5629 raa: required_revoke,
5630 commitment_update: self.get_last_commitment_update_for_send(logger).ok(),
5631 order: self.context.resend_order.clone(),
5634 } else if msg.next_local_commitment_number < next_counterparty_commitment_number {
5635 Err(ChannelError::Close(format!(
5636 "Peer attempted to reestablish channel with a very old remote commitment transaction: {} (received) vs {} (expected)",
5637 msg.next_local_commitment_number,
5638 next_counterparty_commitment_number,
5641 Err(ChannelError::Close(format!(
5642 "Peer attempted to reestablish channel with a future remote commitment transaction: {} (received) vs {} (expected)",
5643 msg.next_local_commitment_number,
5644 next_counterparty_commitment_number,
5649 /// Calculates and returns our minimum and maximum closing transaction fee amounts, in whole
5650 /// satoshis. The amounts remain consistent unless a peer disconnects/reconnects or we restart,
5651 /// at which point they will be recalculated.
5652 fn calculate_closing_fee_limits<F: Deref>(&mut self, fee_estimator: &LowerBoundedFeeEstimator<F>)
5654 where F::Target: FeeEstimator
5656 if let Some((min, max)) = self.context.closing_fee_limits { return (min, max); }
5658 // Propose a range from our current Background feerate to our Normal feerate plus our
5659 // force_close_avoidance_max_fee_satoshis.
5660 // If we fail to come to consensus, we'll have to force-close.
5661 let mut proposed_feerate = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::ChannelCloseMinimum);
5662 // Use NonAnchorChannelFee because this should be an estimate for a channel close
5663 // that we don't expect to need fee bumping
5664 let normal_feerate = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::NonAnchorChannelFee);
5665 let mut proposed_max_feerate = if self.context.is_outbound() { normal_feerate } else { u32::max_value() };
5667 // The spec requires that (when the channel does not have anchors) we only send absolute
5668 // channel fees no greater than the absolute channel fee on the current commitment
5669 // transaction. It's unclear *which* commitment transaction this refers to, and there isn't
5670 // very good reason to apply such a limit in any case. We don't bother doing so, risking
5671 // some force-closure by old nodes, but we wanted to close the channel anyway.
5673 if let Some(target_feerate) = self.context.target_closing_feerate_sats_per_kw {
5674 let min_feerate = if self.context.is_outbound() { target_feerate } else { cmp::min(self.context.feerate_per_kw, target_feerate) };
5675 proposed_feerate = cmp::max(proposed_feerate, min_feerate);
5676 proposed_max_feerate = cmp::max(proposed_max_feerate, min_feerate);
5679 // Note that technically we could end up with a lower minimum fee if one sides' balance is
5680 // below our dust limit, causing the output to disappear. We don't bother handling this
5681 // case, however, as this should only happen if a channel is closed before any (material)
5682 // payments have been made on it. This may cause slight fee overpayment and/or failure to
5683 // come to consensus with our counterparty on appropriate fees, however it should be a
5684 // relatively rare case. We can revisit this later, though note that in order to determine
5685 // if the funders' output is dust we have to know the absolute fee we're going to use.
5686 let tx_weight = self.get_closing_transaction_weight(Some(&self.get_closing_scriptpubkey()), Some(self.context.counterparty_shutdown_scriptpubkey.as_ref().unwrap()));
5687 let proposed_total_fee_satoshis = proposed_feerate as u64 * tx_weight / 1000;
5688 let proposed_max_total_fee_satoshis = if self.context.is_outbound() {
5689 // We always add force_close_avoidance_max_fee_satoshis to our normal
5690 // feerate-calculated fee, but allow the max to be overridden if we're using a
5691 // target feerate-calculated fee.
5692 cmp::max(normal_feerate as u64 * tx_weight / 1000 + self.context.config.options.force_close_avoidance_max_fee_satoshis,
5693 proposed_max_feerate as u64 * tx_weight / 1000)
5695 self.context.channel_value_satoshis - (self.context.value_to_self_msat + 999) / 1000
5698 self.context.closing_fee_limits = Some((proposed_total_fee_satoshis, proposed_max_total_fee_satoshis));
5699 self.context.closing_fee_limits.clone().unwrap()
5702 /// Returns true if we're ready to commence the closing_signed negotiation phase. This is true
5703 /// after both sides have exchanged a `shutdown` message and all HTLCs have been drained. At
5704 /// this point if we're the funder we should send the initial closing_signed, and in any case
5705 /// shutdown should complete within a reasonable timeframe.
5706 fn closing_negotiation_ready(&self) -> bool {
5707 self.context.closing_negotiation_ready()
5710 /// Checks if the closing_signed negotiation is making appropriate progress, possibly returning
5711 /// an Err if no progress is being made and the channel should be force-closed instead.
5712 /// Should be called on a one-minute timer.
5713 pub fn timer_check_closing_negotiation_progress(&mut self) -> Result<(), ChannelError> {
5714 if self.closing_negotiation_ready() {
5715 if self.context.closing_signed_in_flight {
5716 return Err(ChannelError::Close("closing_signed negotiation failed to finish within two timer ticks".to_owned()));
5718 self.context.closing_signed_in_flight = true;
5724 pub fn maybe_propose_closing_signed<F: Deref, L: Deref>(
5725 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L)
5726 -> Result<(Option<msgs::ClosingSigned>, Option<Transaction>, Option<ShutdownResult>), ChannelError>
5727 where F::Target: FeeEstimator, L::Target: Logger
5729 // If we're waiting on a monitor persistence, that implies we're also waiting to send some
5730 // message to our counterparty (probably a `revoke_and_ack`). In such a case, we shouldn't
5731 // initiate `closing_signed` negotiation until we're clear of all pending messages. Note
5732 // that closing_negotiation_ready checks this case (as well as a few others).
5733 if self.context.last_sent_closing_fee.is_some() || !self.closing_negotiation_ready() {
5734 return Ok((None, None, None));
5737 if !self.context.is_outbound() {
5738 if let Some(msg) = &self.context.pending_counterparty_closing_signed.take() {
5739 return self.closing_signed(fee_estimator, &msg);
5741 return Ok((None, None, None));
5744 // If we're waiting on a counterparty `commitment_signed` to clear some updates from our
5745 // local commitment transaction, we can't yet initiate `closing_signed` negotiation.
5746 if self.context.expecting_peer_commitment_signed {
5747 return Ok((None, None, None));
5750 let (our_min_fee, our_max_fee) = self.calculate_closing_fee_limits(fee_estimator);
5752 assert!(self.context.shutdown_scriptpubkey.is_some());
5753 let (closing_tx, total_fee_satoshis) = self.build_closing_transaction(our_min_fee, false);
5754 log_trace!(logger, "Proposing initial closing_signed for our counterparty with a fee range of {}-{} sat (with initial proposal {} sats)",
5755 our_min_fee, our_max_fee, total_fee_satoshis);
5757 match &self.context.holder_signer {
5758 ChannelSignerType::Ecdsa(ecdsa) => {
5760 .sign_closing_transaction(&closing_tx, &self.context.secp_ctx)
5761 .map_err(|()| ChannelError::Close("Failed to get signature for closing transaction.".to_owned()))?;
5763 self.context.last_sent_closing_fee = Some((total_fee_satoshis, sig.clone()));
5764 Ok((Some(msgs::ClosingSigned {
5765 channel_id: self.context.channel_id,
5766 fee_satoshis: total_fee_satoshis,
5768 fee_range: Some(msgs::ClosingSignedFeeRange {
5769 min_fee_satoshis: our_min_fee,
5770 max_fee_satoshis: our_max_fee,
5774 // TODO (taproot|arik)
5780 // Marks a channel as waiting for a response from the counterparty. If it's not received
5781 // [`DISCONNECT_PEER_AWAITING_RESPONSE_TICKS`] after sending our own to them, then we'll attempt
5783 fn mark_awaiting_response(&mut self) {
5784 self.context.sent_message_awaiting_response = Some(0);
5787 /// Determines whether we should disconnect the counterparty due to not receiving a response
5788 /// within our expected timeframe.
5790 /// This should be called on every [`super::channelmanager::ChannelManager::timer_tick_occurred`].
5791 pub fn should_disconnect_peer_awaiting_response(&mut self) -> bool {
5792 let ticks_elapsed = if let Some(ticks_elapsed) = self.context.sent_message_awaiting_response.as_mut() {
5795 // Don't disconnect when we're not waiting on a response.
5798 *ticks_elapsed += 1;
5799 *ticks_elapsed >= DISCONNECT_PEER_AWAITING_RESPONSE_TICKS
5803 &mut self, signer_provider: &SP, their_features: &InitFeatures, msg: &msgs::Shutdown
5804 ) -> Result<(Option<msgs::Shutdown>, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), ChannelError>
5806 if self.context.channel_state.is_peer_disconnected() {
5807 return Err(ChannelError::Close("Peer sent shutdown when we needed a channel_reestablish".to_owned()));
5809 if self.context.channel_state.is_pre_funded_state() {
5810 // Spec says we should fail the connection, not the channel, but that's nonsense, there
5811 // are plenty of reasons you may want to fail a channel pre-funding, and spec says you
5812 // can do that via error message without getting a connection fail anyway...
5813 return Err(ChannelError::Close("Peer sent shutdown pre-funding generation".to_owned()));
5815 for htlc in self.context.pending_inbound_htlcs.iter() {
5816 if let InboundHTLCState::RemoteAnnounced(_) = htlc.state {
5817 return Err(ChannelError::Close("Got shutdown with remote pending HTLCs".to_owned()));
5820 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
5822 if !script::is_bolt2_compliant(&msg.scriptpubkey, their_features) {
5823 return Err(ChannelError::Warn(format!("Got a nonstandard scriptpubkey ({}) from remote peer", msg.scriptpubkey.to_hex_string())));
5826 if self.context.counterparty_shutdown_scriptpubkey.is_some() {
5827 if Some(&msg.scriptpubkey) != self.context.counterparty_shutdown_scriptpubkey.as_ref() {
5828 return Err(ChannelError::Warn(format!("Got shutdown request with a scriptpubkey ({}) which did not match their previous scriptpubkey.", msg.scriptpubkey.to_hex_string())));
5831 self.context.counterparty_shutdown_scriptpubkey = Some(msg.scriptpubkey.clone());
5834 // If we have any LocalAnnounced updates we'll probably just get back an update_fail_htlc
5835 // immediately after the commitment dance, but we can send a Shutdown because we won't send
5836 // any further commitment updates after we set LocalShutdownSent.
5837 let send_shutdown = !self.context.channel_state.is_local_shutdown_sent();
5839 let update_shutdown_script = match self.context.shutdown_scriptpubkey {
5842 assert!(send_shutdown);
5843 let shutdown_scriptpubkey = match signer_provider.get_shutdown_scriptpubkey() {
5844 Ok(scriptpubkey) => scriptpubkey,
5845 Err(_) => return Err(ChannelError::Close("Failed to get shutdown scriptpubkey".to_owned())),
5847 if !shutdown_scriptpubkey.is_compatible(their_features) {
5848 return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer: {}", shutdown_scriptpubkey)));
5850 self.context.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
5855 // From here on out, we may not fail!
5857 self.context.channel_state.set_remote_shutdown_sent();
5858 self.context.update_time_counter += 1;
5860 let monitor_update = if update_shutdown_script {
5861 self.context.latest_monitor_update_id += 1;
5862 let monitor_update = ChannelMonitorUpdate {
5863 update_id: self.context.latest_monitor_update_id,
5864 counterparty_node_id: Some(self.context.counterparty_node_id),
5865 updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
5866 scriptpubkey: self.get_closing_scriptpubkey(),
5868 channel_id: Some(self.context.channel_id()),
5870 self.monitor_updating_paused(false, false, false, Vec::new(), Vec::new(), Vec::new());
5871 self.push_ret_blockable_mon_update(monitor_update)
5873 let shutdown = if send_shutdown {
5874 Some(msgs::Shutdown {
5875 channel_id: self.context.channel_id,
5876 scriptpubkey: self.get_closing_scriptpubkey(),
5880 // We can't send our shutdown until we've committed all of our pending HTLCs, but the
5881 // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding
5882 // cell HTLCs and return them to fail the payment.
5883 self.context.holding_cell_update_fee = None;
5884 let mut dropped_outbound_htlcs = Vec::with_capacity(self.context.holding_cell_htlc_updates.len());
5885 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
5887 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, .. } => {
5888 dropped_outbound_htlcs.push((source.clone(), payment_hash.clone()));
5895 self.context.channel_state.set_local_shutdown_sent();
5896 self.context.update_time_counter += 1;
5898 Ok((shutdown, monitor_update, dropped_outbound_htlcs))
5901 fn build_signed_closing_transaction(&self, closing_tx: &ClosingTransaction, counterparty_sig: &Signature, sig: &Signature) -> Transaction {
5902 let mut tx = closing_tx.trust().built_transaction().clone();
5904 tx.input[0].witness.push(Vec::new()); // First is the multisig dummy
5906 let funding_key = self.context.get_holder_pubkeys().funding_pubkey.serialize();
5907 let counterparty_funding_key = self.context.counterparty_funding_pubkey().serialize();
5908 let mut holder_sig = sig.serialize_der().to_vec();
5909 holder_sig.push(EcdsaSighashType::All as u8);
5910 let mut cp_sig = counterparty_sig.serialize_der().to_vec();
5911 cp_sig.push(EcdsaSighashType::All as u8);
5912 if funding_key[..] < counterparty_funding_key[..] {
5913 tx.input[0].witness.push(holder_sig);
5914 tx.input[0].witness.push(cp_sig);
5916 tx.input[0].witness.push(cp_sig);
5917 tx.input[0].witness.push(holder_sig);
5920 tx.input[0].witness.push(self.context.get_funding_redeemscript().into_bytes());
5924 pub fn closing_signed<F: Deref>(
5925 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, msg: &msgs::ClosingSigned)
5926 -> Result<(Option<msgs::ClosingSigned>, Option<Transaction>, Option<ShutdownResult>), ChannelError>
5927 where F::Target: FeeEstimator
5929 if !self.context.channel_state.is_both_sides_shutdown() {
5930 return Err(ChannelError::Close("Remote end sent us a closing_signed before both sides provided a shutdown".to_owned()));
5932 if self.context.channel_state.is_peer_disconnected() {
5933 return Err(ChannelError::Close("Peer sent closing_signed when we needed a channel_reestablish".to_owned()));
5935 if !self.context.pending_inbound_htlcs.is_empty() || !self.context.pending_outbound_htlcs.is_empty() {
5936 return Err(ChannelError::Close("Remote end sent us a closing_signed while there were still pending HTLCs".to_owned()));
5938 if msg.fee_satoshis > TOTAL_BITCOIN_SUPPLY_SATOSHIS { // this is required to stop potential overflow in build_closing_transaction
5939 return Err(ChannelError::Close("Remote tried to send us a closing tx with > 21 million BTC fee".to_owned()));
5942 if self.context.is_outbound() && self.context.last_sent_closing_fee.is_none() {
5943 return Err(ChannelError::Close("Remote tried to send a closing_signed when we were supposed to propose the first one".to_owned()));
5946 if self.context.channel_state.is_monitor_update_in_progress() {
5947 self.context.pending_counterparty_closing_signed = Some(msg.clone());
5948 return Ok((None, None, None));
5951 let funding_redeemscript = self.context.get_funding_redeemscript();
5952 let (mut closing_tx, used_total_fee) = self.build_closing_transaction(msg.fee_satoshis, false);
5953 if used_total_fee != msg.fee_satoshis {
5954 return Err(ChannelError::Close(format!("Remote sent us a closing_signed with a fee other than the value they can claim. Fee in message: {}. Actual closing tx fee: {}", msg.fee_satoshis, used_total_fee)));
5956 let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.context.channel_value_satoshis);
5958 match self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.get_counterparty_pubkeys().funding_pubkey) {
5961 // The remote end may have decided to revoke their output due to inconsistent dust
5962 // limits, so check for that case by re-checking the signature here.
5963 closing_tx = self.build_closing_transaction(msg.fee_satoshis, true).0;
5964 let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.context.channel_value_satoshis);
5965 secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, self.context.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned());
5969 for outp in closing_tx.trust().built_transaction().output.iter() {
5970 if !outp.script_pubkey.is_witness_program() && outp.value < MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS {
5971 return Err(ChannelError::Close("Remote sent us a closing_signed with a dust output. Always use segwit closing scripts!".to_owned()));
5975 let closure_reason = if self.initiated_shutdown() {
5976 ClosureReason::LocallyInitiatedCooperativeClosure
5978 ClosureReason::CounterpartyInitiatedCooperativeClosure
5981 assert!(self.context.shutdown_scriptpubkey.is_some());
5982 if let Some((last_fee, sig)) = self.context.last_sent_closing_fee {
5983 if last_fee == msg.fee_satoshis {
5984 let shutdown_result = ShutdownResult {
5986 monitor_update: None,
5987 dropped_outbound_htlcs: Vec::new(),
5988 unbroadcasted_batch_funding_txid: self.context.unbroadcasted_batch_funding_txid(),
5989 channel_id: self.context.channel_id,
5990 user_channel_id: self.context.user_id,
5991 channel_capacity_satoshis: self.context.channel_value_satoshis,
5992 counterparty_node_id: self.context.counterparty_node_id,
5993 unbroadcasted_funding_tx: self.context.unbroadcasted_funding(),
5994 channel_funding_txo: self.context.get_funding_txo(),
5996 let tx = self.build_signed_closing_transaction(&mut closing_tx, &msg.signature, &sig);
5997 self.context.channel_state = ChannelState::ShutdownComplete;
5998 self.context.update_time_counter += 1;
5999 return Ok((None, Some(tx), Some(shutdown_result)));
6003 let (our_min_fee, our_max_fee) = self.calculate_closing_fee_limits(fee_estimator);
6005 macro_rules! propose_fee {
6006 ($new_fee: expr) => {
6007 let (closing_tx, used_fee) = if $new_fee == msg.fee_satoshis {
6008 (closing_tx, $new_fee)
6010 self.build_closing_transaction($new_fee, false)
6013 return match &self.context.holder_signer {
6014 ChannelSignerType::Ecdsa(ecdsa) => {
6016 .sign_closing_transaction(&closing_tx, &self.context.secp_ctx)
6017 .map_err(|_| ChannelError::Close("External signer refused to sign closing transaction".to_owned()))?;
6018 let (signed_tx, shutdown_result) = if $new_fee == msg.fee_satoshis {
6019 let shutdown_result = ShutdownResult {
6021 monitor_update: None,
6022 dropped_outbound_htlcs: Vec::new(),
6023 unbroadcasted_batch_funding_txid: self.context.unbroadcasted_batch_funding_txid(),
6024 channel_id: self.context.channel_id,
6025 user_channel_id: self.context.user_id,
6026 channel_capacity_satoshis: self.context.channel_value_satoshis,
6027 counterparty_node_id: self.context.counterparty_node_id,
6028 unbroadcasted_funding_tx: self.context.unbroadcasted_funding(),
6029 channel_funding_txo: self.context.get_funding_txo(),
6031 self.context.channel_state = ChannelState::ShutdownComplete;
6032 self.context.update_time_counter += 1;
6033 let tx = self.build_signed_closing_transaction(&closing_tx, &msg.signature, &sig);
6034 (Some(tx), Some(shutdown_result))
6039 self.context.last_sent_closing_fee = Some((used_fee, sig.clone()));
6040 Ok((Some(msgs::ClosingSigned {
6041 channel_id: self.context.channel_id,
6042 fee_satoshis: used_fee,
6044 fee_range: Some(msgs::ClosingSignedFeeRange {
6045 min_fee_satoshis: our_min_fee,
6046 max_fee_satoshis: our_max_fee,
6048 }), signed_tx, shutdown_result))
6050 // TODO (taproot|arik)
6057 if let Some(msgs::ClosingSignedFeeRange { min_fee_satoshis, max_fee_satoshis }) = msg.fee_range {
6058 if msg.fee_satoshis < min_fee_satoshis || msg.fee_satoshis > max_fee_satoshis {
6059 return Err(ChannelError::Close(format!("Peer sent a bogus closing_signed - suggested fee of {} sat was not in their desired range of {} sat - {} sat", msg.fee_satoshis, min_fee_satoshis, max_fee_satoshis)));
6061 if max_fee_satoshis < our_min_fee {
6062 return Err(ChannelError::Warn(format!("Unable to come to consensus about closing feerate, remote's max fee ({} sat) was smaller than our min fee ({} sat)", max_fee_satoshis, our_min_fee)));
6064 if min_fee_satoshis > our_max_fee {
6065 return Err(ChannelError::Warn(format!("Unable to come to consensus about closing feerate, remote's min fee ({} sat) was greater than our max fee ({} sat)", min_fee_satoshis, our_max_fee)));
6068 if !self.context.is_outbound() {
6069 // They have to pay, so pick the highest fee in the overlapping range.
6070 // We should never set an upper bound aside from their full balance
6071 debug_assert_eq!(our_max_fee, self.context.channel_value_satoshis - (self.context.value_to_self_msat + 999) / 1000);
6072 propose_fee!(cmp::min(max_fee_satoshis, our_max_fee));
6074 if msg.fee_satoshis < our_min_fee || msg.fee_satoshis > our_max_fee {
6075 return Err(ChannelError::Close(format!("Peer sent a bogus closing_signed - suggested fee of {} sat was not in our desired range of {} sat - {} sat after we informed them of our range.",
6076 msg.fee_satoshis, our_min_fee, our_max_fee)));
6078 // The proposed fee is in our acceptable range, accept it and broadcast!
6079 propose_fee!(msg.fee_satoshis);
6082 // Old fee style negotiation. We don't bother to enforce whether they are complying
6083 // with the "making progress" requirements, we just comply and hope for the best.
6084 if let Some((last_fee, _)) = self.context.last_sent_closing_fee {
6085 if msg.fee_satoshis > last_fee {
6086 if msg.fee_satoshis < our_max_fee {
6087 propose_fee!(msg.fee_satoshis);
6088 } else if last_fee < our_max_fee {
6089 propose_fee!(our_max_fee);
6091 return Err(ChannelError::Close(format!("Unable to come to consensus about closing feerate, remote wants something ({} sat) higher than our max fee ({} sat)", msg.fee_satoshis, our_max_fee)));
6094 if msg.fee_satoshis > our_min_fee {
6095 propose_fee!(msg.fee_satoshis);
6096 } else if last_fee > our_min_fee {
6097 propose_fee!(our_min_fee);
6099 return Err(ChannelError::Close(format!("Unable to come to consensus about closing feerate, remote wants something ({} sat) lower than our min fee ({} sat)", msg.fee_satoshis, our_min_fee)));
6103 if msg.fee_satoshis < our_min_fee {
6104 propose_fee!(our_min_fee);
6105 } else if msg.fee_satoshis > our_max_fee {
6106 propose_fee!(our_max_fee);
6108 propose_fee!(msg.fee_satoshis);
6114 fn internal_htlc_satisfies_config(
6115 &self, htlc: &msgs::UpdateAddHTLC, amt_to_forward: u64, outgoing_cltv_value: u32, config: &ChannelConfig,
6116 ) -> Result<(), (&'static str, u16)> {
6117 let fee = amt_to_forward.checked_mul(config.forwarding_fee_proportional_millionths as u64)
6118 .and_then(|prop_fee| (prop_fee / 1000000).checked_add(config.forwarding_fee_base_msat as u64));
6119 if fee.is_none() || htlc.amount_msat < fee.unwrap() ||
6120 (htlc.amount_msat - fee.unwrap()) < amt_to_forward {
6122 "Prior hop has deviated from specified fees parameters or origin node has obsolete ones",
6123 0x1000 | 12, // fee_insufficient
6126 if (htlc.cltv_expiry as u64) < outgoing_cltv_value as u64 + config.cltv_expiry_delta as u64 {
6128 "Forwarding node has tampered with the intended HTLC values or origin node has an obsolete cltv_expiry_delta",
6129 0x1000 | 13, // incorrect_cltv_expiry
6135 /// Determines whether the parameters of an incoming HTLC to be forwarded satisfy the channel's
6136 /// [`ChannelConfig`]. This first looks at the channel's current [`ChannelConfig`], and if
6137 /// unsuccessful, falls back to the previous one if one exists.
6138 pub fn htlc_satisfies_config(
6139 &self, htlc: &msgs::UpdateAddHTLC, amt_to_forward: u64, outgoing_cltv_value: u32,
6140 ) -> Result<(), (&'static str, u16)> {
6141 self.internal_htlc_satisfies_config(&htlc, amt_to_forward, outgoing_cltv_value, &self.context.config())
6143 if let Some(prev_config) = self.context.prev_config() {
6144 self.internal_htlc_satisfies_config(htlc, amt_to_forward, outgoing_cltv_value, &prev_config)
6151 pub fn get_cur_holder_commitment_transaction_number(&self) -> u64 {
6152 self.context.cur_holder_commitment_transaction_number + 1
6155 pub fn get_cur_counterparty_commitment_transaction_number(&self) -> u64 {
6156 self.context.cur_counterparty_commitment_transaction_number + 1 - if self.context.channel_state.is_awaiting_remote_revoke() { 1 } else { 0 }
6159 pub fn get_revoked_counterparty_commitment_transaction_number(&self) -> u64 {
6160 self.context.cur_counterparty_commitment_transaction_number + 2
6164 pub fn get_signer(&self) -> &ChannelSignerType<SP> {
6165 &self.context.holder_signer
6169 pub fn get_value_stat(&self) -> ChannelValueStat {
6171 value_to_self_msat: self.context.value_to_self_msat,
6172 channel_value_msat: self.context.channel_value_satoshis * 1000,
6173 channel_reserve_msat: self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000,
6174 pending_outbound_htlcs_amount_msat: self.context.pending_outbound_htlcs.iter().map(|ref h| h.amount_msat).sum::<u64>(),
6175 pending_inbound_htlcs_amount_msat: self.context.pending_inbound_htlcs.iter().map(|ref h| h.amount_msat).sum::<u64>(),
6176 holding_cell_outbound_amount_msat: {
6178 for h in self.context.holding_cell_htlc_updates.iter() {
6180 &HTLCUpdateAwaitingACK::AddHTLC{amount_msat, .. } => {
6188 counterparty_max_htlc_value_in_flight_msat: self.context.counterparty_max_htlc_value_in_flight_msat,
6189 counterparty_dust_limit_msat: self.context.counterparty_dust_limit_satoshis * 1000,
6193 /// Returns true if this channel has been marked as awaiting a monitor update to move forward.
6194 /// Allowed in any state (including after shutdown)
6195 pub fn is_awaiting_monitor_update(&self) -> bool {
6196 self.context.channel_state.is_monitor_update_in_progress()
6199 /// Gets the latest [`ChannelMonitorUpdate`] ID which has been released and is in-flight.
6200 pub fn get_latest_unblocked_monitor_update_id(&self) -> u64 {
6201 if self.context.blocked_monitor_updates.is_empty() { return self.context.get_latest_monitor_update_id(); }
6202 self.context.blocked_monitor_updates[0].update.update_id - 1
6205 /// Returns the next blocked monitor update, if one exists, and a bool which indicates a
6206 /// further blocked monitor update exists after the next.
6207 pub fn unblock_next_blocked_monitor_update(&mut self) -> Option<(ChannelMonitorUpdate, bool)> {
6208 if self.context.blocked_monitor_updates.is_empty() { return None; }
6209 Some((self.context.blocked_monitor_updates.remove(0).update,
6210 !self.context.blocked_monitor_updates.is_empty()))
6213 /// Pushes a new monitor update into our monitor update queue, returning it if it should be
6214 /// immediately given to the user for persisting or `None` if it should be held as blocked.
6215 fn push_ret_blockable_mon_update(&mut self, update: ChannelMonitorUpdate)
6216 -> Option<ChannelMonitorUpdate> {
6217 let release_monitor = self.context.blocked_monitor_updates.is_empty();
6218 if !release_monitor {
6219 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
6228 pub fn blocked_monitor_updates_pending(&self) -> usize {
6229 self.context.blocked_monitor_updates.len()
6232 /// Returns true if the channel is awaiting the persistence of the initial ChannelMonitor.
6233 /// If the channel is outbound, this implies we have not yet broadcasted the funding
6234 /// transaction. If the channel is inbound, this implies simply that the channel has not
6236 pub fn is_awaiting_initial_mon_persist(&self) -> bool {
6237 if !self.is_awaiting_monitor_update() { return false; }
6239 self.context.channel_state, ChannelState::AwaitingChannelReady(flags)
6240 if flags.clone().clear(AwaitingChannelReadyFlags::THEIR_CHANNEL_READY | FundedStateFlags::PEER_DISCONNECTED | FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS | AwaitingChannelReadyFlags::WAITING_FOR_BATCH).is_empty()
6242 // If we're not a 0conf channel, we'll be waiting on a monitor update with only
6243 // AwaitingChannelReady set, though our peer could have sent their channel_ready.
6244 debug_assert!(self.context.minimum_depth.unwrap_or(1) > 0);
6247 if self.context.cur_holder_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 &&
6248 self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 {
6249 // If we're a 0-conf channel, we'll move beyond AwaitingChannelReady immediately even while
6250 // waiting for the initial monitor persistence. Thus, we check if our commitment
6251 // transaction numbers have both been iterated only exactly once (for the
6252 // funding_signed), and we're awaiting monitor update.
6254 // If we got here, we shouldn't have yet broadcasted the funding transaction (as the
6255 // only way to get an awaiting-monitor-update state during initial funding is if the
6256 // initial monitor persistence is still pending).
6258 // Because deciding we're awaiting initial broadcast spuriously could result in
6259 // funds-loss (as we don't have a monitor, but have the funding transaction confirmed),
6260 // we hard-assert here, even in production builds.
6261 if self.context.is_outbound() { assert!(self.context.funding_transaction.is_some()); }
6262 assert!(self.context.monitor_pending_channel_ready);
6263 assert_eq!(self.context.latest_monitor_update_id, 0);
6269 /// Returns true if our channel_ready has been sent
6270 pub fn is_our_channel_ready(&self) -> bool {
6271 matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(flags) if flags.is_set(AwaitingChannelReadyFlags::OUR_CHANNEL_READY)) ||
6272 matches!(self.context.channel_state, ChannelState::ChannelReady(_))
6275 /// Returns true if our peer has either initiated or agreed to shut down the channel.
6276 pub fn received_shutdown(&self) -> bool {
6277 self.context.channel_state.is_remote_shutdown_sent()
6280 /// Returns true if we either initiated or agreed to shut down the channel.
6281 pub fn sent_shutdown(&self) -> bool {
6282 self.context.channel_state.is_local_shutdown_sent()
6285 /// Returns true if we initiated to shut down the channel.
6286 pub fn initiated_shutdown(&self) -> bool {
6287 self.context.local_initiated_shutdown.is_some()
6290 /// Returns true if this channel is fully shut down. True here implies that no further actions
6291 /// may/will be taken on this channel, and thus this object should be freed. Any future changes
6292 /// will be handled appropriately by the chain monitor.
6293 pub fn is_shutdown(&self) -> bool {
6294 matches!(self.context.channel_state, ChannelState::ShutdownComplete)
6297 pub fn channel_update_status(&self) -> ChannelUpdateStatus {
6298 self.context.channel_update_status
6301 pub fn set_channel_update_status(&mut self, status: ChannelUpdateStatus) {
6302 self.context.update_time_counter += 1;
6303 self.context.channel_update_status = status;
6306 fn check_get_channel_ready(&mut self, height: u32) -> Option<msgs::ChannelReady> {
6308 // * always when a new block/transactions are confirmed with the new height
6309 // * when funding is signed with a height of 0
6310 if self.context.funding_tx_confirmation_height == 0 && self.context.minimum_depth != Some(0) {
6314 let funding_tx_confirmations = height as i64 - self.context.funding_tx_confirmation_height as i64 + 1;
6315 if funding_tx_confirmations <= 0 {
6316 self.context.funding_tx_confirmation_height = 0;
6319 if funding_tx_confirmations < self.context.minimum_depth.unwrap_or(0) as i64 {
6323 // If we're still pending the signature on a funding transaction, then we're not ready to send a
6324 // channel_ready yet.
6325 if self.context.signer_pending_funding {
6329 // Note that we don't include ChannelState::WaitingForBatch as we don't want to send
6330 // channel_ready until the entire batch is ready.
6331 let need_commitment_update = if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()).is_empty()) {
6332 self.context.channel_state.set_our_channel_ready();
6334 } else if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()) == AwaitingChannelReadyFlags::THEIR_CHANNEL_READY) {
6335 self.context.channel_state = ChannelState::ChannelReady(self.context.channel_state.with_funded_state_flags_mask().into());
6336 self.context.update_time_counter += 1;
6338 } else if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()) == AwaitingChannelReadyFlags::OUR_CHANNEL_READY) {
6339 // We got a reorg but not enough to trigger a force close, just ignore.
6342 if self.context.funding_tx_confirmation_height != 0 &&
6343 self.context.channel_state < ChannelState::ChannelReady(ChannelReadyFlags::new())
6345 // We should never see a funding transaction on-chain until we've received
6346 // funding_signed (if we're an outbound channel), or seen funding_generated (if we're
6347 // an inbound channel - before that we have no known funding TXID). The fuzzer,
6348 // however, may do this and we shouldn't treat it as a bug.
6349 #[cfg(not(fuzzing))]
6350 panic!("Started confirming a channel in a state pre-AwaitingChannelReady: {}.\n\
6351 Do NOT broadcast a funding transaction manually - let LDK do it for you!",
6352 self.context.channel_state.to_u32());
6354 // We got a reorg but not enough to trigger a force close, just ignore.
6358 if need_commitment_update {
6359 if !self.context.channel_state.is_monitor_update_in_progress() {
6360 if !self.context.channel_state.is_peer_disconnected() {
6361 let next_per_commitment_point =
6362 self.context.holder_signer.as_ref().get_per_commitment_point(INITIAL_COMMITMENT_NUMBER - 1, &self.context.secp_ctx);
6363 return Some(msgs::ChannelReady {
6364 channel_id: self.context.channel_id,
6365 next_per_commitment_point,
6366 short_channel_id_alias: Some(self.context.outbound_scid_alias),
6370 self.context.monitor_pending_channel_ready = true;
6376 /// When a transaction is confirmed, we check whether it is or spends the funding transaction
6377 /// In the first case, we store the confirmation height and calculating the short channel id.
6378 /// In the second, we simply return an Err indicating we need to be force-closed now.
6379 pub fn transactions_confirmed<NS: Deref, L: Deref>(
6380 &mut self, block_hash: &BlockHash, height: u32, txdata: &TransactionData,
6381 chain_hash: ChainHash, node_signer: &NS, user_config: &UserConfig, logger: &L
6382 ) -> Result<(Option<msgs::ChannelReady>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6384 NS::Target: NodeSigner,
6387 let mut msgs = (None, None);
6388 if let Some(funding_txo) = self.context.get_funding_txo() {
6389 for &(index_in_block, tx) in txdata.iter() {
6390 // Check if the transaction is the expected funding transaction, and if it is,
6391 // check that it pays the right amount to the right script.
6392 if self.context.funding_tx_confirmation_height == 0 {
6393 if tx.txid() == funding_txo.txid {
6394 let txo_idx = funding_txo.index as usize;
6395 if txo_idx >= tx.output.len() || tx.output[txo_idx].script_pubkey != self.context.get_funding_redeemscript().to_v0_p2wsh() ||
6396 tx.output[txo_idx].value != self.context.channel_value_satoshis {
6397 if self.context.is_outbound() {
6398 // If we generated the funding transaction and it doesn't match what it
6399 // should, the client is really broken and we should just panic and
6400 // tell them off. That said, because hash collisions happen with high
6401 // probability in fuzzing mode, if we're fuzzing we just close the
6402 // channel and move on.
6403 #[cfg(not(fuzzing))]
6404 panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!");
6406 self.context.update_time_counter += 1;
6407 let err_reason = "funding tx had wrong script/value or output index";
6408 return Err(ClosureReason::ProcessingError { err: err_reason.to_owned() });
6410 if self.context.is_outbound() {
6411 if !tx.is_coin_base() {
6412 for input in tx.input.iter() {
6413 if input.witness.is_empty() {
6414 // We generated a malleable funding transaction, implying we've
6415 // just exposed ourselves to funds loss to our counterparty.
6416 #[cfg(not(fuzzing))]
6417 panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!");
6422 self.context.funding_tx_confirmation_height = height;
6423 self.context.funding_tx_confirmed_in = Some(*block_hash);
6424 self.context.short_channel_id = match scid_from_parts(height as u64, index_in_block as u64, txo_idx as u64) {
6425 Ok(scid) => Some(scid),
6426 Err(_) => panic!("Block was bogus - either height was > 16 million, had > 16 million transactions, or had > 65k outputs"),
6429 // If this is a coinbase transaction and not a 0-conf channel
6430 // we should update our min_depth to 100 to handle coinbase maturity
6431 if tx.is_coin_base() &&
6432 self.context.minimum_depth.unwrap_or(0) > 0 &&
6433 self.context.minimum_depth.unwrap_or(0) < COINBASE_MATURITY {
6434 self.context.minimum_depth = Some(COINBASE_MATURITY);
6437 // If we allow 1-conf funding, we may need to check for channel_ready here and
6438 // send it immediately instead of waiting for a best_block_updated call (which
6439 // may have already happened for this block).
6440 if let Some(channel_ready) = self.check_get_channel_ready(height) {
6441 log_info!(logger, "Sending a channel_ready to our peer for channel {}", &self.context.channel_id);
6442 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger);
6443 msgs = (Some(channel_ready), announcement_sigs);
6446 for inp in tx.input.iter() {
6447 if inp.previous_output == funding_txo.into_bitcoin_outpoint() {
6448 log_info!(logger, "Detected channel-closing tx {} spending {}:{}, closing channel {}", tx.txid(), inp.previous_output.txid, inp.previous_output.vout, &self.context.channel_id());
6449 return Err(ClosureReason::CommitmentTxConfirmed);
6457 /// When a new block is connected, we check the height of the block against outbound holding
6458 /// cell HTLCs in case we need to give up on them prematurely and time them out. Everything
6459 /// else (e.g. commitment transaction broadcasts, HTLC transaction broadcasting, etc) is
6460 /// handled by the ChannelMonitor.
6462 /// If we return Err, the channel may have been closed, at which point the standard
6463 /// requirements apply - no calls may be made except those explicitly stated to be allowed
6466 /// May return some HTLCs (and their payment_hash) which have timed out and should be failed
6468 pub fn best_block_updated<NS: Deref, L: Deref>(
6469 &mut self, height: u32, highest_header_time: u32, chain_hash: ChainHash,
6470 node_signer: &NS, user_config: &UserConfig, logger: &L
6471 ) -> Result<(Option<msgs::ChannelReady>, Vec<(HTLCSource, PaymentHash)>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6473 NS::Target: NodeSigner,
6476 self.do_best_block_updated(height, highest_header_time, Some((chain_hash, node_signer, user_config)), logger)
6479 fn do_best_block_updated<NS: Deref, L: Deref>(
6480 &mut self, height: u32, highest_header_time: u32,
6481 chain_node_signer: Option<(ChainHash, &NS, &UserConfig)>, logger: &L
6482 ) -> Result<(Option<msgs::ChannelReady>, Vec<(HTLCSource, PaymentHash)>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6484 NS::Target: NodeSigner,
6487 let mut timed_out_htlcs = Vec::new();
6488 // This mirrors the check in ChannelManager::decode_update_add_htlc_onion, refusing to
6489 // forward an HTLC when our counterparty should almost certainly just fail it for expiring
6491 let unforwarded_htlc_cltv_limit = height + LATENCY_GRACE_PERIOD_BLOCKS;
6492 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
6494 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, ref cltv_expiry, .. } => {
6495 if *cltv_expiry <= unforwarded_htlc_cltv_limit {
6496 timed_out_htlcs.push((source.clone(), payment_hash.clone()));
6504 self.context.update_time_counter = cmp::max(self.context.update_time_counter, highest_header_time);
6506 if let Some(channel_ready) = self.check_get_channel_ready(height) {
6507 let announcement_sigs = if let Some((chain_hash, node_signer, user_config)) = chain_node_signer {
6508 self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger)
6510 log_info!(logger, "Sending a channel_ready to our peer for channel {}", &self.context.channel_id);
6511 return Ok((Some(channel_ready), timed_out_htlcs, announcement_sigs));
6514 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) ||
6515 self.context.channel_state.is_our_channel_ready() {
6516 let mut funding_tx_confirmations = height as i64 - self.context.funding_tx_confirmation_height as i64 + 1;
6517 if self.context.funding_tx_confirmation_height == 0 {
6518 // Note that check_get_channel_ready may reset funding_tx_confirmation_height to
6519 // zero if it has been reorged out, however in either case, our state flags
6520 // indicate we've already sent a channel_ready
6521 funding_tx_confirmations = 0;
6524 // If we've sent channel_ready (or have both sent and received channel_ready), and
6525 // the funding transaction has become unconfirmed,
6526 // close the channel and hope we can get the latest state on chain (because presumably
6527 // the funding transaction is at least still in the mempool of most nodes).
6529 // Note that ideally we wouldn't force-close if we see *any* reorg on a 1-conf or
6530 // 0-conf channel, but not doing so may lead to the
6531 // `ChannelManager::short_to_chan_info` map being inconsistent, so we currently have
6533 if funding_tx_confirmations == 0 && self.context.funding_tx_confirmed_in.is_some() {
6534 let err_reason = format!("Funding transaction was un-confirmed. Locked at {} confs, now have {} confs.",
6535 self.context.minimum_depth.unwrap(), funding_tx_confirmations);
6536 return Err(ClosureReason::ProcessingError { err: err_reason });
6538 } else if !self.context.is_outbound() && self.context.funding_tx_confirmed_in.is_none() &&
6539 height >= self.context.channel_creation_height + FUNDING_CONF_DEADLINE_BLOCKS {
6540 log_info!(logger, "Closing channel {} due to funding timeout", &self.context.channel_id);
6541 // If funding_tx_confirmed_in is unset, the channel must not be active
6542 assert!(self.context.channel_state <= ChannelState::ChannelReady(ChannelReadyFlags::new()));
6543 assert!(!self.context.channel_state.is_our_channel_ready());
6544 return Err(ClosureReason::FundingTimedOut);
6547 let announcement_sigs = if let Some((chain_hash, node_signer, user_config)) = chain_node_signer {
6548 self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger)
6550 Ok((None, timed_out_htlcs, announcement_sigs))
6553 /// Indicates the funding transaction is no longer confirmed in the main chain. This may
6554 /// force-close the channel, but may also indicate a harmless reorganization of a block or two
6555 /// before the channel has reached channel_ready and we can just wait for more blocks.
6556 pub fn funding_transaction_unconfirmed<L: Deref>(&mut self, logger: &L) -> Result<(), ClosureReason> where L::Target: Logger {
6557 if self.context.funding_tx_confirmation_height != 0 {
6558 // We handle the funding disconnection by calling best_block_updated with a height one
6559 // below where our funding was connected, implying a reorg back to conf_height - 1.
6560 let reorg_height = self.context.funding_tx_confirmation_height - 1;
6561 // We use the time field to bump the current time we set on channel updates if its
6562 // larger. If we don't know that time has moved forward, we can just set it to the last
6563 // time we saw and it will be ignored.
6564 let best_time = self.context.update_time_counter;
6565 match self.do_best_block_updated(reorg_height, best_time, None::<(ChainHash, &&dyn NodeSigner, &UserConfig)>, logger) {
6566 Ok((channel_ready, timed_out_htlcs, announcement_sigs)) => {
6567 assert!(channel_ready.is_none(), "We can't generate a funding with 0 confirmations?");
6568 assert!(timed_out_htlcs.is_empty(), "We can't have accepted HTLCs with a timeout before our funding confirmation?");
6569 assert!(announcement_sigs.is_none(), "We can't generate an announcement_sigs with 0 confirmations?");
6575 // We never learned about the funding confirmation anyway, just ignore
6580 // Methods to get unprompted messages to send to the remote end (or where we already returned
6581 // something in the handler for the message that prompted this message):
6583 /// Gets an UnsignedChannelAnnouncement for this channel. The channel must be publicly
6584 /// announceable and available for use (have exchanged [`ChannelReady`] messages in both
6585 /// directions). Should be used for both broadcasted announcements and in response to an
6586 /// AnnouncementSignatures message from the remote peer.
6588 /// Will only fail if we're not in a state where channel_announcement may be sent (including
6591 /// This will only return ChannelError::Ignore upon failure.
6593 /// [`ChannelReady`]: crate::ln::msgs::ChannelReady
6594 fn get_channel_announcement<NS: Deref>(
6595 &self, node_signer: &NS, chain_hash: ChainHash, user_config: &UserConfig,
6596 ) -> Result<msgs::UnsignedChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6597 if !self.context.config.announced_channel {
6598 return Err(ChannelError::Ignore("Channel is not available for public announcements".to_owned()));
6600 if !self.context.is_usable() {
6601 return Err(ChannelError::Ignore("Cannot get a ChannelAnnouncement if the channel is not currently usable".to_owned()));
6604 let short_channel_id = self.context.get_short_channel_id()
6605 .ok_or(ChannelError::Ignore("Cannot get a ChannelAnnouncement if the channel has not been confirmed yet".to_owned()))?;
6606 let node_id = NodeId::from_pubkey(&node_signer.get_node_id(Recipient::Node)
6607 .map_err(|_| ChannelError::Ignore("Failed to retrieve own public key".to_owned()))?);
6608 let counterparty_node_id = NodeId::from_pubkey(&self.context.get_counterparty_node_id());
6609 let were_node_one = node_id.as_slice() < counterparty_node_id.as_slice();
6611 let msg = msgs::UnsignedChannelAnnouncement {
6612 features: channelmanager::provided_channel_features(&user_config),
6615 node_id_1: if were_node_one { node_id } else { counterparty_node_id },
6616 node_id_2: if were_node_one { counterparty_node_id } else { node_id },
6617 bitcoin_key_1: NodeId::from_pubkey(if were_node_one { &self.context.get_holder_pubkeys().funding_pubkey } else { self.context.counterparty_funding_pubkey() }),
6618 bitcoin_key_2: NodeId::from_pubkey(if were_node_one { self.context.counterparty_funding_pubkey() } else { &self.context.get_holder_pubkeys().funding_pubkey }),
6619 excess_data: Vec::new(),
6625 fn get_announcement_sigs<NS: Deref, L: Deref>(
6626 &mut self, node_signer: &NS, chain_hash: ChainHash, user_config: &UserConfig,
6627 best_block_height: u32, logger: &L
6628 ) -> Option<msgs::AnnouncementSignatures>
6630 NS::Target: NodeSigner,
6633 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6637 if !self.context.is_usable() {
6641 if self.context.channel_state.is_peer_disconnected() {
6642 log_trace!(logger, "Cannot create an announcement_signatures as our peer is disconnected");
6646 if self.context.announcement_sigs_state != AnnouncementSigsState::NotSent {
6650 log_trace!(logger, "Creating an announcement_signatures message for channel {}", &self.context.channel_id());
6651 let announcement = match self.get_channel_announcement(node_signer, chain_hash, user_config) {
6654 log_trace!(logger, "{:?}", e);
6658 let our_node_sig = match node_signer.sign_gossip_message(msgs::UnsignedGossipMessage::ChannelAnnouncement(&announcement)) {
6660 log_error!(logger, "Failed to generate node signature for channel_announcement. Channel will not be announced!");
6665 match &self.context.holder_signer {
6666 ChannelSignerType::Ecdsa(ecdsa) => {
6667 let our_bitcoin_sig = match ecdsa.sign_channel_announcement_with_funding_key(&announcement, &self.context.secp_ctx) {
6669 log_error!(logger, "Signer rejected channel_announcement signing. Channel will not be announced!");
6674 let short_channel_id = match self.context.get_short_channel_id() {
6676 None => return None,
6679 self.context.announcement_sigs_state = AnnouncementSigsState::MessageSent;
6681 Some(msgs::AnnouncementSignatures {
6682 channel_id: self.context.channel_id(),
6684 node_signature: our_node_sig,
6685 bitcoin_signature: our_bitcoin_sig,
6688 // TODO (taproot|arik)
6694 /// Signs the given channel announcement, returning a ChannelError::Ignore if no keys are
6696 fn sign_channel_announcement<NS: Deref>(
6697 &self, node_signer: &NS, announcement: msgs::UnsignedChannelAnnouncement
6698 ) -> Result<msgs::ChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6699 if let Some((their_node_sig, their_bitcoin_sig)) = self.context.announcement_sigs {
6700 let our_node_key = NodeId::from_pubkey(&node_signer.get_node_id(Recipient::Node)
6701 .map_err(|_| ChannelError::Ignore("Signer failed to retrieve own public key".to_owned()))?);
6702 let were_node_one = announcement.node_id_1 == our_node_key;
6704 let our_node_sig = node_signer.sign_gossip_message(msgs::UnsignedGossipMessage::ChannelAnnouncement(&announcement))
6705 .map_err(|_| ChannelError::Ignore("Failed to generate node signature for channel_announcement".to_owned()))?;
6706 match &self.context.holder_signer {
6707 ChannelSignerType::Ecdsa(ecdsa) => {
6708 let our_bitcoin_sig = ecdsa.sign_channel_announcement_with_funding_key(&announcement, &self.context.secp_ctx)
6709 .map_err(|_| ChannelError::Ignore("Signer rejected channel_announcement".to_owned()))?;
6710 Ok(msgs::ChannelAnnouncement {
6711 node_signature_1: if were_node_one { our_node_sig } else { their_node_sig },
6712 node_signature_2: if were_node_one { their_node_sig } else { our_node_sig },
6713 bitcoin_signature_1: if were_node_one { our_bitcoin_sig } else { their_bitcoin_sig },
6714 bitcoin_signature_2: if were_node_one { their_bitcoin_sig } else { our_bitcoin_sig },
6715 contents: announcement,
6718 // TODO (taproot|arik)
6723 Err(ChannelError::Ignore("Attempted to sign channel announcement before we'd received announcement_signatures".to_string()))
6727 /// Processes an incoming announcement_signatures message, providing a fully-signed
6728 /// channel_announcement message which we can broadcast and storing our counterparty's
6729 /// signatures for later reconstruction/rebroadcast of the channel_announcement.
6730 pub fn announcement_signatures<NS: Deref>(
6731 &mut self, node_signer: &NS, chain_hash: ChainHash, best_block_height: u32,
6732 msg: &msgs::AnnouncementSignatures, user_config: &UserConfig
6733 ) -> Result<msgs::ChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6734 let announcement = self.get_channel_announcement(node_signer, chain_hash, user_config)?;
6736 let msghash = hash_to_message!(&Sha256d::hash(&announcement.encode()[..])[..]);
6738 if self.context.secp_ctx.verify_ecdsa(&msghash, &msg.node_signature, &self.context.get_counterparty_node_id()).is_err() {
6739 return Err(ChannelError::Close(format!(
6740 "Bad announcement_signatures. Failed to verify node_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_node_key is {:?}",
6741 &announcement, self.context.get_counterparty_node_id())));
6743 if self.context.secp_ctx.verify_ecdsa(&msghash, &msg.bitcoin_signature, self.context.counterparty_funding_pubkey()).is_err() {
6744 return Err(ChannelError::Close(format!(
6745 "Bad announcement_signatures. Failed to verify bitcoin_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_bitcoin_key is ({:?})",
6746 &announcement, self.context.counterparty_funding_pubkey())));
6749 self.context.announcement_sigs = Some((msg.node_signature, msg.bitcoin_signature));
6750 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6751 return Err(ChannelError::Ignore(
6752 "Got announcement_signatures prior to the required six confirmations - we may not have received a block yet that our peer has".to_owned()));
6755 self.sign_channel_announcement(node_signer, announcement)
6758 /// Gets a signed channel_announcement for this channel, if we previously received an
6759 /// announcement_signatures from our counterparty.
6760 pub fn get_signed_channel_announcement<NS: Deref>(
6761 &self, node_signer: &NS, chain_hash: ChainHash, best_block_height: u32, user_config: &UserConfig
6762 ) -> Option<msgs::ChannelAnnouncement> where NS::Target: NodeSigner {
6763 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6766 let announcement = match self.get_channel_announcement(node_signer, chain_hash, user_config) {
6768 Err(_) => return None,
6770 match self.sign_channel_announcement(node_signer, announcement) {
6771 Ok(res) => Some(res),
6776 /// May panic if called on a channel that wasn't immediately-previously
6777 /// self.remove_uncommitted_htlcs_and_mark_paused()'d
6778 pub fn get_channel_reestablish<L: Deref>(&mut self, logger: &L) -> msgs::ChannelReestablish where L::Target: Logger {
6779 assert!(self.context.channel_state.is_peer_disconnected());
6780 assert_ne!(self.context.cur_counterparty_commitment_transaction_number, INITIAL_COMMITMENT_NUMBER);
6781 // Prior to static_remotekey, my_current_per_commitment_point was critical to claiming
6782 // current to_remote balances. However, it no longer has any use, and thus is now simply
6783 // set to a dummy (but valid, as required by the spec) public key.
6784 // fuzzing mode marks a subset of pubkeys as invalid so that we can hit "invalid pubkey"
6785 // branches, but we unwrap it below, so we arbitrarily select a dummy pubkey which is both
6786 // valid, and valid in fuzzing mode's arbitrary validity criteria:
6787 let mut pk = [2; 33]; pk[1] = 0xff;
6788 let dummy_pubkey = PublicKey::from_slice(&pk).unwrap();
6789 let remote_last_secret = if self.context.cur_counterparty_commitment_transaction_number + 1 < INITIAL_COMMITMENT_NUMBER {
6790 let remote_last_secret = self.context.commitment_secrets.get_secret(self.context.cur_counterparty_commitment_transaction_number + 2).unwrap();
6791 log_trace!(logger, "Enough info to generate a Data Loss Protect with per_commitment_secret {} for channel {}", log_bytes!(remote_last_secret), &self.context.channel_id());
6794 log_info!(logger, "Sending a data_loss_protect with no previous remote per_commitment_secret for channel {}", &self.context.channel_id());
6797 self.mark_awaiting_response();
6798 msgs::ChannelReestablish {
6799 channel_id: self.context.channel_id(),
6800 // The protocol has two different commitment number concepts - the "commitment
6801 // transaction number", which starts from 0 and counts up, and the "revocation key
6802 // index" which starts at INITIAL_COMMITMENT_NUMBER and counts down. We track
6803 // commitment transaction numbers by the index which will be used to reveal the
6804 // revocation key for that commitment transaction, which means we have to convert them
6805 // to protocol-level commitment numbers here...
6807 // next_local_commitment_number is the next commitment_signed number we expect to
6808 // receive (indicating if they need to resend one that we missed).
6809 next_local_commitment_number: INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number,
6810 // We have to set next_remote_commitment_number to the next revoke_and_ack we expect to
6811 // receive, however we track it by the next commitment number for a remote transaction
6812 // (which is one further, as they always revoke previous commitment transaction, not
6813 // the one we send) so we have to decrement by 1. Note that if
6814 // cur_counterparty_commitment_transaction_number is INITIAL_COMMITMENT_NUMBER we will have
6815 // dropped this channel on disconnect as it hasn't yet reached AwaitingChannelReady so we can't
6817 next_remote_commitment_number: INITIAL_COMMITMENT_NUMBER - self.context.cur_counterparty_commitment_transaction_number - 1,
6818 your_last_per_commitment_secret: remote_last_secret,
6819 my_current_per_commitment_point: dummy_pubkey,
6820 // TODO(dual_funding): If we've sent `commtiment_signed` for an interactive transaction
6821 // construction but have not received `tx_signatures` we MUST set `next_funding_txid` to the
6822 // txid of that interactive transaction, else we MUST NOT set it.
6823 next_funding_txid: None,
6828 // Send stuff to our remote peers:
6830 /// Queues up an outbound HTLC to send by placing it in the holding cell. You should call
6831 /// [`Self::maybe_free_holding_cell_htlcs`] in order to actually generate and send the
6832 /// commitment update.
6834 /// `Err`s will only be [`ChannelError::Ignore`].
6835 pub fn queue_add_htlc<F: Deref, L: Deref>(
6836 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource,
6837 onion_routing_packet: msgs::OnionPacket, skimmed_fee_msat: Option<u64>,
6838 blinding_point: Option<PublicKey>, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
6839 ) -> Result<(), ChannelError>
6840 where F::Target: FeeEstimator, L::Target: Logger
6843 .send_htlc(amount_msat, payment_hash, cltv_expiry, source, onion_routing_packet, true,
6844 skimmed_fee_msat, blinding_point, fee_estimator, logger)
6845 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
6847 if let ChannelError::Ignore(_) = err { /* fine */ }
6848 else { debug_assert!(false, "Queueing cannot trigger channel failure"); }
6853 /// Adds a pending outbound HTLC to this channel, note that you probably want
6854 /// [`Self::send_htlc_and_commit`] instead cause you'll want both messages at once.
6856 /// This returns an optional UpdateAddHTLC as we may be in a state where we cannot add HTLCs on
6858 /// * In cases where we're waiting on the remote peer to send us a revoke_and_ack, we
6859 /// wouldn't be able to determine what they actually ACK'ed if we have two sets of updates
6861 /// * In cases where we're marked MonitorUpdateInProgress, we cannot commit to a new state as
6862 /// we may not yet have sent the previous commitment update messages and will need to
6863 /// regenerate them.
6865 /// You MUST call [`Self::send_commitment_no_state_update`] prior to calling any other methods
6866 /// on this [`Channel`] if `force_holding_cell` is false.
6868 /// `Err`s will only be [`ChannelError::Ignore`].
6869 fn send_htlc<F: Deref, L: Deref>(
6870 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource,
6871 onion_routing_packet: msgs::OnionPacket, mut force_holding_cell: bool,
6872 skimmed_fee_msat: Option<u64>, blinding_point: Option<PublicKey>,
6873 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
6874 ) -> Result<Option<msgs::UpdateAddHTLC>, ChannelError>
6875 where F::Target: FeeEstimator, L::Target: Logger
6877 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) ||
6878 self.context.channel_state.is_local_shutdown_sent() ||
6879 self.context.channel_state.is_remote_shutdown_sent()
6881 return Err(ChannelError::Ignore("Cannot send HTLC until channel is fully established and we haven't started shutting down".to_owned()));
6883 let channel_total_msat = self.context.channel_value_satoshis * 1000;
6884 if amount_msat > channel_total_msat {
6885 return Err(ChannelError::Ignore(format!("Cannot send amount {}, because it is more than the total value of the channel {}", amount_msat, channel_total_msat)));
6888 if amount_msat == 0 {
6889 return Err(ChannelError::Ignore("Cannot send 0-msat HTLC".to_owned()));
6892 let available_balances = self.context.get_available_balances(fee_estimator);
6893 if amount_msat < available_balances.next_outbound_htlc_minimum_msat {
6894 return Err(ChannelError::Ignore(format!("Cannot send less than our next-HTLC minimum - {} msat",
6895 available_balances.next_outbound_htlc_minimum_msat)));
6898 if amount_msat > available_balances.next_outbound_htlc_limit_msat {
6899 return Err(ChannelError::Ignore(format!("Cannot send more than our next-HTLC maximum - {} msat",
6900 available_balances.next_outbound_htlc_limit_msat)));
6903 if self.context.channel_state.is_peer_disconnected() {
6904 // Note that this should never really happen, if we're !is_live() on receipt of an
6905 // incoming HTLC for relay will result in us rejecting the HTLC and we won't allow
6906 // the user to send directly into a !is_live() channel. However, if we
6907 // disconnected during the time the previous hop was doing the commitment dance we may
6908 // end up getting here after the forwarding delay. In any case, returning an
6909 // IgnoreError will get ChannelManager to do the right thing and fail backwards now.
6910 return Err(ChannelError::Ignore("Cannot send an HTLC while disconnected from channel counterparty".to_owned()));
6913 let need_holding_cell = !self.context.channel_state.can_generate_new_commitment();
6914 log_debug!(logger, "Pushing new outbound HTLC with hash {} for {} msat {}",
6915 payment_hash, amount_msat,
6916 if force_holding_cell { "into holding cell" }
6917 else if need_holding_cell { "into holding cell as we're awaiting an RAA or monitor" }
6918 else { "to peer" });
6920 if need_holding_cell {
6921 force_holding_cell = true;
6924 // Now update local state:
6925 if force_holding_cell {
6926 self.context.holding_cell_htlc_updates.push(HTLCUpdateAwaitingACK::AddHTLC {
6931 onion_routing_packet,
6938 self.context.pending_outbound_htlcs.push(OutboundHTLCOutput {
6939 htlc_id: self.context.next_holder_htlc_id,
6941 payment_hash: payment_hash.clone(),
6943 state: OutboundHTLCState::LocalAnnounced(Box::new(onion_routing_packet.clone())),
6949 let res = msgs::UpdateAddHTLC {
6950 channel_id: self.context.channel_id,
6951 htlc_id: self.context.next_holder_htlc_id,
6955 onion_routing_packet,
6959 self.context.next_holder_htlc_id += 1;
6964 fn build_commitment_no_status_check<L: Deref>(&mut self, logger: &L) -> ChannelMonitorUpdate where L::Target: Logger {
6965 log_trace!(logger, "Updating HTLC state for a newly-sent commitment_signed...");
6966 // We can upgrade the status of some HTLCs that are waiting on a commitment, even if we
6967 // fail to generate this, we still are at least at a position where upgrading their status
6969 for htlc in self.context.pending_inbound_htlcs.iter_mut() {
6970 let new_state = if let &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref forward_info) = &htlc.state {
6971 Some(InboundHTLCState::AwaitingAnnouncedRemoteRevoke(forward_info.clone()))
6973 if let Some(state) = new_state {
6974 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce {} to AwaitingAnnouncedRemoteRevoke", &htlc.payment_hash);
6978 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
6979 if let &mut OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref mut outcome) = &mut htlc.state {
6980 log_trace!(logger, " ...promoting outbound AwaitingRemoteRevokeToRemove {} to AwaitingRemovedRemoteRevoke", &htlc.payment_hash);
6981 // Grab the preimage, if it exists, instead of cloning
6982 let mut reason = OutboundHTLCOutcome::Success(None);
6983 mem::swap(outcome, &mut reason);
6984 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(reason);
6987 if let Some((feerate, update_state)) = self.context.pending_update_fee {
6988 if update_state == FeeUpdateState::AwaitingRemoteRevokeToAnnounce {
6989 debug_assert!(!self.context.is_outbound());
6990 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce fee update {} to Committed", feerate);
6991 self.context.feerate_per_kw = feerate;
6992 self.context.pending_update_fee = None;
6995 self.context.resend_order = RAACommitmentOrder::RevokeAndACKFirst;
6997 let (mut htlcs_ref, counterparty_commitment_tx) =
6998 self.build_commitment_no_state_update(logger);
6999 let counterparty_commitment_txid = counterparty_commitment_tx.trust().txid();
7000 let htlcs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)> =
7001 htlcs_ref.drain(..).map(|(htlc, htlc_source)| (htlc, htlc_source.map(|source_ref| Box::new(source_ref.clone())))).collect();
7003 if self.context.announcement_sigs_state == AnnouncementSigsState::MessageSent {
7004 self.context.announcement_sigs_state = AnnouncementSigsState::Committed;
7007 self.context.latest_monitor_update_id += 1;
7008 let monitor_update = ChannelMonitorUpdate {
7009 update_id: self.context.latest_monitor_update_id,
7010 counterparty_node_id: Some(self.context.counterparty_node_id),
7011 updates: vec![ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo {
7012 commitment_txid: counterparty_commitment_txid,
7013 htlc_outputs: htlcs.clone(),
7014 commitment_number: self.context.cur_counterparty_commitment_transaction_number,
7015 their_per_commitment_point: self.context.counterparty_cur_commitment_point.unwrap(),
7016 feerate_per_kw: Some(counterparty_commitment_tx.feerate_per_kw()),
7017 to_broadcaster_value_sat: Some(counterparty_commitment_tx.to_broadcaster_value_sat()),
7018 to_countersignatory_value_sat: Some(counterparty_commitment_tx.to_countersignatory_value_sat()),
7020 channel_id: Some(self.context.channel_id()),
7022 self.context.channel_state.set_awaiting_remote_revoke();
7026 fn build_commitment_no_state_update<L: Deref>(&self, logger: &L)
7027 -> (Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)>, CommitmentTransaction)
7028 where L::Target: Logger
7030 let counterparty_keys = self.context.build_remote_transaction_keys();
7031 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, true, logger);
7032 let counterparty_commitment_tx = commitment_stats.tx;
7034 #[cfg(any(test, fuzzing))]
7036 if !self.context.is_outbound() {
7037 let projected_commit_tx_info = self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap().take();
7038 *self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = None;
7039 if let Some(info) = projected_commit_tx_info {
7040 let total_pending_htlcs = self.context.pending_inbound_htlcs.len() + self.context.pending_outbound_htlcs.len();
7041 if info.total_pending_htlcs == total_pending_htlcs
7042 && info.next_holder_htlc_id == self.context.next_holder_htlc_id
7043 && info.next_counterparty_htlc_id == self.context.next_counterparty_htlc_id
7044 && info.feerate == self.context.feerate_per_kw {
7045 let actual_fee = commit_tx_fee_msat(self.context.feerate_per_kw, commitment_stats.num_nondust_htlcs, self.context.get_channel_type());
7046 assert_eq!(actual_fee, info.fee);
7052 (commitment_stats.htlcs_included, counterparty_commitment_tx)
7055 /// Only fails in case of signer rejection. Used for channel_reestablish commitment_signed
7056 /// generation when we shouldn't change HTLC/channel state.
7057 fn send_commitment_no_state_update<L: Deref>(&self, logger: &L) -> Result<(msgs::CommitmentSigned, (Txid, Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)>)), ChannelError> where L::Target: Logger {
7058 // Get the fee tests from `build_commitment_no_state_update`
7059 #[cfg(any(test, fuzzing))]
7060 self.build_commitment_no_state_update(logger);
7062 let counterparty_keys = self.context.build_remote_transaction_keys();
7063 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, true, logger);
7064 let counterparty_commitment_txid = commitment_stats.tx.trust().txid();
7066 match &self.context.holder_signer {
7067 ChannelSignerType::Ecdsa(ecdsa) => {
7068 let (signature, htlc_signatures);
7071 let mut htlcs = Vec::with_capacity(commitment_stats.htlcs_included.len());
7072 for &(ref htlc, _) in commitment_stats.htlcs_included.iter() {
7076 let res = ecdsa.sign_counterparty_commitment(
7077 &commitment_stats.tx,
7078 commitment_stats.inbound_htlc_preimages,
7079 commitment_stats.outbound_htlc_preimages,
7080 &self.context.secp_ctx,
7081 ).map_err(|_| ChannelError::Ignore("Failed to get signatures for new commitment_signed".to_owned()))?;
7083 htlc_signatures = res.1;
7085 log_trace!(logger, "Signed remote commitment tx {} (txid {}) with redeemscript {} -> {} in channel {}",
7086 encode::serialize_hex(&commitment_stats.tx.trust().built_transaction().transaction),
7087 &counterparty_commitment_txid, encode::serialize_hex(&self.context.get_funding_redeemscript()),
7088 log_bytes!(signature.serialize_compact()[..]), &self.context.channel_id());
7090 for (ref htlc_sig, ref htlc) in htlc_signatures.iter().zip(htlcs) {
7091 log_trace!(logger, "Signed remote HTLC tx {} with redeemscript {} with pubkey {} -> {} in channel {}",
7092 encode::serialize_hex(&chan_utils::build_htlc_transaction(&counterparty_commitment_txid, commitment_stats.feerate_per_kw, self.context.get_holder_selected_contest_delay(), htlc, &self.context.channel_type, &counterparty_keys.broadcaster_delayed_payment_key, &counterparty_keys.revocation_key)),
7093 encode::serialize_hex(&chan_utils::get_htlc_redeemscript(&htlc, &self.context.channel_type, &counterparty_keys)),
7094 log_bytes!(counterparty_keys.broadcaster_htlc_key.to_public_key().serialize()),
7095 log_bytes!(htlc_sig.serialize_compact()[..]), &self.context.channel_id());
7099 Ok((msgs::CommitmentSigned {
7100 channel_id: self.context.channel_id,
7104 partial_signature_with_nonce: None,
7105 }, (counterparty_commitment_txid, commitment_stats.htlcs_included)))
7107 // TODO (taproot|arik)
7113 /// Adds a pending outbound HTLC to this channel, and builds a new remote commitment
7114 /// transaction and generates the corresponding [`ChannelMonitorUpdate`] in one go.
7116 /// Shorthand for calling [`Self::send_htlc`] followed by a commitment update, see docs on
7117 /// [`Self::send_htlc`] and [`Self::build_commitment_no_state_update`] for more info.
7118 pub fn send_htlc_and_commit<F: Deref, L: Deref>(
7119 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32,
7120 source: HTLCSource, onion_routing_packet: msgs::OnionPacket, skimmed_fee_msat: Option<u64>,
7121 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
7122 ) -> Result<Option<ChannelMonitorUpdate>, ChannelError>
7123 where F::Target: FeeEstimator, L::Target: Logger
7125 let send_res = self.send_htlc(amount_msat, payment_hash, cltv_expiry, source,
7126 onion_routing_packet, false, skimmed_fee_msat, None, fee_estimator, logger);
7127 if let Err(e) = &send_res { if let ChannelError::Ignore(_) = e {} else { debug_assert!(false, "Sending cannot trigger channel failure"); } }
7130 let monitor_update = self.build_commitment_no_status_check(logger);
7131 self.monitor_updating_paused(false, true, false, Vec::new(), Vec::new(), Vec::new());
7132 Ok(self.push_ret_blockable_mon_update(monitor_update))
7138 /// Applies the `ChannelUpdate` and returns a boolean indicating whether a change actually
7140 pub fn channel_update(&mut self, msg: &msgs::ChannelUpdate) -> Result<bool, ChannelError> {
7141 let new_forwarding_info = Some(CounterpartyForwardingInfo {
7142 fee_base_msat: msg.contents.fee_base_msat,
7143 fee_proportional_millionths: msg.contents.fee_proportional_millionths,
7144 cltv_expiry_delta: msg.contents.cltv_expiry_delta
7146 let did_change = self.context.counterparty_forwarding_info != new_forwarding_info;
7148 self.context.counterparty_forwarding_info = new_forwarding_info;
7154 /// Begins the shutdown process, getting a message for the remote peer and returning all
7155 /// holding cell HTLCs for payment failure.
7156 pub fn get_shutdown(&mut self, signer_provider: &SP, their_features: &InitFeatures,
7157 target_feerate_sats_per_kw: Option<u32>, override_shutdown_script: Option<ShutdownScript>)
7158 -> Result<(msgs::Shutdown, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), APIError>
7160 for htlc in self.context.pending_outbound_htlcs.iter() {
7161 if let OutboundHTLCState::LocalAnnounced(_) = htlc.state {
7162 return Err(APIError::APIMisuseError{err: "Cannot begin shutdown with pending HTLCs. Process pending events first".to_owned()});
7165 if self.context.channel_state.is_local_shutdown_sent() {
7166 return Err(APIError::APIMisuseError{err: "Shutdown already in progress".to_owned()});
7168 else if self.context.channel_state.is_remote_shutdown_sent() {
7169 return Err(APIError::ChannelUnavailable{err: "Shutdown already in progress by remote".to_owned()});
7171 if self.context.shutdown_scriptpubkey.is_some() && override_shutdown_script.is_some() {
7172 return Err(APIError::APIMisuseError{err: "Cannot override shutdown script for a channel with one already set".to_owned()});
7174 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
7175 if self.context.channel_state.is_peer_disconnected() || self.context.channel_state.is_monitor_update_in_progress() {
7176 return Err(APIError::ChannelUnavailable{err: "Cannot begin shutdown while peer is disconnected or we're waiting on a monitor update, maybe force-close instead?".to_owned()});
7179 let update_shutdown_script = match self.context.shutdown_scriptpubkey {
7182 // use override shutdown script if provided
7183 let shutdown_scriptpubkey = match override_shutdown_script {
7184 Some(script) => script,
7186 // otherwise, use the shutdown scriptpubkey provided by the signer
7187 match signer_provider.get_shutdown_scriptpubkey() {
7188 Ok(scriptpubkey) => scriptpubkey,
7189 Err(_) => return Err(APIError::ChannelUnavailable{err: "Failed to get shutdown scriptpubkey".to_owned()}),
7193 if !shutdown_scriptpubkey.is_compatible(their_features) {
7194 return Err(APIError::IncompatibleShutdownScript { script: shutdown_scriptpubkey.clone() });
7196 self.context.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
7201 // From here on out, we may not fail!
7202 self.context.target_closing_feerate_sats_per_kw = target_feerate_sats_per_kw;
7203 self.context.channel_state.set_local_shutdown_sent();
7204 self.context.local_initiated_shutdown = Some(());
7205 self.context.update_time_counter += 1;
7207 let monitor_update = if update_shutdown_script {
7208 self.context.latest_monitor_update_id += 1;
7209 let monitor_update = ChannelMonitorUpdate {
7210 update_id: self.context.latest_monitor_update_id,
7211 counterparty_node_id: Some(self.context.counterparty_node_id),
7212 updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
7213 scriptpubkey: self.get_closing_scriptpubkey(),
7215 channel_id: Some(self.context.channel_id()),
7217 self.monitor_updating_paused(false, false, false, Vec::new(), Vec::new(), Vec::new());
7218 self.push_ret_blockable_mon_update(monitor_update)
7220 let shutdown = msgs::Shutdown {
7221 channel_id: self.context.channel_id,
7222 scriptpubkey: self.get_closing_scriptpubkey(),
7225 // Go ahead and drop holding cell updates as we'd rather fail payments than wait to send
7226 // our shutdown until we've committed all of the pending changes.
7227 self.context.holding_cell_update_fee = None;
7228 let mut dropped_outbound_htlcs = Vec::with_capacity(self.context.holding_cell_htlc_updates.len());
7229 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
7231 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, .. } => {
7232 dropped_outbound_htlcs.push((source.clone(), payment_hash.clone()));
7239 debug_assert!(!self.is_shutdown() || monitor_update.is_none(),
7240 "we can't both complete shutdown and return a monitor update");
7242 Ok((shutdown, monitor_update, dropped_outbound_htlcs))
7245 pub fn inflight_htlc_sources(&self) -> impl Iterator<Item=(&HTLCSource, &PaymentHash)> {
7246 self.context.holding_cell_htlc_updates.iter()
7247 .flat_map(|htlc_update| {
7249 HTLCUpdateAwaitingACK::AddHTLC { source, payment_hash, .. }
7250 => Some((source, payment_hash)),
7254 .chain(self.context.pending_outbound_htlcs.iter().map(|htlc| (&htlc.source, &htlc.payment_hash)))
7258 /// A not-yet-funded outbound (from holder) channel using V1 channel establishment.
7259 pub(super) struct OutboundV1Channel<SP: Deref> where SP::Target: SignerProvider {
7260 pub context: ChannelContext<SP>,
7261 pub unfunded_context: UnfundedChannelContext,
7264 impl<SP: Deref> OutboundV1Channel<SP> where SP::Target: SignerProvider {
7265 pub fn new<ES: Deref, F: Deref>(
7266 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP, counterparty_node_id: PublicKey, their_features: &InitFeatures,
7267 channel_value_satoshis: u64, push_msat: u64, user_id: u128, config: &UserConfig, current_chain_height: u32,
7268 outbound_scid_alias: u64, temporary_channel_id: Option<ChannelId>
7269 ) -> Result<OutboundV1Channel<SP>, APIError>
7270 where ES::Target: EntropySource,
7271 F::Target: FeeEstimator
7273 let holder_selected_channel_reserve_satoshis = get_holder_selected_channel_reserve_satoshis(channel_value_satoshis, config);
7274 if holder_selected_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
7275 // Protocol level safety check in place, although it should never happen because
7276 // of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
7277 return Err(APIError::APIMisuseError { err: format!("Holder selected channel reserve below \
7278 implemention limit dust_limit_satoshis {}", holder_selected_channel_reserve_satoshis) });
7281 let channel_keys_id = signer_provider.generate_channel_keys_id(false, channel_value_satoshis, user_id);
7282 let holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
7283 let pubkeys = holder_signer.pubkeys().clone();
7286 context: ChannelContext::new_for_outbound_channel(
7290 counterparty_node_id,
7292 channel_value_satoshis,
7296 current_chain_height,
7297 outbound_scid_alias,
7298 temporary_channel_id,
7299 holder_selected_channel_reserve_satoshis,
7304 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 }
7309 /// Only allowed after [`ChannelContext::channel_transaction_parameters`] is set.
7310 fn get_funding_created_msg<L: Deref>(&mut self, logger: &L) -> Option<msgs::FundingCreated> where L::Target: Logger {
7311 let counterparty_keys = self.context.build_remote_transaction_keys();
7312 let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx;
7313 let signature = match &self.context.holder_signer {
7314 // TODO (taproot|arik): move match into calling method for Taproot
7315 ChannelSignerType::Ecdsa(ecdsa) => {
7316 ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), Vec::new(), &self.context.secp_ctx)
7317 .map(|(sig, _)| sig).ok()?
7319 // TODO (taproot|arik)
7324 if self.context.signer_pending_funding {
7325 log_trace!(logger, "Counterparty commitment signature ready for funding_created message: clearing signer_pending_funding");
7326 self.context.signer_pending_funding = false;
7329 Some(msgs::FundingCreated {
7330 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
7331 funding_txid: self.context.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().txid,
7332 funding_output_index: self.context.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().index,
7335 partial_signature_with_nonce: None,
7337 next_local_nonce: None,
7341 /// Updates channel state with knowledge of the funding transaction's txid/index, and generates
7342 /// a funding_created message for the remote peer.
7343 /// Panics if called at some time other than immediately after initial handshake, if called twice,
7344 /// or if called on an inbound channel.
7345 /// Note that channel_id changes during this call!
7346 /// Do NOT broadcast the funding transaction until after a successful funding_signed call!
7347 /// If an Err is returned, it is a ChannelError::Close.
7348 pub fn get_funding_created<L: Deref>(&mut self, funding_transaction: Transaction, funding_txo: OutPoint, is_batch_funding: bool, logger: &L)
7349 -> Result<Option<msgs::FundingCreated>, (Self, ChannelError)> where L::Target: Logger {
7350 if !self.context.is_outbound() {
7351 panic!("Tried to create outbound funding_created message on an inbound channel!");
7354 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7355 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7357 panic!("Tried to get a funding_created messsage at a time other than immediately after initial handshake completion (or tried to get funding_created twice)");
7359 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7360 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7361 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7362 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7365 self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo);
7366 self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters);
7368 // Now that we're past error-generating stuff, update our local state:
7370 self.context.channel_state = ChannelState::FundingNegotiated;
7371 self.context.channel_id = ChannelId::v1_from_funding_outpoint(funding_txo);
7373 // If the funding transaction is a coinbase transaction, we need to set the minimum depth to 100.
7374 // We can skip this if it is a zero-conf channel.
7375 if funding_transaction.is_coin_base() &&
7376 self.context.minimum_depth.unwrap_or(0) > 0 &&
7377 self.context.minimum_depth.unwrap_or(0) < COINBASE_MATURITY {
7378 self.context.minimum_depth = Some(COINBASE_MATURITY);
7381 self.context.funding_transaction = Some(funding_transaction);
7382 self.context.is_batch_funding = Some(()).filter(|_| is_batch_funding);
7384 let funding_created = self.get_funding_created_msg(logger);
7385 if funding_created.is_none() {
7386 #[cfg(not(async_signing))] {
7387 panic!("Failed to get signature for new funding creation");
7389 #[cfg(async_signing)] {
7390 if !self.context.signer_pending_funding {
7391 log_trace!(logger, "funding_created awaiting signer; setting signer_pending_funding");
7392 self.context.signer_pending_funding = true;
7400 /// If we receive an error message, it may only be a rejection of the channel type we tried,
7401 /// not of our ability to open any channel at all. Thus, on error, we should first call this
7402 /// and see if we get a new `OpenChannel` message, otherwise the channel is failed.
7403 pub(crate) fn maybe_handle_error_without_close<F: Deref>(
7404 &mut self, chain_hash: ChainHash, fee_estimator: &LowerBoundedFeeEstimator<F>
7405 ) -> Result<msgs::OpenChannel, ()>
7407 F::Target: FeeEstimator
7409 self.context.maybe_downgrade_channel_features(fee_estimator)?;
7410 Ok(self.get_open_channel(chain_hash))
7413 pub fn get_open_channel(&self, chain_hash: ChainHash) -> msgs::OpenChannel {
7414 if !self.context.is_outbound() {
7415 panic!("Tried to open a channel for an inbound channel?");
7417 if self.context.have_received_message() {
7418 panic!("Cannot generate an open_channel after we've moved forward");
7421 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7422 panic!("Tried to send an open_channel for a channel that has already advanced");
7425 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
7426 let keys = self.context.get_holder_pubkeys();
7429 common_fields: msgs::CommonOpenChannelFields {
7431 temporary_channel_id: self.context.channel_id,
7432 funding_satoshis: self.context.channel_value_satoshis,
7433 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
7434 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
7435 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
7436 commitment_feerate_sat_per_1000_weight: self.context.feerate_per_kw as u32,
7437 to_self_delay: self.context.get_holder_selected_contest_delay(),
7438 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
7439 funding_pubkey: keys.funding_pubkey,
7440 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
7441 payment_basepoint: keys.payment_point,
7442 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
7443 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
7444 first_per_commitment_point,
7445 channel_flags: if self.context.config.announced_channel {1} else {0},
7446 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
7447 Some(script) => script.clone().into_inner(),
7448 None => Builder::new().into_script(),
7450 channel_type: Some(self.context.channel_type.clone()),
7452 push_msat: self.context.channel_value_satoshis * 1000 - self.context.value_to_self_msat,
7453 channel_reserve_satoshis: self.context.holder_selected_channel_reserve_satoshis,
7458 pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel, default_limits: &ChannelHandshakeLimits, their_features: &InitFeatures) -> Result<(), ChannelError> {
7459 let peer_limits = if let Some(ref limits) = self.context.inbound_handshake_limits_override { limits } else { default_limits };
7461 // Check sanity of message fields:
7462 if !self.context.is_outbound() {
7463 return Err(ChannelError::Close("Got an accept_channel message from an inbound peer".to_owned()));
7465 if !matches!(self.context.channel_state, ChannelState::NegotiatingFunding(flags) if flags == NegotiatingFundingFlags::OUR_INIT_SENT) {
7466 return Err(ChannelError::Close("Got an accept_channel message at a strange time".to_owned()));
7468 if msg.common_fields.dust_limit_satoshis > 21000000 * 100000000 {
7469 return Err(ChannelError::Close(format!("Peer never wants payout outputs? dust_limit_satoshis was {}", msg.common_fields.dust_limit_satoshis)));
7471 if msg.channel_reserve_satoshis > self.context.channel_value_satoshis {
7472 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must not be greater than ({})", msg.channel_reserve_satoshis, self.context.channel_value_satoshis)));
7474 if msg.common_fields.dust_limit_satoshis > self.context.holder_selected_channel_reserve_satoshis {
7475 return Err(ChannelError::Close(format!("Dust limit ({}) is bigger than our channel reserve ({})", msg.common_fields.dust_limit_satoshis, self.context.holder_selected_channel_reserve_satoshis)));
7477 if msg.channel_reserve_satoshis > self.context.channel_value_satoshis - self.context.holder_selected_channel_reserve_satoshis {
7478 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must not be greater than channel value minus our reserve ({})",
7479 msg.channel_reserve_satoshis, self.context.channel_value_satoshis - self.context.holder_selected_channel_reserve_satoshis)));
7481 let full_channel_value_msat = (self.context.channel_value_satoshis - msg.channel_reserve_satoshis) * 1000;
7482 if msg.common_fields.htlc_minimum_msat >= full_channel_value_msat {
7483 return Err(ChannelError::Close(format!("Minimum htlc value ({}) is full channel value ({})", msg.common_fields.htlc_minimum_msat, full_channel_value_msat)));
7485 let max_delay_acceptable = u16::min(peer_limits.their_to_self_delay, MAX_LOCAL_BREAKDOWN_TIMEOUT);
7486 if msg.common_fields.to_self_delay > max_delay_acceptable {
7487 return Err(ChannelError::Close(format!("They wanted our payments to be delayed by a needlessly long period. Upper limit: {}. Actual: {}", max_delay_acceptable, msg.common_fields.to_self_delay)));
7489 if msg.common_fields.max_accepted_htlcs < 1 {
7490 return Err(ChannelError::Close("0 max_accepted_htlcs makes for a useless channel".to_owned()));
7492 if msg.common_fields.max_accepted_htlcs > MAX_HTLCS {
7493 return Err(ChannelError::Close(format!("max_accepted_htlcs was {}. It must not be larger than {}", msg.common_fields.max_accepted_htlcs, MAX_HTLCS)));
7496 // Now check against optional parameters as set by config...
7497 if msg.common_fields.htlc_minimum_msat > peer_limits.max_htlc_minimum_msat {
7498 return Err(ChannelError::Close(format!("htlc_minimum_msat ({}) is higher than the user specified limit ({})", msg.common_fields.htlc_minimum_msat, peer_limits.max_htlc_minimum_msat)));
7500 if msg.common_fields.max_htlc_value_in_flight_msat < peer_limits.min_max_htlc_value_in_flight_msat {
7501 return Err(ChannelError::Close(format!("max_htlc_value_in_flight_msat ({}) is less than the user specified limit ({})", msg.common_fields.max_htlc_value_in_flight_msat, peer_limits.min_max_htlc_value_in_flight_msat)));
7503 if msg.channel_reserve_satoshis > peer_limits.max_channel_reserve_satoshis {
7504 return Err(ChannelError::Close(format!("channel_reserve_satoshis ({}) is higher than the user specified limit ({})", msg.channel_reserve_satoshis, peer_limits.max_channel_reserve_satoshis)));
7506 if msg.common_fields.max_accepted_htlcs < peer_limits.min_max_accepted_htlcs {
7507 return Err(ChannelError::Close(format!("max_accepted_htlcs ({}) is less than the user specified limit ({})", msg.common_fields.max_accepted_htlcs, peer_limits.min_max_accepted_htlcs)));
7509 if msg.common_fields.dust_limit_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
7510 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is less than the implementation limit ({})", msg.common_fields.dust_limit_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
7512 if msg.common_fields.dust_limit_satoshis > MAX_CHAN_DUST_LIMIT_SATOSHIS {
7513 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is greater than the implementation limit ({})", msg.common_fields.dust_limit_satoshis, MAX_CHAN_DUST_LIMIT_SATOSHIS)));
7515 if msg.common_fields.minimum_depth > peer_limits.max_minimum_depth {
7516 return Err(ChannelError::Close(format!("We consider the minimum depth to be unreasonably large. Expected minimum: ({}). Actual: ({})", peer_limits.max_minimum_depth, msg.common_fields.minimum_depth)));
7519 if let Some(ty) = &msg.common_fields.channel_type {
7520 if *ty != self.context.channel_type {
7521 return Err(ChannelError::Close("Channel Type in accept_channel didn't match the one sent in open_channel.".to_owned()));
7523 } else if their_features.supports_channel_type() {
7524 // Assume they've accepted the channel type as they said they understand it.
7526 let channel_type = ChannelTypeFeatures::from_init(&their_features);
7527 if channel_type != ChannelTypeFeatures::only_static_remote_key() {
7528 return Err(ChannelError::Close("Only static_remote_key is supported for non-negotiated channel types".to_owned()));
7530 self.context.channel_type = channel_type.clone();
7531 self.context.channel_transaction_parameters.channel_type_features = channel_type;
7534 let counterparty_shutdown_scriptpubkey = if their_features.supports_upfront_shutdown_script() {
7535 match &msg.common_fields.shutdown_scriptpubkey {
7536 &Some(ref script) => {
7537 // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
7538 if script.len() == 0 {
7541 if !script::is_bolt2_compliant(&script, their_features) {
7542 return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided an unacceptable scriptpubkey format: {}", script)));
7544 Some(script.clone())
7547 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
7549 return Err(ChannelError::Close("Peer is signaling upfront_shutdown but we don't get any script. Use 0-length script to opt-out".to_owned()));
7554 self.context.counterparty_dust_limit_satoshis = msg.common_fields.dust_limit_satoshis;
7555 self.context.counterparty_max_htlc_value_in_flight_msat = cmp::min(msg.common_fields.max_htlc_value_in_flight_msat, self.context.channel_value_satoshis * 1000);
7556 self.context.counterparty_selected_channel_reserve_satoshis = Some(msg.channel_reserve_satoshis);
7557 self.context.counterparty_htlc_minimum_msat = msg.common_fields.htlc_minimum_msat;
7558 self.context.counterparty_max_accepted_htlcs = msg.common_fields.max_accepted_htlcs;
7560 if peer_limits.trust_own_funding_0conf {
7561 self.context.minimum_depth = Some(msg.common_fields.minimum_depth);
7563 self.context.minimum_depth = Some(cmp::max(1, msg.common_fields.minimum_depth));
7566 let counterparty_pubkeys = ChannelPublicKeys {
7567 funding_pubkey: msg.common_fields.funding_pubkey,
7568 revocation_basepoint: RevocationBasepoint::from(msg.common_fields.revocation_basepoint),
7569 payment_point: msg.common_fields.payment_basepoint,
7570 delayed_payment_basepoint: DelayedPaymentBasepoint::from(msg.common_fields.delayed_payment_basepoint),
7571 htlc_basepoint: HtlcBasepoint::from(msg.common_fields.htlc_basepoint)
7574 self.context.channel_transaction_parameters.counterparty_parameters = Some(CounterpartyChannelTransactionParameters {
7575 selected_contest_delay: msg.common_fields.to_self_delay,
7576 pubkeys: counterparty_pubkeys,
7579 self.context.counterparty_cur_commitment_point = Some(msg.common_fields.first_per_commitment_point);
7580 self.context.counterparty_shutdown_scriptpubkey = counterparty_shutdown_scriptpubkey;
7582 self.context.channel_state = ChannelState::NegotiatingFunding(
7583 NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT
7585 self.context.inbound_handshake_limits_override = None; // We're done enforcing limits on our peer's handshake now.
7590 /// Handles a funding_signed message from the remote end.
7591 /// If this call is successful, broadcast the funding transaction (and not before!)
7592 pub fn funding_signed<L: Deref>(
7593 mut self, msg: &msgs::FundingSigned, best_block: BestBlock, signer_provider: &SP, logger: &L
7594 ) -> Result<(Channel<SP>, ChannelMonitor<<SP::Target as SignerProvider>::EcdsaSigner>), (OutboundV1Channel<SP>, ChannelError)>
7598 if !self.context.is_outbound() {
7599 return Err((self, ChannelError::Close("Received funding_signed for an inbound channel?".to_owned())));
7601 if !matches!(self.context.channel_state, ChannelState::FundingNegotiated) {
7602 return Err((self, ChannelError::Close("Received funding_signed in strange state!".to_owned())));
7604 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7605 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7606 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7607 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7610 let funding_script = self.context.get_funding_redeemscript();
7612 let counterparty_keys = self.context.build_remote_transaction_keys();
7613 let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx;
7614 let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust();
7615 let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction();
7617 log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}",
7618 &self.context.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction));
7620 let holder_signer = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
7621 let initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &holder_signer, true, false, logger).tx;
7623 let trusted_tx = initial_commitment_tx.trust();
7624 let initial_commitment_bitcoin_tx = trusted_tx.built_transaction();
7625 let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
7626 // They sign our commitment transaction, allowing us to broadcast the tx if we wish.
7627 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.get_counterparty_pubkeys().funding_pubkey) {
7628 return Err((self, ChannelError::Close("Invalid funding_signed signature from peer".to_owned())));
7632 let holder_commitment_tx = HolderCommitmentTransaction::new(
7633 initial_commitment_tx,
7636 &self.context.get_holder_pubkeys().funding_pubkey,
7637 self.context.counterparty_funding_pubkey()
7641 self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, Vec::new());
7642 if validated.is_err() {
7643 return Err((self, ChannelError::Close("Failed to validate our commitment".to_owned())));
7646 let funding_redeemscript = self.context.get_funding_redeemscript();
7647 let funding_txo = self.context.get_funding_txo().unwrap();
7648 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
7649 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.context.get_holder_pubkeys().payment_point, &self.context.get_counterparty_pubkeys().payment_point, self.context.is_outbound());
7650 let shutdown_script = self.context.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
7651 let mut monitor_signer = signer_provider.derive_channel_signer(self.context.channel_value_satoshis, self.context.channel_keys_id);
7652 monitor_signer.provide_channel_parameters(&self.context.channel_transaction_parameters);
7653 let channel_monitor = ChannelMonitor::new(self.context.secp_ctx.clone(), monitor_signer,
7654 shutdown_script, self.context.get_holder_selected_contest_delay(),
7655 &self.context.destination_script, (funding_txo, funding_txo_script),
7656 &self.context.channel_transaction_parameters,
7657 funding_redeemscript.clone(), self.context.channel_value_satoshis,
7659 holder_commitment_tx, best_block, self.context.counterparty_node_id, self.context.channel_id());
7660 channel_monitor.provide_initial_counterparty_commitment_tx(
7661 counterparty_initial_bitcoin_tx.txid, Vec::new(),
7662 self.context.cur_counterparty_commitment_transaction_number,
7663 self.context.counterparty_cur_commitment_point.unwrap(),
7664 counterparty_initial_commitment_tx.feerate_per_kw(),
7665 counterparty_initial_commitment_tx.to_broadcaster_value_sat(),
7666 counterparty_initial_commitment_tx.to_countersignatory_value_sat(), logger);
7668 assert!(!self.context.channel_state.is_monitor_update_in_progress()); // We have no had any monitor(s) yet to fail update!
7669 if self.context.is_batch_funding() {
7670 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH);
7672 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
7674 self.context.cur_holder_commitment_transaction_number -= 1;
7675 self.context.cur_counterparty_commitment_transaction_number -= 1;
7677 log_info!(logger, "Received funding_signed from peer for channel {}", &self.context.channel_id());
7679 let mut channel = Channel {
7680 context: self.context,
7681 #[cfg(dual_funding)]
7682 dual_funding_channel_context: None,
7685 let need_channel_ready = channel.check_get_channel_ready(0).is_some();
7686 channel.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new());
7687 Ok((channel, channel_monitor))
7690 /// Indicates that the signer may have some signatures for us, so we should retry if we're
7692 #[cfg(async_signing)]
7693 pub fn signer_maybe_unblocked<L: Deref>(&mut self, logger: &L) -> Option<msgs::FundingCreated> where L::Target: Logger {
7694 if self.context.signer_pending_funding && self.context.is_outbound() {
7695 log_trace!(logger, "Signer unblocked a funding_created");
7696 self.get_funding_created_msg(logger)
7701 /// A not-yet-funded inbound (from counterparty) channel using V1 channel establishment.
7702 pub(super) struct InboundV1Channel<SP: Deref> where SP::Target: SignerProvider {
7703 pub context: ChannelContext<SP>,
7704 pub unfunded_context: UnfundedChannelContext,
7707 /// Fetches the [`ChannelTypeFeatures`] that will be used for a channel built from a given
7708 /// [`msgs::CommonOpenChannelFields`].
7709 pub(super) fn channel_type_from_open_channel(
7710 common_fields: &msgs::CommonOpenChannelFields, their_features: &InitFeatures,
7711 our_supported_features: &ChannelTypeFeatures
7712 ) -> Result<ChannelTypeFeatures, ChannelError> {
7713 if let Some(channel_type) = &common_fields.channel_type {
7714 if channel_type.supports_any_optional_bits() {
7715 return Err(ChannelError::Close("Channel Type field contained optional bits - this is not allowed".to_owned()));
7718 // We only support the channel types defined by the `ChannelManager` in
7719 // `provided_channel_type_features`. The channel type must always support
7720 // `static_remote_key`.
7721 if !channel_type.requires_static_remote_key() {
7722 return Err(ChannelError::Close("Channel Type was not understood - we require static remote key".to_owned()));
7724 // Make sure we support all of the features behind the channel type.
7725 if !channel_type.is_subset(our_supported_features) {
7726 return Err(ChannelError::Close("Channel Type contains unsupported features".to_owned()));
7728 let announced_channel = if (common_fields.channel_flags & 1) == 1 { true } else { false };
7729 if channel_type.requires_scid_privacy() && announced_channel {
7730 return Err(ChannelError::Close("SCID Alias/Privacy Channel Type cannot be set on a public channel".to_owned()));
7732 Ok(channel_type.clone())
7734 let channel_type = ChannelTypeFeatures::from_init(&their_features);
7735 if channel_type != ChannelTypeFeatures::only_static_remote_key() {
7736 return Err(ChannelError::Close("Only static_remote_key is supported for non-negotiated channel types".to_owned()));
7742 impl<SP: Deref> InboundV1Channel<SP> where SP::Target: SignerProvider {
7743 /// Creates a new channel from a remote sides' request for one.
7744 /// Assumes chain_hash has already been checked and corresponds with what we expect!
7745 pub fn new<ES: Deref, F: Deref, L: Deref>(
7746 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
7747 counterparty_node_id: PublicKey, our_supported_features: &ChannelTypeFeatures,
7748 their_features: &InitFeatures, msg: &msgs::OpenChannel, user_id: u128, config: &UserConfig,
7749 current_chain_height: u32, logger: &L, is_0conf: bool,
7750 ) -> Result<InboundV1Channel<SP>, ChannelError>
7751 where ES::Target: EntropySource,
7752 F::Target: FeeEstimator,
7755 let logger = WithContext::from(logger, Some(counterparty_node_id), Some(msg.common_fields.temporary_channel_id));
7757 // First check the channel type is known, failing before we do anything else if we don't
7758 // support this channel type.
7759 let channel_type = channel_type_from_open_channel(&msg.common_fields, their_features, our_supported_features)?;
7761 let holder_selected_channel_reserve_satoshis = get_holder_selected_channel_reserve_satoshis(msg.common_fields.funding_satoshis, config);
7762 let counterparty_pubkeys = ChannelPublicKeys {
7763 funding_pubkey: msg.common_fields.funding_pubkey,
7764 revocation_basepoint: RevocationBasepoint::from(msg.common_fields.revocation_basepoint),
7765 payment_point: msg.common_fields.payment_basepoint,
7766 delayed_payment_basepoint: DelayedPaymentBasepoint::from(msg.common_fields.delayed_payment_basepoint),
7767 htlc_basepoint: HtlcBasepoint::from(msg.common_fields.htlc_basepoint)
7771 context: ChannelContext::new_for_inbound_channel(
7775 counterparty_node_id,
7779 current_chain_height,
7784 counterparty_pubkeys,
7786 holder_selected_channel_reserve_satoshis,
7787 msg.channel_reserve_satoshis,
7789 msg.common_fields.clone(),
7791 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 }
7796 /// Marks an inbound channel as accepted and generates a [`msgs::AcceptChannel`] message which
7797 /// should be sent back to the counterparty node.
7799 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7800 pub fn accept_inbound_channel(&mut self) -> msgs::AcceptChannel {
7801 if self.context.is_outbound() {
7802 panic!("Tried to send accept_channel for an outbound channel?");
7805 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7806 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7808 panic!("Tried to send accept_channel after channel had moved forward");
7810 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7811 panic!("Tried to send an accept_channel for a channel that has already advanced");
7814 self.generate_accept_channel_message()
7817 /// This function is used to explicitly generate a [`msgs::AcceptChannel`] message for an
7818 /// inbound channel. If the intention is to accept an inbound channel, use
7819 /// [`InboundV1Channel::accept_inbound_channel`] instead.
7821 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7822 fn generate_accept_channel_message(&self) -> msgs::AcceptChannel {
7823 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
7824 let keys = self.context.get_holder_pubkeys();
7826 msgs::AcceptChannel {
7827 common_fields: msgs::CommonAcceptChannelFields {
7828 temporary_channel_id: self.context.channel_id,
7829 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
7830 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
7831 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
7832 minimum_depth: self.context.minimum_depth.unwrap(),
7833 to_self_delay: self.context.get_holder_selected_contest_delay(),
7834 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
7835 funding_pubkey: keys.funding_pubkey,
7836 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
7837 payment_basepoint: keys.payment_point,
7838 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
7839 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
7840 first_per_commitment_point,
7841 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
7842 Some(script) => script.clone().into_inner(),
7843 None => Builder::new().into_script(),
7845 channel_type: Some(self.context.channel_type.clone()),
7847 channel_reserve_satoshis: self.context.holder_selected_channel_reserve_satoshis,
7849 next_local_nonce: None,
7853 /// Enables the possibility for tests to extract a [`msgs::AcceptChannel`] message for an
7854 /// inbound channel without accepting it.
7856 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7858 pub fn get_accept_channel_message(&self) -> msgs::AcceptChannel {
7859 self.generate_accept_channel_message()
7862 fn check_funding_created_signature<L: Deref>(&mut self, sig: &Signature, logger: &L) -> Result<CommitmentTransaction, ChannelError> where L::Target: Logger {
7863 let funding_script = self.context.get_funding_redeemscript();
7865 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
7866 let initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, false, logger).tx;
7867 let trusted_tx = initial_commitment_tx.trust();
7868 let initial_commitment_bitcoin_tx = trusted_tx.built_transaction();
7869 let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
7870 // They sign the holder commitment transaction...
7871 log_trace!(logger, "Checking funding_created tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} for channel {}.",
7872 log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.context.counterparty_funding_pubkey().serialize()),
7873 encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]),
7874 encode::serialize_hex(&funding_script), &self.context.channel_id());
7875 secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &sig, self.context.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned());
7877 Ok(initial_commitment_tx)
7880 pub fn funding_created<L: Deref>(
7881 mut self, msg: &msgs::FundingCreated, best_block: BestBlock, signer_provider: &SP, logger: &L
7882 ) -> Result<(Channel<SP>, Option<msgs::FundingSigned>, ChannelMonitor<<SP::Target as SignerProvider>::EcdsaSigner>), (Self, ChannelError)>
7886 if self.context.is_outbound() {
7887 return Err((self, ChannelError::Close("Received funding_created for an outbound channel?".to_owned())));
7890 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7891 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7893 // BOLT 2 says that if we disconnect before we send funding_signed we SHOULD NOT
7894 // remember the channel, so it's safe to just send an error_message here and drop the
7896 return Err((self, ChannelError::Close("Received funding_created after we got the channel!".to_owned())));
7898 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7899 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7900 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7901 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7904 let funding_txo = OutPoint { txid: msg.funding_txid, index: msg.funding_output_index };
7905 self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo);
7906 // This is an externally observable change before we finish all our checks. In particular
7907 // check_funding_created_signature may fail.
7908 self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters);
7910 let initial_commitment_tx = match self.check_funding_created_signature(&msg.signature, logger) {
7912 Err(ChannelError::Close(e)) => {
7913 self.context.channel_transaction_parameters.funding_outpoint = None;
7914 return Err((self, ChannelError::Close(e)));
7917 // The only error we know how to handle is ChannelError::Close, so we fall over here
7918 // to make sure we don't continue with an inconsistent state.
7919 panic!("unexpected error type from check_funding_created_signature {:?}", e);
7923 let holder_commitment_tx = HolderCommitmentTransaction::new(
7924 initial_commitment_tx,
7927 &self.context.get_holder_pubkeys().funding_pubkey,
7928 self.context.counterparty_funding_pubkey()
7931 if let Err(_) = self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, Vec::new()) {
7932 return Err((self, ChannelError::Close("Failed to validate our commitment".to_owned())));
7935 // Now that we're past error-generating stuff, update our local state:
7937 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
7938 self.context.channel_id = ChannelId::v1_from_funding_outpoint(funding_txo);
7939 self.context.cur_counterparty_commitment_transaction_number -= 1;
7940 self.context.cur_holder_commitment_transaction_number -= 1;
7942 let (counterparty_initial_commitment_tx, funding_signed) = self.context.get_funding_signed_msg(logger);
7944 let funding_redeemscript = self.context.get_funding_redeemscript();
7945 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
7946 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.context.get_holder_pubkeys().payment_point, &self.context.get_counterparty_pubkeys().payment_point, self.context.is_outbound());
7947 let shutdown_script = self.context.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
7948 let mut monitor_signer = signer_provider.derive_channel_signer(self.context.channel_value_satoshis, self.context.channel_keys_id);
7949 monitor_signer.provide_channel_parameters(&self.context.channel_transaction_parameters);
7950 let channel_monitor = ChannelMonitor::new(self.context.secp_ctx.clone(), monitor_signer,
7951 shutdown_script, self.context.get_holder_selected_contest_delay(),
7952 &self.context.destination_script, (funding_txo, funding_txo_script.clone()),
7953 &self.context.channel_transaction_parameters,
7954 funding_redeemscript.clone(), self.context.channel_value_satoshis,
7956 holder_commitment_tx, best_block, self.context.counterparty_node_id, self.context.channel_id());
7957 channel_monitor.provide_initial_counterparty_commitment_tx(
7958 counterparty_initial_commitment_tx.trust().txid(), Vec::new(),
7959 self.context.cur_counterparty_commitment_transaction_number + 1,
7960 self.context.counterparty_cur_commitment_point.unwrap(), self.context.feerate_per_kw,
7961 counterparty_initial_commitment_tx.to_broadcaster_value_sat(),
7962 counterparty_initial_commitment_tx.to_countersignatory_value_sat(), logger);
7964 log_info!(logger, "{} funding_signed for peer for channel {}",
7965 if funding_signed.is_some() { "Generated" } else { "Waiting for signature on" }, &self.context.channel_id());
7967 // Promote the channel to a full-fledged one now that we have updated the state and have a
7968 // `ChannelMonitor`.
7969 let mut channel = Channel {
7970 context: self.context,
7971 #[cfg(dual_funding)]
7972 dual_funding_channel_context: None,
7974 let need_channel_ready = channel.check_get_channel_ready(0).is_some();
7975 channel.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new());
7977 Ok((channel, funding_signed, channel_monitor))
7981 // A not-yet-funded outbound (from holder) channel using V2 channel establishment.
7982 #[cfg(dual_funding)]
7983 pub(super) struct OutboundV2Channel<SP: Deref> where SP::Target: SignerProvider {
7984 pub context: ChannelContext<SP>,
7985 pub unfunded_context: UnfundedChannelContext,
7986 #[cfg(dual_funding)]
7987 pub dual_funding_context: DualFundingChannelContext,
7990 #[cfg(dual_funding)]
7991 impl<SP: Deref> OutboundV2Channel<SP> where SP::Target: SignerProvider {
7992 pub fn new<ES: Deref, F: Deref>(
7993 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
7994 counterparty_node_id: PublicKey, their_features: &InitFeatures, funding_satoshis: u64,
7995 user_id: u128, config: &UserConfig, current_chain_height: u32, outbound_scid_alias: u64,
7996 funding_confirmation_target: ConfirmationTarget,
7997 ) -> Result<OutboundV2Channel<SP>, APIError>
7998 where ES::Target: EntropySource,
7999 F::Target: FeeEstimator,
8001 let channel_keys_id = signer_provider.generate_channel_keys_id(false, funding_satoshis, user_id);
8002 let holder_signer = signer_provider.derive_channel_signer(funding_satoshis, channel_keys_id);
8003 let pubkeys = holder_signer.pubkeys().clone();
8005 let temporary_channel_id = Some(ChannelId::temporary_v2_from_revocation_basepoint(&pubkeys.revocation_basepoint));
8007 let holder_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8008 funding_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
8010 let funding_feerate_sat_per_1000_weight = fee_estimator.bounded_sat_per_1000_weight(funding_confirmation_target);
8011 let funding_tx_locktime = current_chain_height;
8014 context: ChannelContext::new_for_outbound_channel(
8018 counterparty_node_id,
8024 current_chain_height,
8025 outbound_scid_alias,
8026 temporary_channel_id,
8027 holder_selected_channel_reserve_satoshis,
8032 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 },
8033 dual_funding_context: DualFundingChannelContext {
8034 our_funding_satoshis: funding_satoshis,
8035 their_funding_satoshis: 0,
8036 funding_tx_locktime,
8037 funding_feerate_sat_per_1000_weight,
8043 /// If we receive an error message, it may only be a rejection of the channel type we tried,
8044 /// not of our ability to open any channel at all. Thus, on error, we should first call this
8045 /// and see if we get a new `OpenChannelV2` message, otherwise the channel is failed.
8046 pub(crate) fn maybe_handle_error_without_close<F: Deref>(
8047 &mut self, chain_hash: ChainHash, fee_estimator: &LowerBoundedFeeEstimator<F>
8048 ) -> Result<msgs::OpenChannelV2, ()>
8050 F::Target: FeeEstimator
8052 self.context.maybe_downgrade_channel_features(fee_estimator)?;
8053 Ok(self.get_open_channel_v2(chain_hash))
8056 pub fn get_open_channel_v2(&self, chain_hash: ChainHash) -> msgs::OpenChannelV2 {
8057 if self.context.have_received_message() {
8058 debug_assert!(false, "Cannot generate an open_channel2 after we've moved forward");
8061 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
8062 debug_assert!(false, "Tried to send an open_channel2 for a channel that has already advanced");
8065 let first_per_commitment_point = self.context.holder_signer.as_ref()
8066 .get_per_commitment_point(self.context.cur_holder_commitment_transaction_number,
8067 &self.context.secp_ctx);
8068 let second_per_commitment_point = self.context.holder_signer.as_ref()
8069 .get_per_commitment_point(self.context.cur_holder_commitment_transaction_number - 1,
8070 &self.context.secp_ctx);
8071 let keys = self.context.get_holder_pubkeys();
8073 msgs::OpenChannelV2 {
8074 common_fields: msgs::CommonOpenChannelFields {
8076 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
8077 funding_satoshis: self.context.channel_value_satoshis,
8078 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
8079 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
8080 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
8081 commitment_feerate_sat_per_1000_weight: self.context.feerate_per_kw,
8082 to_self_delay: self.context.get_holder_selected_contest_delay(),
8083 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
8084 funding_pubkey: keys.funding_pubkey,
8085 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
8086 payment_basepoint: keys.payment_point,
8087 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
8088 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
8089 first_per_commitment_point,
8090 channel_flags: if self.context.config.announced_channel {1} else {0},
8091 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
8092 Some(script) => script.clone().into_inner(),
8093 None => Builder::new().into_script(),
8095 channel_type: Some(self.context.channel_type.clone()),
8097 funding_feerate_sat_per_1000_weight: self.context.feerate_per_kw,
8098 second_per_commitment_point,
8099 locktime: self.dual_funding_context.funding_tx_locktime,
8100 require_confirmed_inputs: None,
8105 // A not-yet-funded inbound (from counterparty) channel using V2 channel establishment.
8106 #[cfg(dual_funding)]
8107 pub(super) struct InboundV2Channel<SP: Deref> where SP::Target: SignerProvider {
8108 pub context: ChannelContext<SP>,
8109 pub unfunded_context: UnfundedChannelContext,
8110 pub dual_funding_context: DualFundingChannelContext,
8113 #[cfg(dual_funding)]
8114 impl<SP: Deref> InboundV2Channel<SP> where SP::Target: SignerProvider {
8115 /// Creates a new dual-funded channel from a remote side's request for one.
8116 /// Assumes chain_hash has already been checked and corresponds with what we expect!
8117 pub fn new<ES: Deref, F: Deref, L: Deref>(
8118 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
8119 counterparty_node_id: PublicKey, our_supported_features: &ChannelTypeFeatures,
8120 their_features: &InitFeatures, msg: &msgs::OpenChannelV2, funding_satoshis: u64, user_id: u128,
8121 config: &UserConfig, current_chain_height: u32, logger: &L,
8122 ) -> Result<InboundV2Channel<SP>, ChannelError>
8123 where ES::Target: EntropySource,
8124 F::Target: FeeEstimator,
8127 let channel_value_satoshis = funding_satoshis.saturating_add(msg.common_fields.funding_satoshis);
8128 let counterparty_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8129 channel_value_satoshis, msg.common_fields.dust_limit_satoshis);
8130 let holder_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8131 channel_value_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
8133 // First check the channel type is known, failing before we do anything else if we don't
8134 // support this channel type.
8135 if msg.common_fields.channel_type.is_none() {
8136 return Err(ChannelError::Close(format!("Rejecting V2 channel {} missing channel_type",
8137 msg.common_fields.temporary_channel_id)))
8139 let channel_type = channel_type_from_open_channel(&msg.common_fields, their_features, our_supported_features)?;
8141 let counterparty_pubkeys = ChannelPublicKeys {
8142 funding_pubkey: msg.common_fields.funding_pubkey,
8143 revocation_basepoint: RevocationBasepoint(msg.common_fields.revocation_basepoint),
8144 payment_point: msg.common_fields.payment_basepoint,
8145 delayed_payment_basepoint: DelayedPaymentBasepoint(msg.common_fields.delayed_payment_basepoint),
8146 htlc_basepoint: HtlcBasepoint(msg.common_fields.htlc_basepoint)
8149 let mut context = ChannelContext::new_for_inbound_channel(
8153 counterparty_node_id,
8157 current_chain_height,
8163 counterparty_pubkeys,
8165 holder_selected_channel_reserve_satoshis,
8166 counterparty_selected_channel_reserve_satoshis,
8167 0 /* push_msat not used in dual-funding */,
8168 msg.common_fields.clone(),
8170 let channel_id = ChannelId::v2_from_revocation_basepoints(
8171 &context.get_holder_pubkeys().revocation_basepoint,
8172 &context.get_counterparty_pubkeys().revocation_basepoint);
8173 context.channel_id = channel_id;
8177 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 },
8178 dual_funding_context: DualFundingChannelContext {
8179 our_funding_satoshis: funding_satoshis,
8180 their_funding_satoshis: msg.common_fields.funding_satoshis,
8181 funding_tx_locktime: msg.locktime,
8182 funding_feerate_sat_per_1000_weight: msg.funding_feerate_sat_per_1000_weight,
8189 /// Marks an inbound channel as accepted and generates a [`msgs::AcceptChannelV2`] message which
8190 /// should be sent back to the counterparty node.
8192 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8193 pub fn accept_inbound_dual_funded_channel(&mut self) -> msgs::AcceptChannelV2 {
8194 if self.context.is_outbound() {
8195 debug_assert!(false, "Tried to send accept_channel for an outbound channel?");
8198 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
8199 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
8201 debug_assert!(false, "Tried to send accept_channel2 after channel had moved forward");
8203 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
8204 debug_assert!(false, "Tried to send an accept_channel2 for a channel that has already advanced");
8207 self.generate_accept_channel_v2_message()
8210 /// This function is used to explicitly generate a [`msgs::AcceptChannel`] message for an
8211 /// inbound channel. If the intention is to accept an inbound channel, use
8212 /// [`InboundV1Channel::accept_inbound_channel`] instead.
8214 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8215 fn generate_accept_channel_v2_message(&self) -> msgs::AcceptChannelV2 {
8216 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(
8217 self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
8218 let second_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(
8219 self.context.cur_holder_commitment_transaction_number - 1, &self.context.secp_ctx);
8220 let keys = self.context.get_holder_pubkeys();
8222 msgs::AcceptChannelV2 {
8223 common_fields: msgs::CommonAcceptChannelFields {
8224 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
8225 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
8226 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
8227 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
8228 minimum_depth: self.context.minimum_depth.unwrap(),
8229 to_self_delay: self.context.get_holder_selected_contest_delay(),
8230 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
8231 funding_pubkey: keys.funding_pubkey,
8232 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
8233 payment_basepoint: keys.payment_point,
8234 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
8235 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
8236 first_per_commitment_point,
8237 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
8238 Some(script) => script.clone().into_inner(),
8239 None => Builder::new().into_script(),
8241 channel_type: Some(self.context.channel_type.clone()),
8243 funding_satoshis: self.dual_funding_context.our_funding_satoshis,
8244 second_per_commitment_point,
8245 require_confirmed_inputs: None,
8249 /// Enables the possibility for tests to extract a [`msgs::AcceptChannelV2`] message for an
8250 /// inbound channel without accepting it.
8252 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8254 pub fn get_accept_channel_v2_message(&self) -> msgs::AcceptChannelV2 {
8255 self.generate_accept_channel_v2_message()
8259 // Unfunded channel utilities
8261 fn get_initial_channel_type(config: &UserConfig, their_features: &InitFeatures) -> ChannelTypeFeatures {
8262 // The default channel type (ie the first one we try) depends on whether the channel is
8263 // public - if it is, we just go with `only_static_remotekey` as it's the only option
8264 // available. If it's private, we first try `scid_privacy` as it provides better privacy
8265 // with no other changes, and fall back to `only_static_remotekey`.
8266 let mut ret = ChannelTypeFeatures::only_static_remote_key();
8267 if !config.channel_handshake_config.announced_channel &&
8268 config.channel_handshake_config.negotiate_scid_privacy &&
8269 their_features.supports_scid_privacy() {
8270 ret.set_scid_privacy_required();
8273 // Optionally, if the user would like to negotiate the `anchors_zero_fee_htlc_tx` option, we
8274 // set it now. If they don't understand it, we'll fall back to our default of
8275 // `only_static_remotekey`.
8276 if config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx &&
8277 their_features.supports_anchors_zero_fee_htlc_tx() {
8278 ret.set_anchors_zero_fee_htlc_tx_required();
8284 const SERIALIZATION_VERSION: u8 = 4;
8285 const MIN_SERIALIZATION_VERSION: u8 = 3;
8287 impl_writeable_tlv_based_enum!(InboundHTLCRemovalReason,;
8293 impl Writeable for ChannelUpdateStatus {
8294 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8295 // We only care about writing out the current state as it was announced, ie only either
8296 // Enabled or Disabled. In the case of DisabledStaged, we most recently announced the
8297 // channel as enabled, so we write 0. For EnabledStaged, we similarly write a 1.
8299 ChannelUpdateStatus::Enabled => 0u8.write(writer)?,
8300 ChannelUpdateStatus::DisabledStaged(_) => 0u8.write(writer)?,
8301 ChannelUpdateStatus::EnabledStaged(_) => 1u8.write(writer)?,
8302 ChannelUpdateStatus::Disabled => 1u8.write(writer)?,
8308 impl Readable for ChannelUpdateStatus {
8309 fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
8310 Ok(match <u8 as Readable>::read(reader)? {
8311 0 => ChannelUpdateStatus::Enabled,
8312 1 => ChannelUpdateStatus::Disabled,
8313 _ => return Err(DecodeError::InvalidValue),
8318 impl Writeable for AnnouncementSigsState {
8319 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8320 // We only care about writing out the current state as if we had just disconnected, at
8321 // which point we always set anything but AnnouncementSigsReceived to NotSent.
8323 AnnouncementSigsState::NotSent => 0u8.write(writer),
8324 AnnouncementSigsState::MessageSent => 0u8.write(writer),
8325 AnnouncementSigsState::Committed => 0u8.write(writer),
8326 AnnouncementSigsState::PeerReceived => 1u8.write(writer),
8331 impl Readable for AnnouncementSigsState {
8332 fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
8333 Ok(match <u8 as Readable>::read(reader)? {
8334 0 => AnnouncementSigsState::NotSent,
8335 1 => AnnouncementSigsState::PeerReceived,
8336 _ => return Err(DecodeError::InvalidValue),
8341 impl<SP: Deref> Writeable for Channel<SP> where SP::Target: SignerProvider {
8342 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8343 // Note that we write out as if remove_uncommitted_htlcs_and_mark_paused had just been
8346 let version_to_write = if self.context.pending_inbound_htlcs.iter().any(|htlc| match htlc.state {
8347 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref htlc_resolution)|
8348 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(ref htlc_resolution) => {
8349 matches!(htlc_resolution, InboundHTLCResolution::Pending { .. })
8353 SERIALIZATION_VERSION
8355 MIN_SERIALIZATION_VERSION
8357 write_ver_prefix!(writer, version_to_write, MIN_SERIALIZATION_VERSION);
8359 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8360 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We write
8361 // the low bytes now and the optional high bytes later.
8362 let user_id_low = self.context.user_id as u64;
8363 user_id_low.write(writer)?;
8365 // Version 1 deserializers expected to read parts of the config object here. Version 2
8366 // deserializers (0.0.99) now read config through TLVs, and as we now require them for
8367 // `minimum_depth` we simply write dummy values here.
8368 writer.write_all(&[0; 8])?;
8370 self.context.channel_id.write(writer)?;
8372 let mut channel_state = self.context.channel_state;
8373 if matches!(channel_state, ChannelState::AwaitingChannelReady(_)|ChannelState::ChannelReady(_)) {
8374 channel_state.set_peer_disconnected();
8376 debug_assert!(false, "Pre-funded/shutdown channels should not be written");
8378 channel_state.to_u32().write(writer)?;
8380 self.context.channel_value_satoshis.write(writer)?;
8382 self.context.latest_monitor_update_id.write(writer)?;
8384 // Write out the old serialization for shutdown_pubkey for backwards compatibility, if
8385 // deserialized from that format.
8386 match self.context.shutdown_scriptpubkey.as_ref().and_then(|script| script.as_legacy_pubkey()) {
8387 Some(shutdown_pubkey) => shutdown_pubkey.write(writer)?,
8388 None => [0u8; PUBLIC_KEY_SIZE].write(writer)?,
8390 self.context.destination_script.write(writer)?;
8392 self.context.cur_holder_commitment_transaction_number.write(writer)?;
8393 self.context.cur_counterparty_commitment_transaction_number.write(writer)?;
8394 self.context.value_to_self_msat.write(writer)?;
8396 let mut dropped_inbound_htlcs = 0;
8397 for htlc in self.context.pending_inbound_htlcs.iter() {
8398 if let InboundHTLCState::RemoteAnnounced(_) = htlc.state {
8399 dropped_inbound_htlcs += 1;
8402 (self.context.pending_inbound_htlcs.len() as u64 - dropped_inbound_htlcs).write(writer)?;
8403 for htlc in self.context.pending_inbound_htlcs.iter() {
8404 if let &InboundHTLCState::RemoteAnnounced(_) = &htlc.state {
8407 htlc.htlc_id.write(writer)?;
8408 htlc.amount_msat.write(writer)?;
8409 htlc.cltv_expiry.write(writer)?;
8410 htlc.payment_hash.write(writer)?;
8412 &InboundHTLCState::RemoteAnnounced(_) => unreachable!(),
8413 &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref htlc_resolution) => {
8415 if version_to_write <= 3 {
8416 if let InboundHTLCResolution::Resolved { pending_htlc_status } = htlc_resolution {
8417 pending_htlc_status.write(writer)?;
8422 htlc_resolution.write(writer)?;
8425 &InboundHTLCState::AwaitingAnnouncedRemoteRevoke(ref htlc_resolution) => {
8427 if version_to_write <= 3 {
8428 if let InboundHTLCResolution::Resolved { pending_htlc_status } = htlc_resolution {
8429 pending_htlc_status.write(writer)?;
8434 htlc_resolution.write(writer)?;
8437 &InboundHTLCState::Committed => {
8440 &InboundHTLCState::LocalRemoved(ref removal_reason) => {
8442 removal_reason.write(writer)?;
8447 let mut preimages: Vec<&Option<PaymentPreimage>> = vec![];
8448 let mut pending_outbound_skimmed_fees: Vec<Option<u64>> = Vec::new();
8449 let mut pending_outbound_blinding_points: Vec<Option<PublicKey>> = Vec::new();
8451 (self.context.pending_outbound_htlcs.len() as u64).write(writer)?;
8452 for htlc in self.context.pending_outbound_htlcs.iter() {
8453 htlc.htlc_id.write(writer)?;
8454 htlc.amount_msat.write(writer)?;
8455 htlc.cltv_expiry.write(writer)?;
8456 htlc.payment_hash.write(writer)?;
8457 htlc.source.write(writer)?;
8459 &OutboundHTLCState::LocalAnnounced(ref onion_packet) => {
8461 onion_packet.write(writer)?;
8463 &OutboundHTLCState::Committed => {
8466 &OutboundHTLCState::RemoteRemoved(_) => {
8467 // Treat this as a Committed because we haven't received the CS - they'll
8468 // resend the claim/fail on reconnect as we all (hopefully) the missing CS.
8471 &OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref outcome) => {
8473 if let OutboundHTLCOutcome::Success(preimage) = outcome {
8474 preimages.push(preimage);
8476 let reason: Option<&HTLCFailReason> = outcome.into();
8477 reason.write(writer)?;
8479 &OutboundHTLCState::AwaitingRemovedRemoteRevoke(ref outcome) => {
8481 if let OutboundHTLCOutcome::Success(preimage) = outcome {
8482 preimages.push(preimage);
8484 let reason: Option<&HTLCFailReason> = outcome.into();
8485 reason.write(writer)?;
8488 pending_outbound_skimmed_fees.push(htlc.skimmed_fee_msat);
8489 pending_outbound_blinding_points.push(htlc.blinding_point);
8492 let mut holding_cell_skimmed_fees: Vec<Option<u64>> = Vec::new();
8493 let mut holding_cell_blinding_points: Vec<Option<PublicKey>> = Vec::new();
8494 // Vec of (htlc_id, failure_code, sha256_of_onion)
8495 let mut malformed_htlcs: Vec<(u64, u16, [u8; 32])> = Vec::new();
8496 (self.context.holding_cell_htlc_updates.len() as u64).write(writer)?;
8497 for update in self.context.holding_cell_htlc_updates.iter() {
8499 &HTLCUpdateAwaitingACK::AddHTLC {
8500 ref amount_msat, ref cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet,
8501 blinding_point, skimmed_fee_msat,
8504 amount_msat.write(writer)?;
8505 cltv_expiry.write(writer)?;
8506 payment_hash.write(writer)?;
8507 source.write(writer)?;
8508 onion_routing_packet.write(writer)?;
8510 holding_cell_skimmed_fees.push(skimmed_fee_msat);
8511 holding_cell_blinding_points.push(blinding_point);
8513 &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, ref htlc_id } => {
8515 payment_preimage.write(writer)?;
8516 htlc_id.write(writer)?;
8518 &HTLCUpdateAwaitingACK::FailHTLC { ref htlc_id, ref err_packet } => {
8520 htlc_id.write(writer)?;
8521 err_packet.write(writer)?;
8523 &HTLCUpdateAwaitingACK::FailMalformedHTLC {
8524 htlc_id, failure_code, sha256_of_onion
8526 // We don't want to break downgrading by adding a new variant, so write a dummy
8527 // `::FailHTLC` variant and write the real malformed error as an optional TLV.
8528 malformed_htlcs.push((htlc_id, failure_code, sha256_of_onion));
8530 let dummy_err_packet = msgs::OnionErrorPacket { data: Vec::new() };
8532 htlc_id.write(writer)?;
8533 dummy_err_packet.write(writer)?;
8538 match self.context.resend_order {
8539 RAACommitmentOrder::CommitmentFirst => 0u8.write(writer)?,
8540 RAACommitmentOrder::RevokeAndACKFirst => 1u8.write(writer)?,
8543 self.context.monitor_pending_channel_ready.write(writer)?;
8544 self.context.monitor_pending_revoke_and_ack.write(writer)?;
8545 self.context.monitor_pending_commitment_signed.write(writer)?;
8547 (self.context.monitor_pending_forwards.len() as u64).write(writer)?;
8548 for &(ref pending_forward, ref htlc_id) in self.context.monitor_pending_forwards.iter() {
8549 pending_forward.write(writer)?;
8550 htlc_id.write(writer)?;
8553 (self.context.monitor_pending_failures.len() as u64).write(writer)?;
8554 for &(ref htlc_source, ref payment_hash, ref fail_reason) in self.context.monitor_pending_failures.iter() {
8555 htlc_source.write(writer)?;
8556 payment_hash.write(writer)?;
8557 fail_reason.write(writer)?;
8560 if self.context.is_outbound() {
8561 self.context.pending_update_fee.map(|(a, _)| a).write(writer)?;
8562 } else if let Some((feerate, FeeUpdateState::AwaitingRemoteRevokeToAnnounce)) = self.context.pending_update_fee {
8563 Some(feerate).write(writer)?;
8565 // As for inbound HTLCs, if the update was only announced and never committed in a
8566 // commitment_signed, drop it.
8567 None::<u32>.write(writer)?;
8569 self.context.holding_cell_update_fee.write(writer)?;
8571 self.context.next_holder_htlc_id.write(writer)?;
8572 (self.context.next_counterparty_htlc_id - dropped_inbound_htlcs).write(writer)?;
8573 self.context.update_time_counter.write(writer)?;
8574 self.context.feerate_per_kw.write(writer)?;
8576 // Versions prior to 0.0.100 expected to read the fields of `last_sent_closing_fee` here,
8577 // however we are supposed to restart shutdown fee negotiation on reconnect (and wipe
8578 // `last_send_closing_fee` in `remove_uncommitted_htlcs_and_mark_paused`) so we should never
8579 // consider the stale state on reload.
8582 self.context.funding_tx_confirmed_in.write(writer)?;
8583 self.context.funding_tx_confirmation_height.write(writer)?;
8584 self.context.short_channel_id.write(writer)?;
8586 self.context.counterparty_dust_limit_satoshis.write(writer)?;
8587 self.context.holder_dust_limit_satoshis.write(writer)?;
8588 self.context.counterparty_max_htlc_value_in_flight_msat.write(writer)?;
8590 // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
8591 self.context.counterparty_selected_channel_reserve_satoshis.unwrap_or(0).write(writer)?;
8593 self.context.counterparty_htlc_minimum_msat.write(writer)?;
8594 self.context.holder_htlc_minimum_msat.write(writer)?;
8595 self.context.counterparty_max_accepted_htlcs.write(writer)?;
8597 // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
8598 self.context.minimum_depth.unwrap_or(0).write(writer)?;
8600 match &self.context.counterparty_forwarding_info {
8603 info.fee_base_msat.write(writer)?;
8604 info.fee_proportional_millionths.write(writer)?;
8605 info.cltv_expiry_delta.write(writer)?;
8607 None => 0u8.write(writer)?
8610 self.context.channel_transaction_parameters.write(writer)?;
8611 self.context.funding_transaction.write(writer)?;
8613 self.context.counterparty_cur_commitment_point.write(writer)?;
8614 self.context.counterparty_prev_commitment_point.write(writer)?;
8615 self.context.counterparty_node_id.write(writer)?;
8617 self.context.counterparty_shutdown_scriptpubkey.write(writer)?;
8619 self.context.commitment_secrets.write(writer)?;
8621 self.context.channel_update_status.write(writer)?;
8623 #[cfg(any(test, fuzzing))]
8624 (self.context.historical_inbound_htlc_fulfills.len() as u64).write(writer)?;
8625 #[cfg(any(test, fuzzing))]
8626 for htlc in self.context.historical_inbound_htlc_fulfills.iter() {
8627 htlc.write(writer)?;
8630 // If the channel type is something other than only-static-remote-key, then we need to have
8631 // older clients fail to deserialize this channel at all. If the type is
8632 // only-static-remote-key, we simply consider it "default" and don't write the channel type
8634 let chan_type = if self.context.channel_type != ChannelTypeFeatures::only_static_remote_key() {
8635 Some(&self.context.channel_type) } else { None };
8637 // The same logic applies for `holder_selected_channel_reserve_satoshis` values other than
8638 // the default, and when `holder_max_htlc_value_in_flight_msat` is configured to be set to
8639 // a different percentage of the channel value then 10%, which older versions of LDK used
8640 // to set it to before the percentage was made configurable.
8641 let serialized_holder_selected_reserve =
8642 if self.context.holder_selected_channel_reserve_satoshis != get_legacy_default_holder_selected_channel_reserve_satoshis(self.context.channel_value_satoshis)
8643 { Some(self.context.holder_selected_channel_reserve_satoshis) } else { None };
8645 let mut old_max_in_flight_percent_config = UserConfig::default().channel_handshake_config;
8646 old_max_in_flight_percent_config.max_inbound_htlc_value_in_flight_percent_of_channel = MAX_IN_FLIGHT_PERCENT_LEGACY;
8647 let serialized_holder_htlc_max_in_flight =
8648 if self.context.holder_max_htlc_value_in_flight_msat != get_holder_max_htlc_value_in_flight_msat(self.context.channel_value_satoshis, &old_max_in_flight_percent_config)
8649 { Some(self.context.holder_max_htlc_value_in_flight_msat) } else { None };
8651 let channel_pending_event_emitted = Some(self.context.channel_pending_event_emitted);
8652 let channel_ready_event_emitted = Some(self.context.channel_ready_event_emitted);
8654 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8655 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. Therefore,
8656 // we write the high bytes as an option here.
8657 let user_id_high_opt = Some((self.context.user_id >> 64) as u64);
8659 let holder_max_accepted_htlcs = if self.context.holder_max_accepted_htlcs == DEFAULT_MAX_HTLCS { None } else { Some(self.context.holder_max_accepted_htlcs) };
8661 let mut monitor_pending_update_adds = None;
8662 if !self.context.monitor_pending_update_adds.is_empty() {
8663 monitor_pending_update_adds = Some(&self.context.monitor_pending_update_adds);
8666 write_tlv_fields!(writer, {
8667 (0, self.context.announcement_sigs, option),
8668 // minimum_depth and counterparty_selected_channel_reserve_satoshis used to have a
8669 // default value instead of being Option<>al. Thus, to maintain compatibility we write
8670 // them twice, once with their original default values above, and once as an option
8671 // here. On the read side, old versions will simply ignore the odd-type entries here,
8672 // and new versions map the default values to None and allow the TLV entries here to
8674 (1, self.context.minimum_depth, option),
8675 (2, chan_type, option),
8676 (3, self.context.counterparty_selected_channel_reserve_satoshis, option),
8677 (4, serialized_holder_selected_reserve, option),
8678 (5, self.context.config, required),
8679 (6, serialized_holder_htlc_max_in_flight, option),
8680 (7, self.context.shutdown_scriptpubkey, option),
8681 (8, self.context.blocked_monitor_updates, optional_vec),
8682 (9, self.context.target_closing_feerate_sats_per_kw, option),
8683 (10, monitor_pending_update_adds, option), // Added in 0.0.122
8684 (11, self.context.monitor_pending_finalized_fulfills, required_vec),
8685 (13, self.context.channel_creation_height, required),
8686 (15, preimages, required_vec),
8687 (17, self.context.announcement_sigs_state, required),
8688 (19, self.context.latest_inbound_scid_alias, option),
8689 (21, self.context.outbound_scid_alias, required),
8690 (23, channel_ready_event_emitted, option),
8691 (25, user_id_high_opt, option),
8692 (27, self.context.channel_keys_id, required),
8693 (28, holder_max_accepted_htlcs, option),
8694 (29, self.context.temporary_channel_id, option),
8695 (31, channel_pending_event_emitted, option),
8696 (35, pending_outbound_skimmed_fees, optional_vec),
8697 (37, holding_cell_skimmed_fees, optional_vec),
8698 (38, self.context.is_batch_funding, option),
8699 (39, pending_outbound_blinding_points, optional_vec),
8700 (41, holding_cell_blinding_points, optional_vec),
8701 (43, malformed_htlcs, optional_vec), // Added in 0.0.119
8702 (45, self.context.local_initiated_shutdown, option), // Added in 0.0.122
8709 const MAX_ALLOC_SIZE: usize = 64*1024;
8710 impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c ChannelTypeFeatures)> for Channel<SP>
8712 ES::Target: EntropySource,
8713 SP::Target: SignerProvider
8715 fn read<R : io::Read>(reader: &mut R, args: (&'a ES, &'b SP, u32, &'c ChannelTypeFeatures)) -> Result<Self, DecodeError> {
8716 let (entropy_source, signer_provider, serialized_height, our_supported_features) = args;
8717 let ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
8719 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8720 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We read
8721 // the low bytes now and the high bytes later.
8722 let user_id_low: u64 = Readable::read(reader)?;
8724 let mut config = Some(LegacyChannelConfig::default());
8726 // Read the old serialization of the ChannelConfig from version 0.0.98.
8727 config.as_mut().unwrap().options.forwarding_fee_proportional_millionths = Readable::read(reader)?;
8728 config.as_mut().unwrap().options.cltv_expiry_delta = Readable::read(reader)?;
8729 config.as_mut().unwrap().announced_channel = Readable::read(reader)?;
8730 config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?;
8732 // Read the 8 bytes of backwards-compatibility ChannelConfig data.
8733 let mut _val: u64 = Readable::read(reader)?;
8736 let channel_id = Readable::read(reader)?;
8737 let channel_state = ChannelState::from_u32(Readable::read(reader)?).map_err(|_| DecodeError::InvalidValue)?;
8738 let channel_value_satoshis = Readable::read(reader)?;
8740 let latest_monitor_update_id = Readable::read(reader)?;
8742 let mut keys_data = None;
8744 // Read the serialize signer bytes. We'll choose to deserialize them or not based on whether
8745 // the `channel_keys_id` TLV is present below.
8746 let keys_len: u32 = Readable::read(reader)?;
8747 keys_data = Some(Vec::with_capacity(cmp::min(keys_len as usize, MAX_ALLOC_SIZE)));
8748 while keys_data.as_ref().unwrap().len() != keys_len as usize {
8749 // Read 1KB at a time to avoid accidentally allocating 4GB on corrupted channel keys
8750 let mut data = [0; 1024];
8751 let read_slice = &mut data[0..cmp::min(1024, keys_len as usize - keys_data.as_ref().unwrap().len())];
8752 reader.read_exact(read_slice)?;
8753 keys_data.as_mut().unwrap().extend_from_slice(read_slice);
8757 // Read the old serialization for shutdown_pubkey, preferring the TLV field later if set.
8758 let mut shutdown_scriptpubkey = match <PublicKey as Readable>::read(reader) {
8759 Ok(pubkey) => Some(ShutdownScript::new_p2wpkh_from_pubkey(pubkey)),
8762 let destination_script = Readable::read(reader)?;
8764 let cur_holder_commitment_transaction_number = Readable::read(reader)?;
8765 let cur_counterparty_commitment_transaction_number = Readable::read(reader)?;
8766 let value_to_self_msat = Readable::read(reader)?;
8768 let pending_inbound_htlc_count: u64 = Readable::read(reader)?;
8770 let mut pending_inbound_htlcs = Vec::with_capacity(cmp::min(pending_inbound_htlc_count as usize, DEFAULT_MAX_HTLCS as usize));
8771 for _ in 0..pending_inbound_htlc_count {
8772 pending_inbound_htlcs.push(InboundHTLCOutput {
8773 htlc_id: Readable::read(reader)?,
8774 amount_msat: Readable::read(reader)?,
8775 cltv_expiry: Readable::read(reader)?,
8776 payment_hash: Readable::read(reader)?,
8777 state: match <u8 as Readable>::read(reader)? {
8779 let resolution = if ver <= 3 {
8780 InboundHTLCResolution::Resolved { pending_htlc_status: Readable::read(reader)? }
8782 Readable::read(reader)?
8784 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(resolution)
8787 let resolution = if ver <= 3 {
8788 InboundHTLCResolution::Resolved { pending_htlc_status: Readable::read(reader)? }
8790 Readable::read(reader)?
8792 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution)
8794 3 => InboundHTLCState::Committed,
8795 4 => InboundHTLCState::LocalRemoved(Readable::read(reader)?),
8796 _ => return Err(DecodeError::InvalidValue),
8801 let pending_outbound_htlc_count: u64 = Readable::read(reader)?;
8802 let mut pending_outbound_htlcs = Vec::with_capacity(cmp::min(pending_outbound_htlc_count as usize, DEFAULT_MAX_HTLCS as usize));
8803 for _ in 0..pending_outbound_htlc_count {
8804 pending_outbound_htlcs.push(OutboundHTLCOutput {
8805 htlc_id: Readable::read(reader)?,
8806 amount_msat: Readable::read(reader)?,
8807 cltv_expiry: Readable::read(reader)?,
8808 payment_hash: Readable::read(reader)?,
8809 source: Readable::read(reader)?,
8810 state: match <u8 as Readable>::read(reader)? {
8811 0 => OutboundHTLCState::LocalAnnounced(Box::new(Readable::read(reader)?)),
8812 1 => OutboundHTLCState::Committed,
8814 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8815 OutboundHTLCState::RemoteRemoved(option.into())
8818 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8819 OutboundHTLCState::AwaitingRemoteRevokeToRemove(option.into())
8822 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8823 OutboundHTLCState::AwaitingRemovedRemoteRevoke(option.into())
8825 _ => return Err(DecodeError::InvalidValue),
8827 skimmed_fee_msat: None,
8828 blinding_point: None,
8832 let holding_cell_htlc_update_count: u64 = Readable::read(reader)?;
8833 let mut holding_cell_htlc_updates = Vec::with_capacity(cmp::min(holding_cell_htlc_update_count as usize, DEFAULT_MAX_HTLCS as usize*2));
8834 for _ in 0..holding_cell_htlc_update_count {
8835 holding_cell_htlc_updates.push(match <u8 as Readable>::read(reader)? {
8836 0 => HTLCUpdateAwaitingACK::AddHTLC {
8837 amount_msat: Readable::read(reader)?,
8838 cltv_expiry: Readable::read(reader)?,
8839 payment_hash: Readable::read(reader)?,
8840 source: Readable::read(reader)?,
8841 onion_routing_packet: Readable::read(reader)?,
8842 skimmed_fee_msat: None,
8843 blinding_point: None,
8845 1 => HTLCUpdateAwaitingACK::ClaimHTLC {
8846 payment_preimage: Readable::read(reader)?,
8847 htlc_id: Readable::read(reader)?,
8849 2 => HTLCUpdateAwaitingACK::FailHTLC {
8850 htlc_id: Readable::read(reader)?,
8851 err_packet: Readable::read(reader)?,
8853 _ => return Err(DecodeError::InvalidValue),
8857 let resend_order = match <u8 as Readable>::read(reader)? {
8858 0 => RAACommitmentOrder::CommitmentFirst,
8859 1 => RAACommitmentOrder::RevokeAndACKFirst,
8860 _ => return Err(DecodeError::InvalidValue),
8863 let monitor_pending_channel_ready = Readable::read(reader)?;
8864 let monitor_pending_revoke_and_ack = Readable::read(reader)?;
8865 let monitor_pending_commitment_signed = Readable::read(reader)?;
8867 let monitor_pending_forwards_count: u64 = Readable::read(reader)?;
8868 let mut monitor_pending_forwards = Vec::with_capacity(cmp::min(monitor_pending_forwards_count as usize, DEFAULT_MAX_HTLCS as usize));
8869 for _ in 0..monitor_pending_forwards_count {
8870 monitor_pending_forwards.push((Readable::read(reader)?, Readable::read(reader)?));
8873 let monitor_pending_failures_count: u64 = Readable::read(reader)?;
8874 let mut monitor_pending_failures = Vec::with_capacity(cmp::min(monitor_pending_failures_count as usize, DEFAULT_MAX_HTLCS as usize));
8875 for _ in 0..monitor_pending_failures_count {
8876 monitor_pending_failures.push((Readable::read(reader)?, Readable::read(reader)?, Readable::read(reader)?));
8879 let pending_update_fee_value: Option<u32> = Readable::read(reader)?;
8881 let holding_cell_update_fee = Readable::read(reader)?;
8883 let next_holder_htlc_id = Readable::read(reader)?;
8884 let next_counterparty_htlc_id = Readable::read(reader)?;
8885 let update_time_counter = Readable::read(reader)?;
8886 let feerate_per_kw = Readable::read(reader)?;
8888 // Versions prior to 0.0.100 expected to read the fields of `last_sent_closing_fee` here,
8889 // however we are supposed to restart shutdown fee negotiation on reconnect (and wipe
8890 // `last_send_closing_fee` in `remove_uncommitted_htlcs_and_mark_paused`) so we should never
8891 // consider the stale state on reload.
8892 match <u8 as Readable>::read(reader)? {
8895 let _: u32 = Readable::read(reader)?;
8896 let _: u64 = Readable::read(reader)?;
8897 let _: Signature = Readable::read(reader)?;
8899 _ => return Err(DecodeError::InvalidValue),
8902 let funding_tx_confirmed_in = Readable::read(reader)?;
8903 let funding_tx_confirmation_height = Readable::read(reader)?;
8904 let short_channel_id = Readable::read(reader)?;
8906 let counterparty_dust_limit_satoshis = Readable::read(reader)?;
8907 let holder_dust_limit_satoshis = Readable::read(reader)?;
8908 let counterparty_max_htlc_value_in_flight_msat = Readable::read(reader)?;
8909 let mut counterparty_selected_channel_reserve_satoshis = None;
8911 // Read the old serialization from version 0.0.98.
8912 counterparty_selected_channel_reserve_satoshis = Some(Readable::read(reader)?);
8914 // Read the 8 bytes of backwards-compatibility data.
8915 let _dummy: u64 = Readable::read(reader)?;
8917 let counterparty_htlc_minimum_msat = Readable::read(reader)?;
8918 let holder_htlc_minimum_msat = Readable::read(reader)?;
8919 let counterparty_max_accepted_htlcs = Readable::read(reader)?;
8921 let mut minimum_depth = None;
8923 // Read the old serialization from version 0.0.98.
8924 minimum_depth = Some(Readable::read(reader)?);
8926 // Read the 4 bytes of backwards-compatibility data.
8927 let _dummy: u32 = Readable::read(reader)?;
8930 let counterparty_forwarding_info = match <u8 as Readable>::read(reader)? {
8932 1 => Some(CounterpartyForwardingInfo {
8933 fee_base_msat: Readable::read(reader)?,
8934 fee_proportional_millionths: Readable::read(reader)?,
8935 cltv_expiry_delta: Readable::read(reader)?,
8937 _ => return Err(DecodeError::InvalidValue),
8940 let mut channel_parameters: ChannelTransactionParameters = Readable::read(reader)?;
8941 let funding_transaction: Option<Transaction> = Readable::read(reader)?;
8943 let counterparty_cur_commitment_point = Readable::read(reader)?;
8945 let counterparty_prev_commitment_point = Readable::read(reader)?;
8946 let counterparty_node_id = Readable::read(reader)?;
8948 let counterparty_shutdown_scriptpubkey = Readable::read(reader)?;
8949 let commitment_secrets = Readable::read(reader)?;
8951 let channel_update_status = Readable::read(reader)?;
8953 #[cfg(any(test, fuzzing))]
8954 let mut historical_inbound_htlc_fulfills = new_hash_set();
8955 #[cfg(any(test, fuzzing))]
8957 let htlc_fulfills_len: u64 = Readable::read(reader)?;
8958 for _ in 0..htlc_fulfills_len {
8959 assert!(historical_inbound_htlc_fulfills.insert(Readable::read(reader)?));
8963 let pending_update_fee = if let Some(feerate) = pending_update_fee_value {
8964 Some((feerate, if channel_parameters.is_outbound_from_holder {
8965 FeeUpdateState::Outbound
8967 FeeUpdateState::AwaitingRemoteRevokeToAnnounce
8973 let mut announcement_sigs = None;
8974 let mut target_closing_feerate_sats_per_kw = None;
8975 let mut monitor_pending_finalized_fulfills = Some(Vec::new());
8976 let mut holder_selected_channel_reserve_satoshis = Some(get_legacy_default_holder_selected_channel_reserve_satoshis(channel_value_satoshis));
8977 let mut holder_max_htlc_value_in_flight_msat = Some(get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &UserConfig::default().channel_handshake_config));
8978 // Prior to supporting channel type negotiation, all of our channels were static_remotekey
8979 // only, so we default to that if none was written.
8980 let mut channel_type = Some(ChannelTypeFeatures::only_static_remote_key());
8981 let mut channel_creation_height = Some(serialized_height);
8982 let mut preimages_opt: Option<Vec<Option<PaymentPreimage>>> = None;
8984 // If we read an old Channel, for simplicity we just treat it as "we never sent an
8985 // AnnouncementSignatures" which implies we'll re-send it on reconnect, but that's fine.
8986 let mut announcement_sigs_state = Some(AnnouncementSigsState::NotSent);
8987 let mut latest_inbound_scid_alias = None;
8988 let mut outbound_scid_alias = None;
8989 let mut channel_pending_event_emitted = None;
8990 let mut channel_ready_event_emitted = None;
8992 let mut user_id_high_opt: Option<u64> = None;
8993 let mut channel_keys_id: Option<[u8; 32]> = None;
8994 let mut temporary_channel_id: Option<ChannelId> = None;
8995 let mut holder_max_accepted_htlcs: Option<u16> = None;
8997 let mut blocked_monitor_updates = Some(Vec::new());
8999 let mut pending_outbound_skimmed_fees_opt: Option<Vec<Option<u64>>> = None;
9000 let mut holding_cell_skimmed_fees_opt: Option<Vec<Option<u64>>> = None;
9002 let mut is_batch_funding: Option<()> = None;
9004 let mut local_initiated_shutdown: Option<()> = None;
9006 let mut pending_outbound_blinding_points_opt: Option<Vec<Option<PublicKey>>> = None;
9007 let mut holding_cell_blinding_points_opt: Option<Vec<Option<PublicKey>>> = None;
9009 let mut malformed_htlcs: Option<Vec<(u64, u16, [u8; 32])>> = None;
9010 let mut monitor_pending_update_adds: Option<Vec<msgs::UpdateAddHTLC>> = None;
9012 read_tlv_fields!(reader, {
9013 (0, announcement_sigs, option),
9014 (1, minimum_depth, option),
9015 (2, channel_type, option),
9016 (3, counterparty_selected_channel_reserve_satoshis, option),
9017 (4, holder_selected_channel_reserve_satoshis, option),
9018 (5, config, option), // Note that if none is provided we will *not* overwrite the existing one.
9019 (6, holder_max_htlc_value_in_flight_msat, option),
9020 (7, shutdown_scriptpubkey, option),
9021 (8, blocked_monitor_updates, optional_vec),
9022 (9, target_closing_feerate_sats_per_kw, option),
9023 (10, monitor_pending_update_adds, option), // Added in 0.0.122
9024 (11, monitor_pending_finalized_fulfills, optional_vec),
9025 (13, channel_creation_height, option),
9026 (15, preimages_opt, optional_vec),
9027 (17, announcement_sigs_state, option),
9028 (19, latest_inbound_scid_alias, option),
9029 (21, outbound_scid_alias, option),
9030 (23, channel_ready_event_emitted, option),
9031 (25, user_id_high_opt, option),
9032 (27, channel_keys_id, option),
9033 (28, holder_max_accepted_htlcs, option),
9034 (29, temporary_channel_id, option),
9035 (31, channel_pending_event_emitted, option),
9036 (35, pending_outbound_skimmed_fees_opt, optional_vec),
9037 (37, holding_cell_skimmed_fees_opt, optional_vec),
9038 (38, is_batch_funding, option),
9039 (39, pending_outbound_blinding_points_opt, optional_vec),
9040 (41, holding_cell_blinding_points_opt, optional_vec),
9041 (43, malformed_htlcs, optional_vec), // Added in 0.0.119
9042 (45, local_initiated_shutdown, option),
9045 let (channel_keys_id, holder_signer) = if let Some(channel_keys_id) = channel_keys_id {
9046 let mut holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
9047 // If we've gotten to the funding stage of the channel, populate the signer with its
9048 // required channel parameters.
9049 if channel_state >= ChannelState::FundingNegotiated {
9050 holder_signer.provide_channel_parameters(&channel_parameters);
9052 (channel_keys_id, holder_signer)
9054 // `keys_data` can be `None` if we had corrupted data.
9055 let keys_data = keys_data.ok_or(DecodeError::InvalidValue)?;
9056 let holder_signer = signer_provider.read_chan_signer(&keys_data)?;
9057 (holder_signer.channel_keys_id(), holder_signer)
9060 if let Some(preimages) = preimages_opt {
9061 let mut iter = preimages.into_iter();
9062 for htlc in pending_outbound_htlcs.iter_mut() {
9064 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(None)) => {
9065 htlc.state = OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(iter.next().ok_or(DecodeError::InvalidValue)?));
9067 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(None)) => {
9068 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(iter.next().ok_or(DecodeError::InvalidValue)?));
9073 // We expect all preimages to be consumed above
9074 if iter.next().is_some() {
9075 return Err(DecodeError::InvalidValue);
9079 let chan_features = channel_type.as_ref().unwrap();
9080 if !chan_features.is_subset(our_supported_features) {
9081 // If the channel was written by a new version and negotiated with features we don't
9082 // understand yet, refuse to read it.
9083 return Err(DecodeError::UnknownRequiredFeature);
9086 // ChannelTransactionParameters may have had an empty features set upon deserialization.
9087 // To account for that, we're proactively setting/overriding the field here.
9088 channel_parameters.channel_type_features = chan_features.clone();
9090 let mut secp_ctx = Secp256k1::new();
9091 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
9093 // `user_id` used to be a single u64 value. In order to remain backwards
9094 // compatible with versions prior to 0.0.113, the u128 is serialized as two
9095 // separate u64 values.
9096 let user_id = user_id_low as u128 + ((user_id_high_opt.unwrap_or(0) as u128) << 64);
9098 let holder_max_accepted_htlcs = holder_max_accepted_htlcs.unwrap_or(DEFAULT_MAX_HTLCS);
9100 if let Some(skimmed_fees) = pending_outbound_skimmed_fees_opt {
9101 let mut iter = skimmed_fees.into_iter();
9102 for htlc in pending_outbound_htlcs.iter_mut() {
9103 htlc.skimmed_fee_msat = iter.next().ok_or(DecodeError::InvalidValue)?;
9105 // We expect all skimmed fees to be consumed above
9106 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9108 if let Some(skimmed_fees) = holding_cell_skimmed_fees_opt {
9109 let mut iter = skimmed_fees.into_iter();
9110 for htlc in holding_cell_htlc_updates.iter_mut() {
9111 if let HTLCUpdateAwaitingACK::AddHTLC { ref mut skimmed_fee_msat, .. } = htlc {
9112 *skimmed_fee_msat = iter.next().ok_or(DecodeError::InvalidValue)?;
9115 // We expect all skimmed fees to be consumed above
9116 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9118 if let Some(blinding_pts) = pending_outbound_blinding_points_opt {
9119 let mut iter = blinding_pts.into_iter();
9120 for htlc in pending_outbound_htlcs.iter_mut() {
9121 htlc.blinding_point = iter.next().ok_or(DecodeError::InvalidValue)?;
9123 // We expect all blinding points to be consumed above
9124 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9126 if let Some(blinding_pts) = holding_cell_blinding_points_opt {
9127 let mut iter = blinding_pts.into_iter();
9128 for htlc in holding_cell_htlc_updates.iter_mut() {
9129 if let HTLCUpdateAwaitingACK::AddHTLC { ref mut blinding_point, .. } = htlc {
9130 *blinding_point = iter.next().ok_or(DecodeError::InvalidValue)?;
9133 // We expect all blinding points to be consumed above
9134 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9137 if let Some(malformed_htlcs) = malformed_htlcs {
9138 for (malformed_htlc_id, failure_code, sha256_of_onion) in malformed_htlcs {
9139 let htlc_idx = holding_cell_htlc_updates.iter().position(|htlc| {
9140 if let HTLCUpdateAwaitingACK::FailHTLC { htlc_id, err_packet } = htlc {
9141 let matches = *htlc_id == malformed_htlc_id;
9142 if matches { debug_assert!(err_packet.data.is_empty()) }
9145 }).ok_or(DecodeError::InvalidValue)?;
9146 let malformed_htlc = HTLCUpdateAwaitingACK::FailMalformedHTLC {
9147 htlc_id: malformed_htlc_id, failure_code, sha256_of_onion
9149 let _ = core::mem::replace(&mut holding_cell_htlc_updates[htlc_idx], malformed_htlc);
9154 context: ChannelContext {
9157 config: config.unwrap(),
9161 // Note that we don't care about serializing handshake limits as we only ever serialize
9162 // channel data after the handshake has completed.
9163 inbound_handshake_limits_override: None,
9166 temporary_channel_id,
9168 announcement_sigs_state: announcement_sigs_state.unwrap(),
9170 channel_value_satoshis,
9172 latest_monitor_update_id,
9174 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
9175 shutdown_scriptpubkey,
9178 cur_holder_commitment_transaction_number,
9179 cur_counterparty_commitment_transaction_number,
9182 holder_max_accepted_htlcs,
9183 pending_inbound_htlcs,
9184 pending_outbound_htlcs,
9185 holding_cell_htlc_updates,
9189 monitor_pending_channel_ready,
9190 monitor_pending_revoke_and_ack,
9191 monitor_pending_commitment_signed,
9192 monitor_pending_forwards,
9193 monitor_pending_failures,
9194 monitor_pending_finalized_fulfills: monitor_pending_finalized_fulfills.unwrap(),
9195 monitor_pending_update_adds: monitor_pending_update_adds.unwrap_or(Vec::new()),
9197 signer_pending_commitment_update: false,
9198 signer_pending_funding: false,
9201 holding_cell_update_fee,
9202 next_holder_htlc_id,
9203 next_counterparty_htlc_id,
9204 update_time_counter,
9207 #[cfg(debug_assertions)]
9208 holder_max_commitment_tx_output: Mutex::new((0, 0)),
9209 #[cfg(debug_assertions)]
9210 counterparty_max_commitment_tx_output: Mutex::new((0, 0)),
9212 last_sent_closing_fee: None,
9213 pending_counterparty_closing_signed: None,
9214 expecting_peer_commitment_signed: false,
9215 closing_fee_limits: None,
9216 target_closing_feerate_sats_per_kw,
9218 funding_tx_confirmed_in,
9219 funding_tx_confirmation_height,
9221 channel_creation_height: channel_creation_height.unwrap(),
9223 counterparty_dust_limit_satoshis,
9224 holder_dust_limit_satoshis,
9225 counterparty_max_htlc_value_in_flight_msat,
9226 holder_max_htlc_value_in_flight_msat: holder_max_htlc_value_in_flight_msat.unwrap(),
9227 counterparty_selected_channel_reserve_satoshis,
9228 holder_selected_channel_reserve_satoshis: holder_selected_channel_reserve_satoshis.unwrap(),
9229 counterparty_htlc_minimum_msat,
9230 holder_htlc_minimum_msat,
9231 counterparty_max_accepted_htlcs,
9234 counterparty_forwarding_info,
9236 channel_transaction_parameters: channel_parameters,
9237 funding_transaction,
9240 counterparty_cur_commitment_point,
9241 counterparty_prev_commitment_point,
9242 counterparty_node_id,
9244 counterparty_shutdown_scriptpubkey,
9248 channel_update_status,
9249 closing_signed_in_flight: false,
9253 #[cfg(any(test, fuzzing))]
9254 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
9255 #[cfg(any(test, fuzzing))]
9256 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
9258 workaround_lnd_bug_4006: None,
9259 sent_message_awaiting_response: None,
9261 latest_inbound_scid_alias,
9262 // Later in the ChannelManager deserialization phase we scan for channels and assign scid aliases if its missing
9263 outbound_scid_alias: outbound_scid_alias.unwrap_or(0),
9265 channel_pending_event_emitted: channel_pending_event_emitted.unwrap_or(true),
9266 channel_ready_event_emitted: channel_ready_event_emitted.unwrap_or(true),
9268 #[cfg(any(test, fuzzing))]
9269 historical_inbound_htlc_fulfills,
9271 channel_type: channel_type.unwrap(),
9274 local_initiated_shutdown,
9276 blocked_monitor_updates: blocked_monitor_updates.unwrap(),
9278 #[cfg(dual_funding)]
9279 dual_funding_channel_context: None,
9287 use bitcoin::blockdata::constants::ChainHash;
9288 use bitcoin::blockdata::script::{ScriptBuf, Builder};
9289 use bitcoin::blockdata::transaction::{Transaction, TxOut};
9290 use bitcoin::blockdata::opcodes;
9291 use bitcoin::network::constants::Network;
9292 use crate::ln::onion_utils::INVALID_ONION_BLINDING;
9293 use crate::ln::{PaymentHash, PaymentPreimage};
9294 use crate::ln::channel_keys::{RevocationKey, RevocationBasepoint};
9295 use crate::ln::channelmanager::{self, HTLCSource, PaymentId};
9296 use crate::ln::channel::InitFeatures;
9297 use crate::ln::channel::{AwaitingChannelReadyFlags, Channel, ChannelState, InboundHTLCOutput, OutboundV1Channel, InboundV1Channel, OutboundHTLCOutput, InboundHTLCState, OutboundHTLCState, HTLCCandidate, HTLCInitiator, HTLCUpdateAwaitingACK, commit_tx_fee_msat};
9298 use crate::ln::channel::{MAX_FUNDING_SATOSHIS_NO_WUMBO, TOTAL_BITCOIN_SUPPLY_SATOSHIS, MIN_THEIR_CHAN_RESERVE_SATOSHIS};
9299 use crate::ln::features::{ChannelFeatures, ChannelTypeFeatures, NodeFeatures};
9300 use crate::ln::msgs;
9301 use crate::ln::msgs::{ChannelUpdate, DecodeError, UnsignedChannelUpdate, MAX_VALUE_MSAT};
9302 use crate::ln::script::ShutdownScript;
9303 use crate::ln::chan_utils::{self, htlc_success_tx_weight, htlc_timeout_tx_weight};
9304 use crate::chain::BestBlock;
9305 use crate::chain::chaininterface::{FeeEstimator, LowerBoundedFeeEstimator, ConfirmationTarget};
9306 use crate::sign::{ChannelSigner, InMemorySigner, EntropySource, SignerProvider};
9307 use crate::chain::transaction::OutPoint;
9308 use crate::routing::router::{Path, RouteHop};
9309 use crate::util::config::UserConfig;
9310 use crate::util::errors::APIError;
9311 use crate::util::ser::{ReadableArgs, Writeable};
9312 use crate::util::test_utils;
9313 use crate::util::test_utils::{OnGetShutdownScriptpubkey, TestKeysInterface};
9314 use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
9315 use bitcoin::secp256k1::ffi::Signature as FFISignature;
9316 use bitcoin::secp256k1::{SecretKey,PublicKey};
9317 use bitcoin::hashes::sha256::Hash as Sha256;
9318 use bitcoin::hashes::Hash;
9319 use bitcoin::hashes::hex::FromHex;
9320 use bitcoin::hash_types::WPubkeyHash;
9321 use bitcoin::blockdata::locktime::absolute::LockTime;
9322 use bitcoin::address::{WitnessProgram, WitnessVersion};
9323 use crate::prelude::*;
9326 fn test_channel_state_order() {
9327 use crate::ln::channel::NegotiatingFundingFlags;
9328 use crate::ln::channel::AwaitingChannelReadyFlags;
9329 use crate::ln::channel::ChannelReadyFlags;
9331 assert!(ChannelState::NegotiatingFunding(NegotiatingFundingFlags::new()) < ChannelState::FundingNegotiated);
9332 assert!(ChannelState::FundingNegotiated < ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new()));
9333 assert!(ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new()) < ChannelState::ChannelReady(ChannelReadyFlags::new()));
9334 assert!(ChannelState::ChannelReady(ChannelReadyFlags::new()) < ChannelState::ShutdownComplete);
9337 struct TestFeeEstimator {
9340 impl FeeEstimator for TestFeeEstimator {
9341 fn get_est_sat_per_1000_weight(&self, _: ConfirmationTarget) -> u32 {
9347 fn test_max_funding_satoshis_no_wumbo() {
9348 assert_eq!(TOTAL_BITCOIN_SUPPLY_SATOSHIS, 21_000_000 * 100_000_000);
9349 assert!(MAX_FUNDING_SATOSHIS_NO_WUMBO <= TOTAL_BITCOIN_SUPPLY_SATOSHIS,
9350 "MAX_FUNDING_SATOSHIS_NO_WUMBO is greater than all satoshis in existence");
9354 signer: InMemorySigner,
9357 impl EntropySource for Keys {
9358 fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] }
9361 impl SignerProvider for Keys {
9362 type EcdsaSigner = InMemorySigner;
9364 type TaprootSigner = InMemorySigner;
9366 fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] {
9367 self.signer.channel_keys_id()
9370 fn derive_channel_signer(&self, _channel_value_satoshis: u64, _channel_keys_id: [u8; 32]) -> Self::EcdsaSigner {
9374 fn read_chan_signer(&self, _data: &[u8]) -> Result<Self::EcdsaSigner, DecodeError> { panic!(); }
9376 fn get_destination_script(&self, _channel_keys_id: [u8; 32]) -> Result<ScriptBuf, ()> {
9377 let secp_ctx = Secp256k1::signing_only();
9378 let channel_monitor_claim_key = SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap();
9379 let channel_monitor_claim_key_hash = WPubkeyHash::hash(&PublicKey::from_secret_key(&secp_ctx, &channel_monitor_claim_key).serialize());
9380 Ok(Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0).push_slice(channel_monitor_claim_key_hash).into_script())
9383 fn get_shutdown_scriptpubkey(&self) -> Result<ShutdownScript, ()> {
9384 let secp_ctx = Secp256k1::signing_only();
9385 let channel_close_key = SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap();
9386 Ok(ShutdownScript::new_p2wpkh_from_pubkey(PublicKey::from_secret_key(&secp_ctx, &channel_close_key)))
9390 #[cfg(all(feature = "_test_vectors", not(feature = "grind_signatures")))]
9391 fn public_from_secret_hex(secp_ctx: &Secp256k1<bitcoin::secp256k1::All>, hex: &str) -> PublicKey {
9392 PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&<Vec<u8>>::from_hex(hex).unwrap()[..]).unwrap())
9396 fn upfront_shutdown_script_incompatibility() {
9397 let features = channelmanager::provided_init_features(&UserConfig::default()).clear_shutdown_anysegwit();
9398 let non_v0_segwit_shutdown_script = ShutdownScript::new_witness_program(
9399 &WitnessProgram::new(WitnessVersion::V16, &[0, 40]).unwrap(),
9402 let seed = [42; 32];
9403 let network = Network::Testnet;
9404 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9405 keys_provider.expect(OnGetShutdownScriptpubkey {
9406 returns: non_v0_segwit_shutdown_script.clone(),
9409 let secp_ctx = Secp256k1::new();
9410 let node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9411 let config = UserConfig::default();
9412 match OutboundV1Channel::<&TestKeysInterface>::new(&LowerBoundedFeeEstimator::new(&TestFeeEstimator { fee_est: 253 }), &&keys_provider, &&keys_provider, node_id, &features, 10000000, 100000, 42, &config, 0, 42, None) {
9413 Err(APIError::IncompatibleShutdownScript { script }) => {
9414 assert_eq!(script.into_inner(), non_v0_segwit_shutdown_script.into_inner());
9416 Err(e) => panic!("Unexpected error: {:?}", e),
9417 Ok(_) => panic!("Expected error"),
9421 // Check that, during channel creation, we use the same feerate in the open channel message
9422 // as we do in the Channel object creation itself.
9424 fn test_open_channel_msg_fee() {
9425 let original_fee = 253;
9426 let mut fee_est = TestFeeEstimator{fee_est: original_fee };
9427 let bounded_fee_estimator = LowerBoundedFeeEstimator::new(&fee_est);
9428 let secp_ctx = Secp256k1::new();
9429 let seed = [42; 32];
9430 let network = Network::Testnet;
9431 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9433 let node_a_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9434 let config = UserConfig::default();
9435 let node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&bounded_fee_estimator, &&keys_provider, &&keys_provider, node_a_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9437 // Now change the fee so we can check that the fee in the open_channel message is the
9438 // same as the old fee.
9439 fee_est.fee_est = 500;
9440 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9441 assert_eq!(open_channel_msg.common_fields.commitment_feerate_sat_per_1000_weight, original_fee);
9445 fn test_holder_vs_counterparty_dust_limit() {
9446 // Test that when calculating the local and remote commitment transaction fees, the correct
9447 // dust limits are used.
9448 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9449 let secp_ctx = Secp256k1::new();
9450 let seed = [42; 32];
9451 let network = Network::Testnet;
9452 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9453 let logger = test_utils::TestLogger::new();
9454 let best_block = BestBlock::from_network(network);
9456 // Go through the flow of opening a channel between two nodes, making sure
9457 // they have different dust limits.
9459 // Create Node A's channel pointing to Node B's pubkey
9460 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9461 let config = UserConfig::default();
9462 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9464 // Create Node B's channel by receiving Node A's open_channel message
9465 // Make sure A's dust limit is as we expect.
9466 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9467 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9468 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9470 // Node B --> Node A: accept channel, explicitly setting B's dust limit.
9471 let mut accept_channel_msg = node_b_chan.accept_inbound_channel();
9472 accept_channel_msg.common_fields.dust_limit_satoshis = 546;
9473 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9474 node_a_chan.context.holder_dust_limit_satoshis = 1560;
9476 // Node A --> Node B: funding created
9477 let output_script = node_a_chan.context.get_funding_redeemscript();
9478 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9479 value: 10000000, script_pubkey: output_script.clone(),
9481 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9482 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9483 let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9485 // Node B --> Node A: funding signed
9486 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9487 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9489 // Put some inbound and outbound HTLCs in A's channel.
9490 let htlc_amount_msat = 11_092_000; // put an amount below A's effective dust limit but above B's.
9491 node_a_chan.context.pending_inbound_htlcs.push(InboundHTLCOutput {
9493 amount_msat: htlc_amount_msat,
9494 payment_hash: PaymentHash(Sha256::hash(&[42; 32]).to_byte_array()),
9495 cltv_expiry: 300000000,
9496 state: InboundHTLCState::Committed,
9499 node_a_chan.context.pending_outbound_htlcs.push(OutboundHTLCOutput {
9501 amount_msat: htlc_amount_msat, // put an amount below A's dust amount but above B's.
9502 payment_hash: PaymentHash(Sha256::hash(&[43; 32]).to_byte_array()),
9503 cltv_expiry: 200000000,
9504 state: OutboundHTLCState::Committed,
9505 source: HTLCSource::OutboundRoute {
9506 path: Path { hops: Vec::new(), blinded_tail: None },
9507 session_priv: SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(),
9508 first_hop_htlc_msat: 548,
9509 payment_id: PaymentId([42; 32]),
9511 skimmed_fee_msat: None,
9512 blinding_point: None,
9515 // Make sure when Node A calculates their local commitment transaction, none of the HTLCs pass
9516 // the dust limit check.
9517 let htlc_candidate = HTLCCandidate::new(htlc_amount_msat, HTLCInitiator::LocalOffered);
9518 let local_commit_tx_fee = node_a_chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9519 let local_commit_fee_0_htlcs = commit_tx_fee_msat(node_a_chan.context.feerate_per_kw, 0, node_a_chan.context.get_channel_type());
9520 assert_eq!(local_commit_tx_fee, local_commit_fee_0_htlcs);
9522 // Finally, make sure that when Node A calculates the remote's commitment transaction fees, all
9523 // of the HTLCs are seen to be above the dust limit.
9524 node_a_chan.context.channel_transaction_parameters.is_outbound_from_holder = false;
9525 let remote_commit_fee_3_htlcs = commit_tx_fee_msat(node_a_chan.context.feerate_per_kw, 3, node_a_chan.context.get_channel_type());
9526 let htlc_candidate = HTLCCandidate::new(htlc_amount_msat, HTLCInitiator::LocalOffered);
9527 let remote_commit_tx_fee = node_a_chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9528 assert_eq!(remote_commit_tx_fee, remote_commit_fee_3_htlcs);
9532 fn test_timeout_vs_success_htlc_dust_limit() {
9533 // Make sure that when `next_remote_commit_tx_fee_msat` and `next_local_commit_tx_fee_msat`
9534 // calculate the real dust limits for HTLCs (i.e. the dust limit given by the counterparty
9535 // *plus* the fees paid for the HTLC) they don't swap `HTLC_SUCCESS_TX_WEIGHT` for
9536 // `HTLC_TIMEOUT_TX_WEIGHT`, and vice versa.
9537 let fee_est = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 253 });
9538 let secp_ctx = Secp256k1::new();
9539 let seed = [42; 32];
9540 let network = Network::Testnet;
9541 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9543 let node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9544 let config = UserConfig::default();
9545 let mut chan = OutboundV1Channel::<&TestKeysInterface>::new(&fee_est, &&keys_provider, &&keys_provider, node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9547 let commitment_tx_fee_0_htlcs = commit_tx_fee_msat(chan.context.feerate_per_kw, 0, chan.context.get_channel_type());
9548 let commitment_tx_fee_1_htlc = commit_tx_fee_msat(chan.context.feerate_per_kw, 1, chan.context.get_channel_type());
9550 // If HTLC_SUCCESS_TX_WEIGHT and HTLC_TIMEOUT_TX_WEIGHT were swapped: then this HTLC would be
9551 // counted as dust when it shouldn't be.
9552 let htlc_amt_above_timeout = ((253 * htlc_timeout_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.holder_dust_limit_satoshis + 1) * 1000;
9553 let htlc_candidate = HTLCCandidate::new(htlc_amt_above_timeout, HTLCInitiator::LocalOffered);
9554 let commitment_tx_fee = chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9555 assert_eq!(commitment_tx_fee, commitment_tx_fee_1_htlc);
9557 // If swapped: this HTLC would be counted as non-dust when it shouldn't be.
9558 let dust_htlc_amt_below_success = ((253 * htlc_success_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.holder_dust_limit_satoshis - 1) * 1000;
9559 let htlc_candidate = HTLCCandidate::new(dust_htlc_amt_below_success, HTLCInitiator::RemoteOffered);
9560 let commitment_tx_fee = chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9561 assert_eq!(commitment_tx_fee, commitment_tx_fee_0_htlcs);
9563 chan.context.channel_transaction_parameters.is_outbound_from_holder = false;
9565 // If swapped: this HTLC would be counted as non-dust when it shouldn't be.
9566 let dust_htlc_amt_above_timeout = ((253 * htlc_timeout_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.counterparty_dust_limit_satoshis + 1) * 1000;
9567 let htlc_candidate = HTLCCandidate::new(dust_htlc_amt_above_timeout, HTLCInitiator::LocalOffered);
9568 let commitment_tx_fee = chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9569 assert_eq!(commitment_tx_fee, commitment_tx_fee_0_htlcs);
9571 // If swapped: this HTLC would be counted as dust when it shouldn't be.
9572 let htlc_amt_below_success = ((253 * htlc_success_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.counterparty_dust_limit_satoshis - 1) * 1000;
9573 let htlc_candidate = HTLCCandidate::new(htlc_amt_below_success, HTLCInitiator::RemoteOffered);
9574 let commitment_tx_fee = chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9575 assert_eq!(commitment_tx_fee, commitment_tx_fee_1_htlc);
9579 fn channel_reestablish_no_updates() {
9580 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9581 let logger = test_utils::TestLogger::new();
9582 let secp_ctx = Secp256k1::new();
9583 let seed = [42; 32];
9584 let network = Network::Testnet;
9585 let best_block = BestBlock::from_network(network);
9586 let chain_hash = ChainHash::using_genesis_block(network);
9587 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9589 // Go through the flow of opening a channel between two nodes.
9591 // Create Node A's channel pointing to Node B's pubkey
9592 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9593 let config = UserConfig::default();
9594 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9596 // Create Node B's channel by receiving Node A's open_channel message
9597 let open_channel_msg = node_a_chan.get_open_channel(chain_hash);
9598 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9599 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9601 // Node B --> Node A: accept channel
9602 let accept_channel_msg = node_b_chan.accept_inbound_channel();
9603 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9605 // Node A --> Node B: funding created
9606 let output_script = node_a_chan.context.get_funding_redeemscript();
9607 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9608 value: 10000000, script_pubkey: output_script.clone(),
9610 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9611 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9612 let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9614 // Node B --> Node A: funding signed
9615 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9616 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9618 // Now disconnect the two nodes and check that the commitment point in
9619 // Node B's channel_reestablish message is sane.
9620 assert!(node_b_chan.remove_uncommitted_htlcs_and_mark_paused(&&logger).is_ok());
9621 let msg = node_b_chan.get_channel_reestablish(&&logger);
9622 assert_eq!(msg.next_local_commitment_number, 1); // now called next_commitment_number
9623 assert_eq!(msg.next_remote_commitment_number, 0); // now called next_revocation_number
9624 assert_eq!(msg.your_last_per_commitment_secret, [0; 32]);
9626 // Check that the commitment point in Node A's channel_reestablish message
9628 assert!(node_a_chan.remove_uncommitted_htlcs_and_mark_paused(&&logger).is_ok());
9629 let msg = node_a_chan.get_channel_reestablish(&&logger);
9630 assert_eq!(msg.next_local_commitment_number, 1); // now called next_commitment_number
9631 assert_eq!(msg.next_remote_commitment_number, 0); // now called next_revocation_number
9632 assert_eq!(msg.your_last_per_commitment_secret, [0; 32]);
9636 fn test_configured_holder_max_htlc_value_in_flight() {
9637 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9638 let logger = test_utils::TestLogger::new();
9639 let secp_ctx = Secp256k1::new();
9640 let seed = [42; 32];
9641 let network = Network::Testnet;
9642 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9643 let outbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9644 let inbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9646 let mut config_2_percent = UserConfig::default();
9647 config_2_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 2;
9648 let mut config_99_percent = UserConfig::default();
9649 config_99_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 99;
9650 let mut config_0_percent = UserConfig::default();
9651 config_0_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 0;
9652 let mut config_101_percent = UserConfig::default();
9653 config_101_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 101;
9655 // Test that `OutboundV1Channel::new` creates a channel with the correct value for
9656 // `holder_max_htlc_value_in_flight_msat`, when configured with a valid percentage value,
9657 // which is set to the lower bound + 1 (2%) of the `channel_value`.
9658 let chan_1 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_2_percent), 10000000, 100000, 42, &config_2_percent, 0, 42, None).unwrap();
9659 let chan_1_value_msat = chan_1.context.channel_value_satoshis * 1000;
9660 assert_eq!(chan_1.context.holder_max_htlc_value_in_flight_msat, (chan_1_value_msat as f64 * 0.02) as u64);
9662 // Test with the upper bound - 1 of valid values (99%).
9663 let chan_2 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_99_percent), 10000000, 100000, 42, &config_99_percent, 0, 42, None).unwrap();
9664 let chan_2_value_msat = chan_2.context.channel_value_satoshis * 1000;
9665 assert_eq!(chan_2.context.holder_max_htlc_value_in_flight_msat, (chan_2_value_msat as f64 * 0.99) as u64);
9667 let chan_1_open_channel_msg = chan_1.get_open_channel(ChainHash::using_genesis_block(network));
9669 // Test that `InboundV1Channel::new` creates a channel with the correct value for
9670 // `holder_max_htlc_value_in_flight_msat`, when configured with a valid percentage value,
9671 // which is set to the lower bound - 1 (2%) of the `channel_value`.
9672 let chan_3 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_2_percent), &channelmanager::provided_init_features(&config_2_percent), &chan_1_open_channel_msg, 7, &config_2_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9673 let chan_3_value_msat = chan_3.context.channel_value_satoshis * 1000;
9674 assert_eq!(chan_3.context.holder_max_htlc_value_in_flight_msat, (chan_3_value_msat as f64 * 0.02) as u64);
9676 // Test with the upper bound - 1 of valid values (99%).
9677 let chan_4 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_99_percent), &channelmanager::provided_init_features(&config_99_percent), &chan_1_open_channel_msg, 7, &config_99_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9678 let chan_4_value_msat = chan_4.context.channel_value_satoshis * 1000;
9679 assert_eq!(chan_4.context.holder_max_htlc_value_in_flight_msat, (chan_4_value_msat as f64 * 0.99) as u64);
9681 // Test that `OutboundV1Channel::new` uses the lower bound of the configurable percentage values (1%)
9682 // if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a value less than 1.
9683 let chan_5 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_0_percent), 10000000, 100000, 42, &config_0_percent, 0, 42, None).unwrap();
9684 let chan_5_value_msat = chan_5.context.channel_value_satoshis * 1000;
9685 assert_eq!(chan_5.context.holder_max_htlc_value_in_flight_msat, (chan_5_value_msat as f64 * 0.01) as u64);
9687 // Test that `OutboundV1Channel::new` uses the upper bound of the configurable percentage values
9688 // (100%) if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a larger value
9690 let chan_6 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_101_percent), 10000000, 100000, 42, &config_101_percent, 0, 42, None).unwrap();
9691 let chan_6_value_msat = chan_6.context.channel_value_satoshis * 1000;
9692 assert_eq!(chan_6.context.holder_max_htlc_value_in_flight_msat, chan_6_value_msat);
9694 // Test that `InboundV1Channel::new` uses the lower bound of the configurable percentage values (1%)
9695 // if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a value less than 1.
9696 let chan_7 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_0_percent), &channelmanager::provided_init_features(&config_0_percent), &chan_1_open_channel_msg, 7, &config_0_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9697 let chan_7_value_msat = chan_7.context.channel_value_satoshis * 1000;
9698 assert_eq!(chan_7.context.holder_max_htlc_value_in_flight_msat, (chan_7_value_msat as f64 * 0.01) as u64);
9700 // Test that `InboundV1Channel::new` uses the upper bound of the configurable percentage values
9701 // (100%) if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a larger value
9703 let chan_8 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_101_percent), &channelmanager::provided_init_features(&config_101_percent), &chan_1_open_channel_msg, 7, &config_101_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9704 let chan_8_value_msat = chan_8.context.channel_value_satoshis * 1000;
9705 assert_eq!(chan_8.context.holder_max_htlc_value_in_flight_msat, chan_8_value_msat);
9709 fn test_configured_holder_selected_channel_reserve_satoshis() {
9711 // Test that `OutboundV1Channel::new` and `InboundV1Channel::new` create a channel with the correct
9712 // channel reserves, when `their_channel_reserve_proportional_millionths` is configured.
9713 test_self_and_counterparty_channel_reserve(10_000_000, 0.02, 0.02);
9715 // Test with valid but unreasonably high channel reserves
9716 // Requesting and accepting parties have requested for 49%-49% and 60%-30% channel reserve
9717 test_self_and_counterparty_channel_reserve(10_000_000, 0.49, 0.49);
9718 test_self_and_counterparty_channel_reserve(10_000_000, 0.60, 0.30);
9720 // Test with calculated channel reserve less than lower bound
9721 // i.e `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
9722 test_self_and_counterparty_channel_reserve(100_000, 0.00002, 0.30);
9724 // Test with invalid channel reserves since sum of both is greater than or equal
9726 test_self_and_counterparty_channel_reserve(10_000_000, 0.50, 0.50);
9727 test_self_and_counterparty_channel_reserve(10_000_000, 0.60, 0.50);
9730 fn test_self_and_counterparty_channel_reserve(channel_value_satoshis: u64, outbound_selected_channel_reserve_perc: f64, inbound_selected_channel_reserve_perc: f64) {
9731 let fee_est = LowerBoundedFeeEstimator::new(&TestFeeEstimator { fee_est: 15_000 });
9732 let logger = test_utils::TestLogger::new();
9733 let secp_ctx = Secp256k1::new();
9734 let seed = [42; 32];
9735 let network = Network::Testnet;
9736 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9737 let outbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9738 let inbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9741 let mut outbound_node_config = UserConfig::default();
9742 outbound_node_config.channel_handshake_config.their_channel_reserve_proportional_millionths = (outbound_selected_channel_reserve_perc * 1_000_000.0) as u32;
9743 let chan = OutboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&outbound_node_config), channel_value_satoshis, 100_000, 42, &outbound_node_config, 0, 42, None).unwrap();
9745 let expected_outbound_selected_chan_reserve = cmp::max(MIN_THEIR_CHAN_RESERVE_SATOSHIS, (chan.context.channel_value_satoshis as f64 * outbound_selected_channel_reserve_perc) as u64);
9746 assert_eq!(chan.context.holder_selected_channel_reserve_satoshis, expected_outbound_selected_chan_reserve);
9748 let chan_open_channel_msg = chan.get_open_channel(ChainHash::using_genesis_block(network));
9749 let mut inbound_node_config = UserConfig::default();
9750 inbound_node_config.channel_handshake_config.their_channel_reserve_proportional_millionths = (inbound_selected_channel_reserve_perc * 1_000_000.0) as u32;
9752 if outbound_selected_channel_reserve_perc + inbound_selected_channel_reserve_perc < 1.0 {
9753 let chan_inbound_node = InboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&inbound_node_config), &channelmanager::provided_init_features(&outbound_node_config), &chan_open_channel_msg, 7, &inbound_node_config, 0, &&logger, /*is_0conf=*/false).unwrap();
9755 let expected_inbound_selected_chan_reserve = cmp::max(MIN_THEIR_CHAN_RESERVE_SATOSHIS, (chan.context.channel_value_satoshis as f64 * inbound_selected_channel_reserve_perc) as u64);
9757 assert_eq!(chan_inbound_node.context.holder_selected_channel_reserve_satoshis, expected_inbound_selected_chan_reserve);
9758 assert_eq!(chan_inbound_node.context.counterparty_selected_channel_reserve_satoshis.unwrap(), expected_outbound_selected_chan_reserve);
9760 // Channel Negotiations failed
9761 let result = InboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&inbound_node_config), &channelmanager::provided_init_features(&outbound_node_config), &chan_open_channel_msg, 7, &inbound_node_config, 0, &&logger, /*is_0conf=*/false);
9762 assert!(result.is_err());
9767 fn channel_update() {
9768 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9769 let logger = test_utils::TestLogger::new();
9770 let secp_ctx = Secp256k1::new();
9771 let seed = [42; 32];
9772 let network = Network::Testnet;
9773 let best_block = BestBlock::from_network(network);
9774 let chain_hash = ChainHash::using_genesis_block(network);
9775 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9777 // Create Node A's channel pointing to Node B's pubkey
9778 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9779 let config = UserConfig::default();
9780 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9782 // Create Node B's channel by receiving Node A's open_channel message
9783 // Make sure A's dust limit is as we expect.
9784 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9785 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9786 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9788 // Node B --> Node A: accept channel, explicitly setting B's dust limit.
9789 let mut accept_channel_msg = node_b_chan.accept_inbound_channel();
9790 accept_channel_msg.common_fields.dust_limit_satoshis = 546;
9791 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9792 node_a_chan.context.holder_dust_limit_satoshis = 1560;
9794 // Node A --> Node B: funding created
9795 let output_script = node_a_chan.context.get_funding_redeemscript();
9796 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9797 value: 10000000, script_pubkey: output_script.clone(),
9799 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9800 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9801 let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9803 // Node B --> Node A: funding signed
9804 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9805 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9807 // Make sure that receiving a channel update will update the Channel as expected.
9808 let update = ChannelUpdate {
9809 contents: UnsignedChannelUpdate {
9811 short_channel_id: 0,
9814 cltv_expiry_delta: 100,
9815 htlc_minimum_msat: 5,
9816 htlc_maximum_msat: MAX_VALUE_MSAT,
9818 fee_proportional_millionths: 11,
9819 excess_data: Vec::new(),
9821 signature: Signature::from(unsafe { FFISignature::new() })
9823 assert!(node_a_chan.channel_update(&update).unwrap());
9825 // The counterparty can send an update with a higher minimum HTLC, but that shouldn't
9826 // change our official htlc_minimum_msat.
9827 assert_eq!(node_a_chan.context.holder_htlc_minimum_msat, 1);
9828 match node_a_chan.context.counterparty_forwarding_info() {
9830 assert_eq!(info.cltv_expiry_delta, 100);
9831 assert_eq!(info.fee_base_msat, 110);
9832 assert_eq!(info.fee_proportional_millionths, 11);
9834 None => panic!("expected counterparty forwarding info to be Some")
9837 assert!(!node_a_chan.channel_update(&update).unwrap());
9841 fn blinding_point_skimmed_fee_malformed_ser() {
9842 // Ensure that channel blinding points, skimmed fees, and malformed HTLCs are (de)serialized
9844 let logger = test_utils::TestLogger::new();
9845 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9846 let secp_ctx = Secp256k1::new();
9847 let seed = [42; 32];
9848 let network = Network::Testnet;
9849 let best_block = BestBlock::from_network(network);
9850 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9852 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9853 let config = UserConfig::default();
9854 let features = channelmanager::provided_init_features(&config);
9855 let mut outbound_chan = OutboundV1Channel::<&TestKeysInterface>::new(
9856 &feeest, &&keys_provider, &&keys_provider, node_b_node_id, &features, 10000000, 100000, 42, &config, 0, 42, None
9858 let inbound_chan = InboundV1Channel::<&TestKeysInterface>::new(
9859 &feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config),
9860 &features, &outbound_chan.get_open_channel(ChainHash::using_genesis_block(network)), 7, &config, 0, &&logger, false
9862 outbound_chan.accept_channel(&inbound_chan.get_accept_channel_message(), &config.channel_handshake_limits, &features).unwrap();
9863 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9864 value: 10000000, script_pubkey: outbound_chan.context.get_funding_redeemscript(),
9866 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9867 let funding_created = outbound_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap().unwrap();
9868 let mut chan = match inbound_chan.funding_created(&funding_created, best_block, &&keys_provider, &&logger) {
9869 Ok((chan, _, _)) => chan,
9870 Err((_, e)) => panic!("{}", e),
9873 let dummy_htlc_source = HTLCSource::OutboundRoute {
9875 hops: vec![RouteHop {
9876 pubkey: test_utils::pubkey(2), channel_features: ChannelFeatures::empty(),
9877 node_features: NodeFeatures::empty(), short_channel_id: 0, fee_msat: 0,
9878 cltv_expiry_delta: 0, maybe_announced_channel: false,
9882 session_priv: test_utils::privkey(42),
9883 first_hop_htlc_msat: 0,
9884 payment_id: PaymentId([42; 32]),
9886 let dummy_outbound_output = OutboundHTLCOutput {
9889 payment_hash: PaymentHash([43; 32]),
9891 state: OutboundHTLCState::Committed,
9892 source: dummy_htlc_source.clone(),
9893 skimmed_fee_msat: None,
9894 blinding_point: None,
9896 let mut pending_outbound_htlcs = vec![dummy_outbound_output.clone(); 10];
9897 for (idx, htlc) in pending_outbound_htlcs.iter_mut().enumerate() {
9899 htlc.blinding_point = Some(test_utils::pubkey(42 + idx as u8));
9902 htlc.skimmed_fee_msat = Some(1);
9905 chan.context.pending_outbound_htlcs = pending_outbound_htlcs.clone();
9907 let dummy_holding_cell_add_htlc = HTLCUpdateAwaitingACK::AddHTLC {
9910 payment_hash: PaymentHash([43; 32]),
9911 source: dummy_htlc_source.clone(),
9912 onion_routing_packet: msgs::OnionPacket {
9914 public_key: Ok(test_utils::pubkey(1)),
9915 hop_data: [0; 20*65],
9918 skimmed_fee_msat: None,
9919 blinding_point: None,
9921 let dummy_holding_cell_claim_htlc = HTLCUpdateAwaitingACK::ClaimHTLC {
9922 payment_preimage: PaymentPreimage([42; 32]),
9925 let dummy_holding_cell_failed_htlc = |htlc_id| HTLCUpdateAwaitingACK::FailHTLC {
9926 htlc_id, err_packet: msgs::OnionErrorPacket { data: vec![42] }
9928 let dummy_holding_cell_malformed_htlc = |htlc_id| HTLCUpdateAwaitingACK::FailMalformedHTLC {
9929 htlc_id, failure_code: INVALID_ONION_BLINDING, sha256_of_onion: [0; 32],
9931 let mut holding_cell_htlc_updates = Vec::with_capacity(12);
9934 holding_cell_htlc_updates.push(dummy_holding_cell_add_htlc.clone());
9935 } else if i % 5 == 1 {
9936 holding_cell_htlc_updates.push(dummy_holding_cell_claim_htlc.clone());
9937 } else if i % 5 == 2 {
9938 let mut dummy_add = dummy_holding_cell_add_htlc.clone();
9939 if let HTLCUpdateAwaitingACK::AddHTLC {
9940 ref mut blinding_point, ref mut skimmed_fee_msat, ..
9941 } = &mut dummy_add {
9942 *blinding_point = Some(test_utils::pubkey(42 + i));
9943 *skimmed_fee_msat = Some(42);
9945 holding_cell_htlc_updates.push(dummy_add);
9946 } else if i % 5 == 3 {
9947 holding_cell_htlc_updates.push(dummy_holding_cell_malformed_htlc(i as u64));
9949 holding_cell_htlc_updates.push(dummy_holding_cell_failed_htlc(i as u64));
9952 chan.context.holding_cell_htlc_updates = holding_cell_htlc_updates.clone();
9954 // Encode and decode the channel and ensure that the HTLCs within are the same.
9955 let encoded_chan = chan.encode();
9956 let mut s = crate::io::Cursor::new(&encoded_chan);
9957 let mut reader = crate::util::ser::FixedLengthReader::new(&mut s, encoded_chan.len() as u64);
9958 let features = channelmanager::provided_channel_type_features(&config);
9959 let decoded_chan = Channel::read(&mut reader, (&&keys_provider, &&keys_provider, 0, &features)).unwrap();
9960 assert_eq!(decoded_chan.context.pending_outbound_htlcs, pending_outbound_htlcs);
9961 assert_eq!(decoded_chan.context.holding_cell_htlc_updates, holding_cell_htlc_updates);
9964 #[cfg(all(feature = "_test_vectors", not(feature = "grind_signatures")))]
9966 fn outbound_commitment_test() {
9967 use bitcoin::sighash;
9968 use bitcoin::consensus::encode::serialize;
9969 use bitcoin::sighash::EcdsaSighashType;
9970 use bitcoin::hashes::hex::FromHex;
9971 use bitcoin::hash_types::Txid;
9972 use bitcoin::secp256k1::Message;
9973 use crate::sign::{ChannelDerivationParameters, HTLCDescriptor, ecdsa::EcdsaChannelSigner};
9974 use crate::ln::PaymentPreimage;
9975 use crate::ln::channel::{HTLCOutputInCommitment ,TxCreationKeys};
9976 use crate::ln::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint};
9977 use crate::ln::chan_utils::{ChannelPublicKeys, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters};
9978 use crate::util::logger::Logger;
9979 use crate::sync::Arc;
9980 use core::str::FromStr;
9981 use hex::DisplayHex;
9983 // Test vectors from BOLT 3 Appendices C and F (anchors):
9984 let feeest = TestFeeEstimator{fee_est: 15000};
9985 let logger : Arc<dyn Logger> = Arc::new(test_utils::TestLogger::new());
9986 let secp_ctx = Secp256k1::new();
9988 let mut signer = InMemorySigner::new(
9990 SecretKey::from_slice(&<Vec<u8>>::from_hex("30ff4956bbdd3222d44cc5e8a1261dab1e07957bdac5ae88fe3261ef321f3749").unwrap()[..]).unwrap(),
9991 SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(),
9992 SecretKey::from_slice(&<Vec<u8>>::from_hex("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(),
9993 SecretKey::from_slice(&<Vec<u8>>::from_hex("3333333333333333333333333333333333333333333333333333333333333333").unwrap()[..]).unwrap(),
9994 SecretKey::from_slice(&<Vec<u8>>::from_hex("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(),
9996 // These aren't set in the test vectors:
9997 [0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff],
10003 assert_eq!(signer.pubkeys().funding_pubkey.serialize()[..],
10004 <Vec<u8>>::from_hex("023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb").unwrap()[..]);
10005 let keys_provider = Keys { signer: signer.clone() };
10007 let counterparty_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10008 let mut config = UserConfig::default();
10009 config.channel_handshake_config.announced_channel = false;
10010 let mut chan = OutboundV1Channel::<&Keys>::new(&LowerBoundedFeeEstimator::new(&feeest), &&keys_provider, &&keys_provider, counterparty_node_id, &channelmanager::provided_init_features(&config), 10_000_000, 0, 42, &config, 0, 42, None).unwrap(); // Nothing uses their network key in this test
10011 chan.context.holder_dust_limit_satoshis = 546;
10012 chan.context.counterparty_selected_channel_reserve_satoshis = Some(0); // Filled in in accept_channel
10014 let funding_info = OutPoint{ txid: Txid::from_str("8984484a580b825b9972d7adb15050b3ab624ccd731946b3eeddb92f4e7ef6be").unwrap(), index: 0 };
10016 let counterparty_pubkeys = ChannelPublicKeys {
10017 funding_pubkey: public_from_secret_hex(&secp_ctx, "1552dfba4f6cf29a62a0af13c8d6981d36d0ef8d61ba10fb0fe90da7634d7e13"),
10018 revocation_basepoint: RevocationBasepoint::from(PublicKey::from_slice(&<Vec<u8>>::from_hex("02466d7fcae563e5cb09a0d1870bb580344804617879a14949cf22285f1bae3f27").unwrap()[..]).unwrap()),
10019 payment_point: public_from_secret_hex(&secp_ctx, "4444444444444444444444444444444444444444444444444444444444444444"),
10020 delayed_payment_basepoint: DelayedPaymentBasepoint::from(public_from_secret_hex(&secp_ctx, "1552dfba4f6cf29a62a0af13c8d6981d36d0ef8d61ba10fb0fe90da7634d7e13")),
10021 htlc_basepoint: HtlcBasepoint::from(public_from_secret_hex(&secp_ctx, "4444444444444444444444444444444444444444444444444444444444444444"))
10023 chan.context.channel_transaction_parameters.counterparty_parameters = Some(
10024 CounterpartyChannelTransactionParameters {
10025 pubkeys: counterparty_pubkeys.clone(),
10026 selected_contest_delay: 144
10028 chan.context.channel_transaction_parameters.funding_outpoint = Some(funding_info);
10029 signer.provide_channel_parameters(&chan.context.channel_transaction_parameters);
10031 assert_eq!(counterparty_pubkeys.payment_point.serialize()[..],
10032 <Vec<u8>>::from_hex("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]);
10034 assert_eq!(counterparty_pubkeys.funding_pubkey.serialize()[..],
10035 <Vec<u8>>::from_hex("030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c1").unwrap()[..]);
10037 assert_eq!(counterparty_pubkeys.htlc_basepoint.to_public_key().serialize()[..],
10038 <Vec<u8>>::from_hex("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]);
10040 // We can't just use build_holder_transaction_keys here as the per_commitment_secret is not
10041 // derived from a commitment_seed, so instead we copy it here and call
10042 // build_commitment_transaction.
10043 let delayed_payment_base = &chan.context.holder_signer.as_ref().pubkeys().delayed_payment_basepoint;
10044 let per_commitment_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100").unwrap()[..]).unwrap();
10045 let per_commitment_point = PublicKey::from_secret_key(&secp_ctx, &per_commitment_secret);
10046 let htlc_basepoint = &chan.context.holder_signer.as_ref().pubkeys().htlc_basepoint;
10047 let keys = TxCreationKeys::derive_new(&secp_ctx, &per_commitment_point, delayed_payment_base, htlc_basepoint, &counterparty_pubkeys.revocation_basepoint, &counterparty_pubkeys.htlc_basepoint);
10049 macro_rules! test_commitment {
10050 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $($remain:tt)* ) => {
10051 chan.context.channel_transaction_parameters.channel_type_features = ChannelTypeFeatures::only_static_remote_key();
10052 test_commitment_common!($counterparty_sig_hex, $sig_hex, $tx_hex, &ChannelTypeFeatures::only_static_remote_key(), $($remain)*);
10056 macro_rules! test_commitment_with_anchors {
10057 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $($remain:tt)* ) => {
10058 chan.context.channel_transaction_parameters.channel_type_features = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10059 test_commitment_common!($counterparty_sig_hex, $sig_hex, $tx_hex, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), $($remain)*);
10063 macro_rules! test_commitment_common {
10064 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $opt_anchors: expr, {
10065 $( { $htlc_idx: expr, $counterparty_htlc_sig_hex: expr, $htlc_sig_hex: expr, $htlc_tx_hex: expr } ), *
10067 let (commitment_tx, htlcs): (_, Vec<HTLCOutputInCommitment>) = {
10068 let mut commitment_stats = chan.context.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false, &logger);
10070 let htlcs = commitment_stats.htlcs_included.drain(..)
10071 .filter_map(|(htlc, _)| if htlc.transaction_output_index.is_some() { Some(htlc) } else { None })
10073 (commitment_stats.tx, htlcs)
10075 let trusted_tx = commitment_tx.trust();
10076 let unsigned_tx = trusted_tx.built_transaction();
10077 let redeemscript = chan.context.get_funding_redeemscript();
10078 let counterparty_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_sig_hex).unwrap()[..]).unwrap();
10079 let sighash = unsigned_tx.get_sighash_all(&redeemscript, chan.context.channel_value_satoshis);
10080 log_trace!(logger, "unsigned_tx = {}", serialize(&unsigned_tx.transaction).as_hex());
10081 assert!(secp_ctx.verify_ecdsa(&sighash, &counterparty_signature, chan.context.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig");
10083 let mut per_htlc: Vec<(HTLCOutputInCommitment, Option<Signature>)> = Vec::new();
10084 per_htlc.clear(); // Don't warn about excess mut for no-HTLC calls
10085 let mut counterparty_htlc_sigs = Vec::new();
10086 counterparty_htlc_sigs.clear(); // Don't warn about excess mut for no-HTLC calls
10088 let remote_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_htlc_sig_hex).unwrap()[..]).unwrap();
10089 per_htlc.push((htlcs[$htlc_idx].clone(), Some(remote_signature)));
10090 counterparty_htlc_sigs.push(remote_signature);
10092 assert_eq!(htlcs.len(), per_htlc.len());
10094 let holder_commitment_tx = HolderCommitmentTransaction::new(
10095 commitment_tx.clone(),
10096 counterparty_signature,
10097 counterparty_htlc_sigs,
10098 &chan.context.holder_signer.as_ref().pubkeys().funding_pubkey,
10099 chan.context.counterparty_funding_pubkey()
10101 let holder_sig = signer.sign_holder_commitment(&holder_commitment_tx, &secp_ctx).unwrap();
10102 assert_eq!(Signature::from_der(&<Vec<u8>>::from_hex($sig_hex).unwrap()[..]).unwrap(), holder_sig, "holder_sig");
10104 let funding_redeemscript = chan.context.get_funding_redeemscript();
10105 let tx = holder_commitment_tx.add_holder_sig(&funding_redeemscript, holder_sig);
10106 assert_eq!(serialize(&tx)[..], <Vec<u8>>::from_hex($tx_hex).unwrap()[..], "tx");
10108 // ((htlc, counterparty_sig), (index, holder_sig))
10109 let mut htlc_counterparty_sig_iter = holder_commitment_tx.counterparty_htlc_sigs.iter();
10112 log_trace!(logger, "verifying htlc {}", $htlc_idx);
10113 let remote_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_htlc_sig_hex).unwrap()[..]).unwrap();
10115 let ref htlc = htlcs[$htlc_idx];
10116 let mut htlc_tx = chan_utils::build_htlc_transaction(&unsigned_tx.txid, chan.context.feerate_per_kw,
10117 chan.context.get_counterparty_selected_contest_delay().unwrap(),
10118 &htlc, $opt_anchors, &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
10119 let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, $opt_anchors, &keys);
10120 let htlc_sighashtype = if $opt_anchors.supports_anchors_zero_fee_htlc_tx() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
10121 let htlc_sighash = Message::from_slice(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]).unwrap();
10122 assert!(secp_ctx.verify_ecdsa(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key.to_public_key()).is_ok(), "verify counterparty htlc sig");
10124 let mut preimage: Option<PaymentPreimage> = None;
10127 let out = PaymentHash(Sha256::hash(&[i; 32]).to_byte_array());
10128 if out == htlc.payment_hash {
10129 preimage = Some(PaymentPreimage([i; 32]));
10133 assert!(preimage.is_some());
10136 let htlc_counterparty_sig = htlc_counterparty_sig_iter.next().unwrap();
10137 let htlc_holder_sig = signer.sign_holder_htlc_transaction(&htlc_tx, 0, &HTLCDescriptor {
10138 channel_derivation_parameters: ChannelDerivationParameters {
10139 value_satoshis: chan.context.channel_value_satoshis,
10140 keys_id: chan.context.channel_keys_id,
10141 transaction_parameters: chan.context.channel_transaction_parameters.clone(),
10143 commitment_txid: trusted_tx.txid(),
10144 per_commitment_number: trusted_tx.commitment_number(),
10145 per_commitment_point: trusted_tx.per_commitment_point(),
10146 feerate_per_kw: trusted_tx.feerate_per_kw(),
10147 htlc: htlc.clone(),
10148 preimage: preimage.clone(),
10149 counterparty_sig: *htlc_counterparty_sig,
10150 }, &secp_ctx).unwrap();
10151 let num_anchors = if $opt_anchors.supports_anchors_zero_fee_htlc_tx() { 2 } else { 0 };
10152 assert_eq!(htlc.transaction_output_index, Some($htlc_idx + num_anchors), "output index");
10154 let signature = Signature::from_der(&<Vec<u8>>::from_hex($htlc_sig_hex).unwrap()[..]).unwrap();
10155 assert_eq!(signature, htlc_holder_sig, "htlc sig");
10156 let trusted_tx = holder_commitment_tx.trust();
10157 htlc_tx.input[0].witness = trusted_tx.build_htlc_input_witness($htlc_idx, htlc_counterparty_sig, &htlc_holder_sig, &preimage);
10158 log_trace!(logger, "htlc_tx = {}", serialize(&htlc_tx).as_hex());
10159 assert_eq!(serialize(&htlc_tx)[..], <Vec<u8>>::from_hex($htlc_tx_hex).unwrap()[..], "htlc tx");
10161 assert!(htlc_counterparty_sig_iter.next().is_none());
10165 // anchors: simple commitment tx with no HTLCs and single anchor
10166 test_commitment_with_anchors!("30440220655bf909fb6fa81d086f1336ac72c97906dce29d1b166e305c99152d810e26e1022051f577faa46412c46707aaac46b65d50053550a66334e00a44af2706f27a8658",
10167 "3044022007cf6b405e9c9b4f527b0ecad9d8bb661fabb8b12abf7d1c0b3ad1855db3ed490220616d5c1eeadccc63bd775a131149455d62d95a42c2a1b01cc7821fc42dce7778",
10168 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80024a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f10529800000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022007cf6b405e9c9b4f527b0ecad9d8bb661fabb8b12abf7d1c0b3ad1855db3ed490220616d5c1eeadccc63bd775a131149455d62d95a42c2a1b01cc7821fc42dce7778014730440220655bf909fb6fa81d086f1336ac72c97906dce29d1b166e305c99152d810e26e1022051f577faa46412c46707aaac46b65d50053550a66334e00a44af2706f27a865801475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10170 // simple commitment tx with no HTLCs
10171 chan.context.value_to_self_msat = 7000000000;
10173 test_commitment!("3045022100c3127b33dcc741dd6b05b1e63cbd1a9a7d816f37af9b6756fa2376b056f032370220408b96279808fe57eb7e463710804cdf4f108388bc5cf722d8c848d2c7f9f3b0",
10174 "30440220616210b2cc4d3afb601013c373bbd8aac54febd9f15400379a8cb65ce7deca60022034236c010991beb7ff770510561ae8dc885b8d38d1947248c38f2ae055647142",
10175 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8002c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48454a56a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004730440220616210b2cc4d3afb601013c373bbd8aac54febd9f15400379a8cb65ce7deca60022034236c010991beb7ff770510561ae8dc885b8d38d1947248c38f2ae05564714201483045022100c3127b33dcc741dd6b05b1e63cbd1a9a7d816f37af9b6756fa2376b056f032370220408b96279808fe57eb7e463710804cdf4f108388bc5cf722d8c848d2c7f9f3b001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10177 // anchors: simple commitment tx with no HTLCs
10178 test_commitment_with_anchors!("3045022100f89034eba16b2be0e5581f750a0a6309192b75cce0f202f0ee2b4ec0cc394850022076c65dc507fe42276152b7a3d90e961e678adbe966e916ecfe85e64d430e75f3",
10179 "30450221008266ac6db5ea71aac3c95d97b0e172ff596844851a3216eb88382a8dddfd33d2022050e240974cfd5d708708b4365574517c18e7ae535ef732a3484d43d0d82be9f7",
10180 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80044a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994a508b6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221008266ac6db5ea71aac3c95d97b0e172ff596844851a3216eb88382a8dddfd33d2022050e240974cfd5d708708b4365574517c18e7ae535ef732a3484d43d0d82be9f701483045022100f89034eba16b2be0e5581f750a0a6309192b75cce0f202f0ee2b4ec0cc394850022076c65dc507fe42276152b7a3d90e961e678adbe966e916ecfe85e64d430e75f301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10182 chan.context.pending_inbound_htlcs.push({
10183 let mut out = InboundHTLCOutput{
10185 amount_msat: 1000000,
10187 payment_hash: PaymentHash([0; 32]),
10188 state: InboundHTLCState::Committed,
10190 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0000000000000000000000000000000000000000000000000000000000000000").unwrap()).to_byte_array();
10193 chan.context.pending_inbound_htlcs.push({
10194 let mut out = InboundHTLCOutput{
10196 amount_msat: 2000000,
10198 payment_hash: PaymentHash([0; 32]),
10199 state: InboundHTLCState::Committed,
10201 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap()).to_byte_array();
10204 chan.context.pending_outbound_htlcs.push({
10205 let mut out = OutboundHTLCOutput{
10207 amount_msat: 2000000,
10209 payment_hash: PaymentHash([0; 32]),
10210 state: OutboundHTLCState::Committed,
10211 source: HTLCSource::dummy(),
10212 skimmed_fee_msat: None,
10213 blinding_point: None,
10215 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0202020202020202020202020202020202020202020202020202020202020202").unwrap()).to_byte_array();
10218 chan.context.pending_outbound_htlcs.push({
10219 let mut out = OutboundHTLCOutput{
10221 amount_msat: 3000000,
10223 payment_hash: PaymentHash([0; 32]),
10224 state: OutboundHTLCState::Committed,
10225 source: HTLCSource::dummy(),
10226 skimmed_fee_msat: None,
10227 blinding_point: None,
10229 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0303030303030303030303030303030303030303030303030303030303030303").unwrap()).to_byte_array();
10232 chan.context.pending_inbound_htlcs.push({
10233 let mut out = InboundHTLCOutput{
10235 amount_msat: 4000000,
10237 payment_hash: PaymentHash([0; 32]),
10238 state: InboundHTLCState::Committed,
10240 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0404040404040404040404040404040404040404040404040404040404040404").unwrap()).to_byte_array();
10244 // commitment tx with all five HTLCs untrimmed (minimum feerate)
10245 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10246 chan.context.feerate_per_kw = 0;
10248 test_commitment!("3044022009b048187705a8cbc9ad73adbe5af148c3d012e1f067961486c822c7af08158c022006d66f3704cfab3eb2dc49dae24e4aa22a6910fc9b424007583204e3621af2e5",
10249 "304402206fc2d1f10ea59951eefac0b4b7c396a3c3d87b71ff0b019796ef4535beaf36f902201765b0181e514d04f4c8ad75659d7037be26cdb3f8bb6f78fe61decef484c3ea",
10250 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8007e80300000000000022002052bfef0479d7b293c27e0f1eb294bea154c63a3294ef092c19af51409bce0e2ad007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484e0a06a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402206fc2d1f10ea59951eefac0b4b7c396a3c3d87b71ff0b019796ef4535beaf36f902201765b0181e514d04f4c8ad75659d7037be26cdb3f8bb6f78fe61decef484c3ea01473044022009b048187705a8cbc9ad73adbe5af148c3d012e1f067961486c822c7af08158c022006d66f3704cfab3eb2dc49dae24e4aa22a6910fc9b424007583204e3621af2e501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10253 "3045022100d9e29616b8f3959f1d3d7f7ce893ffedcdc407717d0de8e37d808c91d3a7c50d022078c3033f6d00095c8720a4bc943c1b45727818c082e4e3ddbc6d3116435b624b",
10254 "30440220636de5682ef0c5b61f124ec74e8aa2461a69777521d6998295dcea36bc3338110220165285594b23c50b28b82df200234566628a27bcd17f7f14404bd865354eb3ce",
10255 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b00000000000000000001e8030000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100d9e29616b8f3959f1d3d7f7ce893ffedcdc407717d0de8e37d808c91d3a7c50d022078c3033f6d00095c8720a4bc943c1b45727818c082e4e3ddbc6d3116435b624b014730440220636de5682ef0c5b61f124ec74e8aa2461a69777521d6998295dcea36bc3338110220165285594b23c50b28b82df200234566628a27bcd17f7f14404bd865354eb3ce012000000000000000000000000000000000000000000000000000000000000000008a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a914b8bcb07f6344b42ab04250c86a6e8b75d3fdbbc688527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f401b175ac686800000000" },
10258 "30440220649fe8b20e67e46cbb0d09b4acea87dbec001b39b08dee7bdd0b1f03922a8640022037c462dff79df501cecfdb12ea7f4de91f99230bb544726f6e04527b1f896004",
10259 "3045022100803159dee7935dba4a1d36a61055ce8fd62caa528573cc221ae288515405a252022029c59e7cffce374fe860100a4a63787e105c3cf5156d40b12dd53ff55ac8cf3f",
10260 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b01000000000000000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220649fe8b20e67e46cbb0d09b4acea87dbec001b39b08dee7bdd0b1f03922a8640022037c462dff79df501cecfdb12ea7f4de91f99230bb544726f6e04527b1f89600401483045022100803159dee7935dba4a1d36a61055ce8fd62caa528573cc221ae288515405a252022029c59e7cffce374fe860100a4a63787e105c3cf5156d40b12dd53ff55ac8cf3f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10263 "30440220770fc321e97a19f38985f2e7732dd9fe08d16a2efa4bcbc0429400a447faf49102204d40b417f3113e1b0944ae0986f517564ab4acd3d190503faf97a6e420d43352",
10264 "3045022100a437cc2ce77400ecde441b3398fea3c3ad8bdad8132be818227fe3c5b8345989022069d45e7fa0ae551ec37240845e2c561ceb2567eacf3076a6a43a502d05865faa",
10265 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b02000000000000000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220770fc321e97a19f38985f2e7732dd9fe08d16a2efa4bcbc0429400a447faf49102204d40b417f3113e1b0944ae0986f517564ab4acd3d190503faf97a6e420d4335201483045022100a437cc2ce77400ecde441b3398fea3c3ad8bdad8132be818227fe3c5b8345989022069d45e7fa0ae551ec37240845e2c561ceb2567eacf3076a6a43a502d05865faa012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10268 "304402207bcbf4f60a9829b05d2dbab84ed593e0291836be715dc7db6b72a64caf646af802201e489a5a84f7c5cc130398b841d138d031a5137ac8f4c49c770a4959dc3c1363",
10269 "304402203121d9b9c055f354304b016a36662ee99e1110d9501cb271b087ddb6f382c2c80220549882f3f3b78d9c492de47543cb9a697cecc493174726146536c5954dac7487",
10270 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b03000000000000000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207bcbf4f60a9829b05d2dbab84ed593e0291836be715dc7db6b72a64caf646af802201e489a5a84f7c5cc130398b841d138d031a5137ac8f4c49c770a4959dc3c13630147304402203121d9b9c055f354304b016a36662ee99e1110d9501cb271b087ddb6f382c2c80220549882f3f3b78d9c492de47543cb9a697cecc493174726146536c5954dac748701008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10273 "3044022076dca5cb81ba7e466e349b7128cdba216d4d01659e29b96025b9524aaf0d1899022060de85697b88b21c749702b7d2cfa7dfeaa1f472c8f1d7d9c23f2bf968464b87",
10274 "3045022100d9080f103cc92bac15ec42464a95f070c7fb6925014e673ee2ea1374d36a7f7502200c65294d22eb20d48564954d5afe04a385551919d8b2ddb4ae2459daaeee1d95",
10275 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b04000000000000000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022076dca5cb81ba7e466e349b7128cdba216d4d01659e29b96025b9524aaf0d1899022060de85697b88b21c749702b7d2cfa7dfeaa1f472c8f1d7d9c23f2bf968464b8701483045022100d9080f103cc92bac15ec42464a95f070c7fb6925014e673ee2ea1374d36a7f7502200c65294d22eb20d48564954d5afe04a385551919d8b2ddb4ae2459daaeee1d95012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10278 // commitment tx with seven outputs untrimmed (maximum feerate)
10279 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10280 chan.context.feerate_per_kw = 647;
10282 test_commitment!("3045022100a135f9e8a5ed25f7277446c67956b00ce6f610ead2bdec2c2f686155b7814772022059f1f6e1a8b336a68efcc1af3fe4d422d4827332b5b067501b099c47b7b5b5ee",
10283 "30450221009ec15c687898bb4da8b3a833e5ab8bfc51ec6e9202aaa8e66611edfd4a85ed1102203d7183e45078b9735c93450bc3415d3e5a8c576141a711ec6ddcb4a893926bb7",
10284 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8007e80300000000000022002052bfef0479d7b293c27e0f1eb294bea154c63a3294ef092c19af51409bce0e2ad007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484e09c6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221009ec15c687898bb4da8b3a833e5ab8bfc51ec6e9202aaa8e66611edfd4a85ed1102203d7183e45078b9735c93450bc3415d3e5a8c576141a711ec6ddcb4a893926bb701483045022100a135f9e8a5ed25f7277446c67956b00ce6f610ead2bdec2c2f686155b7814772022059f1f6e1a8b336a68efcc1af3fe4d422d4827332b5b067501b099c47b7b5b5ee01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10287 "30450221008437627f9ad84ac67052e2a414a4367b8556fd1f94d8b02590f89f50525cd33502205b9c21ff6e7fc864f2352746ad8ba59182510819acb644e25b8a12fc37bbf24f",
10288 "30440220344b0deb055230d01703e6c7acd45853c4af2328b49b5d8af4f88a060733406602202ea64f2a43d5751edfe75503cbc35a62e3141b5ed032fa03360faf4ca66f670b",
10289 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004830450221008437627f9ad84ac67052e2a414a4367b8556fd1f94d8b02590f89f50525cd33502205b9c21ff6e7fc864f2352746ad8ba59182510819acb644e25b8a12fc37bbf24f014730440220344b0deb055230d01703e6c7acd45853c4af2328b49b5d8af4f88a060733406602202ea64f2a43d5751edfe75503cbc35a62e3141b5ed032fa03360faf4ca66f670b012000000000000000000000000000000000000000000000000000000000000000008a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a914b8bcb07f6344b42ab04250c86a6e8b75d3fdbbc688527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f401b175ac686800000000" },
10292 "304402205a67f92bf6845cf2892b48d874ac1daf88a36495cf8a06f93d83180d930a6f75022031da1621d95c3f335cc06a3056cf960199dae600b7cf89088f65fc53cdbef28c",
10293 "30450221009e5e3822b0185c6799a95288c597b671d6cc69ab80f43740f00c6c3d0752bdda02206da947a74bd98f3175324dc56fdba86cc783703a120a6f0297537e60632f4c7f",
10294 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe0100000000000000000124060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402205a67f92bf6845cf2892b48d874ac1daf88a36495cf8a06f93d83180d930a6f75022031da1621d95c3f335cc06a3056cf960199dae600b7cf89088f65fc53cdbef28c014830450221009e5e3822b0185c6799a95288c597b671d6cc69ab80f43740f00c6c3d0752bdda02206da947a74bd98f3175324dc56fdba86cc783703a120a6f0297537e60632f4c7f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10297 "30440220437e21766054a3eef7f65690c5bcfa9920babbc5af92b819f772f6ea96df6c7402207173622024bd97328cfb26c6665e25c2f5d67c319443ccdc60c903217005d8c8",
10298 "3045022100fcfc47e36b712624677626cef3dc1d67f6583bd46926a6398fe6b00b0c9a37760220525788257b187fc775c6370d04eadf34d06f3650a63f8df851cee0ecb47a1673",
10299 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe020000000000000000010a060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220437e21766054a3eef7f65690c5bcfa9920babbc5af92b819f772f6ea96df6c7402207173622024bd97328cfb26c6665e25c2f5d67c319443ccdc60c903217005d8c801483045022100fcfc47e36b712624677626cef3dc1d67f6583bd46926a6398fe6b00b0c9a37760220525788257b187fc775c6370d04eadf34d06f3650a63f8df851cee0ecb47a1673012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10302 "304402207436e10737e4df499fc051686d3e11a5bb2310e4d1f1e691d287cef66514791202207cb58e71a6b7a42dd001b7e3ae672ea4f71ea3e1cd412b742e9124abb0739c64",
10303 "3045022100e78211b8409afb7255ffe37337da87f38646f1faebbdd61bc1920d69e3ead67a02201a626305adfcd16bfb7e9340928d9b6305464eab4aa4c4a3af6646e9b9f69dee",
10304 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe030000000000000000010c0a0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207436e10737e4df499fc051686d3e11a5bb2310e4d1f1e691d287cef66514791202207cb58e71a6b7a42dd001b7e3ae672ea4f71ea3e1cd412b742e9124abb0739c6401483045022100e78211b8409afb7255ffe37337da87f38646f1faebbdd61bc1920d69e3ead67a02201a626305adfcd16bfb7e9340928d9b6305464eab4aa4c4a3af6646e9b9f69dee01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10307 "30450221009acd6a827a76bfee50806178dfe0495cd4e1d9c58279c194c7b01520fe68cb8d022024d439047c368883e570997a7d40f0b430cb5a742f507965e7d3063ae3feccca",
10308 "3044022048762cf546bbfe474f1536365ea7c416e3c0389d60558bc9412cb148fb6ab68202207215d7083b75c96ff9d2b08c59c34e287b66820f530b486a9aa4cdd9c347d5b9",
10309 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe04000000000000000001da0d0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004830450221009acd6a827a76bfee50806178dfe0495cd4e1d9c58279c194c7b01520fe68cb8d022024d439047c368883e570997a7d40f0b430cb5a742f507965e7d3063ae3feccca01473044022048762cf546bbfe474f1536365ea7c416e3c0389d60558bc9412cb148fb6ab68202207215d7083b75c96ff9d2b08c59c34e287b66820f530b486a9aa4cdd9c347d5b9012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10312 // commitment tx with six outputs untrimmed (minimum feerate)
10313 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10314 chan.context.feerate_per_kw = 648;
10316 test_commitment!("304402203948f900a5506b8de36a4d8502f94f21dd84fd9c2314ab427d52feaa7a0a19f2022059b6a37a4adaa2c5419dc8aea63c6e2a2ec4c4bde46207f6dc1fcd22152fc6e5",
10317 "3045022100b15f72908ba3382a34ca5b32519240a22300cc6015b6f9418635fb41f3d01d8802207adb331b9ed1575383dca0f2355e86c173802feecf8298fbea53b9d4610583e9",
10318 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8006d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4844e9d6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100b15f72908ba3382a34ca5b32519240a22300cc6015b6f9418635fb41f3d01d8802207adb331b9ed1575383dca0f2355e86c173802feecf8298fbea53b9d4610583e90147304402203948f900a5506b8de36a4d8502f94f21dd84fd9c2314ab427d52feaa7a0a19f2022059b6a37a4adaa2c5419dc8aea63c6e2a2ec4c4bde46207f6dc1fcd22152fc6e501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10321 "3045022100a031202f3be94678f0e998622ee95ebb6ada8da1e9a5110228b5e04a747351e4022010ca6a21e18314ed53cfaae3b1f51998552a61a468e596368829a50ce40110e0",
10322 "304502210097e1873b57267730154595187a34949d3744f52933070c74757005e61ce2112e02204ecfba2aa42d4f14bdf8bad4206bb97217b702e6c433e0e1b0ce6587e6d46ec6",
10323 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf10000000000000000000123060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100a031202f3be94678f0e998622ee95ebb6ada8da1e9a5110228b5e04a747351e4022010ca6a21e18314ed53cfaae3b1f51998552a61a468e596368829a50ce40110e00148304502210097e1873b57267730154595187a34949d3744f52933070c74757005e61ce2112e02204ecfba2aa42d4f14bdf8bad4206bb97217b702e6c433e0e1b0ce6587e6d46ec601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10326 "304402202361012a634aee7835c5ecdd6413dcffa8f404b7e77364c792cff984e4ee71e90220715c5e90baa08daa45a7439b1ee4fa4843ed77b19c058240b69406606d384124",
10327 "3044022019de73b00f1d818fb388e83b2c8c31f6bce35ac624e215bc12f88f9dc33edf48022006ff814bb9f700ee6abc3294e146fac3efd4f13f0005236b41c0a946ee00c9ae",
10328 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf10100000000000000000109060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402202361012a634aee7835c5ecdd6413dcffa8f404b7e77364c792cff984e4ee71e90220715c5e90baa08daa45a7439b1ee4fa4843ed77b19c058240b69406606d38412401473044022019de73b00f1d818fb388e83b2c8c31f6bce35ac624e215bc12f88f9dc33edf48022006ff814bb9f700ee6abc3294e146fac3efd4f13f0005236b41c0a946ee00c9ae012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10331 "304402207e8e82cd71ed4febeb593732c260456836e97d81896153ecd2b3cf320ca6861702202dd4a30f68f98ced7cc56a36369ac1fdd978248c5ff4ed204fc00cc625532989",
10332 "3045022100bd0be6100c4fd8f102ec220e1b053e4c4e2ecca25615490150007b40d314dc3902201a1e0ea266965b43164d9e6576f58fa6726d42883dd1c3996d2925c2e2260796",
10333 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf1020000000000000000010b0a0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207e8e82cd71ed4febeb593732c260456836e97d81896153ecd2b3cf320ca6861702202dd4a30f68f98ced7cc56a36369ac1fdd978248c5ff4ed204fc00cc62553298901483045022100bd0be6100c4fd8f102ec220e1b053e4c4e2ecca25615490150007b40d314dc3902201a1e0ea266965b43164d9e6576f58fa6726d42883dd1c3996d2925c2e226079601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10336 "3044022024cd52e4198c8ae0e414a86d86b5a65ea7450f2eb4e783096736d93395eca5ce022078f0094745b45be4d4b2b04dd5978c9e66ba49109e5704403e84aaf5f387d6be",
10337 "3045022100bbfb9d0a946d420807c86e985d636cceb16e71c3694ed186316251a00cbd807202207773223f9a337e145f64673825be9b30d07ef1542c82188b264bedcf7cda78c6",
10338 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf103000000000000000001d90d0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022024cd52e4198c8ae0e414a86d86b5a65ea7450f2eb4e783096736d93395eca5ce022078f0094745b45be4d4b2b04dd5978c9e66ba49109e5704403e84aaf5f387d6be01483045022100bbfb9d0a946d420807c86e985d636cceb16e71c3694ed186316251a00cbd807202207773223f9a337e145f64673825be9b30d07ef1542c82188b264bedcf7cda78c6012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10341 // anchors: commitment tx with six outputs untrimmed (minimum dust limit)
10342 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10343 chan.context.feerate_per_kw = 645;
10344 chan.context.holder_dust_limit_satoshis = 1001;
10346 test_commitment_with_anchors!("3044022025d97466c8049e955a5afce28e322f4b34d2561118e52332fb400f9b908cc0a402205dc6fba3a0d67ee142c428c535580cd1f2ff42e2f89b47e0c8a01847caffc312",
10347 "3045022100d57697c707b6f6d053febf24b98e8989f186eea42e37e9e91663ec2c70bb8f70022079b0715a472118f262f43016a674f59c015d9cafccec885968e76d9d9c5d0051",
10348 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80084a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994d0070000000000002200203e68115ae0b15b8de75b6c6bc9af5ac9f01391544e0870dae443a1e8fe7837ead007000000000000220020fe0598d74fee2205cc3672e6e6647706b4f3099713b4661b62482c3addd04a5eb80b000000000000220020f96d0334feb64a4f40eb272031d07afcb038db56aa57446d60308c9f8ccadef9a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994abc996a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100d57697c707b6f6d053febf24b98e8989f186eea42e37e9e91663ec2c70bb8f70022079b0715a472118f262f43016a674f59c015d9cafccec885968e76d9d9c5d005101473044022025d97466c8049e955a5afce28e322f4b34d2561118e52332fb400f9b908cc0a402205dc6fba3a0d67ee142c428c535580cd1f2ff42e2f89b47e0c8a01847caffc31201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10351 "3045022100e04d160a326432659fe9fb127304c1d348dfeaba840081bdc57d8efd902a48d8022008a824e7cf5492b97e4d9e03c06a09f822775a44f6b5b2533a2088904abfc282",
10352 "3045022100b7c49846466b13b190ff739bbe3005c105482fc55539e55b1c561f76b6982b6c02200e5c35808619cf543c8405cff9fedd25f333a4a2f6f6d5e8af8150090c40ef09",
10353 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320002000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e04d160a326432659fe9fb127304c1d348dfeaba840081bdc57d8efd902a48d8022008a824e7cf5492b97e4d9e03c06a09f822775a44f6b5b2533a2088904abfc28283483045022100b7c49846466b13b190ff739bbe3005c105482fc55539e55b1c561f76b6982b6c02200e5c35808619cf543c8405cff9fedd25f333a4a2f6f6d5e8af8150090c40ef0901008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6851b27568f6010000" },
10356 "3045022100fbdc3c367ce3bf30796025cc590ee1f2ce0e72ae1ac19f5986d6d0a4fc76211f02207e45ae9267e8e820d188569604f71d1abd11bd385d58853dd7dc034cdb3e9a6e",
10357 "3045022100d29330f24db213b262068706099b39c15fa7e070c3fcdf8836c09723fc4d365602203ce57d01e9f28601e461a0b5c4a50119b270bde8b70148d133a6849c70b115ac",
10358 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320003000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100fbdc3c367ce3bf30796025cc590ee1f2ce0e72ae1ac19f5986d6d0a4fc76211f02207e45ae9267e8e820d188569604f71d1abd11bd385d58853dd7dc034cdb3e9a6e83483045022100d29330f24db213b262068706099b39c15fa7e070c3fcdf8836c09723fc4d365602203ce57d01e9f28601e461a0b5c4a50119b270bde8b70148d133a6849c70b115ac012001010101010101010101010101010101010101010101010101010101010101018d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac6851b2756800000000" },
10361 "3044022066c5ef625cee3ddd2bc7b6bfb354b5834cf1cc6d52dd972fb41b7b225437ae4a022066cb85647df65c6b87a54e416dcdcca778a776c36a9643d2b5dc793c9b29f4c1",
10362 "304402202d4ce515cd9000ec37575972d70b8d24f73909fb7012e8ebd8c2066ef6fe187902202830b53e64ea565fecd0f398100691da6bb2a5cf9bb0d1926f1d71d05828a11e",
10363 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320004000000000100000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022066c5ef625cee3ddd2bc7b6bfb354b5834cf1cc6d52dd972fb41b7b225437ae4a022066cb85647df65c6b87a54e416dcdcca778a776c36a9643d2b5dc793c9b29f4c18347304402202d4ce515cd9000ec37575972d70b8d24f73909fb7012e8ebd8c2066ef6fe187902202830b53e64ea565fecd0f398100691da6bb2a5cf9bb0d1926f1d71d05828a11e01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6851b27568f7010000" },
10366 "3044022022c7e11595c53ee89a57ca76baf0aed730da035952d6ab3fe6459f5eff3b337a022075e10cc5f5fd724a35ce4087a5d03cd616698626c69814032132b50bb97dc615",
10367 "3045022100b20cd63e0587d1711beaebda4730775c4ac8b8b2ec78fe18a0c44c3f168c25230220079abb7fc4924e2fca5950842e5b9e416735585026914570078c4ef62f286226",
10368 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320005000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022022c7e11595c53ee89a57ca76baf0aed730da035952d6ab3fe6459f5eff3b337a022075e10cc5f5fd724a35ce4087a5d03cd616698626c69814032132b50bb97dc61583483045022100b20cd63e0587d1711beaebda4730775c4ac8b8b2ec78fe18a0c44c3f168c25230220079abb7fc4924e2fca5950842e5b9e416735585026914570078c4ef62f286226012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10371 // commitment tx with six outputs untrimmed (maximum feerate)
10372 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10373 chan.context.feerate_per_kw = 2069;
10374 chan.context.holder_dust_limit_satoshis = 546;
10376 test_commitment!("304502210090b96a2498ce0c0f2fadbec2aab278fed54c1a7838df793ec4d2c78d96ec096202204fdd439c50f90d483baa7b68feeef4bd33bc277695405447bcd0bfb2ca34d7bc",
10377 "3045022100ad9a9bbbb75d506ca3b716b336ee3cf975dd7834fcf129d7dd188146eb58a8b4022061a759ee417339f7fe2ea1e8deb83abb6a74db31a09b7648a932a639cda23e33",
10378 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8006d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48477956a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100ad9a9bbbb75d506ca3b716b336ee3cf975dd7834fcf129d7dd188146eb58a8b4022061a759ee417339f7fe2ea1e8deb83abb6a74db31a09b7648a932a639cda23e330148304502210090b96a2498ce0c0f2fadbec2aab278fed54c1a7838df793ec4d2c78d96ec096202204fdd439c50f90d483baa7b68feeef4bd33bc277695405447bcd0bfb2ca34d7bc01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10381 "3045022100f33513ee38abf1c582876f921f8fddc06acff48e04515532a32d3938de938ffd02203aa308a2c1863b7d6fdf53159a1465bf2e115c13152546cc5d74483ceaa7f699",
10382 "3045022100a637902a5d4c9ba9e7c472a225337d5aac9e2e3f6744f76e237132e7619ba0400220035c60d784a031c0d9f6df66b7eab8726a5c25397399ee4aa960842059eb3f9d",
10383 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d0000000000000000000175020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f33513ee38abf1c582876f921f8fddc06acff48e04515532a32d3938de938ffd02203aa308a2c1863b7d6fdf53159a1465bf2e115c13152546cc5d74483ceaa7f69901483045022100a637902a5d4c9ba9e7c472a225337d5aac9e2e3f6744f76e237132e7619ba0400220035c60d784a031c0d9f6df66b7eab8726a5c25397399ee4aa960842059eb3f9d01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10386 "3045022100ce07682cf4b90093c22dc2d9ab2a77ad6803526b655ef857221cc96af5c9e0bf02200f501cee22e7a268af40b555d15a8237c9f36ad67ef1841daf9f6a0267b1e6df",
10387 "3045022100e57e46234f8782d3ff7aa593b4f7446fb5316c842e693dc63ee324fd49f6a1c302204a2f7b44c48bd26e1554422afae13153eb94b29d3687b733d18930615fb2db61",
10388 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d0100000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100ce07682cf4b90093c22dc2d9ab2a77ad6803526b655ef857221cc96af5c9e0bf02200f501cee22e7a268af40b555d15a8237c9f36ad67ef1841daf9f6a0267b1e6df01483045022100e57e46234f8782d3ff7aa593b4f7446fb5316c842e693dc63ee324fd49f6a1c302204a2f7b44c48bd26e1554422afae13153eb94b29d3687b733d18930615fb2db61012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10391 "3045022100e3e35492e55f82ec0bc2f317ffd7a486d1f7024330fe9743c3559fc39f32ef0c02203d1d4db651fc388a91d5ad8ecdd8e83673063bc8eefe27cfd8c189090e3a23e0",
10392 "3044022068613fb1b98eb3aec7f44c5b115b12343c2f066c4277c82b5f873dfe68f37f50022028109b4650f3f528ca4bfe9a467aff2e3e43893b61b5159157119d5d95cf1c18",
10393 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d020000000000000000015d060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e3e35492e55f82ec0bc2f317ffd7a486d1f7024330fe9743c3559fc39f32ef0c02203d1d4db651fc388a91d5ad8ecdd8e83673063bc8eefe27cfd8c189090e3a23e001473044022068613fb1b98eb3aec7f44c5b115b12343c2f066c4277c82b5f873dfe68f37f50022028109b4650f3f528ca4bfe9a467aff2e3e43893b61b5159157119d5d95cf1c1801008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10396 "304402207475aeb0212ef9bf5130b60937817ad88c9a87976988ef1f323f026148cc4a850220739fea17ad3257dcad72e509c73eebe86bee30b178467b9fdab213d631b109df",
10397 "3045022100d315522e09e7d53d2a659a79cb67fef56d6c4bddf3f46df6772d0d20a7beb7c8022070bcc17e288607b6a72be0bd83368bb6d53488db266c1cdb4d72214e4f02ac33",
10398 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d03000000000000000001f2090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207475aeb0212ef9bf5130b60937817ad88c9a87976988ef1f323f026148cc4a850220739fea17ad3257dcad72e509c73eebe86bee30b178467b9fdab213d631b109df01483045022100d315522e09e7d53d2a659a79cb67fef56d6c4bddf3f46df6772d0d20a7beb7c8022070bcc17e288607b6a72be0bd83368bb6d53488db266c1cdb4d72214e4f02ac33012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10401 // commitment tx with five outputs untrimmed (minimum feerate)
10402 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10403 chan.context.feerate_per_kw = 2070;
10405 test_commitment!("304402204ca1ba260dee913d318271d86e10ca0f5883026fb5653155cff600fb40895223022037b145204b7054a40e08bb1fefbd826f827b40838d3e501423bcc57924bcb50c",
10406 "3044022001014419b5ba00e083ac4e0a85f19afc848aacac2d483b4b525d15e2ae5adbfe022015ebddad6ee1e72b47cb09f3e78459da5be01ccccd95dceca0e056a00cc773c1",
10407 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484da966a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022001014419b5ba00e083ac4e0a85f19afc848aacac2d483b4b525d15e2ae5adbfe022015ebddad6ee1e72b47cb09f3e78459da5be01ccccd95dceca0e056a00cc773c10147304402204ca1ba260dee913d318271d86e10ca0f5883026fb5653155cff600fb40895223022037b145204b7054a40e08bb1fefbd826f827b40838d3e501423bcc57924bcb50c01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10410 "304402205f6b6d12d8d2529fb24f4445630566cf4abbd0f9330ab6c2bdb94222d6a2a0c502202f556258ae6f05b193749e4c541dfcc13b525a5422f6291f073f15617ba8579b",
10411 "30440220150b11069454da70caf2492ded9e0065c9a57f25ac2a4c52657b1d15b6c6ed85022068a38833b603c8892717206383611bad210f1cbb4b1f87ea29c6c65b9e1cb3e5",
10412 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff0000000000000000000174020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402205f6b6d12d8d2529fb24f4445630566cf4abbd0f9330ab6c2bdb94222d6a2a0c502202f556258ae6f05b193749e4c541dfcc13b525a5422f6291f073f15617ba8579b014730440220150b11069454da70caf2492ded9e0065c9a57f25ac2a4c52657b1d15b6c6ed85022068a38833b603c8892717206383611bad210f1cbb4b1f87ea29c6c65b9e1cb3e501008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10415 "3045022100f960dfb1c9aee7ce1437efa65b523e399383e8149790e05d8fed27ff6e42fe0002202fe8613e062ffe0b0c518cc4101fba1c6de70f64a5bcc7ae663f2efae43b8546",
10416 "30450221009a6ed18e6873bc3644332a6ee21c152a5b102821865350df7a8c74451a51f9f2022050d801fb4895d7d7fbf452824c0168347f5c0cbe821cf6a97a63af5b8b2563c6",
10417 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff010000000000000000015c060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f960dfb1c9aee7ce1437efa65b523e399383e8149790e05d8fed27ff6e42fe0002202fe8613e062ffe0b0c518cc4101fba1c6de70f64a5bcc7ae663f2efae43b8546014830450221009a6ed18e6873bc3644332a6ee21c152a5b102821865350df7a8c74451a51f9f2022050d801fb4895d7d7fbf452824c0168347f5c0cbe821cf6a97a63af5b8b2563c601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10420 "3045022100ae5fc7717ae684bc1fcf9020854e5dbe9842c9e7472879ac06ff95ac2bb10e4e022057728ada4c00083a3e65493fb5d50a232165948a1a0f530ef63185c2c8c56504",
10421 "30440220408ad3009827a8fccf774cb285587686bfb2ed041f89a89453c311ce9c8ee0f902203c7392d9f8306d3a46522a66bd2723a7eb2628cb2d9b34d4c104f1766bf37502",
10422 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff02000000000000000001f1090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100ae5fc7717ae684bc1fcf9020854e5dbe9842c9e7472879ac06ff95ac2bb10e4e022057728ada4c00083a3e65493fb5d50a232165948a1a0f530ef63185c2c8c56504014730440220408ad3009827a8fccf774cb285587686bfb2ed041f89a89453c311ce9c8ee0f902203c7392d9f8306d3a46522a66bd2723a7eb2628cb2d9b34d4c104f1766bf37502012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10425 // commitment tx with five outputs untrimmed (maximum feerate)
10426 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10427 chan.context.feerate_per_kw = 2194;
10429 test_commitment!("304402204bb3d6e279d71d9da414c82de42f1f954267c762b2e2eb8b76bc3be4ea07d4b0022014febc009c5edc8c3fc5d94015de163200f780046f1c293bfed8568f08b70fb3",
10430 "3044022072c2e2b1c899b2242656a537dde2892fa3801be0d6df0a87836c550137acde8302201654aa1974d37a829083c3ba15088689f30b56d6a4f6cb14c7bad0ee3116d398",
10431 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48440966a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022072c2e2b1c899b2242656a537dde2892fa3801be0d6df0a87836c550137acde8302201654aa1974d37a829083c3ba15088689f30b56d6a4f6cb14c7bad0ee3116d3980147304402204bb3d6e279d71d9da414c82de42f1f954267c762b2e2eb8b76bc3be4ea07d4b0022014febc009c5edc8c3fc5d94015de163200f780046f1c293bfed8568f08b70fb301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10434 "3045022100939726680351a7856c1bc386d4a1f422c7d29bd7b56afc139570f508474e6c40022023175a799ccf44c017fbaadb924c40b2a12115a5b7d0dfd3228df803a2de8450",
10435 "304502210099c98c2edeeee6ec0fb5f3bea8b79bb016a2717afa9b5072370f34382de281d302206f5e2980a995e045cf90a547f0752a7ee99d48547bc135258fe7bc07e0154301",
10436 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100939726680351a7856c1bc386d4a1f422c7d29bd7b56afc139570f508474e6c40022023175a799ccf44c017fbaadb924c40b2a12115a5b7d0dfd3228df803a2de84500148304502210099c98c2edeeee6ec0fb5f3bea8b79bb016a2717afa9b5072370f34382de281d302206f5e2980a995e045cf90a547f0752a7ee99d48547bc135258fe7bc07e015430101008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10439 "3044022021bb883bf324553d085ba2e821cad80c28ef8b303dbead8f98e548783c02d1600220638f9ef2a9bba25869afc923f4b5dc38be3bb459f9efa5d869392d5f7779a4a0",
10440 "3045022100fd85bd7697b89c08ec12acc8ba89b23090637d83abd26ca37e01ae93e67c367302202b551fe69386116c47f984aab9c8dfd25d864dcde5d3389cfbef2447a85c4b77",
10441 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd010000000000000000010a060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022021bb883bf324553d085ba2e821cad80c28ef8b303dbead8f98e548783c02d1600220638f9ef2a9bba25869afc923f4b5dc38be3bb459f9efa5d869392d5f7779a4a001483045022100fd85bd7697b89c08ec12acc8ba89b23090637d83abd26ca37e01ae93e67c367302202b551fe69386116c47f984aab9c8dfd25d864dcde5d3389cfbef2447a85c4b7701008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10444 "3045022100c9e6f0454aa598b905a35e641a70cc9f67b5f38cc4b00843a041238c4a9f1c4a0220260a2822a62da97e44583e837245995ca2e36781769c52f19e498efbdcca262b",
10445 "30450221008a9f2ea24cd455c2b64c1472a5fa83865b0a5f49a62b661801e884cf2849af8302204d44180e50bf6adfcf1c1e581d75af91aba4e28681ce4a5ee5f3cbf65eca10f3",
10446 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd020000000000000000019a090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100c9e6f0454aa598b905a35e641a70cc9f67b5f38cc4b00843a041238c4a9f1c4a0220260a2822a62da97e44583e837245995ca2e36781769c52f19e498efbdcca262b014830450221008a9f2ea24cd455c2b64c1472a5fa83865b0a5f49a62b661801e884cf2849af8302204d44180e50bf6adfcf1c1e581d75af91aba4e28681ce4a5ee5f3cbf65eca10f3012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10449 // commitment tx with four outputs untrimmed (minimum feerate)
10450 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10451 chan.context.feerate_per_kw = 2195;
10453 test_commitment!("304402201a8c1b1f9671cd9e46c7323a104d7047cc48d3ee80d40d4512e0c72b8dc65666022066d7f9a2ce18c9eb22d2739ffcce05721c767f9b607622a31b6ea5793ddce403",
10454 "3044022044d592025b610c0d678f65032e87035cdfe89d1598c522cc32524ae8172417c30220749fef9d5b2ae8cdd91ece442ba8809bc891efedae2291e578475f97715d1767",
10455 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8004b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484b8976a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022044d592025b610c0d678f65032e87035cdfe89d1598c522cc32524ae8172417c30220749fef9d5b2ae8cdd91ece442ba8809bc891efedae2291e578475f97715d17670147304402201a8c1b1f9671cd9e46c7323a104d7047cc48d3ee80d40d4512e0c72b8dc65666022066d7f9a2ce18c9eb22d2739ffcce05721c767f9b607622a31b6ea5793ddce40301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10458 "3045022100e57b845066a06ee7c2cbfc29eabffe52daa9bf6f6de760066d04df9f9b250e0002202ffb197f0e6e0a77a75a9aff27014bd3de83b7f748d7efef986abe655e1dd50e",
10459 "3045022100ecc8c6529d0b2316d046f0f0757c1e1c25a636db168ec4f3aa1b9278df685dc0022067ae6b65e936f1337091f7b18a15935b608c5f2cdddb2f892ed0babfdd376d76",
10460 "020000000001018130a10f09b13677ba2885a8bca32860f3a952e5912b829a473639b5a2c07b900000000000000000000109060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e57b845066a06ee7c2cbfc29eabffe52daa9bf6f6de760066d04df9f9b250e0002202ffb197f0e6e0a77a75a9aff27014bd3de83b7f748d7efef986abe655e1dd50e01483045022100ecc8c6529d0b2316d046f0f0757c1e1c25a636db168ec4f3aa1b9278df685dc0022067ae6b65e936f1337091f7b18a15935b608c5f2cdddb2f892ed0babfdd376d7601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10463 "3045022100d193b7ecccad8057571620a0b1ffa6c48e9483311723b59cf536043b20bc51550220546d4bd37b3b101ecda14f6c907af46ec391abce1cd9c7ce22b1a62b534f2f2a",
10464 "3044022014d66f11f9cacf923807eba49542076c5fe5cccf252fb08fe98c78ef3ca6ab5402201b290dbe043cc512d9d78de074a5a129b8759bc6a6c546b190d120b690bd6e82",
10465 "020000000001018130a10f09b13677ba2885a8bca32860f3a952e5912b829a473639b5a2c07b900100000000000000000199090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100d193b7ecccad8057571620a0b1ffa6c48e9483311723b59cf536043b20bc51550220546d4bd37b3b101ecda14f6c907af46ec391abce1cd9c7ce22b1a62b534f2f2a01473044022014d66f11f9cacf923807eba49542076c5fe5cccf252fb08fe98c78ef3ca6ab5402201b290dbe043cc512d9d78de074a5a129b8759bc6a6c546b190d120b690bd6e82012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10468 // anchors: commitment tx with four outputs untrimmed (minimum dust limit)
10469 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10470 chan.context.feerate_per_kw = 2185;
10471 chan.context.holder_dust_limit_satoshis = 2001;
10472 let cached_channel_type = chan.context.channel_type;
10473 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10475 test_commitment_with_anchors!("3044022040f63a16148cf35c8d3d41827f5ae7f7c3746885bb64d4d1b895892a83812b3e02202fcf95c2bf02c466163b3fa3ced6a24926fbb4035095a96842ef516e86ba54c0",
10476 "3045022100cd8479cfe1edb1e5a1d487391e0451a469c7171e51e680183f19eb4321f20e9b02204eab7d5a6384b1b08e03baa6e4d9748dfd2b5ab2bae7e39604a0d0055bbffdd5",
10477 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80064a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994b80b000000000000220020f96d0334feb64a4f40eb272031d07afcb038db56aa57446d60308c9f8ccadef9a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994ac5916a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100cd8479cfe1edb1e5a1d487391e0451a469c7171e51e680183f19eb4321f20e9b02204eab7d5a6384b1b08e03baa6e4d9748dfd2b5ab2bae7e39604a0d0055bbffdd501473044022040f63a16148cf35c8d3d41827f5ae7f7c3746885bb64d4d1b895892a83812b3e02202fcf95c2bf02c466163b3fa3ced6a24926fbb4035095a96842ef516e86ba54c001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10480 "304402206870514a72ad6e723ff7f1e0370d7a33c1cd2a0b9272674143ebaf6a1d02dee102205bd953c34faf5e7322e9a1c0103581cb090280fda4f1039ee8552668afa90ebb",
10481 "30440220669de9ca7910eff65a7773ebd14a9fc371fe88cde5b8e2a81609d85c87ac939b02201ac29472fa4067322e92d75b624942d60be5050139b20bb363db75be79eb946f",
10482 "02000000000101ac13a7715f80b8e52dda43c6929cade5521bdced3a405da02b443f1ffb1e33cc02000000000100000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402206870514a72ad6e723ff7f1e0370d7a33c1cd2a0b9272674143ebaf6a1d02dee102205bd953c34faf5e7322e9a1c0103581cb090280fda4f1039ee8552668afa90ebb834730440220669de9ca7910eff65a7773ebd14a9fc371fe88cde5b8e2a81609d85c87ac939b02201ac29472fa4067322e92d75b624942d60be5050139b20bb363db75be79eb946f01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6851b27568f7010000" },
10485 "3045022100949e8dd938da56445b1cdfdebe1b7efea086edd05d89910d205a1e2e033ce47102202cbd68b5262ab144d9ec12653f87dfb0bb6bd05d1f58ae1e523f028eaefd7271",
10486 "3045022100e3104ed8b239f8019e5f0a1a73d7782a94a8c36e7984f476c3a0b3cb0e62e27902207e3d52884600985f8a2098e53a5c30dd6a5e857733acfaa07ab2162421ed2688",
10487 "02000000000101ac13a7715f80b8e52dda43c6929cade5521bdced3a405da02b443f1ffb1e33cc03000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100949e8dd938da56445b1cdfdebe1b7efea086edd05d89910d205a1e2e033ce47102202cbd68b5262ab144d9ec12653f87dfb0bb6bd05d1f58ae1e523f028eaefd727183483045022100e3104ed8b239f8019e5f0a1a73d7782a94a8c36e7984f476c3a0b3cb0e62e27902207e3d52884600985f8a2098e53a5c30dd6a5e857733acfaa07ab2162421ed2688012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10490 // commitment tx with four outputs untrimmed (maximum feerate)
10491 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10492 chan.context.feerate_per_kw = 3702;
10493 chan.context.holder_dust_limit_satoshis = 546;
10494 chan.context.channel_type = cached_channel_type.clone();
10496 test_commitment!("304502210092a587aeb777f869e7ff0d7898ea619ee26a3dacd1f3672b945eea600be431100220077ee9eae3528d15251f2a52b607b189820e57a6ccfac8d1af502b132ee40169",
10497 "3045022100e5efb73c32d32da2d79702299b6317de6fb24a60476e3855926d78484dd1b3c802203557cb66a42c944ef06e00bcc4da35a5bcb2f185aab0f8e403e519e1d66aaf75",
10498 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8004b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4846f916a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100e5efb73c32d32da2d79702299b6317de6fb24a60476e3855926d78484dd1b3c802203557cb66a42c944ef06e00bcc4da35a5bcb2f185aab0f8e403e519e1d66aaf750148304502210092a587aeb777f869e7ff0d7898ea619ee26a3dacd1f3672b945eea600be431100220077ee9eae3528d15251f2a52b607b189820e57a6ccfac8d1af502b132ee4016901475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10501 "304402206fa54c11f98c3bae1e93df43fc7affeb05b476bf8060c03e29c377c69bc08e8b0220672701cce50d5c379ff45a5d2cfe48ac44973adb066ac32608e21221d869bb89",
10502 "304402206e36c683ebf2cb16bcef3d5439cf8b53cd97280a365ed8acd7abb85a8ba5f21c02206e8621edfc2a5766cbc96eb67fd501127ff163eb6b85518a39f7d4974aef126f",
10503 "020000000001018db483bff65c70ee71d8282aeec5a880e2e2b39e45772bda5460403095c62e3f0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402206fa54c11f98c3bae1e93df43fc7affeb05b476bf8060c03e29c377c69bc08e8b0220672701cce50d5c379ff45a5d2cfe48ac44973adb066ac32608e21221d869bb890147304402206e36c683ebf2cb16bcef3d5439cf8b53cd97280a365ed8acd7abb85a8ba5f21c02206e8621edfc2a5766cbc96eb67fd501127ff163eb6b85518a39f7d4974aef126f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10506 "3044022057649739b0eb74d541ead0dfdb3d4b2c15aa192720031044c3434c67812e5ca902201e5ede42d960ae551707f4a6b34b09393cf4dee2418507daa022e3550dbb5817",
10507 "304402207faad26678c8850e01b4a0696d60841f7305e1832b786110ee9075cb92ed14a30220516ef8ee5dfa80824ea28cbcec0dd95f8b847146257c16960db98507db15ffdc",
10508 "020000000001018db483bff65c70ee71d8282aeec5a880e2e2b39e45772bda5460403095c62e3f0100000000000000000176050000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022057649739b0eb74d541ead0dfdb3d4b2c15aa192720031044c3434c67812e5ca902201e5ede42d960ae551707f4a6b34b09393cf4dee2418507daa022e3550dbb58170147304402207faad26678c8850e01b4a0696d60841f7305e1832b786110ee9075cb92ed14a30220516ef8ee5dfa80824ea28cbcec0dd95f8b847146257c16960db98507db15ffdc012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10511 // commitment tx with three outputs untrimmed (minimum feerate)
10512 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10513 chan.context.feerate_per_kw = 3703;
10515 test_commitment!("3045022100b495d239772a237ff2cf354b1b11be152fd852704cb184e7356d13f2fb1e5e430220723db5cdb9cbd6ead7bfd3deb419cf41053a932418cbb22a67b581f40bc1f13e",
10516 "304402201b736d1773a124c745586217a75bed5f66c05716fbe8c7db4fdb3c3069741cdd02205083f39c321c1bcadfc8d97e3c791a66273d936abac0c6a2fde2ed46019508e1",
10517 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8003a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484eb936a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402201b736d1773a124c745586217a75bed5f66c05716fbe8c7db4fdb3c3069741cdd02205083f39c321c1bcadfc8d97e3c791a66273d936abac0c6a2fde2ed46019508e101483045022100b495d239772a237ff2cf354b1b11be152fd852704cb184e7356d13f2fb1e5e430220723db5cdb9cbd6ead7bfd3deb419cf41053a932418cbb22a67b581f40bc1f13e01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10520 "3045022100c34c61735f93f2e324cc873c3b248111ccf8f6db15d5969583757010d4ad2b4602207867bb919b2ddd6387873e425345c9b7fd18d1d66aba41f3607bc2896ef3c30a",
10521 "3045022100988c143e2110067117d2321bdd4bd16ca1734c98b29290d129384af0962b634e02206c1b02478878c5f547018b833986578f90c3e9be669fe5788ad0072a55acbb05",
10522 "0200000000010120060e4a29579d429f0f27c17ee5f1ee282f20d706d6f90b63d35946d8f3029a0000000000000000000175050000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100c34c61735f93f2e324cc873c3b248111ccf8f6db15d5969583757010d4ad2b4602207867bb919b2ddd6387873e425345c9b7fd18d1d66aba41f3607bc2896ef3c30a01483045022100988c143e2110067117d2321bdd4bd16ca1734c98b29290d129384af0962b634e02206c1b02478878c5f547018b833986578f90c3e9be669fe5788ad0072a55acbb05012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10525 // anchors: commitment tx with three outputs untrimmed (minimum dust limit)
10526 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10527 chan.context.feerate_per_kw = 3687;
10528 chan.context.holder_dust_limit_satoshis = 3001;
10529 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10531 test_commitment_with_anchors!("3045022100ad6c71569856b2d7ff42e838b4abe74a713426b37f22fa667a195a4c88908c6902202b37272b02a42dc6d9f4f82cab3eaf84ac882d9ed762859e1e75455c2c228377",
10532 "3045022100c970799bcb33f43179eb43b3378a0a61991cf2923f69b36ef12548c3df0e6d500220413dc27d2e39ee583093adfcb7799be680141738babb31cc7b0669a777a31f5d",
10533 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80054a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994aa28b6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100c970799bcb33f43179eb43b3378a0a61991cf2923f69b36ef12548c3df0e6d500220413dc27d2e39ee583093adfcb7799be680141738babb31cc7b0669a777a31f5d01483045022100ad6c71569856b2d7ff42e838b4abe74a713426b37f22fa667a195a4c88908c6902202b37272b02a42dc6d9f4f82cab3eaf84ac882d9ed762859e1e75455c2c22837701475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10536 "3044022017b558a3cf5f0cb94269e2e927b29ed22bd2416abb8a7ce6de4d1256f359b93602202e9ca2b1a23ea3e69f433c704e327739e219804b8c188b1d52f74fd5a9de954c",
10537 "3045022100af7a8b7c7ff2080c68995254cb66d64d9954edcc5baac3bb4f27ed2d29aaa6120220421c27da7a60574a9263f271e0f3bd34594ec6011095190022b3b54596ea03de",
10538 "02000000000101542562b326c08e3a076d9cfca2be175041366591da334d8d513ff1686fd95a6002000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022017b558a3cf5f0cb94269e2e927b29ed22bd2416abb8a7ce6de4d1256f359b93602202e9ca2b1a23ea3e69f433c704e327739e219804b8c188b1d52f74fd5a9de954c83483045022100af7a8b7c7ff2080c68995254cb66d64d9954edcc5baac3bb4f27ed2d29aaa6120220421c27da7a60574a9263f271e0f3bd34594ec6011095190022b3b54596ea03de012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10541 // commitment tx with three outputs untrimmed (maximum feerate)
10542 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10543 chan.context.feerate_per_kw = 4914;
10544 chan.context.holder_dust_limit_satoshis = 546;
10545 chan.context.channel_type = cached_channel_type.clone();
10547 test_commitment!("3045022100b4b16d5f8cc9fc4c1aff48831e832a0d8990e133978a66e302c133550954a44d022073573ce127e2200d316f6b612803a5c0c97b8d20e1e44dbe2ac0dd2fb8c95244",
10548 "3045022100d72638bc6308b88bb6d45861aae83e5b9ff6e10986546e13bce769c70036e2620220320be7c6d66d22f30b9fcd52af66531505b1310ca3b848c19285b38d8a1a8c19",
10549 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8003a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484ae8f6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100d72638bc6308b88bb6d45861aae83e5b9ff6e10986546e13bce769c70036e2620220320be7c6d66d22f30b9fcd52af66531505b1310ca3b848c19285b38d8a1a8c1901483045022100b4b16d5f8cc9fc4c1aff48831e832a0d8990e133978a66e302c133550954a44d022073573ce127e2200d316f6b612803a5c0c97b8d20e1e44dbe2ac0dd2fb8c9524401475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10552 "3045022100f43591c156038ba217756006bb3c55f7d113a325cdd7d9303c82115372858d68022016355b5aadf222bc8d12e426c75f4a03423917b2443a103eb2a498a3a2234374",
10553 "30440220585dee80fafa264beac535c3c0bb5838ac348b156fdc982f86adc08dfc9bfd250220130abb82f9f295cc9ef423dcfef772fde2acd85d9df48cc538981d26a10a9c10",
10554 "02000000000101a9172908eace869cc35128c31fc2ab502f72e4dff31aab23e0244c4b04b11ab00000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f43591c156038ba217756006bb3c55f7d113a325cdd7d9303c82115372858d68022016355b5aadf222bc8d12e426c75f4a03423917b2443a103eb2a498a3a2234374014730440220585dee80fafa264beac535c3c0bb5838ac348b156fdc982f86adc08dfc9bfd250220130abb82f9f295cc9ef423dcfef772fde2acd85d9df48cc538981d26a10a9c10012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10557 // commitment tx with two outputs untrimmed (minimum feerate)
10558 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10559 chan.context.feerate_per_kw = 4915;
10560 chan.context.holder_dust_limit_satoshis = 546;
10562 test_commitment!("304402203a286936e74870ca1459c700c71202af0381910a6bfab687ef494ef1bc3e02c902202506c362d0e3bee15e802aa729bf378e051644648253513f1c085b264cc2a720",
10563 "30450221008a953551f4d67cb4df3037207fc082ddaf6be84d417b0bd14c80aab66f1b01a402207508796dc75034b2dee876fe01dc05a08b019f3e5d689ac8842ade2f1befccf5",
10564 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8002c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484fa926a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221008a953551f4d67cb4df3037207fc082ddaf6be84d417b0bd14c80aab66f1b01a402207508796dc75034b2dee876fe01dc05a08b019f3e5d689ac8842ade2f1befccf50147304402203a286936e74870ca1459c700c71202af0381910a6bfab687ef494ef1bc3e02c902202506c362d0e3bee15e802aa729bf378e051644648253513f1c085b264cc2a72001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10566 // anchors: commitment tx with two outputs untrimmed (minimum dust limit)
10567 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10568 chan.context.feerate_per_kw = 4894;
10569 chan.context.holder_dust_limit_satoshis = 4001;
10570 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10572 test_commitment_with_anchors!("3045022100e784a66b1588575801e237d35e510fd92a81ae3a4a2a1b90c031ad803d07b3f3022021bc5f16501f167607d63b681442da193eb0a76b4b7fd25c2ed4f8b28fd35b95",
10573 "30450221009f16ac85d232e4eddb3fcd750a68ebf0b58e3356eaada45d3513ede7e817bf4c02207c2b043b4e5f971261975406cb955219fa56bffe5d834a833694b5abc1ce4cfd",
10574 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80044a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994ad0886a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221009f16ac85d232e4eddb3fcd750a68ebf0b58e3356eaada45d3513ede7e817bf4c02207c2b043b4e5f971261975406cb955219fa56bffe5d834a833694b5abc1ce4cfd01483045022100e784a66b1588575801e237d35e510fd92a81ae3a4a2a1b90c031ad803d07b3f3022021bc5f16501f167607d63b681442da193eb0a76b4b7fd25c2ed4f8b28fd35b9501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10576 // commitment tx with two outputs untrimmed (maximum feerate)
10577 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10578 chan.context.feerate_per_kw = 9651180;
10579 chan.context.holder_dust_limit_satoshis = 546;
10580 chan.context.channel_type = cached_channel_type.clone();
10582 test_commitment!("304402200a8544eba1d216f5c5e530597665fa9bec56943c0f66d98fc3d028df52d84f7002201e45fa5c6bc3a506cc2553e7d1c0043a9811313fc39c954692c0d47cfce2bbd3",
10583 "3045022100e11b638c05c650c2f63a421d36ef8756c5ce82f2184278643520311cdf50aa200220259565fb9c8e4a87ccaf17f27a3b9ca4f20625754a0920d9c6c239d8156a11de",
10584 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b800222020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80ec0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4840400483045022100e11b638c05c650c2f63a421d36ef8756c5ce82f2184278643520311cdf50aa200220259565fb9c8e4a87ccaf17f27a3b9ca4f20625754a0920d9c6c239d8156a11de0147304402200a8544eba1d216f5c5e530597665fa9bec56943c0f66d98fc3d028df52d84f7002201e45fa5c6bc3a506cc2553e7d1c0043a9811313fc39c954692c0d47cfce2bbd301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10586 // commitment tx with one output untrimmed (minimum feerate)
10587 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10588 chan.context.feerate_per_kw = 9651181;
10590 test_commitment!("304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a2",
10591 "304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a379",
10592 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8001c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484040047304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a3790147304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10594 // anchors: commitment tx with one output untrimmed (minimum dust limit)
10595 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10596 chan.context.feerate_per_kw = 6216010;
10597 chan.context.holder_dust_limit_satoshis = 4001;
10598 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10600 test_commitment_with_anchors!("30450221008fd5dbff02e4b59020d4cd23a3c30d3e287065fda75a0a09b402980adf68ccda022001e0b8b620cd915ddff11f1de32addf23d81d51b90e6841b2cb8dcaf3faa5ecf",
10601 "30450221009ad80792e3038fe6968d12ff23e6888a565c3ddd065037f357445f01675d63f3022018384915e5f1f4ae157e15debf4f49b61c8d9d2b073c7d6f97c4a68caa3ed4c1",
10602 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80024a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994a04004830450221009ad80792e3038fe6968d12ff23e6888a565c3ddd065037f357445f01675d63f3022018384915e5f1f4ae157e15debf4f49b61c8d9d2b073c7d6f97c4a68caa3ed4c1014830450221008fd5dbff02e4b59020d4cd23a3c30d3e287065fda75a0a09b402980adf68ccda022001e0b8b620cd915ddff11f1de32addf23d81d51b90e6841b2cb8dcaf3faa5ecf01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10604 // commitment tx with fee greater than funder amount
10605 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10606 chan.context.feerate_per_kw = 9651936;
10607 chan.context.holder_dust_limit_satoshis = 546;
10608 chan.context.channel_type = cached_channel_type;
10610 test_commitment!("304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a2",
10611 "304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a379",
10612 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8001c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484040047304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a3790147304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10614 // commitment tx with 3 htlc outputs, 2 offered having the same amount and preimage
10615 chan.context.value_to_self_msat = 7_000_000_000 - 2_000_000;
10616 chan.context.feerate_per_kw = 253;
10617 chan.context.pending_inbound_htlcs.clear();
10618 chan.context.pending_inbound_htlcs.push({
10619 let mut out = InboundHTLCOutput{
10621 amount_msat: 2000000,
10623 payment_hash: PaymentHash([0; 32]),
10624 state: InboundHTLCState::Committed,
10626 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap()).to_byte_array();
10629 chan.context.pending_outbound_htlcs.clear();
10630 chan.context.pending_outbound_htlcs.push({
10631 let mut out = OutboundHTLCOutput{
10633 amount_msat: 5000001,
10635 payment_hash: PaymentHash([0; 32]),
10636 state: OutboundHTLCState::Committed,
10637 source: HTLCSource::dummy(),
10638 skimmed_fee_msat: None,
10639 blinding_point: None,
10641 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0505050505050505050505050505050505050505050505050505050505050505").unwrap()).to_byte_array();
10644 chan.context.pending_outbound_htlcs.push({
10645 let mut out = OutboundHTLCOutput{
10647 amount_msat: 5000000,
10649 payment_hash: PaymentHash([0; 32]),
10650 state: OutboundHTLCState::Committed,
10651 source: HTLCSource::dummy(),
10652 skimmed_fee_msat: None,
10653 blinding_point: None,
10655 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0505050505050505050505050505050505050505050505050505050505050505").unwrap()).to_byte_array();
10659 test_commitment!("304402207d0870964530f97b62497b11153c551dca0a1e226815ef0a336651158da0f82402200f5378beee0e77759147b8a0a284decd11bfd2bc55c8fafa41c134fe996d43c8",
10660 "304402200d10bf5bc5397fc59d7188ae438d80c77575595a2d488e41bd6363a810cc8d72022012b57e714fbbfdf7a28c47d5b370cb8ac37c8545f596216e5b21e9b236ef457c",
10661 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2d8813000000000000220020305c12e1a0bc21e283c131cea1c66d68857d28b7b2fce0a6fbc40c164852121b8813000000000000220020305c12e1a0bc21e283c131cea1c66d68857d28b7b2fce0a6fbc40c164852121bc0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484a69f6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402200d10bf5bc5397fc59d7188ae438d80c77575595a2d488e41bd6363a810cc8d72022012b57e714fbbfdf7a28c47d5b370cb8ac37c8545f596216e5b21e9b236ef457c0147304402207d0870964530f97b62497b11153c551dca0a1e226815ef0a336651158da0f82402200f5378beee0e77759147b8a0a284decd11bfd2bc55c8fafa41c134fe996d43c801475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10664 "3045022100b470fe12e5b7fea9eccb8cbff1972cea4f96758041898982a02bcc7f9d56d50b0220338a75b2afaab4ec00cdd2d9273c68c7581ff5a28bcbb40c4d138b81f1d45ce5",
10665 "3044022017b90c65207522a907fb6a137f9dd528b3389465a8ae72308d9e1d564f512cf402204fc917b4f0e88604a3e994f85bfae7c7c1f9d9e9f78e8cd112e0889720d9405b",
10666 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec000000000000000000011f070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100b470fe12e5b7fea9eccb8cbff1972cea4f96758041898982a02bcc7f9d56d50b0220338a75b2afaab4ec00cdd2d9273c68c7581ff5a28bcbb40c4d138b81f1d45ce501473044022017b90c65207522a907fb6a137f9dd528b3389465a8ae72308d9e1d564f512cf402204fc917b4f0e88604a3e994f85bfae7c7c1f9d9e9f78e8cd112e0889720d9405b012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10668 "3045022100b575379f6d8743cb0087648f81cfd82d17a97fbf8f67e058c65ce8b9d25df9500220554a210d65b02d9f36c6adf0f639430ca8293196ba5089bf67cc3a9813b7b00a",
10669 "3045022100ee2e16b90930a479b13f8823a7f14b600198c838161160b9436ed086d3fc57e002202a66fa2324f342a17129949c640bfe934cbc73a869ba7c06aa25c5a3d0bfb53d",
10670 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec01000000000000000001e1120000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100b575379f6d8743cb0087648f81cfd82d17a97fbf8f67e058c65ce8b9d25df9500220554a210d65b02d9f36c6adf0f639430ca8293196ba5089bf67cc3a9813b7b00a01483045022100ee2e16b90930a479b13f8823a7f14b600198c838161160b9436ed086d3fc57e002202a66fa2324f342a17129949c640bfe934cbc73a869ba7c06aa25c5a3d0bfb53d01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6868f9010000" },
10672 "30440220471c9f3ad92e49b13b7b8059f43ecf8f7887b0dccbb9fdb54bfe23d62a8ae332022024bd22fae0740e86a44228c35330da9526fd7306dffb2b9dc362d5e78abef7cc",
10673 "304402207157f452f2506d73c315192311893800cfb3cc235cc1185b1cfcc136b55230db022014be242dbc6c5da141fec4034e7f387f74d6ff1899453d72ba957467540e1ecb",
10674 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec02000000000000000001e1120000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220471c9f3ad92e49b13b7b8059f43ecf8f7887b0dccbb9fdb54bfe23d62a8ae332022024bd22fae0740e86a44228c35330da9526fd7306dffb2b9dc362d5e78abef7cc0147304402207157f452f2506d73c315192311893800cfb3cc235cc1185b1cfcc136b55230db022014be242dbc6c5da141fec4034e7f387f74d6ff1899453d72ba957467540e1ecb01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6868fa010000" }
10677 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10678 test_commitment_with_anchors!("3044022027b38dfb654c34032ffb70bb43022981652fce923cbbe3cbe7394e2ade8b34230220584195b78da6e25c2e8da6b4308d9db25b65b64975db9266163ef592abb7c725",
10679 "3045022100b4014970d9d7962853f3f85196144671d7d5d87426250f0a5fdaf9a55292e92502205360910c9abb397467e19dbd63d081deb4a3240903114c98cec0a23591b79b76",
10680 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80074a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994d007000000000000220020fe0598d74fee2205cc3672e6e6647706b4f3099713b4661b62482c3addd04a5e881300000000000022002018e40f9072c44350f134bdc887bab4d9bdfc8aa468a25616c80e21757ba5dac7881300000000000022002018e40f9072c44350f134bdc887bab4d9bdfc8aa468a25616c80e21757ba5dac7c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994aad9c6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100b4014970d9d7962853f3f85196144671d7d5d87426250f0a5fdaf9a55292e92502205360910c9abb397467e19dbd63d081deb4a3240903114c98cec0a23591b79b7601473044022027b38dfb654c34032ffb70bb43022981652fce923cbbe3cbe7394e2ade8b34230220584195b78da6e25c2e8da6b4308d9db25b65b64975db9266163ef592abb7c72501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10683 "30440220078fe5343dab88c348a3a8a9c1a9293259dbf35507ae971702cc39dd623ea9af022011ed0c0f35243cd0bb4d9ca3c772379b2b5f4af93140e9fdc5600dfec1cdb0c2",
10684 "304402205df665e2908c7690d2d33eb70e6e119958c28febe141a94ed0dd9a55ce7c8cfc0220364d02663a5d019af35c5cd5fda9465d985d85bbd12db207738d61163449a424",
10685 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c402000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220078fe5343dab88c348a3a8a9c1a9293259dbf35507ae971702cc39dd623ea9af022011ed0c0f35243cd0bb4d9ca3c772379b2b5f4af93140e9fdc5600dfec1cdb0c28347304402205df665e2908c7690d2d33eb70e6e119958c28febe141a94ed0dd9a55ce7c8cfc0220364d02663a5d019af35c5cd5fda9465d985d85bbd12db207738d61163449a424012001010101010101010101010101010101010101010101010101010101010101018d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac6851b2756800000000" },
10687 "304402202df6bf0f98a42cfd0172a16bded7d1b16c14f5f42ba23f5c54648c14b647531302200fe1508626817f23925bb56951d5e4b2654c751743ab6db48a6cce7dda17c01c",
10688 "304402203f99ec05cdd89558a23683b471c1dcce8f6a92295f1fff3b0b5d21be4d4f97ea022019d29070690fc2c126fe27cc4ab2f503f289d362721b2efa7418e7fddb939a5b",
10689 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c40300000000010000000188130000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402202df6bf0f98a42cfd0172a16bded7d1b16c14f5f42ba23f5c54648c14b647531302200fe1508626817f23925bb56951d5e4b2654c751743ab6db48a6cce7dda17c01c8347304402203f99ec05cdd89558a23683b471c1dcce8f6a92295f1fff3b0b5d21be4d4f97ea022019d29070690fc2c126fe27cc4ab2f503f289d362721b2efa7418e7fddb939a5b01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6851b27568f9010000" },
10691 "3045022100bd206b420c495f3aa714d3ea4766cbe95441deacb5d2f737f1913349aee7c2ae02200249d2c950dd3b15326bf378ae5d2b871d33d6737f5d70735f3de8383140f2a1",
10692 "3045022100f2cd35e385b9b7e15b92a5d78d120b6b2c5af4e974bc01e884c5facb3bb5966c0220706e0506477ce809a40022d6de8e041e9ef13136c45abee9c36f58a01fdb188b",
10693 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c40400000000010000000188130000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100bd206b420c495f3aa714d3ea4766cbe95441deacb5d2f737f1913349aee7c2ae02200249d2c950dd3b15326bf378ae5d2b871d33d6737f5d70735f3de8383140f2a183483045022100f2cd35e385b9b7e15b92a5d78d120b6b2c5af4e974bc01e884c5facb3bb5966c0220706e0506477ce809a40022d6de8e041e9ef13136c45abee9c36f58a01fdb188b01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6851b27568fa010000" }
10698 fn test_per_commitment_secret_gen() {
10699 // Test vectors from BOLT 3 Appendix D:
10701 let mut seed = [0; 32];
10702 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("0000000000000000000000000000000000000000000000000000000000000000").unwrap());
10703 assert_eq!(chan_utils::build_commitment_secret(&seed, 281474976710655),
10704 <Vec<u8>>::from_hex("02a40c85b6f28da08dfdbe0926c53fab2de6d28c10301f8f7c4073d5e42e3148").unwrap()[..]);
10706 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF").unwrap());
10707 assert_eq!(chan_utils::build_commitment_secret(&seed, 281474976710655),
10708 <Vec<u8>>::from_hex("7cc854b54e3e0dcdb010d7a3fee464a9687be6e8db3be6854c475621e007a5dc").unwrap()[..]);
10710 assert_eq!(chan_utils::build_commitment_secret(&seed, 0xaaaaaaaaaaa),
10711 <Vec<u8>>::from_hex("56f4008fb007ca9acf0e15b054d5c9fd12ee06cea347914ddbaed70d1c13a528").unwrap()[..]);
10713 assert_eq!(chan_utils::build_commitment_secret(&seed, 0x555555555555),
10714 <Vec<u8>>::from_hex("9015daaeb06dba4ccc05b91b2f73bd54405f2be9f217fbacd3c5ac2e62327d31").unwrap()[..]);
10716 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap());
10717 assert_eq!(chan_utils::build_commitment_secret(&seed, 1),
10718 <Vec<u8>>::from_hex("915c75942a26bb3a433a8ce2cb0427c29ec6c1775cfc78328b57f6ba7bfeaa9c").unwrap()[..]);
10722 fn test_key_derivation() {
10723 // Test vectors from BOLT 3 Appendix E:
10724 let secp_ctx = Secp256k1::new();
10726 let base_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f").unwrap()[..]).unwrap();
10727 let per_commitment_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100").unwrap()[..]).unwrap();
10729 let base_point = PublicKey::from_secret_key(&secp_ctx, &base_secret);
10730 assert_eq!(base_point.serialize()[..], <Vec<u8>>::from_hex("036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2").unwrap()[..]);
10732 let per_commitment_point = PublicKey::from_secret_key(&secp_ctx, &per_commitment_secret);
10733 assert_eq!(per_commitment_point.serialize()[..], <Vec<u8>>::from_hex("025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486").unwrap()[..]);
10735 assert_eq!(chan_utils::derive_private_key(&secp_ctx, &per_commitment_point, &base_secret),
10736 SecretKey::from_slice(&<Vec<u8>>::from_hex("cbced912d3b21bf196a766651e436aff192362621ce317704ea2f75d87e7be0f").unwrap()[..]).unwrap());
10738 assert_eq!(RevocationKey::from_basepoint(&secp_ctx, &RevocationBasepoint::from(base_point), &per_commitment_point).to_public_key().serialize()[..],
10739 <Vec<u8>>::from_hex("02916e326636d19c33f13e8c0c3a03dd157f332f3e99c317c141dd865eb01f8ff0").unwrap()[..]);
10741 assert_eq!(chan_utils::derive_private_revocation_key(&secp_ctx, &per_commitment_secret, &base_secret),
10742 SecretKey::from_slice(&<Vec<u8>>::from_hex("d09ffff62ddb2297ab000cc85bcb4283fdeb6aa052affbc9dddcf33b61078110").unwrap()[..]).unwrap());
10746 fn test_zero_conf_channel_type_support() {
10747 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10748 let secp_ctx = Secp256k1::new();
10749 let seed = [42; 32];
10750 let network = Network::Testnet;
10751 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
10752 let logger = test_utils::TestLogger::new();
10754 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10755 let config = UserConfig::default();
10756 let node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider,
10757 node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
10759 let mut channel_type_features = ChannelTypeFeatures::only_static_remote_key();
10760 channel_type_features.set_zero_conf_required();
10762 let mut open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
10763 open_channel_msg.common_fields.channel_type = Some(channel_type_features);
10764 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
10765 let res = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider,
10766 node_b_node_id, &channelmanager::provided_channel_type_features(&config),
10767 &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false);
10768 assert!(res.is_ok());
10772 fn test_supports_anchors_zero_htlc_tx_fee() {
10773 // Tests that if both sides support and negotiate `anchors_zero_fee_htlc_tx`, it is the
10774 // resulting `channel_type`.
10775 let secp_ctx = Secp256k1::new();
10776 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10777 let network = Network::Testnet;
10778 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10779 let logger = test_utils::TestLogger::new();
10781 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10782 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10784 let mut config = UserConfig::default();
10785 config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx = true;
10787 // It is not enough for just the initiator to signal `option_anchors_zero_fee_htlc_tx`, both
10788 // need to signal it.
10789 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10790 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10791 &channelmanager::provided_init_features(&UserConfig::default()), 10000000, 100000, 42,
10792 &config, 0, 42, None
10794 assert!(!channel_a.context.channel_type.supports_anchors_zero_fee_htlc_tx());
10796 let mut expected_channel_type = ChannelTypeFeatures::empty();
10797 expected_channel_type.set_static_remote_key_required();
10798 expected_channel_type.set_anchors_zero_fee_htlc_tx_required();
10800 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10801 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10802 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10806 let open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10807 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10808 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10809 &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config),
10810 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10813 assert_eq!(channel_a.context.channel_type, expected_channel_type);
10814 assert_eq!(channel_b.context.channel_type, expected_channel_type);
10818 fn test_rejects_implicit_simple_anchors() {
10819 // Tests that if `option_anchors` is being negotiated implicitly through the intersection of
10820 // each side's `InitFeatures`, it is rejected.
10821 let secp_ctx = Secp256k1::new();
10822 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10823 let network = Network::Testnet;
10824 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10825 let logger = test_utils::TestLogger::new();
10827 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10828 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10830 let config = UserConfig::default();
10832 // See feature bit assignments: https://github.com/lightning/bolts/blob/master/09-features.md
10833 let static_remote_key_required: u64 = 1 << 12;
10834 let simple_anchors_required: u64 = 1 << 20;
10835 let raw_init_features = static_remote_key_required | simple_anchors_required;
10836 let init_features_with_simple_anchors = InitFeatures::from_le_bytes(raw_init_features.to_le_bytes().to_vec());
10838 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10839 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10840 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10844 // Set `channel_type` to `None` to force the implicit feature negotiation.
10845 let mut open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10846 open_channel_msg.common_fields.channel_type = None;
10848 // Since A supports both `static_remote_key` and `option_anchors`, but B only accepts
10849 // `static_remote_key`, it will fail the channel.
10850 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10851 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10852 &channelmanager::provided_channel_type_features(&config), &init_features_with_simple_anchors,
10853 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10855 assert!(channel_b.is_err());
10859 fn test_rejects_simple_anchors_channel_type() {
10860 // Tests that if `option_anchors` is being negotiated through the `channel_type` feature,
10862 let secp_ctx = Secp256k1::new();
10863 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10864 let network = Network::Testnet;
10865 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10866 let logger = test_utils::TestLogger::new();
10868 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10869 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10871 let config = UserConfig::default();
10873 // See feature bit assignments: https://github.com/lightning/bolts/blob/master/09-features.md
10874 let static_remote_key_required: u64 = 1 << 12;
10875 let simple_anchors_required: u64 = 1 << 20;
10876 let simple_anchors_raw_features = static_remote_key_required | simple_anchors_required;
10877 let simple_anchors_init = InitFeatures::from_le_bytes(simple_anchors_raw_features.to_le_bytes().to_vec());
10878 let simple_anchors_channel_type = ChannelTypeFeatures::from_le_bytes(simple_anchors_raw_features.to_le_bytes().to_vec());
10879 assert!(!simple_anchors_init.requires_unknown_bits());
10880 assert!(!simple_anchors_channel_type.requires_unknown_bits());
10882 // First, we'll try to open a channel between A and B where A requests a channel type for
10883 // the original `option_anchors` feature (non zero fee htlc tx). This should be rejected by
10884 // B as it's not supported by LDK.
10885 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10886 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10887 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10891 let mut open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10892 open_channel_msg.common_fields.channel_type = Some(simple_anchors_channel_type.clone());
10894 let res = InboundV1Channel::<&TestKeysInterface>::new(
10895 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10896 &channelmanager::provided_channel_type_features(&config), &simple_anchors_init,
10897 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10899 assert!(res.is_err());
10901 // Then, we'll try to open another channel where A requests a channel type for
10902 // `anchors_zero_fee_htlc_tx`. B is malicious and tries to downgrade the channel type to the
10903 // original `option_anchors` feature, which should be rejected by A as it's not supported by
10905 let mut channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10906 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b, &simple_anchors_init,
10907 10000000, 100000, 42, &config, 0, 42, None
10910 let open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10912 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10913 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10914 &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config),
10915 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10918 let mut accept_channel_msg = channel_b.get_accept_channel_message();
10919 accept_channel_msg.common_fields.channel_type = Some(simple_anchors_channel_type.clone());
10921 let res = channel_a.accept_channel(
10922 &accept_channel_msg, &config.channel_handshake_limits, &simple_anchors_init
10924 assert!(res.is_err());
10928 fn test_waiting_for_batch() {
10929 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10930 let logger = test_utils::TestLogger::new();
10931 let secp_ctx = Secp256k1::new();
10932 let seed = [42; 32];
10933 let network = Network::Testnet;
10934 let best_block = BestBlock::from_network(network);
10935 let chain_hash = ChainHash::using_genesis_block(network);
10936 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
10938 let mut config = UserConfig::default();
10939 // Set trust_own_funding_0conf while ensuring we don't send channel_ready for a
10940 // channel in a batch before all channels are ready.
10941 config.channel_handshake_limits.trust_own_funding_0conf = true;
10943 // Create a channel from node a to node b that will be part of batch funding.
10944 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10945 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(
10950 &channelmanager::provided_init_features(&config),
10960 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
10961 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
10962 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(
10967 &channelmanager::provided_channel_type_features(&config),
10968 &channelmanager::provided_init_features(&config),
10974 true, // Allow node b to send a 0conf channel_ready.
10977 let accept_channel_msg = node_b_chan.accept_inbound_channel();
10978 node_a_chan.accept_channel(
10979 &accept_channel_msg,
10980 &config.channel_handshake_limits,
10981 &channelmanager::provided_init_features(&config),
10984 // Fund the channel with a batch funding transaction.
10985 let output_script = node_a_chan.context.get_funding_redeemscript();
10986 let tx = Transaction {
10988 lock_time: LockTime::ZERO,
10992 value: 10000000, script_pubkey: output_script.clone(),
10995 value: 10000000, script_pubkey: Builder::new().into_script(),
10998 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
10999 let funding_created_msg = node_a_chan.get_funding_created(
11000 tx.clone(), funding_outpoint, true, &&logger,
11001 ).map_err(|_| ()).unwrap();
11002 let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(
11003 &funding_created_msg.unwrap(),
11007 ).map_err(|_| ()).unwrap();
11008 let node_b_updates = node_b_chan.monitor_updating_restored(
11016 // Receive funding_signed, but the channel will be configured to hold sending channel_ready and
11017 // broadcasting the funding transaction until the batch is ready.
11018 let res = node_a_chan.funding_signed(
11019 &funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger,
11021 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
11022 let node_a_updates = node_a_chan.monitor_updating_restored(
11029 // Our channel_ready shouldn't be sent yet, even with trust_own_funding_0conf set,
11030 // as the funding transaction depends on all channels in the batch becoming ready.
11031 assert!(node_a_updates.channel_ready.is_none());
11032 assert!(node_a_updates.funding_broadcastable.is_none());
11033 assert_eq!(node_a_chan.context.channel_state, ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
11035 // It is possible to receive a 0conf channel_ready from the remote node.
11036 node_a_chan.channel_ready(
11037 &node_b_updates.channel_ready.unwrap(),
11045 node_a_chan.context.channel_state,
11046 ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH | AwaitingChannelReadyFlags::THEIR_CHANNEL_READY)
11049 // Clear the ChannelState::WaitingForBatch only when called by ChannelManager.
11050 node_a_chan.set_batch_ready();
11051 assert_eq!(node_a_chan.context.channel_state, ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::THEIR_CHANNEL_READY));
11052 assert!(node_a_chan.check_get_channel_ready(0).is_some());
projects / rust-lightning / blob