+# 0.0.105 - 2022-02-28
+
+## API Updates
+ * `Phantom node` payments are now supported, allowing receipt of a payment on
+ any one of multiple nodes without any coordination across the nodes being
+ required. See the new `PhantomKeysManager`'s docs for more, as well as
+ requirements on `KeysInterface::get_inbound_payment_key_material` and
+ `lightning_invoice::utils::create_phantom_invoice` (#1199).
+ * In order to support phantom node payments, several `KeysInterface` methods
+ now accept a `Recipient` parameter to select between the local `node_id` and
+ a phantom-specific one.
+ * `ProbabilisticScorer`, a `Score` based on learning the current balances of
+ channels in the network, was added. It attempts to better capture payment
+ success probability than the existing `Scorer`, though may underperform on
+ nodes with low payment volume. We welcome feedback on performance (#1227).
+ * `Score::channel_penalty_msat` now always takes the channel value, instead of
+ an `Option` (#1227).
+ * `UserConfig::manually_accept_inbound_channels` was added which, when set,
+ generates a new `Event::OpenChannelRequest`, which allows manual acceptance
+ or rejection of incoming channels on a per-channel basis (#1281).
+ * `Payee` has been renamed to `PaymentParameters` (#1271).
+ * `PaymentParameters` now has a `max_total_cltv_expiry_delta` field. This
+ defaults to 1008 and limits the maximum amount of time an HTLC can be pending
+ before it will either fail or be claimed (#1234).
+ * The `lightning-invoice` crate now supports no-std environments. This required
+ numerous API changes around timestamp handling and std+no-std versions of
+ several methods that previously assumed knowledge of the time (#1223, #1230).
+ * `lightning-invoice` now supports parsing invoices with expiry times of more
+ than one year. This required changing the semantics of `ExpiryTime` (#1273).
+ * The `CounterpartyCommitmentSecrets` is now public, allowing external uses of
+ the `BOLT 3` secret storage scheme (#1299).
+ * Several `Sign` methods now receive HTLC preimages as proof of state
+ transition, see new documentation for more (#1251).
+ * `KeysInterface::sign_invoice` now provides the HRP and other invoice data
+ separately to make it simpler for external signers to parse (#1272).
+ * `Sign::sign_channel_announcement` now returns both the node's signature and
+ the per-channel signature. `InMemorySigner` now requires the node's secret
+ key in order to implement this (#1179).
+ * `ChannelManager` deserialization will now fail if the `KeysInterface` used
+ has a different `node_id` than the `ChannelManager` expects (#1250).
+ * A new `ErrorAction` variant was added to send `warning` messages (#1013).
+ * Several references to `chain::Listen` objects in `lightning-block-sync` no
+ longer require a mutable reference (#1304).
+
+## Bug Fixes
+ * Fixed a regression introduced in 0.0.104 where `ChannelManager`'s internal
+ locks could have an order violation leading to a deadlock (#1238).
+ * Fixed cases where slow code (including user I/O) could cause us to
+ disconnect peers with ping timeouts in `BackgroundProcessor` (#1269).
+ * Now persist the `ChannelManager` prior to `BackgroundProcessor` stopping,
+ preventing race conditions where channels are closed on startup even with a
+ clean shutdown. This requires that users stop network processing and
+ disconnect peers prior to `BackgroundProcessor` shutdown (#1253).
+ * Fields in `ChannelHandshakeLimits` provided via the `override_config` to
+ `create_channel` are now applied instead of the default config (#1292).
+ * Fixed the generation of documentation on docs.rs to include API surfaces
+ which are hidden behind feature flags (#1303).
+ * Added the `channel_type` field to `accept_channel` messages we send, which
+ may avoid some future compatibility issues with other nodes (#1314).
+ * Fixed a bug where, if a previous LDK run using `lightning-persister` crashed
+ while persisting updated data, we may have failed to initialize (#1332).
+ * Fixed a rare bug where having both pending inbound and outbound HTLCs on a
+ just-opened inbound channel could cause `ChannelDetails::balance_msat` to
+ underflow and be reported as large, or cause panics in debug mode (#1268).
+ * Moved more instances of verbose gossip logging from the `Trace` level to the
+ `Gossip` level (#1220).
+ * Delayed `announcement_signatures` until the channel has six confirmations,
+ slightly improving propagation of channel announcements (#1179).
+ * Several fixes in script and transaction weight calculations when anchor
+ outputs are enabled (#1229).
+
+## Serialization Compatibility
+ * Using `ChannelManager` data written by versions prior to 0.0.105 will result
+ in preimages for HTLCs that were pending at startup to be missing in calls
+ to `KeysInterface` methods (#1251).
+ * Any phantom invoice payments received on a node that is not upgraded to
+ 0.0.105 will fail with an "unknown channel" error. Further, downgrading to
+ 0.0.104 or before and then upgrading again will invalidate existing phantom
+ SCIDs which may be included in invoices (#1199).
+
+## Security
+0.0.105 fixes two denial-of-service vulnerabilities which may be reachable from
+untrusted input in certain application designs.
+
+ * Route calculation spuriously panics when a routing decision is made for a
+ path where the second-to-last hop is a private channel, included due to a
+ multi-hop route hint in an invoice.
+ * `ChannelMonitor::get_claimable_balances` spuriously panics in some scenarios
+ when the LDK application's local commitment transaction is confirmed while
+ HTLCs are still pending resolution.
+
+In total, this release features 109 files changed, 7270 insertions, 2131
+deletions in 108 commits from 15 authors, in alphabetical order:
+ * Conor Okus
+ * Devrandom
+ * Elias Rohrer
+ * Jeffrey Czyz
+ * Jurvis Tan
+ * Ken Sedgwick
+ * Matt Corallo
+ * Naveen
+ * Tibo-lg
+ * Valentine Wallace
+ * Viktor Tigerström
+ * dependabot[bot]
+ * hackerrdave
+ * naveen
+ * vss96
+
+
+# 0.0.104 - 2021-12-17
+
+## API Updates
+ * A `PaymentFailed` event is now provided to indicate a payment has failed
+ fully. This event is generated either after
+ `ChannelManager::abandon_payment` is called for a given payment, or the
+ payment times out, and there are no further pending HTLCs for the payment.
+ This event should be used to detect payment failure instead of
+ `PaymentPathFailed::all_paths_failed`, unless no payment retries occur via
+ `ChannelManager::retry_payment` (#1202).
+ * Payment secrets are now generated deterministically using material from
+ the new `KeysInterface::get_inbound_payment_key_material` (#1177).
+ * A `PaymentPathSuccessful` event has been added to ease passing success info
+ to a scorer, along with a `Score::payment_path_successful` method to accept
+ such info (#1178, #1197).
+ * `Score::channel_penalty_msat` has additional arguments describing the
+ channel's capacity and the HTLC amount being sent over the channel (#1166).
+ * A new log level `Gossip` has been added, which is used for verbose
+ information generated during network graph sync. Enabling the
+ `max_level_trace` feature or ignoring `Gossip` log entries reduces log
+ growth during initial start up from many GiB to several MiB (#1145).
+ * The `allow_wallclock_use` feature has been removed in favor of only using
+ the `std` and `no-std` features (#1212).
+ * `NetworkGraph` can now remove channels that we haven't heard updates for in
+ two weeks with `NetworkGraph::remove_stale_channels{,with_time}`. The first
+ is called automatically if a `NetGraphMsgHandler` is passed to
+ `BackgroundProcessor::start` (#1212).
+ * `InvoicePayer::pay_pubkey` was added to enable sending "keysend" payments to
+ supported recipients, using the `InvoicePayer` to handle retires (#1160).
+ * `user_payment_id` has been removed from `PaymentPurpose`, and
+ `ChannelManager::create_inbound_payment{,_for_hash}` (#1180).
+ * Updated documentation for several `ChannelManager` functions to remove stale
+ references to panics which no longer occur (#1201).
+ * The `Score` and `LockableScore` objects have moved into the
+ `routing::scoring` module instead of being in the `routing` module (#1166).
+ * The `Time` parameter to `ScorerWithTime` is no longer longer exposed,
+ instead being fixed based on the `std`/`no-std` feature (#1184).
+ * `ChannelDetails::balance_msat` was added to fetch a channel's balance
+ without subtracting the reserve values, lining up with on-chain claim amounts
+ less on-chain fees (#1203).
+ * An explicit `UserConfig::accept_inbound_channels` flag is now provided,
+ removing the need to set `min_funding_satoshis` to > 21 million BTC (#1173).
+ * Inbound channels that fail to see the funding transaction confirm within
+ 2016 blocks are automatically force-closed with
+ `ClosureReason::FundingTimedOut` (#1083).
+ * We now accept a channel_reserve value of 0 from counterparties, as it is
+ insecure for our counterparty but not us (#1163).
+ * `NetAddress::OnionV2` parsing was removed as version 2 onion services are no
+ longer supported in modern Tor (#1204).
+ * Generation and signing of anchor outputs is now supported in the
+ `KeysInterface`, though no support for them exists in the channel itself (#1176)
+
+## Bug Fixes
+ * Fixed a race condition in `InvoicePayer` where paths may be retried after
+ the retry count has been exceeded. In this case the
+ `Event::PaymentPathFailed::all_paths_failed` field is not a reliable payment
+ failure indicator. There was no acceptable alternative indicator,
+ `Event::PaymentFailed` as been added to provide one (#1202).
+ * Reduced the blocks-before-timeout we expect of outgoing HTLCs before
+ refusing to forward. This check was overly strict and resulted in refusing
+ to forward som HTLCs to a next hop that had a lower security threshold than
+ us (#1119).
+ * LDK no longer attempt to update the channel fee for outbound channels when
+ we cannot afford the new fee. This could have caused force-closure by our
+ channel counterparty (#1054).
+ * Fixed several bugs which may have prevented the reliable broadcast of our
+ own channel announcements and updates (#1169).
+ * Fixed a rare bug which may have resulted in spurious route finding failures
+ when using last-hop hints and MPP with large value payments (#1168).
+ * `KeysManager::spend_spendable_outputs` no longer adds a change output that
+ is below the dust threshold for non-standard change scripts (#1131).
+ * Fixed a minor memory leak when attempting to send a payment that fails due
+ to an error when updating the `ChannelMonitor` (#1143).
+ * Fixed a bug where a `FeeEstimator` that returns values rounded to the next
+ sat/vbyte may result in force-closures (#1208).
+ * Handle MPP timeout HTLC error codes, instead of considering the recipient to
+ have sent an invalid error, removing them from the network graph (#1148)
+
+## Serialization Compatibility
+ * All above new events/fields are ignored by prior clients. All above new
+ events/fields are not present when reading objects serialized by prior
+ versions of the library.
+ * Payment secrets are now generated deterministically. This reduces the memory
+ footprint for inbound payments, however, newly-generated inbound payments
+ using `ChannelManager::create_inbound_payment{,_for_hash}` will not be
+ receivable using versions prior to 0.0.104.
+ `ChannelManager::create_inbound_payment{,_for_hash}_legacy` are provided for
+ backwards compatibility (#1177).
+ * `PaymentPurpose::InvoicePayment::user_payment_id` will be 0 when reading
+ objects written with 0.0.104 when read by 0.0.103 and previous (#1180).
+
+In total, this release features 51 files changed, 5356 insertions, 2238
+deletions in 107 commits from 9 authors, in alphabetical order:
+ * Antoine Riard
+ * Conor Okus
+ * Devrandom
+ * Duncan Dean
+ * Elias Rohrer
+ * Jeffrey Czyz
+ * Ken Sedgwick
+ * Matt Corallo
+ * Valentine Wallace
+
+
+# 0.0.103 - 2021-11-02
+
+## API Updates
+ * This release is almost entirely focused on a new API in the
+ `lightning-invoice` crate - the `InvoicePayer`. `InvoicePayer` is a
+ struct which takes a reference to a `ChannelManager` and a `Router`
+ and retries payments as paths fail. It limits retries to a configurable
+ number, but is not serialized to disk and may retry additional times across
+ a serialization/load. In order to learn about failed payments, it must
+ receive `Event`s directly from the `ChannelManager`, wrapping a
+ user-provided `EventHandler` which it provides all unhandled events to
+ (#1059).
+ * `get_route` has been renamed `find_route` (#1059) and now takes a
+ `RouteParameters` struct in replacement of a number of its long list of
+ arguments (#1134). The `Payee` in the `RouteParameters` is stored in the
+ `Route` object returned and provided in the `RouteParameters` contained in
+ `Event::PaymentPathFailed` (#1059).
+ * `ChannelMonitor`s must now be persisted after calls that provide new block
+ data, prior to `MonitorEvent`s being passed back to `ChannelManager` for
+ processing. If you are using a `ChainMonitor` this is handled for you.
+ The `Persist` API has been updated to `Option`ally take the
+ `ChannelMonitorUpdate` as persistence events that result from chain data no
+ longer have a corresponding update (#1108).
+ * `routing::Score` now has a `payment_path_failed` method which it can use to
+ learn which channels often fail payments. It is automatically called by
+ `InvoicePayer` for failed payment paths (#1144).
+ * The default `Scorer` implementation is now a type alias to a type generic
+ across different clocks and supports serialization to persist scoring data
+ across restarts (#1146).
+ * `Event::PaymentSent` now includes the full fee which was spent across all
+ payment paths which were fulfilled or pending when the payment was fulfilled
+ (#1142).
+ * `Event::PaymentSent` and `Event::PaymentPathFailed` now include the
+ `PaymentId` which matches the `PaymentId` returned from
+ `ChannelManager::send_payment` or `InvoicePayer::pay_invoice` (#1059).
+ * `NetGraphMsgHandler` now takes a `Deref` to the `NetworkGraph`, allowing for
+ shared references to the graph data to make serialization and references to
+ the graph data in the `InvoicePayer`'s `Router` simpler (#1149).
+ * `routing::Score::channel_penalty_msat` has been updated to provide the
+ `NodeId` of both the source and destination nodes of a channel (#1133).
+
+## Bug Fixes
+ * Previous versions would often disconnect peers during initial graph sync due
+ to ping timeouts while processing large numbers of gossip messages. We now
+ delay disconnecting peers if we receive messages from them even if it takes
+ a while to receive a pong from them. Further, we avoid sending too many
+ gossip messages between pings to ensure we should always receive pongs in a
+ timely manner (#1137).
+ * If a payment was sent, creating an outbound HTLC and sending it to our
+ counterparty (implying the `ChannelMonitor` was persisted on disk), but the
+ `ChannelManager` was not persisted prior to shutdown/crash, no
+ `Event::PaymentPathFailed` event was generated if the HTLC was eventually
+ failed on chain. Events are now consistent irrespective of `ChannelManager`
+ persistence or non-persistence (#1104).
+
+## Serialization Compatibility
+ * All above new Events/fields are ignored by prior clients. All above new
+ Events/fields are not present when reading objects serialized by prior
+ versions of the library.
+ * Payments for which a `Route` was generated using a previous version or for
+ which the payment was originally sent by a previous version of the library
+ will not be retried by an `InvoicePayer`.
+
+This release was singularly focused and some contributions by third parties
+were delayed.
+In total, this release features 38 files changed, 4414 insertions, and 969
+deletions in 71 commits from 2 authors, in alphabetical order:
+
+ * Jeffrey Czyz
+ * Matt Corallo
+
+
+# 0.0.102 - 2021-10-18
+
+## API Updates
+ * `get_route` now takes a `Score` as an argument. `Score` is queried during
+ the route-finding process, returning the absolute amounts which you are
+ willing to pay to avoid routing over a given channel. As a default, a
+ `Scorer` is provided which returns a constant amount, with a suggested
+ default of 500 msat. This translates to a willingness to pay up to 500 msat
+ in additional fees per hop in order to avoid additional hops (#1124).
+ * `Event::PaymentPathFailed` now contains a `short_channel_id` field which may
+ be filled in with a channel that can be "blamed" for the payment failure.
+ Payment retries should likely avoid the given channel for some time (#1077).
+ * `PublicKey`s in `NetworkGraph` have been replaced with a `NodeId` struct
+ which contains only a simple `[u8; 33]`, substantially improving
+ `NetworkGraph` deserialization performance (#1107).
+ * `ChainMonitor`'s `HashMap` of `ChannelMonitor`s is now private, exposed via
+ `Chainmonitor::get_monitor` and `ChainMonitor::list_monitors` instead
+ (#1112).
+ * When an outbound channel is closed prior to the broadcasting of its funding
+ transaction, but after you call
+ `ChannelManager::funding_transaction_generated`, a new event type,
+ `Event::DiscardFunding`, is generated, informing you the transaction was not
+ broadcasted and that you can spend the same inputs again elsewhere (#1098).
+ * `ChannelManager::create_channel` now returns the temporary channel ID which
+ may later appear in `Event::ChannelClosed` or `ChannelDetails` prior to the
+ channel being funded (#1121).
+ * `Event::PaymentSent` now contains the payment hash as well as the payment
+ preimage (#1062).
+ * `ReadOnlyNetworkGraph::get_addresses` now returns owned `NetAddress` rather
+ than references. As a side-effect this method is now exposed in foreign
+ language bindings (#1115).
+ * The `Persist` and `ChannelMonitorUpdateErr` types have moved to the
+ `lightning::chain::chainmonitor` and `lightning::chain` modules,
+ respectively (#1112).
+ * `ChannelManager::send_payment` now returns a `PaymentId` which identifies a
+ payment (whether MPP or not) and can be used to retry the full payment or
+ MPP parts through `retry_payment` (#1096). Note that doing so is currently
+ *not* crash safe, and you may find yourself sending twice. It is recommended
+ that you *not* use the `retry_payment` API until the next release.
+
+## Bug Fixes
+ * Due to an earlier fix for the Lightning dust inflation vulnerability tracked
+ in CVE-2021-41591/CVE-2021-41592/CVE-2021-41593 in 0.0.100, we required
+ counterparties to accept a dust limit slightly lower than the dust limit now
+ required by other implementations. This appeared as, at least, latest lnd
+ always refusing to accept channels opened by LDK clients (#1065).
+ * If there are multiple channels available to the same counterparty,
+ `get_route` would only consider the channel listed last as available for
+ sending (#1100).
+ * `Persist` implementations returning
+ `ChannelMonitorUpdateErr::TemporaryFailure` from `watch_channel` previously
+ resulted in the `ChannelMonitor` not being stored at all, resulting in a
+ panic after monitor updating is complete (#1112).
+ * If payments are pending awaiting forwarding at startup, an
+ `Event::PendingHTLCsForwardable` event will always be provided. This ensures
+ user code calls `ChannelManager::process_pending_htlc_fowards` even if it
+ shut down while awaiting the batching timer during the previous run (#1076).
+ * If a call to `ChannelManager::send_payment` failed due to lack of
+ availability of funds locally, LDK would store the payment as pending
+ forever, with no ability to retry or fail it, leaking memory (#1109).
+
+## Serialization Compatibility
+ * All above new Events/fields are ignored by prior clients. All above new
+ Events/fields, except for `Event::PaymentSent::payment_hash` are not present
+ when reading objects serialized by prior versions of the library.
+
+In total, this release features 32 files changed, 2248 insertions, and 1483
+deletions in 51 commits from 7 authors, in alphabetical order:
+
+ * 1nF0rmed
+ * Duncan Dean
+ * Elias Rohrer
+ * Galder Zamarreño
+ * Jeffrey Czyz
+ * Matt Corallo
+ * Valentine Wallace
+
+
# 0.0.101 - 2021-09-23
## API Updates
projects / rust-lightning / blobdiff