use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
use bitcoin::secp256k1::{SecretKey, PublicKey};
-use bitcoin::secp256k1;
+use bitcoin::{secp256k1, EcdsaSighashType};
+use crate::ln::channel::INITIAL_COMMITMENT_NUMBER;
use crate::ln::{PaymentHash, PaymentPreimage};
use crate::ln::msgs::DecodeError;
use crate::ln::chan_utils;
-use crate::ln::chan_utils::{CounterpartyCommitmentSecrets, HTLCOutputInCommitment, HTLCClaim, ChannelTransactionParameters, HolderCommitmentTransaction};
-use crate::ln::channelmanager::HTLCSource;
+use crate::ln::chan_utils::{CommitmentTransaction, CounterpartyCommitmentSecrets, HTLCOutputInCommitment, HTLCClaim, ChannelTransactionParameters, HolderCommitmentTransaction, TxCreationKeys};
+use crate::ln::channelmanager::{HTLCSource, SentHTLCId};
use crate::chain;
use crate::chain::{BestBlock, WatchedOutput};
use crate::chain::chaininterface::{BroadcasterInterface, FeeEstimator, LowerBoundedFeeEstimator};
use crate::chain::transaction::{OutPoint, TransactionData};
-use crate::chain::keysinterface::{SpendableOutputDescriptor, StaticPaymentOutputDescriptor, DelayedPaymentOutputDescriptor, Sign, SignerProvider, EntropySource};
-#[cfg(anchors)]
-use crate::chain::onchaintx::ClaimEvent;
-use crate::chain::onchaintx::OnchainTxHandler;
+use crate::sign::{SpendableOutputDescriptor, StaticPaymentOutputDescriptor, DelayedPaymentOutputDescriptor, WriteableEcdsaChannelSigner, SignerProvider, EntropySource};
+use crate::chain::onchaintx::{ClaimEvent, OnchainTxHandler};
use crate::chain::package::{CounterpartyOfferedHTLCOutput, CounterpartyReceivedHTLCOutput, HolderFundingOutput, HolderHTLCOutput, PackageSolvingData, PackageTemplate, RevokedOutput, RevokedHTLCOutput};
use crate::chain::Filter;
use crate::util::logger::Logger;
-use crate::util::ser::{Readable, ReadableArgs, MaybeReadable, Writer, Writeable, U48, OptionDeserWrapper};
+use crate::util::ser::{Readable, ReadableArgs, RequiredWrapper, MaybeReadable, UpgradableRequired, Writer, Writeable, U48};
use crate::util::byte_utils;
-use crate::util::events::Event;
-#[cfg(anchors)]
-use crate::util::events::{AnchorDescriptor, HTLCDescriptor, BumpTransactionEvent};
+use crate::events::{Event, EventHandler};
+use crate::events::bump_transaction::{ChannelDerivationParameters, AnchorDescriptor, HTLCDescriptor, BumpTransactionEvent};
use crate::prelude::*;
use core::{cmp, mem};
use crate::io::{self, Error};
use core::convert::TryInto;
use core::ops::Deref;
-use crate::sync::Mutex;
+use crate::sync::{Mutex, LockTestExt};
/// An update generated by the underlying channel itself which contains some new information the
/// [`ChannelMonitor`] should be made aware of.
/// much smaller than a full [`ChannelMonitor`]. However, for large single commitment transaction
/// updates (e.g. ones during which there are hundreds of HTLCs pending on the commitment
/// transaction), a single update may reach upwards of 1 MiB in serialized size.
-#[cfg_attr(any(test, fuzzing, feature = "_test_utils"), derive(PartialEq, Eq))]
-#[derive(Clone)]
+#[derive(Clone, Debug, PartialEq, Eq)]
#[must_use]
pub struct ChannelMonitorUpdate {
pub(crate) updates: Vec<ChannelMonitorUpdateStep>,
/// The sequence number of this update. Updates *must* be replayed in-order according to this
/// sequence number (and updates may panic if they are not). The update_id values are strictly
- /// increasing and increase by one for each new update, with one exception specified below.
+ /// increasing and increase by one for each new update, with two exceptions specified below.
///
/// This sequence number is also used to track up to which points updates which returned
/// [`ChannelMonitorUpdateStatus::InProgress`] have been applied to all copies of a given
/// ChannelMonitor when ChannelManager::channel_monitor_updated is called.
///
- /// The only instance where update_id values are not strictly increasing is the case where we
- /// allow post-force-close updates with a special update ID of [`CLOSED_CHANNEL_UPDATE_ID`]. See
- /// its docs for more details.
+ /// The only instances we allow where update_id values are not strictly increasing have a
+ /// special update ID of [`CLOSED_CHANNEL_UPDATE_ID`]. This update ID is used for updates that
+ /// will force close the channel by broadcasting the latest commitment transaction or
+ /// special post-force-close updates, like providing preimages necessary to claim outputs on the
+ /// broadcast commitment transaction. See its docs for more details.
///
/// [`ChannelMonitorUpdateStatus::InProgress`]: super::ChannelMonitorUpdateStatus::InProgress
pub update_id: u64,
}
-/// If:
-/// (1) a channel has been force closed and
-/// (2) we receive a preimage from a forward link that allows us to spend an HTLC output on
-/// this channel's (the backward link's) broadcasted commitment transaction
-/// then we allow the `ChannelManager` to send a `ChannelMonitorUpdate` with this update ID,
-/// with the update providing said payment preimage. No other update types are allowed after
-/// force-close.
+/// The update ID used for a [`ChannelMonitorUpdate`] that is either:
+///
+/// (1) attempting to force close the channel by broadcasting our latest commitment transaction or
+/// (2) providing a preimage (after the channel has been force closed) from a forward link that
+/// allows us to spend an HTLC output on this channel's (the backward link's) broadcasted
+/// commitment transaction.
+///
+/// No other [`ChannelMonitorUpdate`]s are allowed after force-close.
pub const CLOSED_CHANNEL_UPDATE_ID: u64 = core::u64::MAX;
impl Writeable for ChannelMonitorUpdate {
(8, delayed_payment_key, required),
(10, per_commitment_point, required),
(12, feerate_per_kw, required),
- (14, htlc_outputs, vec_type)
+ (14, htlc_outputs, required_vec)
});
-#[cfg(anchors)]
impl HolderSignedTx {
fn non_dust_htlcs(&self) -> Vec<HTLCOutputInCommitment> {
self.htlc_outputs.iter().filter_map(|(htlc, _, _)| {
/// We use this to track static counterparty commitment transaction data and to generate any
/// justice or 2nd-stage preimage/timeout transactions.
-#[derive(PartialEq, Eq)]
+#[derive(Clone, PartialEq, Eq)]
struct CounterpartyCommitmentParameters {
counterparty_delayed_payment_base_key: PublicKey,
counterparty_htlc_base_key: PublicKey,
}
}
- let mut counterparty_delayed_payment_base_key = OptionDeserWrapper(None);
- let mut counterparty_htlc_base_key = OptionDeserWrapper(None);
+ let mut counterparty_delayed_payment_base_key = RequiredWrapper(None);
+ let mut counterparty_htlc_base_key = RequiredWrapper(None);
let mut on_counterparty_tx_csv: u16 = 0;
read_tlv_fields!(r, {
(0, counterparty_delayed_payment_base_key, required),
/// observed, as well as the transaction causing it.
///
/// Used to determine when the on-chain event can be considered safe from a chain reorganization.
-#[derive(PartialEq, Eq)]
+#[derive(Clone, PartialEq, Eq)]
struct OnchainEventEntry {
txid: Txid,
height: u32,
/// Upon discovering of some classes of onchain tx by ChannelMonitor, we may have to take actions on it
/// once they mature to enough confirmations (ANTI_REORG_DELAY)
-#[derive(PartialEq, Eq)]
+#[derive(Clone, PartialEq, Eq)]
enum OnchainEvent {
/// An outbound HTLC failing after a transaction is confirmed. Used
/// * when an outbound HTLC output is spent by us after the HTLC timed out
let mut transaction = None;
let mut block_hash = None;
let mut height = 0;
- let mut event = None;
+ let mut event = UpgradableRequired(None);
read_tlv_fields!(reader, {
(0, txid, required),
(1, transaction, option),
(2, height, required),
(3, block_hash, option),
- (4, event, ignorable),
+ (4, event, upgradable_required),
});
- if let Some(ev) = event {
- Ok(Some(Self { txid, transaction, height, block_hash, event: ev }))
- } else {
- Ok(None)
- }
+ Ok(Some(Self { txid, transaction, height, block_hash, event: _init_tlv_based_struct_field!(event, upgradable_required) }))
}
}
);
-#[cfg_attr(any(test, fuzzing, feature = "_test_utils"), derive(PartialEq, Eq))]
-#[derive(Clone)]
+#[derive(Clone, Debug, PartialEq, Eq)]
pub(crate) enum ChannelMonitorUpdateStep {
LatestHolderCommitmentTXInfo {
commitment_tx: HolderCommitmentTransaction,
+ /// Note that LDK after 0.0.115 supports this only containing dust HTLCs (implying the
+ /// `Signature` field is never filled in). At that point, non-dust HTLCs are implied by the
+ /// HTLC fields in `commitment_tx` and the sources passed via `nondust_htlc_sources`.
htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>,
+ claimed_htlcs: Vec<(SentHTLCId, PaymentPreimage)>,
+ nondust_htlc_sources: Vec<HTLCSource>,
},
LatestCounterpartyCommitmentTXInfo {
commitment_txid: Txid,
htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
commitment_number: u64,
their_per_commitment_point: PublicKey,
+ feerate_per_kw: Option<u32>,
+ to_broadcaster_value_sat: Option<u64>,
+ to_countersignatory_value_sat: Option<u64>,
},
PaymentPreimage {
payment_preimage: PaymentPreimage,
impl_writeable_tlv_based_enum_upgradable!(ChannelMonitorUpdateStep,
(0, LatestHolderCommitmentTXInfo) => {
(0, commitment_tx, required),
- (2, htlc_outputs, vec_type),
+ (1, claimed_htlcs, optional_vec),
+ (2, htlc_outputs, required_vec),
+ (4, nondust_htlc_sources, optional_vec),
},
(1, LatestCounterpartyCommitmentTXInfo) => {
(0, commitment_txid, required),
+ (1, feerate_per_kw, option),
(2, commitment_number, required),
+ (3, to_broadcaster_value_sat, option),
(4, their_per_commitment_point, required),
- (6, htlc_outputs, vec_type),
+ (5, to_countersignatory_value_sat, option),
+ (6, htlc_outputs, required_vec),
},
(2, PaymentPreimage) => {
(0, payment_preimage, required),
ClaimableOnChannelClose {
/// The amount available to claim, in satoshis, excluding the on-chain fees which will be
/// required to do so.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
},
/// The channel has been closed, and the given balance is ours but awaiting confirmations until
/// we consider it spendable.
ClaimableAwaitingConfirmations {
/// The amount available to claim, in satoshis, possibly excluding the on-chain fees which
/// were spent in broadcasting the transaction.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
/// The height at which an [`Event::SpendableOutputs`] event will be generated for this
/// amount.
confirmation_height: u32,
ContentiousClaimable {
/// The amount available to claim, in satoshis, excluding the on-chain fees which will be
/// required to do so.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
/// The height at which the counterparty may be able to claim the balance if we have not
/// done so.
timeout_height: u32,
+ /// The payment hash that locks this HTLC.
+ payment_hash: PaymentHash,
+ /// The preimage that can be used to claim this HTLC.
+ payment_preimage: PaymentPreimage,
},
/// HTLCs which we sent to our counterparty which are claimable after a timeout (less on-chain
/// fees) if the counterparty does not know the preimage for the HTLCs. These are somewhat
MaybeTimeoutClaimableHTLC {
/// The amount potentially available to claim, in satoshis, excluding the on-chain fees
/// which will be required to do so.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
/// The height at which we will be able to claim the balance if our counterparty has not
/// done so.
claimable_height: u32,
+ /// The payment hash whose preimage our counterparty needs to claim this HTLC.
+ payment_hash: PaymentHash,
},
/// HTLCs which we received from our counterparty which are claimable with a preimage which we
/// do not currently have. This will only be claimable if we receive the preimage from the node
MaybePreimageClaimableHTLC {
/// The amount potentially available to claim, in satoshis, excluding the on-chain fees
/// which will be required to do so.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
/// The height at which our counterparty will be able to claim the balance if we have not
/// yet received the preimage and claimed it ourselves.
expiry_height: u32,
+ /// The payment hash whose preimage we need to claim this HTLC.
+ payment_hash: PaymentHash,
},
/// The channel has been closed, and our counterparty broadcasted a revoked commitment
/// transaction.
///
/// Note that for outputs from HTLC balances this may be excluding some on-chain fees that
/// were already spent.
- claimable_amount_satoshis: u64,
+ amount_satoshis: u64,
},
}
+impl Balance {
+ /// The amount claimable, in satoshis. This excludes balances that we are unsure if we are able
+ /// to claim, this is because we are waiting for a preimage or for a timeout to expire. For more
+ /// information on these balances see [`Balance::MaybeTimeoutClaimableHTLC`] and
+ /// [`Balance::MaybePreimageClaimableHTLC`].
+ ///
+ /// On-chain fees required to claim the balance are not included in this amount.
+ pub fn claimable_amount_satoshis(&self) -> u64 {
+ match self {
+ Balance::ClaimableOnChannelClose { amount_satoshis, .. }|
+ Balance::ClaimableAwaitingConfirmations { amount_satoshis, .. }|
+ Balance::ContentiousClaimable { amount_satoshis, .. }|
+ Balance::CounterpartyRevokedOutputClaimable { amount_satoshis, .. }
+ => *amount_satoshis,
+ Balance::MaybeTimeoutClaimableHTLC { .. }|
+ Balance::MaybePreimageClaimableHTLC { .. }
+ => 0,
+ }
+ }
+}
+
/// An HTLC which has been irrevocably resolved on-chain, and has reached ANTI_REORG_DELAY.
-#[derive(PartialEq, Eq)]
+#[derive(Clone, PartialEq, Eq)]
struct IrrevocablyResolvedHTLC {
commitment_tx_output_idx: Option<u32>,
/// The txid of the transaction which resolved the HTLC, this may be a commitment (if the HTLC
/// You MUST ensure that no ChannelMonitors for a given channel anywhere contain out-of-date
/// information and are actively monitoring the chain.
///
-/// Pending Events or updated HTLCs which have not yet been read out by
-/// get_and_clear_pending_monitor_events or get_and_clear_pending_events are serialized to disk and
-/// reloaded at deserialize-time. Thus, you must ensure that, when handling events, all events
-/// gotten are fully handled before re-serializing the new state.
-///
/// Note that the deserializer is only implemented for (BlockHash, ChannelMonitor), which
/// tells you the last block hash which was block_connect()ed. You MUST rescan any blocks along
/// the "reorg path" (ie disconnecting blocks until you find a common ancestor from both the
/// returned block hash and the the current chain and then reconnecting blocks to get to the
/// best chain) upon deserializing the object!
-pub struct ChannelMonitor<Signer: Sign> {
+pub struct ChannelMonitor<Signer: WriteableEcdsaChannelSigner> {
#[cfg(test)]
pub(crate) inner: Mutex<ChannelMonitorImpl<Signer>>,
#[cfg(not(test))]
- inner: Mutex<ChannelMonitorImpl<Signer>>,
+ pub(super) inner: Mutex<ChannelMonitorImpl<Signer>>,
+}
+
+impl<Signer: WriteableEcdsaChannelSigner> Clone for ChannelMonitor<Signer> where Signer: Clone {
+ fn clone(&self) -> Self {
+ let inner = self.inner.lock().unwrap().clone();
+ ChannelMonitor::from_impl(inner)
+ }
}
-pub(crate) struct ChannelMonitorImpl<Signer: Sign> {
+#[derive(Clone, PartialEq)]
+pub(crate) struct ChannelMonitorImpl<Signer: WriteableEcdsaChannelSigner> {
latest_update_id: u64,
commitment_transaction_number_obscure_factor: u64,
/// Serialized to disk but should generally not be sent to Watchtowers.
counterparty_hash_commitment_number: HashMap<PaymentHash, u64>,
+ counterparty_fulfilled_htlcs: HashMap<SentHTLCId, PaymentPreimage>,
+
// We store two holder commitment transactions to avoid any race conditions where we may update
// some monitors (potentially on watchtowers) but then fail to update others, resulting in the
// various monitors for one channel being out of sync, and us broadcasting a holder
// we further MUST NOT generate events during block/transaction-disconnection.
pending_monitor_events: Vec<MonitorEvent>,
- pending_events: Vec<Event>,
+ pub(super) pending_events: Vec<Event>,
+ pub(super) is_processing_pending_events: bool,
// Used to track on-chain events (i.e., transactions part of channels confirmed on chain) on
// which to take actions once they reach enough confirmations. Each entry includes the
/// The node_id of our counterparty
counterparty_node_id: Option<PublicKey>,
- secp_ctx: Secp256k1<secp256k1::All>, //TODO: dedup this a bit...
+ /// Initial counterparty commmitment data needed to recreate the commitment tx
+ /// in the persistence pipeline for third-party watchtowers. This will only be present on
+ /// monitors created after 0.0.117.
+ ///
+ /// Ordering of tuple data: (their_per_commitment_point, feerate_per_kw, to_broadcaster_sats,
+ /// to_countersignatory_sats)
+ initial_counterparty_commitment_info: Option<(PublicKey, u32, u64, u64)>,
}
/// Transaction outputs to watch for on-chain spends.
pub type TransactionOutputs = (Txid, Vec<(u32, TxOut)>);
-#[cfg(any(test, fuzzing, feature = "_test_utils"))]
-/// Used only in testing and fuzzing to check serialization roundtrips don't change the underlying
-/// object
-impl<Signer: Sign> PartialEq for ChannelMonitor<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> PartialEq for ChannelMonitor<Signer> where Signer: PartialEq {
fn eq(&self, other: &Self) -> bool {
- let inner = self.inner.lock().unwrap();
- let other = other.inner.lock().unwrap();
- inner.eq(&other)
- }
-}
-
-#[cfg(any(test, fuzzing, feature = "_test_utils"))]
-/// Used only in testing and fuzzing to check serialization roundtrips don't change the underlying
-/// object
-impl<Signer: Sign> PartialEq for ChannelMonitorImpl<Signer> {
- fn eq(&self, other: &Self) -> bool {
- if self.latest_update_id != other.latest_update_id ||
- self.commitment_transaction_number_obscure_factor != other.commitment_transaction_number_obscure_factor ||
- self.destination_script != other.destination_script ||
- self.broadcasted_holder_revokable_script != other.broadcasted_holder_revokable_script ||
- self.counterparty_payment_script != other.counterparty_payment_script ||
- self.channel_keys_id != other.channel_keys_id ||
- self.holder_revocation_basepoint != other.holder_revocation_basepoint ||
- self.funding_info != other.funding_info ||
- self.current_counterparty_commitment_txid != other.current_counterparty_commitment_txid ||
- self.prev_counterparty_commitment_txid != other.prev_counterparty_commitment_txid ||
- self.counterparty_commitment_params != other.counterparty_commitment_params ||
- self.funding_redeemscript != other.funding_redeemscript ||
- self.channel_value_satoshis != other.channel_value_satoshis ||
- self.their_cur_per_commitment_points != other.their_cur_per_commitment_points ||
- self.on_holder_tx_csv != other.on_holder_tx_csv ||
- self.commitment_secrets != other.commitment_secrets ||
- self.counterparty_claimable_outpoints != other.counterparty_claimable_outpoints ||
- self.counterparty_commitment_txn_on_chain != other.counterparty_commitment_txn_on_chain ||
- self.counterparty_hash_commitment_number != other.counterparty_hash_commitment_number ||
- self.prev_holder_signed_commitment_tx != other.prev_holder_signed_commitment_tx ||
- self.current_counterparty_commitment_number != other.current_counterparty_commitment_number ||
- self.current_holder_commitment_number != other.current_holder_commitment_number ||
- self.current_holder_commitment_tx != other.current_holder_commitment_tx ||
- self.payment_preimages != other.payment_preimages ||
- self.pending_monitor_events != other.pending_monitor_events ||
- self.pending_events.len() != other.pending_events.len() || // We trust events to round-trip properly
- self.onchain_events_awaiting_threshold_conf != other.onchain_events_awaiting_threshold_conf ||
- self.outputs_to_watch != other.outputs_to_watch ||
- self.lockdown_from_offchain != other.lockdown_from_offchain ||
- self.holder_tx_signed != other.holder_tx_signed ||
- self.funding_spend_seen != other.funding_spend_seen ||
- self.funding_spend_confirmed != other.funding_spend_confirmed ||
- self.confirmed_commitment_tx_counterparty_output != other.confirmed_commitment_tx_counterparty_output ||
- self.htlcs_resolved_on_chain != other.htlcs_resolved_on_chain
- {
- false
- } else {
- true
- }
+ // We need some kind of total lockorder. Absent a better idea, we sort by position in
+ // memory and take locks in that order (assuming that we can't move within memory while a
+ // lock is held).
+ let ord = ((self as *const _) as usize) < ((other as *const _) as usize);
+ let a = if ord { self.inner.unsafe_well_ordered_double_lock_self() } else { other.inner.unsafe_well_ordered_double_lock_self() };
+ let b = if ord { other.inner.unsafe_well_ordered_double_lock_self() } else { self.inner.unsafe_well_ordered_double_lock_self() };
+ a.eq(&b)
}
}
-impl<Signer: Sign> Writeable for ChannelMonitor<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> Writeable for ChannelMonitor<Signer> {
fn write<W: Writer>(&self, writer: &mut W) -> Result<(), Error> {
self.inner.lock().unwrap().write(writer)
}
const SERIALIZATION_VERSION: u8 = 1;
const MIN_SERIALIZATION_VERSION: u8 = 1;
-impl<Signer: Sign> Writeable for ChannelMonitorImpl<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> Writeable for ChannelMonitorImpl<Signer> {
fn write<W: Writer>(&self, writer: &mut W) -> Result<(), Error> {
write_ver_prefix!(writer, SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION);
write_tlv_fields!(writer, {
(1, self.funding_spend_confirmed, option),
- (3, self.htlcs_resolved_on_chain, vec_type),
- (5, self.pending_monitor_events, vec_type),
+ (3, self.htlcs_resolved_on_chain, required_vec),
+ (5, self.pending_monitor_events, required_vec),
(7, self.funding_spend_seen, required),
(9, self.counterparty_node_id, option),
(11, self.confirmed_commitment_tx_counterparty_output, option),
- (13, self.spendable_txids_confirmed, vec_type),
+ (13, self.spendable_txids_confirmed, required_vec),
+ (15, self.counterparty_fulfilled_htlcs, required),
+ (17, self.initial_counterparty_commitment_info, option),
});
Ok(())
}
}
-impl<Signer: Sign> ChannelMonitor<Signer> {
+macro_rules! _process_events_body {
+ ($self_opt: expr, $event_to_handle: expr, $handle_event: expr) => {
+ loop {
+ let (pending_events, repeated_events);
+ if let Some(us) = $self_opt {
+ let mut inner = us.inner.lock().unwrap();
+ if inner.is_processing_pending_events {
+ break;
+ }
+ inner.is_processing_pending_events = true;
+
+ pending_events = inner.pending_events.clone();
+ repeated_events = inner.get_repeated_events();
+ } else { break; }
+ let num_events = pending_events.len();
+
+ for event in pending_events.into_iter().chain(repeated_events.into_iter()) {
+ $event_to_handle = event;
+ $handle_event;
+ }
+
+ if let Some(us) = $self_opt {
+ let mut inner = us.inner.lock().unwrap();
+ inner.pending_events.drain(..num_events);
+ inner.is_processing_pending_events = false;
+ if !inner.pending_events.is_empty() {
+ // If there's more events to process, go ahead and do so.
+ continue;
+ }
+ }
+ break;
+ }
+ }
+}
+pub(super) use _process_events_body as process_events_body;
+
+impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitor<Signer> {
/// For lockorder enforcement purposes, we need to have a single site which constructs the
/// `inner` mutex, otherwise cases where we lock two monitors at the same time (eg in our
/// PartialEq implementation) we may decide a lockorder violation has occurred.
let onchain_tx_handler =
OnchainTxHandler::new(destination_script.clone(), keys,
- channel_parameters.clone(), initial_holder_commitment_tx, secp_ctx.clone());
+ channel_parameters.clone(), initial_holder_commitment_tx, secp_ctx);
let mut outputs_to_watch = HashMap::new();
outputs_to_watch.insert(funding_info.0.txid, vec![(funding_info.0.index as u32, funding_info.1.clone())]);
counterparty_claimable_outpoints: HashMap::new(),
counterparty_commitment_txn_on_chain: HashMap::new(),
counterparty_hash_commitment_number: HashMap::new(),
+ counterparty_fulfilled_htlcs: HashMap::new(),
prev_holder_signed_commitment_tx: None,
current_holder_commitment_tx: holder_commitment_tx,
payment_preimages: HashMap::new(),
pending_monitor_events: Vec::new(),
pending_events: Vec::new(),
+ is_processing_pending_events: false,
onchain_events_awaiting_threshold_conf: Vec::new(),
outputs_to_watch,
best_block,
counterparty_node_id: Some(counterparty_node_id),
-
- secp_ctx,
+ initial_counterparty_commitment_info: None,
})
}
self.inner.lock().unwrap().provide_secret(idx, secret)
}
+ /// A variant of `Self::provide_latest_counterparty_commitment_tx` used to provide
+ /// additional information to the monitor to store in order to recreate the initial
+ /// counterparty commitment transaction during persistence (mainly for use in third-party
+ /// watchtowers).
+ ///
+ /// This is used to provide the counterparty commitment information directly to the monitor
+ /// before the initial persistence of a new channel.
+ pub(crate) fn provide_initial_counterparty_commitment_tx<L: Deref>(
+ &self, txid: Txid, htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
+ commitment_number: u64, their_cur_per_commitment_point: PublicKey, feerate_per_kw: u32,
+ to_broadcaster_value_sat: u64, to_countersignatory_value_sat: u64, logger: &L,
+ )
+ where L::Target: Logger
+ {
+ self.inner.lock().unwrap().provide_initial_counterparty_commitment_tx(txid,
+ htlc_outputs, commitment_number, their_cur_per_commitment_point, feerate_per_kw,
+ to_broadcaster_value_sat, to_countersignatory_value_sat, logger);
+ }
+
/// Informs this monitor of the latest counterparty (ie non-broadcastable) commitment transaction.
/// The monitor watches for it to be broadcasted and then uses the HTLC information (and
/// possibly future revocation/preimage information) to claim outputs where possible.
/// We cache also the mapping hash:commitment number to lighten pruning of old preimages by watchtowers.
- pub(crate) fn provide_latest_counterparty_commitment_tx<L: Deref>(
+ #[cfg(test)]
+ fn provide_latest_counterparty_commitment_tx<L: Deref>(
&self,
txid: Txid,
htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
&self, holder_commitment_tx: HolderCommitmentTransaction,
htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>,
) -> Result<(), ()> {
- self.inner.lock().unwrap().provide_latest_holder_commitment_tx(holder_commitment_tx, htlc_outputs).map_err(|_| ())
+ self.inner.lock().unwrap().provide_latest_holder_commitment_tx(holder_commitment_tx, htlc_outputs, &Vec::new(), Vec::new()).map_err(|_| ())
}
/// This is used to provide payment preimage(s) out-of-band during startup without updating the
payment_hash, payment_preimage, broadcaster, fee_estimator, logger)
}
- pub(crate) fn broadcast_latest_holder_commitment_txn<B: Deref, L: Deref>(
- &self,
- broadcaster: &B,
- logger: &L,
- ) where
- B::Target: BroadcasterInterface,
- L::Target: Logger,
- {
- self.inner.lock().unwrap().broadcast_latest_holder_commitment_txn(broadcaster, logger);
- }
-
/// Updates a ChannelMonitor on the basis of some new information provided by the Channel
/// itself.
///
self.inner.lock().unwrap().get_and_clear_pending_monitor_events()
}
- /// Gets the list of pending events which were generated by previous actions, clearing the list
- /// in the process.
+ /// Processes [`SpendableOutputs`] events produced from each [`ChannelMonitor`] upon maturity.
+ ///
+ /// For channels featuring anchor outputs, this method will also process [`BumpTransaction`]
+ /// events produced from each [`ChannelMonitor`] while there is a balance to claim onchain
+ /// within each channel. As the confirmation of a commitment transaction may be critical to the
+ /// safety of funds, we recommend invoking this every 30 seconds, or lower if running in an
+ /// environment with spotty connections, like on mobile.
+ ///
+ /// An [`EventHandler`] may safely call back to the provider, though this shouldn't be needed in
+ /// order to handle these events.
///
- /// This is called by the [`EventsProvider::process_pending_events`] implementation for
- /// [`ChainMonitor`].
+ /// [`SpendableOutputs`]: crate::events::Event::SpendableOutputs
+ /// [`BumpTransaction`]: crate::events::Event::BumpTransaction
+ pub fn process_pending_events<H: Deref>(&self, handler: &H) where H::Target: EventHandler {
+ let mut ev;
+ process_events_body!(Some(self), ev, handler.handle_event(ev));
+ }
+
+ /// Processes any events asynchronously.
///
- /// [`EventsProvider::process_pending_events`]: crate::util::events::EventsProvider::process_pending_events
- /// [`ChainMonitor`]: crate::chain::chainmonitor::ChainMonitor
+ /// See [`Self::process_pending_events`] for more information.
+ pub async fn process_pending_events_async<Future: core::future::Future, H: Fn(Event) -> Future>(
+ &self, handler: &H
+ ) {
+ let mut ev;
+ process_events_body!(Some(self), ev, { handler(ev).await });
+ }
+
+ #[cfg(test)]
pub fn get_and_clear_pending_events(&self) -> Vec<Event> {
- self.inner.lock().unwrap().get_and_clear_pending_events()
+ let mut ret = Vec::new();
+ let mut lck = self.inner.lock().unwrap();
+ mem::swap(&mut ret, &mut lck.pending_events);
+ ret.append(&mut lck.get_repeated_events());
+ ret
+ }
+
+ /// Gets the counterparty's initial commitment transaction. The returned commitment
+ /// transaction is unsigned. This is intended to be called during the initial persistence of
+ /// the monitor (inside an implementation of [`Persist::persist_new_channel`]), to allow for
+ /// watchtowers in the persistence pipeline to have enough data to form justice transactions.
+ ///
+ /// This is similar to [`Self::counterparty_commitment_txs_from_update`], except
+ /// that for the initial commitment transaction, we don't have a corresponding update.
+ ///
+ /// This will only return `Some` for channel monitors that have been created after upgrading
+ /// to LDK 0.0.117+.
+ ///
+ /// [`Persist::persist_new_channel`]: crate::chain::chainmonitor::Persist::persist_new_channel
+ pub fn initial_counterparty_commitment_tx(&self) -> Option<CommitmentTransaction> {
+ self.inner.lock().unwrap().initial_counterparty_commitment_tx()
+ }
+
+ /// Gets all of the counterparty commitment transactions provided by the given update. This
+ /// may be empty if the update doesn't include any new counterparty commitments. Returned
+ /// commitment transactions are unsigned.
+ ///
+ /// This is provided so that watchtower clients in the persistence pipeline are able to build
+ /// justice transactions for each counterparty commitment upon each update. It's intended to be
+ /// used within an implementation of [`Persist::update_persisted_channel`], which is provided
+ /// with a monitor and an update. Once revoked, signing a justice transaction can be done using
+ /// [`Self::sign_to_local_justice_tx`].
+ ///
+ /// It is expected that a watchtower client may use this method to retrieve the latest counterparty
+ /// commitment transaction(s), and then hold the necessary data until a later update in which
+ /// the monitor has been updated with the corresponding revocation data, at which point the
+ /// monitor can sign the justice transaction.
+ ///
+ /// This will only return a non-empty list for monitor updates that have been created after
+ /// upgrading to LDK 0.0.117+. Note that no restriction lies on the monitors themselves, which
+ /// may have been created prior to upgrading.
+ ///
+ /// [`Persist::update_persisted_channel`]: crate::chain::chainmonitor::Persist::update_persisted_channel
+ pub fn counterparty_commitment_txs_from_update(&self, update: &ChannelMonitorUpdate) -> Vec<CommitmentTransaction> {
+ self.inner.lock().unwrap().counterparty_commitment_txs_from_update(update)
+ }
+
+ /// Wrapper around [`EcdsaChannelSigner::sign_justice_revoked_output`] to make
+ /// signing the justice transaction easier for implementors of
+ /// [`chain::chainmonitor::Persist`]. On success this method returns the provided transaction
+ /// signing the input at `input_idx`. This method will only produce a valid signature for
+ /// a transaction spending the `to_local` output of a commitment transaction, i.e. this cannot
+ /// be used for revoked HTLC outputs.
+ ///
+ /// `Value` is the value of the output being spent by the input at `input_idx`, committed
+ /// in the BIP 143 signature.
+ ///
+ /// This method will only succeed if this monitor has received the revocation secret for the
+ /// provided `commitment_number`. If a commitment number is provided that does not correspond
+ /// to the commitment transaction being revoked, this will return a signed transaction, but
+ /// the signature will not be valid.
+ ///
+ /// [`EcdsaChannelSigner::sign_justice_revoked_output`]: crate::sign::EcdsaChannelSigner::sign_justice_revoked_output
+ /// [`Persist`]: crate::chain::chainmonitor::Persist
+ pub fn sign_to_local_justice_tx(&self, justice_tx: Transaction, input_idx: usize, value: u64, commitment_number: u64) -> Result<Transaction, ()> {
+ self.inner.lock().unwrap().sign_to_local_justice_tx(justice_tx, input_idx, value, commitment_number)
}
pub(crate) fn get_min_seen_secret(&self) -> u64 {
pub fn current_best_block(&self) -> BestBlock {
self.inner.lock().unwrap().best_block.clone()
}
+
+ /// Triggers rebroadcasts/fee-bumps of pending claims from a force-closed channel. This is
+ /// crucial in preventing certain classes of pinning attacks, detecting substantial mempool
+ /// feerate changes between blocks, and ensuring reliability if broadcasting fails. We recommend
+ /// invoking this every 30 seconds, or lower if running in an environment with spotty
+ /// connections, like on mobile.
+ pub fn rebroadcast_pending_claims<B: Deref, F: Deref, L: Deref>(
+ &self, broadcaster: B, fee_estimator: F, logger: L,
+ )
+ where
+ B::Target: BroadcasterInterface,
+ F::Target: FeeEstimator,
+ L::Target: Logger,
+ {
+ let fee_estimator = LowerBoundedFeeEstimator::new(fee_estimator);
+ let mut inner = self.inner.lock().unwrap();
+ let current_height = inner.best_block.height;
+ inner.onchain_tx_handler.rebroadcast_pending_claims(
+ current_height, &broadcaster, &fee_estimator, &logger,
+ );
+ }
}
-impl<Signer: Sign> ChannelMonitorImpl<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
/// Helper for get_claimable_balances which does the work for an individual HTLC, generating up
/// to one `Balance` for the HTLC.
fn get_htlc_balance(&self, htlc: &HTLCOutputInCommitment, holder_commitment: bool,
debug_assert!(htlc_input_idx_opt.is_some());
BitcoinOutPoint::new(*txid, htlc_input_idx_opt.unwrap_or(0))
} else {
- debug_assert!(!self.onchain_tx_handler.opt_anchors());
+ debug_assert!(!self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx());
BitcoinOutPoint::new(*txid, 0)
}
} else {
if let Some(conf_thresh) = holder_delayed_output_pending {
debug_assert!(holder_commitment);
return Some(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
confirmation_height: conf_thresh,
});
} else if htlc_resolved.is_some() && !htlc_output_spend_pending {
debug_assert!(!htlc.offered || htlc_spend_pending.is_none() || !htlc_spend_pending.unwrap().1,
"We don't (currently) generate preimage claims against revoked outputs, where did you get one?!");
return Some(Balance::CounterpartyRevokedOutputClaimable {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
});
}
} else if htlc.offered == holder_commitment {
// and awaiting confirmations on it.
if let Some(conf_thresh) = holder_timeout_spend_pending {
return Some(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
confirmation_height: conf_thresh,
});
} else {
return Some(Balance::MaybeTimeoutClaimableHTLC {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
claimable_height: htlc.cltv_expiry,
+ payment_hash: htlc.payment_hash,
});
}
- } else if self.payment_preimages.get(&htlc.payment_hash).is_some() {
+ } else if let Some(payment_preimage) = self.payment_preimages.get(&htlc.payment_hash) {
// Otherwise (the payment was inbound), only expose it as claimable if
// we know the preimage.
// Note that if there is a pending claim, but it did not use the
debug_assert!(holder_timeout_spend_pending.is_none());
if let Some((conf_thresh, true)) = htlc_spend_pending {
return Some(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
confirmation_height: conf_thresh,
});
} else {
return Some(Balance::ContentiousClaimable {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
timeout_height: htlc.cltv_expiry,
+ payment_hash: htlc.payment_hash,
+ payment_preimage: *payment_preimage,
});
}
} else if htlc_resolved.is_none() {
return Some(Balance::MaybePreimageClaimableHTLC {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
expiry_height: htlc.cltv_expiry,
+ payment_hash: htlc.payment_hash,
});
}
None
}
}
-impl<Signer: Sign> ChannelMonitor<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitor<Signer> {
/// Gets the balances in this channel which are either claimable by us if we were to
/// force-close the channel now or which are claimable on-chain (possibly awaiting
/// confirmation).
} else { None }
}) {
res.push(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: value,
+ amount_satoshis: value,
confirmation_height: conf_thresh,
});
} else {
descriptor: SpendableOutputDescriptor::StaticOutput { output, .. }
} = &event.event {
res.push(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: output.value,
+ amount_satoshis: output.value,
confirmation_height: event.confirmation_threshold(),
});
if let Some(confirmed_to_self_idx) = confirmed_counterparty_output.map(|(idx, _)| idx) {
.is_output_spend_pending(&BitcoinOutPoint::new(txid, confirmed_to_self_idx));
if output_spendable {
res.push(Balance::CounterpartyRevokedOutputClaimable {
- claimable_amount_satoshis: amt,
+ amount_satoshis: amt,
});
}
} else {
walk_htlcs!(true, false, us.current_holder_commitment_tx.htlc_outputs.iter().map(|(a, _, _)| a));
if let Some(conf_thresh) = pending_commitment_tx_conf_thresh {
res.push(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat,
+ amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat,
confirmation_height: conf_thresh,
});
}
walk_htlcs!(true, false, prev_commitment.htlc_outputs.iter().map(|(a, _, _)| a));
if let Some(conf_thresh) = pending_commitment_tx_conf_thresh {
res.push(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: prev_commitment.to_self_value_sat,
+ amount_satoshis: prev_commitment.to_self_value_sat,
confirmation_height: conf_thresh,
});
}
// neither us nor our counterparty misbehaved. At worst we've under-estimated
// the amount we can claim as we'll punish a misbehaving counterparty.
res.push(Balance::ClaimableAwaitingConfirmations {
- claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat,
+ amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat,
confirmation_height: conf_thresh,
});
}
if htlc.transaction_output_index.is_none() { continue; }
if htlc.offered {
res.push(Balance::MaybeTimeoutClaimableHTLC {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
claimable_height: htlc.cltv_expiry,
+ payment_hash: htlc.payment_hash,
});
} else if us.payment_preimages.get(&htlc.payment_hash).is_some() {
claimable_inbound_htlc_value_sat += htlc.amount_msat / 1000;
// As long as the HTLC is still in our latest commitment state, treat
// it as potentially claimable, even if it has long-since expired.
res.push(Balance::MaybePreimageClaimableHTLC {
- claimable_amount_satoshis: htlc.amount_msat / 1000,
+ amount_satoshis: htlc.amount_msat / 1000,
expiry_height: htlc.cltv_expiry,
+ payment_hash: htlc.payment_hash,
});
}
}
res.push(Balance::ClaimableOnChannelClose {
- claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat + claimable_inbound_htlc_value_sat,
+ amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat + claimable_inbound_htlc_value_sat,
});
}
/// `ChannelMonitor`. This is used to determine if an HTLC was removed from the channel prior
/// to the `ChannelManager` having been persisted.
///
- /// This is similar to [`Self::get_pending_outbound_htlcs`] except it includes HTLCs which were
- /// resolved by this `ChannelMonitor`.
- pub(crate) fn get_all_current_outbound_htlcs(&self) -> HashMap<HTLCSource, HTLCOutputInCommitment> {
+ /// This is similar to [`Self::get_pending_or_resolved_outbound_htlcs`] except it includes
+ /// HTLCs which were resolved on-chain (i.e. where the final HTLC resolution was done by an
+ /// event from this `ChannelMonitor`).
+ pub(crate) fn get_all_current_outbound_htlcs(&self) -> HashMap<HTLCSource, (HTLCOutputInCommitment, Option<PaymentPreimage>)> {
let mut res = HashMap::new();
// Just examine the available counterparty commitment transactions. See docs on
// `fail_unbroadcast_htlcs`, below, for justification.
if let Some(ref latest_outpoints) = us.counterparty_claimable_outpoints.get($txid) {
for &(ref htlc, ref source_option) in latest_outpoints.iter() {
if let &Some(ref source) = source_option {
- res.insert((**source).clone(), htlc.clone());
+ res.insert((**source).clone(), (htlc.clone(),
+ us.counterparty_fulfilled_htlcs.get(&SentHTLCId::from_source(source)).cloned()));
}
}
}
res
}
- /// Gets the set of outbound HTLCs which are pending resolution in this channel.
+ /// Gets the set of outbound HTLCs which are pending resolution in this channel or which were
+ /// resolved with a preimage from our counterparty.
+ ///
/// This is used to reconstruct pending outbound payments on restart in the ChannelManager.
- pub(crate) fn get_pending_outbound_htlcs(&self) -> HashMap<HTLCSource, HTLCOutputInCommitment> {
+ ///
+ /// Currently, the preimage is unused, however if it is present in the relevant internal state
+ /// an HTLC is always included even if it has been resolved.
+ pub(crate) fn get_pending_or_resolved_outbound_htlcs(&self) -> HashMap<HTLCSource, (HTLCOutputInCommitment, Option<PaymentPreimage>)> {
let us = self.inner.lock().unwrap();
// We're only concerned with the confirmation count of HTLC transactions, and don't
// actually care how many confirmations a commitment transaction may or may not have. Thus,
Some(commitment_tx_output_idx) == htlc.transaction_output_index
} else { false }
});
- if !htlc_update_confd {
- res.insert(source.clone(), htlc.clone());
+ let counterparty_resolved_preimage_opt =
+ us.counterparty_fulfilled_htlcs.get(&SentHTLCId::from_source(source)).cloned();
+ if !htlc_update_confd || counterparty_resolved_preimage_opt.is_some() {
+ res.insert(source.clone(), (htlc.clone(), counterparty_resolved_preimage_opt));
}
}
}
}
}
if matched_htlc { continue; }
+ if $self.counterparty_fulfilled_htlcs.get(&SentHTLCId::from_source(source)).is_some() {
+ continue;
+ }
$self.onchain_events_awaiting_threshold_conf.retain(|ref entry| {
if entry.height != $commitment_tx_conf_height { return true; }
match entry.event {
},
};
log_trace!($logger, "Failing HTLC with payment_hash {} from {} counterparty commitment tx due to broadcast of {} commitment transaction {}, waiting for confirmation (at height {})",
- log_bytes!(htlc.payment_hash.0), $commitment_tx, $commitment_tx_type,
+ &htlc.payment_hash, $commitment_tx, $commitment_tx_type,
$commitment_txid_confirmed, entry.confirmation_threshold());
$self.onchain_events_awaiting_threshold_conf.push(entry);
}
vec![Vec::new(), Vec::new(), Vec::new(), Vec::new(), deliberately_bogus_accepted_htlc_witness_program().into()].into()
}
-impl<Signer: Sign> ChannelMonitorImpl<Signer> {
+impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
/// Inserts a revocation secret into this channel monitor. Prunes old preimages if neither
/// needed by holder commitment transactions HTCLs nor by counterparty ones. Unless we haven't already seen
/// counterparty commitment transaction's secret, they are de facto pruned (we can use revocation key).
// Prune HTLCs from the previous counterparty commitment tx so we don't generate failure/fulfill
// events for now-revoked/fulfilled HTLCs.
if let Some(txid) = self.prev_counterparty_commitment_txid.take() {
- for &mut (_, ref mut source) in self.counterparty_claimable_outpoints.get_mut(&txid).unwrap() {
- *source = None;
+ if self.current_counterparty_commitment_txid.unwrap() != txid {
+ let cur_claimables = self.counterparty_claimable_outpoints.get(
+ &self.current_counterparty_commitment_txid.unwrap()).unwrap();
+ for (_, ref source_opt) in self.counterparty_claimable_outpoints.get(&txid).unwrap() {
+ if let Some(source) = source_opt {
+ if !cur_claimables.iter()
+ .any(|(_, cur_source_opt)| cur_source_opt == source_opt)
+ {
+ self.counterparty_fulfilled_htlcs.remove(&SentHTLCId::from_source(source));
+ }
+ }
+ }
+ for &mut (_, ref mut source_opt) in self.counterparty_claimable_outpoints.get_mut(&txid).unwrap() {
+ *source_opt = None;
+ }
+ } else {
+ assert!(cfg!(fuzzing), "Commitment txids are unique outside of fuzzing, where hashes can collide");
}
}
Ok(())
}
+ pub(crate) fn provide_initial_counterparty_commitment_tx<L: Deref>(
+ &mut self, txid: Txid, htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
+ commitment_number: u64, their_per_commitment_point: PublicKey, feerate_per_kw: u32,
+ to_broadcaster_value: u64, to_countersignatory_value: u64, logger: &L
+ )
+ where L::Target: Logger
+ {
+ self.initial_counterparty_commitment_info = Some((their_per_commitment_point.clone(),
+ feerate_per_kw, to_broadcaster_value, to_countersignatory_value));
+
+ #[cfg(debug_assertions)] {
+ let rebuilt_commitment_tx = self.initial_counterparty_commitment_tx().unwrap();
+ debug_assert_eq!(rebuilt_commitment_tx.trust().txid(), txid);
+ }
+
+ self.provide_latest_counterparty_commitment_tx(txid, htlc_outputs, commitment_number,
+ their_per_commitment_point, logger);
+ }
+
pub(crate) fn provide_latest_counterparty_commitment_tx<L: Deref>(&mut self, txid: Txid, htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>, commitment_number: u64, their_per_commitment_point: PublicKey, logger: &L) where L::Target: Logger {
// TODO: Encrypt the htlc_outputs data with the single-hash of the commitment transaction
// so that a remote monitor doesn't learn anything unless there is a malicious close.
/// is important that any clones of this channel monitor (including remote clones) by kept
/// up-to-date as our holder commitment transaction is updated.
/// Panics if set_on_holder_tx_csv has never been called.
- fn provide_latest_holder_commitment_tx(&mut self, holder_commitment_tx: HolderCommitmentTransaction, htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>) -> Result<(), &'static str> {
- // block for Rust 1.34 compat
- let mut new_holder_commitment_tx = {
- let trusted_tx = holder_commitment_tx.trust();
- let txid = trusted_tx.txid();
- let tx_keys = trusted_tx.keys();
- self.current_holder_commitment_number = trusted_tx.commitment_number();
- HolderSignedTx {
- txid,
- revocation_key: tx_keys.revocation_key,
- a_htlc_key: tx_keys.broadcaster_htlc_key,
- b_htlc_key: tx_keys.countersignatory_htlc_key,
- delayed_payment_key: tx_keys.broadcaster_delayed_payment_key,
- per_commitment_point: tx_keys.per_commitment_point,
- htlc_outputs,
- to_self_value_sat: holder_commitment_tx.to_broadcaster_value_sat(),
- feerate_per_kw: trusted_tx.feerate_per_kw(),
+ fn provide_latest_holder_commitment_tx(&mut self, holder_commitment_tx: HolderCommitmentTransaction, mut htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>, claimed_htlcs: &[(SentHTLCId, PaymentPreimage)], nondust_htlc_sources: Vec<HTLCSource>) -> Result<(), &'static str> {
+ if htlc_outputs.iter().any(|(_, s, _)| s.is_some()) {
+ // If we have non-dust HTLCs in htlc_outputs, ensure they match the HTLCs in the
+ // `holder_commitment_tx`. In the future, we'll no longer provide the redundant data
+ // and just pass in source data via `nondust_htlc_sources`.
+ debug_assert_eq!(htlc_outputs.iter().filter(|(_, s, _)| s.is_some()).count(), holder_commitment_tx.trust().htlcs().len());
+ for (a, b) in htlc_outputs.iter().filter(|(_, s, _)| s.is_some()).map(|(h, _, _)| h).zip(holder_commitment_tx.trust().htlcs().iter()) {
+ debug_assert_eq!(a, b);
+ }
+ debug_assert_eq!(htlc_outputs.iter().filter(|(_, s, _)| s.is_some()).count(), holder_commitment_tx.counterparty_htlc_sigs.len());
+ for (a, b) in htlc_outputs.iter().filter_map(|(_, s, _)| s.as_ref()).zip(holder_commitment_tx.counterparty_htlc_sigs.iter()) {
+ debug_assert_eq!(a, b);
+ }
+ debug_assert!(nondust_htlc_sources.is_empty());
+ } else {
+ // If we don't have any non-dust HTLCs in htlc_outputs, assume they were all passed via
+ // `nondust_htlc_sources`, building up the final htlc_outputs by combining
+ // `nondust_htlc_sources` and the `holder_commitment_tx`
+ #[cfg(debug_assertions)] {
+ let mut prev = -1;
+ for htlc in holder_commitment_tx.trust().htlcs().iter() {
+ assert!(htlc.transaction_output_index.unwrap() as i32 > prev);
+ prev = htlc.transaction_output_index.unwrap() as i32;
+ }
+ }
+ debug_assert!(htlc_outputs.iter().all(|(htlc, _, _)| htlc.transaction_output_index.is_none()));
+ debug_assert!(htlc_outputs.iter().all(|(_, sig_opt, _)| sig_opt.is_none()));
+ debug_assert_eq!(holder_commitment_tx.trust().htlcs().len(), holder_commitment_tx.counterparty_htlc_sigs.len());
+
+ let mut sources_iter = nondust_htlc_sources.into_iter();
+
+ for (htlc, counterparty_sig) in holder_commitment_tx.trust().htlcs().iter()
+ .zip(holder_commitment_tx.counterparty_htlc_sigs.iter())
+ {
+ if htlc.offered {
+ let source = sources_iter.next().expect("Non-dust HTLC sources didn't match commitment tx");
+ #[cfg(debug_assertions)] {
+ assert!(source.possibly_matches_output(htlc));
+ }
+ htlc_outputs.push((htlc.clone(), Some(counterparty_sig.clone()), Some(source)));
+ } else {
+ htlc_outputs.push((htlc.clone(), Some(counterparty_sig.clone()), None));
+ }
}
+ debug_assert!(sources_iter.next().is_none());
+ }
+
+ let trusted_tx = holder_commitment_tx.trust();
+ let txid = trusted_tx.txid();
+ let tx_keys = trusted_tx.keys();
+ self.current_holder_commitment_number = trusted_tx.commitment_number();
+ let mut new_holder_commitment_tx = HolderSignedTx {
+ txid,
+ revocation_key: tx_keys.revocation_key,
+ a_htlc_key: tx_keys.broadcaster_htlc_key,
+ b_htlc_key: tx_keys.countersignatory_htlc_key,
+ delayed_payment_key: tx_keys.broadcaster_delayed_payment_key,
+ per_commitment_point: tx_keys.per_commitment_point,
+ htlc_outputs,
+ to_self_value_sat: holder_commitment_tx.to_broadcaster_value_sat(),
+ feerate_per_kw: trusted_tx.feerate_per_kw(),
};
self.onchain_tx_handler.provide_latest_holder_tx(holder_commitment_tx);
mem::swap(&mut new_holder_commitment_tx, &mut self.current_holder_commitment_tx);
self.prev_holder_signed_commitment_tx = Some(new_holder_commitment_tx);
+ for (claimed_htlc_id, claimed_preimage) in claimed_htlcs {
+ #[cfg(debug_assertions)] {
+ let cur_counterparty_htlcs = self.counterparty_claimable_outpoints.get(
+ &self.current_counterparty_commitment_txid.unwrap()).unwrap();
+ assert!(cur_counterparty_htlcs.iter().any(|(_, source_opt)| {
+ if let Some(source) = source_opt {
+ SentHTLCId::from_source(source) == *claimed_htlc_id
+ } else { false }
+ }));
+ }
+ self.counterparty_fulfilled_htlcs.insert(*claimed_htlc_id, *claimed_preimage);
+ }
if self.holder_tx_signed {
return Err("Latest holder commitment signed has already been signed, update is rejected");
}
where B::Target: BroadcasterInterface,
L::Target: Logger,
{
- for tx in self.get_latest_holder_commitment_txn(logger).iter() {
+ let commit_txs = self.get_latest_holder_commitment_txn(logger);
+ let mut txs = vec![];
+ for tx in commit_txs.iter() {
log_info!(logger, "Broadcasting local {}", log_tx!(tx));
- broadcaster.broadcast_transaction(tx);
+ txs.push(tx);
}
+ broadcaster.broadcast_transactions(&txs);
self.pending_monitor_events.push(MonitorEvent::CommitmentTxConfirmed(self.funding_info.0));
}
F::Target: FeeEstimator,
L::Target: Logger,
{
- log_info!(logger, "Applying update to monitor {}, bringing update_id from {} to {} with {} changes.",
- log_funding_info!(self), self.latest_update_id, updates.update_id, updates.updates.len());
- // ChannelMonitor updates may be applied after force close if we receive a
- // preimage for a broadcasted commitment transaction HTLC output that we'd
- // like to claim on-chain. If this is the case, we no longer have guaranteed
- // access to the monitor's update ID, so we use a sentinel value instead.
+ if self.latest_update_id == CLOSED_CHANNEL_UPDATE_ID && updates.update_id == CLOSED_CHANNEL_UPDATE_ID {
+ log_info!(logger, "Applying post-force-closed update to monitor {} with {} change(s).",
+ log_funding_info!(self), updates.updates.len());
+ } else if updates.update_id == CLOSED_CHANNEL_UPDATE_ID {
+ log_info!(logger, "Applying force close update to monitor {} with {} change(s).",
+ log_funding_info!(self), updates.updates.len());
+ } else {
+ log_info!(logger, "Applying update to monitor {}, bringing update_id from {} to {} with {} change(s).",
+ log_funding_info!(self), self.latest_update_id, updates.update_id, updates.updates.len());
+ }
+ // ChannelMonitor updates may be applied after force close if we receive a preimage for a
+ // broadcasted commitment transaction HTLC output that we'd like to claim on-chain. If this
+ // is the case, we no longer have guaranteed access to the monitor's update ID, so we use a
+ // sentinel value instead.
+ //
+ // The `ChannelManager` may also queue redundant `ChannelForceClosed` updates if it still
+ // thinks the channel needs to have its commitment transaction broadcast, so we'll allow
+ // them as well.
if updates.update_id == CLOSED_CHANNEL_UPDATE_ID {
assert_eq!(updates.updates.len(), 1);
match updates.updates[0] {
- ChannelMonitorUpdateStep::PaymentPreimage { .. } => {},
+ ChannelMonitorUpdateStep::ChannelForceClosed { .. } => {},
+ // We should have already seen a `ChannelForceClosed` update if we're trying to
+ // provide a preimage at this point.
+ ChannelMonitorUpdateStep::PaymentPreimage { .. } =>
+ debug_assert_eq!(self.latest_update_id, CLOSED_CHANNEL_UPDATE_ID),
_ => {
log_error!(logger, "Attempted to apply post-force-close ChannelMonitorUpdate of type {}", updates.updates[0].variant_name());
panic!("Attempted to apply post-force-close ChannelMonitorUpdate that wasn't providing a payment preimage");
let bounded_fee_estimator = LowerBoundedFeeEstimator::new(&*fee_estimator);
for update in updates.updates.iter() {
match update {
- ChannelMonitorUpdateStep::LatestHolderCommitmentTXInfo { commitment_tx, htlc_outputs } => {
+ ChannelMonitorUpdateStep::LatestHolderCommitmentTXInfo { commitment_tx, htlc_outputs, claimed_htlcs, nondust_htlc_sources } => {
log_trace!(logger, "Updating ChannelMonitor with latest holder commitment transaction info");
if self.lockdown_from_offchain { panic!(); }
- if let Err(e) = self.provide_latest_holder_commitment_tx(commitment_tx.clone(), htlc_outputs.clone()) {
+ if let Err(e) = self.provide_latest_holder_commitment_tx(commitment_tx.clone(), htlc_outputs.clone(), &claimed_htlcs, nondust_htlc_sources.clone()) {
log_error!(logger, "Providing latest holder commitment transaction failed/was refused:");
log_error!(logger, " {}", e);
ret = Err(());
}
}
- ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo { commitment_txid, htlc_outputs, commitment_number, their_per_commitment_point } => {
+ ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo { commitment_txid, htlc_outputs, commitment_number, their_per_commitment_point, .. } => {
log_trace!(logger, "Updating ChannelMonitor with latest counterparty commitment transaction info");
self.provide_latest_counterparty_commitment_tx(*commitment_txid, htlc_outputs.clone(), *commitment_number, *their_per_commitment_point, logger)
},
_ => false,
}).is_some();
if detected_funding_spend {
+ log_trace!(logger, "Avoiding commitment broadcast, already detected confirmed spend onchain");
continue;
}
self.broadcast_latest_holder_commitment_txn(broadcaster, logger);
// If the channel supports anchor outputs, we'll need to emit an external
// event to be consumed such that a child transaction is broadcast with a
// high enough feerate for the parent commitment transaction to confirm.
- if self.onchain_tx_handler.opt_anchors() {
+ if self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
let funding_output = HolderFundingOutput::build(
self.funding_redeemscript.clone(), self.channel_value_satoshis,
- self.onchain_tx_handler.opt_anchors(),
+ self.onchain_tx_handler.channel_type_features().clone(),
);
let best_block_height = self.best_block.height();
let commitment_package = PackageTemplate::build_package(
self.funding_info.0.txid.clone(), self.funding_info.0.index as u32,
PackageSolvingData::HolderFundingOutput(funding_output),
- best_block_height, false, best_block_height,
+ best_block_height, best_block_height
);
self.onchain_tx_handler.update_claims_view_from_requests(
vec![commitment_package], best_block_height, best_block_height,
}
} else if !self.holder_tx_signed {
log_error!(logger, "WARNING: You have a potentially-unsafe holder commitment transaction available to broadcast");
- log_error!(logger, " in channel monitor for channel {}!", log_bytes!(self.funding_info.0.to_channel_id()));
+ log_error!(logger, " in channel monitor for channel {}!", &self.funding_info.0.to_channel_id());
log_error!(logger, " Read the docs for ChannelMonitor::get_latest_holder_commitment_txn and take manual action!");
} else {
// If we generated a MonitorEvent::CommitmentTxConfirmed, the ChannelManager
},
}
}
+
+ #[cfg(debug_assertions)] {
+ self.counterparty_commitment_txs_from_update(updates);
+ }
+
+ // If the updates succeeded and we were in an already closed channel state, then there's no
+ // need to refuse any updates we expect to receive afer seeing a confirmed commitment.
+ if ret.is_ok() && updates.update_id == CLOSED_CHANNEL_UPDATE_ID && self.latest_update_id == updates.update_id {
+ return Ok(());
+ }
+
self.latest_update_id = updates.update_id;
- if ret.is_ok() && self.funding_spend_seen {
+ // Refuse updates after we've detected a spend onchain, but only if we haven't processed a
+ // force closed monitor update yet.
+ if ret.is_ok() && self.funding_spend_seen && self.latest_update_id != CLOSED_CHANNEL_UPDATE_ID {
log_error!(logger, "Refusing Channel Monitor Update as counterparty attempted to update commitment after funding was spent");
Err(())
} else { ret }
ret
}
- pub fn get_and_clear_pending_events(&mut self) -> Vec<Event> {
- let mut ret = Vec::new();
- mem::swap(&mut ret, &mut self.pending_events);
- #[cfg(anchors)]
- for claim_event in self.onchain_tx_handler.get_and_clear_pending_claim_events().drain(..) {
+ /// Gets the set of events that are repeated regularly (e.g. those which RBF bump
+ /// transactions). We're okay if we lose these on restart as they'll be regenerated for us at
+ /// some regular interval via [`ChannelMonitor::rebroadcast_pending_claims`].
+ pub(super) fn get_repeated_events(&mut self) -> Vec<Event> {
+ let pending_claim_events = self.onchain_tx_handler.get_and_clear_pending_claim_events();
+ let mut ret = Vec::with_capacity(pending_claim_events.len());
+ for (claim_id, claim_event) in pending_claim_events {
match claim_event {
ClaimEvent::BumpCommitment {
package_target_feerate_sat_per_1000_weight, commitment_tx, anchor_output_idx,
let commitment_tx_fee_satoshis = self.channel_value_satoshis -
commitment_tx.output.iter().fold(0u64, |sum, output| sum + output.value);
ret.push(Event::BumpTransaction(BumpTransactionEvent::ChannelClose {
+ claim_id,
package_target_feerate_sat_per_1000_weight,
commitment_tx,
commitment_tx_fee_satoshis,
anchor_descriptor: AnchorDescriptor {
- channel_keys_id: self.channel_keys_id,
- channel_value_satoshis: self.channel_value_satoshis,
+ channel_derivation_parameters: ChannelDerivationParameters {
+ keys_id: self.channel_keys_id,
+ value_satoshis: self.channel_value_satoshis,
+ transaction_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(),
+ },
outpoint: BitcoinOutPoint {
txid: commitment_txid,
vout: anchor_output_idx,
}));
},
ClaimEvent::BumpHTLC {
- target_feerate_sat_per_1000_weight, htlcs,
+ target_feerate_sat_per_1000_weight, htlcs, tx_lock_time,
} => {
let mut htlc_descriptors = Vec::with_capacity(htlcs.len());
for htlc in htlcs {
htlc_descriptors.push(HTLCDescriptor {
- channel_keys_id: self.channel_keys_id,
- channel_value_satoshis: self.channel_value_satoshis,
- channel_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(),
+ channel_derivation_parameters: ChannelDerivationParameters {
+ keys_id: self.channel_keys_id,
+ value_satoshis: self.channel_value_satoshis,
+ transaction_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(),
+ },
commitment_txid: htlc.commitment_txid,
per_commitment_number: htlc.per_commitment_number,
+ per_commitment_point: self.onchain_tx_handler.signer.get_per_commitment_point(
+ htlc.per_commitment_number, &self.onchain_tx_handler.secp_ctx,
+ ),
htlc: htlc.htlc,
preimage: htlc.preimage,
counterparty_sig: htlc.counterparty_sig,
});
}
ret.push(Event::BumpTransaction(BumpTransactionEvent::HTLCResolution {
+ claim_id,
target_feerate_sat_per_1000_weight,
htlc_descriptors,
+ tx_lock_time,
}));
}
}
ret
}
+ pub(crate) fn initial_counterparty_commitment_tx(&mut self) -> Option<CommitmentTransaction> {
+ let (their_per_commitment_point, feerate_per_kw, to_broadcaster_value,
+ to_countersignatory_value) = self.initial_counterparty_commitment_info?;
+ let htlc_outputs = vec![];
+
+ let commitment_tx = self.build_counterparty_commitment_tx(INITIAL_COMMITMENT_NUMBER,
+ &their_per_commitment_point, to_broadcaster_value, to_countersignatory_value,
+ feerate_per_kw, htlc_outputs);
+ Some(commitment_tx)
+ }
+
+ fn build_counterparty_commitment_tx(
+ &self, commitment_number: u64, their_per_commitment_point: &PublicKey,
+ to_broadcaster_value: u64, to_countersignatory_value: u64, feerate_per_kw: u32,
+ mut nondust_htlcs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>
+ ) -> CommitmentTransaction {
+ let broadcaster_keys = &self.onchain_tx_handler.channel_transaction_parameters
+ .counterparty_parameters.as_ref().unwrap().pubkeys;
+ let countersignatory_keys =
+ &self.onchain_tx_handler.channel_transaction_parameters.holder_pubkeys;
+
+ let broadcaster_funding_key = broadcaster_keys.funding_pubkey;
+ let countersignatory_funding_key = countersignatory_keys.funding_pubkey;
+ let keys = TxCreationKeys::from_channel_static_keys(&their_per_commitment_point,
+ &broadcaster_keys, &countersignatory_keys, &self.onchain_tx_handler.secp_ctx);
+ let channel_parameters =
+ &self.onchain_tx_handler.channel_transaction_parameters.as_counterparty_broadcastable();
+
+ CommitmentTransaction::new_with_auxiliary_htlc_data(commitment_number,
+ to_broadcaster_value, to_countersignatory_value, broadcaster_funding_key,
+ countersignatory_funding_key, keys, feerate_per_kw, &mut nondust_htlcs,
+ channel_parameters)
+ }
+
+ pub(crate) fn counterparty_commitment_txs_from_update(&self, update: &ChannelMonitorUpdate) -> Vec<CommitmentTransaction> {
+ update.updates.iter().filter_map(|update| {
+ match update {
+ &ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo { commitment_txid,
+ ref htlc_outputs, commitment_number, their_per_commitment_point,
+ feerate_per_kw: Some(feerate_per_kw),
+ to_broadcaster_value_sat: Some(to_broadcaster_value),
+ to_countersignatory_value_sat: Some(to_countersignatory_value) } => {
+
+ let nondust_htlcs = htlc_outputs.iter().filter_map(|(htlc, _)| {
+ htlc.transaction_output_index.map(|_| (htlc.clone(), None))
+ }).collect::<Vec<_>>();
+
+ let commitment_tx = self.build_counterparty_commitment_tx(commitment_number,
+ &their_per_commitment_point, to_broadcaster_value,
+ to_countersignatory_value, feerate_per_kw, nondust_htlcs);
+
+ debug_assert_eq!(commitment_tx.trust().txid(), commitment_txid);
+
+ Some(commitment_tx)
+ },
+ _ => None,
+ }
+ }).collect()
+ }
+
+ pub(crate) fn sign_to_local_justice_tx(
+ &self, mut justice_tx: Transaction, input_idx: usize, value: u64, commitment_number: u64
+ ) -> Result<Transaction, ()> {
+ let secret = self.get_secret(commitment_number).ok_or(())?;
+ let per_commitment_key = SecretKey::from_slice(&secret).map_err(|_| ())?;
+ let their_per_commitment_point = PublicKey::from_secret_key(
+ &self.onchain_tx_handler.secp_ctx, &per_commitment_key);
+
+ let revocation_pubkey = chan_utils::derive_public_revocation_key(
+ &self.onchain_tx_handler.secp_ctx, &their_per_commitment_point,
+ &self.holder_revocation_basepoint);
+ let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx,
+ &their_per_commitment_point,
+ &self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+ let revokeable_redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey,
+ self.counterparty_commitment_params.on_counterparty_tx_csv, &delayed_key);
+
+ let sig = self.onchain_tx_handler.signer.sign_justice_revoked_output(
+ &justice_tx, input_idx, value, &per_commitment_key, &self.onchain_tx_handler.secp_ctx)?;
+ justice_tx.input[input_idx].witness.push_bitcoin_signature(&sig.serialize_der(), EcdsaSighashType::All);
+ justice_tx.input[input_idx].witness.push(&[1u8]);
+ justice_tx.input[input_idx].witness.push(revokeable_redeemscript.as_bytes());
+ Ok(justice_tx)
+ }
+
/// Can only fail if idx is < get_min_seen_secret
fn get_secret(&self, idx: u64) -> Option<[u8; 32]> {
self.commitment_secrets.get_secret(idx)
if commitment_number >= self.get_min_seen_secret() {
let secret = self.get_secret(commitment_number).unwrap();
let per_commitment_key = ignore_error!(SecretKey::from_slice(&secret));
- let per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key);
- let revocation_pubkey = chan_utils::derive_public_revocation_key(&self.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
- let delayed_key = chan_utils::derive_public_key(&self.secp_ctx, &PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key), &self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
+ let per_commitment_point = PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key);
+ let revocation_pubkey = chan_utils::derive_public_revocation_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
+ let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx, &PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key), &self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
let revokeable_redeemscript = chan_utils::get_revokeable_redeemscript(&revocation_pubkey, self.counterparty_commitment_params.on_counterparty_tx_csv, &delayed_key);
let revokeable_p2wsh = revokeable_redeemscript.to_v0_p2wsh();
// First, process non-htlc outputs (to_holder & to_counterparty)
for (idx, outp) in tx.output.iter().enumerate() {
if outp.script_pubkey == revokeable_p2wsh {
- let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, outp.value, self.counterparty_commitment_params.on_counterparty_tx_csv);
- let justice_package = PackageTemplate::build_package(commitment_txid, idx as u32, PackageSolvingData::RevokedOutput(revk_outp), height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, true, height);
+ let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, outp.value, self.counterparty_commitment_params.on_counterparty_tx_csv, self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx());
+ let justice_package = PackageTemplate::build_package(commitment_txid, idx as u32, PackageSolvingData::RevokedOutput(revk_outp), height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, height);
claimable_outpoints.push(justice_package);
to_counterparty_output_info =
Some((idx.try_into().expect("Txn can't have more than 2^32 outputs"), outp.value));
return (claimable_outpoints, (commitment_txid, watch_outputs),
to_counterparty_output_info);
}
- let revk_htlc_outp = RevokedHTLCOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, htlc.amount_msat / 1000, htlc.clone(), self.onchain_tx_handler.channel_transaction_parameters.opt_anchors.is_some());
- let justice_package = PackageTemplate::build_package(commitment_txid, transaction_output_index, PackageSolvingData::RevokedHTLCOutput(revk_htlc_outp), htlc.cltv_expiry, true, height);
+ let revk_htlc_outp = RevokedHTLCOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, htlc.amount_msat / 1000, htlc.clone(), &self.onchain_tx_handler.channel_transaction_parameters.channel_type_features);
+ let justice_package = PackageTemplate::build_package(commitment_txid, transaction_output_index, PackageSolvingData::RevokedHTLCOutput(revk_htlc_outp), htlc.cltv_expiry, height);
claimable_outpoints.push(justice_package);
}
}
if let Some(transaction) = tx {
let revocation_pubkey = chan_utils::derive_public_revocation_key(
- &self.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
- let delayed_key = chan_utils::derive_public_key(&self.secp_ctx,
+ &self.onchain_tx_handler.secp_ctx, &per_commitment_point, &self.holder_revocation_basepoint);
+ let delayed_key = chan_utils::derive_public_key(&self.onchain_tx_handler.secp_ctx,
&per_commitment_point,
&self.counterparty_commitment_params.counterparty_delayed_payment_base_key);
let revokeable_p2wsh = chan_utils::get_revokeable_redeemscript(&revocation_pubkey,
CounterpartyOfferedHTLCOutput::build(*per_commitment_point,
self.counterparty_commitment_params.counterparty_delayed_payment_base_key,
self.counterparty_commitment_params.counterparty_htlc_base_key,
- preimage.unwrap(), htlc.clone(), self.onchain_tx_handler.opt_anchors()))
+ preimage.unwrap(), htlc.clone(), self.onchain_tx_handler.channel_type_features().clone()))
} else {
PackageSolvingData::CounterpartyReceivedHTLCOutput(
CounterpartyReceivedHTLCOutput::build(*per_commitment_point,
self.counterparty_commitment_params.counterparty_delayed_payment_base_key,
self.counterparty_commitment_params.counterparty_htlc_base_key,
- htlc.clone(), self.onchain_tx_handler.opt_anchors()))
+ htlc.clone(), self.onchain_tx_handler.channel_type_features().clone()))
};
- let aggregation = if !htlc.offered { false } else { true };
- let counterparty_package = PackageTemplate::build_package(commitment_txid, transaction_output_index, counterparty_htlc_outp, htlc.cltv_expiry,aggregation, 0);
+ let counterparty_package = PackageTemplate::build_package(commitment_txid, transaction_output_index, counterparty_htlc_outp, htlc.cltv_expiry, 0);
claimable_outpoints.push(counterparty_package);
}
}
Ok(key) => key,
Err(_) => return (Vec::new(), None)
};
- let per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key);
+ let per_commitment_point = PublicKey::from_secret_key(&self.onchain_tx_handler.secp_ctx, &per_commitment_key);
let htlc_txid = tx.txid();
let mut claimable_outpoints = vec![];
let revk_outp = RevokedOutput::build(
per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key,
self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key,
- tx.output[idx].value, self.counterparty_commitment_params.on_counterparty_tx_csv
+ tx.output[idx].value, self.counterparty_commitment_params.on_counterparty_tx_csv,
+ false
);
let justice_package = PackageTemplate::build_package(
htlc_txid, idx as u32, PackageSolvingData::RevokedOutput(revk_outp),
- height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, true, height
+ height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, height
);
claimable_outpoints.push(justice_package);
if outputs_to_watch.is_none() {
for &(ref htlc, _, _) in holder_tx.htlc_outputs.iter() {
if let Some(transaction_output_index) = htlc.transaction_output_index {
- let (htlc_output, aggregable) = if htlc.offered {
+ let htlc_output = if htlc.offered {
let htlc_output = HolderHTLCOutput::build_offered(
- htlc.amount_msat, htlc.cltv_expiry, self.onchain_tx_handler.opt_anchors()
+ htlc.amount_msat, htlc.cltv_expiry, self.onchain_tx_handler.channel_type_features().clone()
);
- (htlc_output, false)
+ htlc_output
} else {
let payment_preimage = if let Some(preimage) = self.payment_preimages.get(&htlc.payment_hash) {
preimage.clone()
continue;
};
let htlc_output = HolderHTLCOutput::build_accepted(
- payment_preimage, htlc.amount_msat, self.onchain_tx_handler.opt_anchors()
+ payment_preimage, htlc.amount_msat, self.onchain_tx_handler.channel_type_features().clone()
);
- (htlc_output, self.onchain_tx_handler.opt_anchors())
+ htlc_output
};
let htlc_package = PackageTemplate::build_package(
holder_tx.txid, transaction_output_index,
PackageSolvingData::HolderHTLCOutput(htlc_output),
- htlc.cltv_expiry, aggregable, conf_height
+ htlc.cltv_expiry, conf_height
);
claim_requests.push(htlc_package);
}
let mut holder_transactions = vec![commitment_tx];
// When anchor outputs are present, the HTLC transactions are only valid once the commitment
// transaction confirms.
- if self.onchain_tx_handler.opt_anchors() {
+ if self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
return holder_transactions;
}
for htlc in self.current_holder_commitment_tx.htlc_outputs.iter() {
let mut holder_transactions = vec![commitment_tx];
// When anchor outputs are present, the HTLC transactions are only final once the commitment
// transaction confirms due to the CSV 1 encumberance.
- if self.onchain_tx_handler.opt_anchors() {
+ if self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
return holder_transactions;
}
for htlc in self.current_holder_commitment_tx.htlc_outputs.iter() {
if prevout.txid == self.funding_info.0.txid && prevout.vout == self.funding_info.0.index as u32 {
let mut balance_spendable_csv = None;
log_info!(logger, "Channel {} closed by funding output spend in txid {}.",
- log_bytes!(self.funding_info.0.to_channel_id()), txid);
+ &self.funding_info.0.to_channel_id(), txid);
self.funding_spend_seen = true;
let mut commitment_tx_to_counterparty_output = None;
if (tx.input[0].sequence.0 >> 8*3) as u8 == 0x80 && (tx.lock_time.0 >> 8*3) as u8 == 0x20 {
let should_broadcast = self.should_broadcast_holder_commitment_txn(logger);
if should_broadcast {
- let funding_outp = HolderFundingOutput::build(self.funding_redeemscript.clone(), self.channel_value_satoshis, self.onchain_tx_handler.opt_anchors());
- let commitment_package = PackageTemplate::build_package(self.funding_info.0.txid.clone(), self.funding_info.0.index as u32, PackageSolvingData::HolderFundingOutput(funding_outp), self.best_block.height(), false, self.best_block.height());
+ let funding_outp = HolderFundingOutput::build(self.funding_redeemscript.clone(), self.channel_value_satoshis, self.onchain_tx_handler.channel_type_features().clone());
+ let commitment_package = PackageTemplate::build_package(self.funding_info.0.txid.clone(), self.funding_info.0.index as u32, PackageSolvingData::HolderFundingOutput(funding_outp), self.best_block.height(), self.best_block.height());
claimable_outpoints.push(commitment_package);
self.pending_monitor_events.push(MonitorEvent::CommitmentTxConfirmed(self.funding_info.0));
- let commitment_tx = self.onchain_tx_handler.get_fully_signed_holder_tx(&self.funding_redeemscript);
+ // Although we aren't signing the transaction directly here, the transaction will be signed
+ // in the claim that is queued to OnchainTxHandler. We set holder_tx_signed here to reject
+ // new channel updates.
self.holder_tx_signed = true;
// We can't broadcast our HTLC transactions while the commitment transaction is
// unconfirmed. We'll delay doing so until we detect the confirmed commitment in
// `transactions_confirmed`.
- if !self.onchain_tx_handler.opt_anchors() {
+ if !self.onchain_tx_handler.channel_type_features().supports_anchors_zero_fee_htlc_tx() {
// Because we're broadcasting a commitment transaction, we should construct the package
// assuming it gets confirmed in the next block. Sadly, we have code which considers
// "not yet confirmed" things as discardable, so we cannot do that here.
let (mut new_outpoints, _) = self.get_broadcasted_holder_claims(&self.current_holder_commitment_tx, self.best_block.height());
- let new_outputs = self.get_broadcasted_holder_watch_outputs(&self.current_holder_commitment_tx, &commitment_tx);
+ let unsigned_commitment_tx = self.onchain_tx_handler.get_unsigned_holder_commitment_tx();
+ let new_outputs = self.get_broadcasted_holder_watch_outputs(&self.current_holder_commitment_tx, &unsigned_commitment_tx);
if !new_outputs.is_empty() {
watch_outputs.push((self.current_holder_commitment_tx.txid.clone(), new_outputs));
}
}
log_debug!(logger, "HTLC {} failure update in {} has got enough confirmations to be passed upstream",
- log_bytes!(payment_hash.0), entry.txid);
+ &payment_hash, entry.txid);
self.pending_monitor_events.push(MonitorEvent::HTLCEvent(HTLCUpdate {
payment_hash,
payment_preimage: None,
OnchainEvent::MaturingOutput { descriptor } => {
log_debug!(logger, "Descriptor {} has got enough confirmations to be passed upstream", log_spendable!(descriptor));
self.pending_events.push(Event::SpendableOutputs {
- outputs: vec![descriptor]
+ outputs: vec![descriptor],
+ channel_id: Some(self.funding_info.0.to_channel_id()),
});
self.spendable_txids_confirmed.push(entry.txid);
},
(outbound_htlc && !$source_avail && (accepted_preimage_claim || offered_preimage_claim)) {
log_error!(logger, "Input spending {} ({}:{}) in {} resolves {} HTLC with payment hash {} with {}!",
$tx_info, input.previous_output.txid, input.previous_output.vout, tx.txid(),
- if outbound_htlc { "outbound" } else { "inbound" }, log_bytes!($htlc.payment_hash.0),
+ if outbound_htlc { "outbound" } else { "inbound" }, &$htlc.payment_hash,
if revocation_sig_claim { "revocation sig" } else { "preimage claim after we'd passed the HTLC resolution back. We can likely claim the HTLC output with a revocation claim" });
} else {
log_info!(logger, "Input spending {} ({}:{}) in {} resolves {} HTLC with payment hash {} with {}",
$tx_info, input.previous_output.txid, input.previous_output.vout, tx.txid(),
- if outbound_htlc { "outbound" } else { "inbound" }, log_bytes!($htlc.payment_hash.0),
+ if outbound_htlc { "outbound" } else { "inbound" }, &$htlc.payment_hash,
if revocation_sig_claim { "revocation sig" } else if accepted_preimage_claim || offered_preimage_claim { "preimage" } else { "timeout" });
}
}
commitment_tx_output_idx: Some(input.previous_output.vout),
},
};
- log_info!(logger, "Failing HTLC with payment_hash {} timeout by a spend tx, waiting for confirmation (at height {})", log_bytes!(payment_hash.0), entry.confirmation_threshold());
+ log_info!(logger, "Failing HTLC with payment_hash {} timeout by a spend tx, waiting for confirmation (at height {})", &payment_hash, entry.confirmation_threshold());
self.onchain_events_awaiting_threshold_conf.push(entry);
}
}
}
}
-impl<Signer: Sign, T: Deref, F: Deref, L: Deref> chain::Listen for (ChannelMonitor<Signer>, T, F, L)
+impl<Signer: WriteableEcdsaChannelSigner, T: Deref, F: Deref, L: Deref> chain::Listen for (ChannelMonitor<Signer>, T, F, L)
where
T::Target: BroadcasterInterface,
F::Target: FeeEstimator,
}
}
-impl<Signer: Sign, T: Deref, F: Deref, L: Deref> chain::Confirm for (ChannelMonitor<Signer>, T, F, L)
+impl<Signer: WriteableEcdsaChannelSigner, M, T: Deref, F: Deref, L: Deref> chain::Confirm for (M, T, F, L)
where
+ M: Deref<Target = ChannelMonitor<Signer>>,
T::Target: BroadcasterInterface,
F::Target: FeeEstimator,
L::Target: Logger,
let mut counterparty_node_id = None;
let mut confirmed_commitment_tx_counterparty_output = None;
let mut spendable_txids_confirmed = Some(Vec::new());
+ let mut counterparty_fulfilled_htlcs = Some(HashMap::new());
+ let mut initial_counterparty_commitment_info = None;
read_tlv_fields!(reader, {
(1, funding_spend_confirmed, option),
- (3, htlcs_resolved_on_chain, vec_type),
- (5, pending_monitor_events, vec_type),
+ (3, htlcs_resolved_on_chain, optional_vec),
+ (5, pending_monitor_events, optional_vec),
(7, funding_spend_seen, option),
(9, counterparty_node_id, option),
(11, confirmed_commitment_tx_counterparty_output, option),
- (13, spendable_txids_confirmed, vec_type),
+ (13, spendable_txids_confirmed, optional_vec),
+ (15, counterparty_fulfilled_htlcs, option),
+ (17, initial_counterparty_commitment_info, option),
});
- let mut secp_ctx = Secp256k1::new();
- secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
-
Ok((best_block.block_hash(), ChannelMonitor::from_impl(ChannelMonitorImpl {
latest_update_id,
commitment_transaction_number_obscure_factor,
counterparty_claimable_outpoints,
counterparty_commitment_txn_on_chain,
counterparty_hash_commitment_number,
+ counterparty_fulfilled_htlcs: counterparty_fulfilled_htlcs.unwrap(),
prev_holder_signed_commitment_tx,
current_holder_commitment_tx,
payment_preimages,
pending_monitor_events: pending_monitor_events.unwrap(),
pending_events,
+ is_processing_pending_events: false,
onchain_events_awaiting_threshold_conf,
outputs_to_watch,
best_block,
counterparty_node_id,
-
- secp_ctx,
+ initial_counterparty_commitment_info,
})))
}
}
#[cfg(test)]
mod tests {
- use bitcoin::blockdata::block::BlockHeader;
use bitcoin::blockdata::script::{Script, Builder};
use bitcoin::blockdata::opcodes;
use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, EcdsaSighashType};
use crate::chain::channelmonitor::ChannelMonitor;
use crate::chain::package::{weight_offered_htlc, weight_received_htlc, weight_revoked_offered_htlc, weight_revoked_received_htlc, WEIGHT_REVOKED_OUTPUT};
use crate::chain::transaction::OutPoint;
- use crate::chain::keysinterface::InMemorySigner;
+ use crate::sign::InMemorySigner;
+ use crate::events::ClosureReason;
use crate::ln::{PaymentPreimage, PaymentHash};
use crate::ln::chan_utils;
use crate::ln::chan_utils::{HTLCOutputInCommitment, ChannelPublicKeys, ChannelTransactionParameters, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters};
- use crate::ln::channelmanager::{PaymentSendFailure, PaymentId};
+ use crate::ln::channelmanager::{PaymentSendFailure, PaymentId, RecipientOnionFields};
use crate::ln::functional_test_utils::*;
use crate::ln::script::ShutdownScript;
use crate::util::errors::APIError;
- use crate::util::events::{ClosureReason, MessageSendEventsProvider};
use crate::util::test_utils::{TestLogger, TestBroadcaster, TestFeeEstimator};
use crate::util::ser::{ReadableArgs, Writeable};
use crate::sync::{Arc, Mutex};
use crate::io;
- use bitcoin::{PackedLockTime, Sequence, TxMerkleNode, Witness};
+ use bitcoin::{PackedLockTime, Sequence, Witness};
+ use crate::ln::features::ChannelTypeFeatures;
use crate::prelude::*;
fn do_test_funding_spend_refuses_updates(use_local_txn: bool) {
// Connect a commitment transaction, but only to the ChainMonitor/ChannelMonitor. The
// channel is now closed, but the ChannelManager doesn't know that yet.
- let new_header = BlockHeader {
- version: 2, time: 0, bits: 0, nonce: 0,
- prev_blockhash: nodes[0].best_block_info().0,
- merkle_root: TxMerkleNode::all_zeros() };
+ let new_header = create_dummy_header(nodes[0].best_block_info().0, 0);
let conf_height = nodes[0].best_block_info().1 + 1;
nodes[1].chain_monitor.chain_monitor.transactions_confirmed(&new_header,
&[(0, broadcast_tx)], conf_height);
// If the ChannelManager tries to update the channel, however, the ChainMonitor will pass
// the update through to the ChannelMonitor which will refuse it (as the channel is closed).
let (route, payment_hash, _, payment_secret) = get_route_and_payment_hash!(nodes[1], nodes[0], 100_000);
- unwrap_send_err!(nodes[1].node.send_payment(&route, payment_hash, &Some(payment_secret), PaymentId(payment_hash.0)),
- true, APIError::ChannelUnavailable { ref err },
+ unwrap_send_err!(nodes[1].node.send_payment_with_route(&route, payment_hash,
+ RecipientOnionFields::secret_only(payment_secret), PaymentId(payment_hash.0)
+ ), true, APIError::ChannelUnavailable { ref err },
assert!(err.contains("ChannelMonitor storage failure")));
check_added_monitors!(nodes[1], 2); // After the failure we generate a close-channel monitor update
check_closed_broadcast!(nodes[1], true);
- check_closed_event!(nodes[1], 1, ClosureReason::ProcessingError { err: "ChannelMonitor storage failure".to_string() });
+ check_closed_event!(nodes[1], 1, ClosureReason::ProcessingError { err: "ChannelMonitor storage failure".to_string() },
+ [nodes[0].node.get_our_node_id()], 100000);
// Build a new ChannelMonitorUpdate which contains both the failing commitment tx update
// and provides the claim preimages for the two pending HTLCs. The first update generates
replay_update.updates.push(ChannelMonitorUpdateStep::PaymentPreimage { payment_preimage: payment_preimage_1 });
replay_update.updates.push(ChannelMonitorUpdateStep::PaymentPreimage { payment_preimage: payment_preimage_2 });
- let broadcaster = TestBroadcaster::new(Arc::clone(&nodes[1].blocks));
+ let broadcaster = TestBroadcaster::with_blocks(Arc::clone(&nodes[1].blocks));
assert!(
pre_update_monitor.update_monitor(&replay_update, &&broadcaster, &chanmon_cfgs[1].fee_estimator, &nodes[1].logger)
.is_err());
fn test_prune_preimages() {
let secp_ctx = Secp256k1::new();
let logger = Arc::new(TestLogger::new());
- let broadcaster = Arc::new(TestBroadcaster{txn_broadcasted: Mutex::new(Vec::new()), blocks: Arc::new(Mutex::new(Vec::new()))});
+ let broadcaster = Arc::new(TestBroadcaster::new(Network::Testnet));
let fee_estimator = TestFeeEstimator { sat_per_kw: Mutex::new(253) };
let dummy_key = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
- let dummy_tx = Transaction { version: 0, lock_time: PackedLockTime::ZERO, input: Vec::new(), output: Vec::new() };
let mut preimages = Vec::new();
{
}
}
- macro_rules! preimages_slice_to_htlc_outputs {
+ macro_rules! preimages_slice_to_htlcs {
($preimages_slice: expr) => {
{
let mut res = Vec::new();
cltv_expiry: 0,
payment_hash: preimage.1.clone(),
transaction_output_index: Some(idx as u32),
- }, None));
+ }, ()));
}
res
}
}
}
- macro_rules! preimages_to_holder_htlcs {
+ macro_rules! preimages_slice_to_htlc_outputs {
($preimages_slice: expr) => {
- {
- let mut inp = preimages_slice_to_htlc_outputs!($preimages_slice);
- let res: Vec<_> = inp.drain(..).map(|e| { (e.0, None, e.1) }).collect();
- res
- }
+ preimages_slice_to_htlcs!($preimages_slice).into_iter().map(|(htlc, _)| (htlc, None)).collect()
}
}
+ let dummy_sig = crate::util::crypto::sign(&secp_ctx,
+ &bitcoin::secp256k1::Message::from_slice(&[42; 32]).unwrap(),
+ &SecretKey::from_slice(&[42; 32]).unwrap());
macro_rules! test_preimages_exist {
($preimages_slice: expr, $monitor: expr) => {
SecretKey::from_slice(&[41; 32]).unwrap(),
SecretKey::from_slice(&[41; 32]).unwrap(),
SecretKey::from_slice(&[41; 32]).unwrap(),
- SecretKey::from_slice(&[41; 32]).unwrap(),
[41; 32],
0,
[0; 32],
+ [0; 32],
);
let counterparty_pubkeys = ChannelPublicKeys {
selected_contest_delay: 67,
}),
funding_outpoint: Some(funding_outpoint),
- opt_anchors: None,
- opt_non_zero_fee_anchors: None,
+ channel_type_features: ChannelTypeFeatures::only_static_remote_key()
};
// Prune with one old state and a holder commitment tx holding a few overlaps with the
// old state.
let shutdown_pubkey = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
- let best_block = BestBlock::from_genesis(Network::Testnet);
+ let best_block = BestBlock::from_network(Network::Testnet);
let monitor = ChannelMonitor::new(Secp256k1::new(), keys,
- Some(ShutdownScript::new_p2wpkh_from_pubkey(shutdown_pubkey).into_inner()), 0, &Script::new(),
- (OutPoint { txid: Txid::from_slice(&[43; 32]).unwrap(), index: 0 }, Script::new()),
- &channel_parameters,
- Script::new(), 46, 0,
- HolderCommitmentTransaction::dummy(), best_block, dummy_key);
-
- monitor.provide_latest_holder_commitment_tx(HolderCommitmentTransaction::dummy(), preimages_to_holder_htlcs!(preimages[0..10])).unwrap();
- let dummy_txid = dummy_tx.txid();
- monitor.provide_latest_counterparty_commitment_tx(dummy_txid, preimages_slice_to_htlc_outputs!(preimages[5..15]), 281474976710655, dummy_key, &logger);
- monitor.provide_latest_counterparty_commitment_tx(dummy_txid, preimages_slice_to_htlc_outputs!(preimages[15..20]), 281474976710654, dummy_key, &logger);
- monitor.provide_latest_counterparty_commitment_tx(dummy_txid, preimages_slice_to_htlc_outputs!(preimages[17..20]), 281474976710653, dummy_key, &logger);
- monitor.provide_latest_counterparty_commitment_tx(dummy_txid, preimages_slice_to_htlc_outputs!(preimages[18..20]), 281474976710652, dummy_key, &logger);
+ Some(ShutdownScript::new_p2wpkh_from_pubkey(shutdown_pubkey).into_inner()), 0, &Script::new(),
+ (OutPoint { txid: Txid::from_slice(&[43; 32]).unwrap(), index: 0 }, Script::new()),
+ &channel_parameters, Script::new(), 46, 0, HolderCommitmentTransaction::dummy(&mut Vec::new()),
+ best_block, dummy_key);
+
+ let mut htlcs = preimages_slice_to_htlcs!(preimages[0..10]);
+ let dummy_commitment_tx = HolderCommitmentTransaction::dummy(&mut htlcs);
+ monitor.provide_latest_holder_commitment_tx(dummy_commitment_tx.clone(),
+ htlcs.into_iter().map(|(htlc, _)| (htlc, Some(dummy_sig), None)).collect()).unwrap();
+ monitor.provide_latest_counterparty_commitment_tx(Txid::from_inner(Sha256::hash(b"1").into_inner()),
+ preimages_slice_to_htlc_outputs!(preimages[5..15]), 281474976710655, dummy_key, &logger);
+ monitor.provide_latest_counterparty_commitment_tx(Txid::from_inner(Sha256::hash(b"2").into_inner()),
+ preimages_slice_to_htlc_outputs!(preimages[15..20]), 281474976710654, dummy_key, &logger);
for &(ref preimage, ref hash) in preimages.iter() {
let bounded_fee_estimator = LowerBoundedFeeEstimator::new(&fee_estimator);
monitor.provide_payment_preimage(hash, preimage, &broadcaster, &bounded_fee_estimator, &logger);
test_preimages_exist!(&preimages[0..10], monitor);
test_preimages_exist!(&preimages[15..20], monitor);
+ monitor.provide_latest_counterparty_commitment_tx(Txid::from_inner(Sha256::hash(b"3").into_inner()),
+ preimages_slice_to_htlc_outputs!(preimages[17..20]), 281474976710653, dummy_key, &logger);
+
// Now provide a further secret, pruning preimages 15-17
secret[0..32].clone_from_slice(&hex::decode("c7518c8ae4660ed02894df8976fa1a3659c1a8b4b5bec0c4b872abeba4cb8964").unwrap());
monitor.provide_secret(281474976710654, secret.clone()).unwrap();
test_preimages_exist!(&preimages[0..10], monitor);
test_preimages_exist!(&preimages[17..20], monitor);
+ monitor.provide_latest_counterparty_commitment_tx(Txid::from_inner(Sha256::hash(b"4").into_inner()),
+ preimages_slice_to_htlc_outputs!(preimages[18..20]), 281474976710652, dummy_key, &logger);
+
// Now update holder commitment tx info, pruning only element 18 as we still care about the
// previous commitment tx's preimages too
- monitor.provide_latest_holder_commitment_tx(HolderCommitmentTransaction::dummy(), preimages_to_holder_htlcs!(preimages[0..5])).unwrap();
+ let mut htlcs = preimages_slice_to_htlcs!(preimages[0..5]);
+ let dummy_commitment_tx = HolderCommitmentTransaction::dummy(&mut htlcs);
+ monitor.provide_latest_holder_commitment_tx(dummy_commitment_tx.clone(),
+ htlcs.into_iter().map(|(htlc, _)| (htlc, Some(dummy_sig), None)).collect()).unwrap();
secret[0..32].clone_from_slice(&hex::decode("2273e227a5b7449b6e70f1fb4652864038b1cbf9cd7c043a7d6456b7fc275ad8").unwrap());
monitor.provide_secret(281474976710653, secret.clone()).unwrap();
assert_eq!(monitor.inner.lock().unwrap().payment_preimages.len(), 12);
test_preimages_exist!(&preimages[18..20], monitor);
// But if we do it again, we'll prune 5-10
- monitor.provide_latest_holder_commitment_tx(HolderCommitmentTransaction::dummy(), preimages_to_holder_htlcs!(preimages[0..3])).unwrap();
+ let mut htlcs = preimages_slice_to_htlcs!(preimages[0..3]);
+ let dummy_commitment_tx = HolderCommitmentTransaction::dummy(&mut htlcs);
+ monitor.provide_latest_holder_commitment_tx(dummy_commitment_tx,
+ htlcs.into_iter().map(|(htlc, _)| (htlc, Some(dummy_sig), None)).collect()).unwrap();
secret[0..32].clone_from_slice(&hex::decode("27cddaa5624534cb6cb9d7da077cf2b22ab21e9b506fd4998a51d54502e99116").unwrap());
monitor.provide_secret(281474976710652, secret.clone()).unwrap();
assert_eq!(monitor.inner.lock().unwrap().payment_preimages.len(), 5);
let txid = Txid::from_hex("56944c5d3f98413ef45cf54545538103cc9f298e0575820ad3591376e2e0f65d").unwrap();
// Justice tx with 1 to_holder, 2 revoked offered HTLCs, 1 revoked received HTLCs
- for &opt_anchors in [false, true].iter() {
+ for channel_type_features in [ChannelTypeFeatures::only_static_remote_key(), ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies()].iter() {
let mut claim_tx = Transaction { version: 0, lock_time: PackedLockTime::ZERO, input: Vec::new(), output: Vec::new() };
let mut sum_actual_sigs = 0;
for i in 0..4 {
value: 0,
});
let base_weight = claim_tx.weight();
- let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT, weight_revoked_offered_htlc(opt_anchors), weight_revoked_offered_htlc(opt_anchors), weight_revoked_received_htlc(opt_anchors)];
+ let inputs_weight = vec![WEIGHT_REVOKED_OUTPUT, weight_revoked_offered_htlc(channel_type_features), weight_revoked_offered_htlc(channel_type_features), weight_revoked_received_htlc(channel_type_features)];
let mut inputs_total_weight = 2; // count segwit flags
{
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
- sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
+ sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, channel_type_features);
inputs_total_weight += inp;
}
}
}
// Claim tx with 1 offered HTLCs, 3 received HTLCs
- for &opt_anchors in [false, true].iter() {
+ for channel_type_features in [ChannelTypeFeatures::only_static_remote_key(), ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies()].iter() {
let mut claim_tx = Transaction { version: 0, lock_time: PackedLockTime::ZERO, input: Vec::new(), output: Vec::new() };
let mut sum_actual_sigs = 0;
for i in 0..4 {
value: 0,
});
let base_weight = claim_tx.weight();
- let inputs_weight = vec![weight_offered_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors), weight_received_htlc(opt_anchors)];
+ let inputs_weight = vec![weight_offered_htlc(channel_type_features), weight_received_htlc(channel_type_features), weight_received_htlc(channel_type_features), weight_received_htlc(channel_type_features)];
let mut inputs_total_weight = 2; // count segwit flags
{
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
- sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
+ sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, channel_type_features);
inputs_total_weight += inp;
}
}
}
// Justice tx with 1 revoked HTLC-Success tx output
- for &opt_anchors in [false, true].iter() {
+ for channel_type_features in [ChannelTypeFeatures::only_static_remote_key(), ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies()].iter() {
let mut claim_tx = Transaction { version: 0, lock_time: PackedLockTime::ZERO, input: Vec::new(), output: Vec::new() };
let mut sum_actual_sigs = 0;
claim_tx.input.push(TxIn {
{
let mut sighash_parts = sighash::SighashCache::new(&mut claim_tx);
for (idx, inp) in inputs_weight.iter().enumerate() {
- sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, opt_anchors);
+ sign_input!(sighash_parts, idx, 0, inp, sum_actual_sigs, channel_type_features);
inputs_total_weight += inp;
}
}