f - Check BOLT2 compatibility in close_channel

[rust-lightning] / lightning / src / ln / channel.rs
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs

index 5a0ceabed531159182a059c3b6e7f8bfa29556b2..94ce779ff895f15ffc3836025d03b9fb607d1f65 100644 (file)
--- a/lightning/src/ln/channel.rs
+++ b/lightning/src/ln/channel.rs
@@ -9,15 +9,15 @@
  
  use bitcoin::blockdata::script::{Script,Builder};
  use bitcoin::blockdata::transaction::{TxIn, TxOut, Transaction, SigHashType};
-use bitcoin::blockdata::opcodes;
  use bitcoin::util::bip143;
  use bitcoin::consensus::encode;
  
  use bitcoin::hashes::Hash;
  use bitcoin::hashes::sha256::Hash as Sha256;
  use bitcoin::hashes::sha256d::Hash as Sha256d;
-use bitcoin::hash_types::{Txid, BlockHash, WPubkeyHash};
+use bitcoin::hash_types::{Txid, BlockHash};
  
+use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE;
  use bitcoin::secp256k1::key::{PublicKey,SecretKey};
  use bitcoin::secp256k1::{Secp256k1,Signature};
  use bitcoin::secp256k1;
@@ -26,6 +26,7 @@ use ln::{PaymentPreimage, PaymentHash};
  use ln::features::{ChannelFeatures, InitFeatures};
  use ln::msgs;
  use ln::msgs::{DecodeError, OptionalField, DataLossProtect};
+use ln::script::ShutdownScript;
  use ln::channelmanager::{PendingHTLCStatus, HTLCSource, HTLCFailReason, HTLCFailureMsg, PendingHTLCInfo, RAACommitmentOrder, BREAKDOWN_TIMEOUT, MIN_CLTV_EXPIRY_DELTA, MAX_LOCAL_BREAKDOWN_TIMEOUT};
  use ln::chan_utils::{CounterpartyCommitmentSecrets, TxCreationKeys, HTLCOutputInCommitment, HTLC_SUCCESS_TX_WEIGHT, HTLC_TIMEOUT_TX_WEIGHT, make_funding_redeemscript, ChannelPublicKeys, CommitmentTransaction, HolderCommitmentTransaction, ChannelTransactionParameters, CounterpartyChannelTransactionParameters, MAX_HTLCS, get_commitment_transaction_number_obscure_factor};
  use ln::chan_utils;
@@ -43,11 +44,11 @@ use util::scid_utils::scid_from_parts;
  
  use prelude::*;
  use core::{cmp,mem,fmt};
+use core::convert::TryFrom;
  use core::ops::Deref;
-#[cfg(any(test, feature = "fuzztarget"))]
-use std::sync::Mutex;
+#[cfg(any(test, feature = "fuzztarget", debug_assertions))]
+use sync::Mutex;
  use bitcoin::hashes::hex::ToHex;
-use bitcoin::blockdata::opcodes::all::OP_PUSHBYTES_0;
  
  #[cfg(test)]
  pub struct ChannelValueStat {
@@ -348,7 +349,7 @@ pub(super) struct Channel<Signer: Sign> {
         latest_monitor_update_id: u64,
  
         holder_signer: Signer,
-       shutdown_pubkey: PublicKey,
+       shutdown_scriptpubkey: Option<ShutdownScript>,
         destination_script: Script,
  
         // Our commitment numbers start at 2^48-1 and count down, whereas the ones used in transaction
@@ -401,10 +402,10 @@ pub(super) struct Channel<Signer: Sign> {
  
         #[cfg(debug_assertions)]
         /// Max to_local and to_remote outputs in a locally-generated commitment transaction
-       holder_max_commitment_tx_output: ::std::sync::Mutex<(u64, u64)>,
+       holder_max_commitment_tx_output: Mutex<(u64, u64)>,
         #[cfg(debug_assertions)]
         /// Max to_local and to_remote outputs in a remote-generated commitment transaction
-       counterparty_max_commitment_tx_output: ::std::sync::Mutex<(u64, u64)>,
+       counterparty_max_commitment_tx_output: Mutex<(u64, u64)>,
  
         last_sent_closing_fee: Option<(u32, u64, Signature)>, // (feerate, fee, holder_sig)
  
@@ -492,7 +493,6 @@ struct CommitmentTxInfoCached {
  }
  
  pub const OUR_MAX_HTLCS: u16 = 50; //TODO
-const SPENDING_INPUT_FOR_A_OUTPUT_WEIGHT: u64 = 79; // prevout: 36, nSequence: 4, script len: 1, witness lengths: (3+1)/4, sig: 73/4, if-selector: 1, redeemScript: (6 ops + 2*33 pubkeys + 1*2 delay)/4
  
  #[cfg(not(test))]
  const COMMITMENT_TX_BASE_WEIGHT: u64 = 724;
@@ -567,7 +567,7 @@ impl<Signer: Sign> Channel<Signer> {
         }
  
         // Constructors:
-       pub fn new_outbound<K: Deref, F: Deref>(fee_estimator: &F, keys_provider: &K, counterparty_node_id: PublicKey, channel_value_satoshis: u64, push_msat: u64, user_id: u64, config: &UserConfig) -> Result<Channel<Signer>, APIError>
+       pub fn new_outbound<K: Deref, F: Deref>(fee_estimator: &F, keys_provider: &K, counterparty_node_id: PublicKey, their_features: InitFeatures, channel_value_satoshis: u64, push_msat: u64, user_id: u64, config: &UserConfig) -> Result<Channel<Signer>, APIError>
         where K::Target: KeysInterface<Signer = Signer>,
               F::Target: FeeEstimator,
         {
@@ -595,6 +595,16 @@ impl<Signer: Sign> Channel<Signer> {
                 let mut secp_ctx = Secp256k1::new();
                 secp_ctx.seeded_randomize(&keys_provider.get_secure_random_bytes());
  
+               let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey {
+                       Some(keys_provider.get_shutdown_scriptpubkey())
+               } else { None };
+
+               if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
+                       if !shutdown_scriptpubkey.is_compatible(&their_features) {
+                               return Err(APIError::APIMisuseError { err: format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex()) });
+                       }
+               }
+
                 Ok(Channel {
                         user_id,
                         config: config.channel_options.clone(),
@@ -607,7 +617,7 @@ impl<Signer: Sign> Channel<Signer> {
                         latest_monitor_update_id: 0,
  
                         holder_signer,
-                       shutdown_pubkey: keys_provider.get_shutdown_pubkey(),
+                       shutdown_scriptpubkey,
                         destination_script: keys_provider.get_destination_script(),
  
                         cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
@@ -632,9 +642,9 @@ impl<Signer: Sign> Channel<Signer> {
                         monitor_pending_failures: Vec::new(),
  
                         #[cfg(debug_assertions)]
-                       holder_max_commitment_tx_output: ::std::sync::Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
+                       holder_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
                         #[cfg(debug_assertions)]
-                       counterparty_max_commitment_tx_output: ::std::sync::Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
+                       counterparty_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
  
                         last_sent_closing_fee: None,
  
@@ -823,11 +833,11 @@ impl<Signer: Sign> Channel<Signer> {
                                         // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
                                         if script.len() == 0 {
                                                 None
-                                       // Peer is signaling upfront_shutdown and has provided a non-accepted scriptpubkey format. Fail the channel
-                                       } else if is_unsupported_shutdown_script(&their_features, script) {
-                                               return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided a non-accepted scriptpubkey format. script: ({})", script.to_bytes().to_hex())));
                                         } else {
-                                               Some(script.clone())
+                                               match ShutdownScript::try_from((script.clone(), &their_features)) {
+                                                       Ok(shutdown_script) => Some(shutdown_script.into_inner()),
+                                                       Err(_) => return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided a non-accepted scriptpubkey format. script: ({})", script.to_bytes().to_hex()))),
+                                               }
                                         }
                                 },
                                 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
@@ -837,6 +847,16 @@ impl<Signer: Sign> Channel<Signer> {
                         }
                 } else { None };
  
+               let shutdown_scriptpubkey = if config.channel_options.commit_upfront_shutdown_pubkey {
+                       Some(keys_provider.get_shutdown_scriptpubkey())
+               } else { None };
+
+               if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
+                       if !shutdown_scriptpubkey.is_compatible(&their_features) {
+                               return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex())));
+                       }
+               }
+
                 let mut secp_ctx = Secp256k1::new();
                 secp_ctx.seeded_randomize(&keys_provider.get_secure_random_bytes());
  
@@ -851,7 +871,7 @@ impl<Signer: Sign> Channel<Signer> {
                         latest_monitor_update_id: 0,
  
                         holder_signer,
-                       shutdown_pubkey: keys_provider.get_shutdown_pubkey(),
+                       shutdown_scriptpubkey,
                         destination_script: keys_provider.get_destination_script(),
  
                         cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
@@ -876,9 +896,9 @@ impl<Signer: Sign> Channel<Signer> {
                         monitor_pending_failures: Vec::new(),
  
                         #[cfg(debug_assertions)]
-                       holder_max_commitment_tx_output: ::std::sync::Mutex::new((msg.push_msat, msg.funding_satoshis * 1000 - msg.push_msat)),
+                       holder_max_commitment_tx_output: Mutex::new((msg.push_msat, msg.funding_satoshis * 1000 - msg.push_msat)),
                         #[cfg(debug_assertions)]
-                       counterparty_max_commitment_tx_output: ::std::sync::Mutex::new((msg.push_msat, msg.funding_satoshis * 1000 - msg.push_msat)),
+                       counterparty_max_commitment_tx_output: Mutex::new((msg.push_msat, msg.funding_satoshis * 1000 - msg.push_msat)),
  
                         last_sent_closing_fee: None,
  
@@ -1130,8 +1150,7 @@ impl<Signer: Sign> Channel<Signer> {
  
         #[inline]
         fn get_closing_scriptpubkey(&self) -> Script {
-               let channel_close_key_hash = WPubkeyHash::hash(&self.shutdown_pubkey.serialize());
-               Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0).push_slice(&channel_close_key_hash[..]).into_script()
+               self.shutdown_scriptpubkey.clone().unwrap().into_inner()
         }
  
         #[inline]
@@ -1197,6 +1216,7 @@ impl<Signer: Sign> Channel<Signer> {
                         }, ()));
                 }
  
+               assert!(self.shutdown_scriptpubkey.is_some());
                 if value_to_self as u64 > self.holder_dust_limit_satoshis {
                         txouts.push((TxOut {
                                 script_pubkey: self.get_closing_scriptpubkey(),
@@ -1550,11 +1570,11 @@ impl<Signer: Sign> Channel<Signer> {
                                         // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
                                         if script.len() == 0 {
                                                 None
-                                       // Peer is signaling upfront_shutdown and has provided a non-accepted scriptpubkey format. Fail the channel
-                                       } else if is_unsupported_shutdown_script(&their_features, script) {
-                                               return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided a non-accepted scriptpubkey format. script: ({})", script.to_bytes().to_hex())));
                                         } else {
-                                               Some(script.clone())
+                                               match ShutdownScript::try_from((script.clone(), &their_features)) {
+                                                       Ok(shutdown_script) => Some(shutdown_script.into_inner()),
+                                                       Err(_) => return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided a non-accepted scriptpubkey format. script: ({})", script.to_bytes().to_hex()))),
+                                               }
                                         }
                                 },
                                 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
@@ -1676,8 +1696,9 @@ impl<Signer: Sign> Channel<Signer> {
                 let funding_redeemscript = self.get_funding_redeemscript();
                 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
                 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound());
+               let shutdown_script = self.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
                 let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), self.holder_signer.clone(),
-                                                         &self.shutdown_pubkey, self.get_holder_selected_contest_delay(),
+                                                         shutdown_script, self.get_holder_selected_contest_delay(),
                                                           &self.destination_script, (funding_txo, funding_txo_script.clone()),
                                                           &self.channel_transaction_parameters,
                                                           funding_redeemscript.clone(), self.channel_value_satoshis,
@@ -1749,8 +1770,9 @@ impl<Signer: Sign> Channel<Signer> {
                 let funding_txo = self.get_funding_txo().unwrap();
                 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
                 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound());
+               let shutdown_script = self.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
                 let channel_monitor = ChannelMonitor::new(self.secp_ctx.clone(), self.holder_signer.clone(),
-                                                         &self.shutdown_pubkey, self.get_holder_selected_contest_delay(),
+                                                         shutdown_script, self.get_holder_selected_contest_delay(),
                                                           &self.destination_script, (funding_txo, funding_txo_script),
                                                           &self.channel_transaction_parameters,
                                                           funding_redeemscript.clone(), self.channel_value_satoshis,
@@ -3081,6 +3103,7 @@ impl<Signer: Sign> Channel<Signer> {
                 self.channel_state &= !(ChannelState::PeerDisconnected as u32);
  
                 let shutdown_msg = if self.channel_state & (ChannelState::LocalShutdownSent as u32) != 0 {
+                       assert!(self.shutdown_scriptpubkey.is_some());
                         Some(msgs::Shutdown {
                                 channel_id: self.channel_id,
                                 scriptpubkey: self.get_closing_scriptpubkey(),
@@ -3192,6 +3215,7 @@ impl<Signer: Sign> Channel<Signer> {
                 if self.feerate_per_kw > proposed_feerate {
                         proposed_feerate = self.feerate_per_kw;
                 }
+               assert!(self.shutdown_scriptpubkey.is_some());
                 let tx_weight = self.get_closing_transaction_weight(Some(&self.get_closing_scriptpubkey()), Some(self.counterparty_shutdown_scriptpubkey.as_ref().unwrap()));
                 let proposed_total_fee_satoshis = proposed_feerate as u64 * tx_weight / 1000;
  
@@ -3210,8 +3234,12 @@ impl<Signer: Sign> Channel<Signer> {
                 })
         }
  
-       pub fn shutdown<F: Deref>(&mut self, fee_estimator: &F, their_features: &InitFeatures, msg: &msgs::Shutdown) -> Result<(Option<msgs::Shutdown>, Option<msgs::ClosingSigned>, Vec<(HTLCSource, PaymentHash)>), ChannelError>
-               where F::Target: FeeEstimator
+       pub fn shutdown<F: Deref, K: Deref>(
+               &mut self, fee_estimator: &F, keys_provider: &K, their_features: &InitFeatures, msg: &msgs::Shutdown
+       ) -> Result<(Option<msgs::Shutdown>, Option<msgs::ClosingSigned>, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), ChannelError>
+       where
+               F::Target: FeeEstimator,
+               K::Target: KeysInterface<Signer = Signer>
         {
                 if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 {
                         return Err(ChannelError::Close("Peer sent shutdown when we needed a channel_reestablish".to_owned()));
@@ -3229,18 +3257,36 @@ impl<Signer: Sign> Channel<Signer> {
                 }
                 assert_eq!(self.channel_state & ChannelState::ShutdownComplete as u32, 0);
  
-               if is_unsupported_shutdown_script(&their_features, &msg.scriptpubkey) {
-                       return Err(ChannelError::Close(format!("Got a nonstandard scriptpubkey ({}) from remote peer", msg.scriptpubkey.to_bytes().to_hex())));
-               }
+               let shutdown_scriptpubkey = match ShutdownScript::try_from((msg.scriptpubkey.clone(), their_features)) {
+                       Ok(script) => script.into_inner(),
+                       Err(_) => return Err(ChannelError::Close(format!("Got a nonstandard scriptpubkey ({}) from remote peer", msg.scriptpubkey.to_bytes().to_hex()))),
+               };
  
                 if self.counterparty_shutdown_scriptpubkey.is_some() {
-                       if Some(&msg.scriptpubkey) != self.counterparty_shutdown_scriptpubkey.as_ref() {
-                               return Err(ChannelError::Close(format!("Got shutdown request with a scriptpubkey ({}) which did not match their previous scriptpubkey.", msg.scriptpubkey.to_bytes().to_hex())));
+                       if Some(&shutdown_scriptpubkey) != self.counterparty_shutdown_scriptpubkey.as_ref() {
+                               return Err(ChannelError::Close(format!("Got shutdown request with a scriptpubkey ({}) which did not match their previous scriptpubkey.", shutdown_scriptpubkey.to_bytes().to_hex())));
                         }
                 } else {
-                       self.counterparty_shutdown_scriptpubkey = Some(msg.scriptpubkey.clone());
+                       self.counterparty_shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
                 }
  
+               // If we have any LocalAnnounced updates we'll probably just get back a update_fail_htlc
+               // immediately after the commitment dance, but we can send a Shutdown cause we won't send
+               // any further commitment updates after we set LocalShutdownSent.
+               let send_shutdown = (self.channel_state & ChannelState::LocalShutdownSent as u32) != ChannelState::LocalShutdownSent as u32;
+
+               let shutdown_scriptpubkey = match self.shutdown_scriptpubkey {
+                       Some(_) => None,
+                       None => {
+                               assert!(send_shutdown);
+                               let shutdown_scriptpubkey = keys_provider.get_shutdown_scriptpubkey();
+                               if !shutdown_scriptpubkey.is_compatible(their_features) {
+                                       return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex())));
+                               }
+                               Some(shutdown_scriptpubkey)
+                       },
+               };
+
                 // From here on out, we may not fail!
  
                 self.channel_state |= ChannelState::RemoteShutdownSent as u32;
@@ -3260,23 +3306,31 @@ impl<Signer: Sign> Channel<Signer> {
                                 _ => true
                         }
                 });
-               // If we have any LocalAnnounced updates we'll probably just get back a update_fail_htlc
-               // immediately after the commitment dance, but we can send a Shutdown cause we won't send
-               // any further commitment updates after we set LocalShutdownSent.
  
-               let shutdown = if (self.channel_state & ChannelState::LocalShutdownSent as u32) == ChannelState::LocalShutdownSent as u32 {
-                       None
-               } else {
+               let monitor_update = match shutdown_scriptpubkey {
+                       Some(shutdown_scriptpubkey) => {
+                               self.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
+                               self.latest_monitor_update_id += 1;
+                               Some(ChannelMonitorUpdate {
+                                       update_id: self.latest_monitor_update_id,
+                                       updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
+                                               scriptpubkey: self.get_closing_scriptpubkey(),
+                                       }],
+                               })
+                       },
+                       None => None,
+               };
+               let shutdown = if send_shutdown {
                         Some(msgs::Shutdown {
                                 channel_id: self.channel_id,
                                 scriptpubkey: self.get_closing_scriptpubkey(),
                         })
-               };
+               } else { None };
  
                 self.channel_state |= ChannelState::LocalShutdownSent as u32;
                 self.update_time_counter += 1;
  
-               Ok((shutdown, self.maybe_propose_first_closing_signed(fee_estimator), dropped_outbound_htlcs))
+               Ok((shutdown, self.maybe_propose_first_closing_signed(fee_estimator), monitor_update, dropped_outbound_htlcs))
         }
  
         fn build_signed_closing_transaction(&self, tx: &mut Transaction, counterparty_sig: &Signature, sig: &Signature) {
@@ -3351,6 +3405,7 @@ impl<Signer: Sign> Channel<Signer> {
  
                 macro_rules! propose_new_feerate {
                         ($new_feerate: expr) => {
+                               assert!(self.shutdown_scriptpubkey.is_some());
                                 let tx_weight = self.get_closing_transaction_weight(Some(&self.get_closing_scriptpubkey()), Some(self.counterparty_shutdown_scriptpubkey.as_ref().unwrap()));
                                 let (closing_tx, used_total_fee) = self.build_closing_transaction($new_feerate as u64 * tx_weight / 1000, false);
                                 let sig = self.holder_signer
@@ -3485,7 +3540,7 @@ impl<Signer: Sign> Channel<Signer> {
         }
  
         pub fn get_fee_proportional_millionths(&self) -> u32 {
-               self.config.fee_proportional_millionths
+               self.config.forwarding_fee_proportional_millionths
         }
  
         pub fn get_cltv_expiry_delta(&self) -> u16 {
@@ -3558,24 +3613,8 @@ impl<Signer: Sign> Channel<Signer> {
  
         /// Gets the fee we'd want to charge for adding an HTLC output to this Channel
         /// Allowed in any state (including after shutdown)
-       pub fn get_holder_fee_base_msat<F: Deref>(&self, fee_estimator: &F) -> u32
-               where F::Target: FeeEstimator
-       {
-               // For lack of a better metric, we calculate what it would cost to consolidate the new HTLC
-               // output value back into a transaction with the regular channel output:
-
-               // the fee cost of the HTLC-Success/HTLC-Timeout transaction:
-               let mut res = self.feerate_per_kw as u64 * cmp::max(HTLC_TIMEOUT_TX_WEIGHT, HTLC_SUCCESS_TX_WEIGHT) / 1000;
-
-               if self.is_outbound() {
-                       // + the marginal fee increase cost to us in the commitment transaction:
-                       res += self.feerate_per_kw as u64 * COMMITMENT_TX_WEIGHT_PER_HTLC / 1000;
-               }
-
-               // + the marginal cost of an input which spends the HTLC-Success/HTLC-Timeout output:
-               res += fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Normal) as u64 * SPENDING_INPUT_FOR_A_OUTPUT_WEIGHT / 1000;
-
-               res as u32
+       pub fn get_outbound_forwarding_fee_base_msat(&self) -> u32 {
+               self.config.forwarding_fee_base_msat
         }
  
         /// Returns true if we've ever received a message from the remote end for this Channel
@@ -3865,7 +3904,10 @@ impl<Signer: Sign> Channel<Signer> {
                         htlc_basepoint: keys.htlc_basepoint,
                         first_per_commitment_point,
                         channel_flags: if self.config.announced_channel {1} else {0},
-                       shutdown_scriptpubkey: OptionalField::Present(if self.config.commit_upfront_shutdown_pubkey { self.get_closing_scriptpubkey() } else { Builder::new().into_script() })
+                       shutdown_scriptpubkey: OptionalField::Present(match &self.shutdown_scriptpubkey {
+                               Some(script) => script.clone().into_inner(),
+                               None => Builder::new().into_script(),
+                       }),
                 }
         }
  
@@ -3898,7 +3940,10 @@ impl<Signer: Sign> Channel<Signer> {
                         delayed_payment_basepoint: keys.delayed_payment_basepoint,
                         htlc_basepoint: keys.htlc_basepoint,
                         first_per_commitment_point,
-                       shutdown_scriptpubkey: OptionalField::Present(if self.config.commit_upfront_shutdown_pubkey { self.get_closing_scriptpubkey() } else { Builder::new().into_script() })
+                       shutdown_scriptpubkey: OptionalField::Present(match &self.shutdown_scriptpubkey {
+                               Some(script) => script.clone().into_inner(),
+                               None => Builder::new().into_script(),
+                       }),
                 }
         }
  
@@ -4163,7 +4208,7 @@ impl<Signer: Sign> Channel<Signer> {
                 if !self.is_outbound() {
                         // Check that we won't violate the remote channel reserve by adding this HTLC.
                         let counterparty_balance_msat = self.channel_value_satoshis * 1000 - self.value_to_self_msat;
-                       let holder_selected_chan_reserve_msat = Channel::<Signer>::get_holder_selected_channel_reserve_satoshis(self.channel_value_satoshis);
+                       let holder_selected_chan_reserve_msat = Channel::<Signer>::get_holder_selected_channel_reserve_satoshis(self.channel_value_satoshis) * 1000;
                         let htlc_candidate = HTLCCandidate::new(amount_msat, HTLCInitiator::LocalOffered);
                         let counterparty_commit_tx_fee_msat = self.next_remote_commit_tx_fee_msat(htlc_candidate, None);
                         if counterparty_balance_msat < holder_selected_chan_reserve_msat + counterparty_commit_tx_fee_msat {
@@ -4406,7 +4451,8 @@ impl<Signer: Sign> Channel<Signer> {
  
         /// Begins the shutdown process, getting a message for the remote peer and returning all
         /// holding cell HTLCs for payment failure.
-       pub fn get_shutdown(&mut self) -> Result<(msgs::Shutdown, Vec<(HTLCSource, PaymentHash)>), APIError> {
+       pub fn get_shutdown<K: Deref>(&mut self, keys_provider: &K, their_features: &InitFeatures) -> Result<(msgs::Shutdown, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), APIError>
+       where K::Target: KeysInterface<Signer = Signer> {
                 for htlc in self.pending_outbound_htlcs.iter() {
                         if let OutboundHTLCState::LocalAnnounced(_) = htlc.state {
                                 return Err(APIError::APIMisuseError{err: "Cannot begin shutdown with pending HTLCs. Process pending events first".to_owned()});
@@ -4425,7 +4471,30 @@ impl<Signer: Sign> Channel<Signer> {
                         return Err(APIError::ChannelUnavailable{err: "Cannot begin shutdown while peer is disconnected or we're waiting on a monitor update, maybe force-close instead?".to_owned()});
                 }
  
-               let closing_script = self.get_closing_scriptpubkey();
+               let shutdown_scriptpubkey = match self.shutdown_scriptpubkey {
+                       Some(_) => None,
+                       None => {
+                               let shutdown_scriptpubkey = keys_provider.get_shutdown_scriptpubkey();
+                               if !shutdown_scriptpubkey.is_compatible(their_features) {
+                                       return Err(APIError::APIMisuseError { err: format!("Provided a scriptpubkey format not accepted by peer. script: ({})", shutdown_scriptpubkey.clone().into_inner().to_bytes().to_hex()) });
+                               }
+                               Some(shutdown_scriptpubkey)
+                       },
+               };
+
+               let monitor_update = match shutdown_scriptpubkey {
+                       Some(shutdown_scriptpubkey) => {
+                               self.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
+                               self.latest_monitor_update_id += 1;
+                               Some(ChannelMonitorUpdate {
+                                       update_id: self.latest_monitor_update_id,
+                                       updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
+                                               scriptpubkey: self.get_closing_scriptpubkey(),
+                                       }],
+                               })
+                       },
+                       None => None,
+               };
  
                 // From here on out, we may not fail!
                 if self.channel_state < ChannelState::FundingSent as u32 {
@@ -4451,8 +4520,8 @@ impl<Signer: Sign> Channel<Signer> {
  
                 Ok((msgs::Shutdown {
                         channel_id: self.channel_id,
-                       scriptpubkey: closing_script,
-               }, dropped_outbound_htlcs))
+                       scriptpubkey: self.get_closing_scriptpubkey(),
+               }, monitor_update, dropped_outbound_htlcs))
         }
  
         /// Gets the latest commitment transaction and any dependent transactions for relay (forcing
@@ -4501,25 +4570,7 @@ impl<Signer: Sign> Channel<Signer> {
         }
  }
  
-fn is_unsupported_shutdown_script(their_features: &InitFeatures, script: &Script) -> bool {
-       // We restrain shutdown scripts to standards forms to avoid transactions not propagating on the p2p tx-relay network
-
-       // BOLT 2 says we must only send a scriptpubkey of certain standard forms,
-       // which for a a BIP-141-compliant witness program is at max 42 bytes in length.
-       // So don't let the remote peer feed us some super fee-heavy script.
-       let is_script_too_long = script.len() > 42;
-       if is_script_too_long {
-               return true;
-       }
-
-       if their_features.supports_shutdown_anysegwit() && script.is_witness_program() && script.as_bytes()[0] != OP_PUSHBYTES_0.into_u8() {
-               return false;
-       }
-
-       return !script.is_p2pkh() && !script.is_p2sh() && !script.is_v0_p2wpkh() && !script.is_v0_p2wsh()
-}
-
-const SERIALIZATION_VERSION: u8 = 1;
+const SERIALIZATION_VERSION: u8 = 2;
  const MIN_SERIALIZATION_VERSION: u8 = 1;
  
  impl_writeable_tlv_based_enum!(InboundHTLCRemovalReason,;
@@ -4561,7 +4612,13 @@ impl<Signer: Sign> Writeable for Channel<Signer> {
                 write_ver_prefix!(writer, SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION);
  
                 self.user_id.write(writer)?;
-               self.config.write(writer)?;
+
+               // Write out the old serialization for the config object. This is read by version-1
+               // deserializers, but we will read the version in the TLV at the end instead.
+               self.config.forwarding_fee_proportional_millionths.write(writer)?;
+               self.config.cltv_expiry_delta.write(writer)?;
+               self.config.announced_channel.write(writer)?;
+               self.config.commit_upfront_shutdown_pubkey.write(writer)?;
  
                 self.channel_id.write(writer)?;
                 (self.channel_state | ChannelState::PeerDisconnected as u32).write(writer)?;
@@ -4576,7 +4633,12 @@ impl<Signer: Sign> Writeable for Channel<Signer> {
                 (key_data.0.len() as u32).write(writer)?;
                 writer.write_all(&key_data.0[..])?;
  
-               self.shutdown_pubkey.write(writer)?;
+               // Write out the old serialization for shutdown_pubkey for backwards compatibility, if
+               // deserialized from that format.
+               match self.shutdown_scriptpubkey.as_ref().and_then(|script| script.as_legacy_pubkey()) {
+                       Some(shutdown_pubkey) => shutdown_pubkey.write(writer)?,
+                       None => [0u8; PUBLIC_KEY_SIZE].write(writer)?,
+               }
                 self.destination_script.write(writer)?;
  
                 self.cur_holder_commitment_transaction_number.write(writer)?;
@@ -4720,10 +4782,15 @@ impl<Signer: Sign> Writeable for Channel<Signer> {
                 self.counterparty_dust_limit_satoshis.write(writer)?;
                 self.holder_dust_limit_satoshis.write(writer)?;
                 self.counterparty_max_htlc_value_in_flight_msat.write(writer)?;
+
+               // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
                 self.counterparty_selected_channel_reserve_satoshis.unwrap_or(0).write(writer)?;
+
                 self.counterparty_htlc_minimum_msat.write(writer)?;
                 self.holder_htlc_minimum_msat.write(writer)?;
                 self.counterparty_max_accepted_htlcs.write(writer)?;
+
+               // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
                 self.minimum_depth.unwrap_or(0).write(writer)?;
  
                 match &self.counterparty_forwarding_info {
@@ -4766,6 +4833,8 @@ impl<Signer: Sign> Writeable for Channel<Signer> {
                         // override that.
                         (1, self.minimum_depth, option),
                         (3, self.counterparty_selected_channel_reserve_satoshis, option),
+                       (5, self.config, required),
+                       (7, self.shutdown_scriptpubkey, option),
                 });
  
                 Ok(())
@@ -4776,10 +4845,21 @@ const MAX_ALLOC_SIZE: usize = 64*1024;
  impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                 where K::Target: KeysInterface<Signer = Signer> {
         fn read<R : ::std::io::Read>(reader: &mut R, keys_source: &'a K) -> Result<Self, DecodeError> {
-               let _ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
+               let ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
  
                 let user_id = Readable::read(reader)?;
-               let config: ChannelConfig = Readable::read(reader)?;
+
+               let mut config = Some(ChannelConfig::default());
+               if ver == 1 {
+                       // Read the old serialization of the ChannelConfig from version 0.0.98.
+                       config.as_mut().unwrap().forwarding_fee_proportional_millionths = Readable::read(reader)?;
+                       config.as_mut().unwrap().cltv_expiry_delta = Readable::read(reader)?;
+                       config.as_mut().unwrap().announced_channel = Readable::read(reader)?;
+                       config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?;
+               } else {
+                       // Read the 8 bytes of backwards-compatibility ChannelConfig data.
+                       let mut _val: u64 = Readable::read(reader)?;
+               }
  
                 let channel_id = Readable::read(reader)?;
                 let channel_state = Readable::read(reader)?;
@@ -4798,7 +4878,12 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                 }
                 let holder_signer = keys_source.read_chan_signer(&keys_data)?;
  
-               let shutdown_pubkey = Readable::read(reader)?;
+               // Read the old serialization for shutdown_pubkey, preferring it for shutdown_scriptpubkey
+               // over the TLV if valid.
+               let mut shutdown_scriptpubkey = match <PublicKey as Readable>::read(reader) {
+                       Ok(pubkey) => Some(ShutdownScript::new_p2wpkh_from_pubkey(pubkey)),
+                       Err(_) => None,
+               };
                 let destination_script = Readable::read(reader)?;
  
                 let cur_holder_commitment_transaction_number = Readable::read(reader)?;
@@ -4909,20 +4994,25 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                 let counterparty_dust_limit_satoshis = Readable::read(reader)?;
                 let holder_dust_limit_satoshis = Readable::read(reader)?;
                 let counterparty_max_htlc_value_in_flight_msat = Readable::read(reader)?;
-               let mut counterparty_selected_channel_reserve_satoshis = Some(Readable::read(reader)?);
-               if counterparty_selected_channel_reserve_satoshis == Some(0) {
-                       // Versions up to 0.0.98 had counterparty_selected_channel_reserve_satoshis as a
-                       // non-option, writing 0 for what we now consider None.
-                       counterparty_selected_channel_reserve_satoshis = None;
+               let mut counterparty_selected_channel_reserve_satoshis = None;
+               if ver == 1 {
+                       // Read the old serialization from version 0.0.98.
+                       counterparty_selected_channel_reserve_satoshis = Some(Readable::read(reader)?);
+               } else {
+                       // Read the 8 bytes of backwards-compatibility data.
+                       let _dummy: u64 = Readable::read(reader)?;
                 }
                 let counterparty_htlc_minimum_msat = Readable::read(reader)?;
                 let holder_htlc_minimum_msat = Readable::read(reader)?;
                 let counterparty_max_accepted_htlcs = Readable::read(reader)?;
-               let mut minimum_depth = Some(Readable::read(reader)?);
-               if minimum_depth == Some(0) {
-                       // Versions up to 0.0.98 had minimum_depth as a non-option, writing 0 for what we now
-                       // consider None.
-                       minimum_depth = None;
+
+               let mut minimum_depth = None;
+               if ver == 1 {
+                       // Read the old serialization from version 0.0.98.
+                       minimum_depth = Some(Readable::read(reader)?);
+               } else {
+                       // Read the 4 bytes of backwards-compatibility data.
+                       let _dummy: u32 = Readable::read(reader)?;
                 }
  
                 let counterparty_forwarding_info = match <u8 as Readable>::read(reader)? {
@@ -4963,6 +5053,8 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                         (0, announcement_sigs, option),
                         (1, minimum_depth, option),
                         (3, counterparty_selected_channel_reserve_satoshis, option),
+                       (5, config, option), // Note that if none is provided we will *not* overwrite the existing one.
+                       (7, shutdown_scriptpubkey, option),
                 });
  
                 let mut secp_ctx = Secp256k1::new();
@@ -4971,7 +5063,7 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                 Ok(Channel {
                         user_id,
  
-                       config,
+                       config: config.unwrap(),
                         channel_id,
                         channel_state,
                         secp_ctx,
@@ -4980,7 +5072,7 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                         latest_monitor_update_id,
  
                         holder_signer,
-                       shutdown_pubkey,
+                       shutdown_scriptpubkey,
                         destination_script,
  
                         cur_holder_commitment_transaction_number,
@@ -5007,9 +5099,9 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<&'a K> for Channel<Signer>
                         feerate_per_kw,
  
                         #[cfg(debug_assertions)]
-                       holder_max_commitment_tx_output: ::std::sync::Mutex::new((0, 0)),
+                       holder_max_commitment_tx_output: Mutex::new((0, 0)),
                         #[cfg(debug_assertions)]
-                       counterparty_max_commitment_tx_output: ::std::sync::Mutex::new((0, 0)),
+                       counterparty_max_commitment_tx_output: Mutex::new((0, 0)),
  
                         last_sent_closing_fee,
  
@@ -5073,6 +5165,7 @@ mod tests {
         use ln::channel::MAX_FUNDING_SATOSHIS;
         use ln::features::InitFeatures;
         use ln::msgs::{ChannelUpdate, DataLossProtect, DecodeError, OptionalField, UnsignedChannelUpdate};
+       use ln::script::ShutdownScript;
         use ln::chan_utils;
         use ln::chan_utils::{ChannelPublicKeys, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters, HTLC_SUCCESS_TX_WEIGHT, HTLC_TIMEOUT_TX_WEIGHT};
         use chain::BestBlock;
@@ -5090,7 +5183,7 @@ mod tests {
         use bitcoin::hashes::sha256::Hash as Sha256;
         use bitcoin::hashes::Hash;
         use bitcoin::hash_types::{Txid, WPubkeyHash};
-       use std::sync::Arc;
+       use sync::Arc;
         use prelude::*;
  
         struct TestFeeEstimator {
@@ -5122,10 +5215,10 @@ mod tests {
                         Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0).push_slice(&channel_monitor_claim_key_hash[..]).into_script()
                 }
  
-               fn get_shutdown_pubkey(&self) -> PublicKey {
+               fn get_shutdown_scriptpubkey(&self) -> ShutdownScript {
                         let secp_ctx = Secp256k1::signing_only();
                         let channel_close_key = SecretKey::from_slice(&hex::decode("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap();
-                       PublicKey::from_secret_key(&secp_ctx, &channel_close_key)
+                       ShutdownScript::new_p2wpkh_from_pubkey(PublicKey::from_secret_key(&secp_ctx, &channel_close_key))
                 }
  
                 fn get_channel_signer(&self, _inbound: bool, _channel_value_satoshis: u64) -> InMemorySigner {
@@ -5153,7 +5246,7 @@ mod tests {
  
                 let node_a_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let config = UserConfig::default();
-               let node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&fee_est, &&keys_provider, node_a_node_id, 10000000, 100000, 42, &config).unwrap();
+               let node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&fee_est, &&keys_provider, node_a_node_id, InitFeatures::known(), 10000000, 100000, 42, &config).unwrap();
  
                 // Now change the fee so we can check that the fee in the open_channel message is the
                 // same as the old fee.
@@ -5178,7 +5271,7 @@ mod tests {
                 // Create Node A's channel pointing to Node B's pubkey
                 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let config = UserConfig::default();
-               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, 10000000, 100000, 42, &config).unwrap();
+               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, InitFeatures::known(), 10000000, 100000, 42, &config).unwrap();
  
                 // Create Node B's channel by receiving Node A's open_channel message
                 // Make sure A's dust limit is as we expect.
@@ -5245,7 +5338,7 @@ mod tests {
  
                 let node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let config = UserConfig::default();
-               let mut chan = Channel::<EnforcingSigner>::new_outbound(&&fee_est, &&keys_provider, node_id, 10000000, 100000, 42, &config).unwrap();
+               let mut chan = Channel::<EnforcingSigner>::new_outbound(&&fee_est, &&keys_provider, node_id, InitFeatures::known(), 10000000, 100000, 42, &config).unwrap();
  
                 let commitment_tx_fee_0_htlcs = chan.commit_tx_fee_msat(0);
                 let commitment_tx_fee_1_htlc = chan.commit_tx_fee_msat(1);
@@ -5294,7 +5387,7 @@ mod tests {
                 // Create Node A's channel pointing to Node B's pubkey
                 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let config = UserConfig::default();
-               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, 10000000, 100000, 42, &config).unwrap();
+               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, InitFeatures::known(), 10000000, 100000, 42, &config).unwrap();
  
                 // Create Node B's channel by receiving Node A's open_channel message
                 let open_channel_msg = node_a_chan.get_open_channel(chain_hash);
@@ -5356,7 +5449,7 @@ mod tests {
                 // Create a channel.
                 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let config = UserConfig::default();
-               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, 10000000, 100000, 42, &config).unwrap();
+               let mut node_a_chan = Channel::<EnforcingSigner>::new_outbound(&&feeest, &&keys_provider, node_b_node_id, InitFeatures::known(), 10000000, 100000, 42, &config).unwrap();
                 assert!(node_a_chan.counterparty_forwarding_info.is_none());
                 assert_eq!(node_a_chan.holder_htlc_minimum_msat, 1); // the default
                 assert!(node_a_chan.counterparty_forwarding_info().is_none());
@@ -5420,7 +5513,7 @@ mod tests {
                 let counterparty_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
                 let mut config = UserConfig::default();
                 config.channel_options.announced_channel = false;
-               let mut chan = Channel::<InMemorySigner>::new_outbound(&&feeest, &&keys_provider, counterparty_node_id, 10_000_000, 100000, 42, &config).unwrap(); // Nothing uses their network key in this test
+               let mut chan = Channel::<InMemorySigner>::new_outbound(&&feeest, &&keys_provider, counterparty_node_id, InitFeatures::known(), 10_000_000, 100000, 42, &config).unwrap(); // Nothing uses their network key in this test
                 chan.holder_dust_limit_satoshis = 546;
                 chan.counterparty_selected_channel_reserve_satoshis = Some(0); // Filled in in accept_channel