TemporaryFailure,
/// Used to indicate no further channel monitor updates will be allowed (eg we've moved on to a
/// different watchtower and cannot update with all watchtowers that were previously informed
- /// of this channel). This will force-close the channel in question.
+ /// of this channel). This will force-close the channel in question (which will generate one
+ /// final ChannelMonitorUpdate which must be delivered to at least one ChannelMonitor copy).
///
- /// Should also be used to indicate a failure to update the local copy of the channel monitor.
+ /// Should also be used to indicate a failure to update the local persisted copy of the channel
+ /// monitor.
PermanentFailure,
}
/// events to it, while also taking any add/update_monitor events and passing them to some remote
/// server(s).
///
+/// In general, you must always have at least one local copy in memory, which must never fail to
+/// update (as it is responsible for broadcasting the latest state in case the channel is closed),
+/// and then persist it to various on-disk locations. If, for some reason, the in-memory copy fails
+/// to update (eg out-of-memory or some other condition), you must immediately shut down without
+/// taking any further action such as writing the current state to disk. This should likely be
+/// accomplished via panic!() or abort().
+///
/// Note that any updates to a channel's monitor *must* be applied to each instance of the
/// channel's monitor everywhere (including remote watchtowers) *before* this function returns. If
/// an update occurs and a remote watchtower is left with old state, it may broadcast transactions
match monitors.get_mut(&key) {
Some(orig_monitor) => {
log_trace!(self, "Updating Channel Monitor for channel {}", log_funding_info!(orig_monitor.key_storage));
- orig_monitor.update_monitor(update)
+ orig_monitor.update_monitor(update, &self.broadcaster)
},
None => Err(MonitorUpdateError("No such monitor registered"))
}
RescueRemoteCommitmentTXInfo {
their_current_per_commitment_point: PublicKey,
},
+ /// Used to indicate that the no future updates will occur, and likely that the latest local
+ /// commitment transaction(s) should be broadcast, as the channel has been force-closed.
+ ChannelForceClosed {
+ /// If set to false, we shouldn't broadcast the latest local commitment transaction as we
+ /// think we've fallen behind!
+ should_broadcast: bool,
+ },
}
impl Writeable for ChannelMonitorUpdateStep {
4u8.write(w)?;
their_current_per_commitment_point.write(w)?;
},
+ &ChannelMonitorUpdateStep::ChannelForceClosed { ref should_broadcast } => {
+ 5u8.write(w)?;
+ should_broadcast.write(w)?;
+ },
}
Ok(())
}
their_current_per_commitment_point: Readable::read(r)?,
})
},
+ 5u8 => {
+ Ok(ChannelMonitorUpdateStep::ChannelForceClosed {
+ should_broadcast: Readable::read(r)?
+ })
+ },
_ => Err(DecodeError::InvalidValue),
}
}
latest_update_id: u64,
commitment_transaction_number_obscure_factor: u64,
+ destination_script: Script,
+ broadcasted_local_revokable_script: Option<(Script, SecretKey, Script)>,
+
key_storage: Storage<ChanSigner>,
their_htlc_base_key: Option<PublicKey>,
their_delayed_payment_base_key: Option<PublicKey>,
fn eq(&self, other: &Self) -> bool {
if self.latest_update_id != other.latest_update_id ||
self.commitment_transaction_number_obscure_factor != other.commitment_transaction_number_obscure_factor ||
+ self.destination_script != other.destination_script ||
+ self.broadcasted_local_revokable_script != other.broadcasted_local_revokable_script ||
self.key_storage != other.key_storage ||
self.their_htlc_base_key != other.their_htlc_base_key ||
self.their_delayed_payment_base_key != other.their_delayed_payment_base_key ||
// Set in initial Channel-object creation, so should always be set by now:
U48(self.commitment_transaction_number_obscure_factor).write(writer)?;
+ self.destination_script.write(writer)?;
+ if let Some(ref broadcasted_local_revokable_script) = self.broadcasted_local_revokable_script {
+ writer.write_all(&[0; 1])?;
+ broadcasted_local_revokable_script.0.write(writer)?;
+ broadcasted_local_revokable_script.1.write(writer)?;
+ broadcasted_local_revokable_script.2.write(writer)?;
+ } else {
+ writer.write_all(&[1; 1])?;
+ }
+
match self.key_storage {
Storage::Local { ref keys, ref funding_key, ref revocation_base_key, ref htlc_base_key, ref delayed_payment_base_key, ref payment_base_key, ref shutdown_pubkey, ref funding_info, ref current_remote_commitment_txid, ref prev_remote_commitment_txid } => {
writer.write_all(&[0; 1])?;
latest_update_id: 0,
commitment_transaction_number_obscure_factor,
+ destination_script: destination_script.clone(),
+ broadcasted_local_revokable_script: None,
+
key_storage: Storage::Local {
keys,
funding_key,
self.payment_preimages.insert(payment_hash.clone(), payment_preimage.clone());
}
+ pub(super) fn broadcast_latest_local_commitment_txn<B: Deref>(&mut self, broadcaster: &B)
+ where B::Target: BroadcasterInterface,
+ {
+ for tx in self.get_latest_local_commitment_txn().iter() {
+ broadcaster.broadcast_transaction(tx);
+ }
+ }
+
/// Used in Channel to cheat wrt the update_ids since it plays games, will be removed soon!
pub(super) fn update_monitor_ooo(&mut self, mut updates: ChannelMonitorUpdate) -> Result<(), MonitorUpdateError> {
for update in updates.updates.drain(..) {
self.provide_secret(idx, secret)?,
ChannelMonitorUpdateStep::RescueRemoteCommitmentTXInfo { their_current_per_commitment_point } =>
self.provide_rescue_remote_commitment_tx_info(their_current_per_commitment_point),
+ ChannelMonitorUpdateStep::ChannelForceClosed { .. } => {},
}
}
self.latest_update_id = updates.update_id;
/// itself.
///
/// panics if the given update is not the next update by update_id.
- pub fn update_monitor(&mut self, mut updates: ChannelMonitorUpdate) -> Result<(), MonitorUpdateError> {
+ pub fn update_monitor<B: Deref>(&mut self, mut updates: ChannelMonitorUpdate, broadcaster: &B) -> Result<(), MonitorUpdateError>
+ where B::Target: BroadcasterInterface,
+ {
if self.latest_update_id + 1 != updates.update_id {
panic!("Attempted to apply ChannelMonitorUpdates out of order, check the update_id before passing an update to update_monitor!");
}
self.provide_secret(idx, secret)?,
ChannelMonitorUpdateStep::RescueRemoteCommitmentTXInfo { their_current_per_commitment_point } =>
self.provide_rescue_remote_commitment_tx_info(their_current_per_commitment_point),
+ ChannelMonitorUpdateStep::ChannelForceClosed { should_broadcast } => {
+ if should_broadcast {
+ self.broadcast_latest_local_commitment_txn(broadcaster);
+ } else {
+ log_error!(self, "You have a toxic local commitment transaction avaible in channel monitor, read comment in ChannelMonitor::get_latest_local_commitment_txn to be informed of manual action to take");
+ }
+ }
}
}
self.latest_update_id = updates.update_id;
(claimable_outpoints, Some((htlc_txid, tx.output.clone())))
}
- fn broadcast_by_local_state(&self, local_tx: &LocalSignedTx, delayed_payment_base_key: &SecretKey) -> (Vec<Transaction>, Vec<SpendableOutputDescriptor>, Vec<TxOut>) {
+ fn broadcast_by_local_state(&self, local_tx: &LocalSignedTx, delayed_payment_base_key: &SecretKey) -> (Vec<Transaction>, Vec<TxOut>, Option<(Script, SecretKey, Script)>) {
let mut res = Vec::with_capacity(local_tx.htlc_outputs.len());
- let mut spendable_outputs = Vec::with_capacity(local_tx.htlc_outputs.len());
let mut watch_outputs = Vec::with_capacity(local_tx.htlc_outputs.len());
- macro_rules! add_dynamic_output {
- ($father_tx: expr, $vout: expr) => {
- if let Ok(local_delayedkey) = chan_utils::derive_private_key(&self.secp_ctx, &local_tx.per_commitment_point, delayed_payment_base_key) {
- spendable_outputs.push(SpendableOutputDescriptor::DynamicOutputP2WSH {
- outpoint: BitcoinOutPoint { txid: $father_tx.txid(), vout: $vout },
- key: local_delayedkey,
- witness_script: chan_utils::get_revokeable_redeemscript(&local_tx.revocation_key, self.our_to_self_delay, &local_tx.delayed_payment_key),
- to_self_delay: self.our_to_self_delay,
- output: $father_tx.output[$vout as usize].clone(),
- });
- }
- }
- }
-
let redeemscript = chan_utils::get_revokeable_redeemscript(&local_tx.revocation_key, self.their_to_self_delay.unwrap(), &local_tx.delayed_payment_key);
- let revokeable_p2wsh = redeemscript.to_v0_p2wsh();
- for (idx, output) in local_tx.tx.without_valid_witness().output.iter().enumerate() {
- if output.script_pubkey == revokeable_p2wsh {
- add_dynamic_output!(local_tx.tx.without_valid_witness(), idx as u32);
- break;
- }
- }
+ let broadcasted_local_revokable_script = if let Ok(local_delayedkey) = chan_utils::derive_private_key(&self.secp_ctx, &local_tx.per_commitment_point, delayed_payment_base_key) {
+ Some((redeemscript.to_v0_p2wsh(), local_delayedkey, redeemscript))
+ } else { None };
if let &Storage::Local { ref htlc_base_key, .. } = &self.key_storage {
for &(ref htlc, ref sigs, _) in local_tx.htlc_outputs.iter() {
Err(_) => continue,
};
- add_dynamic_output!(htlc_timeout_tx, 0);
let mut per_input_material = HashMap::with_capacity(1);
per_input_material.insert(htlc_timeout_tx.input[0].previous_output, InputMaterial::LocalHTLC { witness_script: htlc_script, sigs: (*their_sig, our_sig), preimage: None, amount: htlc.amount_msat / 1000});
//TODO: with option_simplified_commitment track outpoint too
Err(_) => continue,
};
- add_dynamic_output!(htlc_success_tx, 0);
let mut per_input_material = HashMap::with_capacity(1);
per_input_material.insert(htlc_success_tx.input[0].previous_output, InputMaterial::LocalHTLC { witness_script: htlc_script, sigs: (*their_sig, our_sig), preimage: Some(*payment_preimage), amount: htlc.amount_msat / 1000});
//TODO: with option_simplified_commitment track outpoint too
}
}
- (res, spendable_outputs, watch_outputs)
+ (res, watch_outputs, broadcasted_local_revokable_script)
}
/// Attempts to claim any claimable HTLCs in a commitment transaction which was not (yet)
/// revoked using data in local_claimable_outpoints.
/// Should not be used if check_spend_revoked_transaction succeeds.
- fn check_spend_local_transaction(&mut self, tx: &Transaction, height: u32) -> (Vec<Transaction>, Vec<SpendableOutputDescriptor>, (Sha256dHash, Vec<TxOut>)) {
+ fn check_spend_local_transaction(&mut self, tx: &Transaction, height: u32) -> (Vec<Transaction>, (Sha256dHash, Vec<TxOut>)) {
let commitment_txid = tx.txid();
let mut local_txn = Vec::new();
- let mut spendable_outputs = Vec::new();
let mut watch_outputs = Vec::new();
macro_rules! wait_threshold_conf {
macro_rules! append_onchain_update {
($updates: expr) => {
local_txn.append(&mut $updates.0);
- spendable_outputs.append(&mut $updates.1);
- watch_outputs.append(&mut $updates.2);
+ watch_outputs.append(&mut $updates.1);
+ self.broadcasted_local_revokable_script = $updates.2;
}
}
}
}
- (local_txn, spendable_outputs, (commitment_txid, watch_outputs))
+ (local_txn, (commitment_txid, watch_outputs))
}
/// Generate a spendable output event when closing_transaction get registered onchain.
/// out-of-band the other node operator to coordinate with him if option is available to you.
/// In any-case, choice is up to the user.
pub fn get_latest_local_commitment_txn(&mut self) -> Vec<Transaction> {
+ // TODO: We should likely move all of the logic in here into OnChainTxHandler and unify it
+ // to ensure add_local_sig is only ever called once no matter what. This likely includes
+ // tracking state and panic!()ing if we get an update after force-closure/local-tx signing.
log_trace!(self, "Getting signed latest local commitment transaction!");
if let &mut Some(ref mut local_tx) = &mut self.current_local_signed_commitment_tx {
match self.key_storage {
watch_outputs.push(new_outputs);
}
if new_outpoints.is_empty() {
- let (local_txn, mut spendable_output, new_outputs) = self.check_spend_local_transaction(&tx, height);
- spendable_outputs.append(&mut spendable_output);
+ let (local_txn, new_outputs) = self.check_spend_local_transaction(&tx, height);
for tx in local_txn.iter() {
log_trace!(self, "Broadcast onchain {}", log_tx!(tx));
broadcaster.broadcast_transaction(tx);
// can also be resolved in a few other ways which can have more than one output. Thus,
// we call is_resolving_htlc_output here outside of the tx.input.len() == 1 check.
self.is_resolving_htlc_output(&tx, height);
+
+ if let Some(spendable_output) = self.is_paying_spendable_output(&tx) {
+ spendable_outputs.push(spendable_output);
+ }
}
let should_broadcast = if let Some(_) = self.current_local_signed_commitment_tx {
self.would_broadcast_at_height(height)
broadcaster.broadcast_transaction(&cur_local_tx.tx.with_valid_witness());
match self.key_storage {
Storage::Local { ref delayed_payment_base_key, .. } => {
- let (txs, mut spendable_output, new_outputs) = self.broadcast_by_local_state(&cur_local_tx, delayed_payment_base_key);
- spendable_outputs.append(&mut spendable_output);
+ let (txs, new_outputs, _) = self.broadcast_by_local_state(&cur_local_tx, delayed_payment_base_key);
if !new_outputs.is_empty() {
watch_outputs.push((cur_local_tx.txid.clone(), new_outputs));
}
}
}
}
- let mut spendable_output = self.onchain_tx_handler.block_connected(txn_matched, claimable_outpoints, height, &*broadcaster, &*fee_estimator);
- spendable_outputs.append(&mut spendable_output);
+ self.onchain_tx_handler.block_connected(txn_matched, claimable_outpoints, height, &*broadcaster, &*fee_estimator);
self.last_block_hash = block_hash.clone();
for &(ref txid, ref output_scripts) in watch_outputs.iter() {
self.outputs_to_watch.insert(txid.clone(), output_scripts.iter().map(|o| o.script_pubkey.clone()).collect());
}
+ for spend in spendable_outputs.iter() {
+ log_trace!(self, "Announcing spendable output to user: {}", log_spendable!(spend));
+ }
+
if spendable_outputs.len() > 0 {
self.pending_events.push(events::Event::SpendableOutputs {
outputs: spendable_outputs,
}
}
}
+
+ /// Check if any transaction broadcasted is paying fund back to some address we can assume to own
+ fn is_paying_spendable_output(&self, tx: &Transaction) -> Option<SpendableOutputDescriptor> {
+ for (i, outp) in tx.output.iter().enumerate() { // There is max one spendable output for any channel tx, including ones generated by us
+ if outp.script_pubkey == self.destination_script {
+ return Some(SpendableOutputDescriptor::StaticOutput {
+ outpoint: BitcoinOutPoint { txid: tx.txid(), vout: i as u32 },
+ output: outp.clone(),
+ });
+ } else if let Some(ref broadcasted_local_revokable_script) = self.broadcasted_local_revokable_script {
+ if broadcasted_local_revokable_script.0 == outp.script_pubkey {
+ return Some(SpendableOutputDescriptor::DynamicOutputP2WSH {
+ outpoint: BitcoinOutPoint { txid: tx.txid(), vout: i as u32 },
+ key: broadcasted_local_revokable_script.1,
+ witness_script: broadcasted_local_revokable_script.2.clone(),
+ to_self_delay: self.their_to_self_delay.unwrap(),
+ output: outp.clone(),
+ });
+ }
+ }
+ }
+ None
+ }
}
const MAX_ALLOC_SIZE: usize = 64*1024;
let latest_update_id: u64 = Readable::read(reader)?;
let commitment_transaction_number_obscure_factor = <U48 as Readable>::read(reader)?.0;
+ let destination_script = Readable::read(reader)?;
+ let broadcasted_local_revokable_script = match <u8 as Readable>::read(reader)? {
+ 0 => {
+ let revokable_address = Readable::read(reader)?;
+ let local_delayedkey = Readable::read(reader)?;
+ let revokable_script = Readable::read(reader)?;
+ Some((revokable_address, local_delayedkey, revokable_script))
+ },
+ 1 => { None },
+ _ => return Err(DecodeError::InvalidValue),
+ };
+
let key_storage = match <u8 as Readable>::read(reader)? {
0 => {
let keys = Readable::read(reader)?;
latest_update_id,
commitment_transaction_number_obscure_factor,
+ destination_script,
+ broadcasted_local_revokable_script,
+
key_storage,
their_htlc_base_key,
their_delayed_payment_base_key,