//! The logic to build claims and bump in-flight transactions until confirmations.
//!
-//! OnchainTxHandler objetcs are fully-part of ChannelMonitor and encapsulates all
+//! OnchainTxHandler objects are fully-part of ChannelMonitor and encapsulates all
//! building, tracking, bumping and notifications functions.
use bitcoin::blockdata::transaction::{Transaction, TxIn, TxOut, SigHashType};
use ln::msgs::DecodeError;
use ln::channelmanager::PaymentPreimage;
use ln::chan_utils;
-use ln::chan_utils::{TxCreationKeys, HolderCommitmentTransaction};
+use ln::chan_utils::{TxCreationKeys, ChannelTransactionParameters, HolderCommitmentTransaction};
use chain::chaininterface::{FeeEstimator, BroadcasterInterface, ConfirmationTarget, MIN_RELAY_FEE_SAT_PER_1000_WEIGHT};
use chain::channelmonitor::{ANTI_REORG_DELAY, CLTV_SHARED_CLAIM_BUFFER, InputMaterial, ClaimRequest};
-use chain::keysinterface::ChannelKeys;
+use chain::keysinterface::{ChannelKeys, KeysInterface};
use util::logger::Logger;
-use util::ser::{Readable, Writer, Writeable};
+use util::ser::{Readable, ReadableArgs, Writer, Writeable, VecWriter};
use util::byte_utils;
use std::collections::{HashMap, hash_map};
holder_commitment: Option<HolderCommitmentTransaction>,
// holder_htlc_sigs and prev_holder_htlc_sigs are in the order as they appear in the commitment
// transaction outputs (hence the Option<>s inside the Vec). The first usize is the index in
- // the set of HTLCs in the HolderCommitmentTransaction (including those which do not appear in
- // the commitment transaction).
+ // the set of HTLCs in the HolderCommitmentTransaction.
holder_htlc_sigs: Option<Vec<Option<(usize, Signature)>>>,
prev_holder_commitment: Option<HolderCommitmentTransaction>,
prev_holder_htlc_sigs: Option<Vec<Option<(usize, Signature)>>>,
- on_holder_tx_csv: u16,
key_storage: ChanSigner,
+ pub(crate) channel_transaction_parameters: ChannelTransactionParameters,
// Used to track claiming requests. If claim tx doesn't confirm before height timer expiration we need to bump
// it (RBF or CPFP). If an input has been part of an aggregate tx at first claim try, we need to keep it within
onchain_events_waiting_threshold_conf: HashMap<u32, Vec<OnchainEvent>>,
+ latest_height: u32,
+
secp_ctx: Secp256k1<secp256k1::All>,
}
-impl<ChanSigner: ChannelKeys + Writeable> OnchainTxHandler<ChanSigner> {
+impl<ChanSigner: ChannelKeys> OnchainTxHandler<ChanSigner> {
pub(crate) fn write<W: Writer>(&self, writer: &mut W) -> Result<(), ::std::io::Error> {
self.destination_script.write(writer)?;
self.holder_commitment.write(writer)?;
self.prev_holder_commitment.write(writer)?;
self.prev_holder_htlc_sigs.write(writer)?;
- self.on_holder_tx_csv.write(writer)?;
+ self.channel_transaction_parameters.write(writer)?;
- self.key_storage.write(writer)?;
+ let mut key_data = VecWriter(Vec::new());
+ self.key_storage.write(&mut key_data)?;
+ assert!(key_data.0.len() < std::usize::MAX);
+ assert!(key_data.0.len() < std::u32::MAX as usize);
+ (key_data.0.len() as u32).write(writer)?;
+ writer.write_all(&key_data.0[..])?;
writer.write_all(&byte_utils::be64_to_array(self.pending_claim_requests.len() as u64))?;
for (ref ancestor_claim_txid, claim_tx_data) in self.pending_claim_requests.iter() {
}
}
}
+ self.latest_height.write(writer)?;
Ok(())
}
}
-impl<ChanSigner: ChannelKeys + Readable> Readable for OnchainTxHandler<ChanSigner> {
- fn read<R: ::std::io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
+impl<'a, K: KeysInterface> ReadableArgs<&'a K> for OnchainTxHandler<K::ChanKeySigner> {
+ fn read<R: ::std::io::Read>(reader: &mut R, keys_manager: &'a K) -> Result<Self, DecodeError> {
let destination_script = Readable::read(reader)?;
let holder_commitment = Readable::read(reader)?;
let prev_holder_commitment = Readable::read(reader)?;
let prev_holder_htlc_sigs = Readable::read(reader)?;
- let on_holder_tx_csv = Readable::read(reader)?;
+ let channel_parameters = Readable::read(reader)?;
- let key_storage = Readable::read(reader)?;
+ let keys_len: u32 = Readable::read(reader)?;
+ let mut keys_data = Vec::with_capacity(cmp::min(keys_len as usize, MAX_ALLOC_SIZE));
+ while keys_data.len() != keys_len as usize {
+ // Read 1KB at a time to avoid accidentally allocating 4GB on corrupted channel keys
+ let mut data = [0; 1024];
+ let read_slice = &mut data[0..cmp::min(1024, keys_len as usize - keys_data.len())];
+ reader.read_exact(read_slice)?;
+ keys_data.extend_from_slice(read_slice);
+ }
+ let key_storage = keys_manager.read_chan_signer(&keys_data)?;
let pending_claim_requests_len: u64 = Readable::read(reader)?;
let mut pending_claim_requests = HashMap::with_capacity(cmp::min(pending_claim_requests_len as usize, MAX_ALLOC_SIZE / 128));
}
onchain_events_waiting_threshold_conf.insert(height_target, events);
}
+ let latest_height = Readable::read(reader)?;
Ok(OnchainTxHandler {
destination_script,
holder_htlc_sigs,
prev_holder_commitment,
prev_holder_htlc_sigs,
- on_holder_tx_csv,
key_storage,
+ channel_transaction_parameters: channel_parameters,
claimable_outpoints,
pending_claim_requests,
onchain_events_waiting_threshold_conf,
+ latest_height,
secp_ctx: Secp256k1::new(),
})
}
}
impl<ChanSigner: ChannelKeys> OnchainTxHandler<ChanSigner> {
- pub(crate) fn new(destination_script: Script, keys: ChanSigner, on_holder_tx_csv: u16) -> Self {
+ pub(crate) fn new(destination_script: Script, keys: ChanSigner, channel_parameters: ChannelTransactionParameters) -> Self {
let key_storage = keys;
holder_htlc_sigs: None,
prev_holder_commitment: None,
prev_holder_htlc_sigs: None,
- on_holder_tx_csv,
key_storage,
+ channel_transaction_parameters: channel_parameters,
pending_claim_requests: HashMap::new(),
claimable_outpoints: HashMap::new(),
onchain_events_waiting_threshold_conf: HashMap::new(),
+ latest_height: 0,
secp_ctx: Secp256k1::new(),
}
/// Lightning security model (i.e being able to redeem/timeout HTLC or penalize coutnerparty onchain) lays on the assumption of claim transactions getting confirmed before timelock expiration
/// (CSV or CLTV following cases). In case of high-fee spikes, claim tx may stuck in the mempool, so you need to bump its feerate quickly using Replace-By-Fee or Child-Pay-For-Parent.
- fn generate_claim_tx<F: Deref, L: Deref>(&mut self, height: u32, cached_claim_datas: &ClaimTxBumpMaterial, fee_estimator: F, logger: L) -> Option<(Option<u32>, u32, Transaction)>
+ fn generate_claim_tx<F: Deref, L: Deref>(&mut self, height: u32, cached_claim_datas: &ClaimTxBumpMaterial, fee_estimator: &F, logger: &L) -> Option<(Option<u32>, u32, Transaction)>
where F::Target: FeeEstimator,
L::Target: Logger,
{
let signed_tx = self.get_fully_signed_holder_tx(funding_redeemscript).unwrap();
// Timer set to $NEVER given we can't bump tx without anchor outputs
log_trace!(logger, "Going to broadcast Holder Transaction {} claiming funding output {} from {}...", signed_tx.txid(), outp.vout, outp.txid);
- return Some((None, self.holder_commitment.as_ref().unwrap().feerate_per_kw, signed_tx));
+ return Some((None, self.holder_commitment.as_ref().unwrap().feerate_per_kw(), signed_tx));
}
_ => unreachable!()
}
None
}
- pub(crate) fn block_connected<B: Deref, F: Deref, L: Deref>(&mut self, txn_matched: &[&Transaction], claimable_outpoints: Vec<ClaimRequest>, height: u32, broadcaster: B, fee_estimator: F, logger: L)
+ /// Upon channelmonitor.block_connected(..) or upon provision of a preimage on the forward link
+ /// for this channel, provide new relevant on-chain transactions and/or new claim requests.
+ /// Formerly this was named `block_connected`, but it is now also used for claiming an HTLC output
+ /// if we receive a preimage after force-close.
+ pub(crate) fn update_claims_view<B: Deref, F: Deref, L: Deref>(&mut self, txn_matched: &[&Transaction], claimable_outpoints: Vec<ClaimRequest>, latest_height: Option<u32>, broadcaster: &B, fee_estimator: &F, logger: &L)
where B::Target: BroadcasterInterface,
F::Target: FeeEstimator,
L::Target: Logger,
{
- log_trace!(logger, "Block at height {} connected with {} claim requests", height, claimable_outpoints.len());
+ let height = match latest_height {
+ Some(h) => h,
+ None => self.latest_height,
+ };
+ log_trace!(logger, "Updating claims view at height {} with {} matched transactions and {} claim requests", height, txn_matched.len(), claimable_outpoints.len());
let mut new_claims = Vec::new();
let mut aggregated_claim = HashMap::new();
let mut aggregated_soonest = ::std::u32::MAX;
}
}
for (_, claim_material) in bump_candidates.iter_mut() {
- if let Some((new_timer, new_feerate, bump_tx)) = self.generate_claim_tx(height, &claim_material, &*fee_estimator, &*logger) {
+ if let Some((new_timer, new_feerate, bump_tx)) = self.generate_claim_tx(height, &claim_material, &&*fee_estimator, &&*logger) {
claim_material.height_timer = new_timer;
claim_material.feerate_previous = new_feerate;
broadcaster.broadcast_transaction(&bump_tx);
fn sign_latest_holder_htlcs(&mut self) {
if let Some(ref holder_commitment) = self.holder_commitment {
if let Ok(sigs) = self.key_storage.sign_holder_commitment_htlc_transactions(holder_commitment, &self.secp_ctx) {
- self.holder_htlc_sigs = Some(Vec::new());
- let ret = self.holder_htlc_sigs.as_mut().unwrap();
- for (htlc_idx, (holder_sig, &(ref htlc, _))) in sigs.iter().zip(holder_commitment.per_htlc.iter()).enumerate() {
- if let Some(tx_idx) = htlc.transaction_output_index {
- if ret.len() <= tx_idx as usize { ret.resize(tx_idx as usize + 1, None); }
- ret[tx_idx as usize] = Some((htlc_idx, holder_sig.expect("Did not receive a signature for a non-dust HTLC")));
- } else {
- assert!(holder_sig.is_none(), "Received a signature for a dust HTLC");
- }
- }
+ self.holder_htlc_sigs = Some(Self::extract_holder_sigs(holder_commitment, sigs));
}
}
}
+
fn sign_prev_holder_htlcs(&mut self) {
if let Some(ref holder_commitment) = self.prev_holder_commitment {
if let Ok(sigs) = self.key_storage.sign_holder_commitment_htlc_transactions(holder_commitment, &self.secp_ctx) {
- self.prev_holder_htlc_sigs = Some(Vec::new());
- let ret = self.prev_holder_htlc_sigs.as_mut().unwrap();
- for (htlc_idx, (holder_sig, &(ref htlc, _))) in sigs.iter().zip(holder_commitment.per_htlc.iter()).enumerate() {
- if let Some(tx_idx) = htlc.transaction_output_index {
- if ret.len() <= tx_idx as usize { ret.resize(tx_idx as usize + 1, None); }
- ret[tx_idx as usize] = Some((htlc_idx, holder_sig.expect("Did not receive a signature for a non-dust HTLC")));
- } else {
- assert!(holder_sig.is_none(), "Received a signature for a dust HTLC");
- }
- }
+ self.prev_holder_htlc_sigs = Some(Self::extract_holder_sigs(holder_commitment, sigs));
}
}
}
- //TODO: getting lastest holder transactions should be infaillible and result in us "force-closing the channel", but we may
+ fn extract_holder_sigs(holder_commitment: &HolderCommitmentTransaction, sigs: Vec<Signature>) -> Vec<Option<(usize, Signature)>> {
+ let mut ret = Vec::new();
+ for (htlc_idx, (holder_sig, htlc)) in sigs.iter().zip(holder_commitment.htlcs().iter()).enumerate() {
+ let tx_idx = htlc.transaction_output_index.unwrap();
+ if ret.len() <= tx_idx as usize { ret.resize(tx_idx as usize + 1, None); }
+ ret[tx_idx as usize] = Some((htlc_idx, holder_sig.clone()));
+ }
+ ret
+ }
+
+ //TODO: getting lastest holder transactions should be infallible and result in us "force-closing the channel", but we may
// have empty holder commitment transaction if a ChannelMonitor is asked to force-close just after Channel::get_outbound_funding_created,
// before providing a initial commitment transaction. For outbound channel, init ChannelMonitor at Channel::funding_signed, there is nothing
// to monitor before.
pub(crate) fn get_fully_signed_holder_tx(&mut self, funding_redeemscript: &Script) -> Option<Transaction> {
if let Some(ref mut holder_commitment) = self.holder_commitment {
- match self.key_storage.sign_holder_commitment(holder_commitment, &self.secp_ctx) {
- Ok(sig) => Some(holder_commitment.add_holder_sig(funding_redeemscript, sig)),
+ match self.key_storage.sign_holder_commitment(&holder_commitment, &self.secp_ctx) {
+ Ok(sig) => {
+ Some(holder_commitment.add_holder_sig(funding_redeemscript, sig))
+ },
Err(_) => return None,
}
} else {
#[cfg(any(test, feature="unsafe_revoked_tx_signing"))]
pub(crate) fn get_fully_signed_copy_holder_tx(&mut self, funding_redeemscript: &Script) -> Option<Transaction> {
if let Some(ref mut holder_commitment) = self.holder_commitment {
- let holder_commitment = holder_commitment.clone();
- match self.key_storage.sign_holder_commitment(&holder_commitment, &self.secp_ctx) {
- Ok(sig) => Some(holder_commitment.add_holder_sig(funding_redeemscript, sig)),
+ match self.key_storage.sign_holder_commitment(holder_commitment, &self.secp_ctx) {
+ Ok(sig) => {
+ Some(holder_commitment.add_holder_sig(funding_redeemscript, sig))
+ },
Err(_) => return None,
}
} else {
pub(crate) fn get_fully_signed_htlc_tx(&mut self, outp: &::bitcoin::OutPoint, preimage: &Option<PaymentPreimage>) -> Option<Transaction> {
let mut htlc_tx = None;
if self.holder_commitment.is_some() {
- let commitment_txid = self.holder_commitment.as_ref().unwrap().txid();
+ let commitment_txid = self.holder_commitment.as_ref().unwrap().trust().txid();
if commitment_txid == outp.txid {
self.sign_latest_holder_htlcs();
if let &Some(ref htlc_sigs) = &self.holder_htlc_sigs {
let &(ref htlc_idx, ref htlc_sig) = htlc_sigs[outp.vout as usize].as_ref().unwrap();
- htlc_tx = Some(self.holder_commitment.as_ref().unwrap()
- .get_signed_htlc_tx(*htlc_idx, htlc_sig, preimage, self.on_holder_tx_csv));
+ let holder_commitment = self.holder_commitment.as_ref().unwrap();
+ let trusted_tx = holder_commitment.trust();
+ let counterparty_htlc_sig = holder_commitment.counterparty_htlc_sigs[*htlc_idx];
+ htlc_tx = Some(trusted_tx
+ .get_signed_htlc_tx(&self.channel_transaction_parameters.as_holder_broadcastable(), *htlc_idx, &counterparty_htlc_sig, htlc_sig, preimage));
}
}
}
if self.prev_holder_commitment.is_some() {
- let commitment_txid = self.prev_holder_commitment.as_ref().unwrap().txid();
+ let commitment_txid = self.prev_holder_commitment.as_ref().unwrap().trust().txid();
if commitment_txid == outp.txid {
self.sign_prev_holder_htlcs();
if let &Some(ref htlc_sigs) = &self.prev_holder_htlc_sigs {
let &(ref htlc_idx, ref htlc_sig) = htlc_sigs[outp.vout as usize].as_ref().unwrap();
- htlc_tx = Some(self.prev_holder_commitment.as_ref().unwrap()
- .get_signed_htlc_tx(*htlc_idx, htlc_sig, preimage, self.on_holder_tx_csv));
+ let holder_commitment = self.prev_holder_commitment.as_ref().unwrap();
+ let trusted_tx = holder_commitment.trust();
+ let counterparty_htlc_sig = holder_commitment.counterparty_htlc_sigs[*htlc_idx];
+ htlc_tx = Some(trusted_tx
+ .get_signed_htlc_tx(&self.channel_transaction_parameters.as_holder_broadcastable(), *htlc_idx, &counterparty_htlc_sig, htlc_sig, preimage));
}
}
}