// In case of reorg we may have htlc outputs solved in a different way so
// we prefer to keep claims but don't store duplicate updates for a given
// (payment_hash, HTLCSource) pair.
- // TODO: Note that we currently don't really use this as ChannelManager
- // will fail/claim backwards after the first block. We really should delay
- // a few blocks before failing backwards (but can claim backwards
- // immediately) as long as we have a few blocks of headroom.
let mut existing_claim = false;
e.get_mut().retain(|htlc_data| {
if htlc.0 == htlc_data.0 {
pending_events.append(&mut new_events);
}
- fn block_disconnected(&self, _: &BlockHeader) { }
+ fn block_disconnected(&self, header: &BlockHeader, disconnected_height: u32) {
+ let block_hash = header.bitcoin_hash();
+ let mut monitors = self.monitors.lock().unwrap();
+ for monitor in monitors.values_mut() {
+ monitor.block_disconnected(disconnected_height, &block_hash);
+ }
+ }
}
impl<Key : Send + cmp::Eq + hash::Hash + 'static> SimpleManyChannelMonitor<Key> {
pub(crate) const CLTV_CLAIM_BUFFER: u32 = 6;
/// Number of blocks by which point we expect our counterparty to have seen new blocks on the
/// network and done a full update_fail_htlc/commitment_signed dance (+ we've updated all our
-/// copies of ChannelMonitors, including watchtowers).
-pub(crate) const HTLC_FAIL_TIMEOUT_BLOCKS: u32 = 3;
-/// Number of blocks we wait on seeing a confirmed HTLC-Timeout or previous revoked commitment
-/// transaction before we fail corresponding inbound HTLCs. This prevents us from failing backwards
-/// and then getting a reorg resulting in us losing money.
-//TODO: We currently don't actually use this...we should
-pub(crate) const HTLC_FAIL_ANTI_REORG_DELAY: u32 = 6;
+/// copies of ChannelMonitors, including watchtowers). We could enforce the contract by failing
+/// at CLTV expiration height but giving a grace period to our peer may be profitable for us if he
+/// can provide an over-late preimage. Nevertheless, grace period has to be accounted in our
+/// CLTV_EXPIRY_DELTA to be secure. Following this policy we may decrease the rate of channel failures
+/// due to expiration but increase the cost of funds being locked longuer in case of failure.
+/// This delay also cover a low-power peer being slow to process blocks and so being behind us on
+/// accurate block height.
+/// In case of onchain failure to be pass backward we may see the last block of ANTI_REORG_DELAY
+/// with at worst this delay, so we are not only using this value as a mercy for them but also
+/// us as a safeguard to delay with enough time.
+pub(crate) const LATENCY_GRACE_PERIOD_BLOCKS: u32 = 3;
+/// Number of blocks we wait on seeing a HTLC output being solved before we fail corresponding inbound
+/// HTLCs. This prevents us from failing backwards and then getting a reorg resulting in us losing money.
+/// We use also this delay to be sure we can remove our in-flight claim txn from bump candidates buffer.
+/// It may cause spurrious generation of bumped claim txn but that's allright given the outpoint is already
+/// solved by a previous claim tx. What we want to avoid is reorg evicting our claim tx and us not
+/// keeping bumping another claim tx to solve the outpoint.
+pub(crate) const ANTI_REORG_DELAY: u32 = 6;
#[derive(Clone, PartialEq)]
enum Storage {
RevokedOutput, // either a revoked to_local output on commitment tx, a revoked HTLC-Timeout output or a revoked HTLC-Success output
}
+/// Upon discovering of some classes of onchain tx by ChannelMonitor, we may have to take actions on it
+/// once they mature to enough confirmations (ANTI_REORG_DELAY)
+#[derive(Clone, PartialEq)]
+enum OnchainEvent {
+ /// Outpoint under claim process by our own tx, once this one get enough confirmations, we remove it from
+ /// bump-txn candidate buffer.
+ Claim {
+ outpoint: BitcoinOutPoint,
+ },
+ /// HTLC output getting solved by a timeout, at maturation we pass upstream payment source information to solve
+ /// inbound HTLC in backward channel. Note, in case of preimage, we pass info to upstream without delay as we can
+ /// only win from it, so it's never an OnchainEvent
+ HTLCUpdate {
+ htlc_update: (HTLCSource, PaymentHash),
+ },
+}
+
const SERIALIZATION_VERSION: u8 = 1;
const MIN_SERIALIZATION_VERSION: u8 = 1;
destination_script: Script,
+ // Used to track onchain events, i.e transactions parts of channels confirmed on chain, on which
+ // we have to take actions once they reach enough confs. Key is a block height timer, i.e we enforce
+ // actions when we receive a block with given height. Actions depend on OnchainEvent type.
+ onchain_events_waiting_threshold_conf: HashMap<u32, Vec<OnchainEvent>>,
+
// We simply modify last_block_hash in Channel's block_connected so that serialization is
// consistent but hopefully the users' copy handles block_connected in a consistent way.
// (we do *not*, however, update them in insert_combine to ensure any local user copies keep
self.current_remote_commitment_number != other.current_remote_commitment_number ||
self.current_local_signed_commitment_tx != other.current_local_signed_commitment_tx ||
self.payment_preimages != other.payment_preimages ||
- self.destination_script != other.destination_script
+ self.destination_script != other.destination_script ||
+ self.onchain_events_waiting_threshold_conf != other.onchain_events_waiting_threshold_conf
{
false
} else {
payment_preimages: HashMap::new(),
destination_script: destination_script,
+ onchain_events_waiting_threshold_conf: HashMap::new(),
+
last_block_hash: Default::default(),
secp_ctx: Secp256k1::new(),
logger,
self.last_block_hash.write(writer)?;
self.destination_script.write(writer)?;
+ writer.write_all(&byte_utils::be64_to_array(self.onchain_events_waiting_threshold_conf.len() as u64))?;
+ for (ref target, ref events) in self.onchain_events_waiting_threshold_conf.iter() {
+ writer.write_all(&byte_utils::be32_to_array(**target))?;
+ writer.write_all(&byte_utils::be64_to_array(events.len() as u64))?;
+ for ev in events.iter() {
+ match *ev {
+ OnchainEvent::Claim { ref outpoint } => {
+ writer.write_all(&[0; 1])?;
+ outpoint.write(writer)?;
+ },
+ OnchainEvent::HTLCUpdate { ref htlc_update } => {
+ writer.write_all(&[1; 1])?;
+ htlc_update.0.write(writer)?;
+ htlc_update.1.write(writer)?;
+ }
+ }
+ }
+ }
+
Ok(())
}
/// HTLC-Success/HTLC-Timeout transactions.
/// Return updates for HTLC pending in the channel and failed automatically by the broadcast of
/// revoked remote commitment tx
- fn check_spend_remote_transaction(&mut self, tx: &Transaction, height: u32, fee_estimator: &FeeEstimator) -> (Vec<Transaction>, (Sha256dHash, Vec<TxOut>), Vec<SpendableOutputDescriptor>, Vec<(HTLCSource, Option<PaymentPreimage>, PaymentHash)>) {
+ fn check_spend_remote_transaction(&mut self, tx: &Transaction, height: u32, fee_estimator: &FeeEstimator) -> (Vec<Transaction>, (Sha256dHash, Vec<TxOut>), Vec<SpendableOutputDescriptor>) {
// Most secp and related errors trying to create keys means we have no hope of constructing
// a spend transaction...so we return no transactions to broadcast
let mut txn_to_broadcast = Vec::new();
let mut watch_outputs = Vec::new();
let mut spendable_outputs = Vec::new();
- let mut htlc_updated = Vec::new();
let commitment_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers!
let per_commitment_option = self.remote_claimable_outpoints.get(&commitment_txid);
( $thing : expr ) => {
match $thing {
Ok(a) => a,
- Err(_) => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated)
+ Err(_) => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs)
}
};
}
};
let delayed_key = ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, &PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key), &self.their_delayed_payment_base_key.unwrap()));
let a_htlc_key = match self.their_htlc_base_key {
- None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated),
+ None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs),
Some(their_htlc_base_key) => ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, &PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key), &their_htlc_base_key)),
};
if transaction_output_index as usize >= tx.output.len() ||
tx.output[transaction_output_index as usize].value != htlc.amount_msat / 1000 ||
tx.output[transaction_output_index as usize].script_pubkey != expected_script.to_v0_p2wsh() {
- return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); // Corrupted per_commitment_data, fuck this user
+ return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); // Corrupted per_commitment_data, fuck this user
}
let input = TxIn {
previous_output: BitcoinOutPoint {
watch_outputs.append(&mut tx.output.clone());
self.remote_commitment_txn_on_chain.insert(commitment_txid, (commitment_number, tx.output.iter().map(|output| { output.script_pubkey.clone() }).collect()));
- // TODO: We really should only fail backwards after our revocation claims have been
- // confirmed, but we also need to do more other tracking of in-flight pre-confirm
- // on-chain claims, so we can do that at the same time.
macro_rules! check_htlc_fails {
($txid: expr, $commitment_tx: expr) => {
if let Some(ref outpoints) = self.remote_claimable_outpoints.get($txid) {
for &(ref htlc, ref source_option) in outpoints.iter() {
if let &Some(ref source) = source_option {
- log_trace!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of revoked remote commitment transaction", log_bytes!(htlc.payment_hash.0), $commitment_tx);
- htlc_updated.push(((**source).clone(), None, htlc.payment_hash.clone()));
+ log_info!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of revoked remote commitment transaction, waiting for confirmation (at height {})", log_bytes!(htlc.payment_hash.0), $commitment_tx, height + ANTI_REORG_DELAY - 1);
+ match self.onchain_events_waiting_threshold_conf.entry(height + ANTI_REORG_DELAY - 1) {
+ hash_map::Entry::Occupied(mut entry) => {
+ let e = entry.get_mut();
+ e.retain(|ref event| {
+ match **event {
+ OnchainEvent::HTLCUpdate { ref htlc_update } => {
+ return htlc_update.0 != **source
+ },
+ _ => return true
+ }
+ });
+ e.push(OnchainEvent::HTLCUpdate { htlc_update: ((**source).clone(), htlc.payment_hash.clone())});
+ }
+ hash_map::Entry::Vacant(entry) => {
+ entry.insert(vec![OnchainEvent::HTLCUpdate { htlc_update: ((**source).clone(), htlc.payment_hash.clone())}]);
+ }
+ }
}
}
}
}
// No need to check local commitment txn, symmetric HTLCSource must be present as per-htlc data on remote commitment tx
}
- if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); } // Nothing to be done...probably a false positive/local tx
+ if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); } // Nothing to be done...probably a false positive/local tx
let outputs = vec!(TxOut {
script_pubkey: self.destination_script.clone(),
let predicted_weight = spend_tx.get_weight() + Self::get_witnesses_weight(&input_descriptors[..]);
if !subtract_high_prio_fee!(self, fee_estimator, spend_tx.output[0].value, predicted_weight, tx.txid()) {
- return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated);
+ return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs);
}
let mut values_drain = values.drain(..);
log_trace!(self, "Got broadcast of non-revoked remote commitment transaction {}", commitment_txid);
- // TODO: We really should only fail backwards after our revocation claims have been
- // confirmed, but we also need to do more other tracking of in-flight pre-confirm
- // on-chain claims, so we can do that at the same time.
macro_rules! check_htlc_fails {
($txid: expr, $commitment_tx: expr, $id: tt) => {
if let Some(ref latest_outpoints) = self.remote_claimable_outpoints.get($txid) {
}
}
log_trace!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of remote commitment transaction", log_bytes!(htlc.payment_hash.0), $commitment_tx);
- htlc_updated.push(((**source).clone(), None, htlc.payment_hash.clone()));
+ match self.onchain_events_waiting_threshold_conf.entry(height + ANTI_REORG_DELAY - 1) {
+ hash_map::Entry::Occupied(mut entry) => {
+ let e = entry.get_mut();
+ e.retain(|ref event| {
+ match **event {
+ OnchainEvent::HTLCUpdate { ref htlc_update } => {
+ return htlc_update.0 != **source
+ },
+ _ => return true
+ }
+ });
+ e.push(OnchainEvent::HTLCUpdate { htlc_update: ((**source).clone(), htlc.payment_hash.clone())});
+ }
+ hash_map::Entry::Vacant(entry) => {
+ entry.insert(vec![OnchainEvent::HTLCUpdate { htlc_update: ((**source).clone(), htlc.payment_hash.clone())}]);
+ }
+ }
}
}
}
},
};
let a_htlc_key = match self.their_htlc_base_key {
- None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated),
+ None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs),
Some(their_htlc_base_key) => ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, revocation_point, &their_htlc_base_key)),
};
if transaction_output_index as usize >= tx.output.len() ||
tx.output[transaction_output_index as usize].value != htlc.amount_msat / 1000 ||
tx.output[transaction_output_index as usize].script_pubkey != expected_script.to_v0_p2wsh() {
- return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); // Corrupted per_commitment_data, fuck this user
+ return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); // Corrupted per_commitment_data, fuck this user
}
if let Some(payment_preimage) = self.payment_preimages.get(&htlc.payment_hash) {
let input = TxIn {
}
}
- if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); } // Nothing to be done...probably a false positive/local tx
+ if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); } // Nothing to be done...probably a false positive/local tx
let outputs = vec!(TxOut {
script_pubkey: self.destination_script.clone(),
};
let predicted_weight = spend_tx.get_weight() + Self::get_witnesses_weight(&input_descriptors[..]);
if !subtract_high_prio_fee!(self, fee_estimator, spend_tx.output[0].value, predicted_weight, tx.txid()) {
- return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated);
+ return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs);
}
let mut values_drain = values.drain(..);
}
}
- (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated)
+ (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs)
}
/// Attempts to claim a remote HTLC-Success/HTLC-Timeout's outputs using the revocation key
/// Attempts to claim any claimable HTLCs in a commitment transaction which was not (yet)
/// revoked using data in local_claimable_outpoints.
/// Should not be used if check_spend_revoked_transaction succeeds.
- fn check_spend_local_transaction(&self, tx: &Transaction, _height: u32) -> (Vec<Transaction>, Vec<SpendableOutputDescriptor>, (Sha256dHash, Vec<TxOut>)) {
+ fn check_spend_local_transaction(&mut self, tx: &Transaction, height: u32) -> (Vec<Transaction>, Vec<SpendableOutputDescriptor>, (Sha256dHash, Vec<TxOut>)) {
let commitment_txid = tx.txid();
- // TODO: If we find a match here we need to fail back HTLCs that weren't included in the
- // broadcast commitment transaction, either because they didn't meet dust or because they
- // weren't yet included in our commitment transaction(s).
+ let mut local_txn = Vec::new();
+ let mut spendable_outputs = Vec::new();
+ let mut watch_outputs = Vec::new();
+
+ macro_rules! wait_threshold_conf {
+ ($height: expr, $source: expr, $commitment_tx: expr, $payment_hash: expr) => {
+ log_trace!(self, "Failing HTLC with payment_hash {} from {} local commitment tx due to broadcast of transaction, waiting confirmation (at height{})", log_bytes!($payment_hash.0), $commitment_tx, height + ANTI_REORG_DELAY - 1);
+ match self.onchain_events_waiting_threshold_conf.entry($height + ANTI_REORG_DELAY - 1) {
+ hash_map::Entry::Occupied(mut entry) => {
+ let e = entry.get_mut();
+ e.retain(|ref event| {
+ match **event {
+ OnchainEvent::HTLCUpdate { ref htlc_update } => {
+ return htlc_update.0 != $source
+ },
+ _ => return true
+ }
+ });
+ e.push(OnchainEvent::HTLCUpdate { htlc_update: ($source, $payment_hash)});
+ }
+ hash_map::Entry::Vacant(entry) => {
+ entry.insert(vec![OnchainEvent::HTLCUpdate { htlc_update: ($source, $payment_hash)}]);
+ }
+ }
+ }
+ }
+
+ macro_rules! append_onchain_update {
+ ($updates: expr) => {
+ local_txn.append(&mut $updates.0);
+ spendable_outputs.append(&mut $updates.1);
+ watch_outputs.append(&mut $updates.2);
+ }
+ }
+
+ // HTLCs set may differ between last and previous local commitment txn, in case of one them hitting chain, ensure we cancel all HTLCs backward
+ let mut is_local_tx = false;
+
if let &Some(ref local_tx) = &self.current_local_signed_commitment_tx {
if local_tx.txid == commitment_txid {
+ is_local_tx = true;
log_trace!(self, "Got latest local commitment tx broadcast, searching for available HTLCs to claim");
match self.key_storage {
Storage::Local { ref delayed_payment_base_key, ref latest_per_commitment_point, .. } => {
- let (local_txn, spendable_outputs, watch_outputs) = self.broadcast_by_local_state(local_tx, latest_per_commitment_point, &Some(*delayed_payment_base_key));
- return (local_txn, spendable_outputs, (commitment_txid, watch_outputs));
+ append_onchain_update!(self.broadcast_by_local_state(local_tx, latest_per_commitment_point, &Some(*delayed_payment_base_key)));
},
Storage::Watchtower { .. } => {
- let (local_txn, spendable_outputs, watch_outputs) = self.broadcast_by_local_state(local_tx, &None, &None);
- return (local_txn, spendable_outputs, (commitment_txid, watch_outputs));
+ append_onchain_update!(self.broadcast_by_local_state(local_tx, &None, &None));
}
}
}
}
if let &Some(ref local_tx) = &self.prev_local_signed_commitment_tx {
if local_tx.txid == commitment_txid {
+ is_local_tx = true;
log_trace!(self, "Got previous local commitment tx broadcast, searching for available HTLCs to claim");
match self.key_storage {
Storage::Local { ref delayed_payment_base_key, ref prev_latest_per_commitment_point, .. } => {
- let (local_txn, spendable_outputs, watch_outputs) = self.broadcast_by_local_state(local_tx, prev_latest_per_commitment_point, &Some(*delayed_payment_base_key));
- return (local_txn, spendable_outputs, (commitment_txid, watch_outputs));
+ append_onchain_update!(self.broadcast_by_local_state(local_tx, prev_latest_per_commitment_point, &Some(*delayed_payment_base_key)));
},
Storage::Watchtower { .. } => {
- let (local_txn, spendable_outputs, watch_outputs) = self.broadcast_by_local_state(local_tx, &None, &None);
- return (local_txn, spendable_outputs, (commitment_txid, watch_outputs));
+ append_onchain_update!(self.broadcast_by_local_state(local_tx, &None, &None));
}
}
}
}
- (Vec::new(), Vec::new(), (commitment_txid, Vec::new()))
+
+ macro_rules! fail_dust_htlcs_after_threshold_conf {
+ ($local_tx: expr) => {
+ for &(ref htlc, _, ref source) in &$local_tx.htlc_outputs {
+ if htlc.transaction_output_index.is_none() {
+ if let &Some(ref source) = source {
+ wait_threshold_conf!(height, source.clone(), "lastest", htlc.payment_hash.clone());
+ }
+ }
+ }
+ }
+ }
+
+ if is_local_tx {
+ if let &Some(ref local_tx) = &self.current_local_signed_commitment_tx {
+ fail_dust_htlcs_after_threshold_conf!(local_tx);
+ }
+ if let &Some(ref local_tx) = &self.prev_local_signed_commitment_tx {
+ fail_dust_htlcs_after_threshold_conf!(local_tx);
+ }
+ }
+
+ (local_txn, spendable_outputs, (commitment_txid, watch_outputs))
}
/// Generate a spendable output event when closing_transaction get registered onchain.
}
};
if funding_txo.is_none() || (prevout.txid == funding_txo.as_ref().unwrap().0.txid && prevout.vout == funding_txo.as_ref().unwrap().0.index as u32) {
- let (remote_txn, new_outputs, mut spendable_output, mut updated) = self.check_spend_remote_transaction(tx, height, fee_estimator);
+ let (remote_txn, new_outputs, mut spendable_output) = self.check_spend_remote_transaction(tx, height, fee_estimator);
txn = remote_txn;
spendable_outputs.append(&mut spendable_output);
if !new_outputs.1.is_empty() {
spendable_outputs.push(spendable_output);
}
}
- if updated.len() > 0 {
- htlc_updated.append(&mut updated);
- }
} else {
if let Some(&(commitment_number, _)) = self.remote_commitment_txn_on_chain.get(&prevout.txid) {
let (tx, spendable_output) = self.check_spend_remote_htlc(tx, commitment_number, fee_estimator);
// While all commitment/HTLC-Success/HTLC-Timeout transactions have one input, HTLCs
// can also be resolved in a few other ways which can have more than one output. Thus,
// we call is_resolving_htlc_output here outside of the tx.input.len() == 1 check.
- let mut updated = self.is_resolving_htlc_output(tx);
+ let mut updated = self.is_resolving_htlc_output(tx, height);
if updated.len() > 0 {
htlc_updated.append(&mut updated);
}
}
}
}
+ if let Some(events) = self.onchain_events_waiting_threshold_conf.remove(&height) {
+ for ev in events {
+ match ev {
+ OnchainEvent::Claim { outpoint: _ } => {
+ },
+ OnchainEvent::HTLCUpdate { htlc_update } => {
+ log_trace!(self, "HTLC {} failure update has got enough confirmations to be passed upstream", log_bytes!((htlc_update.1).0));
+ htlc_updated.push((htlc_update.0, None, htlc_update.1));
+ },
+ }
+ }
+ }
self.last_block_hash = block_hash.clone();
(watch_outputs, spendable_outputs, htlc_updated)
}
+ fn block_disconnected(&mut self, height: u32, block_hash: &Sha256dHash) {
+ if let Some(_) = self.onchain_events_waiting_threshold_conf.remove(&(height + ANTI_REORG_DELAY - 1)) {
+ //We may discard:
+ //- htlc update there as failure-trigger tx (revoked commitment tx, non-revoked commitment tx, HTLC-timeout tx) has been disconnected
+ //- our claim tx on a commitment tx output
+ }
+ self.last_block_hash = block_hash.clone();
+ }
+
pub(super) fn would_broadcast_at_height(&self, height: u32) -> bool {
// We need to consider all HTLCs which are:
// * in any unrevoked remote commitment transaction, as they could broadcast said
// from us until we've reached the point where we go on-chain with the
// corresponding inbound HTLC, we must ensure that outbound HTLCs go on chain at
// least CLTV_CLAIM_BUFFER blocks prior to the inbound HTLC.
- // aka outbound_cltv + HTLC_FAIL_TIMEOUT_BLOCKS == height - CLTV_CLAIM_BUFFER
+ // aka outbound_cltv + LATENCY_GRACE_PERIOD_BLOCKS == height - CLTV_CLAIM_BUFFER
// inbound_cltv == height + CLTV_CLAIM_BUFFER
- // outbound_cltv + HTLC_FAIL_TIMEOUT_BLOCKS + CLTV_CLAIM_BUFFER <= inbound_cltv - CLTV_CLAIM_BUFFER
- // HTLC_FAIL_TIMEOUT_BLOCKS + 2*CLTV_CLAIM_BUFFER <= inbound_cltv - outbound_cltv
+ // outbound_cltv + LATENCY_GRACE_PERIOD_BLOCKS + CLTV_CLAIM_BUFFER <= inbound_cltv - CLTV_CLAIM_BUFFER
+ // LATENCY_GRACE_PERIOD_BLOCKS + 2*CLTV_CLAIM_BUFFER <= inbound_cltv - outbound_cltv
// CLTV_EXPIRY_DELTA <= inbound_cltv - outbound_cltv (by check in ChannelManager::decode_update_add_htlc_onion)
- // HTLC_FAIL_TIMEOUT_BLOCKS + 2*CLTV_CLAIM_BUFFER <= CLTV_EXPIRY_DELTA
+ // LATENCY_GRACE_PERIOD_BLOCKS + 2*CLTV_CLAIM_BUFFER <= CLTV_EXPIRY_DELTA
// The final, above, condition is checked for statically in channelmanager
// with CHECK_CLTV_EXPIRY_SANITY_2.
let htlc_outbound = $local_tx == htlc.offered;
- if ( htlc_outbound && htlc.cltv_expiry + HTLC_FAIL_TIMEOUT_BLOCKS <= height) ||
+ if ( htlc_outbound && htlc.cltv_expiry + LATENCY_GRACE_PERIOD_BLOCKS <= height) ||
(!htlc_outbound && htlc.cltv_expiry <= height + CLTV_CLAIM_BUFFER && self.payment_preimages.contains_key(&htlc.payment_hash)) {
log_info!(self, "Force-closing channel due to {} HTLC timeout, HTLC expiry is {}", if htlc_outbound { "outbound" } else { "inbound "}, htlc.cltv_expiry);
return true;
/// Check if any transaction broadcasted is resolving HTLC output by a success or timeout on a local
/// or remote commitment tx, if so send back the source, preimage if found and payment_hash of resolved HTLC
- fn is_resolving_htlc_output(&mut self, tx: &Transaction) -> Vec<(HTLCSource, Option<PaymentPreimage>, PaymentHash)> {
+ fn is_resolving_htlc_output(&mut self, tx: &Transaction, height: u32) -> Vec<(HTLCSource, Option<PaymentPreimage>, PaymentHash)> {
let mut htlc_updated = Vec::new();
'outer_loop: for input in &tx.input {
payment_preimage.0.copy_from_slice(&input.witness[1]);
htlc_updated.push((source, Some(payment_preimage), payment_hash));
} else {
- htlc_updated.push((source, None, payment_hash));
+ log_info!(self, "Failing HTLC with payment_hash {} timeout by a spend tx, waiting for confirmation (at height{})", log_bytes!(payment_hash.0), height + ANTI_REORG_DELAY - 1);
+ match self.onchain_events_waiting_threshold_conf.entry(height + ANTI_REORG_DELAY - 1) {
+ hash_map::Entry::Occupied(mut entry) => {
+ let e = entry.get_mut();
+ e.retain(|ref event| {
+ match **event {
+ OnchainEvent::HTLCUpdate { ref htlc_update } => {
+ return htlc_update.0 != source
+ },
+ _ => return true
+ }
+ });
+ e.push(OnchainEvent::HTLCUpdate { htlc_update: (source, payment_hash)});
+ }
+ hash_map::Entry::Vacant(entry) => {
+ entry.insert(vec![OnchainEvent::HTLCUpdate { htlc_update: (source, payment_hash)}]);
+ }
+ }
}
}
}
let last_block_hash: Sha256dHash = Readable::read(reader)?;
let destination_script = Readable::read(reader)?;
+ let waiting_threshold_conf_len: u64 = Readable::read(reader)?;
+ let mut onchain_events_waiting_threshold_conf = HashMap::with_capacity(cmp::min(waiting_threshold_conf_len as usize, MAX_ALLOC_SIZE / 128));
+ for _ in 0..waiting_threshold_conf_len {
+ let height_target = Readable::read(reader)?;
+ let events_len: u64 = Readable::read(reader)?;
+ let mut events = Vec::with_capacity(cmp::min(events_len as usize, MAX_ALLOC_SIZE / 128));
+ for _ in 0..events_len {
+ let ev = match <u8 as Readable<R>>::read(reader)? {
+ 0 => {
+ let outpoint = Readable::read(reader)?;
+ OnchainEvent::Claim {
+ outpoint
+ }
+ },
+ 1 => {
+ let htlc_source = Readable::read(reader)?;
+ let hash = Readable::read(reader)?;
+ OnchainEvent::HTLCUpdate {
+ htlc_update: (htlc_source, hash)
+ }
+ },
+ _ => return Err(DecodeError::InvalidValue),
+ };
+ events.push(ev);
+ }
+ onchain_events_waiting_threshold_conf.insert(height_target, events);
+ }
+
Ok((last_block_hash.clone(), ChannelMonitor {
commitment_transaction_number_obscure_factor,
payment_preimages,
destination_script,
+
+ onchain_events_waiting_threshold_conf,
+
last_block_hash,
secp_ctx,
logger,