X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;ds=sidebyside;f=lightning%2Fsrc%2Fln%2Fasync_signer_tests.rs;h=8e929fe844da41df6d17deabc90079ad3b6a37e8;hb=refs%2Fheads%2Fupstream%2Fmain;hp=613df570d4e3bf40051d25e59a5d6fa45823dbdb;hpb=2c9dbb959d0c16ee97baf70074d0a31a0c0443e8;p=rust-lightning diff --git a/lightning/src/ln/async_signer_tests.rs b/lightning/src/ln/async_signer_tests.rs index 613df570..c90db503 100644 --- a/lightning/src/ln/async_signer_tests.rs +++ b/lightning/src/ln/async_signer_tests.rs @@ -12,13 +12,16 @@ use bitcoin::{Transaction, TxOut, TxIn, Amount}; use bitcoin::blockdata::locktime::absolute::LockTime; +use bitcoin::transaction::Version; use crate::chain::channelmonitor::LATENCY_GRACE_PERIOD_BLOCKS; +use crate::chain::ChannelMonitorUpdateStatus; use crate::events::bump_transaction::WalletSource; -use crate::events::{Event, MessageSendEvent, MessageSendEventsProvider, ClosureReason}; -use crate::ln::functional_test_utils::*; +use crate::events::{ClosureReason, Event, MessageSendEvent, MessageSendEventsProvider, PaymentPurpose}; +use crate::ln::{functional_test_utils::*, msgs}; use crate::ln::msgs::ChannelMessageHandler; -use crate::ln::channelmanager::{PaymentId, RecipientOnionFields}; +use crate::ln::channelmanager::{PaymentId, RAACommitmentOrder, RecipientOnionFields}; +use crate::util::test_channel_signer::SignerOp; #[test] fn test_async_commitment_signature_for_funding_created() { @@ -42,7 +45,7 @@ fn test_async_commitment_signature_for_funding_created() { // But! Let's make node[0]'s signer be unavailable: we should *not* broadcast a funding_created // message... let (temporary_channel_id, tx, _) = create_funding_transaction(&nodes[0], &nodes[1].node.get_our_node_id(), 100000, 42); - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &temporary_channel_id, false); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[0].node.funding_transaction_generated(&temporary_channel_id, &nodes[1].node.get_our_node_id(), tx.clone()).unwrap(); check_added_monitors(&nodes[0], 0); @@ -56,7 +59,7 @@ fn test_async_commitment_signature_for_funding_created() { channels[0].channel_id }; - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[0].node.signer_unblocked(Some((nodes[1].node.get_our_node_id(), chan_id))); let mut funding_created_msg = get_event_msg!(nodes[0], MessageSendEvent::SendFundingCreated, nodes[1].node.get_our_node_id()); @@ -97,7 +100,7 @@ fn test_async_commitment_signature_for_funding_signed() { // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should // *not* broadcast a `funding_signed`... - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].disable_channel_signer_op(&nodes[0].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); check_added_monitors(&nodes[1], 1); @@ -110,7 +113,7 @@ fn test_async_commitment_signature_for_funding_signed() { assert_eq!(channels.len(), 1, "expected one channel, not {}", channels.len()); channels[0].channel_id }; - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].enable_channel_signer_op(&nodes[0].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); expect_channel_pending_event(&nodes[1], &nodes[0].node.get_our_node_id()); @@ -124,6 +127,11 @@ fn test_async_commitment_signature_for_funding_signed() { #[test] fn test_async_commitment_signature_for_commitment_signed() { + do_test_async_commitment_signature_for_commitment_signed_revoke_and_ack(true); + do_test_async_commitment_signature_for_commitment_signed_revoke_and_ack(false); +} + +fn do_test_async_commitment_signature_for_commitment_signed_revoke_and_ack(enable_sign_counterparty_commit_first: bool) { let chanmon_cfgs = create_chanmon_cfgs(2); let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); @@ -151,23 +159,33 @@ fn test_async_commitment_signature_for_commitment_signed() { // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); check_added_monitors(dst, 1); - get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); - - // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); - dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + if enable_sign_counterparty_commit_first { + // Unblock CS -> no messages should be sent, since we must send RAA first. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + let events = dst.node.get_and_clear_pending_msg_events(); + assert!(events.is_empty(), "expected no message, got {}", events.len()); - let events = dst.node.get_and_clear_pending_msg_events(); - assert_eq!(events.len(), 1, "expected one message, got {}", events.len()); - if let MessageSendEvent::UpdateHTLCs { ref node_id, .. } = events[0] { - assert_eq!(node_id, &src.node.get_our_node_id()); + // Unblock revoke_and_ack -> we should send both RAA + CS. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + get_revoke_commit_msgs(&dst, &src.node.get_our_node_id()); } else { - panic!("expected UpdateHTLCs message, not {:?}", events[0]); - }; + // Unblock revoke_and_ack -> we should send just RAA. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); + + // Unblock commitment signed -> we should send CS. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + get_htlc_update_msgs(dst, &src.node.get_our_node_id()); + } } #[test] @@ -214,7 +232,7 @@ fn test_async_commitment_signature_for_funding_signed_0conf() { // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should // *not* broadcast a `funding_signed`... - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].disable_channel_signer_op(&nodes[0].node.get_our_node_id(), &temporary_channel_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); check_added_monitors(&nodes[1], 1); @@ -229,7 +247,7 @@ fn test_async_commitment_signature_for_funding_signed_0conf() { }; // At this point, we basically expect the channel to open like a normal zero-conf channel. - nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].enable_channel_signer_op(&nodes[0].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); let (funding_signed, channel_ready_1) = { @@ -269,8 +287,21 @@ fn test_async_commitment_signature_for_funding_signed_0conf() { assert_eq!(nodes[1].node.list_usable_channels().len(), 1); } +#[derive(PartialEq)] +enum UnblockSignerAcrossDisconnectCase { + AtEnd, + BeforeMonitorRestored, + BeforeReestablish, +} + #[test] -fn test_async_commitment_signature_for_peer_disconnect() { +fn test_async_raa_peer_disconnect() { + do_test_async_raa_peer_disconnect(UnblockSignerAcrossDisconnectCase::AtEnd); + do_test_async_raa_peer_disconnect(UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored); + do_test_async_raa_peer_disconnect(UnblockSignerAcrossDisconnectCase::BeforeReestablish); +} + +fn do_test_async_raa_peer_disconnect(test_case: UnblockSignerAcrossDisconnectCase) { let chanmon_cfgs = create_chanmon_cfgs(2); let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); @@ -296,37 +327,362 @@ fn test_async_commitment_signature_for_peer_disconnect() { dst.node.handle_update_add_htlc(&src.node.get_our_node_id(), &payment_event.msgs[0]); + if test_case == UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored { + // Fail to persist the monitor update when handling the commitment_signed. + chanmon_cfgs[1].persister.set_update_ret(ChannelMonitorUpdateStatus::InProgress); + } + // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); check_added_monitors(dst, 1); - get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); + let events = dst.node.get_and_clear_pending_msg_events(); + assert!(events.is_empty(), "expected no message, got {}", events.len()); // Now disconnect and reconnect the peers. src.node.peer_disconnected(&dst.node.get_our_node_id()); dst.node.peer_disconnected(&src.node.get_our_node_id()); - let mut reconnect_args = ReconnectArgs::new(&nodes[0], &nodes[1]); - reconnect_args.send_channel_ready = (false, false); - reconnect_args.pending_raa = (true, false); - reconnect_nodes(reconnect_args); + + // do reestablish stuff + src.node.peer_connected(&dst.node.get_our_node_id(), &msgs::Init { + features: dst.node.init_features(), networks: None, remote_network_address: None + }, true).unwrap(); + let reestablish_1 = get_chan_reestablish_msgs!(src, dst); + assert_eq!(reestablish_1.len(), 1); + dst.node.peer_connected(&src.node.get_our_node_id(), &msgs::Init { + features: src.node.init_features(), networks: None, remote_network_address: None + }, false).unwrap(); + let reestablish_2 = get_chan_reestablish_msgs!(dst, src); + assert_eq!(reestablish_2.len(), 1); + + if test_case == UnblockSignerAcrossDisconnectCase::BeforeReestablish { + // Reenable the signer before the reestablish. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + } + + dst.node.handle_channel_reestablish(&src.node.get_our_node_id(), &reestablish_1[0]); + + if test_case == UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored { + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + chanmon_cfgs[1].persister.set_update_ret(ChannelMonitorUpdateStatus::Completed); + let (outpoint, latest_update, _) = dst.chain_monitor.latest_monitor_update_id.lock().unwrap().get(&chan_id).unwrap().clone(); + dst.chain_monitor.chain_monitor.force_channel_monitor_updated(outpoint, latest_update); + check_added_monitors!(dst, 0); + } + + // Expect the RAA + let (_, revoke_and_ack, commitment_signed, resend_order) = handle_chan_reestablish_msgs!(dst, src); + if test_case == UnblockSignerAcrossDisconnectCase::AtEnd { + assert!(revoke_and_ack.is_none()); + assert!(commitment_signed.is_none()); + } else { + assert!(revoke_and_ack.is_some()); + assert!(commitment_signed.is_some()); + assert!(resend_order == RAACommitmentOrder::RevokeAndACKFirst); + } + + // Mark dst's signer as available and retry: we now expect to see dst's RAA + CS. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::GetPerCommitmentPoint); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + + if test_case == UnblockSignerAcrossDisconnectCase::AtEnd { + let (_, revoke_and_ack, commitment_signed, resend_order) = handle_chan_reestablish_msgs!(dst, src); + assert!(revoke_and_ack.is_some()); + assert!(commitment_signed.is_some()); + assert!(resend_order == RAACommitmentOrder::RevokeAndACKFirst); + } else { + // Make sure we don't double send the RAA. + let (_, revoke_and_ack, commitment_signed, _) = handle_chan_reestablish_msgs!(dst, src); + assert!(revoke_and_ack.is_none()); + assert!(commitment_signed.is_none()); + } +} + + +#[test] +fn test_async_commitment_signature_peer_disconnect() { + // This tests that if our signer is blocked and gets unblocked + // after a peer disconnect + channel reestablish, we'll send the right messages. + do_test_async_commitment_signature_peer_disconnect(UnblockSignerAcrossDisconnectCase::AtEnd); +} + +#[test] +fn test_async_commitment_signature_peer_disconnect_signer_restored_before_monitor_completion() { + // This tests that if we were pending a monitor update completion across a disconnect, + // and needed to send a CS, that if our signer becomes available before the monitor + // update completes, then we don't send duplicate messages upon calling `signer_unblocked` + // after the monitor update completes. + do_test_async_commitment_signature_peer_disconnect(UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored); +} + +#[test] +fn test_async_commitment_signature_peer_disconnect_signer_restored_before_reestablish() { + // This tests that if we tried to send a commitment_signed, but our signer was blocked, + // if we disconnect, reconnect, the signer becomes available, then handle channel_reestablish, + // that we don't send duplicate messages upon calling `signer_unblocked`. + do_test_async_commitment_signature_peer_disconnect(UnblockSignerAcrossDisconnectCase::BeforeReestablish); +} + +fn do_test_async_commitment_signature_peer_disconnect(test_case: UnblockSignerAcrossDisconnectCase) { + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + let (_, _, chan_id, _) = create_announced_chan_between_nodes(&nodes, 0, 1); + + // Send a payment. + let src = &nodes[0]; + let dst = &nodes[1]; + let (route, our_payment_hash, _our_payment_preimage, our_payment_secret) = get_route_and_payment_hash!(src, dst, 8000000); + src.node.send_payment_with_route(&route, our_payment_hash, + RecipientOnionFields::secret_only(our_payment_secret), PaymentId(our_payment_hash.0)).unwrap(); + check_added_monitors!(src, 1); + + // Pass the payment along the route. + let payment_event = { + let mut events = src.node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + SendEvent::from_event(events.remove(0)) + }; + assert_eq!(payment_event.node_id, dst.node.get_our_node_id()); + assert_eq!(payment_event.msgs.len(), 1); + + dst.node.handle_update_add_htlc(&src.node.get_our_node_id(), &payment_event.msgs[0]); + + if test_case == UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored { + // Fail to persist the monitor update when handling the commitment_signed. + chanmon_cfgs[1].persister.set_update_ret(ChannelMonitorUpdateStatus::InProgress); + } + + // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a + // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. + dst.disable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); + check_added_monitors(dst, 1); + + if test_case != UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored { + get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); + } + + // Now disconnect and reconnect the peers. + src.node.peer_disconnected(&dst.node.get_our_node_id()); + dst.node.peer_disconnected(&src.node.get_our_node_id()); + + // do reestablish stuff + src.node.peer_connected(&dst.node.get_our_node_id(), &msgs::Init { + features: dst.node.init_features(), networks: None, remote_network_address: None + }, true).unwrap(); + let reestablish_1 = get_chan_reestablish_msgs!(src, dst); + assert_eq!(reestablish_1.len(), 1); + dst.node.peer_connected(&src.node.get_our_node_id(), &msgs::Init { + features: src.node.init_features(), networks: None, remote_network_address: None + }, false).unwrap(); + let reestablish_2 = get_chan_reestablish_msgs!(dst, src); + assert_eq!(reestablish_2.len(), 1); + + if test_case == UnblockSignerAcrossDisconnectCase::BeforeReestablish { + // Reenable the signer before the reestablish. + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + } + + dst.node.handle_channel_reestablish(&src.node.get_our_node_id(), &reestablish_1[0]); + + if test_case == UnblockSignerAcrossDisconnectCase::BeforeMonitorRestored { + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + chanmon_cfgs[1].persister.set_update_ret(ChannelMonitorUpdateStatus::Completed); + let (outpoint, latest_update, _) = dst.chain_monitor.latest_monitor_update_id.lock().unwrap().get(&chan_id).unwrap().clone(); + dst.chain_monitor.chain_monitor.force_channel_monitor_updated(outpoint, latest_update); + check_added_monitors!(dst, 0); + } + + // Expect the RAA + let (_, revoke_and_ack, commitment_signed, _) = handle_chan_reestablish_msgs!(dst, src); + assert!(revoke_and_ack.is_some()); + if test_case == UnblockSignerAcrossDisconnectCase::AtEnd { + assert!(commitment_signed.is_none()); + } else { + assert!(commitment_signed.is_some()); + } // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. - dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); + dst.enable_channel_signer_op(&src.node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); - { - let events = dst.node.get_and_clear_pending_msg_events(); - assert_eq!(events.len(), 1, "expected one message, got {}", events.len()); - if let MessageSendEvent::UpdateHTLCs { ref node_id, .. } = events[0] { - assert_eq!(node_id, &src.node.get_our_node_id()); - } else { - panic!("expected UpdateHTLCs message, not {:?}", events[0]); - }; + if test_case == UnblockSignerAcrossDisconnectCase::AtEnd { + let (_, _, commitment_signed, _) = handle_chan_reestablish_msgs!(dst, src); + assert!(commitment_signed.is_some()); + } else { + // Make sure we don't double send the CS. + let (_, _, commitment_signed, _) = handle_chan_reestablish_msgs!(dst, src); + assert!(commitment_signed.is_none()); } } +#[test] +fn test_async_commitment_signature_ordering_reestablish() { + do_test_async_commitment_signature_ordering(false); +} + +#[test] +fn test_async_commitment_signature_ordering_monitor_restored() { + do_test_async_commitment_signature_ordering(true); +} + +fn do_test_async_commitment_signature_ordering(monitor_update_failure: bool) { + // Across disconnects we may end up in a situation where we need to send a + // commitment_signed and then revoke_and_ack. We need to make sure that if + // the signer is pending for commitment_signed but not revoke_and_ack, we don't + // screw up the order by sending the revoke_and_ack first. + // + // We test this for both the case where we send messages after a channel + // reestablish, as well as restoring a channel after persisting + // a monitor update. + // + // The set up for this test is based on + // `test_drop_messages_peer_disconnect_dual_htlc`. + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let mut nodes = create_network(2, &node_cfgs, &node_chanmgrs); + let (_, _, chan_id, _) = create_announced_chan_between_nodes(&nodes, 0, 1); + + let (payment_preimage_1, payment_hash_1, ..) = route_payment(&nodes[0], &[&nodes[1]], 1_000_000); + + // Start to send the second update_add_htlc + commitment_signed, but don't actually make it + // to the peer. + let (route, payment_hash_2, payment_preimage_2, payment_secret_2) = get_route_and_payment_hash!(nodes[0], nodes[1], 1000000); + nodes[0].node.send_payment_with_route(&route, payment_hash_2, + RecipientOnionFields::secret_only(payment_secret_2), PaymentId(payment_hash_2.0)).unwrap(); + check_added_monitors!(nodes[0], 1); + + get_htlc_update_msgs(&nodes[0], &nodes[1].node.get_our_node_id()); + + // Send back update_fulfill_htlc + commitment_signed for the first payment. + nodes[1].node.claim_funds(payment_preimage_1); + expect_payment_claimed!(nodes[1], payment_hash_1, 1_000_000); + check_added_monitors!(nodes[1], 1); + + // Handle the update_fulfill_htlc, but fail to persist the monitor update when handling the + // commitment_signed. + let events_2 = nodes[1].node.get_and_clear_pending_msg_events(); + assert_eq!(events_2.len(), 1); + match events_2[0] { + MessageSendEvent::UpdateHTLCs { node_id: _, updates: msgs::CommitmentUpdate { ref update_fulfill_htlcs, ref commitment_signed, .. } } => { + nodes[0].node.handle_update_fulfill_htlc(&nodes[1].node.get_our_node_id(), &update_fulfill_htlcs[0]); + expect_payment_sent(&nodes[0], payment_preimage_1, None, false, false); + if monitor_update_failure { + chanmon_cfgs[0].persister.set_update_ret(ChannelMonitorUpdateStatus::InProgress); + } + nodes[0].node.handle_commitment_signed(&nodes[1].node.get_our_node_id(), commitment_signed); + if monitor_update_failure { + assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); + } else { + let _ = get_event_msg!(nodes[0], MessageSendEvent::SendRevokeAndACK, nodes[1].node.get_our_node_id()); + } + // No commitment_signed so get_event_msg's assert(len == 1) passes + check_added_monitors!(nodes[0], 1); + }, + _ => panic!("Unexpected event"), + } + + // Disconnect and reconnect the peers so that nodes[0] will + // need to re-send the commitment update *and then* revoke_and_ack. + nodes[0].node.peer_disconnected(&nodes[1].node.get_our_node_id()); + nodes[1].node.peer_disconnected(&nodes[0].node.get_our_node_id()); + + nodes[0].node.peer_connected(&nodes[1].node.get_our_node_id(), &msgs::Init { + features: nodes[1].node.init_features(), networks: None, remote_network_address: None + }, true).unwrap(); + let reestablish_1 = get_chan_reestablish_msgs!(nodes[0], nodes[1]); + assert_eq!(reestablish_1.len(), 1); + nodes[1].node.peer_connected(&nodes[0].node.get_our_node_id(), &msgs::Init { + features: nodes[0].node.init_features(), networks: None, remote_network_address: None + }, false).unwrap(); + let reestablish_2 = get_chan_reestablish_msgs!(nodes[1], nodes[0]); + assert_eq!(reestablish_2.len(), 1); + + // With a fully working signer, here we would send a commitment_signed, + // and then revoke_and_ack. With commitment_signed disabled, since + // our ordering is CS then RAA, we should make sure we don't send the RAA. + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + nodes[0].node.handle_channel_reestablish(&nodes[1].node.get_our_node_id(), &reestablish_2[0]); + let as_resp = handle_chan_reestablish_msgs!(nodes[0], nodes[1]); + assert!(as_resp.0.is_none()); + assert!(as_resp.1.is_none()); + assert!(as_resp.2.is_none()); + + if monitor_update_failure { + chanmon_cfgs[0].persister.set_update_ret(ChannelMonitorUpdateStatus::Completed); + let (outpoint, latest_update, _) = nodes[0].chain_monitor.latest_monitor_update_id.lock().unwrap().get(&chan_id).unwrap().clone(); + nodes[0].chain_monitor.chain_monitor.force_channel_monitor_updated(outpoint, latest_update); + check_added_monitors!(nodes[0], 0); + } + + // Make sure that on signer_unblocked we have the same behavior (even though RAA is ready, + // we don't send CS yet). + nodes[0].node.signer_unblocked(Some((nodes[1].node.get_our_node_id(), chan_id))); + let as_resp = handle_chan_reestablish_msgs!(nodes[0], nodes[1]); + assert!(as_resp.0.is_none()); + assert!(as_resp.1.is_none()); + assert!(as_resp.2.is_none()); + + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignCounterpartyCommitment); + nodes[0].node.signer_unblocked(Some((nodes[1].node.get_our_node_id(), chan_id))); + + let as_resp = handle_chan_reestablish_msgs!(nodes[0], nodes[1]); + nodes[1].node.handle_channel_reestablish(&nodes[0].node.get_our_node_id(), &reestablish_1[0]); + let bs_resp = handle_chan_reestablish_msgs!(nodes[1], nodes[0]); + + assert!(as_resp.0.is_none()); + assert!(bs_resp.0.is_none()); + + assert!(bs_resp.1.is_none()); + assert!(bs_resp.2.is_none()); + + assert!(as_resp.3 == RAACommitmentOrder::CommitmentFirst); + + // Now that everything is restored, get the CS + RAA and handle them. + nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &as_resp.2.as_ref().unwrap().update_add_htlcs[0]); + nodes[1].node.handle_commitment_signed(&nodes[0].node.get_our_node_id(), &as_resp.2.as_ref().unwrap().commitment_signed); + nodes[1].node.handle_revoke_and_ack(&nodes[0].node.get_our_node_id(), as_resp.1.as_ref().unwrap()); + let (bs_revoke_and_ack, bs_second_commitment_signed) = get_revoke_commit_msgs(&nodes[1], &nodes[0].node.get_our_node_id()); + check_added_monitors!(nodes[1], 2); + + // The rest of this is boilerplate for resolving the previous state. + + nodes[0].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &bs_revoke_and_ack); + let as_commitment_signed = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); + check_added_monitors!(nodes[0], 1); + + nodes[0].node.handle_commitment_signed(&nodes[1].node.get_our_node_id(), &bs_second_commitment_signed); + let as_revoke_and_ack = get_event_msg!(nodes[0], MessageSendEvent::SendRevokeAndACK, nodes[1].node.get_our_node_id()); + // No commitment_signed so get_event_msg's assert(len == 1) passes + check_added_monitors!(nodes[0], 1); + + nodes[1].node.handle_commitment_signed(&nodes[0].node.get_our_node_id(), &as_commitment_signed.commitment_signed); + let bs_second_revoke_and_ack = get_event_msg!(nodes[1], MessageSendEvent::SendRevokeAndACK, nodes[0].node.get_our_node_id()); + // No commitment_signed so get_event_msg's assert(len == 1) passes + check_added_monitors!(nodes[1], 1); + + nodes[1].node.handle_revoke_and_ack(&nodes[0].node.get_our_node_id(), &as_revoke_and_ack); + assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); + check_added_monitors!(nodes[1], 1); + + nodes[0].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &bs_second_revoke_and_ack); + assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); + check_added_monitors!(nodes[0], 1); + + expect_pending_htlcs_forwardable!(nodes[1]); + + let events_5 = nodes[1].node.get_and_clear_pending_events(); + check_payment_claimable(&events_5[0], payment_hash_2, payment_secret_2, 1_000_000, None, nodes[1].node.get_our_node_id()); + + expect_payment_path_successful!(nodes[0]); + claim_payment(&nodes[0], &[&nodes[1]], payment_preimage_2); +} + fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { // Ensures that we can obtain holder signatures for commitment and HTLC transactions // asynchronously by allowing their retrieval to fail and retrying via @@ -344,12 +700,12 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { let closing_node = if remote_commitment { &nodes[1] } else { &nodes[0] }; let coinbase_tx = Transaction { - version: 2, + version: Version::TWO, lock_time: LockTime::ZERO, input: vec![TxIn { ..Default::default() }], output: vec![ TxOut { - value: Amount::ONE_BTC.to_sat(), + value: Amount::ONE_BTC, script_pubkey: closing_node.wallet_source.get_change_script().unwrap(), }, ], @@ -363,16 +719,18 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { // Route an HTLC and set the signer as unavailable. let (_, _, chan_id, funding_tx) = create_announced_chan_between_nodes(&nodes, 0, 1); route_payment(&nodes[0], &[&nodes[1]], 1_000_000); + let error_message = "Channel force-closed"; - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, false); if remote_commitment { // Make the counterparty broadcast its latest commitment. - nodes[1].node.force_close_broadcasting_latest_txn(&chan_id, &nodes[0].node.get_our_node_id()).unwrap(); + nodes[1].node.force_close_broadcasting_latest_txn(&chan_id, &nodes[0].node.get_our_node_id(), error_message.to_string()).unwrap(); check_added_monitors(&nodes[1], 1); check_closed_broadcast(&nodes[1], 1, true); - check_closed_event(&nodes[1], 1, ClosureReason::HolderForceClosed, false, &[nodes[0].node.get_our_node_id()], 100_000); + check_closed_event(&nodes[1], 1, ClosureReason::HolderForceClosed { broadcasted_latest_txn: Some(true) }, false, &[nodes[0].node.get_our_node_id()], 100_000); } else { + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderHtlcTransaction); // We'll connect blocks until the sender has to go onchain to time out the HTLC. connect_blocks(&nodes[0], TEST_FINAL_CLTV + LATENCY_GRACE_PERIOD_BLOCKS + 1); @@ -381,7 +739,8 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); // Mark it as available now, we should see the signed commitment transaction. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderHtlcTransaction); get_monitor!(nodes[0], chan_id).signer_unblocked(nodes[0].tx_broadcaster, nodes[0].fee_estimator, &nodes[0].logger); } @@ -407,7 +766,13 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { // Mark it as unavailable again to now test the HTLC transaction. We'll mine the commitment such // that the HTLC transaction is retried. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, false); + let sign_htlc_op = if remote_commitment { + SignerOp::SignCounterpartyHtlcTransaction + } else { + SignerOp::SignHolderHtlcTransaction + }; + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].disable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, sign_htlc_op); mine_transaction(&nodes[0], &commitment_tx); check_added_monitors(&nodes[0], 1); @@ -424,10 +789,12 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { if anchors && !remote_commitment { handle_bump_htlc_event(&nodes[0], 1); } - assert!(nodes[0].tx_broadcaster.txn_broadcast().is_empty()); + let txn = nodes[0].tx_broadcaster.txn_broadcast(); + assert!(txn.is_empty(), "expected no transaction to be broadcast, got {:?}", txn); // Mark it as available now, we should see the signed HTLC transaction. - nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, SignerOp::SignHolderCommitment); + nodes[0].enable_channel_signer_op(&nodes[1].node.get_our_node_id(), &chan_id, sign_htlc_op); get_monitor!(nodes[0], chan_id).signer_unblocked(nodes[0].tx_broadcaster, nodes[0].fee_estimator, &nodes[0].logger); if anchors && !remote_commitment { @@ -441,9 +808,21 @@ fn do_test_async_holder_signatures(anchors: bool, remote_commitment: bool) { } #[test] -fn test_async_holder_signatures() { +fn test_async_holder_signatures_no_anchors() { do_test_async_holder_signatures(false, false); +} + +#[test] +fn test_async_holder_signatures_remote_commitment_no_anchors() { do_test_async_holder_signatures(false, true); +} + +#[test] +fn test_async_holder_signatures_anchors() { do_test_async_holder_signatures(true, false); +} + +#[test] +fn test_async_holder_signatures_remote_commitment_anchors() { do_test_async_holder_signatures(true, true); }