X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fchain%2Fchannelmonitor.rs;h=5e3d49c0f9f0c5004cb0bad485ed216cc3a70737;hb=2e562a2ad88fe214e19e2ee1c5f4db743d9ebe07;hp=904d9941349804f99cb31127e2757fcc51bbf473;hpb=bd1206777735696c7aa5ece2f2f2bda6c5a87661;p=rust-lightning diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs index 904d9941..5e3d49c0 100644 --- a/lightning/src/chain/channelmonitor.rs +++ b/lightning/src/chain/channelmonitor.rs @@ -49,8 +49,8 @@ use crate::chain::Filter; use crate::util::logger::Logger; use crate::util::ser::{Readable, ReadableArgs, RequiredWrapper, MaybeReadable, UpgradableRequired, Writer, Writeable, U48}; use crate::util::byte_utils; -use crate::events::Event; -use crate::events::bump_transaction::{AnchorDescriptor, HTLCDescriptor, BumpTransactionEvent}; +use crate::events::{Event, EventHandler}; +use crate::events::bump_transaction::{ChannelDerivationParameters, AnchorDescriptor, HTLCDescriptor, BumpTransactionEvent}; use crate::prelude::*; use core::{cmp, mem}; @@ -262,7 +262,7 @@ impl_writeable_tlv_based!(HolderSignedTx, { (8, delayed_payment_key, required), (10, per_commitment_point, required), (12, feerate_per_kw, required), - (14, htlc_outputs, vec_type) + (14, htlc_outputs, required_vec) }); impl HolderSignedTx { @@ -280,7 +280,7 @@ impl HolderSignedTx { /// We use this to track static counterparty commitment transaction data and to generate any /// justice or 2nd-stage preimage/timeout transactions. -#[derive(PartialEq, Eq)] +#[derive(Clone, PartialEq, Eq)] struct CounterpartyCommitmentParameters { counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, @@ -334,7 +334,7 @@ impl Readable for CounterpartyCommitmentParameters { /// observed, as well as the transaction causing it. /// /// Used to determine when the on-chain event can be considered safe from a chain reorganization. -#[derive(PartialEq, Eq)] +#[derive(Clone, PartialEq, Eq)] struct OnchainEventEntry { txid: Txid, height: u32, @@ -377,7 +377,7 @@ type CommitmentTxCounterpartyOutputInfo = Option<(u32, u64)>; /// Upon discovering of some classes of onchain tx by ChannelMonitor, we may have to take actions on it /// once they mature to enough confirmations (ANTI_REORG_DELAY) -#[derive(PartialEq, Eq)] +#[derive(Clone, PartialEq, Eq)] enum OnchainEvent { /// An outbound HTLC failing after a transaction is confirmed. Used /// * when an outbound HTLC output is spent by us after the HTLC timed out @@ -538,15 +538,15 @@ impl ChannelMonitorUpdateStep { impl_writeable_tlv_based_enum_upgradable!(ChannelMonitorUpdateStep, (0, LatestHolderCommitmentTXInfo) => { (0, commitment_tx, required), - (1, claimed_htlcs, vec_type), - (2, htlc_outputs, vec_type), + (1, claimed_htlcs, optional_vec), + (2, htlc_outputs, required_vec), (4, nondust_htlc_sources, optional_vec), }, (1, LatestCounterpartyCommitmentTXInfo) => { (0, commitment_txid, required), (2, commitment_number, required), (4, their_per_commitment_point, required), - (6, htlc_outputs, vec_type), + (6, htlc_outputs, required_vec), }, (2, PaymentPreimage) => { (0, payment_preimage, required), @@ -576,14 +576,14 @@ pub enum Balance { ClaimableOnChannelClose { /// The amount available to claim, in satoshis, excluding the on-chain fees which will be /// required to do so. - claimable_amount_satoshis: u64, + amount_satoshis: u64, }, /// The channel has been closed, and the given balance is ours but awaiting confirmations until /// we consider it spendable. ClaimableAwaitingConfirmations { /// The amount available to claim, in satoshis, possibly excluding the on-chain fees which /// were spent in broadcasting the transaction. - claimable_amount_satoshis: u64, + amount_satoshis: u64, /// The height at which an [`Event::SpendableOutputs`] event will be generated for this /// amount. confirmation_height: u32, @@ -598,7 +598,7 @@ pub enum Balance { ContentiousClaimable { /// The amount available to claim, in satoshis, excluding the on-chain fees which will be /// required to do so. - claimable_amount_satoshis: u64, + amount_satoshis: u64, /// The height at which the counterparty may be able to claim the balance if we have not /// done so. timeout_height: u32, @@ -613,7 +613,7 @@ pub enum Balance { MaybeTimeoutClaimableHTLC { /// The amount potentially available to claim, in satoshis, excluding the on-chain fees /// which will be required to do so. - claimable_amount_satoshis: u64, + amount_satoshis: u64, /// The height at which we will be able to claim the balance if our counterparty has not /// done so. claimable_height: u32, @@ -626,7 +626,7 @@ pub enum Balance { MaybePreimageClaimableHTLC { /// The amount potentially available to claim, in satoshis, excluding the on-chain fees /// which will be required to do so. - claimable_amount_satoshis: u64, + amount_satoshis: u64, /// The height at which our counterparty will be able to claim the balance if we have not /// yet received the preimage and claimed it ourselves. expiry_height: u32, @@ -643,7 +643,7 @@ pub enum Balance { /// /// Note that for outputs from HTLC balances this may be excluding some on-chain fees that /// were already spent. - claimable_amount_satoshis: u64, + amount_satoshis: u64, }, } @@ -656,33 +656,20 @@ impl Balance { /// On-chain fees required to claim the balance are not included in this amount. pub fn claimable_amount_satoshis(&self) -> u64 { match self { - Balance::ClaimableOnChannelClose { - claimable_amount_satoshis, - } => *claimable_amount_satoshis, - Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis, - .. - } => *claimable_amount_satoshis, - Balance::ContentiousClaimable { - claimable_amount_satoshis, - .. - } => *claimable_amount_satoshis, - Balance::MaybeTimeoutClaimableHTLC { - .. - } => 0, - Balance::MaybePreimageClaimableHTLC { - .. - } => 0, - Balance::CounterpartyRevokedOutputClaimable { - claimable_amount_satoshis, - .. - } => *claimable_amount_satoshis, + Balance::ClaimableOnChannelClose { amount_satoshis, .. }| + Balance::ClaimableAwaitingConfirmations { amount_satoshis, .. }| + Balance::ContentiousClaimable { amount_satoshis, .. }| + Balance::CounterpartyRevokedOutputClaimable { amount_satoshis, .. } + => *amount_satoshis, + Balance::MaybeTimeoutClaimableHTLC { .. }| + Balance::MaybePreimageClaimableHTLC { .. } + => 0, } } } /// An HTLC which has been irrevocably resolved on-chain, and has reached ANTI_REORG_DELAY. -#[derive(PartialEq, Eq)] +#[derive(Clone, PartialEq, Eq)] struct IrrevocablyResolvedHTLC { commitment_tx_output_idx: Option, /// The txid of the transaction which resolved the HTLC, this may be a commitment (if the HTLC @@ -738,11 +725,6 @@ impl Readable for IrrevocablyResolvedHTLC { /// You MUST ensure that no ChannelMonitors for a given channel anywhere contain out-of-date /// information and are actively monitoring the chain. /// -/// Pending Events or updated HTLCs which have not yet been read out by -/// get_and_clear_pending_monitor_events or get_and_clear_pending_events are serialized to disk and -/// reloaded at deserialize-time. Thus, you must ensure that, when handling events, all events -/// gotten are fully handled before re-serializing the new state. -/// /// Note that the deserializer is only implemented for (BlockHash, ChannelMonitor), which /// tells you the last block hash which was block_connect()ed. You MUST rescan any blocks along /// the "reorg path" (ie disconnecting blocks until you find a common ancestor from both the @@ -752,10 +734,17 @@ pub struct ChannelMonitor { #[cfg(test)] pub(crate) inner: Mutex>, #[cfg(not(test))] - inner: Mutex>, + pub(super) inner: Mutex>, } -#[derive(PartialEq)] +impl Clone for ChannelMonitor where Signer: Clone { + fn clone(&self) -> Self { + let inner = self.inner.lock().unwrap().clone(); + ChannelMonitor::from_impl(inner) + } +} + +#[derive(Clone, PartialEq)] pub(crate) struct ChannelMonitorImpl { latest_update_id: u64, commitment_transaction_number_obscure_factor: u64, @@ -829,7 +818,8 @@ pub(crate) struct ChannelMonitorImpl { // we further MUST NOT generate events during block/transaction-disconnection. pending_monitor_events: Vec, - pending_events: Vec, + pub(super) pending_events: Vec, + pub(super) is_processing_pending_events: bool, // Used to track on-chain events (i.e., transactions part of channels confirmed on chain) on // which to take actions once they reach enough confirmations. Each entry includes the @@ -1075,12 +1065,12 @@ impl Writeable for ChannelMonitorImpl Writeable for ChannelMonitorImpl { + loop { + let (pending_events, repeated_events); + if let Some(us) = $self_opt { + let mut inner = us.inner.lock().unwrap(); + if inner.is_processing_pending_events { + break; + } + inner.is_processing_pending_events = true; + + pending_events = inner.pending_events.clone(); + repeated_events = inner.get_repeated_events(); + } else { break; } + let num_events = pending_events.len(); + + for event in pending_events.into_iter().chain(repeated_events.into_iter()) { + $event_to_handle = event; + $handle_event; + } + + if let Some(us) = $self_opt { + let mut inner = us.inner.lock().unwrap(); + inner.pending_events.drain(..num_events); + inner.is_processing_pending_events = false; + if !inner.pending_events.is_empty() { + // If there's more events to process, go ahead and do so. + continue; + } + } + break; + } + } +} +pub(super) use _process_events_body as process_events_body; + impl ChannelMonitor { /// For lockorder enforcement purposes, we need to have a single site which constructs the /// `inner` mutex, otherwise cases where we lock two monitors at the same time (eg in our @@ -1179,6 +1205,7 @@ impl ChannelMonitor { payment_preimages: HashMap::new(), pending_monitor_events: Vec::new(), pending_events: Vec::new(), + is_processing_pending_events: false, onchain_events_awaiting_threshold_conf: Vec::new(), outputs_to_watch, @@ -1306,16 +1333,41 @@ impl ChannelMonitor { self.inner.lock().unwrap().get_and_clear_pending_monitor_events() } - /// Gets the list of pending events which were generated by previous actions, clearing the list - /// in the process. + /// Processes [`SpendableOutputs`] events produced from each [`ChannelMonitor`] upon maturity. /// - /// This is called by the [`EventsProvider::process_pending_events`] implementation for - /// [`ChainMonitor`]. + /// For channels featuring anchor outputs, this method will also process [`BumpTransaction`] + /// events produced from each [`ChannelMonitor`] while there is a balance to claim onchain + /// within each channel. As the confirmation of a commitment transaction may be critical to the + /// safety of funds, we recommend invoking this every 30 seconds, or lower if running in an + /// environment with spotty connections, like on mobile. + /// + /// An [`EventHandler`] may safely call back to the provider, though this shouldn't be needed in + /// order to handle these events. + /// + /// [`SpendableOutputs`]: crate::events::Event::SpendableOutputs + /// [`BumpTransaction`]: crate::events::Event::BumpTransaction + pub fn process_pending_events(&self, handler: &H) where H::Target: EventHandler { + let mut ev; + process_events_body!(Some(self), ev, handler.handle_event(ev)); + } + + /// Processes any events asynchronously. /// - /// [`EventsProvider::process_pending_events`]: crate::events::EventsProvider::process_pending_events - /// [`ChainMonitor`]: crate::chain::chainmonitor::ChainMonitor + /// See [`Self::process_pending_events`] for more information. + pub async fn process_pending_events_async Future>( + &self, handler: &H + ) { + let mut ev; + process_events_body!(Some(self), ev, { handler(ev).await }); + } + + #[cfg(test)] pub fn get_and_clear_pending_events(&self) -> Vec { - self.inner.lock().unwrap().get_and_clear_pending_events() + let mut ret = Vec::new(); + let mut lck = self.inner.lock().unwrap(); + mem::swap(&mut ret, &mut lck.pending_events); + ret.append(&mut lck.get_repeated_events()); + ret } pub(crate) fn get_min_seen_secret(&self) -> u64 { @@ -1607,7 +1659,7 @@ impl ChannelMonitorImpl { if let Some(conf_thresh) = holder_delayed_output_pending { debug_assert!(holder_commitment); return Some(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, confirmation_height: conf_thresh, }); } else if htlc_resolved.is_some() && !htlc_output_spend_pending { @@ -1645,7 +1697,7 @@ impl ChannelMonitorImpl { debug_assert!(!htlc.offered || htlc_spend_pending.is_none() || !htlc_spend_pending.unwrap().1, "We don't (currently) generate preimage claims against revoked outputs, where did you get one?!"); return Some(Balance::CounterpartyRevokedOutputClaimable { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, }); } } else if htlc.offered == holder_commitment { @@ -1654,12 +1706,12 @@ impl ChannelMonitorImpl { // and awaiting confirmations on it. if let Some(conf_thresh) = holder_timeout_spend_pending { return Some(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, confirmation_height: conf_thresh, }); } else { return Some(Balance::MaybeTimeoutClaimableHTLC { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, claimable_height: htlc.cltv_expiry, payment_hash: htlc.payment_hash, }); @@ -1673,12 +1725,12 @@ impl ChannelMonitorImpl { debug_assert!(holder_timeout_spend_pending.is_none()); if let Some((conf_thresh, true)) = htlc_spend_pending { return Some(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, confirmation_height: conf_thresh, }); } else { return Some(Balance::ContentiousClaimable { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, timeout_height: htlc.cltv_expiry, payment_hash: htlc.payment_hash, payment_preimage: *payment_preimage, @@ -1686,7 +1738,7 @@ impl ChannelMonitorImpl { } } else if htlc_resolved.is_none() { return Some(Balance::MaybePreimageClaimableHTLC { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, expiry_height: htlc.cltv_expiry, payment_hash: htlc.payment_hash, }); @@ -1759,7 +1811,7 @@ impl ChannelMonitor { } else { None } }) { res.push(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: value, + amount_satoshis: value, confirmation_height: conf_thresh, }); } else { @@ -1782,7 +1834,7 @@ impl ChannelMonitor { descriptor: SpendableOutputDescriptor::StaticOutput { output, .. } } = &event.event { res.push(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: output.value, + amount_satoshis: output.value, confirmation_height: event.confirmation_threshold(), }); if let Some(confirmed_to_self_idx) = confirmed_counterparty_output.map(|(idx, _)| idx) { @@ -1801,7 +1853,7 @@ impl ChannelMonitor { .is_output_spend_pending(&BitcoinOutPoint::new(txid, confirmed_to_self_idx)); if output_spendable { res.push(Balance::CounterpartyRevokedOutputClaimable { - claimable_amount_satoshis: amt, + amount_satoshis: amt, }); } } else { @@ -1814,7 +1866,7 @@ impl ChannelMonitor { walk_htlcs!(true, false, us.current_holder_commitment_tx.htlc_outputs.iter().map(|(a, _, _)| a)); if let Some(conf_thresh) = pending_commitment_tx_conf_thresh { res.push(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat, + amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat, confirmation_height: conf_thresh, }); } @@ -1824,7 +1876,7 @@ impl ChannelMonitor { walk_htlcs!(true, false, prev_commitment.htlc_outputs.iter().map(|(a, _, _)| a)); if let Some(conf_thresh) = pending_commitment_tx_conf_thresh { res.push(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: prev_commitment.to_self_value_sat, + amount_satoshis: prev_commitment.to_self_value_sat, confirmation_height: conf_thresh, }); } @@ -1837,7 +1889,7 @@ impl ChannelMonitor { // neither us nor our counterparty misbehaved. At worst we've under-estimated // the amount we can claim as we'll punish a misbehaving counterparty. res.push(Balance::ClaimableAwaitingConfirmations { - claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat, + amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat, confirmation_height: conf_thresh, }); } @@ -1848,7 +1900,7 @@ impl ChannelMonitor { if htlc.transaction_output_index.is_none() { continue; } if htlc.offered { res.push(Balance::MaybeTimeoutClaimableHTLC { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, claimable_height: htlc.cltv_expiry, payment_hash: htlc.payment_hash, }); @@ -1858,14 +1910,14 @@ impl ChannelMonitor { // As long as the HTLC is still in our latest commitment state, treat // it as potentially claimable, even if it has long-since expired. res.push(Balance::MaybePreimageClaimableHTLC { - claimable_amount_satoshis: htlc.amount_msat / 1000, + amount_satoshis: htlc.amount_msat / 1000, expiry_height: htlc.cltv_expiry, payment_hash: htlc.payment_hash, }); } } res.push(Balance::ClaimableOnChannelClose { - claimable_amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat + claimable_inbound_htlc_value_sat, + amount_satoshis: us.current_holder_commitment_tx.to_self_value_sat + claimable_inbound_htlc_value_sat, }); } @@ -2531,10 +2583,13 @@ impl ChannelMonitorImpl { ret } - pub fn get_and_clear_pending_events(&mut self) -> Vec { - let mut ret = Vec::new(); - mem::swap(&mut ret, &mut self.pending_events); - for (claim_id, claim_event) in self.onchain_tx_handler.get_and_clear_pending_claim_events().drain(..) { + /// Gets the set of events that are repeated regularly (e.g. those which RBF bump + /// transactions). We're okay if we lose these on restart as they'll be regenerated for us at + /// some regular interval via [`ChannelMonitor::rebroadcast_pending_claims`]. + pub(super) fn get_repeated_events(&mut self) -> Vec { + let pending_claim_events = self.onchain_tx_handler.get_and_clear_pending_claim_events(); + let mut ret = Vec::with_capacity(pending_claim_events.len()); + for (claim_id, claim_event) in pending_claim_events { match claim_event { ClaimEvent::BumpCommitment { package_target_feerate_sat_per_1000_weight, commitment_tx, anchor_output_idx, @@ -2550,8 +2605,11 @@ impl ChannelMonitorImpl { commitment_tx, commitment_tx_fee_satoshis, anchor_descriptor: AnchorDescriptor { - channel_keys_id: self.channel_keys_id, - channel_value_satoshis: self.channel_value_satoshis, + channel_derivation_parameters: ChannelDerivationParameters { + keys_id: self.channel_keys_id, + value_satoshis: self.channel_value_satoshis, + transaction_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(), + }, outpoint: BitcoinOutPoint { txid: commitment_txid, vout: anchor_output_idx, @@ -2566,11 +2624,16 @@ impl ChannelMonitorImpl { let mut htlc_descriptors = Vec::with_capacity(htlcs.len()); for htlc in htlcs { htlc_descriptors.push(HTLCDescriptor { - channel_keys_id: self.channel_keys_id, - channel_value_satoshis: self.channel_value_satoshis, - channel_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(), + channel_derivation_parameters: ChannelDerivationParameters { + keys_id: self.channel_keys_id, + value_satoshis: self.channel_value_satoshis, + transaction_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(), + }, commitment_txid: htlc.commitment_txid, per_commitment_number: htlc.per_commitment_number, + per_commitment_point: self.onchain_tx_handler.signer.get_per_commitment_point( + htlc.per_commitment_number, &self.onchain_tx_handler.secp_ctx, + ), htlc: htlc.htlc, preimage: htlc.preimage, counterparty_sig: htlc.counterparty_sig, @@ -4051,12 +4114,12 @@ impl<'a, 'b, ES: EntropySource, SP: SignerProvider> ReadableArgs<(&'a ES, &'b SP let mut counterparty_fulfilled_htlcs = Some(HashMap::new()); read_tlv_fields!(reader, { (1, funding_spend_confirmed, option), - (3, htlcs_resolved_on_chain, vec_type), - (5, pending_monitor_events, vec_type), + (3, htlcs_resolved_on_chain, optional_vec), + (5, pending_monitor_events, optional_vec), (7, funding_spend_seen, option), (9, counterparty_node_id, option), (11, confirmed_commitment_tx_counterparty_output, option), - (13, spendable_txids_confirmed, vec_type), + (13, spendable_txids_confirmed, optional_vec), (15, counterparty_fulfilled_htlcs, option), }); @@ -4096,6 +4159,7 @@ impl<'a, 'b, ES: EntropySource, SP: SignerProvider> ReadableArgs<(&'a ES, &'b SP payment_preimages, pending_monitor_events: pending_monitor_events.unwrap(), pending_events, + is_processing_pending_events: false, onchain_events_awaiting_threshold_conf, outputs_to_watch, @@ -4212,7 +4276,8 @@ mod tests { assert!(err.contains("ChannelMonitor storage failure"))); check_added_monitors!(nodes[1], 2); // After the failure we generate a close-channel monitor update check_closed_broadcast!(nodes[1], true); - check_closed_event!(nodes[1], 1, ClosureReason::ProcessingError { err: "ChannelMonitor storage failure".to_string() }); + check_closed_event!(nodes[1], 1, ClosureReason::ProcessingError { err: "ChannelMonitor storage failure".to_string() }, + [nodes[0].node.get_our_node_id()], 100000); // Build a new ChannelMonitorUpdate which contains both the failing commitment tx update // and provides the claim preimages for the two pending HTLCs. The first update generates