X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fchain%2Fmod.rs;h=e22ccca986aacf622778c7c4c3c5320b3815e341;hb=1c28cc071300005d9766fca3a402246973a811a5;hp=736da139a558a3f20960ad75e8c90f23264594fd;hpb=23c5308bcbea61d89b1e5d3df6b6da721bc74c2a;p=rust-lightning diff --git a/lightning/src/chain/mod.rs b/lightning/src/chain/mod.rs index 736da139..e22ccca9 100644 --- a/lightning/src/chain/mod.rs +++ b/lightning/src/chain/mod.rs @@ -9,17 +9,19 @@ //! Structs and traits which allow other parts of rust-lightning to interact with the blockchain. -use bitcoin::blockdata::block::{Block, BlockHeader}; +use bitcoin::blockdata::block::{Block, Header}; use bitcoin::blockdata::constants::genesis_block; -use bitcoin::blockdata::script::Script; +use bitcoin::blockdata::script::{Script, ScriptBuf}; use bitcoin::hash_types::{BlockHash, Txid}; use bitcoin::network::constants::Network; use bitcoin::secp256k1::PublicKey; use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, MonitorEvent}; -use crate::sign::WriteableEcdsaChannelSigner; +use crate::ln::ChannelId; +use crate::sign::ecdsa::WriteableEcdsaChannelSigner; use crate::chain::transaction::{OutPoint, TransactionData}; +#[allow(unused_imports)] use crate::prelude::*; pub mod chaininterface; @@ -30,10 +32,12 @@ pub(crate) mod onchaintx; pub(crate) mod package; /// The best known block as identified by its hash and height. -#[derive(Clone, Copy, PartialEq, Eq)] +#[derive(Clone, Copy, Debug, Hash, PartialEq, Eq)] pub struct BestBlock { - block_hash: BlockHash, - height: u32, + /// The block's hash + pub block_hash: BlockHash, + /// The height at which the block was confirmed. + pub height: u32, } impl BestBlock { @@ -50,12 +54,6 @@ impl BestBlock { pub fn new(block_hash: BlockHash, height: u32) -> Self { BestBlock { block_hash, height } } - - /// Returns the best block hash. - pub fn block_hash(&self) -> BlockHash { self.block_hash } - - /// Returns the best block height. - pub fn height(&self) -> u32 { self.height } } @@ -73,7 +71,7 @@ impl BestBlock { pub trait Listen { /// Notifies the listener that a block was added at the given height, with the transaction data /// possibly filtered. - fn filtered_block_connected(&self, header: &BlockHeader, txdata: &TransactionData, height: u32); + fn filtered_block_connected(&self, header: &Header, txdata: &TransactionData, height: u32); /// Notifies the listener that a block was added at the given height. fn block_connected(&self, block: &Block, height: u32) { @@ -82,7 +80,7 @@ pub trait Listen { } /// Notifies the listener that a block was removed at the given height. - fn block_disconnected(&self, header: &BlockHeader, height: u32); + fn block_disconnected(&self, header: &Header, height: u32); } /// The `Confirm` trait is used to notify LDK when relevant transactions have been confirmed on @@ -135,7 +133,7 @@ pub trait Confirm { /// /// [chain order]: Confirm#order /// [`best_block_updated`]: Self::best_block_updated - fn transactions_confirmed(&self, header: &BlockHeader, txdata: &TransactionData, height: u32); + fn transactions_confirmed(&self, header: &Header, txdata: &TransactionData, height: u32); /// Notifies LDK of a transaction that is no longer confirmed as result of a chain reorganization. /// /// Must be called for any transaction returned by [`get_relevant_txids`] if it has been @@ -150,9 +148,9 @@ pub trait Confirm { /// /// Must be called whenever a new chain tip becomes available. May be skipped for intermediary /// blocks. - fn best_block_updated(&self, header: &BlockHeader, height: u32); + fn best_block_updated(&self, header: &Header, height: u32); /// Returns transactions that must be monitored for reorganization out of the chain along - /// with the hash of the block as part of which it had been previously confirmed. + /// with the height and the hash of the block as part of which it had been previously confirmed. /// /// Note that the returned `Option` might be `None` for channels created with LDK /// 0.0.112 and prior, in which case you need to manually track previous confirmations. @@ -167,15 +165,34 @@ pub trait Confirm { /// given to [`transaction_unconfirmed`]. /// /// If any of the returned transactions are confirmed in a block other than the one with the - /// given hash, they need to be unconfirmed and reconfirmed via [`transaction_unconfirmed`] and - /// [`transactions_confirmed`], respectively. + /// given hash at the given height, they need to be unconfirmed and reconfirmed via + /// [`transaction_unconfirmed`] and [`transactions_confirmed`], respectively. /// /// [`transactions_confirmed`]: Self::transactions_confirmed /// [`transaction_unconfirmed`]: Self::transaction_unconfirmed - fn get_relevant_txids(&self) -> Vec<(Txid, Option)>; + fn get_relevant_txids(&self) -> Vec<(Txid, u32, Option)>; } /// An enum representing the status of a channel monitor update persistence. +/// +/// These are generally used as the return value for an implementation of [`Persist`] which is used +/// as the storage layer for a [`ChainMonitor`]. See the docs on [`Persist`] for a high-level +/// explanation of how to handle different cases. +/// +/// While `UnrecoverableError` is provided as a failure variant, it is not truly "handled" on the +/// calling side, and generally results in an immediate panic. For those who prefer to avoid +/// panics, `InProgress` can be used and you can retry the update operation in the background or +/// shut down cleanly. +/// +/// Note that channels should generally *not* be force-closed after a persistence failure. +/// Force-closing with the latest [`ChannelMonitorUpdate`] applied may result in a transaction +/// being broadcast which can only be spent by the latest [`ChannelMonitor`]! Thus, if the +/// latest [`ChannelMonitor`] is not durably persisted anywhere and exists only in memory, naively +/// calling [`ChannelManager::force_close_broadcasting_latest_txn`] *may result in loss of funds*! +/// +/// [`Persist`]: chainmonitor::Persist +/// [`ChainMonitor`]: chainmonitor::ChainMonitor +/// [`ChannelManager::force_close_broadcasting_latest_txn`]: crate::ln::channelmanager::ChannelManager::force_close_broadcasting_latest_txn #[derive(Clone, Copy, Debug, PartialEq, Eq)] pub enum ChannelMonitorUpdateStatus { /// The update has been durably persisted and all copies of the relevant [`ChannelMonitor`] @@ -184,13 +201,13 @@ pub enum ChannelMonitorUpdateStatus { /// This includes performing any `fsync()` calls required to ensure the update is guaranteed to /// be available on restart even if the application crashes. Completed, - /// Used to indicate a temporary failure (eg connection to a watchtower or remote backup of - /// our state failed, but is expected to succeed at some point in the future). + /// Indicates that the update will happen asynchronously in the background or that a transient + /// failure occurred which is being retried in the background and will eventually complete. /// - /// Such a failure will "freeze" a channel, preventing us from revoking old states or - /// submitting new commitment transactions to the counterparty. Once the update(s) which failed - /// have been successfully applied, a [`MonitorEvent::Completed`] can be used to restore the - /// channel to an operational state. + /// This will "freeze" a channel, preventing us from revoking old states or submitting a new + /// commitment transaction to the counterparty. Once the update(s) which are `InProgress` have + /// been completed, a [`MonitorEvent::Completed`] can be used to restore the channel to an + /// operational state. /// /// Even when a channel has been "frozen", updates to the [`ChannelMonitor`] can continue to /// occur (e.g. if an inbound HTLC which we forwarded was claimed upstream, resulting in us @@ -200,30 +217,40 @@ pub enum ChannelMonitorUpdateStatus { /// until a [`MonitorEvent::Completed`] is provided, even if you return no error on a later /// monitor update for the same channel. /// - /// For deployments where a copy of ChannelMonitors and other local state are backed up in a - /// remote location (with local copies persisted immediately), it is anticipated that all + /// For deployments where a copy of [`ChannelMonitor`]s and other local state are backed up in + /// a remote location (with local copies persisted immediately), it is anticipated that all /// updates will return [`InProgress`] until the remote copies could be updated. /// + /// Note that while fully asynchronous persistence of [`ChannelMonitor`] data is generally + /// reliable, this feature is considered beta, and a handful of edge-cases remain. Until the + /// remaining cases are fixed, in rare cases, *using this feature may lead to funds loss*. + /// /// [`InProgress`]: ChannelMonitorUpdateStatus::InProgress InProgress, + /// Indicates that an update has failed and will not complete at any point in the future. + /// + /// Currently returning this variant will cause LDK to immediately panic to encourage immediate + /// shutdown. In the future this may be updated to disconnect peers and refuse to continue + /// normal operation without a panic. + /// + /// Applications which wish to perform an orderly shutdown after failure should consider + /// returning [`InProgress`] instead and simply shut down without ever marking the update + /// complete. + /// + /// [`InProgress`]: ChannelMonitorUpdateStatus::InProgress + UnrecoverableError, } /// The `Watch` trait defines behavior for watching on-chain activity pertaining to channels as /// blocks are connected and disconnected. /// /// Each channel is associated with a [`ChannelMonitor`]. Implementations of this trait are -/// responsible for maintaining a set of monitors such that they can be updated accordingly as -/// channel state changes and HTLCs are resolved. See method documentation for specific -/// requirements. -/// -/// Implementations **must** ensure that updates are successfully applied and persisted upon method -/// completion. If an update will not succeed, then it must immediately shut down. +/// responsible for maintaining a set of monitors such that they can be updated as channel state +/// changes. On each update, *all copies* of a [`ChannelMonitor`] must be updated and the update +/// persisted to disk to ensure that the latest [`ChannelMonitor`] state can be reloaded if the +/// application crashes. /// -/// If an implementation maintains multiple instances of a channel's monitor (e.g., by storing -/// backup copies), then it must ensure that updates are applied across all instances. Otherwise, it -/// could result in a revoked transaction being broadcast, allowing the counterparty to claim all -/// funds in the channel. See [`ChannelMonitorUpdateStatus`] for more details about how to handle -/// multiple instances. +/// See method documentation and [`ChannelMonitorUpdateStatus`] for specific requirements. pub trait Watch { /// Watches a channel identified by `funding_txo` using `monitor`. /// @@ -251,8 +278,10 @@ pub trait Watch { /// on-chain or the [`ChannelMonitor`] having decided to do so and broadcasted a transaction), /// and the [`ChannelManager`] state will be updated once it sees the funding spend on-chain. /// - /// If persistence fails, this should return [`ChannelMonitorUpdateStatus::InProgress`] and - /// the node should shut down immediately. + /// In general, persistence failures should be retried after returning + /// [`ChannelMonitorUpdateStatus::InProgress`] and eventually complete. If a failure truly + /// cannot be retried, the node should shut down immediately after returning + /// [`ChannelMonitorUpdateStatus::UnrecoverableError`], see its documentation for more info. /// /// [`ChannelManager`]: crate::ln::channelmanager::ChannelManager fn update_channel(&self, funding_txo: OutPoint, update: &ChannelMonitorUpdate) -> ChannelMonitorUpdateStatus; @@ -266,7 +295,7 @@ pub trait Watch { /// /// For details on asynchronous [`ChannelMonitor`] updating and returning /// [`MonitorEvent::Completed`] here, see [`ChannelMonitorUpdateStatus::InProgress`]. - fn release_pending_monitor_events(&self) -> Vec<(OutPoint, Vec, Option)>; + fn release_pending_monitor_events(&self) -> Vec<(OutPoint, ChannelId, Vec, Option)>; } /// The `Filter` trait defines behavior for indicating chain activity of interest pertaining to @@ -323,15 +352,15 @@ pub struct WatchedOutput { pub outpoint: OutPoint, /// Spending condition of the transaction output. - pub script_pubkey: Script, + pub script_pubkey: ScriptBuf, } -impl Listen for core::ops::Deref { - fn filtered_block_connected(&self, header: &BlockHeader, txdata: &TransactionData, height: u32) { +impl Listen for dyn core::ops::Deref { + fn filtered_block_connected(&self, header: &Header, txdata: &TransactionData, height: u32) { (**self).filtered_block_connected(header, txdata, height); } - fn block_disconnected(&self, header: &BlockHeader, height: u32) { + fn block_disconnected(&self, header: &Header, height: u32) { (**self).block_disconnected(header, height); } } @@ -341,12 +370,12 @@ where T::Target: Listen, U::Target: Listen, { - fn filtered_block_connected(&self, header: &BlockHeader, txdata: &TransactionData, height: u32) { + fn filtered_block_connected(&self, header: &Header, txdata: &TransactionData, height: u32) { self.0.filtered_block_connected(header, txdata, height); self.1.filtered_block_connected(header, txdata, height); } - fn block_disconnected(&self, header: &BlockHeader, height: u32) { + fn block_disconnected(&self, header: &Header, height: u32) { self.0.block_disconnected(header, height); self.1.block_disconnected(header, height); }