X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fln%2Fchannelmonitor.rs;h=5241d97d4fe0646bf165ea5b5c74630a1d4d0911;hb=ddd85fb55023ac7fea1c1a7ae4748b2b795dff61;hp=7e961a129eb19407d8531b61588e53429da1d8ad;hpb=86a2607b008ed9bf95e89562a1822bcbfcfdcdb0;p=rust-lightning

diff --git a/lightning/src/ln/channelmonitor.rs b/lightning/src/ln/channelmonitor.rs
index 7e961a12..5241d97d 100644
--- a/lightning/src/ln/channelmonitor.rs
+++ b/lightning/src/ln/channelmonitor.rs
@@ -383,6 +383,28 @@ pub(crate) const LATENCY_GRACE_PERIOD_BLOCKS: u32 = 3;
 /// solved by a previous claim tx. What we want to avoid is reorg evicting our claim tx and us not
 /// keeping bumping another claim tx to solve the outpoint.
 pub(crate) const ANTI_REORG_DELAY: u32 = 6;
+/// Number of blocks before confirmation at which we fail back an un-relayed HTLC or at which we
+/// refuse to accept a new HTLC.
+///
+/// This is used for a few separate purposes:
+/// 1) if we've received an MPP HTLC to us and it expires within this many blocks and we are
+///    waiting on additional parts (or waiting on the preimage for any HTLC from the user), we will
+///    fail this HTLC,
+/// 2) if we receive an HTLC within this many blocks of its expiry (plus one to avoid a race
+///    condition with the above), we will fail this HTLC without telling the user we received it,
+/// 3) if we are waiting on a connection or a channel state update to send an HTLC to a peer, and
+///    that HTLC expires within this many blocks, we will simply fail the HTLC instead.
+///
+/// (1) is all about protecting us - we need enough time to update the channel state before we hit
+/// CLTV_CLAIM_BUFFER, at which point we'd go on chain to claim the HTLC with the preimage.
+///
+/// (2) is the same, but with an additional buffer to avoid accepting an HTLC which is immediately
+/// in a race condition between the user connecting a block (which would fail it) and the user
+/// providing us the preimage (which would claim it).
+///
+/// (3) is about our counterparty - we don't want to relay an HTLC to a counterparty when they may
+/// end up force-closing the channel on us to claim it.
+pub(crate) const HTLC_FAIL_BACK_BUFFER: u32 = CLTV_CLAIM_BUFFER + LATENCY_GRACE_PERIOD_BLOCKS;
 
 #[derive(Clone, PartialEq)]
 struct LocalSignedTx {
@@ -420,9 +442,7 @@ pub(crate) enum InputMaterial {
 		preimage: Option<PaymentPreimage>,
 		amount: u64,
 	},
-	Funding {
-		channel_value: u64,
-	}
+	Funding {}
 }
 
 impl Writeable for InputMaterial  {
@@ -449,9 +469,8 @@ impl Writeable for InputMaterial  {
 				preimage.write(writer)?;
 				writer.write_all(&byte_utils::be64_to_array(*amount))?;
 			},
-			&InputMaterial::Funding { ref channel_value } => {
+			&InputMaterial::Funding {} => {
 				writer.write_all(&[3; 1])?;
-				channel_value.write(writer)?;
 			}
 		}
 		Ok(())
@@ -498,10 +517,7 @@ impl Readable for InputMaterial {
 				}
 			},
 			3 => {
-				let channel_value = Readable::read(reader)?;
-				InputMaterial::Funding {
-					channel_value
-				}
+				InputMaterial::Funding {}
 			}
 			_ => return Err(DecodeError::InvalidValue),
 		};
@@ -768,9 +784,16 @@ pub struct ChannelMonitor<ChanSigner: ChannelKeys> {
 	#[cfg(not(test))]
 	onchain_tx_handler: OnchainTxHandler<ChanSigner>,
 
-	// Used to detect programming bug due to unsafe monitor update sequence { ChannelForceClosed, LatestLocalCommitmentTXInfo }
+	// This is set when the Channel[Manager] generated a ChannelMonitorUpdate which indicated the
+	// channel has been force-closed. After this is set, no further local commitment transaction
+	// updates may occur, and we panic!() if one is provided.
 	lockdown_from_offchain: bool,
 
+	// Set once we've signed a local commitment transaction and handed it over to our
+	// OnchainTxHandler. After this is set, no future updates to our local commitment transactions
+	// may occur, and we fail any such monitor updates.
+	local_tx_signed: bool,
+
 	// We simply modify last_block_hash in Channel's block_connected so that serialization is
 	// consistent but hopefully the users' copy handles block_connected in a consistent way.
 	// (we do *not*, however, update them in update_monitor to ensure any local user copies keep
@@ -814,7 +837,9 @@ impl<ChanSigner: ChannelKeys> PartialEq for ChannelMonitor<ChanSigner> {
 			self.pending_htlcs_updated != other.pending_htlcs_updated ||
 			self.pending_events.len() != other.pending_events.len() || // We trust events to round-trip properly
 			self.onchain_events_waiting_threshold_conf != other.onchain_events_waiting_threshold_conf ||
-			self.outputs_to_watch != other.outputs_to_watch
+			self.outputs_to_watch != other.outputs_to_watch ||
+			self.lockdown_from_offchain != other.lockdown_from_offchain ||
+			self.local_tx_signed != other.local_tx_signed
 		{
 			false
 		} else {
@@ -1015,6 +1040,7 @@ impl<ChanSigner: ChannelKeys + Writeable> ChannelMonitor<ChanSigner> {
 		self.onchain_tx_handler.write(writer)?;
 
 		self.lockdown_from_offchain.write(writer)?;
+		self.local_tx_signed.write(writer)?;
 
 		Ok(())
 	}
@@ -1097,6 +1123,7 @@ impl<ChanSigner: ChannelKeys> ChannelMonitor<ChanSigner> {
 			onchain_tx_handler,
 
 			lockdown_from_offchain: false,
+			local_tx_signed: false,
 
 			last_block_hash: Default::default(),
 			secp_ctx: Secp256k1::new(),
@@ -1213,6 +1240,9 @@ impl<ChanSigner: ChannelKeys> ChannelMonitor<ChanSigner> {
 	/// up-to-date as our local commitment transaction is updated.
 	/// Panics if set_their_to_self_delay has never been called.
 	pub(super) fn provide_latest_local_commitment_tx_info(&mut self, commitment_tx: LocalCommitmentTransaction, htlc_outputs: Vec<(HTLCOutputInCommitment, Option<Signature>, Option<HTLCSource>)>) -> Result<(), MonitorUpdateError> {
+		if self.local_tx_signed {
+			return Err(MonitorUpdateError("A local commitment tx has already been signed, no new local commitment txn can be sent to our counterparty"));
+		}
 		let txid = commitment_tx.txid();
 		let sequence = commitment_tx.without_valid_witness().input[0].sequence as u64;
 		let locktime = commitment_tx.without_valid_witness().lock_time as u64;
@@ -1740,6 +1770,7 @@ impl<ChanSigner: ChannelKeys> ChannelMonitor<ChanSigner> {
 	/// In any-case, choice is up to the user.
 	pub fn get_latest_local_commitment_txn(&mut self) -> Vec<Transaction> {
 		log_trace!(self, "Getting signed latest local commitment transaction!");
+		self.local_tx_signed = true;
 		if let Some(commitment_tx) = self.onchain_tx_handler.get_fully_signed_local_tx() {
 			let txid = commitment_tx.txid();
 			let mut res = vec![commitment_tx];
@@ -1842,7 +1873,7 @@ impl<ChanSigner: ChannelKeys> ChannelMonitor<ChanSigner> {
 		}
 		let should_broadcast = self.would_broadcast_at_height(height);
 		if should_broadcast {
-			claimable_outpoints.push(ClaimRequest { absolute_timelock: height, aggregable: false, outpoint: BitcoinOutPoint { txid: self.funding_info.0.txid.clone(), vout: self.funding_info.0.index as u32 }, witness_data: InputMaterial::Funding { channel_value: self.channel_value_satoshis }});
+			claimable_outpoints.push(ClaimRequest { absolute_timelock: height, aggregable: false, outpoint: BitcoinOutPoint { txid: self.funding_info.0.txid.clone(), vout: self.funding_info.0.index as u32 }, witness_data: InputMaterial::Funding {}});
 		}
 		if should_broadcast {
 			if let Some(commitment_tx) = self.onchain_tx_handler.get_fully_signed_local_tx() {
@@ -2399,6 +2430,7 @@ impl<ChanSigner: ChannelKeys + Readable> ReadableArgs<Arc<Logger>> for (Sha256dH
 		let onchain_tx_handler = ReadableArgs::read(reader, logger.clone())?;
 
 		let lockdown_from_offchain = Readable::read(reader)?;
+		let local_tx_signed = Readable::read(reader)?;
 
 		Ok((last_block_hash.clone(), ChannelMonitor {
 			latest_update_id,
@@ -2443,6 +2475,7 @@ impl<ChanSigner: ChannelKeys + Readable> ReadableArgs<Arc<Logger>> for (Sha256dH
 			onchain_tx_handler,
 
 			lockdown_from_offchain,
+			local_tx_signed,
 
 			last_block_hash,
 			secp_ctx: Secp256k1::new(),