X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fln%2Fmonitor_tests.rs;h=5bd2e87ba5c15ca3f1ef998bafc15b92e5c88c68;hb=ba1349982ba28657c9e2d03a5b02c3ecc054b5cc;hp=1cb32bed08dc42e2cbb7371856343d14d8d21e35;hpb=f7211fbf7907508a9ff2744ed56e60ed736e931d;p=rust-lightning diff --git a/lightning/src/ln/monitor_tests.rs b/lightning/src/ln/monitor_tests.rs index 1cb32bed..5bd2e87b 100644 --- a/lightning/src/ln/monitor_tests.rs +++ b/lightning/src/ln/monitor_tests.rs @@ -9,18 +9,44 @@ //! Further functional tests which test blockchain reorganizations. +#[cfg(anchors)] +use crate::chain::keysinterface::{ChannelSigner, EcdsaChannelSigner}; +#[cfg(anchors)] +use crate::chain::channelmonitor::LATENCY_GRACE_PERIOD_BLOCKS; use crate::chain::channelmonitor::{ANTI_REORG_DELAY, Balance}; use crate::chain::transaction::OutPoint; use crate::chain::chaininterface::LowerBoundedFeeEstimator; +#[cfg(anchors)] +use crate::events::bump_transaction::BumpTransactionEvent; +use crate::events::{Event, MessageSendEvent, MessageSendEventsProvider, ClosureReason, HTLCDestination}; use crate::ln::channel; -use crate::ln::channelmanager::{self, BREAKDOWN_TIMEOUT, PaymentId}; +#[cfg(anchors)] +use crate::ln::chan_utils; +#[cfg(anchors)] +use crate::ln::channelmanager::ChannelManager; +use crate::ln::channelmanager::{BREAKDOWN_TIMEOUT, PaymentId}; use crate::ln::msgs::ChannelMessageHandler; -use crate::util::events::{Event, MessageSendEvent, MessageSendEventsProvider, ClosureReason, HTLCDestination}; - +#[cfg(anchors)] +use crate::util::config::UserConfig; +#[cfg(anchors)] +use crate::util::crypto::sign; +#[cfg(anchors)] +use crate::util::ser::Writeable; +#[cfg(anchors)] +use crate::util::test_utils; + +#[cfg(anchors)] +use bitcoin::blockdata::transaction::EcdsaSighashType; use bitcoin::blockdata::script::Builder; use bitcoin::blockdata::opcodes; use bitcoin::secp256k1::Secp256k1; +#[cfg(anchors)] +use bitcoin::secp256k1::SecretKey; +#[cfg(anchors)] +use bitcoin::{Amount, PublicKey, Script, TxIn, TxOut, PackedLockTime, Witness}; use bitcoin::Transaction; +#[cfg(anchors)] +use bitcoin::util::sighash::SighashCache; use crate::prelude::*; @@ -48,8 +74,8 @@ fn chanmon_fail_from_stale_commitment() { let node_chanmgrs = create_node_chanmgrs(3, &node_cfgs, &[None, None, None]); let mut nodes = create_network(3, &node_cfgs, &node_chanmgrs); - create_announced_chan_between_nodes(&nodes, 0, 1, channelmanager::provided_init_features(), channelmanager::provided_init_features()); - let (update_a, _, chan_id_2, _) = create_announced_chan_between_nodes(&nodes, 1, 2, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes(&nodes, 0, 1); + let (update_a, _, chan_id_2, _) = create_announced_chan_between_nodes(&nodes, 1, 2); let (route, payment_hash, _, payment_secret) = get_route_and_payment_hash!(nodes[0], nodes[2], 1_000_000); nodes[0].node.send_payment(&route, payment_hash, &Some(payment_secret), PaymentId(payment_hash.0)).unwrap(); @@ -105,7 +131,7 @@ fn revoked_output_htlc_resolution_timing() { let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); let nodes = create_network(2, &node_cfgs, &node_chanmgrs); - let chan = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 500_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + let chan = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 500_000_000); let payment_hash_1 = route_payment(&nodes[1], &[&nodes[0]], 1_000_000).1; @@ -154,12 +180,12 @@ fn chanmon_claim_value_coop_close() { let nodes = create_network(2, &node_cfgs, &node_chanmgrs); let (_, _, chan_id, funding_tx) = - create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 1_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 1_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; assert_eq!(funding_outpoint.to_channel_id(), chan_id); - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); assert_eq!(vec![Balance::ClaimableOnChannelClose { claimable_amount_satoshis: 1_000_000 - 1_000 - chan_feerate * channel::commitment_tx_base_weight(opt_anchors) / 1000 @@ -170,9 +196,9 @@ fn chanmon_claim_value_coop_close() { nodes[0].node.close_channel(&chan_id, &nodes[1].node.get_our_node_id()).unwrap(); let node_0_shutdown = get_event_msg!(nodes[0], MessageSendEvent::SendShutdown, nodes[1].node.get_our_node_id()); - nodes[1].node.handle_shutdown(&nodes[0].node.get_our_node_id(), &channelmanager::provided_init_features(), &node_0_shutdown); + nodes[1].node.handle_shutdown(&nodes[0].node.get_our_node_id(), &node_0_shutdown); let node_1_shutdown = get_event_msg!(nodes[1], MessageSendEvent::SendShutdown, nodes[0].node.get_our_node_id()); - nodes[0].node.handle_shutdown(&nodes[1].node.get_our_node_id(), &channelmanager::provided_init_features(), &node_1_shutdown); + nodes[0].node.handle_shutdown(&nodes[1].node.get_our_node_id(), &node_1_shutdown); let node_0_closing_signed = get_event_msg!(nodes[0], MessageSendEvent::SendClosingSigned, nodes[1].node.get_our_node_id()); nodes[1].node.handle_closing_signed(&nodes[0].node.get_our_node_id(), &node_0_closing_signed); @@ -255,7 +281,7 @@ fn do_test_claim_value_force_close(prev_commitment_tx: bool) { let nodes = create_network(2, &node_cfgs, &node_chanmgrs); let (_, _, chan_id, funding_tx) = - create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 1_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 1_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; assert_eq!(funding_outpoint.to_channel_id(), chan_id); @@ -269,8 +295,8 @@ fn do_test_claim_value_force_close(prev_commitment_tx: bool) { let htlc_cltv_timeout = nodes[0].best_block_info().1 + TEST_FINAL_CLTV + 1; // Note ChannelManager adds one to CLTV timeouts for safety - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); let remote_txn = get_local_commitment_txn!(nodes[1], chan_id); // Before B receives the payment preimage, it only suggests the push_msat value of 1_000 sats @@ -594,7 +620,7 @@ fn test_balances_on_local_commitment_htlcs() { // Create a single channel with two pending HTLCs from nodes[0] to nodes[1], one which nodes[1] // knows the preimage for, one which it does not. - let (_, _, chan_id, funding_tx) = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 0, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + let (_, _, chan_id, funding_tx) = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 0); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; let (route, payment_hash, _, payment_secret) = get_route_and_payment_hash!(nodes[0], nodes[1], 10_000_000); @@ -624,8 +650,8 @@ fn test_balances_on_local_commitment_htlcs() { check_added_monitors!(nodes[1], 1); expect_payment_claimed!(nodes[1], payment_hash_2, 20_000_000); - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); // Get nodes[0]'s commitment transaction and HTLC-Timeout transactions let as_txn = get_local_commitment_txn!(nodes[0], chan_id); @@ -768,7 +794,7 @@ fn test_no_preimage_inbound_htlc_balances() { let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); let mut nodes = create_network(2, &node_cfgs, &node_chanmgrs); - let (_, _, chan_id, funding_tx) = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 500_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + let (_, _, chan_id, funding_tx) = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 500_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; // Send two HTLCs, one from A to B, and one from B to A. @@ -776,8 +802,8 @@ fn test_no_preimage_inbound_htlc_balances() { let to_a_failed_payment_hash = route_payment(&nodes[1], &[&nodes[0]], 20_000_000).1; let htlc_cltv_timeout = nodes[0].best_block_info().1 + TEST_FINAL_CLTV + 1; // Note ChannelManager adds one to CLTV timeouts for safety - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); // Both A and B will have an HTLC that's claimable on timeout and one that's claimable if they // receive the preimage. These will remain the same through the channel closure and until the @@ -1021,7 +1047,7 @@ fn do_test_revoked_counterparty_commitment_balances(confirm_htlc_spend_first: bo let nodes = create_network(2, &node_cfgs, &node_chanmgrs); let (_, _, chan_id, funding_tx) = - create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 100_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 100_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; assert_eq!(funding_outpoint.to_channel_id(), chan_id); @@ -1052,9 +1078,9 @@ fn do_test_revoked_counterparty_commitment_balances(confirm_htlc_spend_first: bo // Get the latest commitment transaction from A and then update the fee to revoke it let as_revoked_txn = get_local_commitment_txn!(nodes[0], chan_id); - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; let missing_htlc_cltv_timeout = nodes[0].best_block_info().1 + TEST_FINAL_CLTV + 1; // Note ChannelManager adds one to CLTV timeouts for safety let missing_htlc_payment_hash = route_payment(&nodes[1], &[&nodes[0]], 2_000_000).1; @@ -1229,11 +1255,10 @@ fn do_test_revoked_counterparty_commitment_balances(confirm_htlc_spend_first: bo test_spendable_output(&nodes[1], &as_revoked_txn[0]); let mut payment_failed_events = nodes[1].node.get_and_clear_pending_events(); - expect_payment_failed_conditions_event(&nodes[1], payment_failed_events.pop().unwrap(), - dust_payment_hash, false, PaymentFailedConditions::new()); - expect_payment_failed_conditions_event(&nodes[1], payment_failed_events.pop().unwrap(), + expect_payment_failed_conditions_event(payment_failed_events[..2].to_vec(), missing_htlc_payment_hash, false, PaymentFailedConditions::new()); - assert!(payment_failed_events.is_empty()); + expect_payment_failed_conditions_event(payment_failed_events[2..].to_vec(), + dust_payment_hash, false, PaymentFailedConditions::new()); connect_blocks(&nodes[1], 1); test_spendable_output(&nodes[1], &claim_txn[if confirm_htlc_spend_first { 2 } else { 3 }]); @@ -1273,7 +1298,7 @@ fn test_revoked_counterparty_htlc_tx_balances() { // Create some initial channels let (_, _, chan_id, funding_tx) = - create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 11_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 11_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; assert_eq!(funding_outpoint.to_channel_id(), chan_id); @@ -1288,8 +1313,8 @@ fn test_revoked_counterparty_htlc_tx_balances() { claim_payment(&nodes[0], &[&nodes[1]], payment_preimage); - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); // B will generate an HTLC-Success from its revoked commitment tx mine_transaction(&nodes[1], &revoked_local_txn[0]); @@ -1483,7 +1508,7 @@ fn test_revoked_counterparty_aggregated_claims() { let nodes = create_network(2, &node_cfgs, &node_chanmgrs); let (_, _, chan_id, funding_tx) = - create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 100_000_000, channelmanager::provided_init_features(), channelmanager::provided_init_features()); + create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 100_000_000); let funding_outpoint = OutPoint { txid: funding_tx.txid(), index: 0 }; assert_eq!(funding_outpoint.to_channel_id(), chan_id); @@ -1508,8 +1533,8 @@ fn test_revoked_counterparty_aggregated_claims() { check_spends!(as_revoked_txn[0], funding_tx); check_spends!(as_revoked_txn[1], as_revoked_txn[0]); // The HTLC-Claim transaction - let opt_anchors = get_opt_anchors!(nodes[0], chan_id); - let chan_feerate = get_feerate!(nodes[0], chan_id) as u64; + let opt_anchors = get_opt_anchors!(nodes[0], nodes[1], chan_id); + let chan_feerate = get_feerate!(nodes[0], nodes[1], chan_id) as u64; { let mut feerate = chanmon_cfgs[0].fee_estimator.sat_per_kw.lock().unwrap(); @@ -1666,3 +1691,492 @@ fn test_revoked_counterparty_aggregated_claims() { assert!(nodes[1].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); assert!(nodes[1].chain_monitor.chain_monitor.get_monitor(funding_outpoint).unwrap().get_claimable_balances().is_empty()); } + +#[cfg(anchors)] +#[test] +fn test_yield_anchors_events() { + // Tests that two parties supporting anchor outputs can open a channel, route payments over + // it, and finalize its resolution uncooperatively. Once the HTLCs are locked in, one side will + // force close once the HTLCs expire. The force close should stem from an event emitted by LDK, + // allowing the consumer to provide additional fees to the commitment transaction to be + // broadcast. Once the commitment transaction confirms, events for the HTLC resolution should be + // emitted by LDK, such that the consumer can attach fees to the zero fee HTLC transactions. + let secp = Secp256k1::new(); + let mut chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let mut anchors_config = UserConfig::default(); + anchors_config.channel_handshake_config.announced_channel = true; + anchors_config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx = true; + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[Some(anchors_config), Some(anchors_config)]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + + let chan_id = create_announced_chan_between_nodes_with_value( + &nodes, 0, 1, 1_000_000, 500_000_000 + ).2; + route_payment(&nodes[0], &[&nodes[1]], 1_000_000); + let (payment_preimage, payment_hash, _) = route_payment(&nodes[1], &[&nodes[0]], 1_000_000); + + assert!(nodes[0].node.get_and_clear_pending_events().is_empty()); + + connect_blocks(&nodes[0], TEST_FINAL_CLTV + LATENCY_GRACE_PERIOD_BLOCKS + 1); + check_closed_broadcast!(&nodes[0], true); + assert!(nodes[0].tx_broadcaster.txn_broadcasted.lock().unwrap().is_empty()); + + get_monitor!(nodes[0], chan_id).provide_payment_preimage( + &payment_hash, &payment_preimage, &node_cfgs[0].tx_broadcaster, + &LowerBoundedFeeEstimator::new(node_cfgs[0].fee_estimator), &nodes[0].logger + ); + + let mut holder_events = nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events(); + assert_eq!(holder_events.len(), 1); + let (commitment_tx, anchor_tx) = match holder_events.pop().unwrap() { + Event::BumpTransaction(BumpTransactionEvent::ChannelClose { commitment_tx, anchor_descriptor, .. }) => { + assert_eq!(commitment_tx.input.len(), 1); + assert_eq!(commitment_tx.output.len(), 6); + let mut anchor_tx = Transaction { + version: 2, + lock_time: PackedLockTime::ZERO, + input: vec![ + TxIn { previous_output: anchor_descriptor.outpoint, ..Default::default() }, + TxIn { ..Default::default() }, + ], + output: vec![TxOut { + value: Amount::ONE_BTC.to_sat(), + script_pubkey: Script::new_op_return(&[]), + }], + }; + let signer = nodes[0].keys_manager.derive_channel_keys( + anchor_descriptor.channel_value_satoshis, &anchor_descriptor.channel_keys_id, + ); + let funding_sig = signer.sign_holder_anchor_input(&mut anchor_tx, 0, &secp).unwrap(); + anchor_tx.input[0].witness = chan_utils::build_anchor_input_witness( + &signer.pubkeys().funding_pubkey, &funding_sig + ); + (commitment_tx, anchor_tx) + }, + _ => panic!("Unexpected event"), + }; + + mine_transactions(&nodes[0], &[&commitment_tx, &anchor_tx]); + check_added_monitors!(nodes[0], 1); + + let mut holder_events = nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events(); + // Certain block `ConnectStyle`s cause an extra `ChannelClose` event to be emitted since the + // best block is updated before the confirmed transactions are notified. + match *nodes[0].connect_style.borrow() { + ConnectStyle::BestBlockFirst|ConnectStyle::BestBlockFirstReorgsOnlyTip|ConnectStyle::BestBlockFirstSkippingBlocks => { + assert_eq!(holder_events.len(), 3); + if let Event::BumpTransaction(BumpTransactionEvent::ChannelClose { .. }) = holder_events.remove(0) {} + else { panic!("unexpected event"); } + + }, + _ => assert_eq!(holder_events.len(), 2), + }; + let mut htlc_txs = Vec::with_capacity(2); + for event in holder_events { + match event { + Event::BumpTransaction(BumpTransactionEvent::HTLCResolution { htlc_descriptors, tx_lock_time, .. }) => { + assert_eq!(htlc_descriptors.len(), 1); + let htlc_descriptor = &htlc_descriptors[0]; + let signer = nodes[0].keys_manager.derive_channel_keys( + htlc_descriptor.channel_value_satoshis, &htlc_descriptor.channel_keys_id + ); + let per_commitment_point = signer.get_per_commitment_point(htlc_descriptor.per_commitment_number, &secp); + let mut htlc_tx = Transaction { + version: 2, + lock_time: tx_lock_time, + input: vec![ + htlc_descriptor.unsigned_tx_input(), // HTLC input + TxIn { ..Default::default() } // Fee input + ], + output: vec![ + htlc_descriptor.tx_output(&per_commitment_point, &secp), // HTLC output + TxOut { // Fee input change + value: Amount::ONE_BTC.to_sat(), + script_pubkey: Script::new_op_return(&[]), + } + ] + }; + let our_sig = signer.sign_holder_htlc_transaction(&mut htlc_tx, 0, htlc_descriptor, &secp).unwrap(); + let witness_script = htlc_descriptor.witness_script(&per_commitment_point, &secp); + htlc_tx.input[0].witness = htlc_descriptor.tx_input_witness(&our_sig, &witness_script); + htlc_txs.push(htlc_tx); + }, + _ => panic!("Unexpected event"), + } + } + + mine_transactions(&nodes[0], &[&htlc_txs[0], &htlc_txs[1]]); + connect_blocks(&nodes[0], ANTI_REORG_DELAY - 1); + + assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + + connect_blocks(&nodes[0], BREAKDOWN_TIMEOUT as u32); + + let holder_events = nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events(); + assert_eq!(holder_events.len(), 3); + for event in holder_events { + match event { + Event::SpendableOutputs { .. } => {}, + _ => panic!("Unexpected event"), + } + } + + // Clear the remaining events as they're not relevant to what we're testing. + nodes[0].node.get_and_clear_pending_events(); +} + +#[cfg(anchors)] +#[test] +fn test_anchors_aggregated_revoked_htlc_tx() { + // Test that `ChannelMonitor`s can properly detect and claim funds from a counterparty claiming + // multiple HTLCs from multiple channels in a single transaction via the success path from a + // revoked commitment. + let secp = Secp256k1::new(); + let mut chanmon_cfgs = create_chanmon_cfgs(2); + // Required to sign a revoked commitment transaction + chanmon_cfgs[1].keys_manager.disable_revocation_policy_check = true; + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let mut anchors_config = UserConfig::default(); + anchors_config.channel_handshake_config.announced_channel = true; + anchors_config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx = true; + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[Some(anchors_config), Some(anchors_config)]); + + let bob_persister: test_utils::TestPersister; + let bob_chain_monitor: test_utils::TestChainMonitor; + let bob_deserialized: ChannelManager< + &test_utils::TestChainMonitor, &test_utils::TestBroadcaster, &test_utils::TestKeysInterface, + &test_utils::TestKeysInterface, &test_utils::TestKeysInterface, &test_utils::TestFeeEstimator, + &test_utils::TestRouter, &test_utils::TestLogger, + >; + + let mut nodes = create_network(2, &node_cfgs, &node_chanmgrs); + + let chan_a = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 20_000_000); + let chan_b = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 20_000_000); + + // Serialize Bob with the initial state of both channels, which we'll use later. + let bob_serialized = nodes[1].node.encode(); + + // Route two payments for each channel from Alice to Bob to lock in the HTLCs. + let payment_a = route_payment(&nodes[0], &[&nodes[1]], 50_000_000); + let payment_b = route_payment(&nodes[0], &[&nodes[1]], 50_000_000); + let payment_c = route_payment(&nodes[0], &[&nodes[1]], 50_000_000); + let payment_d = route_payment(&nodes[0], &[&nodes[1]], 50_000_000); + + // Serialize Bob's monitors with the HTLCs locked in. We'll restart Bob later on with the state + // at this point such that he broadcasts a revoked commitment transaction with the HTLCs + // present. + let bob_serialized_monitor_a = get_monitor!(nodes[1], chan_a.2).encode(); + let bob_serialized_monitor_b = get_monitor!(nodes[1], chan_b.2).encode(); + + // Bob claims all the HTLCs... + claim_payment(&nodes[0], &[&nodes[1]], payment_a.0); + claim_payment(&nodes[0], &[&nodes[1]], payment_b.0); + claim_payment(&nodes[0], &[&nodes[1]], payment_c.0); + claim_payment(&nodes[0], &[&nodes[1]], payment_d.0); + + // ...and sends one back through each channel such that he has a motive to broadcast his + // revoked state. + send_payment(&nodes[1], &[&nodes[0]], 30_000_000); + send_payment(&nodes[1], &[&nodes[0]], 30_000_000); + + // Restart Bob with the revoked state and provide the HTLC preimages he claimed. + reload_node!( + nodes[1], anchors_config, bob_serialized, &[&bob_serialized_monitor_a, &bob_serialized_monitor_b], + bob_persister, bob_chain_monitor, bob_deserialized + ); + for chan_id in [chan_a.2, chan_b.2].iter() { + let monitor = get_monitor!(nodes[1], chan_id); + for payment in [payment_a, payment_b, payment_c, payment_d].iter() { + monitor.provide_payment_preimage( + &payment.1, &payment.0, &node_cfgs[1].tx_broadcaster, + &LowerBoundedFeeEstimator::new(node_cfgs[1].fee_estimator), &nodes[1].logger + ); + } + } + + // Bob force closes by restarting with the outdated state, prompting the ChannelMonitors to + // broadcast the latest commitment transaction known to them, which in our case is the one with + // the HTLCs still pending. + nodes[1].node.timer_tick_occurred(); + check_added_monitors(&nodes[1], 2); + check_closed_event!(&nodes[1], 2, ClosureReason::OutdatedChannelManager); + let (revoked_commitment_a, revoked_commitment_b) = { + let txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap().split_off(0); + assert_eq!(txn.len(), 2); + assert_eq!(txn[0].output.len(), 6); // 2 HTLC outputs + 1 to_self output + 1 to_remote output + 2 anchor outputs + assert_eq!(txn[1].output.len(), 6); // 2 HTLC outputs + 1 to_self output + 1 to_remote output + 2 anchor outputs + if txn[0].input[0].previous_output.txid == chan_a.3.txid() { + check_spends!(&txn[0], &chan_a.3); + check_spends!(&txn[1], &chan_b.3); + (txn[0].clone(), txn[1].clone()) + } else { + check_spends!(&txn[1], &chan_a.3); + check_spends!(&txn[0], &chan_b.3); + (txn[1].clone(), txn[0].clone()) + } + }; + + // Bob should now receive two events to bump his revoked commitment transaction fees. + assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + let events = nodes[1].chain_monitor.chain_monitor.get_and_clear_pending_events(); + assert_eq!(events.len(), 2); + let anchor_tx = { + let secret_key = SecretKey::from_slice(&[1; 32]).unwrap(); + let public_key = PublicKey::new(secret_key.public_key(&secp)); + let fee_utxo_script = Script::new_v0_p2wpkh(&public_key.wpubkey_hash().unwrap()); + let coinbase_tx = Transaction { + version: 2, + lock_time: PackedLockTime::ZERO, + input: vec![TxIn { ..Default::default() }], + output: vec![TxOut { // UTXO to attach fees to `anchor_tx` + value: Amount::ONE_BTC.to_sat(), + script_pubkey: fee_utxo_script.clone(), + }], + }; + let mut anchor_tx = Transaction { + version: 2, + lock_time: PackedLockTime::ZERO, + input: vec![ + TxIn { // Fee input + previous_output: bitcoin::OutPoint { txid: coinbase_tx.txid(), vout: 0 }, + ..Default::default() + }, + ], + output: vec![TxOut { // Fee input change + value: coinbase_tx.output[0].value / 2 , + script_pubkey: Script::new_op_return(&[]), + }], + }; + let mut signers = Vec::with_capacity(2); + for event in events { + match event { + Event::BumpTransaction(BumpTransactionEvent::ChannelClose { anchor_descriptor, .. }) => { + anchor_tx.input.push(TxIn { + previous_output: anchor_descriptor.outpoint, + ..Default::default() + }); + let signer = nodes[1].keys_manager.derive_channel_keys( + anchor_descriptor.channel_value_satoshis, &anchor_descriptor.channel_keys_id, + ); + signers.push(signer); + }, + _ => panic!("Unexpected event"), + } + } + for (i, signer) in signers.into_iter().enumerate() { + let anchor_idx = i + 1; + let funding_sig = signer.sign_holder_anchor_input(&mut anchor_tx, anchor_idx, &secp).unwrap(); + anchor_tx.input[anchor_idx].witness = chan_utils::build_anchor_input_witness( + &signer.pubkeys().funding_pubkey, &funding_sig + ); + } + let fee_utxo_sig = { + let witness_script = Script::new_p2pkh(&public_key.pubkey_hash()); + let sighash = hash_to_message!(&SighashCache::new(&anchor_tx).segwit_signature_hash( + 0, &witness_script, coinbase_tx.output[0].value, EcdsaSighashType::All + ).unwrap()[..]); + let sig = sign(&secp, &sighash, &secret_key); + let mut sig = sig.serialize_der().to_vec(); + sig.push(EcdsaSighashType::All as u8); + sig + }; + anchor_tx.input[0].witness = Witness::from_vec(vec![fee_utxo_sig, public_key.to_bytes()]); + check_spends!(anchor_tx, coinbase_tx, revoked_commitment_a, revoked_commitment_b); + anchor_tx + }; + + for node in &nodes { + mine_transactions(node, &[&revoked_commitment_a, &revoked_commitment_b, &anchor_tx]); + } + check_added_monitors!(&nodes[0], 2); + check_closed_broadcast(&nodes[0], 2, true); + check_closed_event!(&nodes[0], 2, ClosureReason::CommitmentTxConfirmed); + + // Alice should detect the confirmed revoked commitments, and attempt to claim all of the + // revoked outputs. + { + let txn = nodes[0].tx_broadcaster.txn_broadcasted.lock().unwrap().split_off(0); + assert_eq!(txn.len(), 2); + + let (revoked_claim_a, revoked_claim_b) = if txn[0].input[0].previous_output.txid == revoked_commitment_a.txid() { + (&txn[0], &txn[1]) + } else { + (&txn[1], &txn[0]) + }; + + // TODO: to_self claim must be separate from HTLC claims + assert_eq!(revoked_claim_a.input.len(), 3); // Spends both HTLC outputs and to_self output + assert_eq!(revoked_claim_a.output.len(), 1); + check_spends!(revoked_claim_a, revoked_commitment_a); + assert_eq!(revoked_claim_b.input.len(), 3); // Spends both HTLC outputs and to_self output + assert_eq!(revoked_claim_b.output.len(), 1); + check_spends!(revoked_claim_b, revoked_commitment_b); + } + + // Since Bob was able to confirm his revoked commitment, he'll now try to claim the HTLCs + // through the success path. + assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + let mut events = nodes[1].chain_monitor.chain_monitor.get_and_clear_pending_events(); + // Certain block `ConnectStyle`s cause an extra `ChannelClose` event to be emitted since the + // best block is updated before the confirmed transactions are notified. + match *nodes[1].connect_style.borrow() { + ConnectStyle::BestBlockFirst|ConnectStyle::BestBlockFirstReorgsOnlyTip|ConnectStyle::BestBlockFirstSkippingBlocks => { + assert_eq!(events.len(), 4); + if let Event::BumpTransaction(BumpTransactionEvent::ChannelClose { .. }) = events.remove(0) {} + else { panic!("unexpected event"); } + if let Event::BumpTransaction(BumpTransactionEvent::ChannelClose { .. }) = events.remove(1) {} + else { panic!("unexpected event"); } + + }, + _ => assert_eq!(events.len(), 2), + }; + let htlc_tx = { + let secret_key = SecretKey::from_slice(&[1; 32]).unwrap(); + let public_key = PublicKey::new(secret_key.public_key(&secp)); + let fee_utxo_script = Script::new_v0_p2wpkh(&public_key.wpubkey_hash().unwrap()); + let coinbase_tx = Transaction { + version: 2, + lock_time: PackedLockTime::ZERO, + input: vec![TxIn { ..Default::default() }], + output: vec![TxOut { // UTXO to attach fees to `htlc_tx` + value: Amount::ONE_BTC.to_sat(), + script_pubkey: fee_utxo_script.clone(), + }], + }; + let mut htlc_tx = Transaction { + version: 2, + lock_time: PackedLockTime::ZERO, + input: vec![TxIn { // Fee input + previous_output: bitcoin::OutPoint { txid: coinbase_tx.txid(), vout: 0 }, + ..Default::default() + }], + output: vec![TxOut { // Fee input change + value: coinbase_tx.output[0].value / 2 , + script_pubkey: Script::new_op_return(&[]), + }], + }; + let mut descriptors = Vec::with_capacity(4); + for event in events { + if let Event::BumpTransaction(BumpTransactionEvent::HTLCResolution { mut htlc_descriptors, tx_lock_time, .. }) = event { + assert_eq!(htlc_descriptors.len(), 2); + for htlc_descriptor in &htlc_descriptors { + assert!(!htlc_descriptor.htlc.offered); + let signer = nodes[1].keys_manager.derive_channel_keys( + htlc_descriptor.channel_value_satoshis, &htlc_descriptor.channel_keys_id + ); + let per_commitment_point = signer.get_per_commitment_point(htlc_descriptor.per_commitment_number, &secp); + htlc_tx.input.push(htlc_descriptor.unsigned_tx_input()); + htlc_tx.output.push(htlc_descriptor.tx_output(&per_commitment_point, &secp)); + } + descriptors.append(&mut htlc_descriptors); + htlc_tx.lock_time = tx_lock_time; + } else { + panic!("Unexpected event"); + } + } + for (idx, htlc_descriptor) in descriptors.into_iter().enumerate() { + let htlc_input_idx = idx + 1; + let signer = nodes[1].keys_manager.derive_channel_keys( + htlc_descriptor.channel_value_satoshis, &htlc_descriptor.channel_keys_id + ); + let our_sig = signer.sign_holder_htlc_transaction(&htlc_tx, htlc_input_idx, &htlc_descriptor, &secp).unwrap(); + let per_commitment_point = signer.get_per_commitment_point(htlc_descriptor.per_commitment_number, &secp); + let witness_script = htlc_descriptor.witness_script(&per_commitment_point, &secp); + htlc_tx.input[htlc_input_idx].witness = htlc_descriptor.tx_input_witness(&our_sig, &witness_script); + } + let fee_utxo_sig = { + let witness_script = Script::new_p2pkh(&public_key.pubkey_hash()); + let sighash = hash_to_message!(&SighashCache::new(&htlc_tx).segwit_signature_hash( + 0, &witness_script, coinbase_tx.output[0].value, EcdsaSighashType::All + ).unwrap()[..]); + let sig = sign(&secp, &sighash, &secret_key); + let mut sig = sig.serialize_der().to_vec(); + sig.push(EcdsaSighashType::All as u8); + sig + }; + htlc_tx.input[0].witness = Witness::from_vec(vec![fee_utxo_sig, public_key.to_bytes()]); + check_spends!(htlc_tx, coinbase_tx, revoked_commitment_a, revoked_commitment_b); + htlc_tx + }; + + for node in &nodes { + mine_transaction(node, &htlc_tx); + } + + // Alice should see that Bob is trying to claim to HTLCs, so she should now try to claim them at + // the second level instead. + let revoked_claims = { + let txn = nodes[0].tx_broadcaster.txn_broadcasted.lock().unwrap().split_off(0); + assert_eq!(txn.len(), 4); + + let revoked_to_self_claim_a = txn.iter().find(|tx| + tx.input.len() == 1 && + tx.output.len() == 1 && + tx.input[0].previous_output.txid == revoked_commitment_a.txid() + ).unwrap(); + check_spends!(revoked_to_self_claim_a, revoked_commitment_a); + + let revoked_to_self_claim_b = txn.iter().find(|tx| + tx.input.len() == 1 && + tx.output.len() == 1 && + tx.input[0].previous_output.txid == revoked_commitment_b.txid() + ).unwrap(); + check_spends!(revoked_to_self_claim_b, revoked_commitment_b); + + let revoked_htlc_claims = txn.iter().filter(|tx| + tx.input.len() == 2 && + tx.output.len() == 1 && + tx.input[0].previous_output.txid == htlc_tx.txid() + ).collect::>(); + assert_eq!(revoked_htlc_claims.len(), 2); + for revoked_htlc_claim in revoked_htlc_claims { + check_spends!(revoked_htlc_claim, htlc_tx); + } + + txn + }; + for node in &nodes { + mine_transactions(node, &revoked_claims.iter().collect::>()); + } + + + // Connect one block to make sure the HTLC events are not yielded while ANTI_REORG_DELAY has not + // been reached. + connect_blocks(&nodes[0], 1); + connect_blocks(&nodes[1], 1); + + assert!(nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + assert!(nodes[1].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + + // Connect the remaining blocks to reach ANTI_REORG_DELAY. + connect_blocks(&nodes[0], ANTI_REORG_DELAY - 2); + connect_blocks(&nodes[1], ANTI_REORG_DELAY - 2); + + assert!(nodes[1].chain_monitor.chain_monitor.get_and_clear_pending_events().is_empty()); + let spendable_output_events = nodes[0].chain_monitor.chain_monitor.get_and_clear_pending_events(); + assert_eq!(spendable_output_events.len(), 4); + for (idx, event) in spendable_output_events.iter().enumerate() { + if let Event::SpendableOutputs { outputs } = event { + assert_eq!(outputs.len(), 1); + let spend_tx = nodes[0].keys_manager.backing.spend_spendable_outputs( + &[&outputs[0]], Vec::new(), Script::new_op_return(&[]), 253, &Secp256k1::new(), + ).unwrap(); + check_spends!(spend_tx, revoked_claims[idx]); + } else { + panic!("unexpected event"); + } + } + + assert!(nodes[0].node.list_channels().is_empty()); + assert!(nodes[1].node.list_channels().is_empty()); + assert!(nodes[0].chain_monitor.chain_monitor.get_claimable_balances(&[]).is_empty()); + // TODO: From Bob's PoV, he still thinks he can claim the outputs from his revoked commitment. + // This needs to be fixed before we enable pruning `ChannelMonitor`s once they don't have any + // balances to claim. + // + // The 6 claimable balances correspond to his `to_self` outputs and the 2 HTLC outputs in each + // revoked commitment which Bob has the preimage for. + assert_eq!(nodes[1].chain_monitor.chain_monitor.get_claimable_balances(&[]).len(), 6); +}