X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Futil%2Fconfig.rs;h=0f625098f79f9030ae25ddc1979cc6b5fcba30ae;hb=e49f738630559ce2eaa97689f1b4d37546fc7020;hp=2e9e8e036b5032d58a40d1748e92d1f70eb200cf;hpb=e04a1b387230c9fd902e23655618b0d713493169;p=rust-lightning diff --git a/lightning/src/util/config.rs b/lightning/src/util/config.rs index 2e9e8e03..0f625098 100644 --- a/lightning/src/util/config.rs +++ b/lightning/src/util/config.rs @@ -10,6 +10,7 @@ //! Various user-configurable channel limits and settings which ChannelManager //! applies for you. +use ln::channel::MAX_FUNDING_SATOSHIS_NO_WUMBO; use ln::channelmanager::{BREAKDOWN_TIMEOUT, MAX_LOCAL_BREAKDOWN_TIMEOUT}; /// Configuration we set when applicable. @@ -47,6 +48,28 @@ pub struct ChannelHandshakeConfig { /// Default value: 1. If the value is less than 1, it is ignored and set to 1, as is required /// by the protocol. pub our_htlc_minimum_msat: u64, + /// If set, we attempt to negotiate the `scid_privacy` (referred to as `scid_alias` in the + /// BOLTs) option for outbound private channels. This provides better privacy by not including + /// our real on-chain channel UTXO in each invoice and requiring that our counterparty only + /// relay HTLCs to us using the channel's SCID alias. + /// + /// If this option is set, channels may be created that will not be readable by LDK versions + /// prior to 0.0.106, causing [`ChannelManager`]'s read method to return a + /// [`DecodeError:InvalidValue`]. + /// + /// Note that setting this to true does *not* prevent us from opening channels with + /// counterparties that do not support the `scid_alias` option; we will simply fall back to a + /// private channel without that option. + /// + /// Ignored if the channel is negotiated to be announced, see + /// [`ChannelConfig::announced_channel`] and + /// [`ChannelHandshakeLimits::force_announced_channel_preference`] for more. + /// + /// Default value: false. This value is likely to change to true in the future. + /// + /// [`ChannelManager`]: crate::ln::channelmanager::ChannelManager + /// [`DecodeError:InvalidValue`]: crate::ln::msgs::DecodeError::InvalidValue + pub negotiate_scid_privacy: bool, } impl Default for ChannelHandshakeConfig { @@ -55,6 +78,7 @@ impl Default for ChannelHandshakeConfig { minimum_depth: 6, our_to_self_delay: BREAKDOWN_TIMEOUT, our_htlc_minimum_msat: 1, + negotiate_scid_privacy: false, } } } @@ -72,11 +96,16 @@ impl Default for ChannelHandshakeConfig { /// are applied mostly only to incoming channels that's not much of a problem. #[derive(Copy, Clone, Debug)] pub struct ChannelHandshakeLimits { - /// Minimum allowed satoshis when a channel is funded, this is supplied by the sender and so + /// Minimum allowed satoshis when a channel is funded. This is supplied by the sender and so /// only applies to inbound channels. /// /// Default value: 0. pub min_funding_satoshis: u64, + /// Maximum allowed satoshis when a channel is funded. This is supplied by the sender and so + /// only applies to inbound channels. + /// + /// Default value: 2^24 - 1. + pub max_funding_satoshis: u64, /// The remote node sets a limit on the minimum size of HTLCs we can send to them. This allows /// you to limit the maximum minimum-size they can require. /// @@ -128,6 +157,7 @@ impl Default for ChannelHandshakeLimits { fn default() -> Self { ChannelHandshakeLimits { min_funding_satoshis: 0, + max_funding_satoshis: MAX_FUNDING_SATOSHIS_NO_WUMBO, max_htlc_minimum_msat: ::max_value(), min_max_htlc_value_in_flight_msat: 0, max_channel_reserve_satoshis: ::max_value(), @@ -206,7 +236,46 @@ pub struct ChannelConfig { /// This cannot be changed after a channel has been initialized. /// /// Default value: true. - pub commit_upfront_shutdown_pubkey: bool + pub commit_upfront_shutdown_pubkey: bool, + /// Limit our total exposure to in-flight HTLCs which are burned to fees as they are too + /// small to claim on-chain. + /// + /// When an HTLC present in one of our channels is below a "dust" threshold, the HTLC will + /// not be claimable on-chain, instead being turned into additional miner fees if either + /// party force-closes the channel. Because the threshold is per-HTLC, our total exposure + /// to such payments may be sustantial if there are many dust HTLCs present when the + /// channel is force-closed. + /// + /// This limit is applied for sent, forwarded, and received HTLCs and limits the total + /// exposure across all three types per-channel. Setting this too low may prevent the + /// sending or receipt of low-value HTLCs on high-traffic nodes, and this limit is very + /// important to prevent stealing of dust HTLCs by miners. + /// + /// Default value: 5_000_000 msat. + pub max_dust_htlc_exposure_msat: u64, + /// The additional fee we're willing to pay to avoid waiting for the counterparty's + /// `to_self_delay` to reclaim funds. + /// + /// When we close a channel cooperatively with our counterparty, we negotiate a fee for the + /// closing transaction which both sides find acceptable, ultimately paid by the channel + /// funder/initiator. + /// + /// When we are the funder, because we have to pay the channel closing fee, we bound the + /// acceptable fee by our [`Background`] and [`Normal`] fees, with the upper bound increased by + /// this value. Because the on-chain fee we'd pay to force-close the channel is kept near our + /// [`Normal`] feerate during normal operation, this value represents the additional fee we're + /// willing to pay in order to avoid waiting for our counterparty's to_self_delay to reclaim our + /// funds. + /// + /// When we are not the funder, we require the closing transaction fee pay at least our + /// [`Background`] fee estimate, but allow our counterparty to pay as much fee as they like. + /// Thus, this value is ignored when we are not the funder. + /// + /// Default value: 1000 satoshis. + /// + /// [`Normal`]: crate::chain::chaininterface::ConfirmationTarget::Normal + /// [`Background`]: crate::chain::chaininterface::ConfirmationTarget::Background + pub force_close_avoidance_max_fee_satoshis: u64, } impl Default for ChannelConfig { @@ -218,13 +287,17 @@ impl Default for ChannelConfig { cltv_expiry_delta: 6 * 12, // 6 blocks/hour * 12 hours announced_channel: false, commit_upfront_shutdown_pubkey: true, + max_dust_htlc_exposure_msat: 5_000_000, + force_close_avoidance_max_fee_satoshis: 1000, } } } impl_writeable_tlv_based!(ChannelConfig, { (0, forwarding_fee_proportional_millionths, required), + (1, max_dust_htlc_exposure_msat, (default_value, 5_000_000)), (2, cltv_expiry_delta, required), + (3, force_close_avoidance_max_fee_satoshis, (default_value, 1000)), (4, announced_channel, required), (6, commit_upfront_shutdown_pubkey, required), (8, forwarding_fee_base_msat, required), @@ -259,6 +332,23 @@ pub struct UserConfig { /// /// Default value: false. pub accept_forwards_to_priv_channels: bool, + /// If this is set to false, we do not accept inbound requests to open a new channel. + /// Default value: true. + pub accept_inbound_channels: bool, + /// If this is set to true, the user needs to manually accept inbound requests to open a new + /// channel. + /// + /// When set to true, [`Event::OpenChannelRequest`] will be triggered once a request to open a + /// new inbound channel is received through a [`msgs::OpenChannel`] message. In that case, a + /// [`msgs::AcceptChannel`] message will not be sent back to the counterparty node unless the + /// user explicitly chooses to accept the request. + /// + /// Default value: false. + /// + /// [`Event::OpenChannelRequest`]: crate::util::events::Event::OpenChannelRequest + /// [`msgs::OpenChannel`]: crate::ln::msgs::OpenChannel + /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel + pub manually_accept_inbound_channels: bool, } impl Default for UserConfig { @@ -268,6 +358,8 @@ impl Default for UserConfig { peer_channel_config_limits: ChannelHandshakeLimits::default(), channel_options: ChannelConfig::default(), accept_forwards_to_priv_channels: false, + accept_inbound_channels: true, + manually_accept_inbound_channels: false, } } }