X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning-c-bindings%2Fsrc%2Flightning%2Futil%2Fconfig.rs;h=bfea17bb329b07bdfcf656bbb73a13b24fda3b28;hb=636543d86915837013c3eb1e0a9ea96114ef73fc;hp=e83fb2b63ccef7bdb72bb818abe65815471ad9d2;hpb=5502fccd64611f16f5ebba3759c68b1a4d69b537;p=ldk-c-bindings diff --git a/lightning-c-bindings/src/lightning/util/config.rs b/lightning-c-bindings/src/lightning/util/config.rs index e83fb2b..bfea17b 100644 --- a/lightning-c-bindings/src/lightning/util/config.rs +++ b/lightning-c-bindings/src/lightning/util/config.rs @@ -521,6 +521,9 @@ pub(crate) extern "C" fn ChannelHandshakeConfig_clone_void(this_ptr: *const c_vo pub extern "C" fn ChannelHandshakeConfig_clone(orig: &ChannelHandshakeConfig) -> ChannelHandshakeConfig { orig.clone() } +/// Get a string which allows debug introspection of a ChannelHandshakeConfig object +pub extern "C" fn ChannelHandshakeConfig_debug_str_void(o: *const c_void) -> Str { + alloc::format!("{:?}", unsafe { o as *const crate::lightning::util::config::ChannelHandshakeConfig }).into()} /// Creates a "default" ChannelHandshakeConfig. See struct and individual field documentaiton for details on which values are used. #[must_use] #[no_mangle] @@ -840,13 +843,16 @@ pub(crate) extern "C" fn ChannelHandshakeLimits_clone_void(this_ptr: *const c_vo pub extern "C" fn ChannelHandshakeLimits_clone(orig: &ChannelHandshakeLimits) -> ChannelHandshakeLimits { orig.clone() } +/// Get a string which allows debug introspection of a ChannelHandshakeLimits object +pub extern "C" fn ChannelHandshakeLimits_debug_str_void(o: *const c_void) -> Str { + alloc::format!("{:?}", unsafe { o as *const crate::lightning::util::config::ChannelHandshakeLimits }).into()} /// Creates a "default" ChannelHandshakeLimits. See struct and individual field documentaiton for details on which values are used. #[must_use] #[no_mangle] pub extern "C" fn ChannelHandshakeLimits_default() -> ChannelHandshakeLimits { ChannelHandshakeLimits { inner: ObjOps::heap_alloc(Default::default()), is_owned: true } } -/// Options for how to set the max dust HTLC exposure allowed on a channel. See +/// Options for how to set the max dust exposure allowed on a channel. See /// [`ChannelConfig::max_dust_htlc_exposure`] for details. #[derive(Clone)] #[must_use] @@ -863,19 +869,17 @@ pub enum MaxDustHTLCExposure { /// exposure and the new minimum value for HTLCs to be economically viable to claim. FixedLimitMsat( u64), - /// This sets a multiplier on the estimated high priority feerate (sats/KW, as obtained from - /// [`FeeEstimator`]) to determine the maximum allowed dust exposure. If this variant is used - /// then the maximum dust exposure in millisatoshis is calculated as: - /// `high_priority_feerate_per_kw * value`. For example, with our default value - /// `FeeRateMultiplier(5000)`: + /// This sets a multiplier on the [`ConfirmationTarget::OnChainSweep`] feerate (in sats/KW) to + /// determine the maximum allowed dust exposure. If this variant is used then the maximum dust + /// exposure in millisatoshis is calculated as: + /// `feerate_per_kw * value`. For example, with our default value + /// `FeeRateMultiplier(10_000)`: /// /// - For the minimum fee rate of 1 sat/vByte (250 sat/KW, although the minimum /// defaults to 253 sats/KW for rounding, see [`FeeEstimator`]), the max dust exposure would - /// be 253 * 5000 = 1,265,000 msats. + /// be 253 * 10_000 = 2,530,000 msats. /// - For a fee rate of 30 sat/vByte (7500 sat/KW), the max dust exposure would be - /// 7500 * 5000 = 37,500,000 msats. - /// - /// This allows the maximum dust exposure to automatically scale with fee rate changes. + /// 7500 * 50_000 = 75,000,000 msats (0.00075 BTC). /// /// Note, if you're using a third-party fee estimator, this may leave you more exposed to a /// fee griefing attack, where your fee estimator may purposely overestimate the fee rate, @@ -890,6 +894,7 @@ pub enum MaxDustHTLCExposure { /// by default this will be set to a [`Self::FixedLimitMsat`] of 5,000,000 msat. /// /// [`FeeEstimator`]: crate::chain::chaininterface::FeeEstimator + /// [`ConfirmationTarget::OnChainSweep`]: crate::chain::chaininterface::ConfirmationTarget::OnChainSweep FeeRateMultiplier( u64), } @@ -930,7 +935,8 @@ impl MaxDustHTLCExposure { } } #[allow(unused)] - pub(crate) fn from_native(native: &nativeMaxDustHTLCExposure) -> Self { + pub(crate) fn from_native(native: &MaxDustHTLCExposureImport) -> Self { + let native = unsafe { &*(native as *const _ as *const c_void as *const nativeMaxDustHTLCExposure) }; match native { nativeMaxDustHTLCExposure::FixedLimitMsat (ref a, ) => { let mut a_nonref = Clone::clone(a); @@ -990,6 +996,9 @@ pub extern "C" fn MaxDustHTLCExposure_fixed_limit_msat(a: u64) -> MaxDustHTLCExp pub extern "C" fn MaxDustHTLCExposure_fee_rate_multiplier(a: u64) -> MaxDustHTLCExposure { MaxDustHTLCExposure::FeeRateMultiplier(a, ) } +/// Get a string which allows debug introspection of a MaxDustHTLCExposure object +pub extern "C" fn MaxDustHTLCExposure_debug_str_void(o: *const c_void) -> Str { + alloc::format!("{:?}", unsafe { o as *const crate::lightning::util::config::MaxDustHTLCExposure }).into()} /// Checks if two MaxDustHTLCExposures contain equal inner contents. /// This ignores pointers and is_owned flags and looks at the values in fields. #[no_mangle] @@ -1165,13 +1174,16 @@ pub extern "C" fn ChannelConfig_get_cltv_expiry_delta(this_ptr: &ChannelConfig) pub extern "C" fn ChannelConfig_set_cltv_expiry_delta(this_ptr: &mut ChannelConfig, mut val: u16) { unsafe { &mut *ObjOps::untweak_ptr(this_ptr.inner) }.cltv_expiry_delta = val; } -/// Limit our total exposure to in-flight HTLCs which are burned to fees as they are too -/// small to claim on-chain. +/// Limit our total exposure to potential loss to on-chain fees on close, including in-flight +/// HTLCs which are burned to fees as they are too small to claim on-chain and fees on +/// commitment transaction(s) broadcasted by our counterparty in excess of our own fee estimate. +/// +/// # HTLC-based Dust Exposure /// /// When an HTLC present in one of our channels is below a \"dust\" threshold, the HTLC will /// not be claimable on-chain, instead being turned into additional miner fees if either /// party force-closes the channel. Because the threshold is per-HTLC, our total exposure -/// to such payments may be sustantial if there are many dust HTLCs present when the +/// to such payments may be substantial if there are many dust HTLCs present when the /// channel is force-closed. /// /// The dust threshold for each HTLC is based on the `dust_limit_satoshis` for each party in a @@ -1185,19 +1197,52 @@ pub extern "C" fn ChannelConfig_set_cltv_expiry_delta(this_ptr: &mut ChannelConf /// The selected limit is applied for sent, forwarded, and received HTLCs and limits the total /// exposure across all three types per-channel. /// -/// Default value: [`MaxDustHTLCExposure::FeeRateMultiplier`] with a multiplier of 5000. +/// # Transaction Fee Dust Exposure +/// +/// Further, counterparties broadcasting a commitment transaction in a force-close may result +/// in other balance being burned to fees, and thus all fees on commitment and HTLC +/// transactions in excess of our local fee estimates are included in the dust calculation. +/// +/// Because of this, another way to look at this limit is to divide it by 43,000 (or 218,750 +/// for non-anchor channels) and see it as the maximum feerate disagreement (in sats/vB) per +/// non-dust HTLC we're allowed to have with our peers before risking a force-closure for +/// inbound channels. +/// +/// Thus, for the default value of 10_000 * a current feerate estimate of 10 sat/vB (or 2,500 +/// sat/KW), we risk force-closure if we disagree with our peer by: +/// * `10_000 * 2_500 / 43_000 / (483*2)` = 0.6 sat/vB for anchor channels with 483 HTLCs in +/// both directions (the maximum), +/// * `10_000 * 2_500 / 43_000 / (50*2)` = 5.8 sat/vB for anchor channels with 50 HTLCs in both +/// directions (the LDK default max from [`ChannelHandshakeConfig::our_max_accepted_htlcs`]) +/// * `10_000 * 2_500 / 218_750 / (483*2)` = 0.1 sat/vB for non-anchor channels with 483 HTLCs +/// in both directions (the maximum), +/// * `10_000 * 2_500 / 218_750 / (50*2)` = 1.1 sat/vB for non-anchor channels with 50 HTLCs +/// in both (the LDK default maximum from [`ChannelHandshakeConfig::our_max_accepted_htlcs`]) +/// +/// Note that when using [`MaxDustHTLCExposure::FeeRateMultiplier`] this maximum disagreement +/// will scale linearly with increases (or decreases) in the our feerate estimates. Further, +/// for anchor channels we expect our counterparty to use a relatively low feerate estimate +/// while we use [`ConfirmationTarget::OnChainSweep`] (which should be relatively high) and +/// feerate disagreement force-closures should only occur when theirs is higher than ours. +/// +/// Default value: [`MaxDustHTLCExposure::FeeRateMultiplier`] with a multiplier of 10_000. +/// +/// [`ConfirmationTarget::OnChainSweep`]: crate::chain::chaininterface::ConfirmationTarget::OnChainSweep #[no_mangle] pub extern "C" fn ChannelConfig_get_max_dust_htlc_exposure(this_ptr: &ChannelConfig) -> crate::lightning::util::config::MaxDustHTLCExposure { let mut inner_val = &mut this_ptr.get_native_mut_ref().max_dust_htlc_exposure; crate::lightning::util::config::MaxDustHTLCExposure::from_native(inner_val) } -/// Limit our total exposure to in-flight HTLCs which are burned to fees as they are too -/// small to claim on-chain. +/// Limit our total exposure to potential loss to on-chain fees on close, including in-flight +/// HTLCs which are burned to fees as they are too small to claim on-chain and fees on +/// commitment transaction(s) broadcasted by our counterparty in excess of our own fee estimate. +/// +/// # HTLC-based Dust Exposure /// /// When an HTLC present in one of our channels is below a \"dust\" threshold, the HTLC will /// not be claimable on-chain, instead being turned into additional miner fees if either /// party force-closes the channel. Because the threshold is per-HTLC, our total exposure -/// to such payments may be sustantial if there are many dust HTLCs present when the +/// to such payments may be substantial if there are many dust HTLCs present when the /// channel is force-closed. /// /// The dust threshold for each HTLC is based on the `dust_limit_satoshis` for each party in a @@ -1211,7 +1256,37 @@ pub extern "C" fn ChannelConfig_get_max_dust_htlc_exposure(this_ptr: &ChannelCon /// The selected limit is applied for sent, forwarded, and received HTLCs and limits the total /// exposure across all three types per-channel. /// -/// Default value: [`MaxDustHTLCExposure::FeeRateMultiplier`] with a multiplier of 5000. +/// # Transaction Fee Dust Exposure +/// +/// Further, counterparties broadcasting a commitment transaction in a force-close may result +/// in other balance being burned to fees, and thus all fees on commitment and HTLC +/// transactions in excess of our local fee estimates are included in the dust calculation. +/// +/// Because of this, another way to look at this limit is to divide it by 43,000 (or 218,750 +/// for non-anchor channels) and see it as the maximum feerate disagreement (in sats/vB) per +/// non-dust HTLC we're allowed to have with our peers before risking a force-closure for +/// inbound channels. +/// +/// Thus, for the default value of 10_000 * a current feerate estimate of 10 sat/vB (or 2,500 +/// sat/KW), we risk force-closure if we disagree with our peer by: +/// * `10_000 * 2_500 / 43_000 / (483*2)` = 0.6 sat/vB for anchor channels with 483 HTLCs in +/// both directions (the maximum), +/// * `10_000 * 2_500 / 43_000 / (50*2)` = 5.8 sat/vB for anchor channels with 50 HTLCs in both +/// directions (the LDK default max from [`ChannelHandshakeConfig::our_max_accepted_htlcs`]) +/// * `10_000 * 2_500 / 218_750 / (483*2)` = 0.1 sat/vB for non-anchor channels with 483 HTLCs +/// in both directions (the maximum), +/// * `10_000 * 2_500 / 218_750 / (50*2)` = 1.1 sat/vB for non-anchor channels with 50 HTLCs +/// in both (the LDK default maximum from [`ChannelHandshakeConfig::our_max_accepted_htlcs`]) +/// +/// Note that when using [`MaxDustHTLCExposure::FeeRateMultiplier`] this maximum disagreement +/// will scale linearly with increases (or decreases) in the our feerate estimates. Further, +/// for anchor channels we expect our counterparty to use a relatively low feerate estimate +/// while we use [`ConfirmationTarget::OnChainSweep`] (which should be relatively high) and +/// feerate disagreement force-closures should only occur when theirs is higher than ours. +/// +/// Default value: [`MaxDustHTLCExposure::FeeRateMultiplier`] with a multiplier of 10_000. +/// +/// [`ConfirmationTarget::OnChainSweep`]: crate::chain::chaininterface::ConfirmationTarget::OnChainSweep #[no_mangle] pub extern "C" fn ChannelConfig_set_max_dust_htlc_exposure(this_ptr: &mut ChannelConfig, mut val: crate::lightning::util::config::MaxDustHTLCExposure) { unsafe { &mut *ObjOps::untweak_ptr(this_ptr.inner) }.max_dust_htlc_exposure = val.into_native(); @@ -1278,7 +1353,9 @@ pub extern "C" fn ChannelConfig_set_force_close_avoidance_max_fee_satoshis(this_ /// - The counterparty will get an [`HTLCIntercepted`] event upon payment forward, and call /// [`forward_intercepted_htlc`] with less than the amount provided in /// [`HTLCIntercepted::expected_outbound_amount_msat`]. The difference between the expected and -/// actual forward amounts is their fee. +/// actual forward amounts is their fee. See +/// +/// for how this feature may be used in the LSP use case. /// /// # Note /// It's important for payee wallet software to verify that [`PaymentClaimable::amount_msat`] is @@ -1312,7 +1389,9 @@ pub extern "C" fn ChannelConfig_get_accept_underpaying_htlcs(this_ptr: &ChannelC /// - The counterparty will get an [`HTLCIntercepted`] event upon payment forward, and call /// [`forward_intercepted_htlc`] with less than the amount provided in /// [`HTLCIntercepted::expected_outbound_amount_msat`]. The difference between the expected and -/// actual forward amounts is their fee. +/// actual forward amounts is their fee. See +/// +/// for how this feature may be used in the LSP use case. /// /// # Note /// It's important for payee wallet software to verify that [`PaymentClaimable::amount_msat`] is @@ -1368,6 +1447,9 @@ pub(crate) extern "C" fn ChannelConfig_clone_void(this_ptr: *const c_void) -> *m pub extern "C" fn ChannelConfig_clone(orig: &ChannelConfig) -> ChannelConfig { orig.clone() } +/// Get a string which allows debug introspection of a ChannelConfig object +pub extern "C" fn ChannelConfig_debug_str_void(o: *const c_void) -> Str { + alloc::format!("{:?}", unsafe { o as *const crate::lightning::util::config::ChannelConfig }).into()} /// Checks if two ChannelConfigs contain equal inner contents. /// This ignores pointers and is_owned flags and looks at the values in fields. /// Two objects with NULL inner values will be considered "equal" here. @@ -1804,6 +1886,9 @@ pub(crate) extern "C" fn UserConfig_clone_void(this_ptr: *const c_void) -> *mut pub extern "C" fn UserConfig_clone(orig: &UserConfig) -> UserConfig { orig.clone() } +/// Get a string which allows debug introspection of a UserConfig object +pub extern "C" fn UserConfig_debug_str_void(o: *const c_void) -> Str { + alloc::format!("{:?}", unsafe { o as *const crate::lightning::util::config::UserConfig }).into()} /// Creates a "default" UserConfig. See struct and individual field documentaiton for details on which values are used. #[must_use] #[no_mangle]