X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannel.rs;h=1e5c38b45968d83dc2c9b568d8e68a56161e6327;hb=832fc4fd4435fa236f15d3e737bebf64619ff60e;hp=2f73cd3c5d4f5cf89d343507b5da28d1fb37386b;hpb=32a937890956a459c499e76767671050b357f29a;p=rust-lightning diff --git a/src/ln/channel.rs b/src/ln/channel.rs index 2f73cd3c..1e5c38b4 100644 --- a/src/ln/channel.rs +++ b/src/ln/channel.rs @@ -2,9 +2,9 @@ use bitcoin::blockdata::block::BlockHeader; use bitcoin::blockdata::script::{Script,Builder}; use bitcoin::blockdata::transaction::{TxIn, TxOut, Transaction, SigHashType}; use bitcoin::blockdata::opcodes; -use bitcoin::util::hash::{Sha256dHash, Hash160}; +use bitcoin::util::hash::{BitcoinHash, Sha256dHash, Hash160}; use bitcoin::util::bip143; -use bitcoin::network::serialize::BitcoinHash; +use bitcoin::consensus::encode::{self, Encodable, Decodable}; use secp256k1::key::{PublicKey,SecretKey}; use secp256k1::{Secp256k1,Message,Signature}; @@ -13,19 +13,20 @@ use secp256k1; use crypto::digest::Digest; use ln::msgs; -use ln::msgs::{ErrorAction, HandleError, RAACommitmentOrder}; +use ln::msgs::DecodeError; use ln::channelmonitor::ChannelMonitor; -use ln::channelmanager::{PendingHTLCStatus, HTLCSource, PendingForwardHTLCInfo, HTLCFailReason, HTLCFailureMsg}; +use ln::channelmanager::{PendingHTLCStatus, HTLCSource, HTLCFailReason, HTLCFailureMsg, PendingForwardHTLCInfo, RAACommitmentOrder, PaymentPreimage, PaymentHash}; use ln::chan_utils::{TxCreationKeys,HTLCOutputInCommitment,HTLC_SUCCESS_TX_WEIGHT,HTLC_TIMEOUT_TX_WEIGHT}; use ln::chan_utils; use chain::chaininterface::{FeeEstimator,ConfirmationTarget}; use chain::transaction::OutPoint; use chain::keysinterface::{ChannelKeys, KeysInterface}; use util::{transaction_utils,rng}; -use util::ser::Writeable; +use util::ser::{Readable, ReadableArgs, Writeable, Writer, WriterWriteAdaptor}; use util::sha2::Sha256; use util::logger::Logger; use util::errors::APIError; +use util::config::{UserConfig,ChannelConfig}; use std; use std::default::Default; @@ -47,7 +48,7 @@ pub struct ChannelValueStat { enum InboundHTLCRemovalReason { FailRelay(msgs::OnionErrorPacket), FailMalformed(([u8; 32], u16)), - Fulfill([u8; 32]), + Fulfill(PaymentPreimage), } enum InboundHTLCState { @@ -83,7 +84,7 @@ struct InboundHTLCOutput { htlc_id: u64, amount_msat: u64, cltv_expiry: u32, - payment_hash: [u8; 32], + payment_hash: PaymentHash, state: InboundHTLCState, } @@ -123,7 +124,7 @@ struct OutboundHTLCOutput { htlc_id: u64, amount_msat: u64, cltv_expiry: u32, - payment_hash: [u8; 32], + payment_hash: PaymentHash, state: OutboundHTLCState, source: HTLCSource, /// If we're in a removed state, set if they failed, otherwise None @@ -148,13 +149,13 @@ enum HTLCUpdateAwaitingACK { // always outbound amount_msat: u64, cltv_expiry: u32, - payment_hash: [u8; 32], + payment_hash: PaymentHash, source: HTLCSource, onion_routing_packet: msgs::OnionPacket, time_created: Instant, //TODO: Some kind of timeout thing-a-majig }, ClaimHTLC { - payment_preimage: [u8; 32], + payment_preimage: PaymentPreimage, htlc_id: u64, }, FailHTLC { @@ -228,13 +229,14 @@ const INITIAL_COMMITMENT_NUMBER: u64 = (1 << 48) - 1; // calling channel_id() before we're set up or things like get_outbound_funding_signed on an // inbound channel. pub(super) struct Channel { + config: ChannelConfig, + user_id: u64, channel_id: [u8; 32], channel_state: u32, channel_outbound: bool, secp_ctx: Secp256k1, - announce_publicly: bool, channel_value_satoshis: u64, local_keys: ChannelKeys, @@ -261,7 +263,7 @@ pub(super) struct Channel { monitor_pending_commitment_signed: bool, monitor_pending_order: Option, monitor_pending_forwards: Vec<(PendingForwardHTLCInfo, u64)>, - monitor_pending_failures: Vec<(HTLCSource, [u8; 32], HTLCFailReason)>, + monitor_pending_failures: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>, // pending_update_fee is filled when sending and receiving update_fee // For outbound channel, feerate_per_kw is updated with the value from @@ -306,8 +308,9 @@ pub(super) struct Channel { /// could miss the funding_tx_confirmed_in block as well, but it serves as a useful fallback. funding_tx_confirmed_in: Option, short_channel_id: Option, - /// Used to deduplicate block_connected callbacks - last_block_connected: Sha256dHash, + /// Used to deduplicate block_connected callbacks, also used to verify consistency during + /// ChannelManager deserialization (hence pub(super)) + pub(super) last_block_connected: Sha256dHash, funding_tx_confirmations: u64, their_dust_limit_satoshis: u64, @@ -323,6 +326,7 @@ pub(super) struct Channel { //implied by BREAKDOWN_TIMEOUT: our_to_self_delay: u16, their_max_accepted_htlcs: u16, //implied by OUR_MAX_HTLCS: our_max_accepted_htlcs: u16, + minimum_depth: u32, their_funding_pubkey: Option, their_revocation_basepoint: Option, @@ -351,36 +355,39 @@ const UNCONF_THRESHOLD: u32 = 6; const BREAKDOWN_TIMEOUT: u16 = 6 * 24 * 7; //TODO? /// The amount of time we're willing to wait to claim money back to us const MAX_LOCAL_BREAKDOWN_TIMEOUT: u16 = 6 * 24 * 14; -const COMMITMENT_TX_BASE_WEIGHT: u64 = 724; -const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172; +/// Exposing these two constants for use in test in ChannelMonitor +pub const COMMITMENT_TX_BASE_WEIGHT: u64 = 724; +pub const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172; const SPENDING_INPUT_FOR_A_OUTPUT_WEIGHT: u64 = 79; // prevout: 36, nSequence: 4, script len: 1, witness lengths: (3+1)/4, sig: 73/4, if-selector: 1, redeemScript: (6 ops + 2*33 pubkeys + 1*2 delay)/4 const B_OUTPUT_PLUS_SPENDING_INPUT_WEIGHT: u64 = 104; // prevout: 40, nSequence: 4, script len: 1, witness lengths: 3/4, sig: 73/4, pubkey: 33/4, output: 31 (TODO: Wrong? Useless?) /// Maximmum `funding_satoshis` value, according to the BOLT #2 specification /// it's 2^24. pub const MAX_FUNDING_SATOSHIS: u64 = (1 << 24); +#[cfg(test)] +pub const ACCEPTED_HTLC_SCRIPT_WEIGHT: usize = 138; //Here we have a diff due to HTLC CLTV expiry being < 2^15 in test +#[cfg(not(test))] +pub const ACCEPTED_HTLC_SCRIPT_WEIGHT: usize = 139; +pub const OFFERED_HTLC_SCRIPT_WEIGHT: usize = 133; + /// Used to return a simple Error back to ChannelManager. Will get converted to a /// msgs::ErrorAction::SendErrorMessage or msgs::ErrorAction::IgnoreError as appropriate with our /// channel_id in ChannelManager. +#[derive(Debug)] pub(super) enum ChannelError { Ignore(&'static str), Close(&'static str), } -macro_rules! secp_call { - ( $res: expr, $err: expr, $chan_id: expr ) => { +macro_rules! secp_check { + ($res: expr, $err: expr) => { match $res { - Ok(key) => key, - Err(_) => return Err(HandleError {err: $err, action: Some(msgs::ErrorAction::SendErrorMessage {msg: msgs::ErrorMessage {channel_id: $chan_id, data: $err.to_string()}})}) + Ok(thing) => thing, + Err(_) => return Err(ChannelError::Close($err)), } }; } -macro_rules! secp_derived_key { - ( $res: expr, $chan_id: expr ) => { - secp_call!($res, "Derived invalid key, peer is maliciously selecting parameters", $chan_id) - } -} impl Channel { // Convert constants + channel value to limits: fn get_our_max_htlc_value_in_flight_msat(channel_value_satoshis: u64) -> u64 { @@ -396,7 +403,7 @@ impl Channel { } fn derive_our_dust_limit_satoshis(at_open_background_feerate: u64) -> u64 { - at_open_background_feerate * B_OUTPUT_PLUS_SPENDING_INPUT_WEIGHT / 1000 //TODO + cmp::max(at_open_background_feerate * B_OUTPUT_PLUS_SPENDING_INPUT_WEIGHT / 1000, 546) //TODO } fn derive_our_htlc_minimum_msat(_at_open_channel_feerate_per_kw: u64) -> u64 { @@ -410,13 +417,8 @@ impl Channel { CONF_TARGET } - fn derive_maximum_minimum_depth(_channel_value_satoshis_msat: u64, _value_to_self_msat: u64) -> u32 { - const CONF_TARGET: u32 = 12; //TODO: Should be much higher - CONF_TARGET * 2 - } - // Constructors: - pub fn new_outbound(fee_estimator: &FeeEstimator, keys_provider: &Arc, their_node_id: PublicKey, channel_value_satoshis: u64, push_msat: u64, announce_publicly: bool, user_id: u64, logger: Arc) -> Result { + pub fn new_outbound(fee_estimator: &FeeEstimator, keys_provider: &Arc, their_node_id: PublicKey, channel_value_satoshis: u64, push_msat: u64, user_id: u64, logger: Arc, config: &UserConfig) -> Result { let chan_keys = keys_provider.get_channel_keys(false); if channel_value_satoshis >= MAX_FUNDING_SATOSHIS { @@ -436,20 +438,18 @@ impl Channel { let feerate = fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Normal); let secp_ctx = Secp256k1::new(); - let our_channel_monitor_claim_key_hash = Hash160::from_data(&PublicKey::from_secret_key(&secp_ctx, &chan_keys.channel_monitor_claim_key).serialize()); - let our_channel_monitor_claim_script = Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0).push_slice(&our_channel_monitor_claim_key_hash[..]).into_script(); let channel_monitor = ChannelMonitor::new(&chan_keys.revocation_base_key, &chan_keys.delayed_payment_base_key, - &chan_keys.htlc_base_key, - BREAKDOWN_TIMEOUT, our_channel_monitor_claim_script); + &chan_keys.htlc_base_key, &chan_keys.payment_base_key, &keys_provider.get_shutdown_pubkey(), BREAKDOWN_TIMEOUT, + keys_provider.get_destination_script(), logger.clone()); Ok(Channel { user_id: user_id, + config: config.channel_options.clone(), channel_id: rng::rand_u832(), channel_state: ChannelState::OurInitSent as u32, channel_outbound: true, secp_ctx: secp_ctx, - announce_publicly: announce_publicly, channel_value_satoshis: channel_value_satoshis, local_keys: chan_keys, @@ -497,6 +497,7 @@ impl Channel { our_htlc_minimum_msat: Channel::derive_our_htlc_minimum_msat(feerate), their_to_self_delay: 0, their_max_accepted_htlcs: 0, + minimum_depth: 0, // Filled in in accept_channel their_funding_pubkey: None, their_revocation_basepoint: None, @@ -528,8 +529,9 @@ impl Channel { /// Creates a new channel from a remote sides' request for one. /// Assumes chain_hash has already been checked and corresponds with what we expect! - pub fn new_from_req(fee_estimator: &FeeEstimator, keys_provider: &Arc, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, require_announce: bool, allow_announce: bool, logger: Arc) -> Result { + pub fn new_from_req(fee_estimator: &FeeEstimator, keys_provider: &Arc, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, logger: Arc, config: &UserConfig) -> Result { let chan_keys = keys_provider.get_channel_keys(true); + let mut local_config = (*config).channel_options.clone(); // Check sanity of message fields: if msg.funding_satoshis >= MAX_FUNDING_SATOSHIS { @@ -562,22 +564,46 @@ impl Channel { return Err(ChannelError::Close("max_accpted_htlcs > 483")); } + // Now check against optional parameters as set by config... + if msg.funding_satoshis < config.channel_limits.min_funding_satoshis { + return Err(ChannelError::Close("funding satoshis is less than the user specified limit")); + } + if msg.htlc_minimum_msat > config.channel_limits.max_htlc_minimum_msat { + return Err(ChannelError::Close("htlc minimum msat is higher than the user specified limit")); + } + if msg.max_htlc_value_in_flight_msat < config.channel_limits.min_max_htlc_value_in_flight_msat { + return Err(ChannelError::Close("max htlc value in flight msat is less than the user specified limit")); + } + if msg.channel_reserve_satoshis > config.channel_limits.max_channel_reserve_satoshis { + return Err(ChannelError::Close("channel reserve satoshis is higher than the user specified limit")); + } + if msg.max_accepted_htlcs < config.channel_limits.min_max_accepted_htlcs { + return Err(ChannelError::Close("max accepted htlcs is less than the user specified limit")); + } + if msg.dust_limit_satoshis < config.channel_limits.min_dust_limit_satoshis { + return Err(ChannelError::Close("dust limit satoshis is less than the user specified limit")); + } + if msg.dust_limit_satoshis > config.channel_limits.max_dust_limit_satoshis { + return Err(ChannelError::Close("dust limit satoshis is greater than the user specified limit")); + } + // Convert things into internal flags and prep our state: let their_announce = if (msg.channel_flags & 1) == 1 { true } else { false }; - if require_announce && !their_announce { - return Err(ChannelError::Close("Peer tried to open unannounced channel, but we require public ones")); - } - if !allow_announce && their_announce { - return Err(ChannelError::Close("Peer tried to open announced channel, but we require private ones")); + if config.channel_limits.force_announced_channel_preference { + if local_config.announced_channel != their_announce { + return Err(ChannelError::Close("Peer tried to open channel but their announcement preference is different from ours")); + } } + // we either accept their preference or the preferences match + local_config.announced_channel = their_announce; let background_feerate = fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Background); let our_dust_limit_satoshis = Channel::derive_our_dust_limit_satoshis(background_feerate); let our_channel_reserve_satoshis = Channel::get_our_channel_reserve_satoshis(msg.funding_satoshis); if our_channel_reserve_satoshis < our_dust_limit_satoshis { - return Err(ChannelError::Close("Suitalbe channel reserve not found. aborting")); + return Err(ChannelError::Close("Suitable channel reserve not found. aborting")); } if msg.channel_reserve_satoshis < our_dust_limit_satoshis { return Err(ChannelError::Close("channel_reserve_satoshis too small")); @@ -600,22 +626,20 @@ impl Channel { } let secp_ctx = Secp256k1::new(); - let our_channel_monitor_claim_key_hash = Hash160::from_data(&PublicKey::from_secret_key(&secp_ctx, &chan_keys.channel_monitor_claim_key).serialize()); - let our_channel_monitor_claim_script = Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0).push_slice(&our_channel_monitor_claim_key_hash[..]).into_script(); let mut channel_monitor = ChannelMonitor::new(&chan_keys.revocation_base_key, &chan_keys.delayed_payment_base_key, - &chan_keys.htlc_base_key, - BREAKDOWN_TIMEOUT, our_channel_monitor_claim_script); + &chan_keys.htlc_base_key, &chan_keys.payment_base_key, &keys_provider.get_shutdown_pubkey(), BREAKDOWN_TIMEOUT, + keys_provider.get_destination_script(), logger.clone()); channel_monitor.set_their_base_keys(&msg.htlc_basepoint, &msg.delayed_payment_basepoint); channel_monitor.set_their_to_self_delay(msg.to_self_delay); let mut chan = Channel { user_id: user_id, + config: local_config, channel_id: msg.temporary_channel_id, channel_state: (ChannelState::OurInitSent as u32) | (ChannelState::TheirInitSent as u32), channel_outbound: false, secp_ctx: secp_ctx, - announce_publicly: their_announce, local_keys: chan_keys, shutdown_pubkey: keys_provider.get_shutdown_pubkey(), @@ -663,6 +687,7 @@ impl Channel { our_htlc_minimum_msat: Channel::derive_our_htlc_minimum_msat(msg.feerate_per_kw as u64), their_to_self_delay: msg.to_self_delay, their_max_accepted_htlcs: msg.max_accepted_htlcs, + minimum_depth: Channel::derive_minimum_depth(msg.funding_satoshis*1000, msg.push_msat), their_funding_pubkey: Some(msg.funding_pubkey), their_revocation_basepoint: Some(msg.revocation_basepoint), @@ -732,7 +757,7 @@ impl Channel { /// generated by the peer which proposed adding the HTLCs, and thus we need to understand both /// which peer generated this transaction and "to whom" this transaction flows. #[inline] - fn build_commitment_transaction(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool, feerate_per_kw: u64) -> (Transaction, Vec) { + fn build_commitment_transaction(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool, feerate_per_kw: u64) -> (Transaction, Vec, Vec<(PaymentHash, &HTLCSource, Option)>) { let obscured_commitment_transaction_number = self.get_commitment_transaction_number_obscure_factor() ^ (INITIAL_COMMITMENT_NUMBER - commitment_number); let txins = { @@ -746,7 +771,8 @@ impl Channel { ins }; - let mut txouts: Vec<(TxOut, Option)> = Vec::with_capacity(self.pending_inbound_htlcs.len() + self.pending_outbound_htlcs.len() + 2); + let mut txouts: Vec<(TxOut, Option<(HTLCOutputInCommitment, Option<&HTLCSource>)>)> = Vec::with_capacity(self.pending_inbound_htlcs.len() + self.pending_outbound_htlcs.len() + 2); + let mut unincluded_htlc_sources: Vec<(PaymentHash, &HTLCSource, Option)> = Vec::new(); let dust_limit_satoshis = if local { self.our_dust_limit_satoshis } else { self.their_dust_limit_satoshis }; let mut remote_htlc_total_msat = 0; @@ -754,14 +780,18 @@ impl Channel { let mut value_to_self_msat_offset = 0; macro_rules! add_htlc_output { - ($htlc: expr, $outbound: expr) => { + ($htlc: expr, $outbound: expr, $source: expr) => { if $outbound == local { // "offered HTLC output" if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (feerate_per_kw * HTLC_TIMEOUT_TX_WEIGHT / 1000) { let htlc_in_tx = get_htlc_in_commitment!($htlc, true); txouts.push((TxOut { script_pubkey: chan_utils::get_htlc_redeemscript(&htlc_in_tx, &keys).to_v0_p2wsh(), value: $htlc.amount_msat / 1000 - }, Some(htlc_in_tx))); + }, Some((htlc_in_tx, $source)))); + } else { + if let Some(source) = $source { + unincluded_htlc_sources.push(($htlc.payment_hash, source, None)); + } } } else { if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (feerate_per_kw * HTLC_SUCCESS_TX_WEIGHT / 1000) { @@ -769,7 +799,11 @@ impl Channel { txouts.push((TxOut { // "received HTLC output" script_pubkey: chan_utils::get_htlc_redeemscript(&htlc_in_tx, &keys).to_v0_p2wsh(), value: $htlc.amount_msat / 1000 - }, Some(htlc_in_tx))); + }, Some((htlc_in_tx, $source)))); + } else { + if let Some(source) = $source { + unincluded_htlc_sources.push(($htlc.payment_hash, source, None)); + } } } } @@ -785,7 +819,7 @@ impl Channel { }; if include { - add_htlc_output!(htlc, false); + add_htlc_output!(htlc, false, None); remote_htlc_total_msat += htlc.amount_msat; } else { match &htlc.state { @@ -811,7 +845,7 @@ impl Channel { }; if include { - add_htlc_output!(htlc, true); + add_htlc_output!(htlc, true, Some(&htlc.source)); local_htlc_total_msat += htlc.amount_msat; } else { match htlc.state { @@ -882,21 +916,26 @@ impl Channel { transaction_utils::sort_outputs(&mut txouts); let mut outputs: Vec = Vec::with_capacity(txouts.len()); - let mut htlcs_used: Vec = Vec::with_capacity(txouts.len()); + let mut htlcs_included: Vec = Vec::with_capacity(txouts.len()); + let mut htlc_sources: Vec<(PaymentHash, &HTLCSource, Option)> = Vec::with_capacity(txouts.len() + unincluded_htlc_sources.len()); for (idx, out) in txouts.drain(..).enumerate() { outputs.push(out.0); - if let Some(out_htlc) = out.1 { - htlcs_used.push(out_htlc); - htlcs_used.last_mut().unwrap().transaction_output_index = idx as u32; + if let Some((mut htlc, source_option)) = out.1 { + htlc.transaction_output_index = idx as u32; + if let Some(source) = source_option { + htlc_sources.push((htlc.payment_hash, source, Some(idx as u32))); + } + htlcs_included.push(htlc); } } + htlc_sources.append(&mut unincluded_htlc_sources); (Transaction { version: 2, lock_time: ((0x20 as u32) << 8*3) | ((obscured_commitment_transaction_number & 0xffffffu64) as u32), input: txins, output: outputs, - }, htlcs_used) + }, htlcs_included, htlc_sources) } #[inline] @@ -974,25 +1013,26 @@ impl Channel { /// our counterparty!) /// The result is a transaction which we can revoke ownership of (ie a "local" transaction) /// TODO Some magic rust shit to compile-time check this? - fn build_local_transaction_keys(&self, commitment_number: u64) -> Result { + fn build_local_transaction_keys(&self, commitment_number: u64) -> Result { let per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &self.build_local_commitment_secret(commitment_number)); let delayed_payment_base = PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.delayed_payment_base_key); let htlc_basepoint = PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.htlc_base_key); - Ok(secp_derived_key!(TxCreationKeys::new(&self.secp_ctx, &per_commitment_point, &delayed_payment_base, &htlc_basepoint, &self.their_revocation_basepoint.unwrap(), &self.their_payment_basepoint.unwrap(), &self.their_htlc_basepoint.unwrap()), self.channel_id())) + Ok(secp_check!(TxCreationKeys::new(&self.secp_ctx, &per_commitment_point, &delayed_payment_base, &htlc_basepoint, &self.their_revocation_basepoint.unwrap(), &self.their_payment_basepoint.unwrap(), &self.their_htlc_basepoint.unwrap()), "Local tx keys generation got bogus keys")) } #[inline] /// Creates a set of keys for build_commitment_transaction to generate a transaction which we /// will sign and send to our counterparty. - fn build_remote_transaction_keys(&self) -> Result { + /// If an Err is returned, it is a ChannelError::Close (for get_outbound_funding_created) + fn build_remote_transaction_keys(&self) -> Result { //TODO: Ensure that the payment_key derived here ends up in the library users' wallet as we //may see payments to it! let payment_basepoint = PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.payment_base_key); let revocation_basepoint = PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.revocation_base_key); let htlc_basepoint = PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.htlc_base_key); - Ok(secp_derived_key!(TxCreationKeys::new(&self.secp_ctx, &self.their_cur_commitment_point.unwrap(), &self.their_delayed_payment_basepoint.unwrap(), &self.their_htlc_basepoint.unwrap(), &revocation_basepoint, &payment_basepoint, &htlc_basepoint), self.channel_id())) + Ok(secp_check!(TxCreationKeys::new(&self.secp_ctx, &self.their_cur_commitment_point.unwrap(), &self.their_delayed_payment_basepoint.unwrap(), &self.their_htlc_basepoint.unwrap(), &revocation_basepoint, &payment_basepoint, &htlc_basepoint), "Remote tx keys generation got bogus keys")) } /// Gets the redeemscript for the funding transaction output (ie the funding transaction output @@ -1050,14 +1090,14 @@ impl Channel { chan_utils::build_htlc_transaction(prev_hash, feerate_per_kw, if local { self.their_to_self_delay } else { BREAKDOWN_TIMEOUT }, htlc, &keys.a_delayed_payment_key, &keys.revocation_key) } - fn create_htlc_tx_signature(&self, tx: &Transaction, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result<(Script, Signature, bool), HandleError> { + fn create_htlc_tx_signature(&self, tx: &Transaction, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result<(Script, Signature, bool), ChannelError> { if tx.input.len() != 1 { panic!("Tried to sign HTLC transaction that had input count != 1!"); } let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &keys); - let our_htlc_key = secp_derived_key!(chan_utils::derive_private_key(&self.secp_ctx, &keys.per_commitment_point, &self.local_keys.htlc_base_key), self.channel_id()); + let our_htlc_key = secp_check!(chan_utils::derive_private_key(&self.secp_ctx, &keys.per_commitment_point, &self.local_keys.htlc_base_key), "Derived invalid key, peer is maliciously selecting parameters"); let sighash = Message::from_slice(&bip143::SighashComponents::new(&tx).sighash_all(&tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); let is_local_tx = PublicKey::from_secret_key(&self.secp_ctx, &our_htlc_key) == keys.a_htlc_key; Ok((htlc_redeemscript, self.secp_ctx.sign(&sighash, &our_htlc_key), is_local_tx)) @@ -1065,7 +1105,7 @@ impl Channel { /// Signs a transaction created by build_htlc_transaction. If the transaction is an /// HTLC-Success transaction (ie htlc.offered is false), preimate must be set! - fn sign_htlc_transaction(&self, tx: &mut Transaction, their_sig: &Signature, preimage: &Option<[u8; 32]>, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result { + fn sign_htlc_transaction(&self, tx: &mut Transaction, their_sig: &Signature, preimage: &Option, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result { if tx.input.len() != 1 { panic!("Tried to sign HTLC transaction that had input count != 1!"); } @@ -1090,7 +1130,7 @@ impl Channel { if htlc.offered { tx.input[0].witness.push(Vec::new()); } else { - tx.input[0].witness.push(preimage.unwrap().to_vec()); + tx.input[0].witness.push(preimage.unwrap().0.to_vec()); } tx.input[0].witness.push(htlc_redeemscript.into_bytes()); @@ -1098,9 +1138,10 @@ impl Channel { Ok(our_sig) } - /// May return an IgnoreError, but should not, and will always return Ok(_) when - /// debug_assertions are turned on - fn get_update_fulfill_htlc(&mut self, htlc_id_arg: u64, payment_preimage_arg: [u8; 32]) -> Result<(Option, Option), HandleError> { + /// Per HTLC, only one get_update_fail_htlc or get_update_fulfill_htlc call may be made. + /// In such cases we debug_assert!(false) and return an IgnoreError. Thus, will always return + /// Ok(_) if debug assertions are turned on and preconditions are met. + fn get_update_fulfill_htlc(&mut self, htlc_id_arg: u64, payment_preimage_arg: PaymentPreimage) -> Result<(Option, Option), ChannelError> { // Either ChannelFunded got set (which means it wont bet unset) or there is no way any // caller thought we could have something claimed (cause we wouldn't have accepted in an // incoming HTLC anyway). If we got to ShutdownComplete, callers aren't allowed to call us, @@ -1111,26 +1152,38 @@ impl Channel { assert_eq!(self.channel_state & ChannelState::ShutdownComplete as u32, 0); let mut sha = Sha256::new(); - sha.input(&payment_preimage_arg); - let mut payment_hash_calc = [0; 32]; - sha.result(&mut payment_hash_calc); + sha.input(&payment_preimage_arg.0[..]); + let mut payment_hash_calc = PaymentHash([0; 32]); + sha.result(&mut payment_hash_calc.0[..]); + + // ChannelManager may generate duplicate claims/fails due to HTLC update events from + // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop + // these, but for now we just have to treat them as normal. let mut pending_idx = std::usize::MAX; for (idx, htlc) in self.pending_inbound_htlcs.iter().enumerate() { if htlc.htlc_id == htlc_id_arg { assert_eq!(htlc.payment_hash, payment_hash_calc); - if let InboundHTLCState::Committed = htlc.state { - } else { - debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to"); - // Don't return in release mode here so that we can update channel_monitor + match htlc.state { + InboundHTLCState::Committed => {}, + InboundHTLCState::LocalRemoved(ref reason) => { + if let &InboundHTLCRemovalReason::Fulfill(_) = reason { + } else { + log_warn!(self, "Have preimage and want to fulfill HTLC with payment hash {} we already failed against channel {}", log_bytes!(htlc.payment_hash.0), log_bytes!(self.channel_id())); + } + return Ok((None, None)); + }, + _ => { + debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to"); + // Don't return in release mode here so that we can update channel_monitor + } } pending_idx = idx; break; } } if pending_idx == std::usize::MAX { - debug_assert!(false, "Unable to find a pending HTLC which matched the given HTLC ID"); - return Err(HandleError{err: "Unable to find a pending HTLC which matched the given HTLC ID", action: Some(msgs::ErrorAction::IgnoreError)}); + return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID")); } // Now update local state: @@ -1144,14 +1197,15 @@ impl Channel { match pending_update { &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => { if htlc_id_arg == htlc_id { - debug_assert!(false, "Tried to fulfill an HTLC we already had a pending fulfill for"); return Ok((None, None)); } }, &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } => { if htlc_id_arg == htlc_id { - debug_assert!(false, "Tried to fulfill an HTLC we already had a holding-cell failure on"); - return Err(HandleError{err: "Unable to find a pending HTLC which matched the given HTLC ID", action: Some(msgs::ErrorAction::IgnoreError)}); + log_warn!(self, "Have preimage and want to fulfill HTLC with pending failure against channel {}", log_bytes!(self.channel_id())); + // TODO: We may actually be able to switch to a fulfill here, though its + // rare enough it may not be worth the complexity burden. + return Ok((None, Some(self.channel_monitor.clone()))); } }, _ => {} @@ -1180,7 +1234,7 @@ impl Channel { }), Some(self.channel_monitor.clone()))) } - pub fn get_update_fulfill_htlc_and_commit(&mut self, htlc_id: u64, payment_preimage: [u8; 32]) -> Result<(Option<(msgs::UpdateFulfillHTLC, msgs::CommitmentSigned)>, Option), HandleError> { + pub fn get_update_fulfill_htlc_and_commit(&mut self, htlc_id: u64, payment_preimage: PaymentPreimage) -> Result<(Option<(msgs::UpdateFulfillHTLC, msgs::CommitmentSigned)>, Option), ChannelError> { match self.get_update_fulfill_htlc(htlc_id, payment_preimage)? { (Some(update_fulfill_htlc), _) => { let (commitment, monitor_update) = self.send_commitment_no_status_check()?; @@ -1191,28 +1245,37 @@ impl Channel { } } - /// May return an IgnoreError, but should not, and will always return Ok(_) when - /// debug_assertions are turned on - pub fn get_update_fail_htlc(&mut self, htlc_id_arg: u64, err_packet: msgs::OnionErrorPacket) -> Result, HandleError> { + /// Per HTLC, only one get_update_fail_htlc or get_update_fulfill_htlc call may be made. + /// In such cases we debug_assert!(false) and return an IgnoreError. Thus, will always return + /// Ok(_) if debug assertions are turned on and preconditions are met. + pub fn get_update_fail_htlc(&mut self, htlc_id_arg: u64, err_packet: msgs::OnionErrorPacket) -> Result, ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { panic!("Was asked to fail an HTLC when channel was not in an operational state"); } assert_eq!(self.channel_state & ChannelState::ShutdownComplete as u32, 0); + // ChannelManager may generate duplicate claims/fails due to HTLC update events from + // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop + // these, but for now we just have to treat them as normal. + let mut pending_idx = std::usize::MAX; for (idx, htlc) in self.pending_inbound_htlcs.iter().enumerate() { if htlc.htlc_id == htlc_id_arg { - if let InboundHTLCState::Committed = htlc.state { - } else { - debug_assert!(false, "Have an inbound HTLC we tried to fail before it was fully committed to"); - return Err(HandleError{err: "Unable to find a pending HTLC which matched the given HTLC ID", action: Some(msgs::ErrorAction::IgnoreError)}); + match htlc.state { + InboundHTLCState::Committed => {}, + InboundHTLCState::LocalRemoved(_) => { + return Ok(None); + }, + _ => { + debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to"); + return Err(ChannelError::Ignore("Unable to find a pending HTLC which matchd the given HTLC ID")); + } } pending_idx = idx; } } if pending_idx == std::usize::MAX { - debug_assert!(false, "Unable to find a pending HTLC which matched the given HTLC ID"); - return Err(HandleError{err: "Unable to find a pending HTLC which matched the given HTLC ID", action: Some(msgs::ErrorAction::IgnoreError)}); + return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID")); } // Now update local state: @@ -1221,14 +1284,12 @@ impl Channel { match pending_update { &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => { if htlc_id_arg == htlc_id { - debug_assert!(false, "Unable to find a pending HTLC which matched the given HTLC ID"); - return Err(HandleError{err: "Unable to find a pending HTLC which matched the given HTLC ID", action: Some(msgs::ErrorAction::IgnoreError)}); + return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID")); } }, &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } => { if htlc_id_arg == htlc_id { - debug_assert!(false, "Tried to fail an HTLC that we already had a pending failure for"); - return Ok(None); + return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID")); } }, _ => {} @@ -1253,7 +1314,7 @@ impl Channel { })) } - pub fn get_update_fail_htlc_and_commit(&mut self, htlc_id: u64, err_packet: msgs::OnionErrorPacket) -> Result, HandleError> { + pub fn get_update_fail_htlc_and_commit(&mut self, htlc_id: u64, err_packet: msgs::OnionErrorPacket) -> Result, ChannelError> { match self.get_update_fail_htlc(htlc_id, err_packet)? { Some(update_fail_htlc) => { let (commitment, monitor_update) = self.send_commitment_no_status_check()?; @@ -1265,7 +1326,7 @@ impl Channel { // Message handlers: - pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel) -> Result<(), ChannelError> { + pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel, config: &UserConfig) -> Result<(), ChannelError> { // Check sanity of message fields: if !self.channel_outbound { return Err(ChannelError::Close("Got an accept_channel message from an inbound peer")); @@ -1291,9 +1352,6 @@ impl Channel { if msg.htlc_minimum_msat >= (self.channel_value_satoshis - msg.channel_reserve_satoshis) * 1000 { return Err(ChannelError::Close("Minimum htlc value is full channel value")); } - if msg.minimum_depth > Channel::derive_maximum_minimum_depth(self.channel_value_satoshis*1000, self.value_to_self_msat) { - return Err(ChannelError::Close("minimum_depth too large")); - } if msg.to_self_delay > MAX_LOCAL_BREAKDOWN_TIMEOUT { return Err(ChannelError::Close("They wanted our payments to be delayed by a needlessly long period")); } @@ -1304,14 +1362,28 @@ impl Channel { return Err(ChannelError::Close("max_accpted_htlcs > 483")); } - // TODO: Optional additional constraints mentioned in the spec - // MAY fail the channel if - // funding_satoshi is too small - // htlc_minimum_msat too large - // max_htlc_value_in_flight_msat too small - // channel_reserve_satoshis too large - // max_accepted_htlcs too small - // dust_limit_satoshis too small + // Now check against optional parameters as set by config... + if msg.htlc_minimum_msat > config.channel_limits.max_htlc_minimum_msat { + return Err(ChannelError::Close("htlc minimum msat is higher than the user specified limit")); + } + if msg.max_htlc_value_in_flight_msat < config.channel_limits.min_max_htlc_value_in_flight_msat { + return Err(ChannelError::Close("max htlc value in flight msat is less than the user specified limit")); + } + if msg.channel_reserve_satoshis > config.channel_limits.max_channel_reserve_satoshis { + return Err(ChannelError::Close("channel reserve satoshis is higher than the user specified limit")); + } + if msg.max_accepted_htlcs < config.channel_limits.min_max_accepted_htlcs { + return Err(ChannelError::Close("max accepted htlcs is less than the user specified limit")); + } + if msg.dust_limit_satoshis < config.channel_limits.min_dust_limit_satoshis { + return Err(ChannelError::Close("dust limit satoshis is less than the user specified limit")); + } + if msg.dust_limit_satoshis > config.channel_limits.max_dust_limit_satoshis { + return Err(ChannelError::Close("dust limit satoshis is greater than the user specified limit")); + } + if msg.minimum_depth > config.channel_limits.max_minimum_depth { + return Err(ChannelError::Close("We consider the minimum depth to be unreasonably large")); + } self.channel_monitor.set_their_base_keys(&msg.htlc_basepoint, &msg.delayed_payment_basepoint); @@ -1321,6 +1393,7 @@ impl Channel { self.their_htlc_minimum_msat = msg.htlc_minimum_msat; self.their_to_self_delay = msg.to_self_delay; self.their_max_accepted_htlcs = msg.max_accepted_htlcs; + self.minimum_depth = msg.minimum_depth; self.their_funding_pubkey = Some(msg.funding_pubkey); self.their_revocation_basepoint = Some(msg.revocation_basepoint); self.their_payment_basepoint = Some(msg.payment_basepoint); @@ -1337,33 +1410,36 @@ impl Channel { Ok(()) } - fn funding_created_signature(&mut self, sig: &Signature) -> Result<(Transaction, Signature), HandleError> { + fn funding_created_signature(&mut self, sig: &Signature) -> Result<(Transaction, Transaction, Signature, TxCreationKeys), ChannelError> { let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, self.feerate_per_kw).0; + let mut local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, self.feerate_per_kw).0; let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); - // They sign the "local" commitment transaction, allowing us to broadcast the tx if we wish. - secp_call!(self.secp_ctx.verify(&local_sighash, &sig, &self.their_funding_pubkey.unwrap()), "Invalid funding_created signature from peer", self.channel_id()); + // They sign the "local" commitment transaction... + secp_check!(self.secp_ctx.verify(&local_sighash, &sig, &self.their_funding_pubkey.unwrap()), "Invalid funding_created signature from peer"); + + // ...and we sign it, allowing us to broadcast the tx if we wish + self.sign_commitment_transaction(&mut local_initial_commitment_tx, sig); let remote_keys = self.build_remote_transaction_keys()?; let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false, self.feerate_per_kw).0; let remote_sighash = Message::from_slice(&bip143::SighashComponents::new(&remote_initial_commitment_tx).sighash_all(&remote_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // We sign the "remote" commitment transaction, allowing them to broadcast the tx if they wish. - Ok((remote_initial_commitment_tx, self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key))) + Ok((remote_initial_commitment_tx, local_initial_commitment_tx, self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key), local_keys)) } - pub fn funding_created(&mut self, msg: &msgs::FundingCreated) -> Result<(msgs::FundingSigned, ChannelMonitor), HandleError> { + pub fn funding_created(&mut self, msg: &msgs::FundingCreated) -> Result<(msgs::FundingSigned, ChannelMonitor), ChannelError> { if self.channel_outbound { - return Err(HandleError{err: "Received funding_created for an outbound channel?", action: Some(msgs::ErrorAction::SendErrorMessage {msg: msgs::ErrorMessage {channel_id: self.channel_id, data: "Received funding_created for an outbound channel?".to_string()}})}); + return Err(ChannelError::Close("Received funding_created for an outbound channel?")); } if self.channel_state != (ChannelState::OurInitSent as u32 | ChannelState::TheirInitSent as u32) { // BOLT 2 says that if we disconnect before we send funding_signed we SHOULD NOT // remember the channel, so its safe to just send an error_message here and drop the // channel. - return Err(HandleError{err: "Received funding_created after we got the channel!", action: Some(msgs::ErrorAction::SendErrorMessage {msg: msgs::ErrorMessage {channel_id: self.channel_id, data: "Received funding_created after we got the channel!".to_string()}})}); + return Err(ChannelError::Close("Received funding_created after we got the channel!")); } if self.channel_monitor.get_min_seen_secret() != (1 << 48) || self.cur_remote_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER || @@ -1375,7 +1451,7 @@ impl Channel { let funding_txo_script = self.get_funding_redeemscript().to_v0_p2wsh(); self.channel_monitor.set_funding_info((funding_txo, funding_txo_script)); - let (remote_initial_commitment_tx, our_signature) = match self.funding_created_signature(&msg.signature) { + let (remote_initial_commitment_tx, local_initial_commitment_tx, our_signature, local_keys) = match self.funding_created_signature(&msg.signature) { Ok(res) => res, Err(e) => { self.channel_monitor.unset_funding_info(); @@ -1385,7 +1461,9 @@ impl Channel { // Now that we're past error-generating stuff, update our local state: - self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_initial_commitment_tx, Vec::new(), self.cur_remote_commitment_transaction_number); + self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_initial_commitment_tx, Vec::new(), Vec::new(), self.cur_remote_commitment_transaction_number, self.their_cur_commitment_point.unwrap()); + self.last_local_commitment_txn = vec![local_initial_commitment_tx.clone()]; + self.channel_monitor.provide_latest_local_commitment_tx_info(local_initial_commitment_tx, local_keys, self.feerate_per_kw, Vec::new(), Vec::new()); self.channel_state = ChannelState::FundingSent as u32; self.channel_id = funding_txo.to_channel_id(); self.cur_remote_commitment_transaction_number -= 1; @@ -1399,12 +1477,12 @@ impl Channel { /// Handles a funding_signed message from the remote end. /// If this call is successful, broadcast the funding transaction (and not before!) - pub fn funding_signed(&mut self, msg: &msgs::FundingSigned) -> Result { + pub fn funding_signed(&mut self, msg: &msgs::FundingSigned) -> Result { if !self.channel_outbound { - return Err(HandleError{err: "Received funding_signed for an inbound channel?", action: None}); + return Err(ChannelError::Close("Received funding_signed for an inbound channel?")); } if self.channel_state != ChannelState::FundingCreated as u32 { - return Err(HandleError{err: "Received funding_signed in strange state!", action: None}); + return Err(ChannelError::Close("Received funding_signed in strange state!")); } if self.channel_monitor.get_min_seen_secret() != (1 << 48) || self.cur_remote_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER - 1 || @@ -1419,10 +1497,10 @@ impl Channel { let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // They sign the "local" commitment transaction, allowing us to broadcast the tx if we wish. - secp_call!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid funding_signed signature from peer", self.channel_id()); + secp_check!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid funding_signed signature from peer"); self.sign_commitment_transaction(&mut local_initial_commitment_tx, &msg.signature); - self.channel_monitor.provide_latest_local_commitment_tx_info(local_initial_commitment_tx.clone(), local_keys, self.feerate_per_kw, Vec::new()); + self.channel_monitor.provide_latest_local_commitment_tx_info(local_initial_commitment_tx.clone(), local_keys, self.feerate_per_kw, Vec::new(), Vec::new()); self.last_local_commitment_txn = vec![local_initial_commitment_tx]; self.channel_state = ChannelState::FundingSent as u32; self.cur_local_commitment_transaction_number -= 1; @@ -1479,44 +1557,50 @@ impl Channel { (self.pending_outbound_htlcs.len() as u32, htlc_outbound_value_msat) } - pub fn update_add_htlc(&mut self, msg: &msgs::UpdateAddHTLC, pending_forward_state: PendingHTLCStatus) -> Result<(), HandleError> { + pub fn update_add_htlc(&mut self, msg: &msgs::UpdateAddHTLC, pending_forward_state: PendingHTLCStatus) -> Result<(), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32 | ChannelState::RemoteShutdownSent as u32)) != (ChannelState::ChannelFunded as u32) { - return Err(HandleError{err: "Got add HTLC message when channel was not in an operational state", action: None}); + return Err(ChannelError::Close("Got add HTLC message when channel was not in an operational state")); } if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent update_add_htlc when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent update_add_htlc when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent update_add_htlc when we needed a channel_reestablish")); } if msg.amount_msat > self.channel_value_satoshis * 1000 { - return Err(HandleError{err: "Remote side tried to send more than the total value of the channel", action: None}); + return Err(ChannelError::Close("Remote side tried to send more than the total value of the channel")); } if msg.amount_msat < self.our_htlc_minimum_msat { - return Err(HandleError{err: "Remote side tried to send less than our minimum HTLC value", action: None}); + return Err(ChannelError::Close("Remote side tried to send less than our minimum HTLC value")); } let (inbound_htlc_count, htlc_inbound_value_msat) = self.get_inbound_pending_htlc_stats(); if inbound_htlc_count + 1 > OUR_MAX_HTLCS as u32 { - return Err(HandleError{err: "Remote tried to push more than our max accepted HTLCs", action: None}); + return Err(ChannelError::Close("Remote tried to push more than our max accepted HTLCs")); } //TODO: Spec is unclear if this is per-direction or in total (I assume per direction): // Check our_max_htlc_value_in_flight_msat if htlc_inbound_value_msat + msg.amount_msat > Channel::get_our_max_htlc_value_in_flight_msat(self.channel_value_satoshis) { - return Err(HandleError{err: "Remote HTLC add would put them over their max HTLC value in flight", action: None}); + return Err(ChannelError::Close("Remote HTLC add would put them over their max HTLC value in flight")); } // Check our_channel_reserve_satoshis (we're getting paid, so they have to at least meet // the reserve_satoshis we told them to always have as direct payment so that they lose // something if we punish them for broadcasting an old state). if htlc_inbound_value_msat + msg.amount_msat + self.value_to_self_msat > (self.channel_value_satoshis - Channel::get_our_channel_reserve_satoshis(self.channel_value_satoshis)) * 1000 { - return Err(HandleError{err: "Remote HTLC add would put them over their reserve value", action: None}); + return Err(ChannelError::Close("Remote HTLC add would put them over their reserve value")); } if self.next_remote_htlc_id != msg.htlc_id { - return Err(HandleError{err: "Remote skipped HTLC ID", action: None}); + return Err(ChannelError::Close("Remote skipped HTLC ID")); } if msg.cltv_expiry >= 500000000 { - return Err(HandleError{err: "Remote provided CLTV expiry in seconds instead of block height", action: None}); + return Err(ChannelError::Close("Remote provided CLTV expiry in seconds instead of block height")); } //TODO: Check msg.cltv_expiry further? Do this in channel manager? + if self.channel_state & ChannelState::LocalShutdownSent as u32 != 0 { + if let PendingHTLCStatus::Forward(_) = pending_forward_state { + panic!("ChannelManager shouldn't be trying to add a forwardable HTLC after we've started closing"); + } + } + // Now update local state: self.next_remote_htlc_id += 1; self.pending_inbound_htlcs.push(InboundHTLCOutput { @@ -1532,7 +1616,7 @@ impl Channel { /// Marks an outbound HTLC which we have received update_fail/fulfill/malformed #[inline] - fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<[u8; 32]>, fail_reason: Option) -> Result<&HTLCSource, ChannelError> { + fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option, fail_reason: Option) -> Result<&HTLCSource, ChannelError> { for htlc in self.pending_outbound_htlcs.iter_mut() { if htlc.htlc_id == htlc_id { match check_preimage { @@ -1558,7 +1642,7 @@ impl Channel { Err(ChannelError::Close("Remote tried to fulfill/fail an HTLC we couldn't find")) } - pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<&HTLCSource, ChannelError> { + pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(ChannelError::Close("Got fulfill HTLC message when channel was not in an operational state")); } @@ -1567,14 +1651,14 @@ impl Channel { } let mut sha = Sha256::new(); - sha.input(&msg.payment_preimage); - let mut payment_hash = [0; 32]; - sha.result(&mut payment_hash); + sha.input(&msg.payment_preimage.0[..]); + let mut payment_hash = PaymentHash([0; 32]); + sha.result(&mut payment_hash.0[..]); - self.mark_outbound_htlc_removed(msg.htlc_id, Some(payment_hash), None) + self.mark_outbound_htlc_removed(msg.htlc_id, Some(payment_hash), None).map(|source| source.clone()) } - pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<&HTLCSource, ChannelError> { + pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(ChannelError::Close("Got fail HTLC message when channel was not in an operational state")); } @@ -1582,10 +1666,11 @@ impl Channel { return Err(ChannelError::Close("Peer sent update_fail_htlc when we needed a channel_reestablish")); } - self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason)) + self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?; + Ok(()) } - pub fn update_fail_malformed_htlc<'a>(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<&HTLCSource, ChannelError> { + pub fn update_fail_malformed_htlc<'a>(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { return Err(ChannelError::Close("Got fail malformed HTLC message when channel was not in an operational state")); } @@ -1593,34 +1678,54 @@ impl Channel { return Err(ChannelError::Close("Peer sent update_fail_malformed_htlc when we needed a channel_reestablish")); } - self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason)) + self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?; + Ok(()) } - pub fn commitment_signed(&mut self, msg: &msgs::CommitmentSigned) -> Result<(msgs::RevokeAndACK, Option, ChannelMonitor), HandleError> { + pub fn commitment_signed(&mut self, msg: &msgs::CommitmentSigned, fee_estimator: &FeeEstimator) -> Result<(msgs::RevokeAndACK, Option, Option, ChannelMonitor), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { - return Err(HandleError{err: "Got commitment signed message when channel was not in an operational state", action: None}); + return Err(ChannelError::Close("Got commitment signed message when channel was not in an operational state")); } if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent commitment_signed when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent commitment_signed when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent commitment_signed when we needed a channel_reestablish")); + } + if self.channel_state & BOTH_SIDES_SHUTDOWN_MASK == BOTH_SIDES_SHUTDOWN_MASK && self.last_sent_closing_fee.is_some() { + return Err(ChannelError::Close("Peer sent commitment_signed after we'd started exchanging closing_signeds")); } let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; + let mut update_fee = false; let feerate_per_kw = if !self.channel_outbound && self.pending_update_fee.is_some() { + update_fee = true; self.pending_update_fee.unwrap() } else { self.feerate_per_kw }; - let mut local_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, feerate_per_kw); + let mut local_commitment_tx = { + let mut commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, feerate_per_kw); + let htlcs_cloned: Vec<_> = commitment_tx.2.drain(..).map(|htlc_source| (htlc_source.0, htlc_source.1.clone(), htlc_source.2)).collect(); + (commitment_tx.0, commitment_tx.1, htlcs_cloned) + }; let local_commitment_txid = local_commitment_tx.0.txid(); let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_commitment_tx.0).sighash_all(&local_commitment_tx.0.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); - secp_call!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid commitment tx signature from peer", self.channel_id()); + secp_check!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid commitment tx signature from peer"); + + //If channel fee was updated by funder confirm funder can afford the new fee rate when applied to the current local commitment transaction + if update_fee { + let num_htlcs = local_commitment_tx.1.len(); + let total_fee: u64 = feerate_per_kw as u64 * (COMMITMENT_TX_BASE_WEIGHT + (num_htlcs as u64) * COMMITMENT_TX_WEIGHT_PER_HTLC) / 1000; + + if self.channel_value_satoshis - self.value_to_self_msat / 1000 < total_fee + self.their_channel_reserve_satoshis { + return Err(ChannelError::Close("Funding remote cannot afford proposed new fee")); + } + } if msg.htlc_signatures.len() != local_commitment_tx.1.len() { - return Err(HandleError{err: "Got wrong number of HTLC signatures from remote", action: None}); + return Err(ChannelError::Close("Got wrong number of HTLC signatures from remote")); } let mut new_local_commitment_txn = Vec::with_capacity(local_commitment_tx.1.len() + 1); @@ -1628,19 +1733,19 @@ impl Channel { new_local_commitment_txn.push(local_commitment_tx.0.clone()); let mut htlcs_and_sigs = Vec::with_capacity(local_commitment_tx.1.len()); - for (idx, ref htlc) in local_commitment_tx.1.iter().enumerate() { - let mut htlc_tx = self.build_htlc_transaction(&local_commitment_txid, htlc, true, &local_keys, feerate_per_kw); + for (idx, htlc) in local_commitment_tx.1.drain(..).enumerate() { + let mut htlc_tx = self.build_htlc_transaction(&local_commitment_txid, &htlc, true, &local_keys, feerate_per_kw); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &local_keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); - secp_call!(self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &local_keys.b_htlc_key), "Invalid HTLC tx siganture from peer", self.channel_id()); + secp_check!(self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &local_keys.b_htlc_key), "Invalid HTLC tx signature from peer"); let htlc_sig = if htlc.offered { - let htlc_sig = self.sign_htlc_transaction(&mut htlc_tx, &msg.htlc_signatures[idx], &None, htlc, &local_keys)?; + let htlc_sig = self.sign_htlc_transaction(&mut htlc_tx, &msg.htlc_signatures[idx], &None, &htlc, &local_keys)?; new_local_commitment_txn.push(htlc_tx); htlc_sig } else { - self.create_htlc_tx_signature(&htlc_tx, htlc, &local_keys)?.1 + self.create_htlc_tx_signature(&htlc_tx, &htlc, &local_keys)?.1 }; - htlcs_and_sigs.push(((*htlc).clone(), msg.htlc_signatures[idx], htlc_sig)); + htlcs_and_sigs.push((htlc, msg.htlc_signatures[idx], htlc_sig)); } let next_per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &self.build_local_commitment_secret(self.cur_local_commitment_transaction_number - 1)); @@ -1660,13 +1765,14 @@ impl Channel { } } } + if self.channel_state & (ChannelState::MonitorUpdateFailed as u32) == 0 { // This is a response to our post-monitor-failed unfreeze messages, so we can clear the // monitor_pending_order requirement as we won't re-send the monitor_pending messages. self.monitor_pending_order = None; } - self.channel_monitor.provide_latest_local_commitment_tx_info(local_commitment_tx.0, local_keys, self.feerate_per_kw, htlcs_and_sigs); + self.channel_monitor.provide_latest_local_commitment_tx_info(local_commitment_tx.0, local_keys, self.feerate_per_kw, htlcs_and_sigs, local_commitment_tx.2); for htlc in self.pending_inbound_htlcs.iter_mut() { let new_forward = if let &InboundHTLCState::RemoteAnnounced(ref forward_info) = &htlc.state { @@ -1691,27 +1797,29 @@ impl Channel { if (self.channel_state & ChannelState::MonitorUpdateFailed as u32) != 0 { self.monitor_pending_revoke_and_ack = true; self.monitor_pending_commitment_signed |= need_our_commitment; - return Err(HandleError{err: "Previous monitor update failure prevented generation of RAA", action: Some(ErrorAction::IgnoreError)}); + return Err(ChannelError::Ignore("Previous monitor update failure prevented generation of RAA")); } - let (our_commitment_signed, monitor_update) = if need_our_commitment && (self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == 0 { + let (our_commitment_signed, monitor_update, closing_signed) = if need_our_commitment && (self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == 0 { // If we're AwaitingRemoteRevoke we can't send a new commitment here, but that's ok - // we'll send one right away when we get the revoke_and_ack when we // free_holding_cell_htlcs(). let (msg, monitor) = self.send_commitment_no_status_check()?; - (Some(msg), monitor) - } else { (None, self.channel_monitor.clone()) }; + (Some(msg), monitor, None) + } else if !need_our_commitment { + (None, self.channel_monitor.clone(), self.maybe_propose_first_closing_signed(fee_estimator)) + } else { (None, self.channel_monitor.clone(), None) }; Ok((msgs::RevokeAndACK { channel_id: self.channel_id, per_commitment_secret: per_commitment_secret, next_per_commitment_point: next_per_commitment_point, - }, our_commitment_signed, monitor_update)) + }, our_commitment_signed, closing_signed, monitor_update)) } /// Used to fulfill holding_cell_htlcs when we get a remote ack (or implicitly get it by them /// fulfilling or failing the last pending HTLC) - fn free_holding_cell_htlcs(&mut self) -> Result, HandleError> { + fn free_holding_cell_htlcs(&mut self) -> Result, ChannelError> { assert_eq!(self.channel_state & ChannelState::MonitorUpdateFailed as u32, 0); if self.holding_cell_htlc_updates.len() != 0 || self.holding_cell_update_fee.is_some() { let mut htlc_updates = Vec::new(); @@ -1730,19 +1838,19 @@ impl Channel { self.holding_cell_htlc_updates.push(htlc_update); } else { match &htlc_update { - &HTLCUpdateAwaitingACK::AddHTLC {amount_msat, cltv_expiry, payment_hash, ref source, ref onion_routing_packet, ..} => { - match self.send_htlc(amount_msat, payment_hash, cltv_expiry, source.clone(), onion_routing_packet.clone()) { + &HTLCUpdateAwaitingACK::AddHTLC {amount_msat, cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet, ..} => { + match self.send_htlc(amount_msat, *payment_hash, cltv_expiry, source.clone(), onion_routing_packet.clone()) { Ok(update_add_msg_option) => update_add_htlcs.push(update_add_msg_option.unwrap()), Err(e) => { err = Some(e); } } }, - &HTLCUpdateAwaitingACK::ClaimHTLC { payment_preimage, htlc_id, .. } => { - match self.get_update_fulfill_htlc(htlc_id, payment_preimage) { + &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, htlc_id, .. } => { + match self.get_update_fulfill_htlc(htlc_id, *payment_preimage) { Ok(update_fulfill_msg_option) => update_fulfill_htlcs.push(update_fulfill_msg_option.0.unwrap()), Err(e) => { - if let Some(msgs::ErrorAction::IgnoreError) = e.action {} + if let ChannelError::Ignore(_) = e {} else { panic!("Got a non-IgnoreError action trying to fulfill holding cell HTLC"); } @@ -1753,7 +1861,7 @@ impl Channel { match self.get_update_fail_htlc(htlc_id, err_packet.clone()) { Ok(update_fail_msg_option) => update_fail_htlcs.push(update_fail_msg_option.unwrap()), Err(e) => { - if let Some(msgs::ErrorAction::IgnoreError) = e.action {} + if let ChannelError::Ignore(_) = e {} else { panic!("Got a non-IgnoreError action trying to fail holding cell HTLC"); } @@ -1807,20 +1915,24 @@ impl Channel { /// waiting on this revoke_and_ack. The generation of this new commitment_signed may also fail, /// generating an appropriate error *after* the channel state has been updated based on the /// revoke_and_ack message. - pub fn revoke_and_ack(&mut self, msg: &msgs::RevokeAndACK) -> Result<(Option, Vec<(PendingForwardHTLCInfo, u64)>, Vec<(HTLCSource, [u8; 32], HTLCFailReason)>, ChannelMonitor), HandleError> { + pub fn revoke_and_ack(&mut self, msg: &msgs::RevokeAndACK, fee_estimator: &FeeEstimator) -> Result<(Option, Vec<(PendingForwardHTLCInfo, u64)>, Vec<(HTLCSource, PaymentHash, HTLCFailReason)>, Option, ChannelMonitor), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { - return Err(HandleError{err: "Got revoke/ACK message when channel was not in an operational state", action: None}); + return Err(ChannelError::Close("Got revoke/ACK message when channel was not in an operational state")); } if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent revoke_and_ack when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent revoke_and_ack when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent revoke_and_ack when we needed a channel_reestablish")); + } + if self.channel_state & BOTH_SIDES_SHUTDOWN_MASK == BOTH_SIDES_SHUTDOWN_MASK && self.last_sent_closing_fee.is_some() { + return Err(ChannelError::Close("Peer sent revoke_and_ack after we'd started exchanging closing_signeds")); } if let Some(their_prev_commitment_point) = self.their_prev_commitment_point { - if PublicKey::from_secret_key(&self.secp_ctx, &secp_call!(SecretKey::from_slice(&self.secp_ctx, &msg.per_commitment_secret), "Peer provided an invalid per_commitment_secret", self.channel_id())) != their_prev_commitment_point { - return Err(HandleError{err: "Got a revoke commitment secret which didn't correspond to their current pubkey", action: None}); + if PublicKey::from_secret_key(&self.secp_ctx, &secp_check!(SecretKey::from_slice(&self.secp_ctx, &msg.per_commitment_secret), "Peer provided an invalid per_commitment_secret")) != their_prev_commitment_point { + return Err(ChannelError::Close("Got a revoke commitment secret which didn't correspond to their current pubkey")); } } - self.channel_monitor.provide_secret(self.cur_remote_commitment_transaction_number + 1, msg.per_commitment_secret, Some((self.cur_remote_commitment_transaction_number - 1, msg.next_per_commitment_point)))?; + self.channel_monitor.provide_secret(self.cur_remote_commitment_transaction_number + 1, msg.per_commitment_secret) + .map_err(|e| ChannelError::Close(e.0))?; // Update state now that we've passed all the can-fail calls... // (note that we may still fail to generate the new commitment_signed message, but that's @@ -1935,7 +2047,7 @@ impl Channel { } self.monitor_pending_forwards.append(&mut to_forward_infos); self.monitor_pending_failures.append(&mut revoked_htlcs); - return Ok((None, Vec::new(), Vec::new(), self.channel_monitor.clone())); + return Ok((None, Vec::new(), Vec::new(), None, self.channel_monitor.clone())); } match self.free_holding_cell_htlcs()? { @@ -1948,7 +2060,7 @@ impl Channel { for fail_msg in update_fail_malformed_htlcs.drain(..) { commitment_update.0.update_fail_malformed_htlcs.push(fail_msg); } - Ok((Some(commitment_update.0), to_forward_infos, revoked_htlcs, commitment_update.1)) + Ok((Some(commitment_update.0), to_forward_infos, revoked_htlcs, None, commitment_update.1)) }, None => { if require_commitment { @@ -1960,9 +2072,9 @@ impl Channel { update_fail_malformed_htlcs, update_fee: None, commitment_signed - }), to_forward_infos, revoked_htlcs, monitor_update)) + }), to_forward_infos, revoked_htlcs, None, monitor_update)) } else { - Ok((None, to_forward_infos, revoked_htlcs, self.channel_monitor.clone())) + Ok((None, to_forward_infos, revoked_htlcs, self.maybe_propose_first_closing_signed(fee_estimator), self.channel_monitor.clone())) } } } @@ -1997,7 +2109,7 @@ impl Channel { }) } - pub fn send_update_fee_and_commit(&mut self, feerate_per_kw: u64) -> Result, HandleError> { + pub fn send_update_fee_and_commit(&mut self, feerate_per_kw: u64) -> Result, ChannelError> { match self.send_update_fee(feerate_per_kw) { Some(update_fee) => { let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; @@ -2013,7 +2125,7 @@ impl Channel { /// implicitly dropping) and the payment_hashes of HTLCs we tried to add but are dropping. /// No further message handling calls may be made until a channel_reestablish dance has /// completed. - pub fn remove_uncommitted_htlcs_and_mark_paused(&mut self) -> Vec<(HTLCSource, [u8; 32])> { + pub fn remove_uncommitted_htlcs_and_mark_paused(&mut self) -> Vec<(HTLCSource, PaymentHash)> { let mut outbound_drops = Vec::new(); assert_eq!(self.channel_state & ChannelState::ShutdownComplete as u32, 0); @@ -2021,6 +2133,9 @@ impl Channel { self.channel_state = ChannelState::ShutdownComplete as u32; return outbound_drops; } + // Upon reconnect we have to start the closing_signed dance over, but shutdown messages + // will be retransmitted. + self.last_sent_closing_fee = None; let mut inbound_drop_count = 0; self.pending_inbound_htlcs.retain(|htlc| { @@ -2048,6 +2163,7 @@ impl Channel { }, } }); + self.next_remote_htlc_id -= inbound_drop_count; for htlc in self.pending_outbound_htlcs.iter_mut() { if let OutboundHTLCState::RemoteRemoved = htlc.state { @@ -2079,7 +2195,7 @@ impl Channel { /// commitment update or a revoke_and_ack generation). The messages which were generated from /// that original call must *not* have been sent to the remote end, and must instead have been /// dropped. They will be regenerated when monitor_updating_restored is called. - pub fn monitor_update_failed(&mut self, order: RAACommitmentOrder) { + pub fn monitor_update_failed(&mut self, order: RAACommitmentOrder, mut pending_forwards: Vec<(PendingForwardHTLCInfo, u64)>, mut pending_fails: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>, raa_first_dropped_cs: bool) { assert_eq!(self.channel_state & ChannelState::MonitorUpdateFailed as u32, 0); match order { RAACommitmentOrder::CommitmentFirst => { @@ -2088,9 +2204,13 @@ impl Channel { }, RAACommitmentOrder::RevokeAndACKFirst => { self.monitor_pending_revoke_and_ack = true; - self.monitor_pending_commitment_signed = false; + self.monitor_pending_commitment_signed = raa_first_dropped_cs; }, } + assert!(self.monitor_pending_forwards.is_empty()); + mem::swap(&mut pending_forwards, &mut self.monitor_pending_forwards); + assert!(self.monitor_pending_failures.is_empty()); + mem::swap(&mut pending_fails, &mut self.monitor_pending_failures); self.monitor_pending_order = Some(order); self.channel_state |= ChannelState::MonitorUpdateFailed as u32; } @@ -2098,7 +2218,7 @@ impl Channel { /// Indicates that the latest ChannelMonitor update has been committed by the client /// successfully and we should restore normal operation. Returns messages which should be sent /// to the remote side. - pub fn monitor_updating_restored(&mut self) -> (Option, Option, RAACommitmentOrder, Vec<(PendingForwardHTLCInfo, u64)>, Vec<(HTLCSource, [u8; 32], HTLCFailReason)>) { + pub fn monitor_updating_restored(&mut self) -> (Option, Option, RAACommitmentOrder, Vec<(PendingForwardHTLCInfo, u64)>, Vec<(HTLCSource, PaymentHash, HTLCFailReason)>) { assert_eq!(self.channel_state & ChannelState::MonitorUpdateFailed as u32, ChannelState::MonitorUpdateFailed as u32); self.channel_state &= !(ChannelState::MonitorUpdateFailed as u32); @@ -2134,7 +2254,6 @@ impl Channel { return Err(ChannelError::Close("Peer sent update_fee when we needed a channel_reestablish")); } Channel::check_remote_fee(fee_estimator, msg.feerate_per_kw)?; - self.pending_update_fee = Some(msg.feerate_per_kw as u64); self.channel_update_count += 1; Ok(()) @@ -2207,7 +2326,7 @@ impl Channel { /// May panic if some calls other than message-handling calls (which will all Err immediately) /// have been called between remove_uncommitted_htlcs_and_mark_paused and this call. - pub fn channel_reestablish(&mut self, msg: &msgs::ChannelReestablish) -> Result<(Option, Option, Option, Option, RAACommitmentOrder), ChannelError> { + pub fn channel_reestablish(&mut self, msg: &msgs::ChannelReestablish) -> Result<(Option, Option, Option, Option, RAACommitmentOrder, Option), ChannelError> { if self.channel_state & (ChannelState::PeerDisconnected as u32) == 0 { // While BOLT 2 doesn't indicate explicitly we should error this channel here, it // almost certainly indicates we are going to end up out-of-sync in some way, so we @@ -2215,8 +2334,8 @@ impl Channel { return Err(ChannelError::Close("Peer sent a loose channel_reestablish not after reconnect")); } - if msg.next_local_commitment_number == 0 || msg.next_local_commitment_number >= INITIAL_COMMITMENT_NUMBER || - msg.next_remote_commitment_number == 0 || msg.next_remote_commitment_number >= INITIAL_COMMITMENT_NUMBER { + if msg.next_local_commitment_number >= INITIAL_COMMITMENT_NUMBER || msg.next_remote_commitment_number >= INITIAL_COMMITMENT_NUMBER || + msg.next_local_commitment_number == 0 { return Err(ChannelError::Close("Peer sent a garbage channel_reestablish")); } @@ -2224,11 +2343,36 @@ impl Channel { // remaining cases either succeed or ErrorMessage-fail). self.channel_state &= !(ChannelState::PeerDisconnected as u32); - let required_revoke = if msg.next_remote_commitment_number == INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number { + let shutdown_msg = if self.channel_state & (ChannelState::LocalShutdownSent as u32) != 0 { + Some(msgs::Shutdown { + channel_id: self.channel_id, + scriptpubkey: self.get_closing_scriptpubkey(), + }) + } else { None }; + + if self.channel_state & (ChannelState::FundingSent as u32) == ChannelState::FundingSent as u32 { + if self.channel_state & ChannelState::OurFundingLocked as u32 == 0 { + if msg.next_remote_commitment_number != 0 { + return Err(ChannelError::Close("Peer claimed they saw a revoke_and_ack but we haven't sent funding_locked yet")); + } + // Short circuit the whole handler as there is nothing we can resend them + return Ok((None, None, None, None, RAACommitmentOrder::CommitmentFirst, shutdown_msg)); + } + + // We have OurFundingLocked set! + let next_per_commitment_secret = self.build_local_commitment_secret(self.cur_local_commitment_transaction_number); + let next_per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &next_per_commitment_secret); + return Ok((Some(msgs::FundingLocked { + channel_id: self.channel_id(), + next_per_commitment_point: next_per_commitment_point, + }), None, None, None, RAACommitmentOrder::CommitmentFirst, shutdown_msg)); + } + + let required_revoke = if msg.next_remote_commitment_number + 1 == INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number { // Remote isn't waiting on any RevokeAndACK from us! // Note that if we need to repeat our FundingLocked we'll do that in the next if block. None - } else if msg.next_remote_commitment_number == (INITIAL_COMMITMENT_NUMBER - 1) - self.cur_local_commitment_transaction_number { + } else if msg.next_remote_commitment_number + 1 == (INITIAL_COMMITMENT_NUMBER - 1) - self.cur_local_commitment_transaction_number { if self.channel_state & (ChannelState::MonitorUpdateFailed as u32) != 0 { self.monitor_pending_revoke_and_ack = true; None @@ -2275,20 +2419,13 @@ impl Channel { // have received some updates while we were disconnected. Free the holding cell // now! match self.free_holding_cell_htlcs() { - Err(e) => { - if let &Some(msgs::ErrorAction::DisconnectPeer{msg: Some(_)}) = &e.action { - return Err(ChannelError::Close(e.err)); - } else if let &Some(msgs::ErrorAction::SendErrorMessage{msg: _}) = &e.action { - return Err(ChannelError::Close(e.err)); - } else { - panic!("Got non-channel-failing result from free_holding_cell_htlcs"); - } - }, - Ok(Some((commitment_update, channel_monitor))) => return Ok((resend_funding_locked, required_revoke, Some(commitment_update), Some(channel_monitor), order)), - Ok(None) => return Ok((resend_funding_locked, required_revoke, None, None, order)), + Err(ChannelError::Close(msg)) => return Err(ChannelError::Close(msg)), + Err(ChannelError::Ignore(_)) => panic!("Got non-channel-failing result from free_holding_cell_htlcs"), + Ok(Some((commitment_update, channel_monitor))) => return Ok((resend_funding_locked, required_revoke, Some(commitment_update), Some(channel_monitor), order, shutdown_msg)), + Ok(None) => return Ok((resend_funding_locked, required_revoke, None, None, order, shutdown_msg)), } } else { - return Ok((resend_funding_locked, required_revoke, None, None, order)); + return Ok((resend_funding_locked, required_revoke, None, None, order, shutdown_msg)); } } else if msg.next_local_commitment_number == our_next_remote_commitment_number - 1 { if required_revoke.is_some() { @@ -2302,71 +2439,77 @@ impl Channel { if self.channel_state & (ChannelState::MonitorUpdateFailed as u32) != 0 { self.monitor_pending_commitment_signed = true; - return Ok((resend_funding_locked, None, None, None, order)); + return Ok((resend_funding_locked, None, None, None, order, shutdown_msg)); } - return Ok((resend_funding_locked, required_revoke, Some(self.get_last_commitment_update()), None, order)); + return Ok((resend_funding_locked, required_revoke, Some(self.get_last_commitment_update()), None, order, shutdown_msg)); } else { return Err(ChannelError::Close("Peer attempted to reestablish channel with a very old remote commitment transaction")); } } - pub fn shutdown(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::Shutdown) -> Result<(Option, Option, Vec<(HTLCSource, [u8; 32])>), HandleError> { + fn maybe_propose_first_closing_signed(&mut self, fee_estimator: &FeeEstimator) -> Option { + if !self.channel_outbound || !self.pending_inbound_htlcs.is_empty() || !self.pending_outbound_htlcs.is_empty() || + self.channel_state & (BOTH_SIDES_SHUTDOWN_MASK | ChannelState::AwaitingRemoteRevoke as u32) != BOTH_SIDES_SHUTDOWN_MASK || + self.last_sent_closing_fee.is_some() || self.pending_update_fee.is_some() { + return None; + } + + let mut proposed_feerate = fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Background); + if self.feerate_per_kw > proposed_feerate { + proposed_feerate = self.feerate_per_kw; + } + let tx_weight = Self::get_closing_transaction_weight(&self.get_closing_scriptpubkey(), self.their_shutdown_scriptpubkey.as_ref().unwrap()); + let proposed_total_fee_satoshis = proposed_feerate * tx_weight / 1000; + + let (closing_tx, total_fee_satoshis) = self.build_closing_transaction(proposed_total_fee_satoshis, false); + let funding_redeemscript = self.get_funding_redeemscript(); + let sighash = Message::from_slice(&bip143::SighashComponents::new(&closing_tx).sighash_all(&closing_tx.input[0], &funding_redeemscript, self.channel_value_satoshis)[..]).unwrap(); + + self.last_sent_closing_fee = Some((proposed_feerate, total_fee_satoshis)); + Some(msgs::ClosingSigned { + channel_id: self.channel_id, + fee_satoshis: total_fee_satoshis, + signature: self.secp_ctx.sign(&sighash, &self.local_keys.funding_key), + }) + } + + pub fn shutdown(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::Shutdown) -> Result<(Option, Option, Vec<(HTLCSource, PaymentHash)>), ChannelError> { if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent shutdown when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent shutdown when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent shutdown when we needed a channel_reestablish")); } if self.channel_state < ChannelState::FundingSent as u32 { - self.channel_state = ChannelState::ShutdownComplete as u32; - self.channel_update_count += 1; - return Ok((None, None, Vec::new())); + // Spec says we should fail the connection, not the channel, but that's nonsense, there + // are plenty of reasons you may want to fail a channel pre-funding, and spec says you + // can do that via error message without getting a connection fail anyway... + return Err(ChannelError::Close("Peer sent shutdown pre-funding generation")); } for htlc in self.pending_inbound_htlcs.iter() { if let InboundHTLCState::RemoteAnnounced(_) = htlc.state { - return Err(HandleError{err: "Got shutdown with remote pending HTLCs", action: None}); + return Err(ChannelError::Close("Got shutdown with remote pending HTLCs")); } } - if (self.channel_state & ChannelState::RemoteShutdownSent as u32) == ChannelState::RemoteShutdownSent as u32 { - return Err(HandleError{err: "Remote peer sent duplicate shutdown message", action: None}); - } assert_eq!(self.channel_state & ChannelState::ShutdownComplete as u32, 0); // BOLT 2 says we must only send a scriptpubkey of certain standard forms, which are up to // 34 bytes in length, so dont let the remote peer feed us some super fee-heavy script. if self.channel_outbound && msg.scriptpubkey.len() > 34 { - return Err(HandleError{err: "Got shutdown_scriptpubkey of absurd length from remote peer", action: None}); + return Err(ChannelError::Close("Got shutdown_scriptpubkey of absurd length from remote peer")); } //Check shutdown_scriptpubkey form as BOLT says we must - if !(msg.scriptpubkey.is_p2pkh()) && !(msg.scriptpubkey.is_p2sh()) - && !(msg.scriptpubkey.is_v0_p2wpkh()) && !(msg.scriptpubkey.is_v0_p2wsh()){ - return Err(HandleError{err: "Got an invalid scriptpubkey from remote peer", action: Some(msgs::ErrorAction::DisconnectPeer{ msg: None })}); + if !msg.scriptpubkey.is_p2pkh() && !msg.scriptpubkey.is_p2sh() && !msg.scriptpubkey.is_v0_p2wpkh() && !msg.scriptpubkey.is_v0_p2wsh() { + return Err(ChannelError::Close("Got a nonstandard scriptpubkey from remote peer")); } if self.their_shutdown_scriptpubkey.is_some() { if Some(&msg.scriptpubkey) != self.their_shutdown_scriptpubkey.as_ref() { - return Err(HandleError{err: "Got shutdown request with a scriptpubkey which did not match their previous scriptpubkey", action: None}); + return Err(ChannelError::Close("Got shutdown request with a scriptpubkey which did not match their previous scriptpubkey")); } } else { self.their_shutdown_scriptpubkey = Some(msg.scriptpubkey.clone()); } - let our_closing_script = self.get_closing_scriptpubkey(); - - let (proposed_feerate, proposed_fee, our_sig) = if self.channel_outbound && self.pending_inbound_htlcs.is_empty() && self.pending_outbound_htlcs.is_empty() { - let mut proposed_feerate = fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Background); - if self.feerate_per_kw > proposed_feerate { - proposed_feerate = self.feerate_per_kw; - } - let tx_weight = Self::get_closing_transaction_weight(&our_closing_script, &msg.scriptpubkey); - let proposed_total_fee_satoshis = proposed_feerate * tx_weight / 1000; - - let (closing_tx, total_fee_satoshis) = self.build_closing_transaction(proposed_total_fee_satoshis, false); - let funding_redeemscript = self.get_funding_redeemscript(); - let sighash = Message::from_slice(&bip143::SighashComponents::new(&closing_tx).sighash_all(&closing_tx.input[0], &funding_redeemscript, self.channel_value_satoshis)[..]).unwrap(); - - (Some(proposed_feerate), Some(total_fee_satoshis), Some(self.secp_ctx.sign(&sighash, &self.local_keys.funding_key))) - } else { (None, None, None) }; - // From here on out, we may not fail! self.channel_state |= ChannelState::RemoteShutdownSent as u32; @@ -2375,6 +2518,7 @@ impl Channel { // We can't send our shutdown until we've committed all of our pending HTLCs, but the // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding // cell HTLCs and return them to fail the payment. + self.holding_cell_update_fee = None; let mut dropped_outbound_htlcs = Vec::with_capacity(self.holding_cell_htlc_updates.len()); self.holding_cell_htlc_updates.retain(|htlc_update| { match htlc_update { @@ -2385,55 +2529,42 @@ impl Channel { _ => true } }); - for htlc in self.pending_outbound_htlcs.iter() { - if let OutboundHTLCState::LocalAnnounced(_) = htlc.state { - return Ok((None, None, dropped_outbound_htlcs)); - } - } + // If we have any LocalAnnounced updates we'll probably just get back a update_fail_htlc + // immediately after the commitment dance, but we can send a Shutdown cause we won't send + // any further commitment updates after we set LocalShutdownSent. let our_shutdown = if (self.channel_state & ChannelState::LocalShutdownSent as u32) == ChannelState::LocalShutdownSent as u32 { None } else { Some(msgs::Shutdown { channel_id: self.channel_id, - scriptpubkey: our_closing_script, + scriptpubkey: self.get_closing_scriptpubkey(), }) }; self.channel_state |= ChannelState::LocalShutdownSent as u32; self.channel_update_count += 1; - if self.pending_inbound_htlcs.is_empty() && self.pending_outbound_htlcs.is_empty() && self.channel_outbound { - // There are no more HTLCs and we're the funder, this means we start the closing_signed - // dance with an initial fee proposal! - self.last_sent_closing_fee = Some((proposed_feerate.unwrap(), proposed_fee.unwrap())); - Ok((our_shutdown, Some(msgs::ClosingSigned { - channel_id: self.channel_id, - fee_satoshis: proposed_fee.unwrap(), - signature: our_sig.unwrap(), - }), dropped_outbound_htlcs)) - } else { - Ok((our_shutdown, None, dropped_outbound_htlcs)) - } + Ok((our_shutdown, self.maybe_propose_first_closing_signed(fee_estimator), dropped_outbound_htlcs)) } - pub fn closing_signed(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::ClosingSigned) -> Result<(Option, Option), HandleError> { + pub fn closing_signed(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::ClosingSigned) -> Result<(Option, Option), ChannelError> { if self.channel_state & BOTH_SIDES_SHUTDOWN_MASK != BOTH_SIDES_SHUTDOWN_MASK { - return Err(HandleError{err: "Remote end sent us a closing_signed before both sides provided a shutdown", action: None}); + return Err(ChannelError::Close("Remote end sent us a closing_signed before both sides provided a shutdown")); } if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent closing_signed when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent closing_signed when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent closing_signed when we needed a channel_reestablish")); } if !self.pending_inbound_htlcs.is_empty() || !self.pending_outbound_htlcs.is_empty() { - return Err(HandleError{err: "Remote end sent us a closing_signed while there were still pending HTLCs", action: None}); + return Err(ChannelError::Close("Remote end sent us a closing_signed while there were still pending HTLCs")); } if msg.fee_satoshis > 21000000 * 10000000 { //this is required to stop potential overflow in build_closing_transaction - return Err(HandleError{err: "Remote tried to send us a closing tx with > 21 million BTC fee", action: None}); + return Err(ChannelError::Close("Remote tried to send us a closing tx with > 21 million BTC fee")); } let funding_redeemscript = self.get_funding_redeemscript(); let (mut closing_tx, used_total_fee) = self.build_closing_transaction(msg.fee_satoshis, false); if used_total_fee != msg.fee_satoshis { - return Err(HandleError{err: "Remote sent us a closing_signed with a fee greater than the value they can claim", action: None}); + return Err(ChannelError::Close("Remote sent us a closing_signed with a fee greater than the value they can claim")); } let mut sighash = Message::from_slice(&bip143::SighashComponents::new(&closing_tx).sighash_all(&closing_tx.input[0], &funding_redeemscript, self.channel_value_satoshis)[..]).unwrap(); @@ -2444,7 +2575,7 @@ impl Channel { // limits, so check for that case by re-checking the signature here. closing_tx = self.build_closing_transaction(msg.fee_satoshis, true).0; sighash = Message::from_slice(&bip143::SighashComponents::new(&closing_tx).sighash_all(&closing_tx.input[0], &funding_redeemscript, self.channel_value_satoshis)[..]).unwrap(); - secp_call!(self.secp_ctx.verify(&sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid closing tx signature from peer", self.channel_id()); + secp_check!(self.secp_ctx.verify(&sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid closing tx signature from peer"); }, }; @@ -2478,7 +2609,7 @@ impl Channel { if proposed_sat_per_kw > our_max_feerate { if let Some((last_feerate, _)) = self.last_sent_closing_fee { if our_max_feerate <= last_feerate { - return Err(HandleError{err: "Unable to come to consensus about closing feerate, remote wanted something higher than our Normal feerate", action: None}); + return Err(ChannelError::Close("Unable to come to consensus about closing feerate, remote wanted something higher than our Normal feerate")); } } propose_new_feerate!(our_max_feerate); @@ -2488,7 +2619,7 @@ impl Channel { if proposed_sat_per_kw < our_min_feerate { if let Some((last_feerate, _)) = self.last_sent_closing_fee { if our_min_feerate >= last_feerate { - return Err(HandleError{err: "Unable to come to consensus about closing feerate, remote wanted something lower than our Background feerate", action: None}); + return Err(ChannelError::Close("Unable to come to consensus about closing feerate, remote wanted something lower than our Background feerate")); } } propose_new_feerate!(our_min_feerate); @@ -2558,11 +2689,27 @@ impl Channel { self.channel_value_satoshis } + pub fn get_fee_proportional_millionths(&self) -> u32 { + self.config.fee_proportional_millionths + } + #[cfg(test)] pub fn get_feerate(&self) -> u64 { self.feerate_per_kw } + pub fn get_cur_local_commitment_transaction_number(&self) -> u64 { + self.cur_local_commitment_transaction_number + 1 + } + + pub fn get_cur_remote_commitment_transaction_number(&self) -> u64 { + self.cur_remote_commitment_transaction_number + 1 - if self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32) != 0 { 1 } else { 0 } + } + + pub fn get_revoked_remote_commitment_transaction_number(&self) -> u64 { + self.cur_remote_commitment_transaction_number + 2 + } + //TODO: Testing purpose only, should be changed in another way after #81 #[cfg(test)] pub fn get_local_keys(&self) -> &ChannelKeys { @@ -2599,7 +2746,7 @@ impl Channel { } pub fn should_announce(&self) -> bool { - self.announce_publicly + self.config.announced_channel } pub fn is_outbound(&self) -> bool { @@ -2672,13 +2819,14 @@ impl Channel { /// In case of Err, the channel may have been closed, at which point the standard requirements /// apply - no calls may be made except those explicitly stated to be allowed post-shutdown. /// Only returns an ErrorAction of DisconnectPeer, if Err. - pub fn block_connected(&mut self, header: &BlockHeader, height: u32, txn_matched: &[&Transaction], indexes_of_txn_matched: &[u32]) -> Result, HandleError> { + pub fn block_connected(&mut self, header: &BlockHeader, height: u32, txn_matched: &[&Transaction], indexes_of_txn_matched: &[u32]) -> Result, msgs::ErrorMessage> { let non_shutdown_state = self.channel_state & (!MULTI_STATE_FLAGS); - if self.funding_tx_confirmations > 0 { - if header.bitcoin_hash() != self.last_block_connected { - self.last_block_connected = header.bitcoin_hash(); + if header.bitcoin_hash() != self.last_block_connected { + self.last_block_connected = header.bitcoin_hash(); + self.channel_monitor.last_block_hash = self.last_block_connected; + if self.funding_tx_confirmations > 0 { self.funding_tx_confirmations += 1; - if self.funding_tx_confirmations == Channel::derive_minimum_depth(self.channel_value_satoshis*1000, self.value_to_self_msat) as u64 { + if self.funding_tx_confirmations == self.minimum_depth as u64 { let need_commitment_update = if non_shutdown_state == ChannelState::FundingSent as u32 { self.channel_state |= ChannelState::OurFundingLocked as u32; true @@ -2731,8 +2879,21 @@ impl Channel { } self.channel_state = ChannelState::ShutdownComplete as u32; self.channel_update_count += 1; - return Err(HandleError{err: "funding tx had wrong script/value", action: Some(ErrorAction::DisconnectPeer{msg: None})}); + return Err(msgs::ErrorMessage { + channel_id: self.channel_id(), + data: "funding tx had wrong script/value".to_owned() + }); } else { + if self.channel_outbound { + for input in tx.input.iter() { + if input.witness.is_empty() { + // We generated a malleable funding transaction, implying we've + // just exposed ourselves to funds loss to our counterparty. + #[cfg(not(feature = "fuzztarget"))] + panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!"); + } + } + } self.funding_tx_confirmations = 1; self.short_channel_id = Some(((height as u64) << (5*8)) | ((*index_in_block as u64) << (2*8)) | @@ -2755,8 +2916,10 @@ impl Channel { } } if Some(header.bitcoin_hash()) == self.funding_tx_confirmed_in { - self.funding_tx_confirmations = Channel::derive_minimum_depth(self.channel_value_satoshis*1000, self.value_to_self_msat) as u64 - 1; + self.funding_tx_confirmations = self.minimum_depth as u64 - 1; } + self.last_block_connected = header.bitcoin_hash(); + self.channel_monitor.last_block_hash = self.last_block_connected; false } @@ -2795,7 +2958,7 @@ impl Channel { delayed_payment_basepoint: PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.delayed_payment_base_key), htlc_basepoint: PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.htlc_base_key), first_per_commitment_point: PublicKey::from_secret_key(&self.secp_ctx, &local_commitment_secret), - channel_flags: if self.announce_publicly {1} else {0}, + channel_flags: if self.config.announced_channel {1} else {0}, shutdown_scriptpubkey: None, } } @@ -2819,7 +2982,7 @@ impl Channel { max_htlc_value_in_flight_msat: Channel::get_our_max_htlc_value_in_flight_msat(self.channel_value_satoshis), channel_reserve_satoshis: Channel::get_our_channel_reserve_satoshis(self.channel_value_satoshis), htlc_minimum_msat: self.our_htlc_minimum_msat, - minimum_depth: Channel::derive_minimum_depth(self.channel_value_satoshis*1000, self.value_to_self_msat), + minimum_depth: self.minimum_depth, to_self_delay: BREAKDOWN_TIMEOUT, max_accepted_htlcs: OUR_MAX_HTLCS, funding_pubkey: PublicKey::from_secret_key(&self.secp_ctx, &self.local_keys.funding_key), @@ -2832,7 +2995,8 @@ impl Channel { } } - fn get_outbound_funding_created_signature(&mut self) -> Result<(Signature, Transaction), HandleError> { + /// If an Err is returned, it is a ChannelError::Close (for get_outbound_funding_created) + fn get_outbound_funding_created_signature(&mut self) -> Result<(Signature, Transaction), ChannelError> { let funding_script = self.get_funding_redeemscript(); let remote_keys = self.build_remote_transaction_keys()?; @@ -2849,7 +3013,8 @@ impl Channel { /// or if called on an inbound channel. /// Note that channel_id changes during this call! /// Do NOT broadcast the funding transaction until after a successful funding_signed call! - pub fn get_outbound_funding_created(&mut self, funding_txo: OutPoint) -> Result<(msgs::FundingCreated, ChannelMonitor), HandleError> { + /// If an Err is returned, it is a ChannelError::Close. + pub fn get_outbound_funding_created(&mut self, funding_txo: OutPoint) -> Result<(msgs::FundingCreated, ChannelMonitor), ChannelError> { if !self.channel_outbound { panic!("Tried to create outbound funding_created message on an inbound channel!"); } @@ -2868,7 +3033,7 @@ impl Channel { let (our_signature, commitment_tx) = match self.get_outbound_funding_created_signature() { Ok(res) => res, Err(e) => { - log_error!(self, "Got bad signatures: {}!", e.err); + log_error!(self, "Got bad signatures: {:?}!", e); self.channel_monitor.unset_funding_info(); return Err(e); } @@ -2877,7 +3042,7 @@ impl Channel { let temporary_channel_id = self.channel_id; // Now that we're past error-generating stuff, update our local state: - self.channel_monitor.provide_latest_remote_commitment_tx_info(&commitment_tx, Vec::new(), self.cur_remote_commitment_transaction_number); + self.channel_monitor.provide_latest_remote_commitment_tx_info(&commitment_tx, Vec::new(), Vec::new(), self.cur_remote_commitment_transaction_number, self.their_cur_commitment_point.unwrap()); self.channel_state = ChannelState::FundingCreated as u32; self.channel_id = funding_txo.to_channel_id(); self.cur_remote_commitment_transaction_number -= 1; @@ -2899,7 +3064,7 @@ impl Channel { /// Note that the "channel must be funded" requirement is stricter than BOLT 7 requires - see /// https://github.com/lightningnetwork/lightning-rfc/issues/468 pub fn get_channel_announcement(&self, our_node_id: PublicKey, chain_hash: Sha256dHash) -> Result<(msgs::UnsignedChannelAnnouncement, Signature), ChannelError> { - if !self.announce_publicly { + if !self.config.announced_channel { return Err(ChannelError::Ignore("Channel is not available for public announcements")); } if self.channel_state & (ChannelState::ChannelFunded as u32) == 0 { @@ -2933,10 +3098,27 @@ impl Channel { /// self.remove_uncommitted_htlcs_and_mark_paused()'d pub fn get_channel_reestablish(&self) -> msgs::ChannelReestablish { assert_eq!(self.channel_state & ChannelState::PeerDisconnected as u32, ChannelState::PeerDisconnected as u32); + assert_ne!(self.cur_remote_commitment_transaction_number, INITIAL_COMMITMENT_NUMBER); msgs::ChannelReestablish { channel_id: self.channel_id(), + // The protocol has two different commitment number concepts - the "commitment + // transaction number", which starts from 0 and counts up, and the "revocation key + // index" which starts at INITIAL_COMMITMENT_NUMBER and counts down. We track + // commitment transaction numbers by the index which will be used to reveal the + // revocation key for that commitment transaction, which means we have to convert them + // to protocol-level commitment numbers here... + + // next_local_commitment_number is the next commitment_signed number we expect to + // receive (indicating if they need to resend one that we missed). next_local_commitment_number: INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number, - next_remote_commitment_number: INITIAL_COMMITMENT_NUMBER - self.cur_remote_commitment_transaction_number, + // We have to set next_remote_commitment_number to the next revoke_and_ack we expect to + // receive, however we track it by the next commitment number for a remote transaction + // (which is one further, as they always revoke previous commitment transaction, not + // the one we send) so we have to decrement by 1. Note that if + // cur_remote_commitment_transaction_number is INITIAL_COMMITMENT_NUMBER we will have + // dropped this channel on disconnect as it hasn't yet reached FundingSent so we can't + // overflow here. + next_remote_commitment_number: INITIAL_COMMITMENT_NUMBER - self.cur_remote_commitment_transaction_number - 1, data_loss_protect: None, } } @@ -2950,16 +3132,16 @@ impl Channel { /// waiting on the remote peer to send us a revoke_and_ack during which time we cannot add new /// HTLCs on the wire or we wouldn't be able to determine what they actually ACK'ed. /// You MUST call send_commitment prior to any other calls on this Channel - pub fn send_htlc(&mut self, amount_msat: u64, payment_hash: [u8; 32], cltv_expiry: u32, source: HTLCSource, onion_routing_packet: msgs::OnionPacket) -> Result, HandleError> { + pub fn send_htlc(&mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource, onion_routing_packet: msgs::OnionPacket) -> Result, ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32 | BOTH_SIDES_SHUTDOWN_MASK)) != (ChannelState::ChannelFunded as u32) { - return Err(HandleError{err: "Cannot send HTLC until channel is fully established and we haven't started shutting down", action: None}); + return Err(ChannelError::Ignore("Cannot send HTLC until channel is fully established and we haven't started shutting down")); } if amount_msat > self.channel_value_satoshis * 1000 { - return Err(HandleError{err: "Cannot send more than the total value of the channel", action: None}); + return Err(ChannelError::Ignore("Cannot send more than the total value of the channel")); } if amount_msat < self.their_htlc_minimum_msat { - return Err(HandleError{err: "Cannot send less than their minimum HTLC value", action: None}); + return Err(ChannelError::Ignore("Cannot send less than their minimum HTLC value")); } if (self.channel_state & (ChannelState::PeerDisconnected as u32 | ChannelState::MonitorUpdateFailed as u32)) != 0 { @@ -2969,17 +3151,17 @@ impl Channel { // disconnected during the time the previous hop was doing the commitment dance we may // end up getting here after the forwarding delay. In any case, returning an // IgnoreError will get ChannelManager to do the right thing and fail backwards now. - return Err(HandleError{err: "Cannot send an HTLC while disconnected/frozen for channel monitor update", action: Some(ErrorAction::IgnoreError)}); + return Err(ChannelError::Ignore("Cannot send an HTLC while disconnected/frozen for channel monitor update")); } let (outbound_htlc_count, htlc_outbound_value_msat) = self.get_outbound_pending_htlc_stats(); if outbound_htlc_count + 1 > self.their_max_accepted_htlcs as u32 { - return Err(HandleError{err: "Cannot push more than their max accepted HTLCs", action: None}); + return Err(ChannelError::Ignore("Cannot push more than their max accepted HTLCs")); } //TODO: Spec is unclear if this is per-direction or in total (I assume per direction): // Check their_max_htlc_value_in_flight_msat if htlc_outbound_value_msat + amount_msat > self.their_max_htlc_value_in_flight_msat { - return Err(HandleError{err: "Cannot send value that would put us over our max HTLC value in flight", action: None}); + return Err(ChannelError::Ignore("Cannot send value that would put us over our max HTLC value in flight")); } let mut holding_cell_outbound_amount_msat = 0; @@ -2995,7 +3177,7 @@ impl Channel { // Check self.their_channel_reserve_satoshis (the amount we must keep as // reserve for them to have something to claim if we misbehave) if self.value_to_self_msat < self.their_channel_reserve_satoshis * 1000 + amount_msat + holding_cell_outbound_amount_msat + htlc_outbound_value_msat { - return Err(HandleError{err: "Cannot send value that would put us over our reserve value", action: None}); + return Err(ChannelError::Ignore("Cannot send value that would put us over our reserve value")); } //TODO: Check cltv_expiry? Do this in channel manager? @@ -3038,10 +3220,10 @@ impl Channel { } /// Creates a signed commitment transaction to send to the remote peer. - /// Always returns a Channel-failing HandleError::action if an immediately-preceding (read: the + /// Always returns a ChannelError::Close if an immediately-preceding (read: the /// last call to this Channel) send_htlc returned Ok(Some(_)) and there is an Err. /// May panic if called except immediately after a successful, Ok(Some(_))-returning send_htlc. - pub fn send_commitment(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), HandleError> { + pub fn send_commitment(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), ChannelError> { if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) { panic!("Cannot create commitment tx until channel is fully established"); } @@ -3051,7 +3233,7 @@ impl Channel { if (self.channel_state & (ChannelState::PeerDisconnected as u32)) == (ChannelState::PeerDisconnected as u32) { panic!("Cannot create commitment tx while disconnected, as send_htlc will have returned an Err so a send_commitment precondition has been violated"); } - if (self.channel_state & (ChannelState::MonitorUpdateFailed as u32)) == (ChannelState::PeerDisconnected as u32) { + if (self.channel_state & (ChannelState::MonitorUpdateFailed as u32)) == (ChannelState::MonitorUpdateFailed as u32) { panic!("Cannot create commitment tx while awaiting monitor update unfreeze, as send_htlc will have returned an Err so a send_commitment precondition has been violated"); } let mut have_updates = self.pending_update_fee.is_some(); @@ -3067,7 +3249,7 @@ impl Channel { self.send_commitment_no_status_check() } /// Only fails in case of bad keys - fn send_commitment_no_status_check(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), HandleError> { + fn send_commitment_no_status_check(&mut self) -> Result<(msgs::CommitmentSigned, ChannelMonitor), ChannelError> { // We can upgrade the status of some HTLCs that are waiting on a commitment, even if we // fail to generate this, we still are at least at a position where upgrading their status // is acceptable. @@ -3085,20 +3267,23 @@ impl Channel { } } - match self.send_commitment_no_state_update() { - Ok((res, remote_commitment_tx)) => { + let (res, remote_commitment_tx, htlcs, htlc_sources) = match self.send_commitment_no_state_update() { + Ok((res, (remote_commitment_tx, htlcs, mut htlc_sources))) => { // Update state now that we've passed all the can-fail calls... - self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_commitment_tx.0, remote_commitment_tx.1, self.cur_remote_commitment_transaction_number); - self.channel_state |= ChannelState::AwaitingRemoteRevoke as u32; - Ok((res, self.channel_monitor.clone())) + let htlc_sources_no_ref = htlc_sources.drain(..).map(|htlc_source| (htlc_source.0, htlc_source.1.clone(), htlc_source.2)).collect(); + (res, remote_commitment_tx, htlcs, htlc_sources_no_ref) }, - Err(e) => Err(e), - } + Err(e) => return Err(e), + }; + + self.channel_monitor.provide_latest_remote_commitment_tx_info(&remote_commitment_tx, htlcs, htlc_sources, self.cur_remote_commitment_transaction_number, self.their_cur_commitment_point.unwrap()); + self.channel_state |= ChannelState::AwaitingRemoteRevoke as u32; + Ok((res, self.channel_monitor.clone())) } /// Only fails in case of bad keys. Used for channel_reestablish commitment_signed generation /// when we shouldn't change HTLC/channel state. - fn send_commitment_no_state_update(&self) -> Result<(msgs::CommitmentSigned, (Transaction, Vec)), HandleError> { + fn send_commitment_no_state_update(&self) -> Result<(msgs::CommitmentSigned, (Transaction, Vec, Vec<(PaymentHash, &HTLCSource, Option)>)), ChannelError> { let funding_script = self.get_funding_redeemscript(); let mut feerate_per_kw = self.feerate_per_kw; @@ -3120,7 +3305,7 @@ impl Channel { let htlc_tx = self.build_htlc_transaction(&remote_commitment_txid, htlc, false, &remote_keys, feerate_per_kw); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &remote_keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); - let our_htlc_key = secp_derived_key!(chan_utils::derive_private_key(&self.secp_ctx, &remote_keys.per_commitment_point, &self.local_keys.htlc_base_key), self.channel_id()); + let our_htlc_key = secp_check!(chan_utils::derive_private_key(&self.secp_ctx, &remote_keys.per_commitment_point, &self.local_keys.htlc_base_key), "Derived invalid key, peer is maliciously selecting parameters"); htlc_sigs.push(self.secp_ctx.sign(&htlc_sighash, &our_htlc_key)); } @@ -3135,7 +3320,7 @@ impl Channel { /// to send to the remote peer in one go. /// Shorthand for calling send_htlc() followed by send_commitment(), see docs on those for /// more info. - pub fn send_htlc_and_commit(&mut self, amount_msat: u64, payment_hash: [u8; 32], cltv_expiry: u32, source: HTLCSource, onion_routing_packet: msgs::OnionPacket) -> Result, HandleError> { + pub fn send_htlc_and_commit(&mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource, onion_routing_packet: msgs::OnionPacket) -> Result, ChannelError> { match self.send_htlc(amount_msat, payment_hash, cltv_expiry, source, onion_routing_packet)? { Some(update_add_htlc) => { let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; @@ -3147,7 +3332,7 @@ impl Channel { /// Begins the shutdown process, getting a message for the remote peer and returning all /// holding cell HTLCs for payment failure. - pub fn get_shutdown(&mut self) -> Result<(msgs::Shutdown, Vec<(HTLCSource, [u8; 32])>), APIError> { + pub fn get_shutdown(&mut self) -> Result<(msgs::Shutdown, Vec<(HTLCSource, PaymentHash)>), APIError> { for htlc in self.pending_outbound_htlcs.iter() { if let OutboundHTLCState::LocalAnnounced(_) = htlc.state { return Err(APIError::APIMisuseError{err: "Cannot begin shutdown with pending HTLCs. Process pending events first"}); @@ -3176,9 +3361,9 @@ impl Channel { } self.channel_update_count += 1; - // We can't send our shutdown until we've committed all of our pending HTLCs, but the - // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding - // cell HTLCs and return them to fail the payment. + // Go ahead and drop holding cell updates as we'd rather fail payments than wait to send + // our shutdown until we've committed all of the pending changes. + self.holding_cell_update_fee = None; let mut dropped_outbound_htlcs = Vec::with_capacity(self.holding_cell_htlc_updates.len()); self.holding_cell_htlc_updates.retain(|htlc_update| { match htlc_update { @@ -3201,7 +3386,7 @@ impl Channel { /// those explicitly stated to be allowed after shutdown completes, eg some simple getters). /// Also returns the list of payment_hashes for channels which we can safely fail backwards /// immediately (others we will have to allow to time out). - pub fn force_shutdown(&mut self) -> (Vec, Vec<(HTLCSource, [u8; 32])>) { + pub fn force_shutdown(&mut self) -> (Vec, Vec<(HTLCSource, PaymentHash)>) { assert!(self.channel_state != ChannelState::ShutdownComplete as u32); // We go ahead and "free" any holding cell HTLCs or HTLCs we haven't yet committed to and @@ -3230,21 +3415,514 @@ impl Channel { } } +const SERIALIZATION_VERSION: u8 = 1; +const MIN_SERIALIZATION_VERSION: u8 = 1; + +impl Writeable for InboundHTLCRemovalReason { + fn write(&self, writer: &mut W) -> Result<(), ::std::io::Error> { + match self { + &InboundHTLCRemovalReason::FailRelay(ref error_packet) => { + 0u8.write(writer)?; + error_packet.write(writer)?; + }, + &InboundHTLCRemovalReason::FailMalformed((ref onion_hash, ref err_code)) => { + 1u8.write(writer)?; + onion_hash.write(writer)?; + err_code.write(writer)?; + }, + &InboundHTLCRemovalReason::Fulfill(ref payment_preimage) => { + 2u8.write(writer)?; + payment_preimage.write(writer)?; + }, + } + Ok(()) + } +} + +impl Readable for InboundHTLCRemovalReason { + fn read(reader: &mut R) -> Result { + Ok(match >::read(reader)? { + 0 => InboundHTLCRemovalReason::FailRelay(Readable::read(reader)?), + 1 => InboundHTLCRemovalReason::FailMalformed((Readable::read(reader)?, Readable::read(reader)?)), + 2 => InboundHTLCRemovalReason::Fulfill(Readable::read(reader)?), + _ => return Err(DecodeError::InvalidValue), + }) + } +} + +impl Writeable for Channel { + fn write(&self, writer: &mut W) -> Result<(), ::std::io::Error> { + // Note that we write out as if remove_uncommitted_htlcs_and_mark_paused had just been + // called but include holding cell updates (and obviously we don't modify self). + + writer.write_all(&[SERIALIZATION_VERSION; 1])?; + writer.write_all(&[MIN_SERIALIZATION_VERSION; 1])?; + + self.user_id.write(writer)?; + self.config.write(writer)?; + + self.channel_id.write(writer)?; + (self.channel_state | ChannelState::PeerDisconnected as u32).write(writer)?; + self.channel_outbound.write(writer)?; + self.channel_value_satoshis.write(writer)?; + + self.local_keys.write(writer)?; + self.shutdown_pubkey.write(writer)?; + + self.cur_local_commitment_transaction_number.write(writer)?; + self.cur_remote_commitment_transaction_number.write(writer)?; + self.value_to_self_msat.write(writer)?; + + self.received_commitment_while_awaiting_raa.write(writer)?; + + let mut dropped_inbound_htlcs = 0; + for htlc in self.pending_inbound_htlcs.iter() { + if let InboundHTLCState::RemoteAnnounced(_) = htlc.state { + dropped_inbound_htlcs += 1; + } + } + (self.pending_inbound_htlcs.len() as u64 - dropped_inbound_htlcs).write(writer)?; + for htlc in self.pending_inbound_htlcs.iter() { + htlc.htlc_id.write(writer)?; + htlc.amount_msat.write(writer)?; + htlc.cltv_expiry.write(writer)?; + htlc.payment_hash.write(writer)?; + match &htlc.state { + &InboundHTLCState::RemoteAnnounced(_) => {}, // Drop + &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref htlc_state) => { + 1u8.write(writer)?; + htlc_state.write(writer)?; + }, + &InboundHTLCState::AwaitingAnnouncedRemoteRevoke(ref htlc_state) => { + 2u8.write(writer)?; + htlc_state.write(writer)?; + }, + &InboundHTLCState::Committed => { + 3u8.write(writer)?; + }, + &InboundHTLCState::LocalRemoved(ref removal_reason) => { + 4u8.write(writer)?; + removal_reason.write(writer)?; + }, + } + } + + macro_rules! write_option { + ($thing: expr) => { + match &$thing { + &None => 0u8.write(writer)?, + &Some(ref v) => { + 1u8.write(writer)?; + v.write(writer)?; + }, + } + } + } + + (self.pending_outbound_htlcs.len() as u64).write(writer)?; + for htlc in self.pending_outbound_htlcs.iter() { + htlc.htlc_id.write(writer)?; + htlc.amount_msat.write(writer)?; + htlc.cltv_expiry.write(writer)?; + htlc.payment_hash.write(writer)?; + htlc.source.write(writer)?; + write_option!(htlc.fail_reason); + match &htlc.state { + &OutboundHTLCState::LocalAnnounced(ref onion_packet) => { + 0u8.write(writer)?; + onion_packet.write(writer)?; + }, + &OutboundHTLCState::Committed => { + 1u8.write(writer)?; + }, + &OutboundHTLCState::RemoteRemoved => { + 2u8.write(writer)?; + }, + &OutboundHTLCState::AwaitingRemoteRevokeToRemove => { + 3u8.write(writer)?; + }, + &OutboundHTLCState::AwaitingRemovedRemoteRevoke => { + 4u8.write(writer)?; + }, + } + } + + (self.holding_cell_htlc_updates.len() as u64).write(writer)?; + for update in self.holding_cell_htlc_updates.iter() { + match update { + &HTLCUpdateAwaitingACK::AddHTLC { ref amount_msat, ref cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet, time_created: _ } => { + 0u8.write(writer)?; + amount_msat.write(writer)?; + cltv_expiry.write(writer)?; + payment_hash.write(writer)?; + source.write(writer)?; + onion_routing_packet.write(writer)?; + // time_created is not serialized - we re-init the timeout upon deserialization + }, + &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, ref htlc_id } => { + 1u8.write(writer)?; + payment_preimage.write(writer)?; + htlc_id.write(writer)?; + }, + &HTLCUpdateAwaitingACK::FailHTLC { ref htlc_id, ref err_packet } => { + 2u8.write(writer)?; + htlc_id.write(writer)?; + err_packet.write(writer)?; + } + } + } + + self.monitor_pending_revoke_and_ack.write(writer)?; + self.monitor_pending_commitment_signed.write(writer)?; + match self.monitor_pending_order { + None => 0u8.write(writer)?, + Some(RAACommitmentOrder::CommitmentFirst) => 1u8.write(writer)?, + Some(RAACommitmentOrder::RevokeAndACKFirst) => 2u8.write(writer)?, + } + + (self.monitor_pending_forwards.len() as u64).write(writer)?; + for &(ref pending_forward, ref htlc_id) in self.monitor_pending_forwards.iter() { + pending_forward.write(writer)?; + htlc_id.write(writer)?; + } + + (self.monitor_pending_failures.len() as u64).write(writer)?; + for &(ref htlc_source, ref payment_hash, ref fail_reason) in self.monitor_pending_failures.iter() { + htlc_source.write(writer)?; + payment_hash.write(writer)?; + fail_reason.write(writer)?; + } + + write_option!(self.pending_update_fee); + write_option!(self.holding_cell_update_fee); + + self.next_local_htlc_id.write(writer)?; + (self.next_remote_htlc_id - dropped_inbound_htlcs).write(writer)?; + self.channel_update_count.write(writer)?; + self.feerate_per_kw.write(writer)?; + + (self.last_local_commitment_txn.len() as u64).write(writer)?; + for tx in self.last_local_commitment_txn.iter() { + if let Err(e) = tx.consensus_encode(&mut WriterWriteAdaptor(writer)) { + match e { + encode::Error::Io(e) => return Err(e), + _ => panic!("last_local_commitment_txn must have been well-formed!"), + } + } + } + + match self.last_sent_closing_fee { + Some((feerate, fee)) => { + 1u8.write(writer)?; + feerate.write(writer)?; + fee.write(writer)?; + }, + None => 0u8.write(writer)?, + } + + write_option!(self.funding_tx_confirmed_in); + write_option!(self.short_channel_id); + + self.last_block_connected.write(writer)?; + self.funding_tx_confirmations.write(writer)?; + + self.their_dust_limit_satoshis.write(writer)?; + self.our_dust_limit_satoshis.write(writer)?; + self.their_max_htlc_value_in_flight_msat.write(writer)?; + self.their_channel_reserve_satoshis.write(writer)?; + self.their_htlc_minimum_msat.write(writer)?; + self.our_htlc_minimum_msat.write(writer)?; + self.their_to_self_delay.write(writer)?; + self.their_max_accepted_htlcs.write(writer)?; + self.minimum_depth.write(writer)?; + + write_option!(self.their_funding_pubkey); + write_option!(self.their_revocation_basepoint); + write_option!(self.their_payment_basepoint); + write_option!(self.their_delayed_payment_basepoint); + write_option!(self.their_htlc_basepoint); + write_option!(self.their_cur_commitment_point); + + write_option!(self.their_prev_commitment_point); + self.their_node_id.write(writer)?; + + write_option!(self.their_shutdown_scriptpubkey); + + self.channel_monitor.write_for_disk(writer)?; + Ok(()) + } +} + +impl ReadableArgs> for Channel { + fn read(reader: &mut R, logger: Arc) -> Result { + let _ver: u8 = Readable::read(reader)?; + let min_ver: u8 = Readable::read(reader)?; + if min_ver > SERIALIZATION_VERSION { + return Err(DecodeError::UnknownVersion); + } + + let user_id = Readable::read(reader)?; + let config: ChannelConfig = Readable::read(reader)?; + + let channel_id = Readable::read(reader)?; + let channel_state = Readable::read(reader)?; + let channel_outbound = Readable::read(reader)?; + let channel_value_satoshis = Readable::read(reader)?; + + let local_keys = Readable::read(reader)?; + let shutdown_pubkey = Readable::read(reader)?; + + let cur_local_commitment_transaction_number = Readable::read(reader)?; + let cur_remote_commitment_transaction_number = Readable::read(reader)?; + let value_to_self_msat = Readable::read(reader)?; + + let received_commitment_while_awaiting_raa = Readable::read(reader)?; + + let pending_inbound_htlc_count: u64 = Readable::read(reader)?; + let mut pending_inbound_htlcs = Vec::with_capacity(cmp::min(pending_inbound_htlc_count as usize, OUR_MAX_HTLCS as usize)); + for _ in 0..pending_inbound_htlc_count { + pending_inbound_htlcs.push(InboundHTLCOutput { + htlc_id: Readable::read(reader)?, + amount_msat: Readable::read(reader)?, + cltv_expiry: Readable::read(reader)?, + payment_hash: Readable::read(reader)?, + state: match >::read(reader)? { + 1 => InboundHTLCState::AwaitingRemoteRevokeToAnnounce(Readable::read(reader)?), + 2 => InboundHTLCState::AwaitingAnnouncedRemoteRevoke(Readable::read(reader)?), + 3 => InboundHTLCState::Committed, + 4 => InboundHTLCState::LocalRemoved(Readable::read(reader)?), + _ => return Err(DecodeError::InvalidValue), + }, + }); + } + + macro_rules! read_option { () => { + match >::read(reader)? { + 0 => None, + 1 => Some(Readable::read(reader)?), + _ => return Err(DecodeError::InvalidValue), + } + } } + + let pending_outbound_htlc_count: u64 = Readable::read(reader)?; + let mut pending_outbound_htlcs = Vec::with_capacity(cmp::min(pending_outbound_htlc_count as usize, OUR_MAX_HTLCS as usize)); + for _ in 0..pending_outbound_htlc_count { + pending_outbound_htlcs.push(OutboundHTLCOutput { + htlc_id: Readable::read(reader)?, + amount_msat: Readable::read(reader)?, + cltv_expiry: Readable::read(reader)?, + payment_hash: Readable::read(reader)?, + source: Readable::read(reader)?, + fail_reason: read_option!(), + state: match >::read(reader)? { + 0 => OutboundHTLCState::LocalAnnounced(Box::new(Readable::read(reader)?)), + 1 => OutboundHTLCState::Committed, + 2 => OutboundHTLCState::RemoteRemoved, + 3 => OutboundHTLCState::AwaitingRemoteRevokeToRemove, + 4 => OutboundHTLCState::AwaitingRemovedRemoteRevoke, + _ => return Err(DecodeError::InvalidValue), + }, + }); + } + + let holding_cell_htlc_update_count: u64 = Readable::read(reader)?; + let mut holding_cell_htlc_updates = Vec::with_capacity(cmp::min(holding_cell_htlc_update_count as usize, OUR_MAX_HTLCS as usize*2)); + for _ in 0..holding_cell_htlc_update_count { + holding_cell_htlc_updates.push(match >::read(reader)? { + 0 => HTLCUpdateAwaitingACK::AddHTLC { + amount_msat: Readable::read(reader)?, + cltv_expiry: Readable::read(reader)?, + payment_hash: Readable::read(reader)?, + source: Readable::read(reader)?, + onion_routing_packet: Readable::read(reader)?, + time_created: Instant::now(), + }, + 1 => HTLCUpdateAwaitingACK::ClaimHTLC { + payment_preimage: Readable::read(reader)?, + htlc_id: Readable::read(reader)?, + }, + 2 => HTLCUpdateAwaitingACK::FailHTLC { + htlc_id: Readable::read(reader)?, + err_packet: Readable::read(reader)?, + }, + _ => return Err(DecodeError::InvalidValue), + }); + } + + let monitor_pending_revoke_and_ack = Readable::read(reader)?; + let monitor_pending_commitment_signed = Readable::read(reader)?; + + let monitor_pending_order = match >::read(reader)? { + 0 => None, + 1 => Some(RAACommitmentOrder::CommitmentFirst), + 2 => Some(RAACommitmentOrder::RevokeAndACKFirst), + _ => return Err(DecodeError::InvalidValue), + }; + + let monitor_pending_forwards_count: u64 = Readable::read(reader)?; + let mut monitor_pending_forwards = Vec::with_capacity(cmp::min(monitor_pending_forwards_count as usize, OUR_MAX_HTLCS as usize)); + for _ in 0..monitor_pending_forwards_count { + monitor_pending_forwards.push((Readable::read(reader)?, Readable::read(reader)?)); + } + + let monitor_pending_failures_count: u64 = Readable::read(reader)?; + let mut monitor_pending_failures = Vec::with_capacity(cmp::min(monitor_pending_failures_count as usize, OUR_MAX_HTLCS as usize)); + for _ in 0..monitor_pending_failures_count { + monitor_pending_failures.push((Readable::read(reader)?, Readable::read(reader)?, Readable::read(reader)?)); + } + + let pending_update_fee = read_option!(); + let holding_cell_update_fee = read_option!(); + + let next_local_htlc_id = Readable::read(reader)?; + let next_remote_htlc_id = Readable::read(reader)?; + let channel_update_count = Readable::read(reader)?; + let feerate_per_kw = Readable::read(reader)?; + + let last_local_commitment_txn_count: u64 = Readable::read(reader)?; + let mut last_local_commitment_txn = Vec::with_capacity(cmp::min(last_local_commitment_txn_count as usize, OUR_MAX_HTLCS as usize*2 + 1)); + for _ in 0..last_local_commitment_txn_count { + last_local_commitment_txn.push(match Transaction::consensus_decode(reader.by_ref()) { + Ok(tx) => tx, + Err(_) => return Err(DecodeError::InvalidValue), + }); + } + + let last_sent_closing_fee = match >::read(reader)? { + 0 => None, + 1 => Some((Readable::read(reader)?, Readable::read(reader)?)), + _ => return Err(DecodeError::InvalidValue), + }; + + let funding_tx_confirmed_in = read_option!(); + let short_channel_id = read_option!(); + + let last_block_connected = Readable::read(reader)?; + let funding_tx_confirmations = Readable::read(reader)?; + + let their_dust_limit_satoshis = Readable::read(reader)?; + let our_dust_limit_satoshis = Readable::read(reader)?; + let their_max_htlc_value_in_flight_msat = Readable::read(reader)?; + let their_channel_reserve_satoshis = Readable::read(reader)?; + let their_htlc_minimum_msat = Readable::read(reader)?; + let our_htlc_minimum_msat = Readable::read(reader)?; + let their_to_self_delay = Readable::read(reader)?; + let their_max_accepted_htlcs = Readable::read(reader)?; + let minimum_depth = Readable::read(reader)?; + + let their_funding_pubkey = read_option!(); + let their_revocation_basepoint = read_option!(); + let their_payment_basepoint = read_option!(); + let their_delayed_payment_basepoint = read_option!(); + let their_htlc_basepoint = read_option!(); + let their_cur_commitment_point = read_option!(); + + let their_prev_commitment_point = read_option!(); + let their_node_id = Readable::read(reader)?; + + let their_shutdown_scriptpubkey = read_option!(); + let (monitor_last_block, channel_monitor) = ReadableArgs::read(reader, logger.clone())?; + // We drop the ChannelMonitor's last block connected hash cause we don't actually bother + // doing full block connection operations on the internal CHannelMonitor copies + if monitor_last_block != last_block_connected { + return Err(DecodeError::InvalidValue); + } + + Ok(Channel { + user_id, + + config, + channel_id, + channel_state, + channel_outbound, + secp_ctx: Secp256k1::new(), + channel_value_satoshis, + + local_keys, + shutdown_pubkey, + + cur_local_commitment_transaction_number, + cur_remote_commitment_transaction_number, + value_to_self_msat, + + received_commitment_while_awaiting_raa, + pending_inbound_htlcs, + pending_outbound_htlcs, + holding_cell_htlc_updates, + + monitor_pending_revoke_and_ack, + monitor_pending_commitment_signed, + monitor_pending_order, + monitor_pending_forwards, + monitor_pending_failures, + + pending_update_fee, + holding_cell_update_fee, + next_local_htlc_id, + next_remote_htlc_id, + channel_update_count, + feerate_per_kw, + + #[cfg(debug_assertions)] + max_commitment_tx_output_local: ::std::sync::Mutex::new((0, 0)), + #[cfg(debug_assertions)] + max_commitment_tx_output_remote: ::std::sync::Mutex::new((0, 0)), + + last_local_commitment_txn, + + last_sent_closing_fee, + + funding_tx_confirmed_in, + short_channel_id, + last_block_connected, + funding_tx_confirmations, + + their_dust_limit_satoshis, + our_dust_limit_satoshis, + their_max_htlc_value_in_flight_msat, + their_channel_reserve_satoshis, + their_htlc_minimum_msat, + our_htlc_minimum_msat, + their_to_self_delay, + their_max_accepted_htlcs, + minimum_depth, + + their_funding_pubkey, + their_revocation_basepoint, + their_payment_basepoint, + their_delayed_payment_basepoint, + their_htlc_basepoint, + their_cur_commitment_point, + + their_prev_commitment_point, + their_node_id, + + their_shutdown_scriptpubkey, + + channel_monitor, + + logger, + }) + } +} + #[cfg(test)] mod tests { - use bitcoin::util::hash::Sha256dHash; + use bitcoin::util::hash::{Sha256dHash, Hash160}; use bitcoin::util::bip143; - use bitcoin::network::serialize::serialize; - use bitcoin::blockdata::script::Script; + use bitcoin::consensus::encode::serialize; + use bitcoin::blockdata::script::{Script, Builder}; use bitcoin::blockdata::transaction::Transaction; + use bitcoin::blockdata::opcodes; use hex; - use ln::channelmanager::HTLCSource; + use ln::channelmanager::{HTLCSource, PaymentPreimage, PaymentHash}; use ln::channel::{Channel,ChannelKeys,InboundHTLCOutput,OutboundHTLCOutput,InboundHTLCState,OutboundHTLCState,HTLCOutputInCommitment,TxCreationKeys}; use ln::channel::MAX_FUNDING_SATOSHIS; use ln::chan_utils; use chain::chaininterface::{FeeEstimator,ConfirmationTarget}; use chain::keysinterface::KeysInterface; use chain::transaction::OutPoint; + use util::config::UserConfig; use util::test_utils; use util::logger::Logger; use secp256k1::{Secp256k1,Message,Signature}; @@ -3273,7 +3951,12 @@ mod tests { } impl KeysInterface for Keys { fn get_node_secret(&self) -> SecretKey { panic!(); } - fn get_destination_script(&self) -> Script { panic!(); } + fn get_destination_script(&self) -> Script { + let secp_ctx = Secp256k1::signing_only(); + let channel_monitor_claim_key = SecretKey::from_slice(&secp_ctx, &hex::decode("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(); + let our_channel_monitor_claim_key_hash = Hash160::from_data(&PublicKey::from_secret_key(&secp_ctx, &channel_monitor_claim_key).serialize()); + Builder::new().push_opcode(opcodes::All::OP_PUSHBYTES_0).push_slice(&our_channel_monitor_claim_key_hash[..]).into_script() + } fn get_shutdown_pubkey(&self) -> PublicKey { let secp_ctx = Secp256k1::signing_only(); @@ -3282,6 +3965,7 @@ mod tests { } fn get_channel_keys(&self, _inbound: bool) -> ChannelKeys { self.chan_keys.clone() } + fn get_session_key(&self) -> SecretKey { panic!(); } } #[test] @@ -3299,7 +3983,6 @@ mod tests { // These aren't set in the test vectors: revocation_base_key: SecretKey::from_slice(&secp_ctx, &hex::decode("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(), - channel_monitor_claim_key: SecretKey::from_slice(&secp_ctx, &hex::decode("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(), commitment_seed: [0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff], }; assert_eq!(PublicKey::from_secret_key(&secp_ctx, &chan_keys.funding_key).serialize()[..], @@ -3307,7 +3990,9 @@ mod tests { let keys_provider: Arc = Arc::new(Keys { chan_keys }); let their_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&secp_ctx, &[42; 32]).unwrap()); - let mut chan = Channel::new_outbound(&feeest, &keys_provider, their_node_id, 10000000, 100000, false, 42, Arc::clone(&logger)).unwrap(); // Nothing uses their network key in this test + let mut config = UserConfig::new(); + config.channel_options.announced_channel = false; + let mut chan = Channel::new_outbound(&feeest, &keys_provider, their_node_id, 10000000, 100000, 42, Arc::clone(&logger), &config).unwrap(); // Nothing uses their network key in this test chan.their_to_self_delay = 144; chan.our_dust_limit_satoshis = 546; @@ -3341,14 +4026,17 @@ mod tests { macro_rules! test_commitment { ( $their_sig_hex: expr, $our_sig_hex: expr, $tx_hex: expr) => { - unsigned_tx = chan.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false, chan.feerate_per_kw); + unsigned_tx = { + let res = chan.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false, chan.feerate_per_kw); + (res.0, res.1) + }; let their_signature = Signature::from_der(&secp_ctx, &hex::decode($their_sig_hex).unwrap()[..]).unwrap(); let sighash = Message::from_slice(&bip143::SighashComponents::new(&unsigned_tx.0).sighash_all(&unsigned_tx.0.input[0], &chan.get_funding_redeemscript(), chan.channel_value_satoshis)[..]).unwrap(); secp_ctx.verify(&sighash, &their_signature, &chan.their_funding_pubkey.unwrap()).unwrap(); chan.sign_commitment_transaction(&mut unsigned_tx.0, &their_signature); - assert_eq!(serialize(&unsigned_tx.0).unwrap()[..], + assert_eq!(serialize(&unsigned_tx.0)[..], hex::decode($tx_hex).unwrap()[..]); }; } @@ -3363,17 +4051,17 @@ mod tests { let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); secp_ctx.verify(&htlc_sighash, &remote_signature, &keys.b_htlc_key).unwrap(); - let mut preimage: Option<[u8; 32]> = None; + let mut preimage: Option = None; if !htlc.offered { for i in 0..5 { let mut sha = Sha256::new(); sha.input(&[i; 32]); - let mut out = [0; 32]; - sha.result(&mut out); + let mut out = PaymentHash([0; 32]); + sha.result(&mut out.0[..]); if out == htlc.payment_hash { - preimage = Some([i; 32]); + preimage = Some(PaymentPreimage([i; 32])); } } @@ -3381,7 +4069,7 @@ mod tests { } chan.sign_htlc_transaction(&mut htlc_tx, &remote_signature, &preimage, &htlc, &keys).unwrap(); - assert_eq!(serialize(&htlc_tx).unwrap()[..], + assert_eq!(serialize(&htlc_tx)[..], hex::decode($tx_hex).unwrap()[..]); }; } @@ -3400,12 +4088,12 @@ mod tests { htlc_id: 0, amount_msat: 1000000, cltv_expiry: 500, - payment_hash: [0; 32], + payment_hash: PaymentHash([0; 32]), state: InboundHTLCState::Committed, }; let mut sha = Sha256::new(); sha.input(&hex::decode("0000000000000000000000000000000000000000000000000000000000000000").unwrap()); - sha.result(&mut out.payment_hash); + sha.result(&mut out.payment_hash.0[..]); out }); chan.pending_inbound_htlcs.push({ @@ -3413,12 +4101,12 @@ mod tests { htlc_id: 1, amount_msat: 2000000, cltv_expiry: 501, - payment_hash: [0; 32], + payment_hash: PaymentHash([0; 32]), state: InboundHTLCState::Committed, }; let mut sha = Sha256::new(); sha.input(&hex::decode("0101010101010101010101010101010101010101010101010101010101010101").unwrap()); - sha.result(&mut out.payment_hash); + sha.result(&mut out.payment_hash.0[..]); out }); chan.pending_outbound_htlcs.push({ @@ -3426,14 +4114,14 @@ mod tests { htlc_id: 2, amount_msat: 2000000, cltv_expiry: 502, - payment_hash: [0; 32], + payment_hash: PaymentHash([0; 32]), state: OutboundHTLCState::Committed, source: HTLCSource::dummy(), fail_reason: None, }; let mut sha = Sha256::new(); sha.input(&hex::decode("0202020202020202020202020202020202020202020202020202020202020202").unwrap()); - sha.result(&mut out.payment_hash); + sha.result(&mut out.payment_hash.0[..]); out }); chan.pending_outbound_htlcs.push({ @@ -3441,14 +4129,14 @@ mod tests { htlc_id: 3, amount_msat: 3000000, cltv_expiry: 503, - payment_hash: [0; 32], + payment_hash: PaymentHash([0; 32]), state: OutboundHTLCState::Committed, source: HTLCSource::dummy(), fail_reason: None, }; let mut sha = Sha256::new(); sha.input(&hex::decode("0303030303030303030303030303030303030303030303030303030303030303").unwrap()); - sha.result(&mut out.payment_hash); + sha.result(&mut out.payment_hash.0[..]); out }); chan.pending_inbound_htlcs.push({ @@ -3456,12 +4144,12 @@ mod tests { htlc_id: 4, amount_msat: 4000000, cltv_expiry: 504, - payment_hash: [0; 32], + payment_hash: PaymentHash([0; 32]), state: InboundHTLCState::Committed, }; let mut sha = Sha256::new(); sha.input(&hex::decode("0404040404040404040404040404040404040404040404040404040404040404").unwrap()); - sha.result(&mut out.payment_hash); + sha.result(&mut out.payment_hash.0[..]); out });