X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannel.rs;h=92f5ad0d50ef18ecd2c0be0f26a1bf1ae0fab75b;hb=625e2b353255866c75a1336bd5c4d6f923ac5cfe;hp=d11447a865983fb88dbdbdcf3e7cba82dcfc3e9c;hpb=28c5f6f309ccf538ae9da0072fc66311f4e56684;p=rust-lightning diff --git a/src/ln/channel.rs b/src/ln/channel.rs index d11447a8..92f5ad0d 100644 --- a/src/ln/channel.rs +++ b/src/ln/channel.rs @@ -14,7 +14,7 @@ use crypto::digest::Digest; use crypto::hkdf::{hkdf_extract,hkdf_expand}; use ln::msgs; -use ln::msgs::{ErrorAction, HandleError, MsgEncodable}; +use ln::msgs::{ErrorAction, HandleError}; use ln::channelmonitor::ChannelMonitor; use ln::channelmanager::{PendingHTLCStatus, HTLCSource, PendingForwardHTLCInfo, HTLCFailReason, HTLCFailureMsg}; use ln::chan_utils::{TxCreationKeys,HTLCOutputInCommitment,HTLC_SUCCESS_TX_WEIGHT,HTLC_TIMEOUT_TX_WEIGHT}; @@ -22,6 +22,7 @@ use ln::chan_utils; use chain::chaininterface::{FeeEstimator,ConfirmationTarget}; use chain::transaction::OutPoint; use util::{transaction_utils,rng}; +use util::ser::Writeable; use util::sha2::Sha256; use util::logger::Logger; use util::errors::APIError; @@ -256,11 +257,13 @@ enum ChannelState { } const BOTH_SIDES_SHUTDOWN_MASK: u32 = (ChannelState::LocalShutdownSent as u32 | ChannelState::RemoteShutdownSent as u32); +const INITIAL_COMMITMENT_NUMBER: u64 = (1 << 48) - 1; + // TODO: We should refactor this to be an Inbound/OutboundChannel until initial setup handshaking // has been completed, and then turn into a Channel to get compiler-time enforcement of things like // calling channel_id() before we're set up or things like get_outbound_funding_signed on an // inbound channel. -pub struct Channel { +pub(super) struct Channel { user_id: u64, channel_id: [u8; 32], @@ -282,6 +285,24 @@ pub struct Channel { pending_inbound_htlcs: Vec, pending_outbound_htlcs: Vec, holding_cell_htlc_updates: Vec, + + // pending_update_fee is filled when sending and receiving update_fee + // For outbound channel, feerate_per_kw is updated with the value from + // pending_update_fee when revoke_and_ack is received + // + // For inbound channel, feerate_per_kw is updated when it receives + // commitment_signed and revoke_and_ack is generated + // The pending value is kept when another pair of update_fee and commitment_signed + // is received during AwaitingRemoteRevoke and relieved when the expected + // revoke_and_ack is received and new commitment_signed is generated to be + // sent to the funder. Otherwise, the pending value is removed when receiving + // commitment_signed. + pending_update_fee: Option, + // update_fee() during ChannelState::AwaitingRemoteRevoke is hold in + // holdina_cell_update_fee then moved to pending_udpate_fee when revoke_and_ack + // is received. holding_cell_update_fee is updated when there are additional + // update_fee() during ChannelState::AwaitingRemoteRevoke. + holding_cell_update_fee: Option, next_local_htlc_id: u64, next_remote_htlc_id: u64, channel_update_count: u32, @@ -353,6 +374,14 @@ const B_OUTPUT_PLUS_SPENDING_INPUT_WEIGHT: u64 = 104; // prevout: 40, nSequence: /// it's 2^24. pub const MAX_FUNDING_SATOSHIS: u64 = (1 << 24); +/// Used to return a simple Error back to ChannelManager. Will get converted to a +/// msgs::ErrorAction::SendErrorMessage or msgs::ErrorAction::IgnoreError as appropriate with our +/// channel_id in ChannelManager. +pub(super) enum ChannelError { + Ignore(&'static str), + Close(&'static str), +} + macro_rules! secp_call { ( $res: expr, $err: expr, $chan_id: expr ) => { match $res { @@ -436,12 +465,14 @@ impl Channel { channel_value_satoshis: channel_value_satoshis, local_keys: chan_keys, - cur_local_commitment_transaction_number: (1 << 48) - 1, - cur_remote_commitment_transaction_number: (1 << 48) - 1, + cur_local_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER, + cur_remote_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER, value_to_self_msat: channel_value_satoshis * 1000 - push_msat, pending_inbound_htlcs: Vec::new(), pending_outbound_htlcs: Vec::new(), holding_cell_htlc_updates: Vec::new(), + pending_update_fee: None, + holding_cell_update_fee: None, next_local_htlc_id: 0, next_remote_htlc_id: 0, channel_update_count: 1, @@ -483,68 +514,58 @@ impl Channel { }) } - fn check_remote_fee(fee_estimator: &FeeEstimator, feerate_per_kw: u32) -> Result<(), HandleError> { + fn check_remote_fee(fee_estimator: &FeeEstimator, feerate_per_kw: u32) -> Result<(), ChannelError> { if (feerate_per_kw as u64) < fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Background) { - return Err(HandleError{err: "Peer's feerate much too low", action: Some(msgs::ErrorAction::DisconnectPeer{ msg: None })}); + return Err(ChannelError::Close("Peer's feerate much too low")); } if (feerate_per_kw as u64) > fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::HighPriority) * 2 { - return Err(HandleError{err: "Peer's feerate much too high", action: Some(msgs::ErrorAction::DisconnectPeer{ msg: None })}); + return Err(ChannelError::Close("Peer's feerate much too high")); } Ok(()) } /// Creates a new channel from a remote sides' request for one. /// Assumes chain_hash has already been checked and corresponds with what we expect! - /// Generally prefers to take the DisconnectPeer action on failure, as a notice to the sender - /// that we're rejecting the new channel. - pub fn new_from_req(fee_estimator: &FeeEstimator, chan_keys: ChannelKeys, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, require_announce: bool, allow_announce: bool, logger: Arc) -> Result { - macro_rules! return_error_message { - ( $msg: expr ) => { - return Err(HandleError{err: $msg, action: Some(msgs::ErrorAction::SendErrorMessage{ msg: msgs::ErrorMessage { channel_id: msg.temporary_channel_id, data: $msg.to_string() }})}); - } - } - + pub fn new_from_req(fee_estimator: &FeeEstimator, chan_keys: ChannelKeys, their_node_id: PublicKey, msg: &msgs::OpenChannel, user_id: u64, require_announce: bool, allow_announce: bool, logger: Arc) -> Result { // Check sanity of message fields: if msg.funding_satoshis >= MAX_FUNDING_SATOSHIS { - return_error_message!("funding value > 2^24"); + return Err(ChannelError::Close("funding value > 2^24")); } if msg.channel_reserve_satoshis > msg.funding_satoshis { - return_error_message!("Bogus channel_reserve_satoshis"); + return Err(ChannelError::Close("Bogus channel_reserve_satoshis")); } if msg.push_msat > (msg.funding_satoshis - msg.channel_reserve_satoshis) * 1000 { - return_error_message!("push_msat larger than funding value"); + return Err(ChannelError::Close("push_msat larger than funding value")); } if msg.dust_limit_satoshis > msg.funding_satoshis { - return_error_message!("Peer never wants payout outputs?"); + return Err(ChannelError::Close("Peer never wants payout outputs?")); } if msg.dust_limit_satoshis > msg.channel_reserve_satoshis { - return_error_message!("Bogus; channel reserve is less than dust limit"); + return Err(ChannelError::Close("Bogus; channel reserve is less than dust limit")); } if msg.htlc_minimum_msat >= (msg.funding_satoshis - msg.channel_reserve_satoshis) * 1000 { - return_error_message!("Miminum htlc value is full channel value"); + return Err(ChannelError::Close("Miminum htlc value is full channel value")); } - Channel::check_remote_fee(fee_estimator, msg.feerate_per_kw).map_err(|e| - HandleError{err: e.err, action: Some(msgs::ErrorAction::SendErrorMessage{ msg: msgs::ErrorMessage { channel_id: msg.temporary_channel_id, data: e.err.to_string() }})} - )?; + Channel::check_remote_fee(fee_estimator, msg.feerate_per_kw)?; if msg.to_self_delay > MAX_LOCAL_BREAKDOWN_TIMEOUT { - return_error_message!("They wanted our payments to be delayed by a needlessly long period"); + return Err(ChannelError::Close("They wanted our payments to be delayed by a needlessly long period")); } if msg.max_accepted_htlcs < 1 { - return_error_message!("0 max_accpted_htlcs makes for a useless channel"); + return Err(ChannelError::Close("0 max_accpted_htlcs makes for a useless channel")); } if msg.max_accepted_htlcs > 483 { - return_error_message!("max_accpted_htlcs > 483"); + return Err(ChannelError::Close("max_accpted_htlcs > 483")); } // Convert things into internal flags and prep our state: let their_announce = if (msg.channel_flags & 1) == 1 { true } else { false }; if require_announce && !their_announce { - return_error_message!("Peer tried to open unannounced channel, but we require public ones"); + return Err(ChannelError::Close("Peer tried to open unannounced channel, but we require public ones")); } if !allow_announce && their_announce { - return_error_message!("Peer tried to open announced channel, but we require private ones"); + return Err(ChannelError::Close("Peer tried to open announced channel, but we require private ones")); } let background_feerate = fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::Background); @@ -552,26 +573,26 @@ impl Channel { let our_dust_limit_satoshis = Channel::derive_our_dust_limit_satoshis(background_feerate); let our_channel_reserve_satoshis = Channel::get_our_channel_reserve_satoshis(msg.funding_satoshis); if our_channel_reserve_satoshis < our_dust_limit_satoshis { - return_error_message!("Suitalbe channel reserve not found. aborting"); + return Err(ChannelError::Close("Suitalbe channel reserve not found. aborting")); } if msg.channel_reserve_satoshis < our_dust_limit_satoshis { - return_error_message!("channel_reserve_satoshis too small"); + return Err(ChannelError::Close("channel_reserve_satoshis too small")); } if our_channel_reserve_satoshis < msg.dust_limit_satoshis { - return_error_message!("Dust limit too high for our channel reserve"); + return Err(ChannelError::Close("Dust limit too high for our channel reserve")); } // check if the funder's amount for the initial commitment tx is sufficient // for full fee payment let funders_amount_msat = msg.funding_satoshis * 1000 - msg.push_msat; if funders_amount_msat < background_feerate * COMMITMENT_TX_BASE_WEIGHT { - return_error_message!("Insufficient funding amount for initial commitment"); + return Err(ChannelError::Close("Insufficient funding amount for initial commitment")); } let to_local_msat = msg.push_msat; let to_remote_msat = funders_amount_msat - background_feerate * COMMITMENT_TX_BASE_WEIGHT; if to_local_msat <= msg.channel_reserve_satoshis * 1000 && to_remote_msat <= our_channel_reserve_satoshis * 1000 { - return_error_message!("Insufficient funding amount for initial commitment"); + return Err(ChannelError::Close("Insufficient funding amount for initial commitment")); } let secp_ctx = Secp256k1::new(); @@ -594,12 +615,14 @@ impl Channel { announce_publicly: their_announce, local_keys: chan_keys, - cur_local_commitment_transaction_number: (1 << 48) - 1, - cur_remote_commitment_transaction_number: (1 << 48) - 1, + cur_local_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER, + cur_remote_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER, value_to_self_msat: msg.push_msat, pending_inbound_htlcs: Vec::new(), pending_outbound_htlcs: Vec::new(), holding_cell_htlc_updates: Vec::new(), + pending_update_fee: None, + holding_cell_update_fee: None, next_local_htlc_id: 0, next_remote_htlc_id: 0, channel_update_count: 1, @@ -692,8 +715,8 @@ impl Channel { /// generated by the peer which proposed adding the HTLCs, and thus we need to understand both /// which peer generated this transaction and "to whom" this transaction flows. #[inline] - fn build_commitment_transaction(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool) -> (Transaction, Vec) { - let obscured_commitment_transaction_number = self.get_commitment_transaction_number_obscure_factor() ^ (0xffffffffffff - commitment_number); + fn build_commitment_transaction(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool, feerate_per_kw: u64) -> (Transaction, Vec) { + let obscured_commitment_transaction_number = self.get_commitment_transaction_number_obscure_factor() ^ (INITIAL_COMMITMENT_NUMBER - commitment_number); let txins = { let mut ins: Vec = Vec::new(); @@ -716,7 +739,7 @@ impl Channel { macro_rules! add_htlc_output { ($htlc: expr, $outbound: expr) => { if $outbound == local { // "offered HTLC output" - if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (self.feerate_per_kw * HTLC_TIMEOUT_TX_WEIGHT / 1000) { + if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (feerate_per_kw * HTLC_TIMEOUT_TX_WEIGHT / 1000) { let htlc_in_tx = get_htlc_in_commitment!($htlc, true); txouts.push((TxOut { script_pubkey: chan_utils::get_htlc_redeemscript(&htlc_in_tx, &keys).to_v0_p2wsh(), @@ -724,7 +747,7 @@ impl Channel { }, Some(htlc_in_tx))); } } else { - if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (self.feerate_per_kw * HTLC_SUCCESS_TX_WEIGHT / 1000) { + if $htlc.amount_msat / 1000 >= dust_limit_satoshis + (feerate_per_kw * HTLC_SUCCESS_TX_WEIGHT / 1000) { let htlc_in_tx = get_htlc_in_commitment!($htlc, false); txouts.push((TxOut { // "received HTLC output" script_pubkey: chan_utils::get_htlc_redeemscript(&htlc_in_tx, &keys).to_v0_p2wsh(), @@ -788,7 +811,8 @@ impl Channel { } } - let total_fee: u64 = self.feerate_per_kw * (COMMITMENT_TX_BASE_WEIGHT + (txouts.len() as u64) * COMMITMENT_TX_WEIGHT_PER_HTLC) / 1000; + + let total_fee: u64 = feerate_per_kw * (COMMITMENT_TX_BASE_WEIGHT + (txouts.len() as u64) * COMMITMENT_TX_WEIGHT_PER_HTLC) / 1000; let value_to_self: i64 = ((self.value_to_self_msat - local_htlc_total_msat) as i64 + value_to_self_msat_offset) / 1000 - if self.channel_outbound { total_fee as i64 } else { 0 }; let value_to_remote: i64 = (((self.channel_value_satoshis * 1000 - self.value_to_self_msat - remote_htlc_total_msat) as i64 - value_to_self_msat_offset) / 1000) - if self.channel_outbound { 0 } else { total_fee as i64 }; @@ -980,8 +1004,8 @@ impl Channel { /// Builds the htlc-success or htlc-timeout transaction which spends a given HTLC output /// @local is used only to convert relevant internal structures which refer to remote vs local /// to decide value of outputs and direction of HTLCs. - fn build_htlc_transaction(&self, prev_hash: &Sha256dHash, htlc: &HTLCOutputInCommitment, local: bool, keys: &TxCreationKeys) -> Transaction { - chan_utils::build_htlc_transaction(prev_hash, self.feerate_per_kw, if local { self.their_to_self_delay } else { BREAKDOWN_TIMEOUT }, htlc, &keys.a_delayed_payment_key, &keys.revocation_key) + fn build_htlc_transaction(&self, prev_hash: &Sha256dHash, htlc: &HTLCOutputInCommitment, local: bool, keys: &TxCreationKeys, feerate_per_kw: u64) -> Transaction { + chan_utils::build_htlc_transaction(prev_hash, feerate_per_kw, if local { self.their_to_self_delay } else { BREAKDOWN_TIMEOUT }, htlc, &keys.a_delayed_payment_key, &keys.revocation_key) } fn create_htlc_tx_signature(&self, tx: &Transaction, htlc: &HTLCOutputInCommitment, keys: &TxCreationKeys) -> Result<(Script, Signature, bool), HandleError> { @@ -1198,48 +1222,43 @@ impl Channel { // Message handlers: - pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel) -> Result<(), HandleError> { - macro_rules! return_error_message { - ( $msg: expr ) => { - return Err(HandleError{err: $msg, action: Some(msgs::ErrorAction::SendErrorMessage{ msg: msgs::ErrorMessage { channel_id: msg.temporary_channel_id, data: $msg.to_string() }})}); - } - } + pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel) -> Result<(), ChannelError> { // Check sanity of message fields: if !self.channel_outbound { - return_error_message!("Got an accept_channel message from an inbound peer"); + return Err(ChannelError::Close("Got an accept_channel message from an inbound peer")); } if self.channel_state != ChannelState::OurInitSent as u32 { - return_error_message!("Got an accept_channel message at a strange time"); + return Err(ChannelError::Close("Got an accept_channel message at a strange time")); } if msg.dust_limit_satoshis > 21000000 * 100000000 { - return_error_message!("Peer never wants payout outputs?"); + return Err(ChannelError::Close("Peer never wants payout outputs?")); } if msg.channel_reserve_satoshis > self.channel_value_satoshis { - return_error_message!("Bogus channel_reserve_satoshis"); + return Err(ChannelError::Close("Bogus channel_reserve_satoshis")); } if msg.dust_limit_satoshis > msg.channel_reserve_satoshis { - return_error_message!("Bogus channel_reserve and dust_limit"); + return Err(ChannelError::Close("Bogus channel_reserve and dust_limit")); } if msg.channel_reserve_satoshis < self.our_dust_limit_satoshis { - return_error_message!("Peer never wants payout outputs?"); + return Err(ChannelError::Close("Peer never wants payout outputs?")); } if msg.dust_limit_satoshis > Channel::get_our_channel_reserve_satoshis(self.channel_value_satoshis) { - return_error_message!("Dust limit is bigger than our channel reverse"); + return Err(ChannelError::Close("Dust limit is bigger than our channel reverse")); } if msg.htlc_minimum_msat >= (self.channel_value_satoshis - msg.channel_reserve_satoshis) * 1000 { - return_error_message!("Minimum htlc value is full channel value"); + return Err(ChannelError::Close("Minimum htlc value is full channel value")); } if msg.minimum_depth > Channel::derive_maximum_minimum_depth(self.channel_value_satoshis*1000, self.value_to_self_msat) { - return_error_message!("minimum_depth too large"); + return Err(ChannelError::Close("minimum_depth too large")); } if msg.to_self_delay > MAX_LOCAL_BREAKDOWN_TIMEOUT { - return_error_message!("They wanted our payments to be delayed by a needlessly long period"); + return Err(ChannelError::Close("They wanted our payments to be delayed by a needlessly long period")); } if msg.max_accepted_htlcs < 1 { - return_error_message!("0 max_accpted_htlcs makes for a useless channel"); + return Err(ChannelError::Close("0 max_accpted_htlcs makes for a useless channel")); } if msg.max_accepted_htlcs > 483 { - return_error_message!("max_accpted_htlcs > 483"); + return Err(ChannelError::Close("max_accpted_htlcs > 483")); } // TODO: Optional additional constraints mentioned in the spec @@ -1279,14 +1298,14 @@ impl Channel { let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false).0; + let local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, self.feerate_per_kw).0; let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // They sign the "local" commitment transaction, allowing us to broadcast the tx if we wish. secp_call!(self.secp_ctx.verify(&local_sighash, &sig, &self.their_funding_pubkey.unwrap()), "Invalid funding_created signature from peer", self.channel_id()); let remote_keys = self.build_remote_transaction_keys()?; - let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false).0; + let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false, self.feerate_per_kw).0; let remote_sighash = Message::from_slice(&bip143::SighashComponents::new(&remote_initial_commitment_tx).sighash_all(&remote_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // We sign the "remote" commitment transaction, allowing them to broadcast the tx if they wish. @@ -1303,7 +1322,9 @@ impl Channel { // channel. return Err(HandleError{err: "Received funding_created after we got the channel!", action: Some(msgs::ErrorAction::SendErrorMessage {msg: msgs::ErrorMessage {channel_id: self.channel_id, data: "Received funding_created after we got the channel!".to_string()}})}); } - if self.channel_monitor.get_min_seen_secret() != (1 << 48) || self.cur_remote_commitment_transaction_number != (1 << 48) - 1 || self.cur_local_commitment_transaction_number != (1 << 48) - 1 { + if self.channel_monitor.get_min_seen_secret() != (1 << 48) || + self.cur_remote_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER || + self.cur_local_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER { panic!("Should not have advanced channel commitment tx numbers prior to funding_created"); } @@ -1342,14 +1363,16 @@ impl Channel { if self.channel_state != ChannelState::FundingCreated as u32 { return Err(HandleError{err: "Received funding_signed in strange state!", action: None}); } - if self.channel_monitor.get_min_seen_secret() != (1 << 48) || self.cur_remote_commitment_transaction_number != (1 << 48) - 2 || self.cur_local_commitment_transaction_number != (1 << 48) - 1 { + if self.channel_monitor.get_min_seen_secret() != (1 << 48) || + self.cur_remote_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER - 1 || + self.cur_local_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER { panic!("Should not have advanced channel commitment tx numbers prior to funding_created"); } let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let mut local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false).0; + let mut local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, self.feerate_per_kw).0; let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // They sign the "local" commitment transaction, allowing us to broadcast the tx if we wish. @@ -1375,8 +1398,9 @@ impl Channel { self.channel_state = ChannelState::ChannelFunded as u32 | (self.channel_state & BOTH_SIDES_SHUTDOWN_MASK); self.channel_update_count += 1; } else if self.channel_state & (ChannelState::ChannelFunded as u32) != 0 && - self.cur_local_commitment_transaction_number == (1 << 48) - 2 && - self.cur_remote_commitment_transaction_number == (1 << 48) - 2 { + // Note that funding_signed/funding_created will have decremented both by 1! + self.cur_local_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 && + self.cur_remote_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 { if self.their_cur_commitment_point != Some(msg.next_per_commitment_point) { return Err(HandleError{err: "Peer sent a reconnect funding_locked with a different point", action: None}); } @@ -1559,7 +1583,14 @@ impl Channel { let funding_script = self.get_funding_redeemscript(); let local_keys = self.build_local_transaction_keys(self.cur_local_commitment_transaction_number)?; - let mut local_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false); + + let feerate_per_kw = if !self.channel_outbound && self.pending_update_fee.is_some() { + self.pending_update_fee.unwrap() + } else { + self.feerate_per_kw + }; + + let mut local_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, feerate_per_kw); let local_commitment_txid = local_commitment_tx.0.txid(); let local_sighash = Message::from_slice(&bip143::SighashComponents::new(&local_commitment_tx.0).sighash_all(&local_commitment_tx.0.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); secp_call!(self.secp_ctx.verify(&local_sighash, &msg.signature, &self.their_funding_pubkey.unwrap()), "Invalid commitment tx signature from peer", self.channel_id()); @@ -1574,7 +1605,7 @@ impl Channel { let mut htlcs_and_sigs = Vec::with_capacity(local_commitment_tx.1.len()); for (idx, ref htlc) in local_commitment_tx.1.iter().enumerate() { - let mut htlc_tx = self.build_htlc_transaction(&local_commitment_txid, htlc, true, &local_keys); + let mut htlc_tx = self.build_htlc_transaction(&local_commitment_txid, htlc, true, &local_keys, feerate_per_kw); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &local_keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); secp_call!(self.secp_ctx.verify(&htlc_sighash, &msg.htlc_signatures[idx], &local_keys.b_htlc_key), "Invalid HTLC tx siganture from peer", self.channel_id()); @@ -1592,9 +1623,22 @@ impl Channel { let per_commitment_secret = chan_utils::build_commitment_secret(self.local_keys.commitment_seed, self.cur_local_commitment_transaction_number + 1); // Update state now that we've passed all the can-fail calls... + let mut need_our_commitment = false; + if !self.channel_outbound { + if let Some(fee_update) = self.pending_update_fee { + self.feerate_per_kw = fee_update; + // We later use the presence of pending_update_fee to indicate we should generate a + // commitment_signed upon receipt of revoke_and_ack, so we can only set it to None + // if we're not awaiting a revoke (ie will send a commitment_signed now). + if (self.channel_state & ChannelState::AwaitingRemoteRevoke as u32) == 0 { + need_our_commitment = true; + self.pending_update_fee = None; + } + } + } + self.channel_monitor.provide_latest_local_commitment_tx_info(local_commitment_tx.0, local_keys, self.feerate_per_kw, htlcs_and_sigs); - let mut need_our_commitment = false; for htlc in self.pending_inbound_htlcs.iter_mut() { if htlc.state == InboundHTLCState::RemoteAnnounced { htlc.state = InboundHTLCState::AwaitingRemoteRevokeToAnnounce; @@ -1629,7 +1673,7 @@ impl Channel { /// Used to fulfill holding_cell_htlcs when we get a remote ack (or implicitly get it by them /// fulfilling or failing the last pending HTLC) fn free_holding_cell_htlcs(&mut self) -> Result, HandleError> { - if self.holding_cell_htlc_updates.len() != 0 { + if self.holding_cell_htlc_updates.len() != 0 || self.holding_cell_update_fee.is_some() { let mut htlc_updates = Vec::new(); mem::swap(&mut htlc_updates, &mut self.holding_cell_htlc_updates); let mut update_add_htlcs = Vec::with_capacity(htlc_updates.len()); @@ -1686,18 +1730,28 @@ impl Channel { //fail it back the route, if its a temporary issue we can ignore it... match err { None => { - if update_add_htlcs.is_empty() && update_fulfill_htlcs.is_empty() && update_fail_htlcs.is_empty() { + if update_add_htlcs.is_empty() && update_fulfill_htlcs.is_empty() && update_fail_htlcs.is_empty() && self.holding_cell_update_fee.is_none() { // This should never actually happen and indicates we got some Errs back // from update_fulfill_htlc/update_fail_htlc, but we handle it anyway in // case there is some strange way to hit duplicate HTLC removes. return Ok(None); } + let update_fee = if let Some(feerate) = self.holding_cell_update_fee { + self.pending_update_fee = self.holding_cell_update_fee.take(); + Some(msgs::UpdateFee { + channel_id: self.channel_id, + feerate_per_kw: feerate as u32, + }) + } else { + None + }; let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; Ok(Some((msgs::CommitmentUpdate { update_add_htlcs, update_fulfill_htlcs, update_fail_htlcs, update_fail_malformed_htlcs: Vec::new(), + update_fee: update_fee, commitment_signed, }, monitor_update))) }, @@ -1793,6 +1847,24 @@ impl Channel { } self.value_to_self_msat = (self.value_to_self_msat as i64 + value_to_self_msat_diff) as u64; + if self.channel_outbound { + if let Some(feerate) = self.pending_update_fee.take() { + self.feerate_per_kw = feerate; + } + } else { + if let Some(feerate) = self.pending_update_fee { + // Because a node cannot send two commitment_signed's in a row without getting a + // revoke_and_ack from us (as it would otherwise not know the per_commitment_point + // it should use to create keys with) and because a node can't send a + // commitment_signed without changes, checking if the feerate is equal to the + // pending feerate update is sufficient to detect require_commitment. + if feerate == self.feerate_per_kw { + require_commitment = true; + self.pending_update_fee = None; + } + } + } + match self.free_holding_cell_htlcs()? { Some(mut commitment_update) => { commitment_update.0.update_fail_htlcs.reserve(update_fail_htlcs.len()); @@ -1813,6 +1885,7 @@ impl Channel { update_fulfill_htlcs: Vec::new(), update_fail_htlcs, update_fail_malformed_htlcs, + update_fee: None, commitment_signed }), to_forward_infos, revoked_htlcs, monitor_update)) } else { @@ -1820,6 +1893,43 @@ impl Channel { } } } + + } + + /// Adds a pending update to this channel. See the doc for send_htlc for + /// further details on the optionness of the return value. + /// You MUST call send_commitment prior to any other calls on this Channel + fn send_update_fee(&mut self, feerate_per_kw: u64) -> Option { + if !self.channel_outbound { + panic!("Cannot send fee from inbound channel"); + } + + if !self.is_usable() { + panic!("Cannot update fee until channel is fully established and we haven't started shutting down"); + } + + if (self.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == (ChannelState::AwaitingRemoteRevoke as u32) { + self.holding_cell_update_fee = Some(feerate_per_kw); + return None; + } + + debug_assert!(self.pending_update_fee.is_none()); + self.pending_update_fee = Some(feerate_per_kw); + + Some(msgs::UpdateFee { + channel_id: self.channel_id, + feerate_per_kw: feerate_per_kw as u32, + }) + } + + pub fn send_update_fee_and_commit(&mut self, feerate_per_kw: u64) -> Result, HandleError> { + match self.send_update_fee(feerate_per_kw) { + Some(update_fee) => { + let (commitment_signed, monitor_update) = self.send_commitment_no_status_check()?; + Ok(Some((update_fee, commitment_signed, monitor_update))) + }, + None => Ok(None) + } } /// Removes any uncommitted HTLCs, to be used on peer disconnection, including any pending @@ -1888,16 +1998,17 @@ impl Channel { outbound_drops } - pub fn update_fee(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::UpdateFee) -> Result<(), HandleError> { + pub fn update_fee(&mut self, fee_estimator: &FeeEstimator, msg: &msgs::UpdateFee) -> Result<(), ChannelError> { if self.channel_outbound { - return Err(HandleError{err: "Non-funding remote tried to update channel fee", action: None}); + return Err(ChannelError::Close("Non-funding remote tried to update channel fee")); } if self.channel_state & (ChannelState::PeerDisconnected as u32) == ChannelState::PeerDisconnected as u32 { - return Err(HandleError{err: "Peer sent update_fee when we needed a channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent update_fee when we needed a channel_reestablish".to_string(), channel_id: msg.channel_id}})}); + return Err(ChannelError::Close("Peer sent update_fee when we needed a channel_reestablish")); } Channel::check_remote_fee(fee_estimator, msg.feerate_per_kw)?; + + self.pending_update_fee = Some(msg.feerate_per_kw as u64); self.channel_update_count += 1; - self.feerate_per_kw = msg.feerate_per_kw as u64; Ok(()) } @@ -1908,8 +2019,8 @@ impl Channel { return Err(HandleError{err: "Peer sent a loose channel_reestablish not after reconnect", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer sent a loose channel_reestablish not after reconnect".to_string(), channel_id: msg.channel_id}})}); } - if msg.next_local_commitment_number == 0 || msg.next_local_commitment_number >= 0xffffffffffff || - msg.next_remote_commitment_number == 0 || msg.next_remote_commitment_number >= 0xffffffffffff { + if msg.next_local_commitment_number == 0 || msg.next_local_commitment_number >= INITIAL_COMMITMENT_NUMBER || + msg.next_remote_commitment_number == 0 || msg.next_remote_commitment_number >= INITIAL_COMMITMENT_NUMBER { return Err(HandleError{err: "Peer send garbage channel_reestablish", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer send garbage channel_reestablish".to_string(), channel_id: msg.channel_id}})}); } @@ -1918,8 +2029,10 @@ impl Channel { self.channel_state &= !(ChannelState::PeerDisconnected as u32); let mut required_revoke = None; - if msg.next_remote_commitment_number == 0xffffffffffff - self.cur_local_commitment_transaction_number { - } else if msg.next_remote_commitment_number == 0xfffffffffffe - self.cur_local_commitment_transaction_number { + if msg.next_remote_commitment_number == INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number { + // Remote isn't waiting on any RevokeAndACK from us! + // Note that if we need to repeat our FundingLocked we'll do that in the next if block. + } else if msg.next_remote_commitment_number == (INITIAL_COMMITMENT_NUMBER - 1) - self.cur_local_commitment_transaction_number { let next_per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &self.build_local_commitment_secret(self.cur_local_commitment_transaction_number)); let per_commitment_secret = chan_utils::build_commitment_secret(self.local_keys.commitment_seed, self.cur_local_commitment_transaction_number + 2); required_revoke = Some(msgs::RevokeAndACK { @@ -1931,8 +2044,8 @@ impl Channel { return Err(HandleError{err: "Peer attempted to reestablish channel with a very old local commitment transaction", action: Some(msgs::ErrorAction::SendErrorMessage{msg: msgs::ErrorMessage{data: "Peer attempted to reestablish channel with a very old remote commitment transaction".to_string(), channel_id: msg.channel_id}})}); } - if msg.next_local_commitment_number == 0xffffffffffff - self.cur_remote_commitment_transaction_number { - if msg.next_remote_commitment_number == 0xffffffffffff - self.cur_local_commitment_transaction_number { + if msg.next_local_commitment_number == INITIAL_COMMITMENT_NUMBER - self.cur_remote_commitment_transaction_number { + if msg.next_remote_commitment_number == INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number { log_debug!(self, "Reconnected channel {} with no lost commitment txn", log_bytes!(self.channel_id())); if msg.next_local_commitment_number == 1 && msg.next_remote_commitment_number == 1 { let next_per_commitment_secret = self.build_local_commitment_secret(self.cur_local_commitment_transaction_number); @@ -1964,13 +2077,14 @@ impl Channel { } else { return Ok((None, required_revoke, None, None)); } - } else if msg.next_local_commitment_number == 0xfffffffffffe - self.cur_remote_commitment_transaction_number { + } else if msg.next_local_commitment_number == (INITIAL_COMMITMENT_NUMBER - 1) - self.cur_remote_commitment_transaction_number { return Ok((None, required_revoke, Some(msgs::CommitmentUpdate { update_add_htlcs: Vec::new(), update_fulfill_htlcs: Vec::new(), update_fail_htlcs: Vec::new(), update_fail_malformed_htlcs: Vec::new(), + update_fee: None, commitment_signed: self.send_commitment_no_state_update().expect("It looks like we failed to re-generate a commitment_signed we had previously sent?").0, }), None)); } else { @@ -2002,7 +2116,12 @@ impl Channel { if self.channel_outbound && msg.scriptpubkey.len() > 34 { return Err(HandleError{err: "Got shutdown_scriptpubkey of absurd length from remote peer", action: None}); } - //TODO: Check shutdown_scriptpubkey form as BOLT says we must? WHYYY + + //Check shutdown_scriptpubkey form as BOLT says we must + if !(msg.scriptpubkey.is_p2pkh()) && !(msg.scriptpubkey.is_p2sh()) + && !(msg.scriptpubkey.is_v0_p2wpkh()) && !(msg.scriptpubkey.is_v0_p2wsh()){ + return Err(HandleError{err: "Got an invalid scriptpubkey from remote peer", action: Some(msgs::ErrorAction::DisconnectPeer{ msg: None })}); + } if self.their_shutdown_scriptpubkey.is_some() { if Some(&msg.scriptpubkey) != self.their_shutdown_scriptpubkey.as_ref() { @@ -2088,7 +2207,7 @@ impl Channel { if !self.pending_inbound_htlcs.is_empty() || !self.pending_outbound_htlcs.is_empty() { return Err(HandleError{err: "Remote end sent us a closing_signed while there were still pending HTLCs", action: None}); } - if msg.fee_satoshis > 21000000 * 10000000 { + if msg.fee_satoshis > 21000000 * 10000000 { //this is required to stop potential overflow in build_closing_transaction return Err(HandleError{err: "Remote tried to send us a closing tx with > 21 million BTC fee", action: None}); } @@ -2215,6 +2334,11 @@ impl Channel { self.channel_value_satoshis } + #[cfg(test)] + pub fn get_feerate(&self) -> u64 { + self.feerate_per_kw + } + //TODO: Testing purpose only, should be changed in another way after #81 #[cfg(test)] pub fn get_local_keys(&self) -> &ChannelKeys { @@ -2230,6 +2354,10 @@ impl Channel { self.announce_publicly } + pub fn is_outbound(&self) -> bool { + self.channel_outbound + } + /// Gets the fee we'd want to charge for adding an HTLC output to this Channel /// Allowed in any state (including after shutdown) pub fn get_our_fee_base_msat(&self, fee_estimator: &FeeEstimator) -> u32 { @@ -2389,7 +2517,7 @@ impl Channel { panic!("Cannot generate an open_channel after we've moved forward"); } - if self.cur_local_commitment_transaction_number != (1 << 48) - 1 { + if self.cur_local_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER { panic!("Tried to send an open_channel for a channel that has already advanced"); } @@ -2425,7 +2553,7 @@ impl Channel { if self.channel_state != (ChannelState::OurInitSent as u32) | (ChannelState::TheirInitSent as u32) { panic!("Tried to send accept_channel after channel had moved forward"); } - if self.cur_local_commitment_transaction_number != (1 << 48) - 1 { + if self.cur_local_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER { panic!("Tried to send an accept_channel for a channel that has already advanced"); } @@ -2454,7 +2582,7 @@ impl Channel { let funding_script = self.get_funding_redeemscript(); let remote_keys = self.build_remote_transaction_keys()?; - let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false).0; + let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false, self.feerate_per_kw).0; let remote_sighash = Message::from_slice(&bip143::SighashComponents::new(&remote_initial_commitment_tx).sighash_all(&remote_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); // We sign the "remote" commitment transaction, allowing them to broadcast the tx if they wish. @@ -2474,7 +2602,9 @@ impl Channel { if self.channel_state != (ChannelState::OurInitSent as u32 | ChannelState::TheirInitSent as u32) { panic!("Tried to get a funding_created messsage at a time other than immediately after initial handshake completion (or tried to get funding_created twice)"); } - if self.channel_monitor.get_min_seen_secret() != (1 << 48) || self.cur_remote_commitment_transaction_number != (1 << 48) - 1 || self.cur_local_commitment_transaction_number != (1 << 48) - 1 { + if self.channel_monitor.get_min_seen_secret() != (1 << 48) || + self.cur_remote_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER || + self.cur_local_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER { panic!("Should not have advanced channel commitment tx numbers prior to funding_created"); } @@ -2551,8 +2681,8 @@ impl Channel { assert_eq!(self.channel_state & ChannelState::PeerDisconnected as u32, ChannelState::PeerDisconnected as u32); msgs::ChannelReestablish { channel_id: self.channel_id(), - next_local_commitment_number: 0xffffffffffff - self.cur_local_commitment_transaction_number, - next_remote_commitment_number: 0xffffffffffff - self.cur_remote_commitment_transaction_number, + next_local_commitment_number: INITIAL_COMMITMENT_NUMBER - self.cur_local_commitment_transaction_number, + next_remote_commitment_number: INITIAL_COMMITMENT_NUMBER - self.cur_remote_commitment_transaction_number, data_loss_protect: None, } } @@ -2655,7 +2785,7 @@ impl Channel { if (self.channel_state & (ChannelState::PeerDisconnected as u32)) == (ChannelState::PeerDisconnected as u32) { panic!("Cannot create commitment tx while disconnected, as send_htlc will have returned an Err so a send_commitment precondition has been violated"); } - let mut have_updates = false; // TODO initialize with "have we sent a fee update?" + let mut have_updates = self.pending_update_fee.is_some(); for htlc in self.pending_outbound_htlcs.iter() { if htlc.state == OutboundHTLCState::LocalAnnounced { have_updates = true; @@ -2699,8 +2829,15 @@ impl Channel { fn send_commitment_no_state_update(&self) -> Result<(msgs::CommitmentSigned, (Transaction, Vec)), HandleError> { let funding_script = self.get_funding_redeemscript(); + let mut feerate_per_kw = self.feerate_per_kw; + if let Some(feerate) = self.pending_update_fee { + if self.channel_outbound { + feerate_per_kw = feerate; + } + } + let remote_keys = self.build_remote_transaction_keys()?; - let remote_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, true); + let remote_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, true, feerate_per_kw); let remote_commitment_txid = remote_commitment_tx.0.txid(); let remote_sighash = Message::from_slice(&bip143::SighashComponents::new(&remote_commitment_tx.0).sighash_all(&remote_commitment_tx.0.input[0], &funding_script, self.channel_value_satoshis)[..]).unwrap(); let our_sig = self.secp_ctx.sign(&remote_sighash, &self.local_keys.funding_key); @@ -2708,7 +2845,7 @@ impl Channel { let mut htlc_sigs = Vec::new(); for ref htlc in remote_commitment_tx.1.iter() { - let htlc_tx = self.build_htlc_transaction(&remote_commitment_txid, htlc, false, &remote_keys); + let htlc_tx = self.build_htlc_transaction(&remote_commitment_txid, htlc, false, &remote_keys, feerate_per_kw); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &remote_keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); let our_htlc_key = secp_derived_key!(chan_utils::derive_private_key(&self.secp_ctx, &remote_keys.per_commitment_point, &self.local_keys.htlc_base_key), self.channel_id()); @@ -2910,7 +3047,7 @@ mod tests { macro_rules! test_commitment { ( $their_sig_hex: expr, $our_sig_hex: expr, $tx_hex: expr) => { - unsigned_tx = chan.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false); + unsigned_tx = chan.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false, chan.feerate_per_kw); let their_signature = Signature::from_der(&secp_ctx, &hex::decode($their_sig_hex).unwrap()[..]).unwrap(); let sighash = Message::from_slice(&bip143::SighashComponents::new(&unsigned_tx.0).sighash_all(&unsigned_tx.0.input[0], &chan.get_funding_redeemscript(), chan.channel_value_satoshis)[..]).unwrap(); secp_ctx.verify(&sighash, &their_signature, &chan.their_funding_pubkey.unwrap()).unwrap(); @@ -2927,7 +3064,7 @@ mod tests { let remote_signature = Signature::from_der(&secp_ctx, &hex::decode($their_sig_hex).unwrap()[..]).unwrap(); let ref htlc = unsigned_tx.1[$htlc_idx]; - let mut htlc_tx = chan.build_htlc_transaction(&unsigned_tx.0.txid(), &htlc, true, &keys); + let mut htlc_tx = chan.build_htlc_transaction(&unsigned_tx.0.txid(), &htlc, true, &keys, chan.feerate_per_kw); let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &keys); let htlc_sighash = Message::from_slice(&bip143::SighashComponents::new(&htlc_tx).sighash_all(&htlc_tx.input[0], &htlc_redeemscript, htlc.amount_msat / 1000)[..]).unwrap(); secp_ctx.verify(&htlc_sighash, &remote_signature, &keys.b_htlc_key).unwrap();