X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=src%2Fln%2Fchannelmanager.rs;h=5216882d4a90126be786776f60781443eb2b31f2;hb=8783a748bb952168623cb674f8ea3230d7c94b25;hp=70db9092392ee6b9d78ad6fb6c3e0aa1efa54df3;hpb=b1e313f26de90771b3570eac2282bad8e68ef95a;p=rust-lightning diff --git a/src/ln/channelmanager.rs b/src/ln/channelmanager.rs index 70db9092..5216882d 100644 --- a/src/ln/channelmanager.rs +++ b/src/ln/channelmanager.rs @@ -22,7 +22,7 @@ use secp256k1; use chain::chaininterface::{BroadcasterInterface,ChainListener,ChainWatchInterface,FeeEstimator}; use chain::transaction::OutPoint; use ln::channel::{Channel, ChannelError}; -use ln::channelmonitor::{ChannelMonitor, ChannelMonitorUpdateErr, ManyChannelMonitor, CLTV_CLAIM_BUFFER, HTLC_FAIL_TIMEOUT_BLOCKS}; +use ln::channelmonitor::{ChannelMonitor, ChannelMonitorUpdateErr, ManyChannelMonitor, CLTV_CLAIM_BUFFER, HTLC_FAIL_TIMEOUT_BLOCKS, HTLC_FAIL_ANTI_REORG_DELAY}; use ln::router::{Route,RouteHop}; use ln::msgs; use ln::msgs::{ChannelMessageHandler, DecodeError, HandleError}; @@ -34,6 +34,7 @@ use util::ser::{Readable, ReadableArgs, Writeable, Writer}; use util::chacha20poly1305rfc::ChaCha20; use util::logger::Logger; use util::errors::APIError; +use util::errors; use crypto; use crypto::mac::{Mac,MacResult}; @@ -63,6 +64,7 @@ use std::time::{Instant,Duration}; mod channel_held_info { use ln::msgs; use ln::router::Route; + use ln::channelmanager::PaymentHash; use secp256k1::key::SecretKey; /// Stores the info we will need to send when we want to forward an HTLC onwards @@ -70,7 +72,7 @@ mod channel_held_info { pub struct PendingForwardHTLCInfo { pub(super) onion_packet: Option, pub(super) incoming_shared_secret: [u8; 32], - pub(super) payment_hash: [u8; 32], + pub(super) payment_hash: PaymentHash, pub(super) short_channel_id: u64, pub(super) amt_to_forward: u64, pub(super) outgoing_cltv_value: u32, @@ -133,13 +135,21 @@ mod channel_held_info { } pub(super) use self::channel_held_info::*; -type ShutdownResult = (Vec, Vec<(HTLCSource, [u8; 32])>); +/// payment_hash type, use to cross-lock hop +#[derive(Hash, Copy, Clone, PartialEq, Eq, Debug)] +pub struct PaymentHash(pub [u8;32]); +/// payment_preimage type, use to route payment between hop +#[derive(Hash, Copy, Clone, PartialEq, Eq, Debug)] +pub struct PaymentPreimage(pub [u8;32]); + +type ShutdownResult = (Vec, Vec<(HTLCSource, PaymentHash)>); /// Error type returned across the channel_state mutex boundary. When an Err is generated for a /// Channel, we generally end up with a ChannelError::Close for which we have to close the channel /// immediately (ie with no further calls on it made). Thus, this step happens inside a /// channel_state lock. We then return the set of things that need to be done outside the lock in /// this struct and call handle_error!() on it. + struct MsgHandleErrInternal { err: msgs::HandleError, shutdown_finish: Option<(ShutdownResult, Option)>, @@ -248,7 +258,7 @@ struct ChannelHolder { /// Note that while this is held in the same mutex as the channels themselves, no consistency /// guarantees are made about the channels given here actually existing anymore by the time you /// go to read them! - claimable_htlcs: HashMap<[u8; 32], Vec>, + claimable_htlcs: HashMap>, /// Messages to send to peers - pushed to in the same lock that they are generated in (except /// for broadcast messages, where ordering isn't as strict). pending_msg_events: Vec, @@ -258,7 +268,7 @@ struct MutChannelHolder<'a> { short_to_id: &'a mut HashMap, next_forward: &'a mut Instant, forward_htlcs: &'a mut HashMap>, - claimable_htlcs: &'a mut HashMap<[u8; 32], Vec>, + claimable_htlcs: &'a mut HashMap>, pending_msg_events: &'a mut Vec, } impl ChannelHolder { @@ -332,16 +342,17 @@ pub struct ChannelManager { /// ie the node we forwarded the payment on to should always have enough room to reliably time out /// the HTLC via a full update_fail_htlc/commitment_signed dance before we hit the /// CLTV_CLAIM_BUFFER point (we static assert that its at least 3 blocks more). -const CLTV_EXPIRY_DELTA: u16 = 6 * 24 * 2; //TODO? +const CLTV_EXPIRY_DELTA: u16 = 6 * 12; //TODO? const CLTV_FAR_FAR_AWAY: u32 = 6 * 24 * 7; //TODO? -// Check that our CLTV_EXPIRY is at least CLTV_CLAIM_BUFFER + 2*HTLC_FAIL_TIMEOUT_BLOCKS, ie that -// if the next-hop peer fails the HTLC within HTLC_FAIL_TIMEOUT_BLOCKS then we'll still have -// HTLC_FAIL_TIMEOUT_BLOCKS left to fail it backwards ourselves before hitting the -// CLTV_CLAIM_BUFFER point and failing the channel on-chain to time out the HTLC. +// Check that our CLTV_EXPIRY is at least CLTV_CLAIM_BUFFER + 2*HTLC_FAIL_TIMEOUT_BLOCKS + +// HTLC_FAIL_ANTI_REORG_DELAY, ie that if the next-hop peer fails the HTLC within +// HTLC_FAIL_TIMEOUT_BLOCKS then we'll still have HTLC_FAIL_TIMEOUT_BLOCKS left to fail it +// backwards ourselves before hitting the CLTV_CLAIM_BUFFER point and failing the channel +// on-chain to time out the HTLC. #[deny(const_err)] #[allow(dead_code)] -const CHECK_CLTV_EXPIRY_SANITY: u32 = CLTV_EXPIRY_DELTA as u32 - 2*HTLC_FAIL_TIMEOUT_BLOCKS - CLTV_CLAIM_BUFFER; +const CHECK_CLTV_EXPIRY_SANITY: u32 = CLTV_EXPIRY_DELTA as u32 - 2*HTLC_FAIL_TIMEOUT_BLOCKS - CLTV_CLAIM_BUFFER - HTLC_FAIL_ANTI_REORG_DELAY; // Check for ability of an attacker to make us fail on-chain by delaying inbound claim. See // ChannelMontior::would_broadcast_at_height for a description of why this is needed. @@ -414,6 +425,7 @@ macro_rules! break_chan_entry { break Err(MsgHandleErrInternal::from_chan_no_close(ChannelError::Ignore(msg), $entry.key().clone())) }, Err(ChannelError::Close(msg)) => { + log_trace!($self, "Closing channel {} due to Close-required error: {}", log_bytes!($entry.key()[..]), msg); let (channel_id, mut chan) = $entry.remove_entry(); if let Some(short_id) = chan.get_short_channel_id() { $channel_state.short_to_id.remove(&short_id); @@ -432,6 +444,7 @@ macro_rules! try_chan_entry { return Err(MsgHandleErrInternal::from_chan_no_close(ChannelError::Ignore(msg), $entry.key().clone())) }, Err(ChannelError::Close(msg)) => { + log_trace!($self, "Closing channel {} due to Close-required error: {}", log_bytes!($entry.key()[..]), msg); let (channel_id, mut chan) = $entry.remove_entry(); if let Some(short_id) = chan.get_short_channel_id() { $channel_state.short_to_id.remove(&short_id); @@ -650,8 +663,7 @@ impl ChannelManager { } }; for htlc_source in failed_htlcs.drain(..) { - // unknown_next_peer...I dunno who that is anymore.... - self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 10, data: Vec::new() }); + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 8, data: Vec::new() }); } let chan_update = if let Some(chan) = chan_option { if let Ok(update) = self.get_channel_update(&chan) { @@ -672,9 +684,9 @@ impl ChannelManager { #[inline] fn finish_force_close_channel(&self, shutdown_res: ShutdownResult) { let (local_txn, mut failed_htlcs) = shutdown_res; + log_trace!(self, "Finishing force-closure of channel with {} transactions to broadcast and {} HTLCs to fail", local_txn.len(), failed_htlcs.len()); for htlc_source in failed_htlcs.drain(..) { - // unknown_next_peer...I dunno who that is anymore.... - self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 10, data: Vec::new() }); + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 8, data: Vec::new() }); } for tx in local_txn { self.tx_broadcaster.broadcast_transaction(&tx); @@ -698,6 +710,7 @@ impl ChannelManager { return; } }; + log_trace!(self, "Force-closing channel {}", log_bytes!(channel_id[..])); self.finish_force_close_channel(chan.force_shutdown()); if let Ok(update) = self.get_channel_update(&chan) { let mut channel_state = self.channel_state.lock().unwrap(); @@ -858,7 +871,7 @@ impl ChannelManager { } const ZERO:[u8; 21*65] = [0; 21*65]; - fn construct_onion_packet(mut payloads: Vec, onion_keys: Vec, associated_data: &[u8; 32]) -> msgs::OnionPacket { + fn construct_onion_packet(mut payloads: Vec, onion_keys: Vec, associated_data: &PaymentHash) -> msgs::OnionPacket { let mut buf = Vec::with_capacity(21*65); buf.resize(21*65, 0); @@ -895,7 +908,7 @@ impl ChannelManager { let mut hmac = Hmac::new(Sha256::new(), &keys.mu); hmac.input(&packet_data); - hmac.input(&associated_data[..]); + hmac.input(&associated_data.0[..]); hmac.raw_result(&mut hmac_res); } @@ -959,26 +972,26 @@ impl ChannelManager { } fn decode_update_add_htlc_onion(&self, msg: &msgs::UpdateAddHTLC) -> (PendingHTLCStatus, MutexGuard) { - macro_rules! get_onion_hash { - () => { + macro_rules! return_malformed_err { + ($msg: expr, $err_code: expr) => { { + log_info!(self, "Failed to accept/forward incoming HTLC: {}", $msg); + let mut sha256_of_onion = [0; 32]; let mut sha = Sha256::new(); sha.input(&msg.onion_routing_packet.hop_data); - let mut onion_hash = [0; 32]; - sha.result(&mut onion_hash); - onion_hash + sha.result(&mut sha256_of_onion); + return (PendingHTLCStatus::Fail(HTLCFailureMsg::Malformed(msgs::UpdateFailMalformedHTLC { + channel_id: msg.channel_id, + htlc_id: msg.htlc_id, + sha256_of_onion, + failure_code: $err_code, + })), self.channel_state.lock().unwrap()); } } } if let Err(_) = msg.onion_routing_packet.public_key { - log_info!(self, "Failed to accept/forward incoming HTLC with invalid ephemeral pubkey"); - return (PendingHTLCStatus::Fail(HTLCFailureMsg::Malformed(msgs::UpdateFailMalformedHTLC { - channel_id: msg.channel_id, - htlc_id: msg.htlc_id, - sha256_of_onion: get_onion_hash!(), - failure_code: 0x8000 | 0x4000 | 6, - })), self.channel_state.lock().unwrap()); + return_malformed_err!("invalid ephemeral pubkey", 0x8000 | 0x4000 | 6); } let shared_secret = { @@ -988,6 +1001,23 @@ impl ChannelManager { }; let (rho, mu) = ChannelManager::gen_rho_mu_from_shared_secret(&shared_secret); + if msg.onion_routing_packet.version != 0 { + //TODO: Spec doesn't indicate if we should only hash hop_data here (and in other + //sha256_of_onion error data packets), or the entire onion_routing_packet. Either way, + //the hash doesn't really serve any purpuse - in the case of hashing all data, the + //receiving node would have to brute force to figure out which version was put in the + //packet by the node that send us the message, in the case of hashing the hop_data, the + //node knows the HMAC matched, so they already know what is there... + return_malformed_err!("Unknown onion packet version", 0x8000 | 0x4000 | 4); + } + + let mut hmac = Hmac::new(Sha256::new(), &mu); + hmac.input(&msg.onion_routing_packet.hop_data); + hmac.input(&msg.payment_hash.0[..]); + if hmac.result() != MacResult::new(&msg.onion_routing_packet.hmac) { + return_malformed_err!("HMAC Check failed", 0x8000 | 0x4000 | 5); + } + let mut channel_state = None; macro_rules! return_err { ($msg: expr, $err_code: expr, $data: expr) => { @@ -1005,23 +1035,6 @@ impl ChannelManager { } } - if msg.onion_routing_packet.version != 0 { - //TODO: Spec doesn't indicate if we should only hash hop_data here (and in other - //sha256_of_onion error data packets), or the entire onion_routing_packet. Either way, - //the hash doesn't really serve any purpuse - in the case of hashing all data, the - //receiving node would have to brute force to figure out which version was put in the - //packet by the node that send us the message, in the case of hashing the hop_data, the - //node knows the HMAC matched, so they already know what is there... - return_err!("Unknown onion packet version", 0x8000 | 0x4000 | 4, &get_onion_hash!()); - } - - let mut hmac = Hmac::new(Sha256::new(), &mu); - hmac.input(&msg.onion_routing_packet.hop_data); - hmac.input(&msg.payment_hash); - if hmac.result() != MacResult::new(&msg.onion_routing_packet.hmac) { - return_err!("HMAC Check failed", 0x8000 | 0x4000 | 5, &get_onion_hash!()); - } - let mut chacha = ChaCha20::new(&rho, &[0u8; 8]); let next_hop_data = { let mut decoded = [0; 65]; @@ -1079,21 +1092,16 @@ impl ChannelManager { sha.input(&shared_secret); let mut res = [0u8; 32]; sha.result(&mut res); - match SecretKey::from_slice(&self.secp_ctx, &res) { - Err(_) => { - return_err!("Blinding factor is an invalid private key", 0x8000 | 0x4000 | 6, &get_onion_hash!()); - }, - Ok(key) => key - } + SecretKey::from_slice(&self.secp_ctx, &res).expect("SHA-256 is broken?") }; - if let Err(_) = new_pubkey.mul_assign(&self.secp_ctx, &blinding_factor) { - return_err!("New blinding factor is an invalid private key", 0x8000 | 0x4000 | 6, &get_onion_hash!()); - } + let public_key = if let Err(e) = new_pubkey.mul_assign(&self.secp_ctx, &blinding_factor) { + Err(e) + } else { Ok(new_pubkey) }; let outgoing_packet = msgs::OnionPacket { version: 0, - public_key: Ok(new_pubkey), + public_key, hop_data: new_packet_data, hmac: next_hop_data.hmac.clone(), }; @@ -1151,13 +1159,16 @@ impl ChannelManager { } { let mut res = Vec::with_capacity(8 + 128); - if code == 0x1000 | 11 || code == 0x1000 | 12 { - res.extend_from_slice(&byte_utils::be64_to_array(msg.amount_msat)); - } - else if code == 0x1000 | 13 { - res.extend_from_slice(&byte_utils::be32_to_array(msg.cltv_expiry)); - } if let Some(chan_update) = chan_update { + if code == 0x1000 | 11 || code == 0x1000 | 12 { + res.extend_from_slice(&byte_utils::be64_to_array(msg.amount_msat)); + } + else if code == 0x1000 | 13 { + res.extend_from_slice(&byte_utils::be32_to_array(msg.cltv_expiry)); + } + else if code == 0x1000 | 20 { + res.extend_from_slice(&byte_utils::be16_to_array(chan_update.contents.flags)); + } res.extend_from_slice(&chan_update.encode_with_len()[..]); } return_err!(err, code, &res[..]); @@ -1225,7 +1236,7 @@ impl ChannelManager { /// In case of APIError::MonitorUpdateFailed, the commitment update has been irrevocably /// committed on our end and we're just waiting for a monitor update to send it. Do NOT retry /// the payment via a different route unless you intend to pay twice! - pub fn send_payment(&self, route: Route, payment_hash: [u8; 32]) -> Result<(), APIError> { + pub fn send_payment(&self, route: Route, payment_hash: PaymentHash) -> Result<(), APIError> { if route.hops.len() < 1 || route.hops.len() > 20 { return Err(APIError::RouteError{err: "Route didn't go anywhere/had bogus size"}); } @@ -1520,7 +1531,7 @@ impl ChannelManager { } /// Indicates that the preimage for payment_hash is unknown or the received amount is incorrect after a PaymentReceived event. - pub fn fail_htlc_backwards(&self, payment_hash: &[u8; 32], reason: PaymentFailReason) -> bool { + pub fn fail_htlc_backwards(&self, payment_hash: &PaymentHash, reason: PaymentFailReason) -> bool { let _ = self.total_consistency_lock.read().unwrap(); let mut channel_state = Some(self.channel_state.lock().unwrap()); @@ -1540,38 +1551,67 @@ impl ChannelManager { /// to fail and take the channel_state lock for each iteration (as we take ownership and may /// drop it). In other words, no assumptions are made that entries in claimable_htlcs point to /// still-available channels. - fn fail_htlc_backwards_internal(&self, mut channel_state_lock: MutexGuard, source: HTLCSource, payment_hash: &[u8; 32], onion_error: HTLCFailReason) { + fn fail_htlc_backwards_internal(&self, mut channel_state_lock: MutexGuard, source: HTLCSource, payment_hash: &PaymentHash, onion_error: HTLCFailReason) { match source { - HTLCSource::OutboundRoute { .. } => { + HTLCSource::OutboundRoute { ref route, .. } => { + log_trace!(self, "Failing outbound payment HTLC with payment_hash {}", log_bytes!(payment_hash.0)); mem::drop(channel_state_lock); - if let &HTLCFailReason::ErrorPacket { ref err } = &onion_error { - let (channel_update, payment_retryable) = self.process_onion_failure(&source, err.data.clone()); - if let Some(update) = channel_update { - self.channel_state.lock().unwrap().pending_msg_events.push( - events::MessageSendEvent::PaymentFailureNetworkUpdate { - update, + match &onion_error { + &HTLCFailReason::ErrorPacket { ref err } => { +#[cfg(test)] + let (channel_update, payment_retryable, onion_error_code) = self.process_onion_failure(&source, err.data.clone()); +#[cfg(not(test))] + let (channel_update, payment_retryable, _) = self.process_onion_failure(&source, err.data.clone()); + // TODO: If we decided to blame ourselves (or one of our channels) in + // process_onion_failure we should close that channel as it implies our + // next-hop is needlessly blaming us! + if let Some(update) = channel_update { + self.channel_state.lock().unwrap().pending_msg_events.push( + events::MessageSendEvent::PaymentFailureNetworkUpdate { + update, + } + ); + } + self.pending_events.lock().unwrap().push( + events::Event::PaymentFailed { + payment_hash: payment_hash.clone(), + rejected_by_dest: !payment_retryable, +#[cfg(test)] + error_code: onion_error_code + } + ); + }, + &HTLCFailReason::Reason { +#[cfg(test)] + ref failure_code, + .. } => { + // we get a fail_malformed_htlc from the first hop + // TODO: We'd like to generate a PaymentFailureNetworkUpdate for temporary + // failures here, but that would be insufficient as Router::get_route + // generally ignores its view of our own channels as we provide them via + // ChannelDetails. + // TODO: For non-temporary failures, we really should be closing the + // channel here as we apparently can't relay through them anyway. + self.pending_events.lock().unwrap().push( + events::Event::PaymentFailed { + payment_hash: payment_hash.clone(), + rejected_by_dest: route.hops.len() == 1, +#[cfg(test)] + error_code: Some(*failure_code), } ); } - self.pending_events.lock().unwrap().push(events::Event::PaymentFailed { - payment_hash: payment_hash.clone(), - rejected_by_dest: !payment_retryable, - }); - } else { - //TODO: Pass this back (see GH #243) - self.pending_events.lock().unwrap().push(events::Event::PaymentFailed { - payment_hash: payment_hash.clone(), - rejected_by_dest: false, // We failed it ourselves, can't blame them - }); } }, HTLCSource::PreviousHopData(HTLCPreviousHopData { short_channel_id, htlc_id, incoming_packet_shared_secret }) => { let err_packet = match onion_error { HTLCFailReason::Reason { failure_code, data } => { + log_trace!(self, "Failing HTLC with payment_hash {} backwards from us with code {}", log_bytes!(payment_hash.0), failure_code); let packet = ChannelManager::build_failure_packet(&incoming_packet_shared_secret, failure_code, &data[..]).encode(); ChannelManager::encrypt_failure_packet(&incoming_packet_shared_secret, &packet) }, HTLCFailReason::ErrorPacket { err } => { + log_trace!(self, "Failing HTLC with payment_hash {} backwards with pre-built ErrorPacket", log_bytes!(payment_hash.0)); ChannelManager::encrypt_failure_packet(&incoming_packet_shared_secret, &err.data) } }; @@ -1616,11 +1656,11 @@ impl ChannelManager { /// should probably kick the net layer to go send messages if this returns true! /// /// May panic if called except in response to a PaymentReceived event. - pub fn claim_funds(&self, payment_preimage: [u8; 32]) -> bool { + pub fn claim_funds(&self, payment_preimage: PaymentPreimage) -> bool { let mut sha = Sha256::new(); - sha.input(&payment_preimage); - let mut payment_hash = [0; 32]; - sha.result(&mut payment_hash); + sha.input(&payment_preimage.0[..]); + let mut payment_hash = PaymentHash([0; 32]); + sha.result(&mut payment_hash.0[..]); let _ = self.total_consistency_lock.read().unwrap(); @@ -1634,7 +1674,7 @@ impl ChannelManager { true } else { false } } - fn claim_funds_internal(&self, mut channel_state_lock: MutexGuard, source: HTLCSource, payment_preimage: [u8; 32]) { + fn claim_funds_internal(&self, mut channel_state_lock: MutexGuard, source: HTLCSource, payment_preimage: PaymentPreimage) { match source { HTLCSource::OutboundRoute { .. } => { mem::drop(channel_state_lock); @@ -1954,8 +1994,7 @@ impl ChannelManager { } }; for htlc_source in dropped_htlcs.drain(..) { - // unknown_next_peer...I dunno who that is anymore.... - self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 10, data: Vec::new() }); + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source.0, &htlc_source.1, HTLCFailReason::Reason { failure_code: 0x4000 | 8, data: Vec::new() }); } if let Some(chan) = chan_option { if let Ok(update) = self.get_channel_update(&chan) { @@ -2043,7 +2082,17 @@ impl ChannelManager { channel_id: msg.channel_id, htlc_id: msg.htlc_id, reason: if let Ok(update) = chan_update { - ChannelManager::build_first_hop_failure_packet(&incoming_shared_secret, 0x1000|20, &update.encode_with_len()[..]) + // TODO: Note that |20 is defined as "channel FROM the processing + // node has been disabled" (emphasis mine), which seems to imply + // that we can't return |20 for an inbound channel being disabled. + // This probably needs a spec update but should definitely be + // allowed. + ChannelManager::build_first_hop_failure_packet(&incoming_shared_secret, 0x1000|20, &{ + let mut res = Vec::with_capacity(8 + 128); + res.extend_from_slice(&byte_utils::be16_to_array(update.contents.flags)); + res.extend_from_slice(&update.encode_with_len()[..]); + res + }[..]) } else { // This can only happen if the channel isn't in the fully-funded // state yet, implying our counterparty is trying to route payments @@ -2083,29 +2132,20 @@ impl ChannelManager { // Process failure we got back from upstream on a payment we sent. Returns update and a boolean // indicating that the payment itself failed - fn process_onion_failure(&self, htlc_source: &HTLCSource, mut packet_decrypted: Vec) -> (Option, bool) { + fn process_onion_failure(&self, htlc_source: &HTLCSource, mut packet_decrypted: Vec) -> (Option, bool, Option) { if let &HTLCSource::OutboundRoute { ref route, ref session_priv, ref first_hop_htlc_msat } = htlc_source { - macro_rules! onion_failure_log { - ( $error_code_textual: expr, $error_code: expr, $reported_name: expr, $reported_value: expr ) => { - log_trace!(self, "{}({:#x}) {}({})", $error_code_textual, $error_code, $reported_name, $reported_value); - }; - ( $error_code_textual: expr, $error_code: expr ) => { - log_trace!(self, "{}({})", $error_code_textual, $error_code); - }; - } - - const BADONION: u16 = 0x8000; - const PERM: u16 = 0x4000; - const UPDATE: u16 = 0x1000; let mut res = None; let mut htlc_msat = *first_hop_htlc_msat; + let mut error_code_ret = None; + let mut next_route_hop_ix = 0; + let mut is_from_final_node = false; // Handle packed channel/node updates for passing back for the route handler Self::construct_onion_keys_callback(&self.secp_ctx, route, session_priv, |shared_secret, _, _, route_hop| { + next_route_hop_ix += 1; if res.is_some() { return; } - let incoming_htlc_msat = htlc_msat; let amt_to_forward = htlc_msat - route_hop.fee_msat; htlc_msat = amt_to_forward; @@ -2117,7 +2157,7 @@ impl ChannelManager { chacha.process(&packet_decrypted, &mut decryption_tmp[..]); packet_decrypted = decryption_tmp; - let is_from_final_node = route.hops.last().unwrap().pubkey == route_hop.pubkey; + is_from_final_node = route.hops.last().unwrap().pubkey == route_hop.pubkey; if let Ok(err_packet) = msgs::DecodedOnionErrorPacket::read(&mut Cursor::new(&packet_decrypted)) { let um = ChannelManager::gen_um_from_shared_secret(&shared_secret[..]); @@ -2127,155 +2167,118 @@ impl ChannelManager { hmac.raw_result(&mut calc_tag); if crypto::util::fixed_time_eq(&calc_tag, &err_packet.hmac) { - if err_packet.failuremsg.len() < 2 { - // Useless packet that we can't use but it passed HMAC, so it - // definitely came from the peer in question - res = Some((None, !is_from_final_node)); - } else { - let error_code = byte_utils::slice_to_be16(&err_packet.failuremsg[0..2]); - - match error_code & 0xff { - 1|2|3 => { - // either from an intermediate or final node - // invalid_realm(PERM|1), - // temporary_node_failure(NODE|2) - // permanent_node_failure(PERM|NODE|2) - // required_node_feature_mssing(PERM|NODE|3) - res = Some((Some(msgs::HTLCFailChannelUpdate::NodeFailure { - node_id: route_hop.pubkey, - is_permanent: error_code & PERM == PERM, - }), !(error_code & PERM == PERM && is_from_final_node))); - // node returning invalid_realm is removed from network_map, - // although NODE flag is not set, TODO: or remove channel only? - // retry payment when removed node is not a final node - return; - }, - _ => {} - } + if let Some(error_code_slice) = err_packet.failuremsg.get(0..2) { + const PERM: u16 = 0x4000; + const NODE: u16 = 0x2000; + const UPDATE: u16 = 0x1000; - if is_from_final_node { - let payment_retryable = match error_code { - c if c == PERM|15 => false, // unknown_payment_hash - c if c == PERM|16 => false, // incorrect_payment_amount - 17 => true, // final_expiry_too_soon - 18 if err_packet.failuremsg.len() == 6 => { // final_incorrect_cltv_expiry - let _reported_cltv_expiry = byte_utils::slice_to_be32(&err_packet.failuremsg[2..2+4]); - true - }, - 19 if err_packet.failuremsg.len() == 10 => { // final_incorrect_htlc_amount - let _reported_incoming_htlc_msat = byte_utils::slice_to_be64(&err_packet.failuremsg[2..2+8]); - true - }, - _ => { - // A final node has sent us either an invalid code or an error_code that - // MUST be sent from the processing node, or the formmat of failuremsg - // does not coform to the spec. - // Remove it from the network map and don't may retry payment - res = Some((Some(msgs::HTLCFailChannelUpdate::NodeFailure { - node_id: route_hop.pubkey, - is_permanent: true, - }), false)); - return; - } - }; - res = Some((None, payment_retryable)); - return; - } + let error_code = byte_utils::slice_to_be16(&error_code_slice); + error_code_ret = Some(error_code); - // now, error_code should be only from the intermediate nodes - match error_code { - _c if error_code & PERM == PERM => { - res = Some((Some(msgs::HTLCFailChannelUpdate::ChannelClosed { - short_channel_id: route_hop.short_channel_id, - is_permanent: true, - }), false)); - }, - _c if error_code & UPDATE == UPDATE => { - let offset = match error_code { - c if c == UPDATE|7 => 0, // temporary_channel_failure - c if c == UPDATE|11 => 8, // amount_below_minimum - c if c == UPDATE|12 => 8, // fee_insufficient - c if c == UPDATE|13 => 4, // incorrect_cltv_expiry - c if c == UPDATE|14 => 0, // expiry_too_soon - c if c == UPDATE|20 => 2, // channel_disabled - _ => { - // node sending unknown code - res = Some((Some(msgs::HTLCFailChannelUpdate::NodeFailure { - node_id: route_hop.pubkey, - is_permanent: true, - }), false)); - return; - } - }; - - if err_packet.failuremsg.len() >= offset + 2 { - let update_len = byte_utils::slice_to_be16(&err_packet.failuremsg[offset+2..offset+4]) as usize; - if err_packet.failuremsg.len() >= offset + 4 + update_len { - if let Ok(chan_update) = msgs::ChannelUpdate::read(&mut Cursor::new(&err_packet.failuremsg[offset + 4..offset + 4 + update_len])) { - // if channel_update should NOT have caused the failure: - // MAY treat the channel_update as invalid. - let is_chan_update_invalid = match error_code { - c if c == UPDATE|7 => { // temporary_channel_failure - false - }, - c if c == UPDATE|11 => { // amount_below_minimum - let reported_htlc_msat = byte_utils::slice_to_be64(&err_packet.failuremsg[2..2+8]); - onion_failure_log!("amount_below_minimum", UPDATE|11, "htlc_msat", reported_htlc_msat); - incoming_htlc_msat > chan_update.contents.htlc_minimum_msat - }, - c if c == UPDATE|12 => { // fee_insufficient - let reported_htlc_msat = byte_utils::slice_to_be64(&err_packet.failuremsg[2..2+8]); - let new_fee = amt_to_forward.checked_mul(chan_update.contents.fee_proportional_millionths as u64).and_then(|prop_fee| { (prop_fee / 1000000).checked_add(chan_update.contents.fee_base_msat as u64) }); - onion_failure_log!("fee_insufficient", UPDATE|12, "htlc_msat", reported_htlc_msat); - new_fee.is_none() || incoming_htlc_msat >= new_fee.unwrap() && incoming_htlc_msat >= amt_to_forward + new_fee.unwrap() - } - c if c == UPDATE|13 => { // incorrect_cltv_expiry - let reported_cltv_expiry = byte_utils::slice_to_be32(&err_packet.failuremsg[2..2+4]); - onion_failure_log!("incorrect_cltv_expiry", UPDATE|13, "cltv_expiry", reported_cltv_expiry); - route_hop.cltv_expiry_delta as u16 >= chan_update.contents.cltv_expiry_delta - }, - c if c == UPDATE|20 => { // channel_disabled - let reported_flags = byte_utils::slice_to_be16(&err_packet.failuremsg[2..2+2]); - onion_failure_log!("channel_disabled", UPDATE|20, "flags", reported_flags); - chan_update.contents.flags & 0x01 == 0x01 - }, - c if c == UPDATE|21 => true, // expiry_too_far - _ => { unreachable!(); }, - }; - - let msg = if is_chan_update_invalid { None } else { - Some(msgs::HTLCFailChannelUpdate::ChannelUpdateMessage { - msg: chan_update, - }) - }; - res = Some((msg, true)); - return; - } + let (debug_field, debug_field_size) = errors::get_onion_debug_field(error_code); + + // indicate that payment parameter has failed and no need to + // update Route object + let payment_failed = (match error_code & 0xff { + 15|16|17|18|19 => true, + _ => false, + } && is_from_final_node) // PERM bit observed below even this error is from the intermediate nodes + || error_code == 21; // Special case error 21 as the Route object is bogus, TODO: Maybe fail the node if the CLTV was reasonable? + + let mut fail_channel_update = None; + + if error_code & NODE == NODE { + fail_channel_update = Some(msgs::HTLCFailChannelUpdate::NodeFailure { node_id: route_hop.pubkey, is_permanent: error_code & PERM == PERM }); + } + else if error_code & PERM == PERM { + fail_channel_update = if payment_failed {None} else {Some(msgs::HTLCFailChannelUpdate::ChannelClosed { + short_channel_id: route.hops[next_route_hop_ix - if next_route_hop_ix == route.hops.len() { 1 } else { 0 }].short_channel_id, + is_permanent: true, + })}; + } + else if error_code & UPDATE == UPDATE { + if let Some(update_len_slice) = err_packet.failuremsg.get(debug_field_size+2..debug_field_size+4) { + let update_len = byte_utils::slice_to_be16(&update_len_slice) as usize; + if let Some(update_slice) = err_packet.failuremsg.get(debug_field_size + 4..debug_field_size + 4 + update_len) { + if let Ok(chan_update) = msgs::ChannelUpdate::read(&mut Cursor::new(&update_slice)) { + // if channel_update should NOT have caused the failure: + // MAY treat the channel_update as invalid. + let is_chan_update_invalid = match error_code & 0xff { + 7 => false, + 11 => amt_to_forward > chan_update.contents.htlc_minimum_msat, + 12 => { + let new_fee = amt_to_forward.checked_mul(chan_update.contents.fee_proportional_millionths as u64).and_then(|prop_fee| { (prop_fee / 1000000).checked_add(chan_update.contents.fee_base_msat as u64) }); + new_fee.is_some() && route_hop.fee_msat >= new_fee.unwrap() + } + 13 => route_hop.cltv_expiry_delta as u16 >= chan_update.contents.cltv_expiry_delta, + 14 => false, // expiry_too_soon; always valid? + 20 => chan_update.contents.flags & 2 == 0, + _ => false, // unknown error code; take channel_update as valid + }; + fail_channel_update = if is_chan_update_invalid { + // This probably indicates the node which forwarded + // to the node in question corrupted something. + Some(msgs::HTLCFailChannelUpdate::ChannelClosed { + short_channel_id: route_hop.short_channel_id, + is_permanent: true, + }) + } else { + Some(msgs::HTLCFailChannelUpdate::ChannelUpdateMessage { + msg: chan_update, + }) + }; } } - }, - _c if error_code & BADONION == BADONION => { - //TODO - }, - 14 => { // expiry_too_soon - res = Some((None, true)); - return; } - _ => { - // node sending unknown code - res = Some((Some(msgs::HTLCFailChannelUpdate::NodeFailure { + if fail_channel_update.is_none() { + // They provided an UPDATE which was obviously bogus, not worth + // trying to relay through them anymore. + fail_channel_update = Some(msgs::HTLCFailChannelUpdate::NodeFailure { node_id: route_hop.pubkey, is_permanent: true, - }), false)); - return; + }); } + } else if !payment_failed { + // We can't understand their error messages and they failed to + // forward...they probably can't understand our forwards so its + // really not worth trying any further. + fail_channel_update = Some(msgs::HTLCFailChannelUpdate::NodeFailure { + node_id: route_hop.pubkey, + is_permanent: true, + }); + } + + // TODO: Here (and a few other places) we assume that BADONION errors + // are always "sourced" from the node previous to the one which failed + // to decode the onion. + res = Some((fail_channel_update, !(error_code & PERM == PERM && is_from_final_node))); + + let (description, title) = errors::get_onion_error_description(error_code); + if debug_field_size > 0 && err_packet.failuremsg.len() >= 4 + debug_field_size { + log_warn!(self, "Onion Error[{}({:#x}) {}({})] {}", title, error_code, debug_field, log_bytes!(&err_packet.failuremsg[4..4+debug_field_size]), description); } + else { + log_warn!(self, "Onion Error[{}({:#x})] {}", title, error_code, description); + } + } else { + // Useless packet that we can't use but it passed HMAC, so it + // definitely came from the peer in question + res = Some((Some(msgs::HTLCFailChannelUpdate::NodeFailure { + node_id: route_hop.pubkey, + is_permanent: true, + }), !is_from_final_node)); } } } }).expect("Route that we sent via spontaneously grew invalid keys in the middle of it?"); - res.unwrap_or((None, true)) - } else { ((None, true)) } + if let Some((channel_update, payment_retryable)) = res { + (channel_update, payment_retryable, error_code_ret) + } else { + // only not set either packet unparseable or hmac does not match with any + // payment not retryable only when garbage is from the final node + (None, !is_from_final_node, None) + } + } else { unreachable!(); } } fn internal_update_fail_htlc(&self, their_node_id: &PublicKey, msg: &msgs::UpdateFailHTLC) -> Result<(), MsgHandleErrInternal> { @@ -2633,9 +2636,11 @@ impl events::MessageSendEventsProvider for ChannelManager { //TODO: This behavior should be documented. for htlc_update in self.monitor.fetch_pending_htlc_updated() { if let Some(preimage) = htlc_update.payment_preimage { + log_trace!(self, "Claiming HTLC with preimage {} from our monitor", log_bytes!(preimage.0)); self.claim_funds_internal(self.channel_state.lock().unwrap(), htlc_update.source, preimage); } else { - self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_update.source, &htlc_update.payment_hash, HTLCFailReason::Reason { failure_code: 0x4000 | 10, data: Vec::new() }); + log_trace!(self, "Failing HTLC with hash {} from our monitor", log_bytes!(htlc_update.payment_hash.0)); + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_update.source, &htlc_update.payment_hash, HTLCFailReason::Reason { failure_code: 0x4000 | 8, data: Vec::new() }); } } } @@ -2656,9 +2661,11 @@ impl events::EventsProvider for ChannelManager { //TODO: This behavior should be documented. for htlc_update in self.monitor.fetch_pending_htlc_updated() { if let Some(preimage) = htlc_update.payment_preimage { + log_trace!(self, "Claiming HTLC with preimage {} from our monitor", log_bytes!(preimage.0)); self.claim_funds_internal(self.channel_state.lock().unwrap(), htlc_update.source, preimage); } else { - self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_update.source, &htlc_update.payment_hash, HTLCFailReason::Reason { failure_code: 0x4000 | 10, data: Vec::new() }); + log_trace!(self, "Failing HTLC with hash {} from our monitor", log_bytes!(htlc_update.payment_hash.0)); + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_update.source, &htlc_update.payment_hash, HTLCFailReason::Reason { failure_code: 0x4000 | 8, data: Vec::new() }); } } } @@ -2672,6 +2679,8 @@ impl events::EventsProvider for ChannelManager { impl ChainListener for ChannelManager { fn block_connected(&self, header: &BlockHeader, height: u32, txn_matched: &[&Transaction], indexes_of_txn_matched: &[u32]) { + let header_hash = header.bitcoin_hash(); + log_trace!(self, "Block {} at height {} connected with {} txn matched", header_hash, height, txn_matched.len()); let _ = self.total_consistency_lock.read().unwrap(); let mut failed_channels = Vec::new(); { @@ -2704,6 +2713,7 @@ impl ChainListener for ChannelManager { for tx in txn_matched { for inp in tx.input.iter() { if inp.previous_output == funding_txo.into_bitcoin_outpoint() { + log_trace!(self, "Detected channel-closing tx {} spending {}:{}, closing channel {}", tx.txid(), inp.previous_output.txid, inp.previous_output.vout, log_bytes!(channel.channel_id())); if let Some(short_id) = channel.get_short_channel_id() { short_to_id.remove(&short_id); } @@ -2744,7 +2754,7 @@ impl ChainListener for ChannelManager { self.finish_force_close_channel(failure); } self.latest_block_height.store(height as usize, Ordering::Release); - *self.last_block_hash.try_lock().expect("block_(dis)connected must not be called in parallel") = header.bitcoin_hash(); + *self.last_block_hash.try_lock().expect("block_(dis)connected must not be called in parallel") = header_hash; } /// We force-close the channel without letting our counterparty participate in the shutdown @@ -3353,7 +3363,7 @@ mod tests { use chain::keysinterface::{KeysInterface, SpendableOutputDescriptor}; use chain::keysinterface; use ln::channel::{COMMITMENT_TX_BASE_WEIGHT, COMMITMENT_TX_WEIGHT_PER_HTLC}; - use ln::channelmanager::{ChannelManager,ChannelManagerReadArgs,OnionKeys,PaymentFailReason,RAACommitmentOrder}; + use ln::channelmanager::{ChannelManager,ChannelManagerReadArgs,OnionKeys,PaymentFailReason,RAACommitmentOrder, PaymentPreimage, PaymentHash}; use ln::channelmonitor::{ChannelMonitor, ChannelMonitorUpdateErr, CLTV_CLAIM_BUFFER, HTLC_FAIL_TIMEOUT_BLOCKS, ManyChannelMonitor}; use ln::channel::{ACCEPTED_HTLC_SCRIPT_WEIGHT, OFFERED_HTLC_SCRIPT_WEIGHT}; use ln::router::{Route, RouteHop, Router}; @@ -3388,7 +3398,7 @@ mod tests { use rand::{thread_rng,Rng}; use std::cell::RefCell; - use std::collections::{BTreeSet, HashMap}; + use std::collections::{BTreeSet, HashMap, HashSet}; use std::default::Default; use std::rc::Rc; use std::sync::{Arc, Mutex}; @@ -3516,7 +3526,7 @@ mod tests { }, ); - let packet = ChannelManager::construct_onion_packet(payloads, onion_keys, &[0x42; 32]); + let packet = ChannelManager::construct_onion_packet(payloads, onion_keys, &PaymentHash([0x42; 32])); // Just check the final packet encoding, as it includes all the per-hop vectors in it // anyway... assert_eq!(packet.encode(), hex::decode("0002eec7245d6b7d2ccb30380bfbe2a3648cd7a942653f5aa340edcea1f283686619e5f14350c2a76fc232b5e46d421e9615471ab9e0bc887beff8c95fdb878f7b3a716a996c7845c93d90e4ecbb9bde4ece2f69425c99e4bc820e44485455f135edc0d10f7d61ab590531cf08000179a333a347f8b4072f216400406bdf3bf038659793d4a1fd7b246979e3150a0a4cb052c9ec69acf0f48c3d39cd55675fe717cb7d80ce721caad69320c3a469a202f1e468c67eaf7a7cd8226d0fd32f7b48084dca885d56047694762b67021713ca673929c163ec36e04e40ca8e1c6d17569419d3039d9a1ec866abe044a9ad635778b961fc0776dc832b3a451bd5d35072d2269cf9b040f6b7a7dad84fb114ed413b1426cb96ceaf83825665ed5a1d002c1687f92465b49ed4c7f0218ff8c6c7dd7221d589c65b3b9aaa71a41484b122846c7c7b57e02e679ea8469b70e14fe4f70fee4d87b910cf144be6fe48eef24da475c0b0bcc6565ae82cd3f4e3b24c76eaa5616c6111343306ab35c1fe5ca4a77c0e314ed7dba39d6f1e0de791719c241a939cc493bea2bae1c1e932679ea94d29084278513c77b899cc98059d06a27d171b0dbdf6bee13ddc4fc17a0c4d2827d488436b57baa167544138ca2e64a11b43ac8a06cd0c2fba2d4d900ed2d9205305e2d7383cc98dacb078133de5f6fb6bed2ef26ba92cea28aafc3b9948dd9ae5559e8bd6920b8cea462aa445ca6a95e0e7ba52961b181c79e73bd581821df2b10173727a810c92b83b5ba4a0403eb710d2ca10689a35bec6c3a708e9e92f7d78ff3c5d9989574b00c6736f84c199256e76e19e78f0c98a9d580b4a658c84fc8f2096c2fbea8f5f8c59d0fdacb3be2802ef802abbecb3aba4acaac69a0e965abd8981e9896b1f6ef9d60f7a164b371af869fd0e48073742825e9434fc54da837e120266d53302954843538ea7c6c3dbfb4ff3b2fdbe244437f2a153ccf7bdb4c92aa08102d4f3cff2ae5ef86fab4653595e6a5837fa2f3e29f27a9cde5966843fb847a4a61f1e76c281fe8bb2b0a181d096100db5a1a5ce7a910238251a43ca556712eaadea167fb4d7d75825e440f3ecd782036d7574df8bceacb397abefc5f5254d2722215c53ff54af8299aaaad642c6d72a14d27882d9bbd539e1cc7a527526ba89b8c037ad09120e98ab042d3e8652b31ae0e478516bfaf88efca9f3676ffe99d2819dcaeb7610a626695f53117665d267d3f7abebd6bbd6733f645c72c389f03855bdf1e4b8075b516569b118233a0f0971d24b83113c0b096f5216a207ca99a7cddc81c130923fe3d91e7508c9ac5f2e914ff5dccab9e558566fa14efb34ac98d878580814b94b73acbfde9072f30b881f7f0fff42d4045d1ace6322d86a97d164aa84d93a60498065cc7c20e636f5862dc81531a88c60305a2e59a985be327a6902e4bed986dbf4a0b50c217af0ea7fdf9ab37f9ea1a1aaa72f54cf40154ea9b269f1a7c09f9f43245109431a175d50e2db0132337baa0ef97eed0fcf20489da36b79a1172faccc2f7ded7c60e00694282d93359c4682135642bc81f433574aa8ef0c97b4ade7ca372c5ffc23c7eddd839bab4e0f14d6df15c9dbeab176bec8b5701cf054eb3072f6dadc98f88819042bf10c407516ee58bce33fbe3b3d86a54255e577db4598e30a135361528c101683a5fcde7e8ba53f3456254be8f45fe3a56120ae96ea3773631fcb3873aa3abd91bcff00bd38bd43697a2e789e00da6077482e7b1b1a677b5afae4c54e6cbdf7377b694eb7d7a5b913476a5be923322d3de06060fd5e819635232a2cf4f0731da13b8546d1d6d4f8d75b9fce6c2341a71b0ea6f780df54bfdb0dd5cd9855179f602f9172307c7268724c3618e6817abd793adc214a0dc0bc616816632f27ea336fb56dfd").unwrap()); @@ -3560,6 +3570,7 @@ mod tests { chain_monitor: Arc, tx_broadcaster: Arc, chan_monitor: Arc, + keys_manager: Arc, node: Arc, router: Router, node_seed: [u8; 32], @@ -3767,6 +3778,8 @@ mod tests { let as_update = match events_8[0] { MessageSendEvent::BroadcastChannelAnnouncement { ref msg, ref update_msg } => { assert!(*announcement == *msg); + assert_eq!(update_msg.contents.short_channel_id, announcement.contents.short_channel_id); + assert_eq!(update_msg.contents.short_channel_id, bs_update.contents.short_channel_id); update_msg }, _ => panic!("Unexpected event"), @@ -4020,18 +4033,18 @@ mod tests { macro_rules! get_payment_preimage_hash { ($node: expr) => { { - let payment_preimage = [*$node.network_payment_count.borrow(); 32]; + let payment_preimage = PaymentPreimage([*$node.network_payment_count.borrow(); 32]); *$node.network_payment_count.borrow_mut() += 1; - let mut payment_hash = [0; 32]; + let mut payment_hash = PaymentHash([0; 32]); let mut sha = Sha256::new(); - sha.input(&payment_preimage[..]); - sha.result(&mut payment_hash); + sha.input(&payment_preimage.0[..]); + sha.result(&mut payment_hash.0[..]); (payment_preimage, payment_hash) } } } - fn send_along_route(origin_node: &Node, route: Route, expected_route: &[&Node], recv_value: u64) -> ([u8; 32], [u8; 32]) { + fn send_along_route(origin_node: &Node, route: Route, expected_route: &[&Node], recv_value: u64) -> (PaymentPreimage, PaymentHash) { let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(origin_node); let mut payment_event = { @@ -4085,7 +4098,7 @@ mod tests { (our_payment_preimage, our_payment_hash) } - fn claim_payment_along_route(origin_node: &Node, expected_route: &[&Node], skip_last: bool, our_payment_preimage: [u8; 32]) { + fn claim_payment_along_route(origin_node: &Node, expected_route: &[&Node], skip_last: bool, our_payment_preimage: PaymentPreimage) { assert!(expected_route.last().unwrap().node.claim_funds(our_payment_preimage)); check_added_monitors!(expected_route.last().unwrap(), 1); @@ -4170,13 +4183,13 @@ mod tests { } } - fn claim_payment(origin_node: &Node, expected_route: &[&Node], our_payment_preimage: [u8; 32]) { + fn claim_payment(origin_node: &Node, expected_route: &[&Node], our_payment_preimage: PaymentPreimage) { claim_payment_along_route(origin_node, expected_route, false, our_payment_preimage); } const TEST_FINAL_CLTV: u32 = 32; - fn route_payment(origin_node: &Node, expected_route: &[&Node], recv_value: u64) -> ([u8; 32], [u8; 32]) { + fn route_payment(origin_node: &Node, expected_route: &[&Node], recv_value: u64) -> (PaymentPreimage, PaymentHash) { let route = origin_node.router.get_route(&expected_route.last().unwrap().node.get_our_node_id(), None, &Vec::new(), recv_value, TEST_FINAL_CLTV).unwrap(); assert_eq!(route.hops.len(), expected_route.len()); for (node, hop) in expected_route.iter().zip(route.hops.iter()) { @@ -4207,7 +4220,7 @@ mod tests { claim_payment(&origin, expected_route, our_payment_preimage); } - fn fail_payment_along_route(origin_node: &Node, expected_route: &[&Node], skip_last: bool, our_payment_hash: [u8; 32]) { + fn fail_payment_along_route(origin_node: &Node, expected_route: &[&Node], skip_last: bool, our_payment_hash: PaymentHash) { assert!(expected_route.last().unwrap().node.fail_htlc_backwards(&our_payment_hash, PaymentFailReason::PreimageUnknown)); check_added_monitors!(expected_route.last().unwrap(), 1); @@ -4263,7 +4276,7 @@ mod tests { let events = origin_node.node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); match events[0] { - Event::PaymentFailed { payment_hash, rejected_by_dest } => { + Event::PaymentFailed { payment_hash, rejected_by_dest, .. } => { assert_eq!(payment_hash, our_payment_hash); assert!(rejected_by_dest); }, @@ -4272,7 +4285,7 @@ mod tests { } } - fn fail_payment(origin_node: &Node, expected_route: &[&Node], our_payment_hash: [u8; 32]) { + fn fail_payment(origin_node: &Node, expected_route: &[&Node], our_payment_hash: PaymentHash) { fail_payment_along_route(origin_node, expected_route, false, our_payment_hash); } @@ -4280,25 +4293,25 @@ mod tests { let mut nodes = Vec::new(); let mut rng = thread_rng(); let secp_ctx = Secp256k1::new(); - let logger: Arc = Arc::new(test_utils::TestLogger::new()); let chan_count = Rc::new(RefCell::new(0)); let payment_count = Rc::new(RefCell::new(0)); - for _ in 0..node_count { + for i in 0..node_count { + let logger: Arc = Arc::new(test_utils::TestLogger::with_id(format!("node {}", i))); let feeest = Arc::new(test_utils::TestFeeEstimator { sat_per_kw: 253 }); let chain_monitor = Arc::new(chaininterface::ChainWatchInterfaceUtil::new(Network::Testnet, Arc::clone(&logger))); let tx_broadcaster = Arc::new(test_utils::TestBroadcaster{txn_broadcasted: Mutex::new(Vec::new())}); let mut seed = [0; 32]; rng.fill_bytes(&mut seed); - let keys_manager = Arc::new(keysinterface::KeysManager::new(&seed, Network::Testnet, Arc::clone(&logger))); + let keys_manager = Arc::new(test_utils::TestKeysInterface::new(&seed, Network::Testnet, Arc::clone(&logger))); let chan_monitor = Arc::new(test_utils::TestChannelMonitor::new(chain_monitor.clone(), tx_broadcaster.clone(), logger.clone())); let mut config = UserConfig::new(); config.channel_options.announced_channel = true; config.channel_limits.force_announced_channel_preference = false; let node = ChannelManager::new(Network::Testnet, feeest.clone(), chan_monitor.clone(), chain_monitor.clone(), tx_broadcaster.clone(), Arc::clone(&logger), keys_manager.clone(), config).unwrap(); let router = Router::new(PublicKey::from_secret_key(&secp_ctx, &keys_manager.get_node_secret()), chain_monitor.clone(), Arc::clone(&logger)); - nodes.push(Node { chain_monitor, tx_broadcaster, chan_monitor, node, router, node_seed: seed, + nodes.push(Node { chain_monitor, tx_broadcaster, chan_monitor, node, router, keys_manager, node_seed: seed, network_payment_count: payment_count.clone(), network_chan_count: chan_count.clone(), }); @@ -5003,15 +5016,30 @@ mod tests { let events = nodes[0].node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); match events[0] { - Event::PaymentFailed { ref payment_hash, ref rejected_by_dest } => { + Event::PaymentFailed { ref payment_hash, ref rejected_by_dest, .. } => { assert_eq!(our_payment_hash, *payment_hash); assert!(!rejected_by_dest); }, _ => panic!("Unexpected event"), } + let msg_events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(msg_events.len(), 2); + let node_0_closing_signed = match msg_events[0] { + MessageSendEvent::SendClosingSigned { ref node_id, ref msg } => { + assert_eq!(*node_id, nodes[1].node.get_our_node_id()); + (*msg).clone() + }, + _ => panic!("Unexpected event"), + }; + match msg_events[1] { + MessageSendEvent::PaymentFailureNetworkUpdate { update: msgs::HTLCFailChannelUpdate::ChannelUpdateMessage { ref msg }} => { + assert_eq!(msg.contents.short_channel_id, chan_1.0.contents.short_channel_id); + }, + _ => panic!("Unexpected event"), + } + assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); - let node_0_closing_signed = get_event_msg!(nodes[0], MessageSendEvent::SendClosingSigned, nodes[1].node.get_our_node_id()); nodes[1].node.handle_closing_signed(&nodes[0].node.get_our_node_id(), &node_0_closing_signed).unwrap(); let (_, node_1_closing_signed) = get_closing_signed_broadcast!(nodes[1].node, nodes[0].node.get_our_node_id()); nodes[0].node.handle_closing_signed(&nodes[1].node.get_our_node_id(), &node_1_closing_signed.unwrap()).unwrap(); @@ -6139,6 +6167,561 @@ mod tests { assert_eq!(nodes[1].node.list_channels().len(), 0); } + #[test] + fn test_htlc_on_chain_success() { + // Test that in case of an unilateral close onchain, we detect the state of output thanks to + // ChainWatchInterface and pass the preimage backward accordingly. So here we test that ChannelManager is + // broadcasting the right event to other nodes in payment path. + // A --------------------> B ----------------------> C (preimage) + // First, C should claim the HTLC output via HTLC-Success when its own latest local + // commitment transaction was broadcast. + // Then, B should learn the preimage from said transactions, attempting to claim backwards + // towards B. + // B should be able to claim via preimage if A then broadcasts its local tx. + // Finally, when A sees B's latest local commitment transaction it should be able to claim + // the HTLC output via the preimage it learned (which, once confirmed should generate a + // PaymentSent event). + + let nodes = create_network(3); + + // Create some initial channels + let chan_1 = create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + // Rebalance the network a bit by relaying one payment through all the channels... + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + + let (our_payment_preimage, _payment_hash) = route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2]), 3000000); + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; + + // Broadcast legit commitment tx from C on B's chain + // Broadcast HTLC Success transation by C on received output from C's commitment tx on B's chain + let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + assert_eq!(commitment_tx.len(), 1); + check_spends!(commitment_tx[0], chan_2.3.clone()); + nodes[2].node.claim_funds(our_payment_preimage); + check_added_monitors!(nodes[2], 1); + let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fail_htlcs.is_empty()); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + assert_eq!(updates.update_fulfill_htlcs.len(), 1); + + nodes[2].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1); + let events = nodes[2].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + let node_txn = nodes[2].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 1 (commitment tx), ChannelMonitor : 2 (2 * HTLC-Success tx) + assert_eq!(node_txn.len(), 3); + assert_eq!(node_txn[1], commitment_tx[0]); + assert_eq!(node_txn[0], node_txn[2]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].input[0].witness.clone().last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert!(node_txn[0].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + assert_eq!(node_txn[0].lock_time, 0); + + // Verify that B's ChannelManager is able to extract preimage from HTLC Success tx and pass it backward + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: node_txn}, 1); + let events = nodes[1].node.get_and_clear_pending_msg_events(); + { + let mut added_monitors = nodes[1].chan_monitor.added_monitors.lock().unwrap(); + assert_eq!(added_monitors.len(), 1); + assert_eq!(added_monitors[0].0.txid, chan_1.3.txid()); + added_monitors.clear(); + } + assert_eq!(events.len(), 2); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + match events[1] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert!(update_fail_htlcs.is_empty()); + assert_eq!(update_fulfill_htlcs.len(), 1); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[0].node.get_our_node_id(), *node_id); + }, + _ => panic!("Unexpected event"), + }; + { + // nodes[1] now broadcasts its own local state as a fallback, suggesting an alternate + // commitment transaction with a corresponding HTLC-Timeout transaction, as well as a + // timeout-claim of the output that nodes[2] just claimed via success. + let mut node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap(); // ChannelManager : 2 (commitment tx, HTLC-Timeout tx), ChannelMonitor : 1 (timeout tx) * 2 (block-rescan) + assert_eq!(node_txn.len(), 4); + assert_eq!(node_txn[0], node_txn[3]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].input[0].witness.clone().last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert_ne!(node_txn[0].lock_time, 0); + assert!(node_txn[0].output[0].script_pubkey.is_v0_p2wpkh()); // direct payment + check_spends!(node_txn[1], chan_2.3.clone()); + check_spends!(node_txn[2], node_txn[1].clone()); + assert_eq!(node_txn[1].input[0].witness.clone().last().unwrap().len(), 71); + assert_eq!(node_txn[2].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert!(node_txn[2].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + assert_ne!(node_txn[2].lock_time, 0); + node_txn.clear(); + } + + // Broadcast legit commitment tx from A on B's chain + // Broadcast preimage tx by B on offered output from A commitment tx on A's chain + let commitment_tx = nodes[0].node.channel_state.lock().unwrap().by_id.get(&chan_1.2).unwrap().last_local_commitment_txn.clone(); + check_spends!(commitment_tx[0], chan_1.3.clone()); + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1); + let events = nodes[1].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + let node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 1 (commitment tx), ChannelMonitor : 1 (HTLC-Success) * 2 (block-rescan) + assert_eq!(node_txn.len(), 3); + assert_eq!(node_txn[0], node_txn[2]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert_eq!(node_txn[0].lock_time, 0); + assert!(node_txn[0].output[0].script_pubkey.is_v0_p2wpkh()); // direct payment + check_spends!(node_txn[1], chan_1.3.clone()); + assert_eq!(node_txn[1].input[0].witness.clone().last().unwrap().len(), 71); + // We don't bother to check that B can claim the HTLC output on its commitment tx here as + // we already checked the same situation with A. + + // Verify that A's ChannelManager is able to extract preimage from preimage tx and generate PaymentSent + nodes[0].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone(), node_txn[0].clone()] }, 1); + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + let events = nodes[0].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 1); + match events[0] { + Event::PaymentSent { payment_preimage } => { + assert_eq!(payment_preimage, our_payment_preimage); + }, + _ => panic!("Unexpected event"), + } + let node_txn = nodes[0].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 2 (commitment tx, HTLC-Timeout tx), ChannelMonitor : 1 (HTLC-Timeout tx) * 2 (block-rescan) + assert_eq!(node_txn.len(), 4); + assert_eq!(node_txn[0], node_txn[3]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert_ne!(node_txn[0].lock_time, 0); + assert!(node_txn[0].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + check_spends!(node_txn[1], chan_1.3.clone()); + check_spends!(node_txn[2], node_txn[1].clone()); + assert_eq!(node_txn[1].input[0].witness.clone().last().unwrap().len(), 71); + assert_eq!(node_txn[2].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert!(node_txn[2].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + assert_ne!(node_txn[2].lock_time, 0); + } + + #[test] + fn test_htlc_on_chain_timeout() { + // Test that in case of an unilateral close onchain, we detect the state of output thanks to + // ChainWatchInterface and timeout the HTLC bacward accordingly. So here we test that ChannelManager is + // broadcasting the right event to other nodes in payment path. + // A ------------------> B ----------------------> C (timeout) + // B's commitment tx C's commitment tx + // \ \ + // B's HTLC timeout tx B's timeout tx + + let nodes = create_network(3); + + // Create some intial channels + let chan_1 = create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + // Rebalance the network a bit by relaying one payment thorugh all the channels... + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + + let (_payment_preimage, payment_hash) = route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2]), 3000000); + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; + + // Brodacast legit commitment tx from C on B's chain + let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + check_spends!(commitment_tx[0], chan_2.3.clone()); + nodes[2].node.fail_htlc_backwards(&payment_hash, PaymentFailReason::PreimageUnknown); + { + let mut added_monitors = nodes[2].chan_monitor.added_monitors.lock().unwrap(); + assert_eq!(added_monitors.len(), 1); + added_monitors.clear(); + } + let events = nodes[2].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fulfill_htlcs, ref update_fail_htlcs, ref update_fail_malformed_htlcs, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert!(!update_fail_htlcs.is_empty()); + assert!(update_fulfill_htlcs.is_empty()); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[1].node.get_our_node_id(), *node_id); + }, + _ => panic!("Unexpected event"), + }; + nodes[2].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1); + let events = nodes[2].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {}, + _ => panic!("Unexpected event"), + } + let node_txn = nodes[2].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 1 (commitment tx) + assert_eq!(node_txn.len(), 1); + check_spends!(node_txn[0], chan_2.3.clone()); + assert_eq!(node_txn[0].input[0].witness.last().unwrap().len(), 71); + + // Broadcast timeout transaction by B on received output fron C's commitment tx on B's chain + // Verify that B's ChannelManager is able to detect that HTLC is timeout by its own tx and react backward in consequence + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 200); + let timeout_tx; + { + let mut node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap(); + assert_eq!(node_txn.len(), 8); // ChannelManager : 2 (commitment tx, HTLC-Timeout tx), ChannelMonitor : 6 (HTLC-Timeout tx, commitment tx, timeout tx) * 2 (block-rescan) + assert_eq!(node_txn[0], node_txn[5]); + assert_eq!(node_txn[1], node_txn[6]); + assert_eq!(node_txn[2], node_txn[7]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].clone().input[0].witness.last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + check_spends!(node_txn[1], chan_2.3.clone()); + check_spends!(node_txn[2], node_txn[1].clone()); + assert_eq!(node_txn[1].clone().input[0].witness.last().unwrap().len(), 71); + assert_eq!(node_txn[2].clone().input[0].witness.last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + check_spends!(node_txn[3], chan_2.3.clone()); + check_spends!(node_txn[4], node_txn[3].clone()); + assert_eq!(node_txn[3].input[0].witness.clone().last().unwrap().len(), 71); + assert_eq!(node_txn[4].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + timeout_tx = node_txn[0].clone(); + node_txn.clear(); + } + + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![timeout_tx]}, 1); + let events = nodes[1].node.get_and_clear_pending_msg_events(); + check_added_monitors!(nodes[1], 1); + assert_eq!(events.len(), 2); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {}, + _ => panic!("Unexpected event"), + } + match events[1] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert!(!update_fail_htlcs.is_empty()); + assert!(update_fulfill_htlcs.is_empty()); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[0].node.get_our_node_id(), *node_id); + }, + _ => panic!("Unexpected event"), + }; + let node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // Well... here we detect our own htlc_timeout_tx so no tx to be generated + assert_eq!(node_txn.len(), 0); + + // Broadcast legit commitment tx from B on A's chain + let commitment_tx = nodes[1].node.channel_state.lock().unwrap().by_id.get(&chan_1.2).unwrap().last_local_commitment_txn.clone(); + check_spends!(commitment_tx[0], chan_1.3.clone()); + + nodes[0].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 200); + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {}, + _ => panic!("Unexpected event"), + } + let node_txn = nodes[0].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 2 (commitment tx, HTLC-Timeout tx), ChannelMonitor : 2 (timeout tx) * 2 block-rescan + assert_eq!(node_txn.len(), 4); + assert_eq!(node_txn[0], node_txn[3]); + check_spends!(node_txn[0], commitment_tx[0].clone()); + assert_eq!(node_txn[0].clone().input[0].witness.last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + check_spends!(node_txn[1], chan_1.3.clone()); + check_spends!(node_txn[2], node_txn[1].clone()); + assert_eq!(node_txn[1].clone().input[0].witness.last().unwrap().len(), 71); + assert_eq!(node_txn[2].clone().input[0].witness.last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + } + + #[test] + fn test_simple_commitment_revoked_fail_backward() { + // Test that in case of a revoked commitment tx, we detect the resolution of output by justice tx + // and fail backward accordingly. + + let nodes = create_network(3); + + // Create some initial channels + create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + let (payment_preimage, _payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + // Get the will-be-revoked local txn from nodes[2] + let revoked_local_txn = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + // Revoke the old state + claim_payment(&nodes[0], &[&nodes[1], &nodes[2]], payment_preimage); + + route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![revoked_local_txn[0].clone()] }, 1); + let events = nodes[1].node.get_and_clear_pending_msg_events(); + check_added_monitors!(nodes[1], 1); + assert_eq!(events.len(), 2); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {}, + _ => panic!("Unexpected event"), + } + match events[1] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, ref commitment_signed, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert_eq!(update_fail_htlcs.len(), 1); + assert!(update_fulfill_htlcs.is_empty()); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[0].node.get_our_node_id(), *node_id); + + nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &update_fail_htlcs[0]).unwrap(); + commitment_signed_dance!(nodes[0], nodes[1], commitment_signed, false, true); + + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::PaymentFailureNetworkUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + let events = nodes[0].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 1); + match events[0] { + Event::PaymentFailed { .. } => {}, + _ => panic!("Unexpected event"), + } + }, + _ => panic!("Unexpected event"), + } + } + + fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool) { + // Test that if our counterparty broadcasts a revoked commitment transaction we fail all + // pending HTLCs on that channel backwards even if the HTLCs aren't present in our latest + // commitment transaction anymore. + // To do this, we have the peer which will broadcast a revoked commitment transaction send + // a number of update_fail/commitment_signed updates without ever sending the RAA in + // response to our commitment_signed. This is somewhat misbehavior-y, though not + // technically disallowed and we should probably handle it reasonably. + // Note that this is pretty exhaustive as an outbound HTLC which we haven't yet + // failed/fulfilled backwards must be in at least one of the latest two remote commitment + // transactions: + // * Once we move it out of our holding cell/add it, we will immediately include it in a + // commitment_signed (implying it will be in the latest remote commitment transaction). + // * Once they remove it, we will send a (the first) commitment_signed without the HTLC, + // and once they revoke the previous commitment transaction (allowing us to send a new + // commitment_signed) we will be free to fail/fulfill the HTLC backwards. + let mut nodes = create_network(3); + + // Create some initial channels + create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + let (payment_preimage, _payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + // Get the will-be-revoked local txn from nodes[2] + let revoked_local_txn = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + // Revoke the old state + claim_payment(&nodes[0], &[&nodes[1], &nodes[2]], payment_preimage); + + let (_, first_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + let (_, second_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + let (_, third_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 3000000); + + assert!(nodes[2].node.fail_htlc_backwards(&first_payment_hash, PaymentFailReason::PreimageUnknown)); + check_added_monitors!(nodes[2], 1); + let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fulfill_htlcs.is_empty()); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + assert_eq!(updates.update_fail_htlcs.len(), 1); + assert!(updates.update_fee.is_none()); + nodes[1].node.handle_update_fail_htlc(&nodes[2].node.get_our_node_id(), &updates.update_fail_htlcs[0]).unwrap(); + let bs_raa = commitment_signed_dance!(nodes[1], nodes[2], updates.commitment_signed, false, true, false, true); + // Drop the last RAA from 3 -> 2 + + assert!(nodes[2].node.fail_htlc_backwards(&second_payment_hash, PaymentFailReason::PreimageUnknown)); + check_added_monitors!(nodes[2], 1); + let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fulfill_htlcs.is_empty()); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + assert_eq!(updates.update_fail_htlcs.len(), 1); + assert!(updates.update_fee.is_none()); + nodes[1].node.handle_update_fail_htlc(&nodes[2].node.get_our_node_id(), &updates.update_fail_htlcs[0]).unwrap(); + nodes[1].node.handle_commitment_signed(&nodes[2].node.get_our_node_id(), &updates.commitment_signed).unwrap(); + check_added_monitors!(nodes[1], 1); + // Note that nodes[1] is in AwaitingRAA, so won't send a CS + let as_raa = get_event_msg!(nodes[1], MessageSendEvent::SendRevokeAndACK, nodes[2].node.get_our_node_id()); + nodes[2].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &as_raa).unwrap(); + check_added_monitors!(nodes[2], 1); + + assert!(nodes[2].node.fail_htlc_backwards(&third_payment_hash, PaymentFailReason::PreimageUnknown)); + check_added_monitors!(nodes[2], 1); + let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fulfill_htlcs.is_empty()); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + assert_eq!(updates.update_fail_htlcs.len(), 1); + assert!(updates.update_fee.is_none()); + nodes[1].node.handle_update_fail_htlc(&nodes[2].node.get_our_node_id(), &updates.update_fail_htlcs[0]).unwrap(); + // At this point first_payment_hash has dropped out of the latest two commitment + // transactions that nodes[1] is tracking... + nodes[1].node.handle_commitment_signed(&nodes[2].node.get_our_node_id(), &updates.commitment_signed).unwrap(); + check_added_monitors!(nodes[1], 1); + // Note that nodes[1] is (still) in AwaitingRAA, so won't send a CS + let as_raa = get_event_msg!(nodes[1], MessageSendEvent::SendRevokeAndACK, nodes[2].node.get_our_node_id()); + nodes[2].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &as_raa).unwrap(); + check_added_monitors!(nodes[2], 1); + + // Add a fourth HTLC, this one will get sequestered away in nodes[1]'s holding cell waiting + // on nodes[2]'s RAA. + let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); + let (_, fourth_payment_hash) = get_payment_preimage_hash!(nodes[0]); + nodes[1].node.send_payment(route, fourth_payment_hash).unwrap(); + assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); + assert!(nodes[1].node.get_and_clear_pending_events().is_empty()); + check_added_monitors!(nodes[1], 0); + + if deliver_bs_raa { + nodes[1].node.handle_revoke_and_ack(&nodes[2].node.get_our_node_id(), &bs_raa).unwrap(); + // One monitor for the new revocation preimage, one as we generate a commitment for + // nodes[0] to fail first_payment_hash backwards. + check_added_monitors!(nodes[1], 2); + } + + let mut failed_htlcs = HashSet::new(); + assert!(nodes[1].node.get_and_clear_pending_events().is_empty()); + + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![revoked_local_txn[0].clone()] }, 1); + + let events = nodes[1].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 1); + match events[0] { + Event::PaymentFailed { ref payment_hash, .. } => { + assert_eq!(*payment_hash, fourth_payment_hash); + }, + _ => panic!("Unexpected event"), + } + + if !deliver_bs_raa { + // If we delivered the RAA already then we already failed first_payment_hash backwards. + check_added_monitors!(nodes[1], 1); + } + + let events = nodes[1].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), if deliver_bs_raa { 3 } else { 2 }); + match events[if deliver_bs_raa { 2 } else { 0 }] { + MessageSendEvent::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {}, + _ => panic!("Unexpected event"), + } + if deliver_bs_raa { + match events[0] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, .. } } => { + assert_eq!(nodes[2].node.get_our_node_id(), *node_id); + assert_eq!(update_add_htlcs.len(), 1); + assert!(update_fulfill_htlcs.is_empty()); + assert!(update_fail_htlcs.is_empty()); + assert!(update_fail_malformed_htlcs.is_empty()); + }, + _ => panic!("Unexpected event"), + } + } + // Due to the way backwards-failing occurs we do the updates in two steps. + let updates = match events[1] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, ref commitment_signed, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert_eq!(update_fail_htlcs.len(), 1); + assert!(update_fulfill_htlcs.is_empty()); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[0].node.get_our_node_id(), *node_id); + + nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &update_fail_htlcs[0]).unwrap(); + nodes[0].node.handle_commitment_signed(&nodes[1].node.get_our_node_id(), commitment_signed).unwrap(); + check_added_monitors!(nodes[0], 1); + let (as_revoke_and_ack, as_commitment_signed) = get_revoke_commit_msgs!(nodes[0], nodes[1].node.get_our_node_id()); + nodes[1].node.handle_revoke_and_ack(&nodes[0].node.get_our_node_id(), &as_revoke_and_ack).unwrap(); + check_added_monitors!(nodes[1], 1); + let bs_second_update = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); + nodes[1].node.handle_commitment_signed(&nodes[0].node.get_our_node_id(), &as_commitment_signed).unwrap(); + check_added_monitors!(nodes[1], 1); + let bs_revoke_and_ack = get_event_msg!(nodes[1], MessageSendEvent::SendRevokeAndACK, nodes[0].node.get_our_node_id()); + nodes[0].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &bs_revoke_and_ack).unwrap(); + check_added_monitors!(nodes[0], 1); + + if !deliver_bs_raa { + // If we delievered B's RAA we got an unknown preimage error, not something + // that we should update our routing table for. + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::PaymentFailureNetworkUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + } + let events = nodes[0].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 1); + match events[0] { + Event::PaymentFailed { ref payment_hash, .. } => { + assert!(failed_htlcs.insert(payment_hash.0)); + }, + _ => panic!("Unexpected event"), + } + + bs_second_update + }, + _ => panic!("Unexpected event"), + }; + + assert!(updates.update_add_htlcs.is_empty()); + assert_eq!(updates.update_fail_htlcs.len(), 2); + assert!(updates.update_fulfill_htlcs.is_empty()); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fail_htlcs[0]).unwrap(); + nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fail_htlcs[1]).unwrap(); + commitment_signed_dance!(nodes[0], nodes[1], updates.commitment_signed, false, true); + + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 2); + for event in events { + match event { + MessageSendEvent::PaymentFailureNetworkUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + } + + let events = nodes[0].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 2); + match events[0] { + Event::PaymentFailed { ref payment_hash, .. } => { + assert!(failed_htlcs.insert(payment_hash.0)); + }, + _ => panic!("Unexpected event"), + } + match events[1] { + Event::PaymentFailed { ref payment_hash, .. } => { + assert!(failed_htlcs.insert(payment_hash.0)); + }, + _ => panic!("Unexpected event"), + } + + assert!(failed_htlcs.contains(&first_payment_hash.0)); + assert!(failed_htlcs.contains(&second_payment_hash.0)); + assert!(failed_htlcs.contains(&third_payment_hash.0)); + } + + #[test] + fn test_commitment_revoked_fail_backward_exhaustive() { + do_test_commitment_revoked_fail_backward_exhaustive(false); + do_test_commitment_revoked_fail_backward_exhaustive(true); + } + #[test] fn test_htlc_ignore_latest_remote_commitment() { // Test that HTLC transactions spending the latest remote commitment transaction are simply @@ -6600,7 +7183,7 @@ mod tests { _ => panic!("Unexpected event"), } match events[1] { - Event::PaymentFailed { payment_hash, rejected_by_dest } => { + Event::PaymentFailed { payment_hash, rejected_by_dest, .. } => { assert_eq!(payment_hash, payment_hash_5); assert!(rejected_by_dest); }, @@ -7564,7 +8147,7 @@ mod tests { // Tests handling of a monitor update failure when processing an incoming RAA let mut nodes = create_network(3); create_announced_chan_between_nodes(&nodes, 0, 1); - create_announced_chan_between_nodes(&nodes, 1, 2); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); // Rebalance a bit so that we can send backwards from 2 to 1. send_payment(&nodes[0], &[&nodes[1], &nodes[2]], 5000000); @@ -7645,11 +8228,21 @@ mod tests { assert!(updates.update_fee.is_none()); nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fail_htlcs[0]).unwrap(); - commitment_signed_dance!(nodes[0], nodes[1], updates.commitment_signed, false); + commitment_signed_dance!(nodes[0], nodes[1], updates.commitment_signed, false, true); + + let msg_events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(msg_events.len(), 1); + match msg_events[0] { + MessageSendEvent::PaymentFailureNetworkUpdate { update: msgs::HTLCFailChannelUpdate::ChannelUpdateMessage { ref msg }} => { + assert_eq!(msg.contents.short_channel_id, chan_2.0.contents.short_channel_id); + assert_eq!(msg.contents.flags & 2, 2); // temp disabled + }, + _ => panic!("Unexpected event"), + } let events = nodes[0].node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); - if let Event::PaymentFailed { payment_hash, rejected_by_dest } = events[0] { + if let Event::PaymentFailed { payment_hash, rejected_by_dest, .. } = events[0] { assert_eq!(payment_hash, payment_hash_3); assert!(!rejected_by_dest); } else { panic!("Unexpected event!"); } @@ -7719,7 +8312,7 @@ mod tests { commitment_signed_dance!(nodes[0], nodes[1], messages_a.1, false); let events_4 = nodes[0].node.get_and_clear_pending_events(); assert_eq!(events_4.len(), 1); - if let Event::PaymentFailed { payment_hash, rejected_by_dest } = events_4[0] { + if let Event::PaymentFailed { payment_hash, rejected_by_dest, .. } = events_4[0] { assert_eq!(payment_hash, payment_hash_1); assert!(rejected_by_dest); } else { panic!("Unexpected event!"); } @@ -8555,6 +9148,226 @@ mod tests { check_spends!(spend_txn[4], node_txn[3].clone()); // spending justice tx output on htlc success tx } + #[test] + fn test_onchain_to_onchain_claim() { + // Test that in case of channel closure, we detect the state of output thanks to + // ChainWatchInterface and claim HTLC on downstream peer's remote commitment tx. + // First, have C claim an HTLC against its own latest commitment transaction. + // Then, broadcast these to B, which should update the monitor downstream on the A<->B + // channel. + // Finally, check that B will claim the HTLC output if A's latest commitment transaction + // gets broadcast. + + let nodes = create_network(3); + + // Create some initial channels + let chan_1 = create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + // Rebalance the network a bit by relaying one payment through all the channels ... + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000); + + let (payment_preimage, _payment_hash) = route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2]), 3000000); + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; + let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + check_spends!(commitment_tx[0], chan_2.3.clone()); + nodes[2].node.claim_funds(payment_preimage); + check_added_monitors!(nodes[2], 1); + let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fail_htlcs.is_empty()); + assert_eq!(updates.update_fulfill_htlcs.len(), 1); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + + nodes[2].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1); + let events = nodes[2].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + + let c_txn = nodes[2].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); // ChannelManager : 2 (commitment tx, HTLC-Success tx), ChannelMonitor : 1 (HTLC-Success tx) + assert_eq!(c_txn.len(), 3); + assert_eq!(c_txn[0], c_txn[2]); + assert_eq!(commitment_tx[0], c_txn[1]); + check_spends!(c_txn[1], chan_2.3.clone()); + check_spends!(c_txn[2], c_txn[1].clone()); + assert_eq!(c_txn[1].input[0].witness.clone().last().unwrap().len(), 71); + assert_eq!(c_txn[2].input[0].witness.clone().last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert!(c_txn[0].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + assert_eq!(c_txn[0].lock_time, 0); // Success tx + + // So we broadcast C's commitment tx and HTLC-Success on B's chain, we should successfully be able to extract preimage and update downstream monitor + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![c_txn[1].clone(), c_txn[2].clone()]}, 1); + { + let mut b_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap(); + assert_eq!(b_txn.len(), 4); + assert_eq!(b_txn[0], b_txn[3]); + check_spends!(b_txn[1], chan_2.3); // B local commitment tx, issued by ChannelManager + check_spends!(b_txn[2], b_txn[1].clone()); // HTLC-Timeout on B local commitment tx, issued by ChannelManager + assert_eq!(b_txn[2].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert!(b_txn[2].output[0].script_pubkey.is_v0_p2wsh()); // revokeable output + assert_ne!(b_txn[2].lock_time, 0); // Timeout tx + check_spends!(b_txn[0], c_txn[1].clone()); // timeout tx on C remote commitment tx, issued by ChannelMonitor, * 2 due to block rescan + assert_eq!(b_txn[0].input[0].witness.clone().last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert!(b_txn[0].output[0].script_pubkey.is_v0_p2wpkh()); // direct payment + assert_ne!(b_txn[2].lock_time, 0); // Timeout tx + b_txn.clear(); + } + let msg_events = nodes[1].node.get_and_clear_pending_msg_events(); + check_added_monitors!(nodes[1], 1); + match msg_events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + match msg_events[1] { + MessageSendEvent::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fulfill_htlcs, ref update_fail_htlcs, ref update_fail_malformed_htlcs, .. } } => { + assert!(update_add_htlcs.is_empty()); + assert!(update_fail_htlcs.is_empty()); + assert_eq!(update_fulfill_htlcs.len(), 1); + assert!(update_fail_malformed_htlcs.is_empty()); + assert_eq!(nodes[0].node.get_our_node_id(), *node_id); + }, + _ => panic!("Unexpected event"), + }; + // Broadcast A's commitment tx on B's chain to see if we are able to claim inbound HTLC with our HTLC-Success tx + let commitment_tx = nodes[0].node.channel_state.lock().unwrap().by_id.get(&chan_1.2).unwrap().last_local_commitment_txn.clone(); + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1); + let b_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap(); + assert_eq!(b_txn.len(), 3); + check_spends!(b_txn[1], chan_1.3); // Local commitment tx, issued by ChannelManager + assert_eq!(b_txn[0], b_txn[2]); // HTLC-Success tx, issued by ChannelMonitor, * 2 due to block rescan + check_spends!(b_txn[0], commitment_tx[0].clone()); + assert_eq!(b_txn[0].input[0].witness.clone().last().unwrap().len(), OFFERED_HTLC_SCRIPT_WEIGHT); + assert!(b_txn[0].output[0].script_pubkey.is_v0_p2wpkh()); // direct payment + assert_eq!(b_txn[2].lock_time, 0); // Success tx + let msg_events = nodes[1].node.get_and_clear_pending_msg_events(); + match msg_events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexpected event"), + } + } + + #[test] + fn test_duplicate_payment_hash_one_failure_one_success() { + // Topology : A --> B --> C + // We route 2 payments with same hash between B and C, one will be timeout, the other successfully claim + let mut nodes = create_network(3); + + create_announced_chan_between_nodes(&nodes, 0, 1); + let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2); + + let (our_payment_preimage, duplicate_payment_hash) = route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 900000); + *nodes[0].network_payment_count.borrow_mut() -= 1; + assert_eq!(route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 900000).1, duplicate_payment_hash); + + let commitment_txn = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone(); + assert_eq!(commitment_txn[0].input.len(), 1); + check_spends!(commitment_txn[0], chan_2.3.clone()); + + let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 }; + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_txn[0].clone()] }, 1); + let htlc_timeout_tx; + { // Extract one of the two HTLC-Timeout transaction + let node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap(); + assert_eq!(node_txn.len(), 7); + assert_eq!(node_txn[0], node_txn[5]); + assert_eq!(node_txn[1], node_txn[6]); + check_spends!(node_txn[0], commitment_txn[0].clone()); + assert_eq!(node_txn[0].input.len(), 1); + check_spends!(node_txn[1], commitment_txn[0].clone()); + assert_eq!(node_txn[1].input.len(), 1); + assert_ne!(node_txn[0].input[0], node_txn[1].input[0]); + check_spends!(node_txn[2], chan_2.3.clone()); + check_spends!(node_txn[3], node_txn[2].clone()); + check_spends!(node_txn[4], node_txn[2].clone()); + htlc_timeout_tx = node_txn[1].clone(); + } + + let events = nodes[1].node.get_and_clear_pending_msg_events(); + match events[0] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexepected event"), + } + + nodes[2].node.claim_funds(our_payment_preimage); + nodes[2].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_txn[0].clone()] }, 1); + check_added_monitors!(nodes[2], 2); + let events = nodes[2].node.get_and_clear_pending_msg_events(); + match events[0] { + MessageSendEvent::UpdateHTLCs { .. } => {}, + _ => panic!("Unexpected event"), + } + match events[1] { + MessageSendEvent::BroadcastChannelUpdate { .. } => {}, + _ => panic!("Unexepected event"), + } + let htlc_success_txn: Vec<_> = nodes[2].tx_broadcaster.txn_broadcasted.lock().unwrap().clone(); + assert_eq!(htlc_success_txn.len(), 5); + check_spends!(htlc_success_txn[2], chan_2.3.clone()); + assert_eq!(htlc_success_txn[0], htlc_success_txn[3]); + assert_eq!(htlc_success_txn[0].input.len(), 1); + assert_eq!(htlc_success_txn[0].input[0].witness.last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert_eq!(htlc_success_txn[1], htlc_success_txn[4]); + assert_eq!(htlc_success_txn[1].input.len(), 1); + assert_eq!(htlc_success_txn[1].input[0].witness.last().unwrap().len(), ACCEPTED_HTLC_SCRIPT_WEIGHT); + assert_ne!(htlc_success_txn[0].input[0], htlc_success_txn[1].input[0]); + check_spends!(htlc_success_txn[0], commitment_txn[0].clone()); + check_spends!(htlc_success_txn[1], commitment_txn[0].clone()); + + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![htlc_timeout_tx] }, 200); + let htlc_updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); + assert!(htlc_updates.update_add_htlcs.is_empty()); + assert_eq!(htlc_updates.update_fail_htlcs.len(), 1); + assert_eq!(htlc_updates.update_fail_htlcs[0].htlc_id, 1); + assert!(htlc_updates.update_fulfill_htlcs.is_empty()); + assert!(htlc_updates.update_fail_malformed_htlcs.is_empty()); + check_added_monitors!(nodes[1], 1); + + nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &htlc_updates.update_fail_htlcs[0]).unwrap(); + assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); + { + commitment_signed_dance!(nodes[0], nodes[1], &htlc_updates.commitment_signed, false, true); + let events = nodes[0].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + match events[0] { + MessageSendEvent::PaymentFailureNetworkUpdate { update: msgs::HTLCFailChannelUpdate::ChannelClosed { .. } } => { + }, + _ => { panic!("Unexpected event"); } + } + } + let events = nodes[0].node.get_and_clear_pending_events(); + match events[0] { + Event::PaymentFailed { ref payment_hash, .. } => { + assert_eq!(*payment_hash, duplicate_payment_hash); + } + _ => panic!("Unexpected event"), + } + + // Solve 2nd HTLC by broadcasting on B's chain HTLC-Success Tx from C + nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![htlc_success_txn[0].clone()] }, 200); + let updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); + assert!(updates.update_add_htlcs.is_empty()); + assert!(updates.update_fail_htlcs.is_empty()); + assert_eq!(updates.update_fulfill_htlcs.len(), 1); + assert_eq!(updates.update_fulfill_htlcs[0].htlc_id, 0); + assert!(updates.update_fail_malformed_htlcs.is_empty()); + check_added_monitors!(nodes[1], 1); + + nodes[0].node.handle_update_fulfill_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fulfill_htlcs[0]).unwrap(); + commitment_signed_dance!(nodes[0], nodes[1], &updates.commitment_signed, false); + + let events = nodes[0].node.get_and_clear_pending_events(); + match events[0] { + Event::PaymentSent { ref payment_preimage } => { + assert_eq!(*payment_preimage, our_payment_preimage); + } + _ => panic!("Unexpected event"), + } + } + #[test] fn test_dynamic_spendable_outputs_local_htlc_success_tx() { let nodes = create_network(2);