Correct `ANCHOR_INPUT_WITNESS_WEIGHT` constant

`ANCHOR_INPUT_WITNESS_WEIGHT` is too high by two weight units,
likely it was calculated to include the SegWit marker bytes, but
it is used to describe an `Input::satisfaction_weight`, which does
not expect the marker bytes.

This corrects that oversight, reducing the constant by two and
adding the marker bytes back in our own internal weight
calculations. It also fixes a second issue where the constant was
too low by one when `grind_signatures` is not set, as that may
result in a signature being one byte longer than we expect.

diff --git a/lightning/src/events/bump_transaction.rs b/lightning/src/events/bump_transaction.rs
index 181e9aa7460b1f51a882c64cf8eac34aa63342c0..3acb2145e5bbe97eb74115d0db53c168a4e80b80 100644 (file)
--- a/lightning/src/events/bump_transaction.rs
+++ b/lightning/src/events/bump_transaction.rs
@@ -670,7 +670,7 @@ where
 
                        let package_fee = total_input_amount -
                                anchor_psbt.unsigned_tx.output.iter().map(|output| output.value).sum();
-                       let package_weight = unsigned_tx_weight + total_satisfaction_weight + commitment_tx.weight().to_wu();
+                       let package_weight = unsigned_tx_weight + 2 /* wit marker */ + total_satisfaction_weight + commitment_tx.weight().to_wu();
                        if package_fee.to_sat() * 1000 / package_weight < package_target_feerate_sat_per_1000_weight.into() {
                                // On the first iteration of the loop, we may undershoot the target feerate because
                                // we had to add an OP_RETURN output in `process_coin_selection` which we didn't
@@ -695,7 +695,7 @@ where
 
                        #[cfg(debug_assertions)] {
                                let signed_tx_weight = anchor_tx.weight().to_wu();
-                               let expected_signed_tx_weight = unsigned_tx_weight + total_satisfaction_weight;
+                               let expected_signed_tx_weight = unsigned_tx_weight + 2 /* wit marker */ + total_satisfaction_weight;
                                // Our estimate should be within a 1% error margin of the actual weight and we should
                                // never underestimate.
                                assert!(expected_signed_tx_weight >= signed_tx_weight &&

diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs
index 7fad1fca0944808bcfbff03101afdc231b40aa9b..d543142e1ab35e2efce52897a900af4905bb23ff 100644 (file)
--- a/lightning/src/ln/chan_utils.rs
+++ b/lightning/src/ln/chan_utils.rs
@@ -68,7 +68,12 @@ pub(crate) const MIN_ACCEPTED_HTLC_SCRIPT_WEIGHT: usize = 136;
 pub const MAX_ACCEPTED_HTLC_SCRIPT_WEIGHT: usize = 143;
 
 /// The upper bound weight of an anchor input.
-pub const ANCHOR_INPUT_WITNESS_WEIGHT: u64 = 116;
+#[cfg(feature = "grind_signatures")]
+pub const ANCHOR_INPUT_WITNESS_WEIGHT: u64 = 114;
+/// The upper bound weight of an anchor input.
+#[cfg(not(feature = "grind_signatures"))]
+pub const ANCHOR_INPUT_WITNESS_WEIGHT: u64 = 115;
+
 /// The upper bound weight of an HTLC timeout input from a commitment transaction with anchor
 /// outputs.
 pub const HTLC_TIMEOUT_INPUT_ANCHOR_WITNESS_WEIGHT: u64 = 288;