Antoine Riard [Thu, 27 Aug 2020 17:24:37 +0000 (13:24 -0400)]
Underscore TxCreationKeys ownership
A TxCreationKeys set represents the key which will be embedded in output
scripts of a party's commitment tx state. Among them there is a always
a key belonging to counter-party, the HTLC pubkey. To dissociate
strongly, prefix keys with broadcaster/countersignatory.
A revocation keypair is attributed to the broadcaster as it's used
to punish a fraudulent broadcast while minding that such keypair
derivation method will be always used by countersignatory as it's
its task to enforce punishement thanks to the release secret.
Antoine Riard [Wed, 26 Aug 2020 19:27:12 +0000 (15:27 -0400)]
Change variable nomenclature for to_self_delay
To avoid reviewers confusion, rename counterparty_to_self_delay
to counteparty_selected_contest_delay, i.e the justice delay announced
by a channel counterparty restraining our transactions, and to_self_delay
to locally_selected_contest_delay, i.e the justice delay announced by us
restraining counterparty's transactions
We deviate from wider nomenclature by prefixing local data with a
locally_ extension due to the leak of this value in transactions/scripts
builder, where the confusion may happen.
Rename further AcceptChannelData to the new nomenclature.
Antoine Riard [Tue, 9 Jun 2020 00:47:55 +0000 (20:47 -0400)]
Change variable nomenclature for Channel fields
Previously most of variable fields relative to data belonging to
our node or counterparty were labeled "local"/"remote". It has been
deemed confusing with regards to transaction construction which is
always done from a "local" viewpoint, even if owner is our counterparty
Antoine Riard [Fri, 29 May 2020 00:32:46 +0000 (20:32 -0400)]
Change variable nomenclature in chan_utils
Variables should be named according to the script semantic which is
an invariant with regards to generating a local or remote commitment
transaction.
I.e a broadcaster_htlc_key will always guard a HTLC to the party able
to broadcast the computed transactions whereas countersignatory_htlc_key
will guard HTLC to a countersignatory of the commitment transaction.
Matt Corallo [Tue, 12 May 2020 18:49:29 +0000 (14:49 -0400)]
Add tool to read a Rust crate and generate C-compatible wrappers
In general, it maps:
* Traits to a struct with a void* and a list of function pointers,
emulating what the compiler will do for a dyn trait anyway,
* Structs as a struct with a single opaque pointer to the
underlying type and a flag to indicate ownership. While this is
a bit less effecient than just a direct pointer, it neatly lets
us expose in the public interface the concept of ownership by
setting a flag in the generated struct.
* Unit enums as enums with each type copied over and conversion
functions,
* Non-unit enums have each field converted back and forth with a
type flag and a union across all the C-mapped fields.
Matt Corallo [Mon, 24 Aug 2020 18:14:05 +0000 (14:14 -0400)]
Add a C-bindings-compatible read lock type for NetworkGraph
In order to calculate a route, it is likely that users need to take
a read()-lock on NetGraphMsgHandler::network_graph. This is not
possible naively from C bindings, as Rust's native RwLock is not
exposed.
Thus, we provide a simple wrapper around the RwLockReadGuard and
expose simple accessor methods.
Matt Corallo [Thu, 13 Aug 2020 18:45:34 +0000 (14:45 -0400)]
Rename TxCreationKeys::new to not conflict w/ auto-gen'd C bindings
The C bindings automatically create a _new() function for structs
which contain only pub fields which we know how to map. This
conflicts with the actual TxCreationKeys::new() function, so we
simply rename it to capture its nature as a derivation function.
Matt Corallo [Fri, 7 Aug 2020 20:27:26 +0000 (16:27 -0400)]
Give ChannelManagerReadArgs HashMap-of-monitors ownership
Its somewhat awkward that ChannelManagerReadArgs requires a mutable
reference to a HashMap of ChannelMonitors, forcing the callsite to
define a scope for the HashMap which they almost certainly won't use
after deserializing the ChannelManager. Worse, to map the current
version to C bindings, we'd need to also create a HashMap binding,
which is overkill for just this one use.
Instead, we just give the ReadArgs struct ownership of the HashMap
and add a constructor which fills the HashMap for you.
Matt Corallo [Thu, 30 Jul 2020 17:19:11 +0000 (13:19 -0400)]
Use ln OutPoints not bitcoin ones in SpendableOutputDescriptors
Lightning OutPoints only have 16 bits to express the output index
instead of Bitcoin's 32 bits, implying that some outputs are
possibly not expressible as lightning OutPoints. However, such
OutPoints can never be hit within the lightning protocol, and must
be on-chain spam sent by a third party wishing to donate us money.
Still, in order to do so, the third party would need to fill nearly
an entire block with garbage, so this case should be relatively
safe.
A new comment in channelmonitor explains the reasoning a bit
further.
Matt Corallo [Thu, 23 Jul 2020 20:10:29 +0000 (16:10 -0400)]
Use slices to references not slices of concrete objects in pub API
Because the C bindings maps objects into new structs which contain
only a pointer to the underlying (immovable) Rust type, it cannot
create a list of Rust types which are contiguous in memory. Thus,
in order to allow C clients to call certain Rust functions, we have
to use &[&Type] not &[Type]. This commit fixes this issue for the
get_route function.
Matt Corallo [Sun, 31 May 2020 03:22:16 +0000 (23:22 -0400)]
Refer to return types by the trait that they're defined via
Instead of using the explicit type which is being returned, refer
to them as Self::AssociatedType, to make clear to the bindings what
type of thing is being returned.
Matt Corallo [Thu, 11 Jun 2020 19:34:28 +0000 (15:34 -0400)]
Reorder struct definitions so that they are in dependency order.
There are a few cases where the upcoming C bindings don't know how
to handle something which depends on something defined later in the
file. Instead of adding another pass to the C bindings generator,
it is much simpler to just reorder structs.
Add commitment transaction broadcast as a ChannelMonitor event
To do this, we replace get_and_clear_pending_htlcs_updated with
get_and_clear_pending_monitor_events, and which still transmits HTLCUpdates
as before, but now also transmits a new MonitorEvent::CommitmentTxBroadcasted
event when a channel's commitment transaction is broadcasted.
Matt Corallo [Sun, 23 Aug 2020 21:06:33 +0000 (17:06 -0400)]
Simplify + clarify random-bytes-fetching from KeysInterface
Due to a desire to be able to override temporary channel IDs and
onion keys, KeysInterface had two separate fetch-random-32-bytes
interfaces - an onion-key specific version which fetched 2 random
32 byte strings and a temporary-channel-id specific version.
It turns out, we never actually need to override both at once (as
creating a new channel and sending an outbound payment are always
separate top-level calls), so there's no reason to add two
functions to the interface when both really do the same thing.
We wanted to bump to 1.29 to continue to support mrustc bootstrapping, but on 1.29
there's a bug preventing us from compiling the lightning package only, thus parts
of lightning-net-tokio cause a compilation error.
The advantage of bumping the MSRV is an improved borrow checker which should
enable improved code quality, and not having jump through weird hoops sometimes
to get 1.22 working.
Matt Corallo [Mon, 10 Aug 2020 19:00:09 +0000 (15:00 -0400)]
Relicense as dual Apache-2.0 + MIT
This changes the LICENSE file and adds license headers to most files
to relicense under dual Apache-2.0 and MIT. This is helpful in that
we retain the patent grant issued under Apache-2.0-licensed work,
avoiding some sticky patent issues, while still allowing users who
are more comfortable with the simpler MIT license to use that.
See https://github.com/rust-bitcoin/rust-lightning/issues/659 for
relicensing statements from code authors.
Matt Corallo [Mon, 3 Aug 2020 20:48:58 +0000 (16:48 -0400)]
Set codecov upload token
Docs seem to indicate this should only be required for private
repos, but we have builds failing claiming this needs to be
specified, so just set it manually.
ChannelKeys - separate commitment revocation from getting the per-commitment point
The commitment secret is sensitive - it can be used by an attacker to
steal funds if the node also signs the same transaction. Therefore,
only release the secret from ChannelKeys when we are revoking a
transaction.
For making debugging easy.
If the user gives a different node_secret for transport
layer (`PeerManager`) and for routing msg, internal_announcement_signatures
is the first place it causes an error.
By giving a detailed error message, user will be able to
fix the bug quickly.
... for ChannelError and APIMisuseError
Before this commit, When rl returns error, we don't know
The actual parameter which caused the error.
By returning parameterised `String` instead of predefined `&'static str`,
We can give a caller improved error message.
TestLogger now has two additional methods
1. `assert_log_contains` which checks the logged messsage
has how many entry which includes the specified string as a substring.
2. `aasert_log_regex` mostly the same with `assert_log_contains`
but it is more flexible that caller specifies regex which has
to be satisfied instead of just a substring.
For regex, tests now includes `regex` as dev-dependency.
Matt Corallo [Sat, 13 Jun 2020 01:01:32 +0000 (21:01 -0400)]
Use usize for transaction-position-in-block values
We use them largely as indexes into a Vec<Transaction> so there's
little reason for them to be u32s. Instead, use them as usize
everywhere.
We also take this opportunity to add range checks before
short_channel_id calculation, as we could otherwise end up with a
bogus short_channel_id due to an output index out of range.
Matt Corallo [Thu, 11 Jun 2020 19:40:28 +0000 (15:40 -0400)]
Take &NetworkGraph as input in get_route, not a NetGraphMsgHandler
This was just an oversight when route calculation was split up into
parts - it makes no sense for get_route to require that we have a
full route message handler, only a network graph (which can always
be accessed from a NetGraphMsgHandler anyway).
projects / rust-lightning / log