Matt Corallo [Tue, 24 Nov 2020 00:12:31 +0000 (19:12 -0500)]
[fuzz] Allow SendAnnouncementSigs events in chanmon_consistency
Because of the merge between peer reconnection and channel monitor
updating channel restoration code, we now sometimes generate
(somewhat spurious) announcement signatures when restoring channel
monitor updating. This should not result in a fuzzing failure.
Matt Corallo [Mon, 23 Nov 2020 23:22:29 +0000 (18:22 -0500)]
Print the output of all failed fuzz cases in test, not one test.
Our fuzz tests previously only printed the log output of the first
fuzz test case to fail. This commit changes that (with lots of
auto-generated updates) to ensure we print all log outputs.
Matt Corallo [Thu, 19 Nov 2020 21:16:50 +0000 (16:16 -0500)]
[fuzz] fix deadlock in chanmon_consistency due to new reentrancy
60d83efcd9825bed3e9490c7d1479533efd399ec introduced reentrancy when
calling channel_monitor_updated. This commit fixes the
chanmon_consistency fuzzer to no longer deadlock as a result of this
reentrancy.
Matt Corallo [Fri, 20 Nov 2020 20:49:53 +0000 (15:49 -0500)]
Stop failing back HTLCs on temporary monitor udpate failures
Previously, if we get a temporary monitor update failure while
there were HTLCs pending forwarding in the holding cell, we'd clear
them and fail them all backwards. This makes sense if temporary
failures are rare, but in an async environment, temporary monitor
update failures may be the normal case. In such a world, this
results in potentially a lot of spurious HTLC forwarding failures
(which is the topic of #661).
Matt Corallo [Thu, 19 Nov 2020 21:09:56 +0000 (16:09 -0500)]
Free holding cell on monitor-updating-restored when there's no upd
If there is no pending channel update messages when monitor updating
is restored (though there may be an RAA to send), and we're
connected to our peer and not awaiting a remote RAA, we need to
free anything in our holding cell.
Without this, chanmon_fail_consistency was able to find a stuck
condition where we sit on an HTLC failure in our holding cell and
don't ever handle it (at least until we have other actions to take
which empty the holding cell).
Still, this approach sucks - it introduces reentrancy in a
particularly dangerous form:
a) we re-enter user code around monitor updates while being called
from user code around monitor updates, making deadlocks very
likely (in fact, our current tests have a bug here!),
b) the re-entrancy only occurs in a very rare case, making it
likely users will not hit it in testing, only deadlocking in
production.
I'm not entirely sure what the alternative is, however - we could
move to a world where we poll for holding cell events that can be
freed on our 1-minute-timer, but we still have a super rare
reentrancy case, just in timer_chan_freshness_every_min() instead.
Matt Corallo [Fri, 20 Nov 2020 19:29:33 +0000 (14:29 -0500)]
Move channel restoration after monitor update to a two-part macro
The channel restoration code in channel monitor updating and peer
reconnection both do incredibly similar things, and there is
little reason to have them be separate. Sadly because they require
holding a lock with a reference to elements in the lock, its not
practical to make them utility functions, so instead we introduce
a two-step macro here which will eventually be used for both.
Because we still support pre-NLL Rust, the macro has to be in two
parts - one which runs with the channel_state lock, and one which
does not.
Jeffrey Czyz [Fri, 5 Feb 2021 03:20:03 +0000 (19:20 -0800)]
Utility for syncing a set of chain listeners
Add a utility for syncing a set of chain listeners to a common chain
tip. Required to use before creating an SpvClient when the chain
listener used with the client is actually a set of listeners each of
which may have had left off at a different block. This would occur when
the listeners had been persisted individually at different frequencies
(e.g., a ChainMonitor's individual ChannelMonitors).
Jeffrey Czyz [Thu, 4 Feb 2021 01:41:03 +0000 (17:41 -0800)]
Add SpvClient used to poll for the best chain tip
Adds a lightweight client for polling one or more block sources for the
best chain tip. Notifies listeners of blocks connected or disconnected
since the last poll. Useful for keeping a Lightning node in sync with
the chain.
Jeffrey Czyz [Mon, 1 Feb 2021 21:17:20 +0000 (13:17 -0800)]
Add ChainNotifier and define ChainListener trait
Add an interface for being notified of block connected and disconnected
events, along with a notifier for generating such events. Used while
polling block sources for a new tip in order to feed these events into
ChannelManager and ChainMonitor.
Jeffrey Czyz [Mon, 1 Feb 2021 07:43:43 +0000 (23:43 -0800)]
Add ChainPoller implementation of Poll trait
ChainPoller defines a strategy for polling a single BlockSource. It
handles validating chain data returned from the BlockSource. Thus, other
implementations of Poll must be defined in terms of ChainPoller.
Jeffrey Czyz [Mon, 1 Feb 2021 07:42:27 +0000 (23:42 -0800)]
Define a Poll trait as an adaptor on BlockSource
SPV clients need to poll one or more block sources for the best chain
tip and to retrieve related chain data. The Poll trait serves as an
adaptor interface for BlockSource. Implementations may define an
appropriate polling strategy.
Add support for `opt_shutdown_anysegwit` feature #780
* Implemented protocol.
* Made feature optional.
* Verify that the default value is true.
* Verify that on shutdown,
if Channel.supports_shutdown_anysegwit is enabled,
the script can be a witness program.
* Added a test that verifies that a scriptpubkey
for an unreleased segwit version is handled successfully.
* Added a test that verifies that
if node has op_shutdown_anysegwit disabled,
a scriptpubkey with an unreleased segwit version on shutdown
throws an error.
* Added peer InitFeatures to handle_shutdown
* Check if shutdown script is valid when given upfront.
* Added a test to verify that an invalid test results in error.
* Added a test to check that if a segwit script with version 0 is provided,
the updated anysegwit check detects it and returns unsupported.
* An empty script is only allowed when sent as upfront shutdown script,
so make sure that check is only done for accept/open_channel situations.
* Instead of reimplementing a variant of is_witness_script,
just call it and verify that the witness version is not 0.
Matt Corallo [Tue, 16 Feb 2021 21:30:08 +0000 (16:30 -0500)]
Rename ChannelKeys -> Sign and generic it consistently
The `ChannelKeys` object really isn't about keys at all anymore,
its all about signing. At the same time, we rename the type aliases
used in traits from both `ChanKeySigner` and `Keys` to just
`Signer` (or, in contexts where Channel isnt clear, `ChanSigner`).
This will allow the ChannelManager to signal when it has new
updates to persist, and adds a way for ChannelManager persisters
to be notified when they should re-persist the ChannelManager
to disk/backups.
Feature-gate the wait_timeout function because the core
lightning crate shouldn't depend on wallclock time unless
users opt into it.
Matt Corallo [Fri, 19 Feb 2021 17:51:07 +0000 (12:51 -0500)]
[bindings] Correctly use access string in to-Rust container conv
`from_c_conversion_container_new_var` should use var_access when
it wishes to access the variable being converted, not `var_name`,
but in a few cases it did not. Note that this has no impact on the
generated bindings as of this commit.
Matt Corallo [Fri, 19 Feb 2021 18:08:54 +0000 (13:08 -0500)]
Switch from slice to slice-of-refs for spend_spendable_outputs
Sadly, there's just not really a practical way to map a slice of
objects in our current bindings infrastructure - either we take
ownership of the underlying objects and move them into a Vec, or we
need to leave the original objects in place and have a list of
pointers to the Rust objects. Thus, the only practical mapping is
to create a slice of references using the pointers we have.
Matt Corallo [Thu, 11 Feb 2021 16:47:51 +0000 (11:47 -0500)]
[bindings] Handle generic-ized impl blocks by concretizing them
This handles, for example, the `impl<X: Y> for Features<X>` blocks
which are generic across a number of different contexts. We do so
by walking the set of structs which alias Features and then walking
their generic arguments to check that they meet the bounds
specified in the impl block. For each alias which does, we create
a dummy, explicit, `impl XFeatures` block with the same content as
the original and recurse.
Matt Corallo [Thu, 11 Feb 2021 16:39:21 +0000 (11:39 -0500)]
[bindings] Resolve type aliases mapped as opaque types
We already map type aliases which alias private types as opaque,
but we don't resolve them like we would any other opaque type,
preventing conversion printing or type use.
Matt Corallo [Thu, 11 Feb 2021 15:23:41 +0000 (10:23 -0500)]
Drop a useless import and use `Self` in return values in Features
`Result` is in the standard prelude, so no need to ever use it.
Sadly, returning a Features<T> in the `impl Futures {}` block
will confuse our new alias-impl-printing logic, as we end up
running through the normal impl-block-printing logic as if we had
an explicit `impl ConcreteFeatures` block.
Matt Corallo [Sun, 7 Feb 2021 05:58:36 +0000 (00:58 -0500)]
Gen bindings with rustc --pretty=expanded instead of reading files
Instead of walking individual rust files and reading the AST from
those, we instead call
`RUSTC_BOOTSTRAP=1 cargo rustc --profile=check -- -Zunstable-options --pretty=expanded`
and let it create one giant lib.rs which we can parse as a whole.
This allows us to parse a post-macro crate, working with structs
and functions created inside macros just fine. It does require
handling a few things that we didn't previously, most notably Clone
via `impl ::core::clone::Clone` blocks instead of just looking for
`#![derive(Clone)]`.
This ends up resolving a few types slightly differently, resulting
in different bindings, but only in ways which don't impact the
runtime.
Matt Corallo [Sat, 6 Feb 2021 04:26:53 +0000 (23:26 -0500)]
[bindings] Use resolved, not local ident in generic mangling
In traits with associated types which are returned in generics (ie
`trait T { type A: B; fn c() -> Result<Self::A, ()> {} }`), we
created a new generic mapping with the local type name (in this
case A) instead of using the real type (in this case B). This is
confusing as it results in generic manglings that don't reference
the real type (eg `LDKCResult_ChanKeySignerDecodeErrorZ`) and
may have multiple generic definitions that are identical.
Instead, we now use the final ident in the resolved mapping. The
biggest win is `LDKCResult_ChanKeySignerDecodeErrorZ` changing to
`CResult_ChannelKeysDecodeErrorZ`. However, there are several types
where `secp256k1::Error` was imported as `SecpError` and types like
`LDKCResult_SecretKeySecpErrorZ` are now
`LDKCResult_SecretKeyErrorZ` instead. Still, the type of the error
field remains `LDKSecp256k1Error`, which should avoid any confusion.
Matt Corallo [Thu, 4 Feb 2021 00:47:36 +0000 (19:47 -0500)]
Add util fn for creating a Transaction from spendable outputs
This adds a utility method, `KeysManager::spend_spendable_outputs`,
which constructs a Transaction from a given set of
`SpendableOutputDescriptor`s, deriving relevant keys as needed.
It also adds methods which can sign individual inputs where
channel-specific key derivation is required to
`InMemoryChannelKeys`, making it easy to sign transaction inputs
when a custom `KeysInterface` is used with `InMemoryChannelKeys`.
Matt Corallo [Thu, 4 Feb 2021 00:45:23 +0000 (19:45 -0500)]
Drop dup txn in test_dynamic_spendable_outputs_local_htlc_success_tx
Previously, test_dynamic_spendable_outputs_local_htlc_success_tx
called connect_block with two identical transactions, which
resulted in duplicate SpendableOutputs Events back-to-back. This
is a test issue as such a block_connected call represents an
invalid block.
Matt Corallo [Wed, 3 Feb 2021 04:23:25 +0000 (23:23 -0500)]
Drop unused Network argument to KeysManager::new().
KeyManager::new() took a bitcoin::Network parameter which needs to
be passed to the BIP 32 Extended Key constructor, but because we
never write out the BIP 32 serialization, it isn't used. Instead,
we just pass a dummy value into `ExtendedPrivKey`, dropping the
unused argument to KeysManager::new().
Matt Corallo [Wed, 3 Feb 2021 03:47:09 +0000 (22:47 -0500)]
Struct-ify SpendableOutputDescriptor entries relevant to channels
Both SpendableOutputDescriptor::DynamicOutputP2WSH and
SpendableOutputDescriptor::StaticOutputCounterpartyPayment are
relevant only in the context of a given channel, making them
candidates for being passed into helper functions in
`InMemoryChannelKeys`. This moves them into their own structs so
that they can later be used standalone.
Matt Corallo [Wed, 3 Feb 2021 03:45:53 +0000 (22:45 -0500)]
[tests] Correct witness len calc in StaticOutputCounterpartyPayment
We previously counted 35 bytes for a length + public key, but in
reality they are never larger than 34 bytes - 33 for the key and 1
for the push length.
Matt Corallo [Mon, 15 Feb 2021 21:49:02 +0000 (16:49 -0500)]
Add a trivial benchmark of calculating routes on today's graph
Sadly rust upstream never really figured out the benchmark story,
and it looks like the API we use here may not be long for this
world. Luckily, we can switch to criterion with largely the same
API if that happens before upstream finishes ongoing work with the
custom test framework stuff.
Sadly, it requires fetching the current network graph, which I did
using Val's route-testing script written to test the MPP router.
Matt Corallo [Sat, 6 Feb 2021 18:19:40 +0000 (13:19 -0500)]
Expand documentation and fields in SpendableOutputDescriptors
This adds a channel_value_satoshis field to
SpendableOutputDescriptors as it is required to recreate our
InMemoryChannelKeys. It also slightly expands documentation.