Matt Corallo [Tue, 20 Jun 2023 17:14:21 +0000 (17:14 +0000)]
Ensure we build if a downstream crate sets `--cfg=fuzzing`
Downstream crates building fur fuzzing will usually set
`--cfg=fuzzing` as a side-effect of the Rust fuzzing tooling. Thus,
we should ensure we build without failure in such cases.
We do this here by simply relying on the `_test_utils` feature,
rather than conditionally-compiling in modules based on the
`fuzzing` flag.
Make sure the penultimate hop took the amount of fee that they claimed to take.
Without checking this TLV, we're heavily relying on the receiving wallet code
to correctly implement logic to calculate that that the fee is as expected.
Useful for penultimate hops in routes to take an extra fee, if for example they
opened a JIT channel to the payee and want them to help bear the channel open
cost.
Move PendingHTLCStatus construction inside channel lock
We need the channel lock for constructing a pending HTLC's status because we
need to know if the channel accepts underpaying HTLCs in upcoming commits.
Provide a default CoinSelectionSource implementation via a new trait
Certain users may not care how their UTXOs are selected, or their wallet
may not expose enough controls to fully implement the
`CoinSelectionSource` trait. As an alternative, we introduce another
trait `WalletSource` they could opt to implement instead, which is much
simpler as it just returns the set of confirmed UTXOs that may be used.
This trait implementation is then consumed into a wrapper `Wallet` which
implements the `CoinSelectionSource` trait using a "smallest
above-dust-after-spend first" coin selection algorithm.
This allows users to bump their commitments and HTLC transactions
without having to worry about all the little details to do so. Instead,
we'll just require that they implement the `CoinSelectionSource` trait
over their wallet/UTXO source, granting the event handler permission to
spend confirmed UTXOs for the transactions it'll produce.
While the event handler should in most cases produce valid transactions,
assuming the provided confirmed UTXOs are valid, it may not produce
relayable transactions due to not satisfying certain Replace-By-Fee
(RBF) mempool policy requirements. Some of these require that the
replacement transactions have a higher feerate and absolute fee than the
conflicting transactions it aims to replace. To make sure we adhere to
these requirements, we'd have to persist some state for all transactions
the event handler has produced, greatly increasing its complexity. While
we may consider implementing so in the future, we choose to go with a
simple initial version that relies on the OnchainTxHandler's bumping
frequency. For each new bumping attempt, the OnchainTxHandler proposes a
25% feerate increase to ensure transactions can propagate under
constrained mempool circumstances.
Wilmer Paulino [Thu, 11 May 2023 20:49:00 +0000 (13:49 -0700)]
Expose existing PackageID to API and rename to ClaimId
In a future commit, we plan to expand `BumpTransactionEvent` variants to
include the unique identifier assigned to pending output claims by the
`OnchainTxHandler` when a commitment is broadcast/confirmed. This
requires making it public in our API. We also choose to rename it to
`ClaimId` for the benefit of users, as the previous `PackageID` term
could be interpreted to be the ID of a BIP-331 transaction package.
Wilmer Paulino [Thu, 11 May 2023 22:39:13 +0000 (15:39 -0700)]
Change package ID computation for HTLC claims on anchor channels
While the previous way of computing the identifier was safe, it wouldn't
have been in certain scenarios if we considered splitting aggregated
packages. While this type of splitting has yet to be implemented, it may
come in the near future. To ensure we're prepared to handle such, we
opt to instead commit to all of the HTLCs to claim in the request.
Add CandidateRouteHop::Blinded and ::OneHopBlinded variant
It's unclear what values 1-hop blinded paths should set their BlindedPayInfos
to, because those values are meant to refer to the fees/cltv delta on the path
*between* the intro node and the destination. We zero out these values in the
new variant's methods so they don't mess with path finding/construction.
Duncan Dean [Wed, 7 Jun 2023 17:52:21 +0000 (19:52 +0200)]
Create and use methods for counting channels
This commit also adds two new maps to `PeerState` for keeping track
of `OutboundV1Channel`s and `InboundV1Channel`s so that further
commits are a bit easier to review.
Duncan Dean [Tue, 13 Jun 2023 10:34:36 +0000 (12:34 +0200)]
Prepare some methods for upcoming moves to `ChannelContext`
To reduce interleaving in commits, we introduce a `context` variable
in methods to be moved in upcoming commits so there is minimal change
with the moves.
Duncan Dean [Wed, 7 Jun 2023 10:33:41 +0000 (12:33 +0200)]
Move `Channel::get_feerate_sat_per_1000_weight` and other methods
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields to be updated for things to
compile, but these should be quite clear.
This commit also uses the `context` field where needed for compilation
and tests to pass due to the above change.
Duncan Dean [Wed, 7 Jun 2023 10:26:53 +0000 (12:26 +0200)]
Move `Channel::build_holder_transaction_keys` and some other methods
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields need to be updated for things to
compile, but these should be quite clear.
This commit also uses the `context` field where needed for compilation
and tests to pass due to the above change.
Duncan Dean [Wed, 7 Jun 2023 10:20:25 +0000 (12:20 +0200)]
Move `Channel::build_commitment_transaction` to `ChannelContext` impl
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields need to be updated for things to
compile, but these should be quite clear.
This commit also uses the `context` field where needed for compilation
and tests to pass due to the above change.
Duncan Dean [Wed, 7 Jun 2023 10:15:24 +0000 (12:15 +0200)]
Move `Channel::channel_id` and some other methods to `ChannelContext` impl
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields need to be updated for things to
compile, but these should be quite clear.
This commit also uses the `context` field where needed for compilation
and tests to pass due to the above change.
Duncan Dean [Wed, 7 Jun 2023 09:57:35 +0000 (11:57 +0200)]
Move `Channel::get_update_time_counter` and some other methods
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields need to be updated for things to
compile, but these should be quite clear.
This commit also uses these methods through the `context` field where
needed for compilation and tests to pass due to the above change.
Duncan Dean [Wed, 7 Jun 2023 09:29:44 +0000 (11:29 +0200)]
Move `Channel::opt_anchors` to `ChannelContext` impl & move some util fns
This is one of a series of commits to make sure methods are moved by
chunks so they are easily reviewable in diffs. Unfortunately they are
not purely move-only as fields need to be updated for things to
compile, but these should be quite clear.
Duncan Dean [Tue, 7 Mar 2023 19:56:01 +0000 (21:56 +0200)]
Move `Channel` fields into `ChannelContext` struct
This is a first step for simplifying the channel state and introducing
new unfunded channel types that hold similar state before being promoted
to funded channels.
Essentially, we want the outer `Channel` type (and upcoming channel types)
to wrap the context so we can apply typestate patterns to the that wrapper
while also deduplicating code for common state and other internal fields.
Jeffrey Czyz [Wed, 7 Jun 2023 15:55:00 +0000 (10:55 -0500)]
Use different node secrets in onion message fuzzer
When generating onion message fuzz data, the same public key was used
for each node. However, the code now advances the blinded path if the
sender is the introduction node. Use different node secrets for each
node to avoid this. Note that the exercised handling code is for the
sender's immediate peer.
Jeffrey Czyz [Thu, 23 Feb 2023 04:22:42 +0000 (22:22 -0600)]
MessageRouter trait for OnionMessenger
Add a trait for finding routes for onion messages and parameterize
OnionMessenger with it. This allows OnionMessenger to reply to messages
that it handles via one of its handlers (e.g., OffersMessageHandler).
Jeffrey Czyz [Thu, 25 May 2023 20:02:10 +0000 (15:02 -0500)]
Add OnionMessagePath wrapper struct
To avoid confusion in the upcoming MessageRouter trait, introduce an
OnionMessagePath struct that wraps the intermediate nodes and the
destination. Use this in OnionMessenger::send_onion_message.
Jeffrey Czyz [Wed, 15 Feb 2023 22:10:59 +0000 (16:10 -0600)]
OffersMessageHandler trait for OnionMessenger
Add a trait for handling BOLT 12 Offers messages to OnionMessenger and a
skeleton implementation of it for ChannelManager. This allows users to
either provide their own custom handling Offers messages or rely on a
version provided by LDK using stateless verification.
Jeffrey Czyz [Tue, 14 Feb 2023 23:41:18 +0000 (17:41 -0600)]
Onion message payload for BOLT 12 Offers
BOLT 12 Offers makes use of onion messages to request and respond with
invoices. Add these types and an error type to OnionMessageContents
along with the necessary parsing and encoding.
Jeffrey Czyz [Fri, 2 Jun 2023 13:08:59 +0000 (08:08 -0500)]
Pass logger to onion payload decoder
In an upcoming commit, messages for BOLT 12 offers are read from the
onion payload. Passing a logger allows for logging semantic errors when
parsing the messages.
Jeffrey Czyz [Thu, 18 May 2023 22:08:46 +0000 (17:08 -0500)]
Add InvoiceError message
If an InvoiceRequest or an Invoice delivered via an onion message cannot
be handled, the recipient should reply with an InvoiceError if a reply
path was given. Define the message and conversion from SemanticError.
Matt Corallo [Mon, 12 Jun 2023 18:37:17 +0000 (18:37 +0000)]
Fix build on supported platforms due to `log` breakage
The `log` crate decided to break support for rustc 1.48 (Debian
bullseye) the day the next release of Debian comes out, obviously
before anyone has had a chance to upgrade to the new Debian
bookworm (at https://github.com/rust-lang/log/pull/543). Thus, we
have to manually pin it back to the previous release.
Sadly, the `log` crate is a transitive dependency of `tokio` until
0.20, which requires rustc 1.49. Luckily at least we won't have to
deal with this again, as `log` won't be a dependency of ours
anymore soon.
Matt Corallo [Mon, 12 Jun 2023 16:50:45 +0000 (16:50 +0000)]
Stop writing old `user_payment_id` field not read since 0.0.103
Since we're breaking downgrade compatibility to LDK version 0.0.103
and before, we might as well go ahead and remove other code we have
for compatibility.
Matt Corallo [Sat, 10 Jun 2023 19:52:52 +0000 (19:52 +0000)]
Drop `create_inbound_payment*_legacy` breaking downgrade to 0.0.103
0.0.103 is now downright ancient, and certainly shouldn't exist in
production anywhere today. Thus, it seems fine to remove the
ability to create legacy stateful inbound payment entries.
Users downgrading to 0.0.103 will thus not be able to claim any
payments created on modern LDK, though we still retain the ability
to claim such payments at least for one more release.
Alec Chen [Mon, 22 May 2023 20:20:02 +0000 (15:20 -0500)]
Add test for duplicate keysend payment
The logic has been changed around duplicate keysend payments such that
it's no longer explicitly clear that we reject duplicate keysend
payments now that we handle receiving multi-part keysends. This test
catches that. Note that this also tests that we reject MPP keysends when
our config states we should, and that we reject MPP keysends without
payemnt secrets when our config states we support MPP keysends.
This commit refactors a significant portion of the receive validation in
`ChannelManager::process_pending_htlc_forwards` now that we repurpose
previous MPP validation logic to accomodate keysends. This also removes
a previous restriction on claiming, as well as tests sending and
receiving MPP keysends.
Alec Chen [Tue, 2 May 2023 04:05:43 +0000 (23:05 -0500)]
Track MPP data while receiving keysends
This commit adds the field `payment_data: FinalOnionHopData` to
`ReceiveKeysend` which will allow us to check for payment secrets and
total amounts which is needed to support receiving MPP keysends. This
field is non-backwards compatible since we wouldn't be able to handle
an MPP keysend properly if we were to downgrade to a prior version.
We also no longer reject keysends with payment secrets if we support MPP
keysend.
Alec Chen [Mon, 8 May 2023 22:51:19 +0000 (17:51 -0500)]
Help users support sending MPP keysend
When routing a keysend payment, the user may want to signal to the
router whether to find multi-path routes in the
`PaymentParameters::for_keysend` helper, without going through manual
construction. Since some implementations do not support MPP keysend, we
have the user make the choice here rather than making it the default.
Some implementations will reject keysend payments with payment secrets,
so this commit also adds docs to `RecipientOnionFields` to communicate
this to the user.
Jeffrey Czyz [Fri, 2 Jun 2023 19:46:00 +0000 (14:46 -0500)]
Include signature check in BOLT 12 signature test
The BOLT 12 test vectors had inadvertently left out a signature, but it
has since been added. Include a signature check in the corresponding
test for completeness.
Jeffrey Czyz [Fri, 2 Jun 2023 19:36:38 +0000 (14:36 -0500)]
Update BOLT 12 test vectors
The previous test vectors contained recurrences and older TLV types, and
therefore couldn't be parsed. Update the tests with the latest test
vectors from the spec and stop ignoring the tests.
Jeffrey Czyz [Fri, 2 Jun 2023 19:21:35 +0000 (14:21 -0500)]
Remove custom blinded path test vector
These were added to help debug an encoding issue. However, the encoding
code was moved to the blinded_path module. Additionally, the test vector
used an old TLV encoding.
benthecarman [Fri, 2 Jun 2023 19:39:16 +0000 (14:39 -0500)]
Add helper for getting claimable balance
It is annoying to have to match across all the enums of `Balance` to
just pull out the `claimable_amount_satoshis` value. This helper makes
it easier if you just want to amount.
Vladimir Fomene [Wed, 7 Jun 2023 04:48:28 +0000 (07:48 +0300)]
Use PrintableString for displaying errors in PeerManager
We currently just print "with non-ASCII error message"
to log when we see non-ASCII chars, but should instead
use our fancy PrintableString type to display the
untrusted string and ignore control chars.
Matt Corallo [Wed, 17 May 2023 01:33:42 +0000 (01:33 +0000)]
Replace `send_htlc` amount checking with available balances
Now that the `get_available_balances` min/max bounds are exact, we
can stop doing all the explicit checks in `send_htlc` entirely,
instead comparing against the `get_available_balances` bounds and
failing if the amount is out of those bounds.
This breaks support for sending amounts below the dust limit if
there is some amount of dust exposure remaining before we hit our
cap, however we will no longer generate such routes anyway.
Matt Corallo [Wed, 17 May 2023 00:56:22 +0000 (00:56 +0000)]
Ensure a 1:1 mapping of value sendable to send success in fuzzing
Now that the value available to send is expected to match the
success or failure of sending exactly, we should assert this in the
`chanmon_consistency` fuzzer.
In the next commit we'll actually rip the checks out of `send_htlc`
which will make this a somewhat less useful test, however fuzzing
on this specific commit can help to reveal bugs.
Matt Corallo [Tue, 16 May 2023 05:00:01 +0000 (05:00 +0000)]
Consider dust exposure when assembling a route
When calculating the amount available to send for the next HTLC, if
we over-count we may create routes which are not actually usable.
Historically this has been an issue, which we resolve over a few
commits.
Here we consider how much adding one additional (dust) HTLC would
impact our total dust exposure, setting the new next-HTLC-minimum
field to require HTLCs be non-dust if required or set our next-HTLC
maximum if we cannot send a dust HTLC but do have some additional
exposure remaining.
We also add some testing when sending to ensure that send failures
are accounted for in our balance calculations.
Matt Corallo [Tue, 16 May 2023 20:01:08 +0000 (20:01 +0000)]
Add a next-outbound-HTLC minimum field to chan details and use it
In the coming commits, in order to ensure all routes we generate
are usable, we'll start calculating the next-HTLC minimum for our
channels and using it in the router. Here we set this up by adding
an always-0 field for it in `ChannelDetails` and use it when
routing.