Antoine Riard [Tue, 18 Dec 2018 01:47:19 +0000 (20:47 -0500)]
Replace some unknown_next_peer by permanent_channel_failure
Matt Corallo [Mon, 17 Dec 2018 17:11:36 +0000 (12:11 -0500)]
Merge pull request #269 from TheBlueMatt/2018-12-198-review
Detect HTLC-resolving on-chain actions and pass them to ChannelManager
Matt Corallo [Wed, 12 Dec 2018 19:42:09 +0000 (14:42 -0500)]
Add some TODOs for correctness in ChannelMonitor
Matt Corallo [Wed, 12 Dec 2018 20:25:57 +0000 (15:25 -0500)]
Add constant for HTLC failure anti-reorg delay
Matt Corallo [Tue, 11 Dec 2018 02:30:55 +0000 (21:30 -0500)]
Include the node id in ChannelManager test logs
Matt Corallo [Sun, 9 Dec 2018 17:17:27 +0000 (12:17 -0500)]
Add additional log traces in channelmonitor/manager
Antoine Riard [Mon, 3 Dec 2018 02:27:26 +0000 (21:27 -0500)]
Add logging of HTLC outputs resolved by remote peer justice tx
In case of broadcast of revoked local commitment tx, we may be
interested that we've screwed up
Antoine Riard [Fri, 23 Nov 2018 02:18:16 +0000 (21:18 -0500)]
Typify payment_hash and payment_preimage
Fix variable name as payment_hash instead of txid for index
of remote_hash_commitment_number in ChannelMonitor reader
Matt Corallo [Tue, 11 Dec 2018 03:53:54 +0000 (22:53 -0500)]
Add bigger test for failing HTLCs claimed through revocation
Antoine Riard [Mon, 10 Dec 2018 19:25:31 +0000 (14:25 -0500)]
Add test for failing/fulfilling HTLCs from on-chain actions
Including detection of timeout claims, fulfill claims, and
failing all current HTLCs in case of revoked-commitment broadcast.
Antoine Riard [Wed, 10 Oct 2018 01:30:03 +0000 (01:30 +0000)]
Add const ACCEPTED_HTLC_SCRIPT_WEIGHT and OFFERED_HTLC_SCRIPT_WEIGHT to
ease readability
Conditionnal compilation for weight of second one to handle test special
cltv values
Matt Corallo [Tue, 11 Dec 2018 04:27:47 +0000 (23:27 -0500)]
Generate PaymentFailed events for outbound payments we fail
Matt Corallo [Tue, 11 Dec 2018 03:47:21 +0000 (22:47 -0500)]
Move monitor-generated HTLC event handling to manager event-getters
This is somewhat awkward, but prevents a slew of duplicate events.
Really this should probably be more explicit, but would be easy to
move that along with a slew of block_connected-event-processing
refactors, see-also GH #80.
This affects full_stack_target only on accident cause the demo test
didn't continue onwards with another block connection.
Matt Corallo [Tue, 11 Dec 2018 04:56:34 +0000 (23:56 -0500)]
Fail all pending HTLCs if the remote broadcasts a revoked tx
Antoine Riard [Mon, 10 Dec 2018 19:28:24 +0000 (14:28 -0500)]
Detect onchain timeout of a HTLC in ChannelManager block_connected
Pass failure backward
Antoine Riard [Tue, 11 Dec 2018 04:56:02 +0000 (23:56 -0500)]
Add is_resolving_output in ChannelMonitor
Called in ChannelMonitor block_connected, returning
HTLCUpdate upstream via ManyChannelMonitor to
link htlcs between monitors. Used by ChannelManager to
fulfill/fail htlcs backwards accordingly
If spurrious HTLCUpdate are generated due to block re-scan
and htlc are already LocalRemoved, discard them in
channel get_update_*_htlc
Matt Corallo [Fri, 30 Nov 2018 21:06:28 +0000 (16:06 -0500)]
Return refs from build_commitment_transaction, removing clone()s
Antoine Riard [Fri, 30 Nov 2018 15:58:44 +0000 (10:58 -0500)]
Track HTLCSource in ChannelMonitor
Insert it in current_local_signed_tx, prev_local_signed_tx,
remote_claimable_outpoints. For so get it provided by
Channel calls to provide_latest_{local,remote}_tx
Antoine Riard [Tue, 27 Nov 2018 00:54:00 +0000 (19:54 -0500)]
Track outputs fron local commitment tx
Aims to detect onchain resolution of channel
Modify in consequence test_txn_broadcast to still pass
channel_monitor_network_test
Modify some tests due to block re-scan caused by
detections extensions
Matt Corallo [Tue, 11 Dec 2018 21:40:22 +0000 (16:40 -0500)]
Merge pull request #266 from TheBlueMatt/2018-12-closing_signed-3-leg-commitment
Remove check which makes us sometimes never send closing_signed
Matt Corallo [Tue, 11 Dec 2018 19:55:16 +0000 (14:55 -0500)]
Merge pull request #263 from TheBlueMatt/2018-12-monitor-fail-2
Handle monitor update failures in msg-recv functions
Matt Corallo [Tue, 11 Dec 2018 18:16:38 +0000 (13:16 -0500)]
Expand comment on ChannelMonitorUpdateErr::PermanentFailure a bit
Matt Corallo [Thu, 29 Nov 2018 22:19:53 +0000 (17:19 -0500)]
Add test for monitor update failure on CS/RAA/CR handling
Matt Corallo [Tue, 27 Nov 2018 02:54:14 +0000 (21:54 -0500)]
Handle monitor update failures in msg-recv functions
This adds a few TODOs around further message rebroadcasting which
needs to be implemented as well as some loss of tracking of HTLCs
on permanent channel failure which needs to get transferred over to
the appropriate in-memory ChannelMonitor.
Matt Corallo [Mon, 26 Nov 2018 21:40:15 +0000 (16:40 -0500)]
Swap handle_monitor_update_fail for a macro ala try_chan_entry
This resolves an API bug where send_payment may return a
MonitorUpdateFailed Err both when the payment will not be sent and
when the HTLC will be retried automatically when monitor updating
is restored. This makes it impossible for a client to know when
they should retry a payment and when they should not.
Matt Corallo [Mon, 10 Dec 2018 20:39:37 +0000 (15:39 -0500)]
Merge pull request #268 from TheBlueMatt/2015-12-fuzz-fix-output-idx
Check tx output matches monitor output data (and is sufficient len)
Matt Corallo [Mon, 10 Dec 2018 20:02:50 +0000 (15:02 -0500)]
Check tx output matches monitor output data (and is sufficient len)
Fixes a panic found by fuzzer in case the monitor per-commitment
data is garbage. We had a similar check for revoked commitment tx
but didn't copy it down to non-revoked commitment tx, so do that
now.
Matt Corallo [Tue, 4 Dec 2018 19:01:22 +0000 (14:01 -0500)]
Merge pull request #264 from TheBlueMatt/2018-12-198-first-commit
Refactor KeyStorage as Storage
Matt Corallo [Sun, 2 Dec 2018 19:26:07 +0000 (14:26 -0500)]
Unify the update pattern in provide_latest_local_commitment_tx_info
Matt Corallo [Sun, 2 Dec 2018 19:11:13 +0000 (14:11 -0500)]
Simplify ChannelMonitor Storage updates a bit
Matt Corallo [Sun, 2 Dec 2018 19:04:50 +0000 (14:04 -0500)]
Simplify insert_combine by unimplemented!()ing unimplemented things
Antoine Riard [Tue, 27 Nov 2018 00:50:16 +0000 (19:50 -0500)]
Refactor KeyStorage as Storage
Move PrivMode as Local, SigsMode as Watchtower
Cut funnding_txo from ChannelMonitor, move it inside Local
Rename log_funding_option as log_funding_info
Matt Corallo [Tue, 27 Nov 2018 03:21:28 +0000 (22:21 -0500)]
Remove check which makes us sometimes never send closing_signed
This is the case pointed out by nayuta-gondo at
https://github.com/lightningnetwork/lightning-rfc/issues/499#issuecomment-
438623208
though this doesn't actually solve the issue of ensuring we have a
consistent fee view when we start shutdown processing. There isn't
a clear solution to that however without adding additional state
tracking in Channel.
This also removes an associated test that tests for the correct
behavior (but didn't consider the bug) as we no longer behave
correctly. This should be fine as we'll be removing all the
update_fee garbage with option_simplified_commitment anyway.
Matt Corallo [Mon, 3 Dec 2018 19:38:56 +0000 (14:38 -0500)]
Merge pull request #265 from TheBlueMatt/2018-12-fuzz-fix-no-witness
Fix crash on no-witness tx in ChannelMonitor found by fuzzer
Matt Corallo [Mon, 3 Dec 2018 18:58:11 +0000 (13:58 -0500)]
Avoid writing to stdout during fuzz tests
Matt Corallo [Mon, 3 Dec 2018 18:30:18 +0000 (13:30 -0500)]
Remove unused import in full_stack_target
Matt Corallo [Sun, 2 Dec 2018 23:22:40 +0000 (18:22 -0500)]
Fix crash on no-witness tx in ChannelMonitor found by fuzzer
Tehnically we can't currently hit this, but a theoretical future
watchtower could, and full_stack_target crashes on it.
Matt Corallo [Mon, 3 Dec 2018 18:17:54 +0000 (13:17 -0500)]
Merge pull request #261 from TheBlueMatt/2018-11-reestablish-fix
Fix channel_reestablish generation/handling around next_remote.
Matt Corallo [Mon, 26 Nov 2018 23:31:51 +0000 (18:31 -0500)]
Fix channel_reestablish generation/handling around next_remote.
Matt Corallo [Tue, 27 Nov 2018 03:09:42 +0000 (22:09 -0500)]
Merge pull request #260 from yuntai/201811-sessionkey
Add a method to get session secret for onion packet to KeysInterface
Yuntai Kyong [Mon, 26 Nov 2018 11:10:01 +0000 (20:10 +0900)]
Add a method to get session secret for onion packet to KeysInterface
Matt Corallo [Mon, 26 Nov 2018 15:56:18 +0000 (10:56 -0500)]
Merge pull request #258 from TheBlueMatt/2018-11-close-locked
Simplify + document the ChannelManager Err flow, fix close-outside-lock race, finish ChannelError conversion
Matt Corallo [Fri, 23 Nov 2018 20:21:35 +0000 (15:21 -0500)]
Merge pull request #259 from TheBlueMatt/2018-11-256-redux
Add test_claim_on_remote_revoked_sizeable_push_msat
Antoine Riard [Fri, 23 Nov 2018 00:45:11 +0000 (19:45 -0500)]
Add test_claim_on_remote_revoked_sizeable_push_msat
Antoine Riard [Fri, 23 Nov 2018 00:42:02 +0000 (19:42 -0500)]
Refactor check spendable outputs macros into one
In consequence, harden spendable outputs tests
Fix vocabulary abuse
Matt Corallo [Fri, 23 Nov 2018 03:45:51 +0000 (22:45 -0500)]
Simplify + document the ChannelManager Err flow a bit
This removes all the channel-closure stuff from handle_error!() and
MsgHandleErrInternal, making all the Err handling consistent by
closing the channel before releasing the channel_state lock and
then calling handle_error!() outside of the lock.
Matt Corallo [Fri, 23 Nov 2018 00:38:28 +0000 (19:38 -0500)]
Remove MsgHandleErrInternal::from_chan_maybe_close as it's useless
Technically funding_transaction_generated was fine using it, but
calling force_shutdown on an empty Channel inside the channel_state
lock isn't a big deal and almost any other use of it would be
unsafe.
Matt Corallo [Thu, 22 Nov 2018 23:58:23 +0000 (18:58 -0500)]
Properly handle ChannelError::Close results in update_fee.
Best reviewed with -b
Matt Corallo [Thu, 22 Nov 2018 23:48:28 +0000 (18:48 -0500)]
Properly handle ChannelError::Close results in send_payment.
Best reviewed with -b
Matt Corallo [Mon, 19 Nov 2018 03:01:32 +0000 (22:01 -0500)]
Close channels on Err returns inside the same channel_state lock
If we never accessed channels for a peer outside of a message
handler for that peer then this wouldn't be a problem since message
handlers are required to be serialized per-peer. However, that
isn't the world we live in - we may want to forward payments or we
may get a send_payment call.
Matt Corallo [Thu, 22 Nov 2018 21:17:46 +0000 (16:17 -0500)]
Stop needlessly returning &HTLCSource out of Channel.
This moves a clone() inside Channel from ChannelManager making
references simpler for the coming refactors.
Matt Corallo [Fri, 23 Nov 2018 01:50:13 +0000 (20:50 -0500)]
Remove remaining uses of HandleError in Channel Err return values
This converts block_connected failures to returning the
ErrorMessage that needs to be sent directly, since it always
results in channel closure and never results in needing to call
force_shutdown. It also converts update_add_htlc and closing_signed
handlers to ChannelError as the rest of the message handlers.
Matt Corallo [Fri, 23 Nov 2018 04:44:42 +0000 (23:44 -0500)]
Split channel_reserve_test so we don't rely on unfilled Err actions
Currently channel_reserve_test sends a garbage update_add_htlc
message and then relies on it being silently ignored to continue
using the channel. This shouldn't be the case, so take the easy
way out and split the test in two, at first not delivering the
bogus update_add_htlc and then delivering it, but not running the
rest of the test.
Matt Corallo [Wed, 21 Nov 2018 21:45:17 +0000 (16:45 -0500)]
Merge pull request #257 from TheBlueMatt/2018-11-007-bump
Bump to 0.0.7 for API rev
Matt Corallo [Wed, 21 Nov 2018 21:18:02 +0000 (16:18 -0500)]
Bump to 0.0.7 for API rev
Matt Corallo [Wed, 21 Nov 2018 21:17:01 +0000 (16:17 -0500)]
Merge pull request #246 from TheBlueMatt/2018-11-fuzz-crash-redux
Several fuzz-found bugfixes.
Matt Corallo [Wed, 21 Nov 2018 16:41:42 +0000 (11:41 -0500)]
Merge pull request #255 from TheBlueMatt/2018-11-230-ext
Two post-#230 fixups
Matt Corallo [Tue, 20 Nov 2018 20:09:47 +0000 (15:09 -0500)]
Check P2WPKH script against expected before gen'ing an output event
This fixes a bug in
3518f1f85d8a3daff451b3fe56cc7854b833e2bd where
we may generate an output event for a P2WPKH output which is not
ours if the transaction has a sequence/lock_time combination which
false-positives our remote tx detection.
Also note that the TODO is removed as this should already be
covered without issue if the client properly replays the chain on
restart.
Matt Corallo [Mon, 19 Nov 2018 22:12:17 +0000 (17:12 -0500)]
Provide commitment point to monitor with the remote txn update
This extends
1b33064554ae48c9173acf8bf1e0052d33a855df by
re-simplifying the ChannelMonitor <-> Channel interface a bit as we
never have any use for the latest remote commitment point until we
have knowledge of a remote transaction generated using it.
Matt Corallo [Wed, 21 Nov 2018 00:00:49 +0000 (19:00 -0500)]
Merge pull request #254 from TheBlueMatt/2018-11-channelerror
Move a ton of Channel functions to ChannelError from HandleError
Matt Corallo [Tue, 20 Nov 2018 21:34:40 +0000 (16:34 -0500)]
Fix two compiler warnings introduced in
a51dbb4a4de014238ab67ba507c
Matt Corallo [Tue, 30 Oct 2018 00:38:29 +0000 (20:38 -0400)]
Move a ton of Channel functions to ChannelError from HandleError
This is a big patch, but its all very mechanical, everything here
should be pretty obvious, and it all has to happen at once due to a
few common utility functions all having the same return type.
Note that this exposes a race in channel closure where we may
access a channel via some non-peer-specific mechanism like
forwarding an HTLC or sending a payment during the time between
the channel gave us a Close error and expected us to never call it
again and the time we actually removed it from the channel_state
set outside of the internal_* handler.
Matt Corallo [Thu, 15 Nov 2018 12:47:07 +0000 (07:47 -0500)]
Create simple ChannelMonitor-specific Err type
Matt Corallo [Tue, 20 Nov 2018 21:29:21 +0000 (16:29 -0500)]
Merge pull request #231 from philipr-za/philip-204-check-commitment-transaction-fee
Check funder can afford commitment transaction fee when receiving update_fee
Matt Corallo [Tue, 20 Nov 2018 20:51:27 +0000 (15:51 -0500)]
Merge pull request #230 from ariard/handle_sizeable_push_msat
Handle sizeable push msat (fix #195) + handle two first per_commitment_point + keys interface tests
Antoine Riard [Wed, 7 Nov 2018 00:41:45 +0000 (00:41 +0000)]
Add test_static_output_closing_tx
Antoine Riard [Tue, 6 Nov 2018 03:24:07 +0000 (03:24 +0000)]
Add test_dynamic_spendable_outputs_local_htlc_*
Cover both local HTLC-Timeout/Success case
Antoine Riard [Tue, 6 Nov 2018 03:23:22 +0000 (03:23 +0000)]
Add key_storage selection in ChannelMonitor insert_combine
Based on commitment_number
Antoine Riard [Tue, 6 Nov 2018 00:43:06 +0000 (00:43 +0000)]
Add test_static_spendable_outputs_justice_tx_revoked_htlc*
Cover both HTLC-Timeout/Success cases
Antoine Riard [Mon, 5 Nov 2018 02:17:33 +0000 (02:17 +0000)]
Add test_static_spendable_outputs_justice_tx_revoked_commitment_tx
Antoine Riard [Mon, 5 Nov 2018 01:31:49 +0000 (01:31 +0000)]
Add test_claim_on_remote_sizeable_push_msat
Contrary to sizeable push_msat on local
commitment tx, the output go to a P2WPKH
Antoine Riard [Sat, 17 Nov 2018 01:52:33 +0000 (20:52 -0500)]
Add check_spend_closing_transaction ChannelMonitor
Aims to send back closing output descriptor to user wallet
Antoine Riard [Thu, 1 Nov 2018 03:22:56 +0000 (03:22 +0000)]
Add test_static_spendable_outputs_preimage_tx
Aims to covered both keysinterace preimage tx case and
detection of second remote commitment tx
Split DynamicDescriptor between *P2WSH and *P2WKH
Matt Corallo [Sun, 18 Nov 2018 20:34:13 +0000 (15:34 -0500)]
Ensure fuzz release builds use codegen-units=1 and LTO
Matt Corallo [Sun, 18 Nov 2018 21:15:08 +0000 (16:15 -0500)]
Don't unwrap() get_channel_update result in HTLC router
This fixes a bug in
78232f2aeded08b32fa4ebfeb0b77d80b337518d found
by fuzzer - if the channel isn't yet fully established we will call
get_channel_update(), get an Err result, and then unwrap() it. If
this actually happens it means someone on the network is making up
short_channel_ids and trying to route over them, but that shouldn't
result in us crashing
Matt Corallo [Thu, 8 Nov 2018 00:06:34 +0000 (10:36 +1030)]
Fix pre-noise peer disconnect panic on non-Err disconnect
366e79615b7251771465d6c69c2941ac233674da fixed the same crash for
Errs that come up during handshake, but was incomplete and should
have just dropped the node_id being different based on
inbound/outbound. This patch does so and actually fixes the issue.
Found by fuzzer.
Matt Corallo [Fri, 16 Nov 2018 16:47:50 +0000 (11:47 -0500)]
Merge pull request #253 from TheBlueMatt/2018-11-misc-tweaks
Misc Tweaks
Antoine Riard [Thu, 1 Nov 2018 03:19:37 +0000 (03:19 +0000)]
Split provide_their_next_commitment_point from provide_secret
We needed it to be able to track remote_per_commitment_point
after channel opening and funds locking
Antoine Riard [Wed, 31 Oct 2018 02:51:25 +0000 (02:51 +0000)]
Add test_claim_sizeable_push_msat
Aims to cover both claiming of sizeable_push_msat and
spendable output generation for to_local output
Antoine Riard [Sun, 11 Nov 2018 20:59:03 +0000 (15:59 -0500)]
Add TxOut in DynamicOutput
Antoine Riard [Wed, 31 Oct 2018 02:49:19 +0000 (02:49 +0000)]
Track local_commitment_tx at funding_created
Goal to claim sizeable push_msat and in event of
local commitment tx being broadcast without htlcs
Antoine Riard [Wed, 31 Oct 2018 02:45:50 +0000 (02:45 +0000)]
Implement spendable output to_local output on local commitment tx
Matt Corallo [Thu, 15 Nov 2018 17:37:44 +0000 (06:37 +1300)]
Merge pull request #249 from stevenroose/bitcoin-0.15
Update to rust-bitcoin v0.15
Matt Corallo [Sun, 4 Nov 2018 01:56:54 +0000 (12:56 +1100)]
Panic if funding transaction has non-witness inputs
Matt Corallo [Sun, 4 Nov 2018 08:35:37 +0000 (19:35 +1100)]
Clarify get_update_*_htlc docs and tweak one case slightly
Matt Corallo [Sat, 3 Nov 2018 03:52:44 +0000 (23:52 -0400)]
Expand test_funding_peer_disconnect somewhat by being non-symmetric
I thought I found a bug in one-side-funded-first reconnect, but
seems I can't reproduce it here. Either way worth improving the
test coverage.
Philip Robinson [Tue, 30 Oct 2018 12:31:57 +0000 (14:31 +0200)]
Check affordability of new fee during update_fee call #204
Steven Roose [Sun, 11 Nov 2018 22:40:01 +0000 (22:40 +0000)]
Update to rust-bitcoin v0.15
Matt Corallo [Tue, 13 Nov 2018 22:50:54 +0000 (09:20 +1030)]
Merge pull request #248 from TheBlueMatt/2018-11-monitor-test-split
Split up channel_monitor_network_test a little bit
Matt Corallo [Tue, 13 Nov 2018 20:48:40 +0000 (07:18 +1030)]
Merge pull request #247 from TheBlueMatt/2018-11-202-redux
Handle-initial_routing_sync-requests-from-peers-in-their-Init-messages
Matt Corallo [Fri, 9 Nov 2018 04:31:53 +0000 (15:01 +1030)]
Split up channel_monitor_network_test a little bit
Schalk van Heerden [Tue, 2 Oct 2018 14:02:17 +0000 (16:02 +0200)]
Handle-initial_routing_sync-requests-from-peers-in-their-Init-messages
Antoine Riard [Thu, 8 Nov 2018 02:21:28 +0000 (02:21 +0000)]
Add test justice tx on revoked htlc_success
Extend channel_monitor_network_test to cover
all check_spend_remote_htlc cases
Matt Corallo [Mon, 5 Nov 2018 21:14:34 +0000 (16:14 -0500)]
Merge pull request #242 from yuntai/201811-malformed
Fail channel when BADONION is not set
Yuntai Kyong [Mon, 5 Nov 2018 12:10:17 +0000 (21:10 +0900)]
fail channel when BADONION is not set.
Matt Corallo [Sat, 3 Nov 2018 03:59:59 +0000 (23:59 -0400)]
Merge pull request #241 from TheBlueMatt/2018-10-peer-free-panic
Fix pre-noise outbound peer disconnect panic found by fuzzer
Matt Corallo [Sat, 3 Nov 2018 03:07:54 +0000 (23:07 -0400)]
Merge pull request #233 from TheBlueMatt/2018-10-shutdown-updates
Shutdown Updates
Matt Corallo [Fri, 2 Nov 2018 01:45:59 +0000 (21:45 -0400)]
Test the various shutdown handling updates
Matt Corallo [Thu, 1 Nov 2018 21:17:28 +0000 (17:17 -0400)]
Rebroadcast shutdown on channel_reestablish (and reprocess them)
Matt Corallo [Thu, 1 Nov 2018 21:12:20 +0000 (17:12 -0400)]
Delay closing_signed until update_fee exchanges complete
See https://github.com/lightningnetwork/lightning-rfc/issues/499
for a bit more about the ambiguity we're addressing here.
Also drop holding cell update_fee the same way we drop holding
cell update_add_htlcs when sending shutdown, resolving a bug.