]> git.bitcoin.ninja Git - rust-lightning/log
rust-lightning
2 years agoMerge pull request #1342 from TheBlueMatt/2022-03-fix-bindings-docs
Matt Corallo [Wed, 2 Mar 2022 17:38:24 +0000 (17:38 +0000)]
Merge pull request #1342 from TheBlueMatt/2022-03-fix-bindings-docs

Fix feature-specific documentation

2 years agoFix feature-specific documentation 2022-03-fix-bindings-docs
Matt Corallo [Wed, 2 Mar 2022 04:35:11 +0000 (04:35 +0000)]
Fix feature-specific documentation

Apparently documentation only applies to the first feature-specific
definition, not both.

2 years agoMerge pull request #1338 from TheBlueMatt/2022-02-bindings-105
Matt Corallo [Tue, 1 Mar 2022 04:14:32 +0000 (04:14 +0000)]
Merge pull request #1338 from TheBlueMatt/2022-02-bindings-105

[0.0.105] (Bindings Only) Concretize LockableScore as MultiThreadedLockableScore

2 years agoMerge pull request #1339 from TheBlueMatt/2022-02-0.0.105-sec v0.0.105
Matt Corallo [Tue, 1 Mar 2022 04:13:19 +0000 (04:13 +0000)]
Merge pull request #1339 from TheBlueMatt/2022-02-0.0.105-sec

0.0.105 Security Fixes

2 years agoSimplify type aliasing somewhat around times 2022-02-bindings-105
Matt Corallo [Tue, 1 Mar 2022 03:47:28 +0000 (03:47 +0000)]
Simplify type aliasing somewhat around times

.. as the current C bindings generator isn't capable of handling
type aliases in generics in type alias definition currently.

2 years agoMake `as_directed_to` non-public
Matt Corallo [Tue, 1 Mar 2022 03:46:52 +0000 (03:46 +0000)]
Make `as_directed_to` non-public

...as the bindings generation does not currently have the ability
to map a reference to a `NodeId` inside a tuple.

2 years ago(Bindings Only) Concretize LockableScore as MultiThreadedLockableScore
Matt Corallo [Fri, 17 Dec 2021 22:32:24 +0000 (22:32 +0000)]
(Bindings Only) Concretize LockableScore as MultiThreadedLockableScore

We don't really care about more than this in bindings - calling
into a custom `Score` is likely too slow to be practical anyway,
so this is also a performance improvement.

Works around https://github.com/rust-lang/rust/issues/90448

2 years agoUpdate CHANGELOG with security info for 0.0.105 2022-02-0.0.105-sec
Matt Corallo [Mon, 28 Feb 2022 22:53:16 +0000 (22:53 +0000)]
Update CHANGELOG with security info for 0.0.105

2 years agoMerge branch '2022-02-bal-panic' into 2022-02-0.0.105-sec
Matt Corallo [Tue, 1 Mar 2022 02:23:14 +0000 (02:23 +0000)]
Merge branch '2022-02-bal-panic' into 2022-02-0.0.105-sec

2 years agoMerge branch '2022-02-fix-multi-hop-hint-panic' into 2022-02-0.0.105-sec
Matt Corallo [Tue, 1 Mar 2022 02:23:07 +0000 (02:23 +0000)]
Merge branch '2022-02-fix-multi-hop-hint-panic' into 2022-02-0.0.105-sec

2 years agoMerge pull request #1322 from TheBlueMatt/2022-02-0.0.105
Matt Corallo [Tue, 1 Mar 2022 02:22:00 +0000 (02:22 +0000)]
Merge pull request #1322 from TheBlueMatt/2022-02-0.0.105

Cut 0.0.105

2 years agoEnsure `get_claimable_balances` never panicks in tests
Matt Corallo [Fri, 25 Feb 2022 05:18:29 +0000 (05:18 +0000)]
Ensure `get_claimable_balances` never panicks in tests

... by calling it both before and after every chain event in
testing and fuzzing.

This requires fixing some blockchain inconsistencies in
`do_test_onchain_htlc_reorg`, `do_retry_with_no_persist`, and
`do_test_dup_htlc_onchain_fails_on_reload` where we'd connect
conflicting transactions in the same chain.

2 years agoFix HTLC tx balance calculation on local commitment transactions
Matt Corallo [Fri, 25 Feb 2022 05:14:00 +0000 (05:14 +0000)]
Fix HTLC tx balance calculation on local commitment transactions

When handling the broadcast of a local commitment transactions
(with associated CSV delays prior to spendability), we incorrectly
handled the CSV delays on HTLC transactions. This caused us to miss
spendable outputs for HTLCs which were awaiting a CSV delay.

Further, because of this, we could hit an assertion as
`get_claimable_balances` asserted that HTLCs were resolved after
the funding spend was resolved, which was not true if the HTLC did
not have a CSV delay attached (due to the above bug or due to it
being an HTLC claim by our counterparty).

This fixes both bugs, also converting some assertions to
`debug_assert`s to avoid future issues as balance mis-calculation
is not currently an indication of potential funds loss.

Thanks to Cash App for reporting this bug.

2 years agoBump crate versions to 0.0.105/invoice 0.13 2022-02-0.0.105
Matt Corallo [Fri, 18 Feb 2022 22:13:21 +0000 (22:13 +0000)]
Bump crate versions to 0.0.105/invoice 0.13

2 years agoFill out CHANGELOG for 0.0.105
Matt Corallo [Fri, 18 Feb 2022 22:12:14 +0000 (22:12 +0000)]
Fill out CHANGELOG for 0.0.105

2 years agoCorrect default value for A* heuristic for non-public nodes
Matt Corallo [Thu, 10 Feb 2022 21:33:26 +0000 (21:33 +0000)]
Correct default value for A* heuristic for non-public nodes

This doesn't (appear) to change behavior, however if we have a
non-public node, we assign an A* heuristic of max-u32 fees, which
may result in us de-prioritizing the path in some rare cases around
multi-hop route hints which compete with public nodes.

2 years agoFix panic when routing through multiple private last-hops
Matt Corallo [Thu, 10 Feb 2022 21:29:43 +0000 (21:29 +0000)]
Fix panic when routing through multiple private last-hops

When we added support for routing through a multi-hop invoice hint
we failed to remove an assertion that we always are able to fill
in features for each hop except the last one. However, when a
multi-hop invoice hint is used, we will not have features for any
of the hinted hops, causing us to panic.

2 years agoMerge pull request #1327 from TheBlueMatt/2022-02-log-before-panic
Arik Sosman [Mon, 28 Feb 2022 22:03:03 +0000 (14:03 -0800)]
Merge pull request #1327 from TheBlueMatt/2022-02-log-before-panic

2 years agoMerge pull request #1303 from jkczyz/2022-02-docs-with-features
Matt Corallo [Mon, 28 Feb 2022 21:00:05 +0000 (21:00 +0000)]
Merge pull request #1303 from jkczyz/2022-02-docs-with-features

Generate docs with features for docs.rs

2 years agoMerge pull request #1335 from TheBlueMatt/2022-02-fix-honggfuzz-regression
valentinewallace [Mon, 28 Feb 2022 18:50:03 +0000 (13:50 -0500)]
Merge pull request #1335 from TheBlueMatt/2022-02-fix-honggfuzz-regression

Pin rustc in fuzzing to 1.58 due to honggfuzz-rs regression

2 years agoMerge pull request #1324 from valentinewallace/2022-02-phantom-followup
Matt Corallo [Mon, 28 Feb 2022 18:16:21 +0000 (18:16 +0000)]
Merge pull request #1324 from valentinewallace/2022-02-phantom-followup

#1199 Followup

2 years agoMerge pull request #1332 from TheBlueMatt/2022-02-persister-ignore-tmp
Matt Corallo [Sat, 26 Feb 2022 01:30:29 +0000 (01:30 +0000)]
Merge pull request #1332 from TheBlueMatt/2022-02-persister-ignore-tmp

Ignore .tmp files when loading ChannelMonitors in persister

2 years agoPin rustc in fuzzing to 1.58 due to honggfuzz-rs regression 2022-02-fix-honggfuzz-regression
Matt Corallo [Fri, 25 Feb 2022 22:09:30 +0000 (22:09 +0000)]
Pin rustc in fuzzing to 1.58 due to honggfuzz-rs regression

2 years agoFix bug where we encode flags field into all updates on htlc fail
Valentine Wallace [Thu, 24 Feb 2022 03:20:43 +0000 (22:20 -0500)]
Fix bug where we encode flags field into all updates on htlc fail

Failing an HTLC with onion error channel_disabled requires encoding a 'flags' field into the failure
packet. However, we were encoding this 'flags' field for all failures packets that were failing on
update_add_htlc with an update (error 0x1000 UPDATE).

Discovered in the course of adding phantom payment failure tests, which also added testing for this bug

2 years agoCorrectly wrap phantom onion errors
Valentine Wallace [Fri, 25 Feb 2022 03:28:58 +0000 (22:28 -0500)]
Correctly wrap phantom onion errors

In any place where fail_htlc_backwards_internal was called for a phantom payment
failure, we weren't encoding the onion failure as if the phantom were the one
failing. Instead, we were encoding the failure as if it were coming from the
second-to-last hop. This caused our failures to not be parsed properly on the
payer's side.

Places we were encoding failures incorrectly include:
* on failure of a call to inbound_payment::verify
* on a user call to fail_htlc_backwards

Also drop some unnecessary panics when reading OnionHopData objects. This also
enables one of the phantom failure tests because we can construct OnionHopDatas
with invalid amounts.

Lastly, remove a bogus comment

2 years agoFix phantom malformed onion error packet
Valentine Wallace [Fri, 25 Feb 2022 03:19:20 +0000 (22:19 -0500)]
Fix phantom malformed onion error packet

Ensure we fail back phantom malformed payments with an update_fail_htlc s.t.
the error contains the sha256 of the onion, per LN protocol.

2 years agoAdd phantom shared secret to HTLCPreviousHopData
Valentine Wallace [Fri, 25 Feb 2022 03:14:02 +0000 (22:14 -0500)]
Add phantom shared secret to HTLCPreviousHopData

This also fixes a bug where we were failing back phantom payments with the
wrong scid, causing them to never actually be failed backwards (L3022 in
channelmanager.rs)

This new field will be used in upcoming commit(s) to encrypt phantom payment failure
packets.

2 years agoAdd phantom shared secret to PendingHTLCRouting::Receive
Valentine Wallace [Fri, 25 Feb 2022 02:18:48 +0000 (21:18 -0500)]
Add phantom shared secret to PendingHTLCRouting::Receive

This will be used in upcoming commit(s) to encrypt phantom payment failure packets.

2 years agoMerge pull request #1318 from jurvis/jurvis/2022-02-log-router-penalty-data-4
Matt Corallo [Thu, 24 Feb 2022 19:50:51 +0000 (19:50 +0000)]
Merge pull request #1318 from jurvis/jurvis/2022-02-log-router-penalty-data-4

Implement custom debug for PathBuildingHop

2 years agoIgnore .tmp files when loading ChannelMonitors in persister 2022-02-persister-ignore-tmp
Matt Corallo [Wed, 23 Feb 2022 22:06:33 +0000 (22:06 +0000)]
Ignore .tmp files when loading ChannelMonitors in persister

If we are in the middle of persisting an update to a
`ChannelMonitor` when we shutdown (or crash), we'll start up with
a .tmp file lying around. We should ignore it, as failure to
return from the update call should have prevented the
`ChannelManager` from taking any irrevocable action based on the
update.

We're somewhat protected from any filesystem inconsistency behavior
as the `ChannelManager` will refuse to load if we're outright
missing `ChannelMonitor`s.

Fixes #1330.

2 years agoImplement custom debug for PathBuildingHop
Jurvis Tan [Sat, 12 Feb 2022 04:38:13 +0000 (20:38 -0800)]
Implement custom debug for PathBuildingHop

Add other fields to log for PathBuildingHop

Use DebugStruct to print PathBuildingHop

Fix PathBuildingHop visibility

Add more useful fee print-outs

Remove Features<NodeContext> from hop print-out

Remove logging fields we don’t need

Add fields to log back to PathBuildingHop

2 years agoMerge pull request #1309 from TheBlueMatt/2022-02-first-hop-log
valentinewallace [Tue, 22 Feb 2022 17:23:32 +0000 (12:23 -0500)]
Merge pull request #1309 from TheBlueMatt/2022-02-first-hop-log

Specify whether we have first-hop hints when routing

2 years agoFollow-up nits from #1199 (phantom node support)
Valentine Wallace [Sat, 19 Feb 2022 21:41:38 +0000 (16:41 -0500)]
Follow-up nits from #1199 (phantom node support)

2 years agoLog more during ChannelMonitor updating 2022-02-log-before-panic
Matt Corallo [Tue, 22 Feb 2022 00:18:09 +0000 (00:18 +0000)]
Log more during ChannelMonitor updating

Fixes #1323.

2 years agoMerge pull request #1314 from TheBlueMatt/2022-02-accept_chan_type
Arik Sosman [Fri, 18 Feb 2022 21:53:09 +0000 (13:53 -0800)]
Merge pull request #1314 from TheBlueMatt/2022-02-accept_chan_type

Update channel-type implementation to upstream spec as merged

2 years agoGenerate docs with features for docs.rs
Jeffrey Czyz [Sat, 12 Feb 2022 04:22:20 +0000 (22:22 -0600)]
Generate docs with features for docs.rs

Enable generating docs using --all-features or --features="std" where
applicable. Additionally, use doc_auto_cfg to tag items requiring a
feature.

https://doc.rust-lang.org/nightly/rustdoc/unstable-features.html#doc_auto_cfg-automatically-generate-doccfg

This requires building with nightly, which is what is used by docs.rs.

https://docs.rs/about/builds

To test locally, use:

RUSTDOCFLAGS="--cfg docsrs" cargo +nightly doc ...

2 years agoFix rustdoc error on nightly
Jeffrey Czyz [Sat, 12 Feb 2022 04:17:27 +0000 (22:17 -0600)]
Fix rustdoc error on nightly

2 years agoUnhide struct docs in scoring module
Jeffrey Czyz [Sat, 12 Feb 2022 04:14:06 +0000 (22:14 -0600)]
Unhide struct docs in scoring module

The docs were hidden since a type alias should be used. However, the
alias docs don't contain much useful information and don't link to the
corresponding struct.

2 years agoFix `cargo doc` warning in lightning-block-sync
Jeffrey Czyz [Sat, 12 Feb 2022 04:12:33 +0000 (22:12 -0600)]
Fix `cargo doc` warning in lightning-block-sync

2 years agoSpecify whether we have first-hop hints when routing 2022-02-first-hop-log
Matt Corallo [Tue, 15 Feb 2022 20:59:40 +0000 (20:59 +0000)]
Specify whether we have first-hop hints when routing

This is incredibly useful when debugging issues with the router,
and is somewhat of an oversight currently.

2 years agoMerge pull request #1316 from TheBlueMatt/2022-02-no-fuzztarget
Matt Corallo [Fri, 18 Feb 2022 19:18:30 +0000 (19:18 +0000)]
Merge pull request #1316 from TheBlueMatt/2022-02-no-fuzztarget

Drop `fuzztarget` feature entirely

2 years agoAdd explicit compile errors when cfg=fuzzing is mis-set 2022-02-no-fuzztarget
Matt Corallo [Fri, 18 Feb 2022 15:54:56 +0000 (15:54 +0000)]
Add explicit compile errors when cfg=fuzzing is mis-set

2 years agoDrop `fuzztarget` feature entirely
Matt Corallo [Thu, 17 Feb 2022 19:29:59 +0000 (19:29 +0000)]
Drop `fuzztarget` feature entirely

Some time ago we started transitioning to `cfg(fuzzing)` instead of
exposing a full feature. Here we complete the transition.

2 years agoMerge pull request #1315 from TheBlueMatt/2022-02-fix-tokio-msrv
Matt Corallo [Thu, 17 Feb 2022 19:51:13 +0000 (19:51 +0000)]
Merge pull request #1315 from TheBlueMatt/2022-02-fix-tokio-msrv

Restrict tokio to 1.14 as a dev-dependency

2 years agoRestrict tokio to 1.14 as a dev-dependency 2022-02-fix-tokio-msrv
Matt Corallo [Thu, 17 Feb 2022 17:41:15 +0000 (17:41 +0000)]
Restrict tokio to 1.14 as a dev-dependency

This maintains our MSRV for simple `cargo test` runs, but doesn't
restrict users to any specific 1.X tokio version.

2 years agoMerge pull request #1266 from TheBlueMatt/2022-01-fix-double-fail-panic
Matt Corallo [Thu, 17 Feb 2022 03:41:50 +0000 (03:41 +0000)]
Merge pull request #1266 from TheBlueMatt/2022-01-fix-double-fail-panic

Fix a debug panic caused by receiving MPP parts after a failure

2 years agoFix a debug panic caused by receiving MPP parts after a failure 2022-01-fix-double-fail-panic
Matt Corallo [Wed, 19 Jan 2022 03:52:56 +0000 (03:52 +0000)]
Fix a debug panic caused by receiving MPP parts after a failure

Prior to cryptographic payment secrets, when we process a received
payment in `process_pending_htlc_fowards` we'd remove its entry
from the `pending_inbound_payments` map and give the user a
`PaymentReceived` event.

Thereafter, if a second HTLC came in with the same payment hash, it
would find no entry in the `pending_inbound_payments` map and be
immediately failed in `process_pending_htlc_forwards`.

Thus, each HTLC will either result in a `PaymentReceived` event or
be failed, with no possibility for both.

As of 846487555556d8465c5b7b811f976e78f265c48f, we no longer
materially have a pending-inbound-payments map, and thus
more-than-happily accept a second payment with the same payment
hash even if we just failed a previous one for having mis-matched
payment data.

This can cause an issue if the two HTLCs are received back-to-back,
with the first being accepted as valid, generating a
`PaymentReceived` event. Then, when the second comes in we'll hit
the "total value {} ran over expected value" condition and fail
*all* pending HTLCs with the same payment hash. At this point,
we'll have a pending failure for both HTLCs, as well as a
`PaymentReceived` event for the user.

Thereafter, if the user attempts to fail the HTLC in response to
the `PaymentReceived`, they'll get a debug panic at channel.rs:1657
'Tried to fail an HTLC that was already failed'.

The solution is to avoid bulk-failing all pending HTLCs for a
payment. This feels like the right thing to do anyway - if a sender
accidentally sends an extra HTLC after a payment has ben fully
paid, we shouldn't fail the entire payment.

Found by the `chanmon_consistency` fuzz test.

2 years agoUpdate channel-type implementation to upstream spec as merged 2022-02-accept_chan_type
Matt Corallo [Wed, 16 Feb 2022 21:34:16 +0000 (21:34 +0000)]
Update channel-type implementation to upstream spec as merged

Somehow, our channel type implementation doesn't echo back the
channel type as we believe it was negotiated, as we should. Though
the spec doesn't explicitly require this, some implementations may
require it and it appears to have been in the BOLTs from the start
of the channel type logic.

2 years agoDrop spurious whitespace in channel.rs
Matt Corallo [Wed, 16 Feb 2022 21:12:22 +0000 (21:12 +0000)]
Drop spurious whitespace in channel.rs

2 years agoMerge pull request #1199 from valentinewallace/2021-11-phantom-node
Jeffrey Czyz [Tue, 15 Feb 2022 21:43:10 +0000 (15:43 -0600)]
Merge pull request #1199 from valentinewallace/2021-11-phantom-node

Add support for multi-node receive

2 years agoDon't send channel updates for private chans on error 2022-02-multi-node-review-mark
Valentine Wallace [Fri, 4 Feb 2022 20:21:01 +0000 (15:21 -0500)]
Don't send channel updates for private chans on error

This commit also adds additional checks for the second-to-last (phantom) hop for phantom payments.

2 years agoSupport phantom payment receive in ChannelManager, with invoice util
Valentine Wallace [Thu, 20 Jan 2022 20:29:41 +0000 (15:29 -0500)]
Support phantom payment receive in ChannelManager, with invoice util

See PhantomKeysManager and invoice util's create_phantom_invoice for more info

2 years agoAdd get_phantom_scid and get_phantom_route_hints + scid_utils::fake_scid module
Valentine Wallace [Thu, 30 Dec 2021 21:13:56 +0000 (16:13 -0500)]
Add get_phantom_scid and get_phantom_route_hints + scid_utils::fake_scid module

See method and module docs for more details

2 years agochannelmanager: DRY PendingHTLCInfo creation for receives
Valentine Wallace [Mon, 10 Jan 2022 20:58:28 +0000 (15:58 -0500)]
channelmanager: DRY PendingHTLCInfo creation for receives

Will be used to facilitate decoding multiple onion layers for phantom payment receive

2 years agoscid_utils: add utils for retrieving txindex and vout
Valentine Wallace [Fri, 31 Dec 2021 22:14:48 +0000 (17:14 -0500)]
scid_utils: add utils for retrieving txindex and vout

2 years agokeysinterface: adapt get_node_secret for phantom payments
Valentine Wallace [Wed, 9 Feb 2022 22:22:53 +0000 (17:22 -0500)]
keysinterface: adapt get_node_secret for phantom payments

We want LDK to be able to retrieve the phantom secret key when we see that a payment
is destined for a phantom node.

2 years agoKeysInterface::sign_invoice: indicate whether invoice is a phantom
Valentine Wallace [Tue, 1 Feb 2022 22:33:57 +0000 (17:33 -0500)]
KeysInterface::sign_invoice: indicate whether invoice is a phantom

2 years agokeysmanager: support phantom payments with PhantomKeysManager
Valentine Wallace [Mon, 27 Dec 2021 20:11:03 +0000 (15:11 -0500)]
keysmanager: support phantom payments with PhantomKeysManager

To support the feature of generating invoices that can be paid to any of
multiple nodes, a key manager need to be able to share an inbound_payment_key
and phantom secret key. This is because a phantom payment may be received by
any node participating in the invoice, so all nodes must be able to decrypt the
phantom payment (and therefore must share decryption key(s)) in the act of
pretending to be the phantom node. Thus we add a new `PhantomKeysManager` that
supports these features.

To be more specific, the inbound payment key must be shared because it is used
to decrypt the payment details for verification (LDK avoids storing inbound
payment data by encrypting payment metadata in the payment hash and/or payment
secret).

The phantom secret must be shared because enables any real node included in the
phantom invoice to decrypt the final layer of the onion packet, since the onion
is encrypted by the sender using the phantom public key provided in the
invoice.

2 years agoDRY shared hkdf_extract_expand code to new module
Valentine Wallace [Thu, 27 Jan 2022 18:40:30 +0000 (13:40 -0500)]
DRY shared hkdf_extract_expand code to new module

2 years agoImplement serialization for ChannelDetails
Valentine Wallace [Thu, 27 Jan 2022 19:56:02 +0000 (14:56 -0500)]
Implement serialization for ChannelDetails

Will be used in upcoming commit(s) where it may be desirable to cache ChannelDetails routehints

2 years agoRefactor out decode_next_hop util from ChannelManager::decode_update_add_htlc
Valentine Wallace [Tue, 9 Nov 2021 00:49:35 +0000 (19:49 -0500)]
Refactor out decode_next_hop util from ChannelManager::decode_update_add_htlc

This will be used in upcoming commit(s) to facilitate decoding multiple onion layers for
multi-node payment receive

2 years agoMerge pull request #1301 from TheBlueMatt/2022-02-router-no-test
Matt Corallo [Mon, 14 Feb 2022 18:29:03 +0000 (18:29 +0000)]
Merge pull request #1301 from TheBlueMatt/2022-02-router-no-test

Work around rustc bug on nightly and make benchmarks not run test code

2 years agoMerge pull request #1305 from ConorOkus/update-readme
valentinewallace [Mon, 14 Feb 2022 18:01:55 +0000 (13:01 -0500)]
Merge pull request #1305 from ConorOkus/update-readme

Update README to include community invite links

2 years agoMerge pull request #1281 from ViktorTigerstrom/2022-01-accept-or-reject-channels
Matt Corallo [Mon, 14 Feb 2022 17:54:22 +0000 (17:54 +0000)]
Merge pull request #1281 from ViktorTigerstrom/2022-01-accept-or-reject-channels

Add option accept or reject channel requests

2 years agoMerge pull request #1304 from jkczyz/2021-12-remove-mut-ref
valentinewallace [Mon, 14 Feb 2022 17:23:02 +0000 (12:23 -0500)]
Merge pull request #1304 from jkczyz/2021-12-remove-mut-ref

Remove unnecessary mut from reference

2 years agoUpdate README to include community invite links
Conor Okus [Mon, 14 Feb 2022 11:47:00 +0000 (11:47 +0000)]
Update README to include community invite links

2 years agoAdd tests for responding to inbound channel reqs
Viktor Tigerström [Mon, 7 Feb 2022 23:54:41 +0000 (00:54 +0100)]
Add tests for responding to inbound channel reqs

Add functional tests for manually responding to inbound channel requests.
Responding to inbound channel requests are required when the
`manually_accept_inbound_channels` config flag is set to true.

The tests cover the following cases:
* Accepting an inbound channel request
* Rejecting an inbound channel request
* FundingCreated message sent by the counterparty before accepting the
inbound channel request
* Attempting to accept an inbound channel request twice
* Attempting to accept an unkown inbound channel

2 years agoAdd option to accept or reject inbound channels
Viktor Tigerström [Tue, 25 Jan 2022 23:21:22 +0000 (00:21 +0100)]
Add option to accept or reject inbound channels

Add a new config flag `UserConfig::manually_accept_inbound_channels`,
which when set to true allows the node operator to accept or reject new
channel requests.

When set to true, `Event::OpenChannelRequest` will be triggered once a
request to open a new inbound channel is received. When accepting the
request, `ChannelManager::accept_inbound_channel` should be called.
Rejecting the request is done through
`ChannelManager::force_close_channel`.

2 years agoRemove unnecessary mut from reference
Jeffrey Czyz [Sat, 4 Dec 2021 18:08:05 +0000 (12:08 -0600)]
Remove unnecessary mut from reference

chain::Listen's interface is defined in terms of non-mutable references,
so there's no need to use mutable references in lightning-block-sync.

2 years agoMerge pull request #1292 from TheBlueMatt/2022-02-override-handshake-limits
valentinewallace [Sat, 12 Feb 2022 00:45:44 +0000 (19:45 -0500)]
Merge pull request #1292 from TheBlueMatt/2022-02-override-handshake-limits

Store override counterparty handshake limits until we enforce them

2 years agoMerge pull request #1268 from TheBlueMatt/2022-01-balance-underflow
Arik Sosman [Fri, 11 Feb 2022 00:30:48 +0000 (16:30 -0800)]
Merge pull request #1268 from TheBlueMatt/2022-01-balance-underflow

Include inbound-claimed-HTLCs in reported channel balances

2 years agoMake router benchmarks more realistic by not running test-only code 2022-02-router-no-test
Matt Corallo [Thu, 10 Feb 2022 21:13:19 +0000 (21:13 +0000)]
Make router benchmarks more realistic by not running test-only code

`cargo bench` sets `cfg(test)`, causing us to hit some test-only
code in the router when benchmarking, throwing off our benchmarks
substantially. Here we swap from the `unstable` feature to a more
clearly internal feature (`_bench_unstable`) and also checking for
it when enabling test-only code.

2 years agoInclude inbound-claimed-HTLCs in reported channel balances 2022-01-balance-underflow
Matt Corallo [Thu, 20 Jan 2022 04:28:38 +0000 (04:28 +0000)]
Include inbound-claimed-HTLCs in reported channel balances

Given the balance is reported as "total balance if we went to chain
ignoring fees", it seems reasonable to include claimed HTLCs - if
we went to chain we'd get those funds, less on-chain fees. Further,
if we do not include them, its possible to have pending outbound
holding-cell HTLCs underflow the balance calculation, causing a
panic in debug mode, and bogus values in release.

This resolves a subtraction underflow bug found by the
`chanmon_consistency` fuzz target.

2 years agoWork around rustc compilation regression on nightly
Matt Corallo [Thu, 10 Feb 2022 21:11:59 +0000 (21:11 +0000)]
Work around rustc compilation regression on nightly

Apparently rustc doesn't (actually) provide any kind of
compilation-stability guarantees, despite their claims. Here we
work around rustc being unstable by making the trait call explicit.

See also https://github.com/rust-lang/rust/issues/93599

2 years agoMerge pull request #1299 from p2pderivatives/make-counterpartycommitmentsecrets-public
Matt Corallo [Thu, 10 Feb 2022 17:12:27 +0000 (17:12 +0000)]
Merge pull request #1299 from p2pderivatives/make-counterpartycommitmentsecrets-public

Make CounterpartyCommitmentSecrets public

2 years agoMake CounterpartyCommitmentSecrets public
Tibo-lg [Tue, 8 Feb 2022 01:25:12 +0000 (10:25 +0900)]
Make CounterpartyCommitmentSecrets public

2 years agoMerge pull request #1285 from TheBlueMatt/2022-01-remove-closed-issue-ref
Matt Corallo [Fri, 4 Feb 2022 19:42:26 +0000 (19:42 +0000)]
Merge pull request #1285 from TheBlueMatt/2022-01-remove-closed-issue-ref

Remove stale reference to incomplete BOLT compliance

2 years agoMerge pull request #1227 from jkczyz/2021-12-probabilistic-scorer
valentinewallace [Thu, 3 Feb 2022 15:50:49 +0000 (10:50 -0500)]
Merge pull request #1227 from jkczyz/2021-12-probabilistic-scorer

Probabilistic channel scoring

2 years agoAdd ProbabilisticScorer benchmarks
Jeffrey Czyz [Mon, 17 Jan 2022 04:54:42 +0000 (22:54 -0600)]
Add ProbabilisticScorer benchmarks

2 years agoDeprecate Scorer in favor of ProbabilisticScorer
Jeffrey Czyz [Mon, 17 Jan 2022 04:12:58 +0000 (22:12 -0600)]
Deprecate Scorer in favor of ProbabilisticScorer

2 years agoDecay channel liquidity balance offsets
Jeffrey Czyz [Wed, 5 Jan 2022 00:15:59 +0000 (18:15 -0600)]
Decay channel liquidity balance offsets

ProbabilisticScorer uses successful and unsuccessful payments to gain
more certainty of a channel's liquidity balance. Decay this knowledge
over time to indicate decreasing certainty about the liquidity balance.

2 years agoProbabilistic channel scoring
Jeffrey Czyz [Mon, 3 Jan 2022 14:35:19 +0000 (08:35 -0600)]
Probabilistic channel scoring

Add a Score implementation based on "Optimally Reliable & Cheap Payment
Flows on the Lightning Network" by Rene Pickhardt and Stefan Richter[1].
Given the uncertainty of channel liquidity balances, probability
distributions are defined based on knowledge learned from successful and
unsuccessful attempts. Then the negative log of the success probability
is used to determine the cost of routing a specific HTLC amount through
a channel.

[1]: https://arxiv.org/abs/2107.05322

2 years agoEffective channel capacity for router and scoring
Jeffrey Czyz [Wed, 29 Dec 2021 15:56:54 +0000 (09:56 -0600)]
Effective channel capacity for router and scoring

A channel's capacity may be inferred or learned and is used to make
routing decisions, including as a parameter to channel scoring. Define
an EffectiveCapacity for this purpose. Score::channel_penalty_msat takes
the effective capacity (less in-flight HTLCs for the same payment), and
never None. Thus, for hops given in an invoice, the effective capacity
is now considered (near) infinite if over a private channel or based on
learned information if over a public channel.

If a Score implementations needs the effective capacity when updating a
channel's score, i.e. in payment_path_failed or payment_path_successful,
it can access the channel's EffectiveCapacity via the NetworkGraph by
first looking up the channel and then specifying which direction is
desired using ChannelInfo::as_directed.

2 years agoStore override counterparty handshake limits until we enforce them 2022-02-override-handshake-limits
Matt Corallo [Tue, 1 Feb 2022 21:16:27 +0000 (21:16 +0000)]
Store override counterparty handshake limits until we enforce them

We currently allow users to provide an `override_config` in
`ChannelManager::create_channel` which it seems should apply to the
channel. However, because we don't store any of it, the only parts
which we apply to the channel are those which are set in the
`Channel` object immediately in `Channel::new_outbound` and used
from there.

This is great in most cases, however the
`UserConfig::peer_channel_config_limits` `ChannelHandshakeLimits`
object is used in `accept_channel` to bound what is acceptable in
our peer's `AcceptChannel` message. Thus, for outbound channels, we
are given a full `UserConfig` object to "override" the default
config, but we don't use any of the handshake limits specified in
it.

Here, we move to storing the `ChannelHandshakeLimits` explicitly
and applying it when we receive our peer's `AcceptChannel`. Note
that we don't need to store it anywhere because if we haven't
received an `AcceptChannel` from our peer when we reload from disk
we will forget the channel entirely anyway.

2 years agoMerge pull request #1282 from TheBlueMatt/2022-01-fuzz-overflow
valentinewallace [Thu, 27 Jan 2022 16:42:05 +0000 (11:42 -0500)]
Merge pull request #1282 from TheBlueMatt/2022-01-fuzz-overflow

Avoid overflow in addition when checking counterparty feerates

2 years agoRemove stale reference to incomplete BOLT compliance 2022-01-remove-closed-issue-ref
Matt Corallo [Wed, 26 Jan 2022 23:28:45 +0000 (23:28 +0000)]
Remove stale reference to incomplete BOLT compliance

The referenced issue was closed some time ago with a PR to amend
the BOLTs to be more restrictive, which we are in compliance with.

2 years agoMerge pull request #1179 from TheBlueMatt/2021-11-fix-announce-sigs-broadcast-time
Matt Corallo [Wed, 26 Jan 2022 23:27:04 +0000 (23:27 +0000)]
Merge pull request #1179 from TheBlueMatt/2021-11-fix-announce-sigs-broadcast-time

Disconnect announcement_signatures sending from funding_locked

2 years agoMake `Channel::get_announcement_sigs` return an Option and log 2021-11-fix-announce-sigs-broadcast-time
Matt Corallo [Tue, 7 Dec 2021 19:11:18 +0000 (19:11 +0000)]
Make `Channel::get_announcement_sigs` return an Option and log

Channel::get_announcement_sigs is only used in contexts where we
have a logger already, and the error returned is always ignored, so
instead of returning an ignored error message we return an `Option`
directly and log when it won't be too verbose.

2 years agoSwap loop and condition order to avoid looping unnecessarily
Matt Corallo [Tue, 7 Dec 2021 01:56:31 +0000 (01:56 +0000)]
Swap loop and condition order to avoid looping unnecessarily

2 years agoDisconect `announcement_signatures` sending from `funding_locked`
Matt Corallo [Thu, 18 Nov 2021 21:54:13 +0000 (21:54 +0000)]
Disconect `announcement_signatures` sending from `funding_locked`

The spec actually requires we never send `announcement_signatures`
(and, thus, `channel_announcement`s) until after six confirmations.
However, we would happily have sent them prior to that as long as
we exchange `funding_locked` messages with our countarparty. Thanks
to re-broadcasting this issue is largely harmless, however it could
have some negative interactions with less-robust peers. Much more
importantly, this represents an important step towards supporting
0-conf channels, where `funding_locked` messages may be exchanged
before we even have an SCID to construct the messages with.

Because there is no ACK mechanism for `announcement_signatures` we
rely on existing channel updates to stop rebroadcasting them - if
we sent a `commitment_signed` after an `announcement_signatures`
and later receive a `revoke_and_ack`, we know our counterparty also
received our `announcement_signatures`. This may resolve some rare
edge-cases where we send a `funding_locked` which our counterparty
receives, but lose connection before the `announcement_signatures`
(usually the very next message) arrives.

Sadly, because the set of places where an `announcement_signatures`
may now be generated more closely mirrors where `funding_locked`
messages may be generated, but they are now separate, there is a
substantial amount of code motion providing relevant parameters
about current block information and ensuring we can return new
`announcement_signatures` messages.

2 years agoUnset `Channel::is_usable` if mon update is blocking funding_locked
Matt Corallo [Thu, 18 Nov 2021 21:54:10 +0000 (21:54 +0000)]
Unset `Channel::is_usable` if mon update is blocking funding_locked

If we have not yet sent `funding_locked` only because of a pending
channel monitor update, we shouldn't consider a channel
`is_usable`. This has a number of downstream effects, including
not attempting to route payments through the channel, not sending
private `channel_update` messages to our counterparty, or sending
channel_announcement messages if our couterparty has already signed
for it.

We further gate generation of `node_announcement`s on `is_usable`,
preventing generation of those or `announcement_signatures` until
we've sent our `funding_locked`.

Finally, `during_funding_monitor_fail` is updated to test a case
where we see the funding transaction lock in but have a pending
monitor update failure, then receive `funding_locked` from our
counterparty and ensure we don't generate the above messages until
after the monitor update completes.

2 years agoDo not Send FundingLocked messages while disconnected
Matt Corallo [Mon, 15 Nov 2021 01:09:27 +0000 (01:09 +0000)]
Do not Send FundingLocked messages while disconnected

While its generally harmless to do so (the messages will simply be
dropped in `PeerManager`) there is a potential race condition where
the FundingLocked message enters the outbound message queue, then
the peer reconnects, and then the FundingLocked message is
delivered prior to the normal ChannelReestablish flow.

We also take this opportunity to rewrite
`test_funding_peer_disconnect` to be explicit instead of using
`reconnect_peers`. This allows it to check each message being sent
carefully, whereas `reconnect_peers` is rather lazy and accepts
that sometimes signatures will be exchanged, and sometimes not.

2 years agoReturn struct, not long tuple, from `Channel::channel_reestablish`
Matt Corallo [Sat, 13 Nov 2021 22:47:42 +0000 (22:47 +0000)]
Return struct, not long tuple, from `Channel::channel_reestablish`

This improves readability and makes it easier to add additional
return fields.

2 years agoMerge pull request #1283 from TheBlueMatt/2022-01-correct-req-feature-handling
valentinewallace [Wed, 26 Jan 2022 16:30:43 +0000 (11:30 -0500)]
Merge pull request #1283 from TheBlueMatt/2022-01-correct-req-feature-handling

Correct handling of `UnknownRequiredFeature` deserialization

2 years agoMerge pull request #1273 from jkczyz/2022-01-invoice-expiry
valentinewallace [Wed, 26 Jan 2022 14:51:14 +0000 (09:51 -0500)]
Merge pull request #1273 from jkczyz/2022-01-invoice-expiry

Support invoice expiry over a year

2 years agoCorrect handling of `UnknownRequiredFeature` deserialization 2022-01-correct-req-feature-handling
Matt Corallo [Wed, 26 Jan 2022 02:04:20 +0000 (02:04 +0000)]
Correct handling of `UnknownRequiredFeature` deserialization

Quite some time ago, `UnknownRequiredFeature` was only used when a
gossip message has a missing required feature. These days, its also
used for any required TLV which we do not understand in any
message. However, the handling of it was never updated in
`PeerManager`, leaving it printing a warning about gossip and
ignoring the message entirely.

Instead, we send a warning message and disconnect.

Closes #1236, as caught by @jkczyz.

2 years agoAvoid overflow in addition when checking counterparty feerates 2022-01-fuzz-overflow
Matt Corallo [Wed, 26 Jan 2022 00:10:19 +0000 (00:10 +0000)]
Avoid overflow in addition when checking counterparty feerates

This is harmless outside of debug builds - the feerate will
overflow causing it to either spuriously fail the first check, or
correctly pass it and fail the second check. In debug builds,
however, it panics due to integer overflow.

Found by the `full_stack_target` fuzz test in the
Chaincode-provided continuous fuzzing. Thanks Chaincode!

2 years agoSupport invoice expiry over a year
Jeffrey Czyz [Fri, 21 Jan 2022 22:57:17 +0000 (16:57 -0600)]
Support invoice expiry over a year

The lightning-invoice crate represents timestamps as Duration since the
UNIX epoch rather than a SystemTime. Therefore, internal calculations
are in terms of u64-based Durations. This allows for relaxing the one
year maximum expiry.

2 years agoMove node_id signing of ChannelAnnouncement into Signer
Matt Corallo [Sun, 14 Nov 2021 17:25:39 +0000 (17:25 +0000)]
Move node_id signing of ChannelAnnouncement into Signer

This removes one more place where we directly access the node_id
secret key in `ChannelManager`, slowly marching towards allowing
the node_id secret key to be offline in the signer.

More importantly, it allows more ChannelAnnouncement logic to move
into the `Channel` without having to pass the node secret key
around, avoiding the announcement logic being split across two
files.

2 years agoMerge pull request #1275 from jkczyz/2022-01-benchmark-improvements
valentinewallace [Tue, 25 Jan 2022 17:18:17 +0000 (12:18 -0500)]
Merge pull request #1275 from jkczyz/2022-01-benchmark-improvements

Router benchmark improvements