1 // This file is Copyright its original authors, visible in version control
4 // This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
5 // or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
6 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
7 // You may not use this file except in accordance with one or both of these
10 use bitcoin::blockdata::constants::ChainHash;
11 use bitcoin::blockdata::script::{Script, ScriptBuf, Builder};
12 use bitcoin::blockdata::transaction::Transaction;
14 use bitcoin::sighash::EcdsaSighashType;
15 use bitcoin::consensus::encode;
17 use bitcoin::hashes::Hash;
18 use bitcoin::hashes::sha256::Hash as Sha256;
19 use bitcoin::hashes::sha256d::Hash as Sha256d;
20 use bitcoin::hash_types::{Txid, BlockHash};
22 use bitcoin::secp256k1::constants::PUBLIC_KEY_SIZE;
23 use bitcoin::secp256k1::{PublicKey,SecretKey};
24 use bitcoin::secp256k1::{Secp256k1,ecdsa::Signature};
25 use bitcoin::secp256k1;
27 use crate::ln::{ChannelId, PaymentPreimage, PaymentHash};
28 use crate::ln::features::{ChannelTypeFeatures, InitFeatures};
30 use crate::ln::msgs::DecodeError;
31 use crate::ln::script::{self, ShutdownScript};
32 use crate::ln::channelmanager::{self, CounterpartyForwardingInfo, PendingHTLCStatus, HTLCSource, SentHTLCId, HTLCFailureMsg, PendingHTLCInfo, RAACommitmentOrder, BREAKDOWN_TIMEOUT, MIN_CLTV_EXPIRY_DELTA, MAX_LOCAL_BREAKDOWN_TIMEOUT, ChannelShutdownState};
33 use crate::ln::chan_utils::{CounterpartyCommitmentSecrets, TxCreationKeys, HTLCOutputInCommitment, htlc_success_tx_weight, htlc_timeout_tx_weight, make_funding_redeemscript, ChannelPublicKeys, CommitmentTransaction, HolderCommitmentTransaction, ChannelTransactionParameters, CounterpartyChannelTransactionParameters, MAX_HTLCS, get_commitment_transaction_number_obscure_factor, ClosingTransaction};
34 use crate::ln::chan_utils;
35 use crate::ln::onion_utils::HTLCFailReason;
36 use crate::chain::BestBlock;
37 use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, LowerBoundedFeeEstimator};
38 use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, ChannelMonitorUpdateStep, LATENCY_GRACE_PERIOD_BLOCKS, CLOSED_CHANNEL_UPDATE_ID};
39 use crate::chain::transaction::{OutPoint, TransactionData};
40 use crate::sign::ecdsa::{EcdsaChannelSigner, WriteableEcdsaChannelSigner};
41 use crate::sign::{EntropySource, ChannelSigner, SignerProvider, NodeSigner, Recipient};
42 use crate::events::ClosureReason;
43 use crate::routing::gossip::NodeId;
44 use crate::util::ser::{Readable, ReadableArgs, Writeable, Writer};
45 use crate::util::logger::{Logger, Record, WithContext};
46 use crate::util::errors::APIError;
47 use crate::util::config::{UserConfig, ChannelConfig, LegacyChannelConfig, ChannelHandshakeConfig, ChannelHandshakeLimits, MaxDustHTLCExposure};
48 use crate::util::scid_utils::scid_from_parts;
51 use crate::prelude::*;
52 use core::{cmp,mem,fmt};
53 use core::convert::TryInto;
55 #[cfg(any(test, fuzzing, debug_assertions))]
56 use crate::sync::Mutex;
57 use crate::sign::type_resolver::ChannelSignerType;
59 use super::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint, RevocationBasepoint};
62 pub struct ChannelValueStat {
63 pub value_to_self_msat: u64,
64 pub channel_value_msat: u64,
65 pub channel_reserve_msat: u64,
66 pub pending_outbound_htlcs_amount_msat: u64,
67 pub pending_inbound_htlcs_amount_msat: u64,
68 pub holding_cell_outbound_amount_msat: u64,
69 pub counterparty_max_htlc_value_in_flight_msat: u64, // outgoing
70 pub counterparty_dust_limit_msat: u64,
73 pub struct AvailableBalances {
74 /// The amount that would go to us if we close the channel, ignoring any on-chain fees.
75 pub balance_msat: u64,
76 /// Total amount available for our counterparty to send to us.
77 pub inbound_capacity_msat: u64,
78 /// Total amount available for us to send to our counterparty.
79 pub outbound_capacity_msat: u64,
80 /// The maximum value we can assign to the next outbound HTLC
81 pub next_outbound_htlc_limit_msat: u64,
82 /// The minimum value we can assign to the next outbound HTLC
83 pub next_outbound_htlc_minimum_msat: u64,
86 #[derive(Debug, Clone, Copy, PartialEq)]
88 // Inbound states mirroring InboundHTLCState
90 AwaitingRemoteRevokeToAnnounce,
91 // Note that we do not have a AwaitingAnnouncedRemoteRevoke variant here as it is universally
92 // handled the same as `Committed`, with the only exception in `InboundHTLCState` being the
93 // distinction of when we allow ourselves to forward the HTLC. Because we aren't "forwarding"
94 // the fee update anywhere, we can simply consider the fee update `Committed` immediately
95 // instead of setting it to AwaitingAnnouncedRemoteRevoke.
97 // Outbound state can only be `LocalAnnounced` or `Committed`
101 enum InboundHTLCRemovalReason {
102 FailRelay(msgs::OnionErrorPacket),
103 FailMalformed(([u8; 32], u16)),
104 Fulfill(PaymentPreimage),
107 /// Represents the resolution status of an inbound HTLC.
109 enum InboundHTLCResolution {
110 /// Resolved implies the action we must take with the inbound HTLC has already been determined,
111 /// i.e., we already know whether it must be failed back or forwarded.
113 // TODO: Once this variant is removed, we should also clean up
114 // [`MonitorRestoreUpdates::accepted_htlcs`] as the path will be unreachable.
116 pending_htlc_status: PendingHTLCStatus,
118 /// Pending implies we will attempt to resolve the inbound HTLC once it has been fully committed
119 /// to by both sides of the channel, i.e., once a `revoke_and_ack` has been processed by both
120 /// nodes for the state update in which it was proposed.
122 update_add_htlc: msgs::UpdateAddHTLC,
126 impl_writeable_tlv_based_enum!(InboundHTLCResolution,
128 (0, pending_htlc_status, required),
131 (0, update_add_htlc, required),
135 enum InboundHTLCState {
136 /// Offered by remote, to be included in next local commitment tx. I.e., the remote sent an
137 /// update_add_htlc message for this HTLC.
138 RemoteAnnounced(InboundHTLCResolution),
139 /// Included in a received commitment_signed message (implying we've
140 /// revoke_and_ack'd it), but the remote hasn't yet revoked their previous
141 /// state (see the example below). We have not yet included this HTLC in a
142 /// commitment_signed message because we are waiting on the remote's
143 /// aforementioned state revocation. One reason this missing remote RAA
144 /// (revoke_and_ack) blocks us from constructing a commitment_signed message
145 /// is because every time we create a new "state", i.e. every time we sign a
146 /// new commitment tx (see [BOLT #2]), we need a new per_commitment_point,
147 /// which are provided one-at-a-time in each RAA. E.g., the last RAA they
148 /// sent provided the per_commitment_point for our current commitment tx.
149 /// The other reason we should not send a commitment_signed without their RAA
150 /// is because their RAA serves to ACK our previous commitment_signed.
152 /// Here's an example of how an HTLC could come to be in this state:
153 /// remote --> update_add_htlc(prev_htlc) --> local
154 /// remote --> commitment_signed(prev_htlc) --> local
155 /// remote <-- revoke_and_ack <-- local
156 /// remote <-- commitment_signed(prev_htlc) <-- local
157 /// [note that here, the remote does not respond with a RAA]
158 /// remote --> update_add_htlc(this_htlc) --> local
159 /// remote --> commitment_signed(prev_htlc, this_htlc) --> local
160 /// Now `this_htlc` will be assigned this state. It's unable to be officially
161 /// accepted, i.e. included in a commitment_signed, because we're missing the
162 /// RAA that provides our next per_commitment_point. The per_commitment_point
163 /// is used to derive commitment keys, which are used to construct the
164 /// signatures in a commitment_signed message.
165 /// Implies AwaitingRemoteRevoke.
167 /// [BOLT #2]: https://github.com/lightning/bolts/blob/master/02-peer-protocol.md
168 AwaitingRemoteRevokeToAnnounce(InboundHTLCResolution),
169 /// Included in a received commitment_signed message (implying we've revoke_and_ack'd it).
170 /// We have also included this HTLC in our latest commitment_signed and are now just waiting
171 /// on the remote's revoke_and_ack to make this HTLC an irrevocable part of the state of the
172 /// channel (before it can then get forwarded and/or removed).
173 /// Implies AwaitingRemoteRevoke.
174 AwaitingAnnouncedRemoteRevoke(InboundHTLCResolution),
176 /// Removed by us and a new commitment_signed was sent (if we were AwaitingRemoteRevoke when we
177 /// created it we would have put it in the holding cell instead). When they next revoke_and_ack
179 /// Note that we have to keep an eye on the HTLC until we've received a broadcastable
180 /// commitment transaction without it as otherwise we'll have to force-close the channel to
181 /// claim it before the timeout (obviously doesn't apply to revoked HTLCs that we can't claim
182 /// anyway). That said, ChannelMonitor does this for us (see
183 /// ChannelMonitor::should_broadcast_holder_commitment_txn) so we actually remove the HTLC from
184 /// our own local state before then, once we're sure that the next commitment_signed and
185 /// ChannelMonitor::provide_latest_local_commitment_tx will not include this HTLC.
186 LocalRemoved(InboundHTLCRemovalReason),
189 /// Exposes the state of pending inbound HTLCs.
191 /// At a high level, an HTLC being forwarded from one Lightning node to another Lightning node goes
192 /// through the following states in the state machine:
193 /// - Announced for addition by the originating node through the update_add_htlc message.
194 /// - Added to the commitment transaction of the receiving node and originating node in turn
195 /// through the exchange of commitment_signed and revoke_and_ack messages.
196 /// - Announced for resolution (fulfillment or failure) by the receiving node through either one of
197 /// the update_fulfill_htlc, update_fail_htlc, and update_fail_malformed_htlc messages.
198 /// - Removed from the commitment transaction of the originating node and receiving node in turn
199 /// through the exchange of commitment_signed and revoke_and_ack messages.
201 /// This can be used to inspect what next message an HTLC is waiting for to advance its state.
202 #[derive(Clone, Debug, PartialEq)]
203 pub enum InboundHTLCStateDetails {
204 /// We have added this HTLC in our commitment transaction by receiving commitment_signed and
205 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
206 /// before this HTLC is included on the remote commitment transaction.
207 AwaitingRemoteRevokeToAdd,
208 /// This HTLC has been included in the commitment_signed and revoke_and_ack messages on both sides
209 /// and is included in both commitment transactions.
211 /// This HTLC is now safe to either forward or be claimed as a payment by us. The HTLC will
212 /// remain in this state until the forwarded upstream HTLC has been resolved and we resolve this
213 /// HTLC correspondingly, or until we claim it as a payment. If it is part of a multipart
214 /// payment, it will only be claimed together with other required parts.
216 /// We have received the preimage for this HTLC and it is being removed by fulfilling it with
217 /// update_fulfill_htlc. This HTLC is still on both commitment transactions, but we are awaiting
218 /// the appropriate revoke_and_ack's from the remote before this HTLC is removed from the remote
219 /// commitment transaction after update_fulfill_htlc.
220 AwaitingRemoteRevokeToRemoveFulfill,
221 /// The HTLC is being removed by failing it with update_fail_htlc or update_fail_malformed_htlc.
222 /// This HTLC is still on both commitment transactions, but we are awaiting the appropriate
223 /// revoke_and_ack's from the remote before this HTLC is removed from the remote commitment
225 AwaitingRemoteRevokeToRemoveFail,
228 impl From<&InboundHTLCState> for Option<InboundHTLCStateDetails> {
229 fn from(state: &InboundHTLCState) -> Option<InboundHTLCStateDetails> {
231 InboundHTLCState::RemoteAnnounced(_) => None,
232 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) =>
233 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
234 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) =>
235 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
236 InboundHTLCState::Committed =>
237 Some(InboundHTLCStateDetails::Committed),
238 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(_)) =>
239 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail),
240 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed(_)) =>
241 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail),
242 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(_)) =>
243 Some(InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFulfill),
248 impl_writeable_tlv_based_enum_upgradable!(InboundHTLCStateDetails,
249 (0, AwaitingRemoteRevokeToAdd) => {},
250 (2, Committed) => {},
251 (4, AwaitingRemoteRevokeToRemoveFulfill) => {},
252 (6, AwaitingRemoteRevokeToRemoveFail) => {};
255 struct InboundHTLCOutput {
259 payment_hash: PaymentHash,
260 state: InboundHTLCState,
263 /// Exposes details around pending inbound HTLCs.
264 #[derive(Clone, Debug, PartialEq)]
265 pub struct InboundHTLCDetails {
267 /// The IDs are incremented by 1 starting from 0 for each offered HTLC.
268 /// They are unique per channel and inbound/outbound direction, unless an HTLC was only announced
269 /// and not part of any commitment transaction.
271 /// The amount in msat.
272 pub amount_msat: u64,
273 /// The block height at which this HTLC expires.
274 pub cltv_expiry: u32,
275 /// The payment hash.
276 pub payment_hash: PaymentHash,
277 /// The state of the HTLC in the state machine.
279 /// Determines on which commitment transactions the HTLC is included and what message the HTLC is
280 /// waiting for to advance to the next state.
282 /// See [`InboundHTLCStateDetails`] for information on the specific states.
284 /// LDK will always fill this field in, but when downgrading to prior versions of LDK, new
285 /// states may result in `None` here.
286 pub state: Option<InboundHTLCStateDetails>,
287 /// Whether the HTLC has an output below the local dust limit. If so, the output will be trimmed
288 /// from the local commitment transaction and added to the commitment transaction fee.
289 /// For non-anchor channels, this takes into account the cost of the second-stage HTLC
290 /// transactions as well.
292 /// When the local commitment transaction is broadcasted as part of a unilateral closure,
293 /// the value of this HTLC will therefore not be claimable but instead burned as a transaction
296 /// Note that dust limits are specific to each party. An HTLC can be dust for the local
297 /// commitment transaction but not for the counterparty's commitment transaction and vice versa.
301 impl_writeable_tlv_based!(InboundHTLCDetails, {
302 (0, htlc_id, required),
303 (2, amount_msat, required),
304 (4, cltv_expiry, required),
305 (6, payment_hash, required),
306 (7, state, upgradable_option),
307 (8, is_dust, required),
310 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
311 enum OutboundHTLCState {
312 /// Added by us and included in a commitment_signed (if we were AwaitingRemoteRevoke when we
313 /// created it we would have put it in the holding cell instead). When they next revoke_and_ack
314 /// we will promote to Committed (note that they may not accept it until the next time we
315 /// revoke, but we don't really care about that:
316 /// * they've revoked, so worst case we can announce an old state and get our (option on)
317 /// money back (though we won't), and,
318 /// * we'll send them a revoke when they send a commitment_signed, and since only they're
319 /// allowed to remove it, the "can only be removed once committed on both sides" requirement
320 /// doesn't matter to us and it's up to them to enforce it, worst-case they jump ahead but
321 /// we'll never get out of sync).
322 /// Note that we Box the OnionPacket as it's rather large and we don't want to blow up
323 /// OutboundHTLCOutput's size just for a temporary bit
324 LocalAnnounced(Box<msgs::OnionPacket>),
326 /// Remote removed this (outbound) HTLC. We're waiting on their commitment_signed to finalize
327 /// the change (though they'll need to revoke before we fail the payment).
328 RemoteRemoved(OutboundHTLCOutcome),
329 /// Remote removed this and sent a commitment_signed (implying we've revoke_and_ack'ed it), but
330 /// the remote side hasn't yet revoked their previous state, which we need them to do before we
331 /// can do any backwards failing. Implies AwaitingRemoteRevoke.
332 /// We also have not yet removed this HTLC in a commitment_signed message, and are waiting on a
333 /// remote revoke_and_ack on a previous state before we can do so.
334 AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome),
335 /// Remote removed this and sent a commitment_signed (implying we've revoke_and_ack'ed it), but
336 /// the remote side hasn't yet revoked their previous state, which we need them to do before we
337 /// can do any backwards failing. Implies AwaitingRemoteRevoke.
338 /// We have removed this HTLC in our latest commitment_signed and are now just waiting on a
339 /// revoke_and_ack to drop completely.
340 AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome),
343 /// Exposes the state of pending outbound HTLCs.
345 /// At a high level, an HTLC being forwarded from one Lightning node to another Lightning node goes
346 /// through the following states in the state machine:
347 /// - Announced for addition by the originating node through the update_add_htlc message.
348 /// - Added to the commitment transaction of the receiving node and originating node in turn
349 /// through the exchange of commitment_signed and revoke_and_ack messages.
350 /// - Announced for resolution (fulfillment or failure) by the receiving node through either one of
351 /// the update_fulfill_htlc, update_fail_htlc, and update_fail_malformed_htlc messages.
352 /// - Removed from the commitment transaction of the originating node and receiving node in turn
353 /// through the exchange of commitment_signed and revoke_and_ack messages.
355 /// This can be used to inspect what next message an HTLC is waiting for to advance its state.
356 #[derive(Clone, Debug, PartialEq)]
357 pub enum OutboundHTLCStateDetails {
358 /// We are awaiting the appropriate revoke_and_ack's from the remote before the HTLC is added
359 /// on the remote's commitment transaction after update_add_htlc.
360 AwaitingRemoteRevokeToAdd,
361 /// The HTLC has been added to the remote's commitment transaction by sending commitment_signed
362 /// and receiving revoke_and_ack in return.
364 /// The HTLC will remain in this state until the remote node resolves the HTLC, or until we
365 /// unilaterally close the channel due to a timeout with an uncooperative remote node.
367 /// The HTLC has been fulfilled successfully by the remote with a preimage in update_fulfill_htlc,
368 /// and we removed the HTLC from our commitment transaction by receiving commitment_signed and
369 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
370 /// for the removal from its commitment transaction.
371 AwaitingRemoteRevokeToRemoveSuccess,
372 /// The HTLC has been failed by the remote with update_fail_htlc or update_fail_malformed_htlc,
373 /// and we removed the HTLC from our commitment transaction by receiving commitment_signed and
374 /// returning revoke_and_ack. We are awaiting the appropriate revoke_and_ack's from the remote
375 /// for the removal from its commitment transaction.
376 AwaitingRemoteRevokeToRemoveFailure,
379 impl From<&OutboundHTLCState> for OutboundHTLCStateDetails {
380 fn from(state: &OutboundHTLCState) -> OutboundHTLCStateDetails {
382 OutboundHTLCState::LocalAnnounced(_) =>
383 OutboundHTLCStateDetails::AwaitingRemoteRevokeToAdd,
384 OutboundHTLCState::Committed =>
385 OutboundHTLCStateDetails::Committed,
386 // RemoteRemoved states are ignored as the state is transient and the remote has not committed to
388 OutboundHTLCState::RemoteRemoved(_) =>
389 OutboundHTLCStateDetails::Committed,
390 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_)) =>
391 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveSuccess,
392 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Failure(_)) =>
393 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFailure,
394 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) =>
395 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveSuccess,
396 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Failure(_)) =>
397 OutboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFailure,
402 impl_writeable_tlv_based_enum_upgradable!(OutboundHTLCStateDetails,
403 (0, AwaitingRemoteRevokeToAdd) => {},
404 (2, Committed) => {},
405 (4, AwaitingRemoteRevokeToRemoveSuccess) => {},
406 (6, AwaitingRemoteRevokeToRemoveFailure) => {};
410 #[cfg_attr(test, derive(Debug, PartialEq))]
411 enum OutboundHTLCOutcome {
412 /// LDK version 0.0.105+ will always fill in the preimage here.
413 Success(Option<PaymentPreimage>),
414 Failure(HTLCFailReason),
417 impl From<Option<HTLCFailReason>> for OutboundHTLCOutcome {
418 fn from(o: Option<HTLCFailReason>) -> Self {
420 None => OutboundHTLCOutcome::Success(None),
421 Some(r) => OutboundHTLCOutcome::Failure(r)
426 impl<'a> Into<Option<&'a HTLCFailReason>> for &'a OutboundHTLCOutcome {
427 fn into(self) -> Option<&'a HTLCFailReason> {
429 OutboundHTLCOutcome::Success(_) => None,
430 OutboundHTLCOutcome::Failure(ref r) => Some(r)
435 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
436 struct OutboundHTLCOutput {
440 payment_hash: PaymentHash,
441 state: OutboundHTLCState,
443 blinding_point: Option<PublicKey>,
444 skimmed_fee_msat: Option<u64>,
447 /// Exposes details around pending outbound HTLCs.
448 #[derive(Clone, Debug, PartialEq)]
449 pub struct OutboundHTLCDetails {
451 /// The IDs are incremented by 1 starting from 0 for each offered HTLC.
452 /// They are unique per channel and inbound/outbound direction, unless an HTLC was only announced
453 /// and not part of any commitment transaction.
455 /// Not present when we are awaiting a remote revocation and the HTLC is not added yet.
456 pub htlc_id: Option<u64>,
457 /// The amount in msat.
458 pub amount_msat: u64,
459 /// The block height at which this HTLC expires.
460 pub cltv_expiry: u32,
461 /// The payment hash.
462 pub payment_hash: PaymentHash,
463 /// The state of the HTLC in the state machine.
465 /// Determines on which commitment transactions the HTLC is included and what message the HTLC is
466 /// waiting for to advance to the next state.
468 /// See [`OutboundHTLCStateDetails`] for information on the specific states.
470 /// LDK will always fill this field in, but when downgrading to prior versions of LDK, new
471 /// states may result in `None` here.
472 pub state: Option<OutboundHTLCStateDetails>,
473 /// The extra fee being skimmed off the top of this HTLC.
474 pub skimmed_fee_msat: Option<u64>,
475 /// Whether the HTLC has an output below the local dust limit. If so, the output will be trimmed
476 /// from the local commitment transaction and added to the commitment transaction fee.
477 /// For non-anchor channels, this takes into account the cost of the second-stage HTLC
478 /// transactions as well.
480 /// When the local commitment transaction is broadcasted as part of a unilateral closure,
481 /// the value of this HTLC will therefore not be claimable but instead burned as a transaction
484 /// Note that dust limits are specific to each party. An HTLC can be dust for the local
485 /// commitment transaction but not for the counterparty's commitment transaction and vice versa.
489 impl_writeable_tlv_based!(OutboundHTLCDetails, {
490 (0, htlc_id, required),
491 (2, amount_msat, required),
492 (4, cltv_expiry, required),
493 (6, payment_hash, required),
494 (7, state, upgradable_option),
495 (8, skimmed_fee_msat, required),
496 (10, is_dust, required),
499 /// See AwaitingRemoteRevoke ChannelState for more info
500 #[cfg_attr(test, derive(Clone, Debug, PartialEq))]
501 enum HTLCUpdateAwaitingACK {
502 AddHTLC { // TODO: Time out if we're getting close to cltv_expiry
506 payment_hash: PaymentHash,
508 onion_routing_packet: msgs::OnionPacket,
509 // The extra fee we're skimming off the top of this HTLC.
510 skimmed_fee_msat: Option<u64>,
511 blinding_point: Option<PublicKey>,
514 payment_preimage: PaymentPreimage,
519 err_packet: msgs::OnionErrorPacket,
524 sha256_of_onion: [u8; 32],
528 macro_rules! define_state_flags {
529 ($flag_type_doc: expr, $flag_type: ident, [$(($flag_doc: expr, $flag: ident, $value: expr, $get: ident, $set: ident, $clear: ident)),+], $extra_flags: expr) => {
530 #[doc = $flag_type_doc]
531 #[derive(Copy, Clone, Debug, PartialEq, PartialOrd, Eq)]
532 struct $flag_type(u32);
537 const $flag: $flag_type = $flag_type($value);
540 /// All flags that apply to the specified [`ChannelState`] variant.
542 const ALL: $flag_type = Self($(Self::$flag.0 | )* $extra_flags);
545 fn new() -> Self { Self(0) }
548 fn from_u32(flags: u32) -> Result<Self, ()> {
549 if flags & !Self::ALL.0 != 0 {
552 Ok($flag_type(flags))
557 fn is_empty(&self) -> bool { self.0 == 0 }
559 fn is_set(&self, flag: Self) -> bool { *self & flag == flag }
561 fn set(&mut self, flag: Self) { *self |= flag }
563 fn clear(&mut self, flag: Self) -> Self { self.0 &= !flag.0; *self }
567 define_state_flags!($flag_type, Self::$flag, $get, $set, $clear);
570 impl core::ops::BitOr for $flag_type {
572 fn bitor(self, rhs: Self) -> Self::Output { Self(self.0 | rhs.0) }
574 impl core::ops::BitOrAssign for $flag_type {
575 fn bitor_assign(&mut self, rhs: Self) { self.0 |= rhs.0; }
577 impl core::ops::BitAnd for $flag_type {
579 fn bitand(self, rhs: Self) -> Self::Output { Self(self.0 & rhs.0) }
581 impl core::ops::BitAndAssign for $flag_type {
582 fn bitand_assign(&mut self, rhs: Self) { self.0 &= rhs.0; }
585 ($flag_type_doc: expr, $flag_type: ident, $flags: tt) => {
586 define_state_flags!($flag_type_doc, $flag_type, $flags, 0);
588 ($flag_type: ident, $flag: expr, $get: ident, $set: ident, $clear: ident) => {
591 fn $get(&self) -> bool { self.is_set($flag_type::new() | $flag) }
593 fn $set(&mut self) { self.set($flag_type::new() | $flag) }
595 fn $clear(&mut self) -> Self { self.clear($flag_type::new() | $flag) }
598 ($flag_type_doc: expr, FUNDED_STATE, $flag_type: ident, $flags: tt) => {
599 define_state_flags!($flag_type_doc, $flag_type, $flags, FundedStateFlags::ALL.0);
601 define_state_flags!($flag_type, FundedStateFlags::PEER_DISCONNECTED,
602 is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected);
603 define_state_flags!($flag_type, FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS,
604 is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress);
605 define_state_flags!($flag_type, FundedStateFlags::REMOTE_SHUTDOWN_SENT,
606 is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent);
607 define_state_flags!($flag_type, FundedStateFlags::LOCAL_SHUTDOWN_SENT,
608 is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent);
610 impl core::ops::BitOr<FundedStateFlags> for $flag_type {
612 fn bitor(self, rhs: FundedStateFlags) -> Self::Output { Self(self.0 | rhs.0) }
614 impl core::ops::BitOrAssign<FundedStateFlags> for $flag_type {
615 fn bitor_assign(&mut self, rhs: FundedStateFlags) { self.0 |= rhs.0; }
617 impl core::ops::BitAnd<FundedStateFlags> for $flag_type {
619 fn bitand(self, rhs: FundedStateFlags) -> Self::Output { Self(self.0 & rhs.0) }
621 impl core::ops::BitAndAssign<FundedStateFlags> for $flag_type {
622 fn bitand_assign(&mut self, rhs: FundedStateFlags) { self.0 &= rhs.0; }
624 impl PartialEq<FundedStateFlags> for $flag_type {
625 fn eq(&self, other: &FundedStateFlags) -> bool { self.0 == other.0 }
627 impl From<FundedStateFlags> for $flag_type {
628 fn from(flags: FundedStateFlags) -> Self { Self(flags.0) }
633 /// We declare all the states/flags here together to help determine which bits are still available
636 pub const OUR_INIT_SENT: u32 = 1 << 0;
637 pub const THEIR_INIT_SENT: u32 = 1 << 1;
638 pub const FUNDING_NEGOTIATED: u32 = 1 << 2;
639 pub const AWAITING_CHANNEL_READY: u32 = 1 << 3;
640 pub const THEIR_CHANNEL_READY: u32 = 1 << 4;
641 pub const OUR_CHANNEL_READY: u32 = 1 << 5;
642 pub const CHANNEL_READY: u32 = 1 << 6;
643 pub const PEER_DISCONNECTED: u32 = 1 << 7;
644 pub const MONITOR_UPDATE_IN_PROGRESS: u32 = 1 << 8;
645 pub const AWAITING_REMOTE_REVOKE: u32 = 1 << 9;
646 pub const REMOTE_SHUTDOWN_SENT: u32 = 1 << 10;
647 pub const LOCAL_SHUTDOWN_SENT: u32 = 1 << 11;
648 pub const SHUTDOWN_COMPLETE: u32 = 1 << 12;
649 pub const WAITING_FOR_BATCH: u32 = 1 << 13;
653 "Flags that apply to all [`ChannelState`] variants in which the channel is funded.",
655 ("Indicates the remote side is considered \"disconnected\" and no updates are allowed \
656 until after we've done a `channel_reestablish` dance.", PEER_DISCONNECTED, state_flags::PEER_DISCONNECTED,
657 is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected),
658 ("Indicates the user has told us a `ChannelMonitor` update is pending async persistence \
659 somewhere and we should pause sending any outbound messages until they've managed to \
660 complete it.", MONITOR_UPDATE_IN_PROGRESS, state_flags::MONITOR_UPDATE_IN_PROGRESS,
661 is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress),
662 ("Indicates we received a `shutdown` message from the remote end. If set, they may not add \
663 any new HTLCs to the channel, and we are expected to respond with our own `shutdown` \
664 message when possible.", REMOTE_SHUTDOWN_SENT, state_flags::REMOTE_SHUTDOWN_SENT,
665 is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent),
666 ("Indicates we sent a `shutdown` message. At this point, we may not add any new HTLCs to \
667 the channel.", LOCAL_SHUTDOWN_SENT, state_flags::LOCAL_SHUTDOWN_SENT,
668 is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent)
673 "Flags that only apply to [`ChannelState::NegotiatingFunding`].",
674 NegotiatingFundingFlags, [
675 ("Indicates we have (or are prepared to) send our `open_channel`/`accept_channel` message.",
676 OUR_INIT_SENT, state_flags::OUR_INIT_SENT, is_our_init_sent, set_our_init_sent, clear_our_init_sent),
677 ("Indicates we have received their `open_channel`/`accept_channel` message.",
678 THEIR_INIT_SENT, state_flags::THEIR_INIT_SENT, is_their_init_sent, set_their_init_sent, clear_their_init_sent)
683 "Flags that only apply to [`ChannelState::AwaitingChannelReady`].",
684 FUNDED_STATE, AwaitingChannelReadyFlags, [
685 ("Indicates they sent us a `channel_ready` message. Once both `THEIR_CHANNEL_READY` and \
686 `OUR_CHANNEL_READY` are set, our state moves on to `ChannelReady`.",
687 THEIR_CHANNEL_READY, state_flags::THEIR_CHANNEL_READY,
688 is_their_channel_ready, set_their_channel_ready, clear_their_channel_ready),
689 ("Indicates we sent them a `channel_ready` message. Once both `THEIR_CHANNEL_READY` and \
690 `OUR_CHANNEL_READY` are set, our state moves on to `ChannelReady`.",
691 OUR_CHANNEL_READY, state_flags::OUR_CHANNEL_READY,
692 is_our_channel_ready, set_our_channel_ready, clear_our_channel_ready),
693 ("Indicates the channel was funded in a batch and the broadcast of the funding transaction \
694 is being held until all channels in the batch have received `funding_signed` and have \
695 their monitors persisted.", WAITING_FOR_BATCH, state_flags::WAITING_FOR_BATCH,
696 is_waiting_for_batch, set_waiting_for_batch, clear_waiting_for_batch)
701 "Flags that only apply to [`ChannelState::ChannelReady`].",
702 FUNDED_STATE, ChannelReadyFlags, [
703 ("Indicates that we have sent a `commitment_signed` but are awaiting the responding \
704 `revoke_and_ack` message. During this period, we can't generate new `commitment_signed` \
705 messages as we'd be unable to determine which HTLCs they included in their `revoke_and_ack` \
706 implicit ACK, so instead we have to hold them away temporarily to be sent later.",
707 AWAITING_REMOTE_REVOKE, state_flags::AWAITING_REMOTE_REVOKE,
708 is_awaiting_remote_revoke, set_awaiting_remote_revoke, clear_awaiting_remote_revoke)
712 // Note that the order of this enum is implicitly defined by where each variant is placed. Take this
713 // into account when introducing new states and update `test_channel_state_order` accordingly.
714 #[derive(Copy, Clone, Debug, PartialEq, PartialOrd, Eq)]
716 /// We are negotiating the parameters required for the channel prior to funding it.
717 NegotiatingFunding(NegotiatingFundingFlags),
718 /// We have sent `funding_created` and are awaiting a `funding_signed` to advance to
719 /// `AwaitingChannelReady`. Note that this is nonsense for an inbound channel as we immediately generate
720 /// `funding_signed` upon receipt of `funding_created`, so simply skip this state.
722 /// We've received/sent `funding_created` and `funding_signed` and are thus now waiting on the
723 /// funding transaction to confirm.
724 AwaitingChannelReady(AwaitingChannelReadyFlags),
725 /// Both we and our counterparty consider the funding transaction confirmed and the channel is
727 ChannelReady(ChannelReadyFlags),
728 /// We've successfully negotiated a `closing_signed` dance. At this point, the `ChannelManager`
729 /// is about to drop us, but we store this anyway.
733 macro_rules! impl_state_flag {
734 ($get: ident, $set: ident, $clear: ident, [$($state: ident),+]) => {
736 fn $get(&self) -> bool {
739 ChannelState::$state(flags) => flags.$get(),
748 ChannelState::$state(flags) => flags.$set(),
750 _ => debug_assert!(false, "Attempted to set flag on unexpected ChannelState"),
754 fn $clear(&mut self) {
757 ChannelState::$state(flags) => { let _ = flags.$clear(); },
759 _ => debug_assert!(false, "Attempted to clear flag on unexpected ChannelState"),
763 ($get: ident, $set: ident, $clear: ident, FUNDED_STATES) => {
764 impl_state_flag!($get, $set, $clear, [AwaitingChannelReady, ChannelReady]);
766 ($get: ident, $set: ident, $clear: ident, $state: ident) => {
767 impl_state_flag!($get, $set, $clear, [$state]);
772 fn from_u32(state: u32) -> Result<Self, ()> {
774 state_flags::FUNDING_NEGOTIATED => Ok(ChannelState::FundingNegotiated),
775 state_flags::SHUTDOWN_COMPLETE => Ok(ChannelState::ShutdownComplete),
777 if val & state_flags::AWAITING_CHANNEL_READY == state_flags::AWAITING_CHANNEL_READY {
778 AwaitingChannelReadyFlags::from_u32(val & !state_flags::AWAITING_CHANNEL_READY)
779 .map(|flags| ChannelState::AwaitingChannelReady(flags))
780 } else if val & state_flags::CHANNEL_READY == state_flags::CHANNEL_READY {
781 ChannelReadyFlags::from_u32(val & !state_flags::CHANNEL_READY)
782 .map(|flags| ChannelState::ChannelReady(flags))
783 } else if let Ok(flags) = NegotiatingFundingFlags::from_u32(val) {
784 Ok(ChannelState::NegotiatingFunding(flags))
792 fn to_u32(&self) -> u32 {
794 ChannelState::NegotiatingFunding(flags) => flags.0,
795 ChannelState::FundingNegotiated => state_flags::FUNDING_NEGOTIATED,
796 ChannelState::AwaitingChannelReady(flags) => state_flags::AWAITING_CHANNEL_READY | flags.0,
797 ChannelState::ChannelReady(flags) => state_flags::CHANNEL_READY | flags.0,
798 ChannelState::ShutdownComplete => state_flags::SHUTDOWN_COMPLETE,
802 fn is_pre_funded_state(&self) -> bool {
803 matches!(self, ChannelState::NegotiatingFunding(_)|ChannelState::FundingNegotiated)
806 fn is_both_sides_shutdown(&self) -> bool {
807 self.is_local_shutdown_sent() && self.is_remote_shutdown_sent()
810 fn with_funded_state_flags_mask(&self) -> FundedStateFlags {
812 ChannelState::AwaitingChannelReady(flags) => FundedStateFlags((*flags & FundedStateFlags::ALL).0),
813 ChannelState::ChannelReady(flags) => FundedStateFlags((*flags & FundedStateFlags::ALL).0),
814 _ => FundedStateFlags::new(),
818 fn can_generate_new_commitment(&self) -> bool {
820 ChannelState::ChannelReady(flags) =>
821 !flags.is_set(ChannelReadyFlags::AWAITING_REMOTE_REVOKE) &&
822 !flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into()) &&
823 !flags.is_set(FundedStateFlags::PEER_DISCONNECTED.into()),
825 debug_assert!(false, "Can only generate new commitment within ChannelReady");
831 impl_state_flag!(is_peer_disconnected, set_peer_disconnected, clear_peer_disconnected, FUNDED_STATES);
832 impl_state_flag!(is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress, FUNDED_STATES);
833 impl_state_flag!(is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent, FUNDED_STATES);
834 impl_state_flag!(is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent, FUNDED_STATES);
835 impl_state_flag!(is_our_channel_ready, set_our_channel_ready, clear_our_channel_ready, AwaitingChannelReady);
836 impl_state_flag!(is_their_channel_ready, set_their_channel_ready, clear_their_channel_ready, AwaitingChannelReady);
837 impl_state_flag!(is_waiting_for_batch, set_waiting_for_batch, clear_waiting_for_batch, AwaitingChannelReady);
838 impl_state_flag!(is_awaiting_remote_revoke, set_awaiting_remote_revoke, clear_awaiting_remote_revoke, ChannelReady);
841 pub const INITIAL_COMMITMENT_NUMBER: u64 = (1 << 48) - 1;
843 pub const DEFAULT_MAX_HTLCS: u16 = 50;
845 pub(crate) fn commitment_tx_base_weight(channel_type_features: &ChannelTypeFeatures) -> u64 {
846 const COMMITMENT_TX_BASE_WEIGHT: u64 = 724;
847 const COMMITMENT_TX_BASE_ANCHOR_WEIGHT: u64 = 1124;
848 if channel_type_features.supports_anchors_zero_fee_htlc_tx() { COMMITMENT_TX_BASE_ANCHOR_WEIGHT } else { COMMITMENT_TX_BASE_WEIGHT }
852 const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172;
854 pub const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172;
856 pub const ANCHOR_OUTPUT_VALUE_SATOSHI: u64 = 330;
858 /// The percentage of the channel value `holder_max_htlc_value_in_flight_msat` used to be set to,
859 /// before this was made configurable. The percentage was made configurable in LDK 0.0.107,
860 /// although LDK 0.0.104+ enabled serialization of channels with a different value set for
861 /// `holder_max_htlc_value_in_flight_msat`.
862 pub const MAX_IN_FLIGHT_PERCENT_LEGACY: u8 = 10;
864 /// Maximum `funding_satoshis` value according to the BOLT #2 specification, if
865 /// `option_support_large_channel` (aka wumbo channels) is not supported.
867 pub const MAX_FUNDING_SATOSHIS_NO_WUMBO: u64 = (1 << 24) - 1;
869 /// Total bitcoin supply in satoshis.
870 pub const TOTAL_BITCOIN_SUPPLY_SATOSHIS: u64 = 21_000_000 * 1_0000_0000;
872 /// The maximum network dust limit for standard script formats. This currently represents the
873 /// minimum output value for a P2SH output before Bitcoin Core 22 considers the entire
874 /// transaction non-standard and thus refuses to relay it.
875 /// We also use this as the maximum counterparty `dust_limit_satoshis` allowed, given many
876 /// implementations use this value for their dust limit today.
877 pub const MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS: u64 = 546;
879 /// The maximum channel dust limit we will accept from our counterparty.
880 pub const MAX_CHAN_DUST_LIMIT_SATOSHIS: u64 = MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS;
882 /// The dust limit is used for both the commitment transaction outputs as well as the closing
883 /// transactions. For cooperative closing transactions, we require segwit outputs, though accept
884 /// *any* segwit scripts, which are allowed to be up to 42 bytes in length.
885 /// In order to avoid having to concern ourselves with standardness during the closing process, we
886 /// simply require our counterparty to use a dust limit which will leave any segwit output
888 /// See <https://github.com/lightning/bolts/issues/905> for more details.
889 pub const MIN_CHAN_DUST_LIMIT_SATOSHIS: u64 = 354;
891 // Just a reasonable implementation-specific safe lower bound, higher than the dust limit.
892 pub const MIN_THEIR_CHAN_RESERVE_SATOSHIS: u64 = 1000;
894 /// Used to return a simple Error back to ChannelManager. Will get converted to a
895 /// msgs::ErrorAction::SendErrorMessage or msgs::ErrorAction::IgnoreError as appropriate with our
896 /// channel_id in ChannelManager.
897 pub(super) enum ChannelError {
903 impl fmt::Debug for ChannelError {
904 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
906 &ChannelError::Ignore(ref e) => write!(f, "Ignore : {}", e),
907 &ChannelError::Warn(ref e) => write!(f, "Warn : {}", e),
908 &ChannelError::Close(ref e) => write!(f, "Close : {}", e),
913 impl fmt::Display for ChannelError {
914 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
916 &ChannelError::Ignore(ref e) => write!(f, "{}", e),
917 &ChannelError::Warn(ref e) => write!(f, "{}", e),
918 &ChannelError::Close(ref e) => write!(f, "{}", e),
923 pub(super) struct WithChannelContext<'a, L: Deref> where L::Target: Logger {
925 pub peer_id: Option<PublicKey>,
926 pub channel_id: Option<ChannelId>,
929 impl<'a, L: Deref> Logger for WithChannelContext<'a, L> where L::Target: Logger {
930 fn log(&self, mut record: Record) {
931 record.peer_id = self.peer_id;
932 record.channel_id = self.channel_id;
933 self.logger.log(record)
937 impl<'a, 'b, L: Deref> WithChannelContext<'a, L>
938 where L::Target: Logger {
939 pub(super) fn from<S: Deref>(logger: &'a L, context: &'b ChannelContext<S>) -> Self
940 where S::Target: SignerProvider
944 peer_id: Some(context.counterparty_node_id),
945 channel_id: Some(context.channel_id),
950 macro_rules! secp_check {
951 ($res: expr, $err: expr) => {
954 Err(_) => return Err(ChannelError::Close($err)),
959 /// The "channel disabled" bit in channel_update must be set based on whether we are connected to
960 /// our counterparty or not. However, we don't want to announce updates right away to avoid
961 /// spamming the network with updates if the connection is flapping. Instead, we "stage" updates to
962 /// our channel_update message and track the current state here.
963 /// See implementation at [`super::channelmanager::ChannelManager::timer_tick_occurred`].
964 #[derive(Clone, Copy, PartialEq)]
965 pub(super) enum ChannelUpdateStatus {
966 /// We've announced the channel as enabled and are connected to our peer.
968 /// Our channel is no longer live, but we haven't announced the channel as disabled yet.
970 /// Our channel is live again, but we haven't announced the channel as enabled yet.
972 /// We've announced the channel as disabled.
976 /// We track when we sent an `AnnouncementSignatures` to our peer in a few states, described here.
978 pub enum AnnouncementSigsState {
979 /// We have not sent our peer an `AnnouncementSignatures` yet, or our peer disconnected since
980 /// we sent the last `AnnouncementSignatures`.
982 /// We sent an `AnnouncementSignatures` to our peer since the last time our peer disconnected.
983 /// This state never appears on disk - instead we write `NotSent`.
985 /// We sent a `CommitmentSigned` after the last `AnnouncementSignatures` we sent. Because we
986 /// only ever have a single `CommitmentSigned` pending at once, if we sent one after sending
987 /// `AnnouncementSignatures` then we know the peer received our `AnnouncementSignatures` if
988 /// they send back a `RevokeAndACK`.
989 /// This state never appears on disk - instead we write `NotSent`.
991 /// We received a `RevokeAndACK`, effectively ack-ing our `AnnouncementSignatures`, at this
992 /// point we no longer need to re-send our `AnnouncementSignatures` again on reconnect.
996 /// An enum indicating whether the local or remote side offered a given HTLC.
1002 /// An enum gathering stats on pending HTLCs, either inbound or outbound side.
1005 pending_htlcs_value_msat: u64,
1006 on_counterparty_tx_dust_exposure_msat: u64,
1007 on_holder_tx_dust_exposure_msat: u64,
1008 holding_cell_msat: u64,
1009 on_holder_tx_holding_cell_htlcs_count: u32, // dust HTLCs *non*-included
1012 /// An enum gathering stats on commitment transaction, either local or remote.
1013 struct CommitmentStats<'a> {
1014 tx: CommitmentTransaction, // the transaction info
1015 feerate_per_kw: u32, // the feerate included to build the transaction
1016 total_fee_sat: u64, // the total fee included in the transaction
1017 num_nondust_htlcs: usize, // the number of HTLC outputs (dust HTLCs *non*-included)
1018 htlcs_included: Vec<(HTLCOutputInCommitment, Option<&'a HTLCSource>)>, // the list of HTLCs (dust HTLCs *included*) which were not ignored when building the transaction
1019 local_balance_msat: u64, // local balance before fees *not* considering dust limits
1020 remote_balance_msat: u64, // remote balance before fees *not* considering dust limits
1021 outbound_htlc_preimages: Vec<PaymentPreimage>, // preimages for successful offered HTLCs since last commitment
1022 inbound_htlc_preimages: Vec<PaymentPreimage>, // preimages for successful received HTLCs since last commitment
1025 /// Used when calculating whether we or the remote can afford an additional HTLC.
1026 struct HTLCCandidate {
1028 origin: HTLCInitiator,
1031 impl HTLCCandidate {
1032 fn new(amount_msat: u64, origin: HTLCInitiator) -> Self {
1040 /// A return value enum for get_update_fulfill_htlc. See UpdateFulfillCommitFetch variants for
1042 enum UpdateFulfillFetch {
1044 monitor_update: ChannelMonitorUpdate,
1045 htlc_value_msat: u64,
1046 msg: Option<msgs::UpdateFulfillHTLC>,
1051 /// The return type of get_update_fulfill_htlc_and_commit.
1052 pub enum UpdateFulfillCommitFetch {
1053 /// Indicates the HTLC fulfill is new, and either generated an update_fulfill message, placed
1054 /// it in the holding cell, or re-generated the update_fulfill message after the same claim was
1055 /// previously placed in the holding cell (and has since been removed).
1057 /// The ChannelMonitorUpdate which places the new payment preimage in the channel monitor
1058 monitor_update: ChannelMonitorUpdate,
1059 /// The value of the HTLC which was claimed, in msat.
1060 htlc_value_msat: u64,
1062 /// Indicates the HTLC fulfill is duplicative and already existed either in the holding cell
1063 /// or has been forgotten (presumably previously claimed).
1067 /// The return value of `monitor_updating_restored`
1068 pub(super) struct MonitorRestoreUpdates {
1069 pub raa: Option<msgs::RevokeAndACK>,
1070 pub commitment_update: Option<msgs::CommitmentUpdate>,
1071 pub order: RAACommitmentOrder,
1072 pub accepted_htlcs: Vec<(PendingHTLCInfo, u64)>,
1073 pub failed_htlcs: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
1074 pub finalized_claimed_htlcs: Vec<HTLCSource>,
1075 pub pending_update_adds: Vec<msgs::UpdateAddHTLC>,
1076 pub funding_broadcastable: Option<Transaction>,
1077 pub channel_ready: Option<msgs::ChannelReady>,
1078 pub announcement_sigs: Option<msgs::AnnouncementSignatures>,
1081 /// The return value of `signer_maybe_unblocked`
1083 pub(super) struct SignerResumeUpdates {
1084 pub commitment_update: Option<msgs::CommitmentUpdate>,
1085 pub funding_signed: Option<msgs::FundingSigned>,
1086 pub channel_ready: Option<msgs::ChannelReady>,
1089 /// The return value of `channel_reestablish`
1090 pub(super) struct ReestablishResponses {
1091 pub channel_ready: Option<msgs::ChannelReady>,
1092 pub raa: Option<msgs::RevokeAndACK>,
1093 pub commitment_update: Option<msgs::CommitmentUpdate>,
1094 pub order: RAACommitmentOrder,
1095 pub announcement_sigs: Option<msgs::AnnouncementSignatures>,
1096 pub shutdown_msg: Option<msgs::Shutdown>,
1099 /// The result of a shutdown that should be handled.
1101 pub(crate) struct ShutdownResult {
1102 pub(crate) closure_reason: ClosureReason,
1103 /// A channel monitor update to apply.
1104 pub(crate) monitor_update: Option<(PublicKey, OutPoint, ChannelId, ChannelMonitorUpdate)>,
1105 /// A list of dropped outbound HTLCs that can safely be failed backwards immediately.
1106 pub(crate) dropped_outbound_htlcs: Vec<(HTLCSource, PaymentHash, PublicKey, ChannelId)>,
1107 /// An unbroadcasted batch funding transaction id. The closure of this channel should be
1108 /// propagated to the remainder of the batch.
1109 pub(crate) unbroadcasted_batch_funding_txid: Option<Txid>,
1110 pub(crate) channel_id: ChannelId,
1111 pub(crate) user_channel_id: u128,
1112 pub(crate) channel_capacity_satoshis: u64,
1113 pub(crate) counterparty_node_id: PublicKey,
1114 pub(crate) unbroadcasted_funding_tx: Option<Transaction>,
1115 pub(crate) channel_funding_txo: Option<OutPoint>,
1118 /// If the majority of the channels funds are to the fundee and the initiator holds only just
1119 /// enough funds to cover their reserve value, channels are at risk of getting "stuck". Because the
1120 /// initiator controls the feerate, if they then go to increase the channel fee, they may have no
1121 /// balance but the fundee is unable to send a payment as the increase in fee more than drains
1122 /// their reserve value. Thus, neither side can send a new HTLC and the channel becomes useless.
1123 /// Thus, before sending an HTLC when we are the initiator, we check that the feerate can increase
1124 /// by this multiple without hitting this case, before sending.
1125 /// This multiple is effectively the maximum feerate "jump" we expect until more HTLCs flow over
1126 /// the channel. Sadly, there isn't really a good number for this - if we expect to have no new
1127 /// HTLCs for days we may need this to suffice for feerate increases across days, but that may
1128 /// leave the channel less usable as we hold a bigger reserve.
1129 #[cfg(any(fuzzing, test))]
1130 pub const FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE: u64 = 2;
1131 #[cfg(not(any(fuzzing, test)))]
1132 const FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE: u64 = 2;
1134 /// If we fail to see a funding transaction confirmed on-chain within this many blocks after the
1135 /// channel creation on an inbound channel, we simply force-close and move on.
1136 /// This constant is the one suggested in BOLT 2.
1137 pub(crate) const FUNDING_CONF_DEADLINE_BLOCKS: u32 = 2016;
1139 /// In case of a concurrent update_add_htlc proposed by our counterparty, we might
1140 /// not have enough balance value remaining to cover the onchain cost of this new
1141 /// HTLC weight. If this happens, our counterparty fails the reception of our
1142 /// commitment_signed including this new HTLC due to infringement on the channel
1144 /// To prevent this case, we compute our outbound update_fee with an HTLC buffer of
1145 /// size 2. However, if the number of concurrent update_add_htlc is higher, this still
1146 /// leads to a channel force-close. Ultimately, this is an issue coming from the
1147 /// design of LN state machines, allowing asynchronous updates.
1148 pub(crate) const CONCURRENT_INBOUND_HTLC_FEE_BUFFER: u32 = 2;
1150 /// When a channel is opened, we check that the funding amount is enough to pay for relevant
1151 /// commitment transaction fees, with at least this many HTLCs present on the commitment
1152 /// transaction (not counting the value of the HTLCs themselves).
1153 pub(crate) const MIN_AFFORDABLE_HTLC_COUNT: usize = 4;
1155 /// When a [`Channel`] has its [`ChannelConfig`] updated, its existing one is stashed for up to this
1156 /// number of ticks to allow forwarding HTLCs by nodes that have yet to receive the new
1157 /// ChannelUpdate prompted by the config update. This value was determined as follows:
1159 /// * The expected interval between ticks (1 minute).
1160 /// * The average convergence delay of updates across the network, i.e., ~300 seconds on average
1161 /// for a node to see an update as seen on `<https://arxiv.org/pdf/2205.12737.pdf>`.
1162 /// * `EXPIRE_PREV_CONFIG_TICKS` = convergence_delay / tick_interval
1163 pub(crate) const EXPIRE_PREV_CONFIG_TICKS: usize = 5;
1165 /// The number of ticks that may elapse while we're waiting for a response to a
1166 /// [`msgs::RevokeAndACK`] or [`msgs::ChannelReestablish`] message before we attempt to disconnect
1169 /// See [`ChannelContext::sent_message_awaiting_response`] for more information.
1170 pub(crate) const DISCONNECT_PEER_AWAITING_RESPONSE_TICKS: usize = 2;
1172 /// The number of ticks that may elapse while we're waiting for an unfunded outbound/inbound channel
1173 /// to be promoted to a [`Channel`] since the unfunded channel was created. An unfunded channel
1174 /// exceeding this age limit will be force-closed and purged from memory.
1175 pub(crate) const UNFUNDED_CHANNEL_AGE_LIMIT_TICKS: usize = 60;
1177 /// Number of blocks needed for an output from a coinbase transaction to be spendable.
1178 pub(crate) const COINBASE_MATURITY: u32 = 100;
1180 struct PendingChannelMonitorUpdate {
1181 update: ChannelMonitorUpdate,
1184 impl_writeable_tlv_based!(PendingChannelMonitorUpdate, {
1185 (0, update, required),
1188 /// The `ChannelPhase` enum describes the current phase in life of a lightning channel with each of
1189 /// its variants containing an appropriate channel struct.
1190 pub(super) enum ChannelPhase<SP: Deref> where SP::Target: SignerProvider {
1191 UnfundedOutboundV1(OutboundV1Channel<SP>),
1192 UnfundedInboundV1(InboundV1Channel<SP>),
1193 #[cfg(dual_funding)]
1194 UnfundedOutboundV2(OutboundV2Channel<SP>),
1195 #[cfg(dual_funding)]
1196 UnfundedInboundV2(InboundV2Channel<SP>),
1197 Funded(Channel<SP>),
1200 impl<'a, SP: Deref> ChannelPhase<SP> where
1201 SP::Target: SignerProvider,
1202 <SP::Target as SignerProvider>::EcdsaSigner: ChannelSigner,
1204 pub fn context(&'a self) -> &'a ChannelContext<SP> {
1206 ChannelPhase::Funded(chan) => &chan.context,
1207 ChannelPhase::UnfundedOutboundV1(chan) => &chan.context,
1208 ChannelPhase::UnfundedInboundV1(chan) => &chan.context,
1209 #[cfg(dual_funding)]
1210 ChannelPhase::UnfundedOutboundV2(chan) => &chan.context,
1211 #[cfg(dual_funding)]
1212 ChannelPhase::UnfundedInboundV2(chan) => &chan.context,
1216 pub fn context_mut(&'a mut self) -> &'a mut ChannelContext<SP> {
1218 ChannelPhase::Funded(ref mut chan) => &mut chan.context,
1219 ChannelPhase::UnfundedOutboundV1(ref mut chan) => &mut chan.context,
1220 ChannelPhase::UnfundedInboundV1(ref mut chan) => &mut chan.context,
1221 #[cfg(dual_funding)]
1222 ChannelPhase::UnfundedOutboundV2(ref mut chan) => &mut chan.context,
1223 #[cfg(dual_funding)]
1224 ChannelPhase::UnfundedInboundV2(ref mut chan) => &mut chan.context,
1229 /// Contains all state common to unfunded inbound/outbound channels.
1230 pub(super) struct UnfundedChannelContext {
1231 /// A counter tracking how many ticks have elapsed since this unfunded channel was
1232 /// created. If this unfunded channel reaches peer has yet to respond after reaching
1233 /// `UNFUNDED_CHANNEL_AGE_LIMIT_TICKS`, it will be force-closed and purged from memory.
1235 /// This is so that we don't keep channels around that haven't progressed to a funded state
1236 /// in a timely manner.
1237 unfunded_channel_age_ticks: usize,
1240 impl UnfundedChannelContext {
1241 /// Determines whether we should force-close and purge this unfunded channel from memory due to it
1242 /// having reached the unfunded channel age limit.
1244 /// This should be called on every [`super::channelmanager::ChannelManager::timer_tick_occurred`].
1245 pub fn should_expire_unfunded_channel(&mut self) -> bool {
1246 self.unfunded_channel_age_ticks += 1;
1247 self.unfunded_channel_age_ticks >= UNFUNDED_CHANNEL_AGE_LIMIT_TICKS
1251 /// Contains everything about the channel including state, and various flags.
1252 pub(super) struct ChannelContext<SP: Deref> where SP::Target: SignerProvider {
1253 config: LegacyChannelConfig,
1255 // Track the previous `ChannelConfig` so that we can continue forwarding HTLCs that were
1256 // constructed using it. The second element in the tuple corresponds to the number of ticks that
1257 // have elapsed since the update occurred.
1258 prev_config: Option<(ChannelConfig, usize)>,
1260 inbound_handshake_limits_override: Option<ChannelHandshakeLimits>,
1264 /// The current channel ID.
1265 channel_id: ChannelId,
1266 /// The temporary channel ID used during channel setup. Value kept even after transitioning to a final channel ID.
1267 /// Will be `None` for channels created prior to 0.0.115.
1268 temporary_channel_id: Option<ChannelId>,
1269 channel_state: ChannelState,
1271 // When we reach max(6 blocks, minimum_depth), we need to send an AnnouncementSigs message to
1272 // our peer. However, we want to make sure they received it, or else rebroadcast it when we
1274 // We do so here, see `AnnouncementSigsSent` for more details on the state(s).
1275 // Note that a number of our tests were written prior to the behavior here which retransmits
1276 // AnnouncementSignatures until after an RAA completes, so the behavior is short-circuited in
1278 #[cfg(any(test, feature = "_test_utils"))]
1279 pub(crate) announcement_sigs_state: AnnouncementSigsState,
1280 #[cfg(not(any(test, feature = "_test_utils")))]
1281 announcement_sigs_state: AnnouncementSigsState,
1283 secp_ctx: Secp256k1<secp256k1::All>,
1284 channel_value_satoshis: u64,
1286 latest_monitor_update_id: u64,
1288 holder_signer: ChannelSignerType<SP>,
1289 shutdown_scriptpubkey: Option<ShutdownScript>,
1290 destination_script: ScriptBuf,
1292 // Our commitment numbers start at 2^48-1 and count down, whereas the ones used in transaction
1293 // generation start at 0 and count up...this simplifies some parts of implementation at the
1294 // cost of others, but should really just be changed.
1296 cur_holder_commitment_transaction_number: u64,
1297 cur_counterparty_commitment_transaction_number: u64,
1298 value_to_self_msat: u64, // Excluding all pending_htlcs, fees, and anchor outputs
1299 pending_inbound_htlcs: Vec<InboundHTLCOutput>,
1300 pending_outbound_htlcs: Vec<OutboundHTLCOutput>,
1301 holding_cell_htlc_updates: Vec<HTLCUpdateAwaitingACK>,
1303 /// When resending CS/RAA messages on channel monitor restoration or on reconnect, we always
1304 /// need to ensure we resend them in the order we originally generated them. Note that because
1305 /// there can only ever be one in-flight CS and/or one in-flight RAA at any time, it is
1306 /// sufficient to simply set this to the opposite of any message we are generating as we
1307 /// generate it. ie when we generate a CS, we set this to RAAFirst as, if there is a pending
1308 /// in-flight RAA to resend, it will have been the first thing we generated, and thus we should
1310 resend_order: RAACommitmentOrder,
1312 monitor_pending_channel_ready: bool,
1313 monitor_pending_revoke_and_ack: bool,
1314 monitor_pending_commitment_signed: bool,
1316 // TODO: If a channel is drop'd, we don't know whether the `ChannelMonitor` is ultimately
1317 // responsible for some of the HTLCs here or not - we don't know whether the update in question
1318 // completed or not. We currently ignore these fields entirely when force-closing a channel,
1319 // but need to handle this somehow or we run the risk of losing HTLCs!
1320 monitor_pending_forwards: Vec<(PendingHTLCInfo, u64)>,
1321 monitor_pending_failures: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
1322 monitor_pending_finalized_fulfills: Vec<HTLCSource>,
1323 monitor_pending_update_adds: Vec<msgs::UpdateAddHTLC>,
1325 /// If we went to send a commitment update (ie some messages then [`msgs::CommitmentSigned`])
1326 /// but our signer (initially) refused to give us a signature, we should retry at some point in
1327 /// the future when the signer indicates it may have a signature for us.
1329 /// This flag is set in such a case. Note that we don't need to persist this as we'll end up
1330 /// setting it again as a side-effect of [`Channel::channel_reestablish`].
1331 signer_pending_commitment_update: bool,
1332 /// Similar to [`Self::signer_pending_commitment_update`] but we're waiting to send either a
1333 /// [`msgs::FundingCreated`] or [`msgs::FundingSigned`] depending on if this channel is
1334 /// outbound or inbound.
1335 signer_pending_funding: bool,
1337 // pending_update_fee is filled when sending and receiving update_fee.
1339 // Because it follows the same commitment flow as HTLCs, `FeeUpdateState` is either `Outbound`
1340 // or matches a subset of the `InboundHTLCOutput` variants. It is then updated/used when
1341 // generating new commitment transactions with exactly the same criteria as inbound/outbound
1342 // HTLCs with similar state.
1343 pending_update_fee: Option<(u32, FeeUpdateState)>,
1344 // If a `send_update_fee()` call is made with ChannelState::AwaitingRemoteRevoke set, we place
1345 // it here instead of `pending_update_fee` in the same way as we place outbound HTLC updates in
1346 // `holding_cell_htlc_updates` instead of `pending_outbound_htlcs`. It is released into
1347 // `pending_update_fee` with the same criteria as outbound HTLC updates but can be updated by
1348 // further `send_update_fee` calls, dropping the previous holding cell update entirely.
1349 holding_cell_update_fee: Option<u32>,
1350 next_holder_htlc_id: u64,
1351 next_counterparty_htlc_id: u64,
1352 feerate_per_kw: u32,
1354 /// The timestamp set on our latest `channel_update` message for this channel. It is updated
1355 /// when the channel is updated in ways which may impact the `channel_update` message or when a
1356 /// new block is received, ensuring it's always at least moderately close to the current real
1358 update_time_counter: u32,
1360 #[cfg(debug_assertions)]
1361 /// Max to_local and to_remote outputs in a locally-generated commitment transaction
1362 holder_max_commitment_tx_output: Mutex<(u64, u64)>,
1363 #[cfg(debug_assertions)]
1364 /// Max to_local and to_remote outputs in a remote-generated commitment transaction
1365 counterparty_max_commitment_tx_output: Mutex<(u64, u64)>,
1367 last_sent_closing_fee: Option<(u64, Signature)>, // (fee, holder_sig)
1368 target_closing_feerate_sats_per_kw: Option<u32>,
1370 /// If our counterparty sent us a closing_signed while we were waiting for a `ChannelMonitor`
1371 /// update, we need to delay processing it until later. We do that here by simply storing the
1372 /// closing_signed message and handling it in `maybe_propose_closing_signed`.
1373 pending_counterparty_closing_signed: Option<msgs::ClosingSigned>,
1375 /// The minimum and maximum absolute fee, in satoshis, we are willing to place on the closing
1376 /// transaction. These are set once we reach `closing_negotiation_ready`.
1378 pub(crate) closing_fee_limits: Option<(u64, u64)>,
1380 closing_fee_limits: Option<(u64, u64)>,
1382 /// If we remove an HTLC (or fee update), commit, and receive our counterparty's
1383 /// `revoke_and_ack`, we remove all knowledge of said HTLC (or fee update). However, the latest
1384 /// local commitment transaction that we can broadcast still contains the HTLC (or old fee)
1385 /// until we receive a further `commitment_signed`. Thus we are not eligible for initiating the
1386 /// `closing_signed` negotiation if we're expecting a counterparty `commitment_signed`.
1388 /// To ensure we don't send a `closing_signed` too early, we track this state here, waiting
1389 /// until we see a `commitment_signed` before doing so.
1391 /// We don't bother to persist this - we anticipate this state won't last longer than a few
1392 /// milliseconds, so any accidental force-closes here should be exceedingly rare.
1393 expecting_peer_commitment_signed: bool,
1395 /// The hash of the block in which the funding transaction was included.
1396 funding_tx_confirmed_in: Option<BlockHash>,
1397 funding_tx_confirmation_height: u32,
1398 short_channel_id: Option<u64>,
1399 /// Either the height at which this channel was created or the height at which it was last
1400 /// serialized if it was serialized by versions prior to 0.0.103.
1401 /// We use this to close if funding is never broadcasted.
1402 channel_creation_height: u32,
1404 counterparty_dust_limit_satoshis: u64,
1407 pub(super) holder_dust_limit_satoshis: u64,
1409 holder_dust_limit_satoshis: u64,
1412 pub(super) counterparty_max_htlc_value_in_flight_msat: u64,
1414 counterparty_max_htlc_value_in_flight_msat: u64,
1417 pub(super) holder_max_htlc_value_in_flight_msat: u64,
1419 holder_max_htlc_value_in_flight_msat: u64,
1421 /// minimum channel reserve for self to maintain - set by them.
1422 counterparty_selected_channel_reserve_satoshis: Option<u64>,
1425 pub(super) holder_selected_channel_reserve_satoshis: u64,
1427 holder_selected_channel_reserve_satoshis: u64,
1429 counterparty_htlc_minimum_msat: u64,
1430 holder_htlc_minimum_msat: u64,
1432 pub counterparty_max_accepted_htlcs: u16,
1434 counterparty_max_accepted_htlcs: u16,
1435 holder_max_accepted_htlcs: u16,
1436 minimum_depth: Option<u32>,
1438 counterparty_forwarding_info: Option<CounterpartyForwardingInfo>,
1440 pub(crate) channel_transaction_parameters: ChannelTransactionParameters,
1441 funding_transaction: Option<Transaction>,
1442 is_batch_funding: Option<()>,
1444 counterparty_cur_commitment_point: Option<PublicKey>,
1445 counterparty_prev_commitment_point: Option<PublicKey>,
1446 counterparty_node_id: PublicKey,
1448 counterparty_shutdown_scriptpubkey: Option<ScriptBuf>,
1450 commitment_secrets: CounterpartyCommitmentSecrets,
1452 channel_update_status: ChannelUpdateStatus,
1453 /// Once we reach `closing_negotiation_ready`, we set this, indicating if closing_signed does
1454 /// not complete within a single timer tick (one minute), we should force-close the channel.
1455 /// This prevents us from keeping unusable channels around forever if our counterparty wishes
1457 /// Note that this field is reset to false on deserialization to give us a chance to connect to
1458 /// our peer and start the closing_signed negotiation fresh.
1459 closing_signed_in_flight: bool,
1461 /// Our counterparty's channel_announcement signatures provided in announcement_signatures.
1462 /// This can be used to rebroadcast the channel_announcement message later.
1463 announcement_sigs: Option<(Signature, Signature)>,
1465 // We save these values so we can make sure `next_local_commit_tx_fee_msat` and
1466 // `next_remote_commit_tx_fee_msat` properly predict what the next commitment transaction fee will
1467 // be, by comparing the cached values to the fee of the tranaction generated by
1468 // `build_commitment_transaction`.
1469 #[cfg(any(test, fuzzing))]
1470 next_local_commitment_tx_fee_info_cached: Mutex<Option<CommitmentTxInfoCached>>,
1471 #[cfg(any(test, fuzzing))]
1472 next_remote_commitment_tx_fee_info_cached: Mutex<Option<CommitmentTxInfoCached>>,
1474 /// lnd has a long-standing bug where, upon reconnection, if the channel is not yet confirmed
1475 /// they will not send a channel_reestablish until the channel locks in. Then, they will send a
1476 /// channel_ready *before* sending the channel_reestablish (which is clearly a violation of
1477 /// the BOLT specs). We copy c-lightning's workaround here and simply store the channel_ready
1478 /// message until we receive a channel_reestablish.
1480 /// See-also <https://github.com/lightningnetwork/lnd/issues/4006>
1481 pub workaround_lnd_bug_4006: Option<msgs::ChannelReady>,
1483 /// An option set when we wish to track how many ticks have elapsed while waiting for a response
1484 /// from our counterparty after sending a message. If the peer has yet to respond after reaching
1485 /// `DISCONNECT_PEER_AWAITING_RESPONSE_TICKS`, a reconnection should be attempted to try to
1486 /// unblock the state machine.
1488 /// This behavior is mostly motivated by a lnd bug in which we don't receive a message we expect
1489 /// to in a timely manner, which may lead to channels becoming unusable and/or force-closed. An
1490 /// example of such can be found at <https://github.com/lightningnetwork/lnd/issues/7682>.
1492 /// This is currently only used when waiting for a [`msgs::ChannelReestablish`] or
1493 /// [`msgs::RevokeAndACK`] message from the counterparty.
1494 sent_message_awaiting_response: Option<usize>,
1496 #[cfg(any(test, fuzzing))]
1497 // When we receive an HTLC fulfill on an outbound path, we may immediately fulfill the
1498 // corresponding HTLC on the inbound path. If, then, the outbound path channel is
1499 // disconnected and reconnected (before we've exchange commitment_signed and revoke_and_ack
1500 // messages), they may re-broadcast their update_fulfill_htlc, causing a duplicate claim. This
1501 // is fine, but as a sanity check in our failure to generate the second claim, we check here
1502 // that the original was a claim, and that we aren't now trying to fulfill a failed HTLC.
1503 historical_inbound_htlc_fulfills: HashSet<u64>,
1505 /// This channel's type, as negotiated during channel open
1506 channel_type: ChannelTypeFeatures,
1508 // Our counterparty can offer us SCID aliases which they will map to this channel when routing
1509 // outbound payments. These can be used in invoice route hints to avoid explicitly revealing
1510 // the channel's funding UTXO.
1512 // We also use this when sending our peer a channel_update that isn't to be broadcasted
1513 // publicly - allowing them to re-use their map of SCID -> channel for channel_update ->
1514 // associated channel mapping.
1516 // We only bother storing the most recent SCID alias at any time, though our counterparty has
1517 // to store all of them.
1518 latest_inbound_scid_alias: Option<u64>,
1520 // We always offer our counterparty a static SCID alias, which we recognize as for this channel
1521 // if we see it in HTLC forwarding instructions. We don't bother rotating the alias given we
1522 // don't currently support node id aliases and eventually privacy should be provided with
1523 // blinded paths instead of simple scid+node_id aliases.
1524 outbound_scid_alias: u64,
1526 // We track whether we already emitted a `ChannelPending` event.
1527 channel_pending_event_emitted: bool,
1529 // We track whether we already emitted a `ChannelReady` event.
1530 channel_ready_event_emitted: bool,
1532 /// Some if we initiated to shut down the channel.
1533 local_initiated_shutdown: Option<()>,
1535 /// The unique identifier used to re-derive the private key material for the channel through
1536 /// [`SignerProvider::derive_channel_signer`].
1538 channel_keys_id: [u8; 32],
1540 pub channel_keys_id: [u8; 32],
1542 /// If we can't release a [`ChannelMonitorUpdate`] until some external action completes, we
1543 /// store it here and only release it to the `ChannelManager` once it asks for it.
1544 blocked_monitor_updates: Vec<PendingChannelMonitorUpdate>,
1547 impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider {
1548 fn new_for_inbound_channel<'a, ES: Deref, F: Deref, L: Deref>(
1549 fee_estimator: &'a LowerBoundedFeeEstimator<F>,
1550 entropy_source: &'a ES,
1551 signer_provider: &'a SP,
1552 counterparty_node_id: PublicKey,
1553 their_features: &'a InitFeatures,
1555 config: &'a UserConfig,
1556 current_chain_height: u32,
1559 our_funding_satoshis: u64,
1560 counterparty_pubkeys: ChannelPublicKeys,
1561 channel_type: ChannelTypeFeatures,
1562 holder_selected_channel_reserve_satoshis: u64,
1563 msg_channel_reserve_satoshis: u64,
1565 open_channel_fields: msgs::CommonOpenChannelFields,
1566 ) -> Result<ChannelContext<SP>, ChannelError>
1568 ES::Target: EntropySource,
1569 F::Target: FeeEstimator,
1571 SP::Target: SignerProvider,
1573 let logger = WithContext::from(logger, Some(counterparty_node_id), Some(open_channel_fields.temporary_channel_id));
1574 let announced_channel = if (open_channel_fields.channel_flags & 1) == 1 { true } else { false };
1576 let channel_value_satoshis = our_funding_satoshis.saturating_add(open_channel_fields.funding_satoshis);
1578 let channel_keys_id = signer_provider.generate_channel_keys_id(true, channel_value_satoshis, user_id);
1579 let holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
1580 let pubkeys = holder_signer.pubkeys().clone();
1582 if config.channel_handshake_config.our_to_self_delay < BREAKDOWN_TIMEOUT {
1583 return Err(ChannelError::Close(format!("Configured with an unreasonable our_to_self_delay ({}) putting user funds at risks. It must be greater than {}", config.channel_handshake_config.our_to_self_delay, BREAKDOWN_TIMEOUT)));
1586 // Check sanity of message fields:
1587 if channel_value_satoshis > config.channel_handshake_limits.max_funding_satoshis {
1588 return Err(ChannelError::Close(format!(
1589 "Per our config, funding must be at most {}. It was {}. Peer contribution: {}. Our contribution: {}",
1590 config.channel_handshake_limits.max_funding_satoshis, channel_value_satoshis,
1591 open_channel_fields.funding_satoshis, our_funding_satoshis)));
1593 if channel_value_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
1594 return Err(ChannelError::Close(format!("Funding must be smaller than the total bitcoin supply. It was {}", channel_value_satoshis)));
1596 if msg_channel_reserve_satoshis > channel_value_satoshis {
1597 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must be no greater than channel_value_satoshis: {}", msg_channel_reserve_satoshis, channel_value_satoshis)));
1599 let full_channel_value_msat = (channel_value_satoshis - msg_channel_reserve_satoshis) * 1000;
1600 if msg_push_msat > full_channel_value_msat {
1601 return Err(ChannelError::Close(format!("push_msat {} was larger than channel amount minus reserve ({})", msg_push_msat, full_channel_value_msat)));
1603 if open_channel_fields.dust_limit_satoshis > channel_value_satoshis {
1604 return Err(ChannelError::Close(format!("dust_limit_satoshis {} was larger than channel_value_satoshis {}. Peer never wants payout outputs?", open_channel_fields.dust_limit_satoshis, channel_value_satoshis)));
1606 if open_channel_fields.htlc_minimum_msat >= full_channel_value_msat {
1607 return Err(ChannelError::Close(format!("Minimum htlc value ({}) was larger than full channel value ({})", open_channel_fields.htlc_minimum_msat, full_channel_value_msat)));
1609 Channel::<SP>::check_remote_fee(&channel_type, fee_estimator, open_channel_fields.commitment_feerate_sat_per_1000_weight, None, &&logger)?;
1611 let max_counterparty_selected_contest_delay = u16::min(config.channel_handshake_limits.their_to_self_delay, MAX_LOCAL_BREAKDOWN_TIMEOUT);
1612 if open_channel_fields.to_self_delay > max_counterparty_selected_contest_delay {
1613 return Err(ChannelError::Close(format!("They wanted our payments to be delayed by a needlessly long period. Upper limit: {}. Actual: {}", max_counterparty_selected_contest_delay, open_channel_fields.to_self_delay)));
1615 if open_channel_fields.max_accepted_htlcs < 1 {
1616 return Err(ChannelError::Close("0 max_accepted_htlcs makes for a useless channel".to_owned()));
1618 if open_channel_fields.max_accepted_htlcs > MAX_HTLCS {
1619 return Err(ChannelError::Close(format!("max_accepted_htlcs was {}. It must not be larger than {}", open_channel_fields.max_accepted_htlcs, MAX_HTLCS)));
1622 // Now check against optional parameters as set by config...
1623 if channel_value_satoshis < config.channel_handshake_limits.min_funding_satoshis {
1624 return Err(ChannelError::Close(format!("Funding satoshis ({}) is less than the user specified limit ({})", channel_value_satoshis, config.channel_handshake_limits.min_funding_satoshis)));
1626 if open_channel_fields.htlc_minimum_msat > config.channel_handshake_limits.max_htlc_minimum_msat {
1627 return Err(ChannelError::Close(format!("htlc_minimum_msat ({}) is higher than the user specified limit ({})", open_channel_fields.htlc_minimum_msat, config.channel_handshake_limits.max_htlc_minimum_msat)));
1629 if open_channel_fields.max_htlc_value_in_flight_msat < config.channel_handshake_limits.min_max_htlc_value_in_flight_msat {
1630 return Err(ChannelError::Close(format!("max_htlc_value_in_flight_msat ({}) is less than the user specified limit ({})", open_channel_fields.max_htlc_value_in_flight_msat, config.channel_handshake_limits.min_max_htlc_value_in_flight_msat)));
1632 if msg_channel_reserve_satoshis > config.channel_handshake_limits.max_channel_reserve_satoshis {
1633 return Err(ChannelError::Close(format!("channel_reserve_satoshis ({}) is higher than the user specified limit ({})", msg_channel_reserve_satoshis, config.channel_handshake_limits.max_channel_reserve_satoshis)));
1635 if open_channel_fields.max_accepted_htlcs < config.channel_handshake_limits.min_max_accepted_htlcs {
1636 return Err(ChannelError::Close(format!("max_accepted_htlcs ({}) is less than the user specified limit ({})", open_channel_fields.max_accepted_htlcs, config.channel_handshake_limits.min_max_accepted_htlcs)));
1638 if open_channel_fields.dust_limit_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1639 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is less than the implementation limit ({})", open_channel_fields.dust_limit_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
1641 if open_channel_fields.dust_limit_satoshis > MAX_CHAN_DUST_LIMIT_SATOSHIS {
1642 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is greater than the implementation limit ({})", open_channel_fields.dust_limit_satoshis, MAX_CHAN_DUST_LIMIT_SATOSHIS)));
1645 // Convert things into internal flags and prep our state:
1647 if config.channel_handshake_limits.force_announced_channel_preference {
1648 if config.channel_handshake_config.announced_channel != announced_channel {
1649 return Err(ChannelError::Close("Peer tried to open channel but their announcement preference is different from ours".to_owned()));
1653 if holder_selected_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1654 // Protocol level safety check in place, although it should never happen because
1655 // of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
1656 return Err(ChannelError::Close(format!("Suitable channel reserve not found. remote_channel_reserve was ({}). dust_limit_satoshis is ({}).", holder_selected_channel_reserve_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
1658 if holder_selected_channel_reserve_satoshis * 1000 >= full_channel_value_msat {
1659 return Err(ChannelError::Close(format!("Suitable channel reserve not found. remote_channel_reserve was ({})msats. Channel value is ({} - {})msats.", holder_selected_channel_reserve_satoshis * 1000, full_channel_value_msat, msg_push_msat)));
1661 if msg_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
1662 log_debug!(logger, "channel_reserve_satoshis ({}) is smaller than our dust limit ({}). We can broadcast stale states without any risk, implying this channel is very insecure for our counterparty.",
1663 msg_channel_reserve_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
1665 if holder_selected_channel_reserve_satoshis < open_channel_fields.dust_limit_satoshis {
1666 return Err(ChannelError::Close(format!("Dust limit ({}) too high for the channel reserve we require the remote to keep ({})", open_channel_fields.dust_limit_satoshis, holder_selected_channel_reserve_satoshis)));
1669 // check if the funder's amount for the initial commitment tx is sufficient
1670 // for full fee payment plus a few HTLCs to ensure the channel will be useful.
1671 let anchor_outputs_value = if channel_type.supports_anchors_zero_fee_htlc_tx() {
1672 ANCHOR_OUTPUT_VALUE_SATOSHI * 2
1676 let funders_amount_msat = open_channel_fields.funding_satoshis * 1000 - msg_push_msat;
1677 let commitment_tx_fee = commit_tx_fee_msat(open_channel_fields.commitment_feerate_sat_per_1000_weight, MIN_AFFORDABLE_HTLC_COUNT, &channel_type) / 1000;
1678 if (funders_amount_msat / 1000).saturating_sub(anchor_outputs_value) < commitment_tx_fee {
1679 return Err(ChannelError::Close(format!("Funding amount ({} sats) can't even pay fee for initial commitment transaction fee of {} sats.", (funders_amount_msat / 1000).saturating_sub(anchor_outputs_value), commitment_tx_fee)));
1682 let to_remote_satoshis = funders_amount_msat / 1000 - commitment_tx_fee - anchor_outputs_value;
1683 // While it's reasonable for us to not meet the channel reserve initially (if they don't
1684 // want to push much to us), our counterparty should always have more than our reserve.
1685 if to_remote_satoshis < holder_selected_channel_reserve_satoshis {
1686 return Err(ChannelError::Close("Insufficient funding amount for initial reserve".to_owned()));
1689 let counterparty_shutdown_scriptpubkey = if their_features.supports_upfront_shutdown_script() {
1690 match &open_channel_fields.shutdown_scriptpubkey {
1691 &Some(ref script) => {
1692 // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
1693 if script.len() == 0 {
1696 if !script::is_bolt2_compliant(&script, their_features) {
1697 return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided an unacceptable scriptpubkey format: {}", script)))
1699 Some(script.clone())
1702 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
1704 return Err(ChannelError::Close("Peer is signaling upfront_shutdown but we don't get any script. Use 0-length script to opt-out".to_owned()));
1709 let shutdown_scriptpubkey = if config.channel_handshake_config.commit_upfront_shutdown_pubkey {
1710 match signer_provider.get_shutdown_scriptpubkey() {
1711 Ok(scriptpubkey) => Some(scriptpubkey),
1712 Err(_) => return Err(ChannelError::Close("Failed to get upfront shutdown scriptpubkey".to_owned())),
1716 if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
1717 if !shutdown_scriptpubkey.is_compatible(&their_features) {
1718 return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer: {}", shutdown_scriptpubkey)));
1722 let destination_script = match signer_provider.get_destination_script(channel_keys_id) {
1723 Ok(script) => script,
1724 Err(_) => return Err(ChannelError::Close("Failed to get destination script".to_owned())),
1727 let mut secp_ctx = Secp256k1::new();
1728 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
1730 let minimum_depth = if is_0conf {
1733 Some(cmp::max(config.channel_handshake_config.minimum_depth, 1))
1736 let value_to_self_msat = our_funding_satoshis * 1000 + msg_push_msat;
1738 // TODO(dual_funding): Checks for `funding_feerate_sat_per_1000_weight`?
1740 let channel_context = ChannelContext {
1743 config: LegacyChannelConfig {
1744 options: config.channel_config.clone(),
1746 commit_upfront_shutdown_pubkey: config.channel_handshake_config.commit_upfront_shutdown_pubkey,
1751 inbound_handshake_limits_override: None,
1753 temporary_channel_id: Some(open_channel_fields.temporary_channel_id),
1754 channel_id: open_channel_fields.temporary_channel_id,
1755 channel_state: ChannelState::NegotiatingFunding(
1756 NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT
1758 announcement_sigs_state: AnnouncementSigsState::NotSent,
1761 latest_monitor_update_id: 0,
1763 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
1764 shutdown_scriptpubkey,
1767 cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1768 cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1771 pending_inbound_htlcs: Vec::new(),
1772 pending_outbound_htlcs: Vec::new(),
1773 holding_cell_htlc_updates: Vec::new(),
1774 pending_update_fee: None,
1775 holding_cell_update_fee: None,
1776 next_holder_htlc_id: 0,
1777 next_counterparty_htlc_id: 0,
1778 update_time_counter: 1,
1780 resend_order: RAACommitmentOrder::CommitmentFirst,
1782 monitor_pending_channel_ready: false,
1783 monitor_pending_revoke_and_ack: false,
1784 monitor_pending_commitment_signed: false,
1785 monitor_pending_forwards: Vec::new(),
1786 monitor_pending_failures: Vec::new(),
1787 monitor_pending_finalized_fulfills: Vec::new(),
1788 monitor_pending_update_adds: Vec::new(),
1790 signer_pending_commitment_update: false,
1791 signer_pending_funding: false,
1794 #[cfg(debug_assertions)]
1795 holder_max_commitment_tx_output: Mutex::new((value_to_self_msat, (channel_value_satoshis * 1000 - msg_push_msat).saturating_sub(value_to_self_msat))),
1796 #[cfg(debug_assertions)]
1797 counterparty_max_commitment_tx_output: Mutex::new((value_to_self_msat, (channel_value_satoshis * 1000 - msg_push_msat).saturating_sub(value_to_self_msat))),
1799 last_sent_closing_fee: None,
1800 pending_counterparty_closing_signed: None,
1801 expecting_peer_commitment_signed: false,
1802 closing_fee_limits: None,
1803 target_closing_feerate_sats_per_kw: None,
1805 funding_tx_confirmed_in: None,
1806 funding_tx_confirmation_height: 0,
1807 short_channel_id: None,
1808 channel_creation_height: current_chain_height,
1810 feerate_per_kw: open_channel_fields.commitment_feerate_sat_per_1000_weight,
1811 channel_value_satoshis,
1812 counterparty_dust_limit_satoshis: open_channel_fields.dust_limit_satoshis,
1813 holder_dust_limit_satoshis: MIN_CHAN_DUST_LIMIT_SATOSHIS,
1814 counterparty_max_htlc_value_in_flight_msat: cmp::min(open_channel_fields.max_htlc_value_in_flight_msat, channel_value_satoshis * 1000),
1815 holder_max_htlc_value_in_flight_msat: get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &config.channel_handshake_config),
1816 counterparty_selected_channel_reserve_satoshis: Some(msg_channel_reserve_satoshis),
1817 holder_selected_channel_reserve_satoshis,
1818 counterparty_htlc_minimum_msat: open_channel_fields.htlc_minimum_msat,
1819 holder_htlc_minimum_msat: if config.channel_handshake_config.our_htlc_minimum_msat == 0 { 1 } else { config.channel_handshake_config.our_htlc_minimum_msat },
1820 counterparty_max_accepted_htlcs: open_channel_fields.max_accepted_htlcs,
1821 holder_max_accepted_htlcs: cmp::min(config.channel_handshake_config.our_max_accepted_htlcs, MAX_HTLCS),
1824 counterparty_forwarding_info: None,
1826 channel_transaction_parameters: ChannelTransactionParameters {
1827 holder_pubkeys: pubkeys,
1828 holder_selected_contest_delay: config.channel_handshake_config.our_to_self_delay,
1829 is_outbound_from_holder: false,
1830 counterparty_parameters: Some(CounterpartyChannelTransactionParameters {
1831 selected_contest_delay: open_channel_fields.to_self_delay,
1832 pubkeys: counterparty_pubkeys,
1834 funding_outpoint: None,
1835 channel_type_features: channel_type.clone()
1837 funding_transaction: None,
1838 is_batch_funding: None,
1840 counterparty_cur_commitment_point: Some(open_channel_fields.first_per_commitment_point),
1841 counterparty_prev_commitment_point: None,
1842 counterparty_node_id,
1844 counterparty_shutdown_scriptpubkey,
1846 commitment_secrets: CounterpartyCommitmentSecrets::new(),
1848 channel_update_status: ChannelUpdateStatus::Enabled,
1849 closing_signed_in_flight: false,
1851 announcement_sigs: None,
1853 #[cfg(any(test, fuzzing))]
1854 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
1855 #[cfg(any(test, fuzzing))]
1856 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
1858 workaround_lnd_bug_4006: None,
1859 sent_message_awaiting_response: None,
1861 latest_inbound_scid_alias: None,
1862 outbound_scid_alias: 0,
1864 channel_pending_event_emitted: false,
1865 channel_ready_event_emitted: false,
1867 #[cfg(any(test, fuzzing))]
1868 historical_inbound_htlc_fulfills: new_hash_set(),
1873 local_initiated_shutdown: None,
1875 blocked_monitor_updates: Vec::new(),
1881 fn new_for_outbound_channel<'a, ES: Deref, F: Deref>(
1882 fee_estimator: &'a LowerBoundedFeeEstimator<F>,
1883 entropy_source: &'a ES,
1884 signer_provider: &'a SP,
1885 counterparty_node_id: PublicKey,
1886 their_features: &'a InitFeatures,
1887 funding_satoshis: u64,
1890 config: &'a UserConfig,
1891 current_chain_height: u32,
1892 outbound_scid_alias: u64,
1893 temporary_channel_id: Option<ChannelId>,
1894 holder_selected_channel_reserve_satoshis: u64,
1895 channel_keys_id: [u8; 32],
1896 holder_signer: <SP::Target as SignerProvider>::EcdsaSigner,
1897 pubkeys: ChannelPublicKeys,
1898 ) -> Result<ChannelContext<SP>, APIError>
1900 ES::Target: EntropySource,
1901 F::Target: FeeEstimator,
1902 SP::Target: SignerProvider,
1904 // This will be updated with the counterparty contribution if this is a dual-funded channel
1905 let channel_value_satoshis = funding_satoshis;
1907 let holder_selected_contest_delay = config.channel_handshake_config.our_to_self_delay;
1909 if !their_features.supports_wumbo() && channel_value_satoshis > MAX_FUNDING_SATOSHIS_NO_WUMBO {
1910 return Err(APIError::APIMisuseError{err: format!("funding_value must not exceed {}, it was {}", MAX_FUNDING_SATOSHIS_NO_WUMBO, channel_value_satoshis)});
1912 if channel_value_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
1913 return Err(APIError::APIMisuseError{err: format!("funding_value must be smaller than the total bitcoin supply, it was {}", channel_value_satoshis)});
1915 let channel_value_msat = channel_value_satoshis * 1000;
1916 if push_msat > channel_value_msat {
1917 return Err(APIError::APIMisuseError { err: format!("Push value ({}) was larger than channel_value ({})", push_msat, channel_value_msat) });
1919 if holder_selected_contest_delay < BREAKDOWN_TIMEOUT {
1920 return Err(APIError::APIMisuseError {err: format!("Configured with an unreasonable our_to_self_delay ({}) putting user funds at risks", holder_selected_contest_delay)});
1923 let channel_type = get_initial_channel_type(&config, their_features);
1924 debug_assert!(channel_type.is_subset(&channelmanager::provided_channel_type_features(&config)));
1926 let (commitment_conf_target, anchor_outputs_value_msat) = if channel_type.supports_anchors_zero_fee_htlc_tx() {
1927 (ConfirmationTarget::AnchorChannelFee, ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000)
1929 (ConfirmationTarget::NonAnchorChannelFee, 0)
1931 let commitment_feerate = fee_estimator.bounded_sat_per_1000_weight(commitment_conf_target);
1933 let value_to_self_msat = channel_value_satoshis * 1000 - push_msat;
1934 let commitment_tx_fee = commit_tx_fee_msat(commitment_feerate, MIN_AFFORDABLE_HTLC_COUNT, &channel_type);
1935 if value_to_self_msat.saturating_sub(anchor_outputs_value_msat) < commitment_tx_fee {
1936 return Err(APIError::APIMisuseError{ err: format!("Funding amount ({}) can't even pay fee for initial commitment transaction fee of {}.", value_to_self_msat / 1000, commitment_tx_fee / 1000) });
1939 let mut secp_ctx = Secp256k1::new();
1940 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
1942 let shutdown_scriptpubkey = if config.channel_handshake_config.commit_upfront_shutdown_pubkey {
1943 match signer_provider.get_shutdown_scriptpubkey() {
1944 Ok(scriptpubkey) => Some(scriptpubkey),
1945 Err(_) => return Err(APIError::ChannelUnavailable { err: "Failed to get shutdown scriptpubkey".to_owned()}),
1949 if let Some(shutdown_scriptpubkey) = &shutdown_scriptpubkey {
1950 if !shutdown_scriptpubkey.is_compatible(&their_features) {
1951 return Err(APIError::IncompatibleShutdownScript { script: shutdown_scriptpubkey.clone() });
1955 let destination_script = match signer_provider.get_destination_script(channel_keys_id) {
1956 Ok(script) => script,
1957 Err(_) => return Err(APIError::ChannelUnavailable { err: "Failed to get destination script".to_owned()}),
1960 let temporary_channel_id = temporary_channel_id.unwrap_or_else(|| ChannelId::temporary_from_entropy_source(entropy_source));
1965 config: LegacyChannelConfig {
1966 options: config.channel_config.clone(),
1967 announced_channel: config.channel_handshake_config.announced_channel,
1968 commit_upfront_shutdown_pubkey: config.channel_handshake_config.commit_upfront_shutdown_pubkey,
1973 inbound_handshake_limits_override: Some(config.channel_handshake_limits.clone()),
1975 channel_id: temporary_channel_id,
1976 temporary_channel_id: Some(temporary_channel_id),
1977 channel_state: ChannelState::NegotiatingFunding(NegotiatingFundingFlags::OUR_INIT_SENT),
1978 announcement_sigs_state: AnnouncementSigsState::NotSent,
1980 // We'll add our counterparty's `funding_satoshis` when we receive `accept_channel2`.
1981 channel_value_satoshis,
1983 latest_monitor_update_id: 0,
1985 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
1986 shutdown_scriptpubkey,
1989 cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1990 cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
1993 pending_inbound_htlcs: Vec::new(),
1994 pending_outbound_htlcs: Vec::new(),
1995 holding_cell_htlc_updates: Vec::new(),
1996 pending_update_fee: None,
1997 holding_cell_update_fee: None,
1998 next_holder_htlc_id: 0,
1999 next_counterparty_htlc_id: 0,
2000 update_time_counter: 1,
2002 resend_order: RAACommitmentOrder::CommitmentFirst,
2004 monitor_pending_channel_ready: false,
2005 monitor_pending_revoke_and_ack: false,
2006 monitor_pending_commitment_signed: false,
2007 monitor_pending_forwards: Vec::new(),
2008 monitor_pending_failures: Vec::new(),
2009 monitor_pending_finalized_fulfills: Vec::new(),
2010 monitor_pending_update_adds: Vec::new(),
2012 signer_pending_commitment_update: false,
2013 signer_pending_funding: false,
2015 // We'll add our counterparty's `funding_satoshis` to these max commitment output assertions
2016 // when we receive `accept_channel2`.
2017 #[cfg(debug_assertions)]
2018 holder_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
2019 #[cfg(debug_assertions)]
2020 counterparty_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)),
2022 last_sent_closing_fee: None,
2023 pending_counterparty_closing_signed: None,
2024 expecting_peer_commitment_signed: false,
2025 closing_fee_limits: None,
2026 target_closing_feerate_sats_per_kw: None,
2028 funding_tx_confirmed_in: None,
2029 funding_tx_confirmation_height: 0,
2030 short_channel_id: None,
2031 channel_creation_height: current_chain_height,
2033 feerate_per_kw: commitment_feerate,
2034 counterparty_dust_limit_satoshis: 0,
2035 holder_dust_limit_satoshis: MIN_CHAN_DUST_LIMIT_SATOSHIS,
2036 counterparty_max_htlc_value_in_flight_msat: 0,
2037 // We'll adjust this to include our counterparty's `funding_satoshis` when we
2038 // receive `accept_channel2`.
2039 holder_max_htlc_value_in_flight_msat: get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &config.channel_handshake_config),
2040 counterparty_selected_channel_reserve_satoshis: None, // Filled in in accept_channel
2041 holder_selected_channel_reserve_satoshis,
2042 counterparty_htlc_minimum_msat: 0,
2043 holder_htlc_minimum_msat: if config.channel_handshake_config.our_htlc_minimum_msat == 0 { 1 } else { config.channel_handshake_config.our_htlc_minimum_msat },
2044 counterparty_max_accepted_htlcs: 0,
2045 holder_max_accepted_htlcs: cmp::min(config.channel_handshake_config.our_max_accepted_htlcs, MAX_HTLCS),
2046 minimum_depth: None, // Filled in in accept_channel
2048 counterparty_forwarding_info: None,
2050 channel_transaction_parameters: ChannelTransactionParameters {
2051 holder_pubkeys: pubkeys,
2052 holder_selected_contest_delay: config.channel_handshake_config.our_to_self_delay,
2053 is_outbound_from_holder: true,
2054 counterparty_parameters: None,
2055 funding_outpoint: None,
2056 channel_type_features: channel_type.clone()
2058 funding_transaction: None,
2059 is_batch_funding: None,
2061 counterparty_cur_commitment_point: None,
2062 counterparty_prev_commitment_point: None,
2063 counterparty_node_id,
2065 counterparty_shutdown_scriptpubkey: None,
2067 commitment_secrets: CounterpartyCommitmentSecrets::new(),
2069 channel_update_status: ChannelUpdateStatus::Enabled,
2070 closing_signed_in_flight: false,
2072 announcement_sigs: None,
2074 #[cfg(any(test, fuzzing))]
2075 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
2076 #[cfg(any(test, fuzzing))]
2077 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
2079 workaround_lnd_bug_4006: None,
2080 sent_message_awaiting_response: None,
2082 latest_inbound_scid_alias: None,
2083 outbound_scid_alias,
2085 channel_pending_event_emitted: false,
2086 channel_ready_event_emitted: false,
2088 #[cfg(any(test, fuzzing))]
2089 historical_inbound_htlc_fulfills: new_hash_set(),
2094 blocked_monitor_updates: Vec::new(),
2095 local_initiated_shutdown: None,
2099 /// Allowed in any state (including after shutdown)
2100 pub fn get_update_time_counter(&self) -> u32 {
2101 self.update_time_counter
2104 pub fn get_latest_monitor_update_id(&self) -> u64 {
2105 self.latest_monitor_update_id
2108 pub fn should_announce(&self) -> bool {
2109 self.config.announced_channel
2112 pub fn is_outbound(&self) -> bool {
2113 self.channel_transaction_parameters.is_outbound_from_holder
2116 /// Gets the fee we'd want to charge for adding an HTLC output to this Channel
2117 /// Allowed in any state (including after shutdown)
2118 pub fn get_outbound_forwarding_fee_base_msat(&self) -> u32 {
2119 self.config.options.forwarding_fee_base_msat
2122 /// Returns true if we've ever received a message from the remote end for this Channel
2123 pub fn have_received_message(&self) -> bool {
2124 self.channel_state > ChannelState::NegotiatingFunding(NegotiatingFundingFlags::OUR_INIT_SENT)
2127 /// Returns true if this channel is fully established and not known to be closing.
2128 /// Allowed in any state (including after shutdown)
2129 pub fn is_usable(&self) -> bool {
2130 matches!(self.channel_state, ChannelState::ChannelReady(_)) &&
2131 !self.channel_state.is_local_shutdown_sent() &&
2132 !self.channel_state.is_remote_shutdown_sent() &&
2133 !self.monitor_pending_channel_ready
2136 /// shutdown state returns the state of the channel in its various stages of shutdown
2137 pub fn shutdown_state(&self) -> ChannelShutdownState {
2138 match self.channel_state {
2139 ChannelState::AwaitingChannelReady(_)|ChannelState::ChannelReady(_) =>
2140 if self.channel_state.is_local_shutdown_sent() && !self.channel_state.is_remote_shutdown_sent() {
2141 ChannelShutdownState::ShutdownInitiated
2142 } else if (self.channel_state.is_local_shutdown_sent() || self.channel_state.is_remote_shutdown_sent()) && !self.closing_negotiation_ready() {
2143 ChannelShutdownState::ResolvingHTLCs
2144 } else if (self.channel_state.is_local_shutdown_sent() || self.channel_state.is_remote_shutdown_sent()) && self.closing_negotiation_ready() {
2145 ChannelShutdownState::NegotiatingClosingFee
2147 ChannelShutdownState::NotShuttingDown
2149 ChannelState::ShutdownComplete => ChannelShutdownState::ShutdownComplete,
2150 _ => ChannelShutdownState::NotShuttingDown,
2154 fn closing_negotiation_ready(&self) -> bool {
2155 let is_ready_to_close = match self.channel_state {
2156 ChannelState::AwaitingChannelReady(flags) =>
2157 flags & FundedStateFlags::ALL == FundedStateFlags::LOCAL_SHUTDOWN_SENT | FundedStateFlags::REMOTE_SHUTDOWN_SENT,
2158 ChannelState::ChannelReady(flags) =>
2159 flags == FundedStateFlags::LOCAL_SHUTDOWN_SENT | FundedStateFlags::REMOTE_SHUTDOWN_SENT,
2162 self.pending_inbound_htlcs.is_empty() &&
2163 self.pending_outbound_htlcs.is_empty() &&
2164 self.pending_update_fee.is_none() &&
2168 /// Returns true if this channel is currently available for use. This is a superset of
2169 /// is_usable() and considers things like the channel being temporarily disabled.
2170 /// Allowed in any state (including after shutdown)
2171 pub fn is_live(&self) -> bool {
2172 self.is_usable() && !self.channel_state.is_peer_disconnected()
2175 // Public utilities:
2177 pub fn channel_id(&self) -> ChannelId {
2181 // Return the `temporary_channel_id` used during channel establishment.
2183 // Will return `None` for channels created prior to LDK version 0.0.115.
2184 pub fn temporary_channel_id(&self) -> Option<ChannelId> {
2185 self.temporary_channel_id
2188 pub fn minimum_depth(&self) -> Option<u32> {
2192 /// Gets the "user_id" value passed into the construction of this channel. It has no special
2193 /// meaning and exists only to allow users to have a persistent identifier of a channel.
2194 pub fn get_user_id(&self) -> u128 {
2198 /// Gets the channel's type
2199 pub fn get_channel_type(&self) -> &ChannelTypeFeatures {
2203 /// Gets the channel's `short_channel_id`.
2205 /// Will return `None` if the channel hasn't been confirmed yet.
2206 pub fn get_short_channel_id(&self) -> Option<u64> {
2207 self.short_channel_id
2210 /// Allowed in any state (including after shutdown)
2211 pub fn latest_inbound_scid_alias(&self) -> Option<u64> {
2212 self.latest_inbound_scid_alias
2215 /// Allowed in any state (including after shutdown)
2216 pub fn outbound_scid_alias(&self) -> u64 {
2217 self.outbound_scid_alias
2220 /// Returns the holder signer for this channel.
2222 pub fn get_signer(&self) -> &ChannelSignerType<SP> {
2223 return &self.holder_signer
2226 /// Only allowed immediately after deserialization if get_outbound_scid_alias returns 0,
2227 /// indicating we were written by LDK prior to 0.0.106 which did not set outbound SCID aliases
2228 /// or prior to any channel actions during `Channel` initialization.
2229 pub fn set_outbound_scid_alias(&mut self, outbound_scid_alias: u64) {
2230 debug_assert_eq!(self.outbound_scid_alias, 0);
2231 self.outbound_scid_alias = outbound_scid_alias;
2234 /// Returns the funding_txo we either got from our peer, or were given by
2235 /// get_funding_created.
2236 pub fn get_funding_txo(&self) -> Option<OutPoint> {
2237 self.channel_transaction_parameters.funding_outpoint
2240 /// Returns the height in which our funding transaction was confirmed.
2241 pub fn get_funding_tx_confirmation_height(&self) -> Option<u32> {
2242 let conf_height = self.funding_tx_confirmation_height;
2243 if conf_height > 0 {
2250 /// Returns the block hash in which our funding transaction was confirmed.
2251 pub fn get_funding_tx_confirmed_in(&self) -> Option<BlockHash> {
2252 self.funding_tx_confirmed_in
2255 /// Returns the current number of confirmations on the funding transaction.
2256 pub fn get_funding_tx_confirmations(&self, height: u32) -> u32 {
2257 if self.funding_tx_confirmation_height == 0 {
2258 // We either haven't seen any confirmation yet, or observed a reorg.
2262 height.checked_sub(self.funding_tx_confirmation_height).map_or(0, |c| c + 1)
2265 fn get_holder_selected_contest_delay(&self) -> u16 {
2266 self.channel_transaction_parameters.holder_selected_contest_delay
2269 fn get_holder_pubkeys(&self) -> &ChannelPublicKeys {
2270 &self.channel_transaction_parameters.holder_pubkeys
2273 pub fn get_counterparty_selected_contest_delay(&self) -> Option<u16> {
2274 self.channel_transaction_parameters.counterparty_parameters
2275 .as_ref().map(|params| params.selected_contest_delay)
2278 fn get_counterparty_pubkeys(&self) -> &ChannelPublicKeys {
2279 &self.channel_transaction_parameters.counterparty_parameters.as_ref().unwrap().pubkeys
2282 /// Allowed in any state (including after shutdown)
2283 pub fn get_counterparty_node_id(&self) -> PublicKey {
2284 self.counterparty_node_id
2287 /// Allowed in any state (including after shutdown)
2288 pub fn get_holder_htlc_minimum_msat(&self) -> u64 {
2289 self.holder_htlc_minimum_msat
2292 /// Allowed in any state (including after shutdown), but will return none before TheirInitSent
2293 pub fn get_holder_htlc_maximum_msat(&self) -> Option<u64> {
2294 self.get_htlc_maximum_msat(self.holder_max_htlc_value_in_flight_msat)
2297 /// Allowed in any state (including after shutdown)
2298 pub fn get_announced_htlc_max_msat(&self) -> u64 {
2300 // Upper bound by capacity. We make it a bit less than full capacity to prevent attempts
2301 // to use full capacity. This is an effort to reduce routing failures, because in many cases
2302 // channel might have been used to route very small values (either by honest users or as DoS).
2303 self.channel_value_satoshis * 1000 * 9 / 10,
2305 self.counterparty_max_htlc_value_in_flight_msat
2309 /// Allowed in any state (including after shutdown)
2310 pub fn get_counterparty_htlc_minimum_msat(&self) -> u64 {
2311 self.counterparty_htlc_minimum_msat
2314 /// Allowed in any state (including after shutdown), but will return none before TheirInitSent
2315 pub fn get_counterparty_htlc_maximum_msat(&self) -> Option<u64> {
2316 self.get_htlc_maximum_msat(self.counterparty_max_htlc_value_in_flight_msat)
2319 fn get_htlc_maximum_msat(&self, party_max_htlc_value_in_flight_msat: u64) -> Option<u64> {
2320 self.counterparty_selected_channel_reserve_satoshis.map(|counterparty_reserve| {
2321 let holder_reserve = self.holder_selected_channel_reserve_satoshis;
2323 (self.channel_value_satoshis - counterparty_reserve - holder_reserve) * 1000,
2324 party_max_htlc_value_in_flight_msat
2329 pub fn get_value_satoshis(&self) -> u64 {
2330 self.channel_value_satoshis
2333 pub fn get_fee_proportional_millionths(&self) -> u32 {
2334 self.config.options.forwarding_fee_proportional_millionths
2337 pub fn get_cltv_expiry_delta(&self) -> u16 {
2338 cmp::max(self.config.options.cltv_expiry_delta, MIN_CLTV_EXPIRY_DELTA)
2341 pub fn get_max_dust_htlc_exposure_msat<F: Deref>(&self,
2342 fee_estimator: &LowerBoundedFeeEstimator<F>) -> u64
2343 where F::Target: FeeEstimator
2345 match self.config.options.max_dust_htlc_exposure {
2346 MaxDustHTLCExposure::FeeRateMultiplier(multiplier) => {
2347 let feerate_per_kw = fee_estimator.bounded_sat_per_1000_weight(
2348 ConfirmationTarget::OnChainSweep) as u64;
2349 feerate_per_kw.saturating_mul(multiplier)
2351 MaxDustHTLCExposure::FixedLimitMsat(limit) => limit,
2355 /// Returns the previous [`ChannelConfig`] applied to this channel, if any.
2356 pub fn prev_config(&self) -> Option<ChannelConfig> {
2357 self.prev_config.map(|prev_config| prev_config.0)
2360 // Checks whether we should emit a `ChannelPending` event.
2361 pub(crate) fn should_emit_channel_pending_event(&mut self) -> bool {
2362 self.is_funding_broadcast() && !self.channel_pending_event_emitted
2365 // Returns whether we already emitted a `ChannelPending` event.
2366 pub(crate) fn channel_pending_event_emitted(&self) -> bool {
2367 self.channel_pending_event_emitted
2370 // Remembers that we already emitted a `ChannelPending` event.
2371 pub(crate) fn set_channel_pending_event_emitted(&mut self) {
2372 self.channel_pending_event_emitted = true;
2375 // Checks whether we should emit a `ChannelReady` event.
2376 pub(crate) fn should_emit_channel_ready_event(&mut self) -> bool {
2377 self.is_usable() && !self.channel_ready_event_emitted
2380 // Remembers that we already emitted a `ChannelReady` event.
2381 pub(crate) fn set_channel_ready_event_emitted(&mut self) {
2382 self.channel_ready_event_emitted = true;
2385 /// Tracks the number of ticks elapsed since the previous [`ChannelConfig`] was updated. Once
2386 /// [`EXPIRE_PREV_CONFIG_TICKS`] is reached, the previous config is considered expired and will
2387 /// no longer be considered when forwarding HTLCs.
2388 pub fn maybe_expire_prev_config(&mut self) {
2389 if self.prev_config.is_none() {
2392 let prev_config = self.prev_config.as_mut().unwrap();
2394 if prev_config.1 == EXPIRE_PREV_CONFIG_TICKS {
2395 self.prev_config = None;
2399 /// Returns the current [`ChannelConfig`] applied to the channel.
2400 pub fn config(&self) -> ChannelConfig {
2404 /// Updates the channel's config. A bool is returned indicating whether the config update
2405 /// applied resulted in a new ChannelUpdate message.
2406 pub fn update_config(&mut self, config: &ChannelConfig) -> bool {
2407 let did_channel_update =
2408 self.config.options.forwarding_fee_proportional_millionths != config.forwarding_fee_proportional_millionths ||
2409 self.config.options.forwarding_fee_base_msat != config.forwarding_fee_base_msat ||
2410 self.config.options.cltv_expiry_delta != config.cltv_expiry_delta;
2411 if did_channel_update {
2412 self.prev_config = Some((self.config.options, 0));
2413 // Update the counter, which backs the ChannelUpdate timestamp, to allow the relay
2414 // policy change to propagate throughout the network.
2415 self.update_time_counter += 1;
2417 self.config.options = *config;
2421 /// Returns true if funding_signed was sent/received and the
2422 /// funding transaction has been broadcast if necessary.
2423 pub fn is_funding_broadcast(&self) -> bool {
2424 !self.channel_state.is_pre_funded_state() &&
2425 !matches!(self.channel_state, ChannelState::AwaitingChannelReady(flags) if flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH))
2428 /// Transaction nomenclature is somewhat confusing here as there are many different cases - a
2429 /// transaction is referred to as "a's transaction" implying that a will be able to broadcast
2430 /// the transaction. Thus, b will generally be sending a signature over such a transaction to
2431 /// a, and a can revoke the transaction by providing b the relevant per_commitment_secret. As
2432 /// such, a transaction is generally the result of b increasing the amount paid to a (or adding
2434 /// @local is used only to convert relevant internal structures which refer to remote vs local
2435 /// to decide value of outputs and direction of HTLCs.
2436 /// @generated_by_local is used to determine *which* HTLCs to include - noting that the HTLC
2437 /// state may indicate that one peer has informed the other that they'd like to add an HTLC but
2438 /// have not yet committed it. Such HTLCs will only be included in transactions which are being
2439 /// generated by the peer which proposed adding the HTLCs, and thus we need to understand both
2440 /// which peer generated this transaction and "to whom" this transaction flows.
2442 fn build_commitment_transaction<L: Deref>(&self, commitment_number: u64, keys: &TxCreationKeys, local: bool, generated_by_local: bool, logger: &L) -> CommitmentStats
2443 where L::Target: Logger
2445 let mut included_dust_htlcs: Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)> = Vec::new();
2446 let num_htlcs = self.pending_inbound_htlcs.len() + self.pending_outbound_htlcs.len();
2447 let mut included_non_dust_htlcs: Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)> = Vec::with_capacity(num_htlcs);
2449 let broadcaster_dust_limit_satoshis = if local { self.holder_dust_limit_satoshis } else { self.counterparty_dust_limit_satoshis };
2450 let mut remote_htlc_total_msat = 0;
2451 let mut local_htlc_total_msat = 0;
2452 let mut value_to_self_msat_offset = 0;
2454 let mut feerate_per_kw = self.feerate_per_kw;
2455 if let Some((feerate, update_state)) = self.pending_update_fee {
2456 if match update_state {
2457 // Note that these match the inclusion criteria when scanning
2458 // pending_inbound_htlcs below.
2459 FeeUpdateState::RemoteAnnounced => { debug_assert!(!self.is_outbound()); !generated_by_local },
2460 FeeUpdateState::AwaitingRemoteRevokeToAnnounce => { debug_assert!(!self.is_outbound()); !generated_by_local },
2461 FeeUpdateState::Outbound => { assert!(self.is_outbound()); generated_by_local },
2463 feerate_per_kw = feerate;
2467 log_trace!(logger, "Building commitment transaction number {} (really {} xor {}) for channel {} for {}, generated by {} with fee {}...",
2468 commitment_number, (INITIAL_COMMITMENT_NUMBER - commitment_number),
2469 get_commitment_transaction_number_obscure_factor(&self.get_holder_pubkeys().payment_point, &self.get_counterparty_pubkeys().payment_point, self.is_outbound()),
2471 if local { "us" } else { "remote" }, if generated_by_local { "us" } else { "remote" }, feerate_per_kw);
2473 macro_rules! get_htlc_in_commitment {
2474 ($htlc: expr, $offered: expr) => {
2475 HTLCOutputInCommitment {
2477 amount_msat: $htlc.amount_msat,
2478 cltv_expiry: $htlc.cltv_expiry,
2479 payment_hash: $htlc.payment_hash,
2480 transaction_output_index: None
2485 macro_rules! add_htlc_output {
2486 ($htlc: expr, $outbound: expr, $source: expr, $state_name: expr) => {
2487 if $outbound == local { // "offered HTLC output"
2488 let htlc_in_tx = get_htlc_in_commitment!($htlc, true);
2489 let htlc_tx_fee = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2492 feerate_per_kw as u64 * htlc_timeout_tx_weight(self.get_channel_type()) / 1000
2494 if $htlc.amount_msat / 1000 >= broadcaster_dust_limit_satoshis + htlc_tx_fee {
2495 log_trace!(logger, " ...including {} {} HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2496 included_non_dust_htlcs.push((htlc_in_tx, $source));
2498 log_trace!(logger, " ...including {} {} dust HTLC {} (hash {}) with value {} due to dust limit", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2499 included_dust_htlcs.push((htlc_in_tx, $source));
2502 let htlc_in_tx = get_htlc_in_commitment!($htlc, false);
2503 let htlc_tx_fee = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2506 feerate_per_kw as u64 * htlc_success_tx_weight(self.get_channel_type()) / 1000
2508 if $htlc.amount_msat / 1000 >= broadcaster_dust_limit_satoshis + htlc_tx_fee {
2509 log_trace!(logger, " ...including {} {} HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2510 included_non_dust_htlcs.push((htlc_in_tx, $source));
2512 log_trace!(logger, " ...including {} {} dust HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $state_name, $htlc.htlc_id, &$htlc.payment_hash, $htlc.amount_msat);
2513 included_dust_htlcs.push((htlc_in_tx, $source));
2519 let mut inbound_htlc_preimages: Vec<PaymentPreimage> = Vec::new();
2521 for ref htlc in self.pending_inbound_htlcs.iter() {
2522 let (include, state_name) = match htlc.state {
2523 InboundHTLCState::RemoteAnnounced(_) => (!generated_by_local, "RemoteAnnounced"),
2524 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) => (!generated_by_local, "AwaitingRemoteRevokeToAnnounce"),
2525 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) => (true, "AwaitingAnnouncedRemoteRevoke"),
2526 InboundHTLCState::Committed => (true, "Committed"),
2527 InboundHTLCState::LocalRemoved(_) => (!generated_by_local, "LocalRemoved"),
2531 add_htlc_output!(htlc, false, None, state_name);
2532 remote_htlc_total_msat += htlc.amount_msat;
2534 log_trace!(logger, " ...not including inbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, &htlc.payment_hash, htlc.amount_msat, state_name);
2536 &InboundHTLCState::LocalRemoved(ref reason) => {
2537 if generated_by_local {
2538 if let &InboundHTLCRemovalReason::Fulfill(preimage) = reason {
2539 inbound_htlc_preimages.push(preimage);
2540 value_to_self_msat_offset += htlc.amount_msat as i64;
2550 let mut outbound_htlc_preimages: Vec<PaymentPreimage> = Vec::new();
2552 for ref htlc in self.pending_outbound_htlcs.iter() {
2553 let (include, state_name) = match htlc.state {
2554 OutboundHTLCState::LocalAnnounced(_) => (generated_by_local, "LocalAnnounced"),
2555 OutboundHTLCState::Committed => (true, "Committed"),
2556 OutboundHTLCState::RemoteRemoved(_) => (generated_by_local, "RemoteRemoved"),
2557 OutboundHTLCState::AwaitingRemoteRevokeToRemove(_) => (generated_by_local, "AwaitingRemoteRevokeToRemove"),
2558 OutboundHTLCState::AwaitingRemovedRemoteRevoke(_) => (false, "AwaitingRemovedRemoteRevoke"),
2561 let preimage_opt = match htlc.state {
2562 OutboundHTLCState::RemoteRemoved(OutboundHTLCOutcome::Success(p)) => p,
2563 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(p)) => p,
2564 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(p)) => p,
2568 if let Some(preimage) = preimage_opt {
2569 outbound_htlc_preimages.push(preimage);
2573 add_htlc_output!(htlc, true, Some(&htlc.source), state_name);
2574 local_htlc_total_msat += htlc.amount_msat;
2576 log_trace!(logger, " ...not including outbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, &htlc.payment_hash, htlc.amount_msat, state_name);
2578 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_))|OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) => {
2579 value_to_self_msat_offset -= htlc.amount_msat as i64;
2581 OutboundHTLCState::RemoteRemoved(OutboundHTLCOutcome::Success(_)) => {
2582 if !generated_by_local {
2583 value_to_self_msat_offset -= htlc.amount_msat as i64;
2591 let value_to_self_msat: i64 = (self.value_to_self_msat - local_htlc_total_msat) as i64 + value_to_self_msat_offset;
2592 assert!(value_to_self_msat >= 0);
2593 // Note that in case they have several just-awaiting-last-RAA fulfills in-progress (ie
2594 // AwaitingRemoteRevokeToRemove or AwaitingRemovedRemoteRevoke) we may have allowed them to
2595 // "violate" their reserve value by couting those against it. Thus, we have to convert
2596 // everything to i64 before subtracting as otherwise we can overflow.
2597 let value_to_remote_msat: i64 = (self.channel_value_satoshis * 1000) as i64 - (self.value_to_self_msat as i64) - (remote_htlc_total_msat as i64) - value_to_self_msat_offset;
2598 assert!(value_to_remote_msat >= 0);
2600 #[cfg(debug_assertions)]
2602 // Make sure that the to_self/to_remote is always either past the appropriate
2603 // channel_reserve *or* it is making progress towards it.
2604 let mut broadcaster_max_commitment_tx_output = if generated_by_local {
2605 self.holder_max_commitment_tx_output.lock().unwrap()
2607 self.counterparty_max_commitment_tx_output.lock().unwrap()
2609 debug_assert!(broadcaster_max_commitment_tx_output.0 <= value_to_self_msat as u64 || value_to_self_msat / 1000 >= self.counterparty_selected_channel_reserve_satoshis.unwrap() as i64);
2610 broadcaster_max_commitment_tx_output.0 = cmp::max(broadcaster_max_commitment_tx_output.0, value_to_self_msat as u64);
2611 debug_assert!(broadcaster_max_commitment_tx_output.1 <= value_to_remote_msat as u64 || value_to_remote_msat / 1000 >= self.holder_selected_channel_reserve_satoshis as i64);
2612 broadcaster_max_commitment_tx_output.1 = cmp::max(broadcaster_max_commitment_tx_output.1, value_to_remote_msat as u64);
2615 let total_fee_sat = commit_tx_fee_sat(feerate_per_kw, included_non_dust_htlcs.len(), &self.channel_transaction_parameters.channel_type_features);
2616 let anchors_val = if self.channel_transaction_parameters.channel_type_features.supports_anchors_zero_fee_htlc_tx() { ANCHOR_OUTPUT_VALUE_SATOSHI * 2 } else { 0 } as i64;
2617 let (value_to_self, value_to_remote) = if self.is_outbound() {
2618 (value_to_self_msat / 1000 - anchors_val - total_fee_sat as i64, value_to_remote_msat / 1000)
2620 (value_to_self_msat / 1000, value_to_remote_msat / 1000 - anchors_val - total_fee_sat as i64)
2623 let mut value_to_a = if local { value_to_self } else { value_to_remote };
2624 let mut value_to_b = if local { value_to_remote } else { value_to_self };
2625 let (funding_pubkey_a, funding_pubkey_b) = if local {
2626 (self.get_holder_pubkeys().funding_pubkey, self.get_counterparty_pubkeys().funding_pubkey)
2628 (self.get_counterparty_pubkeys().funding_pubkey, self.get_holder_pubkeys().funding_pubkey)
2631 if value_to_a >= (broadcaster_dust_limit_satoshis as i64) {
2632 log_trace!(logger, " ...including {} output with value {}", if local { "to_local" } else { "to_remote" }, value_to_a);
2637 if value_to_b >= (broadcaster_dust_limit_satoshis as i64) {
2638 log_trace!(logger, " ...including {} output with value {}", if local { "to_remote" } else { "to_local" }, value_to_b);
2643 let num_nondust_htlcs = included_non_dust_htlcs.len();
2645 let channel_parameters =
2646 if local { self.channel_transaction_parameters.as_holder_broadcastable() }
2647 else { self.channel_transaction_parameters.as_counterparty_broadcastable() };
2648 let tx = CommitmentTransaction::new_with_auxiliary_htlc_data(commitment_number,
2655 &mut included_non_dust_htlcs,
2658 let mut htlcs_included = included_non_dust_htlcs;
2659 // The unwrap is safe, because all non-dust HTLCs have been assigned an output index
2660 htlcs_included.sort_unstable_by_key(|h| h.0.transaction_output_index.unwrap());
2661 htlcs_included.append(&mut included_dust_htlcs);
2669 local_balance_msat: value_to_self_msat as u64,
2670 remote_balance_msat: value_to_remote_msat as u64,
2671 inbound_htlc_preimages,
2672 outbound_htlc_preimages,
2677 /// Creates a set of keys for build_commitment_transaction to generate a transaction which our
2678 /// counterparty will sign (ie DO NOT send signatures over a transaction created by this to
2679 /// our counterparty!)
2680 /// The result is a transaction which we can revoke broadcastership of (ie a "local" transaction)
2681 /// TODO Some magic rust shit to compile-time check this?
2682 fn build_holder_transaction_keys(&self, commitment_number: u64) -> TxCreationKeys {
2683 let per_commitment_point = self.holder_signer.as_ref().get_per_commitment_point(commitment_number, &self.secp_ctx);
2684 let delayed_payment_base = &self.get_holder_pubkeys().delayed_payment_basepoint;
2685 let htlc_basepoint = &self.get_holder_pubkeys().htlc_basepoint;
2686 let counterparty_pubkeys = self.get_counterparty_pubkeys();
2688 TxCreationKeys::derive_new(&self.secp_ctx, &per_commitment_point, delayed_payment_base, htlc_basepoint, &counterparty_pubkeys.revocation_basepoint, &counterparty_pubkeys.htlc_basepoint)
2692 /// Creates a set of keys for build_commitment_transaction to generate a transaction which we
2693 /// will sign and send to our counterparty.
2694 /// If an Err is returned, it is a ChannelError::Close (for get_funding_created)
2695 fn build_remote_transaction_keys(&self) -> TxCreationKeys {
2696 let revocation_basepoint = &self.get_holder_pubkeys().revocation_basepoint;
2697 let htlc_basepoint = &self.get_holder_pubkeys().htlc_basepoint;
2698 let counterparty_pubkeys = self.get_counterparty_pubkeys();
2700 TxCreationKeys::derive_new(&self.secp_ctx, &self.counterparty_cur_commitment_point.unwrap(), &counterparty_pubkeys.delayed_payment_basepoint, &counterparty_pubkeys.htlc_basepoint, revocation_basepoint, htlc_basepoint)
2703 /// Gets the redeemscript for the funding transaction output (ie the funding transaction output
2704 /// pays to get_funding_redeemscript().to_v0_p2wsh()).
2705 /// Panics if called before accept_channel/InboundV1Channel::new
2706 pub fn get_funding_redeemscript(&self) -> ScriptBuf {
2707 make_funding_redeemscript(&self.get_holder_pubkeys().funding_pubkey, self.counterparty_funding_pubkey())
2710 fn counterparty_funding_pubkey(&self) -> &PublicKey {
2711 &self.get_counterparty_pubkeys().funding_pubkey
2714 pub fn get_feerate_sat_per_1000_weight(&self) -> u32 {
2718 pub fn get_dust_buffer_feerate(&self, outbound_feerate_update: Option<u32>) -> u32 {
2719 // When calculating our exposure to dust HTLCs, we assume that the channel feerate
2720 // may, at any point, increase by at least 10 sat/vB (i.e 2530 sat/kWU) or 25%,
2721 // whichever is higher. This ensures that we aren't suddenly exposed to significantly
2722 // more dust balance if the feerate increases when we have several HTLCs pending
2723 // which are near the dust limit.
2724 let mut feerate_per_kw = self.feerate_per_kw;
2725 // If there's a pending update fee, use it to ensure we aren't under-estimating
2726 // potential feerate updates coming soon.
2727 if let Some((feerate, _)) = self.pending_update_fee {
2728 feerate_per_kw = cmp::max(feerate_per_kw, feerate);
2730 if let Some(feerate) = outbound_feerate_update {
2731 feerate_per_kw = cmp::max(feerate_per_kw, feerate);
2733 let feerate_plus_quarter = feerate_per_kw.checked_mul(1250).map(|v| v / 1000);
2734 cmp::max(2530, feerate_plus_quarter.unwrap_or(u32::max_value()))
2737 /// Get forwarding information for the counterparty.
2738 pub fn counterparty_forwarding_info(&self) -> Option<CounterpartyForwardingInfo> {
2739 self.counterparty_forwarding_info.clone()
2742 /// Returns a HTLCStats about inbound pending htlcs
2743 fn get_inbound_pending_htlc_stats(&self, outbound_feerate_update: Option<u32>) -> HTLCStats {
2745 let mut stats = HTLCStats {
2746 pending_htlcs: context.pending_inbound_htlcs.len() as u32,
2747 pending_htlcs_value_msat: 0,
2748 on_counterparty_tx_dust_exposure_msat: 0,
2749 on_holder_tx_dust_exposure_msat: 0,
2750 holding_cell_msat: 0,
2751 on_holder_tx_holding_cell_htlcs_count: 0,
2754 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2757 let dust_buffer_feerate = context.get_dust_buffer_feerate(outbound_feerate_update) as u64;
2758 (dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000,
2759 dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000)
2761 let counterparty_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.counterparty_dust_limit_satoshis;
2762 let holder_dust_limit_success_sat = htlc_success_dust_limit + context.holder_dust_limit_satoshis;
2763 for ref htlc in context.pending_inbound_htlcs.iter() {
2764 stats.pending_htlcs_value_msat += htlc.amount_msat;
2765 if htlc.amount_msat / 1000 < counterparty_dust_limit_timeout_sat {
2766 stats.on_counterparty_tx_dust_exposure_msat += htlc.amount_msat;
2768 if htlc.amount_msat / 1000 < holder_dust_limit_success_sat {
2769 stats.on_holder_tx_dust_exposure_msat += htlc.amount_msat;
2775 /// Returns a HTLCStats about pending outbound htlcs, *including* pending adds in our holding cell.
2776 fn get_outbound_pending_htlc_stats(&self, outbound_feerate_update: Option<u32>) -> HTLCStats {
2778 let mut stats = HTLCStats {
2779 pending_htlcs: context.pending_outbound_htlcs.len() as u32,
2780 pending_htlcs_value_msat: 0,
2781 on_counterparty_tx_dust_exposure_msat: 0,
2782 on_holder_tx_dust_exposure_msat: 0,
2783 holding_cell_msat: 0,
2784 on_holder_tx_holding_cell_htlcs_count: 0,
2787 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2790 let dust_buffer_feerate = context.get_dust_buffer_feerate(outbound_feerate_update) as u64;
2791 (dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000,
2792 dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000)
2794 let counterparty_dust_limit_success_sat = htlc_success_dust_limit + context.counterparty_dust_limit_satoshis;
2795 let holder_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.holder_dust_limit_satoshis;
2796 for ref htlc in context.pending_outbound_htlcs.iter() {
2797 stats.pending_htlcs_value_msat += htlc.amount_msat;
2798 if htlc.amount_msat / 1000 < counterparty_dust_limit_success_sat {
2799 stats.on_counterparty_tx_dust_exposure_msat += htlc.amount_msat;
2801 if htlc.amount_msat / 1000 < holder_dust_limit_timeout_sat {
2802 stats.on_holder_tx_dust_exposure_msat += htlc.amount_msat;
2806 for update in context.holding_cell_htlc_updates.iter() {
2807 if let &HTLCUpdateAwaitingACK::AddHTLC { ref amount_msat, .. } = update {
2808 stats.pending_htlcs += 1;
2809 stats.pending_htlcs_value_msat += amount_msat;
2810 stats.holding_cell_msat += amount_msat;
2811 if *amount_msat / 1000 < counterparty_dust_limit_success_sat {
2812 stats.on_counterparty_tx_dust_exposure_msat += amount_msat;
2814 if *amount_msat / 1000 < holder_dust_limit_timeout_sat {
2815 stats.on_holder_tx_dust_exposure_msat += amount_msat;
2817 stats.on_holder_tx_holding_cell_htlcs_count += 1;
2824 /// Returns information on all pending inbound HTLCs.
2825 pub fn get_pending_inbound_htlc_details(&self) -> Vec<InboundHTLCDetails> {
2826 let mut holding_cell_states = new_hash_map();
2827 for holding_cell_update in self.holding_cell_htlc_updates.iter() {
2828 match holding_cell_update {
2829 HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
2830 holding_cell_states.insert(
2832 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFulfill,
2835 HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } => {
2836 holding_cell_states.insert(
2838 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail,
2841 HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } => {
2842 holding_cell_states.insert(
2844 InboundHTLCStateDetails::AwaitingRemoteRevokeToRemoveFail,
2848 HTLCUpdateAwaitingACK::AddHTLC { .. } => {},
2851 let mut inbound_details = Vec::new();
2852 let htlc_success_dust_limit = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2855 let dust_buffer_feerate = self.get_dust_buffer_feerate(None) as u64;
2856 dust_buffer_feerate * htlc_success_tx_weight(self.get_channel_type()) / 1000
2858 let holder_dust_limit_success_sat = htlc_success_dust_limit + self.holder_dust_limit_satoshis;
2859 for htlc in self.pending_inbound_htlcs.iter() {
2860 if let Some(state_details) = (&htlc.state).into() {
2861 inbound_details.push(InboundHTLCDetails{
2862 htlc_id: htlc.htlc_id,
2863 amount_msat: htlc.amount_msat,
2864 cltv_expiry: htlc.cltv_expiry,
2865 payment_hash: htlc.payment_hash,
2866 state: Some(holding_cell_states.remove(&htlc.htlc_id).unwrap_or(state_details)),
2867 is_dust: htlc.amount_msat / 1000 < holder_dust_limit_success_sat,
2874 /// Returns information on all pending outbound HTLCs.
2875 pub fn get_pending_outbound_htlc_details(&self) -> Vec<OutboundHTLCDetails> {
2876 let mut outbound_details = Vec::new();
2877 let htlc_timeout_dust_limit = if self.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2880 let dust_buffer_feerate = self.get_dust_buffer_feerate(None) as u64;
2881 dust_buffer_feerate * htlc_success_tx_weight(self.get_channel_type()) / 1000
2883 let holder_dust_limit_timeout_sat = htlc_timeout_dust_limit + self.holder_dust_limit_satoshis;
2884 for htlc in self.pending_outbound_htlcs.iter() {
2885 outbound_details.push(OutboundHTLCDetails{
2886 htlc_id: Some(htlc.htlc_id),
2887 amount_msat: htlc.amount_msat,
2888 cltv_expiry: htlc.cltv_expiry,
2889 payment_hash: htlc.payment_hash,
2890 skimmed_fee_msat: htlc.skimmed_fee_msat,
2891 state: Some((&htlc.state).into()),
2892 is_dust: htlc.amount_msat / 1000 < holder_dust_limit_timeout_sat,
2895 for holding_cell_update in self.holding_cell_htlc_updates.iter() {
2896 if let HTLCUpdateAwaitingACK::AddHTLC {
2902 } = *holding_cell_update {
2903 outbound_details.push(OutboundHTLCDetails{
2905 amount_msat: amount_msat,
2906 cltv_expiry: cltv_expiry,
2907 payment_hash: payment_hash,
2908 skimmed_fee_msat: skimmed_fee_msat,
2909 state: Some(OutboundHTLCStateDetails::AwaitingRemoteRevokeToAdd),
2910 is_dust: amount_msat / 1000 < holder_dust_limit_timeout_sat,
2917 /// Get the available balances, see [`AvailableBalances`]'s fields for more info.
2918 /// Doesn't bother handling the
2919 /// if-we-removed-it-already-but-haven't-fully-resolved-they-can-still-send-an-inbound-HTLC
2920 /// corner case properly.
2921 pub fn get_available_balances<F: Deref>(&self, fee_estimator: &LowerBoundedFeeEstimator<F>)
2922 -> AvailableBalances
2923 where F::Target: FeeEstimator
2925 let context = &self;
2926 // Note that we have to handle overflow due to the above case.
2927 let inbound_stats = context.get_inbound_pending_htlc_stats(None);
2928 let outbound_stats = context.get_outbound_pending_htlc_stats(None);
2930 let mut balance_msat = context.value_to_self_msat;
2931 for ref htlc in context.pending_inbound_htlcs.iter() {
2932 if let InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(_)) = htlc.state {
2933 balance_msat += htlc.amount_msat;
2936 balance_msat -= outbound_stats.pending_htlcs_value_msat;
2938 let outbound_capacity_msat = context.value_to_self_msat
2939 .saturating_sub(outbound_stats.pending_htlcs_value_msat)
2941 context.counterparty_selected_channel_reserve_satoshis.unwrap_or(0) * 1000);
2943 let mut available_capacity_msat = outbound_capacity_msat;
2945 let anchor_outputs_value_msat = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2946 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
2950 if context.is_outbound() {
2951 // We should mind channel commit tx fee when computing how much of the available capacity
2952 // can be used in the next htlc. Mirrors the logic in send_htlc.
2954 // The fee depends on whether the amount we will be sending is above dust or not,
2955 // and the answer will in turn change the amount itself — making it a circular
2957 // This complicates the computation around dust-values, up to the one-htlc-value.
2958 let mut real_dust_limit_timeout_sat = context.holder_dust_limit_satoshis;
2959 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2960 real_dust_limit_timeout_sat += context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000;
2963 let htlc_above_dust = HTLCCandidate::new(real_dust_limit_timeout_sat * 1000, HTLCInitiator::LocalOffered);
2964 let mut max_reserved_commit_tx_fee_msat = context.next_local_commit_tx_fee_msat(htlc_above_dust, Some(()));
2965 let htlc_dust = HTLCCandidate::new(real_dust_limit_timeout_sat * 1000 - 1, HTLCInitiator::LocalOffered);
2966 let mut min_reserved_commit_tx_fee_msat = context.next_local_commit_tx_fee_msat(htlc_dust, Some(()));
2967 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2968 max_reserved_commit_tx_fee_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
2969 min_reserved_commit_tx_fee_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
2972 // We will first subtract the fee as if we were above-dust. Then, if the resulting
2973 // value ends up being below dust, we have this fee available again. In that case,
2974 // match the value to right-below-dust.
2975 let mut capacity_minus_commitment_fee_msat: i64 = available_capacity_msat as i64 -
2976 max_reserved_commit_tx_fee_msat as i64 - anchor_outputs_value_msat as i64;
2977 if capacity_minus_commitment_fee_msat < (real_dust_limit_timeout_sat as i64) * 1000 {
2978 let one_htlc_difference_msat = max_reserved_commit_tx_fee_msat - min_reserved_commit_tx_fee_msat;
2979 debug_assert!(one_htlc_difference_msat != 0);
2980 capacity_minus_commitment_fee_msat += one_htlc_difference_msat as i64;
2981 capacity_minus_commitment_fee_msat = cmp::min(real_dust_limit_timeout_sat as i64 * 1000 - 1, capacity_minus_commitment_fee_msat);
2982 available_capacity_msat = cmp::max(0, cmp::min(capacity_minus_commitment_fee_msat, available_capacity_msat as i64)) as u64;
2984 available_capacity_msat = capacity_minus_commitment_fee_msat as u64;
2987 // If the channel is inbound (i.e. counterparty pays the fee), we need to make sure
2988 // sending a new HTLC won't reduce their balance below our reserve threshold.
2989 let mut real_dust_limit_success_sat = context.counterparty_dust_limit_satoshis;
2990 if !context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
2991 real_dust_limit_success_sat += context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000;
2994 let htlc_above_dust = HTLCCandidate::new(real_dust_limit_success_sat * 1000, HTLCInitiator::LocalOffered);
2995 let max_reserved_commit_tx_fee_msat = context.next_remote_commit_tx_fee_msat(htlc_above_dust, None);
2997 let holder_selected_chan_reserve_msat = context.holder_selected_channel_reserve_satoshis * 1000;
2998 let remote_balance_msat = (context.channel_value_satoshis * 1000 - context.value_to_self_msat)
2999 .saturating_sub(inbound_stats.pending_htlcs_value_msat);
3001 if remote_balance_msat < max_reserved_commit_tx_fee_msat + holder_selected_chan_reserve_msat + anchor_outputs_value_msat {
3002 // If another HTLC's fee would reduce the remote's balance below the reserve limit
3003 // we've selected for them, we can only send dust HTLCs.
3004 available_capacity_msat = cmp::min(available_capacity_msat, real_dust_limit_success_sat * 1000 - 1);
3008 let mut next_outbound_htlc_minimum_msat = context.counterparty_htlc_minimum_msat;
3010 // If we get close to our maximum dust exposure, we end up in a situation where we can send
3011 // between zero and the remaining dust exposure limit remaining OR above the dust limit.
3012 // Because we cannot express this as a simple min/max, we prefer to tell the user they can
3013 // send above the dust limit (as the router can always overpay to meet the dust limit).
3014 let mut remaining_msat_below_dust_exposure_limit = None;
3015 let mut dust_exposure_dust_limit_msat = 0;
3016 let max_dust_htlc_exposure_msat = context.get_max_dust_htlc_exposure_msat(fee_estimator);
3018 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3019 (context.counterparty_dust_limit_satoshis, context.holder_dust_limit_satoshis)
3021 let dust_buffer_feerate = context.get_dust_buffer_feerate(None) as u64;
3022 (context.counterparty_dust_limit_satoshis + dust_buffer_feerate * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3023 context.holder_dust_limit_satoshis + dust_buffer_feerate * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3025 let on_counterparty_dust_htlc_exposure_msat = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
3026 if on_counterparty_dust_htlc_exposure_msat as i64 + htlc_success_dust_limit as i64 * 1000 - 1 > max_dust_htlc_exposure_msat.try_into().unwrap_or(i64::max_value()) {
3027 remaining_msat_below_dust_exposure_limit =
3028 Some(max_dust_htlc_exposure_msat.saturating_sub(on_counterparty_dust_htlc_exposure_msat));
3029 dust_exposure_dust_limit_msat = cmp::max(dust_exposure_dust_limit_msat, htlc_success_dust_limit * 1000);
3032 let on_holder_dust_htlc_exposure_msat = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
3033 if on_holder_dust_htlc_exposure_msat as i64 + htlc_timeout_dust_limit as i64 * 1000 - 1 > max_dust_htlc_exposure_msat.try_into().unwrap_or(i64::max_value()) {
3034 remaining_msat_below_dust_exposure_limit = Some(cmp::min(
3035 remaining_msat_below_dust_exposure_limit.unwrap_or(u64::max_value()),
3036 max_dust_htlc_exposure_msat.saturating_sub(on_holder_dust_htlc_exposure_msat)));
3037 dust_exposure_dust_limit_msat = cmp::max(dust_exposure_dust_limit_msat, htlc_timeout_dust_limit * 1000);
3040 if let Some(remaining_limit_msat) = remaining_msat_below_dust_exposure_limit {
3041 if available_capacity_msat < dust_exposure_dust_limit_msat {
3042 available_capacity_msat = cmp::min(available_capacity_msat, remaining_limit_msat);
3044 next_outbound_htlc_minimum_msat = cmp::max(next_outbound_htlc_minimum_msat, dust_exposure_dust_limit_msat);
3048 available_capacity_msat = cmp::min(available_capacity_msat,
3049 context.counterparty_max_htlc_value_in_flight_msat - outbound_stats.pending_htlcs_value_msat);
3051 if outbound_stats.pending_htlcs + 1 > context.counterparty_max_accepted_htlcs as u32 {
3052 available_capacity_msat = 0;
3056 inbound_capacity_msat: cmp::max(context.channel_value_satoshis as i64 * 1000
3057 - context.value_to_self_msat as i64
3058 - context.get_inbound_pending_htlc_stats(None).pending_htlcs_value_msat as i64
3059 - context.holder_selected_channel_reserve_satoshis as i64 * 1000,
3061 outbound_capacity_msat,
3062 next_outbound_htlc_limit_msat: available_capacity_msat,
3063 next_outbound_htlc_minimum_msat,
3068 pub fn get_holder_counterparty_selected_channel_reserve_satoshis(&self) -> (u64, Option<u64>) {
3069 let context = &self;
3070 (context.holder_selected_channel_reserve_satoshis, context.counterparty_selected_channel_reserve_satoshis)
3073 /// Get the commitment tx fee for the local's (i.e. our) next commitment transaction based on the
3074 /// number of pending HTLCs that are on track to be in our next commitment tx.
3076 /// Optionally includes the `HTLCCandidate` given by `htlc` and an additional non-dust HTLC if
3077 /// `fee_spike_buffer_htlc` is `Some`.
3079 /// The first extra HTLC is useful for determining whether we can accept a further HTLC, the
3080 /// second allows for creating a buffer to ensure a further HTLC can always be accepted/added.
3082 /// Dust HTLCs are excluded.
3083 fn next_local_commit_tx_fee_msat(&self, htlc: HTLCCandidate, fee_spike_buffer_htlc: Option<()>) -> u64 {
3084 let context = &self;
3085 assert!(context.is_outbound());
3087 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3090 (context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3091 context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3093 let real_dust_limit_success_sat = htlc_success_dust_limit + context.holder_dust_limit_satoshis;
3094 let real_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.holder_dust_limit_satoshis;
3096 let mut addl_htlcs = 0;
3097 if fee_spike_buffer_htlc.is_some() { addl_htlcs += 1; }
3099 HTLCInitiator::LocalOffered => {
3100 if htlc.amount_msat / 1000 >= real_dust_limit_timeout_sat {
3104 HTLCInitiator::RemoteOffered => {
3105 if htlc.amount_msat / 1000 >= real_dust_limit_success_sat {
3111 let mut included_htlcs = 0;
3112 for ref htlc in context.pending_inbound_htlcs.iter() {
3113 if htlc.amount_msat / 1000 < real_dust_limit_success_sat {
3116 // We include LocalRemoved HTLCs here because we may still need to broadcast a commitment
3117 // transaction including this HTLC if it times out before they RAA.
3118 included_htlcs += 1;
3121 for ref htlc in context.pending_outbound_htlcs.iter() {
3122 if htlc.amount_msat / 1000 < real_dust_limit_timeout_sat {
3126 OutboundHTLCState::LocalAnnounced {..} => included_htlcs += 1,
3127 OutboundHTLCState::Committed => included_htlcs += 1,
3128 OutboundHTLCState::RemoteRemoved {..} => included_htlcs += 1,
3129 // We don't include AwaitingRemoteRevokeToRemove HTLCs because our next commitment
3130 // transaction won't be generated until they send us their next RAA, which will mean
3131 // dropping any HTLCs in this state.
3136 for htlc in context.holding_cell_htlc_updates.iter() {
3138 &HTLCUpdateAwaitingACK::AddHTLC { amount_msat, .. } => {
3139 if amount_msat / 1000 < real_dust_limit_timeout_sat {
3144 _ => {}, // Don't include claims/fails that are awaiting ack, because once we get the
3145 // ack we're guaranteed to never include them in commitment txs anymore.
3149 let num_htlcs = included_htlcs + addl_htlcs;
3150 let res = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs, &context.channel_type);
3151 #[cfg(any(test, fuzzing))]
3154 if fee_spike_buffer_htlc.is_some() {
3155 fee = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs - 1, &context.channel_type);
3157 let total_pending_htlcs = context.pending_inbound_htlcs.len() + context.pending_outbound_htlcs.len()
3158 + context.holding_cell_htlc_updates.len();
3159 let commitment_tx_info = CommitmentTxInfoCached {
3161 total_pending_htlcs,
3162 next_holder_htlc_id: match htlc.origin {
3163 HTLCInitiator::LocalOffered => context.next_holder_htlc_id + 1,
3164 HTLCInitiator::RemoteOffered => context.next_holder_htlc_id,
3166 next_counterparty_htlc_id: match htlc.origin {
3167 HTLCInitiator::LocalOffered => context.next_counterparty_htlc_id,
3168 HTLCInitiator::RemoteOffered => context.next_counterparty_htlc_id + 1,
3170 feerate: context.feerate_per_kw,
3172 *context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = Some(commitment_tx_info);
3177 /// Get the commitment tx fee for the remote's next commitment transaction based on the number of
3178 /// pending HTLCs that are on track to be in their next commitment tx
3180 /// Optionally includes the `HTLCCandidate` given by `htlc` and an additional non-dust HTLC if
3181 /// `fee_spike_buffer_htlc` is `Some`.
3183 /// The first extra HTLC is useful for determining whether we can accept a further HTLC, the
3184 /// second allows for creating a buffer to ensure a further HTLC can always be accepted/added.
3186 /// Dust HTLCs are excluded.
3187 fn next_remote_commit_tx_fee_msat(&self, htlc: HTLCCandidate, fee_spike_buffer_htlc: Option<()>) -> u64 {
3188 let context = &self;
3189 assert!(!context.is_outbound());
3191 let (htlc_success_dust_limit, htlc_timeout_dust_limit) = if context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
3194 (context.feerate_per_kw as u64 * htlc_success_tx_weight(context.get_channel_type()) / 1000,
3195 context.feerate_per_kw as u64 * htlc_timeout_tx_weight(context.get_channel_type()) / 1000)
3197 let real_dust_limit_success_sat = htlc_success_dust_limit + context.counterparty_dust_limit_satoshis;
3198 let real_dust_limit_timeout_sat = htlc_timeout_dust_limit + context.counterparty_dust_limit_satoshis;
3200 let mut addl_htlcs = 0;
3201 if fee_spike_buffer_htlc.is_some() { addl_htlcs += 1; }
3203 HTLCInitiator::LocalOffered => {
3204 if htlc.amount_msat / 1000 >= real_dust_limit_success_sat {
3208 HTLCInitiator::RemoteOffered => {
3209 if htlc.amount_msat / 1000 >= real_dust_limit_timeout_sat {
3215 // When calculating the set of HTLCs which will be included in their next commitment_signed, all
3216 // non-dust inbound HTLCs are included (as all states imply it will be included) and only
3217 // committed outbound HTLCs, see below.
3218 let mut included_htlcs = 0;
3219 for ref htlc in context.pending_inbound_htlcs.iter() {
3220 if htlc.amount_msat / 1000 <= real_dust_limit_timeout_sat {
3223 included_htlcs += 1;
3226 for ref htlc in context.pending_outbound_htlcs.iter() {
3227 if htlc.amount_msat / 1000 <= real_dust_limit_success_sat {
3230 // We only include outbound HTLCs if it will not be included in their next commitment_signed,
3231 // i.e. if they've responded to us with an RAA after announcement.
3233 OutboundHTLCState::Committed => included_htlcs += 1,
3234 OutboundHTLCState::RemoteRemoved {..} => included_htlcs += 1,
3235 OutboundHTLCState::LocalAnnounced { .. } => included_htlcs += 1,
3240 let num_htlcs = included_htlcs + addl_htlcs;
3241 let res = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs, &context.channel_type);
3242 #[cfg(any(test, fuzzing))]
3245 if fee_spike_buffer_htlc.is_some() {
3246 fee = commit_tx_fee_msat(context.feerate_per_kw, num_htlcs - 1, &context.channel_type);
3248 let total_pending_htlcs = context.pending_inbound_htlcs.len() + context.pending_outbound_htlcs.len();
3249 let commitment_tx_info = CommitmentTxInfoCached {
3251 total_pending_htlcs,
3252 next_holder_htlc_id: match htlc.origin {
3253 HTLCInitiator::LocalOffered => context.next_holder_htlc_id + 1,
3254 HTLCInitiator::RemoteOffered => context.next_holder_htlc_id,
3256 next_counterparty_htlc_id: match htlc.origin {
3257 HTLCInitiator::LocalOffered => context.next_counterparty_htlc_id,
3258 HTLCInitiator::RemoteOffered => context.next_counterparty_htlc_id + 1,
3260 feerate: context.feerate_per_kw,
3262 *context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = Some(commitment_tx_info);
3267 fn if_unbroadcasted_funding<F, O>(&self, f: F) -> Option<O> where F: Fn() -> Option<O> {
3268 match self.channel_state {
3269 ChannelState::FundingNegotiated => f(),
3270 ChannelState::AwaitingChannelReady(flags) =>
3271 if flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH) ||
3272 flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into())
3282 /// Returns the transaction if there is a pending funding transaction that is yet to be
3284 pub fn unbroadcasted_funding(&self) -> Option<Transaction> {
3285 self.if_unbroadcasted_funding(|| self.funding_transaction.clone())
3288 /// Returns the transaction ID if there is a pending funding transaction that is yet to be
3290 pub fn unbroadcasted_funding_txid(&self) -> Option<Txid> {
3291 self.if_unbroadcasted_funding(||
3292 self.channel_transaction_parameters.funding_outpoint.map(|txo| txo.txid)
3296 /// Returns whether the channel is funded in a batch.
3297 pub fn is_batch_funding(&self) -> bool {
3298 self.is_batch_funding.is_some()
3301 /// Returns the transaction ID if there is a pending batch funding transaction that is yet to be
3303 pub fn unbroadcasted_batch_funding_txid(&self) -> Option<Txid> {
3304 self.unbroadcasted_funding_txid().filter(|_| self.is_batch_funding())
3307 /// Gets the latest commitment transaction and any dependent transactions for relay (forcing
3308 /// shutdown of this channel - no more calls into this Channel may be made afterwards except
3309 /// those explicitly stated to be allowed after shutdown completes, eg some simple getters).
3310 /// Also returns the list of payment_hashes for channels which we can safely fail backwards
3311 /// immediately (others we will have to allow to time out).
3312 pub fn force_shutdown(&mut self, should_broadcast: bool, closure_reason: ClosureReason) -> ShutdownResult {
3313 // Note that we MUST only generate a monitor update that indicates force-closure - we're
3314 // called during initialization prior to the chain_monitor in the encompassing ChannelManager
3315 // being fully configured in some cases. Thus, its likely any monitor events we generate will
3316 // be delayed in being processed! See the docs for `ChannelManagerReadArgs` for more.
3317 assert!(!matches!(self.channel_state, ChannelState::ShutdownComplete));
3319 // We go ahead and "free" any holding cell HTLCs or HTLCs we haven't yet committed to and
3320 // return them to fail the payment.
3321 let mut dropped_outbound_htlcs = Vec::with_capacity(self.holding_cell_htlc_updates.len());
3322 let counterparty_node_id = self.get_counterparty_node_id();
3323 for htlc_update in self.holding_cell_htlc_updates.drain(..) {
3325 HTLCUpdateAwaitingACK::AddHTLC { source, payment_hash, .. } => {
3326 dropped_outbound_htlcs.push((source, payment_hash, counterparty_node_id, self.channel_id));
3331 let monitor_update = if let Some(funding_txo) = self.get_funding_txo() {
3332 // If we haven't yet exchanged funding signatures (ie channel_state < AwaitingChannelReady),
3333 // returning a channel monitor update here would imply a channel monitor update before
3334 // we even registered the channel monitor to begin with, which is invalid.
3335 // Thus, if we aren't actually at a point where we could conceivably broadcast the
3336 // funding transaction, don't return a funding txo (which prevents providing the
3337 // monitor update to the user, even if we return one).
3338 // See test_duplicate_chan_id and test_pre_lockin_no_chan_closed_update for more.
3339 if !self.channel_state.is_pre_funded_state() {
3340 self.latest_monitor_update_id = CLOSED_CHANNEL_UPDATE_ID;
3341 Some((self.get_counterparty_node_id(), funding_txo, self.channel_id(), ChannelMonitorUpdate {
3342 update_id: self.latest_monitor_update_id,
3343 counterparty_node_id: Some(self.counterparty_node_id),
3344 updates: vec![ChannelMonitorUpdateStep::ChannelForceClosed { should_broadcast }],
3345 channel_id: Some(self.channel_id()),
3349 let unbroadcasted_batch_funding_txid = self.unbroadcasted_batch_funding_txid();
3350 let unbroadcasted_funding_tx = self.unbroadcasted_funding();
3352 self.channel_state = ChannelState::ShutdownComplete;
3353 self.update_time_counter += 1;
3357 dropped_outbound_htlcs,
3358 unbroadcasted_batch_funding_txid,
3359 channel_id: self.channel_id,
3360 user_channel_id: self.user_id,
3361 channel_capacity_satoshis: self.channel_value_satoshis,
3362 counterparty_node_id: self.counterparty_node_id,
3363 unbroadcasted_funding_tx,
3364 channel_funding_txo: self.get_funding_txo(),
3368 /// Only allowed after [`Self::channel_transaction_parameters`] is set.
3369 fn get_funding_signed_msg<L: Deref>(&mut self, logger: &L) -> (CommitmentTransaction, Option<msgs::FundingSigned>) where L::Target: Logger {
3370 let counterparty_keys = self.build_remote_transaction_keys();
3371 let counterparty_initial_commitment_tx = self.build_commitment_transaction(self.cur_counterparty_commitment_transaction_number + 1, &counterparty_keys, false, false, logger).tx;
3373 let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust();
3374 let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction();
3375 log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}",
3376 &self.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction));
3378 match &self.holder_signer {
3379 // TODO (arik): move match into calling method for Taproot
3380 ChannelSignerType::Ecdsa(ecdsa) => {
3381 let funding_signed = ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), Vec::new(), &self.secp_ctx)
3382 .map(|(signature, _)| msgs::FundingSigned {
3383 channel_id: self.channel_id(),
3386 partial_signature_with_nonce: None,
3390 if funding_signed.is_none() {
3391 #[cfg(not(async_signing))] {
3392 panic!("Failed to get signature for funding_signed");
3394 #[cfg(async_signing)] {
3395 log_trace!(logger, "Counterparty commitment signature not available for funding_signed message; setting signer_pending_funding");
3396 self.signer_pending_funding = true;
3398 } else if self.signer_pending_funding {
3399 log_trace!(logger, "Counterparty commitment signature available for funding_signed message; clearing signer_pending_funding");
3400 self.signer_pending_funding = false;
3403 // We sign "counterparty" commitment transaction, allowing them to broadcast the tx if they wish.
3404 (counterparty_initial_commitment_tx, funding_signed)
3406 // TODO (taproot|arik)
3412 /// If we receive an error message when attempting to open a channel, it may only be a rejection
3413 /// of the channel type we tried, not of our ability to open any channel at all. We can see if a
3414 /// downgrade of channel features would be possible so that we can still open the channel.
3415 pub(crate) fn maybe_downgrade_channel_features<F: Deref>(
3416 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>
3419 F::Target: FeeEstimator
3421 if !self.is_outbound() ||
3423 self.channel_state, ChannelState::NegotiatingFunding(flags)
3424 if flags == NegotiatingFundingFlags::OUR_INIT_SENT
3429 if self.channel_type == ChannelTypeFeatures::only_static_remote_key() {
3430 // We've exhausted our options
3433 // We support opening a few different types of channels. Try removing our additional
3434 // features one by one until we've either arrived at our default or the counterparty has
3437 // Due to the order below, we may not negotiate `option_anchors_zero_fee_htlc_tx` if the
3438 // counterparty doesn't support `option_scid_privacy`. Since `get_initial_channel_type`
3439 // checks whether the counterparty supports every feature, this would only happen if the
3440 // counterparty is advertising the feature, but rejecting channels proposing the feature for
3442 if self.channel_type.supports_anchors_zero_fee_htlc_tx() {
3443 self.channel_type.clear_anchors_zero_fee_htlc_tx();
3444 self.feerate_per_kw = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::NonAnchorChannelFee);
3445 assert!(!self.channel_transaction_parameters.channel_type_features.supports_anchors_nonzero_fee_htlc_tx());
3446 } else if self.channel_type.supports_scid_privacy() {
3447 self.channel_type.clear_scid_privacy();
3449 self.channel_type = ChannelTypeFeatures::only_static_remote_key();
3451 self.channel_transaction_parameters.channel_type_features = self.channel_type.clone();
3456 // Internal utility functions for channels
3458 /// Returns the value to use for `holder_max_htlc_value_in_flight_msat` as a percentage of the
3459 /// `channel_value_satoshis` in msat, set through
3460 /// [`ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel`]
3462 /// The effective percentage is lower bounded by 1% and upper bounded by 100%.
3464 /// [`ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel`]: crate::util::config::ChannelHandshakeConfig::max_inbound_htlc_value_in_flight_percent_of_channel
3465 fn get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis: u64, config: &ChannelHandshakeConfig) -> u64 {
3466 let configured_percent = if config.max_inbound_htlc_value_in_flight_percent_of_channel < 1 {
3468 } else if config.max_inbound_htlc_value_in_flight_percent_of_channel > 100 {
3471 config.max_inbound_htlc_value_in_flight_percent_of_channel as u64
3473 channel_value_satoshis * 10 * configured_percent
3476 /// Returns a minimum channel reserve value the remote needs to maintain,
3477 /// required by us according to the configured or default
3478 /// [`ChannelHandshakeConfig::their_channel_reserve_proportional_millionths`]
3480 /// Guaranteed to return a value no larger than channel_value_satoshis
3482 /// This is used both for outbound and inbound channels and has lower bound
3483 /// of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`.
3484 pub(crate) fn get_holder_selected_channel_reserve_satoshis(channel_value_satoshis: u64, config: &UserConfig) -> u64 {
3485 let calculated_reserve = channel_value_satoshis.saturating_mul(config.channel_handshake_config.their_channel_reserve_proportional_millionths as u64) / 1_000_000;
3486 cmp::min(channel_value_satoshis, cmp::max(calculated_reserve, MIN_THEIR_CHAN_RESERVE_SATOSHIS))
3489 /// This is for legacy reasons, present for forward-compatibility.
3490 /// LDK versions older than 0.0.104 don't know how read/handle values other than default
3491 /// from storage. Hence, we use this function to not persist default values of
3492 /// `holder_selected_channel_reserve_satoshis` for channels into storage.
3493 pub(crate) fn get_legacy_default_holder_selected_channel_reserve_satoshis(channel_value_satoshis: u64) -> u64 {
3494 let (q, _) = channel_value_satoshis.overflowing_div(100);
3495 cmp::min(channel_value_satoshis, cmp::max(q, 1000))
3498 /// Returns a minimum channel reserve value each party needs to maintain, fixed in the spec to a
3499 /// default of 1% of the total channel value.
3501 /// Guaranteed to return a value no larger than channel_value_satoshis
3503 /// This is used both for outbound and inbound channels and has lower bound
3504 /// of `dust_limit_satoshis`.
3505 #[cfg(dual_funding)]
3506 fn get_v2_channel_reserve_satoshis(channel_value_satoshis: u64, dust_limit_satoshis: u64) -> u64 {
3507 // Fixed at 1% of channel value by spec.
3508 let (q, _) = channel_value_satoshis.overflowing_div(100);
3509 cmp::min(channel_value_satoshis, cmp::max(q, dust_limit_satoshis))
3512 // Get the fee cost in SATS of a commitment tx with a given number of HTLC outputs.
3513 // Note that num_htlcs should not include dust HTLCs.
3515 fn commit_tx_fee_sat(feerate_per_kw: u32, num_htlcs: usize, channel_type_features: &ChannelTypeFeatures) -> u64 {
3516 feerate_per_kw as u64 * (commitment_tx_base_weight(channel_type_features) + num_htlcs as u64 * COMMITMENT_TX_WEIGHT_PER_HTLC) / 1000
3519 // Get the fee cost in MSATS of a commitment tx with a given number of HTLC outputs.
3520 // Note that num_htlcs should not include dust HTLCs.
3521 pub(crate) fn commit_tx_fee_msat(feerate_per_kw: u32, num_htlcs: usize, channel_type_features: &ChannelTypeFeatures) -> u64 {
3522 // Note that we need to divide before multiplying to round properly,
3523 // since the lowest denomination of bitcoin on-chain is the satoshi.
3524 (commitment_tx_base_weight(channel_type_features) + num_htlcs as u64 * COMMITMENT_TX_WEIGHT_PER_HTLC) * feerate_per_kw as u64 / 1000 * 1000
3527 /// Context for dual-funded channels.
3528 #[cfg(dual_funding)]
3529 pub(super) struct DualFundingChannelContext {
3530 /// The amount in satoshis we will be contributing to the channel.
3531 pub our_funding_satoshis: u64,
3532 /// The amount in satoshis our counterparty will be contributing to the channel.
3533 pub their_funding_satoshis: u64,
3534 /// The funding transaction locktime suggested by the initiator. If set by us, it is always set
3535 /// to the current block height to align incentives against fee-sniping.
3536 pub funding_tx_locktime: u32,
3537 /// The feerate set by the initiator to be used for the funding transaction.
3538 pub funding_feerate_sat_per_1000_weight: u32,
3541 // Holder designates channel data owned for the benefit of the user client.
3542 // Counterparty designates channel data owned by the another channel participant entity.
3543 pub(super) struct Channel<SP: Deref> where SP::Target: SignerProvider {
3544 pub context: ChannelContext<SP>,
3545 #[cfg(dual_funding)]
3546 pub dual_funding_channel_context: Option<DualFundingChannelContext>,
3549 #[cfg(any(test, fuzzing))]
3550 struct CommitmentTxInfoCached {
3552 total_pending_htlcs: usize,
3553 next_holder_htlc_id: u64,
3554 next_counterparty_htlc_id: u64,
3558 /// Contents of a wire message that fails an HTLC backwards. Useful for [`Channel::fail_htlc`] to
3559 /// fail with either [`msgs::UpdateFailMalformedHTLC`] or [`msgs::UpdateFailHTLC`] as needed.
3560 trait FailHTLCContents {
3561 type Message: FailHTLCMessageName;
3562 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message;
3563 fn to_inbound_htlc_state(self) -> InboundHTLCState;
3564 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK;
3566 impl FailHTLCContents for msgs::OnionErrorPacket {
3567 type Message = msgs::UpdateFailHTLC;
3568 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message {
3569 msgs::UpdateFailHTLC { htlc_id, channel_id, reason: self }
3571 fn to_inbound_htlc_state(self) -> InboundHTLCState {
3572 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(self))
3574 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK {
3575 HTLCUpdateAwaitingACK::FailHTLC { htlc_id, err_packet: self }
3578 impl FailHTLCContents for ([u8; 32], u16) {
3579 type Message = msgs::UpdateFailMalformedHTLC;
3580 fn to_message(self, htlc_id: u64, channel_id: ChannelId) -> Self::Message {
3581 msgs::UpdateFailMalformedHTLC {
3584 sha256_of_onion: self.0,
3585 failure_code: self.1
3588 fn to_inbound_htlc_state(self) -> InboundHTLCState {
3589 InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed(self))
3591 fn to_htlc_update_awaiting_ack(self, htlc_id: u64) -> HTLCUpdateAwaitingACK {
3592 HTLCUpdateAwaitingACK::FailMalformedHTLC {
3594 sha256_of_onion: self.0,
3595 failure_code: self.1
3600 trait FailHTLCMessageName {
3601 fn name() -> &'static str;
3603 impl FailHTLCMessageName for msgs::UpdateFailHTLC {
3604 fn name() -> &'static str {
3608 impl FailHTLCMessageName for msgs::UpdateFailMalformedHTLC {
3609 fn name() -> &'static str {
3610 "update_fail_malformed_htlc"
3614 impl<SP: Deref> Channel<SP> where
3615 SP::Target: SignerProvider,
3616 <SP::Target as SignerProvider>::EcdsaSigner: WriteableEcdsaChannelSigner
3618 fn check_remote_fee<F: Deref, L: Deref>(
3619 channel_type: &ChannelTypeFeatures, fee_estimator: &LowerBoundedFeeEstimator<F>,
3620 feerate_per_kw: u32, cur_feerate_per_kw: Option<u32>, logger: &L
3621 ) -> Result<(), ChannelError> where F::Target: FeeEstimator, L::Target: Logger,
3623 let lower_limit_conf_target = if channel_type.supports_anchors_zero_fee_htlc_tx() {
3624 ConfirmationTarget::MinAllowedAnchorChannelRemoteFee
3626 ConfirmationTarget::MinAllowedNonAnchorChannelRemoteFee
3628 let lower_limit = fee_estimator.bounded_sat_per_1000_weight(lower_limit_conf_target);
3629 if feerate_per_kw < lower_limit {
3630 if let Some(cur_feerate) = cur_feerate_per_kw {
3631 if feerate_per_kw > cur_feerate {
3633 "Accepting feerate that may prevent us from closing this channel because it's higher than what we have now. Had {} s/kW, now {} s/kW.",
3634 cur_feerate, feerate_per_kw);
3638 return Err(ChannelError::Close(format!("Peer's feerate much too low. Actual: {}. Our expected lower limit: {}", feerate_per_kw, lower_limit)));
3644 fn get_closing_scriptpubkey(&self) -> ScriptBuf {
3645 // The shutdown scriptpubkey is set on channel opening when option_upfront_shutdown_script
3646 // is signaled. Otherwise, it is set when sending a shutdown message. Calling this method
3647 // outside of those situations will fail.
3648 self.context.shutdown_scriptpubkey.clone().unwrap().into_inner()
3652 fn get_closing_transaction_weight(&self, a_scriptpubkey: Option<&Script>, b_scriptpubkey: Option<&Script>) -> u64 {
3657 1 + // script length (0)
3661 )*4 + // * 4 for non-witness parts
3662 2 + // witness marker and flag
3663 1 + // witness element count
3664 4 + // 4 element lengths (2 sigs, multisig dummy, and witness script)
3665 self.context.get_funding_redeemscript().len() as u64 + // funding witness script
3666 2*(1 + 71); // two signatures + sighash type flags
3667 if let Some(spk) = a_scriptpubkey {
3668 ret += ((8+1) + // output values and script length
3669 spk.len() as u64) * 4; // scriptpubkey and witness multiplier
3671 if let Some(spk) = b_scriptpubkey {
3672 ret += ((8+1) + // output values and script length
3673 spk.len() as u64) * 4; // scriptpubkey and witness multiplier
3679 fn build_closing_transaction(&self, proposed_total_fee_satoshis: u64, skip_remote_output: bool) -> (ClosingTransaction, u64) {
3680 assert!(self.context.pending_inbound_htlcs.is_empty());
3681 assert!(self.context.pending_outbound_htlcs.is_empty());
3682 assert!(self.context.pending_update_fee.is_none());
3684 let mut total_fee_satoshis = proposed_total_fee_satoshis;
3685 let mut value_to_holder: i64 = (self.context.value_to_self_msat as i64) / 1000 - if self.context.is_outbound() { total_fee_satoshis as i64 } else { 0 };
3686 let mut value_to_counterparty: i64 = ((self.context.channel_value_satoshis * 1000 - self.context.value_to_self_msat) as i64 / 1000) - if self.context.is_outbound() { 0 } else { total_fee_satoshis as i64 };
3688 if value_to_holder < 0 {
3689 assert!(self.context.is_outbound());
3690 total_fee_satoshis += (-value_to_holder) as u64;
3691 } else if value_to_counterparty < 0 {
3692 assert!(!self.context.is_outbound());
3693 total_fee_satoshis += (-value_to_counterparty) as u64;
3696 if skip_remote_output || value_to_counterparty as u64 <= self.context.holder_dust_limit_satoshis {
3697 value_to_counterparty = 0;
3700 if value_to_holder as u64 <= self.context.holder_dust_limit_satoshis {
3701 value_to_holder = 0;
3704 assert!(self.context.shutdown_scriptpubkey.is_some());
3705 let holder_shutdown_script = self.get_closing_scriptpubkey();
3706 let counterparty_shutdown_script = self.context.counterparty_shutdown_scriptpubkey.clone().unwrap();
3707 let funding_outpoint = self.funding_outpoint().into_bitcoin_outpoint();
3709 let closing_transaction = ClosingTransaction::new(value_to_holder as u64, value_to_counterparty as u64, holder_shutdown_script, counterparty_shutdown_script, funding_outpoint);
3710 (closing_transaction, total_fee_satoshis)
3713 fn funding_outpoint(&self) -> OutPoint {
3714 self.context.channel_transaction_parameters.funding_outpoint.unwrap()
3717 /// Claims an HTLC while we're disconnected from a peer, dropping the [`ChannelMonitorUpdate`]
3720 /// The [`ChannelMonitor`] for this channel MUST be updated out-of-band with the preimage
3721 /// provided (i.e. without calling [`crate::chain::Watch::update_channel`]).
3723 /// The HTLC claim will end up in the holding cell (because the caller must ensure the peer is
3725 pub fn claim_htlc_while_disconnected_dropping_mon_update<L: Deref>
3726 (&mut self, htlc_id_arg: u64, payment_preimage_arg: PaymentPreimage, logger: &L)
3727 where L::Target: Logger {
3728 // Assert that we'll add the HTLC claim to the holding cell in `get_update_fulfill_htlc`
3729 // (see equivalent if condition there).
3730 assert!(!self.context.channel_state.can_generate_new_commitment());
3731 let mon_update_id = self.context.latest_monitor_update_id; // Forget the ChannelMonitor update
3732 let fulfill_resp = self.get_update_fulfill_htlc(htlc_id_arg, payment_preimage_arg, logger);
3733 self.context.latest_monitor_update_id = mon_update_id;
3734 if let UpdateFulfillFetch::NewClaim { msg, .. } = fulfill_resp {
3735 assert!(msg.is_none()); // The HTLC must have ended up in the holding cell.
3739 fn get_update_fulfill_htlc<L: Deref>(&mut self, htlc_id_arg: u64, payment_preimage_arg: PaymentPreimage, logger: &L) -> UpdateFulfillFetch where L::Target: Logger {
3740 // Either ChannelReady got set (which means it won't be unset) or there is no way any
3741 // caller thought we could have something claimed (cause we wouldn't have accepted in an
3742 // incoming HTLC anyway). If we got to ShutdownComplete, callers aren't allowed to call us,
3744 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
3745 panic!("Was asked to fulfill an HTLC when channel was not in an operational state");
3748 // ChannelManager may generate duplicate claims/fails due to HTLC update events from
3749 // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop
3750 // these, but for now we just have to treat them as normal.
3752 let mut pending_idx = core::usize::MAX;
3753 let mut htlc_value_msat = 0;
3754 for (idx, htlc) in self.context.pending_inbound_htlcs.iter().enumerate() {
3755 if htlc.htlc_id == htlc_id_arg {
3756 debug_assert_eq!(htlc.payment_hash, PaymentHash(Sha256::hash(&payment_preimage_arg.0[..]).to_byte_array()));
3757 log_debug!(logger, "Claiming inbound HTLC id {} with payment hash {} with preimage {}",
3758 htlc.htlc_id, htlc.payment_hash, payment_preimage_arg);
3760 InboundHTLCState::Committed => {},
3761 InboundHTLCState::LocalRemoved(ref reason) => {
3762 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
3764 log_warn!(logger, "Have preimage and want to fulfill HTLC with payment hash {} we already failed against channel {}", &htlc.payment_hash, &self.context.channel_id());
3765 debug_assert!(false, "Tried to fulfill an HTLC that was already failed");
3767 return UpdateFulfillFetch::DuplicateClaim {};
3770 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3771 // Don't return in release mode here so that we can update channel_monitor
3775 htlc_value_msat = htlc.amount_msat;
3779 if pending_idx == core::usize::MAX {
3780 #[cfg(any(test, fuzzing))]
3781 // If we failed to find an HTLC to fulfill, make sure it was previously fulfilled and
3782 // this is simply a duplicate claim, not previously failed and we lost funds.
3783 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3784 return UpdateFulfillFetch::DuplicateClaim {};
3787 // Now update local state:
3789 // We have to put the payment_preimage in the channel_monitor right away here to ensure we
3790 // can claim it even if the channel hits the chain before we see their next commitment.
3791 self.context.latest_monitor_update_id += 1;
3792 let monitor_update = ChannelMonitorUpdate {
3793 update_id: self.context.latest_monitor_update_id,
3794 counterparty_node_id: Some(self.context.counterparty_node_id),
3795 updates: vec![ChannelMonitorUpdateStep::PaymentPreimage {
3796 payment_preimage: payment_preimage_arg.clone(),
3798 channel_id: Some(self.context.channel_id()),
3801 if !self.context.channel_state.can_generate_new_commitment() {
3802 // Note that this condition is the same as the assertion in
3803 // `claim_htlc_while_disconnected_dropping_mon_update` and must match exactly -
3804 // `claim_htlc_while_disconnected_dropping_mon_update` would not work correctly if we
3805 // do not not get into this branch.
3806 for pending_update in self.context.holding_cell_htlc_updates.iter() {
3807 match pending_update {
3808 &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
3809 if htlc_id_arg == htlc_id {
3810 // Make sure we don't leave latest_monitor_update_id incremented here:
3811 self.context.latest_monitor_update_id -= 1;
3812 #[cfg(any(test, fuzzing))]
3813 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3814 return UpdateFulfillFetch::DuplicateClaim {};
3817 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } |
3818 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } =>
3820 if htlc_id_arg == htlc_id {
3821 log_warn!(logger, "Have preimage and want to fulfill HTLC with pending failure against channel {}", &self.context.channel_id());
3822 // TODO: We may actually be able to switch to a fulfill here, though its
3823 // rare enough it may not be worth the complexity burden.
3824 debug_assert!(false, "Tried to fulfill an HTLC that was already failed");
3825 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3831 log_trace!(logger, "Adding HTLC claim to holding_cell in channel {}! Current state: {}", &self.context.channel_id(), self.context.channel_state.to_u32());
3832 self.context.holding_cell_htlc_updates.push(HTLCUpdateAwaitingACK::ClaimHTLC {
3833 payment_preimage: payment_preimage_arg, htlc_id: htlc_id_arg,
3835 #[cfg(any(test, fuzzing))]
3836 self.context.historical_inbound_htlc_fulfills.insert(htlc_id_arg);
3837 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3839 #[cfg(any(test, fuzzing))]
3840 self.context.historical_inbound_htlc_fulfills.insert(htlc_id_arg);
3843 let htlc = &mut self.context.pending_inbound_htlcs[pending_idx];
3844 if let InboundHTLCState::Committed = htlc.state {
3846 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3847 return UpdateFulfillFetch::NewClaim { monitor_update, htlc_value_msat, msg: None };
3849 log_trace!(logger, "Upgrading HTLC {} to LocalRemoved with a Fulfill in channel {}!", &htlc.payment_hash, &self.context.channel_id);
3850 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::Fulfill(payment_preimage_arg.clone()));
3853 UpdateFulfillFetch::NewClaim {
3856 msg: Some(msgs::UpdateFulfillHTLC {
3857 channel_id: self.context.channel_id(),
3858 htlc_id: htlc_id_arg,
3859 payment_preimage: payment_preimage_arg,
3864 pub fn get_update_fulfill_htlc_and_commit<L: Deref>(&mut self, htlc_id: u64, payment_preimage: PaymentPreimage, logger: &L) -> UpdateFulfillCommitFetch where L::Target: Logger {
3865 let release_cs_monitor = self.context.blocked_monitor_updates.is_empty();
3866 match self.get_update_fulfill_htlc(htlc_id, payment_preimage, logger) {
3867 UpdateFulfillFetch::NewClaim { mut monitor_update, htlc_value_msat, msg } => {
3868 // Even if we aren't supposed to let new monitor updates with commitment state
3869 // updates run, we still need to push the preimage ChannelMonitorUpdateStep no
3870 // matter what. Sadly, to push a new monitor update which flies before others
3871 // already queued, we have to insert it into the pending queue and update the
3872 // update_ids of all the following monitors.
3873 if release_cs_monitor && msg.is_some() {
3874 let mut additional_update = self.build_commitment_no_status_check(logger);
3875 // build_commitment_no_status_check may bump latest_monitor_id but we want them
3876 // to be strictly increasing by one, so decrement it here.
3877 self.context.latest_monitor_update_id = monitor_update.update_id;
3878 monitor_update.updates.append(&mut additional_update.updates);
3880 let new_mon_id = self.context.blocked_monitor_updates.get(0)
3881 .map(|upd| upd.update.update_id).unwrap_or(monitor_update.update_id);
3882 monitor_update.update_id = new_mon_id;
3883 for held_update in self.context.blocked_monitor_updates.iter_mut() {
3884 held_update.update.update_id += 1;
3887 debug_assert!(false, "If there is a pending blocked monitor we should have MonitorUpdateInProgress set");
3888 let update = self.build_commitment_no_status_check(logger);
3889 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
3895 self.monitor_updating_paused(false, msg.is_some(), false, Vec::new(), Vec::new(), Vec::new());
3896 UpdateFulfillCommitFetch::NewClaim { monitor_update, htlc_value_msat, }
3898 UpdateFulfillFetch::DuplicateClaim {} => UpdateFulfillCommitFetch::DuplicateClaim {},
3902 /// We can only have one resolution per HTLC. In some cases around reconnect, we may fulfill
3903 /// an HTLC more than once or fulfill once and then attempt to fail after reconnect. We cannot,
3904 /// however, fail more than once as we wait for an upstream failure to be irrevocably committed
3905 /// before we fail backwards.
3907 /// If we do fail twice, we `debug_assert!(false)` and return `Ok(None)`. Thus, this will always
3908 /// return `Ok(_)` if preconditions are met. In any case, `Err`s will only be
3909 /// [`ChannelError::Ignore`].
3910 pub fn queue_fail_htlc<L: Deref>(&mut self, htlc_id_arg: u64, err_packet: msgs::OnionErrorPacket, logger: &L)
3911 -> Result<(), ChannelError> where L::Target: Logger {
3912 self.fail_htlc(htlc_id_arg, err_packet, true, logger)
3913 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
3916 /// Used for failing back with [`msgs::UpdateFailMalformedHTLC`]. For now, this is used when we
3917 /// want to fail blinded HTLCs where we are not the intro node.
3919 /// See [`Self::queue_fail_htlc`] for more info.
3920 pub fn queue_fail_malformed_htlc<L: Deref>(
3921 &mut self, htlc_id_arg: u64, failure_code: u16, sha256_of_onion: [u8; 32], logger: &L
3922 ) -> Result<(), ChannelError> where L::Target: Logger {
3923 self.fail_htlc(htlc_id_arg, (sha256_of_onion, failure_code), true, logger)
3924 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
3927 /// We can only have one resolution per HTLC. In some cases around reconnect, we may fulfill
3928 /// an HTLC more than once or fulfill once and then attempt to fail after reconnect. We cannot,
3929 /// however, fail more than once as we wait for an upstream failure to be irrevocably committed
3930 /// before we fail backwards.
3932 /// If we do fail twice, we `debug_assert!(false)` and return `Ok(None)`. Thus, this will always
3933 /// return `Ok(_)` if preconditions are met. In any case, `Err`s will only be
3934 /// [`ChannelError::Ignore`].
3935 fn fail_htlc<L: Deref, E: FailHTLCContents + Clone>(
3936 &mut self, htlc_id_arg: u64, err_contents: E, mut force_holding_cell: bool,
3938 ) -> Result<Option<E::Message>, ChannelError> where L::Target: Logger {
3939 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
3940 panic!("Was asked to fail an HTLC when channel was not in an operational state");
3943 // ChannelManager may generate duplicate claims/fails due to HTLC update events from
3944 // on-chain ChannelsMonitors during block rescan. Ideally we'd figure out a way to drop
3945 // these, but for now we just have to treat them as normal.
3947 let mut pending_idx = core::usize::MAX;
3948 for (idx, htlc) in self.context.pending_inbound_htlcs.iter().enumerate() {
3949 if htlc.htlc_id == htlc_id_arg {
3951 InboundHTLCState::Committed => {},
3952 InboundHTLCState::LocalRemoved(ref reason) => {
3953 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
3955 debug_assert!(false, "Tried to fail an HTLC that was already failed");
3960 debug_assert!(false, "Have an inbound HTLC we tried to claim before it was fully committed to");
3961 return Err(ChannelError::Ignore(format!("Unable to find a pending HTLC which matched the given HTLC ID ({})", htlc.htlc_id)));
3967 if pending_idx == core::usize::MAX {
3968 #[cfg(any(test, fuzzing))]
3969 // If we failed to find an HTLC to fail, make sure it was previously fulfilled and this
3970 // is simply a duplicate fail, not previously failed and we failed-back too early.
3971 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3975 if !self.context.channel_state.can_generate_new_commitment() {
3976 debug_assert!(force_holding_cell, "!force_holding_cell is only called when emptying the holding cell, so we shouldn't end up back in it!");
3977 force_holding_cell = true;
3980 // Now update local state:
3981 if force_holding_cell {
3982 for pending_update in self.context.holding_cell_htlc_updates.iter() {
3983 match pending_update {
3984 &HTLCUpdateAwaitingACK::ClaimHTLC { htlc_id, .. } => {
3985 if htlc_id_arg == htlc_id {
3986 #[cfg(any(test, fuzzing))]
3987 debug_assert!(self.context.historical_inbound_htlc_fulfills.contains(&htlc_id_arg));
3991 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, .. } |
3992 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, .. } =>
3994 if htlc_id_arg == htlc_id {
3995 debug_assert!(false, "Tried to fail an HTLC that was already failed");
3996 return Err(ChannelError::Ignore("Unable to find a pending HTLC which matched the given HTLC ID".to_owned()));
4002 log_trace!(logger, "Placing failure for HTLC ID {} in holding cell in channel {}.", htlc_id_arg, &self.context.channel_id());
4003 self.context.holding_cell_htlc_updates.push(err_contents.to_htlc_update_awaiting_ack(htlc_id_arg));
4007 log_trace!(logger, "Failing HTLC ID {} back with {} message in channel {}.", htlc_id_arg,
4008 E::Message::name(), &self.context.channel_id());
4010 let htlc = &mut self.context.pending_inbound_htlcs[pending_idx];
4011 htlc.state = err_contents.clone().to_inbound_htlc_state();
4014 Ok(Some(err_contents.to_message(htlc_id_arg, self.context.channel_id())))
4017 // Message handlers:
4018 /// Updates the state of the channel to indicate that all channels in the batch have received
4019 /// funding_signed and persisted their monitors.
4020 /// The funding transaction is consequently allowed to be broadcast, and the channel can be
4021 /// treated as a non-batch channel going forward.
4022 pub fn set_batch_ready(&mut self) {
4023 self.context.is_batch_funding = None;
4024 self.context.channel_state.clear_waiting_for_batch();
4027 /// Unsets the existing funding information.
4029 /// This must only be used if the channel has not yet completed funding and has not been used.
4031 /// Further, the channel must be immediately shut down after this with a call to
4032 /// [`ChannelContext::force_shutdown`].
4033 pub fn unset_funding_info(&mut self, temporary_channel_id: ChannelId) {
4034 debug_assert!(matches!(
4035 self.context.channel_state, ChannelState::AwaitingChannelReady(_)
4037 self.context.channel_transaction_parameters.funding_outpoint = None;
4038 self.context.channel_id = temporary_channel_id;
4041 /// Handles a channel_ready message from our peer. If we've already sent our channel_ready
4042 /// and the channel is now usable (and public), this may generate an announcement_signatures to
4044 pub fn channel_ready<NS: Deref, L: Deref>(
4045 &mut self, msg: &msgs::ChannelReady, node_signer: &NS, chain_hash: ChainHash,
4046 user_config: &UserConfig, best_block: &BestBlock, logger: &L
4047 ) -> Result<Option<msgs::AnnouncementSignatures>, ChannelError>
4049 NS::Target: NodeSigner,
4052 if self.context.channel_state.is_peer_disconnected() {
4053 self.context.workaround_lnd_bug_4006 = Some(msg.clone());
4054 return Err(ChannelError::Ignore("Peer sent channel_ready when we needed a channel_reestablish. The peer is likely lnd, see https://github.com/lightningnetwork/lnd/issues/4006".to_owned()));
4057 if let Some(scid_alias) = msg.short_channel_id_alias {
4058 if Some(scid_alias) != self.context.short_channel_id {
4059 // The scid alias provided can be used to route payments *from* our counterparty,
4060 // i.e. can be used for inbound payments and provided in invoices, but is not used
4061 // when routing outbound payments.
4062 self.context.latest_inbound_scid_alias = Some(scid_alias);
4066 // Our channel_ready shouldn't have been sent if we are waiting for other channels in the
4067 // batch, but we can receive channel_ready messages.
4068 let mut check_reconnection = false;
4069 match &self.context.channel_state {
4070 ChannelState::AwaitingChannelReady(flags) => {
4071 let flags = flags.clone().clear(FundedStateFlags::ALL.into());
4072 debug_assert!(!flags.is_set(AwaitingChannelReadyFlags::OUR_CHANNEL_READY) || !flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
4073 if flags.clone().clear(AwaitingChannelReadyFlags::WAITING_FOR_BATCH) == AwaitingChannelReadyFlags::THEIR_CHANNEL_READY {
4074 // If we reconnected before sending our `channel_ready` they may still resend theirs.
4075 check_reconnection = true;
4076 } else if flags.clone().clear(AwaitingChannelReadyFlags::WAITING_FOR_BATCH).is_empty() {
4077 self.context.channel_state.set_their_channel_ready();
4078 } else if flags == AwaitingChannelReadyFlags::OUR_CHANNEL_READY {
4079 self.context.channel_state = ChannelState::ChannelReady(self.context.channel_state.with_funded_state_flags_mask().into());
4080 self.context.update_time_counter += 1;
4082 // We're in `WAITING_FOR_BATCH`, so we should wait until we're ready.
4083 debug_assert!(flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
4086 // If we reconnected before sending our `channel_ready` they may still resend theirs.
4087 ChannelState::ChannelReady(_) => check_reconnection = true,
4088 _ => return Err(ChannelError::Close("Peer sent a channel_ready at a strange time".to_owned())),
4090 if check_reconnection {
4091 // They probably disconnected/reconnected and re-sent the channel_ready, which is
4092 // required, or they're sending a fresh SCID alias.
4093 let expected_point =
4094 if self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 {
4095 // If they haven't ever sent an updated point, the point they send should match
4097 self.context.counterparty_cur_commitment_point
4098 } else if self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 2 {
4099 // If we've advanced the commitment number once, the second commitment point is
4100 // at `counterparty_prev_commitment_point`, which is not yet revoked.
4101 debug_assert!(self.context.counterparty_prev_commitment_point.is_some());
4102 self.context.counterparty_prev_commitment_point
4104 // If they have sent updated points, channel_ready is always supposed to match
4105 // their "first" point, which we re-derive here.
4106 Some(PublicKey::from_secret_key(&self.context.secp_ctx, &SecretKey::from_slice(
4107 &self.context.commitment_secrets.get_secret(INITIAL_COMMITMENT_NUMBER - 1).expect("We should have all prev secrets available")
4108 ).expect("We already advanced, so previous secret keys should have been validated already")))
4110 if expected_point != Some(msg.next_per_commitment_point) {
4111 return Err(ChannelError::Close("Peer sent a reconnect channel_ready with a different point".to_owned()));
4116 self.context.counterparty_prev_commitment_point = self.context.counterparty_cur_commitment_point;
4117 self.context.counterparty_cur_commitment_point = Some(msg.next_per_commitment_point);
4119 log_info!(logger, "Received channel_ready from peer for channel {}", &self.context.channel_id());
4121 Ok(self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block.height, logger))
4124 pub fn update_add_htlc(
4125 &mut self, msg: &msgs::UpdateAddHTLC, pending_forward_status: PendingHTLCStatus,
4126 ) -> Result<(), ChannelError> {
4127 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4128 return Err(ChannelError::Close("Got add HTLC message when channel was not in an operational state".to_owned()));
4130 // If the remote has sent a shutdown prior to adding this HTLC, then they are in violation of the spec.
4131 if self.context.channel_state.is_remote_shutdown_sent() {
4132 return Err(ChannelError::Close("Got add HTLC message when channel was not in an operational state".to_owned()));
4134 if self.context.channel_state.is_peer_disconnected() {
4135 return Err(ChannelError::Close("Peer sent update_add_htlc when we needed a channel_reestablish".to_owned()));
4137 if msg.amount_msat > self.context.channel_value_satoshis * 1000 {
4138 return Err(ChannelError::Close("Remote side tried to send more than the total value of the channel".to_owned()));
4140 if msg.amount_msat == 0 {
4141 return Err(ChannelError::Close("Remote side tried to send a 0-msat HTLC".to_owned()));
4143 if msg.amount_msat < self.context.holder_htlc_minimum_msat {
4144 return Err(ChannelError::Close(format!("Remote side tried to send less than our minimum HTLC value. Lower limit: ({}). Actual: ({})", self.context.holder_htlc_minimum_msat, msg.amount_msat)));
4147 let inbound_stats = self.context.get_inbound_pending_htlc_stats(None);
4148 if inbound_stats.pending_htlcs + 1 > self.context.holder_max_accepted_htlcs as u32 {
4149 return Err(ChannelError::Close(format!("Remote tried to push more than our max accepted HTLCs ({})", self.context.holder_max_accepted_htlcs)));
4151 if inbound_stats.pending_htlcs_value_msat + msg.amount_msat > self.context.holder_max_htlc_value_in_flight_msat {
4152 return Err(ChannelError::Close(format!("Remote HTLC add would put them over our max HTLC value ({})", self.context.holder_max_htlc_value_in_flight_msat)));
4155 // Check holder_selected_channel_reserve_satoshis (we're getting paid, so they have to at least meet
4156 // the reserve_satoshis we told them to always have as direct payment so that they lose
4157 // something if we punish them for broadcasting an old state).
4158 // Note that we don't really care about having a small/no to_remote output in our local
4159 // commitment transactions, as the purpose of the channel reserve is to ensure we can
4160 // punish *them* if they misbehave, so we discount any outbound HTLCs which will not be
4161 // present in the next commitment transaction we send them (at least for fulfilled ones,
4162 // failed ones won't modify value_to_self).
4163 // Note that we will send HTLCs which another instance of rust-lightning would think
4164 // violate the reserve value if we do not do this (as we forget inbound HTLCs from the
4165 // Channel state once they will not be present in the next received commitment
4167 let mut removed_outbound_total_msat = 0;
4168 for ref htlc in self.context.pending_outbound_htlcs.iter() {
4169 if let OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_)) = htlc.state {
4170 removed_outbound_total_msat += htlc.amount_msat;
4171 } else if let OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) = htlc.state {
4172 removed_outbound_total_msat += htlc.amount_msat;
4176 let pending_value_to_self_msat =
4177 self.context.value_to_self_msat + inbound_stats.pending_htlcs_value_msat - removed_outbound_total_msat;
4178 let pending_remote_value_msat =
4179 self.context.channel_value_satoshis * 1000 - pending_value_to_self_msat;
4180 if pending_remote_value_msat < msg.amount_msat {
4181 return Err(ChannelError::Close("Remote HTLC add would overdraw remaining funds".to_owned()));
4184 // Check that the remote can afford to pay for this HTLC on-chain at the current
4185 // feerate_per_kw, while maintaining their channel reserve (as required by the spec).
4187 let remote_commit_tx_fee_msat = if self.context.is_outbound() { 0 } else {
4188 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
4189 self.context.next_remote_commit_tx_fee_msat(htlc_candidate, None) // Don't include the extra fee spike buffer HTLC in calculations
4191 let anchor_outputs_value_msat = if !self.context.is_outbound() && self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4192 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
4196 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(anchor_outputs_value_msat) < remote_commit_tx_fee_msat {
4197 return Err(ChannelError::Close("Remote HTLC add would not leave enough to pay for fees".to_owned()));
4199 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(remote_commit_tx_fee_msat).saturating_sub(anchor_outputs_value_msat) < self.context.holder_selected_channel_reserve_satoshis * 1000 {
4200 return Err(ChannelError::Close("Remote HTLC add would put them under remote reserve value".to_owned()));
4204 let anchor_outputs_value_msat = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
4205 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
4209 if self.context.is_outbound() {
4210 // Check that they won't violate our local required channel reserve by adding this HTLC.
4211 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
4212 let local_commit_tx_fee_msat = self.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
4213 if self.context.value_to_self_msat < self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000 + local_commit_tx_fee_msat + anchor_outputs_value_msat {
4214 return Err(ChannelError::Close("Cannot accept HTLC that would put our balance under counterparty-announced channel reserve value".to_owned()));
4217 if self.context.next_counterparty_htlc_id != msg.htlc_id {
4218 return Err(ChannelError::Close(format!("Remote skipped HTLC ID (skipped ID: {})", self.context.next_counterparty_htlc_id)));
4220 if msg.cltv_expiry >= 500000000 {
4221 return Err(ChannelError::Close("Remote provided CLTV expiry in seconds instead of block height".to_owned()));
4224 if self.context.channel_state.is_local_shutdown_sent() {
4225 if let PendingHTLCStatus::Forward(_) = pending_forward_status {
4226 panic!("ChannelManager shouldn't be trying to add a forwardable HTLC after we've started closing");
4230 // Now update local state:
4231 self.context.next_counterparty_htlc_id += 1;
4232 self.context.pending_inbound_htlcs.push(InboundHTLCOutput {
4233 htlc_id: msg.htlc_id,
4234 amount_msat: msg.amount_msat,
4235 payment_hash: msg.payment_hash,
4236 cltv_expiry: msg.cltv_expiry,
4237 state: InboundHTLCState::RemoteAnnounced(InboundHTLCResolution::Resolved {
4238 pending_htlc_status: pending_forward_status
4244 /// Marks an outbound HTLC which we have received update_fail/fulfill/malformed
4246 fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<PaymentPreimage>, fail_reason: Option<HTLCFailReason>) -> Result<&OutboundHTLCOutput, ChannelError> {
4247 assert!(!(check_preimage.is_some() && fail_reason.is_some()), "cannot fail while we have a preimage");
4248 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
4249 if htlc.htlc_id == htlc_id {
4250 let outcome = match check_preimage {
4251 None => fail_reason.into(),
4252 Some(payment_preimage) => {
4253 let payment_hash = PaymentHash(Sha256::hash(&payment_preimage.0[..]).to_byte_array());
4254 if payment_hash != htlc.payment_hash {
4255 return Err(ChannelError::Close(format!("Remote tried to fulfill HTLC ({}) with an incorrect preimage", htlc_id)));
4257 OutboundHTLCOutcome::Success(Some(payment_preimage))
4261 OutboundHTLCState::LocalAnnounced(_) =>
4262 return Err(ChannelError::Close(format!("Remote tried to fulfill/fail HTLC ({}) before it had been committed", htlc_id))),
4263 OutboundHTLCState::Committed => {
4264 htlc.state = OutboundHTLCState::RemoteRemoved(outcome);
4266 OutboundHTLCState::AwaitingRemoteRevokeToRemove(_) | OutboundHTLCState::AwaitingRemovedRemoteRevoke(_) | OutboundHTLCState::RemoteRemoved(_) =>
4267 return Err(ChannelError::Close(format!("Remote tried to fulfill/fail HTLC ({}) that they'd already fulfilled/failed", htlc_id))),
4272 Err(ChannelError::Close("Remote tried to fulfill/fail an HTLC we couldn't find".to_owned()))
4275 pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<(HTLCSource, u64, Option<u64>), ChannelError> {
4276 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4277 return Err(ChannelError::Close("Got fulfill HTLC message when channel was not in an operational state".to_owned()));
4279 if self.context.channel_state.is_peer_disconnected() {
4280 return Err(ChannelError::Close("Peer sent update_fulfill_htlc when we needed a channel_reestablish".to_owned()));
4283 self.mark_outbound_htlc_removed(msg.htlc_id, Some(msg.payment_preimage), None).map(|htlc| (htlc.source.clone(), htlc.amount_msat, htlc.skimmed_fee_msat))
4286 pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> {
4287 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4288 return Err(ChannelError::Close("Got fail HTLC message when channel was not in an operational state".to_owned()));
4290 if self.context.channel_state.is_peer_disconnected() {
4291 return Err(ChannelError::Close("Peer sent update_fail_htlc when we needed a channel_reestablish".to_owned()));
4294 self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?;
4298 pub fn update_fail_malformed_htlc(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<(), ChannelError> {
4299 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4300 return Err(ChannelError::Close("Got fail malformed HTLC message when channel was not in an operational state".to_owned()));
4302 if self.context.channel_state.is_peer_disconnected() {
4303 return Err(ChannelError::Close("Peer sent update_fail_malformed_htlc when we needed a channel_reestablish".to_owned()));
4306 self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))?;
4310 pub fn commitment_signed<L: Deref>(&mut self, msg: &msgs::CommitmentSigned, logger: &L) -> Result<Option<ChannelMonitorUpdate>, ChannelError>
4311 where L::Target: Logger
4313 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4314 return Err(ChannelError::Close("Got commitment signed message when channel was not in an operational state".to_owned()));
4316 if self.context.channel_state.is_peer_disconnected() {
4317 return Err(ChannelError::Close("Peer sent commitment_signed when we needed a channel_reestablish".to_owned()));
4319 if self.context.channel_state.is_both_sides_shutdown() && self.context.last_sent_closing_fee.is_some() {
4320 return Err(ChannelError::Close("Peer sent commitment_signed after we'd started exchanging closing_signeds".to_owned()));
4323 let funding_script = self.context.get_funding_redeemscript();
4325 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
4327 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, false, logger);
4328 let commitment_txid = {
4329 let trusted_tx = commitment_stats.tx.trust();
4330 let bitcoin_tx = trusted_tx.built_transaction();
4331 let sighash = bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
4333 log_trace!(logger, "Checking commitment tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}",
4334 log_bytes!(msg.signature.serialize_compact()[..]),
4335 log_bytes!(self.context.counterparty_funding_pubkey().serialize()), encode::serialize_hex(&bitcoin_tx.transaction),
4336 log_bytes!(sighash[..]), encode::serialize_hex(&funding_script), &self.context.channel_id());
4337 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.counterparty_funding_pubkey()) {
4338 return Err(ChannelError::Close("Invalid commitment tx signature from peer".to_owned()));
4342 let mut htlcs_cloned: Vec<_> = commitment_stats.htlcs_included.iter().map(|htlc| (htlc.0.clone(), htlc.1.map(|h| h.clone()))).collect();
4344 // If our counterparty updated the channel fee in this commitment transaction, check that
4345 // they can actually afford the new fee now.
4346 let update_fee = if let Some((_, update_state)) = self.context.pending_update_fee {
4347 update_state == FeeUpdateState::RemoteAnnounced
4350 debug_assert!(!self.context.is_outbound());
4351 let counterparty_reserve_we_require_msat = self.context.holder_selected_channel_reserve_satoshis * 1000;
4352 if commitment_stats.remote_balance_msat < commitment_stats.total_fee_sat * 1000 + counterparty_reserve_we_require_msat {
4353 return Err(ChannelError::Close("Funding remote cannot afford proposed new fee".to_owned()));
4356 #[cfg(any(test, fuzzing))]
4358 if self.context.is_outbound() {
4359 let projected_commit_tx_info = self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap().take();
4360 *self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = None;
4361 if let Some(info) = projected_commit_tx_info {
4362 let total_pending_htlcs = self.context.pending_inbound_htlcs.len() + self.context.pending_outbound_htlcs.len()
4363 + self.context.holding_cell_htlc_updates.len();
4364 if info.total_pending_htlcs == total_pending_htlcs
4365 && info.next_holder_htlc_id == self.context.next_holder_htlc_id
4366 && info.next_counterparty_htlc_id == self.context.next_counterparty_htlc_id
4367 && info.feerate == self.context.feerate_per_kw {
4368 assert_eq!(commitment_stats.total_fee_sat, info.fee / 1000);
4374 if msg.htlc_signatures.len() != commitment_stats.num_nondust_htlcs {
4375 return Err(ChannelError::Close(format!("Got wrong number of HTLC signatures ({}) from remote. It must be {}", msg.htlc_signatures.len(), commitment_stats.num_nondust_htlcs)));
4378 // Up to LDK 0.0.115, HTLC information was required to be duplicated in the
4379 // `htlcs_and_sigs` vec and in the `holder_commitment_tx` itself, both of which were passed
4380 // in the `ChannelMonitorUpdate`. In 0.0.115, support for having a separate set of
4381 // outbound-non-dust-HTLCSources in the `ChannelMonitorUpdate` was added, however for
4382 // backwards compatibility, we never use it in production. To provide test coverage, here,
4383 // we randomly decide (in test/fuzzing builds) to use the new vec sometimes.
4384 #[allow(unused_assignments, unused_mut)]
4385 let mut separate_nondust_htlc_sources = false;
4386 #[cfg(all(feature = "std", any(test, fuzzing)))] {
4387 use core::hash::{BuildHasher, Hasher};
4388 // Get a random value using the only std API to do so - the DefaultHasher
4389 let rand_val = std::collections::hash_map::RandomState::new().build_hasher().finish();
4390 separate_nondust_htlc_sources = rand_val % 2 == 0;
4393 let mut nondust_htlc_sources = Vec::with_capacity(htlcs_cloned.len());
4394 let mut htlcs_and_sigs = Vec::with_capacity(htlcs_cloned.len());
4395 for (idx, (htlc, mut source_opt)) in htlcs_cloned.drain(..).enumerate() {
4396 if let Some(_) = htlc.transaction_output_index {
4397 let htlc_tx = chan_utils::build_htlc_transaction(&commitment_txid, commitment_stats.feerate_per_kw,
4398 self.context.get_counterparty_selected_contest_delay().unwrap(), &htlc, &self.context.channel_type,
4399 &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
4401 let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, &self.context.channel_type, &keys);
4402 let htlc_sighashtype = if self.context.channel_type.supports_anchors_zero_fee_htlc_tx() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
4403 let htlc_sighash = hash_to_message!(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]);
4404 log_trace!(logger, "Checking HTLC tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} in channel {}.",
4405 log_bytes!(msg.htlc_signatures[idx].serialize_compact()[..]), log_bytes!(keys.countersignatory_htlc_key.to_public_key().serialize()),
4406 encode::serialize_hex(&htlc_tx), log_bytes!(htlc_sighash[..]), encode::serialize_hex(&htlc_redeemscript), &self.context.channel_id());
4407 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&htlc_sighash, &msg.htlc_signatures[idx], &keys.countersignatory_htlc_key.to_public_key()) {
4408 return Err(ChannelError::Close("Invalid HTLC tx signature from peer".to_owned()));
4410 if !separate_nondust_htlc_sources {
4411 htlcs_and_sigs.push((htlc, Some(msg.htlc_signatures[idx]), source_opt.take()));
4414 htlcs_and_sigs.push((htlc, None, source_opt.take()));
4416 if separate_nondust_htlc_sources {
4417 if let Some(source) = source_opt.take() {
4418 nondust_htlc_sources.push(source);
4421 debug_assert!(source_opt.is_none(), "HTLCSource should have been put somewhere");
4424 let holder_commitment_tx = HolderCommitmentTransaction::new(
4425 commitment_stats.tx,
4427 msg.htlc_signatures.clone(),
4428 &self.context.get_holder_pubkeys().funding_pubkey,
4429 self.context.counterparty_funding_pubkey()
4432 self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, commitment_stats.outbound_htlc_preimages)
4433 .map_err(|_| ChannelError::Close("Failed to validate our commitment".to_owned()))?;
4435 // Update state now that we've passed all the can-fail calls...
4436 let mut need_commitment = false;
4437 if let &mut Some((_, ref mut update_state)) = &mut self.context.pending_update_fee {
4438 if *update_state == FeeUpdateState::RemoteAnnounced {
4439 *update_state = FeeUpdateState::AwaitingRemoteRevokeToAnnounce;
4440 need_commitment = true;
4444 for htlc in self.context.pending_inbound_htlcs.iter_mut() {
4445 let htlc_resolution = if let &InboundHTLCState::RemoteAnnounced(ref resolution) = &htlc.state {
4446 Some(resolution.clone())
4448 if let Some(htlc_resolution) = htlc_resolution {
4449 log_trace!(logger, "Updating HTLC {} to AwaitingRemoteRevokeToAnnounce due to commitment_signed in channel {}.",
4450 &htlc.payment_hash, &self.context.channel_id);
4451 htlc.state = InboundHTLCState::AwaitingRemoteRevokeToAnnounce(htlc_resolution);
4452 need_commitment = true;
4455 let mut claimed_htlcs = Vec::new();
4456 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
4457 if let &mut OutboundHTLCState::RemoteRemoved(ref mut outcome) = &mut htlc.state {
4458 log_trace!(logger, "Updating HTLC {} to AwaitingRemoteRevokeToRemove due to commitment_signed in channel {}.",
4459 &htlc.payment_hash, &self.context.channel_id);
4460 // Grab the preimage, if it exists, instead of cloning
4461 let mut reason = OutboundHTLCOutcome::Success(None);
4462 mem::swap(outcome, &mut reason);
4463 if let OutboundHTLCOutcome::Success(Some(preimage)) = reason {
4464 // If a user (a) receives an HTLC claim using LDK 0.0.104 or before, then (b)
4465 // upgrades to LDK 0.0.114 or later before the HTLC is fully resolved, we could
4466 // have a `Success(None)` reason. In this case we could forget some HTLC
4467 // claims, but such an upgrade is unlikely and including claimed HTLCs here
4468 // fixes a bug which the user was exposed to on 0.0.104 when they started the
4470 claimed_htlcs.push((SentHTLCId::from_source(&htlc.source), preimage));
4472 htlc.state = OutboundHTLCState::AwaitingRemoteRevokeToRemove(reason);
4473 need_commitment = true;
4477 self.context.latest_monitor_update_id += 1;
4478 let mut monitor_update = ChannelMonitorUpdate {
4479 update_id: self.context.latest_monitor_update_id,
4480 counterparty_node_id: Some(self.context.counterparty_node_id),
4481 updates: vec![ChannelMonitorUpdateStep::LatestHolderCommitmentTXInfo {
4482 commitment_tx: holder_commitment_tx,
4483 htlc_outputs: htlcs_and_sigs,
4485 nondust_htlc_sources,
4487 channel_id: Some(self.context.channel_id()),
4490 self.context.cur_holder_commitment_transaction_number -= 1;
4491 self.context.expecting_peer_commitment_signed = false;
4492 // Note that if we need_commitment & !AwaitingRemoteRevoke we'll call
4493 // build_commitment_no_status_check() next which will reset this to RAAFirst.
4494 self.context.resend_order = RAACommitmentOrder::CommitmentFirst;
4496 if self.context.channel_state.is_monitor_update_in_progress() {
4497 // In case we initially failed monitor updating without requiring a response, we need
4498 // to make sure the RAA gets sent first.
4499 self.context.monitor_pending_revoke_and_ack = true;
4500 if need_commitment && !self.context.channel_state.is_awaiting_remote_revoke() {
4501 // If we were going to send a commitment_signed after the RAA, go ahead and do all
4502 // the corresponding HTLC status updates so that
4503 // get_last_commitment_update_for_send includes the right HTLCs.
4504 self.context.monitor_pending_commitment_signed = true;
4505 let mut additional_update = self.build_commitment_no_status_check(logger);
4506 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4507 // strictly increasing by one, so decrement it here.
4508 self.context.latest_monitor_update_id = monitor_update.update_id;
4509 monitor_update.updates.append(&mut additional_update.updates);
4511 log_debug!(logger, "Received valid commitment_signed from peer in channel {}, updated HTLC state but awaiting a monitor update resolution to reply.",
4512 &self.context.channel_id);
4513 return Ok(self.push_ret_blockable_mon_update(monitor_update));
4516 let need_commitment_signed = if need_commitment && !self.context.channel_state.is_awaiting_remote_revoke() {
4517 // If we're AwaitingRemoteRevoke we can't send a new commitment here, but that's ok -
4518 // we'll send one right away when we get the revoke_and_ack when we
4519 // free_holding_cell_htlcs().
4520 let mut additional_update = self.build_commitment_no_status_check(logger);
4521 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4522 // strictly increasing by one, so decrement it here.
4523 self.context.latest_monitor_update_id = monitor_update.update_id;
4524 monitor_update.updates.append(&mut additional_update.updates);
4528 log_debug!(logger, "Received valid commitment_signed from peer in channel {}, updating HTLC state and responding with{} a revoke_and_ack.",
4529 &self.context.channel_id(), if need_commitment_signed { " our own commitment_signed and" } else { "" });
4530 self.monitor_updating_paused(true, need_commitment_signed, false, Vec::new(), Vec::new(), Vec::new());
4531 return Ok(self.push_ret_blockable_mon_update(monitor_update));
4534 /// Public version of the below, checking relevant preconditions first.
4535 /// If we're not in a state where freeing the holding cell makes sense, this is a no-op and
4536 /// returns `(None, Vec::new())`.
4537 pub fn maybe_free_holding_cell_htlcs<F: Deref, L: Deref>(
4538 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
4539 ) -> (Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>)
4540 where F::Target: FeeEstimator, L::Target: Logger
4542 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) && self.context.channel_state.can_generate_new_commitment() {
4543 self.free_holding_cell_htlcs(fee_estimator, logger)
4544 } else { (None, Vec::new()) }
4547 /// Frees any pending commitment updates in the holding cell, generating the relevant messages
4548 /// for our counterparty.
4549 fn free_holding_cell_htlcs<F: Deref, L: Deref>(
4550 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
4551 ) -> (Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>)
4552 where F::Target: FeeEstimator, L::Target: Logger
4554 assert!(!self.context.channel_state.is_monitor_update_in_progress());
4555 if self.context.holding_cell_htlc_updates.len() != 0 || self.context.holding_cell_update_fee.is_some() {
4556 log_trace!(logger, "Freeing holding cell with {} HTLC updates{} in channel {}", self.context.holding_cell_htlc_updates.len(),
4557 if self.context.holding_cell_update_fee.is_some() { " and a fee update" } else { "" }, &self.context.channel_id());
4559 let mut monitor_update = ChannelMonitorUpdate {
4560 update_id: self.context.latest_monitor_update_id + 1, // We don't increment this yet!
4561 counterparty_node_id: Some(self.context.counterparty_node_id),
4562 updates: Vec::new(),
4563 channel_id: Some(self.context.channel_id()),
4566 let mut htlc_updates = Vec::new();
4567 mem::swap(&mut htlc_updates, &mut self.context.holding_cell_htlc_updates);
4568 let mut update_add_count = 0;
4569 let mut update_fulfill_count = 0;
4570 let mut update_fail_count = 0;
4571 let mut htlcs_to_fail = Vec::new();
4572 for htlc_update in htlc_updates.drain(..) {
4573 // Note that this *can* fail, though it should be due to rather-rare conditions on
4574 // fee races with adding too many outputs which push our total payments just over
4575 // the limit. In case it's less rare than I anticipate, we may want to revisit
4576 // handling this case better and maybe fulfilling some of the HTLCs while attempting
4577 // to rebalance channels.
4578 let fail_htlc_res = match &htlc_update {
4579 &HTLCUpdateAwaitingACK::AddHTLC {
4580 amount_msat, cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet,
4581 skimmed_fee_msat, blinding_point, ..
4583 match self.send_htlc(
4584 amount_msat, *payment_hash, cltv_expiry, source.clone(), onion_routing_packet.clone(),
4585 false, skimmed_fee_msat, blinding_point, fee_estimator, logger
4587 Ok(_) => update_add_count += 1,
4590 ChannelError::Ignore(ref msg) => {
4591 log_info!(logger, "Failed to send HTLC with payment_hash {} due to {} in channel {}", &payment_hash, msg, &self.context.channel_id());
4592 // If we fail to send here, then this HTLC should
4593 // be failed backwards. Failing to send here
4594 // indicates that this HTLC may keep being put back
4595 // into the holding cell without ever being
4596 // successfully forwarded/failed/fulfilled, causing
4597 // our counterparty to eventually close on us.
4598 htlcs_to_fail.push((source.clone(), *payment_hash));
4601 panic!("Got a non-IgnoreError action trying to send holding cell HTLC");
4608 &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, htlc_id, .. } => {
4609 // If an HTLC claim was previously added to the holding cell (via
4610 // `get_update_fulfill_htlc`, then generating the claim message itself must
4611 // not fail - any in between attempts to claim the HTLC will have resulted
4612 // in it hitting the holding cell again and we cannot change the state of a
4613 // holding cell HTLC from fulfill to anything else.
4614 let mut additional_monitor_update =
4615 if let UpdateFulfillFetch::NewClaim { monitor_update, .. } =
4616 self.get_update_fulfill_htlc(htlc_id, *payment_preimage, logger)
4617 { monitor_update } else { unreachable!() };
4618 update_fulfill_count += 1;
4619 monitor_update.updates.append(&mut additional_monitor_update.updates);
4622 &HTLCUpdateAwaitingACK::FailHTLC { htlc_id, ref err_packet } => {
4623 Some(self.fail_htlc(htlc_id, err_packet.clone(), false, logger)
4624 .map(|fail_msg_opt| fail_msg_opt.map(|_| ())))
4626 &HTLCUpdateAwaitingACK::FailMalformedHTLC { htlc_id, failure_code, sha256_of_onion } => {
4627 Some(self.fail_htlc(htlc_id, (sha256_of_onion, failure_code), false, logger)
4628 .map(|fail_msg_opt| fail_msg_opt.map(|_| ())))
4631 if let Some(res) = fail_htlc_res {
4633 Ok(fail_msg_opt) => {
4634 // If an HTLC failure was previously added to the holding cell (via
4635 // `queue_fail_{malformed_}htlc`) then generating the fail message itself must
4636 // not fail - we should never end up in a state where we double-fail
4637 // an HTLC or fail-then-claim an HTLC as it indicates we didn't wait
4638 // for a full revocation before failing.
4639 debug_assert!(fail_msg_opt.is_some());
4640 update_fail_count += 1;
4642 Err(ChannelError::Ignore(_)) => {},
4644 panic!("Got a non-IgnoreError action trying to fail holding cell HTLC");
4649 if update_add_count == 0 && update_fulfill_count == 0 && update_fail_count == 0 && self.context.holding_cell_update_fee.is_none() {
4650 return (None, htlcs_to_fail);
4652 let update_fee = if let Some(feerate) = self.context.holding_cell_update_fee.take() {
4653 self.send_update_fee(feerate, false, fee_estimator, logger)
4658 let mut additional_update = self.build_commitment_no_status_check(logger);
4659 // build_commitment_no_status_check and get_update_fulfill_htlc may bump latest_monitor_id
4660 // but we want them to be strictly increasing by one, so reset it here.
4661 self.context.latest_monitor_update_id = monitor_update.update_id;
4662 monitor_update.updates.append(&mut additional_update.updates);
4664 log_debug!(logger, "Freeing holding cell in channel {} resulted in {}{} HTLCs added, {} HTLCs fulfilled, and {} HTLCs failed.",
4665 &self.context.channel_id(), if update_fee.is_some() { "a fee update, " } else { "" },
4666 update_add_count, update_fulfill_count, update_fail_count);
4668 self.monitor_updating_paused(false, true, false, Vec::new(), Vec::new(), Vec::new());
4669 (self.push_ret_blockable_mon_update(monitor_update), htlcs_to_fail)
4675 /// Handles receiving a remote's revoke_and_ack. Note that we may return a new
4676 /// commitment_signed message here in case we had pending outbound HTLCs to add which were
4677 /// waiting on this revoke_and_ack. The generation of this new commitment_signed may also fail,
4678 /// generating an appropriate error *after* the channel state has been updated based on the
4679 /// revoke_and_ack message.
4680 pub fn revoke_and_ack<F: Deref, L: Deref>(&mut self, msg: &msgs::RevokeAndACK,
4681 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L, hold_mon_update: bool,
4682 ) -> Result<(Vec<(HTLCSource, PaymentHash)>, Option<ChannelMonitorUpdate>), ChannelError>
4683 where F::Target: FeeEstimator, L::Target: Logger,
4685 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) {
4686 return Err(ChannelError::Close("Got revoke/ACK message when channel was not in an operational state".to_owned()));
4688 if self.context.channel_state.is_peer_disconnected() {
4689 return Err(ChannelError::Close("Peer sent revoke_and_ack when we needed a channel_reestablish".to_owned()));
4691 if self.context.channel_state.is_both_sides_shutdown() && self.context.last_sent_closing_fee.is_some() {
4692 return Err(ChannelError::Close("Peer sent revoke_and_ack after we'd started exchanging closing_signeds".to_owned()));
4695 let secret = secp_check!(SecretKey::from_slice(&msg.per_commitment_secret), "Peer provided an invalid per_commitment_secret".to_owned());
4697 if let Some(counterparty_prev_commitment_point) = self.context.counterparty_prev_commitment_point {
4698 if PublicKey::from_secret_key(&self.context.secp_ctx, &secret) != counterparty_prev_commitment_point {
4699 return Err(ChannelError::Close("Got a revoke commitment secret which didn't correspond to their current pubkey".to_owned()));
4703 if !self.context.channel_state.is_awaiting_remote_revoke() {
4704 // Our counterparty seems to have burned their coins to us (by revoking a state when we
4705 // haven't given them a new commitment transaction to broadcast). We should probably
4706 // take advantage of this by updating our channel monitor, sending them an error, and
4707 // waiting for them to broadcast their latest (now-revoked claim). But, that would be a
4708 // lot of work, and there's some chance this is all a misunderstanding anyway.
4709 // We have to do *something*, though, since our signer may get mad at us for otherwise
4710 // jumping a remote commitment number, so best to just force-close and move on.
4711 return Err(ChannelError::Close("Received an unexpected revoke_and_ack".to_owned()));
4714 #[cfg(any(test, fuzzing))]
4716 *self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = None;
4717 *self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap() = None;
4720 match &self.context.holder_signer {
4721 ChannelSignerType::Ecdsa(ecdsa) => {
4722 ecdsa.validate_counterparty_revocation(
4723 self.context.cur_counterparty_commitment_transaction_number + 1,
4725 ).map_err(|_| ChannelError::Close("Failed to validate revocation from peer".to_owned()))?;
4727 // TODO (taproot|arik)
4732 self.context.commitment_secrets.provide_secret(self.context.cur_counterparty_commitment_transaction_number + 1, msg.per_commitment_secret)
4733 .map_err(|_| ChannelError::Close("Previous secrets did not match new one".to_owned()))?;
4734 self.context.latest_monitor_update_id += 1;
4735 let mut monitor_update = ChannelMonitorUpdate {
4736 update_id: self.context.latest_monitor_update_id,
4737 counterparty_node_id: Some(self.context.counterparty_node_id),
4738 updates: vec![ChannelMonitorUpdateStep::CommitmentSecret {
4739 idx: self.context.cur_counterparty_commitment_transaction_number + 1,
4740 secret: msg.per_commitment_secret,
4742 channel_id: Some(self.context.channel_id()),
4745 // Update state now that we've passed all the can-fail calls...
4746 // (note that we may still fail to generate the new commitment_signed message, but that's
4747 // OK, we step the channel here and *then* if the new generation fails we can fail the
4748 // channel based on that, but stepping stuff here should be safe either way.
4749 self.context.channel_state.clear_awaiting_remote_revoke();
4750 self.context.sent_message_awaiting_response = None;
4751 self.context.counterparty_prev_commitment_point = self.context.counterparty_cur_commitment_point;
4752 self.context.counterparty_cur_commitment_point = Some(msg.next_per_commitment_point);
4753 self.context.cur_counterparty_commitment_transaction_number -= 1;
4755 if self.context.announcement_sigs_state == AnnouncementSigsState::Committed {
4756 self.context.announcement_sigs_state = AnnouncementSigsState::PeerReceived;
4759 log_trace!(logger, "Updating HTLCs on receipt of RAA in channel {}...", &self.context.channel_id());
4760 let mut to_forward_infos = Vec::new();
4761 let mut pending_update_adds = Vec::new();
4762 let mut revoked_htlcs = Vec::new();
4763 let mut finalized_claimed_htlcs = Vec::new();
4764 let mut update_fail_htlcs = Vec::new();
4765 let mut update_fail_malformed_htlcs = Vec::new();
4766 let mut require_commitment = false;
4767 let mut value_to_self_msat_diff: i64 = 0;
4770 // Take references explicitly so that we can hold multiple references to self.context.
4771 let pending_inbound_htlcs: &mut Vec<_> = &mut self.context.pending_inbound_htlcs;
4772 let pending_outbound_htlcs: &mut Vec<_> = &mut self.context.pending_outbound_htlcs;
4773 let expecting_peer_commitment_signed = &mut self.context.expecting_peer_commitment_signed;
4775 // We really shouldnt have two passes here, but retain gives a non-mutable ref (Rust bug)
4776 pending_inbound_htlcs.retain(|htlc| {
4777 if let &InboundHTLCState::LocalRemoved(ref reason) = &htlc.state {
4778 log_trace!(logger, " ...removing inbound LocalRemoved {}", &htlc.payment_hash);
4779 if let &InboundHTLCRemovalReason::Fulfill(_) = reason {
4780 value_to_self_msat_diff += htlc.amount_msat as i64;
4782 *expecting_peer_commitment_signed = true;
4786 pending_outbound_htlcs.retain(|htlc| {
4787 if let &OutboundHTLCState::AwaitingRemovedRemoteRevoke(ref outcome) = &htlc.state {
4788 log_trace!(logger, " ...removing outbound AwaitingRemovedRemoteRevoke {}", &htlc.payment_hash);
4789 if let OutboundHTLCOutcome::Failure(reason) = outcome.clone() { // We really want take() here, but, again, non-mut ref :(
4790 revoked_htlcs.push((htlc.source.clone(), htlc.payment_hash, reason));
4792 finalized_claimed_htlcs.push(htlc.source.clone());
4793 // They fulfilled, so we sent them money
4794 value_to_self_msat_diff -= htlc.amount_msat as i64;
4799 for htlc in pending_inbound_htlcs.iter_mut() {
4800 let swap = if let &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_) = &htlc.state {
4802 } else if let &InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) = &htlc.state {
4806 let mut state = InboundHTLCState::Committed;
4807 mem::swap(&mut state, &mut htlc.state);
4809 if let InboundHTLCState::AwaitingRemoteRevokeToAnnounce(resolution) = state {
4810 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce {} to AwaitingAnnouncedRemoteRevoke", &htlc.payment_hash);
4811 htlc.state = InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution);
4812 require_commitment = true;
4813 } else if let InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution) = state {
4815 InboundHTLCResolution::Resolved { pending_htlc_status } =>
4816 match pending_htlc_status {
4817 PendingHTLCStatus::Fail(fail_msg) => {
4818 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to LocalRemoved due to PendingHTLCStatus indicating failure", &htlc.payment_hash);
4819 require_commitment = true;
4821 HTLCFailureMsg::Relay(msg) => {
4822 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailRelay(msg.reason.clone()));
4823 update_fail_htlcs.push(msg)
4825 HTLCFailureMsg::Malformed(msg) => {
4826 htlc.state = InboundHTLCState::LocalRemoved(InboundHTLCRemovalReason::FailMalformed((msg.sha256_of_onion, msg.failure_code)));
4827 update_fail_malformed_htlcs.push(msg)
4831 PendingHTLCStatus::Forward(forward_info) => {
4832 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to Committed, attempting to forward", &htlc.payment_hash);
4833 to_forward_infos.push((forward_info, htlc.htlc_id));
4834 htlc.state = InboundHTLCState::Committed;
4837 InboundHTLCResolution::Pending { update_add_htlc } => {
4838 log_trace!(logger, " ...promoting inbound AwaitingAnnouncedRemoteRevoke {} to Committed", &htlc.payment_hash);
4839 pending_update_adds.push(update_add_htlc);
4840 htlc.state = InboundHTLCState::Committed;
4846 for htlc in pending_outbound_htlcs.iter_mut() {
4847 if let OutboundHTLCState::LocalAnnounced(_) = htlc.state {
4848 log_trace!(logger, " ...promoting outbound LocalAnnounced {} to Committed", &htlc.payment_hash);
4849 htlc.state = OutboundHTLCState::Committed;
4850 *expecting_peer_commitment_signed = true;
4852 if let &mut OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref mut outcome) = &mut htlc.state {
4853 log_trace!(logger, " ...promoting outbound AwaitingRemoteRevokeToRemove {} to AwaitingRemovedRemoteRevoke", &htlc.payment_hash);
4854 // Grab the preimage, if it exists, instead of cloning
4855 let mut reason = OutboundHTLCOutcome::Success(None);
4856 mem::swap(outcome, &mut reason);
4857 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(reason);
4858 require_commitment = true;
4862 self.context.value_to_self_msat = (self.context.value_to_self_msat as i64 + value_to_self_msat_diff) as u64;
4864 if let Some((feerate, update_state)) = self.context.pending_update_fee {
4865 match update_state {
4866 FeeUpdateState::Outbound => {
4867 debug_assert!(self.context.is_outbound());
4868 log_trace!(logger, " ...promoting outbound fee update {} to Committed", feerate);
4869 self.context.feerate_per_kw = feerate;
4870 self.context.pending_update_fee = None;
4871 self.context.expecting_peer_commitment_signed = true;
4873 FeeUpdateState::RemoteAnnounced => { debug_assert!(!self.context.is_outbound()); },
4874 FeeUpdateState::AwaitingRemoteRevokeToAnnounce => {
4875 debug_assert!(!self.context.is_outbound());
4876 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce fee update {} to Committed", feerate);
4877 require_commitment = true;
4878 self.context.feerate_per_kw = feerate;
4879 self.context.pending_update_fee = None;
4884 let release_monitor = self.context.blocked_monitor_updates.is_empty() && !hold_mon_update;
4885 let release_state_str =
4886 if hold_mon_update { "Holding" } else if release_monitor { "Releasing" } else { "Blocked" };
4887 macro_rules! return_with_htlcs_to_fail {
4888 ($htlcs_to_fail: expr) => {
4889 if !release_monitor {
4890 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
4891 update: monitor_update,
4893 return Ok(($htlcs_to_fail, None));
4895 return Ok(($htlcs_to_fail, Some(monitor_update)));
4900 self.context.monitor_pending_update_adds.append(&mut pending_update_adds);
4902 if self.context.channel_state.is_monitor_update_in_progress() {
4903 // We can't actually generate a new commitment transaction (incl by freeing holding
4904 // cells) while we can't update the monitor, so we just return what we have.
4905 if require_commitment {
4906 self.context.monitor_pending_commitment_signed = true;
4907 // When the monitor updating is restored we'll call
4908 // get_last_commitment_update_for_send(), which does not update state, but we're
4909 // definitely now awaiting a remote revoke before we can step forward any more, so
4911 let mut additional_update = self.build_commitment_no_status_check(logger);
4912 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4913 // strictly increasing by one, so decrement it here.
4914 self.context.latest_monitor_update_id = monitor_update.update_id;
4915 monitor_update.updates.append(&mut additional_update.updates);
4917 self.context.monitor_pending_forwards.append(&mut to_forward_infos);
4918 self.context.monitor_pending_failures.append(&mut revoked_htlcs);
4919 self.context.monitor_pending_finalized_fulfills.append(&mut finalized_claimed_htlcs);
4920 log_debug!(logger, "Received a valid revoke_and_ack for channel {} but awaiting a monitor update resolution to reply.", &self.context.channel_id());
4921 return_with_htlcs_to_fail!(Vec::new());
4924 match self.free_holding_cell_htlcs(fee_estimator, logger) {
4925 (Some(mut additional_update), htlcs_to_fail) => {
4926 // free_holding_cell_htlcs may bump latest_monitor_id multiple times but we want them to be
4927 // strictly increasing by one, so decrement it here.
4928 self.context.latest_monitor_update_id = monitor_update.update_id;
4929 monitor_update.updates.append(&mut additional_update.updates);
4931 log_debug!(logger, "Received a valid revoke_and_ack for channel {} with holding cell HTLCs freed. {} monitor update.",
4932 &self.context.channel_id(), release_state_str);
4934 self.monitor_updating_paused(false, true, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
4935 return_with_htlcs_to_fail!(htlcs_to_fail);
4937 (None, htlcs_to_fail) => {
4938 if require_commitment {
4939 let mut additional_update = self.build_commitment_no_status_check(logger);
4941 // build_commitment_no_status_check may bump latest_monitor_id but we want them to be
4942 // strictly increasing by one, so decrement it here.
4943 self.context.latest_monitor_update_id = monitor_update.update_id;
4944 monitor_update.updates.append(&mut additional_update.updates);
4946 log_debug!(logger, "Received a valid revoke_and_ack for channel {}. Responding with a commitment update with {} HTLCs failed. {} monitor update.",
4947 &self.context.channel_id(),
4948 update_fail_htlcs.len() + update_fail_malformed_htlcs.len(),
4951 self.monitor_updating_paused(false, true, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
4952 return_with_htlcs_to_fail!(htlcs_to_fail);
4954 log_debug!(logger, "Received a valid revoke_and_ack for channel {} with no reply necessary. {} monitor update.",
4955 &self.context.channel_id(), release_state_str);
4957 self.monitor_updating_paused(false, false, false, to_forward_infos, revoked_htlcs, finalized_claimed_htlcs);
4958 return_with_htlcs_to_fail!(htlcs_to_fail);
4964 /// Queues up an outbound update fee by placing it in the holding cell. You should call
4965 /// [`Self::maybe_free_holding_cell_htlcs`] in order to actually generate and send the
4966 /// commitment update.
4967 pub fn queue_update_fee<F: Deref, L: Deref>(&mut self, feerate_per_kw: u32,
4968 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L)
4969 where F::Target: FeeEstimator, L::Target: Logger
4971 let msg_opt = self.send_update_fee(feerate_per_kw, true, fee_estimator, logger);
4972 assert!(msg_opt.is_none(), "We forced holding cell?");
4975 /// Adds a pending update to this channel. See the doc for send_htlc for
4976 /// further details on the optionness of the return value.
4977 /// If our balance is too low to cover the cost of the next commitment transaction at the
4978 /// new feerate, the update is cancelled.
4980 /// You MUST call [`Self::send_commitment_no_state_update`] prior to any other calls on this
4981 /// [`Channel`] if `force_holding_cell` is false.
4982 fn send_update_fee<F: Deref, L: Deref>(
4983 &mut self, feerate_per_kw: u32, mut force_holding_cell: bool,
4984 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
4985 ) -> Option<msgs::UpdateFee>
4986 where F::Target: FeeEstimator, L::Target: Logger
4988 if !self.context.is_outbound() {
4989 panic!("Cannot send fee from inbound channel");
4991 if !self.context.is_usable() {
4992 panic!("Cannot update fee until channel is fully established and we haven't started shutting down");
4994 if !self.context.is_live() {
4995 panic!("Cannot update fee while peer is disconnected/we're awaiting a monitor update (ChannelManager should have caught this)");
4998 // Before proposing a feerate update, check that we can actually afford the new fee.
4999 let inbound_stats = self.context.get_inbound_pending_htlc_stats(Some(feerate_per_kw));
5000 let outbound_stats = self.context.get_outbound_pending_htlc_stats(Some(feerate_per_kw));
5001 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
5002 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, true, logger);
5003 let buffer_fee_msat = commit_tx_fee_sat(feerate_per_kw, commitment_stats.num_nondust_htlcs + outbound_stats.on_holder_tx_holding_cell_htlcs_count as usize + CONCURRENT_INBOUND_HTLC_FEE_BUFFER as usize, self.context.get_channel_type()) * 1000;
5004 let holder_balance_msat = commitment_stats.local_balance_msat - outbound_stats.holding_cell_msat;
5005 if holder_balance_msat < buffer_fee_msat + self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000 {
5006 //TODO: auto-close after a number of failures?
5007 log_debug!(logger, "Cannot afford to send new feerate at {}", feerate_per_kw);
5011 // Note, we evaluate pending htlc "preemptive" trimmed-to-dust threshold at the proposed `feerate_per_kw`.
5012 let holder_tx_dust_exposure = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
5013 let counterparty_tx_dust_exposure = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
5014 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
5015 if holder_tx_dust_exposure > max_dust_htlc_exposure_msat {
5016 log_debug!(logger, "Cannot afford to send new feerate at {} without infringing max dust htlc exposure", feerate_per_kw);
5019 if counterparty_tx_dust_exposure > max_dust_htlc_exposure_msat {
5020 log_debug!(logger, "Cannot afford to send new feerate at {} without infringing max dust htlc exposure", feerate_per_kw);
5024 if self.context.channel_state.is_awaiting_remote_revoke() || self.context.channel_state.is_monitor_update_in_progress() {
5025 force_holding_cell = true;
5028 if force_holding_cell {
5029 self.context.holding_cell_update_fee = Some(feerate_per_kw);
5033 debug_assert!(self.context.pending_update_fee.is_none());
5034 self.context.pending_update_fee = Some((feerate_per_kw, FeeUpdateState::Outbound));
5036 Some(msgs::UpdateFee {
5037 channel_id: self.context.channel_id,
5042 /// Removes any uncommitted inbound HTLCs and resets the state of uncommitted outbound HTLC
5043 /// updates, to be used on peer disconnection. After this, update_*_htlc messages need to be
5045 /// No further message handling calls may be made until a channel_reestablish dance has
5047 /// May return `Err(())`, which implies [`ChannelContext::force_shutdown`] should be called immediately.
5048 pub fn remove_uncommitted_htlcs_and_mark_paused<L: Deref>(&mut self, logger: &L) -> Result<(), ()> where L::Target: Logger {
5049 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
5050 if self.context.channel_state.is_pre_funded_state() {
5054 if self.context.channel_state.is_peer_disconnected() {
5055 // While the below code should be idempotent, it's simpler to just return early, as
5056 // redundant disconnect events can fire, though they should be rare.
5060 if self.context.announcement_sigs_state == AnnouncementSigsState::MessageSent || self.context.announcement_sigs_state == AnnouncementSigsState::Committed {
5061 self.context.announcement_sigs_state = AnnouncementSigsState::NotSent;
5064 // Upon reconnect we have to start the closing_signed dance over, but shutdown messages
5065 // will be retransmitted.
5066 self.context.last_sent_closing_fee = None;
5067 self.context.pending_counterparty_closing_signed = None;
5068 self.context.closing_fee_limits = None;
5070 let mut inbound_drop_count = 0;
5071 self.context.pending_inbound_htlcs.retain(|htlc| {
5073 InboundHTLCState::RemoteAnnounced(_) => {
5074 // They sent us an update_add_htlc but we never got the commitment_signed.
5075 // We'll tell them what commitment_signed we're expecting next and they'll drop
5076 // this HTLC accordingly
5077 inbound_drop_count += 1;
5080 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(_)|InboundHTLCState::AwaitingAnnouncedRemoteRevoke(_) => {
5081 // We received a commitment_signed updating this HTLC and (at least hopefully)
5082 // sent a revoke_and_ack (which we can re-transmit) and have heard nothing
5083 // in response to it yet, so don't touch it.
5086 InboundHTLCState::Committed => true,
5087 InboundHTLCState::LocalRemoved(_) => {
5088 // We (hopefully) sent a commitment_signed updating this HTLC (which we can
5089 // re-transmit if needed) and they may have even sent a revoke_and_ack back
5090 // (that we missed). Keep this around for now and if they tell us they missed
5091 // the commitment_signed we can re-transmit the update then.
5096 self.context.next_counterparty_htlc_id -= inbound_drop_count;
5098 if let Some((_, update_state)) = self.context.pending_update_fee {
5099 if update_state == FeeUpdateState::RemoteAnnounced {
5100 debug_assert!(!self.context.is_outbound());
5101 self.context.pending_update_fee = None;
5105 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
5106 if let OutboundHTLCState::RemoteRemoved(_) = htlc.state {
5107 // They sent us an update to remove this but haven't yet sent the corresponding
5108 // commitment_signed, we need to move it back to Committed and they can re-send
5109 // the update upon reconnection.
5110 htlc.state = OutboundHTLCState::Committed;
5114 self.context.sent_message_awaiting_response = None;
5116 self.context.channel_state.set_peer_disconnected();
5117 log_trace!(logger, "Peer disconnection resulted in {} remote-announced HTLC drops on channel {}", inbound_drop_count, &self.context.channel_id());
5121 /// Indicates that a ChannelMonitor update is in progress and has not yet been fully persisted.
5122 /// This must be called before we return the [`ChannelMonitorUpdate`] back to the
5123 /// [`ChannelManager`], which will call [`Self::monitor_updating_restored`] once the monitor
5124 /// update completes (potentially immediately).
5125 /// The messages which were generated with the monitor update must *not* have been sent to the
5126 /// remote end, and must instead have been dropped. They will be regenerated when
5127 /// [`Self::monitor_updating_restored`] is called.
5129 /// [`ChannelManager`]: super::channelmanager::ChannelManager
5130 /// [`chain::Watch`]: crate::chain::Watch
5131 /// [`ChannelMonitorUpdateStatus::InProgress`]: crate::chain::ChannelMonitorUpdateStatus::InProgress
5132 fn monitor_updating_paused(&mut self, resend_raa: bool, resend_commitment: bool,
5133 resend_channel_ready: bool, mut pending_forwards: Vec<(PendingHTLCInfo, u64)>,
5134 mut pending_fails: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>,
5135 mut pending_finalized_claimed_htlcs: Vec<HTLCSource>
5137 self.context.monitor_pending_revoke_and_ack |= resend_raa;
5138 self.context.monitor_pending_commitment_signed |= resend_commitment;
5139 self.context.monitor_pending_channel_ready |= resend_channel_ready;
5140 self.context.monitor_pending_forwards.append(&mut pending_forwards);
5141 self.context.monitor_pending_failures.append(&mut pending_fails);
5142 self.context.monitor_pending_finalized_fulfills.append(&mut pending_finalized_claimed_htlcs);
5143 self.context.channel_state.set_monitor_update_in_progress();
5146 /// Indicates that the latest ChannelMonitor update has been committed by the client
5147 /// successfully and we should restore normal operation. Returns messages which should be sent
5148 /// to the remote side.
5149 pub fn monitor_updating_restored<L: Deref, NS: Deref>(
5150 &mut self, logger: &L, node_signer: &NS, chain_hash: ChainHash,
5151 user_config: &UserConfig, best_block_height: u32
5152 ) -> MonitorRestoreUpdates
5155 NS::Target: NodeSigner
5157 assert!(self.context.channel_state.is_monitor_update_in_progress());
5158 self.context.channel_state.clear_monitor_update_in_progress();
5160 // If we're past (or at) the AwaitingChannelReady stage on an outbound channel, try to
5161 // (re-)broadcast the funding transaction as we may have declined to broadcast it when we
5162 // first received the funding_signed.
5163 let mut funding_broadcastable =
5164 if self.context.is_outbound() &&
5165 (matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(flags) if !flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH)) ||
5166 matches!(self.context.channel_state, ChannelState::ChannelReady(_)))
5168 self.context.funding_transaction.take()
5170 // That said, if the funding transaction is already confirmed (ie we're active with a
5171 // minimum_depth over 0) don't bother re-broadcasting the confirmed funding tx.
5172 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) && self.context.minimum_depth != Some(0) {
5173 funding_broadcastable = None;
5176 // We will never broadcast the funding transaction when we're in MonitorUpdateInProgress
5177 // (and we assume the user never directly broadcasts the funding transaction and waits for
5178 // us to do it). Thus, we can only ever hit monitor_pending_channel_ready when we're
5179 // * an inbound channel that failed to persist the monitor on funding_created and we got
5180 // the funding transaction confirmed before the monitor was persisted, or
5181 // * a 0-conf channel and intended to send the channel_ready before any broadcast at all.
5182 let channel_ready = if self.context.monitor_pending_channel_ready {
5183 assert!(!self.context.is_outbound() || self.context.minimum_depth == Some(0),
5184 "Funding transaction broadcast by the local client before it should have - LDK didn't do it!");
5185 self.context.monitor_pending_channel_ready = false;
5186 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5187 Some(msgs::ChannelReady {
5188 channel_id: self.context.channel_id(),
5189 next_per_commitment_point,
5190 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5194 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block_height, logger);
5196 let mut accepted_htlcs = Vec::new();
5197 mem::swap(&mut accepted_htlcs, &mut self.context.monitor_pending_forwards);
5198 let mut failed_htlcs = Vec::new();
5199 mem::swap(&mut failed_htlcs, &mut self.context.monitor_pending_failures);
5200 let mut finalized_claimed_htlcs = Vec::new();
5201 mem::swap(&mut finalized_claimed_htlcs, &mut self.context.monitor_pending_finalized_fulfills);
5202 let mut pending_update_adds = Vec::new();
5203 mem::swap(&mut pending_update_adds, &mut self.context.monitor_pending_update_adds);
5205 if self.context.channel_state.is_peer_disconnected() {
5206 self.context.monitor_pending_revoke_and_ack = false;
5207 self.context.monitor_pending_commitment_signed = false;
5208 return MonitorRestoreUpdates {
5209 raa: None, commitment_update: None, order: RAACommitmentOrder::RevokeAndACKFirst,
5210 accepted_htlcs, failed_htlcs, finalized_claimed_htlcs, pending_update_adds,
5211 funding_broadcastable, channel_ready, announcement_sigs
5215 let raa = if self.context.monitor_pending_revoke_and_ack {
5216 Some(self.get_last_revoke_and_ack())
5218 let commitment_update = if self.context.monitor_pending_commitment_signed {
5219 self.get_last_commitment_update_for_send(logger).ok()
5221 if commitment_update.is_some() {
5222 self.mark_awaiting_response();
5225 self.context.monitor_pending_revoke_and_ack = false;
5226 self.context.monitor_pending_commitment_signed = false;
5227 let order = self.context.resend_order.clone();
5228 log_debug!(logger, "Restored monitor updating in channel {} resulting in {}{} commitment update and {} RAA, with {} first",
5229 &self.context.channel_id(), if funding_broadcastable.is_some() { "a funding broadcastable, " } else { "" },
5230 if commitment_update.is_some() { "a" } else { "no" }, if raa.is_some() { "an" } else { "no" },
5231 match order { RAACommitmentOrder::CommitmentFirst => "commitment", RAACommitmentOrder::RevokeAndACKFirst => "RAA"});
5232 MonitorRestoreUpdates {
5233 raa, commitment_update, order, accepted_htlcs, failed_htlcs, finalized_claimed_htlcs,
5234 pending_update_adds, funding_broadcastable, channel_ready, announcement_sigs
5238 pub fn update_fee<F: Deref, L: Deref>(&mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, msg: &msgs::UpdateFee, logger: &L) -> Result<(), ChannelError>
5239 where F::Target: FeeEstimator, L::Target: Logger
5241 if self.context.is_outbound() {
5242 return Err(ChannelError::Close("Non-funding remote tried to update channel fee".to_owned()));
5244 if self.context.channel_state.is_peer_disconnected() {
5245 return Err(ChannelError::Close("Peer sent update_fee when we needed a channel_reestablish".to_owned()));
5247 Channel::<SP>::check_remote_fee(&self.context.channel_type, fee_estimator, msg.feerate_per_kw, Some(self.context.feerate_per_kw), logger)?;
5249 self.context.pending_update_fee = Some((msg.feerate_per_kw, FeeUpdateState::RemoteAnnounced));
5250 self.context.update_time_counter += 1;
5251 // Check that we won't be pushed over our dust exposure limit by the feerate increase.
5252 if !self.context.channel_type.supports_anchors_zero_fee_htlc_tx() {
5253 let inbound_stats = self.context.get_inbound_pending_htlc_stats(None);
5254 let outbound_stats = self.context.get_outbound_pending_htlc_stats(None);
5255 let holder_tx_dust_exposure = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat;
5256 let counterparty_tx_dust_exposure = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat;
5257 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
5258 if holder_tx_dust_exposure > max_dust_htlc_exposure_msat {
5259 return Err(ChannelError::Close(format!("Peer sent update_fee with a feerate ({}) which may over-expose us to dust-in-flight on our own transactions (totaling {} msat)",
5260 msg.feerate_per_kw, holder_tx_dust_exposure)));
5262 if counterparty_tx_dust_exposure > max_dust_htlc_exposure_msat {
5263 return Err(ChannelError::Close(format!("Peer sent update_fee with a feerate ({}) which may over-expose us to dust-in-flight on our counterparty's transactions (totaling {} msat)",
5264 msg.feerate_per_kw, counterparty_tx_dust_exposure)));
5270 /// Indicates that the signer may have some signatures for us, so we should retry if we're
5272 #[cfg(async_signing)]
5273 pub fn signer_maybe_unblocked<L: Deref>(&mut self, logger: &L) -> SignerResumeUpdates where L::Target: Logger {
5274 let commitment_update = if self.context.signer_pending_commitment_update {
5275 self.get_last_commitment_update_for_send(logger).ok()
5277 let funding_signed = if self.context.signer_pending_funding && !self.context.is_outbound() {
5278 self.context.get_funding_signed_msg(logger).1
5280 let channel_ready = if funding_signed.is_some() {
5281 self.check_get_channel_ready(0)
5284 log_trace!(logger, "Signer unblocked with {} commitment_update, {} funding_signed and {} channel_ready",
5285 if commitment_update.is_some() { "a" } else { "no" },
5286 if funding_signed.is_some() { "a" } else { "no" },
5287 if channel_ready.is_some() { "a" } else { "no" });
5289 SignerResumeUpdates {
5296 fn get_last_revoke_and_ack(&self) -> msgs::RevokeAndACK {
5297 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5298 let per_commitment_secret = self.context.holder_signer.as_ref().release_commitment_secret(self.context.cur_holder_commitment_transaction_number + 2);
5299 msgs::RevokeAndACK {
5300 channel_id: self.context.channel_id,
5301 per_commitment_secret,
5302 next_per_commitment_point,
5304 next_local_nonce: None,
5308 /// Gets the last commitment update for immediate sending to our peer.
5309 fn get_last_commitment_update_for_send<L: Deref>(&mut self, logger: &L) -> Result<msgs::CommitmentUpdate, ()> where L::Target: Logger {
5310 let mut update_add_htlcs = Vec::new();
5311 let mut update_fulfill_htlcs = Vec::new();
5312 let mut update_fail_htlcs = Vec::new();
5313 let mut update_fail_malformed_htlcs = Vec::new();
5315 for htlc in self.context.pending_outbound_htlcs.iter() {
5316 if let &OutboundHTLCState::LocalAnnounced(ref onion_packet) = &htlc.state {
5317 update_add_htlcs.push(msgs::UpdateAddHTLC {
5318 channel_id: self.context.channel_id(),
5319 htlc_id: htlc.htlc_id,
5320 amount_msat: htlc.amount_msat,
5321 payment_hash: htlc.payment_hash,
5322 cltv_expiry: htlc.cltv_expiry,
5323 onion_routing_packet: (**onion_packet).clone(),
5324 skimmed_fee_msat: htlc.skimmed_fee_msat,
5325 blinding_point: htlc.blinding_point,
5330 for htlc in self.context.pending_inbound_htlcs.iter() {
5331 if let &InboundHTLCState::LocalRemoved(ref reason) = &htlc.state {
5333 &InboundHTLCRemovalReason::FailRelay(ref err_packet) => {
5334 update_fail_htlcs.push(msgs::UpdateFailHTLC {
5335 channel_id: self.context.channel_id(),
5336 htlc_id: htlc.htlc_id,
5337 reason: err_packet.clone()
5340 &InboundHTLCRemovalReason::FailMalformed((ref sha256_of_onion, ref failure_code)) => {
5341 update_fail_malformed_htlcs.push(msgs::UpdateFailMalformedHTLC {
5342 channel_id: self.context.channel_id(),
5343 htlc_id: htlc.htlc_id,
5344 sha256_of_onion: sha256_of_onion.clone(),
5345 failure_code: failure_code.clone(),
5348 &InboundHTLCRemovalReason::Fulfill(ref payment_preimage) => {
5349 update_fulfill_htlcs.push(msgs::UpdateFulfillHTLC {
5350 channel_id: self.context.channel_id(),
5351 htlc_id: htlc.htlc_id,
5352 payment_preimage: payment_preimage.clone(),
5359 let update_fee = if self.context.is_outbound() && self.context.pending_update_fee.is_some() {
5360 Some(msgs::UpdateFee {
5361 channel_id: self.context.channel_id(),
5362 feerate_per_kw: self.context.pending_update_fee.unwrap().0,
5366 log_trace!(logger, "Regenerating latest commitment update in channel {} with{} {} update_adds, {} update_fulfills, {} update_fails, and {} update_fail_malformeds",
5367 &self.context.channel_id(), if update_fee.is_some() { " update_fee," } else { "" },
5368 update_add_htlcs.len(), update_fulfill_htlcs.len(), update_fail_htlcs.len(), update_fail_malformed_htlcs.len());
5369 let commitment_signed = if let Ok(update) = self.send_commitment_no_state_update(logger).map(|(cu, _)| cu) {
5370 if self.context.signer_pending_commitment_update {
5371 log_trace!(logger, "Commitment update generated: clearing signer_pending_commitment_update");
5372 self.context.signer_pending_commitment_update = false;
5376 #[cfg(not(async_signing))] {
5377 panic!("Failed to get signature for new commitment state");
5379 #[cfg(async_signing)] {
5380 if !self.context.signer_pending_commitment_update {
5381 log_trace!(logger, "Commitment update awaiting signer: setting signer_pending_commitment_update");
5382 self.context.signer_pending_commitment_update = true;
5387 Ok(msgs::CommitmentUpdate {
5388 update_add_htlcs, update_fulfill_htlcs, update_fail_htlcs, update_fail_malformed_htlcs, update_fee,
5393 /// Gets the `Shutdown` message we should send our peer on reconnect, if any.
5394 pub fn get_outbound_shutdown(&self) -> Option<msgs::Shutdown> {
5395 if self.context.channel_state.is_local_shutdown_sent() {
5396 assert!(self.context.shutdown_scriptpubkey.is_some());
5397 Some(msgs::Shutdown {
5398 channel_id: self.context.channel_id,
5399 scriptpubkey: self.get_closing_scriptpubkey(),
5404 /// May panic if some calls other than message-handling calls (which will all Err immediately)
5405 /// have been called between remove_uncommitted_htlcs_and_mark_paused and this call.
5407 /// Some links printed in log lines are included here to check them during build (when run with
5408 /// `cargo doc --document-private-items`):
5409 /// [`super::channelmanager::ChannelManager::force_close_without_broadcasting_txn`] and
5410 /// [`super::channelmanager::ChannelManager::force_close_all_channels_without_broadcasting_txn`].
5411 pub fn channel_reestablish<L: Deref, NS: Deref>(
5412 &mut self, msg: &msgs::ChannelReestablish, logger: &L, node_signer: &NS,
5413 chain_hash: ChainHash, user_config: &UserConfig, best_block: &BestBlock
5414 ) -> Result<ReestablishResponses, ChannelError>
5417 NS::Target: NodeSigner
5419 if !self.context.channel_state.is_peer_disconnected() {
5420 // While BOLT 2 doesn't indicate explicitly we should error this channel here, it
5421 // almost certainly indicates we are going to end up out-of-sync in some way, so we
5422 // just close here instead of trying to recover.
5423 return Err(ChannelError::Close("Peer sent a loose channel_reestablish not after reconnect".to_owned()));
5426 if msg.next_local_commitment_number >= INITIAL_COMMITMENT_NUMBER || msg.next_remote_commitment_number >= INITIAL_COMMITMENT_NUMBER ||
5427 msg.next_local_commitment_number == 0 {
5428 return Err(ChannelError::Close("Peer sent an invalid channel_reestablish to force close in a non-standard way".to_owned()));
5431 let our_commitment_transaction = INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number - 1;
5432 if msg.next_remote_commitment_number > 0 {
5433 let expected_point = self.context.holder_signer.as_ref().get_per_commitment_point(INITIAL_COMMITMENT_NUMBER - msg.next_remote_commitment_number + 1, &self.context.secp_ctx);
5434 let given_secret = SecretKey::from_slice(&msg.your_last_per_commitment_secret)
5435 .map_err(|_| ChannelError::Close("Peer sent a garbage channel_reestablish with unparseable secret key".to_owned()))?;
5436 if expected_point != PublicKey::from_secret_key(&self.context.secp_ctx, &given_secret) {
5437 return Err(ChannelError::Close("Peer sent a garbage channel_reestablish with secret key not matching the commitment height provided".to_owned()));
5439 if msg.next_remote_commitment_number > our_commitment_transaction {
5440 macro_rules! log_and_panic {
5441 ($err_msg: expr) => {
5442 log_error!(logger, $err_msg, &self.context.channel_id, log_pubkey!(self.context.counterparty_node_id));
5443 panic!($err_msg, &self.context.channel_id, log_pubkey!(self.context.counterparty_node_id));
5446 log_and_panic!("We have fallen behind - we have received proof that if we broadcast our counterparty is going to claim all our funds.\n\
5447 This implies you have restarted with lost ChannelMonitor and ChannelManager state, the first of which is a violation of the LDK chain::Watch requirements.\n\
5448 More specifically, this means you have a bug in your implementation that can cause loss of funds, or you are running with an old backup, which is unsafe.\n\
5449 If you have restored from an old backup and wish to force-close channels and return to operation, you should start up, call\n\
5450 ChannelManager::force_close_without_broadcasting_txn on channel {} with counterparty {} or\n\
5451 ChannelManager::force_close_all_channels_without_broadcasting_txn, then reconnect to peer(s).\n\
5452 Note that due to a long-standing bug in lnd you may have to reach out to peers running lnd-based nodes to ask them to manually force-close channels\n\
5453 See https://github.com/lightningdevkit/rust-lightning/issues/1565 for more info.");
5457 // Before we change the state of the channel, we check if the peer is sending a very old
5458 // commitment transaction number, if yes we send a warning message.
5459 if msg.next_remote_commitment_number + 1 < our_commitment_transaction {
5460 return Err(ChannelError::Warn(format!(
5461 "Peer attempted to reestablish channel with a very old local commitment transaction: {} (received) vs {} (expected)",
5462 msg.next_remote_commitment_number,
5463 our_commitment_transaction
5467 // Go ahead and unmark PeerDisconnected as various calls we may make check for it (and all
5468 // remaining cases either succeed or ErrorMessage-fail).
5469 self.context.channel_state.clear_peer_disconnected();
5470 self.context.sent_message_awaiting_response = None;
5472 let shutdown_msg = self.get_outbound_shutdown();
5474 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, best_block.height, logger);
5476 if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(_)) {
5477 // If we're waiting on a monitor update, we shouldn't re-send any channel_ready's.
5478 if !self.context.channel_state.is_our_channel_ready() ||
5479 self.context.channel_state.is_monitor_update_in_progress() {
5480 if msg.next_remote_commitment_number != 0 {
5481 return Err(ChannelError::Close("Peer claimed they saw a revoke_and_ack but we haven't sent channel_ready yet".to_owned()));
5483 // Short circuit the whole handler as there is nothing we can resend them
5484 return Ok(ReestablishResponses {
5485 channel_ready: None,
5486 raa: None, commitment_update: None,
5487 order: RAACommitmentOrder::CommitmentFirst,
5488 shutdown_msg, announcement_sigs,
5492 // We have OurChannelReady set!
5493 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5494 return Ok(ReestablishResponses {
5495 channel_ready: Some(msgs::ChannelReady {
5496 channel_id: self.context.channel_id(),
5497 next_per_commitment_point,
5498 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5500 raa: None, commitment_update: None,
5501 order: RAACommitmentOrder::CommitmentFirst,
5502 shutdown_msg, announcement_sigs,
5506 let required_revoke = if msg.next_remote_commitment_number == our_commitment_transaction {
5507 // Remote isn't waiting on any RevokeAndACK from us!
5508 // Note that if we need to repeat our ChannelReady we'll do that in the next if block.
5510 } else if msg.next_remote_commitment_number + 1 == our_commitment_transaction {
5511 if self.context.channel_state.is_monitor_update_in_progress() {
5512 self.context.monitor_pending_revoke_and_ack = true;
5515 Some(self.get_last_revoke_and_ack())
5518 debug_assert!(false, "All values should have been handled in the four cases above");
5519 return Err(ChannelError::Close(format!(
5520 "Peer attempted to reestablish channel expecting a future local commitment transaction: {} (received) vs {} (expected)",
5521 msg.next_remote_commitment_number,
5522 our_commitment_transaction
5526 // We increment cur_counterparty_commitment_transaction_number only upon receipt of
5527 // revoke_and_ack, not on sending commitment_signed, so we add one if have
5528 // AwaitingRemoteRevoke set, which indicates we sent a commitment_signed but haven't gotten
5529 // the corresponding revoke_and_ack back yet.
5530 let is_awaiting_remote_revoke = self.context.channel_state.is_awaiting_remote_revoke();
5531 if is_awaiting_remote_revoke && !self.is_awaiting_monitor_update() {
5532 self.mark_awaiting_response();
5534 let next_counterparty_commitment_number = INITIAL_COMMITMENT_NUMBER - self.context.cur_counterparty_commitment_transaction_number + if is_awaiting_remote_revoke { 1 } else { 0 };
5536 let channel_ready = if msg.next_local_commitment_number == 1 && INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number == 1 {
5537 // We should never have to worry about MonitorUpdateInProgress resending ChannelReady
5538 let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
5539 Some(msgs::ChannelReady {
5540 channel_id: self.context.channel_id(),
5541 next_per_commitment_point,
5542 short_channel_id_alias: Some(self.context.outbound_scid_alias),
5546 if msg.next_local_commitment_number == next_counterparty_commitment_number {
5547 if required_revoke.is_some() {
5548 log_debug!(logger, "Reconnected channel {} with only lost outbound RAA", &self.context.channel_id());
5550 log_debug!(logger, "Reconnected channel {} with no loss", &self.context.channel_id());
5553 Ok(ReestablishResponses {
5554 channel_ready, shutdown_msg, announcement_sigs,
5555 raa: required_revoke,
5556 commitment_update: None,
5557 order: self.context.resend_order.clone(),
5559 } else if msg.next_local_commitment_number == next_counterparty_commitment_number - 1 {
5560 if required_revoke.is_some() {
5561 log_debug!(logger, "Reconnected channel {} with lost outbound RAA and lost remote commitment tx", &self.context.channel_id());
5563 log_debug!(logger, "Reconnected channel {} with only lost remote commitment tx", &self.context.channel_id());
5566 if self.context.channel_state.is_monitor_update_in_progress() {
5567 self.context.monitor_pending_commitment_signed = true;
5568 Ok(ReestablishResponses {
5569 channel_ready, shutdown_msg, announcement_sigs,
5570 commitment_update: None, raa: None,
5571 order: self.context.resend_order.clone(),
5574 Ok(ReestablishResponses {
5575 channel_ready, shutdown_msg, announcement_sigs,
5576 raa: required_revoke,
5577 commitment_update: self.get_last_commitment_update_for_send(logger).ok(),
5578 order: self.context.resend_order.clone(),
5581 } else if msg.next_local_commitment_number < next_counterparty_commitment_number {
5582 Err(ChannelError::Close(format!(
5583 "Peer attempted to reestablish channel with a very old remote commitment transaction: {} (received) vs {} (expected)",
5584 msg.next_local_commitment_number,
5585 next_counterparty_commitment_number,
5588 Err(ChannelError::Close(format!(
5589 "Peer attempted to reestablish channel with a future remote commitment transaction: {} (received) vs {} (expected)",
5590 msg.next_local_commitment_number,
5591 next_counterparty_commitment_number,
5596 /// Calculates and returns our minimum and maximum closing transaction fee amounts, in whole
5597 /// satoshis. The amounts remain consistent unless a peer disconnects/reconnects or we restart,
5598 /// at which point they will be recalculated.
5599 fn calculate_closing_fee_limits<F: Deref>(&mut self, fee_estimator: &LowerBoundedFeeEstimator<F>)
5601 where F::Target: FeeEstimator
5603 if let Some((min, max)) = self.context.closing_fee_limits { return (min, max); }
5605 // Propose a range from our current Background feerate to our Normal feerate plus our
5606 // force_close_avoidance_max_fee_satoshis.
5607 // If we fail to come to consensus, we'll have to force-close.
5608 let mut proposed_feerate = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::ChannelCloseMinimum);
5609 // Use NonAnchorChannelFee because this should be an estimate for a channel close
5610 // that we don't expect to need fee bumping
5611 let normal_feerate = fee_estimator.bounded_sat_per_1000_weight(ConfirmationTarget::NonAnchorChannelFee);
5612 let mut proposed_max_feerate = if self.context.is_outbound() { normal_feerate } else { u32::max_value() };
5614 // The spec requires that (when the channel does not have anchors) we only send absolute
5615 // channel fees no greater than the absolute channel fee on the current commitment
5616 // transaction. It's unclear *which* commitment transaction this refers to, and there isn't
5617 // very good reason to apply such a limit in any case. We don't bother doing so, risking
5618 // some force-closure by old nodes, but we wanted to close the channel anyway.
5620 if let Some(target_feerate) = self.context.target_closing_feerate_sats_per_kw {
5621 let min_feerate = if self.context.is_outbound() { target_feerate } else { cmp::min(self.context.feerate_per_kw, target_feerate) };
5622 proposed_feerate = cmp::max(proposed_feerate, min_feerate);
5623 proposed_max_feerate = cmp::max(proposed_max_feerate, min_feerate);
5626 // Note that technically we could end up with a lower minimum fee if one sides' balance is
5627 // below our dust limit, causing the output to disappear. We don't bother handling this
5628 // case, however, as this should only happen if a channel is closed before any (material)
5629 // payments have been made on it. This may cause slight fee overpayment and/or failure to
5630 // come to consensus with our counterparty on appropriate fees, however it should be a
5631 // relatively rare case. We can revisit this later, though note that in order to determine
5632 // if the funders' output is dust we have to know the absolute fee we're going to use.
5633 let tx_weight = self.get_closing_transaction_weight(Some(&self.get_closing_scriptpubkey()), Some(self.context.counterparty_shutdown_scriptpubkey.as_ref().unwrap()));
5634 let proposed_total_fee_satoshis = proposed_feerate as u64 * tx_weight / 1000;
5635 let proposed_max_total_fee_satoshis = if self.context.is_outbound() {
5636 // We always add force_close_avoidance_max_fee_satoshis to our normal
5637 // feerate-calculated fee, but allow the max to be overridden if we're using a
5638 // target feerate-calculated fee.
5639 cmp::max(normal_feerate as u64 * tx_weight / 1000 + self.context.config.options.force_close_avoidance_max_fee_satoshis,
5640 proposed_max_feerate as u64 * tx_weight / 1000)
5642 self.context.channel_value_satoshis - (self.context.value_to_self_msat + 999) / 1000
5645 self.context.closing_fee_limits = Some((proposed_total_fee_satoshis, proposed_max_total_fee_satoshis));
5646 self.context.closing_fee_limits.clone().unwrap()
5649 /// Returns true if we're ready to commence the closing_signed negotiation phase. This is true
5650 /// after both sides have exchanged a `shutdown` message and all HTLCs have been drained. At
5651 /// this point if we're the funder we should send the initial closing_signed, and in any case
5652 /// shutdown should complete within a reasonable timeframe.
5653 fn closing_negotiation_ready(&self) -> bool {
5654 self.context.closing_negotiation_ready()
5657 /// Checks if the closing_signed negotiation is making appropriate progress, possibly returning
5658 /// an Err if no progress is being made and the channel should be force-closed instead.
5659 /// Should be called on a one-minute timer.
5660 pub fn timer_check_closing_negotiation_progress(&mut self) -> Result<(), ChannelError> {
5661 if self.closing_negotiation_ready() {
5662 if self.context.closing_signed_in_flight {
5663 return Err(ChannelError::Close("closing_signed negotiation failed to finish within two timer ticks".to_owned()));
5665 self.context.closing_signed_in_flight = true;
5671 pub fn maybe_propose_closing_signed<F: Deref, L: Deref>(
5672 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L)
5673 -> Result<(Option<msgs::ClosingSigned>, Option<Transaction>, Option<ShutdownResult>), ChannelError>
5674 where F::Target: FeeEstimator, L::Target: Logger
5676 // If we're waiting on a monitor persistence, that implies we're also waiting to send some
5677 // message to our counterparty (probably a `revoke_and_ack`). In such a case, we shouldn't
5678 // initiate `closing_signed` negotiation until we're clear of all pending messages. Note
5679 // that closing_negotiation_ready checks this case (as well as a few others).
5680 if self.context.last_sent_closing_fee.is_some() || !self.closing_negotiation_ready() {
5681 return Ok((None, None, None));
5684 if !self.context.is_outbound() {
5685 if let Some(msg) = &self.context.pending_counterparty_closing_signed.take() {
5686 return self.closing_signed(fee_estimator, &msg);
5688 return Ok((None, None, None));
5691 // If we're waiting on a counterparty `commitment_signed` to clear some updates from our
5692 // local commitment transaction, we can't yet initiate `closing_signed` negotiation.
5693 if self.context.expecting_peer_commitment_signed {
5694 return Ok((None, None, None));
5697 let (our_min_fee, our_max_fee) = self.calculate_closing_fee_limits(fee_estimator);
5699 assert!(self.context.shutdown_scriptpubkey.is_some());
5700 let (closing_tx, total_fee_satoshis) = self.build_closing_transaction(our_min_fee, false);
5701 log_trace!(logger, "Proposing initial closing_signed for our counterparty with a fee range of {}-{} sat (with initial proposal {} sats)",
5702 our_min_fee, our_max_fee, total_fee_satoshis);
5704 match &self.context.holder_signer {
5705 ChannelSignerType::Ecdsa(ecdsa) => {
5707 .sign_closing_transaction(&closing_tx, &self.context.secp_ctx)
5708 .map_err(|()| ChannelError::Close("Failed to get signature for closing transaction.".to_owned()))?;
5710 self.context.last_sent_closing_fee = Some((total_fee_satoshis, sig.clone()));
5711 Ok((Some(msgs::ClosingSigned {
5712 channel_id: self.context.channel_id,
5713 fee_satoshis: total_fee_satoshis,
5715 fee_range: Some(msgs::ClosingSignedFeeRange {
5716 min_fee_satoshis: our_min_fee,
5717 max_fee_satoshis: our_max_fee,
5721 // TODO (taproot|arik)
5727 // Marks a channel as waiting for a response from the counterparty. If it's not received
5728 // [`DISCONNECT_PEER_AWAITING_RESPONSE_TICKS`] after sending our own to them, then we'll attempt
5730 fn mark_awaiting_response(&mut self) {
5731 self.context.sent_message_awaiting_response = Some(0);
5734 /// Determines whether we should disconnect the counterparty due to not receiving a response
5735 /// within our expected timeframe.
5737 /// This should be called on every [`super::channelmanager::ChannelManager::timer_tick_occurred`].
5738 pub fn should_disconnect_peer_awaiting_response(&mut self) -> bool {
5739 let ticks_elapsed = if let Some(ticks_elapsed) = self.context.sent_message_awaiting_response.as_mut() {
5742 // Don't disconnect when we're not waiting on a response.
5745 *ticks_elapsed += 1;
5746 *ticks_elapsed >= DISCONNECT_PEER_AWAITING_RESPONSE_TICKS
5750 &mut self, signer_provider: &SP, their_features: &InitFeatures, msg: &msgs::Shutdown
5751 ) -> Result<(Option<msgs::Shutdown>, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), ChannelError>
5753 if self.context.channel_state.is_peer_disconnected() {
5754 return Err(ChannelError::Close("Peer sent shutdown when we needed a channel_reestablish".to_owned()));
5756 if self.context.channel_state.is_pre_funded_state() {
5757 // Spec says we should fail the connection, not the channel, but that's nonsense, there
5758 // are plenty of reasons you may want to fail a channel pre-funding, and spec says you
5759 // can do that via error message without getting a connection fail anyway...
5760 return Err(ChannelError::Close("Peer sent shutdown pre-funding generation".to_owned()));
5762 for htlc in self.context.pending_inbound_htlcs.iter() {
5763 if let InboundHTLCState::RemoteAnnounced(_) = htlc.state {
5764 return Err(ChannelError::Close("Got shutdown with remote pending HTLCs".to_owned()));
5767 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
5769 if !script::is_bolt2_compliant(&msg.scriptpubkey, their_features) {
5770 return Err(ChannelError::Warn(format!("Got a nonstandard scriptpubkey ({}) from remote peer", msg.scriptpubkey.to_hex_string())));
5773 if self.context.counterparty_shutdown_scriptpubkey.is_some() {
5774 if Some(&msg.scriptpubkey) != self.context.counterparty_shutdown_scriptpubkey.as_ref() {
5775 return Err(ChannelError::Warn(format!("Got shutdown request with a scriptpubkey ({}) which did not match their previous scriptpubkey.", msg.scriptpubkey.to_hex_string())));
5778 self.context.counterparty_shutdown_scriptpubkey = Some(msg.scriptpubkey.clone());
5781 // If we have any LocalAnnounced updates we'll probably just get back an update_fail_htlc
5782 // immediately after the commitment dance, but we can send a Shutdown because we won't send
5783 // any further commitment updates after we set LocalShutdownSent.
5784 let send_shutdown = !self.context.channel_state.is_local_shutdown_sent();
5786 let update_shutdown_script = match self.context.shutdown_scriptpubkey {
5789 assert!(send_shutdown);
5790 let shutdown_scriptpubkey = match signer_provider.get_shutdown_scriptpubkey() {
5791 Ok(scriptpubkey) => scriptpubkey,
5792 Err(_) => return Err(ChannelError::Close("Failed to get shutdown scriptpubkey".to_owned())),
5794 if !shutdown_scriptpubkey.is_compatible(their_features) {
5795 return Err(ChannelError::Close(format!("Provided a scriptpubkey format not accepted by peer: {}", shutdown_scriptpubkey)));
5797 self.context.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
5802 // From here on out, we may not fail!
5804 self.context.channel_state.set_remote_shutdown_sent();
5805 self.context.update_time_counter += 1;
5807 let monitor_update = if update_shutdown_script {
5808 self.context.latest_monitor_update_id += 1;
5809 let monitor_update = ChannelMonitorUpdate {
5810 update_id: self.context.latest_monitor_update_id,
5811 counterparty_node_id: Some(self.context.counterparty_node_id),
5812 updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
5813 scriptpubkey: self.get_closing_scriptpubkey(),
5815 channel_id: Some(self.context.channel_id()),
5817 self.monitor_updating_paused(false, false, false, Vec::new(), Vec::new(), Vec::new());
5818 self.push_ret_blockable_mon_update(monitor_update)
5820 let shutdown = if send_shutdown {
5821 Some(msgs::Shutdown {
5822 channel_id: self.context.channel_id,
5823 scriptpubkey: self.get_closing_scriptpubkey(),
5827 // We can't send our shutdown until we've committed all of our pending HTLCs, but the
5828 // remote side is unlikely to accept any new HTLCs, so we go ahead and "free" any holding
5829 // cell HTLCs and return them to fail the payment.
5830 self.context.holding_cell_update_fee = None;
5831 let mut dropped_outbound_htlcs = Vec::with_capacity(self.context.holding_cell_htlc_updates.len());
5832 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
5834 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, .. } => {
5835 dropped_outbound_htlcs.push((source.clone(), payment_hash.clone()));
5842 self.context.channel_state.set_local_shutdown_sent();
5843 self.context.update_time_counter += 1;
5845 Ok((shutdown, monitor_update, dropped_outbound_htlcs))
5848 fn build_signed_closing_transaction(&self, closing_tx: &ClosingTransaction, counterparty_sig: &Signature, sig: &Signature) -> Transaction {
5849 let mut tx = closing_tx.trust().built_transaction().clone();
5851 tx.input[0].witness.push(Vec::new()); // First is the multisig dummy
5853 let funding_key = self.context.get_holder_pubkeys().funding_pubkey.serialize();
5854 let counterparty_funding_key = self.context.counterparty_funding_pubkey().serialize();
5855 let mut holder_sig = sig.serialize_der().to_vec();
5856 holder_sig.push(EcdsaSighashType::All as u8);
5857 let mut cp_sig = counterparty_sig.serialize_der().to_vec();
5858 cp_sig.push(EcdsaSighashType::All as u8);
5859 if funding_key[..] < counterparty_funding_key[..] {
5860 tx.input[0].witness.push(holder_sig);
5861 tx.input[0].witness.push(cp_sig);
5863 tx.input[0].witness.push(cp_sig);
5864 tx.input[0].witness.push(holder_sig);
5867 tx.input[0].witness.push(self.context.get_funding_redeemscript().into_bytes());
5871 pub fn closing_signed<F: Deref>(
5872 &mut self, fee_estimator: &LowerBoundedFeeEstimator<F>, msg: &msgs::ClosingSigned)
5873 -> Result<(Option<msgs::ClosingSigned>, Option<Transaction>, Option<ShutdownResult>), ChannelError>
5874 where F::Target: FeeEstimator
5876 if !self.context.channel_state.is_both_sides_shutdown() {
5877 return Err(ChannelError::Close("Remote end sent us a closing_signed before both sides provided a shutdown".to_owned()));
5879 if self.context.channel_state.is_peer_disconnected() {
5880 return Err(ChannelError::Close("Peer sent closing_signed when we needed a channel_reestablish".to_owned()));
5882 if !self.context.pending_inbound_htlcs.is_empty() || !self.context.pending_outbound_htlcs.is_empty() {
5883 return Err(ChannelError::Close("Remote end sent us a closing_signed while there were still pending HTLCs".to_owned()));
5885 if msg.fee_satoshis > TOTAL_BITCOIN_SUPPLY_SATOSHIS { // this is required to stop potential overflow in build_closing_transaction
5886 return Err(ChannelError::Close("Remote tried to send us a closing tx with > 21 million BTC fee".to_owned()));
5889 if self.context.is_outbound() && self.context.last_sent_closing_fee.is_none() {
5890 return Err(ChannelError::Close("Remote tried to send a closing_signed when we were supposed to propose the first one".to_owned()));
5893 if self.context.channel_state.is_monitor_update_in_progress() {
5894 self.context.pending_counterparty_closing_signed = Some(msg.clone());
5895 return Ok((None, None, None));
5898 let funding_redeemscript = self.context.get_funding_redeemscript();
5899 let (mut closing_tx, used_total_fee) = self.build_closing_transaction(msg.fee_satoshis, false);
5900 if used_total_fee != msg.fee_satoshis {
5901 return Err(ChannelError::Close(format!("Remote sent us a closing_signed with a fee other than the value they can claim. Fee in message: {}. Actual closing tx fee: {}", msg.fee_satoshis, used_total_fee)));
5903 let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.context.channel_value_satoshis);
5905 match self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.get_counterparty_pubkeys().funding_pubkey) {
5908 // The remote end may have decided to revoke their output due to inconsistent dust
5909 // limits, so check for that case by re-checking the signature here.
5910 closing_tx = self.build_closing_transaction(msg.fee_satoshis, true).0;
5911 let sighash = closing_tx.trust().get_sighash_all(&funding_redeemscript, self.context.channel_value_satoshis);
5912 secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, self.context.counterparty_funding_pubkey()), "Invalid closing tx signature from peer".to_owned());
5916 for outp in closing_tx.trust().built_transaction().output.iter() {
5917 if !outp.script_pubkey.is_witness_program() && outp.value < MAX_STD_OUTPUT_DUST_LIMIT_SATOSHIS {
5918 return Err(ChannelError::Close("Remote sent us a closing_signed with a dust output. Always use segwit closing scripts!".to_owned()));
5922 let closure_reason = if self.initiated_shutdown() {
5923 ClosureReason::LocallyInitiatedCooperativeClosure
5925 ClosureReason::CounterpartyInitiatedCooperativeClosure
5928 assert!(self.context.shutdown_scriptpubkey.is_some());
5929 if let Some((last_fee, sig)) = self.context.last_sent_closing_fee {
5930 if last_fee == msg.fee_satoshis {
5931 let shutdown_result = ShutdownResult {
5933 monitor_update: None,
5934 dropped_outbound_htlcs: Vec::new(),
5935 unbroadcasted_batch_funding_txid: self.context.unbroadcasted_batch_funding_txid(),
5936 channel_id: self.context.channel_id,
5937 user_channel_id: self.context.user_id,
5938 channel_capacity_satoshis: self.context.channel_value_satoshis,
5939 counterparty_node_id: self.context.counterparty_node_id,
5940 unbroadcasted_funding_tx: self.context.unbroadcasted_funding(),
5941 channel_funding_txo: self.context.get_funding_txo(),
5943 let tx = self.build_signed_closing_transaction(&mut closing_tx, &msg.signature, &sig);
5944 self.context.channel_state = ChannelState::ShutdownComplete;
5945 self.context.update_time_counter += 1;
5946 return Ok((None, Some(tx), Some(shutdown_result)));
5950 let (our_min_fee, our_max_fee) = self.calculate_closing_fee_limits(fee_estimator);
5952 macro_rules! propose_fee {
5953 ($new_fee: expr) => {
5954 let (closing_tx, used_fee) = if $new_fee == msg.fee_satoshis {
5955 (closing_tx, $new_fee)
5957 self.build_closing_transaction($new_fee, false)
5960 return match &self.context.holder_signer {
5961 ChannelSignerType::Ecdsa(ecdsa) => {
5963 .sign_closing_transaction(&closing_tx, &self.context.secp_ctx)
5964 .map_err(|_| ChannelError::Close("External signer refused to sign closing transaction".to_owned()))?;
5965 let (signed_tx, shutdown_result) = if $new_fee == msg.fee_satoshis {
5966 let shutdown_result = ShutdownResult {
5968 monitor_update: None,
5969 dropped_outbound_htlcs: Vec::new(),
5970 unbroadcasted_batch_funding_txid: self.context.unbroadcasted_batch_funding_txid(),
5971 channel_id: self.context.channel_id,
5972 user_channel_id: self.context.user_id,
5973 channel_capacity_satoshis: self.context.channel_value_satoshis,
5974 counterparty_node_id: self.context.counterparty_node_id,
5975 unbroadcasted_funding_tx: self.context.unbroadcasted_funding(),
5976 channel_funding_txo: self.context.get_funding_txo(),
5978 self.context.channel_state = ChannelState::ShutdownComplete;
5979 self.context.update_time_counter += 1;
5980 let tx = self.build_signed_closing_transaction(&closing_tx, &msg.signature, &sig);
5981 (Some(tx), Some(shutdown_result))
5986 self.context.last_sent_closing_fee = Some((used_fee, sig.clone()));
5987 Ok((Some(msgs::ClosingSigned {
5988 channel_id: self.context.channel_id,
5989 fee_satoshis: used_fee,
5991 fee_range: Some(msgs::ClosingSignedFeeRange {
5992 min_fee_satoshis: our_min_fee,
5993 max_fee_satoshis: our_max_fee,
5995 }), signed_tx, shutdown_result))
5997 // TODO (taproot|arik)
6004 if let Some(msgs::ClosingSignedFeeRange { min_fee_satoshis, max_fee_satoshis }) = msg.fee_range {
6005 if msg.fee_satoshis < min_fee_satoshis || msg.fee_satoshis > max_fee_satoshis {
6006 return Err(ChannelError::Close(format!("Peer sent a bogus closing_signed - suggested fee of {} sat was not in their desired range of {} sat - {} sat", msg.fee_satoshis, min_fee_satoshis, max_fee_satoshis)));
6008 if max_fee_satoshis < our_min_fee {
6009 return Err(ChannelError::Warn(format!("Unable to come to consensus about closing feerate, remote's max fee ({} sat) was smaller than our min fee ({} sat)", max_fee_satoshis, our_min_fee)));
6011 if min_fee_satoshis > our_max_fee {
6012 return Err(ChannelError::Warn(format!("Unable to come to consensus about closing feerate, remote's min fee ({} sat) was greater than our max fee ({} sat)", min_fee_satoshis, our_max_fee)));
6015 if !self.context.is_outbound() {
6016 // They have to pay, so pick the highest fee in the overlapping range.
6017 // We should never set an upper bound aside from their full balance
6018 debug_assert_eq!(our_max_fee, self.context.channel_value_satoshis - (self.context.value_to_self_msat + 999) / 1000);
6019 propose_fee!(cmp::min(max_fee_satoshis, our_max_fee));
6021 if msg.fee_satoshis < our_min_fee || msg.fee_satoshis > our_max_fee {
6022 return Err(ChannelError::Close(format!("Peer sent a bogus closing_signed - suggested fee of {} sat was not in our desired range of {} sat - {} sat after we informed them of our range.",
6023 msg.fee_satoshis, our_min_fee, our_max_fee)));
6025 // The proposed fee is in our acceptable range, accept it and broadcast!
6026 propose_fee!(msg.fee_satoshis);
6029 // Old fee style negotiation. We don't bother to enforce whether they are complying
6030 // with the "making progress" requirements, we just comply and hope for the best.
6031 if let Some((last_fee, _)) = self.context.last_sent_closing_fee {
6032 if msg.fee_satoshis > last_fee {
6033 if msg.fee_satoshis < our_max_fee {
6034 propose_fee!(msg.fee_satoshis);
6035 } else if last_fee < our_max_fee {
6036 propose_fee!(our_max_fee);
6038 return Err(ChannelError::Close(format!("Unable to come to consensus about closing feerate, remote wants something ({} sat) higher than our max fee ({} sat)", msg.fee_satoshis, our_max_fee)));
6041 if msg.fee_satoshis > our_min_fee {
6042 propose_fee!(msg.fee_satoshis);
6043 } else if last_fee > our_min_fee {
6044 propose_fee!(our_min_fee);
6046 return Err(ChannelError::Close(format!("Unable to come to consensus about closing feerate, remote wants something ({} sat) lower than our min fee ({} sat)", msg.fee_satoshis, our_min_fee)));
6050 if msg.fee_satoshis < our_min_fee {
6051 propose_fee!(our_min_fee);
6052 } else if msg.fee_satoshis > our_max_fee {
6053 propose_fee!(our_max_fee);
6055 propose_fee!(msg.fee_satoshis);
6061 fn internal_htlc_satisfies_config(
6062 &self, htlc: &msgs::UpdateAddHTLC, amt_to_forward: u64, outgoing_cltv_value: u32, config: &ChannelConfig,
6063 ) -> Result<(), (&'static str, u16)> {
6064 let fee = amt_to_forward.checked_mul(config.forwarding_fee_proportional_millionths as u64)
6065 .and_then(|prop_fee| (prop_fee / 1000000).checked_add(config.forwarding_fee_base_msat as u64));
6066 if fee.is_none() || htlc.amount_msat < fee.unwrap() ||
6067 (htlc.amount_msat - fee.unwrap()) < amt_to_forward {
6069 "Prior hop has deviated from specified fees parameters or origin node has obsolete ones",
6070 0x1000 | 12, // fee_insufficient
6073 if (htlc.cltv_expiry as u64) < outgoing_cltv_value as u64 + config.cltv_expiry_delta as u64 {
6075 "Forwarding node has tampered with the intended HTLC values or origin node has an obsolete cltv_expiry_delta",
6076 0x1000 | 13, // incorrect_cltv_expiry
6082 /// Determines whether the parameters of an incoming HTLC to be forwarded satisfy the channel's
6083 /// [`ChannelConfig`]. This first looks at the channel's current [`ChannelConfig`], and if
6084 /// unsuccessful, falls back to the previous one if one exists.
6085 pub fn htlc_satisfies_config(
6086 &self, htlc: &msgs::UpdateAddHTLC, amt_to_forward: u64, outgoing_cltv_value: u32,
6087 ) -> Result<(), (&'static str, u16)> {
6088 self.internal_htlc_satisfies_config(&htlc, amt_to_forward, outgoing_cltv_value, &self.context.config())
6090 if let Some(prev_config) = self.context.prev_config() {
6091 self.internal_htlc_satisfies_config(htlc, amt_to_forward, outgoing_cltv_value, &prev_config)
6098 pub fn can_accept_incoming_htlc<F: Deref, L: Deref>(
6099 &self, msg: &msgs::UpdateAddHTLC, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: L
6100 ) -> Result<(), (&'static str, u16)>
6102 F::Target: FeeEstimator,
6105 if self.context.channel_state.is_local_shutdown_sent() {
6106 return Err(("Shutdown was already sent", 0x4000|8))
6109 let inbound_stats = self.context.get_inbound_pending_htlc_stats(None);
6110 let outbound_stats = self.context.get_outbound_pending_htlc_stats(None);
6111 let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(fee_estimator);
6112 let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
6115 let dust_buffer_feerate = self.context.get_dust_buffer_feerate(None) as u64;
6116 (dust_buffer_feerate * htlc_timeout_tx_weight(self.context.get_channel_type()) / 1000,
6117 dust_buffer_feerate * htlc_success_tx_weight(self.context.get_channel_type()) / 1000)
6119 let exposure_dust_limit_timeout_sats = htlc_timeout_dust_limit + self.context.counterparty_dust_limit_satoshis;
6120 if msg.amount_msat / 1000 < exposure_dust_limit_timeout_sats {
6121 let on_counterparty_tx_dust_htlc_exposure_msat = inbound_stats.on_counterparty_tx_dust_exposure_msat + outbound_stats.on_counterparty_tx_dust_exposure_msat + msg.amount_msat;
6122 if on_counterparty_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
6123 log_info!(logger, "Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on counterparty commitment tx",
6124 on_counterparty_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
6125 return Err(("Exceeded our dust exposure limit on counterparty commitment tx", 0x1000|7))
6129 let exposure_dust_limit_success_sats = htlc_success_dust_limit + self.context.holder_dust_limit_satoshis;
6130 if msg.amount_msat / 1000 < exposure_dust_limit_success_sats {
6131 let on_holder_tx_dust_htlc_exposure_msat = inbound_stats.on_holder_tx_dust_exposure_msat + outbound_stats.on_holder_tx_dust_exposure_msat + msg.amount_msat;
6132 if on_holder_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
6133 log_info!(logger, "Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on holder commitment tx",
6134 on_holder_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
6135 return Err(("Exceeded our dust exposure limit on holder commitment tx", 0x1000|7))
6139 let anchor_outputs_value_msat = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
6140 ANCHOR_OUTPUT_VALUE_SATOSHI * 2 * 1000
6145 let mut removed_outbound_total_msat = 0;
6146 for ref htlc in self.context.pending_outbound_htlcs.iter() {
6147 if let OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(_)) = htlc.state {
6148 removed_outbound_total_msat += htlc.amount_msat;
6149 } else if let OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(_)) = htlc.state {
6150 removed_outbound_total_msat += htlc.amount_msat;
6154 let pending_value_to_self_msat =
6155 self.context.value_to_self_msat + inbound_stats.pending_htlcs_value_msat - removed_outbound_total_msat;
6156 let pending_remote_value_msat =
6157 self.context.channel_value_satoshis * 1000 - pending_value_to_self_msat;
6159 if !self.context.is_outbound() {
6160 // `Some(())` is for the fee spike buffer we keep for the remote. This deviates from
6161 // the spec because the fee spike buffer requirement doesn't exist on the receiver's
6162 // side, only on the sender's. Note that with anchor outputs we are no longer as
6163 // sensitive to fee spikes, so we need to account for them.
6164 let htlc_candidate = HTLCCandidate::new(msg.amount_msat, HTLCInitiator::RemoteOffered);
6165 let mut remote_fee_cost_incl_stuck_buffer_msat = self.context.next_remote_commit_tx_fee_msat(htlc_candidate, Some(()));
6166 if !self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
6167 remote_fee_cost_incl_stuck_buffer_msat *= FEE_SPIKE_BUFFER_FEE_INCREASE_MULTIPLE;
6169 if pending_remote_value_msat.saturating_sub(msg.amount_msat).saturating_sub(self.context.holder_selected_channel_reserve_satoshis * 1000).saturating_sub(anchor_outputs_value_msat) < remote_fee_cost_incl_stuck_buffer_msat {
6170 log_info!(logger, "Attempting to fail HTLC due to fee spike buffer violation in channel {}. Rebalancing is required.", &self.context.channel_id());
6171 return Err(("Fee spike buffer violation", 0x1000|7));
6178 pub fn get_cur_holder_commitment_transaction_number(&self) -> u64 {
6179 self.context.cur_holder_commitment_transaction_number + 1
6182 pub fn get_cur_counterparty_commitment_transaction_number(&self) -> u64 {
6183 self.context.cur_counterparty_commitment_transaction_number + 1 - if self.context.channel_state.is_awaiting_remote_revoke() { 1 } else { 0 }
6186 pub fn get_revoked_counterparty_commitment_transaction_number(&self) -> u64 {
6187 self.context.cur_counterparty_commitment_transaction_number + 2
6191 pub fn get_signer(&self) -> &ChannelSignerType<SP> {
6192 &self.context.holder_signer
6196 pub fn get_value_stat(&self) -> ChannelValueStat {
6198 value_to_self_msat: self.context.value_to_self_msat,
6199 channel_value_msat: self.context.channel_value_satoshis * 1000,
6200 channel_reserve_msat: self.context.counterparty_selected_channel_reserve_satoshis.unwrap() * 1000,
6201 pending_outbound_htlcs_amount_msat: self.context.pending_outbound_htlcs.iter().map(|ref h| h.amount_msat).sum::<u64>(),
6202 pending_inbound_htlcs_amount_msat: self.context.pending_inbound_htlcs.iter().map(|ref h| h.amount_msat).sum::<u64>(),
6203 holding_cell_outbound_amount_msat: {
6205 for h in self.context.holding_cell_htlc_updates.iter() {
6207 &HTLCUpdateAwaitingACK::AddHTLC{amount_msat, .. } => {
6215 counterparty_max_htlc_value_in_flight_msat: self.context.counterparty_max_htlc_value_in_flight_msat,
6216 counterparty_dust_limit_msat: self.context.counterparty_dust_limit_satoshis * 1000,
6220 /// Returns true if this channel has been marked as awaiting a monitor update to move forward.
6221 /// Allowed in any state (including after shutdown)
6222 pub fn is_awaiting_monitor_update(&self) -> bool {
6223 self.context.channel_state.is_monitor_update_in_progress()
6226 /// Gets the latest [`ChannelMonitorUpdate`] ID which has been released and is in-flight.
6227 pub fn get_latest_unblocked_monitor_update_id(&self) -> u64 {
6228 if self.context.blocked_monitor_updates.is_empty() { return self.context.get_latest_monitor_update_id(); }
6229 self.context.blocked_monitor_updates[0].update.update_id - 1
6232 /// Returns the next blocked monitor update, if one exists, and a bool which indicates a
6233 /// further blocked monitor update exists after the next.
6234 pub fn unblock_next_blocked_monitor_update(&mut self) -> Option<(ChannelMonitorUpdate, bool)> {
6235 if self.context.blocked_monitor_updates.is_empty() { return None; }
6236 Some((self.context.blocked_monitor_updates.remove(0).update,
6237 !self.context.blocked_monitor_updates.is_empty()))
6240 /// Pushes a new monitor update into our monitor update queue, returning it if it should be
6241 /// immediately given to the user for persisting or `None` if it should be held as blocked.
6242 fn push_ret_blockable_mon_update(&mut self, update: ChannelMonitorUpdate)
6243 -> Option<ChannelMonitorUpdate> {
6244 let release_monitor = self.context.blocked_monitor_updates.is_empty();
6245 if !release_monitor {
6246 self.context.blocked_monitor_updates.push(PendingChannelMonitorUpdate {
6255 pub fn blocked_monitor_updates_pending(&self) -> usize {
6256 self.context.blocked_monitor_updates.len()
6259 /// Returns true if the channel is awaiting the persistence of the initial ChannelMonitor.
6260 /// If the channel is outbound, this implies we have not yet broadcasted the funding
6261 /// transaction. If the channel is inbound, this implies simply that the channel has not
6263 pub fn is_awaiting_initial_mon_persist(&self) -> bool {
6264 if !self.is_awaiting_monitor_update() { return false; }
6266 self.context.channel_state, ChannelState::AwaitingChannelReady(flags)
6267 if flags.clone().clear(AwaitingChannelReadyFlags::THEIR_CHANNEL_READY | FundedStateFlags::PEER_DISCONNECTED | FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS | AwaitingChannelReadyFlags::WAITING_FOR_BATCH).is_empty()
6269 // If we're not a 0conf channel, we'll be waiting on a monitor update with only
6270 // AwaitingChannelReady set, though our peer could have sent their channel_ready.
6271 debug_assert!(self.context.minimum_depth.unwrap_or(1) > 0);
6274 if self.context.cur_holder_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 &&
6275 self.context.cur_counterparty_commitment_transaction_number == INITIAL_COMMITMENT_NUMBER - 1 {
6276 // If we're a 0-conf channel, we'll move beyond AwaitingChannelReady immediately even while
6277 // waiting for the initial monitor persistence. Thus, we check if our commitment
6278 // transaction numbers have both been iterated only exactly once (for the
6279 // funding_signed), and we're awaiting monitor update.
6281 // If we got here, we shouldn't have yet broadcasted the funding transaction (as the
6282 // only way to get an awaiting-monitor-update state during initial funding is if the
6283 // initial monitor persistence is still pending).
6285 // Because deciding we're awaiting initial broadcast spuriously could result in
6286 // funds-loss (as we don't have a monitor, but have the funding transaction confirmed),
6287 // we hard-assert here, even in production builds.
6288 if self.context.is_outbound() { assert!(self.context.funding_transaction.is_some()); }
6289 assert!(self.context.monitor_pending_channel_ready);
6290 assert_eq!(self.context.latest_monitor_update_id, 0);
6296 /// Returns true if our channel_ready has been sent
6297 pub fn is_our_channel_ready(&self) -> bool {
6298 matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(flags) if flags.is_set(AwaitingChannelReadyFlags::OUR_CHANNEL_READY)) ||
6299 matches!(self.context.channel_state, ChannelState::ChannelReady(_))
6302 /// Returns true if our peer has either initiated or agreed to shut down the channel.
6303 pub fn received_shutdown(&self) -> bool {
6304 self.context.channel_state.is_remote_shutdown_sent()
6307 /// Returns true if we either initiated or agreed to shut down the channel.
6308 pub fn sent_shutdown(&self) -> bool {
6309 self.context.channel_state.is_local_shutdown_sent()
6312 /// Returns true if we initiated to shut down the channel.
6313 pub fn initiated_shutdown(&self) -> bool {
6314 self.context.local_initiated_shutdown.is_some()
6317 /// Returns true if this channel is fully shut down. True here implies that no further actions
6318 /// may/will be taken on this channel, and thus this object should be freed. Any future changes
6319 /// will be handled appropriately by the chain monitor.
6320 pub fn is_shutdown(&self) -> bool {
6321 matches!(self.context.channel_state, ChannelState::ShutdownComplete)
6324 pub fn channel_update_status(&self) -> ChannelUpdateStatus {
6325 self.context.channel_update_status
6328 pub fn set_channel_update_status(&mut self, status: ChannelUpdateStatus) {
6329 self.context.update_time_counter += 1;
6330 self.context.channel_update_status = status;
6333 fn check_get_channel_ready(&mut self, height: u32) -> Option<msgs::ChannelReady> {
6335 // * always when a new block/transactions are confirmed with the new height
6336 // * when funding is signed with a height of 0
6337 if self.context.funding_tx_confirmation_height == 0 && self.context.minimum_depth != Some(0) {
6341 let funding_tx_confirmations = height as i64 - self.context.funding_tx_confirmation_height as i64 + 1;
6342 if funding_tx_confirmations <= 0 {
6343 self.context.funding_tx_confirmation_height = 0;
6346 if funding_tx_confirmations < self.context.minimum_depth.unwrap_or(0) as i64 {
6350 // If we're still pending the signature on a funding transaction, then we're not ready to send a
6351 // channel_ready yet.
6352 if self.context.signer_pending_funding {
6356 // Note that we don't include ChannelState::WaitingForBatch as we don't want to send
6357 // channel_ready until the entire batch is ready.
6358 let need_commitment_update = if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()).is_empty()) {
6359 self.context.channel_state.set_our_channel_ready();
6361 } else if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()) == AwaitingChannelReadyFlags::THEIR_CHANNEL_READY) {
6362 self.context.channel_state = ChannelState::ChannelReady(self.context.channel_state.with_funded_state_flags_mask().into());
6363 self.context.update_time_counter += 1;
6365 } else if matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(f) if f.clone().clear(FundedStateFlags::ALL.into()) == AwaitingChannelReadyFlags::OUR_CHANNEL_READY) {
6366 // We got a reorg but not enough to trigger a force close, just ignore.
6369 if self.context.funding_tx_confirmation_height != 0 &&
6370 self.context.channel_state < ChannelState::ChannelReady(ChannelReadyFlags::new())
6372 // We should never see a funding transaction on-chain until we've received
6373 // funding_signed (if we're an outbound channel), or seen funding_generated (if we're
6374 // an inbound channel - before that we have no known funding TXID). The fuzzer,
6375 // however, may do this and we shouldn't treat it as a bug.
6376 #[cfg(not(fuzzing))]
6377 panic!("Started confirming a channel in a state pre-AwaitingChannelReady: {}.\n\
6378 Do NOT broadcast a funding transaction manually - let LDK do it for you!",
6379 self.context.channel_state.to_u32());
6381 // We got a reorg but not enough to trigger a force close, just ignore.
6385 if need_commitment_update {
6386 if !self.context.channel_state.is_monitor_update_in_progress() {
6387 if !self.context.channel_state.is_peer_disconnected() {
6388 let next_per_commitment_point =
6389 self.context.holder_signer.as_ref().get_per_commitment_point(INITIAL_COMMITMENT_NUMBER - 1, &self.context.secp_ctx);
6390 return Some(msgs::ChannelReady {
6391 channel_id: self.context.channel_id,
6392 next_per_commitment_point,
6393 short_channel_id_alias: Some(self.context.outbound_scid_alias),
6397 self.context.monitor_pending_channel_ready = true;
6403 /// When a transaction is confirmed, we check whether it is or spends the funding transaction
6404 /// In the first case, we store the confirmation height and calculating the short channel id.
6405 /// In the second, we simply return an Err indicating we need to be force-closed now.
6406 pub fn transactions_confirmed<NS: Deref, L: Deref>(
6407 &mut self, block_hash: &BlockHash, height: u32, txdata: &TransactionData,
6408 chain_hash: ChainHash, node_signer: &NS, user_config: &UserConfig, logger: &L
6409 ) -> Result<(Option<msgs::ChannelReady>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6411 NS::Target: NodeSigner,
6414 let mut msgs = (None, None);
6415 if let Some(funding_txo) = self.context.get_funding_txo() {
6416 for &(index_in_block, tx) in txdata.iter() {
6417 // Check if the transaction is the expected funding transaction, and if it is,
6418 // check that it pays the right amount to the right script.
6419 if self.context.funding_tx_confirmation_height == 0 {
6420 if tx.txid() == funding_txo.txid {
6421 let txo_idx = funding_txo.index as usize;
6422 if txo_idx >= tx.output.len() || tx.output[txo_idx].script_pubkey != self.context.get_funding_redeemscript().to_v0_p2wsh() ||
6423 tx.output[txo_idx].value != self.context.channel_value_satoshis {
6424 if self.context.is_outbound() {
6425 // If we generated the funding transaction and it doesn't match what it
6426 // should, the client is really broken and we should just panic and
6427 // tell them off. That said, because hash collisions happen with high
6428 // probability in fuzzing mode, if we're fuzzing we just close the
6429 // channel and move on.
6430 #[cfg(not(fuzzing))]
6431 panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!");
6433 self.context.update_time_counter += 1;
6434 let err_reason = "funding tx had wrong script/value or output index";
6435 return Err(ClosureReason::ProcessingError { err: err_reason.to_owned() });
6437 if self.context.is_outbound() {
6438 if !tx.is_coin_base() {
6439 for input in tx.input.iter() {
6440 if input.witness.is_empty() {
6441 // We generated a malleable funding transaction, implying we've
6442 // just exposed ourselves to funds loss to our counterparty.
6443 #[cfg(not(fuzzing))]
6444 panic!("Client called ChannelManager::funding_transaction_generated with bogus transaction!");
6449 self.context.funding_tx_confirmation_height = height;
6450 self.context.funding_tx_confirmed_in = Some(*block_hash);
6451 self.context.short_channel_id = match scid_from_parts(height as u64, index_in_block as u64, txo_idx as u64) {
6452 Ok(scid) => Some(scid),
6453 Err(_) => panic!("Block was bogus - either height was > 16 million, had > 16 million transactions, or had > 65k outputs"),
6456 // If this is a coinbase transaction and not a 0-conf channel
6457 // we should update our min_depth to 100 to handle coinbase maturity
6458 if tx.is_coin_base() &&
6459 self.context.minimum_depth.unwrap_or(0) > 0 &&
6460 self.context.minimum_depth.unwrap_or(0) < COINBASE_MATURITY {
6461 self.context.minimum_depth = Some(COINBASE_MATURITY);
6464 // If we allow 1-conf funding, we may need to check for channel_ready here and
6465 // send it immediately instead of waiting for a best_block_updated call (which
6466 // may have already happened for this block).
6467 if let Some(channel_ready) = self.check_get_channel_ready(height) {
6468 log_info!(logger, "Sending a channel_ready to our peer for channel {}", &self.context.channel_id);
6469 let announcement_sigs = self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger);
6470 msgs = (Some(channel_ready), announcement_sigs);
6473 for inp in tx.input.iter() {
6474 if inp.previous_output == funding_txo.into_bitcoin_outpoint() {
6475 log_info!(logger, "Detected channel-closing tx {} spending {}:{}, closing channel {}", tx.txid(), inp.previous_output.txid, inp.previous_output.vout, &self.context.channel_id());
6476 return Err(ClosureReason::CommitmentTxConfirmed);
6484 /// When a new block is connected, we check the height of the block against outbound holding
6485 /// cell HTLCs in case we need to give up on them prematurely and time them out. Everything
6486 /// else (e.g. commitment transaction broadcasts, HTLC transaction broadcasting, etc) is
6487 /// handled by the ChannelMonitor.
6489 /// If we return Err, the channel may have been closed, at which point the standard
6490 /// requirements apply - no calls may be made except those explicitly stated to be allowed
6493 /// May return some HTLCs (and their payment_hash) which have timed out and should be failed
6495 pub fn best_block_updated<NS: Deref, L: Deref>(
6496 &mut self, height: u32, highest_header_time: u32, chain_hash: ChainHash,
6497 node_signer: &NS, user_config: &UserConfig, logger: &L
6498 ) -> Result<(Option<msgs::ChannelReady>, Vec<(HTLCSource, PaymentHash)>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6500 NS::Target: NodeSigner,
6503 self.do_best_block_updated(height, highest_header_time, Some((chain_hash, node_signer, user_config)), logger)
6506 fn do_best_block_updated<NS: Deref, L: Deref>(
6507 &mut self, height: u32, highest_header_time: u32,
6508 chain_node_signer: Option<(ChainHash, &NS, &UserConfig)>, logger: &L
6509 ) -> Result<(Option<msgs::ChannelReady>, Vec<(HTLCSource, PaymentHash)>, Option<msgs::AnnouncementSignatures>), ClosureReason>
6511 NS::Target: NodeSigner,
6514 let mut timed_out_htlcs = Vec::new();
6515 // This mirrors the check in ChannelManager::decode_update_add_htlc_onion, refusing to
6516 // forward an HTLC when our counterparty should almost certainly just fail it for expiring
6518 let unforwarded_htlc_cltv_limit = height + LATENCY_GRACE_PERIOD_BLOCKS;
6519 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
6521 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, ref cltv_expiry, .. } => {
6522 if *cltv_expiry <= unforwarded_htlc_cltv_limit {
6523 timed_out_htlcs.push((source.clone(), payment_hash.clone()));
6531 self.context.update_time_counter = cmp::max(self.context.update_time_counter, highest_header_time);
6533 if let Some(channel_ready) = self.check_get_channel_ready(height) {
6534 let announcement_sigs = if let Some((chain_hash, node_signer, user_config)) = chain_node_signer {
6535 self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger)
6537 log_info!(logger, "Sending a channel_ready to our peer for channel {}", &self.context.channel_id);
6538 return Ok((Some(channel_ready), timed_out_htlcs, announcement_sigs));
6541 if matches!(self.context.channel_state, ChannelState::ChannelReady(_)) ||
6542 self.context.channel_state.is_our_channel_ready() {
6543 let mut funding_tx_confirmations = height as i64 - self.context.funding_tx_confirmation_height as i64 + 1;
6544 if self.context.funding_tx_confirmation_height == 0 {
6545 // Note that check_get_channel_ready may reset funding_tx_confirmation_height to
6546 // zero if it has been reorged out, however in either case, our state flags
6547 // indicate we've already sent a channel_ready
6548 funding_tx_confirmations = 0;
6551 // If we've sent channel_ready (or have both sent and received channel_ready), and
6552 // the funding transaction has become unconfirmed,
6553 // close the channel and hope we can get the latest state on chain (because presumably
6554 // the funding transaction is at least still in the mempool of most nodes).
6556 // Note that ideally we wouldn't force-close if we see *any* reorg on a 1-conf or
6557 // 0-conf channel, but not doing so may lead to the
6558 // `ChannelManager::short_to_chan_info` map being inconsistent, so we currently have
6560 if funding_tx_confirmations == 0 && self.context.funding_tx_confirmed_in.is_some() {
6561 let err_reason = format!("Funding transaction was un-confirmed. Locked at {} confs, now have {} confs.",
6562 self.context.minimum_depth.unwrap(), funding_tx_confirmations);
6563 return Err(ClosureReason::ProcessingError { err: err_reason });
6565 } else if !self.context.is_outbound() && self.context.funding_tx_confirmed_in.is_none() &&
6566 height >= self.context.channel_creation_height + FUNDING_CONF_DEADLINE_BLOCKS {
6567 log_info!(logger, "Closing channel {} due to funding timeout", &self.context.channel_id);
6568 // If funding_tx_confirmed_in is unset, the channel must not be active
6569 assert!(self.context.channel_state <= ChannelState::ChannelReady(ChannelReadyFlags::new()));
6570 assert!(!self.context.channel_state.is_our_channel_ready());
6571 return Err(ClosureReason::FundingTimedOut);
6574 let announcement_sigs = if let Some((chain_hash, node_signer, user_config)) = chain_node_signer {
6575 self.get_announcement_sigs(node_signer, chain_hash, user_config, height, logger)
6577 Ok((None, timed_out_htlcs, announcement_sigs))
6580 /// Indicates the funding transaction is no longer confirmed in the main chain. This may
6581 /// force-close the channel, but may also indicate a harmless reorganization of a block or two
6582 /// before the channel has reached channel_ready and we can just wait for more blocks.
6583 pub fn funding_transaction_unconfirmed<L: Deref>(&mut self, logger: &L) -> Result<(), ClosureReason> where L::Target: Logger {
6584 if self.context.funding_tx_confirmation_height != 0 {
6585 // We handle the funding disconnection by calling best_block_updated with a height one
6586 // below where our funding was connected, implying a reorg back to conf_height - 1.
6587 let reorg_height = self.context.funding_tx_confirmation_height - 1;
6588 // We use the time field to bump the current time we set on channel updates if its
6589 // larger. If we don't know that time has moved forward, we can just set it to the last
6590 // time we saw and it will be ignored.
6591 let best_time = self.context.update_time_counter;
6592 match self.do_best_block_updated(reorg_height, best_time, None::<(ChainHash, &&dyn NodeSigner, &UserConfig)>, logger) {
6593 Ok((channel_ready, timed_out_htlcs, announcement_sigs)) => {
6594 assert!(channel_ready.is_none(), "We can't generate a funding with 0 confirmations?");
6595 assert!(timed_out_htlcs.is_empty(), "We can't have accepted HTLCs with a timeout before our funding confirmation?");
6596 assert!(announcement_sigs.is_none(), "We can't generate an announcement_sigs with 0 confirmations?");
6602 // We never learned about the funding confirmation anyway, just ignore
6607 // Methods to get unprompted messages to send to the remote end (or where we already returned
6608 // something in the handler for the message that prompted this message):
6610 /// Gets an UnsignedChannelAnnouncement for this channel. The channel must be publicly
6611 /// announceable and available for use (have exchanged [`ChannelReady`] messages in both
6612 /// directions). Should be used for both broadcasted announcements and in response to an
6613 /// AnnouncementSignatures message from the remote peer.
6615 /// Will only fail if we're not in a state where channel_announcement may be sent (including
6618 /// This will only return ChannelError::Ignore upon failure.
6620 /// [`ChannelReady`]: crate::ln::msgs::ChannelReady
6621 fn get_channel_announcement<NS: Deref>(
6622 &self, node_signer: &NS, chain_hash: ChainHash, user_config: &UserConfig,
6623 ) -> Result<msgs::UnsignedChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6624 if !self.context.config.announced_channel {
6625 return Err(ChannelError::Ignore("Channel is not available for public announcements".to_owned()));
6627 if !self.context.is_usable() {
6628 return Err(ChannelError::Ignore("Cannot get a ChannelAnnouncement if the channel is not currently usable".to_owned()));
6631 let short_channel_id = self.context.get_short_channel_id()
6632 .ok_or(ChannelError::Ignore("Cannot get a ChannelAnnouncement if the channel has not been confirmed yet".to_owned()))?;
6633 let node_id = NodeId::from_pubkey(&node_signer.get_node_id(Recipient::Node)
6634 .map_err(|_| ChannelError::Ignore("Failed to retrieve own public key".to_owned()))?);
6635 let counterparty_node_id = NodeId::from_pubkey(&self.context.get_counterparty_node_id());
6636 let were_node_one = node_id.as_slice() < counterparty_node_id.as_slice();
6638 let msg = msgs::UnsignedChannelAnnouncement {
6639 features: channelmanager::provided_channel_features(&user_config),
6642 node_id_1: if were_node_one { node_id } else { counterparty_node_id },
6643 node_id_2: if were_node_one { counterparty_node_id } else { node_id },
6644 bitcoin_key_1: NodeId::from_pubkey(if were_node_one { &self.context.get_holder_pubkeys().funding_pubkey } else { self.context.counterparty_funding_pubkey() }),
6645 bitcoin_key_2: NodeId::from_pubkey(if were_node_one { self.context.counterparty_funding_pubkey() } else { &self.context.get_holder_pubkeys().funding_pubkey }),
6646 excess_data: Vec::new(),
6652 fn get_announcement_sigs<NS: Deref, L: Deref>(
6653 &mut self, node_signer: &NS, chain_hash: ChainHash, user_config: &UserConfig,
6654 best_block_height: u32, logger: &L
6655 ) -> Option<msgs::AnnouncementSignatures>
6657 NS::Target: NodeSigner,
6660 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6664 if !self.context.is_usable() {
6668 if self.context.channel_state.is_peer_disconnected() {
6669 log_trace!(logger, "Cannot create an announcement_signatures as our peer is disconnected");
6673 if self.context.announcement_sigs_state != AnnouncementSigsState::NotSent {
6677 log_trace!(logger, "Creating an announcement_signatures message for channel {}", &self.context.channel_id());
6678 let announcement = match self.get_channel_announcement(node_signer, chain_hash, user_config) {
6681 log_trace!(logger, "{:?}", e);
6685 let our_node_sig = match node_signer.sign_gossip_message(msgs::UnsignedGossipMessage::ChannelAnnouncement(&announcement)) {
6687 log_error!(logger, "Failed to generate node signature for channel_announcement. Channel will not be announced!");
6692 match &self.context.holder_signer {
6693 ChannelSignerType::Ecdsa(ecdsa) => {
6694 let our_bitcoin_sig = match ecdsa.sign_channel_announcement_with_funding_key(&announcement, &self.context.secp_ctx) {
6696 log_error!(logger, "Signer rejected channel_announcement signing. Channel will not be announced!");
6701 let short_channel_id = match self.context.get_short_channel_id() {
6703 None => return None,
6706 self.context.announcement_sigs_state = AnnouncementSigsState::MessageSent;
6708 Some(msgs::AnnouncementSignatures {
6709 channel_id: self.context.channel_id(),
6711 node_signature: our_node_sig,
6712 bitcoin_signature: our_bitcoin_sig,
6715 // TODO (taproot|arik)
6721 /// Signs the given channel announcement, returning a ChannelError::Ignore if no keys are
6723 fn sign_channel_announcement<NS: Deref>(
6724 &self, node_signer: &NS, announcement: msgs::UnsignedChannelAnnouncement
6725 ) -> Result<msgs::ChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6726 if let Some((their_node_sig, their_bitcoin_sig)) = self.context.announcement_sigs {
6727 let our_node_key = NodeId::from_pubkey(&node_signer.get_node_id(Recipient::Node)
6728 .map_err(|_| ChannelError::Ignore("Signer failed to retrieve own public key".to_owned()))?);
6729 let were_node_one = announcement.node_id_1 == our_node_key;
6731 let our_node_sig = node_signer.sign_gossip_message(msgs::UnsignedGossipMessage::ChannelAnnouncement(&announcement))
6732 .map_err(|_| ChannelError::Ignore("Failed to generate node signature for channel_announcement".to_owned()))?;
6733 match &self.context.holder_signer {
6734 ChannelSignerType::Ecdsa(ecdsa) => {
6735 let our_bitcoin_sig = ecdsa.sign_channel_announcement_with_funding_key(&announcement, &self.context.secp_ctx)
6736 .map_err(|_| ChannelError::Ignore("Signer rejected channel_announcement".to_owned()))?;
6737 Ok(msgs::ChannelAnnouncement {
6738 node_signature_1: if were_node_one { our_node_sig } else { their_node_sig },
6739 node_signature_2: if were_node_one { their_node_sig } else { our_node_sig },
6740 bitcoin_signature_1: if were_node_one { our_bitcoin_sig } else { their_bitcoin_sig },
6741 bitcoin_signature_2: if were_node_one { their_bitcoin_sig } else { our_bitcoin_sig },
6742 contents: announcement,
6745 // TODO (taproot|arik)
6750 Err(ChannelError::Ignore("Attempted to sign channel announcement before we'd received announcement_signatures".to_string()))
6754 /// Processes an incoming announcement_signatures message, providing a fully-signed
6755 /// channel_announcement message which we can broadcast and storing our counterparty's
6756 /// signatures for later reconstruction/rebroadcast of the channel_announcement.
6757 pub fn announcement_signatures<NS: Deref>(
6758 &mut self, node_signer: &NS, chain_hash: ChainHash, best_block_height: u32,
6759 msg: &msgs::AnnouncementSignatures, user_config: &UserConfig
6760 ) -> Result<msgs::ChannelAnnouncement, ChannelError> where NS::Target: NodeSigner {
6761 let announcement = self.get_channel_announcement(node_signer, chain_hash, user_config)?;
6763 let msghash = hash_to_message!(&Sha256d::hash(&announcement.encode()[..])[..]);
6765 if self.context.secp_ctx.verify_ecdsa(&msghash, &msg.node_signature, &self.context.get_counterparty_node_id()).is_err() {
6766 return Err(ChannelError::Close(format!(
6767 "Bad announcement_signatures. Failed to verify node_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_node_key is {:?}",
6768 &announcement, self.context.get_counterparty_node_id())));
6770 if self.context.secp_ctx.verify_ecdsa(&msghash, &msg.bitcoin_signature, self.context.counterparty_funding_pubkey()).is_err() {
6771 return Err(ChannelError::Close(format!(
6772 "Bad announcement_signatures. Failed to verify bitcoin_signature. UnsignedChannelAnnouncement used for verification is {:?}. their_bitcoin_key is ({:?})",
6773 &announcement, self.context.counterparty_funding_pubkey())));
6776 self.context.announcement_sigs = Some((msg.node_signature, msg.bitcoin_signature));
6777 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6778 return Err(ChannelError::Ignore(
6779 "Got announcement_signatures prior to the required six confirmations - we may not have received a block yet that our peer has".to_owned()));
6782 self.sign_channel_announcement(node_signer, announcement)
6785 /// Gets a signed channel_announcement for this channel, if we previously received an
6786 /// announcement_signatures from our counterparty.
6787 pub fn get_signed_channel_announcement<NS: Deref>(
6788 &self, node_signer: &NS, chain_hash: ChainHash, best_block_height: u32, user_config: &UserConfig
6789 ) -> Option<msgs::ChannelAnnouncement> where NS::Target: NodeSigner {
6790 if self.context.funding_tx_confirmation_height == 0 || self.context.funding_tx_confirmation_height + 5 > best_block_height {
6793 let announcement = match self.get_channel_announcement(node_signer, chain_hash, user_config) {
6795 Err(_) => return None,
6797 match self.sign_channel_announcement(node_signer, announcement) {
6798 Ok(res) => Some(res),
6803 /// May panic if called on a channel that wasn't immediately-previously
6804 /// self.remove_uncommitted_htlcs_and_mark_paused()'d
6805 pub fn get_channel_reestablish<L: Deref>(&mut self, logger: &L) -> msgs::ChannelReestablish where L::Target: Logger {
6806 assert!(self.context.channel_state.is_peer_disconnected());
6807 assert_ne!(self.context.cur_counterparty_commitment_transaction_number, INITIAL_COMMITMENT_NUMBER);
6808 // Prior to static_remotekey, my_current_per_commitment_point was critical to claiming
6809 // current to_remote balances. However, it no longer has any use, and thus is now simply
6810 // set to a dummy (but valid, as required by the spec) public key.
6811 // fuzzing mode marks a subset of pubkeys as invalid so that we can hit "invalid pubkey"
6812 // branches, but we unwrap it below, so we arbitrarily select a dummy pubkey which is both
6813 // valid, and valid in fuzzing mode's arbitrary validity criteria:
6814 let mut pk = [2; 33]; pk[1] = 0xff;
6815 let dummy_pubkey = PublicKey::from_slice(&pk).unwrap();
6816 let remote_last_secret = if self.context.cur_counterparty_commitment_transaction_number + 1 < INITIAL_COMMITMENT_NUMBER {
6817 let remote_last_secret = self.context.commitment_secrets.get_secret(self.context.cur_counterparty_commitment_transaction_number + 2).unwrap();
6818 log_trace!(logger, "Enough info to generate a Data Loss Protect with per_commitment_secret {} for channel {}", log_bytes!(remote_last_secret), &self.context.channel_id());
6821 log_info!(logger, "Sending a data_loss_protect with no previous remote per_commitment_secret for channel {}", &self.context.channel_id());
6824 self.mark_awaiting_response();
6825 msgs::ChannelReestablish {
6826 channel_id: self.context.channel_id(),
6827 // The protocol has two different commitment number concepts - the "commitment
6828 // transaction number", which starts from 0 and counts up, and the "revocation key
6829 // index" which starts at INITIAL_COMMITMENT_NUMBER and counts down. We track
6830 // commitment transaction numbers by the index which will be used to reveal the
6831 // revocation key for that commitment transaction, which means we have to convert them
6832 // to protocol-level commitment numbers here...
6834 // next_local_commitment_number is the next commitment_signed number we expect to
6835 // receive (indicating if they need to resend one that we missed).
6836 next_local_commitment_number: INITIAL_COMMITMENT_NUMBER - self.context.cur_holder_commitment_transaction_number,
6837 // We have to set next_remote_commitment_number to the next revoke_and_ack we expect to
6838 // receive, however we track it by the next commitment number for a remote transaction
6839 // (which is one further, as they always revoke previous commitment transaction, not
6840 // the one we send) so we have to decrement by 1. Note that if
6841 // cur_counterparty_commitment_transaction_number is INITIAL_COMMITMENT_NUMBER we will have
6842 // dropped this channel on disconnect as it hasn't yet reached AwaitingChannelReady so we can't
6844 next_remote_commitment_number: INITIAL_COMMITMENT_NUMBER - self.context.cur_counterparty_commitment_transaction_number - 1,
6845 your_last_per_commitment_secret: remote_last_secret,
6846 my_current_per_commitment_point: dummy_pubkey,
6847 // TODO(dual_funding): If we've sent `commtiment_signed` for an interactive transaction
6848 // construction but have not received `tx_signatures` we MUST set `next_funding_txid` to the
6849 // txid of that interactive transaction, else we MUST NOT set it.
6850 next_funding_txid: None,
6855 // Send stuff to our remote peers:
6857 /// Queues up an outbound HTLC to send by placing it in the holding cell. You should call
6858 /// [`Self::maybe_free_holding_cell_htlcs`] in order to actually generate and send the
6859 /// commitment update.
6861 /// `Err`s will only be [`ChannelError::Ignore`].
6862 pub fn queue_add_htlc<F: Deref, L: Deref>(
6863 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource,
6864 onion_routing_packet: msgs::OnionPacket, skimmed_fee_msat: Option<u64>,
6865 blinding_point: Option<PublicKey>, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
6866 ) -> Result<(), ChannelError>
6867 where F::Target: FeeEstimator, L::Target: Logger
6870 .send_htlc(amount_msat, payment_hash, cltv_expiry, source, onion_routing_packet, true,
6871 skimmed_fee_msat, blinding_point, fee_estimator, logger)
6872 .map(|msg_opt| assert!(msg_opt.is_none(), "We forced holding cell?"))
6874 if let ChannelError::Ignore(_) = err { /* fine */ }
6875 else { debug_assert!(false, "Queueing cannot trigger channel failure"); }
6880 /// Adds a pending outbound HTLC to this channel, note that you probably want
6881 /// [`Self::send_htlc_and_commit`] instead cause you'll want both messages at once.
6883 /// This returns an optional UpdateAddHTLC as we may be in a state where we cannot add HTLCs on
6885 /// * In cases where we're waiting on the remote peer to send us a revoke_and_ack, we
6886 /// wouldn't be able to determine what they actually ACK'ed if we have two sets of updates
6888 /// * In cases where we're marked MonitorUpdateInProgress, we cannot commit to a new state as
6889 /// we may not yet have sent the previous commitment update messages and will need to
6890 /// regenerate them.
6892 /// You MUST call [`Self::send_commitment_no_state_update`] prior to calling any other methods
6893 /// on this [`Channel`] if `force_holding_cell` is false.
6895 /// `Err`s will only be [`ChannelError::Ignore`].
6896 fn send_htlc<F: Deref, L: Deref>(
6897 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32, source: HTLCSource,
6898 onion_routing_packet: msgs::OnionPacket, mut force_holding_cell: bool,
6899 skimmed_fee_msat: Option<u64>, blinding_point: Option<PublicKey>,
6900 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
6901 ) -> Result<Option<msgs::UpdateAddHTLC>, ChannelError>
6902 where F::Target: FeeEstimator, L::Target: Logger
6904 if !matches!(self.context.channel_state, ChannelState::ChannelReady(_)) ||
6905 self.context.channel_state.is_local_shutdown_sent() ||
6906 self.context.channel_state.is_remote_shutdown_sent()
6908 return Err(ChannelError::Ignore("Cannot send HTLC until channel is fully established and we haven't started shutting down".to_owned()));
6910 let channel_total_msat = self.context.channel_value_satoshis * 1000;
6911 if amount_msat > channel_total_msat {
6912 return Err(ChannelError::Ignore(format!("Cannot send amount {}, because it is more than the total value of the channel {}", amount_msat, channel_total_msat)));
6915 if amount_msat == 0 {
6916 return Err(ChannelError::Ignore("Cannot send 0-msat HTLC".to_owned()));
6919 let available_balances = self.context.get_available_balances(fee_estimator);
6920 if amount_msat < available_balances.next_outbound_htlc_minimum_msat {
6921 return Err(ChannelError::Ignore(format!("Cannot send less than our next-HTLC minimum - {} msat",
6922 available_balances.next_outbound_htlc_minimum_msat)));
6925 if amount_msat > available_balances.next_outbound_htlc_limit_msat {
6926 return Err(ChannelError::Ignore(format!("Cannot send more than our next-HTLC maximum - {} msat",
6927 available_balances.next_outbound_htlc_limit_msat)));
6930 if self.context.channel_state.is_peer_disconnected() {
6931 // Note that this should never really happen, if we're !is_live() on receipt of an
6932 // incoming HTLC for relay will result in us rejecting the HTLC and we won't allow
6933 // the user to send directly into a !is_live() channel. However, if we
6934 // disconnected during the time the previous hop was doing the commitment dance we may
6935 // end up getting here after the forwarding delay. In any case, returning an
6936 // IgnoreError will get ChannelManager to do the right thing and fail backwards now.
6937 return Err(ChannelError::Ignore("Cannot send an HTLC while disconnected from channel counterparty".to_owned()));
6940 let need_holding_cell = !self.context.channel_state.can_generate_new_commitment();
6941 log_debug!(logger, "Pushing new outbound HTLC with hash {} for {} msat {}",
6942 payment_hash, amount_msat,
6943 if force_holding_cell { "into holding cell" }
6944 else if need_holding_cell { "into holding cell as we're awaiting an RAA or monitor" }
6945 else { "to peer" });
6947 if need_holding_cell {
6948 force_holding_cell = true;
6951 // Now update local state:
6952 if force_holding_cell {
6953 self.context.holding_cell_htlc_updates.push(HTLCUpdateAwaitingACK::AddHTLC {
6958 onion_routing_packet,
6965 self.context.pending_outbound_htlcs.push(OutboundHTLCOutput {
6966 htlc_id: self.context.next_holder_htlc_id,
6968 payment_hash: payment_hash.clone(),
6970 state: OutboundHTLCState::LocalAnnounced(Box::new(onion_routing_packet.clone())),
6976 let res = msgs::UpdateAddHTLC {
6977 channel_id: self.context.channel_id,
6978 htlc_id: self.context.next_holder_htlc_id,
6982 onion_routing_packet,
6986 self.context.next_holder_htlc_id += 1;
6991 fn build_commitment_no_status_check<L: Deref>(&mut self, logger: &L) -> ChannelMonitorUpdate where L::Target: Logger {
6992 log_trace!(logger, "Updating HTLC state for a newly-sent commitment_signed...");
6993 // We can upgrade the status of some HTLCs that are waiting on a commitment, even if we
6994 // fail to generate this, we still are at least at a position where upgrading their status
6996 for htlc in self.context.pending_inbound_htlcs.iter_mut() {
6997 let new_state = if let &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref forward_info) = &htlc.state {
6998 Some(InboundHTLCState::AwaitingAnnouncedRemoteRevoke(forward_info.clone()))
7000 if let Some(state) = new_state {
7001 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce {} to AwaitingAnnouncedRemoteRevoke", &htlc.payment_hash);
7005 for htlc in self.context.pending_outbound_htlcs.iter_mut() {
7006 if let &mut OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref mut outcome) = &mut htlc.state {
7007 log_trace!(logger, " ...promoting outbound AwaitingRemoteRevokeToRemove {} to AwaitingRemovedRemoteRevoke", &htlc.payment_hash);
7008 // Grab the preimage, if it exists, instead of cloning
7009 let mut reason = OutboundHTLCOutcome::Success(None);
7010 mem::swap(outcome, &mut reason);
7011 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(reason);
7014 if let Some((feerate, update_state)) = self.context.pending_update_fee {
7015 if update_state == FeeUpdateState::AwaitingRemoteRevokeToAnnounce {
7016 debug_assert!(!self.context.is_outbound());
7017 log_trace!(logger, " ...promoting inbound AwaitingRemoteRevokeToAnnounce fee update {} to Committed", feerate);
7018 self.context.feerate_per_kw = feerate;
7019 self.context.pending_update_fee = None;
7022 self.context.resend_order = RAACommitmentOrder::RevokeAndACKFirst;
7024 let (mut htlcs_ref, counterparty_commitment_tx) =
7025 self.build_commitment_no_state_update(logger);
7026 let counterparty_commitment_txid = counterparty_commitment_tx.trust().txid();
7027 let htlcs: Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)> =
7028 htlcs_ref.drain(..).map(|(htlc, htlc_source)| (htlc, htlc_source.map(|source_ref| Box::new(source_ref.clone())))).collect();
7030 if self.context.announcement_sigs_state == AnnouncementSigsState::MessageSent {
7031 self.context.announcement_sigs_state = AnnouncementSigsState::Committed;
7034 self.context.latest_monitor_update_id += 1;
7035 let monitor_update = ChannelMonitorUpdate {
7036 update_id: self.context.latest_monitor_update_id,
7037 counterparty_node_id: Some(self.context.counterparty_node_id),
7038 updates: vec![ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo {
7039 commitment_txid: counterparty_commitment_txid,
7040 htlc_outputs: htlcs.clone(),
7041 commitment_number: self.context.cur_counterparty_commitment_transaction_number,
7042 their_per_commitment_point: self.context.counterparty_cur_commitment_point.unwrap(),
7043 feerate_per_kw: Some(counterparty_commitment_tx.feerate_per_kw()),
7044 to_broadcaster_value_sat: Some(counterparty_commitment_tx.to_broadcaster_value_sat()),
7045 to_countersignatory_value_sat: Some(counterparty_commitment_tx.to_countersignatory_value_sat()),
7047 channel_id: Some(self.context.channel_id()),
7049 self.context.channel_state.set_awaiting_remote_revoke();
7053 fn build_commitment_no_state_update<L: Deref>(&self, logger: &L)
7054 -> (Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)>, CommitmentTransaction)
7055 where L::Target: Logger
7057 let counterparty_keys = self.context.build_remote_transaction_keys();
7058 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, true, logger);
7059 let counterparty_commitment_tx = commitment_stats.tx;
7061 #[cfg(any(test, fuzzing))]
7063 if !self.context.is_outbound() {
7064 let projected_commit_tx_info = self.context.next_remote_commitment_tx_fee_info_cached.lock().unwrap().take();
7065 *self.context.next_local_commitment_tx_fee_info_cached.lock().unwrap() = None;
7066 if let Some(info) = projected_commit_tx_info {
7067 let total_pending_htlcs = self.context.pending_inbound_htlcs.len() + self.context.pending_outbound_htlcs.len();
7068 if info.total_pending_htlcs == total_pending_htlcs
7069 && info.next_holder_htlc_id == self.context.next_holder_htlc_id
7070 && info.next_counterparty_htlc_id == self.context.next_counterparty_htlc_id
7071 && info.feerate == self.context.feerate_per_kw {
7072 let actual_fee = commit_tx_fee_msat(self.context.feerate_per_kw, commitment_stats.num_nondust_htlcs, self.context.get_channel_type());
7073 assert_eq!(actual_fee, info.fee);
7079 (commitment_stats.htlcs_included, counterparty_commitment_tx)
7082 /// Only fails in case of signer rejection. Used for channel_reestablish commitment_signed
7083 /// generation when we shouldn't change HTLC/channel state.
7084 fn send_commitment_no_state_update<L: Deref>(&self, logger: &L) -> Result<(msgs::CommitmentSigned, (Txid, Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)>)), ChannelError> where L::Target: Logger {
7085 // Get the fee tests from `build_commitment_no_state_update`
7086 #[cfg(any(test, fuzzing))]
7087 self.build_commitment_no_state_update(logger);
7089 let counterparty_keys = self.context.build_remote_transaction_keys();
7090 let commitment_stats = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, true, logger);
7091 let counterparty_commitment_txid = commitment_stats.tx.trust().txid();
7093 match &self.context.holder_signer {
7094 ChannelSignerType::Ecdsa(ecdsa) => {
7095 let (signature, htlc_signatures);
7098 let mut htlcs = Vec::with_capacity(commitment_stats.htlcs_included.len());
7099 for &(ref htlc, _) in commitment_stats.htlcs_included.iter() {
7103 let res = ecdsa.sign_counterparty_commitment(
7104 &commitment_stats.tx,
7105 commitment_stats.inbound_htlc_preimages,
7106 commitment_stats.outbound_htlc_preimages,
7107 &self.context.secp_ctx,
7108 ).map_err(|_| ChannelError::Ignore("Failed to get signatures for new commitment_signed".to_owned()))?;
7110 htlc_signatures = res.1;
7112 log_trace!(logger, "Signed remote commitment tx {} (txid {}) with redeemscript {} -> {} in channel {}",
7113 encode::serialize_hex(&commitment_stats.tx.trust().built_transaction().transaction),
7114 &counterparty_commitment_txid, encode::serialize_hex(&self.context.get_funding_redeemscript()),
7115 log_bytes!(signature.serialize_compact()[..]), &self.context.channel_id());
7117 for (ref htlc_sig, ref htlc) in htlc_signatures.iter().zip(htlcs) {
7118 log_trace!(logger, "Signed remote HTLC tx {} with redeemscript {} with pubkey {} -> {} in channel {}",
7119 encode::serialize_hex(&chan_utils::build_htlc_transaction(&counterparty_commitment_txid, commitment_stats.feerate_per_kw, self.context.get_holder_selected_contest_delay(), htlc, &self.context.channel_type, &counterparty_keys.broadcaster_delayed_payment_key, &counterparty_keys.revocation_key)),
7120 encode::serialize_hex(&chan_utils::get_htlc_redeemscript(&htlc, &self.context.channel_type, &counterparty_keys)),
7121 log_bytes!(counterparty_keys.broadcaster_htlc_key.to_public_key().serialize()),
7122 log_bytes!(htlc_sig.serialize_compact()[..]), &self.context.channel_id());
7126 Ok((msgs::CommitmentSigned {
7127 channel_id: self.context.channel_id,
7131 partial_signature_with_nonce: None,
7132 }, (counterparty_commitment_txid, commitment_stats.htlcs_included)))
7134 // TODO (taproot|arik)
7140 /// Adds a pending outbound HTLC to this channel, and builds a new remote commitment
7141 /// transaction and generates the corresponding [`ChannelMonitorUpdate`] in one go.
7143 /// Shorthand for calling [`Self::send_htlc`] followed by a commitment update, see docs on
7144 /// [`Self::send_htlc`] and [`Self::build_commitment_no_state_update`] for more info.
7145 pub fn send_htlc_and_commit<F: Deref, L: Deref>(
7146 &mut self, amount_msat: u64, payment_hash: PaymentHash, cltv_expiry: u32,
7147 source: HTLCSource, onion_routing_packet: msgs::OnionPacket, skimmed_fee_msat: Option<u64>,
7148 fee_estimator: &LowerBoundedFeeEstimator<F>, logger: &L
7149 ) -> Result<Option<ChannelMonitorUpdate>, ChannelError>
7150 where F::Target: FeeEstimator, L::Target: Logger
7152 let send_res = self.send_htlc(amount_msat, payment_hash, cltv_expiry, source,
7153 onion_routing_packet, false, skimmed_fee_msat, None, fee_estimator, logger);
7154 if let Err(e) = &send_res { if let ChannelError::Ignore(_) = e {} else { debug_assert!(false, "Sending cannot trigger channel failure"); } }
7157 let monitor_update = self.build_commitment_no_status_check(logger);
7158 self.monitor_updating_paused(false, true, false, Vec::new(), Vec::new(), Vec::new());
7159 Ok(self.push_ret_blockable_mon_update(monitor_update))
7165 /// Applies the `ChannelUpdate` and returns a boolean indicating whether a change actually
7167 pub fn channel_update(&mut self, msg: &msgs::ChannelUpdate) -> Result<bool, ChannelError> {
7168 let new_forwarding_info = Some(CounterpartyForwardingInfo {
7169 fee_base_msat: msg.contents.fee_base_msat,
7170 fee_proportional_millionths: msg.contents.fee_proportional_millionths,
7171 cltv_expiry_delta: msg.contents.cltv_expiry_delta
7173 let did_change = self.context.counterparty_forwarding_info != new_forwarding_info;
7175 self.context.counterparty_forwarding_info = new_forwarding_info;
7181 /// Begins the shutdown process, getting a message for the remote peer and returning all
7182 /// holding cell HTLCs for payment failure.
7183 pub fn get_shutdown(&mut self, signer_provider: &SP, their_features: &InitFeatures,
7184 target_feerate_sats_per_kw: Option<u32>, override_shutdown_script: Option<ShutdownScript>)
7185 -> Result<(msgs::Shutdown, Option<ChannelMonitorUpdate>, Vec<(HTLCSource, PaymentHash)>), APIError>
7187 for htlc in self.context.pending_outbound_htlcs.iter() {
7188 if let OutboundHTLCState::LocalAnnounced(_) = htlc.state {
7189 return Err(APIError::APIMisuseError{err: "Cannot begin shutdown with pending HTLCs. Process pending events first".to_owned()});
7192 if self.context.channel_state.is_local_shutdown_sent() {
7193 return Err(APIError::APIMisuseError{err: "Shutdown already in progress".to_owned()});
7195 else if self.context.channel_state.is_remote_shutdown_sent() {
7196 return Err(APIError::ChannelUnavailable{err: "Shutdown already in progress by remote".to_owned()});
7198 if self.context.shutdown_scriptpubkey.is_some() && override_shutdown_script.is_some() {
7199 return Err(APIError::APIMisuseError{err: "Cannot override shutdown script for a channel with one already set".to_owned()});
7201 assert!(!matches!(self.context.channel_state, ChannelState::ShutdownComplete));
7202 if self.context.channel_state.is_peer_disconnected() || self.context.channel_state.is_monitor_update_in_progress() {
7203 return Err(APIError::ChannelUnavailable{err: "Cannot begin shutdown while peer is disconnected or we're waiting on a monitor update, maybe force-close instead?".to_owned()});
7206 let update_shutdown_script = match self.context.shutdown_scriptpubkey {
7209 // use override shutdown script if provided
7210 let shutdown_scriptpubkey = match override_shutdown_script {
7211 Some(script) => script,
7213 // otherwise, use the shutdown scriptpubkey provided by the signer
7214 match signer_provider.get_shutdown_scriptpubkey() {
7215 Ok(scriptpubkey) => scriptpubkey,
7216 Err(_) => return Err(APIError::ChannelUnavailable{err: "Failed to get shutdown scriptpubkey".to_owned()}),
7220 if !shutdown_scriptpubkey.is_compatible(their_features) {
7221 return Err(APIError::IncompatibleShutdownScript { script: shutdown_scriptpubkey.clone() });
7223 self.context.shutdown_scriptpubkey = Some(shutdown_scriptpubkey);
7228 // From here on out, we may not fail!
7229 self.context.target_closing_feerate_sats_per_kw = target_feerate_sats_per_kw;
7230 self.context.channel_state.set_local_shutdown_sent();
7231 self.context.local_initiated_shutdown = Some(());
7232 self.context.update_time_counter += 1;
7234 let monitor_update = if update_shutdown_script {
7235 self.context.latest_monitor_update_id += 1;
7236 let monitor_update = ChannelMonitorUpdate {
7237 update_id: self.context.latest_monitor_update_id,
7238 counterparty_node_id: Some(self.context.counterparty_node_id),
7239 updates: vec![ChannelMonitorUpdateStep::ShutdownScript {
7240 scriptpubkey: self.get_closing_scriptpubkey(),
7242 channel_id: Some(self.context.channel_id()),
7244 self.monitor_updating_paused(false, false, false, Vec::new(), Vec::new(), Vec::new());
7245 self.push_ret_blockable_mon_update(monitor_update)
7247 let shutdown = msgs::Shutdown {
7248 channel_id: self.context.channel_id,
7249 scriptpubkey: self.get_closing_scriptpubkey(),
7252 // Go ahead and drop holding cell updates as we'd rather fail payments than wait to send
7253 // our shutdown until we've committed all of the pending changes.
7254 self.context.holding_cell_update_fee = None;
7255 let mut dropped_outbound_htlcs = Vec::with_capacity(self.context.holding_cell_htlc_updates.len());
7256 self.context.holding_cell_htlc_updates.retain(|htlc_update| {
7258 &HTLCUpdateAwaitingACK::AddHTLC { ref payment_hash, ref source, .. } => {
7259 dropped_outbound_htlcs.push((source.clone(), payment_hash.clone()));
7266 debug_assert!(!self.is_shutdown() || monitor_update.is_none(),
7267 "we can't both complete shutdown and return a monitor update");
7269 Ok((shutdown, monitor_update, dropped_outbound_htlcs))
7272 pub fn inflight_htlc_sources(&self) -> impl Iterator<Item=(&HTLCSource, &PaymentHash)> {
7273 self.context.holding_cell_htlc_updates.iter()
7274 .flat_map(|htlc_update| {
7276 HTLCUpdateAwaitingACK::AddHTLC { source, payment_hash, .. }
7277 => Some((source, payment_hash)),
7281 .chain(self.context.pending_outbound_htlcs.iter().map(|htlc| (&htlc.source, &htlc.payment_hash)))
7285 /// A not-yet-funded outbound (from holder) channel using V1 channel establishment.
7286 pub(super) struct OutboundV1Channel<SP: Deref> where SP::Target: SignerProvider {
7287 pub context: ChannelContext<SP>,
7288 pub unfunded_context: UnfundedChannelContext,
7291 impl<SP: Deref> OutboundV1Channel<SP> where SP::Target: SignerProvider {
7292 pub fn new<ES: Deref, F: Deref>(
7293 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP, counterparty_node_id: PublicKey, their_features: &InitFeatures,
7294 channel_value_satoshis: u64, push_msat: u64, user_id: u128, config: &UserConfig, current_chain_height: u32,
7295 outbound_scid_alias: u64, temporary_channel_id: Option<ChannelId>
7296 ) -> Result<OutboundV1Channel<SP>, APIError>
7297 where ES::Target: EntropySource,
7298 F::Target: FeeEstimator
7300 let holder_selected_channel_reserve_satoshis = get_holder_selected_channel_reserve_satoshis(channel_value_satoshis, config);
7301 if holder_selected_channel_reserve_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
7302 // Protocol level safety check in place, although it should never happen because
7303 // of `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
7304 return Err(APIError::APIMisuseError { err: format!("Holder selected channel reserve below \
7305 implemention limit dust_limit_satoshis {}", holder_selected_channel_reserve_satoshis) });
7308 let channel_keys_id = signer_provider.generate_channel_keys_id(false, channel_value_satoshis, user_id);
7309 let holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
7310 let pubkeys = holder_signer.pubkeys().clone();
7313 context: ChannelContext::new_for_outbound_channel(
7317 counterparty_node_id,
7319 channel_value_satoshis,
7323 current_chain_height,
7324 outbound_scid_alias,
7325 temporary_channel_id,
7326 holder_selected_channel_reserve_satoshis,
7331 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 }
7336 /// Only allowed after [`ChannelContext::channel_transaction_parameters`] is set.
7337 fn get_funding_created_msg<L: Deref>(&mut self, logger: &L) -> Option<msgs::FundingCreated> where L::Target: Logger {
7338 let counterparty_keys = self.context.build_remote_transaction_keys();
7339 let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx;
7340 let signature = match &self.context.holder_signer {
7341 // TODO (taproot|arik): move match into calling method for Taproot
7342 ChannelSignerType::Ecdsa(ecdsa) => {
7343 ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), Vec::new(), &self.context.secp_ctx)
7344 .map(|(sig, _)| sig).ok()?
7346 // TODO (taproot|arik)
7351 if self.context.signer_pending_funding {
7352 log_trace!(logger, "Counterparty commitment signature ready for funding_created message: clearing signer_pending_funding");
7353 self.context.signer_pending_funding = false;
7356 Some(msgs::FundingCreated {
7357 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
7358 funding_txid: self.context.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().txid,
7359 funding_output_index: self.context.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().index,
7362 partial_signature_with_nonce: None,
7364 next_local_nonce: None,
7368 /// Updates channel state with knowledge of the funding transaction's txid/index, and generates
7369 /// a funding_created message for the remote peer.
7370 /// Panics if called at some time other than immediately after initial handshake, if called twice,
7371 /// or if called on an inbound channel.
7372 /// Note that channel_id changes during this call!
7373 /// Do NOT broadcast the funding transaction until after a successful funding_signed call!
7374 /// If an Err is returned, it is a ChannelError::Close.
7375 pub fn get_funding_created<L: Deref>(&mut self, funding_transaction: Transaction, funding_txo: OutPoint, is_batch_funding: bool, logger: &L)
7376 -> Result<Option<msgs::FundingCreated>, (Self, ChannelError)> where L::Target: Logger {
7377 if !self.context.is_outbound() {
7378 panic!("Tried to create outbound funding_created message on an inbound channel!");
7381 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7382 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7384 panic!("Tried to get a funding_created messsage at a time other than immediately after initial handshake completion (or tried to get funding_created twice)");
7386 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7387 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7388 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7389 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7392 self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo);
7393 self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters);
7395 // Now that we're past error-generating stuff, update our local state:
7397 self.context.channel_state = ChannelState::FundingNegotiated;
7398 self.context.channel_id = ChannelId::v1_from_funding_outpoint(funding_txo);
7400 // If the funding transaction is a coinbase transaction, we need to set the minimum depth to 100.
7401 // We can skip this if it is a zero-conf channel.
7402 if funding_transaction.is_coin_base() &&
7403 self.context.minimum_depth.unwrap_or(0) > 0 &&
7404 self.context.minimum_depth.unwrap_or(0) < COINBASE_MATURITY {
7405 self.context.minimum_depth = Some(COINBASE_MATURITY);
7408 self.context.funding_transaction = Some(funding_transaction);
7409 self.context.is_batch_funding = Some(()).filter(|_| is_batch_funding);
7411 let funding_created = self.get_funding_created_msg(logger);
7412 if funding_created.is_none() {
7413 #[cfg(not(async_signing))] {
7414 panic!("Failed to get signature for new funding creation");
7416 #[cfg(async_signing)] {
7417 if !self.context.signer_pending_funding {
7418 log_trace!(logger, "funding_created awaiting signer; setting signer_pending_funding");
7419 self.context.signer_pending_funding = true;
7427 /// If we receive an error message, it may only be a rejection of the channel type we tried,
7428 /// not of our ability to open any channel at all. Thus, on error, we should first call this
7429 /// and see if we get a new `OpenChannel` message, otherwise the channel is failed.
7430 pub(crate) fn maybe_handle_error_without_close<F: Deref>(
7431 &mut self, chain_hash: ChainHash, fee_estimator: &LowerBoundedFeeEstimator<F>
7432 ) -> Result<msgs::OpenChannel, ()>
7434 F::Target: FeeEstimator
7436 self.context.maybe_downgrade_channel_features(fee_estimator)?;
7437 Ok(self.get_open_channel(chain_hash))
7440 pub fn get_open_channel(&self, chain_hash: ChainHash) -> msgs::OpenChannel {
7441 if !self.context.is_outbound() {
7442 panic!("Tried to open a channel for an inbound channel?");
7444 if self.context.have_received_message() {
7445 panic!("Cannot generate an open_channel after we've moved forward");
7448 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7449 panic!("Tried to send an open_channel for a channel that has already advanced");
7452 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
7453 let keys = self.context.get_holder_pubkeys();
7456 common_fields: msgs::CommonOpenChannelFields {
7458 temporary_channel_id: self.context.channel_id,
7459 funding_satoshis: self.context.channel_value_satoshis,
7460 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
7461 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
7462 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
7463 commitment_feerate_sat_per_1000_weight: self.context.feerate_per_kw as u32,
7464 to_self_delay: self.context.get_holder_selected_contest_delay(),
7465 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
7466 funding_pubkey: keys.funding_pubkey,
7467 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
7468 payment_basepoint: keys.payment_point,
7469 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
7470 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
7471 first_per_commitment_point,
7472 channel_flags: if self.context.config.announced_channel {1} else {0},
7473 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
7474 Some(script) => script.clone().into_inner(),
7475 None => Builder::new().into_script(),
7477 channel_type: Some(self.context.channel_type.clone()),
7479 push_msat: self.context.channel_value_satoshis * 1000 - self.context.value_to_self_msat,
7480 channel_reserve_satoshis: self.context.holder_selected_channel_reserve_satoshis,
7485 pub fn accept_channel(&mut self, msg: &msgs::AcceptChannel, default_limits: &ChannelHandshakeLimits, their_features: &InitFeatures) -> Result<(), ChannelError> {
7486 let peer_limits = if let Some(ref limits) = self.context.inbound_handshake_limits_override { limits } else { default_limits };
7488 // Check sanity of message fields:
7489 if !self.context.is_outbound() {
7490 return Err(ChannelError::Close("Got an accept_channel message from an inbound peer".to_owned()));
7492 if !matches!(self.context.channel_state, ChannelState::NegotiatingFunding(flags) if flags == NegotiatingFundingFlags::OUR_INIT_SENT) {
7493 return Err(ChannelError::Close("Got an accept_channel message at a strange time".to_owned()));
7495 if msg.common_fields.dust_limit_satoshis > 21000000 * 100000000 {
7496 return Err(ChannelError::Close(format!("Peer never wants payout outputs? dust_limit_satoshis was {}", msg.common_fields.dust_limit_satoshis)));
7498 if msg.channel_reserve_satoshis > self.context.channel_value_satoshis {
7499 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must not be greater than ({})", msg.channel_reserve_satoshis, self.context.channel_value_satoshis)));
7501 if msg.common_fields.dust_limit_satoshis > self.context.holder_selected_channel_reserve_satoshis {
7502 return Err(ChannelError::Close(format!("Dust limit ({}) is bigger than our channel reserve ({})", msg.common_fields.dust_limit_satoshis, self.context.holder_selected_channel_reserve_satoshis)));
7504 if msg.channel_reserve_satoshis > self.context.channel_value_satoshis - self.context.holder_selected_channel_reserve_satoshis {
7505 return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must not be greater than channel value minus our reserve ({})",
7506 msg.channel_reserve_satoshis, self.context.channel_value_satoshis - self.context.holder_selected_channel_reserve_satoshis)));
7508 let full_channel_value_msat = (self.context.channel_value_satoshis - msg.channel_reserve_satoshis) * 1000;
7509 if msg.common_fields.htlc_minimum_msat >= full_channel_value_msat {
7510 return Err(ChannelError::Close(format!("Minimum htlc value ({}) is full channel value ({})", msg.common_fields.htlc_minimum_msat, full_channel_value_msat)));
7512 let max_delay_acceptable = u16::min(peer_limits.their_to_self_delay, MAX_LOCAL_BREAKDOWN_TIMEOUT);
7513 if msg.common_fields.to_self_delay > max_delay_acceptable {
7514 return Err(ChannelError::Close(format!("They wanted our payments to be delayed by a needlessly long period. Upper limit: {}. Actual: {}", max_delay_acceptable, msg.common_fields.to_self_delay)));
7516 if msg.common_fields.max_accepted_htlcs < 1 {
7517 return Err(ChannelError::Close("0 max_accepted_htlcs makes for a useless channel".to_owned()));
7519 if msg.common_fields.max_accepted_htlcs > MAX_HTLCS {
7520 return Err(ChannelError::Close(format!("max_accepted_htlcs was {}. It must not be larger than {}", msg.common_fields.max_accepted_htlcs, MAX_HTLCS)));
7523 // Now check against optional parameters as set by config...
7524 if msg.common_fields.htlc_minimum_msat > peer_limits.max_htlc_minimum_msat {
7525 return Err(ChannelError::Close(format!("htlc_minimum_msat ({}) is higher than the user specified limit ({})", msg.common_fields.htlc_minimum_msat, peer_limits.max_htlc_minimum_msat)));
7527 if msg.common_fields.max_htlc_value_in_flight_msat < peer_limits.min_max_htlc_value_in_flight_msat {
7528 return Err(ChannelError::Close(format!("max_htlc_value_in_flight_msat ({}) is less than the user specified limit ({})", msg.common_fields.max_htlc_value_in_flight_msat, peer_limits.min_max_htlc_value_in_flight_msat)));
7530 if msg.channel_reserve_satoshis > peer_limits.max_channel_reserve_satoshis {
7531 return Err(ChannelError::Close(format!("channel_reserve_satoshis ({}) is higher than the user specified limit ({})", msg.channel_reserve_satoshis, peer_limits.max_channel_reserve_satoshis)));
7533 if msg.common_fields.max_accepted_htlcs < peer_limits.min_max_accepted_htlcs {
7534 return Err(ChannelError::Close(format!("max_accepted_htlcs ({}) is less than the user specified limit ({})", msg.common_fields.max_accepted_htlcs, peer_limits.min_max_accepted_htlcs)));
7536 if msg.common_fields.dust_limit_satoshis < MIN_CHAN_DUST_LIMIT_SATOSHIS {
7537 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is less than the implementation limit ({})", msg.common_fields.dust_limit_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS)));
7539 if msg.common_fields.dust_limit_satoshis > MAX_CHAN_DUST_LIMIT_SATOSHIS {
7540 return Err(ChannelError::Close(format!("dust_limit_satoshis ({}) is greater than the implementation limit ({})", msg.common_fields.dust_limit_satoshis, MAX_CHAN_DUST_LIMIT_SATOSHIS)));
7542 if msg.common_fields.minimum_depth > peer_limits.max_minimum_depth {
7543 return Err(ChannelError::Close(format!("We consider the minimum depth to be unreasonably large. Expected minimum: ({}). Actual: ({})", peer_limits.max_minimum_depth, msg.common_fields.minimum_depth)));
7546 if let Some(ty) = &msg.common_fields.channel_type {
7547 if *ty != self.context.channel_type {
7548 return Err(ChannelError::Close("Channel Type in accept_channel didn't match the one sent in open_channel.".to_owned()));
7550 } else if their_features.supports_channel_type() {
7551 // Assume they've accepted the channel type as they said they understand it.
7553 let channel_type = ChannelTypeFeatures::from_init(&their_features);
7554 if channel_type != ChannelTypeFeatures::only_static_remote_key() {
7555 return Err(ChannelError::Close("Only static_remote_key is supported for non-negotiated channel types".to_owned()));
7557 self.context.channel_type = channel_type.clone();
7558 self.context.channel_transaction_parameters.channel_type_features = channel_type;
7561 let counterparty_shutdown_scriptpubkey = if their_features.supports_upfront_shutdown_script() {
7562 match &msg.common_fields.shutdown_scriptpubkey {
7563 &Some(ref script) => {
7564 // Peer is signaling upfront_shutdown and has opt-out with a 0-length script. We don't enforce anything
7565 if script.len() == 0 {
7568 if !script::is_bolt2_compliant(&script, their_features) {
7569 return Err(ChannelError::Close(format!("Peer is signaling upfront_shutdown but has provided an unacceptable scriptpubkey format: {}", script)));
7571 Some(script.clone())
7574 // Peer is signaling upfront shutdown but don't opt-out with correct mechanism (a.k.a 0-length script). Peer looks buggy, we fail the channel
7576 return Err(ChannelError::Close("Peer is signaling upfront_shutdown but we don't get any script. Use 0-length script to opt-out".to_owned()));
7581 self.context.counterparty_dust_limit_satoshis = msg.common_fields.dust_limit_satoshis;
7582 self.context.counterparty_max_htlc_value_in_flight_msat = cmp::min(msg.common_fields.max_htlc_value_in_flight_msat, self.context.channel_value_satoshis * 1000);
7583 self.context.counterparty_selected_channel_reserve_satoshis = Some(msg.channel_reserve_satoshis);
7584 self.context.counterparty_htlc_minimum_msat = msg.common_fields.htlc_minimum_msat;
7585 self.context.counterparty_max_accepted_htlcs = msg.common_fields.max_accepted_htlcs;
7587 if peer_limits.trust_own_funding_0conf {
7588 self.context.minimum_depth = Some(msg.common_fields.minimum_depth);
7590 self.context.minimum_depth = Some(cmp::max(1, msg.common_fields.minimum_depth));
7593 let counterparty_pubkeys = ChannelPublicKeys {
7594 funding_pubkey: msg.common_fields.funding_pubkey,
7595 revocation_basepoint: RevocationBasepoint::from(msg.common_fields.revocation_basepoint),
7596 payment_point: msg.common_fields.payment_basepoint,
7597 delayed_payment_basepoint: DelayedPaymentBasepoint::from(msg.common_fields.delayed_payment_basepoint),
7598 htlc_basepoint: HtlcBasepoint::from(msg.common_fields.htlc_basepoint)
7601 self.context.channel_transaction_parameters.counterparty_parameters = Some(CounterpartyChannelTransactionParameters {
7602 selected_contest_delay: msg.common_fields.to_self_delay,
7603 pubkeys: counterparty_pubkeys,
7606 self.context.counterparty_cur_commitment_point = Some(msg.common_fields.first_per_commitment_point);
7607 self.context.counterparty_shutdown_scriptpubkey = counterparty_shutdown_scriptpubkey;
7609 self.context.channel_state = ChannelState::NegotiatingFunding(
7610 NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT
7612 self.context.inbound_handshake_limits_override = None; // We're done enforcing limits on our peer's handshake now.
7617 /// Handles a funding_signed message from the remote end.
7618 /// If this call is successful, broadcast the funding transaction (and not before!)
7619 pub fn funding_signed<L: Deref>(
7620 mut self, msg: &msgs::FundingSigned, best_block: BestBlock, signer_provider: &SP, logger: &L
7621 ) -> Result<(Channel<SP>, ChannelMonitor<<SP::Target as SignerProvider>::EcdsaSigner>), (OutboundV1Channel<SP>, ChannelError)>
7625 if !self.context.is_outbound() {
7626 return Err((self, ChannelError::Close("Received funding_signed for an inbound channel?".to_owned())));
7628 if !matches!(self.context.channel_state, ChannelState::FundingNegotiated) {
7629 return Err((self, ChannelError::Close("Received funding_signed in strange state!".to_owned())));
7631 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7632 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7633 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7634 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7637 let funding_script = self.context.get_funding_redeemscript();
7639 let counterparty_keys = self.context.build_remote_transaction_keys();
7640 let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx;
7641 let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust();
7642 let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction();
7644 log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}",
7645 &self.context.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction));
7647 let holder_signer = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
7648 let initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &holder_signer, true, false, logger).tx;
7650 let trusted_tx = initial_commitment_tx.trust();
7651 let initial_commitment_bitcoin_tx = trusted_tx.built_transaction();
7652 let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
7653 // They sign our commitment transaction, allowing us to broadcast the tx if we wish.
7654 if let Err(_) = self.context.secp_ctx.verify_ecdsa(&sighash, &msg.signature, &self.context.get_counterparty_pubkeys().funding_pubkey) {
7655 return Err((self, ChannelError::Close("Invalid funding_signed signature from peer".to_owned())));
7659 let holder_commitment_tx = HolderCommitmentTransaction::new(
7660 initial_commitment_tx,
7663 &self.context.get_holder_pubkeys().funding_pubkey,
7664 self.context.counterparty_funding_pubkey()
7668 self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, Vec::new());
7669 if validated.is_err() {
7670 return Err((self, ChannelError::Close("Failed to validate our commitment".to_owned())));
7673 let funding_redeemscript = self.context.get_funding_redeemscript();
7674 let funding_txo = self.context.get_funding_txo().unwrap();
7675 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
7676 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.context.get_holder_pubkeys().payment_point, &self.context.get_counterparty_pubkeys().payment_point, self.context.is_outbound());
7677 let shutdown_script = self.context.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
7678 let mut monitor_signer = signer_provider.derive_channel_signer(self.context.channel_value_satoshis, self.context.channel_keys_id);
7679 monitor_signer.provide_channel_parameters(&self.context.channel_transaction_parameters);
7680 let channel_monitor = ChannelMonitor::new(self.context.secp_ctx.clone(), monitor_signer,
7681 shutdown_script, self.context.get_holder_selected_contest_delay(),
7682 &self.context.destination_script, (funding_txo, funding_txo_script),
7683 &self.context.channel_transaction_parameters,
7684 funding_redeemscript.clone(), self.context.channel_value_satoshis,
7686 holder_commitment_tx, best_block, self.context.counterparty_node_id, self.context.channel_id());
7687 channel_monitor.provide_initial_counterparty_commitment_tx(
7688 counterparty_initial_bitcoin_tx.txid, Vec::new(),
7689 self.context.cur_counterparty_commitment_transaction_number,
7690 self.context.counterparty_cur_commitment_point.unwrap(),
7691 counterparty_initial_commitment_tx.feerate_per_kw(),
7692 counterparty_initial_commitment_tx.to_broadcaster_value_sat(),
7693 counterparty_initial_commitment_tx.to_countersignatory_value_sat(), logger);
7695 assert!(!self.context.channel_state.is_monitor_update_in_progress()); // We have no had any monitor(s) yet to fail update!
7696 if self.context.is_batch_funding() {
7697 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH);
7699 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
7701 self.context.cur_holder_commitment_transaction_number -= 1;
7702 self.context.cur_counterparty_commitment_transaction_number -= 1;
7704 log_info!(logger, "Received funding_signed from peer for channel {}", &self.context.channel_id());
7706 let mut channel = Channel {
7707 context: self.context,
7708 #[cfg(dual_funding)]
7709 dual_funding_channel_context: None,
7712 let need_channel_ready = channel.check_get_channel_ready(0).is_some();
7713 channel.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new());
7714 Ok((channel, channel_monitor))
7717 /// Indicates that the signer may have some signatures for us, so we should retry if we're
7719 #[cfg(async_signing)]
7720 pub fn signer_maybe_unblocked<L: Deref>(&mut self, logger: &L) -> Option<msgs::FundingCreated> where L::Target: Logger {
7721 if self.context.signer_pending_funding && self.context.is_outbound() {
7722 log_trace!(logger, "Signer unblocked a funding_created");
7723 self.get_funding_created_msg(logger)
7728 /// A not-yet-funded inbound (from counterparty) channel using V1 channel establishment.
7729 pub(super) struct InboundV1Channel<SP: Deref> where SP::Target: SignerProvider {
7730 pub context: ChannelContext<SP>,
7731 pub unfunded_context: UnfundedChannelContext,
7734 /// Fetches the [`ChannelTypeFeatures`] that will be used for a channel built from a given
7735 /// [`msgs::CommonOpenChannelFields`].
7736 pub(super) fn channel_type_from_open_channel(
7737 common_fields: &msgs::CommonOpenChannelFields, their_features: &InitFeatures,
7738 our_supported_features: &ChannelTypeFeatures
7739 ) -> Result<ChannelTypeFeatures, ChannelError> {
7740 if let Some(channel_type) = &common_fields.channel_type {
7741 if channel_type.supports_any_optional_bits() {
7742 return Err(ChannelError::Close("Channel Type field contained optional bits - this is not allowed".to_owned()));
7745 // We only support the channel types defined by the `ChannelManager` in
7746 // `provided_channel_type_features`. The channel type must always support
7747 // `static_remote_key`.
7748 if !channel_type.requires_static_remote_key() {
7749 return Err(ChannelError::Close("Channel Type was not understood - we require static remote key".to_owned()));
7751 // Make sure we support all of the features behind the channel type.
7752 if !channel_type.is_subset(our_supported_features) {
7753 return Err(ChannelError::Close("Channel Type contains unsupported features".to_owned()));
7755 let announced_channel = if (common_fields.channel_flags & 1) == 1 { true } else { false };
7756 if channel_type.requires_scid_privacy() && announced_channel {
7757 return Err(ChannelError::Close("SCID Alias/Privacy Channel Type cannot be set on a public channel".to_owned()));
7759 Ok(channel_type.clone())
7761 let channel_type = ChannelTypeFeatures::from_init(&their_features);
7762 if channel_type != ChannelTypeFeatures::only_static_remote_key() {
7763 return Err(ChannelError::Close("Only static_remote_key is supported for non-negotiated channel types".to_owned()));
7769 impl<SP: Deref> InboundV1Channel<SP> where SP::Target: SignerProvider {
7770 /// Creates a new channel from a remote sides' request for one.
7771 /// Assumes chain_hash has already been checked and corresponds with what we expect!
7772 pub fn new<ES: Deref, F: Deref, L: Deref>(
7773 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
7774 counterparty_node_id: PublicKey, our_supported_features: &ChannelTypeFeatures,
7775 their_features: &InitFeatures, msg: &msgs::OpenChannel, user_id: u128, config: &UserConfig,
7776 current_chain_height: u32, logger: &L, is_0conf: bool,
7777 ) -> Result<InboundV1Channel<SP>, ChannelError>
7778 where ES::Target: EntropySource,
7779 F::Target: FeeEstimator,
7782 let logger = WithContext::from(logger, Some(counterparty_node_id), Some(msg.common_fields.temporary_channel_id));
7784 // First check the channel type is known, failing before we do anything else if we don't
7785 // support this channel type.
7786 let channel_type = channel_type_from_open_channel(&msg.common_fields, their_features, our_supported_features)?;
7788 let holder_selected_channel_reserve_satoshis = get_holder_selected_channel_reserve_satoshis(msg.common_fields.funding_satoshis, config);
7789 let counterparty_pubkeys = ChannelPublicKeys {
7790 funding_pubkey: msg.common_fields.funding_pubkey,
7791 revocation_basepoint: RevocationBasepoint::from(msg.common_fields.revocation_basepoint),
7792 payment_point: msg.common_fields.payment_basepoint,
7793 delayed_payment_basepoint: DelayedPaymentBasepoint::from(msg.common_fields.delayed_payment_basepoint),
7794 htlc_basepoint: HtlcBasepoint::from(msg.common_fields.htlc_basepoint)
7798 context: ChannelContext::new_for_inbound_channel(
7802 counterparty_node_id,
7806 current_chain_height,
7811 counterparty_pubkeys,
7813 holder_selected_channel_reserve_satoshis,
7814 msg.channel_reserve_satoshis,
7816 msg.common_fields.clone(),
7818 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 }
7823 /// Marks an inbound channel as accepted and generates a [`msgs::AcceptChannel`] message which
7824 /// should be sent back to the counterparty node.
7826 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7827 pub fn accept_inbound_channel(&mut self) -> msgs::AcceptChannel {
7828 if self.context.is_outbound() {
7829 panic!("Tried to send accept_channel for an outbound channel?");
7832 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7833 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7835 panic!("Tried to send accept_channel after channel had moved forward");
7837 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7838 panic!("Tried to send an accept_channel for a channel that has already advanced");
7841 self.generate_accept_channel_message()
7844 /// This function is used to explicitly generate a [`msgs::AcceptChannel`] message for an
7845 /// inbound channel. If the intention is to accept an inbound channel, use
7846 /// [`InboundV1Channel::accept_inbound_channel`] instead.
7848 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7849 fn generate_accept_channel_message(&self) -> msgs::AcceptChannel {
7850 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
7851 let keys = self.context.get_holder_pubkeys();
7853 msgs::AcceptChannel {
7854 common_fields: msgs::CommonAcceptChannelFields {
7855 temporary_channel_id: self.context.channel_id,
7856 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
7857 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
7858 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
7859 minimum_depth: self.context.minimum_depth.unwrap(),
7860 to_self_delay: self.context.get_holder_selected_contest_delay(),
7861 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
7862 funding_pubkey: keys.funding_pubkey,
7863 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
7864 payment_basepoint: keys.payment_point,
7865 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
7866 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
7867 first_per_commitment_point,
7868 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
7869 Some(script) => script.clone().into_inner(),
7870 None => Builder::new().into_script(),
7872 channel_type: Some(self.context.channel_type.clone()),
7874 channel_reserve_satoshis: self.context.holder_selected_channel_reserve_satoshis,
7876 next_local_nonce: None,
7880 /// Enables the possibility for tests to extract a [`msgs::AcceptChannel`] message for an
7881 /// inbound channel without accepting it.
7883 /// [`msgs::AcceptChannel`]: crate::ln::msgs::AcceptChannel
7885 pub fn get_accept_channel_message(&self) -> msgs::AcceptChannel {
7886 self.generate_accept_channel_message()
7889 fn check_funding_created_signature<L: Deref>(&mut self, sig: &Signature, logger: &L) -> Result<CommitmentTransaction, ChannelError> where L::Target: Logger {
7890 let funding_script = self.context.get_funding_redeemscript();
7892 let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number);
7893 let initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, false, logger).tx;
7894 let trusted_tx = initial_commitment_tx.trust();
7895 let initial_commitment_bitcoin_tx = trusted_tx.built_transaction();
7896 let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis);
7897 // They sign the holder commitment transaction...
7898 log_trace!(logger, "Checking funding_created tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} for channel {}.",
7899 log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.context.counterparty_funding_pubkey().serialize()),
7900 encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]),
7901 encode::serialize_hex(&funding_script), &self.context.channel_id());
7902 secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &sig, self.context.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned());
7904 Ok(initial_commitment_tx)
7907 pub fn funding_created<L: Deref>(
7908 mut self, msg: &msgs::FundingCreated, best_block: BestBlock, signer_provider: &SP, logger: &L
7909 ) -> Result<(Channel<SP>, Option<msgs::FundingSigned>, ChannelMonitor<<SP::Target as SignerProvider>::EcdsaSigner>), (Self, ChannelError)>
7913 if self.context.is_outbound() {
7914 return Err((self, ChannelError::Close("Received funding_created for an outbound channel?".to_owned())));
7917 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
7918 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
7920 // BOLT 2 says that if we disconnect before we send funding_signed we SHOULD NOT
7921 // remember the channel, so it's safe to just send an error_message here and drop the
7923 return Err((self, ChannelError::Close("Received funding_created after we got the channel!".to_owned())));
7925 if self.context.commitment_secrets.get_min_seen_secret() != (1 << 48) ||
7926 self.context.cur_counterparty_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER ||
7927 self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
7928 panic!("Should not have advanced channel commitment tx numbers prior to funding_created");
7931 let funding_txo = OutPoint { txid: msg.funding_txid, index: msg.funding_output_index };
7932 self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo);
7933 // This is an externally observable change before we finish all our checks. In particular
7934 // check_funding_created_signature may fail.
7935 self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters);
7937 let initial_commitment_tx = match self.check_funding_created_signature(&msg.signature, logger) {
7939 Err(ChannelError::Close(e)) => {
7940 self.context.channel_transaction_parameters.funding_outpoint = None;
7941 return Err((self, ChannelError::Close(e)));
7944 // The only error we know how to handle is ChannelError::Close, so we fall over here
7945 // to make sure we don't continue with an inconsistent state.
7946 panic!("unexpected error type from check_funding_created_signature {:?}", e);
7950 let holder_commitment_tx = HolderCommitmentTransaction::new(
7951 initial_commitment_tx,
7954 &self.context.get_holder_pubkeys().funding_pubkey,
7955 self.context.counterparty_funding_pubkey()
7958 if let Err(_) = self.context.holder_signer.as_ref().validate_holder_commitment(&holder_commitment_tx, Vec::new()) {
7959 return Err((self, ChannelError::Close("Failed to validate our commitment".to_owned())));
7962 // Now that we're past error-generating stuff, update our local state:
7964 self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
7965 self.context.channel_id = ChannelId::v1_from_funding_outpoint(funding_txo);
7966 self.context.cur_counterparty_commitment_transaction_number -= 1;
7967 self.context.cur_holder_commitment_transaction_number -= 1;
7969 let (counterparty_initial_commitment_tx, funding_signed) = self.context.get_funding_signed_msg(logger);
7971 let funding_redeemscript = self.context.get_funding_redeemscript();
7972 let funding_txo_script = funding_redeemscript.to_v0_p2wsh();
7973 let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.context.get_holder_pubkeys().payment_point, &self.context.get_counterparty_pubkeys().payment_point, self.context.is_outbound());
7974 let shutdown_script = self.context.shutdown_scriptpubkey.clone().map(|script| script.into_inner());
7975 let mut monitor_signer = signer_provider.derive_channel_signer(self.context.channel_value_satoshis, self.context.channel_keys_id);
7976 monitor_signer.provide_channel_parameters(&self.context.channel_transaction_parameters);
7977 let channel_monitor = ChannelMonitor::new(self.context.secp_ctx.clone(), monitor_signer,
7978 shutdown_script, self.context.get_holder_selected_contest_delay(),
7979 &self.context.destination_script, (funding_txo, funding_txo_script.clone()),
7980 &self.context.channel_transaction_parameters,
7981 funding_redeemscript.clone(), self.context.channel_value_satoshis,
7983 holder_commitment_tx, best_block, self.context.counterparty_node_id, self.context.channel_id());
7984 channel_monitor.provide_initial_counterparty_commitment_tx(
7985 counterparty_initial_commitment_tx.trust().txid(), Vec::new(),
7986 self.context.cur_counterparty_commitment_transaction_number + 1,
7987 self.context.counterparty_cur_commitment_point.unwrap(), self.context.feerate_per_kw,
7988 counterparty_initial_commitment_tx.to_broadcaster_value_sat(),
7989 counterparty_initial_commitment_tx.to_countersignatory_value_sat(), logger);
7991 log_info!(logger, "{} funding_signed for peer for channel {}",
7992 if funding_signed.is_some() { "Generated" } else { "Waiting for signature on" }, &self.context.channel_id());
7994 // Promote the channel to a full-fledged one now that we have updated the state and have a
7995 // `ChannelMonitor`.
7996 let mut channel = Channel {
7997 context: self.context,
7998 #[cfg(dual_funding)]
7999 dual_funding_channel_context: None,
8001 let need_channel_ready = channel.check_get_channel_ready(0).is_some();
8002 channel.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new());
8004 Ok((channel, funding_signed, channel_monitor))
8008 // A not-yet-funded outbound (from holder) channel using V2 channel establishment.
8009 #[cfg(dual_funding)]
8010 pub(super) struct OutboundV2Channel<SP: Deref> where SP::Target: SignerProvider {
8011 pub context: ChannelContext<SP>,
8012 pub unfunded_context: UnfundedChannelContext,
8013 #[cfg(dual_funding)]
8014 pub dual_funding_context: DualFundingChannelContext,
8017 #[cfg(dual_funding)]
8018 impl<SP: Deref> OutboundV2Channel<SP> where SP::Target: SignerProvider {
8019 pub fn new<ES: Deref, F: Deref>(
8020 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
8021 counterparty_node_id: PublicKey, their_features: &InitFeatures, funding_satoshis: u64,
8022 user_id: u128, config: &UserConfig, current_chain_height: u32, outbound_scid_alias: u64,
8023 funding_confirmation_target: ConfirmationTarget,
8024 ) -> Result<OutboundV2Channel<SP>, APIError>
8025 where ES::Target: EntropySource,
8026 F::Target: FeeEstimator,
8028 let channel_keys_id = signer_provider.generate_channel_keys_id(false, funding_satoshis, user_id);
8029 let holder_signer = signer_provider.derive_channel_signer(funding_satoshis, channel_keys_id);
8030 let pubkeys = holder_signer.pubkeys().clone();
8032 let temporary_channel_id = Some(ChannelId::temporary_v2_from_revocation_basepoint(&pubkeys.revocation_basepoint));
8034 let holder_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8035 funding_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
8037 let funding_feerate_sat_per_1000_weight = fee_estimator.bounded_sat_per_1000_weight(funding_confirmation_target);
8038 let funding_tx_locktime = current_chain_height;
8041 context: ChannelContext::new_for_outbound_channel(
8045 counterparty_node_id,
8051 current_chain_height,
8052 outbound_scid_alias,
8053 temporary_channel_id,
8054 holder_selected_channel_reserve_satoshis,
8059 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 },
8060 dual_funding_context: DualFundingChannelContext {
8061 our_funding_satoshis: funding_satoshis,
8062 their_funding_satoshis: 0,
8063 funding_tx_locktime,
8064 funding_feerate_sat_per_1000_weight,
8070 /// If we receive an error message, it may only be a rejection of the channel type we tried,
8071 /// not of our ability to open any channel at all. Thus, on error, we should first call this
8072 /// and see if we get a new `OpenChannelV2` message, otherwise the channel is failed.
8073 pub(crate) fn maybe_handle_error_without_close<F: Deref>(
8074 &mut self, chain_hash: ChainHash, fee_estimator: &LowerBoundedFeeEstimator<F>
8075 ) -> Result<msgs::OpenChannelV2, ()>
8077 F::Target: FeeEstimator
8079 self.context.maybe_downgrade_channel_features(fee_estimator)?;
8080 Ok(self.get_open_channel_v2(chain_hash))
8083 pub fn get_open_channel_v2(&self, chain_hash: ChainHash) -> msgs::OpenChannelV2 {
8084 if self.context.have_received_message() {
8085 debug_assert!(false, "Cannot generate an open_channel2 after we've moved forward");
8088 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
8089 debug_assert!(false, "Tried to send an open_channel2 for a channel that has already advanced");
8092 let first_per_commitment_point = self.context.holder_signer.as_ref()
8093 .get_per_commitment_point(self.context.cur_holder_commitment_transaction_number,
8094 &self.context.secp_ctx);
8095 let second_per_commitment_point = self.context.holder_signer.as_ref()
8096 .get_per_commitment_point(self.context.cur_holder_commitment_transaction_number - 1,
8097 &self.context.secp_ctx);
8098 let keys = self.context.get_holder_pubkeys();
8100 msgs::OpenChannelV2 {
8101 common_fields: msgs::CommonOpenChannelFields {
8103 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
8104 funding_satoshis: self.context.channel_value_satoshis,
8105 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
8106 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
8107 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
8108 commitment_feerate_sat_per_1000_weight: self.context.feerate_per_kw,
8109 to_self_delay: self.context.get_holder_selected_contest_delay(),
8110 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
8111 funding_pubkey: keys.funding_pubkey,
8112 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
8113 payment_basepoint: keys.payment_point,
8114 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
8115 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
8116 first_per_commitment_point,
8117 channel_flags: if self.context.config.announced_channel {1} else {0},
8118 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
8119 Some(script) => script.clone().into_inner(),
8120 None => Builder::new().into_script(),
8122 channel_type: Some(self.context.channel_type.clone()),
8124 funding_feerate_sat_per_1000_weight: self.context.feerate_per_kw,
8125 second_per_commitment_point,
8126 locktime: self.dual_funding_context.funding_tx_locktime,
8127 require_confirmed_inputs: None,
8132 // A not-yet-funded inbound (from counterparty) channel using V2 channel establishment.
8133 #[cfg(dual_funding)]
8134 pub(super) struct InboundV2Channel<SP: Deref> where SP::Target: SignerProvider {
8135 pub context: ChannelContext<SP>,
8136 pub unfunded_context: UnfundedChannelContext,
8137 pub dual_funding_context: DualFundingChannelContext,
8140 #[cfg(dual_funding)]
8141 impl<SP: Deref> InboundV2Channel<SP> where SP::Target: SignerProvider {
8142 /// Creates a new dual-funded channel from a remote side's request for one.
8143 /// Assumes chain_hash has already been checked and corresponds with what we expect!
8144 pub fn new<ES: Deref, F: Deref, L: Deref>(
8145 fee_estimator: &LowerBoundedFeeEstimator<F>, entropy_source: &ES, signer_provider: &SP,
8146 counterparty_node_id: PublicKey, our_supported_features: &ChannelTypeFeatures,
8147 their_features: &InitFeatures, msg: &msgs::OpenChannelV2, funding_satoshis: u64, user_id: u128,
8148 config: &UserConfig, current_chain_height: u32, logger: &L,
8149 ) -> Result<InboundV2Channel<SP>, ChannelError>
8150 where ES::Target: EntropySource,
8151 F::Target: FeeEstimator,
8154 let channel_value_satoshis = funding_satoshis.saturating_add(msg.common_fields.funding_satoshis);
8155 let counterparty_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8156 channel_value_satoshis, msg.common_fields.dust_limit_satoshis);
8157 let holder_selected_channel_reserve_satoshis = get_v2_channel_reserve_satoshis(
8158 channel_value_satoshis, MIN_CHAN_DUST_LIMIT_SATOSHIS);
8160 // First check the channel type is known, failing before we do anything else if we don't
8161 // support this channel type.
8162 if msg.common_fields.channel_type.is_none() {
8163 return Err(ChannelError::Close(format!("Rejecting V2 channel {} missing channel_type",
8164 msg.common_fields.temporary_channel_id)))
8166 let channel_type = channel_type_from_open_channel(&msg.common_fields, their_features, our_supported_features)?;
8168 let counterparty_pubkeys = ChannelPublicKeys {
8169 funding_pubkey: msg.common_fields.funding_pubkey,
8170 revocation_basepoint: RevocationBasepoint(msg.common_fields.revocation_basepoint),
8171 payment_point: msg.common_fields.payment_basepoint,
8172 delayed_payment_basepoint: DelayedPaymentBasepoint(msg.common_fields.delayed_payment_basepoint),
8173 htlc_basepoint: HtlcBasepoint(msg.common_fields.htlc_basepoint)
8176 let mut context = ChannelContext::new_for_inbound_channel(
8180 counterparty_node_id,
8184 current_chain_height,
8190 counterparty_pubkeys,
8192 holder_selected_channel_reserve_satoshis,
8193 counterparty_selected_channel_reserve_satoshis,
8194 0 /* push_msat not used in dual-funding */,
8195 msg.common_fields.clone(),
8197 let channel_id = ChannelId::v2_from_revocation_basepoints(
8198 &context.get_holder_pubkeys().revocation_basepoint,
8199 &context.get_counterparty_pubkeys().revocation_basepoint);
8200 context.channel_id = channel_id;
8204 unfunded_context: UnfundedChannelContext { unfunded_channel_age_ticks: 0 },
8205 dual_funding_context: DualFundingChannelContext {
8206 our_funding_satoshis: funding_satoshis,
8207 their_funding_satoshis: msg.common_fields.funding_satoshis,
8208 funding_tx_locktime: msg.locktime,
8209 funding_feerate_sat_per_1000_weight: msg.funding_feerate_sat_per_1000_weight,
8216 /// Marks an inbound channel as accepted and generates a [`msgs::AcceptChannelV2`] message which
8217 /// should be sent back to the counterparty node.
8219 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8220 pub fn accept_inbound_dual_funded_channel(&mut self) -> msgs::AcceptChannelV2 {
8221 if self.context.is_outbound() {
8222 debug_assert!(false, "Tried to send accept_channel for an outbound channel?");
8225 self.context.channel_state, ChannelState::NegotiatingFunding(flags)
8226 if flags == (NegotiatingFundingFlags::OUR_INIT_SENT | NegotiatingFundingFlags::THEIR_INIT_SENT)
8228 debug_assert!(false, "Tried to send accept_channel2 after channel had moved forward");
8230 if self.context.cur_holder_commitment_transaction_number != INITIAL_COMMITMENT_NUMBER {
8231 debug_assert!(false, "Tried to send an accept_channel2 for a channel that has already advanced");
8234 self.generate_accept_channel_v2_message()
8237 /// This function is used to explicitly generate a [`msgs::AcceptChannel`] message for an
8238 /// inbound channel. If the intention is to accept an inbound channel, use
8239 /// [`InboundV1Channel::accept_inbound_channel`] instead.
8241 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8242 fn generate_accept_channel_v2_message(&self) -> msgs::AcceptChannelV2 {
8243 let first_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(
8244 self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx);
8245 let second_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(
8246 self.context.cur_holder_commitment_transaction_number - 1, &self.context.secp_ctx);
8247 let keys = self.context.get_holder_pubkeys();
8249 msgs::AcceptChannelV2 {
8250 common_fields: msgs::CommonAcceptChannelFields {
8251 temporary_channel_id: self.context.temporary_channel_id.unwrap(),
8252 dust_limit_satoshis: self.context.holder_dust_limit_satoshis,
8253 max_htlc_value_in_flight_msat: self.context.holder_max_htlc_value_in_flight_msat,
8254 htlc_minimum_msat: self.context.holder_htlc_minimum_msat,
8255 minimum_depth: self.context.minimum_depth.unwrap(),
8256 to_self_delay: self.context.get_holder_selected_contest_delay(),
8257 max_accepted_htlcs: self.context.holder_max_accepted_htlcs,
8258 funding_pubkey: keys.funding_pubkey,
8259 revocation_basepoint: keys.revocation_basepoint.to_public_key(),
8260 payment_basepoint: keys.payment_point,
8261 delayed_payment_basepoint: keys.delayed_payment_basepoint.to_public_key(),
8262 htlc_basepoint: keys.htlc_basepoint.to_public_key(),
8263 first_per_commitment_point,
8264 shutdown_scriptpubkey: Some(match &self.context.shutdown_scriptpubkey {
8265 Some(script) => script.clone().into_inner(),
8266 None => Builder::new().into_script(),
8268 channel_type: Some(self.context.channel_type.clone()),
8270 funding_satoshis: self.dual_funding_context.our_funding_satoshis,
8271 second_per_commitment_point,
8272 require_confirmed_inputs: None,
8276 /// Enables the possibility for tests to extract a [`msgs::AcceptChannelV2`] message for an
8277 /// inbound channel without accepting it.
8279 /// [`msgs::AcceptChannelV2`]: crate::ln::msgs::AcceptChannelV2
8281 pub fn get_accept_channel_v2_message(&self) -> msgs::AcceptChannelV2 {
8282 self.generate_accept_channel_v2_message()
8286 // Unfunded channel utilities
8288 fn get_initial_channel_type(config: &UserConfig, their_features: &InitFeatures) -> ChannelTypeFeatures {
8289 // The default channel type (ie the first one we try) depends on whether the channel is
8290 // public - if it is, we just go with `only_static_remotekey` as it's the only option
8291 // available. If it's private, we first try `scid_privacy` as it provides better privacy
8292 // with no other changes, and fall back to `only_static_remotekey`.
8293 let mut ret = ChannelTypeFeatures::only_static_remote_key();
8294 if !config.channel_handshake_config.announced_channel &&
8295 config.channel_handshake_config.negotiate_scid_privacy &&
8296 their_features.supports_scid_privacy() {
8297 ret.set_scid_privacy_required();
8300 // Optionally, if the user would like to negotiate the `anchors_zero_fee_htlc_tx` option, we
8301 // set it now. If they don't understand it, we'll fall back to our default of
8302 // `only_static_remotekey`.
8303 if config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx &&
8304 their_features.supports_anchors_zero_fee_htlc_tx() {
8305 ret.set_anchors_zero_fee_htlc_tx_required();
8311 const SERIALIZATION_VERSION: u8 = 4;
8312 const MIN_SERIALIZATION_VERSION: u8 = 3;
8314 impl_writeable_tlv_based_enum!(InboundHTLCRemovalReason,;
8320 impl Writeable for ChannelUpdateStatus {
8321 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8322 // We only care about writing out the current state as it was announced, ie only either
8323 // Enabled or Disabled. In the case of DisabledStaged, we most recently announced the
8324 // channel as enabled, so we write 0. For EnabledStaged, we similarly write a 1.
8326 ChannelUpdateStatus::Enabled => 0u8.write(writer)?,
8327 ChannelUpdateStatus::DisabledStaged(_) => 0u8.write(writer)?,
8328 ChannelUpdateStatus::EnabledStaged(_) => 1u8.write(writer)?,
8329 ChannelUpdateStatus::Disabled => 1u8.write(writer)?,
8335 impl Readable for ChannelUpdateStatus {
8336 fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
8337 Ok(match <u8 as Readable>::read(reader)? {
8338 0 => ChannelUpdateStatus::Enabled,
8339 1 => ChannelUpdateStatus::Disabled,
8340 _ => return Err(DecodeError::InvalidValue),
8345 impl Writeable for AnnouncementSigsState {
8346 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8347 // We only care about writing out the current state as if we had just disconnected, at
8348 // which point we always set anything but AnnouncementSigsReceived to NotSent.
8350 AnnouncementSigsState::NotSent => 0u8.write(writer),
8351 AnnouncementSigsState::MessageSent => 0u8.write(writer),
8352 AnnouncementSigsState::Committed => 0u8.write(writer),
8353 AnnouncementSigsState::PeerReceived => 1u8.write(writer),
8358 impl Readable for AnnouncementSigsState {
8359 fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
8360 Ok(match <u8 as Readable>::read(reader)? {
8361 0 => AnnouncementSigsState::NotSent,
8362 1 => AnnouncementSigsState::PeerReceived,
8363 _ => return Err(DecodeError::InvalidValue),
8368 impl<SP: Deref> Writeable for Channel<SP> where SP::Target: SignerProvider {
8369 fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
8370 // Note that we write out as if remove_uncommitted_htlcs_and_mark_paused had just been
8373 let version_to_write = if self.context.pending_inbound_htlcs.iter().any(|htlc| match htlc.state {
8374 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref htlc_resolution)|
8375 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(ref htlc_resolution) => {
8376 matches!(htlc_resolution, InboundHTLCResolution::Pending { .. })
8380 SERIALIZATION_VERSION
8382 MIN_SERIALIZATION_VERSION
8384 write_ver_prefix!(writer, version_to_write, MIN_SERIALIZATION_VERSION);
8386 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8387 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We write
8388 // the low bytes now and the optional high bytes later.
8389 let user_id_low = self.context.user_id as u64;
8390 user_id_low.write(writer)?;
8392 // Version 1 deserializers expected to read parts of the config object here. Version 2
8393 // deserializers (0.0.99) now read config through TLVs, and as we now require them for
8394 // `minimum_depth` we simply write dummy values here.
8395 writer.write_all(&[0; 8])?;
8397 self.context.channel_id.write(writer)?;
8399 let mut channel_state = self.context.channel_state;
8400 if matches!(channel_state, ChannelState::AwaitingChannelReady(_)|ChannelState::ChannelReady(_)) {
8401 channel_state.set_peer_disconnected();
8403 debug_assert!(false, "Pre-funded/shutdown channels should not be written");
8405 channel_state.to_u32().write(writer)?;
8407 self.context.channel_value_satoshis.write(writer)?;
8409 self.context.latest_monitor_update_id.write(writer)?;
8411 // Write out the old serialization for shutdown_pubkey for backwards compatibility, if
8412 // deserialized from that format.
8413 match self.context.shutdown_scriptpubkey.as_ref().and_then(|script| script.as_legacy_pubkey()) {
8414 Some(shutdown_pubkey) => shutdown_pubkey.write(writer)?,
8415 None => [0u8; PUBLIC_KEY_SIZE].write(writer)?,
8417 self.context.destination_script.write(writer)?;
8419 self.context.cur_holder_commitment_transaction_number.write(writer)?;
8420 self.context.cur_counterparty_commitment_transaction_number.write(writer)?;
8421 self.context.value_to_self_msat.write(writer)?;
8423 let mut dropped_inbound_htlcs = 0;
8424 for htlc in self.context.pending_inbound_htlcs.iter() {
8425 if let InboundHTLCState::RemoteAnnounced(_) = htlc.state {
8426 dropped_inbound_htlcs += 1;
8429 (self.context.pending_inbound_htlcs.len() as u64 - dropped_inbound_htlcs).write(writer)?;
8430 for htlc in self.context.pending_inbound_htlcs.iter() {
8431 if let &InboundHTLCState::RemoteAnnounced(_) = &htlc.state {
8434 htlc.htlc_id.write(writer)?;
8435 htlc.amount_msat.write(writer)?;
8436 htlc.cltv_expiry.write(writer)?;
8437 htlc.payment_hash.write(writer)?;
8439 &InboundHTLCState::RemoteAnnounced(_) => unreachable!(),
8440 &InboundHTLCState::AwaitingRemoteRevokeToAnnounce(ref htlc_resolution) => {
8442 if version_to_write <= 3 {
8443 if let InboundHTLCResolution::Resolved { pending_htlc_status } = htlc_resolution {
8444 pending_htlc_status.write(writer)?;
8449 htlc_resolution.write(writer)?;
8452 &InboundHTLCState::AwaitingAnnouncedRemoteRevoke(ref htlc_resolution) => {
8454 if version_to_write <= 3 {
8455 if let InboundHTLCResolution::Resolved { pending_htlc_status } = htlc_resolution {
8456 pending_htlc_status.write(writer)?;
8461 htlc_resolution.write(writer)?;
8464 &InboundHTLCState::Committed => {
8467 &InboundHTLCState::LocalRemoved(ref removal_reason) => {
8469 removal_reason.write(writer)?;
8474 let mut preimages: Vec<&Option<PaymentPreimage>> = vec![];
8475 let mut pending_outbound_skimmed_fees: Vec<Option<u64>> = Vec::new();
8476 let mut pending_outbound_blinding_points: Vec<Option<PublicKey>> = Vec::new();
8478 (self.context.pending_outbound_htlcs.len() as u64).write(writer)?;
8479 for htlc in self.context.pending_outbound_htlcs.iter() {
8480 htlc.htlc_id.write(writer)?;
8481 htlc.amount_msat.write(writer)?;
8482 htlc.cltv_expiry.write(writer)?;
8483 htlc.payment_hash.write(writer)?;
8484 htlc.source.write(writer)?;
8486 &OutboundHTLCState::LocalAnnounced(ref onion_packet) => {
8488 onion_packet.write(writer)?;
8490 &OutboundHTLCState::Committed => {
8493 &OutboundHTLCState::RemoteRemoved(_) => {
8494 // Treat this as a Committed because we haven't received the CS - they'll
8495 // resend the claim/fail on reconnect as we all (hopefully) the missing CS.
8498 &OutboundHTLCState::AwaitingRemoteRevokeToRemove(ref outcome) => {
8500 if let OutboundHTLCOutcome::Success(preimage) = outcome {
8501 preimages.push(preimage);
8503 let reason: Option<&HTLCFailReason> = outcome.into();
8504 reason.write(writer)?;
8506 &OutboundHTLCState::AwaitingRemovedRemoteRevoke(ref outcome) => {
8508 if let OutboundHTLCOutcome::Success(preimage) = outcome {
8509 preimages.push(preimage);
8511 let reason: Option<&HTLCFailReason> = outcome.into();
8512 reason.write(writer)?;
8515 pending_outbound_skimmed_fees.push(htlc.skimmed_fee_msat);
8516 pending_outbound_blinding_points.push(htlc.blinding_point);
8519 let mut holding_cell_skimmed_fees: Vec<Option<u64>> = Vec::new();
8520 let mut holding_cell_blinding_points: Vec<Option<PublicKey>> = Vec::new();
8521 // Vec of (htlc_id, failure_code, sha256_of_onion)
8522 let mut malformed_htlcs: Vec<(u64, u16, [u8; 32])> = Vec::new();
8523 (self.context.holding_cell_htlc_updates.len() as u64).write(writer)?;
8524 for update in self.context.holding_cell_htlc_updates.iter() {
8526 &HTLCUpdateAwaitingACK::AddHTLC {
8527 ref amount_msat, ref cltv_expiry, ref payment_hash, ref source, ref onion_routing_packet,
8528 blinding_point, skimmed_fee_msat,
8531 amount_msat.write(writer)?;
8532 cltv_expiry.write(writer)?;
8533 payment_hash.write(writer)?;
8534 source.write(writer)?;
8535 onion_routing_packet.write(writer)?;
8537 holding_cell_skimmed_fees.push(skimmed_fee_msat);
8538 holding_cell_blinding_points.push(blinding_point);
8540 &HTLCUpdateAwaitingACK::ClaimHTLC { ref payment_preimage, ref htlc_id } => {
8542 payment_preimage.write(writer)?;
8543 htlc_id.write(writer)?;
8545 &HTLCUpdateAwaitingACK::FailHTLC { ref htlc_id, ref err_packet } => {
8547 htlc_id.write(writer)?;
8548 err_packet.write(writer)?;
8550 &HTLCUpdateAwaitingACK::FailMalformedHTLC {
8551 htlc_id, failure_code, sha256_of_onion
8553 // We don't want to break downgrading by adding a new variant, so write a dummy
8554 // `::FailHTLC` variant and write the real malformed error as an optional TLV.
8555 malformed_htlcs.push((htlc_id, failure_code, sha256_of_onion));
8557 let dummy_err_packet = msgs::OnionErrorPacket { data: Vec::new() };
8559 htlc_id.write(writer)?;
8560 dummy_err_packet.write(writer)?;
8565 match self.context.resend_order {
8566 RAACommitmentOrder::CommitmentFirst => 0u8.write(writer)?,
8567 RAACommitmentOrder::RevokeAndACKFirst => 1u8.write(writer)?,
8570 self.context.monitor_pending_channel_ready.write(writer)?;
8571 self.context.monitor_pending_revoke_and_ack.write(writer)?;
8572 self.context.monitor_pending_commitment_signed.write(writer)?;
8574 (self.context.monitor_pending_forwards.len() as u64).write(writer)?;
8575 for &(ref pending_forward, ref htlc_id) in self.context.monitor_pending_forwards.iter() {
8576 pending_forward.write(writer)?;
8577 htlc_id.write(writer)?;
8580 (self.context.monitor_pending_failures.len() as u64).write(writer)?;
8581 for &(ref htlc_source, ref payment_hash, ref fail_reason) in self.context.monitor_pending_failures.iter() {
8582 htlc_source.write(writer)?;
8583 payment_hash.write(writer)?;
8584 fail_reason.write(writer)?;
8587 if self.context.is_outbound() {
8588 self.context.pending_update_fee.map(|(a, _)| a).write(writer)?;
8589 } else if let Some((feerate, FeeUpdateState::AwaitingRemoteRevokeToAnnounce)) = self.context.pending_update_fee {
8590 Some(feerate).write(writer)?;
8592 // As for inbound HTLCs, if the update was only announced and never committed in a
8593 // commitment_signed, drop it.
8594 None::<u32>.write(writer)?;
8596 self.context.holding_cell_update_fee.write(writer)?;
8598 self.context.next_holder_htlc_id.write(writer)?;
8599 (self.context.next_counterparty_htlc_id - dropped_inbound_htlcs).write(writer)?;
8600 self.context.update_time_counter.write(writer)?;
8601 self.context.feerate_per_kw.write(writer)?;
8603 // Versions prior to 0.0.100 expected to read the fields of `last_sent_closing_fee` here,
8604 // however we are supposed to restart shutdown fee negotiation on reconnect (and wipe
8605 // `last_send_closing_fee` in `remove_uncommitted_htlcs_and_mark_paused`) so we should never
8606 // consider the stale state on reload.
8609 self.context.funding_tx_confirmed_in.write(writer)?;
8610 self.context.funding_tx_confirmation_height.write(writer)?;
8611 self.context.short_channel_id.write(writer)?;
8613 self.context.counterparty_dust_limit_satoshis.write(writer)?;
8614 self.context.holder_dust_limit_satoshis.write(writer)?;
8615 self.context.counterparty_max_htlc_value_in_flight_msat.write(writer)?;
8617 // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
8618 self.context.counterparty_selected_channel_reserve_satoshis.unwrap_or(0).write(writer)?;
8620 self.context.counterparty_htlc_minimum_msat.write(writer)?;
8621 self.context.holder_htlc_minimum_msat.write(writer)?;
8622 self.context.counterparty_max_accepted_htlcs.write(writer)?;
8624 // Note that this field is ignored by 0.0.99+ as the TLV Optional variant is used instead.
8625 self.context.minimum_depth.unwrap_or(0).write(writer)?;
8627 match &self.context.counterparty_forwarding_info {
8630 info.fee_base_msat.write(writer)?;
8631 info.fee_proportional_millionths.write(writer)?;
8632 info.cltv_expiry_delta.write(writer)?;
8634 None => 0u8.write(writer)?
8637 self.context.channel_transaction_parameters.write(writer)?;
8638 self.context.funding_transaction.write(writer)?;
8640 self.context.counterparty_cur_commitment_point.write(writer)?;
8641 self.context.counterparty_prev_commitment_point.write(writer)?;
8642 self.context.counterparty_node_id.write(writer)?;
8644 self.context.counterparty_shutdown_scriptpubkey.write(writer)?;
8646 self.context.commitment_secrets.write(writer)?;
8648 self.context.channel_update_status.write(writer)?;
8650 #[cfg(any(test, fuzzing))]
8651 (self.context.historical_inbound_htlc_fulfills.len() as u64).write(writer)?;
8652 #[cfg(any(test, fuzzing))]
8653 for htlc in self.context.historical_inbound_htlc_fulfills.iter() {
8654 htlc.write(writer)?;
8657 // If the channel type is something other than only-static-remote-key, then we need to have
8658 // older clients fail to deserialize this channel at all. If the type is
8659 // only-static-remote-key, we simply consider it "default" and don't write the channel type
8661 let chan_type = if self.context.channel_type != ChannelTypeFeatures::only_static_remote_key() {
8662 Some(&self.context.channel_type) } else { None };
8664 // The same logic applies for `holder_selected_channel_reserve_satoshis` values other than
8665 // the default, and when `holder_max_htlc_value_in_flight_msat` is configured to be set to
8666 // a different percentage of the channel value then 10%, which older versions of LDK used
8667 // to set it to before the percentage was made configurable.
8668 let serialized_holder_selected_reserve =
8669 if self.context.holder_selected_channel_reserve_satoshis != get_legacy_default_holder_selected_channel_reserve_satoshis(self.context.channel_value_satoshis)
8670 { Some(self.context.holder_selected_channel_reserve_satoshis) } else { None };
8672 let mut old_max_in_flight_percent_config = UserConfig::default().channel_handshake_config;
8673 old_max_in_flight_percent_config.max_inbound_htlc_value_in_flight_percent_of_channel = MAX_IN_FLIGHT_PERCENT_LEGACY;
8674 let serialized_holder_htlc_max_in_flight =
8675 if self.context.holder_max_htlc_value_in_flight_msat != get_holder_max_htlc_value_in_flight_msat(self.context.channel_value_satoshis, &old_max_in_flight_percent_config)
8676 { Some(self.context.holder_max_htlc_value_in_flight_msat) } else { None };
8678 let channel_pending_event_emitted = Some(self.context.channel_pending_event_emitted);
8679 let channel_ready_event_emitted = Some(self.context.channel_ready_event_emitted);
8681 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8682 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. Therefore,
8683 // we write the high bytes as an option here.
8684 let user_id_high_opt = Some((self.context.user_id >> 64) as u64);
8686 let holder_max_accepted_htlcs = if self.context.holder_max_accepted_htlcs == DEFAULT_MAX_HTLCS { None } else { Some(self.context.holder_max_accepted_htlcs) };
8688 let mut monitor_pending_update_adds = None;
8689 if !self.context.monitor_pending_update_adds.is_empty() {
8690 monitor_pending_update_adds = Some(&self.context.monitor_pending_update_adds);
8693 write_tlv_fields!(writer, {
8694 (0, self.context.announcement_sigs, option),
8695 // minimum_depth and counterparty_selected_channel_reserve_satoshis used to have a
8696 // default value instead of being Option<>al. Thus, to maintain compatibility we write
8697 // them twice, once with their original default values above, and once as an option
8698 // here. On the read side, old versions will simply ignore the odd-type entries here,
8699 // and new versions map the default values to None and allow the TLV entries here to
8701 (1, self.context.minimum_depth, option),
8702 (2, chan_type, option),
8703 (3, self.context.counterparty_selected_channel_reserve_satoshis, option),
8704 (4, serialized_holder_selected_reserve, option),
8705 (5, self.context.config, required),
8706 (6, serialized_holder_htlc_max_in_flight, option),
8707 (7, self.context.shutdown_scriptpubkey, option),
8708 (8, self.context.blocked_monitor_updates, optional_vec),
8709 (9, self.context.target_closing_feerate_sats_per_kw, option),
8710 (10, monitor_pending_update_adds, option), // Added in 0.0.122
8711 (11, self.context.monitor_pending_finalized_fulfills, required_vec),
8712 (13, self.context.channel_creation_height, required),
8713 (15, preimages, required_vec),
8714 (17, self.context.announcement_sigs_state, required),
8715 (19, self.context.latest_inbound_scid_alias, option),
8716 (21, self.context.outbound_scid_alias, required),
8717 (23, channel_ready_event_emitted, option),
8718 (25, user_id_high_opt, option),
8719 (27, self.context.channel_keys_id, required),
8720 (28, holder_max_accepted_htlcs, option),
8721 (29, self.context.temporary_channel_id, option),
8722 (31, channel_pending_event_emitted, option),
8723 (35, pending_outbound_skimmed_fees, optional_vec),
8724 (37, holding_cell_skimmed_fees, optional_vec),
8725 (38, self.context.is_batch_funding, option),
8726 (39, pending_outbound_blinding_points, optional_vec),
8727 (41, holding_cell_blinding_points, optional_vec),
8728 (43, malformed_htlcs, optional_vec), // Added in 0.0.119
8729 // 45 and 47 are reserved for async signing
8730 (49, self.context.local_initiated_shutdown, option), // Added in 0.0.122
8737 const MAX_ALLOC_SIZE: usize = 64*1024;
8738 impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c ChannelTypeFeatures)> for Channel<SP>
8740 ES::Target: EntropySource,
8741 SP::Target: SignerProvider
8743 fn read<R : io::Read>(reader: &mut R, args: (&'a ES, &'b SP, u32, &'c ChannelTypeFeatures)) -> Result<Self, DecodeError> {
8744 let (entropy_source, signer_provider, serialized_height, our_supported_features) = args;
8745 let ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
8747 // `user_id` used to be a single u64 value. In order to remain backwards compatible with
8748 // versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We read
8749 // the low bytes now and the high bytes later.
8750 let user_id_low: u64 = Readable::read(reader)?;
8752 let mut config = Some(LegacyChannelConfig::default());
8754 // Read the old serialization of the ChannelConfig from version 0.0.98.
8755 config.as_mut().unwrap().options.forwarding_fee_proportional_millionths = Readable::read(reader)?;
8756 config.as_mut().unwrap().options.cltv_expiry_delta = Readable::read(reader)?;
8757 config.as_mut().unwrap().announced_channel = Readable::read(reader)?;
8758 config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?;
8760 // Read the 8 bytes of backwards-compatibility ChannelConfig data.
8761 let mut _val: u64 = Readable::read(reader)?;
8764 let channel_id = Readable::read(reader)?;
8765 let channel_state = ChannelState::from_u32(Readable::read(reader)?).map_err(|_| DecodeError::InvalidValue)?;
8766 let channel_value_satoshis = Readable::read(reader)?;
8768 let latest_monitor_update_id = Readable::read(reader)?;
8770 let mut keys_data = None;
8772 // Read the serialize signer bytes. We'll choose to deserialize them or not based on whether
8773 // the `channel_keys_id` TLV is present below.
8774 let keys_len: u32 = Readable::read(reader)?;
8775 keys_data = Some(Vec::with_capacity(cmp::min(keys_len as usize, MAX_ALLOC_SIZE)));
8776 while keys_data.as_ref().unwrap().len() != keys_len as usize {
8777 // Read 1KB at a time to avoid accidentally allocating 4GB on corrupted channel keys
8778 let mut data = [0; 1024];
8779 let read_slice = &mut data[0..cmp::min(1024, keys_len as usize - keys_data.as_ref().unwrap().len())];
8780 reader.read_exact(read_slice)?;
8781 keys_data.as_mut().unwrap().extend_from_slice(read_slice);
8785 // Read the old serialization for shutdown_pubkey, preferring the TLV field later if set.
8786 let mut shutdown_scriptpubkey = match <PublicKey as Readable>::read(reader) {
8787 Ok(pubkey) => Some(ShutdownScript::new_p2wpkh_from_pubkey(pubkey)),
8790 let destination_script = Readable::read(reader)?;
8792 let cur_holder_commitment_transaction_number = Readable::read(reader)?;
8793 let cur_counterparty_commitment_transaction_number = Readable::read(reader)?;
8794 let value_to_self_msat = Readable::read(reader)?;
8796 let pending_inbound_htlc_count: u64 = Readable::read(reader)?;
8798 let mut pending_inbound_htlcs = Vec::with_capacity(cmp::min(pending_inbound_htlc_count as usize, DEFAULT_MAX_HTLCS as usize));
8799 for _ in 0..pending_inbound_htlc_count {
8800 pending_inbound_htlcs.push(InboundHTLCOutput {
8801 htlc_id: Readable::read(reader)?,
8802 amount_msat: Readable::read(reader)?,
8803 cltv_expiry: Readable::read(reader)?,
8804 payment_hash: Readable::read(reader)?,
8805 state: match <u8 as Readable>::read(reader)? {
8807 let resolution = if ver <= 3 {
8808 InboundHTLCResolution::Resolved { pending_htlc_status: Readable::read(reader)? }
8810 Readable::read(reader)?
8812 InboundHTLCState::AwaitingRemoteRevokeToAnnounce(resolution)
8815 let resolution = if ver <= 3 {
8816 InboundHTLCResolution::Resolved { pending_htlc_status: Readable::read(reader)? }
8818 Readable::read(reader)?
8820 InboundHTLCState::AwaitingAnnouncedRemoteRevoke(resolution)
8822 3 => InboundHTLCState::Committed,
8823 4 => InboundHTLCState::LocalRemoved(Readable::read(reader)?),
8824 _ => return Err(DecodeError::InvalidValue),
8829 let pending_outbound_htlc_count: u64 = Readable::read(reader)?;
8830 let mut pending_outbound_htlcs = Vec::with_capacity(cmp::min(pending_outbound_htlc_count as usize, DEFAULT_MAX_HTLCS as usize));
8831 for _ in 0..pending_outbound_htlc_count {
8832 pending_outbound_htlcs.push(OutboundHTLCOutput {
8833 htlc_id: Readable::read(reader)?,
8834 amount_msat: Readable::read(reader)?,
8835 cltv_expiry: Readable::read(reader)?,
8836 payment_hash: Readable::read(reader)?,
8837 source: Readable::read(reader)?,
8838 state: match <u8 as Readable>::read(reader)? {
8839 0 => OutboundHTLCState::LocalAnnounced(Box::new(Readable::read(reader)?)),
8840 1 => OutboundHTLCState::Committed,
8842 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8843 OutboundHTLCState::RemoteRemoved(option.into())
8846 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8847 OutboundHTLCState::AwaitingRemoteRevokeToRemove(option.into())
8850 let option: Option<HTLCFailReason> = Readable::read(reader)?;
8851 OutboundHTLCState::AwaitingRemovedRemoteRevoke(option.into())
8853 _ => return Err(DecodeError::InvalidValue),
8855 skimmed_fee_msat: None,
8856 blinding_point: None,
8860 let holding_cell_htlc_update_count: u64 = Readable::read(reader)?;
8861 let mut holding_cell_htlc_updates = Vec::with_capacity(cmp::min(holding_cell_htlc_update_count as usize, DEFAULT_MAX_HTLCS as usize*2));
8862 for _ in 0..holding_cell_htlc_update_count {
8863 holding_cell_htlc_updates.push(match <u8 as Readable>::read(reader)? {
8864 0 => HTLCUpdateAwaitingACK::AddHTLC {
8865 amount_msat: Readable::read(reader)?,
8866 cltv_expiry: Readable::read(reader)?,
8867 payment_hash: Readable::read(reader)?,
8868 source: Readable::read(reader)?,
8869 onion_routing_packet: Readable::read(reader)?,
8870 skimmed_fee_msat: None,
8871 blinding_point: None,
8873 1 => HTLCUpdateAwaitingACK::ClaimHTLC {
8874 payment_preimage: Readable::read(reader)?,
8875 htlc_id: Readable::read(reader)?,
8877 2 => HTLCUpdateAwaitingACK::FailHTLC {
8878 htlc_id: Readable::read(reader)?,
8879 err_packet: Readable::read(reader)?,
8881 _ => return Err(DecodeError::InvalidValue),
8885 let resend_order = match <u8 as Readable>::read(reader)? {
8886 0 => RAACommitmentOrder::CommitmentFirst,
8887 1 => RAACommitmentOrder::RevokeAndACKFirst,
8888 _ => return Err(DecodeError::InvalidValue),
8891 let monitor_pending_channel_ready = Readable::read(reader)?;
8892 let monitor_pending_revoke_and_ack = Readable::read(reader)?;
8893 let monitor_pending_commitment_signed = Readable::read(reader)?;
8895 let monitor_pending_forwards_count: u64 = Readable::read(reader)?;
8896 let mut monitor_pending_forwards = Vec::with_capacity(cmp::min(monitor_pending_forwards_count as usize, DEFAULT_MAX_HTLCS as usize));
8897 for _ in 0..monitor_pending_forwards_count {
8898 monitor_pending_forwards.push((Readable::read(reader)?, Readable::read(reader)?));
8901 let monitor_pending_failures_count: u64 = Readable::read(reader)?;
8902 let mut monitor_pending_failures = Vec::with_capacity(cmp::min(monitor_pending_failures_count as usize, DEFAULT_MAX_HTLCS as usize));
8903 for _ in 0..monitor_pending_failures_count {
8904 monitor_pending_failures.push((Readable::read(reader)?, Readable::read(reader)?, Readable::read(reader)?));
8907 let pending_update_fee_value: Option<u32> = Readable::read(reader)?;
8909 let holding_cell_update_fee = Readable::read(reader)?;
8911 let next_holder_htlc_id = Readable::read(reader)?;
8912 let next_counterparty_htlc_id = Readable::read(reader)?;
8913 let update_time_counter = Readable::read(reader)?;
8914 let feerate_per_kw = Readable::read(reader)?;
8916 // Versions prior to 0.0.100 expected to read the fields of `last_sent_closing_fee` here,
8917 // however we are supposed to restart shutdown fee negotiation on reconnect (and wipe
8918 // `last_send_closing_fee` in `remove_uncommitted_htlcs_and_mark_paused`) so we should never
8919 // consider the stale state on reload.
8920 match <u8 as Readable>::read(reader)? {
8923 let _: u32 = Readable::read(reader)?;
8924 let _: u64 = Readable::read(reader)?;
8925 let _: Signature = Readable::read(reader)?;
8927 _ => return Err(DecodeError::InvalidValue),
8930 let funding_tx_confirmed_in = Readable::read(reader)?;
8931 let funding_tx_confirmation_height = Readable::read(reader)?;
8932 let short_channel_id = Readable::read(reader)?;
8934 let counterparty_dust_limit_satoshis = Readable::read(reader)?;
8935 let holder_dust_limit_satoshis = Readable::read(reader)?;
8936 let counterparty_max_htlc_value_in_flight_msat = Readable::read(reader)?;
8937 let mut counterparty_selected_channel_reserve_satoshis = None;
8939 // Read the old serialization from version 0.0.98.
8940 counterparty_selected_channel_reserve_satoshis = Some(Readable::read(reader)?);
8942 // Read the 8 bytes of backwards-compatibility data.
8943 let _dummy: u64 = Readable::read(reader)?;
8945 let counterparty_htlc_minimum_msat = Readable::read(reader)?;
8946 let holder_htlc_minimum_msat = Readable::read(reader)?;
8947 let counterparty_max_accepted_htlcs = Readable::read(reader)?;
8949 let mut minimum_depth = None;
8951 // Read the old serialization from version 0.0.98.
8952 minimum_depth = Some(Readable::read(reader)?);
8954 // Read the 4 bytes of backwards-compatibility data.
8955 let _dummy: u32 = Readable::read(reader)?;
8958 let counterparty_forwarding_info = match <u8 as Readable>::read(reader)? {
8960 1 => Some(CounterpartyForwardingInfo {
8961 fee_base_msat: Readable::read(reader)?,
8962 fee_proportional_millionths: Readable::read(reader)?,
8963 cltv_expiry_delta: Readable::read(reader)?,
8965 _ => return Err(DecodeError::InvalidValue),
8968 let mut channel_parameters: ChannelTransactionParameters = Readable::read(reader)?;
8969 let funding_transaction: Option<Transaction> = Readable::read(reader)?;
8971 let counterparty_cur_commitment_point = Readable::read(reader)?;
8973 let counterparty_prev_commitment_point = Readable::read(reader)?;
8974 let counterparty_node_id = Readable::read(reader)?;
8976 let counterparty_shutdown_scriptpubkey = Readable::read(reader)?;
8977 let commitment_secrets = Readable::read(reader)?;
8979 let channel_update_status = Readable::read(reader)?;
8981 #[cfg(any(test, fuzzing))]
8982 let mut historical_inbound_htlc_fulfills = new_hash_set();
8983 #[cfg(any(test, fuzzing))]
8985 let htlc_fulfills_len: u64 = Readable::read(reader)?;
8986 for _ in 0..htlc_fulfills_len {
8987 assert!(historical_inbound_htlc_fulfills.insert(Readable::read(reader)?));
8991 let pending_update_fee = if let Some(feerate) = pending_update_fee_value {
8992 Some((feerate, if channel_parameters.is_outbound_from_holder {
8993 FeeUpdateState::Outbound
8995 FeeUpdateState::AwaitingRemoteRevokeToAnnounce
9001 let mut announcement_sigs = None;
9002 let mut target_closing_feerate_sats_per_kw = None;
9003 let mut monitor_pending_finalized_fulfills = Some(Vec::new());
9004 let mut holder_selected_channel_reserve_satoshis = Some(get_legacy_default_holder_selected_channel_reserve_satoshis(channel_value_satoshis));
9005 let mut holder_max_htlc_value_in_flight_msat = Some(get_holder_max_htlc_value_in_flight_msat(channel_value_satoshis, &UserConfig::default().channel_handshake_config));
9006 // Prior to supporting channel type negotiation, all of our channels were static_remotekey
9007 // only, so we default to that if none was written.
9008 let mut channel_type = Some(ChannelTypeFeatures::only_static_remote_key());
9009 let mut channel_creation_height = Some(serialized_height);
9010 let mut preimages_opt: Option<Vec<Option<PaymentPreimage>>> = None;
9012 // If we read an old Channel, for simplicity we just treat it as "we never sent an
9013 // AnnouncementSignatures" which implies we'll re-send it on reconnect, but that's fine.
9014 let mut announcement_sigs_state = Some(AnnouncementSigsState::NotSent);
9015 let mut latest_inbound_scid_alias = None;
9016 let mut outbound_scid_alias = None;
9017 let mut channel_pending_event_emitted = None;
9018 let mut channel_ready_event_emitted = None;
9020 let mut user_id_high_opt: Option<u64> = None;
9021 let mut channel_keys_id: Option<[u8; 32]> = None;
9022 let mut temporary_channel_id: Option<ChannelId> = None;
9023 let mut holder_max_accepted_htlcs: Option<u16> = None;
9025 let mut blocked_monitor_updates = Some(Vec::new());
9027 let mut pending_outbound_skimmed_fees_opt: Option<Vec<Option<u64>>> = None;
9028 let mut holding_cell_skimmed_fees_opt: Option<Vec<Option<u64>>> = None;
9030 let mut is_batch_funding: Option<()> = None;
9032 let mut local_initiated_shutdown: Option<()> = None;
9034 let mut pending_outbound_blinding_points_opt: Option<Vec<Option<PublicKey>>> = None;
9035 let mut holding_cell_blinding_points_opt: Option<Vec<Option<PublicKey>>> = None;
9037 let mut malformed_htlcs: Option<Vec<(u64, u16, [u8; 32])>> = None;
9038 let mut monitor_pending_update_adds: Option<Vec<msgs::UpdateAddHTLC>> = None;
9040 read_tlv_fields!(reader, {
9041 (0, announcement_sigs, option),
9042 (1, minimum_depth, option),
9043 (2, channel_type, option),
9044 (3, counterparty_selected_channel_reserve_satoshis, option),
9045 (4, holder_selected_channel_reserve_satoshis, option),
9046 (5, config, option), // Note that if none is provided we will *not* overwrite the existing one.
9047 (6, holder_max_htlc_value_in_flight_msat, option),
9048 (7, shutdown_scriptpubkey, option),
9049 (8, blocked_monitor_updates, optional_vec),
9050 (9, target_closing_feerate_sats_per_kw, option),
9051 (10, monitor_pending_update_adds, option), // Added in 0.0.122
9052 (11, monitor_pending_finalized_fulfills, optional_vec),
9053 (13, channel_creation_height, option),
9054 (15, preimages_opt, optional_vec),
9055 (17, announcement_sigs_state, option),
9056 (19, latest_inbound_scid_alias, option),
9057 (21, outbound_scid_alias, option),
9058 (23, channel_ready_event_emitted, option),
9059 (25, user_id_high_opt, option),
9060 (27, channel_keys_id, option),
9061 (28, holder_max_accepted_htlcs, option),
9062 (29, temporary_channel_id, option),
9063 (31, channel_pending_event_emitted, option),
9064 (35, pending_outbound_skimmed_fees_opt, optional_vec),
9065 (37, holding_cell_skimmed_fees_opt, optional_vec),
9066 (38, is_batch_funding, option),
9067 (39, pending_outbound_blinding_points_opt, optional_vec),
9068 (41, holding_cell_blinding_points_opt, optional_vec),
9069 (43, malformed_htlcs, optional_vec), // Added in 0.0.119
9070 // 45 and 47 are reserved for async signing
9071 (49, local_initiated_shutdown, option),
9074 let (channel_keys_id, holder_signer) = if let Some(channel_keys_id) = channel_keys_id {
9075 let mut holder_signer = signer_provider.derive_channel_signer(channel_value_satoshis, channel_keys_id);
9076 // If we've gotten to the funding stage of the channel, populate the signer with its
9077 // required channel parameters.
9078 if channel_state >= ChannelState::FundingNegotiated {
9079 holder_signer.provide_channel_parameters(&channel_parameters);
9081 (channel_keys_id, holder_signer)
9083 // `keys_data` can be `None` if we had corrupted data.
9084 let keys_data = keys_data.ok_or(DecodeError::InvalidValue)?;
9085 let holder_signer = signer_provider.read_chan_signer(&keys_data)?;
9086 (holder_signer.channel_keys_id(), holder_signer)
9089 if let Some(preimages) = preimages_opt {
9090 let mut iter = preimages.into_iter();
9091 for htlc in pending_outbound_htlcs.iter_mut() {
9093 OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(None)) => {
9094 htlc.state = OutboundHTLCState::AwaitingRemoteRevokeToRemove(OutboundHTLCOutcome::Success(iter.next().ok_or(DecodeError::InvalidValue)?));
9096 OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(None)) => {
9097 htlc.state = OutboundHTLCState::AwaitingRemovedRemoteRevoke(OutboundHTLCOutcome::Success(iter.next().ok_or(DecodeError::InvalidValue)?));
9102 // We expect all preimages to be consumed above
9103 if iter.next().is_some() {
9104 return Err(DecodeError::InvalidValue);
9108 let chan_features = channel_type.as_ref().unwrap();
9109 if !chan_features.is_subset(our_supported_features) {
9110 // If the channel was written by a new version and negotiated with features we don't
9111 // understand yet, refuse to read it.
9112 return Err(DecodeError::UnknownRequiredFeature);
9115 // ChannelTransactionParameters may have had an empty features set upon deserialization.
9116 // To account for that, we're proactively setting/overriding the field here.
9117 channel_parameters.channel_type_features = chan_features.clone();
9119 let mut secp_ctx = Secp256k1::new();
9120 secp_ctx.seeded_randomize(&entropy_source.get_secure_random_bytes());
9122 // `user_id` used to be a single u64 value. In order to remain backwards
9123 // compatible with versions prior to 0.0.113, the u128 is serialized as two
9124 // separate u64 values.
9125 let user_id = user_id_low as u128 + ((user_id_high_opt.unwrap_or(0) as u128) << 64);
9127 let holder_max_accepted_htlcs = holder_max_accepted_htlcs.unwrap_or(DEFAULT_MAX_HTLCS);
9129 if let Some(skimmed_fees) = pending_outbound_skimmed_fees_opt {
9130 let mut iter = skimmed_fees.into_iter();
9131 for htlc in pending_outbound_htlcs.iter_mut() {
9132 htlc.skimmed_fee_msat = iter.next().ok_or(DecodeError::InvalidValue)?;
9134 // We expect all skimmed fees to be consumed above
9135 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9137 if let Some(skimmed_fees) = holding_cell_skimmed_fees_opt {
9138 let mut iter = skimmed_fees.into_iter();
9139 for htlc in holding_cell_htlc_updates.iter_mut() {
9140 if let HTLCUpdateAwaitingACK::AddHTLC { ref mut skimmed_fee_msat, .. } = htlc {
9141 *skimmed_fee_msat = iter.next().ok_or(DecodeError::InvalidValue)?;
9144 // We expect all skimmed fees to be consumed above
9145 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9147 if let Some(blinding_pts) = pending_outbound_blinding_points_opt {
9148 let mut iter = blinding_pts.into_iter();
9149 for htlc in pending_outbound_htlcs.iter_mut() {
9150 htlc.blinding_point = iter.next().ok_or(DecodeError::InvalidValue)?;
9152 // We expect all blinding points to be consumed above
9153 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9155 if let Some(blinding_pts) = holding_cell_blinding_points_opt {
9156 let mut iter = blinding_pts.into_iter();
9157 for htlc in holding_cell_htlc_updates.iter_mut() {
9158 if let HTLCUpdateAwaitingACK::AddHTLC { ref mut blinding_point, .. } = htlc {
9159 *blinding_point = iter.next().ok_or(DecodeError::InvalidValue)?;
9162 // We expect all blinding points to be consumed above
9163 if iter.next().is_some() { return Err(DecodeError::InvalidValue) }
9166 if let Some(malformed_htlcs) = malformed_htlcs {
9167 for (malformed_htlc_id, failure_code, sha256_of_onion) in malformed_htlcs {
9168 let htlc_idx = holding_cell_htlc_updates.iter().position(|htlc| {
9169 if let HTLCUpdateAwaitingACK::FailHTLC { htlc_id, err_packet } = htlc {
9170 let matches = *htlc_id == malformed_htlc_id;
9171 if matches { debug_assert!(err_packet.data.is_empty()) }
9174 }).ok_or(DecodeError::InvalidValue)?;
9175 let malformed_htlc = HTLCUpdateAwaitingACK::FailMalformedHTLC {
9176 htlc_id: malformed_htlc_id, failure_code, sha256_of_onion
9178 let _ = core::mem::replace(&mut holding_cell_htlc_updates[htlc_idx], malformed_htlc);
9183 context: ChannelContext {
9186 config: config.unwrap(),
9190 // Note that we don't care about serializing handshake limits as we only ever serialize
9191 // channel data after the handshake has completed.
9192 inbound_handshake_limits_override: None,
9195 temporary_channel_id,
9197 announcement_sigs_state: announcement_sigs_state.unwrap(),
9199 channel_value_satoshis,
9201 latest_monitor_update_id,
9203 holder_signer: ChannelSignerType::Ecdsa(holder_signer),
9204 shutdown_scriptpubkey,
9207 cur_holder_commitment_transaction_number,
9208 cur_counterparty_commitment_transaction_number,
9211 holder_max_accepted_htlcs,
9212 pending_inbound_htlcs,
9213 pending_outbound_htlcs,
9214 holding_cell_htlc_updates,
9218 monitor_pending_channel_ready,
9219 monitor_pending_revoke_and_ack,
9220 monitor_pending_commitment_signed,
9221 monitor_pending_forwards,
9222 monitor_pending_failures,
9223 monitor_pending_finalized_fulfills: monitor_pending_finalized_fulfills.unwrap(),
9224 monitor_pending_update_adds: monitor_pending_update_adds.unwrap_or(Vec::new()),
9226 signer_pending_commitment_update: false,
9227 signer_pending_funding: false,
9230 holding_cell_update_fee,
9231 next_holder_htlc_id,
9232 next_counterparty_htlc_id,
9233 update_time_counter,
9236 #[cfg(debug_assertions)]
9237 holder_max_commitment_tx_output: Mutex::new((0, 0)),
9238 #[cfg(debug_assertions)]
9239 counterparty_max_commitment_tx_output: Mutex::new((0, 0)),
9241 last_sent_closing_fee: None,
9242 pending_counterparty_closing_signed: None,
9243 expecting_peer_commitment_signed: false,
9244 closing_fee_limits: None,
9245 target_closing_feerate_sats_per_kw,
9247 funding_tx_confirmed_in,
9248 funding_tx_confirmation_height,
9250 channel_creation_height: channel_creation_height.unwrap(),
9252 counterparty_dust_limit_satoshis,
9253 holder_dust_limit_satoshis,
9254 counterparty_max_htlc_value_in_flight_msat,
9255 holder_max_htlc_value_in_flight_msat: holder_max_htlc_value_in_flight_msat.unwrap(),
9256 counterparty_selected_channel_reserve_satoshis,
9257 holder_selected_channel_reserve_satoshis: holder_selected_channel_reserve_satoshis.unwrap(),
9258 counterparty_htlc_minimum_msat,
9259 holder_htlc_minimum_msat,
9260 counterparty_max_accepted_htlcs,
9263 counterparty_forwarding_info,
9265 channel_transaction_parameters: channel_parameters,
9266 funding_transaction,
9269 counterparty_cur_commitment_point,
9270 counterparty_prev_commitment_point,
9271 counterparty_node_id,
9273 counterparty_shutdown_scriptpubkey,
9277 channel_update_status,
9278 closing_signed_in_flight: false,
9282 #[cfg(any(test, fuzzing))]
9283 next_local_commitment_tx_fee_info_cached: Mutex::new(None),
9284 #[cfg(any(test, fuzzing))]
9285 next_remote_commitment_tx_fee_info_cached: Mutex::new(None),
9287 workaround_lnd_bug_4006: None,
9288 sent_message_awaiting_response: None,
9290 latest_inbound_scid_alias,
9291 // Later in the ChannelManager deserialization phase we scan for channels and assign scid aliases if its missing
9292 outbound_scid_alias: outbound_scid_alias.unwrap_or(0),
9294 channel_pending_event_emitted: channel_pending_event_emitted.unwrap_or(true),
9295 channel_ready_event_emitted: channel_ready_event_emitted.unwrap_or(true),
9297 #[cfg(any(test, fuzzing))]
9298 historical_inbound_htlc_fulfills,
9300 channel_type: channel_type.unwrap(),
9303 local_initiated_shutdown,
9305 blocked_monitor_updates: blocked_monitor_updates.unwrap(),
9307 #[cfg(dual_funding)]
9308 dual_funding_channel_context: None,
9316 use bitcoin::blockdata::constants::ChainHash;
9317 use bitcoin::blockdata::script::{ScriptBuf, Builder};
9318 use bitcoin::blockdata::transaction::{Transaction, TxOut};
9319 use bitcoin::blockdata::opcodes;
9320 use bitcoin::network::constants::Network;
9321 use crate::ln::onion_utils::INVALID_ONION_BLINDING;
9322 use crate::ln::{PaymentHash, PaymentPreimage};
9323 use crate::ln::channel_keys::{RevocationKey, RevocationBasepoint};
9324 use crate::ln::channelmanager::{self, HTLCSource, PaymentId};
9325 use crate::ln::channel::InitFeatures;
9326 use crate::ln::channel::{AwaitingChannelReadyFlags, Channel, ChannelState, InboundHTLCOutput, OutboundV1Channel, InboundV1Channel, OutboundHTLCOutput, InboundHTLCState, OutboundHTLCState, HTLCCandidate, HTLCInitiator, HTLCUpdateAwaitingACK, commit_tx_fee_msat};
9327 use crate::ln::channel::{MAX_FUNDING_SATOSHIS_NO_WUMBO, TOTAL_BITCOIN_SUPPLY_SATOSHIS, MIN_THEIR_CHAN_RESERVE_SATOSHIS};
9328 use crate::ln::features::{ChannelFeatures, ChannelTypeFeatures, NodeFeatures};
9329 use crate::ln::msgs;
9330 use crate::ln::msgs::{ChannelUpdate, DecodeError, UnsignedChannelUpdate, MAX_VALUE_MSAT};
9331 use crate::ln::script::ShutdownScript;
9332 use crate::ln::chan_utils::{self, htlc_success_tx_weight, htlc_timeout_tx_weight};
9333 use crate::chain::BestBlock;
9334 use crate::chain::chaininterface::{FeeEstimator, LowerBoundedFeeEstimator, ConfirmationTarget};
9335 use crate::sign::{ChannelSigner, InMemorySigner, EntropySource, SignerProvider};
9336 use crate::chain::transaction::OutPoint;
9337 use crate::routing::router::{Path, RouteHop};
9338 use crate::util::config::UserConfig;
9339 use crate::util::errors::APIError;
9340 use crate::util::ser::{ReadableArgs, Writeable};
9341 use crate::util::test_utils;
9342 use crate::util::test_utils::{OnGetShutdownScriptpubkey, TestKeysInterface};
9343 use bitcoin::secp256k1::{Secp256k1, ecdsa::Signature};
9344 use bitcoin::secp256k1::ffi::Signature as FFISignature;
9345 use bitcoin::secp256k1::{SecretKey,PublicKey};
9346 use bitcoin::hashes::sha256::Hash as Sha256;
9347 use bitcoin::hashes::Hash;
9348 use bitcoin::hashes::hex::FromHex;
9349 use bitcoin::hash_types::WPubkeyHash;
9350 use bitcoin::blockdata::locktime::absolute::LockTime;
9351 use bitcoin::address::{WitnessProgram, WitnessVersion};
9352 use crate::prelude::*;
9355 fn test_channel_state_order() {
9356 use crate::ln::channel::NegotiatingFundingFlags;
9357 use crate::ln::channel::AwaitingChannelReadyFlags;
9358 use crate::ln::channel::ChannelReadyFlags;
9360 assert!(ChannelState::NegotiatingFunding(NegotiatingFundingFlags::new()) < ChannelState::FundingNegotiated);
9361 assert!(ChannelState::FundingNegotiated < ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new()));
9362 assert!(ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new()) < ChannelState::ChannelReady(ChannelReadyFlags::new()));
9363 assert!(ChannelState::ChannelReady(ChannelReadyFlags::new()) < ChannelState::ShutdownComplete);
9366 struct TestFeeEstimator {
9369 impl FeeEstimator for TestFeeEstimator {
9370 fn get_est_sat_per_1000_weight(&self, _: ConfirmationTarget) -> u32 {
9376 fn test_max_funding_satoshis_no_wumbo() {
9377 assert_eq!(TOTAL_BITCOIN_SUPPLY_SATOSHIS, 21_000_000 * 100_000_000);
9378 assert!(MAX_FUNDING_SATOSHIS_NO_WUMBO <= TOTAL_BITCOIN_SUPPLY_SATOSHIS,
9379 "MAX_FUNDING_SATOSHIS_NO_WUMBO is greater than all satoshis in existence");
9383 signer: InMemorySigner,
9386 impl EntropySource for Keys {
9387 fn get_secure_random_bytes(&self) -> [u8; 32] { [0; 32] }
9390 impl SignerProvider for Keys {
9391 type EcdsaSigner = InMemorySigner;
9393 type TaprootSigner = InMemorySigner;
9395 fn generate_channel_keys_id(&self, _inbound: bool, _channel_value_satoshis: u64, _user_channel_id: u128) -> [u8; 32] {
9396 self.signer.channel_keys_id()
9399 fn derive_channel_signer(&self, _channel_value_satoshis: u64, _channel_keys_id: [u8; 32]) -> Self::EcdsaSigner {
9403 fn read_chan_signer(&self, _data: &[u8]) -> Result<Self::EcdsaSigner, DecodeError> { panic!(); }
9405 fn get_destination_script(&self, _channel_keys_id: [u8; 32]) -> Result<ScriptBuf, ()> {
9406 let secp_ctx = Secp256k1::signing_only();
9407 let channel_monitor_claim_key = SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap();
9408 let channel_monitor_claim_key_hash = WPubkeyHash::hash(&PublicKey::from_secret_key(&secp_ctx, &channel_monitor_claim_key).serialize());
9409 Ok(Builder::new().push_opcode(opcodes::all::OP_PUSHBYTES_0).push_slice(channel_monitor_claim_key_hash).into_script())
9412 fn get_shutdown_scriptpubkey(&self) -> Result<ShutdownScript, ()> {
9413 let secp_ctx = Secp256k1::signing_only();
9414 let channel_close_key = SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap();
9415 Ok(ShutdownScript::new_p2wpkh_from_pubkey(PublicKey::from_secret_key(&secp_ctx, &channel_close_key)))
9419 #[cfg(all(feature = "_test_vectors", not(feature = "grind_signatures")))]
9420 fn public_from_secret_hex(secp_ctx: &Secp256k1<bitcoin::secp256k1::All>, hex: &str) -> PublicKey {
9421 PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&<Vec<u8>>::from_hex(hex).unwrap()[..]).unwrap())
9425 fn upfront_shutdown_script_incompatibility() {
9426 let features = channelmanager::provided_init_features(&UserConfig::default()).clear_shutdown_anysegwit();
9427 let non_v0_segwit_shutdown_script = ShutdownScript::new_witness_program(
9428 &WitnessProgram::new(WitnessVersion::V16, &[0, 40]).unwrap(),
9431 let seed = [42; 32];
9432 let network = Network::Testnet;
9433 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9434 keys_provider.expect(OnGetShutdownScriptpubkey {
9435 returns: non_v0_segwit_shutdown_script.clone(),
9438 let secp_ctx = Secp256k1::new();
9439 let node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9440 let config = UserConfig::default();
9441 match OutboundV1Channel::<&TestKeysInterface>::new(&LowerBoundedFeeEstimator::new(&TestFeeEstimator { fee_est: 253 }), &&keys_provider, &&keys_provider, node_id, &features, 10000000, 100000, 42, &config, 0, 42, None) {
9442 Err(APIError::IncompatibleShutdownScript { script }) => {
9443 assert_eq!(script.into_inner(), non_v0_segwit_shutdown_script.into_inner());
9445 Err(e) => panic!("Unexpected error: {:?}", e),
9446 Ok(_) => panic!("Expected error"),
9450 // Check that, during channel creation, we use the same feerate in the open channel message
9451 // as we do in the Channel object creation itself.
9453 fn test_open_channel_msg_fee() {
9454 let original_fee = 253;
9455 let mut fee_est = TestFeeEstimator{fee_est: original_fee };
9456 let bounded_fee_estimator = LowerBoundedFeeEstimator::new(&fee_est);
9457 let secp_ctx = Secp256k1::new();
9458 let seed = [42; 32];
9459 let network = Network::Testnet;
9460 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9462 let node_a_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9463 let config = UserConfig::default();
9464 let node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&bounded_fee_estimator, &&keys_provider, &&keys_provider, node_a_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9466 // Now change the fee so we can check that the fee in the open_channel message is the
9467 // same as the old fee.
9468 fee_est.fee_est = 500;
9469 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9470 assert_eq!(open_channel_msg.common_fields.commitment_feerate_sat_per_1000_weight, original_fee);
9474 fn test_holder_vs_counterparty_dust_limit() {
9475 // Test that when calculating the local and remote commitment transaction fees, the correct
9476 // dust limits are used.
9477 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9478 let secp_ctx = Secp256k1::new();
9479 let seed = [42; 32];
9480 let network = Network::Testnet;
9481 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9482 let logger = test_utils::TestLogger::new();
9483 let best_block = BestBlock::from_network(network);
9485 // Go through the flow of opening a channel between two nodes, making sure
9486 // they have different dust limits.
9488 // Create Node A's channel pointing to Node B's pubkey
9489 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9490 let config = UserConfig::default();
9491 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9493 // Create Node B's channel by receiving Node A's open_channel message
9494 // Make sure A's dust limit is as we expect.
9495 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9496 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9497 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9499 // Node B --> Node A: accept channel, explicitly setting B's dust limit.
9500 let mut accept_channel_msg = node_b_chan.accept_inbound_channel();
9501 accept_channel_msg.common_fields.dust_limit_satoshis = 546;
9502 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9503 node_a_chan.context.holder_dust_limit_satoshis = 1560;
9505 // Node A --> Node B: funding created
9506 let output_script = node_a_chan.context.get_funding_redeemscript();
9507 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9508 value: 10000000, script_pubkey: output_script.clone(),
9510 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9511 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9512 let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9514 // Node B --> Node A: funding signed
9515 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9516 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9518 // Put some inbound and outbound HTLCs in A's channel.
9519 let htlc_amount_msat = 11_092_000; // put an amount below A's effective dust limit but above B's.
9520 node_a_chan.context.pending_inbound_htlcs.push(InboundHTLCOutput {
9522 amount_msat: htlc_amount_msat,
9523 payment_hash: PaymentHash(Sha256::hash(&[42; 32]).to_byte_array()),
9524 cltv_expiry: 300000000,
9525 state: InboundHTLCState::Committed,
9528 node_a_chan.context.pending_outbound_htlcs.push(OutboundHTLCOutput {
9530 amount_msat: htlc_amount_msat, // put an amount below A's dust amount but above B's.
9531 payment_hash: PaymentHash(Sha256::hash(&[43; 32]).to_byte_array()),
9532 cltv_expiry: 200000000,
9533 state: OutboundHTLCState::Committed,
9534 source: HTLCSource::OutboundRoute {
9535 path: Path { hops: Vec::new(), blinded_tail: None },
9536 session_priv: SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(),
9537 first_hop_htlc_msat: 548,
9538 payment_id: PaymentId([42; 32]),
9540 skimmed_fee_msat: None,
9541 blinding_point: None,
9544 // Make sure when Node A calculates their local commitment transaction, none of the HTLCs pass
9545 // the dust limit check.
9546 let htlc_candidate = HTLCCandidate::new(htlc_amount_msat, HTLCInitiator::LocalOffered);
9547 let local_commit_tx_fee = node_a_chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9548 let local_commit_fee_0_htlcs = commit_tx_fee_msat(node_a_chan.context.feerate_per_kw, 0, node_a_chan.context.get_channel_type());
9549 assert_eq!(local_commit_tx_fee, local_commit_fee_0_htlcs);
9551 // Finally, make sure that when Node A calculates the remote's commitment transaction fees, all
9552 // of the HTLCs are seen to be above the dust limit.
9553 node_a_chan.context.channel_transaction_parameters.is_outbound_from_holder = false;
9554 let remote_commit_fee_3_htlcs = commit_tx_fee_msat(node_a_chan.context.feerate_per_kw, 3, node_a_chan.context.get_channel_type());
9555 let htlc_candidate = HTLCCandidate::new(htlc_amount_msat, HTLCInitiator::LocalOffered);
9556 let remote_commit_tx_fee = node_a_chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9557 assert_eq!(remote_commit_tx_fee, remote_commit_fee_3_htlcs);
9561 fn test_timeout_vs_success_htlc_dust_limit() {
9562 // Make sure that when `next_remote_commit_tx_fee_msat` and `next_local_commit_tx_fee_msat`
9563 // calculate the real dust limits for HTLCs (i.e. the dust limit given by the counterparty
9564 // *plus* the fees paid for the HTLC) they don't swap `HTLC_SUCCESS_TX_WEIGHT` for
9565 // `HTLC_TIMEOUT_TX_WEIGHT`, and vice versa.
9566 let fee_est = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 253 });
9567 let secp_ctx = Secp256k1::new();
9568 let seed = [42; 32];
9569 let network = Network::Testnet;
9570 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9572 let node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9573 let config = UserConfig::default();
9574 let mut chan = OutboundV1Channel::<&TestKeysInterface>::new(&fee_est, &&keys_provider, &&keys_provider, node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9576 let commitment_tx_fee_0_htlcs = commit_tx_fee_msat(chan.context.feerate_per_kw, 0, chan.context.get_channel_type());
9577 let commitment_tx_fee_1_htlc = commit_tx_fee_msat(chan.context.feerate_per_kw, 1, chan.context.get_channel_type());
9579 // If HTLC_SUCCESS_TX_WEIGHT and HTLC_TIMEOUT_TX_WEIGHT were swapped: then this HTLC would be
9580 // counted as dust when it shouldn't be.
9581 let htlc_amt_above_timeout = ((253 * htlc_timeout_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.holder_dust_limit_satoshis + 1) * 1000;
9582 let htlc_candidate = HTLCCandidate::new(htlc_amt_above_timeout, HTLCInitiator::LocalOffered);
9583 let commitment_tx_fee = chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9584 assert_eq!(commitment_tx_fee, commitment_tx_fee_1_htlc);
9586 // If swapped: this HTLC would be counted as non-dust when it shouldn't be.
9587 let dust_htlc_amt_below_success = ((253 * htlc_success_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.holder_dust_limit_satoshis - 1) * 1000;
9588 let htlc_candidate = HTLCCandidate::new(dust_htlc_amt_below_success, HTLCInitiator::RemoteOffered);
9589 let commitment_tx_fee = chan.context.next_local_commit_tx_fee_msat(htlc_candidate, None);
9590 assert_eq!(commitment_tx_fee, commitment_tx_fee_0_htlcs);
9592 chan.context.channel_transaction_parameters.is_outbound_from_holder = false;
9594 // If swapped: this HTLC would be counted as non-dust when it shouldn't be.
9595 let dust_htlc_amt_above_timeout = ((253 * htlc_timeout_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.counterparty_dust_limit_satoshis + 1) * 1000;
9596 let htlc_candidate = HTLCCandidate::new(dust_htlc_amt_above_timeout, HTLCInitiator::LocalOffered);
9597 let commitment_tx_fee = chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9598 assert_eq!(commitment_tx_fee, commitment_tx_fee_0_htlcs);
9600 // If swapped: this HTLC would be counted as dust when it shouldn't be.
9601 let htlc_amt_below_success = ((253 * htlc_success_tx_weight(chan.context.get_channel_type()) / 1000) + chan.context.counterparty_dust_limit_satoshis - 1) * 1000;
9602 let htlc_candidate = HTLCCandidate::new(htlc_amt_below_success, HTLCInitiator::RemoteOffered);
9603 let commitment_tx_fee = chan.context.next_remote_commit_tx_fee_msat(htlc_candidate, None);
9604 assert_eq!(commitment_tx_fee, commitment_tx_fee_1_htlc);
9608 fn channel_reestablish_no_updates() {
9609 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9610 let logger = test_utils::TestLogger::new();
9611 let secp_ctx = Secp256k1::new();
9612 let seed = [42; 32];
9613 let network = Network::Testnet;
9614 let best_block = BestBlock::from_network(network);
9615 let chain_hash = ChainHash::using_genesis_block(network);
9616 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9618 // Go through the flow of opening a channel between two nodes.
9620 // Create Node A's channel pointing to Node B's pubkey
9621 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9622 let config = UserConfig::default();
9623 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9625 // Create Node B's channel by receiving Node A's open_channel message
9626 let open_channel_msg = node_a_chan.get_open_channel(chain_hash);
9627 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9628 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9630 // Node B --> Node A: accept channel
9631 let accept_channel_msg = node_b_chan.accept_inbound_channel();
9632 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9634 // Node A --> Node B: funding created
9635 let output_script = node_a_chan.context.get_funding_redeemscript();
9636 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9637 value: 10000000, script_pubkey: output_script.clone(),
9639 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9640 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9641 let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9643 // Node B --> Node A: funding signed
9644 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9645 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9647 // Now disconnect the two nodes and check that the commitment point in
9648 // Node B's channel_reestablish message is sane.
9649 assert!(node_b_chan.remove_uncommitted_htlcs_and_mark_paused(&&logger).is_ok());
9650 let msg = node_b_chan.get_channel_reestablish(&&logger);
9651 assert_eq!(msg.next_local_commitment_number, 1); // now called next_commitment_number
9652 assert_eq!(msg.next_remote_commitment_number, 0); // now called next_revocation_number
9653 assert_eq!(msg.your_last_per_commitment_secret, [0; 32]);
9655 // Check that the commitment point in Node A's channel_reestablish message
9657 assert!(node_a_chan.remove_uncommitted_htlcs_and_mark_paused(&&logger).is_ok());
9658 let msg = node_a_chan.get_channel_reestablish(&&logger);
9659 assert_eq!(msg.next_local_commitment_number, 1); // now called next_commitment_number
9660 assert_eq!(msg.next_remote_commitment_number, 0); // now called next_revocation_number
9661 assert_eq!(msg.your_last_per_commitment_secret, [0; 32]);
9665 fn test_configured_holder_max_htlc_value_in_flight() {
9666 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9667 let logger = test_utils::TestLogger::new();
9668 let secp_ctx = Secp256k1::new();
9669 let seed = [42; 32];
9670 let network = Network::Testnet;
9671 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9672 let outbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9673 let inbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9675 let mut config_2_percent = UserConfig::default();
9676 config_2_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 2;
9677 let mut config_99_percent = UserConfig::default();
9678 config_99_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 99;
9679 let mut config_0_percent = UserConfig::default();
9680 config_0_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 0;
9681 let mut config_101_percent = UserConfig::default();
9682 config_101_percent.channel_handshake_config.max_inbound_htlc_value_in_flight_percent_of_channel = 101;
9684 // Test that `OutboundV1Channel::new` creates a channel with the correct value for
9685 // `holder_max_htlc_value_in_flight_msat`, when configured with a valid percentage value,
9686 // which is set to the lower bound + 1 (2%) of the `channel_value`.
9687 let chan_1 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_2_percent), 10000000, 100000, 42, &config_2_percent, 0, 42, None).unwrap();
9688 let chan_1_value_msat = chan_1.context.channel_value_satoshis * 1000;
9689 assert_eq!(chan_1.context.holder_max_htlc_value_in_flight_msat, (chan_1_value_msat as f64 * 0.02) as u64);
9691 // Test with the upper bound - 1 of valid values (99%).
9692 let chan_2 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_99_percent), 10000000, 100000, 42, &config_99_percent, 0, 42, None).unwrap();
9693 let chan_2_value_msat = chan_2.context.channel_value_satoshis * 1000;
9694 assert_eq!(chan_2.context.holder_max_htlc_value_in_flight_msat, (chan_2_value_msat as f64 * 0.99) as u64);
9696 let chan_1_open_channel_msg = chan_1.get_open_channel(ChainHash::using_genesis_block(network));
9698 // Test that `InboundV1Channel::new` creates a channel with the correct value for
9699 // `holder_max_htlc_value_in_flight_msat`, when configured with a valid percentage value,
9700 // which is set to the lower bound - 1 (2%) of the `channel_value`.
9701 let chan_3 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_2_percent), &channelmanager::provided_init_features(&config_2_percent), &chan_1_open_channel_msg, 7, &config_2_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9702 let chan_3_value_msat = chan_3.context.channel_value_satoshis * 1000;
9703 assert_eq!(chan_3.context.holder_max_htlc_value_in_flight_msat, (chan_3_value_msat as f64 * 0.02) as u64);
9705 // Test with the upper bound - 1 of valid values (99%).
9706 let chan_4 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_99_percent), &channelmanager::provided_init_features(&config_99_percent), &chan_1_open_channel_msg, 7, &config_99_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9707 let chan_4_value_msat = chan_4.context.channel_value_satoshis * 1000;
9708 assert_eq!(chan_4.context.holder_max_htlc_value_in_flight_msat, (chan_4_value_msat as f64 * 0.99) as u64);
9710 // Test that `OutboundV1Channel::new` uses the lower bound of the configurable percentage values (1%)
9711 // if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a value less than 1.
9712 let chan_5 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_0_percent), 10000000, 100000, 42, &config_0_percent, 0, 42, None).unwrap();
9713 let chan_5_value_msat = chan_5.context.channel_value_satoshis * 1000;
9714 assert_eq!(chan_5.context.holder_max_htlc_value_in_flight_msat, (chan_5_value_msat as f64 * 0.01) as u64);
9716 // Test that `OutboundV1Channel::new` uses the upper bound of the configurable percentage values
9717 // (100%) if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a larger value
9719 let chan_6 = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&config_101_percent), 10000000, 100000, 42, &config_101_percent, 0, 42, None).unwrap();
9720 let chan_6_value_msat = chan_6.context.channel_value_satoshis * 1000;
9721 assert_eq!(chan_6.context.holder_max_htlc_value_in_flight_msat, chan_6_value_msat);
9723 // Test that `InboundV1Channel::new` uses the lower bound of the configurable percentage values (1%)
9724 // if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a value less than 1.
9725 let chan_7 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_0_percent), &channelmanager::provided_init_features(&config_0_percent), &chan_1_open_channel_msg, 7, &config_0_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9726 let chan_7_value_msat = chan_7.context.channel_value_satoshis * 1000;
9727 assert_eq!(chan_7.context.holder_max_htlc_value_in_flight_msat, (chan_7_value_msat as f64 * 0.01) as u64);
9729 // Test that `InboundV1Channel::new` uses the upper bound of the configurable percentage values
9730 // (100%) if `max_inbound_htlc_value_in_flight_percent_of_channel` is set to a larger value
9732 let chan_8 = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&config_101_percent), &channelmanager::provided_init_features(&config_101_percent), &chan_1_open_channel_msg, 7, &config_101_percent, 0, &&logger, /*is_0conf=*/false).unwrap();
9733 let chan_8_value_msat = chan_8.context.channel_value_satoshis * 1000;
9734 assert_eq!(chan_8.context.holder_max_htlc_value_in_flight_msat, chan_8_value_msat);
9738 fn test_configured_holder_selected_channel_reserve_satoshis() {
9740 // Test that `OutboundV1Channel::new` and `InboundV1Channel::new` create a channel with the correct
9741 // channel reserves, when `their_channel_reserve_proportional_millionths` is configured.
9742 test_self_and_counterparty_channel_reserve(10_000_000, 0.02, 0.02);
9744 // Test with valid but unreasonably high channel reserves
9745 // Requesting and accepting parties have requested for 49%-49% and 60%-30% channel reserve
9746 test_self_and_counterparty_channel_reserve(10_000_000, 0.49, 0.49);
9747 test_self_and_counterparty_channel_reserve(10_000_000, 0.60, 0.30);
9749 // Test with calculated channel reserve less than lower bound
9750 // i.e `MIN_THEIR_CHAN_RESERVE_SATOSHIS`
9751 test_self_and_counterparty_channel_reserve(100_000, 0.00002, 0.30);
9753 // Test with invalid channel reserves since sum of both is greater than or equal
9755 test_self_and_counterparty_channel_reserve(10_000_000, 0.50, 0.50);
9756 test_self_and_counterparty_channel_reserve(10_000_000, 0.60, 0.50);
9759 fn test_self_and_counterparty_channel_reserve(channel_value_satoshis: u64, outbound_selected_channel_reserve_perc: f64, inbound_selected_channel_reserve_perc: f64) {
9760 let fee_est = LowerBoundedFeeEstimator::new(&TestFeeEstimator { fee_est: 15_000 });
9761 let logger = test_utils::TestLogger::new();
9762 let secp_ctx = Secp256k1::new();
9763 let seed = [42; 32];
9764 let network = Network::Testnet;
9765 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9766 let outbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9767 let inbound_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9770 let mut outbound_node_config = UserConfig::default();
9771 outbound_node_config.channel_handshake_config.their_channel_reserve_proportional_millionths = (outbound_selected_channel_reserve_perc * 1_000_000.0) as u32;
9772 let chan = OutboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, outbound_node_id, &channelmanager::provided_init_features(&outbound_node_config), channel_value_satoshis, 100_000, 42, &outbound_node_config, 0, 42, None).unwrap();
9774 let expected_outbound_selected_chan_reserve = cmp::max(MIN_THEIR_CHAN_RESERVE_SATOSHIS, (chan.context.channel_value_satoshis as f64 * outbound_selected_channel_reserve_perc) as u64);
9775 assert_eq!(chan.context.holder_selected_channel_reserve_satoshis, expected_outbound_selected_chan_reserve);
9777 let chan_open_channel_msg = chan.get_open_channel(ChainHash::using_genesis_block(network));
9778 let mut inbound_node_config = UserConfig::default();
9779 inbound_node_config.channel_handshake_config.their_channel_reserve_proportional_millionths = (inbound_selected_channel_reserve_perc * 1_000_000.0) as u32;
9781 if outbound_selected_channel_reserve_perc + inbound_selected_channel_reserve_perc < 1.0 {
9782 let chan_inbound_node = InboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&inbound_node_config), &channelmanager::provided_init_features(&outbound_node_config), &chan_open_channel_msg, 7, &inbound_node_config, 0, &&logger, /*is_0conf=*/false).unwrap();
9784 let expected_inbound_selected_chan_reserve = cmp::max(MIN_THEIR_CHAN_RESERVE_SATOSHIS, (chan.context.channel_value_satoshis as f64 * inbound_selected_channel_reserve_perc) as u64);
9786 assert_eq!(chan_inbound_node.context.holder_selected_channel_reserve_satoshis, expected_inbound_selected_chan_reserve);
9787 assert_eq!(chan_inbound_node.context.counterparty_selected_channel_reserve_satoshis.unwrap(), expected_outbound_selected_chan_reserve);
9789 // Channel Negotiations failed
9790 let result = InboundV1Channel::<&TestKeysInterface>::new(&&fee_est, &&keys_provider, &&keys_provider, inbound_node_id, &channelmanager::provided_channel_type_features(&inbound_node_config), &channelmanager::provided_init_features(&outbound_node_config), &chan_open_channel_msg, 7, &inbound_node_config, 0, &&logger, /*is_0conf=*/false);
9791 assert!(result.is_err());
9796 fn channel_update() {
9797 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9798 let logger = test_utils::TestLogger::new();
9799 let secp_ctx = Secp256k1::new();
9800 let seed = [42; 32];
9801 let network = Network::Testnet;
9802 let best_block = BestBlock::from_network(network);
9803 let chain_hash = ChainHash::using_genesis_block(network);
9804 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9806 // Create Node A's channel pointing to Node B's pubkey
9807 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9808 let config = UserConfig::default();
9809 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
9811 // Create Node B's channel by receiving Node A's open_channel message
9812 // Make sure A's dust limit is as we expect.
9813 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
9814 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
9815 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false).unwrap();
9817 // Node B --> Node A: accept channel, explicitly setting B's dust limit.
9818 let mut accept_channel_msg = node_b_chan.accept_inbound_channel();
9819 accept_channel_msg.common_fields.dust_limit_satoshis = 546;
9820 node_a_chan.accept_channel(&accept_channel_msg, &config.channel_handshake_limits, &channelmanager::provided_init_features(&config)).unwrap();
9821 node_a_chan.context.holder_dust_limit_satoshis = 1560;
9823 // Node A --> Node B: funding created
9824 let output_script = node_a_chan.context.get_funding_redeemscript();
9825 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9826 value: 10000000, script_pubkey: output_script.clone(),
9828 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9829 let funding_created_msg = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap();
9830 let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap();
9832 // Node B --> Node A: funding signed
9833 let res = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger);
9834 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
9836 // Make sure that receiving a channel update will update the Channel as expected.
9837 let update = ChannelUpdate {
9838 contents: UnsignedChannelUpdate {
9840 short_channel_id: 0,
9843 cltv_expiry_delta: 100,
9844 htlc_minimum_msat: 5,
9845 htlc_maximum_msat: MAX_VALUE_MSAT,
9847 fee_proportional_millionths: 11,
9848 excess_data: Vec::new(),
9850 signature: Signature::from(unsafe { FFISignature::new() })
9852 assert!(node_a_chan.channel_update(&update).unwrap());
9854 // The counterparty can send an update with a higher minimum HTLC, but that shouldn't
9855 // change our official htlc_minimum_msat.
9856 assert_eq!(node_a_chan.context.holder_htlc_minimum_msat, 1);
9857 match node_a_chan.context.counterparty_forwarding_info() {
9859 assert_eq!(info.cltv_expiry_delta, 100);
9860 assert_eq!(info.fee_base_msat, 110);
9861 assert_eq!(info.fee_proportional_millionths, 11);
9863 None => panic!("expected counterparty forwarding info to be Some")
9866 assert!(!node_a_chan.channel_update(&update).unwrap());
9870 fn blinding_point_skimmed_fee_malformed_ser() {
9871 // Ensure that channel blinding points, skimmed fees, and malformed HTLCs are (de)serialized
9873 let logger = test_utils::TestLogger::new();
9874 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
9875 let secp_ctx = Secp256k1::new();
9876 let seed = [42; 32];
9877 let network = Network::Testnet;
9878 let best_block = BestBlock::from_network(network);
9879 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
9881 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
9882 let config = UserConfig::default();
9883 let features = channelmanager::provided_init_features(&config);
9884 let mut outbound_chan = OutboundV1Channel::<&TestKeysInterface>::new(
9885 &feeest, &&keys_provider, &&keys_provider, node_b_node_id, &features, 10000000, 100000, 42, &config, 0, 42, None
9887 let inbound_chan = InboundV1Channel::<&TestKeysInterface>::new(
9888 &feeest, &&keys_provider, &&keys_provider, node_b_node_id, &channelmanager::provided_channel_type_features(&config),
9889 &features, &outbound_chan.get_open_channel(ChainHash::using_genesis_block(network)), 7, &config, 0, &&logger, false
9891 outbound_chan.accept_channel(&inbound_chan.get_accept_channel_message(), &config.channel_handshake_limits, &features).unwrap();
9892 let tx = Transaction { version: 1, lock_time: LockTime::ZERO, input: Vec::new(), output: vec![TxOut {
9893 value: 10000000, script_pubkey: outbound_chan.context.get_funding_redeemscript(),
9895 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
9896 let funding_created = outbound_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap().unwrap();
9897 let mut chan = match inbound_chan.funding_created(&funding_created, best_block, &&keys_provider, &&logger) {
9898 Ok((chan, _, _)) => chan,
9899 Err((_, e)) => panic!("{}", e),
9902 let dummy_htlc_source = HTLCSource::OutboundRoute {
9904 hops: vec![RouteHop {
9905 pubkey: test_utils::pubkey(2), channel_features: ChannelFeatures::empty(),
9906 node_features: NodeFeatures::empty(), short_channel_id: 0, fee_msat: 0,
9907 cltv_expiry_delta: 0, maybe_announced_channel: false,
9911 session_priv: test_utils::privkey(42),
9912 first_hop_htlc_msat: 0,
9913 payment_id: PaymentId([42; 32]),
9915 let dummy_outbound_output = OutboundHTLCOutput {
9918 payment_hash: PaymentHash([43; 32]),
9920 state: OutboundHTLCState::Committed,
9921 source: dummy_htlc_source.clone(),
9922 skimmed_fee_msat: None,
9923 blinding_point: None,
9925 let mut pending_outbound_htlcs = vec![dummy_outbound_output.clone(); 10];
9926 for (idx, htlc) in pending_outbound_htlcs.iter_mut().enumerate() {
9928 htlc.blinding_point = Some(test_utils::pubkey(42 + idx as u8));
9931 htlc.skimmed_fee_msat = Some(1);
9934 chan.context.pending_outbound_htlcs = pending_outbound_htlcs.clone();
9936 let dummy_holding_cell_add_htlc = HTLCUpdateAwaitingACK::AddHTLC {
9939 payment_hash: PaymentHash([43; 32]),
9940 source: dummy_htlc_source.clone(),
9941 onion_routing_packet: msgs::OnionPacket {
9943 public_key: Ok(test_utils::pubkey(1)),
9944 hop_data: [0; 20*65],
9947 skimmed_fee_msat: None,
9948 blinding_point: None,
9950 let dummy_holding_cell_claim_htlc = HTLCUpdateAwaitingACK::ClaimHTLC {
9951 payment_preimage: PaymentPreimage([42; 32]),
9954 let dummy_holding_cell_failed_htlc = |htlc_id| HTLCUpdateAwaitingACK::FailHTLC {
9955 htlc_id, err_packet: msgs::OnionErrorPacket { data: vec![42] }
9957 let dummy_holding_cell_malformed_htlc = |htlc_id| HTLCUpdateAwaitingACK::FailMalformedHTLC {
9958 htlc_id, failure_code: INVALID_ONION_BLINDING, sha256_of_onion: [0; 32],
9960 let mut holding_cell_htlc_updates = Vec::with_capacity(12);
9963 holding_cell_htlc_updates.push(dummy_holding_cell_add_htlc.clone());
9964 } else if i % 5 == 1 {
9965 holding_cell_htlc_updates.push(dummy_holding_cell_claim_htlc.clone());
9966 } else if i % 5 == 2 {
9967 let mut dummy_add = dummy_holding_cell_add_htlc.clone();
9968 if let HTLCUpdateAwaitingACK::AddHTLC {
9969 ref mut blinding_point, ref mut skimmed_fee_msat, ..
9970 } = &mut dummy_add {
9971 *blinding_point = Some(test_utils::pubkey(42 + i));
9972 *skimmed_fee_msat = Some(42);
9974 holding_cell_htlc_updates.push(dummy_add);
9975 } else if i % 5 == 3 {
9976 holding_cell_htlc_updates.push(dummy_holding_cell_malformed_htlc(i as u64));
9978 holding_cell_htlc_updates.push(dummy_holding_cell_failed_htlc(i as u64));
9981 chan.context.holding_cell_htlc_updates = holding_cell_htlc_updates.clone();
9983 // Encode and decode the channel and ensure that the HTLCs within are the same.
9984 let encoded_chan = chan.encode();
9985 let mut s = crate::io::Cursor::new(&encoded_chan);
9986 let mut reader = crate::util::ser::FixedLengthReader::new(&mut s, encoded_chan.len() as u64);
9987 let features = channelmanager::provided_channel_type_features(&config);
9988 let decoded_chan = Channel::read(&mut reader, (&&keys_provider, &&keys_provider, 0, &features)).unwrap();
9989 assert_eq!(decoded_chan.context.pending_outbound_htlcs, pending_outbound_htlcs);
9990 assert_eq!(decoded_chan.context.holding_cell_htlc_updates, holding_cell_htlc_updates);
9993 #[cfg(all(feature = "_test_vectors", not(feature = "grind_signatures")))]
9995 fn outbound_commitment_test() {
9996 use bitcoin::sighash;
9997 use bitcoin::consensus::encode::serialize;
9998 use bitcoin::sighash::EcdsaSighashType;
9999 use bitcoin::hashes::hex::FromHex;
10000 use bitcoin::hash_types::Txid;
10001 use bitcoin::secp256k1::Message;
10002 use crate::sign::{ChannelDerivationParameters, HTLCDescriptor, ecdsa::EcdsaChannelSigner};
10003 use crate::ln::PaymentPreimage;
10004 use crate::ln::channel::{HTLCOutputInCommitment ,TxCreationKeys};
10005 use crate::ln::channel_keys::{DelayedPaymentBasepoint, HtlcBasepoint};
10006 use crate::ln::chan_utils::{ChannelPublicKeys, HolderCommitmentTransaction, CounterpartyChannelTransactionParameters};
10007 use crate::util::logger::Logger;
10008 use crate::sync::Arc;
10009 use core::str::FromStr;
10010 use hex::DisplayHex;
10012 // Test vectors from BOLT 3 Appendices C and F (anchors):
10013 let feeest = TestFeeEstimator{fee_est: 15000};
10014 let logger : Arc<dyn Logger> = Arc::new(test_utils::TestLogger::new());
10015 let secp_ctx = Secp256k1::new();
10017 let mut signer = InMemorySigner::new(
10019 SecretKey::from_slice(&<Vec<u8>>::from_hex("30ff4956bbdd3222d44cc5e8a1261dab1e07957bdac5ae88fe3261ef321f3749").unwrap()[..]).unwrap(),
10020 SecretKey::from_slice(&<Vec<u8>>::from_hex("0fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff").unwrap()[..]).unwrap(),
10021 SecretKey::from_slice(&<Vec<u8>>::from_hex("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(),
10022 SecretKey::from_slice(&<Vec<u8>>::from_hex("3333333333333333333333333333333333333333333333333333333333333333").unwrap()[..]).unwrap(),
10023 SecretKey::from_slice(&<Vec<u8>>::from_hex("1111111111111111111111111111111111111111111111111111111111111111").unwrap()[..]).unwrap(),
10025 // These aren't set in the test vectors:
10026 [0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff],
10032 assert_eq!(signer.pubkeys().funding_pubkey.serialize()[..],
10033 <Vec<u8>>::from_hex("023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb").unwrap()[..]);
10034 let keys_provider = Keys { signer: signer.clone() };
10036 let counterparty_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10037 let mut config = UserConfig::default();
10038 config.channel_handshake_config.announced_channel = false;
10039 let mut chan = OutboundV1Channel::<&Keys>::new(&LowerBoundedFeeEstimator::new(&feeest), &&keys_provider, &&keys_provider, counterparty_node_id, &channelmanager::provided_init_features(&config), 10_000_000, 0, 42, &config, 0, 42, None).unwrap(); // Nothing uses their network key in this test
10040 chan.context.holder_dust_limit_satoshis = 546;
10041 chan.context.counterparty_selected_channel_reserve_satoshis = Some(0); // Filled in in accept_channel
10043 let funding_info = OutPoint{ txid: Txid::from_str("8984484a580b825b9972d7adb15050b3ab624ccd731946b3eeddb92f4e7ef6be").unwrap(), index: 0 };
10045 let counterparty_pubkeys = ChannelPublicKeys {
10046 funding_pubkey: public_from_secret_hex(&secp_ctx, "1552dfba4f6cf29a62a0af13c8d6981d36d0ef8d61ba10fb0fe90da7634d7e13"),
10047 revocation_basepoint: RevocationBasepoint::from(PublicKey::from_slice(&<Vec<u8>>::from_hex("02466d7fcae563e5cb09a0d1870bb580344804617879a14949cf22285f1bae3f27").unwrap()[..]).unwrap()),
10048 payment_point: public_from_secret_hex(&secp_ctx, "4444444444444444444444444444444444444444444444444444444444444444"),
10049 delayed_payment_basepoint: DelayedPaymentBasepoint::from(public_from_secret_hex(&secp_ctx, "1552dfba4f6cf29a62a0af13c8d6981d36d0ef8d61ba10fb0fe90da7634d7e13")),
10050 htlc_basepoint: HtlcBasepoint::from(public_from_secret_hex(&secp_ctx, "4444444444444444444444444444444444444444444444444444444444444444"))
10052 chan.context.channel_transaction_parameters.counterparty_parameters = Some(
10053 CounterpartyChannelTransactionParameters {
10054 pubkeys: counterparty_pubkeys.clone(),
10055 selected_contest_delay: 144
10057 chan.context.channel_transaction_parameters.funding_outpoint = Some(funding_info);
10058 signer.provide_channel_parameters(&chan.context.channel_transaction_parameters);
10060 assert_eq!(counterparty_pubkeys.payment_point.serialize()[..],
10061 <Vec<u8>>::from_hex("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]);
10063 assert_eq!(counterparty_pubkeys.funding_pubkey.serialize()[..],
10064 <Vec<u8>>::from_hex("030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c1").unwrap()[..]);
10066 assert_eq!(counterparty_pubkeys.htlc_basepoint.to_public_key().serialize()[..],
10067 <Vec<u8>>::from_hex("032c0b7cf95324a07d05398b240174dc0c2be444d96b159aa6c7f7b1e668680991").unwrap()[..]);
10069 // We can't just use build_holder_transaction_keys here as the per_commitment_secret is not
10070 // derived from a commitment_seed, so instead we copy it here and call
10071 // build_commitment_transaction.
10072 let delayed_payment_base = &chan.context.holder_signer.as_ref().pubkeys().delayed_payment_basepoint;
10073 let per_commitment_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100").unwrap()[..]).unwrap();
10074 let per_commitment_point = PublicKey::from_secret_key(&secp_ctx, &per_commitment_secret);
10075 let htlc_basepoint = &chan.context.holder_signer.as_ref().pubkeys().htlc_basepoint;
10076 let keys = TxCreationKeys::derive_new(&secp_ctx, &per_commitment_point, delayed_payment_base, htlc_basepoint, &counterparty_pubkeys.revocation_basepoint, &counterparty_pubkeys.htlc_basepoint);
10078 macro_rules! test_commitment {
10079 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $($remain:tt)* ) => {
10080 chan.context.channel_transaction_parameters.channel_type_features = ChannelTypeFeatures::only_static_remote_key();
10081 test_commitment_common!($counterparty_sig_hex, $sig_hex, $tx_hex, &ChannelTypeFeatures::only_static_remote_key(), $($remain)*);
10085 macro_rules! test_commitment_with_anchors {
10086 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $($remain:tt)* ) => {
10087 chan.context.channel_transaction_parameters.channel_type_features = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10088 test_commitment_common!($counterparty_sig_hex, $sig_hex, $tx_hex, &ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies(), $($remain)*);
10092 macro_rules! test_commitment_common {
10093 ( $counterparty_sig_hex: expr, $sig_hex: expr, $tx_hex: expr, $opt_anchors: expr, {
10094 $( { $htlc_idx: expr, $counterparty_htlc_sig_hex: expr, $htlc_sig_hex: expr, $htlc_tx_hex: expr } ), *
10096 let (commitment_tx, htlcs): (_, Vec<HTLCOutputInCommitment>) = {
10097 let mut commitment_stats = chan.context.build_commitment_transaction(0xffffffffffff - 42, &keys, true, false, &logger);
10099 let htlcs = commitment_stats.htlcs_included.drain(..)
10100 .filter_map(|(htlc, _)| if htlc.transaction_output_index.is_some() { Some(htlc) } else { None })
10102 (commitment_stats.tx, htlcs)
10104 let trusted_tx = commitment_tx.trust();
10105 let unsigned_tx = trusted_tx.built_transaction();
10106 let redeemscript = chan.context.get_funding_redeemscript();
10107 let counterparty_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_sig_hex).unwrap()[..]).unwrap();
10108 let sighash = unsigned_tx.get_sighash_all(&redeemscript, chan.context.channel_value_satoshis);
10109 log_trace!(logger, "unsigned_tx = {}", serialize(&unsigned_tx.transaction).as_hex());
10110 assert!(secp_ctx.verify_ecdsa(&sighash, &counterparty_signature, chan.context.counterparty_funding_pubkey()).is_ok(), "verify counterparty commitment sig");
10112 let mut per_htlc: Vec<(HTLCOutputInCommitment, Option<Signature>)> = Vec::new();
10113 per_htlc.clear(); // Don't warn about excess mut for no-HTLC calls
10114 let mut counterparty_htlc_sigs = Vec::new();
10115 counterparty_htlc_sigs.clear(); // Don't warn about excess mut for no-HTLC calls
10117 let remote_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_htlc_sig_hex).unwrap()[..]).unwrap();
10118 per_htlc.push((htlcs[$htlc_idx].clone(), Some(remote_signature)));
10119 counterparty_htlc_sigs.push(remote_signature);
10121 assert_eq!(htlcs.len(), per_htlc.len());
10123 let holder_commitment_tx = HolderCommitmentTransaction::new(
10124 commitment_tx.clone(),
10125 counterparty_signature,
10126 counterparty_htlc_sigs,
10127 &chan.context.holder_signer.as_ref().pubkeys().funding_pubkey,
10128 chan.context.counterparty_funding_pubkey()
10130 let holder_sig = signer.sign_holder_commitment(&holder_commitment_tx, &secp_ctx).unwrap();
10131 assert_eq!(Signature::from_der(&<Vec<u8>>::from_hex($sig_hex).unwrap()[..]).unwrap(), holder_sig, "holder_sig");
10133 let funding_redeemscript = chan.context.get_funding_redeemscript();
10134 let tx = holder_commitment_tx.add_holder_sig(&funding_redeemscript, holder_sig);
10135 assert_eq!(serialize(&tx)[..], <Vec<u8>>::from_hex($tx_hex).unwrap()[..], "tx");
10137 // ((htlc, counterparty_sig), (index, holder_sig))
10138 let mut htlc_counterparty_sig_iter = holder_commitment_tx.counterparty_htlc_sigs.iter();
10141 log_trace!(logger, "verifying htlc {}", $htlc_idx);
10142 let remote_signature = Signature::from_der(&<Vec<u8>>::from_hex($counterparty_htlc_sig_hex).unwrap()[..]).unwrap();
10144 let ref htlc = htlcs[$htlc_idx];
10145 let mut htlc_tx = chan_utils::build_htlc_transaction(&unsigned_tx.txid, chan.context.feerate_per_kw,
10146 chan.context.get_counterparty_selected_contest_delay().unwrap(),
10147 &htlc, $opt_anchors, &keys.broadcaster_delayed_payment_key, &keys.revocation_key);
10148 let htlc_redeemscript = chan_utils::get_htlc_redeemscript(&htlc, $opt_anchors, &keys);
10149 let htlc_sighashtype = if $opt_anchors.supports_anchors_zero_fee_htlc_tx() { EcdsaSighashType::SinglePlusAnyoneCanPay } else { EcdsaSighashType::All };
10150 let htlc_sighash = Message::from_slice(&sighash::SighashCache::new(&htlc_tx).segwit_signature_hash(0, &htlc_redeemscript, htlc.amount_msat / 1000, htlc_sighashtype).unwrap()[..]).unwrap();
10151 assert!(secp_ctx.verify_ecdsa(&htlc_sighash, &remote_signature, &keys.countersignatory_htlc_key.to_public_key()).is_ok(), "verify counterparty htlc sig");
10153 let mut preimage: Option<PaymentPreimage> = None;
10156 let out = PaymentHash(Sha256::hash(&[i; 32]).to_byte_array());
10157 if out == htlc.payment_hash {
10158 preimage = Some(PaymentPreimage([i; 32]));
10162 assert!(preimage.is_some());
10165 let htlc_counterparty_sig = htlc_counterparty_sig_iter.next().unwrap();
10166 let htlc_holder_sig = signer.sign_holder_htlc_transaction(&htlc_tx, 0, &HTLCDescriptor {
10167 channel_derivation_parameters: ChannelDerivationParameters {
10168 value_satoshis: chan.context.channel_value_satoshis,
10169 keys_id: chan.context.channel_keys_id,
10170 transaction_parameters: chan.context.channel_transaction_parameters.clone(),
10172 commitment_txid: trusted_tx.txid(),
10173 per_commitment_number: trusted_tx.commitment_number(),
10174 per_commitment_point: trusted_tx.per_commitment_point(),
10175 feerate_per_kw: trusted_tx.feerate_per_kw(),
10176 htlc: htlc.clone(),
10177 preimage: preimage.clone(),
10178 counterparty_sig: *htlc_counterparty_sig,
10179 }, &secp_ctx).unwrap();
10180 let num_anchors = if $opt_anchors.supports_anchors_zero_fee_htlc_tx() { 2 } else { 0 };
10181 assert_eq!(htlc.transaction_output_index, Some($htlc_idx + num_anchors), "output index");
10183 let signature = Signature::from_der(&<Vec<u8>>::from_hex($htlc_sig_hex).unwrap()[..]).unwrap();
10184 assert_eq!(signature, htlc_holder_sig, "htlc sig");
10185 let trusted_tx = holder_commitment_tx.trust();
10186 htlc_tx.input[0].witness = trusted_tx.build_htlc_input_witness($htlc_idx, htlc_counterparty_sig, &htlc_holder_sig, &preimage);
10187 log_trace!(logger, "htlc_tx = {}", serialize(&htlc_tx).as_hex());
10188 assert_eq!(serialize(&htlc_tx)[..], <Vec<u8>>::from_hex($htlc_tx_hex).unwrap()[..], "htlc tx");
10190 assert!(htlc_counterparty_sig_iter.next().is_none());
10194 // anchors: simple commitment tx with no HTLCs and single anchor
10195 test_commitment_with_anchors!("30440220655bf909fb6fa81d086f1336ac72c97906dce29d1b166e305c99152d810e26e1022051f577faa46412c46707aaac46b65d50053550a66334e00a44af2706f27a8658",
10196 "3044022007cf6b405e9c9b4f527b0ecad9d8bb661fabb8b12abf7d1c0b3ad1855db3ed490220616d5c1eeadccc63bd775a131149455d62d95a42c2a1b01cc7821fc42dce7778",
10197 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80024a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f10529800000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022007cf6b405e9c9b4f527b0ecad9d8bb661fabb8b12abf7d1c0b3ad1855db3ed490220616d5c1eeadccc63bd775a131149455d62d95a42c2a1b01cc7821fc42dce7778014730440220655bf909fb6fa81d086f1336ac72c97906dce29d1b166e305c99152d810e26e1022051f577faa46412c46707aaac46b65d50053550a66334e00a44af2706f27a865801475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10199 // simple commitment tx with no HTLCs
10200 chan.context.value_to_self_msat = 7000000000;
10202 test_commitment!("3045022100c3127b33dcc741dd6b05b1e63cbd1a9a7d816f37af9b6756fa2376b056f032370220408b96279808fe57eb7e463710804cdf4f108388bc5cf722d8c848d2c7f9f3b0",
10203 "30440220616210b2cc4d3afb601013c373bbd8aac54febd9f15400379a8cb65ce7deca60022034236c010991beb7ff770510561ae8dc885b8d38d1947248c38f2ae055647142",
10204 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8002c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48454a56a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004730440220616210b2cc4d3afb601013c373bbd8aac54febd9f15400379a8cb65ce7deca60022034236c010991beb7ff770510561ae8dc885b8d38d1947248c38f2ae05564714201483045022100c3127b33dcc741dd6b05b1e63cbd1a9a7d816f37af9b6756fa2376b056f032370220408b96279808fe57eb7e463710804cdf4f108388bc5cf722d8c848d2c7f9f3b001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10206 // anchors: simple commitment tx with no HTLCs
10207 test_commitment_with_anchors!("3045022100f89034eba16b2be0e5581f750a0a6309192b75cce0f202f0ee2b4ec0cc394850022076c65dc507fe42276152b7a3d90e961e678adbe966e916ecfe85e64d430e75f3",
10208 "30450221008266ac6db5ea71aac3c95d97b0e172ff596844851a3216eb88382a8dddfd33d2022050e240974cfd5d708708b4365574517c18e7ae535ef732a3484d43d0d82be9f7",
10209 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80044a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994a508b6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221008266ac6db5ea71aac3c95d97b0e172ff596844851a3216eb88382a8dddfd33d2022050e240974cfd5d708708b4365574517c18e7ae535ef732a3484d43d0d82be9f701483045022100f89034eba16b2be0e5581f750a0a6309192b75cce0f202f0ee2b4ec0cc394850022076c65dc507fe42276152b7a3d90e961e678adbe966e916ecfe85e64d430e75f301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10211 chan.context.pending_inbound_htlcs.push({
10212 let mut out = InboundHTLCOutput{
10214 amount_msat: 1000000,
10216 payment_hash: PaymentHash([0; 32]),
10217 state: InboundHTLCState::Committed,
10219 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0000000000000000000000000000000000000000000000000000000000000000").unwrap()).to_byte_array();
10222 chan.context.pending_inbound_htlcs.push({
10223 let mut out = InboundHTLCOutput{
10225 amount_msat: 2000000,
10227 payment_hash: PaymentHash([0; 32]),
10228 state: InboundHTLCState::Committed,
10230 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap()).to_byte_array();
10233 chan.context.pending_outbound_htlcs.push({
10234 let mut out = OutboundHTLCOutput{
10236 amount_msat: 2000000,
10238 payment_hash: PaymentHash([0; 32]),
10239 state: OutboundHTLCState::Committed,
10240 source: HTLCSource::dummy(),
10241 skimmed_fee_msat: None,
10242 blinding_point: None,
10244 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0202020202020202020202020202020202020202020202020202020202020202").unwrap()).to_byte_array();
10247 chan.context.pending_outbound_htlcs.push({
10248 let mut out = OutboundHTLCOutput{
10250 amount_msat: 3000000,
10252 payment_hash: PaymentHash([0; 32]),
10253 state: OutboundHTLCState::Committed,
10254 source: HTLCSource::dummy(),
10255 skimmed_fee_msat: None,
10256 blinding_point: None,
10258 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0303030303030303030303030303030303030303030303030303030303030303").unwrap()).to_byte_array();
10261 chan.context.pending_inbound_htlcs.push({
10262 let mut out = InboundHTLCOutput{
10264 amount_msat: 4000000,
10266 payment_hash: PaymentHash([0; 32]),
10267 state: InboundHTLCState::Committed,
10269 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0404040404040404040404040404040404040404040404040404040404040404").unwrap()).to_byte_array();
10273 // commitment tx with all five HTLCs untrimmed (minimum feerate)
10274 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10275 chan.context.feerate_per_kw = 0;
10277 test_commitment!("3044022009b048187705a8cbc9ad73adbe5af148c3d012e1f067961486c822c7af08158c022006d66f3704cfab3eb2dc49dae24e4aa22a6910fc9b424007583204e3621af2e5",
10278 "304402206fc2d1f10ea59951eefac0b4b7c396a3c3d87b71ff0b019796ef4535beaf36f902201765b0181e514d04f4c8ad75659d7037be26cdb3f8bb6f78fe61decef484c3ea",
10279 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8007e80300000000000022002052bfef0479d7b293c27e0f1eb294bea154c63a3294ef092c19af51409bce0e2ad007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484e0a06a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402206fc2d1f10ea59951eefac0b4b7c396a3c3d87b71ff0b019796ef4535beaf36f902201765b0181e514d04f4c8ad75659d7037be26cdb3f8bb6f78fe61decef484c3ea01473044022009b048187705a8cbc9ad73adbe5af148c3d012e1f067961486c822c7af08158c022006d66f3704cfab3eb2dc49dae24e4aa22a6910fc9b424007583204e3621af2e501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10282 "3045022100d9e29616b8f3959f1d3d7f7ce893ffedcdc407717d0de8e37d808c91d3a7c50d022078c3033f6d00095c8720a4bc943c1b45727818c082e4e3ddbc6d3116435b624b",
10283 "30440220636de5682ef0c5b61f124ec74e8aa2461a69777521d6998295dcea36bc3338110220165285594b23c50b28b82df200234566628a27bcd17f7f14404bd865354eb3ce",
10284 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b00000000000000000001e8030000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100d9e29616b8f3959f1d3d7f7ce893ffedcdc407717d0de8e37d808c91d3a7c50d022078c3033f6d00095c8720a4bc943c1b45727818c082e4e3ddbc6d3116435b624b014730440220636de5682ef0c5b61f124ec74e8aa2461a69777521d6998295dcea36bc3338110220165285594b23c50b28b82df200234566628a27bcd17f7f14404bd865354eb3ce012000000000000000000000000000000000000000000000000000000000000000008a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a914b8bcb07f6344b42ab04250c86a6e8b75d3fdbbc688527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f401b175ac686800000000" },
10287 "30440220649fe8b20e67e46cbb0d09b4acea87dbec001b39b08dee7bdd0b1f03922a8640022037c462dff79df501cecfdb12ea7f4de91f99230bb544726f6e04527b1f896004",
10288 "3045022100803159dee7935dba4a1d36a61055ce8fd62caa528573cc221ae288515405a252022029c59e7cffce374fe860100a4a63787e105c3cf5156d40b12dd53ff55ac8cf3f",
10289 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b01000000000000000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220649fe8b20e67e46cbb0d09b4acea87dbec001b39b08dee7bdd0b1f03922a8640022037c462dff79df501cecfdb12ea7f4de91f99230bb544726f6e04527b1f89600401483045022100803159dee7935dba4a1d36a61055ce8fd62caa528573cc221ae288515405a252022029c59e7cffce374fe860100a4a63787e105c3cf5156d40b12dd53ff55ac8cf3f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10292 "30440220770fc321e97a19f38985f2e7732dd9fe08d16a2efa4bcbc0429400a447faf49102204d40b417f3113e1b0944ae0986f517564ab4acd3d190503faf97a6e420d43352",
10293 "3045022100a437cc2ce77400ecde441b3398fea3c3ad8bdad8132be818227fe3c5b8345989022069d45e7fa0ae551ec37240845e2c561ceb2567eacf3076a6a43a502d05865faa",
10294 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b02000000000000000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220770fc321e97a19f38985f2e7732dd9fe08d16a2efa4bcbc0429400a447faf49102204d40b417f3113e1b0944ae0986f517564ab4acd3d190503faf97a6e420d4335201483045022100a437cc2ce77400ecde441b3398fea3c3ad8bdad8132be818227fe3c5b8345989022069d45e7fa0ae551ec37240845e2c561ceb2567eacf3076a6a43a502d05865faa012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10297 "304402207bcbf4f60a9829b05d2dbab84ed593e0291836be715dc7db6b72a64caf646af802201e489a5a84f7c5cc130398b841d138d031a5137ac8f4c49c770a4959dc3c1363",
10298 "304402203121d9b9c055f354304b016a36662ee99e1110d9501cb271b087ddb6f382c2c80220549882f3f3b78d9c492de47543cb9a697cecc493174726146536c5954dac7487",
10299 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b03000000000000000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207bcbf4f60a9829b05d2dbab84ed593e0291836be715dc7db6b72a64caf646af802201e489a5a84f7c5cc130398b841d138d031a5137ac8f4c49c770a4959dc3c13630147304402203121d9b9c055f354304b016a36662ee99e1110d9501cb271b087ddb6f382c2c80220549882f3f3b78d9c492de47543cb9a697cecc493174726146536c5954dac748701008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10302 "3044022076dca5cb81ba7e466e349b7128cdba216d4d01659e29b96025b9524aaf0d1899022060de85697b88b21c749702b7d2cfa7dfeaa1f472c8f1d7d9c23f2bf968464b87",
10303 "3045022100d9080f103cc92bac15ec42464a95f070c7fb6925014e673ee2ea1374d36a7f7502200c65294d22eb20d48564954d5afe04a385551919d8b2ddb4ae2459daaeee1d95",
10304 "02000000000101ab84ff284f162cfbfef241f853b47d4368d171f9e2a1445160cd591c4c7d882b04000000000000000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022076dca5cb81ba7e466e349b7128cdba216d4d01659e29b96025b9524aaf0d1899022060de85697b88b21c749702b7d2cfa7dfeaa1f472c8f1d7d9c23f2bf968464b8701483045022100d9080f103cc92bac15ec42464a95f070c7fb6925014e673ee2ea1374d36a7f7502200c65294d22eb20d48564954d5afe04a385551919d8b2ddb4ae2459daaeee1d95012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10307 // commitment tx with seven outputs untrimmed (maximum feerate)
10308 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10309 chan.context.feerate_per_kw = 647;
10311 test_commitment!("3045022100a135f9e8a5ed25f7277446c67956b00ce6f610ead2bdec2c2f686155b7814772022059f1f6e1a8b336a68efcc1af3fe4d422d4827332b5b067501b099c47b7b5b5ee",
10312 "30450221009ec15c687898bb4da8b3a833e5ab8bfc51ec6e9202aaa8e66611edfd4a85ed1102203d7183e45078b9735c93450bc3415d3e5a8c576141a711ec6ddcb4a893926bb7",
10313 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8007e80300000000000022002052bfef0479d7b293c27e0f1eb294bea154c63a3294ef092c19af51409bce0e2ad007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484e09c6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221009ec15c687898bb4da8b3a833e5ab8bfc51ec6e9202aaa8e66611edfd4a85ed1102203d7183e45078b9735c93450bc3415d3e5a8c576141a711ec6ddcb4a893926bb701483045022100a135f9e8a5ed25f7277446c67956b00ce6f610ead2bdec2c2f686155b7814772022059f1f6e1a8b336a68efcc1af3fe4d422d4827332b5b067501b099c47b7b5b5ee01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10316 "30450221008437627f9ad84ac67052e2a414a4367b8556fd1f94d8b02590f89f50525cd33502205b9c21ff6e7fc864f2352746ad8ba59182510819acb644e25b8a12fc37bbf24f",
10317 "30440220344b0deb055230d01703e6c7acd45853c4af2328b49b5d8af4f88a060733406602202ea64f2a43d5751edfe75503cbc35a62e3141b5ed032fa03360faf4ca66f670b",
10318 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004830450221008437627f9ad84ac67052e2a414a4367b8556fd1f94d8b02590f89f50525cd33502205b9c21ff6e7fc864f2352746ad8ba59182510819acb644e25b8a12fc37bbf24f014730440220344b0deb055230d01703e6c7acd45853c4af2328b49b5d8af4f88a060733406602202ea64f2a43d5751edfe75503cbc35a62e3141b5ed032fa03360faf4ca66f670b012000000000000000000000000000000000000000000000000000000000000000008a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a914b8bcb07f6344b42ab04250c86a6e8b75d3fdbbc688527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f401b175ac686800000000" },
10321 "304402205a67f92bf6845cf2892b48d874ac1daf88a36495cf8a06f93d83180d930a6f75022031da1621d95c3f335cc06a3056cf960199dae600b7cf89088f65fc53cdbef28c",
10322 "30450221009e5e3822b0185c6799a95288c597b671d6cc69ab80f43740f00c6c3d0752bdda02206da947a74bd98f3175324dc56fdba86cc783703a120a6f0297537e60632f4c7f",
10323 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe0100000000000000000124060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402205a67f92bf6845cf2892b48d874ac1daf88a36495cf8a06f93d83180d930a6f75022031da1621d95c3f335cc06a3056cf960199dae600b7cf89088f65fc53cdbef28c014830450221009e5e3822b0185c6799a95288c597b671d6cc69ab80f43740f00c6c3d0752bdda02206da947a74bd98f3175324dc56fdba86cc783703a120a6f0297537e60632f4c7f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10326 "30440220437e21766054a3eef7f65690c5bcfa9920babbc5af92b819f772f6ea96df6c7402207173622024bd97328cfb26c6665e25c2f5d67c319443ccdc60c903217005d8c8",
10327 "3045022100fcfc47e36b712624677626cef3dc1d67f6583bd46926a6398fe6b00b0c9a37760220525788257b187fc775c6370d04eadf34d06f3650a63f8df851cee0ecb47a1673",
10328 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe020000000000000000010a060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220437e21766054a3eef7f65690c5bcfa9920babbc5af92b819f772f6ea96df6c7402207173622024bd97328cfb26c6665e25c2f5d67c319443ccdc60c903217005d8c801483045022100fcfc47e36b712624677626cef3dc1d67f6583bd46926a6398fe6b00b0c9a37760220525788257b187fc775c6370d04eadf34d06f3650a63f8df851cee0ecb47a1673012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10331 "304402207436e10737e4df499fc051686d3e11a5bb2310e4d1f1e691d287cef66514791202207cb58e71a6b7a42dd001b7e3ae672ea4f71ea3e1cd412b742e9124abb0739c64",
10332 "3045022100e78211b8409afb7255ffe37337da87f38646f1faebbdd61bc1920d69e3ead67a02201a626305adfcd16bfb7e9340928d9b6305464eab4aa4c4a3af6646e9b9f69dee",
10333 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe030000000000000000010c0a0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207436e10737e4df499fc051686d3e11a5bb2310e4d1f1e691d287cef66514791202207cb58e71a6b7a42dd001b7e3ae672ea4f71ea3e1cd412b742e9124abb0739c6401483045022100e78211b8409afb7255ffe37337da87f38646f1faebbdd61bc1920d69e3ead67a02201a626305adfcd16bfb7e9340928d9b6305464eab4aa4c4a3af6646e9b9f69dee01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10336 "30450221009acd6a827a76bfee50806178dfe0495cd4e1d9c58279c194c7b01520fe68cb8d022024d439047c368883e570997a7d40f0b430cb5a742f507965e7d3063ae3feccca",
10337 "3044022048762cf546bbfe474f1536365ea7c416e3c0389d60558bc9412cb148fb6ab68202207215d7083b75c96ff9d2b08c59c34e287b66820f530b486a9aa4cdd9c347d5b9",
10338 "020000000001012cfb3e4788c206881d38f2996b6cb2109b5935acb527d14bdaa7b908afa9b2fe04000000000000000001da0d0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004830450221009acd6a827a76bfee50806178dfe0495cd4e1d9c58279c194c7b01520fe68cb8d022024d439047c368883e570997a7d40f0b430cb5a742f507965e7d3063ae3feccca01473044022048762cf546bbfe474f1536365ea7c416e3c0389d60558bc9412cb148fb6ab68202207215d7083b75c96ff9d2b08c59c34e287b66820f530b486a9aa4cdd9c347d5b9012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10341 // commitment tx with six outputs untrimmed (minimum feerate)
10342 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10343 chan.context.feerate_per_kw = 648;
10345 test_commitment!("304402203948f900a5506b8de36a4d8502f94f21dd84fd9c2314ab427d52feaa7a0a19f2022059b6a37a4adaa2c5419dc8aea63c6e2a2ec4c4bde46207f6dc1fcd22152fc6e5",
10346 "3045022100b15f72908ba3382a34ca5b32519240a22300cc6015b6f9418635fb41f3d01d8802207adb331b9ed1575383dca0f2355e86c173802feecf8298fbea53b9d4610583e9",
10347 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8006d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4844e9d6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100b15f72908ba3382a34ca5b32519240a22300cc6015b6f9418635fb41f3d01d8802207adb331b9ed1575383dca0f2355e86c173802feecf8298fbea53b9d4610583e90147304402203948f900a5506b8de36a4d8502f94f21dd84fd9c2314ab427d52feaa7a0a19f2022059b6a37a4adaa2c5419dc8aea63c6e2a2ec4c4bde46207f6dc1fcd22152fc6e501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10350 "3045022100a031202f3be94678f0e998622ee95ebb6ada8da1e9a5110228b5e04a747351e4022010ca6a21e18314ed53cfaae3b1f51998552a61a468e596368829a50ce40110e0",
10351 "304502210097e1873b57267730154595187a34949d3744f52933070c74757005e61ce2112e02204ecfba2aa42d4f14bdf8bad4206bb97217b702e6c433e0e1b0ce6587e6d46ec6",
10352 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf10000000000000000000123060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100a031202f3be94678f0e998622ee95ebb6ada8da1e9a5110228b5e04a747351e4022010ca6a21e18314ed53cfaae3b1f51998552a61a468e596368829a50ce40110e00148304502210097e1873b57267730154595187a34949d3744f52933070c74757005e61ce2112e02204ecfba2aa42d4f14bdf8bad4206bb97217b702e6c433e0e1b0ce6587e6d46ec601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10355 "304402202361012a634aee7835c5ecdd6413dcffa8f404b7e77364c792cff984e4ee71e90220715c5e90baa08daa45a7439b1ee4fa4843ed77b19c058240b69406606d384124",
10356 "3044022019de73b00f1d818fb388e83b2c8c31f6bce35ac624e215bc12f88f9dc33edf48022006ff814bb9f700ee6abc3294e146fac3efd4f13f0005236b41c0a946ee00c9ae",
10357 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf10100000000000000000109060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402202361012a634aee7835c5ecdd6413dcffa8f404b7e77364c792cff984e4ee71e90220715c5e90baa08daa45a7439b1ee4fa4843ed77b19c058240b69406606d38412401473044022019de73b00f1d818fb388e83b2c8c31f6bce35ac624e215bc12f88f9dc33edf48022006ff814bb9f700ee6abc3294e146fac3efd4f13f0005236b41c0a946ee00c9ae012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10360 "304402207e8e82cd71ed4febeb593732c260456836e97d81896153ecd2b3cf320ca6861702202dd4a30f68f98ced7cc56a36369ac1fdd978248c5ff4ed204fc00cc625532989",
10361 "3045022100bd0be6100c4fd8f102ec220e1b053e4c4e2ecca25615490150007b40d314dc3902201a1e0ea266965b43164d9e6576f58fa6726d42883dd1c3996d2925c2e2260796",
10362 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf1020000000000000000010b0a0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207e8e82cd71ed4febeb593732c260456836e97d81896153ecd2b3cf320ca6861702202dd4a30f68f98ced7cc56a36369ac1fdd978248c5ff4ed204fc00cc62553298901483045022100bd0be6100c4fd8f102ec220e1b053e4c4e2ecca25615490150007b40d314dc3902201a1e0ea266965b43164d9e6576f58fa6726d42883dd1c3996d2925c2e226079601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10365 "3044022024cd52e4198c8ae0e414a86d86b5a65ea7450f2eb4e783096736d93395eca5ce022078f0094745b45be4d4b2b04dd5978c9e66ba49109e5704403e84aaf5f387d6be",
10366 "3045022100bbfb9d0a946d420807c86e985d636cceb16e71c3694ed186316251a00cbd807202207773223f9a337e145f64673825be9b30d07ef1542c82188b264bedcf7cda78c6",
10367 "020000000001010f44041fdfba175987cf4e6135ba2a154e3b7fb96483dc0ed5efc0678e5b6bf103000000000000000001d90d0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022024cd52e4198c8ae0e414a86d86b5a65ea7450f2eb4e783096736d93395eca5ce022078f0094745b45be4d4b2b04dd5978c9e66ba49109e5704403e84aaf5f387d6be01483045022100bbfb9d0a946d420807c86e985d636cceb16e71c3694ed186316251a00cbd807202207773223f9a337e145f64673825be9b30d07ef1542c82188b264bedcf7cda78c6012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10370 // anchors: commitment tx with six outputs untrimmed (minimum dust limit)
10371 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10372 chan.context.feerate_per_kw = 645;
10373 chan.context.holder_dust_limit_satoshis = 1001;
10375 test_commitment_with_anchors!("3044022025d97466c8049e955a5afce28e322f4b34d2561118e52332fb400f9b908cc0a402205dc6fba3a0d67ee142c428c535580cd1f2ff42e2f89b47e0c8a01847caffc312",
10376 "3045022100d57697c707b6f6d053febf24b98e8989f186eea42e37e9e91663ec2c70bb8f70022079b0715a472118f262f43016a674f59c015d9cafccec885968e76d9d9c5d0051",
10377 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80084a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994d0070000000000002200203e68115ae0b15b8de75b6c6bc9af5ac9f01391544e0870dae443a1e8fe7837ead007000000000000220020fe0598d74fee2205cc3672e6e6647706b4f3099713b4661b62482c3addd04a5eb80b000000000000220020f96d0334feb64a4f40eb272031d07afcb038db56aa57446d60308c9f8ccadef9a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994abc996a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100d57697c707b6f6d053febf24b98e8989f186eea42e37e9e91663ec2c70bb8f70022079b0715a472118f262f43016a674f59c015d9cafccec885968e76d9d9c5d005101473044022025d97466c8049e955a5afce28e322f4b34d2561118e52332fb400f9b908cc0a402205dc6fba3a0d67ee142c428c535580cd1f2ff42e2f89b47e0c8a01847caffc31201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10380 "3045022100e04d160a326432659fe9fb127304c1d348dfeaba840081bdc57d8efd902a48d8022008a824e7cf5492b97e4d9e03c06a09f822775a44f6b5b2533a2088904abfc282",
10381 "3045022100b7c49846466b13b190ff739bbe3005c105482fc55539e55b1c561f76b6982b6c02200e5c35808619cf543c8405cff9fedd25f333a4a2f6f6d5e8af8150090c40ef09",
10382 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320002000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e04d160a326432659fe9fb127304c1d348dfeaba840081bdc57d8efd902a48d8022008a824e7cf5492b97e4d9e03c06a09f822775a44f6b5b2533a2088904abfc28283483045022100b7c49846466b13b190ff739bbe3005c105482fc55539e55b1c561f76b6982b6c02200e5c35808619cf543c8405cff9fedd25f333a4a2f6f6d5e8af8150090c40ef0901008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6851b27568f6010000" },
10385 "3045022100fbdc3c367ce3bf30796025cc590ee1f2ce0e72ae1ac19f5986d6d0a4fc76211f02207e45ae9267e8e820d188569604f71d1abd11bd385d58853dd7dc034cdb3e9a6e",
10386 "3045022100d29330f24db213b262068706099b39c15fa7e070c3fcdf8836c09723fc4d365602203ce57d01e9f28601e461a0b5c4a50119b270bde8b70148d133a6849c70b115ac",
10387 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320003000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100fbdc3c367ce3bf30796025cc590ee1f2ce0e72ae1ac19f5986d6d0a4fc76211f02207e45ae9267e8e820d188569604f71d1abd11bd385d58853dd7dc034cdb3e9a6e83483045022100d29330f24db213b262068706099b39c15fa7e070c3fcdf8836c09723fc4d365602203ce57d01e9f28601e461a0b5c4a50119b270bde8b70148d133a6849c70b115ac012001010101010101010101010101010101010101010101010101010101010101018d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac6851b2756800000000" },
10390 "3044022066c5ef625cee3ddd2bc7b6bfb354b5834cf1cc6d52dd972fb41b7b225437ae4a022066cb85647df65c6b87a54e416dcdcca778a776c36a9643d2b5dc793c9b29f4c1",
10391 "304402202d4ce515cd9000ec37575972d70b8d24f73909fb7012e8ebd8c2066ef6fe187902202830b53e64ea565fecd0f398100691da6bb2a5cf9bb0d1926f1d71d05828a11e",
10392 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320004000000000100000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022066c5ef625cee3ddd2bc7b6bfb354b5834cf1cc6d52dd972fb41b7b225437ae4a022066cb85647df65c6b87a54e416dcdcca778a776c36a9643d2b5dc793c9b29f4c18347304402202d4ce515cd9000ec37575972d70b8d24f73909fb7012e8ebd8c2066ef6fe187902202830b53e64ea565fecd0f398100691da6bb2a5cf9bb0d1926f1d71d05828a11e01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6851b27568f7010000" },
10395 "3044022022c7e11595c53ee89a57ca76baf0aed730da035952d6ab3fe6459f5eff3b337a022075e10cc5f5fd724a35ce4087a5d03cd616698626c69814032132b50bb97dc615",
10396 "3045022100b20cd63e0587d1711beaebda4730775c4ac8b8b2ec78fe18a0c44c3f168c25230220079abb7fc4924e2fca5950842e5b9e416735585026914570078c4ef62f286226",
10397 "02000000000101104f394af4c4fad78337f95e3e9f802f4c0d86ab231853af09b285348561320005000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022022c7e11595c53ee89a57ca76baf0aed730da035952d6ab3fe6459f5eff3b337a022075e10cc5f5fd724a35ce4087a5d03cd616698626c69814032132b50bb97dc61583483045022100b20cd63e0587d1711beaebda4730775c4ac8b8b2ec78fe18a0c44c3f168c25230220079abb7fc4924e2fca5950842e5b9e416735585026914570078c4ef62f286226012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10400 // commitment tx with six outputs untrimmed (maximum feerate)
10401 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10402 chan.context.feerate_per_kw = 2069;
10403 chan.context.holder_dust_limit_satoshis = 546;
10405 test_commitment!("304502210090b96a2498ce0c0f2fadbec2aab278fed54c1a7838df793ec4d2c78d96ec096202204fdd439c50f90d483baa7b68feeef4bd33bc277695405447bcd0bfb2ca34d7bc",
10406 "3045022100ad9a9bbbb75d506ca3b716b336ee3cf975dd7834fcf129d7dd188146eb58a8b4022061a759ee417339f7fe2ea1e8deb83abb6a74db31a09b7648a932a639cda23e33",
10407 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8006d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2db80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48477956a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100ad9a9bbbb75d506ca3b716b336ee3cf975dd7834fcf129d7dd188146eb58a8b4022061a759ee417339f7fe2ea1e8deb83abb6a74db31a09b7648a932a639cda23e330148304502210090b96a2498ce0c0f2fadbec2aab278fed54c1a7838df793ec4d2c78d96ec096202204fdd439c50f90d483baa7b68feeef4bd33bc277695405447bcd0bfb2ca34d7bc01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10410 "3045022100f33513ee38abf1c582876f921f8fddc06acff48e04515532a32d3938de938ffd02203aa308a2c1863b7d6fdf53159a1465bf2e115c13152546cc5d74483ceaa7f699",
10411 "3045022100a637902a5d4c9ba9e7c472a225337d5aac9e2e3f6744f76e237132e7619ba0400220035c60d784a031c0d9f6df66b7eab8726a5c25397399ee4aa960842059eb3f9d",
10412 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d0000000000000000000175020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f33513ee38abf1c582876f921f8fddc06acff48e04515532a32d3938de938ffd02203aa308a2c1863b7d6fdf53159a1465bf2e115c13152546cc5d74483ceaa7f69901483045022100a637902a5d4c9ba9e7c472a225337d5aac9e2e3f6744f76e237132e7619ba0400220035c60d784a031c0d9f6df66b7eab8726a5c25397399ee4aa960842059eb3f9d01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10415 "3045022100ce07682cf4b90093c22dc2d9ab2a77ad6803526b655ef857221cc96af5c9e0bf02200f501cee22e7a268af40b555d15a8237c9f36ad67ef1841daf9f6a0267b1e6df",
10416 "3045022100e57e46234f8782d3ff7aa593b4f7446fb5316c842e693dc63ee324fd49f6a1c302204a2f7b44c48bd26e1554422afae13153eb94b29d3687b733d18930615fb2db61",
10417 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d0100000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100ce07682cf4b90093c22dc2d9ab2a77ad6803526b655ef857221cc96af5c9e0bf02200f501cee22e7a268af40b555d15a8237c9f36ad67ef1841daf9f6a0267b1e6df01483045022100e57e46234f8782d3ff7aa593b4f7446fb5316c842e693dc63ee324fd49f6a1c302204a2f7b44c48bd26e1554422afae13153eb94b29d3687b733d18930615fb2db61012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10420 "3045022100e3e35492e55f82ec0bc2f317ffd7a486d1f7024330fe9743c3559fc39f32ef0c02203d1d4db651fc388a91d5ad8ecdd8e83673063bc8eefe27cfd8c189090e3a23e0",
10421 "3044022068613fb1b98eb3aec7f44c5b115b12343c2f066c4277c82b5f873dfe68f37f50022028109b4650f3f528ca4bfe9a467aff2e3e43893b61b5159157119d5d95cf1c18",
10422 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d020000000000000000015d060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e3e35492e55f82ec0bc2f317ffd7a486d1f7024330fe9743c3559fc39f32ef0c02203d1d4db651fc388a91d5ad8ecdd8e83673063bc8eefe27cfd8c189090e3a23e001473044022068613fb1b98eb3aec7f44c5b115b12343c2f066c4277c82b5f873dfe68f37f50022028109b4650f3f528ca4bfe9a467aff2e3e43893b61b5159157119d5d95cf1c1801008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10425 "304402207475aeb0212ef9bf5130b60937817ad88c9a87976988ef1f323f026148cc4a850220739fea17ad3257dcad72e509c73eebe86bee30b178467b9fdab213d631b109df",
10426 "3045022100d315522e09e7d53d2a659a79cb67fef56d6c4bddf3f46df6772d0d20a7beb7c8022070bcc17e288607b6a72be0bd83368bb6d53488db266c1cdb4d72214e4f02ac33",
10427 "02000000000101adbe717a63fb658add30ada1e6e12ed257637581898abe475c11d7bbcd65bd4d03000000000000000001f2090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402207475aeb0212ef9bf5130b60937817ad88c9a87976988ef1f323f026148cc4a850220739fea17ad3257dcad72e509c73eebe86bee30b178467b9fdab213d631b109df01483045022100d315522e09e7d53d2a659a79cb67fef56d6c4bddf3f46df6772d0d20a7beb7c8022070bcc17e288607b6a72be0bd83368bb6d53488db266c1cdb4d72214e4f02ac33012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10430 // commitment tx with five outputs untrimmed (minimum feerate)
10431 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10432 chan.context.feerate_per_kw = 2070;
10434 test_commitment!("304402204ca1ba260dee913d318271d86e10ca0f5883026fb5653155cff600fb40895223022037b145204b7054a40e08bb1fefbd826f827b40838d3e501423bcc57924bcb50c",
10435 "3044022001014419b5ba00e083ac4e0a85f19afc848aacac2d483b4b525d15e2ae5adbfe022015ebddad6ee1e72b47cb09f3e78459da5be01ccccd95dceca0e056a00cc773c1",
10436 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484da966a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022001014419b5ba00e083ac4e0a85f19afc848aacac2d483b4b525d15e2ae5adbfe022015ebddad6ee1e72b47cb09f3e78459da5be01ccccd95dceca0e056a00cc773c10147304402204ca1ba260dee913d318271d86e10ca0f5883026fb5653155cff600fb40895223022037b145204b7054a40e08bb1fefbd826f827b40838d3e501423bcc57924bcb50c01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10439 "304402205f6b6d12d8d2529fb24f4445630566cf4abbd0f9330ab6c2bdb94222d6a2a0c502202f556258ae6f05b193749e4c541dfcc13b525a5422f6291f073f15617ba8579b",
10440 "30440220150b11069454da70caf2492ded9e0065c9a57f25ac2a4c52657b1d15b6c6ed85022068a38833b603c8892717206383611bad210f1cbb4b1f87ea29c6c65b9e1cb3e5",
10441 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff0000000000000000000174020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402205f6b6d12d8d2529fb24f4445630566cf4abbd0f9330ab6c2bdb94222d6a2a0c502202f556258ae6f05b193749e4c541dfcc13b525a5422f6291f073f15617ba8579b014730440220150b11069454da70caf2492ded9e0065c9a57f25ac2a4c52657b1d15b6c6ed85022068a38833b603c8892717206383611bad210f1cbb4b1f87ea29c6c65b9e1cb3e501008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10444 "3045022100f960dfb1c9aee7ce1437efa65b523e399383e8149790e05d8fed27ff6e42fe0002202fe8613e062ffe0b0c518cc4101fba1c6de70f64a5bcc7ae663f2efae43b8546",
10445 "30450221009a6ed18e6873bc3644332a6ee21c152a5b102821865350df7a8c74451a51f9f2022050d801fb4895d7d7fbf452824c0168347f5c0cbe821cf6a97a63af5b8b2563c6",
10446 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff010000000000000000015c060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f960dfb1c9aee7ce1437efa65b523e399383e8149790e05d8fed27ff6e42fe0002202fe8613e062ffe0b0c518cc4101fba1c6de70f64a5bcc7ae663f2efae43b8546014830450221009a6ed18e6873bc3644332a6ee21c152a5b102821865350df7a8c74451a51f9f2022050d801fb4895d7d7fbf452824c0168347f5c0cbe821cf6a97a63af5b8b2563c601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10449 "3045022100ae5fc7717ae684bc1fcf9020854e5dbe9842c9e7472879ac06ff95ac2bb10e4e022057728ada4c00083a3e65493fb5d50a232165948a1a0f530ef63185c2c8c56504",
10450 "30440220408ad3009827a8fccf774cb285587686bfb2ed041f89a89453c311ce9c8ee0f902203c7392d9f8306d3a46522a66bd2723a7eb2628cb2d9b34d4c104f1766bf37502",
10451 "02000000000101403ad7602b43293497a3a2235a12ecefda4f3a1f1d06e49b1786d945685de1ff02000000000000000001f1090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100ae5fc7717ae684bc1fcf9020854e5dbe9842c9e7472879ac06ff95ac2bb10e4e022057728ada4c00083a3e65493fb5d50a232165948a1a0f530ef63185c2c8c56504014730440220408ad3009827a8fccf774cb285587686bfb2ed041f89a89453c311ce9c8ee0f902203c7392d9f8306d3a46522a66bd2723a7eb2628cb2d9b34d4c104f1766bf37502012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10454 // commitment tx with five outputs untrimmed (maximum feerate)
10455 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10456 chan.context.feerate_per_kw = 2194;
10458 test_commitment!("304402204bb3d6e279d71d9da414c82de42f1f954267c762b2e2eb8b76bc3be4ea07d4b0022014febc009c5edc8c3fc5d94015de163200f780046f1c293bfed8568f08b70fb3",
10459 "3044022072c2e2b1c899b2242656a537dde2892fa3801be0d6df0a87836c550137acde8302201654aa1974d37a829083c3ba15088689f30b56d6a4f6cb14c7bad0ee3116d398",
10460 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020403d394747cae42e98ff01734ad5c08f82ba123d3d9a620abda88989651e2ab5b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e48440966a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022072c2e2b1c899b2242656a537dde2892fa3801be0d6df0a87836c550137acde8302201654aa1974d37a829083c3ba15088689f30b56d6a4f6cb14c7bad0ee3116d3980147304402204bb3d6e279d71d9da414c82de42f1f954267c762b2e2eb8b76bc3be4ea07d4b0022014febc009c5edc8c3fc5d94015de163200f780046f1c293bfed8568f08b70fb301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10463 "3045022100939726680351a7856c1bc386d4a1f422c7d29bd7b56afc139570f508474e6c40022023175a799ccf44c017fbaadb924c40b2a12115a5b7d0dfd3228df803a2de8450",
10464 "304502210099c98c2edeeee6ec0fb5f3bea8b79bb016a2717afa9b5072370f34382de281d302206f5e2980a995e045cf90a547f0752a7ee99d48547bc135258fe7bc07e0154301",
10465 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100939726680351a7856c1bc386d4a1f422c7d29bd7b56afc139570f508474e6c40022023175a799ccf44c017fbaadb924c40b2a12115a5b7d0dfd3228df803a2de84500148304502210099c98c2edeeee6ec0fb5f3bea8b79bb016a2717afa9b5072370f34382de281d302206f5e2980a995e045cf90a547f0752a7ee99d48547bc135258fe7bc07e015430101008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a914b43e1b38138a41b37f7cd9a1d274bc63e3a9b5d188ac6868f6010000" },
10468 "3044022021bb883bf324553d085ba2e821cad80c28ef8b303dbead8f98e548783c02d1600220638f9ef2a9bba25869afc923f4b5dc38be3bb459f9efa5d869392d5f7779a4a0",
10469 "3045022100fd85bd7697b89c08ec12acc8ba89b23090637d83abd26ca37e01ae93e67c367302202b551fe69386116c47f984aab9c8dfd25d864dcde5d3389cfbef2447a85c4b77",
10470 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd010000000000000000010a060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022021bb883bf324553d085ba2e821cad80c28ef8b303dbead8f98e548783c02d1600220638f9ef2a9bba25869afc923f4b5dc38be3bb459f9efa5d869392d5f7779a4a001483045022100fd85bd7697b89c08ec12acc8ba89b23090637d83abd26ca37e01ae93e67c367302202b551fe69386116c47f984aab9c8dfd25d864dcde5d3389cfbef2447a85c4b7701008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10473 "3045022100c9e6f0454aa598b905a35e641a70cc9f67b5f38cc4b00843a041238c4a9f1c4a0220260a2822a62da97e44583e837245995ca2e36781769c52f19e498efbdcca262b",
10474 "30450221008a9f2ea24cd455c2b64c1472a5fa83865b0a5f49a62b661801e884cf2849af8302204d44180e50bf6adfcf1c1e581d75af91aba4e28681ce4a5ee5f3cbf65eca10f3",
10475 "02000000000101153cd825fdb3aa624bfe513e8031d5d08c5e582fb3d1d1fe8faf27d3eed410cd020000000000000000019a090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100c9e6f0454aa598b905a35e641a70cc9f67b5f38cc4b00843a041238c4a9f1c4a0220260a2822a62da97e44583e837245995ca2e36781769c52f19e498efbdcca262b014830450221008a9f2ea24cd455c2b64c1472a5fa83865b0a5f49a62b661801e884cf2849af8302204d44180e50bf6adfcf1c1e581d75af91aba4e28681ce4a5ee5f3cbf65eca10f3012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10478 // commitment tx with four outputs untrimmed (minimum feerate)
10479 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10480 chan.context.feerate_per_kw = 2195;
10482 test_commitment!("304402201a8c1b1f9671cd9e46c7323a104d7047cc48d3ee80d40d4512e0c72b8dc65666022066d7f9a2ce18c9eb22d2739ffcce05721c767f9b607622a31b6ea5793ddce403",
10483 "3044022044d592025b610c0d678f65032e87035cdfe89d1598c522cc32524ae8172417c30220749fef9d5b2ae8cdd91ece442ba8809bc891efedae2291e578475f97715d1767",
10484 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8004b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484b8976a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400473044022044d592025b610c0d678f65032e87035cdfe89d1598c522cc32524ae8172417c30220749fef9d5b2ae8cdd91ece442ba8809bc891efedae2291e578475f97715d17670147304402201a8c1b1f9671cd9e46c7323a104d7047cc48d3ee80d40d4512e0c72b8dc65666022066d7f9a2ce18c9eb22d2739ffcce05721c767f9b607622a31b6ea5793ddce40301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10487 "3045022100e57b845066a06ee7c2cbfc29eabffe52daa9bf6f6de760066d04df9f9b250e0002202ffb197f0e6e0a77a75a9aff27014bd3de83b7f748d7efef986abe655e1dd50e",
10488 "3045022100ecc8c6529d0b2316d046f0f0757c1e1c25a636db168ec4f3aa1b9278df685dc0022067ae6b65e936f1337091f7b18a15935b608c5f2cdddb2f892ed0babfdd376d76",
10489 "020000000001018130a10f09b13677ba2885a8bca32860f3a952e5912b829a473639b5a2c07b900000000000000000000109060000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100e57b845066a06ee7c2cbfc29eabffe52daa9bf6f6de760066d04df9f9b250e0002202ffb197f0e6e0a77a75a9aff27014bd3de83b7f748d7efef986abe655e1dd50e01483045022100ecc8c6529d0b2316d046f0f0757c1e1c25a636db168ec4f3aa1b9278df685dc0022067ae6b65e936f1337091f7b18a15935b608c5f2cdddb2f892ed0babfdd376d7601008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10492 "3045022100d193b7ecccad8057571620a0b1ffa6c48e9483311723b59cf536043b20bc51550220546d4bd37b3b101ecda14f6c907af46ec391abce1cd9c7ce22b1a62b534f2f2a",
10493 "3044022014d66f11f9cacf923807eba49542076c5fe5cccf252fb08fe98c78ef3ca6ab5402201b290dbe043cc512d9d78de074a5a129b8759bc6a6c546b190d120b690bd6e82",
10494 "020000000001018130a10f09b13677ba2885a8bca32860f3a952e5912b829a473639b5a2c07b900100000000000000000199090000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100d193b7ecccad8057571620a0b1ffa6c48e9483311723b59cf536043b20bc51550220546d4bd37b3b101ecda14f6c907af46ec391abce1cd9c7ce22b1a62b534f2f2a01473044022014d66f11f9cacf923807eba49542076c5fe5cccf252fb08fe98c78ef3ca6ab5402201b290dbe043cc512d9d78de074a5a129b8759bc6a6c546b190d120b690bd6e82012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10497 // anchors: commitment tx with four outputs untrimmed (minimum dust limit)
10498 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10499 chan.context.feerate_per_kw = 2185;
10500 chan.context.holder_dust_limit_satoshis = 2001;
10501 let cached_channel_type = chan.context.channel_type;
10502 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10504 test_commitment_with_anchors!("3044022040f63a16148cf35c8d3d41827f5ae7f7c3746885bb64d4d1b895892a83812b3e02202fcf95c2bf02c466163b3fa3ced6a24926fbb4035095a96842ef516e86ba54c0",
10505 "3045022100cd8479cfe1edb1e5a1d487391e0451a469c7171e51e680183f19eb4321f20e9b02204eab7d5a6384b1b08e03baa6e4d9748dfd2b5ab2bae7e39604a0d0055bbffdd5",
10506 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80064a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994b80b000000000000220020f96d0334feb64a4f40eb272031d07afcb038db56aa57446d60308c9f8ccadef9a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994ac5916a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100cd8479cfe1edb1e5a1d487391e0451a469c7171e51e680183f19eb4321f20e9b02204eab7d5a6384b1b08e03baa6e4d9748dfd2b5ab2bae7e39604a0d0055bbffdd501473044022040f63a16148cf35c8d3d41827f5ae7f7c3746885bb64d4d1b895892a83812b3e02202fcf95c2bf02c466163b3fa3ced6a24926fbb4035095a96842ef516e86ba54c001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10509 "304402206870514a72ad6e723ff7f1e0370d7a33c1cd2a0b9272674143ebaf6a1d02dee102205bd953c34faf5e7322e9a1c0103581cb090280fda4f1039ee8552668afa90ebb",
10510 "30440220669de9ca7910eff65a7773ebd14a9fc371fe88cde5b8e2a81609d85c87ac939b02201ac29472fa4067322e92d75b624942d60be5050139b20bb363db75be79eb946f",
10511 "02000000000101ac13a7715f80b8e52dda43c6929cade5521bdced3a405da02b443f1ffb1e33cc02000000000100000001b80b0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402206870514a72ad6e723ff7f1e0370d7a33c1cd2a0b9272674143ebaf6a1d02dee102205bd953c34faf5e7322e9a1c0103581cb090280fda4f1039ee8552668afa90ebb834730440220669de9ca7910eff65a7773ebd14a9fc371fe88cde5b8e2a81609d85c87ac939b02201ac29472fa4067322e92d75b624942d60be5050139b20bb363db75be79eb946f01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6851b27568f7010000" },
10514 "3045022100949e8dd938da56445b1cdfdebe1b7efea086edd05d89910d205a1e2e033ce47102202cbd68b5262ab144d9ec12653f87dfb0bb6bd05d1f58ae1e523f028eaefd7271",
10515 "3045022100e3104ed8b239f8019e5f0a1a73d7782a94a8c36e7984f476c3a0b3cb0e62e27902207e3d52884600985f8a2098e53a5c30dd6a5e857733acfaa07ab2162421ed2688",
10516 "02000000000101ac13a7715f80b8e52dda43c6929cade5521bdced3a405da02b443f1ffb1e33cc03000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100949e8dd938da56445b1cdfdebe1b7efea086edd05d89910d205a1e2e033ce47102202cbd68b5262ab144d9ec12653f87dfb0bb6bd05d1f58ae1e523f028eaefd727183483045022100e3104ed8b239f8019e5f0a1a73d7782a94a8c36e7984f476c3a0b3cb0e62e27902207e3d52884600985f8a2098e53a5c30dd6a5e857733acfaa07ab2162421ed2688012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10519 // commitment tx with four outputs untrimmed (maximum feerate)
10520 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10521 chan.context.feerate_per_kw = 3702;
10522 chan.context.holder_dust_limit_satoshis = 546;
10523 chan.context.channel_type = cached_channel_type.clone();
10525 test_commitment!("304502210092a587aeb777f869e7ff0d7898ea619ee26a3dacd1f3672b945eea600be431100220077ee9eae3528d15251f2a52b607b189820e57a6ccfac8d1af502b132ee40169",
10526 "3045022100e5efb73c32d32da2d79702299b6317de6fb24a60476e3855926d78484dd1b3c802203557cb66a42c944ef06e00bcc4da35a5bcb2f185aab0f8e403e519e1d66aaf75",
10527 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8004b80b000000000000220020c20b5d1f8584fd90443e7b7b720136174fa4b9333c261d04dbbd012635c0f419a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4846f916a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100e5efb73c32d32da2d79702299b6317de6fb24a60476e3855926d78484dd1b3c802203557cb66a42c944ef06e00bcc4da35a5bcb2f185aab0f8e403e519e1d66aaf750148304502210092a587aeb777f869e7ff0d7898ea619ee26a3dacd1f3672b945eea600be431100220077ee9eae3528d15251f2a52b607b189820e57a6ccfac8d1af502b132ee4016901475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10530 "304402206fa54c11f98c3bae1e93df43fc7affeb05b476bf8060c03e29c377c69bc08e8b0220672701cce50d5c379ff45a5d2cfe48ac44973adb066ac32608e21221d869bb89",
10531 "304402206e36c683ebf2cb16bcef3d5439cf8b53cd97280a365ed8acd7abb85a8ba5f21c02206e8621edfc2a5766cbc96eb67fd501127ff163eb6b85518a39f7d4974aef126f",
10532 "020000000001018db483bff65c70ee71d8282aeec5a880e2e2b39e45772bda5460403095c62e3f0000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402206fa54c11f98c3bae1e93df43fc7affeb05b476bf8060c03e29c377c69bc08e8b0220672701cce50d5c379ff45a5d2cfe48ac44973adb066ac32608e21221d869bb890147304402206e36c683ebf2cb16bcef3d5439cf8b53cd97280a365ed8acd7abb85a8ba5f21c02206e8621edfc2a5766cbc96eb67fd501127ff163eb6b85518a39f7d4974aef126f01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9148a486ff2e31d6158bf39e2608864d63fefd09d5b88ac6868f7010000" },
10535 "3044022057649739b0eb74d541ead0dfdb3d4b2c15aa192720031044c3434c67812e5ca902201e5ede42d960ae551707f4a6b34b09393cf4dee2418507daa022e3550dbb5817",
10536 "304402207faad26678c8850e01b4a0696d60841f7305e1832b786110ee9075cb92ed14a30220516ef8ee5dfa80824ea28cbcec0dd95f8b847146257c16960db98507db15ffdc",
10537 "020000000001018db483bff65c70ee71d8282aeec5a880e2e2b39e45772bda5460403095c62e3f0100000000000000000176050000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022057649739b0eb74d541ead0dfdb3d4b2c15aa192720031044c3434c67812e5ca902201e5ede42d960ae551707f4a6b34b09393cf4dee2418507daa022e3550dbb58170147304402207faad26678c8850e01b4a0696d60841f7305e1832b786110ee9075cb92ed14a30220516ef8ee5dfa80824ea28cbcec0dd95f8b847146257c16960db98507db15ffdc012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10540 // commitment tx with three outputs untrimmed (minimum feerate)
10541 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10542 chan.context.feerate_per_kw = 3703;
10544 test_commitment!("3045022100b495d239772a237ff2cf354b1b11be152fd852704cb184e7356d13f2fb1e5e430220723db5cdb9cbd6ead7bfd3deb419cf41053a932418cbb22a67b581f40bc1f13e",
10545 "304402201b736d1773a124c745586217a75bed5f66c05716fbe8c7db4fdb3c3069741cdd02205083f39c321c1bcadfc8d97e3c791a66273d936abac0c6a2fde2ed46019508e1",
10546 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8003a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484eb936a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402201b736d1773a124c745586217a75bed5f66c05716fbe8c7db4fdb3c3069741cdd02205083f39c321c1bcadfc8d97e3c791a66273d936abac0c6a2fde2ed46019508e101483045022100b495d239772a237ff2cf354b1b11be152fd852704cb184e7356d13f2fb1e5e430220723db5cdb9cbd6ead7bfd3deb419cf41053a932418cbb22a67b581f40bc1f13e01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10549 "3045022100c34c61735f93f2e324cc873c3b248111ccf8f6db15d5969583757010d4ad2b4602207867bb919b2ddd6387873e425345c9b7fd18d1d66aba41f3607bc2896ef3c30a",
10550 "3045022100988c143e2110067117d2321bdd4bd16ca1734c98b29290d129384af0962b634e02206c1b02478878c5f547018b833986578f90c3e9be669fe5788ad0072a55acbb05",
10551 "0200000000010120060e4a29579d429f0f27c17ee5f1ee282f20d706d6f90b63d35946d8f3029a0000000000000000000175050000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100c34c61735f93f2e324cc873c3b248111ccf8f6db15d5969583757010d4ad2b4602207867bb919b2ddd6387873e425345c9b7fd18d1d66aba41f3607bc2896ef3c30a01483045022100988c143e2110067117d2321bdd4bd16ca1734c98b29290d129384af0962b634e02206c1b02478878c5f547018b833986578f90c3e9be669fe5788ad0072a55acbb05012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10554 // anchors: commitment tx with three outputs untrimmed (minimum dust limit)
10555 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10556 chan.context.feerate_per_kw = 3687;
10557 chan.context.holder_dust_limit_satoshis = 3001;
10558 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10560 test_commitment_with_anchors!("3045022100ad6c71569856b2d7ff42e838b4abe74a713426b37f22fa667a195a4c88908c6902202b37272b02a42dc6d9f4f82cab3eaf84ac882d9ed762859e1e75455c2c228377",
10561 "3045022100c970799bcb33f43179eb43b3378a0a61991cf2923f69b36ef12548c3df0e6d500220413dc27d2e39ee583093adfcb7799be680141738babb31cc7b0669a777a31f5d",
10562 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80054a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994a00f000000000000220020ce6e751274836ff59622a0d1e07f8831d80bd6730bd48581398bfadd2bb8da9ac0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994aa28b6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100c970799bcb33f43179eb43b3378a0a61991cf2923f69b36ef12548c3df0e6d500220413dc27d2e39ee583093adfcb7799be680141738babb31cc7b0669a777a31f5d01483045022100ad6c71569856b2d7ff42e838b4abe74a713426b37f22fa667a195a4c88908c6902202b37272b02a42dc6d9f4f82cab3eaf84ac882d9ed762859e1e75455c2c22837701475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10565 "3044022017b558a3cf5f0cb94269e2e927b29ed22bd2416abb8a7ce6de4d1256f359b93602202e9ca2b1a23ea3e69f433c704e327739e219804b8c188b1d52f74fd5a9de954c",
10566 "3045022100af7a8b7c7ff2080c68995254cb66d64d9954edcc5baac3bb4f27ed2d29aaa6120220421c27da7a60574a9263f271e0f3bd34594ec6011095190022b3b54596ea03de",
10567 "02000000000101542562b326c08e3a076d9cfca2be175041366591da334d8d513ff1686fd95a6002000000000100000001a00f0000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500473044022017b558a3cf5f0cb94269e2e927b29ed22bd2416abb8a7ce6de4d1256f359b93602202e9ca2b1a23ea3e69f433c704e327739e219804b8c188b1d52f74fd5a9de954c83483045022100af7a8b7c7ff2080c68995254cb66d64d9954edcc5baac3bb4f27ed2d29aaa6120220421c27da7a60574a9263f271e0f3bd34594ec6011095190022b3b54596ea03de012004040404040404040404040404040404040404040404040404040404040404048d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac6851b2756800000000" }
10570 // commitment tx with three outputs untrimmed (maximum feerate)
10571 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10572 chan.context.feerate_per_kw = 4914;
10573 chan.context.holder_dust_limit_satoshis = 546;
10574 chan.context.channel_type = cached_channel_type.clone();
10576 test_commitment!("3045022100b4b16d5f8cc9fc4c1aff48831e832a0d8990e133978a66e302c133550954a44d022073573ce127e2200d316f6b612803a5c0c97b8d20e1e44dbe2ac0dd2fb8c95244",
10577 "3045022100d72638bc6308b88bb6d45861aae83e5b9ff6e10986546e13bce769c70036e2620220320be7c6d66d22f30b9fcd52af66531505b1310ca3b848c19285b38d8a1a8c19",
10578 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8003a00f0000000000002200208c48d15160397c9731df9bc3b236656efb6665fbfe92b4a6878e88a499f741c4c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484ae8f6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100d72638bc6308b88bb6d45861aae83e5b9ff6e10986546e13bce769c70036e2620220320be7c6d66d22f30b9fcd52af66531505b1310ca3b848c19285b38d8a1a8c1901483045022100b4b16d5f8cc9fc4c1aff48831e832a0d8990e133978a66e302c133550954a44d022073573ce127e2200d316f6b612803a5c0c97b8d20e1e44dbe2ac0dd2fb8c9524401475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10581 "3045022100f43591c156038ba217756006bb3c55f7d113a325cdd7d9303c82115372858d68022016355b5aadf222bc8d12e426c75f4a03423917b2443a103eb2a498a3a2234374",
10582 "30440220585dee80fafa264beac535c3c0bb5838ac348b156fdc982f86adc08dfc9bfd250220130abb82f9f295cc9ef423dcfef772fde2acd85d9df48cc538981d26a10a9c10",
10583 "02000000000101a9172908eace869cc35128c31fc2ab502f72e4dff31aab23e0244c4b04b11ab00000000000000000000122020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100f43591c156038ba217756006bb3c55f7d113a325cdd7d9303c82115372858d68022016355b5aadf222bc8d12e426c75f4a03423917b2443a103eb2a498a3a2234374014730440220585dee80fafa264beac535c3c0bb5838ac348b156fdc982f86adc08dfc9bfd250220130abb82f9f295cc9ef423dcfef772fde2acd85d9df48cc538981d26a10a9c10012004040404040404040404040404040404040404040404040404040404040404048a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a91418bc1a114ccf9c052d3d23e28d3b0a9d1227434288527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f801b175ac686800000000" }
10586 // commitment tx with two outputs untrimmed (minimum feerate)
10587 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10588 chan.context.feerate_per_kw = 4915;
10589 chan.context.holder_dust_limit_satoshis = 546;
10591 test_commitment!("304402203a286936e74870ca1459c700c71202af0381910a6bfab687ef494ef1bc3e02c902202506c362d0e3bee15e802aa729bf378e051644648253513f1c085b264cc2a720",
10592 "30450221008a953551f4d67cb4df3037207fc082ddaf6be84d417b0bd14c80aab66f1b01a402207508796dc75034b2dee876fe01dc05a08b019f3e5d689ac8842ade2f1befccf5",
10593 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8002c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484fa926a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221008a953551f4d67cb4df3037207fc082ddaf6be84d417b0bd14c80aab66f1b01a402207508796dc75034b2dee876fe01dc05a08b019f3e5d689ac8842ade2f1befccf50147304402203a286936e74870ca1459c700c71202af0381910a6bfab687ef494ef1bc3e02c902202506c362d0e3bee15e802aa729bf378e051644648253513f1c085b264cc2a72001475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10595 // anchors: commitment tx with two outputs untrimmed (minimum dust limit)
10596 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10597 chan.context.feerate_per_kw = 4894;
10598 chan.context.holder_dust_limit_satoshis = 4001;
10599 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10601 test_commitment_with_anchors!("3045022100e784a66b1588575801e237d35e510fd92a81ae3a4a2a1b90c031ad803d07b3f3022021bc5f16501f167607d63b681442da193eb0a76b4b7fd25c2ed4f8b28fd35b95",
10602 "30450221009f16ac85d232e4eddb3fcd750a68ebf0b58e3356eaada45d3513ede7e817bf4c02207c2b043b4e5f971261975406cb955219fa56bffe5d834a833694b5abc1ce4cfd",
10603 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80044a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994ad0886a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e04004830450221009f16ac85d232e4eddb3fcd750a68ebf0b58e3356eaada45d3513ede7e817bf4c02207c2b043b4e5f971261975406cb955219fa56bffe5d834a833694b5abc1ce4cfd01483045022100e784a66b1588575801e237d35e510fd92a81ae3a4a2a1b90c031ad803d07b3f3022021bc5f16501f167607d63b681442da193eb0a76b4b7fd25c2ed4f8b28fd35b9501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10605 // commitment tx with two outputs untrimmed (maximum feerate)
10606 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10607 chan.context.feerate_per_kw = 9651180;
10608 chan.context.holder_dust_limit_satoshis = 546;
10609 chan.context.channel_type = cached_channel_type.clone();
10611 test_commitment!("304402200a8544eba1d216f5c5e530597665fa9bec56943c0f66d98fc3d028df52d84f7002201e45fa5c6bc3a506cc2553e7d1c0043a9811313fc39c954692c0d47cfce2bbd3",
10612 "3045022100e11b638c05c650c2f63a421d36ef8756c5ce82f2184278643520311cdf50aa200220259565fb9c8e4a87ccaf17f27a3b9ca4f20625754a0920d9c6c239d8156a11de",
10613 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b800222020000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80ec0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e4840400483045022100e11b638c05c650c2f63a421d36ef8756c5ce82f2184278643520311cdf50aa200220259565fb9c8e4a87ccaf17f27a3b9ca4f20625754a0920d9c6c239d8156a11de0147304402200a8544eba1d216f5c5e530597665fa9bec56943c0f66d98fc3d028df52d84f7002201e45fa5c6bc3a506cc2553e7d1c0043a9811313fc39c954692c0d47cfce2bbd301475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10615 // commitment tx with one output untrimmed (minimum feerate)
10616 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10617 chan.context.feerate_per_kw = 9651181;
10619 test_commitment!("304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a2",
10620 "304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a379",
10621 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8001c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484040047304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a3790147304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10623 // anchors: commitment tx with one output untrimmed (minimum dust limit)
10624 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10625 chan.context.feerate_per_kw = 6216010;
10626 chan.context.holder_dust_limit_satoshis = 4001;
10627 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10629 test_commitment_with_anchors!("30450221008fd5dbff02e4b59020d4cd23a3c30d3e287065fda75a0a09b402980adf68ccda022001e0b8b620cd915ddff11f1de32addf23d81d51b90e6841b2cb8dcaf3faa5ecf",
10630 "30450221009ad80792e3038fe6968d12ff23e6888a565c3ddd065037f357445f01675d63f3022018384915e5f1f4ae157e15debf4f49b61c8d9d2b073c7d6f97c4a68caa3ed4c1",
10631 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80024a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994a04004830450221009ad80792e3038fe6968d12ff23e6888a565c3ddd065037f357445f01675d63f3022018384915e5f1f4ae157e15debf4f49b61c8d9d2b073c7d6f97c4a68caa3ed4c1014830450221008fd5dbff02e4b59020d4cd23a3c30d3e287065fda75a0a09b402980adf68ccda022001e0b8b620cd915ddff11f1de32addf23d81d51b90e6841b2cb8dcaf3faa5ecf01475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10633 // commitment tx with fee greater than funder amount
10634 chan.context.value_to_self_msat = 6993000000; // 7000000000 - 7000000
10635 chan.context.feerate_per_kw = 9651936;
10636 chan.context.holder_dust_limit_satoshis = 546;
10637 chan.context.channel_type = cached_channel_type;
10639 test_commitment!("304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a2",
10640 "304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a379",
10641 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8001c0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484040047304402207e8d51e0c570a5868a78414f4e0cbfaed1106b171b9581542c30718ee4eb95ba02203af84194c97adf98898c9afe2f2ed4a7f8dba05a2dfab28ac9d9c604aa49a3790147304402202ade0142008309eb376736575ad58d03e5b115499709c6db0b46e36ff394b492022037b63d78d66404d6504d4c4ac13be346f3d1802928a6d3ad95a6a944227161a201475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {});
10643 // commitment tx with 3 htlc outputs, 2 offered having the same amount and preimage
10644 chan.context.value_to_self_msat = 7_000_000_000 - 2_000_000;
10645 chan.context.feerate_per_kw = 253;
10646 chan.context.pending_inbound_htlcs.clear();
10647 chan.context.pending_inbound_htlcs.push({
10648 let mut out = InboundHTLCOutput{
10650 amount_msat: 2000000,
10652 payment_hash: PaymentHash([0; 32]),
10653 state: InboundHTLCState::Committed,
10655 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap()).to_byte_array();
10658 chan.context.pending_outbound_htlcs.clear();
10659 chan.context.pending_outbound_htlcs.push({
10660 let mut out = OutboundHTLCOutput{
10662 amount_msat: 5000001,
10664 payment_hash: PaymentHash([0; 32]),
10665 state: OutboundHTLCState::Committed,
10666 source: HTLCSource::dummy(),
10667 skimmed_fee_msat: None,
10668 blinding_point: None,
10670 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0505050505050505050505050505050505050505050505050505050505050505").unwrap()).to_byte_array();
10673 chan.context.pending_outbound_htlcs.push({
10674 let mut out = OutboundHTLCOutput{
10676 amount_msat: 5000000,
10678 payment_hash: PaymentHash([0; 32]),
10679 state: OutboundHTLCState::Committed,
10680 source: HTLCSource::dummy(),
10681 skimmed_fee_msat: None,
10682 blinding_point: None,
10684 out.payment_hash.0 = Sha256::hash(&<Vec<u8>>::from_hex("0505050505050505050505050505050505050505050505050505050505050505").unwrap()).to_byte_array();
10688 test_commitment!("304402207d0870964530f97b62497b11153c551dca0a1e226815ef0a336651158da0f82402200f5378beee0e77759147b8a0a284decd11bfd2bc55c8fafa41c134fe996d43c8",
10689 "304402200d10bf5bc5397fc59d7188ae438d80c77575595a2d488e41bd6363a810cc8d72022012b57e714fbbfdf7a28c47d5b370cb8ac37c8545f596216e5b21e9b236ef457c",
10690 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b8005d007000000000000220020748eba944fedc8827f6b06bc44678f93c0f9e6078b35c6331ed31e75f8ce0c2d8813000000000000220020305c12e1a0bc21e283c131cea1c66d68857d28b7b2fce0a6fbc40c164852121b8813000000000000220020305c12e1a0bc21e283c131cea1c66d68857d28b7b2fce0a6fbc40c164852121bc0c62d0000000000160014cc1b07838e387deacd0e5232e1e8b49f4c29e484a69f6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e040047304402200d10bf5bc5397fc59d7188ae438d80c77575595a2d488e41bd6363a810cc8d72022012b57e714fbbfdf7a28c47d5b370cb8ac37c8545f596216e5b21e9b236ef457c0147304402207d0870964530f97b62497b11153c551dca0a1e226815ef0a336651158da0f82402200f5378beee0e77759147b8a0a284decd11bfd2bc55c8fafa41c134fe996d43c801475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10693 "3045022100b470fe12e5b7fea9eccb8cbff1972cea4f96758041898982a02bcc7f9d56d50b0220338a75b2afaab4ec00cdd2d9273c68c7581ff5a28bcbb40c4d138b81f1d45ce5",
10694 "3044022017b90c65207522a907fb6a137f9dd528b3389465a8ae72308d9e1d564f512cf402204fc917b4f0e88604a3e994f85bfae7c7c1f9d9e9f78e8cd112e0889720d9405b",
10695 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec000000000000000000011f070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100b470fe12e5b7fea9eccb8cbff1972cea4f96758041898982a02bcc7f9d56d50b0220338a75b2afaab4ec00cdd2d9273c68c7581ff5a28bcbb40c4d138b81f1d45ce501473044022017b90c65207522a907fb6a137f9dd528b3389465a8ae72308d9e1d564f512cf402204fc917b4f0e88604a3e994f85bfae7c7c1f9d9e9f78e8cd112e0889720d9405b012001010101010101010101010101010101010101010101010101010101010101018a76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac686800000000" },
10697 "3045022100b575379f6d8743cb0087648f81cfd82d17a97fbf8f67e058c65ce8b9d25df9500220554a210d65b02d9f36c6adf0f639430ca8293196ba5089bf67cc3a9813b7b00a",
10698 "3045022100ee2e16b90930a479b13f8823a7f14b600198c838161160b9436ed086d3fc57e002202a66fa2324f342a17129949c640bfe934cbc73a869ba7c06aa25c5a3d0bfb53d",
10699 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec01000000000000000001e1120000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100b575379f6d8743cb0087648f81cfd82d17a97fbf8f67e058c65ce8b9d25df9500220554a210d65b02d9f36c6adf0f639430ca8293196ba5089bf67cc3a9813b7b00a01483045022100ee2e16b90930a479b13f8823a7f14b600198c838161160b9436ed086d3fc57e002202a66fa2324f342a17129949c640bfe934cbc73a869ba7c06aa25c5a3d0bfb53d01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6868f9010000" },
10701 "30440220471c9f3ad92e49b13b7b8059f43ecf8f7887b0dccbb9fdb54bfe23d62a8ae332022024bd22fae0740e86a44228c35330da9526fd7306dffb2b9dc362d5e78abef7cc",
10702 "304402207157f452f2506d73c315192311893800cfb3cc235cc1185b1cfcc136b55230db022014be242dbc6c5da141fec4034e7f387f74d6ff1899453d72ba957467540e1ecb",
10703 "020000000001014bdccf28653066a2c554cafeffdfe1e678e64a69b056684deb0c4fba909423ec02000000000000000001e1120000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220471c9f3ad92e49b13b7b8059f43ecf8f7887b0dccbb9fdb54bfe23d62a8ae332022024bd22fae0740e86a44228c35330da9526fd7306dffb2b9dc362d5e78abef7cc0147304402207157f452f2506d73c315192311893800cfb3cc235cc1185b1cfcc136b55230db022014be242dbc6c5da141fec4034e7f387f74d6ff1899453d72ba957467540e1ecb01008576a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6868fa010000" }
10706 chan.context.channel_type = ChannelTypeFeatures::anchors_zero_htlc_fee_and_dependencies();
10707 test_commitment_with_anchors!("3044022027b38dfb654c34032ffb70bb43022981652fce923cbbe3cbe7394e2ade8b34230220584195b78da6e25c2e8da6b4308d9db25b65b64975db9266163ef592abb7c725",
10708 "3045022100b4014970d9d7962853f3f85196144671d7d5d87426250f0a5fdaf9a55292e92502205360910c9abb397467e19dbd63d081deb4a3240903114c98cec0a23591b79b76",
10709 "02000000000101bef67e4e2fb9ddeeb3461973cd4c62abb35050b1add772995b820b584a488489000000000038b02b80074a010000000000002200202b1b5854183c12d3316565972c4668929d314d81c5dcdbb21cb45fe8a9a8114f4a01000000000000220020e9e86e4823faa62e222ebc858a226636856158f07e69898da3b0d1af0ddb3994d007000000000000220020fe0598d74fee2205cc3672e6e6647706b4f3099713b4661b62482c3addd04a5e881300000000000022002018e40f9072c44350f134bdc887bab4d9bdfc8aa468a25616c80e21757ba5dac7881300000000000022002018e40f9072c44350f134bdc887bab4d9bdfc8aa468a25616c80e21757ba5dac7c0c62d0000000000220020f3394e1e619b0eca1f91be2fb5ab4dfc59ba5b84ebe014ad1d43a564d012994aad9c6a00000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0400483045022100b4014970d9d7962853f3f85196144671d7d5d87426250f0a5fdaf9a55292e92502205360910c9abb397467e19dbd63d081deb4a3240903114c98cec0a23591b79b7601473044022027b38dfb654c34032ffb70bb43022981652fce923cbbe3cbe7394e2ade8b34230220584195b78da6e25c2e8da6b4308d9db25b65b64975db9266163ef592abb7c72501475221023da092f6980e58d2c037173180e9a465476026ee50f96695963e8efe436f54eb21030e9f7b623d2ccc7c9bd44d66d5ce21ce504c0acf6385a132cec6d3c39fa711c152ae3e195220", {
10712 "30440220078fe5343dab88c348a3a8a9c1a9293259dbf35507ae971702cc39dd623ea9af022011ed0c0f35243cd0bb4d9ca3c772379b2b5f4af93140e9fdc5600dfec1cdb0c2",
10713 "304402205df665e2908c7690d2d33eb70e6e119958c28febe141a94ed0dd9a55ce7c8cfc0220364d02663a5d019af35c5cd5fda9465d985d85bbd12db207738d61163449a424",
10714 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c402000000000100000001d0070000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e05004730440220078fe5343dab88c348a3a8a9c1a9293259dbf35507ae971702cc39dd623ea9af022011ed0c0f35243cd0bb4d9ca3c772379b2b5f4af93140e9fdc5600dfec1cdb0c28347304402205df665e2908c7690d2d33eb70e6e119958c28febe141a94ed0dd9a55ce7c8cfc0220364d02663a5d019af35c5cd5fda9465d985d85bbd12db207738d61163449a424012001010101010101010101010101010101010101010101010101010101010101018d76a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c8201208763a9144b6b2e5444c2639cc0fb7bcea5afba3f3cdce23988527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae677502f501b175ac6851b2756800000000" },
10716 "304402202df6bf0f98a42cfd0172a16bded7d1b16c14f5f42ba23f5c54648c14b647531302200fe1508626817f23925bb56951d5e4b2654c751743ab6db48a6cce7dda17c01c",
10717 "304402203f99ec05cdd89558a23683b471c1dcce8f6a92295f1fff3b0b5d21be4d4f97ea022019d29070690fc2c126fe27cc4ab2f503f289d362721b2efa7418e7fddb939a5b",
10718 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c40300000000010000000188130000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e050047304402202df6bf0f98a42cfd0172a16bded7d1b16c14f5f42ba23f5c54648c14b647531302200fe1508626817f23925bb56951d5e4b2654c751743ab6db48a6cce7dda17c01c8347304402203f99ec05cdd89558a23683b471c1dcce8f6a92295f1fff3b0b5d21be4d4f97ea022019d29070690fc2c126fe27cc4ab2f503f289d362721b2efa7418e7fddb939a5b01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6851b27568f9010000" },
10720 "3045022100bd206b420c495f3aa714d3ea4766cbe95441deacb5d2f737f1913349aee7c2ae02200249d2c950dd3b15326bf378ae5d2b871d33d6737f5d70735f3de8383140f2a1",
10721 "3045022100f2cd35e385b9b7e15b92a5d78d120b6b2c5af4e974bc01e884c5facb3bb5966c0220706e0506477ce809a40022d6de8e041e9ef13136c45abee9c36f58a01fdb188b",
10722 "020000000001013d060d0305c9616eaabc21d41fae85bcb5477b5d7f1c92aa429cf15339bbe1c40400000000010000000188130000000000002200204adb4e2f00643db396dd120d4e7dc17625f5f2c11a40d857accc862d6b7dd80e0500483045022100bd206b420c495f3aa714d3ea4766cbe95441deacb5d2f737f1913349aee7c2ae02200249d2c950dd3b15326bf378ae5d2b871d33d6737f5d70735f3de8383140f2a183483045022100f2cd35e385b9b7e15b92a5d78d120b6b2c5af4e974bc01e884c5facb3bb5966c0220706e0506477ce809a40022d6de8e041e9ef13136c45abee9c36f58a01fdb188b01008876a91414011f7254d96b819c76986c277d115efce6f7b58763ac67210394854aa6eab5b2a8122cc726e9dded053a2184d88256816826d6231c068d4a5b7c820120876475527c21030d417a46946384f88d5f3337267c5e579765875dc4daca813e21734b140639e752ae67a9142002cc93ebefbb1b73f0af055dcc27a0b504ad7688ac6851b27568fa010000" }
10727 fn test_per_commitment_secret_gen() {
10728 // Test vectors from BOLT 3 Appendix D:
10730 let mut seed = [0; 32];
10731 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("0000000000000000000000000000000000000000000000000000000000000000").unwrap());
10732 assert_eq!(chan_utils::build_commitment_secret(&seed, 281474976710655),
10733 <Vec<u8>>::from_hex("02a40c85b6f28da08dfdbe0926c53fab2de6d28c10301f8f7c4073d5e42e3148").unwrap()[..]);
10735 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF").unwrap());
10736 assert_eq!(chan_utils::build_commitment_secret(&seed, 281474976710655),
10737 <Vec<u8>>::from_hex("7cc854b54e3e0dcdb010d7a3fee464a9687be6e8db3be6854c475621e007a5dc").unwrap()[..]);
10739 assert_eq!(chan_utils::build_commitment_secret(&seed, 0xaaaaaaaaaaa),
10740 <Vec<u8>>::from_hex("56f4008fb007ca9acf0e15b054d5c9fd12ee06cea347914ddbaed70d1c13a528").unwrap()[..]);
10742 assert_eq!(chan_utils::build_commitment_secret(&seed, 0x555555555555),
10743 <Vec<u8>>::from_hex("9015daaeb06dba4ccc05b91b2f73bd54405f2be9f217fbacd3c5ac2e62327d31").unwrap()[..]);
10745 seed[0..32].clone_from_slice(&<Vec<u8>>::from_hex("0101010101010101010101010101010101010101010101010101010101010101").unwrap());
10746 assert_eq!(chan_utils::build_commitment_secret(&seed, 1),
10747 <Vec<u8>>::from_hex("915c75942a26bb3a433a8ce2cb0427c29ec6c1775cfc78328b57f6ba7bfeaa9c").unwrap()[..]);
10751 fn test_key_derivation() {
10752 // Test vectors from BOLT 3 Appendix E:
10753 let secp_ctx = Secp256k1::new();
10755 let base_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f").unwrap()[..]).unwrap();
10756 let per_commitment_secret = SecretKey::from_slice(&<Vec<u8>>::from_hex("1f1e1d1c1b1a191817161514131211100f0e0d0c0b0a09080706050403020100").unwrap()[..]).unwrap();
10758 let base_point = PublicKey::from_secret_key(&secp_ctx, &base_secret);
10759 assert_eq!(base_point.serialize()[..], <Vec<u8>>::from_hex("036d6caac248af96f6afa7f904f550253a0f3ef3f5aa2fe6838a95b216691468e2").unwrap()[..]);
10761 let per_commitment_point = PublicKey::from_secret_key(&secp_ctx, &per_commitment_secret);
10762 assert_eq!(per_commitment_point.serialize()[..], <Vec<u8>>::from_hex("025f7117a78150fe2ef97db7cfc83bd57b2e2c0d0dd25eaf467a4a1c2a45ce1486").unwrap()[..]);
10764 assert_eq!(chan_utils::derive_private_key(&secp_ctx, &per_commitment_point, &base_secret),
10765 SecretKey::from_slice(&<Vec<u8>>::from_hex("cbced912d3b21bf196a766651e436aff192362621ce317704ea2f75d87e7be0f").unwrap()[..]).unwrap());
10767 assert_eq!(RevocationKey::from_basepoint(&secp_ctx, &RevocationBasepoint::from(base_point), &per_commitment_point).to_public_key().serialize()[..],
10768 <Vec<u8>>::from_hex("02916e326636d19c33f13e8c0c3a03dd157f332f3e99c317c141dd865eb01f8ff0").unwrap()[..]);
10770 assert_eq!(chan_utils::derive_private_revocation_key(&secp_ctx, &per_commitment_secret, &base_secret),
10771 SecretKey::from_slice(&<Vec<u8>>::from_hex("d09ffff62ddb2297ab000cc85bcb4283fdeb6aa052affbc9dddcf33b61078110").unwrap()[..]).unwrap());
10775 fn test_zero_conf_channel_type_support() {
10776 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10777 let secp_ctx = Secp256k1::new();
10778 let seed = [42; 32];
10779 let network = Network::Testnet;
10780 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
10781 let logger = test_utils::TestLogger::new();
10783 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10784 let config = UserConfig::default();
10785 let node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider,
10786 node_b_node_id, &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42, None).unwrap();
10788 let mut channel_type_features = ChannelTypeFeatures::only_static_remote_key();
10789 channel_type_features.set_zero_conf_required();
10791 let mut open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
10792 open_channel_msg.common_fields.channel_type = Some(channel_type_features);
10793 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
10794 let res = InboundV1Channel::<&TestKeysInterface>::new(&feeest, &&keys_provider, &&keys_provider,
10795 node_b_node_id, &channelmanager::provided_channel_type_features(&config),
10796 &channelmanager::provided_init_features(&config), &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false);
10797 assert!(res.is_ok());
10801 fn test_supports_anchors_zero_htlc_tx_fee() {
10802 // Tests that if both sides support and negotiate `anchors_zero_fee_htlc_tx`, it is the
10803 // resulting `channel_type`.
10804 let secp_ctx = Secp256k1::new();
10805 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10806 let network = Network::Testnet;
10807 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10808 let logger = test_utils::TestLogger::new();
10810 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10811 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10813 let mut config = UserConfig::default();
10814 config.channel_handshake_config.negotiate_anchors_zero_fee_htlc_tx = true;
10816 // It is not enough for just the initiator to signal `option_anchors_zero_fee_htlc_tx`, both
10817 // need to signal it.
10818 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10819 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10820 &channelmanager::provided_init_features(&UserConfig::default()), 10000000, 100000, 42,
10821 &config, 0, 42, None
10823 assert!(!channel_a.context.channel_type.supports_anchors_zero_fee_htlc_tx());
10825 let mut expected_channel_type = ChannelTypeFeatures::empty();
10826 expected_channel_type.set_static_remote_key_required();
10827 expected_channel_type.set_anchors_zero_fee_htlc_tx_required();
10829 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10830 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10831 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10835 let open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10836 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10837 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10838 &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config),
10839 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10842 assert_eq!(channel_a.context.channel_type, expected_channel_type);
10843 assert_eq!(channel_b.context.channel_type, expected_channel_type);
10847 fn test_rejects_implicit_simple_anchors() {
10848 // Tests that if `option_anchors` is being negotiated implicitly through the intersection of
10849 // each side's `InitFeatures`, it is rejected.
10850 let secp_ctx = Secp256k1::new();
10851 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10852 let network = Network::Testnet;
10853 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10854 let logger = test_utils::TestLogger::new();
10856 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10857 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10859 let config = UserConfig::default();
10861 // See feature bit assignments: https://github.com/lightning/bolts/blob/master/09-features.md
10862 let static_remote_key_required: u64 = 1 << 12;
10863 let simple_anchors_required: u64 = 1 << 20;
10864 let raw_init_features = static_remote_key_required | simple_anchors_required;
10865 let init_features_with_simple_anchors = InitFeatures::from_le_bytes(raw_init_features.to_le_bytes().to_vec());
10867 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10868 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10869 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10873 // Set `channel_type` to `None` to force the implicit feature negotiation.
10874 let mut open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10875 open_channel_msg.common_fields.channel_type = None;
10877 // Since A supports both `static_remote_key` and `option_anchors`, but B only accepts
10878 // `static_remote_key`, it will fail the channel.
10879 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10880 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10881 &channelmanager::provided_channel_type_features(&config), &init_features_with_simple_anchors,
10882 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10884 assert!(channel_b.is_err());
10888 fn test_rejects_simple_anchors_channel_type() {
10889 // Tests that if `option_anchors` is being negotiated through the `channel_type` feature,
10891 let secp_ctx = Secp256k1::new();
10892 let fee_estimator = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10893 let network = Network::Testnet;
10894 let keys_provider = test_utils::TestKeysInterface::new(&[42; 32], network);
10895 let logger = test_utils::TestLogger::new();
10897 let node_id_a = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[1; 32]).unwrap());
10898 let node_id_b = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[2; 32]).unwrap());
10900 let config = UserConfig::default();
10902 // See feature bit assignments: https://github.com/lightning/bolts/blob/master/09-features.md
10903 let static_remote_key_required: u64 = 1 << 12;
10904 let simple_anchors_required: u64 = 1 << 20;
10905 let simple_anchors_raw_features = static_remote_key_required | simple_anchors_required;
10906 let simple_anchors_init = InitFeatures::from_le_bytes(simple_anchors_raw_features.to_le_bytes().to_vec());
10907 let simple_anchors_channel_type = ChannelTypeFeatures::from_le_bytes(simple_anchors_raw_features.to_le_bytes().to_vec());
10908 assert!(!simple_anchors_init.requires_unknown_bits());
10909 assert!(!simple_anchors_channel_type.requires_unknown_bits());
10911 // First, we'll try to open a channel between A and B where A requests a channel type for
10912 // the original `option_anchors` feature (non zero fee htlc tx). This should be rejected by
10913 // B as it's not supported by LDK.
10914 let channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10915 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b,
10916 &channelmanager::provided_init_features(&config), 10000000, 100000, 42, &config, 0, 42,
10920 let mut open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10921 open_channel_msg.common_fields.channel_type = Some(simple_anchors_channel_type.clone());
10923 let res = InboundV1Channel::<&TestKeysInterface>::new(
10924 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10925 &channelmanager::provided_channel_type_features(&config), &simple_anchors_init,
10926 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10928 assert!(res.is_err());
10930 // Then, we'll try to open another channel where A requests a channel type for
10931 // `anchors_zero_fee_htlc_tx`. B is malicious and tries to downgrade the channel type to the
10932 // original `option_anchors` feature, which should be rejected by A as it's not supported by
10934 let mut channel_a = OutboundV1Channel::<&TestKeysInterface>::new(
10935 &fee_estimator, &&keys_provider, &&keys_provider, node_id_b, &simple_anchors_init,
10936 10000000, 100000, 42, &config, 0, 42, None
10939 let open_channel_msg = channel_a.get_open_channel(ChainHash::using_genesis_block(network));
10941 let channel_b = InboundV1Channel::<&TestKeysInterface>::new(
10942 &fee_estimator, &&keys_provider, &&keys_provider, node_id_a,
10943 &channelmanager::provided_channel_type_features(&config), &channelmanager::provided_init_features(&config),
10944 &open_channel_msg, 7, &config, 0, &&logger, /*is_0conf=*/false
10947 let mut accept_channel_msg = channel_b.get_accept_channel_message();
10948 accept_channel_msg.common_fields.channel_type = Some(simple_anchors_channel_type.clone());
10950 let res = channel_a.accept_channel(
10951 &accept_channel_msg, &config.channel_handshake_limits, &simple_anchors_init
10953 assert!(res.is_err());
10957 fn test_waiting_for_batch() {
10958 let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
10959 let logger = test_utils::TestLogger::new();
10960 let secp_ctx = Secp256k1::new();
10961 let seed = [42; 32];
10962 let network = Network::Testnet;
10963 let best_block = BestBlock::from_network(network);
10964 let chain_hash = ChainHash::using_genesis_block(network);
10965 let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
10967 let mut config = UserConfig::default();
10968 // Set trust_own_funding_0conf while ensuring we don't send channel_ready for a
10969 // channel in a batch before all channels are ready.
10970 config.channel_handshake_limits.trust_own_funding_0conf = true;
10972 // Create a channel from node a to node b that will be part of batch funding.
10973 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
10974 let mut node_a_chan = OutboundV1Channel::<&TestKeysInterface>::new(
10979 &channelmanager::provided_init_features(&config),
10989 let open_channel_msg = node_a_chan.get_open_channel(ChainHash::using_genesis_block(network));
10990 let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
10991 let mut node_b_chan = InboundV1Channel::<&TestKeysInterface>::new(
10996 &channelmanager::provided_channel_type_features(&config),
10997 &channelmanager::provided_init_features(&config),
11003 true, // Allow node b to send a 0conf channel_ready.
11006 let accept_channel_msg = node_b_chan.accept_inbound_channel();
11007 node_a_chan.accept_channel(
11008 &accept_channel_msg,
11009 &config.channel_handshake_limits,
11010 &channelmanager::provided_init_features(&config),
11013 // Fund the channel with a batch funding transaction.
11014 let output_script = node_a_chan.context.get_funding_redeemscript();
11015 let tx = Transaction {
11017 lock_time: LockTime::ZERO,
11021 value: 10000000, script_pubkey: output_script.clone(),
11024 value: 10000000, script_pubkey: Builder::new().into_script(),
11027 let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
11028 let funding_created_msg = node_a_chan.get_funding_created(
11029 tx.clone(), funding_outpoint, true, &&logger,
11030 ).map_err(|_| ()).unwrap();
11031 let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(
11032 &funding_created_msg.unwrap(),
11036 ).map_err(|_| ()).unwrap();
11037 let node_b_updates = node_b_chan.monitor_updating_restored(
11045 // Receive funding_signed, but the channel will be configured to hold sending channel_ready and
11046 // broadcasting the funding transaction until the batch is ready.
11047 let res = node_a_chan.funding_signed(
11048 &funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger,
11050 let (mut node_a_chan, _) = if let Ok(res) = res { res } else { panic!(); };
11051 let node_a_updates = node_a_chan.monitor_updating_restored(
11058 // Our channel_ready shouldn't be sent yet, even with trust_own_funding_0conf set,
11059 // as the funding transaction depends on all channels in the batch becoming ready.
11060 assert!(node_a_updates.channel_ready.is_none());
11061 assert!(node_a_updates.funding_broadcastable.is_none());
11062 assert_eq!(node_a_chan.context.channel_state, ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH));
11064 // It is possible to receive a 0conf channel_ready from the remote node.
11065 node_a_chan.channel_ready(
11066 &node_b_updates.channel_ready.unwrap(),
11074 node_a_chan.context.channel_state,
11075 ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH | AwaitingChannelReadyFlags::THEIR_CHANNEL_READY)
11078 // Clear the ChannelState::WaitingForBatch only when called by ChannelManager.
11079 node_a_chan.set_batch_ready();
11080 assert_eq!(node_a_chan.context.channel_state, ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::THEIR_CHANNEL_READY));
11081 assert!(node_a_chan.check_get_channel_ready(0).is_some());
projects / rust-lightning / blob