mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-01-18 05:12:45 +01:00
Code Issues Projects Releases Wiki Activity

openingd: pull out check_configs into a common place

Browse Source 
We'll re-use it for dualopend!
This commit is contained in:
niftynei 2020-09-09 16:50:53 +09:30 committed by Rusty Russell
parent 6607f1d629
commit 72a098a4ad
5 changed files with 246 additions and 189 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
common/initial_commit_tx.h
View File

@ -10,6 +10,7 @@
struct bitcoin_txid;
struct keyset;
struct wally_tx_output;
/* BOLT #3:
*

4
openingd/Makefile
View File

@ -1,6 +1,8 @@
#! /usr/bin/make
OPENINGD_HEADERS := openingd/openingd_wiregen.h
OPENINGD_HEADERS := \
openingd/common.h \
openingd/openingd_wiregen.h
OPENINGD_SRC := openingd/openingd.c \
$(OPENINGD_HEADERS:.h=.c)

197
openingd/common.c Normal file
View File

@ -0,0 +1,197 @@
#include <ccan/ccan/tal/str/str.h>
#include <common/amount.h>
#include <common/channel_config.h>
#include <common/initial_commit_tx.h>
#include <common/type_to_string.h>
#include <openingd/common.h>
/*~ This is the key function that checks that their configuration is reasonable:
* it applied for both the case where they're trying to open a channel, and when
* they've accepted our open. */
bool check_config_bounds(const tal_t *ctx,
struct amount_sat funding,
u32 feerate_per_kw,
u32 max_to_self_delay,
struct amount_msat min_effective_htlc_capacity,
const struct channel_config *remoteconf,
const struct channel_config *localconf,
bool am_opener,
bool option_anchor_outputs,
char **err_reason)
{
struct amount_sat capacity;
struct amount_sat reserve;
struct amount_sat fee;
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `to_self_delay` is unreasonably large.
*/
if (remoteconf->to_self_delay > max_to_self_delay) {
*err_reason = tal_fmt(ctx,
"to_self_delay %u larger than %u",
remoteconf->to_self_delay,
max_to_self_delay);
return false;
}
/* BOLT #2:
*
* The receiving node MAY fail the channel if:
*...
* - `funding_satoshis` is too small.
* - it considers `htlc_minimum_msat` too large.
* - it considers `max_htlc_value_in_flight_msat` too small.
* - it considers `channel_reserve_satoshis` too large.
* - it considers `max_accepted_htlcs` too small.
*/
/* We accumulate this into an effective bandwidth minimum. */
/* Add both reserves to deduct from capacity. */
if (!amount_sat_add(&reserve,
remoteconf->channel_reserve,
localconf->channel_reserve)) {
*err_reason = tal_fmt(ctx,
"channel_reserve_satoshis %s"
" too large",
type_to_string(ctx, struct amount_sat,
&remoteconf->channel_reserve));
return false;
}
/* BOLT-a12da24dd0102c170365124782b46d9710950ac1 #2:
* - if `option_anchor_outputs` applies to this commitment
* transaction and the sending node is the funder:
* - MUST be able to additionally pay for `to_local_anchor` and
* `to_remote_anchor` above its reserve.
*/
/* (We simply include in "reserve" here if they opened). */
if (option_anchor_outputs
&& !am_opener
&& !amount_sat_add(&reserve, reserve, AMOUNT_SAT(660))) {
*err_reason = tal_fmt(ctx,
"cannot add anchors to reserve %s",
type_to_string(ctx, struct amount_sat,
&reserve));
return false;
}
/* If reserves are larger than total sat, we fail. */
if (!amount_sat_sub(&capacity, funding, reserve)) {
*err_reason = tal_fmt(ctx, "channel_reserve_satoshis %s"
" and %s too large for funding %s",
type_to_string(ctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(ctx, struct amount_sat,
&localconf->channel_reserve),
type_to_string(ctx, struct amount_sat,
&funding));
return false;
}
/* They have to pay for fees, too. Assuming HTLC is dust, though,
* we don't account for an HTLC output. */
fee = commit_tx_base_fee(feerate_per_kw, 0, option_anchor_outputs);
if (!amount_sat_sub(&capacity, capacity, fee)) {
*err_reason = tal_fmt(ctx, "channel_reserve_satoshis %s"
" and %s plus fee %s too large for "
"funding %s",
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&localconf->channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&fee),
type_to_string(tmpctx, struct amount_sat,
&funding));
return false;
}
/* If they set the max HTLC value to less than that number, it caps
* the channel capacity. */
if (amount_sat_greater(capacity,
amount_msat_to_sat_round_down(remoteconf->max_htlc_value_in_flight)))
capacity = amount_msat_to_sat_round_down(remoteconf->max_htlc_value_in_flight);
/* If the minimum htlc is greater than the capacity, the channel is
* useless. */
if (amount_msat_greater_sat(remoteconf->htlc_minimum, capacity)) {
*err_reason = tal_fmt(ctx, "htlc_minimum_msat %s"
" too large for funding %s"
" capacity_msat %s",
type_to_string(ctx, struct amount_msat,
&remoteconf->htlc_minimum),
type_to_string(ctx, struct amount_sat,
&funding),
type_to_string(ctx, struct amount_sat,
&capacity));
return false;
}
/* If the resulting channel doesn't meet our minimum "effective capacity"
* set by lightningd, don't bother opening it. */
if (amount_msat_greater_sat(min_effective_htlc_capacity,
capacity)) {
*err_reason = tal_fmt(ctx,
"channel capacity with funding %s,"
" reserves %s/%s,"
" max_htlc_value_in_flight_msat is %s,"
" channel capacity is %s, which is below %s",
type_to_string(ctx, struct amount_sat,
&funding),
type_to_string(ctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(ctx, struct amount_sat,
&localconf->channel_reserve),
type_to_string(ctx, struct amount_msat,
&remoteconf->max_htlc_value_in_flight),
type_to_string(ctx, struct amount_sat,
&capacity),
type_to_string(ctx, struct amount_msat,
&min_effective_htlc_capacity));
return false;
}
/* We don't worry about how many HTLCs they accept, as long as > 0! */
if (remoteconf->max_accepted_htlcs == 0) {
*err_reason = tal_fmt(ctx,
"max_accepted_htlcs %u invalid",
remoteconf->max_accepted_htlcs);
return false;
}
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `max_accepted_htlcs` is greater than 483.
*/
if (remoteconf->max_accepted_htlcs > 483) {
*err_reason = tal_fmt(ctx,
"max_accepted_htlcs %u too large",
remoteconf->max_accepted_htlcs);
return false;
}
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `dust_limit_satoshis` is greater than `channel_reserve_satoshis`.
*/
if (amount_sat_greater(remoteconf->dust_limit,
remoteconf->channel_reserve)) {
*err_reason = tal_fmt(ctx,
"dust_limit_satoshis %s"
" too large for channel_reserve_satoshis %s",
type_to_string(ctx, struct amount_sat,
&remoteconf->dust_limit),
type_to_string(ctx, struct amount_sat,
&remoteconf->channel_reserve));
return false;
}
return true;
}

21
openingd/common.h Normal file
View File

@ -0,0 +1,21 @@
#ifndef LIGHTNING_OPENINGD_COMMON_H
#define LIGHTNING_OPENINGD_COMMON_H
#include "config.h"
struct amount_sat;
struct channel_config;
bool check_config_bounds(const tal_t *ctx,
struct amount_sat funding,
u32 feerate_per_kw,
u32 max_to_self_delay,
struct amount_msat min_effective_htlc_capacity,
const struct channel_config *remoteconf,
const struct channel_config *localconf,
bool am_opener,
bool option_anchor_outputs,
char **err_reason);
#endif /* LIGHTNING_OPENINGD_COMMON_H */

212
openingd/openingd.c
View File

@ -44,6 +44,7 @@
#include <gossipd/gossipd_peerd_wiregen.h>
#include <hsmd/hsmd_wiregen.h>
#include <inttypes.h>
#include <openingd/common.h>
#include <openingd/openingd_wiregen.h>
#include <poll.h>
#include <secp256k1.h>
@ -195,192 +196,6 @@ static void negotiation_failed(struct state *state, bool am_opener,
negotiation_aborted(state, am_opener, errmsg);
}
/*~ This is the key function that checks that their configuration is reasonable:
* it applied for both the case where they're trying to open a channel, and when
* they've accepted our open. */
static bool check_config_bounds(struct state *state,
const struct channel_config *remoteconf,
bool am_opener)
{
struct amount_sat capacity;
struct amount_sat reserve;
struct amount_sat fee;
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `to_self_delay` is unreasonably large.
*/
if (remoteconf->to_self_delay > state->max_to_self_delay) {
negotiation_failed(state, am_opener,
"to_self_delay %u larger than %u",
remoteconf->to_self_delay,
state->max_to_self_delay);
return false;
}
/* BOLT #2:
*
* The receiving node MAY fail the channel if:
*...
* - `funding_satoshis` is too small.
* - it considers `htlc_minimum_msat` too large.
* - it considers `max_htlc_value_in_flight_msat` too small.
* - it considers `channel_reserve_satoshis` too large.
* - it considers `max_accepted_htlcs` too small.
*/
/* We accumulate this into an effective bandwidth minimum. */
/* Add both reserves to deduct from capacity. */
if (!amount_sat_add(&reserve,
remoteconf->channel_reserve,
state->localconf.channel_reserve)) {
negotiation_failed(state, am_opener,
"channel_reserve_satoshis %s"
" too large",
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve));
return false;
}
/* BOLT #2:
* - if `option_anchor_outputs` applies to this commitment
* transaction and the sending node is the funder:
* - MUST be able to additionally pay for `to_local_anchor` and
* `to_remote_anchor` above its reserve.
*/
/* We simply include in "reserve" here. */
if (state->option_anchor_outputs
&& !amount_sat_add(&reserve, reserve, AMOUNT_SAT(660))) {
negotiation_failed(state, am_opener,
"cannot add anchors to reserve %s",
type_to_string(tmpctx, struct amount_sat,
&reserve));
return false;
}
/* If reserves are larger than total sat, we fail. */
if (!amount_sat_sub(&capacity, state->funding, reserve)) {
negotiation_failed(state, am_opener,
"channel_reserve_satoshis %s"
" and %s too large for funding %s",
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&state->localconf.channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&state->funding));
return false;
}
/* They have to pay for fees, too. Assuming HTLC is dust, though,
* we don't account for an HTLC output. */
fee = commit_tx_base_fee(state->feerate_per_kw, 0,
state->option_anchor_outputs);
if (!amount_sat_sub(&capacity, capacity, fee)) {
negotiation_failed(state, am_opener,
"channel_reserve_satoshis %s"
" and %s plus fee %s too large for funding %s",
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&state->localconf.channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&fee),
type_to_string(tmpctx, struct amount_sat,
&state->funding));
return false;
}
/* If they set the max HTLC value to less than that number, it caps
* the channel capacity. */
if (amount_sat_greater(capacity,
amount_msat_to_sat_round_down(remoteconf->max_htlc_value_in_flight)))
capacity = amount_msat_to_sat_round_down(remoteconf->max_htlc_value_in_flight);
/* If the minimum htlc is greater than the capacity, the channel is
* useless. */
if (amount_msat_greater_sat(remoteconf->htlc_minimum, capacity)) {
negotiation_failed(state, am_opener,
"htlc_minimum_msat %s"
" too large for funding %s"
" capacity_msat %s",
type_to_string(tmpctx, struct amount_msat,
&remoteconf->htlc_minimum),
type_to_string(tmpctx, struct amount_sat,
&state->funding),
type_to_string(tmpctx, struct amount_sat,
&capacity));
return false;
}
/* If the resulting channel doesn't meet our minimum "effective capacity"
* set by lightningd, don't bother opening it. */
if (amount_msat_greater_sat(state->min_effective_htlc_capacity,
capacity)) {
negotiation_failed(state, am_opener,
"channel capacity with funding %s,"
" reserves %s/%s,"
" max_htlc_value_in_flight_msat is %s,"
" channel capacity is %s, which is below %s",
type_to_string(tmpctx, struct amount_sat,
&state->funding),
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve),
type_to_string(tmpctx, struct amount_sat,
&state->localconf.channel_reserve),
type_to_string(tmpctx, struct amount_msat,
&remoteconf->max_htlc_value_in_flight),
type_to_string(tmpctx, struct amount_sat,
&capacity),
type_to_string(tmpctx, struct amount_msat,
&state->min_effective_htlc_capacity));
return false;
}
/* We don't worry about how many HTLCs they accept, as long as > 0! */
if (remoteconf->max_accepted_htlcs == 0) {
negotiation_failed(state, am_opener,
"max_accepted_htlcs %u invalid",
remoteconf->max_accepted_htlcs);
return false;
}
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `max_accepted_htlcs` is greater than 483.
*/
if (remoteconf->max_accepted_htlcs > 483) {
negotiation_failed(state, am_opener,
"max_accepted_htlcs %u too large",
remoteconf->max_accepted_htlcs);
return false;
}
/* BOLT #2:
*
* The receiving node MUST fail the channel if:
*...
* - `dust_limit_satoshis` is greater than `channel_reserve_satoshis`.
*/
if (amount_sat_greater(remoteconf->dust_limit,
remoteconf->channel_reserve)) {
negotiation_failed(state, am_opener,
"dust_limit_satoshis %s"
" too large for channel_reserve_satoshis %s",
type_to_string(tmpctx, struct amount_sat,
&remoteconf->dust_limit),
type_to_string(tmpctx, struct amount_sat,
&remoteconf->channel_reserve));
return false;
}
return true;
}
/* We always set channel_reserve_satoshis to 1%, rounded down. */
static void set_reserve(struct state *state)
{
@ -567,6 +382,7 @@ static u8 *funder_channel_start(struct state *state, u8 channel_flags)
struct channel_id id_in;
struct tlv_open_channel_tlvs *open_tlvs;
struct tlv_accept_channel_tlvs *accept_tlvs;
char *err_reason;
if (!setup_channel_funder(state))
return NULL;
@ -665,8 +481,18 @@ static u8 *funder_channel_start(struct state *state, u8 channel_flags)
return NULL;
}
if (!check_config_bounds(state, &state->remoteconf, true))
if (!check_config_bounds(tmpctx, state->funding,
state->feerate_per_kw,
state->max_to_self_delay,
state->min_effective_htlc_capacity,
&state->remoteconf,
&state->localconf,
true,
state->option_anchor_outputs,
&err_reason)) {
negotiation_failed(state, true, "%s", err_reason);
return NULL;
}
funding_output_script =
scriptpubkey_p2wsh(tmpctx,
@ -1100,8 +926,18 @@ static u8 *fundee_channel(struct state *state, const u8 *open_channel_msg)
}
/* These checks are the same whether we're opener or accepter... */
if (!check_config_bounds(state, &state->remoteconf, false))
if (!check_config_bounds(tmpctx, state->funding,
state->feerate_per_kw,
state->max_to_self_delay,
state->min_effective_htlc_capacity,
&state->remoteconf,
&state->localconf,
false,
state->option_anchor_outputs,
&err_reason)) {
negotiation_failed(state, false, "%s", err_reason);
return NULL;
}
/* Check with lightningd that we can accept this? In particular,
* if we have an existing channel, we don't support it. */