df-rbf: only permit the channel initiator to init RBF

We're *mostly* set up for both sides doing RBF, except that it reverses the callback flow (using the plugin vs RPC calls) and we're not currently smart enough to flip between them gracefully
2025-01-17 19:03:42 +01:00 · 2021-02-04 11:45:12 -06:00 · 2021-02-04 11:45:12 -06:00 · f22fed3fd5
commit f22fed3fd5
parent a0cb7bd9b4
2 changed files with 9 additions and 0 deletions
--- a/lightningd/dual_open_control.c
+++ b/lightningd/dual_open_control.c
@ -1807,6 +1807,11 @@ json_openchannel_bump(struct command *cmd,
 				    " Current state %s, expected state %s",
 				    channel_state_name(channel),
 				    channel_state_str(DUALOPEND_AWAITING_LOCKIN));
+	if (channel->opener != LOCAL)
+		return command_fail(cmd, FUNDING_STATE_INVALID,
+				    "Only the channel opener can initiate an"
+				    " RBF attempt");
+
 	/* Ok, we're kosher to start */
 	channel->open_attempt = oa = new_channel_open_attempt(channel);
 	oa->funding = *amount;
--- a/openingd/dualopend.c
+++ b/openingd/dualopend.c
@ -2744,6 +2744,10 @@ static void rbf_remote_start(struct state *state, const u8 *rbf_msg)
 	check_channel_id(state, &cid, &state->channel_id);
 	peer_billboard(false, "channel rbf: init received from peer");

+	if (state->our_role == TX_INITIATOR)
+		rbf_failed(state, "Only the channel initiator is allowed"
+			   " to initiate RBF");
+
 	/* Have you sent us everything we need yet ? */
 	if (!state->tx_state->remote_funding_sigs_rcvd)
 		rbf_failed(state, "Last funding attempt not complete:"