Commit Graph

799 Commits

Author SHA1 Message Date
Christian Decker
803c048a1f pay: Compute the number of HTLCs needed after presplit correctly
We were counting the attempts including the root payment, which
resulted in an off-by-one error with the `test_pay_low_max_htlcs`
test. Counting the children of the root payment after the presplitter
had a go is the correct way to do it, since at that time we only have
one level in the tree, no need to recurse and potentially count
ourselves.
2021-06-03 16:59:53 +09:30
Rusty Russell
d4def7e73a plugin/pay: prevent presplitter from dividing if max already tiny.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-06-03 16:59:53 +09:30
Christian Decker
05a3be15a3 pay: Fix use-after-free issue with routehints in shortlived payments
This was triggered by having some part being started after the overall
command already gave up, cleaning up the `cmd` context from which the
routehints were allocated. The early exit of the command, as a result
from a terminal state does not guarantee that no later attempt will
try to find a route, especially if the attempt was started before we
knew that it is doomed.
2021-06-03 16:59:53 +09:30
Nalin Bhardwaj
23fada090c plugins/pay: sort output payments in listpays
Changelog-Changed: `listpays` output is now ordered by the `created_at` timestamp.
2021-06-01 11:14:38 -05:00
Rusty Russell
a027b3a80c plugins/test/Makefile: fix typo causing build race.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-27 20:28:49 +09:30
Rusty Russell
8a67c4a1ba decode: always return "valid" field.
Otherwise our schema is pretty meaningless, since invalid decodes
can have missing "required" fields.

Also fix a typo "blinded_payindo".

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Experimental: JSON-RPC: `decode` now gives a `valid` boolean (it does partial decodes of some invalid data).
2021-05-27 20:28:49 +09:30
Rusty Russell
a4c7ff0f10 libplugin: remove command_success_str function.
As mentioned in previous commits: "result" must be an object,
and anything else is an antipattern.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-27 20:28:49 +09:30
Rusty Russell
97b52ed8c3 autoclean: don't return a raw string as result.
This is hard to parse, and not extensible in future, and disagrees with
the man page (and caught by schema).

Technically this is an API break, but it can't be done neatly anyway
and it's unlikely someone is relying on this today :(

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: JSONRPC: `autocleaninvoice` now returns an object, not a raw string.
2021-05-27 20:28:49 +09:30
Rusty Russell
14eddb95ba fundchannel, multifundchannel: reserve inputs for two weeks, not 12 hours.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: Plugins: `fundchannel` and `multifundchannel` will now reserve funding they use for 2 weeks instead of 12 hours.
2021-05-26 15:08:01 +09:30
Rusty Russell
96bd0961a4 pay: fix corner case where we eliminate our own hint.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: `pay`: Fix occasional crash paying an invoice with a routehint to us.
2021-05-26 08:07:38 +09:30
Rusty Russell
b80b746cd9 pay: don't wait forever if we're already past deadline.
I don't know why it thinks that blockheight is INT_MAX, but
we shouldn't wait forever anyway.

```
lightningd-1: 2021-05-25T01:22:19.472Z DEBUG   plugin-pay: cmd 67 partid 0: Blockheight disagreement, not aborting.
lightningd-1: 2021-05-25T01:22:19.483Z INFO    plugin-pay: cmd 67 partid 0: failed: WIRE_INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS (reply from remote)
lightningd-1: 2021-05-25T01:22:19.483Z INFO    plugin-pay: cmd 67 partid 0: Remote node appears to be on a longer chain, which causes CLTV timeouts to be incorrect. Waiting up to 49 seconds to catch up to block 2147483647 before retrying.
lightningd-1: 2021-05-25T01:23:08.489Z INFO    plugin-pay: cmd 67 partid 0: Timed out while attempting to sync to blockheight returned by destination. Please finish syncing with the blockchain and try again.
lightningd-1: 2021-05-25T01:23:08.489Z INFO    plugin-pay: cmd 67 partid 0: Remote node appears to be on a longer chain, which causes CLTV timeouts to be incorrect. Waiting up to 18446744073709551615 seconds to catch up to block 2147483647 before retrying.
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-25 16:25:17 +02:00
niftynei
477832057d funder: print reason that we don't contribute funds
If we don't put funds into a channel, say why in the logs. Should make
it a bit easier to figure out what's going on.
2021-05-23 08:19:50 +09:30
niftynei
f6186d5860 funder: subtract the fee of the utxo from the available amount
Adjust our total available funds downward, to account for the fees we'll
be charged to spend them.
2021-05-23 08:19:50 +09:30
niftynei
5e7695f6a0 funder: add count of utxos we're signing to the logs
Useful for asserting how many inputs we're contributing
2021-05-23 08:19:50 +09:30
Rusty Russell
2bb365a931 common/route: route_from_dijkstra returns route_hop array.
This is what (most) callers actually want, so unify it into one place.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
e531a38963 gossipd / plugin: clean up names in struct route_hop.
We're going to unify them, but the names are not the normal ones.

Fix that first.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
7ef6dd04d9 plugins/test/run-route-overlong: modern overlong routing test.
gossmap equivalent of gossipd/test/run-overlong.c.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
52e5ca3c11 plugins/libplugin: make headers update-mocks friendly.
In particular, it expects return type at start of line.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
6f71aae336 plugins/libplugin-pay: extreact route function so we can write unit tests.
New "route()" doesn't need a struct payment, so is easier to test.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
0682ad9c48 fetchinvoice: don't produce invalid JSON on sent_inv timeout.
An unrelated bug in the reverse path triggered this code, and boom.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
Rusty Russell
25b5e1e099 update-mocks: make sure we cover all test programs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-22 17:53:04 +09:30
fiatjaf
0d68febd8d reorganize .gitignore entries across subdirs. 2021-05-18 09:43:50 +09:30
fiatjaf
e17526f64c gitignore more things. 2021-05-18 09:43:50 +09:30
Rusty Russell
214fdcc9d7 plugin notifications: minor cleanups.
1. We don't need to check for NULL before tal_count(NULL).
2. Use of json_for_each_arr iterator is probably better.
3. Weird indent fixed.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-14 10:24:05 +09:30
Rusty Russell
d8e68893f5 bcli: become less aggressive with onchain fee levels.
Users are more upset recently with the cost of unilateral closes
than they are the risk of being cheated.  While we complete our
anchor implementation so we can use low fees there, let's
get less aggressive (we already have 34 or 18 blocks to close
in the worst case).

The changes are:

- Commit transactions were "2 CONSERVATIVE" now "6 ECONOMICAL".
- HTLC resolution txs were "3 CONSERVATIVE" now "6 ECONOMICAL".
- Penalty txs were "3 CONSERVATIVE" now "12 ECONOMICAL".
- Normal txs were "4 ECONOMICAL" now "12 ECONOMICAL".

There can be no perfect levels, but we have had understandable
complaints recently about how high our default fee levels are.

Changelog-Changed: Protocol: channel feerates reduced to bitcoind's "6 block ECONOMICAL" rate.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-11 11:25:16 +09:30
Rusty Russell
9a22e7b3a1 plugins/bcli: make feerate calls more changeable.
This make it clearer what we're doing, IMHO, so we can easily alter
the levels if we want.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-11 11:25:16 +09:30
Nalin Bhardwaj
ae06bb91ed plugins/bcli: strip trailing whitespace appropriately
Changelog-Fixed: Handle windows-style newlines and other trailing whitespaces correctly in bitcoin-cli interface
2021-05-03 19:00:26 +09:30
Rusty Russell
ff6b26b70e plugins/funder: fix up compilation.
I merge Christian's plugin notification API change at the same
time, broke plugins/funder.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-05-03 11:42:04 +09:30
Christian Decker
ef7f9a8022 pay: Add pay_failure notification 2021-05-03 11:20:15 +09:30
Christian Decker
c6fd849aa3 pay: Add notification for pay_success 2021-05-03 11:20:15 +09:30
Christian Decker
c8c0c4dc99 libplugin: Add functions to start and end notifications 2021-05-03 11:20:15 +09:30
Christian Decker
c1f08a42fe libplugin: Add notification topics to the manifest response 2021-05-03 11:20:15 +09:30
Christian Decker
f963a6a551 libplugin: Add notification topics to plugin_main 2021-05-03 11:20:15 +09:30
Christian Decker
f08ae49134 plugin: Restrict plugin notifications only to announced topics
We want to have well-behaved notifications that are clearly announced
during the initialization, kill plugins that don't behave.
2021-05-03 11:20:15 +09:30
niftynei
38b992b805 funder: handle RBF callback
Fund an RBF same as you would an open. We dont' do anything fancy with
our inputs -- we dont' have a copy of the last PSBT that was sent.
2021-05-03 11:06:10 +09:30
niftynei
4244fc1a53 funder: funderupdate command to see/set configs
Changelog-Added: Plugins: `funder` plugin now has new command `funderupdate` which will show current funding configuration and allow you to modify them
2021-05-03 11:06:10 +09:30
niftynei
6b37b92f8a funder: sanitize inputs
Error out if we've got the wrong info
2021-05-03 11:06:10 +09:30
niftynei
2538956b4d funder-test: tests for our policy configurations 2021-05-03 11:06:10 +09:30
niftynei
89a7479312 funder: use listfunds to fetch utxo data
Compute available_funds locally, instead of getting it from the
openchannel2 hook payload.

Suggested-By: Rusty Russell @rustyrussell
2021-05-03 11:06:10 +09:30
niftynei
cd5970243a funder: add a plugin, funder. policies for dual-funding
Behold! An immaculately concepted plugin for configuring your node to do
amazing things*

*fund channel open requests

Changelog-Added:  Plugins: Add `funder` plugin, which allows you to setup a policy for funding v2 channel open requests. Requres --experimental-dual-fund option
2021-05-03 11:06:10 +09:30
niftynei
916edaa839 openchannel: add missing string args to format string
Oops
2021-05-03 11:06:10 +09:30
niftynei
15e83925e8 libplugin: add no-op command complete function
When an RPC originates from a plugin, and there's no associated command,
it's useful to be able to signal that you're finished.
2021-05-03 11:06:10 +09:30
niftynei
9c8ce925ef dual-fund: update state before checking for 'doneness'
If we only add a single input/output for the funding transaction,
 we'll only call openchannel_update once, which results in
a crash because the dest->state will never advance to
MULTIFUNDCHANNEL_UPDATED;

Instead, we update to UPDATED before we check for doneness.
2021-04-16 15:33:44 +09:30
Christian Decker
c8dbcac38e pay: Use gossmap for reachability check 2021-04-06 11:03:47 +09:30
niftynei
6db6ba6c03 dual-funding: introduce racy state
It's unlikely but possible that a race condition will result in us not
being at the 'secured' state yet here.

Crashlogs. All required msgs are received (in order)
from peers, but the crash suggests they weren't relayed/processed by the
spender plugin in the order received.

WIRE_TX_SIGNATURES is passed the the plugin via a notification;
WIRE_COMMITMENT_SIGNED is returned as the result of an RPC call.

```
021-03-25T12:12:33.5213247Z lightningd-1: 2021-03-25T11:50:13.351Z DEBUG   035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d-dualopend-chan#3: peer_in WIRE_COMMITMENT_SIGNED
2021-03-25T12:12:33.5221140Z lightningd-1: 2021-03-25T11:50:13.659Z DEBUG   022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-dualopend-chan#1: peer_in WIRE_COMMITMENT_SIGNED
2021-03-25T12:12:33.5228462Z lightningd-1: 2021-03-25T11:50:14.169Z DEBUG   035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d-dualopend-chan#3: peer_in WIRE_TX_SIGNATURES
2021-03-25T12:12:33.5230957Z lightningd-1: 2021-03-25T11:50:14.375Z DEBUG   plugin-spenderp: mfc 275, dest 1: openchannel_update 035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d returned.
2021-03-25T12:12:33.5233307Z lightningd-1: 2021-03-25T11:50:14.539Z DEBUG   022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-dualopend-chan#1: peer_in WIRE_TX_SIGNATURES
2021-03-25T12:12:33.5235120Z lightningd-1: 2021-03-25T11:50:17.240Z INFO    plugin-spenderp: Killing plugin: exited during normal operation
2021-03-25T12:12:33.5236707Z lightningd-1: 2021-03-25T11:50:17.260Z **BROKEN** plugin-spenderp: Plugin marked as important, shutting down lightningd!
```

Fixes #4455
2021-03-30 13:44:11 +10:30
niftynei
3e8f575f9e dual-funding: convert to runtime flag, --experimental-dual-fund
You can now activate dual-funded channels using the
`--experimental-dual-fund` flag

Changelog-Changed: Config: `--experimental-dual-fund` runtime flag will enable dual-funded protocol on this node
2021-03-25 20:05:11 +10:30
Christian Decker
6cfb72ea1b keysend: Add error when trying to send to self
There is little point in faking a self-payment, but we should also not
crash :-)

Fixes #4438

Changelog-Fixed: keysend: Keysend returns an error when a self-payment is requested
2021-03-19 10:18:42 +10:30
Christian Decker
3a031bf0e3 keysend: Fix a use-after-free error
By stealing the underlying buffer we could end up freeing it, causing
the next read to access a freed buffer. Copying is however safe.
2021-03-19 10:18:42 +10:30
niftynei
38fee517d7 mfc: turn "UNKNOWN TYPE channel_id" logs into actually the channel id
Get rid of unuseful "UNKNOWN TYPE channel_id" prints in logs; only
affected usage for `type_to_string` of plugins/Makefile built things
2021-03-17 11:35:37 +10:30
fiatjaf
a7af106321 remove duplicated erring_node from paystatus. 2021-03-17 06:05:35 +10:30
Rusty Russell
22e1107581 lightningd/opening_control: deprecate old fundchannel_complete args.
And update all the in-tree callers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Deprecated: JSON-RPC: `fundchannel_complete` `txid` and `txout` parameters (use `psbt`)
2021-03-16 13:10:07 +10:30
Rusty Russell
43a553f5ac txprepare, withdraw: return the PSBT as well as raw tx.
In particular, txprepare gives us a nice way to get a valid PSBT for
testing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: JSON-RPC: `txprepare` and `withdraw` now return a `psbt` field.
2021-03-16 13:10:07 +10:30
Jan Sarenik
1b02d15695 typo: information is an uncountable mass noun
See https://en.wikipedia.org/wiki/Information

In libplugin.c also the word "details" was added (without removing
the 'information').

Changelog-None
2021-03-16 10:45:40 +10:30
niftynei
2586641678 mfc: use consolidated error reporting, reduce reliance on json-str
Previously this ported errors around as JSON. A nicer thing to do is to
deconstruct/reconstruct it; this also allows us to create our own errors
from within the multifundchannel family.
2021-03-15 14:08:44 +10:30
niftynei
ef1e36efe5 mfc: check that we can retry when things go haywire
There's a version of this that keeps the PSBT in memory and does some
fancy addition/subtraction of unuseable parts for the v2's, however
it's much easier and simpler to simply error on the peer and re-start
from the very beginning.

This only works if we haven't gotten commitments from the peer yet (in
fact either method would only work if we haven't got commitments from
the peer yet), so if we've got commitments from them we simply mark them
as failed an go again.

In a perfect world, we'd remember what inputs we used last time, and
reuse those again on the re-attempt, which would pefectly guarantee both
that the failed opens (ones w/ commitments exchanged) would be canceled
after this completes (and we could re-try the failed again).

As it is, this is not perfect. It is, however, servicable.
2021-03-15 14:08:44 +10:30
niftynei
9ce07eca61 mfc: have error messages for redos be more robust (include why)
Makes it easiser to figure out what's going on.

Also, make sure that every 'fail_destination' error description includes
quote escapes.
2021-03-15 14:08:44 +10:30
niftynei
822441558c mfc: add convenience method for determining 'parity'
is_v2 instead of protocol == OPEN_CHANNEL
2021-03-15 14:08:44 +10:30
niftynei
452a12fec2 mfc: move input validation down to input acceptance
Move only.
2021-03-11 14:38:57 +10:30
niftynei
a9794889bf mfc: final inversion!
Move only.
2021-03-11 14:38:57 +10:30
niftynei
6ccdd1dbab mfc: move fundchannel_starts down
Move only.
2021-03-11 14:38:57 +10:30
niftynei
5bb1f71dbe mfc: move connection beneath funding
Move only.
2021-03-11 14:38:57 +10:30
niftynei
4323b79b10 mfc: invert some more
Move only.
2021-03-11 14:38:57 +10:30
niftynei
6a5f92ada7 mfc: begin inversion, start at bottom as well as re-try
Move only.
2021-03-11 14:38:57 +10:30
niftynei
786c58d333 mfc: rm call chain inversions + declarations
Move only.
2021-03-11 14:38:57 +10:30
niftynei
14cd831508 mfc: invert call-chain, remove declarations
Move only.
2021-03-11 14:38:57 +10:30
niftynei
842dfabb56 mfc: rm declarations; invert call chain
Move only.
2021-03-11 14:38:57 +10:30
niftynei
f1113c3208 mfc: rm declarations, invert ordering
Move only.
2021-03-11 14:38:57 +10:30
niftynei
068dc8f5d2 mfc: cleanup static declarations/invert call chain
Move only.
2021-03-11 14:38:57 +10:30
niftynei
db87a5010c mfc: uninvert/remove declarations for mfc cleanups
Move only.
2021-03-11 14:38:57 +10:30
Christian Decker
a6c857dadb pay: Add functions to tell bolt12 string apart
The functions just look at the hrp, so they're not guaranteed to guess
right, but for this case it's sufficient.
2021-03-11 14:09:51 +10:30
Christian Decker
40e9d60ce0 pay: Do not clobber error messages if we fail decoding a bolt11
We were automatically falling back to bolt12 decoding, clobbering the
fail message. Ultimately resulting in confusing error
messages (expected prefix lni but got lnbtrc). Now we first determine
which decoding we're trying to do, and then only decode accordingly.

Changelog-Fixed: pay: Report the correct decoding error if bolt11 parsing fails.
2021-03-11 14:09:51 +10:30
Christian Decker
ea92466025 pay: Abort the payment if destination is unreachable
We were not aborting if we had routehints, even though all routehints
may have been filtered out.

Changelog-Fixed: pay: `pay` will now abort early if the destination is not reachable directly nor via routehints.
2021-03-11 14:09:51 +10:30
Christian Decker
cb21a5384b pay: Remove routehints with unreachable entrypoints
Changelog-Added: pay: `pay` will now remove routehints that are unusable due to the entrypoint being unknown or unreachable.
2021-03-11 14:09:51 +10:30
Christian Decker
1e1d7b387c pay: Filter out routehints whose entrypoint is unknown
We would happily spin on attempts that are doomed to fail because we
don't know the entrypoint. Next up: remove routehints whose
entrypoints are known but unreachable.
2021-03-11 14:09:51 +10:30
Christian Decker
ad7f59f7a1 keysend: Set an error message if we abort due to missing TLV 2021-03-11 14:09:51 +10:30
Christian Decker
60af8be5ba libplugin: Introduce payment_abort to terminate a payment
The main responsibility of this new function is to mark a payment
process as terminated and set a reasonable error message, that will be
displayed to the caller. We also skip the remaining modifiers since
they might end up clobbering the message.
2021-03-11 14:09:51 +10:30
Christian Decker
2e51afcc50 pay: Do not mark in-flight parts as failed
Changelog-Fixed: pay: `pay` was reporting in-flight parts as failed
2021-03-11 14:09:51 +10:30
Christian Decker
8252ac5a6e pay: Keysend tries to send even if featurebit 55 isn't set
As pointed out by @cfromknecht [1] there was no formal standardization of
the featurebit, and lnd would try a keysend whenever TLV was supported
by the recipient. This mimics that behavior by checking only that TLV
is enabled.

Changelog-Fixes: keysend: We now attempt to send with keysend even if the node hasn't explicitly opted in by setting a featurebit.

[1] https://github.com/ElementsProject/lightning/issues/4299#issuecomment-781606865
2021-03-11 14:09:51 +10:30
niftynei
31e3bdb42d df-spec: consolidate dual-funding patches, update feerate protocol
We consolidate to the latest/singular RFC patch for dual-funding, so
there's just a single patchfile for the change. Plus we move back to the
opener setting the desired feerate, the accepter merely declines to
participate if they disagree with the set rate.
2021-03-09 14:55:05 +10:30
Rusty Russell
4848c0022f plugins/bcli: fake minimum fee if we're in regtest mode.
Saves a great deal of confusion for regtest users.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: JSON-RPC: If bitcoind won't give a fee estimate in regtest, use minimum.
2021-03-02 13:34:55 +10:30
Rusty Russell
f0fa5d1401 offers: handle re-fetching the same invoice twice.
We get a label clash: easy, just re-serve:

```
2021-02-18T04:29:37.474Z **BROKEN** plugin-offers: Failed invoice_request lnr1qgsqvgnwgcg35z6ee2h3yczraddm72xrfua9uve2rlrm9deu7xyfzrcyyqwtp0rmsgquvuacqcl5cdfzwzmu3v8tqgvpqs8e80dlmxm7ey4xwrqdsqqqqqqqqqqqqqqqq2pqqfqpqynzqzx9rylzy40ernj4jzc3p2dwy3n8x6lqeaywwk725ghx4kx63pcfxgg2z3nsn80jzge06nt3ks8pr6rvnujq48376lpmrr3cq04nurpy783eyr0awh5773lrlmjek07rjf0nx4g9235ulkcs7jp2h5gumjyquhadh846da3jptxm9g0qz5lne4hjhag for offer 1cb0bc7b8201c673b8063f4c352270b7c8b0eb02181040f93bdbfd9b7ec92a67: Got JSON error: {\"code\":900,\"message\":\"Duplicate label\",\"data\":{\"label\":\"1cb0bc7b8201c673b8063f4c352270b7c8b0eb02181040f93bdbfd9b7ec92a67-08c5193e2255f91ce5590b110a9ae2466736be0cf48e75bcaa22e6ad8da88709-1\",\"bolt12\":\"lni1qgsqvgnwgcg35z6ee2h3yczraddm72xrfua9uve2rlrm9deu7xyfzrcyyqwtp0rmsgquvuacqcl5cdfzwzmu3v8tqgvpqs8e80dlmxm7ey4xwzqrw4lauzsc2ajk26mv0ysxxmmxvejk2grxdaezqun4wd68jggvpkqqqqqqqqqqqqqqqqpgyqq7ypymf9efe2jj5r2mzunlqz67d75ht3ukxk0x9ftkcuknrgepsgupwfqpqynzqzx9rylzy40ernj4jzc3p2dwy3n8x6lqeaywwk725ghx4kx63pcf9qzxqt0dxq4zqwtz2qu44gzx7nzczc494cce2tgph5xgu5sn7vh8frky9z5n08xj9sp3yaxe9cqs5vss59r8pxwlyy3jl4xhrdqwz85xe9qqgcpda590qs9khxdx5qpetlx0j6ap0wsxagssmy2qjvhjp2kc3na54pht3pp76c405upne360lh8rzye32xxq6l0phpkk9pu9lwxnqkxuwt2nqqr9u\",\"payment_hash\":\"396250395aa046f4c58162a5ae31952d01bd0c8e5213f32e748ec428a9379cd2\",\"msatoshi\":7700446,\"amount_msat\":\"7700446msat\",\"status\":\"unpaid\",\"description\":\"Weekly coffee for rusty!\",\"expires_at\":1614832137,\"local_offer_id\":\"1cb0bc7b8201c673b8063f4c352270b7c8b0eb02181040f93bdbfd9b7ec92a67\"}}
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-25 14:44:03 +10:30
Christian Decker
e677486fcc pay: Check for self-payments before attempting to pay
This duplicates the check in libplugin-pay.c, with a more concise
error message. Both are needed since pay may not be the only
entrypoint.
2021-02-10 15:17:38 +01:00
Christian Decker
9869083a79 plugin: Check that we have a non-empty route in libplugin
Changelog-Fixed: pay: Payments with an empty route (self-payment) are now aborted.
2021-02-10 15:17:38 +01:00
Rusty Russell
cc4ea9420a common: extract fp16 routines into their own file.
We might want to use them elsewhere.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-04 12:02:36 +10:30
Rusty Russell
06a54606a3 check-includes: allow redundant "config.h"
We should actually be including this (as it may define _GNU_SOURCE
etc) before any system headers.  But where we include <assert.h> we
often didn't, because check-includes would complain that the headers
included it too.

Weaken that check, and include config.h in C files before assert.h.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-04 12:02:36 +10:30
Rusty Russell
1a85edd207 lightningd: no longer forward failures to gossipd, let caller do it.
We fix up the test by using pay, instead of sendpay (and making pay log
the expected message).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: sendpay no longer extracts updates from errors, the caller should do it from the `raw_message`.
2021-02-02 13:44:01 +01:00
Rusty Russell
780fc25413 pay: inject channel updates from errors ourselves.
Cut & paste from gossipd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-02 13:44:01 +01:00
Rusty Russell
406eb37717 listsendpays: remove deprecated "null" amount_msat.
Changelog-Removed: `listsendpays` will no longer add `amount_msat` `null` (deprecated 0.9.1).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-02-01 09:57:35 +10:30
Rusty Russell
1be4d42ca3 fetchinvoice: don't abort() if we try to fetch an invoice from ourselves.
blindedpath.c does:

```
	size_t num = tal_count(route);

	if (!num)
		abort();
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-14 11:12:11 +01:00
Rusty Russell
001b5d6416 offers: make it a runtime option.
The fetchinvoice and offers plugins disable themselves if the option
isn't enabled (it's enabled by default on EXPERIMENTAL_FEATURES).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: `experimental-offers` enables fetch, payment and creation of (early draft) offers.
2021-01-13 14:45:36 +01:00
Rusty Russell
a4bc3e5673 common/bolt12: include correct bolt12 wiregen header.
Don't include exp directly, use an ifdef in common/bolt12
(like we do for peer and onion wiregen files).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-13 14:45:36 +01:00
Rusty Russell
27c006f7aa libplugin: make init return a string.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: libplugin: init can return a non-NULL string to disable the plugin.
2021-01-13 14:45:36 +01:00
Rusty Russell
af46a4f57d fetchinvoice: allow amounts to be specified.
As per lastest revision of the spec, we can specify amounts in invoice
requests even if the offer already specifies it, as long as we exceed
the amount given.  This allows for tipping, and amount obfuscation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 12:45:31 +01:00
Rusty Russell
4bb05e46e9 offers: convert currency when they request an invoice.
Means a reshuffle of our logic: we want to multiply by quantity before
conversion for maximum accuracy.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 12:45:31 +01:00
Rusty Russell
9681d491df offer: allow offers in other currencies if we can convert.
This avoids a footgun where they create an offer then we can't create
the invoice because they don't have a converter plugin.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 12:45:31 +01:00
Rusty Russell
2de467274e common/amount: make fmt_amount_sat / fmt_amount_msat etc take copy.
We pass by copy everywhere else, let's do it here too.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 12:45:31 +01:00
Rusty Russell
030a19a8af sendinvoice: don't allow separate invoice and command timeouts.
It was too confusing, and can be added later if desired.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
d867fab3a7 sendinvoice: call waitinvoice directly to on invoice payment.
Suggested-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
c08ff167b2 decode: new generic API to decode bolt11 and bolt12.
This is experimental for now, but can eventually deprecated
'decodepay' and even decode other kinds of messages.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
1aa7e8e011 offers: split offer send_invoice generation into new JSON command
We split `send_invoice` offers inoo offerout (for want of a better name).
This simplifies the API.

Also took the opportunity to move the `vendor` tag to immediately
follow `description` (our tests use arguments by keywords, so no
change there).

Suggested-by: shesek
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
55983827b6 fetchinvoice: try direct peers if we can't route.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
bdfcec3eb6 fetchinvoice: check we're in the period before attempting to fetch.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
dae477175c fetchinvoice: implement timeout.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
075c25fc08 plugins/fetchinvoice: handle sendinvoice timeout, error or payment.
If they pay the invoice, they don't bother replying; that's just for
errors.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
dc2ba6f9d9 plugins/fetchinvoice: implement sendinvoice command.
As fetchinvoice handles normal offers, sendinvoice handles
send_invoice offers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
f2d2db7b4e plugins/offer: handle receiving an invoice in an onion_message.
And if we have a matching `send_invoice` offer, try to pay it!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
6d1fe7e599 plugin/offers: hoist send_onion_reply into core.
We want to reuse it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Rusty Russell
43f5304539 plugins/offer: allow offer to create send_invoice, refund and single_use offers.
refund offers are implied send_invoice offers.  And send_invoice offers
are implied single-use offers, though it can also make sense to have
a non-send_invoice offer be single-use.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-09 14:34:35 +10:30
Christian Decker
4b2efd69d7 pay: Fix a crash when waitblockheight times out
Fixes #4309
Changelog-Fixed: pay: Fixed an issue where waiting for the blockchain height to sync could time out.
2021-01-08 09:19:24 +01:00
Rusty Russell
3b7d0e7a62 common/json: make json_scan return an error string.
This makes for more useful errors.  It prints where it was up to in
the guide, but doesn't print the entire JSON it's scanning.

Suggested-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
09b18bf64f libplugin: replace rpc_delve with rpc_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
b61da8c5a9 plugins: use json_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
35e8949df3 plugins/bcli: convert to json_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
2b6cdfeb5a json_to_psbt: fix API to match other allocating json_to functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
niftynei
0726d2912e df-mfc: remove guard-rails for failures
This will cause blow ups for v2 multifundchannel attempts with failures,
but allows us to return the expected errors for single-shot
fundchannel attempts.

Error handling is coming, i promise
2021-01-06 14:50:02 +01:00
niftynei
b040a893ed mfc: avoid off-by-one rounding errors when finding change fee
Since we round down in `amount_tx_fee`, find the change fee as the
difference between what we've already paid and what the combined/total
fee would be if the change weight were also added.
2021-01-06 14:50:02 +01:00
niftynei
3793687550 mfc-df: if the psbt we've got has inputs from our peer, remove them
We only want to attempt to unreserve inputs that are ours (otherwise we
log a broken error)
2021-01-06 14:50:02 +01:00
niftynei
6e3c517611 mfc-df: if there's an error with a openchannel_signed, fail
Ideally we'd 'cure' the error and re-attempt, except that if this was a
bitcoin-backend 'failure to broadcast' then it really needs user
intervention to figure out what's wrong -- it's possible that the
peer successfully broadcast the transaction
2021-01-06 14:50:02 +01:00
niftynei
6030d0542a bcli: print error message in debug log for broadcast failures 2020-12-24 11:38:49 +01:00
niftynei
47d9ff88df bcli: only print error if exitcode is non-zero 2020-12-24 11:38:49 +01:00
niftynei
08c8581461 bcli: allocate temp string off of short-lived cmd
`cmd` gets cleaned up almost immediately, and is the right scope for a
temporary string allocation
2020-12-24 11:38:49 +01:00
niftynei
f9a2489424 bcli: print sendrawtx every time (even on failures) 2020-12-24 11:38:49 +01:00
Rusty Russell
52af729641 plugins/offer and plugins/fetchinvoice: send and recv errors.
This also lets us extend our testing to cover error cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
96caf9f4ab fetchinvoice: return the next period for recurring offers.
This is useful for the caller to know when to call again.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
69ddf818c7 plugins/fetchinvoice: catch invoice_request reply.
Using onionmessage hook, we get the response and either present it
to the user (invoice) or return the error to the user.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
3eada358e9 plugins/fetchinvoice: plugin to send an invoice_request for a given offer
Doesn't catch the reply yet, but prepares the invoice request based on
the offer and sends it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
9d75fbe237 plugins/offers: add code to catch invoice_request onion messages.
We prepare an invoice, but there's no code to send an error reply yet
(future patch).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
08e110b568 JSON: offers plugin offer command.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
26e0cbeb7c plugin/offers: skeleton for offers plugin (EXPERIMENTAL_FEATURES)
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
723c16072a cleanups: feedback from Christian Decker review.
1. Hoist 7200 constant into the bolt12 heade2.
2. Make preimage the last createinvoice arg, so we could make it optional.
3. Check the validity of the preimage in createinvoice.
4. Always output used flag in listoffers.
5. Rename wallet offer iterators to offer_id iterators.
6. Fix paramter typos.
7. Rename `local_offer_id` parameter to `localofferid`.
8. Add reference constraints on local_offer_id db fields.
9. Remove cut/paste comment.
10. Clarify source of fatal() messages in wallet.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Rusty Russell
9fe612db20 plugins/pay: allow bolt12 invoices (EXPERIMENTAL_FEATURES).
Note that we remove the redundant "is this the correct chain?"
check, since bolt11_decode and bolt12_decode do that internally
anyway (this was changed in 924cc04bd2).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Rusty Russell
a33e39b7e8 pay, wallet: rename internal bolt11 vars to invstring.
And handle bolt12 strings if EXPERIMENTAL_FEATURES.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Christian Decker
3b599b846e keysend: Check that the destination supports keysend upon init
We were blindly initiating the keysend payment, which could lead to
confusing outcomes. This adds a very specific error message to the
error returned.

Changelog-Fixed: keysend: Keysend now checks whether the destination supports keysend before attempting a payment. If not a more informative error is returned.
2020-12-11 15:50:09 +01:00
Christian Decker
e186b2620a txprepare: Verify that outputs arg is an array
We were not checking that outputs is indeed an array, and just going
ahead creating the array of outputs. Since `tok->size` for a string is
0 we ended up ignoring the argument altogether and thus the created
transaction would end up only with a single change output.

Fixes #4258
2020-12-09 06:56:21 +10:30
Christian Decker
55d9492d9e txprepare: Use param_outpoint_arr helper to validate input 2020-12-09 06:56:21 +10:30
Rusty Russell
c5a2e64fd4 plugins/libplugin-pay: expose gossmap for plugin special effects.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
54c57e7495 libplugin-pay: don't expose bolt11 details.
When we support bolt12, this won't exist.  We only need min_final_cltv_expiry,
routes and features, so put them into struct payment explicitly.

We move the default final ctlv out to the caller, too, which is clearer.
e.g. keysend was using this value, but it was hard to tell.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
João Paulo
7514d7fb48 plugins: add txprepare to .gitignore
Changelog-None
2020-12-04 11:30:58 +10:30
niftynei
4185a86d90 df-mfc: set the minimum input weight to 110 iif v2
We only need a bumped up input weight if we're talking to nodes that
require v2.
2020-12-02 14:19:08 +10:30
niftynei
b01734087d df-mfc: set protocol type when we know it
We'll use it for figuring out whether or not to set a utxo witness
minimum, which comes much before we were setting this field.

Now we set the protocol as soon as we can reasonably deduce it.
2020-12-02 14:19:08 +10:30
Rusty Russell
9361b62e3a libplugin: add command_hook_success helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-02 10:38:04 +10:30
niftynei
29c3532856 mfc-psbt: mark all of our inputs as "ours", then only sign those
we only want to sign the inputs that we've reserved via utxopsbt or
fundpsbt. we mark them with a flag (reusing the now defunct max-len
flag is fine), then look for inputs with that flag to pass to signonly
2020-11-23 12:41:05 -06:00
niftynei
6077eca660 df: pass back 'close_to' for completed/commitment secured channels
When commitments are secured, also return the 'close_to' script if we've
got a local_upfront_shutdown_script set.
2020-11-23 12:41:05 -06:00
niftynei
c6b45e052b mfc-df: after openchannel_signed is finished, we call finished
We done!?
2020-11-23 12:41:05 -06:00
niftynei
3e19b6c8f5 mfc-df: after psbt signed, send to openchannel_signed if v2s
If there's an v2 destinations, they'll broadcast the tx for us
2020-11-23 12:41:05 -06:00
niftynei
a34425abd1 mfc-df: after sigs are collected, go sign the psbt 2020-11-23 12:41:05 -06:00
niftynei
d7c06b5b0e mfc-df: once we've gotten the PSBT finalized, we wait for peer sigs
We need our peer's signatures to arrive before we sign/broadcast the
funding transaction (but only if there's v2 peers present)
2020-11-23 12:41:05 -06:00
niftynei
c90a19f739 mfc-df: only add outputs for v1 outs; go to openchannel_update if v2s
We only have output scripts for v1 protocols after the
fundchannel_start/openchannel_init round. We need to add them before
we get into the openchannel_update rounds, however, so we do that here.
2020-11-23 12:41:05 -06:00
niftynei
3d2c0951d5 mfc-df: rework how openchannel_update works, callbacks 2020-11-23 12:41:05 -06:00
niftynei
381658dee6 mfc-df: merge openchannel_init/fundchannel_start results
These happen simultaneously, and should resolve to the same place when
they're finished.
2020-11-23 12:41:05 -06:00
niftynei
95de8b1174 mfc-df: have both paths use redo_multifundchannel
Still need handling of failure for v2 opens (no rpc exists?!)
2020-11-23 12:41:05 -06:00
niftynei
a31b078721 mfc: consolidate to a single FAILED state 2020-11-23 12:41:05 -06:00
niftynei
991ae65e9e mfc-df: track destination's openchannel version
Plus method to help count/tabulate how many of each we've got
around still.
2020-11-23 12:41:05 -06:00
niftynei
e0c4865eea mfc: add a 'fail_destination' helper
Caches state at which we failed + sets error
2020-11-23 12:41:05 -06:00
niftynei
5b6b012af9 mfc: add happy path-way for v2 in multifundchannel
Tested and works with both sides funding! Yay.

Doesn't do any amount of reasonable cleanup or handling of errors.
2020-11-23 12:41:05 -06:00
Christian Decker
313976e2f4 pay: Cleanup the route applicability checks for channel hints
I previously mistyped the rather lengthy conditions for failures, so
let's dissect it into its smaller components and add rationale behind
the individual parts of the decision.
2020-11-17 14:04:19 +10:30
Christian Decker
4d6b4a0445 pay: Retry the route computation if we could not apply the chanhints
This adds a new state `PAYMENT_STEP_RETRY_GETROUTE` which is used to
retry just that one step, without spawning a completely new
attempt. It's a new state so that modifiers do not act on it twice.

Changelog-Fixed: pay: Improved the performance of the `pay` command considerably by avoiding conflicting changes to our local network view.
2020-11-17 14:04:19 +10:30
Christian Decker
544e110c96 pay: Add a pre-apply check to channel_hint updates
This allows us to atomically update all channel_hints and determine if
we had a collision and therefore should retry.
2020-11-17 14:04:19 +10:30
Christian Decker
83f57ac300 pay: Move the chanhint update up to payment_getroute
We were delaying the channel_hint update till after the `createonion`
call which gave us the same situation we had with concurrent
`getroute` calls. Now we update the hints as soon as the plugins have
had their say in the route construction. If we still fail, either
because a modifier changed the route causing the failure, or because
we interleaved the route computation for multiple parts, we reset the
attempt and retry inline (i.e., without creating a new sub-payment).

Notice that interleaved route computations now only happen if the
modifier makes an async call to some RPC or similar.
2020-11-17 14:04:19 +10:30
Rusty Russell
62c52fe868 libplugin: add support for before and after deps on hooks.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-11-09 15:22:33 -06:00
Rusty Russell
cd5a93d0bd gossmap: fix reutrn of gossmap_xxx_has_feature, rename.
1. One place returned false instead of -1.
2. The names implied it returned a bool, and it doesn't.

Fix both, and curse C's loose typing a little.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-28 15:32:12 +10:30
Rusty Russell
572c849873 libplugin: ignore incoming notifications.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-23 13:53:16 +10:30
Rusty Russell
127811757f libplugin: support for sending notifications.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: libplugin: routines to send notification updates and progress.
2020-10-23 13:53:16 +10:30
Rusty Russell
a8177e9013 Makefile: make check-includes check all the non-generated files.
Note that check-whitespace and check-bolt already do this, so we
can eliminate redundant lines in common/Makefile and bitcoin/Makefile.

We also include the plugin headers in ALL_C_HEADERS so they get
checked.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-22 12:14:34 +10:30
Rusty Russell
5e865ce42b Makefile: unify generated files definition.
We change gen_ to _gen, because filtering on gen_% doesn't work if they're
in subdirectories :(

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-22 12:14:34 +10:30
niftynei
f8c4cc73ae mfc: use declared constants
reduce, reuse, recycle for a greener world
2020-10-21 11:24:16 +10:30
niftynei
e66937e012 mfc: Add a commitment_feerate optional parameter to multifundchannel
Technically there *are* two feerates that we need to know:
  - the feerate to use for the funding transaction, and
  - the feerate to tell our peer to use for our commitment txs/htlc txs

As written, `multifundchannel` uses the same feerate for both. This
optional parameter will allow us to differentiate between the two, which
will be exceedingly handy for anchor output worlds. ;)

FIXME: test this

Changelog-Added: JSON API: `multifundchannel` has a new optional argument, 'commitment_feerate', which can be used to differentiate between the funding feerate and the channel's initial commitment feerate
2020-10-21 11:24:16 +10:30
Rusty Russell
b470ae2c73 plugins/libplugin-pay: use gossmap.
This is a fairly direct translation.  Even so, it should be faster in
most cases, and and we can do more sophisticated things if we want.

This also handles disabled channels better.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: plugins: `pay` will now try disabled channels as a last resort.
2020-10-21 08:58:34 +10:30
Rusty Russell
eadf2c91fe libplugin-pay: incorporate gossip store.
So we can use this for routing determinations.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-21 08:58:34 +10:30
Rusty Russell
92f2461b5d plugins/pay: fix leak on failed new payments.
Start with attaching the payment to cmd (in case of failure), then steal
onto the plugin itself.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-21 08:58:34 +10:30
niftynei
4926c25bb5 fundchannel: take a 'close_to' address
Finally, extends the 'close_to' functionality up to the flagship 'open a
channel' command.

Changelog-Added: JSON-API `fundchannel` now accepts an optional 'close_to' param, a bitcoin address that the channel funding should be sent to on close. Requires `opt_upfront_shutdownscript`
2020-10-16 13:51:57 +10:30
niftynei
628df74e26 mfc: allow a 'close_to' address to be passed in
This will allow us to let `fundchannel` handle a close to address, also
2020-10-16 13:51:57 +10:30
Rusty Russell
6195d953cc plugins: use "slow" feerate for mutual close negotiation.
We're rarely in a hurry here, and bitcoind is aggressive with fees.
You can always spend this output if you really have to, using CPFP.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: Protocol: mutual closing feerate reduced to "slow" to avoid overpaying.
2020-10-13 20:53:34 +02:00
Rusty Russell
7260d9ea3d plugins: generate list of plugins more atomically, respect V=1 and --quiet.
I got a corrupt file, which looked like multiple concurrent attempts
to build it.  So instead, build it in one command, but also use
VERBOSE so we print correctly with V=1 (and --quiet).

Also move into plugins/ where it logically belongs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-24 13:19:59 +02:00
Rusty Russell
924cc04bd2 bolt11: have caller supply preferred chain.
This lets us distinguish testnet from signet invoices, since they
have the same prefix.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-24 09:24:14 +09:30
Antoine Poinsot
15adcc915f Remove varint typedef for bigsize
It's not part of the spec anymore

Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-09-23 16:30:36 +09:30
Rusty Russell
607075a3d4 bitcoin/psbt: wallt_tx_output needs a tal ctx.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-23 13:52:49 +09:30
Rusty Russell
480f671e91 bitcoin/psbt: psbt_txid needs a tal ctx.
It returns a wally_tx; it's an anti-pattern not to hand in a tal context.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-23 13:52:49 +09:30
Rusty Russell
1deba1c8e4 plugins/pay: handle case where amount_msat is 'null'.
Deprecated, but this can happen:

```
==1578== Conditional jump or move depends on uninitialised value(s)
==1578== at 0x12B30E: amount_msat_add (amount.c:224)
==1578== by 0x11270B: add_amount_sent (pay.c:1734)
==1578== by 0x112D89: listsendpays_done (pay.c:1831)
==1578== by 0x114F4B: handle_rpc_reply (libplugin.c:555)
==1578== by 0x115704: rpc_read_response_one (libplugin.c:685)
==1578== by 0x115821: rpc_conn_read_response (libplugin.c:705)
==1578== by 0x148E40: next_plan (io.c:59)
==1578== by 0x1499BD: do_plan (io.c:407)
==1578== by 0x1499FB: io_ready (io.c:417)
==1578== by 0x14BBC1: io_loop (poll.c:445)
==1578== by 0x117A82: plugin_main (libplugin.c:1322)
==1578== by 0x113ABC: main (pay.c:2096)
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-11 12:48:48 +09:30
ZmnSCPxj jxPCSnmZ
0eb1e7e0ca plugins/libplugin-pay.c: Add new payee_incoming_limit to limit number of HTLCs based on payee connectivity.
Fixes: #3926

(probably)

Changelog-Fixed: pay: Also limit the number of splits if the payee seems to have a low number of channels that can enter it, given the max-concurrent-htlcs limit.
2020-09-10 16:50:52 +09:30
ZmnSCPxj jxPCSnmZ
deced56344 plugins/libplugin-pay.c: Add facility to have paymods request lowering of the estimated max HTLCs. 2020-09-10 16:50:52 +09:30
ZmnSCPxj jxPCSnmZ
d15717b576 plugins/libplugin-pay.c: Keep p->invoice->routes valid when the routehints paymod mutates it.
The routehints paymod shares the storage of the array d->routehints and
p->invoice->routes, but once it operates, it possibly leaves it as a stale
pointer to memory it used to have.

Since other paymods may be interested in the invoice details, including
the routehints in the invoice, we should ensure the p->invoice->routes
remains valid whenever we try mutating that array.
2020-09-10 16:50:52 +09:30
Rusty Russell
191355e0e7 pay: fix handling of legacy vs tlv encoding.
As revealed by the failure of tests in #3936, where we ended up trying
to send a partial payment using legacy style, we are not handling
style properly.

1. BOLT9 has features, so we can *know* that the destination supports
   MPP.  We may not have seen a node_announcement.
2. We can't assume that nodes inside routehints support TLV.
3. We can't assume direct peers support TLV.

The keysend code tried to fix this up, so I'm not sure that this caused
the issue in #3968, though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: `pay` will now make reliable multi-part payments to nodes it doesn't have a node_announcement for.
2020-09-10 16:50:32 +09:30
ZmnSCPxj jxPCSnmZ
9587425f2d plugins/spender/fundchannel.c: Make fundchannel a thin layer around multifundchannel.
Changelog-Changed: protocol: `fundchannel` now shuffles inputs and outputs, and no longer follows BIP69.
2020-09-10 15:28:50 +09:30
ZmnSCPxj jxPCSnmZ
f6c145d2df plugins/spender/multifundchannel.c: Move multifundchannel to the spenderp plugin. 2020-09-10 15:28:50 +09:30
niftynei
81a7a6742a elements: use normalization for elements fee output
This will update the fee output if it exists, rather than unilaterally
adding a new one.

Also, if the fee output already exists, we should make sure that it
doesn't interfere with the outnums of the other outputs
2020-09-10 12:31:36 +09:30
niftynei
4c28e7b362 txprepare: elements requires inclusion of an accurate fee output
so we add an accurate one
2020-09-10 12:31:36 +09:30
ZmnSCPxj jxPCSnmZ
277ff0f44c plugins/spender/multiwithdraw.c: Implement multiwithdraw command.
Fixes: #2679

Changelog-Added: JSON-RPC: New `multiwithdraw` command to batch multiple onchain sends in a single transaction.  Note it shuffles inputs and outputs, does not use BIP69.
2020-09-09 20:36:08 +09:30
ZmnSCPxj jxPCSnmZ
e04febfe0c plugins/spender/: New plugin that will eventually absorb all onchain-spending commands. 2020-09-09 20:36:08 +09:30
ZmnSCPxj jxPCSnmZ
45e1b3828a plugins/multifundchannel.c: Add minchannels flag to multifundchannel.
[ changed from best_effort binary to minchannels counter -- RR]
2020-09-09 16:45:56 +09:30
ZmnSCPxj jxPCSnmZ
0d3a3b6d48 plugins/multifundchannel.c: Implementation of multifundchannel.
Changelog-Added: We now have `multifundchannel` as a builtin plugin command to fund multiple channels to different peers all in a single onchain transaction.


Header from folded patch 'fixup-use-json_add_psbt.patch':

fixup!


Header from folded patch 'use-goto-no-ok-chain.patch':

fixup!


Header from folded patch 'destinations-at-parse-time.patch':

fixup!


Header from folded patch 'multifundchannel__use_jsmntoks_to_pass_through_json_string,_not_strings.patch':

multifundchannel: use jsmntoks to pass through json string, not strings

Passing in "" for utxos would crash lightningd on the command-line
otherwise. Now returns an error.


Header from folded patch 'update_plugins-multifundchannel.c.patch':

Update plugins/multifundchannel.c

Co-authored-by: Darosior <darosior@protonmail.com>
2020-09-09 16:45:56 +09:30
ZmnSCPxj jxPCSnmZ
ee276bcb86 plugins/bcli.c: sendrawtransaction now has a required allowhighfees argument.
Changelog-Deprecated: plugin: `bcli` replacements should note that `sendrawtransaction` now has a second required Boolean argument, `allowhighfees`, which if `true`, means ignore any fee limits and just broadcast the transaction. Use `--deprecated-apis` to use older `bcli` replacement plugins that only support a single argument.
2020-09-09 12:38:19 +09:30
Rusty Russell
83298c030a wallet: switch over to withdraw in module, remove lots of unused code.
This removes the reservation cleanup at startup, too, now they're all
using 'reserved_til'.

This changes test_withdraw, since it asserted that outputs were marked
spent as soon as we broadcast a transaction: now they're reserved until
it's mined.  Similarly, test_addfunds_from_block assumed we'd see funds
as soon as we broadcast the tx.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: JSON-RPC: `withdraw` now randomizes input and output order, not BIP69.
2020-09-08 10:14:42 +09:30
Rusty Russell
f34d0b1cf5 plugins/txprepare: create simple variant for "withdraw".
This is a little lazy, but simpler than extracting the common parts
or making withdraw a plugin which calls txprepare (which should be
deprecated soon in favor of fundpsbt etc).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
8d4557938b plugins/txprepare: move functions higher.
Simple moveonly change for next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
6b2a3f4dfb txprepare: remove old code, switch to plugin.
Some minor phrasing differences cause test changes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: txprepare reservations stay across restarts: use fundpsbt/reservepsbt/unreservepsbt
Changelog-Removed: txprepare `destination` `satoshi` argument form removed (deprecated v0.7.3)
2020-09-08 10:14:42 +09:30
Rusty Russell
3b1a226f67 txprepare: add txsend functionality.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
522459ba6e txprepare: add txdiscard functionality.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
74c6307c54 plugins/txprepare: use utxopsbt to handle utxos arg.
Very similar to fundpsbt, but takes 'utxos' instead of 'minconf'.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
8d5ff210bf txprepare: a plugin to replace txprepare (not yet active).
This uses `fundpsbt` and similar to simulate the txprepare command.
It has one difference (when complete), in that it those reservations
are now timed and don't get reset on restart.

It also doesn't have the restriction that `all` can only be used with
no other output, as I didn't realize that when I implemented it!

Note that change is now inserted in a random position, not sorted
into BIP69 order.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
c34c055d82 Makefile: use completely separate spec-derived files for EXPERIMENTAL_FEATURES
This avoids overwriting the ones in git, and generally makes things neater.

We have convenience headers wire/peer_wire.h and wire/onion_wire.h to
avoid most #ifdefs: simply include those.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 09:42:00 +09:30
Christian Decker
31c67f1392 bcli: Avoid tal_fmt when handling a raw hex block
We were using `tal_fmt` to truncate off the last byte of the
response (newline), which required an allocation, a call to `vsnprintf` and a
copy of the block contents. This being >2MB in size on mainnet was rather
expensive.

We now just signal the end of the string by overwriting the trailing newline,
and stealing directly onto the result.
2020-09-02 13:21:32 +02:00
Rusty Russell
0c7d04bd98 libplugin-pay: fix default CLTV.
This was changed recently, but without a bolt quote, we didn't find
this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-02 06:59:13 +09:30
Rusty Russell
1746406e41 Makefile: normalize all the Makefiles
We create ALL_PROGRAMS, ALL_TEST_PROGRAMS, ALL_C_SOURCES and
ALL_C_HEADERS.  Then the toplevel Makefile knows which are
autogenerated (by wildcard), so it can have all the rules to clean
them or check the source as necessary.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
Rusty Russell
8150d28575 Makefile: use generic rules to make spec-derived sources.
Now we use the same Makefile rules for all CSV->C generation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
ZmnSCPxj jxPCSnmZ
932709cad9 plugins/libplugin-pay.c: Micro-optimize start_block sampling.
Using `waitblockheight 0` is a very slightly faster query than `getinfo`.
Also, avoid querying blockheight for child payments (allow `waitblockheight`
paymod to provide the blockheight returned from the `waitblockheight`, and
just resample the starting blockheight from the parent).

Changelog-None: pointless micro-optimization
2020-08-28 16:40:27 +02:00
ZmnSCPxj jxPCSnmZ
05daa8e5f3 plugins/libplugin-pay.c: Micro-optimization of plugin_is_finished.
This was checked with `gcc -S -O2` to see how an optimized build
would compile the function.
The original code completed calls into each child (and the `.s`
file showed that GCC 9.x was not smart enough to do early-out).

This modification explicitly does early-out, and avoids call-return
stack overhead for the common case where a payment is an ancestor
of a long line of single-child payments due to retrying.

Changelog-None: pointless micro-optimization
2020-08-28 16:40:27 +02:00
Rusty Russell
496c0dd1e6 common/random_select: central place for reservoir sampling.
Turns out we can make quite a simple API out of it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-28 10:56:50 +09:30
Rusty Russell
12d0d5c185 amount: cleanup usage.
We've got some recently-added primitives which help.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-27 18:16:28 +02:00
Christian Decker
21d87f7075 pay: Implement simple presplit fix for ludicrous amounts
This is the simplest possible fix: increase the target amount until we get
the desired number of parts, while still bucketizing payments together that
are in approximately the same size.

The current logic puts all payments that are in the range x < amount <= 16*x
in the same bucket, making them harder to distinguish.

Changelog-Fixed: pay: The `presplit` modifier now supports large payments without exhausting the available HTLCs.
2020-08-27 10:19:21 +09:30
ZmnSCPxj jxPCSnmZ
128adf0938 plugins/libplugin-pay.c: Round-robin routehints when splitting.
This improves the success rate of `test_mpp_interference_2`, though
still not quite up to the level that we can remove `@flaky` from it.
2020-08-26 09:29:46 +09:30
ZmnSCPxj jxPCSnmZ
c27d7a3110 plugins/libplugin-pay.c: Store the route description, and re-report on failure. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
6468616c02 plugins/libplugin-pay.c: Propagate local_id from parent to child payment object. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
d8678467fa plugins/libplugin-pay.c: Show routes being tried, also print updates to channel hints not just initial creations. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
d89c77c0ce plugins/libplugin-pay.c: Describe the bits of unrecognized failure codes. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
0d2d85ab5f plugins/libplugin-pay.c: Also print events that create new sub-payments. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
98583e84b5 plugins/libplugin-pay.c: Give cmd id and partid for each log message.
Changelog-None: internal debugging

Makes it easier to debug payments with tons of splits.
2020-08-25 12:17:18 +02:00
Rusty Russell
28884864d0 plugins/pay: don't bother parsing nodeid for summary.
We have sanity checks in there that it's a valid point.  Simply store
the JSON token like we do with others.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m2.054s
	user	0m0.114s
	sys	0m0.024s

After:
	real	0m1.781s
	user	0m0.127s
	sys	0m0.013s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
4ba3797923 plugins/pay: iterate the htable properly, not from start each time.
time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m12.447s
	user	0m0.143s
	sys	0m0.008s

After:
	real	0m2.054s
	user	0m0.114s
	sys	0m0.024s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
05636e367e libplugin: do partial parsing instead of memmem hack.
memmem is also O(n^2), though it's faster.  Now we have infrastructure,
let's do incremental parsing.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m13.674s
	user	0m0.131s
	sys	0m0.024s

After:
	real	0m12.447s
	user	0m0.143s
	sys	0m0.008s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
628ae0a15b libplugin: do incremental parsing on lightningd commands.
This doesn't make any difference, since lightningd generally sends us
short commands (command responses are via the rpc loop, which is
already done), but it's harmless.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
3ed03f9c8f common: make json_parse_input API retry friendly.
The jsmn parser is a beautiful piece of code.  In particular, you can parse
part of a string, then continue where you left off.

We don't take advantage of this, however, meaning for large JSON objects
we parse them multiple times before finally having enough to complete.

Expose the parser state and tokens through the API, so the caller can pass
them in repeatedly.  For the moment, every caller is allocates each time
(except the unit tests).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
f2d0a1d406 plugins/bcli: use simplified parser, unify bad JSON paths.
They should all show the complete JSON, so unify them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
80b2e1e298 common: add simple json parse wrapper for the complete cases.
We're going to change the API on the more complete JSON parser, so
make and use a simple API for the easy cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
40f17d994c libplugin: don't parse partial JSON repeatedly.
Tested on a test node which had made 50,000 payment, with no optimization.

For comparison, time for 'listsendpays' was 0.983s.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m52.415s
	user	0m0.127s
	sys	0m0.044s

After:
	real	0m42.741s
	user	0m0.149s
	sys	0m0.016s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: libplugin: significant speedups for reading large JSON replies (e.g. calling listsendpays on large nodes, or listchannels / listnodes).
2020-08-21 09:52:33 +09:30
Rusty Russell
6b39731c6a fundchannel: provide outnum
It's currently always 0, but it won't be once we replace txprepare.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: JSON-RPC: `fundchannel` has new `outnum` field indicating which output of the transaction funds the channel.
2020-08-13 12:37:02 -05:00
ZmnSCPxj jxPCSnmZ
f81611e551 plugins/libplugin-pay.c: Make sure blockheight disagreement does not prevent all future progress.
Blockheight disagreement is signalled with a permanent failure at the
end node, but is actually a transient failure.
2020-08-13 12:50:16 +02:00
Christian Decker
8769f9ed93 pay: Fix final TLV payload if not going through MPP modifiers
Reported-by: ZmnSCPxj
Signed-off-by: Christian Decker <@cdecker>

Changelog-Fixed: pay: Correct a case where we put the sub-payment value instead of the *total* value in the `total_msat` field of a multi-part payment.
2020-08-13 12:50:16 +02:00
ZmnSCPxj jxPCSnmZ
0279be1d13 plugins/libplugin-pay.c: Be less aggressive with advancing through routehints.
Only advance through routehints if no route was found at all, or if the
estimated capacity at the routehint is lower than the amount that we
have to send through the routehint.

Changelog-Fixed: pay: Be less aggressive with forgetting routehints.
2020-08-13 12:50:16 +02:00
Christian Decker
3d902501e5 pay: Group payments by their payment_hash, not by bolt11 string
This is quicker and guaranteed to work even for payments that were not
initiated via an invoice.
2020-08-12 19:10:48 +02:00
Christian Decker
894c886bdd pay: Inherit payment label to all children 2020-08-12 19:10:48 +02:00
Christian Decker
0dcd974d97 pytest: Reproduce #3915 2020-08-12 19:10:48 +02:00
Rusty Russell
fc097b8b48 libplugin: allow commands and options to mark themselves deprecated.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-11 08:43:18 +09:30
Rusty Russell
c85b14f06d libplugin: initialize deprecated in getmanifest.
We currently do it by calling listconfigs, but that may be too late.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-11 08:43:18 +09:30
Vincenzo Palazzo
1521c29fcf listpays mod 1: add destination inside the response when bolt11 is null
Changelog-Added: JSON-RPC: `listpays` now lists the `destination` if it was provided (e.g., via the `pay` plugin or `keysend` plugin)
2020-08-09 16:03:03 +02:00
Vincent
700897f06e listpays: fixed bolt11 null with keysend and update doc command
listpays: make doc-all missed
Changelog-Added: JSON-RPC: `listpays` can be used to query payments using the `payment_hash`
Changelog-Added: JSON-RPC: `listpays` now includes the `payment_hash`
2020-08-09 16:03:03 +02:00
Christian Decker
723b7223b7 pay: Add timestamp of first part to listpays
Changelog-Added: JSON-RPC: The result returned by `listpays` now includes the timestamp of the first part of the payment
2020-08-08 12:53:12 +02:00
ZmnSCPxj jxPCSnmZ
a5fc66c382 plugins/Makefile: Only link in libplugin-pay for plugins that need it.
Changelog-None: cleanup only.

Before this change:

```
$ ls -l plugins/bcli
-rwxrwxr-x 1 zmnscpxj zmnscpxj 1914976 Aug  5 21:54 plugins/bcli
```

After this change:

```
$ ls -l plugins/bcli
-rwxrwxr-x 1 zmnscpxj zmnscpxj 1830552 Aug  5 22:00 plugins/bcli
```

We already duplicate a lot of code between `lightningd` and eeach
builtin plugin because we do not use .so for `common/`, but including
an object file with code that is not referenced in the executable is
fairly low-hanging size optimization fruit.
2020-08-07 10:40:10 +09:30
ZmnSCPxj jxPCSnmZ
4fde45669c plugins/pay.c: Fix the routehints/presplit conflict.
Changelog-Fixed: pay: Fixed a bug where routehints would be ignored if the payment exceeded 10,000 satoshi. This is particularly bad if the payee is only reachable via routehints in an invoice.
2020-08-06 17:36:58 +02:00
Rusty Russell
fa829f23db amount: add amount_msat_scale, amount_msat_ratio, amount_{msat,sat}_div
It's not all that rare to do these operations, and requiring annotations
for it is a little painful.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-06 09:36:47 +09:30
ZmnSCPxj jxPCSnmZ
094eac4e95 plugins/libplugin-pay.c: Properly handle exclusions for routehints with two hops or more.
Arguably a low-priority bug since no current node ever generates routehints longer
than one hop.

However, it is possible as an edge case, if the destination is directly accessible
*and* supports multiple channels, that we route through the destination, one of the
*other* channels it has not in the routehint, to the entry point, and then through
the routehint.

This change removes the risk of the above edge case.

Changelog-None: arguably a low-priority bug.
2020-08-03 15:20:29 +09:30
Antoine Poinsot
905730341a bcli: explicitly check at startup that bitcoind does relay transactions
We've had problems with blocksonly in the past and bitcoind still allows
to use outdated (thus potentially dangerous estimates) while running
bitcoin with -blocksonly.

ZmnSCPxj mentionned that we still don't document this, but i figured
that in this specific case an explicit check and error seems preferable.

Changelog-Added: We now explicitly check at startup that our default Bitcoin backend (bitcoind) does relay transactions.

Proposed-by: ZmnSCPxj <zmnscpxj@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-08-03 12:46:37 +09:30
Antoine Poinsot
5be07c5fe3 bcli: poll getnetworkinfo at startup
This allows us to kill two birds with one stone: once connected, we use
the output of the successful call to do some sanity checks (only
checking the version for now, but more are yet to come!).

Changelog-Added: We now explicitly check at startup the version of our default Bitcoin backend (bitcoind).
Co-Authored-by: ZmnSCPxj <zmnscpxj@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-08-03 12:46:37 +09:30
Christian Decker
a456d08ad0 pay: Be less aggressive when estimating channel capacity
We'd previously take the failed attempt and estimate the failing channel's
capacity at 3/4 of the attempted amount, which is rather aggressive. This
reduces this aggressiveness to use the exact amount tried, but excluding on
equality. This still skips attempting the same route with the same amount, but
also permits attempts that are in the range [3/4, 1] of the failed attempt
amount to still be attempted.
2020-08-03 12:15:08 +09:30
Christian Decker
311594b2cd jsonrpc: Add amount received by recipient to listpays result
We sum up the amounts just like we do with `amount_sent`, however we may have
parts that don't have that annotation, so make it optional.

Suggested-by: Rusty Russell <@rustyrussell>
2020-07-28 16:17:39 +09:30
Christian Decker
d7cca0781d jsonrpc: Add msatoshi argument to sendonion to annotate
While not directly necessary, it still feeds the `listpays` result, and so we
should pass it along if we can, so we don't have to rely solely on the
`amount_sent` field, which includes the fees.

Reported-by: Rusty Russell <@rustyrussell>
2020-07-28 16:17:39 +09:30
Vincent
81fd552e84 plugins/pay: hand bolt11 arg to sendonion if we have one (i.e. for pay)
[ Extracted into standalone patch and comment added by RR ]
2020-07-27 13:11:14 +02:00
Christian Decker
15d1a190a0 pay: Remove duplicate message field
jsonrpc_stream_fail already adds a message field.
2020-07-24 11:35:49 +02:00
Christian Decker
85ec438d34 paymod: Routehintmod signals that we can retry if getroute fails
The shortcut in the retry_mod that we can skip retrying if getroute fails or
we have no result is only valid if the parameters don't change. As we iterate
through the routehints the parameters change, and so we must signal to the
retry_mod that it can retry even in those cases.
2020-07-24 11:35:49 +02:00
Christian Decker
52a8b8f9e7 paymod: Update step before creating child payments
The child payments will sometimes depend on the step of the parent, and making
sure that the parent state is correct before we create the children is
therefore important.
2020-07-24 11:35:49 +02:00
Rusty Russell
2556df5f7c plugins/pay: Exclude the entrypoint to a routehint to avoid cycles
This uses @cdecker's idea of excluding the routehinted channel from the route,
and also consumes the route hints as it goes so that it makes progress.

I don't know if this is correct, but it reliably passes tests/test_pay.py::test_tlv_or_legacy
now.
2020-07-24 11:35:49 +02:00
Christian Decker
56dd18e01e paymod: Iterate through the routehints in order
We store an offset of the current routehint in the modifier data. It gets
incremented on retry, and it gets reset to 0 on split. This is because once we
split we have a different amount and a previously unusable routehint becomes
usable again.
2020-07-24 11:35:49 +02:00
Christian Decker
1e28d661fd paymod: Move application of routehints into its own function
We have two places we need to do that now: in the root payment after we
checked if the destination is reachable, and in any other payment directly in
the initialization-step callback.
2020-07-24 11:35:49 +02:00
Christian Decker
282f19d560 paymod: Simplify routehint data initialization
It was spread over the step callback, but we only need to initialize the
routehints array there, child-payments can just inherit most of the information.
2020-07-24 11:35:49 +02:00
Christian Decker
b78aa3fb25 paymod: Check if destination is reachable at all directly at startup
This does two things: it checks if the destination of the payment is at all
reachable without routehints, and if it is it adds a direct attempt as option
to the routehints in the form of a NULL routehint. It also simplifies the
selection of the routehint since the direct case is no longer special, instead
we just return a NULL routehint as if it were a normal routehint.
2020-07-24 11:35:49 +02:00
Rusty Russell
497b18ba33 paymod: fix typo which can cause memory overrun.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-23 14:57:29 +02:00
Christian Decker
6ada56ca7c paymod: Always initialize p->route
We're using it in a couple of places to see if we even performed the attempt,
so we need to make sure it's initialized.
2020-07-23 10:14:21 +09:30
Christian Decker
899a2e64b0 paymod: Randomly select a routehint, or none at random
The adaptive MPP test was showing an issue with always using a routehint, even
when it wasn't necessary: we would insist on routhing to the entrypoint of the
routehint, even through the actual destination. If a channel on that loop
would result being over capacity we'd slam below 0, and then increase again by
unapplying the route. The solution really is not to insist on routing through
a routehint, so we implement random skipping of routehints, and we rotate them
if we have multiples.
2020-07-23 10:14:21 +09:30
Christian Decker
534536b242 paymod: Consolidate channel_hint creation in channel_hints_update
As the hints get new fields added it is easy to forget to amend one of the
places we create them, since we already have an update method let's use that
to handle all additions to the array of known channel hints.
2020-07-23 10:14:21 +09:30
Christian Decker
e76bf541ad paymod: Fix the routehints being lost when retrying
We were removing the current hint from the list and not inheriting the current
routehint, so we'd be forgetting a hint at each retry. Now we keep the array
unchanged in the root, and simply skip the ones that are not usable given the
current information we have about the channels (in the form of channel_hints).

Fixes #3861
2020-07-23 10:14:21 +09:30
Christian Decker
d289ee64a1 paymod: Add the courtesy +1 to the CLTVs to allow for a new block
This may be related to the issue #3862, however the water was muddied by it
being the wrong error to return, and the node should not expect this courtesy
feature to be present at all...
2020-07-23 10:14:21 +09:30
Christian Decker
e92787a0e2 paymod: Teach the adaptive splitter to respect the HTLC limit
There is little point in trying to split if the resulting HTLCs exceed the
maximum number of HTLCs we can add to our channels. So abort if a split would
result in more HTLCs than our channels can support.
2020-07-23 10:14:21 +09:30
Christian Decker
acdd9b8762 paymod: Teach the presplit modifier to respect the chan HTLC limit
The presplit modifier could end up exceeding the maximum number of HTLCs we
can add to a channel right out the gate, so we switch to a dynamic presplit if
that is the case. The presplit will now at most use 1/3rd of the available
HTLCs on the channels if the normal split would exceed the number of availabe
HTLCs. And we also abort early if we don't have a sufficient HTLCs available.
2020-07-23 10:14:21 +09:30
Christian Decker
a1dc9cbd97 paymod: Track how many HTLCs each channel can still add
It turns out that by aggressively splitting payments we may end up exhausting
the number of HTLCs we can add to a channel quickly. By tracking the number of
HTLCs we can still add, and excluding the channels to which we cannot add any
more we increase the route diversity, and avoid quickly exhausting the HTLC
budget.

In the next commit we'll also implement an early abort if we've exhausted all
channels, so we don't end up splitting indefinitely and we can also optimize
the initial split to not run afoul of that limit.
2020-07-23 10:14:21 +09:30
Christian Decker
eb322b114b plugin: Do not automatically initialize the RPC connection in bcli
Changelog-Fixed: plugin: `bcli` no longer logs a harmless warning about being unable to connect to the JSON-RPC interface.
Changelog-Added: plugin: Plugins can opt out of having an RPC connection automatically initialized on startup.
2020-07-23 10:14:21 +09:30
Vincent
54888d454b Fixed assertion in pay plugin
This PR includes the fix discussed on PR #3855. This fix was tested with the use case described inside the issue and worked.

Fixes: #3855

Changelog-None
2020-07-23 10:14:21 +09:30
Rusty Russell
178415aca7 pay: handle returned errors more gracefully.
The code had incorrect assertions, partially because it didn't clearly
distinguish errors from the final node (which, barring blockheight issues,
mean a complete failre) and intermediate nodes.

In particular, we can't trust the *values*, so we need to distinguish
these by the *sender*.

If a route is of length 2 (A, B):
- erring_index == 0 means us complaining about channel A.
- erring_index == 1 means A.node complaining about channel B.
- erring_index == 2 means the final destination node B.node.

This is particularly of note because Travis does NOT run test_pay_routeboost!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-23 10:14:21 +09:30
Rusty Russell
a849e5f4bd pay: fix problematic sharing of shadow route data.
Because listchannels responses are async, with mpp we can end up
fighting over use of the parent's data giving results from incorrect
final CLTVs to assertion failures like below:

```
pay: plugins/libplugin-pay.c:1964: shadow_route_listchannels: Assertion `amount_msat_greater_eq(p->constraints.fee_budget, d->constraints.fee_budget)' failed.
pay: FATAL SIGNAL 6 (version v0.9.0rc2-11-g29d32e0-modded)
0x563129eb6a15 send_backtrace
	common/daemon.c:38
0x563129eb6abf crashdump
	common/daemon.c:51
0x7fe37c8b920f ???
	???:0
0x7fe37c8b918b ???
	???:0
0x7fe37c898858 ???
	???:0
0x7fe37c898728 ???
	???:0
0x7fe37c8a9f35 ???
	???:0
0x563129ea5c63 shadow_route_listchannels
	plugins/libplugin-pay.c:1964
0x563129e9c56a handle_rpc_reply
	plugins/libplugin.c:547
0x563129e9cbfa rpc_read_response_one
	plugins/libplugin.c:662
0x563129e9ccf0 rpc_conn_read_response
	plugins/libplugin.c:681
0x563129ece660 next_plan
	ccan/ccan/io/io.c:59
0x563129ecf245 do_plan
	ccan/ccan/io/io.c:407
0x563129ecf287 io_ready
	ccan/ccan/io/io.c:417
0x563129ed151f io_loop
	ccan/ccan/io/poll.c:445
0x563129e9ef03 plugin_main
	plugins/libplugin.c:1284
0x563129e9b099 main
	plugins/pay.c:2010
0x7fe37c89a0b2 ???
	???:0
0x563129e9452d ???
	???:0
0xffffffffffffffff ???
	???:0
```
2020-07-23 10:14:21 +09:30
Christian Decker
f950153f98 paymod: Fix the adaptive splitter partitioning
We were using the current constraints, including any shadow route and other
modifications, when computing the remainder that the second child should
use. Instead we should use the `start_constraints` on the parent payment,
which is a copy of `constraints` created in `payment_start` exactly for this
purpose.

Also added an assert for the invariant on the multiplier.
2020-07-23 10:14:21 +09:30
Christian Decker
cb20dfc59e paymod: Do not duplicate partids
When using mpp we need to always have partids>0, since we bumped the partid
for the root, but not the next_id we'd end up with partid=1 being
duplicated. Not a big problem since we never ended up sending the root to
lightningd, instead skipping it, but it was confusing me while trying to trace
sub-payment's ancestry.
2020-07-23 10:14:21 +09:30
Christian Decker
7b4e70effa paymod: Consolidate step selection and changes in presplit modifier
We skip most payment steps and all sub-payments, so consolidate the skip
conditions in one if-statement. We also not use `payment_set_step` to skip any
modifiers after us after the step change.
2020-07-23 10:14:21 +09:30
Christian Decker
e1c6b977b4 paymod: Add a log entry whenever we add a channel hint
Mainly used for testing so we make sure we exclude or constrain the correct
channels. Test to follow.
2020-07-23 10:14:21 +09:30
Christian Decker
0ca2c6b9f3 paymod: Rewrite the shadow-route constraint enforcement
We now check against both constraints on the modifier and the payment before
applying either. This "fixes" the assert that was causing the crash in #3851,
but we are still looking for the source of the inconsistency where the
modifier constraints, initialized to 1/4th of the payment, suddenly get more
permissive than the payment itself.
2020-07-23 10:14:21 +09:30
Christian Decker
c0d70cdfc7 paymod: Add invariant verification for constraints on shadowroute
This was highlighted in #3851, so I added an assertion. After the rewrite in
the next commit we would simply skip if any of the constraints were not
maintained, but this serves as the canary in the coalmine, so we don't paper over.
2020-07-23 10:14:21 +09:30
Christian Decker
157e70ffe8 paymod: Add a comment about how we derive errors from erring_index
Mainly to help my future self remember
2020-07-23 10:14:21 +09:30
Christian Decker
b2463b12c0 paymod: Count all attempts, not just the ones with a result
With the presplitter in particular we would have n attempts but the array
contains n+1 entries, which is kinda weird.
2020-07-23 10:14:21 +09:30
Christian Decker
c984376a15 plugin: Always set an end_time for payments in a final state
Reported-by: @thestick613
Fixes #3848
2020-07-18 17:21:11 +02:00
Christian Decker
65ca634528 plugin: Fix misspelled COMPAT_V090 compile guards 2020-07-18 11:40:02 +02:00
Christian Decker
2146a548bd plugin: Do not return multiple times from pay
While we were unsetting the `payment->cmd` in case of a success to signal that
we should not return to the JSON-RPC command twice, we were not doing that in
the case of failures. This was causing multiple responses to a single incoming
command, and `lightningd` was correctly killing the plugin. This issue was
introduced through early returns (anything setting `payment->abort=true`) and
was caused in Rusty's case through an MPP timeout.

Fixes #3847
Reported-by: Rusty Russell <@rustyrussell>
Signed-off-by: Christian Decker <@cdecker>
2020-07-18 11:40:02 +02:00
Christian Decker
958244367c plugin: Do not get upset if it can't parse waitsendpay result
We were rather pedanticly failing the plugin if we were unable to parse the
`waitsendpay` result, but had coded all the modifiers in such a way that they
can handle a `NULL` result (verified in the code and manually by randomly
failing the parsing). So we now just log the result we failed to parse and
merrily go our way.

Worst case is that we end up retrying the same route multiple times, since we
can't blacklist any nodes / channels without understanding the error, but that
is still in the scope of what we must handle anyway.
2020-07-18 11:40:02 +02:00
Christian Decker
3b54847ae4 paymod: Do not assume that parsing the waitsendpay result succeeds
Suggested-by: ZmnSCPxj
Signed-off-by: Christian Decker
Reference: #3846
2020-07-18 11:40:02 +02:00
Christian Decker
a3610d66ac retrymod: Make retry modifier slightly more verbose
I found it rather useful to trace how a payment is getting retried in the logs.
2020-07-15 11:32:58 +02:00
Christian Decker
041ee930a4 mpp: Consider an abort as the payment being finished
If one part sets the root to be aborted, there is little point in continuing
to wait for the remainder, return to the caller immediately.
2020-07-15 11:32:58 +02:00
Christian Decker
718b6e3398 mpp: Detect if destination supports MPP from invoice and abort early
We abort on the root since that is the coordination point for all parts of the payment.
2020-07-15 11:32:58 +02:00
Christian Decker
de75d3ac0c mpp: Add CLI option to opt-out of multi-part payments
Several tests are not well-suited for mpp, so I added a CLI option to opt-out
of the MPP support at startup time.
2020-07-15 11:32:58 +02:00
Christian Decker
a287bbe55d mpp: Enable adaptive splitter
Changelog-Added: The adaptive multi-part payment modifier will split payments that are failing due to their size into smaller parts, and re-attempted.
2020-07-15 11:32:58 +02:00
Christian Decker
535aaca109 paymod: Implement adaptive splitter
This modifier splits a payment that has been attempted a number of times (by a
modifier earlier in the mod chain) and has failed consistently. It splits the
amount roughly in half, with a but if random fuzz, and then starts a new round
of attempts for the two smaller amounts.
2020-07-15 11:32:58 +02:00
Christian Decker
443643e0b0 retrymod: Reset retry counter if parent is a split
If the parent is a split we have new payment parameters, and want to perform a
number of attempts with those.
2020-07-15 11:32:58 +02:00
Christian Decker
d0eb3a79eb paymod: Not having a result doesn't mean we failed at getroute
Specifically if we split, there is no result, but we shouldn't add a failure
message.
2020-07-15 11:32:58 +02:00
Christian Decker
b813974e13 mpp: Add the presplit MPP modifier
Changelog-Added: The MPP presplit modifier splits large payments into 10k satoshi parts to maximize chances of performing the payment and to obfuscate the overall amount being sent.
2020-07-15 11:32:58 +02:00
Christian Decker
3f399d15cb paymod: Don't assume that the first payment was executed at all
With the `presplit`-modifier we actually skip execution of the root altogether
which results in the root not having a result at all. Instead we should use
the result returned by `payment_collect_result`.
2020-07-15 11:32:58 +02:00
Christian Decker
c97ff05ffb mpp: Add the presplit-modifier that splits a root payment first 2020-07-15 11:32:58 +02:00
Christian Decker
7f53ade64b paymod: Allow callers to opt out of shadow routing amount fuzzing
With MPP we require that the sum of parts is equal to the `total_msat` amount
declared in the onion. Since that can't be changed once the first part arrives
we need a way to disable amount fuzzing for MPP.
2020-07-15 11:32:58 +02:00
Rusty Russell
899ec2b3d4 JSON API: fix up two existing warnings to be conformant.
Technically an API break, but nobody relies on these I hope!

Note that the feerates warning was buried inside the style object:
it should be top-level.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-14 21:28:26 +02:00
Christian Decker
65963bc003 exemptfee: Only apply to the root payment and fix logs
We were applying the fee exemption to all payments individually, which is ok
until we switch to MPP, where amounts change. Also the log entry was referring
to the total amount, and not the fee of the payment.
2020-07-14 06:25:29 +09:30
Christian Decker
9be4d552fa paymod: Add a bit more information to the pay response
Amount, parent_part_id  and own partid can be helpful when debugging.
2020-07-14 06:25:29 +09:30
Christian Decker
6f40cb0202 paymod: Inherit exemptfee modifier data on retry 2020-07-14 06:25:29 +09:30
Christian Decker
b88a55b2a4 paymod: Only wait on blockheight if we need to
We were wrongfully identifying all payment failures as blockheight mismatches.
2020-07-14 06:25:29 +09:30
Christian Decker
f20091fc72 pay: Do not duplicate "message" field in response to pay 2020-07-14 06:25:29 +09:30
Christian Decker
411b760985 paymod: Reset the step if we're waiting for a block
This was causing the state flapping test to fail, since we were yielding
control of the io_loop, waiting for the blockheight to be reached, and not
setting the status beforehand. An interim `paystatus` call would then find a
failed leaf and deduce the entire payment failed. Setting it back to the
previous state keeps the overall payment pending while we wait.
2020-07-14 06:25:29 +09:30