Commit Graph

276 Commits

Author SHA1 Message Date
Christian Decker
d901304120 db: Change table field types to be more specific
sqlite3 was forgiving, postgres isn't, so let's make sure we use the strictest
field type possible, relaxing when rewriting.

The commit consists just of the following mapping

 - INTEGER -> BIGSERIAL if it is the primary key
 - INTEGER -> BIGINT if it is an amount or a reference to a primary key

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
416af636f0 db: Check execution when accessing the result of a statement
This was already done in `db_step` but `db_count_changes` and
`db_last_insert_id` also rely on the statement being executed. Furthermore we
now check that the statement was executed before freeing it, so it can't
happen that we dispose of a statement we meant to execute but forgot.

The combination of these could be used to replace the pending_statement
tracking based on lists, since we now make sure to execute all statements and
we use the memleak checker to make sure we don't keep a statement in memory.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
07f8d9046a db: Change migrations to use types of the correct cardinality
sqlite3 doesn't really do any validation whatsoever, and there is no
difference between 64bit and 32bit numbers. Posgtres on the other hand gets
very upset if the size doesn't match.

This commit swaps out handwavy types with the ones that should be there :-)

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
6b26ce5764 db: Split the vars table to have type-specific columns
This was weird right from the start, so we just split the table into integers
and blobs, so each column has a well-defined format. It is also required for
postgres not to cry about explicit casts in the `paramTypes` array.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
074af11e43 db: Select driver by dsn prefix
We were doing exact matches before, but prefix is sufficient.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
ad89699888 db: Allow some internal queries to fail
The first ever query to check if the version DB exists may fail. We allow
this, but we need to restart the DB transaction since postgres fails the
current transaction and rolls back any changes.

This just commits (and fails) and starts a new transaction so the rest of the
migration can continue.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
db6abda3a4 db: Adjust some db migrations to be compatible with postgres
Needed to change a couple of migrations. The changes are mostly innocuous:

 - changing BLOB to TEXT for short_channel_ids which is the correct type
   anyway, and sqlite3 treats them the same anyway.
 - Use `int` for version since the byte representation is checked by postgres.
 - Change anything that is INT, but will be bound to u64 to BIGINT (again
   postgres checks these more carefully than sqlite3).

Two migrations were replaced with dummy values, since they are buried deep
enough, and I found no portable way of expressing `strftime()` and `INSERT OR
IGNORE`.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
640e64cb73 db: Switch statement lookup to use the original query instead
Using a generated identifier with filename and line proved to be brittle since
compilers assign the __LINE__ macro differently on multi-line macro
invocations.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
3df8ccd3e0 db: Reorder migrations to reflect their relationship
This is dangerous but needed since postgres is not as forgiving about
unsatisfied foreign key constraints even while in a DB transaction.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Christian Decker
e2f7c86271 db: Move remainder of the sqlite3 into the apropriate file
We used to do some of the setup work in db.c, which is now free of any
sqlite3-specific code. In addition we also switch over to fully qualified DSNs
to specify the location of the wallet.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-22 02:03:43 +00:00
Rusty Russell
11ee089d4b db: store option_static_remotekey for each channel.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-10 16:18:25 -05:00
Rusty Russell
acf3952acc JSON: remove handling of pre-Adelaide (B:T:N) short_channel_ids.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-06 14:19:14 +02:00
Rusty Russell
91dcd1d55a db: convert pre-Adelaide short_channel_ids.
We're about to remove them.

Includes fix to sqlite3_bind_short_channel_id to not assume `id` is a
tal object.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-06 14:19:14 +02:00
Christian Decker
58f448904c db: Extract db config lookup into its own function
Signed-off-by: Christian Decker <decker.christian@gmail.com>
Suggested-by: Rusty Russell <@rustyrussell>
2019-09-05 23:41:05 +00:00
Christian Decker
c6b6958ae6 db: Remove sqlite3 from db.c and db.h
Now that all the users are migrated to the abstraction layer we can remove the
legacy implementation.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
a29bedb5b8 db: Switch to indirect db close
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
742bcdb2bc db: Move statement expansion into the driver
It's better to let the driver decide when and how to expand. It can then
report the expanded statement back to the dispatch through the
`db_changes_add` function.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
b6d583c26a db: Move tracking of pending statements into the struct db
We now have a much stronger consistency check from the combination of
transaction wrapping, tal memory leak detection. Tramsaction wrapping ensures
that each statement is executed before the transaction is committed. The
commit is also driven by the `io_loop`, which means that it is no longer
possible for us to have statements outside of transactions and transactions
are guaranteed to commit at the round's end.

By adding the tal-awareness we can also get a much better indication as to
whether we have un-freed statements flying around, which we can test at the
end of the round as well.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
460299850f db: Add DB-specific db_last_insert_id
This is likely the last part we need to completely encapsulate the part of the
sqlite3 API that we were using. Like the `db_count_changes` call I decided to
pass in the `struct db_stmt` since really they refer to the statement that was
executed and not the db.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
dffd3d79bc db: Add type-safe column access functions
These are based on top of the basic column access functions, and act as a
small type-safe wrapper, that also does a bit of validation.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
a4e5371732 db: Add more type-safe bindings to the interface
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
c68efdfcf4 db: Migrate to DB abstraction layer in db.c
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
716a3b11a5 sqlite3: Move begin transaction and commit into the driver
This has a slight side-effect of removing the actual begin and commit
statements from the `db_write` hooks, but they are mostly redundant anyway (no
harm in grouping pre-init statements into one transaction, and we know that
each post-init call is supposed to be wrapped anyway).

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
492d77f213 db: Add setup and teardown function to DB
These are used to do one-time initializations and wait for pending statements
before closing.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
a2b5b1561e db: Add method to count changed rows of a db_stmt
I was hoping to get rid of these by using "ON CONFLICT" upserts, however
sqlite3 only started supporting them in version 3.24.0 which is newer than
some of our deployment targets.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
d0027b1036 db: Implement basic query capabilities
This is the first step towards being able to extract information from query
rows. Only the most basic types are exposed, the others will be built on top
of these primitives.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
98963c58e4 db: Track whether a db_stmt has been executed
For some of the query methods in the next step we need to have an idea of
whether the stmt was executed (db_step function) so let's track that
explicitly.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
e65e4fcf4b wallet: Call db_stmt_free from the db_stmt destructor automatically
This is much more in line with the rest of our memory management.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
093f5bfbec db: Switch to new DB asbtraction for DB migrations
These do not require the ability to iterate over the result, hence they can be
migrated already.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
38601afd17 db: Implement skaffolding for the dispatch of DB-specific functions
These functions implement the lookup of the query, and the dispatch to the
DB-specific functions that do the actual heavy lifting.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
455aa48da0 wallet: Move the struct db definition to db_common.h
All drivers will have to reach into it, so put it in a place that is reachable
from the drivers, along with all other definitions.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
e04772ec9c wallet: Move the db_fatal definition so we can use it in drivers
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
acedcc593f wallet: Look up the db_config for the given driver in db_open
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
e4ab98459c wallet: Add tooling to extract SQL queries and generate driver info
This is the counterpart of the annotations we did in the last few commits. It
extracts queries, passes them through a driver-specific query rewriter and
dumps them into a driver-specific query-list, along with some metadata to
facilitate processing later on. The generated query list is then registered as
a `db_config` and will be loaded by the driver upon instantiation.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
803007ecdf db: Make the db struct private and provide accessors instead
We will soon generalize the DB, so directly reaching into the `struct db`
instance to talk to the sqlite3 connection is bad anyway. This increases
flexibility and allows us to tailor the actual implementation to the
underlying DB.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
66a47d2761 wallet: Annotate migrations using the SQL macro
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
57f91246cf wallet: Change db_select_prepare to check for select instead
`db_select_prepare` was prepending the "SELECT" part in an attempt to limit
its use to read-only statements. This is leads to the queries in the code not
actually being well-formed, which we'll need in a later commit, and was also
resulting in extra allocations. This switches the behavior to just enforce a
"SELECT" prefix being present which allows us to have well-formed queries in
the code again and avoids the extra allocation.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Christian Decker
f08fd9eaab wallet: Remove printf-like db_select variant
We need to have full DB queries that can be extracted at compile time later in
order to be able to rewrite them in other SQL dialects. In addition we had a
bit of unnecessary code-duplication in db_select and db_select_prepare. Now
the former uses the latter internally.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-09-05 23:41:05 +00:00
Rusty Russell
979fbeb3b0 lightningd: simplify --daemon.
Dumb programs which have a --daemon option call fork() early.  This is
terrible UX since startup errors get lost: the program exits with
"success" immediately then you discover via the logs that it didn't
start at all.

However, forking late introduced a heap of problems with changing
pids.  Instead, fork early but keep stderr and the parent around: if
we fail early on, the parent fails with us.  We release our parent
with an explicit action just before the main loop.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-08-04 21:29:03 +02:00
Rusty Russell
220449e1cd ccan: import ccan/json_out and ccan/json_escape.
These are generalized from our internal implementations.

The main difference is that 'struct json_escaped' is now 'struct
json_escape', so we replace that immediately.

The difference between lightningd's json-writing ringbuffer and the
more generic ccan/json_out is that the latter has a better API and
handles escaping transparently if something slips through (though
it does offer direct accessors so you can mess things up yourself!).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-06-12 02:00:15 +00:00
Christian Decker
1e2291c40c db: Add channel_id and type to the transactions table
Mainly used to differentiate channel-related transactions from on-chain wallet
transactions. Will be used to filter `listtransaction` results and bundle
transactions that belong to the same channel.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
trueptolemy
b41d529b28 DB: Store the remote channel announcement signatures into DB
1. Add the fields of remote channel announcement signatures into TABLE channels
2. Add the related function
2019-05-29 11:46:33 +02:00
ZmnSCPxj
edfb1ace4a wallet/db.c: Be resilient against 32-bit time_t.
Fixes: #2621
2019-05-24 16:07:33 +02:00
trueptolemy
8a2312565c DB: add failcode field in forwarded_payments table 2019-05-03 11:45:57 +02:00
Rusty Russell
7ead29b695 db: add support for remote end specify option_upfront_shutdown_script.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-05-02 01:18:33 +00:00
Christian Decker
75de2e2f3c wallet: Record the received_time and resolved_time for HTLCs
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-10 23:48:39 +00:00
Christian Decker
2ce9a1e10d wallet: Add received_time to htlc_in for forwarding times
We'd like to display the receive and resolution times in the forwardings
table. In order to remember the receive time we need to store it in the DB
along with the other information.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-10 23:48:39 +00:00
Christian Decker
fcf133cd0a db: Add timestamp primitives so we can store them in the DB
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-10 23:48:39 +00:00
Rusty Russell
b4455d517c common/node_id: new type.
Node ids are pubkeys, but we only use them as pubkeys for routing and checking
gossip messages.  So we're packing and unpacking them constantly, and wasting
some space and time.

This introduces a new type, explicitly the SEC1 compressed encoding
(33 bytes).  We ensure its validity when we load from the db, or get it
from JSON.  We still use 'struct pubkey' for peer messages, which checks
validity.

Results from 5 runs, min-max(mean +/- stddev):
	store_load_msec,vsz_kb,store_rewrite_sec,listnodes_sec,listchannels_sec,routing_sec,peer_write_all_sec
	39475-39572(39518+/-36),2880732,41.150000-41.390000(41.298+/-0.085),2.260000-2.550000(2.336+/-0.11),44.390000-65.150000(58.648+/-7.5),32.740000-33.020000(32.89+/-0.093),44.130000-45.090000(44.566+/-0.32)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-09 12:37:16 -07:00
Rusty Russell
837a095d68 pubkey: rename PUBKEY_DER_LEN to PUBKEY_CMPR_LEN.
Pubkeys are not not actually DER encoding, but Pieter Wuille corrected
me: it's SEC 1 documented encoding.

Results from 5 runs, min-max(mean +/- stddev):
	store_load_msec,vsz_kb,store_rewrite_sec,listnodes_sec,listchannels_sec,routing_sec,peer_write_all_sec
	38922-39297(39180.6+/-1.3e+02),2880728,41.040000-41.160000(41.106+/-0.05),2.270000-2.530000(2.338+/-0.097),44.570000-53.980000(49.696+/-3),32.840000-33.080000(32.95+/-0.095),43.060000-44.950000(43.696+/-0.72)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-09 12:37:16 -07:00
lisa neigut
ee1c82a7a7 db: fix memleak introduced with sqlite3_expanded_sql
wallet/test/run-wallet was failing the valgrind check; turns out
`sqlite3_expanded_sql` expects you to manage the memory of strings
it returns. from `sqlite3.h`:

** ^The string returned by sqlite3_expanded_sql(P), on the other hand,
** is obtained from [sqlite3_malloc()] and must be free by the application
** by passing it to [sqlite3_free()].
2019-04-09 07:19:15 +00:00
Rusty Russell
03108e6501 db: fall back to deprecated sqlite3_trace() for db hook on old sqlite3.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-08 01:56:17 +00:00
Rusty Russell
7ccf3af51d pytest: test the db hook plugin.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-08 01:56:17 +00:00
Rusty Russell
f0200027b8 db: keep track of changes.
For the moment we just dump them to stderr, but later this will go to a hook.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-08 01:56:17 +00:00
Rusty Russell
e1e26ca69d db: create explicit separate API for select statements.
I was tempted to create a new db_select_stmt wrapper type, but that means
a lot of boilerplate around binding, which expects to work with db_prepare
*and* db_select_prepare.

This lets us clearly differentiate between db queries (which don't need to
go to a plugin) and db changes (which do).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-08 01:56:17 +00:00
Rusty Russell
8c4ef7f059 db: avoid the only failing db_exec.
Replace with an explicit test for existence.  This simplifies our db interface.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-08 01:56:17 +00:00
Michael Schmoock
1043df28be adds: new db fields and struct variables
- Intrduce DB update `channel` values: `feerate_base` and `feerate_ppm`
- Make fist use of now context realted DB migration
- Add `struct channel` members of the same name
- Use struct values instead of config when commiting new channels
2019-03-15 02:48:18 +00:00
Rusty Russell
60285187fd db: support more powerful migrations.
Allow a function as well as (or instead of!) an sql statement.  That
will let us do things like set per-channel values to the global
defaults, for example.

Since we remove the NULL termination, the final entry is ARRAY_SIZE()-1
not ARRAY_SIZE()-2.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-03-04 00:04:38 +00:00
Rusty Russell
bef7d45f1c db: remove manual db_migration_count function.
More efficient to measure the ARRAY_SIZE(), which is a runtime
constant.  We move it into the unit test.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-03-04 00:04:38 +00:00
Rusty Russell
b65c279557 db: don't enter into db_upgrades table on every startup.
Below this code appears:

	if (current != orig)
		db_exec(__func__, db,
			"INSERT INTO db_upgrades VALUES (%i, '%s');",
			orig, version());

But since the loop pre-increments current, this is always true.  I wondered
why there were so many duplicates in my db_upgrades table!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-03-04 00:04:38 +00:00
Rusty Russell
919f390a93 sendpay: rename 'description' to 'label'.
This field was used by `pay` to hold the bolt11 description if the bolt11
string used `h` to hash the description (which nobody ever did).  If the
`h` field wasn't present, it could contain anything, as it wasn't checked.

It's really useful to have a label for payments (eg. '1 Cuban'), but adding
yet-another option would be painful, so we simply rename 'description'
to 'label' except inside the db.

This means we need to do some tricky parameter parsing to handle array
and keyword JSON arguments, but only until we remove the old name.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-23 05:45:25 +00:00
Rusty Russell
5e14274f41 sendpay: provide 'bolt11' parameter.
Without this, there's no proof of payment, since it is the signed invoice
that make the receipt valid.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-23 05:45:25 +00:00
Christian Decker
df4e0a0022 wallet: Add scriptPubkey to struct utxo
In order to avoid having to ask the HSM for public keys to
their_unilateral/to_us outputs we just store the `scriptPubkey` with the UTXO,
which can then be converted to the P2WPKH address.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-02-22 11:15:24 -08:00
Rusty Russell
6ed54dd34e db: fix dangling peers on db upgrade.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 12:03:54 +01:00
Rusty Russell
38e7d19dd5 Makefile: check for direct amount_sat/amount_msat access.
We need to do it in various places, but we shouldn't do it lightly:
the primitives are there to help us get overflow handling correct.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
1d1fcc41b8 db: add amount functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 00:44:57 +00:00
Christian Decker
a405c22fc9 daemon: Fix issue 2348, db->filenam not being correctly initialized
We were not correctly allocating the `db->filename`, failing to copy the
null-terminator. This was causing and error when reopening the database after
the call to `fork()`.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
Reported-by: Sean McNally <@sfmcnally>
Changelog-fixed: Fixed a crash when running in daemon-mode due to db filename overrun
2019-02-18 12:01:06 +01:00
Rusty Russell
b99293fbb6 short_channel_id: don't accept :-separated in JSON if --allow-deprecated-apis=false
We need to still accept it when parsing the database, but this flag
should allow upgrade testing for devs building on top

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-08 16:52:30 -08:00
Rusty Russell
be64dd84ca waitsendpay: indicate which channel direction the error was.
You can figure this yourself by knowing the route, but it's better to report
it directly here.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-15 12:01:38 +01:00
Rusty Russell
26dda57cc0 utils: make tal_arr_expand safer.
Christian and I both unwittingly used it in form:

	*tal_arr_expand(&x) = tal(x, ...)

Since '=' isn't a sequence point, the compiler can (and does!) cache
the value of x, handing it to tal *after* tal_arr_expand() moves it
due to tal_resize().

The new version is somewhat less convenient to use, but doesn't have
this problem, since the assignment is always evaluated after the
resize.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-15 12:01:38 +01:00
Rusty Russell
31a375af53 lightningd: add runtime checking for all system-provided libs.
And I tested this by rolling my own libz; make indeed detects
the change and fixes it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-14 05:36:34 +00:00
Rusty Russell
d7e233e47d Move json and param core functionality into common, for plugins.
json_escaped.[ch], param.[ch] and jsonrpc_errors.h move from lightningd/
to common/.  Tests moved too.

We add a new 'common/json_tok.[ch]' for the common parameter parsing
routines which a plugin might want, taking them out of
lightningd/json.c (which now only contains the lightningd-specific
ones).

The rest is mainly fixing up includes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-10 00:00:50 +00:00
Rusty Russell
305795b01e common/json: move JSON creation routines into lightningd/
It's the only user of them, and it's going to get optimized.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

gossip.pydiff --git a/common/test/run-json.c b/common/test/run-json.c
index 956fdda35..db52d6b01 100644
2018-10-19 22:02:11 +00:00
Christian Decker
07ebc525e9 wallet: Add new forwards table to keep track of forwarded payments
Signed-off-by: Christian Decker <@cdecker>
2018-10-19 21:58:27 +00:00
Rusty Russell
96f05549b2 common/utils.h: add tal_arr_expand helper.
We do this a lot, and had boutique helpers in various places.  So add
a more generic one; for convenience it returns a pointer to the new
end element.

I prefer the name tal_arr_expand to tal_arr_append, since it's up to
the caller to populate the new array entry.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-27 22:57:19 +02:00
Rusty Russell
cefb6925b2 db: save and restore last_sent_commit correctly.
It's an array: we were only saving the single element; if there was more than
one changed HTLC we'd get a bad signature!

The report in #1907 is probably caused by the other side re-requesting
something we considered already finalized; to avoid this particular error,
we should set the field to NULL if there's no last_sent_commit.

I'm increasingly of the opinion we want to just save all the update
packets to the db and blast them out, instead of doing this
second-guessing dance.

Fixes: #1907
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-04 14:43:27 +02:00
Rusty Russell
a5ecc95c42 db: store claimed per_commitment_point from option_data_loss_protect.
This means we don't try to unilaterally close after a restart, *and*
we can tell onchaind to try to use the point to recover funds when the
peer unilaterally closes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
Rusty Russell
1dde233a48 wallet: put explicit hook in for fatal error testing.
We're currently overriding fatal() with something that actually
returns, which contrasts with its declaration as NORETURN.

This breaks in the next patch which wants a real fatal() in wallet.h.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-10 12:44:28 +02:00
practicalswift
09ec0ae990 Return true or false from sqlite3_bind_* based on result from SQLite instead of always returning true 2018-07-31 12:44:44 +02:00
Rusty Russell
337075dc8c tal: don't access low-level tal functions.
In several places we use low-level tal functions because we want the
label to be something other than the default.  ccan/tal is adding
tal_*_label so replace them and shim it for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
Rusty Russell
5cf34d6618 Remove tal_len, use tal_count() or tal_bytelen().
tal_count() is used where there's a type, even if it's char or u8, and
tal_bytelen() is going to replace tal_len() for clarity: it's only needed
where a pointer is void.

We shim tal_bytelen() for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
Christian Decker
7119a02932 db: Add description fields to invoices and payments 2018-07-30 03:04:45 +00:00
Rusty Russell
ae17c64c4a db: full location tags for callers, make it implicit.
For better leak tracking.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-27 16:20:35 +02:00
Rusty Russell
b036948219 db: track open sqlite3_stmt in DEVELOPER mode.
I would have liked to make it a tal object, then we'd catch most
things with our memleak detection.  However, sqlite3 doesn't seem to
allow allocator overrides.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-27 16:20:35 +02:00
Christian Decker
89ff46f1e6 db: Added DB migrations to get the correct sync height
The no-rescan change requires us to rescan one last time from the first_blocknum
of our channels (if we have any). The migrations just drop blocks that are
higher, then insert a dummy with the first_blocknum, and then clean up after
us. If we don't have any channels we don't go back at all.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-25 14:33:38 +02:00
Christian Decker
28feb2eb7d db: Add table for onchaind transactions
These transactions being seen on the blockchain triggered some action in
onchaind so we need to replay them when we restore the onchaind.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-25 14:33:38 +02:00
ZmnSCPxj, ZmnSCPxj jxPCSmnZ
11ca729d85 wallet, payalgo: Save detail of payment failures for later reporting. (#1345)
Pointless for remote failures as those are never sent by
the erring node, but for local failures we can give more
detail.
2018-04-16 15:29:40 +02:00
Christian Decker
0f89653ce8 db: Add table for transactions we are interested in
Currently these are either transactions we sent ourselves or transactions that
we are watching because they are part of a channel.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-13 00:04:37 +02:00
Christian Decker
ffbe56847e db: Fixing some clang warnings
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-09 00:21:20 +00:00
ZmnSCPxj
f83c4ff903 wallet: Add msatoshi_to_us_min and msatoshi_to_us_max statistics for channels.
So we know how much counterparty could theoretically steal from us
 (msatoshi_to_us - msatoshi_to_us_min) and how much we could
 theoretically steal from counterparty (msatoshi_to_us_max -
 msatoshi_to_us).
For more piloting goodness.
2018-04-05 19:01:53 +02:00
Rusty Russell
6bb47276ce lightningd: put min/max feerates into db, struct channel.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00
Christian Decker
1133820ad6 db: Add a cleanup migration to clear any dangling utxoset entries
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-02 21:07:13 +02:00
Christian Decker
eb531e6da7 db: Make sure to enable foreign keys even after forking
This may be causing #1280, since with `--daemon` the DB is being reopened
without enabling the foreign key relations and hence the delete cascades.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-04-02 21:07:13 +02:00
ZmnSCPxj
b914062465 pay: Also record how much we actually ended up sending. 2018-03-26 05:01:49 +00:00
practicalswift
7e9750ffee Reduce variable scopes 2018-03-26 01:31:21 +00:00
ZmnSCPxj
0bb9bcc0f1 wallet: Track some channel usage statistics.
Fixes: #1049
2018-03-26 01:08:52 +00:00
Rusty Russell
76e8a11380 wallet: use json_escaped for invoice label.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-26 00:20:53 +00:00
practicalswift
98f49c0837 Remove include in file foo.c that is already included in foo.h 2018-03-25 23:54:21 +00:00
practicalswift
0bf1b01425 Fix typos 2018-03-25 15:53:01 +02:00
ZmnSCPxj
d5d31864cf wallet: Remove onion-decoding information from db on payment success/fail.
Fixes: #1177
2018-03-21 13:56:18 +01:00
ZmnSCPxj
693c718160 wallet: Add DB fields for recording routing failures. 2018-03-14 05:33:09 +00:00
Rusty Russell
f8c8d55565 db: migrate old shutdown_keyidx_local -1 values onto key 0.
It would be better to give them unique values, but we don't fully support
db migrate anyway and this is simple (though they will end up using the
same key for multiple channel closes if created before this commit).

Note that even if bip32_max_index is currently unset, it defaults to 0
so it will be found.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-03-07 18:55:51 +01:00
Christian Decker
50a8e32e3f db: Add index on utxoset.spendheight to speed up blockchain reorgs
Otherwise we would be doing a table scan per block being reorged/rescanned.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-06 18:59:27 +01:00
Christian Decker
ec014be2a8 db: Add utxoset table
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-06 18:59:27 +01:00
Christian Decker
247aa13a58 db: Add index covering the output heights
Avoids performing a table scan, now deletes on blocks are a lot
faster.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-06 18:59:27 +01:00
Christian Decker
7f00230657 db: Add confirmation_height and spend_height columns to outputs
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-06 18:59:27 +01:00
Christian Decker
fea03dbca9 db: Add a table to track blockheaders
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-03-06 18:59:27 +01:00
Igor Cota
2bb9797ddb Add bolt11 to the invoices db table as TEXT.
Saving in case an RPC client needs it later
2018-03-01 03:55:48 +00:00
Rusty Russell
b7ed5670d5 lightningd: close and reopen db across fork for daemonize
Fixes: #1092
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-27 00:09:34 +01:00
Rusty Russell
cccdb53bec channel_states: fold all the ONCHAIND states into one.
The billboard is now far more useful to tell what's going on, and this
gets us closer to a state == owner mapping.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-23 18:02:00 +01:00
Rusty Russell
655ae90e5e wallet: remove obsolete peers.
Fixes: #1029
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-22 12:06:39 +01:00
practicalswift
91a9c2923f Mark intentionally unused parameters as such (with "UNUSED") 2018-02-22 01:09:12 +00:00
Rusty Russell
d47d85fa30 wallet: add list of upgrades.
Useful for debugging a db.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-20 01:38:32 +00:00
Rusty Russell
611ecc60ae lightningd: rename peer_state -> channel_state, remove OPENINGD.
And now we can finally do the db upgrade to remove any OPENINGD
channels once, since we never put them back.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-19 02:56:51 +00:00
Rusty Russell
4ab7589427 sqlite3_column_arr: helper to allocate and read an array from a blob.
We use it on the secrets array for the moment, but it's also useful
for remote_shutdown_scriptpubkey, as used in the next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-19 02:56:51 +00:00
Rusty Russell
55d962046b Rename (almost) all destructors to destroy_<type>.
We usually did this, but sometimes they were named after what they did,
rather than what they cleaned up.

There are still a few exceptions:
1. I didn't bother creating destroy_xxx wrappers for htable routines
   which already existed.
2. Sometimes destructors really are used for side-effects (eg. to simply
   mark that something was freed): these are clearer with boutique names.
3. Generally destructors are static, but they don't need to be: in some
   cases we attach a destructor then remove it later, or only attach
   to *some* cases.  These are best with qualifiers in the destroy_<type>
   name.

Suggested-by: @ZmnSCPxj
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-14 11:31:58 +01:00
Rusty Russell
7eea02e846 db: don't allow newer db versions.
Clearly we could do more damage if we continue.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-02-14 11:31:58 +01:00
Christian Decker
e1c0119373 db: Add table for htlc_sigs
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-02-11 01:13:07 +01:00
ZmnSCPxj
299b280f78 pay: Save nodes and channels used on route to payment. 2018-02-01 00:46:06 +00:00
ZmnSCPxj
a88c73a41b invoices: Add paid_timestamp field.
Fixes: #615
2018-01-18 17:37:10 +01:00
Rusty Russell
559010f525 wallet: add path_secrets to payment table.
We need these to decode any returned errors.

We remove it from struct pay_command too, and load directly from db
when we need it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 23:55:35 +01:00
Rusty Russell
9b99b74c41 db: route to extract an array of struct secret from a column.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 23:55:35 +01:00
Rusty Russell
2cbe5b65c7 wallet: add preimage to db.
We should be saving this, as it's our proof of payment.  Also, we return
it if they try to pay again.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 23:55:35 +01:00
Rusty Russell
3fbed24b0d wallet: remove direction column from payments table.
We simply discard incoming entries.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 22:43:14 +01:00
Rusty Russell
dea0aef52f wallet: use wallet_payment only for *outgoing* payments.
Incoming payment information is completely covered by invoices.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-17 22:43:14 +01:00
Christian Decker
cc77012f63 wallet: Add last_was_revoke to channels
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-01-15 12:43:22 +01:00
Rusty Russell
2f2fb0c2a1 invoice: add msatoshi_received field.
Paid invoices need to know how much was actually paid: both for the case
where no 'msatoshi' amount was specified, and for the normal case, where
clients are permitted to overpay in order to help them disguise their
payments.

While we migrate the db, we leave this field as 0 for old paid
invoices.  This is unhelpful for accounting, but at least clearly
indicates what happened if we find this in the wild.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-14 23:10:10 +00:00
Christian Decker
0bb264e1a2 wallet: Added unilateral close info to utxo
This is necessary to grad the their_unilateral/to-us outputs since
they aren't being harvested by `onchaind`

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2018-01-08 17:19:25 +01:00
Rusty Russell
af0ed9e5cf db: add column for first block of channel.
This determines how far we go back.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-05 15:05:21 +01:00
Rusty Russell
63390a58b0 db: log a message to say whether we created or updated db.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-01-02 13:21:25 +01:00
ZmnSCPxj
3dd50d6219 wallet: Add pay_index column to database for paid invoice ordering. 2018-01-01 23:13:31 +00:00
Rusty Russell
9747d1a62c database: don't leak query string.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-12-13 22:46:10 +01:00
practicalswift
61c47c09d0 Fix typos 2017-12-08 13:07:20 +01:00
Rusty Russell
b836b452dc feerate: keep feerates separately for each side.
When we support changing them, they can be different during the transition.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 12:40:32 +01:00
Rusty Russell
e302d6193c invoice: store expiry time in db.
This is backwards-compat: sets existing expiry for invoices to ~infinity.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-23 00:11:04 +01:00
Christian Decker
6601c43edc db: Add payments table
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-20 06:28:03 +00:00
Rusty Russell
f71a18241a wallet: save and restore htlc_basepoint for remote side.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-16 17:40:57 +01:00
Rusty Russell
9fd81ab06d db: make db_exec() an internal function.
Every caller is using prepared statements now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
4fb472b7a7 db: we must always be in a transaction, remove nested, call fatal()
We save location where transaction was started, in case we try to nest.
There's now no error case; db_exec_mayfail() is the only one.

This means the tests need to override fatal() if they want to intercept
these errors.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
3282768302 wallet: don't fail, assume db ops will call fatal.
And override fatal() in wallet_tests to be sure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
1eb7e92a30 db_migrate: get version inside transaction.
we should never be doing two startups at once, but why take chances?  Plus,
we can then assert that all db calls are in transactions.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
b148b89baf db_exec_mayfail: variant of db_exec where we actually expect an error.
There's one caller where db_exec can actually fail due to constraints,
and we rely on it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
1f7e370fda db: rollback transaction if we had an error.
This is temporary; we'll eventually fail on error.  However, since
db_exec() is a NOOP if we have an error, we need to do something.
2017-11-06 10:24:34 +01:00
Rusty Russell
360aa15e4d db_query: don't remove transaction or set error if query fails.
We return NULL in this case.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Rusty Russell
5e46af64fc db: keep in_transaction as a counter, so we can nest commits.
Otherwise we find ourselves outside a commitment.  This is a bandaid
until we remove nested commitments again at the end of this series.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2017-11-06 10:24:34 +01:00
Christian Decker
77789bb705 db: Implemented poor mans nested transactions
Nesting is provided by only actually performing the outermost
transaction and simulating the nested ones. This still allows us to
ensure on lower levels that we are in the context of a transaction
without having to resort to keeping explicitly track of it in the
calling code.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-11-06 10:24:34 +01:00
Christian Decker
da183c22a0 db: Cleanup all remaining traces of hex-encoded values
In addition we also set some of the test values to a pattern instead
of just `memset`ting it to 0, which may hide some crossed lines.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-10-31 22:43:47 +00:00
Christian Decker
c1d364c5fb wallet: Migrate channel persistence to native sqlite3 binding
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-10-31 22:43:47 +00:00
Christian Decker
33da7f50c7 db: Added short_channel_id, tx, pubkey and signature primitives
We use these quite often and it is cumbersome having to do these
simple conversions inline, so just expose pseudo-sqlite3 methods to
bind and extract from/to a stmt.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-10-31 22:43:47 +00:00
Christian Decker
b267b24c08 db: db_exec_prepared takes ownership of the statement
Technically it's the caller that'll own the statement, but it is nice
to have db_exec_prepared dispose of it.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2017-10-31 22:43:47 +00:00