Commit Graph

590 Commits

Author SHA1 Message Date
Rusty Russell
3b7d0e7a62 common/json: make json_scan return an error string.
This makes for more useful errors.  It prints where it was up to in
the guide, but doesn't print the entire JSON it's scanning.

Suggested-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
09b18bf64f libplugin: replace rpc_delve with rpc_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
b61da8c5a9 plugins: use json_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
35e8949df3 plugins/bcli: convert to json_scan.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
Rusty Russell
2b6cdfeb5a json_to_psbt: fix API to match other allocating json_to functions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-01-07 19:32:47 +01:00
niftynei
0726d2912e df-mfc: remove guard-rails for failures
This will cause blow ups for v2 multifundchannel attempts with failures,
but allows us to return the expected errors for single-shot
fundchannel attempts.

Error handling is coming, i promise
2021-01-06 14:50:02 +01:00
niftynei
b040a893ed mfc: avoid off-by-one rounding errors when finding change fee
Since we round down in `amount_tx_fee`, find the change fee as the
difference between what we've already paid and what the combined/total
fee would be if the change weight were also added.
2021-01-06 14:50:02 +01:00
niftynei
3793687550 mfc-df: if the psbt we've got has inputs from our peer, remove them
We only want to attempt to unreserve inputs that are ours (otherwise we
log a broken error)
2021-01-06 14:50:02 +01:00
niftynei
6e3c517611 mfc-df: if there's an error with a openchannel_signed, fail
Ideally we'd 'cure' the error and re-attempt, except that if this was a
bitcoin-backend 'failure to broadcast' then it really needs user
intervention to figure out what's wrong -- it's possible that the
peer successfully broadcast the transaction
2021-01-06 14:50:02 +01:00
niftynei
6030d0542a bcli: print error message in debug log for broadcast failures 2020-12-24 11:38:49 +01:00
niftynei
47d9ff88df bcli: only print error if exitcode is non-zero 2020-12-24 11:38:49 +01:00
niftynei
08c8581461 bcli: allocate temp string off of short-lived cmd
`cmd` gets cleaned up almost immediately, and is the right scope for a
temporary string allocation
2020-12-24 11:38:49 +01:00
niftynei
f9a2489424 bcli: print sendrawtx every time (even on failures) 2020-12-24 11:38:49 +01:00
Rusty Russell
52af729641 plugins/offer and plugins/fetchinvoice: send and recv errors.
This also lets us extend our testing to cover error cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
96caf9f4ab fetchinvoice: return the next period for recurring offers.
This is useful for the caller to know when to call again.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
69ddf818c7 plugins/fetchinvoice: catch invoice_request reply.
Using onionmessage hook, we get the response and either present it
to the user (invoice) or return the error to the user.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
3eada358e9 plugins/fetchinvoice: plugin to send an invoice_request for a given offer
Doesn't catch the reply yet, but prepares the invoice request based on
the offer and sends it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
9d75fbe237 plugins/offers: add code to catch invoice_request onion messages.
We prepare an invoice, but there's no code to send an error reply yet
(future patch).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
08e110b568 JSON: offers plugin offer command.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
26e0cbeb7c plugin/offers: skeleton for offers plugin (EXPERIMENTAL_FEATURES)
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-23 14:24:39 +01:00
Rusty Russell
723c16072a cleanups: feedback from Christian Decker review.
1. Hoist 7200 constant into the bolt12 heade2.
2. Make preimage the last createinvoice arg, so we could make it optional.
3. Check the validity of the preimage in createinvoice.
4. Always output used flag in listoffers.
5. Rename wallet offer iterators to offer_id iterators.
6. Fix paramter typos.
7. Rename `local_offer_id` parameter to `localofferid`.
8. Add reference constraints on local_offer_id db fields.
9. Remove cut/paste comment.
10. Clarify source of fatal() messages in wallet.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Rusty Russell
9fe612db20 plugins/pay: allow bolt12 invoices (EXPERIMENTAL_FEATURES).
Note that we remove the redundant "is this the correct chain?"
check, since bolt11_decode and bolt12_decode do that internally
anyway (this was changed in 924cc04bd2).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Rusty Russell
a33e39b7e8 pay, wallet: rename internal bolt11 vars to invstring.
And handle bolt12 strings if EXPERIMENTAL_FEATURES.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-15 12:05:02 +01:00
Christian Decker
3b599b846e keysend: Check that the destination supports keysend upon init
We were blindly initiating the keysend payment, which could lead to
confusing outcomes. This adds a very specific error message to the
error returned.

Changelog-Fixed: keysend: Keysend now checks whether the destination supports keysend before attempting a payment. If not a more informative error is returned.
2020-12-11 15:50:09 +01:00
Christian Decker
e186b2620a txprepare: Verify that outputs arg is an array
We were not checking that outputs is indeed an array, and just going
ahead creating the array of outputs. Since `tok->size` for a string is
0 we ended up ignoring the argument altogether and thus the created
transaction would end up only with a single change output.

Fixes #4258
2020-12-09 06:56:21 +10:30
Christian Decker
55d9492d9e txprepare: Use param_outpoint_arr helper to validate input 2020-12-09 06:56:21 +10:30
Rusty Russell
c5a2e64fd4 plugins/libplugin-pay: expose gossmap for plugin special effects.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
Rusty Russell
54c57e7495 libplugin-pay: don't expose bolt11 details.
When we support bolt12, this won't exist.  We only need min_final_cltv_expiry,
routes and features, so put them into struct payment explicitly.

We move the default final ctlv out to the caller, too, which is clearer.
e.g. keysend was using this value, but it was hard to tell.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-04 20:16:54 -06:00
João Paulo
7514d7fb48 plugins: add txprepare to .gitignore
Changelog-None
2020-12-04 11:30:58 +10:30
niftynei
4185a86d90 df-mfc: set the minimum input weight to 110 iif v2
We only need a bumped up input weight if we're talking to nodes that
require v2.
2020-12-02 14:19:08 +10:30
niftynei
b01734087d df-mfc: set protocol type when we know it
We'll use it for figuring out whether or not to set a utxo witness
minimum, which comes much before we were setting this field.

Now we set the protocol as soon as we can reasonably deduce it.
2020-12-02 14:19:08 +10:30
Rusty Russell
9361b62e3a libplugin: add command_hook_success helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-12-02 10:38:04 +10:30
niftynei
29c3532856 mfc-psbt: mark all of our inputs as "ours", then only sign those
we only want to sign the inputs that we've reserved via utxopsbt or
fundpsbt. we mark them with a flag (reusing the now defunct max-len
flag is fine), then look for inputs with that flag to pass to signonly
2020-11-23 12:41:05 -06:00
niftynei
6077eca660 df: pass back 'close_to' for completed/commitment secured channels
When commitments are secured, also return the 'close_to' script if we've
got a local_upfront_shutdown_script set.
2020-11-23 12:41:05 -06:00
niftynei
c6b45e052b mfc-df: after openchannel_signed is finished, we call finished
We done!?
2020-11-23 12:41:05 -06:00
niftynei
3e19b6c8f5 mfc-df: after psbt signed, send to openchannel_signed if v2s
If there's an v2 destinations, they'll broadcast the tx for us
2020-11-23 12:41:05 -06:00
niftynei
a34425abd1 mfc-df: after sigs are collected, go sign the psbt 2020-11-23 12:41:05 -06:00
niftynei
d7c06b5b0e mfc-df: once we've gotten the PSBT finalized, we wait for peer sigs
We need our peer's signatures to arrive before we sign/broadcast the
funding transaction (but only if there's v2 peers present)
2020-11-23 12:41:05 -06:00
niftynei
c90a19f739 mfc-df: only add outputs for v1 outs; go to openchannel_update if v2s
We only have output scripts for v1 protocols after the
fundchannel_start/openchannel_init round. We need to add them before
we get into the openchannel_update rounds, however, so we do that here.
2020-11-23 12:41:05 -06:00
niftynei
3d2c0951d5 mfc-df: rework how openchannel_update works, callbacks 2020-11-23 12:41:05 -06:00
niftynei
381658dee6 mfc-df: merge openchannel_init/fundchannel_start results
These happen simultaneously, and should resolve to the same place when
they're finished.
2020-11-23 12:41:05 -06:00
niftynei
95de8b1174 mfc-df: have both paths use redo_multifundchannel
Still need handling of failure for v2 opens (no rpc exists?!)
2020-11-23 12:41:05 -06:00
niftynei
a31b078721 mfc: consolidate to a single FAILED state 2020-11-23 12:41:05 -06:00
niftynei
991ae65e9e mfc-df: track destination's openchannel version
Plus method to help count/tabulate how many of each we've got
around still.
2020-11-23 12:41:05 -06:00
niftynei
e0c4865eea mfc: add a 'fail_destination' helper
Caches state at which we failed + sets error
2020-11-23 12:41:05 -06:00
niftynei
5b6b012af9 mfc: add happy path-way for v2 in multifundchannel
Tested and works with both sides funding! Yay.

Doesn't do any amount of reasonable cleanup or handling of errors.
2020-11-23 12:41:05 -06:00
Christian Decker
313976e2f4 pay: Cleanup the route applicability checks for channel hints
I previously mistyped the rather lengthy conditions for failures, so
let's dissect it into its smaller components and add rationale behind
the individual parts of the decision.
2020-11-17 14:04:19 +10:30
Christian Decker
4d6b4a0445 pay: Retry the route computation if we could not apply the chanhints
This adds a new state `PAYMENT_STEP_RETRY_GETROUTE` which is used to
retry just that one step, without spawning a completely new
attempt. It's a new state so that modifiers do not act on it twice.

Changelog-Fixed: pay: Improved the performance of the `pay` command considerably by avoiding conflicting changes to our local network view.
2020-11-17 14:04:19 +10:30
Christian Decker
544e110c96 pay: Add a pre-apply check to channel_hint updates
This allows us to atomically update all channel_hints and determine if
we had a collision and therefore should retry.
2020-11-17 14:04:19 +10:30
Christian Decker
83f57ac300 pay: Move the chanhint update up to payment_getroute
We were delaying the channel_hint update till after the `createonion`
call which gave us the same situation we had with concurrent
`getroute` calls. Now we update the hints as soon as the plugins have
had their say in the route construction. If we still fail, either
because a modifier changed the route causing the failure, or because
we interleaved the route computation for multiple parts, we reset the
attempt and retry inline (i.e., without creating a new sub-payment).

Notice that interleaved route computations now only happen if the
modifier makes an async call to some RPC or similar.
2020-11-17 14:04:19 +10:30
Rusty Russell
62c52fe868 libplugin: add support for before and after deps on hooks.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-11-09 15:22:33 -06:00
Rusty Russell
cd5a93d0bd gossmap: fix reutrn of gossmap_xxx_has_feature, rename.
1. One place returned false instead of -1.
2. The names implied it returned a bool, and it doesn't.

Fix both, and curse C's loose typing a little.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-28 15:32:12 +10:30
Rusty Russell
572c849873 libplugin: ignore incoming notifications.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-23 13:53:16 +10:30
Rusty Russell
127811757f libplugin: support for sending notifications.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: libplugin: routines to send notification updates and progress.
2020-10-23 13:53:16 +10:30
Rusty Russell
a8177e9013 Makefile: make check-includes check all the non-generated files.
Note that check-whitespace and check-bolt already do this, so we
can eliminate redundant lines in common/Makefile and bitcoin/Makefile.

We also include the plugin headers in ALL_C_HEADERS so they get
checked.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-22 12:14:34 +10:30
Rusty Russell
5e865ce42b Makefile: unify generated files definition.
We change gen_ to _gen, because filtering on gen_% doesn't work if they're
in subdirectories :(

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-22 12:14:34 +10:30
niftynei
f8c4cc73ae mfc: use declared constants
reduce, reuse, recycle for a greener world
2020-10-21 11:24:16 +10:30
niftynei
e66937e012 mfc: Add a commitment_feerate optional parameter to multifundchannel
Technically there *are* two feerates that we need to know:
  - the feerate to use for the funding transaction, and
  - the feerate to tell our peer to use for our commitment txs/htlc txs

As written, `multifundchannel` uses the same feerate for both. This
optional parameter will allow us to differentiate between the two, which
will be exceedingly handy for anchor output worlds. ;)

FIXME: test this

Changelog-Added: JSON API: `multifundchannel` has a new optional argument, 'commitment_feerate', which can be used to differentiate between the funding feerate and the channel's initial commitment feerate
2020-10-21 11:24:16 +10:30
Rusty Russell
b470ae2c73 plugins/libplugin-pay: use gossmap.
This is a fairly direct translation.  Even so, it should be faster in
most cases, and and we can do more sophisticated things if we want.

This also handles disabled channels better.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: plugins: `pay` will now try disabled channels as a last resort.
2020-10-21 08:58:34 +10:30
Rusty Russell
eadf2c91fe libplugin-pay: incorporate gossip store.
So we can use this for routing determinations.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-21 08:58:34 +10:30
Rusty Russell
92f2461b5d plugins/pay: fix leak on failed new payments.
Start with attaching the payment to cmd (in case of failure), then steal
onto the plugin itself.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-10-21 08:58:34 +10:30
niftynei
4926c25bb5 fundchannel: take a 'close_to' address
Finally, extends the 'close_to' functionality up to the flagship 'open a
channel' command.

Changelog-Added: JSON-API `fundchannel` now accepts an optional 'close_to' param, a bitcoin address that the channel funding should be sent to on close. Requires `opt_upfront_shutdownscript`
2020-10-16 13:51:57 +10:30
niftynei
628df74e26 mfc: allow a 'close_to' address to be passed in
This will allow us to let `fundchannel` handle a close to address, also
2020-10-16 13:51:57 +10:30
Rusty Russell
6195d953cc plugins: use "slow" feerate for mutual close negotiation.
We're rarely in a hurry here, and bitcoind is aggressive with fees.
You can always spend this output if you really have to, using CPFP.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: Protocol: mutual closing feerate reduced to "slow" to avoid overpaying.
2020-10-13 20:53:34 +02:00
Rusty Russell
7260d9ea3d plugins: generate list of plugins more atomically, respect V=1 and --quiet.
I got a corrupt file, which looked like multiple concurrent attempts
to build it.  So instead, build it in one command, but also use
VERBOSE so we print correctly with V=1 (and --quiet).

Also move into plugins/ where it logically belongs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-24 13:19:59 +02:00
Rusty Russell
924cc04bd2 bolt11: have caller supply preferred chain.
This lets us distinguish testnet from signet invoices, since they
have the same prefix.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-24 09:24:14 +09:30
Antoine Poinsot
15adcc915f Remove varint typedef for bigsize
It's not part of the spec anymore

Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-09-23 16:30:36 +09:30
Rusty Russell
607075a3d4 bitcoin/psbt: wallt_tx_output needs a tal ctx.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-23 13:52:49 +09:30
Rusty Russell
480f671e91 bitcoin/psbt: psbt_txid needs a tal ctx.
It returns a wally_tx; it's an anti-pattern not to hand in a tal context.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-23 13:52:49 +09:30
Rusty Russell
1deba1c8e4 plugins/pay: handle case where amount_msat is 'null'.
Deprecated, but this can happen:

```
==1578== Conditional jump or move depends on uninitialised value(s)
==1578== at 0x12B30E: amount_msat_add (amount.c:224)
==1578== by 0x11270B: add_amount_sent (pay.c:1734)
==1578== by 0x112D89: listsendpays_done (pay.c:1831)
==1578== by 0x114F4B: handle_rpc_reply (libplugin.c:555)
==1578== by 0x115704: rpc_read_response_one (libplugin.c:685)
==1578== by 0x115821: rpc_conn_read_response (libplugin.c:705)
==1578== by 0x148E40: next_plan (io.c:59)
==1578== by 0x1499BD: do_plan (io.c:407)
==1578== by 0x1499FB: io_ready (io.c:417)
==1578== by 0x14BBC1: io_loop (poll.c:445)
==1578== by 0x117A82: plugin_main (libplugin.c:1322)
==1578== by 0x113ABC: main (pay.c:2096)
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-11 12:48:48 +09:30
ZmnSCPxj jxPCSnmZ
0eb1e7e0ca plugins/libplugin-pay.c: Add new payee_incoming_limit to limit number of HTLCs based on payee connectivity.
Fixes: #3926

(probably)

Changelog-Fixed: pay: Also limit the number of splits if the payee seems to have a low number of channels that can enter it, given the max-concurrent-htlcs limit.
2020-09-10 16:50:52 +09:30
ZmnSCPxj jxPCSnmZ
deced56344 plugins/libplugin-pay.c: Add facility to have paymods request lowering of the estimated max HTLCs. 2020-09-10 16:50:52 +09:30
ZmnSCPxj jxPCSnmZ
d15717b576 plugins/libplugin-pay.c: Keep p->invoice->routes valid when the routehints paymod mutates it.
The routehints paymod shares the storage of the array d->routehints and
p->invoice->routes, but once it operates, it possibly leaves it as a stale
pointer to memory it used to have.

Since other paymods may be interested in the invoice details, including
the routehints in the invoice, we should ensure the p->invoice->routes
remains valid whenever we try mutating that array.
2020-09-10 16:50:52 +09:30
Rusty Russell
191355e0e7 pay: fix handling of legacy vs tlv encoding.
As revealed by the failure of tests in #3936, where we ended up trying
to send a partial payment using legacy style, we are not handling
style properly.

1. BOLT9 has features, so we can *know* that the destination supports
   MPP.  We may not have seen a node_announcement.
2. We can't assume that nodes inside routehints support TLV.
3. We can't assume direct peers support TLV.

The keysend code tried to fix this up, so I'm not sure that this caused
the issue in #3968, though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: `pay` will now make reliable multi-part payments to nodes it doesn't have a node_announcement for.
2020-09-10 16:50:32 +09:30
ZmnSCPxj jxPCSnmZ
9587425f2d plugins/spender/fundchannel.c: Make fundchannel a thin layer around multifundchannel.
Changelog-Changed: protocol: `fundchannel` now shuffles inputs and outputs, and no longer follows BIP69.
2020-09-10 15:28:50 +09:30
ZmnSCPxj jxPCSnmZ
f6c145d2df plugins/spender/multifundchannel.c: Move multifundchannel to the spenderp plugin. 2020-09-10 15:28:50 +09:30
niftynei
81a7a6742a elements: use normalization for elements fee output
This will update the fee output if it exists, rather than unilaterally
adding a new one.

Also, if the fee output already exists, we should make sure that it
doesn't interfere with the outnums of the other outputs
2020-09-10 12:31:36 +09:30
niftynei
4c28e7b362 txprepare: elements requires inclusion of an accurate fee output
so we add an accurate one
2020-09-10 12:31:36 +09:30
ZmnSCPxj jxPCSnmZ
277ff0f44c plugins/spender/multiwithdraw.c: Implement multiwithdraw command.
Fixes: #2679

Changelog-Added: JSON-RPC: New `multiwithdraw` command to batch multiple onchain sends in a single transaction.  Note it shuffles inputs and outputs, does not use BIP69.
2020-09-09 20:36:08 +09:30
ZmnSCPxj jxPCSnmZ
e04febfe0c plugins/spender/: New plugin that will eventually absorb all onchain-spending commands. 2020-09-09 20:36:08 +09:30
ZmnSCPxj jxPCSnmZ
45e1b3828a plugins/multifundchannel.c: Add minchannels flag to multifundchannel.
[ changed from best_effort binary to minchannels counter -- RR]
2020-09-09 16:45:56 +09:30
ZmnSCPxj jxPCSnmZ
0d3a3b6d48 plugins/multifundchannel.c: Implementation of multifundchannel.
Changelog-Added: We now have `multifundchannel` as a builtin plugin command to fund multiple channels to different peers all in a single onchain transaction.


Header from folded patch 'fixup-use-json_add_psbt.patch':

fixup!


Header from folded patch 'use-goto-no-ok-chain.patch':

fixup!


Header from folded patch 'destinations-at-parse-time.patch':

fixup!


Header from folded patch 'multifundchannel__use_jsmntoks_to_pass_through_json_string,_not_strings.patch':

multifundchannel: use jsmntoks to pass through json string, not strings

Passing in "" for utxos would crash lightningd on the command-line
otherwise. Now returns an error.


Header from folded patch 'update_plugins-multifundchannel.c.patch':

Update plugins/multifundchannel.c

Co-authored-by: Darosior <darosior@protonmail.com>
2020-09-09 16:45:56 +09:30
ZmnSCPxj jxPCSnmZ
ee276bcb86 plugins/bcli.c: sendrawtransaction now has a required allowhighfees argument.
Changelog-Deprecated: plugin: `bcli` replacements should note that `sendrawtransaction` now has a second required Boolean argument, `allowhighfees`, which if `true`, means ignore any fee limits and just broadcast the transaction. Use `--deprecated-apis` to use older `bcli` replacement plugins that only support a single argument.
2020-09-09 12:38:19 +09:30
Rusty Russell
83298c030a wallet: switch over to withdraw in module, remove lots of unused code.
This removes the reservation cleanup at startup, too, now they're all
using 'reserved_til'.

This changes test_withdraw, since it asserted that outputs were marked
spent as soon as we broadcast a transaction: now they're reserved until
it's mined.  Similarly, test_addfunds_from_block assumed we'd see funds
as soon as we broadcast the tx.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: JSON-RPC: `withdraw` now randomizes input and output order, not BIP69.
2020-09-08 10:14:42 +09:30
Rusty Russell
f34d0b1cf5 plugins/txprepare: create simple variant for "withdraw".
This is a little lazy, but simpler than extracting the common parts
or making withdraw a plugin which calls txprepare (which should be
deprecated soon in favor of fundpsbt etc).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
8d4557938b plugins/txprepare: move functions higher.
Simple moveonly change for next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
6b2a3f4dfb txprepare: remove old code, switch to plugin.
Some minor phrasing differences cause test changes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: txprepare reservations stay across restarts: use fundpsbt/reservepsbt/unreservepsbt
Changelog-Removed: txprepare `destination` `satoshi` argument form removed (deprecated v0.7.3)
2020-09-08 10:14:42 +09:30
Rusty Russell
3b1a226f67 txprepare: add txsend functionality.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
522459ba6e txprepare: add txdiscard functionality.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
74c6307c54 plugins/txprepare: use utxopsbt to handle utxos arg.
Very similar to fundpsbt, but takes 'utxos' instead of 'minconf'.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
8d5ff210bf txprepare: a plugin to replace txprepare (not yet active).
This uses `fundpsbt` and similar to simulate the txprepare command.
It has one difference (when complete), in that it those reservations
are now timed and don't get reset on restart.

It also doesn't have the restriction that `all` can only be used with
no other output, as I didn't realize that when I implemented it!

Note that change is now inserted in a random position, not sorted
into BIP69 order.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 10:14:42 +09:30
Rusty Russell
c34c055d82 Makefile: use completely separate spec-derived files for EXPERIMENTAL_FEATURES
This avoids overwriting the ones in git, and generally makes things neater.

We have convenience headers wire/peer_wire.h and wire/onion_wire.h to
avoid most #ifdefs: simply include those.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 09:42:00 +09:30
Christian Decker
31c67f1392 bcli: Avoid tal_fmt when handling a raw hex block
We were using `tal_fmt` to truncate off the last byte of the
response (newline), which required an allocation, a call to `vsnprintf` and a
copy of the block contents. This being >2MB in size on mainnet was rather
expensive.

We now just signal the end of the string by overwriting the trailing newline,
and stealing directly onto the result.
2020-09-02 13:21:32 +02:00
Rusty Russell
0c7d04bd98 libplugin-pay: fix default CLTV.
This was changed recently, but without a bolt quote, we didn't find
this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-02 06:59:13 +09:30
Rusty Russell
1746406e41 Makefile: normalize all the Makefiles
We create ALL_PROGRAMS, ALL_TEST_PROGRAMS, ALL_C_SOURCES and
ALL_C_HEADERS.  Then the toplevel Makefile knows which are
autogenerated (by wildcard), so it can have all the rules to clean
them or check the source as necessary.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
Rusty Russell
8150d28575 Makefile: use generic rules to make spec-derived sources.
Now we use the same Makefile rules for all CSV->C generation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
ZmnSCPxj jxPCSnmZ
932709cad9 plugins/libplugin-pay.c: Micro-optimize start_block sampling.
Using `waitblockheight 0` is a very slightly faster query than `getinfo`.
Also, avoid querying blockheight for child payments (allow `waitblockheight`
paymod to provide the blockheight returned from the `waitblockheight`, and
just resample the starting blockheight from the parent).

Changelog-None: pointless micro-optimization
2020-08-28 16:40:27 +02:00
ZmnSCPxj jxPCSnmZ
05daa8e5f3 plugins/libplugin-pay.c: Micro-optimization of plugin_is_finished.
This was checked with `gcc -S -O2` to see how an optimized build
would compile the function.
The original code completed calls into each child (and the `.s`
file showed that GCC 9.x was not smart enough to do early-out).

This modification explicitly does early-out, and avoids call-return
stack overhead for the common case where a payment is an ancestor
of a long line of single-child payments due to retrying.

Changelog-None: pointless micro-optimization
2020-08-28 16:40:27 +02:00
Rusty Russell
496c0dd1e6 common/random_select: central place for reservoir sampling.
Turns out we can make quite a simple API out of it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-28 10:56:50 +09:30
Rusty Russell
12d0d5c185 amount: cleanup usage.
We've got some recently-added primitives which help.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-27 18:16:28 +02:00
Christian Decker
21d87f7075 pay: Implement simple presplit fix for ludicrous amounts
This is the simplest possible fix: increase the target amount until we get
the desired number of parts, while still bucketizing payments together that
are in approximately the same size.

The current logic puts all payments that are in the range x < amount <= 16*x
in the same bucket, making them harder to distinguish.

Changelog-Fixed: pay: The `presplit` modifier now supports large payments without exhausting the available HTLCs.
2020-08-27 10:19:21 +09:30
ZmnSCPxj jxPCSnmZ
128adf0938 plugins/libplugin-pay.c: Round-robin routehints when splitting.
This improves the success rate of `test_mpp_interference_2`, though
still not quite up to the level that we can remove `@flaky` from it.
2020-08-26 09:29:46 +09:30
ZmnSCPxj jxPCSnmZ
c27d7a3110 plugins/libplugin-pay.c: Store the route description, and re-report on failure. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
6468616c02 plugins/libplugin-pay.c: Propagate local_id from parent to child payment object. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
d8678467fa plugins/libplugin-pay.c: Show routes being tried, also print updates to channel hints not just initial creations. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
d89c77c0ce plugins/libplugin-pay.c: Describe the bits of unrecognized failure codes. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
0d2d85ab5f plugins/libplugin-pay.c: Also print events that create new sub-payments. 2020-08-25 12:17:18 +02:00
ZmnSCPxj jxPCSnmZ
98583e84b5 plugins/libplugin-pay.c: Give cmd id and partid for each log message.
Changelog-None: internal debugging

Makes it easier to debug payments with tons of splits.
2020-08-25 12:17:18 +02:00
Rusty Russell
28884864d0 plugins/pay: don't bother parsing nodeid for summary.
We have sanity checks in there that it's a valid point.  Simply store
the JSON token like we do with others.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m2.054s
	user	0m0.114s
	sys	0m0.024s

After:
	real	0m1.781s
	user	0m0.127s
	sys	0m0.013s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
4ba3797923 plugins/pay: iterate the htable properly, not from start each time.
time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m12.447s
	user	0m0.143s
	sys	0m0.008s

After:
	real	0m2.054s
	user	0m0.114s
	sys	0m0.024s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
05636e367e libplugin: do partial parsing instead of memmem hack.
memmem is also O(n^2), though it's faster.  Now we have infrastructure,
let's do incremental parsing.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m13.674s
	user	0m0.131s
	sys	0m0.024s

After:
	real	0m12.447s
	user	0m0.143s
	sys	0m0.008s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
628ae0a15b libplugin: do incremental parsing on lightningd commands.
This doesn't make any difference, since lightningd generally sends us
short commands (command responses are via the rpc loop, which is
already done), but it's harmless.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
3ed03f9c8f common: make json_parse_input API retry friendly.
The jsmn parser is a beautiful piece of code.  In particular, you can parse
part of a string, then continue where you left off.

We don't take advantage of this, however, meaning for large JSON objects
we parse them multiple times before finally having enough to complete.

Expose the parser state and tokens through the API, so the caller can pass
them in repeatedly.  For the moment, every caller is allocates each time
(except the unit tests).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
f2d0a1d406 plugins/bcli: use simplified parser, unify bad JSON paths.
They should all show the complete JSON, so unify them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
80b2e1e298 common: add simple json parse wrapper for the complete cases.
We're going to change the API on the more complete JSON parser, so
make and use a simple API for the easy cases.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-21 09:52:33 +09:30
Rusty Russell
40f17d994c libplugin: don't parse partial JSON repeatedly.
Tested on a test node which had made 50,000 payment, with no optimization.

For comparison, time for 'listsendpays' was 0.983s.

time lightning-cli -R --network=regtest --lightning-dir /tmp/ltests-k8jhvtty/test_pay_stress_1/lightning-1/ listpays > /dev/null

Before:
	real	0m52.415s
	user	0m0.127s
	sys	0m0.044s

After:
	real	0m42.741s
	user	0m0.149s
	sys	0m0.016s

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Fixed: libplugin: significant speedups for reading large JSON replies (e.g. calling listsendpays on large nodes, or listchannels / listnodes).
2020-08-21 09:52:33 +09:30
Rusty Russell
6b39731c6a fundchannel: provide outnum
It's currently always 0, but it won't be once we replace txprepare.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: JSON-RPC: `fundchannel` has new `outnum` field indicating which output of the transaction funds the channel.
2020-08-13 12:37:02 -05:00
ZmnSCPxj jxPCSnmZ
f81611e551 plugins/libplugin-pay.c: Make sure blockheight disagreement does not prevent all future progress.
Blockheight disagreement is signalled with a permanent failure at the
end node, but is actually a transient failure.
2020-08-13 12:50:16 +02:00
Christian Decker
8769f9ed93 pay: Fix final TLV payload if not going through MPP modifiers
Reported-by: ZmnSCPxj
Signed-off-by: Christian Decker <@cdecker>

Changelog-Fixed: pay: Correct a case where we put the sub-payment value instead of the *total* value in the `total_msat` field of a multi-part payment.
2020-08-13 12:50:16 +02:00
ZmnSCPxj jxPCSnmZ
0279be1d13 plugins/libplugin-pay.c: Be less aggressive with advancing through routehints.
Only advance through routehints if no route was found at all, or if the
estimated capacity at the routehint is lower than the amount that we
have to send through the routehint.

Changelog-Fixed: pay: Be less aggressive with forgetting routehints.
2020-08-13 12:50:16 +02:00
Christian Decker
3d902501e5 pay: Group payments by their payment_hash, not by bolt11 string
This is quicker and guaranteed to work even for payments that were not
initiated via an invoice.
2020-08-12 19:10:48 +02:00
Christian Decker
894c886bdd pay: Inherit payment label to all children 2020-08-12 19:10:48 +02:00
Christian Decker
0dcd974d97 pytest: Reproduce #3915 2020-08-12 19:10:48 +02:00
Rusty Russell
fc097b8b48 libplugin: allow commands and options to mark themselves deprecated.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-11 08:43:18 +09:30
Rusty Russell
c85b14f06d libplugin: initialize deprecated in getmanifest.
We currently do it by calling listconfigs, but that may be too late.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-11 08:43:18 +09:30
Vincenzo Palazzo
1521c29fcf listpays mod 1: add destination inside the response when bolt11 is null
Changelog-Added: JSON-RPC: `listpays` now lists the `destination` if it was provided (e.g., via the `pay` plugin or `keysend` plugin)
2020-08-09 16:03:03 +02:00
Vincent
700897f06e listpays: fixed bolt11 null with keysend and update doc command
listpays: make doc-all missed
Changelog-Added: JSON-RPC: `listpays` can be used to query payments using the `payment_hash`
Changelog-Added: JSON-RPC: `listpays` now includes the `payment_hash`
2020-08-09 16:03:03 +02:00
Christian Decker
723b7223b7 pay: Add timestamp of first part to listpays
Changelog-Added: JSON-RPC: The result returned by `listpays` now includes the timestamp of the first part of the payment
2020-08-08 12:53:12 +02:00
ZmnSCPxj jxPCSnmZ
a5fc66c382 plugins/Makefile: Only link in libplugin-pay for plugins that need it.
Changelog-None: cleanup only.

Before this change:

```
$ ls -l plugins/bcli
-rwxrwxr-x 1 zmnscpxj zmnscpxj 1914976 Aug  5 21:54 plugins/bcli
```

After this change:

```
$ ls -l plugins/bcli
-rwxrwxr-x 1 zmnscpxj zmnscpxj 1830552 Aug  5 22:00 plugins/bcli
```

We already duplicate a lot of code between `lightningd` and eeach
builtin plugin because we do not use .so for `common/`, but including
an object file with code that is not referenced in the executable is
fairly low-hanging size optimization fruit.
2020-08-07 10:40:10 +09:30
ZmnSCPxj jxPCSnmZ
4fde45669c plugins/pay.c: Fix the routehints/presplit conflict.
Changelog-Fixed: pay: Fixed a bug where routehints would be ignored if the payment exceeded 10,000 satoshi. This is particularly bad if the payee is only reachable via routehints in an invoice.
2020-08-06 17:36:58 +02:00
Rusty Russell
fa829f23db amount: add amount_msat_scale, amount_msat_ratio, amount_{msat,sat}_div
It's not all that rare to do these operations, and requiring annotations
for it is a little painful.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-06 09:36:47 +09:30
ZmnSCPxj jxPCSnmZ
094eac4e95 plugins/libplugin-pay.c: Properly handle exclusions for routehints with two hops or more.
Arguably a low-priority bug since no current node ever generates routehints longer
than one hop.

However, it is possible as an edge case, if the destination is directly accessible
*and* supports multiple channels, that we route through the destination, one of the
*other* channels it has not in the routehint, to the entry point, and then through
the routehint.

This change removes the risk of the above edge case.

Changelog-None: arguably a low-priority bug.
2020-08-03 15:20:29 +09:30
Antoine Poinsot
905730341a bcli: explicitly check at startup that bitcoind does relay transactions
We've had problems with blocksonly in the past and bitcoind still allows
to use outdated (thus potentially dangerous estimates) while running
bitcoin with -blocksonly.

ZmnSCPxj mentionned that we still don't document this, but i figured
that in this specific case an explicit check and error seems preferable.

Changelog-Added: We now explicitly check at startup that our default Bitcoin backend (bitcoind) does relay transactions.

Proposed-by: ZmnSCPxj <zmnscpxj@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-08-03 12:46:37 +09:30
Antoine Poinsot
5be07c5fe3 bcli: poll getnetworkinfo at startup
This allows us to kill two birds with one stone: once connected, we use
the output of the successful call to do some sanity checks (only
checking the version for now, but more are yet to come!).

Changelog-Added: We now explicitly check at startup the version of our default Bitcoin backend (bitcoind).
Co-Authored-by: ZmnSCPxj <zmnscpxj@protonmail.com>
Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
2020-08-03 12:46:37 +09:30
Christian Decker
a456d08ad0 pay: Be less aggressive when estimating channel capacity
We'd previously take the failed attempt and estimate the failing channel's
capacity at 3/4 of the attempted amount, which is rather aggressive. This
reduces this aggressiveness to use the exact amount tried, but excluding on
equality. This still skips attempting the same route with the same amount, but
also permits attempts that are in the range [3/4, 1] of the failed attempt
amount to still be attempted.
2020-08-03 12:15:08 +09:30
Christian Decker
311594b2cd jsonrpc: Add amount received by recipient to listpays result
We sum up the amounts just like we do with `amount_sent`, however we may have
parts that don't have that annotation, so make it optional.

Suggested-by: Rusty Russell <@rustyrussell>
2020-07-28 16:17:39 +09:30
Christian Decker
d7cca0781d jsonrpc: Add msatoshi argument to sendonion to annotate
While not directly necessary, it still feeds the `listpays` result, and so we
should pass it along if we can, so we don't have to rely solely on the
`amount_sent` field, which includes the fees.

Reported-by: Rusty Russell <@rustyrussell>
2020-07-28 16:17:39 +09:30
Vincent
81fd552e84 plugins/pay: hand bolt11 arg to sendonion if we have one (i.e. for pay)
[ Extracted into standalone patch and comment added by RR ]
2020-07-27 13:11:14 +02:00
Christian Decker
15d1a190a0 pay: Remove duplicate message field
jsonrpc_stream_fail already adds a message field.
2020-07-24 11:35:49 +02:00
Christian Decker
85ec438d34 paymod: Routehintmod signals that we can retry if getroute fails
The shortcut in the retry_mod that we can skip retrying if getroute fails or
we have no result is only valid if the parameters don't change. As we iterate
through the routehints the parameters change, and so we must signal to the
retry_mod that it can retry even in those cases.
2020-07-24 11:35:49 +02:00
Christian Decker
52a8b8f9e7 paymod: Update step before creating child payments
The child payments will sometimes depend on the step of the parent, and making
sure that the parent state is correct before we create the children is
therefore important.
2020-07-24 11:35:49 +02:00
Rusty Russell
2556df5f7c plugins/pay: Exclude the entrypoint to a routehint to avoid cycles
This uses @cdecker's idea of excluding the routehinted channel from the route,
and also consumes the route hints as it goes so that it makes progress.

I don't know if this is correct, but it reliably passes tests/test_pay.py::test_tlv_or_legacy
now.
2020-07-24 11:35:49 +02:00
Christian Decker
56dd18e01e paymod: Iterate through the routehints in order
We store an offset of the current routehint in the modifier data. It gets
incremented on retry, and it gets reset to 0 on split. This is because once we
split we have a different amount and a previously unusable routehint becomes
usable again.
2020-07-24 11:35:49 +02:00
Christian Decker
1e28d661fd paymod: Move application of routehints into its own function
We have two places we need to do that now: in the root payment after we
checked if the destination is reachable, and in any other payment directly in
the initialization-step callback.
2020-07-24 11:35:49 +02:00
Christian Decker
282f19d560 paymod: Simplify routehint data initialization
It was spread over the step callback, but we only need to initialize the
routehints array there, child-payments can just inherit most of the information.
2020-07-24 11:35:49 +02:00
Christian Decker
b78aa3fb25 paymod: Check if destination is reachable at all directly at startup
This does two things: it checks if the destination of the payment is at all
reachable without routehints, and if it is it adds a direct attempt as option
to the routehints in the form of a NULL routehint. It also simplifies the
selection of the routehint since the direct case is no longer special, instead
we just return a NULL routehint as if it were a normal routehint.
2020-07-24 11:35:49 +02:00
Rusty Russell
497b18ba33 paymod: fix typo which can cause memory overrun.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-23 14:57:29 +02:00
Christian Decker
6ada56ca7c paymod: Always initialize p->route
We're using it in a couple of places to see if we even performed the attempt,
so we need to make sure it's initialized.
2020-07-23 10:14:21 +09:30
Christian Decker
899a2e64b0 paymod: Randomly select a routehint, or none at random
The adaptive MPP test was showing an issue with always using a routehint, even
when it wasn't necessary: we would insist on routhing to the entrypoint of the
routehint, even through the actual destination. If a channel on that loop
would result being over capacity we'd slam below 0, and then increase again by
unapplying the route. The solution really is not to insist on routing through
a routehint, so we implement random skipping of routehints, and we rotate them
if we have multiples.
2020-07-23 10:14:21 +09:30
Christian Decker
534536b242 paymod: Consolidate channel_hint creation in channel_hints_update
As the hints get new fields added it is easy to forget to amend one of the
places we create them, since we already have an update method let's use that
to handle all additions to the array of known channel hints.
2020-07-23 10:14:21 +09:30
Christian Decker
e76bf541ad paymod: Fix the routehints being lost when retrying
We were removing the current hint from the list and not inheriting the current
routehint, so we'd be forgetting a hint at each retry. Now we keep the array
unchanged in the root, and simply skip the ones that are not usable given the
current information we have about the channels (in the form of channel_hints).

Fixes #3861
2020-07-23 10:14:21 +09:30
Christian Decker
d289ee64a1 paymod: Add the courtesy +1 to the CLTVs to allow for a new block
This may be related to the issue #3862, however the water was muddied by it
being the wrong error to return, and the node should not expect this courtesy
feature to be present at all...
2020-07-23 10:14:21 +09:30
Christian Decker
e92787a0e2 paymod: Teach the adaptive splitter to respect the HTLC limit
There is little point in trying to split if the resulting HTLCs exceed the
maximum number of HTLCs we can add to our channels. So abort if a split would
result in more HTLCs than our channels can support.
2020-07-23 10:14:21 +09:30
Christian Decker
acdd9b8762 paymod: Teach the presplit modifier to respect the chan HTLC limit
The presplit modifier could end up exceeding the maximum number of HTLCs we
can add to a channel right out the gate, so we switch to a dynamic presplit if
that is the case. The presplit will now at most use 1/3rd of the available
HTLCs on the channels if the normal split would exceed the number of availabe
HTLCs. And we also abort early if we don't have a sufficient HTLCs available.
2020-07-23 10:14:21 +09:30
Christian Decker
a1dc9cbd97 paymod: Track how many HTLCs each channel can still add
It turns out that by aggressively splitting payments we may end up exhausting
the number of HTLCs we can add to a channel quickly. By tracking the number of
HTLCs we can still add, and excluding the channels to which we cannot add any
more we increase the route diversity, and avoid quickly exhausting the HTLC
budget.

In the next commit we'll also implement an early abort if we've exhausted all
channels, so we don't end up splitting indefinitely and we can also optimize
the initial split to not run afoul of that limit.
2020-07-23 10:14:21 +09:30
Christian Decker
eb322b114b plugin: Do not automatically initialize the RPC connection in bcli
Changelog-Fixed: plugin: `bcli` no longer logs a harmless warning about being unable to connect to the JSON-RPC interface.
Changelog-Added: plugin: Plugins can opt out of having an RPC connection automatically initialized on startup.
2020-07-23 10:14:21 +09:30
Vincent
54888d454b Fixed assertion in pay plugin
This PR includes the fix discussed on PR #3855. This fix was tested with the use case described inside the issue and worked.

Fixes: #3855

Changelog-None
2020-07-23 10:14:21 +09:30
Rusty Russell
178415aca7 pay: handle returned errors more gracefully.
The code had incorrect assertions, partially because it didn't clearly
distinguish errors from the final node (which, barring blockheight issues,
mean a complete failre) and intermediate nodes.

In particular, we can't trust the *values*, so we need to distinguish
these by the *sender*.

If a route is of length 2 (A, B):
- erring_index == 0 means us complaining about channel A.
- erring_index == 1 means A.node complaining about channel B.
- erring_index == 2 means the final destination node B.node.

This is particularly of note because Travis does NOT run test_pay_routeboost!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-23 10:14:21 +09:30
Rusty Russell
a849e5f4bd pay: fix problematic sharing of shadow route data.
Because listchannels responses are async, with mpp we can end up
fighting over use of the parent's data giving results from incorrect
final CLTVs to assertion failures like below:

```
pay: plugins/libplugin-pay.c:1964: shadow_route_listchannels: Assertion `amount_msat_greater_eq(p->constraints.fee_budget, d->constraints.fee_budget)' failed.
pay: FATAL SIGNAL 6 (version v0.9.0rc2-11-g29d32e0-modded)
0x563129eb6a15 send_backtrace
	common/daemon.c:38
0x563129eb6abf crashdump
	common/daemon.c:51
0x7fe37c8b920f ???
	???:0
0x7fe37c8b918b ???
	???:0
0x7fe37c898858 ???
	???:0
0x7fe37c898728 ???
	???:0
0x7fe37c8a9f35 ???
	???:0
0x563129ea5c63 shadow_route_listchannels
	plugins/libplugin-pay.c:1964
0x563129e9c56a handle_rpc_reply
	plugins/libplugin.c:547
0x563129e9cbfa rpc_read_response_one
	plugins/libplugin.c:662
0x563129e9ccf0 rpc_conn_read_response
	plugins/libplugin.c:681
0x563129ece660 next_plan
	ccan/ccan/io/io.c:59
0x563129ecf245 do_plan
	ccan/ccan/io/io.c:407
0x563129ecf287 io_ready
	ccan/ccan/io/io.c:417
0x563129ed151f io_loop
	ccan/ccan/io/poll.c:445
0x563129e9ef03 plugin_main
	plugins/libplugin.c:1284
0x563129e9b099 main
	plugins/pay.c:2010
0x7fe37c89a0b2 ???
	???:0
0x563129e9452d ???
	???:0
0xffffffffffffffff ???
	???:0
```
2020-07-23 10:14:21 +09:30
Christian Decker
f950153f98 paymod: Fix the adaptive splitter partitioning
We were using the current constraints, including any shadow route and other
modifications, when computing the remainder that the second child should
use. Instead we should use the `start_constraints` on the parent payment,
which is a copy of `constraints` created in `payment_start` exactly for this
purpose.

Also added an assert for the invariant on the multiplier.
2020-07-23 10:14:21 +09:30
Christian Decker
cb20dfc59e paymod: Do not duplicate partids
When using mpp we need to always have partids>0, since we bumped the partid
for the root, but not the next_id we'd end up with partid=1 being
duplicated. Not a big problem since we never ended up sending the root to
lightningd, instead skipping it, but it was confusing me while trying to trace
sub-payment's ancestry.
2020-07-23 10:14:21 +09:30
Christian Decker
7b4e70effa paymod: Consolidate step selection and changes in presplit modifier
We skip most payment steps and all sub-payments, so consolidate the skip
conditions in one if-statement. We also not use `payment_set_step` to skip any
modifiers after us after the step change.
2020-07-23 10:14:21 +09:30
Christian Decker
e1c6b977b4 paymod: Add a log entry whenever we add a channel hint
Mainly used for testing so we make sure we exclude or constrain the correct
channels. Test to follow.
2020-07-23 10:14:21 +09:30
Christian Decker
0ca2c6b9f3 paymod: Rewrite the shadow-route constraint enforcement
We now check against both constraints on the modifier and the payment before
applying either. This "fixes" the assert that was causing the crash in #3851,
but we are still looking for the source of the inconsistency where the
modifier constraints, initialized to 1/4th of the payment, suddenly get more
permissive than the payment itself.
2020-07-23 10:14:21 +09:30
Christian Decker
c0d70cdfc7 paymod: Add invariant verification for constraints on shadowroute
This was highlighted in #3851, so I added an assertion. After the rewrite in
the next commit we would simply skip if any of the constraints were not
maintained, but this serves as the canary in the coalmine, so we don't paper over.
2020-07-23 10:14:21 +09:30
Christian Decker
157e70ffe8 paymod: Add a comment about how we derive errors from erring_index
Mainly to help my future self remember
2020-07-23 10:14:21 +09:30
Christian Decker
b2463b12c0 paymod: Count all attempts, not just the ones with a result
With the presplitter in particular we would have n attempts but the array
contains n+1 entries, which is kinda weird.
2020-07-23 10:14:21 +09:30
Christian Decker
c984376a15 plugin: Always set an end_time for payments in a final state
Reported-by: @thestick613
Fixes #3848
2020-07-18 17:21:11 +02:00
Christian Decker
65ca634528 plugin: Fix misspelled COMPAT_V090 compile guards 2020-07-18 11:40:02 +02:00
Christian Decker
2146a548bd plugin: Do not return multiple times from pay
While we were unsetting the `payment->cmd` in case of a success to signal that
we should not return to the JSON-RPC command twice, we were not doing that in
the case of failures. This was causing multiple responses to a single incoming
command, and `lightningd` was correctly killing the plugin. This issue was
introduced through early returns (anything setting `payment->abort=true`) and
was caused in Rusty's case through an MPP timeout.

Fixes #3847
Reported-by: Rusty Russell <@rustyrussell>
Signed-off-by: Christian Decker <@cdecker>
2020-07-18 11:40:02 +02:00
Christian Decker
958244367c plugin: Do not get upset if it can't parse waitsendpay result
We were rather pedanticly failing the plugin if we were unable to parse the
`waitsendpay` result, but had coded all the modifiers in such a way that they
can handle a `NULL` result (verified in the code and manually by randomly
failing the parsing). So we now just log the result we failed to parse and
merrily go our way.

Worst case is that we end up retrying the same route multiple times, since we
can't blacklist any nodes / channels without understanding the error, but that
is still in the scope of what we must handle anyway.
2020-07-18 11:40:02 +02:00
Christian Decker
3b54847ae4 paymod: Do not assume that parsing the waitsendpay result succeeds
Suggested-by: ZmnSCPxj
Signed-off-by: Christian Decker
Reference: #3846
2020-07-18 11:40:02 +02:00
Christian Decker
a3610d66ac retrymod: Make retry modifier slightly more verbose
I found it rather useful to trace how a payment is getting retried in the logs.
2020-07-15 11:32:58 +02:00
Christian Decker
041ee930a4 mpp: Consider an abort as the payment being finished
If one part sets the root to be aborted, there is little point in continuing
to wait for the remainder, return to the caller immediately.
2020-07-15 11:32:58 +02:00
Christian Decker
718b6e3398 mpp: Detect if destination supports MPP from invoice and abort early
We abort on the root since that is the coordination point for all parts of the payment.
2020-07-15 11:32:58 +02:00
Christian Decker
de75d3ac0c mpp: Add CLI option to opt-out of multi-part payments
Several tests are not well-suited for mpp, so I added a CLI option to opt-out
of the MPP support at startup time.
2020-07-15 11:32:58 +02:00
Christian Decker
a287bbe55d mpp: Enable adaptive splitter
Changelog-Added: The adaptive multi-part payment modifier will split payments that are failing due to their size into smaller parts, and re-attempted.
2020-07-15 11:32:58 +02:00
Christian Decker
535aaca109 paymod: Implement adaptive splitter
This modifier splits a payment that has been attempted a number of times (by a
modifier earlier in the mod chain) and has failed consistently. It splits the
amount roughly in half, with a but if random fuzz, and then starts a new round
of attempts for the two smaller amounts.
2020-07-15 11:32:58 +02:00
Christian Decker
443643e0b0 retrymod: Reset retry counter if parent is a split
If the parent is a split we have new payment parameters, and want to perform a
number of attempts with those.
2020-07-15 11:32:58 +02:00
Christian Decker
d0eb3a79eb paymod: Not having a result doesn't mean we failed at getroute
Specifically if we split, there is no result, but we shouldn't add a failure
message.
2020-07-15 11:32:58 +02:00
Christian Decker
b813974e13 mpp: Add the presplit MPP modifier
Changelog-Added: The MPP presplit modifier splits large payments into 10k satoshi parts to maximize chances of performing the payment and to obfuscate the overall amount being sent.
2020-07-15 11:32:58 +02:00
Christian Decker
3f399d15cb paymod: Don't assume that the first payment was executed at all
With the `presplit`-modifier we actually skip execution of the root altogether
which results in the root not having a result at all. Instead we should use
the result returned by `payment_collect_result`.
2020-07-15 11:32:58 +02:00
Christian Decker
c97ff05ffb mpp: Add the presplit-modifier that splits a root payment first 2020-07-15 11:32:58 +02:00
Christian Decker
7f53ade64b paymod: Allow callers to opt out of shadow routing amount fuzzing
With MPP we require that the sum of parts is equal to the `total_msat` amount
declared in the onion. Since that can't be changed once the first part arrives
we need a way to disable amount fuzzing for MPP.
2020-07-15 11:32:58 +02:00
Rusty Russell
899ec2b3d4 JSON API: fix up two existing warnings to be conformant.
Technically an API break, but nobody relies on these I hope!

Note that the feerates warning was buried inside the style object:
it should be top-level.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-14 21:28:26 +02:00
Christian Decker
65963bc003 exemptfee: Only apply to the root payment and fix logs
We were applying the fee exemption to all payments individually, which is ok
until we switch to MPP, where amounts change. Also the log entry was referring
to the total amount, and not the fee of the payment.
2020-07-14 06:25:29 +09:30
Christian Decker
9be4d552fa paymod: Add a bit more information to the pay response
Amount, parent_part_id  and own partid can be helpful when debugging.
2020-07-14 06:25:29 +09:30
Christian Decker
6f40cb0202 paymod: Inherit exemptfee modifier data on retry 2020-07-14 06:25:29 +09:30
Christian Decker
b88a55b2a4 paymod: Only wait on blockheight if we need to
We were wrongfully identifying all payment failures as blockheight mismatches.
2020-07-14 06:25:29 +09:30
Christian Decker
f20091fc72 pay: Do not duplicate "message" field in response to pay 2020-07-14 06:25:29 +09:30
Christian Decker
411b760985 paymod: Reset the step if we're waiting for a block
This was causing the state flapping test to fail, since we were yielding
control of the io_loop, waiting for the blockheight to be reached, and not
setting the status beforehand. An interim `paystatus` call would then find a
failed leaf and deduce the entire payment failed. Setting it back to the
previous state keeps the overall payment pending while we wait.
2020-07-14 06:25:29 +09:30
Christian Decker
02e44e9903 paymod: Set the STOPPED_RETRYING status code if we stopped retrying 2020-07-14 06:25:29 +09:30
Christian Decker
5776a33116 paymod: Activate paymod and move legacy pay to legacypay command
As suggested during the paymod-03 review it is better to activate the new code
right away, and give users an escape hatch to use the legacy code instead. The
way I implemented it allows using either `legacypay` or `pay` and then set
`legacy` to switch to the other implementation.

Changelog-Added: JSON-RPC: The `pay` command now uses the new payment flow, the new `legacypay` command can be used to issue payment with the legacy code if required.

Suggested-by: Rusty Russell <@rustyrussell>
Suggested-by: ZmnSCPxj <@zmnscpxj>
2020-07-14 06:25:29 +09:30
Christian Decker
514c4044c8 tlv: Allow passing a raw pointer and a length to tlvstream_set_raw
Allows us to do fewer allocations, since the argument doesn't have to be tal
allocated itself.

Suggested-by: Rusty Russell <@rustyrussell>
2020-07-13 14:19:16 +02:00
Christian Decker
7978a13cae doc: Add a man-page for the new keysend command 2020-07-13 14:19:16 +02:00
Christian Decker
01a475161d paymod: Implement keysend sending support as a native RPC command
This makes use of the payment modifier structure to just add the preimage to
the TLV payload for the last hop.

Changelog-Added: JSON-RPC: The `keysend` command allows sending to a node without requiring an invoice first.
2020-07-13 14:19:16 +02:00
Rusty Russell
a9427f1a8d bitcoin/feerate: new exposure for feerate parsing outside lightningd.
This exposes the numeric part of param_feerate() as param_feerate_val().

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-07-08 21:07:20 +02:00
Christian Decker
af4955c28e paymod: Fix waitsendpay error parsing for unknown failure codes
It turns out that the `failcodename` doesn't get populated if the `failcode`
isn't a known error from the enum (duh...) so don't fail parsing if it's
missing.
2020-07-07 23:25:45 +02:00
Christian Decker
5daa5bd61e paymod: Fix the onion payload construction
I wrongly used a pointer to the array that'd move on append, so an extra
dereference was required here.
2020-07-07 23:25:45 +02:00
Christian Decker
0aa5c197ec pytest: Fix tests broken by the pay and paystatus changes
This commit collects the changes required to the tests caused by the changes
to the `pay` and `paystatus` commands. They are also rather good hints as to
what these changes entail.
2020-07-07 23:25:45 +02:00