Commit Graph

643 Commits

Author SHA1 Message Date
Rusty Russell
1f9103c9d3 daemon: rename num_htlcs to commit_tx_counter.
Much clearer name.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:43:15 +10:30
Rusty Russell
983000428f daemon: rename CMD_SEND_HTLC_UPDATE to CMD_SEND_HTLC_ADD
There are other updates than just adding an HTLC; make this explicit.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:42:15 +10:30
Rusty Russell
4f67b59c26 protocol: rename routefail to fail.
It's a generic "I couldn't complete this" failure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:41:15 +10:30
Rusty Russell
40361e3dd8 state: explicit callback to check pkt_open_complete.
For now, this always succeeds, but include the hook for completeness.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:39:15 +10:30
Rusty Russell
a2f4000d22 state: cleanup after anchor has been transmitted.
If something goes wrong after we've broadcast the anchor tx, we need to use
the commit tx to spend it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:38:15 +10:30
Rusty Russell
35ab923163 peer: fix dangling peer->current_htlc->htlc pointer.
It currently points into freed memory once we've make_commit_txs; we
don't currently dereference it after that, but I did in some test code
and got a surprise.  Make a copy in all cases where we set it, so
there can't be lifetime problems.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:36:15 +10:30
Rusty Russell
3fbee72f3a daemon/test: make --verbose flag less verbose.
Just print out the commands we do, not -x which gives TMI.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:35:15 +10:30
Rusty Russell
ae82c0a12c daemon/test: Make --gdb1/--gdb2 actually work, clean up params.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:34:15 +10:30
Rusty Russell
16a7e3dc97 daemon/test: always test with valgrind, don't print errors unless a problem.
Unfortunately this seems to require longer sleeps.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:33:15 +10:30
Rusty Russell
b280cab6b0 Makefile: clean daemon files with make clean.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:32:15 +10:30
Rusty Russell
c1d1b360bf daemon: add memcheck() in various places where we expect things to be initialized.
This just causes valgrind to warn sooner.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:31:15 +10:30
Rusty Russell
ab1176d218 jsonrpc: rename "id" to "peerid" everywhere.
To be distinct from HTLC ids.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:30:15 +10:30
Rusty Russell
48a4ec88dd daemon/test/test.sh: remove -x flag, add --verbose option.
--verbose also turns on grep outputs.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-03-08 10:29:15 +10:30
Rusty Russell
862509637b daemon: implement unilateral commit.
This is only for the simple case where there are no HTLCs.

We group the current commit information together in the struct;
this involves a trivial transform from peer->cur_commit_theirsig to
peer->cur_commit.theirsig.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
27eedc9f51 patch bitcoind_get_mediantime.patch 2016-01-22 06:45:28 +10:30
Rusty Russell
6afe3f718d daemon: bitcoind callback gives the blockhash the tx was included in.
This is required for transactions which use OP_CSV to lock outputs for
a given amount of time: we need to know the mediantime of the block
they were included into.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
b70c18a40e daemon: implement anchor watch timeout.
We abort when this happens, but still worth testing.

This involves a refactor so we can allocate watches off a specific context,
for easy freeing when they're no longer wanted.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
4e5ced4de2 daemon: don't crash on pkt_err
We're about to test it, for anchor timeout.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
168ed96b12 daemon: close command.
This performs a mutual close.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
45c5c83d6f daemon: exit main loop to free dead peers.
When a peer is finally to be freed (ie. STATE_CLOSED), doing this
inside the state logic is a bit fraught.  We're better off exiting the
io loop and freeing it there.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
f690be1e83 daemon: dev-crash command.
Causes us to dump in crash.log.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
212f8ee022 daemon: fail if we enter an error state.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
b76858c1a1 daemon: implement HTLC expiry.
We do the simplest thing: a timer goes off, and we check all HTLCs for
one which has expired more than 30 seconds ago.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
1018823f97 daemon: HTLC expiry limits.
Don't accept an HTLC which is about to expire, nor one which will take
too long to expire.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
a3e3f83d9f daemon: dev-mocktime command
Useful for precise timing control for testing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
f3c5aa7634 daemon: don't close conn until we've sent all the output packets.
Otherwise we won't finish the conversation.  In fact, only the writer
side should ever close: we wake it if we want to close and it tests
peer->cond.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
8b666ea449 daemon: queue commands rather than executing them immediately.
When the only commands are via JSON, you might argue that we should
simply insist the user not operate on the same peer in parallel.  That
would suck, and also we need to handle the case of a command from
a timer (eg. HTLC expiry!) or a bitcoin event.

So, we need a queue for commands, but also we need to do some of the
command checking just before the command runs: the HTLC we're dealing
with might have vanished for example.

The current command is wrapped in an anonymous "curr_cmd" struct
for extra clarity.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
2346f6bf14 daemon: routefail command.
This should be renamed: it's actually any kind of after-the-fact failure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
86f4bd772c daemon/test/test.sh: check_status() helper for HTLC status checks.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
1e82799852 daemon: fulfillhtlc command
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
17359279b2 daemon: getpeers: list HTLCs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
e1f772a443 peer: implement committed_to_htlcs().
Simply count how many HTLCs are in our current funding state.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:28 +10:30
Rusty Russell
9efdbbb21b peer: use funding.h's struct channel_htlc.
Instead of our own fields for the current htlc.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
fc4c94cb06 daemon: simple close support for the case of one side closing transaction.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
6ba5c3cc3b timeout: oneshot timer support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
9f560a9494 daemon: --closing-fee
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
6bdaa5d1ca daemon: newhtlc command.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
645958920e peer: make_commit_txs() helper.
We need to call it in several places, so unify it into a single function.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
5acb3c9848 daemon: dev-rhash command.
Useful for creating SHA256(r) from scripts.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
8f0e10309a daemon: --bitcoind-poll=<seconds>
Speeds up testing significantly.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
6443629f6a daemon/test/test.sh: add --valgrind and --gdb options.
We add a second to the sleep, as valgrind can be a little slow.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
f5538bd1d2 daemon: test scripts.
We comment out the peer_create_close_tx() abort for now, so we
can test.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:27 +10:30
Rusty Russell
3c9fd4fbe6 daemon: code to open channel and watch anchor.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:45:05 +10:30
Rusty Russell
ecbe671688 peer: keep current commit txs, anchor state, channel funding and their sig.
This lets us implement accept_pkt_anchor().

Also had to predeclare sha256 in commit_tx.h, revealed by the new
includes.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:27 +10:30
Rusty Russell
871e4d5172 secrets: peer_sign_theircommit() helper.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:26 +10:30
Rusty Russell
90e381f750 bitcoind: try gettransaction as well as getrawtransaction.
Because with walletbroadcast=0, getrawtransaction doesn't see them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:26 +10:30
Rusty Russell
ae04116883 daemon: send open_pkt on initialization.
This gets us to the creation of the anchor transaction, where we stop.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:25 +10:30
Rusty Russell
12b9d39b76 daemon: store revocation hashes in the peer_visible_state structure.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:24 +10:30
Rusty Russell
abc002ff15 daemon: add state.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:44:13 +10:30
Rusty Russell
a5e08e7f79 lightning-cli: give error message when lightningd produces non-object response.
Nicer than assert() failing without showing the response.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
0dbbd81430 bitcoind: tell bitcoind_poll_transactions's callback if tx is a coinbase.
In this case, the inputs aren't valid transactions, so don't try to
find them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
5b9f8d8bbd bitcoind: serialize requests.
bitcoind has a limit of 16 requests at once, by default, so our simplest
solution is to serialize them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
980d0d2bf1 bitcoind: warn if their bitcoin config not on testnet/regtest.
Otherwise you get weird errors as bitcoind refuses our testnet addresses.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
34e32978b8 bitcoind: warn if their bitcoin config doesn't have walletbroadcast=0.
Because we use the bitcoin wallet to create the anchor transaction, we
need to make sure it doesn't broadcast it; safest to check their config
for the option.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
c51a8d804f bitcoind: routine to send to a specific address.
We use this to create our anchor payment.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
c0766061fa dns: don't allow non-stream sockets.
It was "connecting" to "localhost 30000" successfully, because it was
using UDP.  Oops.

This reveals another issue: init_conn() uses the wrong address to
connect to, as we'd already incremented the pointer in try_connect_one().

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
d5328c7577 bitcoind: routine to broadcast a transaction.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
fc49e3fd74 daemon: rename 'state' to 'dstate' everywhere.
This is the daemon state, not the state machine state.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
b04392609a daemon: encapsulate each side's state in a struct.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
0376e08fea daemon: peer needs to know who offered the anchor.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
e9237f94b1 daemon/watch: API to watch various bitcoin transactions.
This uses the functions in bitcoind to provide callbacks when various
things happen.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
5ec8ff91e4 daemon/bitcoind: communication with bitcoind.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
24602459b1 daemon/config: add testnet.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
d303393d67 daemon/peer: save their commit key too.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
a5aa7b9abd daemon: config file support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:49 +10:30
Rusty Russell
bf3080ca09 secrets: handle per-peer secrets as well.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
08ccb4b6f0 getpeers: new command.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
d8959b3117 peer: make connect command an async command.
So it can return failure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
366f8a5f3f dns: add failure callback.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
d68ae0b612 jsonrpc: adapt it to be async.
This allows for JSON commands which aren't instantaneous.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
74f294e36c daemon: encrypted communication (version 3)
After useful feedback from Anthony Towns and Mats Jerratsch (of
thunder.network fame), this is the third version of inter-node crypto.

1) First, each side sends a 33-byte session pubkey.  This is a
   bitcoin-style compressed EC key, unique for each session.
  
2) ECDH is used to derive a shared secret.  From this we generate
   the following transmission encoding parameters for each side:
   Session AES-128 key: SHA256(shared-secret || my-sessionpubkey || 0)
   Session HMAC key: SHA256(shared-secret || my-sessionpubkey || 1)
   IV for AES: SHA256(shared-secret || my-sessionpubkey || 2)

3) All packets from then on are encrypted of form:
	/* HMAC, covering totlen and data */
	struct sha256 hmac;
	/* Total data transmitted (including this). */
	le64 totlen;
	/* Encrypted contents, rounded up to 16 byte boundary. */
	u8 data[];

4) The first packet is an Authenticate protobuf, containing this node's
   pubkey, and a bitcoin-style EC signature of the other side's session
   pubkey.

5) Unknown protobuf fields are handled in the protocol as follows
   (including in the initial Authenticate packet):

   1) Odd numbered fields are optional, and backwards compatible.
   2) Even numbered fields are required; abort if you get one.

Currently both sides just send an error packet "hello" after the
handshake, and make sure they receive the same.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
9449f387ac daemon: primitive privkey handling.
Eventually this will be in a separate process, etc.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
29c8611e53 daemon: add helper to log hex.
Good for keys; eventually we'll want to log structures by type though.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
14cbcd467f daemon: add global secp256k1 context for easy access.
This caches the tables, so you're not supposed to regenerate it all
the time.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
2df28021ac daemon: command to connect
Now we can connect two daemons to each other.  Who both say Hello! and
close.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
39120b3ac6 daemon: async DNS lookups.
Also based on pettycoin code.

(With embarrassing bug fixed where it didn't increment the address used,
 thus using 100% CPU if that connect failed!)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
e4224f72d4 daemon: netaddr
Structure for a net address.  We can expand it later to cover exotic
address types (Tor?).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
469401610f daemon: socket code.
At the moment, if you connect it just says Hello! and closes the socket.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
c28a9ce6c7 daemon: lightning-cli
Minimal possible implementation; not real parsing or pretty printing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
9ccb51c93f daemon: UNIX domain socket for JSON-based control.
Also taken from pettycoin. 

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
6ccfcf4477 daemon: timeout structure for IO.
For better or worse, the ccan/timer structure is completely minimal,
and designed to be wrapped inside a container structure.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
aed857a30c json: routine to create a uint64_t field.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
725512fb03 json: parse bitcoind-style bitcoin amount.
Always of form d*.dddddddd; we turn that into satoshis, because we're
sane.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
06a25887da json: routine to parse a uint64_t.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
ac4491909c daemon/json: helpers for using jsmn.
Also taken from pettycoin.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
0c81b0918a daemon/jsmn: build the module.
Can't build inside the submodule, as that makes it dirty.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
378dadc371 daemon: configuration directory (default ~/.lightning).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
7b766f4bc8 daemon: fatal() function.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:48 +10:30
Rusty Russell
89f1f1548e daemon: dump logs on crash.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
117cf6b02d daemon: add logging options.
Particularly logging to file.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
3e77c55a3b Makefile: add daemon source sanity checks.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
dd35260ce8 daemon: first code.
Logging code based heavily on pettycoin's.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:41:47 +10:30
Rusty Russell
deb2e7b654 daemon/jsmn: Add submodule for jsmn.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2016-01-22 06:37:13 +10:30