Commit Graph

312 Commits

Author SHA1 Message Date
Rusty Russell
0e805427dc tools/generate-wire.py: strip trailing whitespace on lines, fix bolt quotes.
There's a lot of it, and it means we can't `make check-source` on
these files.

Also bring bolt quotes up-to-date.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-09 16:23:58 +09:30
ZmnSCPxj jxPCSnmZ
06b44f00a3 onchaind/onchaind.c: Implement scorch-the-earth.
Fixes: #3832

Changelog-Changed: onchaind: We now scorch the earth on theft attempts, RBFing up our penalty transaction as blocks arrive without a penalty transaction getting confirmed.
2020-09-09 12:38:19 +09:30
ZmnSCPxj jxPCSnmZ
abc585b7a4 onchaind/onchain_wire.csv: Allow suppression of auto-rebroadcasting for RBF txes created by onchaind. 2020-09-09 12:38:19 +09:30
ZmnSCPxj jxPCSnmZ
34bf0133f2 onchaind/onchaind_wire.csv: Propagate minimum relay fee to onchaind. 2020-09-09 12:38:19 +09:30
Rusty Russell
d8e8426b52 Makefile: remove EXPERIMENTAL_FEATURES marker from generated files
We're going to make experimental versions of these completely separate files.

Also remove the dependency on the Makefile itself: it simply causes
unnecessary churn.  We can always force-rebuild when we change a rule.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-08 09:42:00 +09:30
Rusty Russell
82f2f43425 Generated files: more merge fallout.
We changed the generation templates!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-09-02 11:10:21 +09:30
Rusty Russell
3c6af3efb4 Makefile: commit and preserve all the wiregenerated files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Changed: Build: we no longer require extra Python modules to build.
2020-08-31 21:33:26 -05:00
Rusty Russell
1746406e41 Makefile: normalize all the Makefiles
We create ALL_PROGRAMS, ALL_TEST_PROGRAMS, ALL_C_SOURCES and
ALL_C_HEADERS.  Then the toplevel Makefile knows which are
autogenerated (by wildcard), so it can have all the rules to clean
them or check the source as necessary.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
Rusty Russell
8150d28575 Makefile: use generic rules to make spec-derived sources.
Now we use the same Makefile rules for all CSV->C generation.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-31 21:33:26 -05:00
Rusty Russell
3e52d4100d common: convert to new wire generation style.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-25 12:53:13 +09:30
Rusty Russell
fe8564555f closingd: convert to new wire generation style.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-25 12:53:13 +09:30
Rusty Russell
1702c7a69a hsmd: convert to new wire generation style.
Note that other directories were explicitly depending on the generated
file, instead of relying on their (already existing) dependency on 
$(LIGHTNINGD_HSM_CLIENT_OBJS), so we remove that.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-25 12:53:13 +09:30
Rusty Russell
6e4e267f2c doc: update BOLT now option_anchor_outputs is merged.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-24 20:55:47 +09:30
Rusty Russell
c753561d24 onchaind: recognize the to-remote output if option_anchor_outputs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
a730cbdc96 onchaind: recognize (and ignore) anchor outputs.
Without this, onchaind fails to identify them.  So onchaind now needs
to know the funding pubkeys.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
a5d0c14d4d option_anchor_outputs: wire into all the subdaemons.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
d8d1014ca4 channeld: implement htlc sig checking changes for option_anchor_outputs.
This is best done by passing `struct bitcoin_signature` around instead
of raw signatures.  We still save raw sigs to the db, and of course the
wire protocol uses them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
85e3b43176 channeld, openingd: take into account option_anchor_outputs for fees.
HTLC fees increase (larger weight), and the fee paid by the opener
has to include the anchor outputs (i.e. 660 sats).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
7a2f964d43 hsmd: take option_anchor_outputs flag for HTLC signatures.
They are to be signed with SIGHASH_SINGLE|SIGHASH_ANYONECANPAY.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
05c3a9bf12 script: change htlc output scripts if option_anchor_outputs.
For the moment, everyone passes "false".

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
edf60b4f9e openingd: remember if we negotiated option_anchor_outputs, to put in the db.
And hand it through to channeld just like option_static_remotekey.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-08-14 11:51:14 +09:30
Rusty Russell
93d04d08d0 wire: update to latest version of the spec.
The main change here is that the previously-optional open/accept
fields and reestablish fields are now compulsory (everyone was
including them anyway).  In fact, the open/accept is a TLV
because it was actually the same format.

For more details, see lightning-rfc/f068dd0d8dfa5ae75feedd99f269e23be4777381

Changelog-Removed: protocol: support for optioned form of reestablish messages now compulsory.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-06-23 18:49:15 +02:00
niftynei
f9300e8480 tx: add setter for tx locktime
We need to update the psbt's global transaction simultaneously, so we
wrap access to the locktime in a method which will handle both
2020-06-11 13:13:13 +02:00
niftynei
dc868630a8 tx-psbt: pass in the witness script (if known) when adding an input
Update the `bitcoin_tx_add_input` interface to accept a witness script
and or scriptPubkey.

We save the amount + witness script + witness program (if known) to
the PSBT object for a transaction when creating an input.
2020-06-11 13:13:13 +02:00
niftynei
a04f0fe250 psbt: remove input_amounts from bitcoin tx
Instead we will stash them into the PSBT as a utxo/witness record (which
includes the amount)
2020-06-11 13:13:13 +02:00
Rusty Russell
48853ec954 onchaind: use tx_parts for initial tx.
For the moment it's a complete tx, but in future designs we might only
be given the specific input which closes the channel.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-27 10:12:03 +09:30
Rusty Russell
abba59057c onchaind: remove chainparams args in favor of global.
Otherwise this creates noise for the next patch which switches the initial
`struct bitcoin_tx` into a `struct tx_parts`.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-27 10:12:03 +09:30
Rusty Russell
48f397ee19 onchaind: receive a tx_parts instead of a tx when a tx is seen onchain.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-27 10:12:03 +09:30
niftynei
559f88faa1 psbt: add serialize to/from wire for psbts 2020-05-21 18:45:07 +09:30
niftynei
b076f40cf3 psbt: move witness script storage into the psbt
we can now keep associated witness data with the output in the psbt
struct, so we do that.
2020-05-21 18:45:07 +09:30
Rusty Russell
b920d4d21b wire: make fromwire_fail return non-const, use it more
It returns NULL, so you can simply `return fromwire_fail(...)`
if you want to return NULL in this case.  Use that more.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-20 11:36:13 +02:00
niftynei
fbe50e087a setup: create a common setup which will handle the wally-context
Since we now over-write the wally malloc/free functions, we need to do
so for tests as well. Here we pull up all of the common setup/teardown
logic into a separate place, and update the tests that use libwally to
use the new common_setup core

Changelog-None
2020-05-19 13:35:42 +09:30
Rusty Russell
cfb320c972 wire: move remaining bitcoin functions out to bitcoin/ files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
197d1bcef2 wire: move towire/fromwire_short_channel_id out to bitcoin/short_channel_id.c
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
13356b75bf wire: move towire/fromwire_amount from wire/ into common/amount.c
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
4dbfce6057 wire: move towire/fromwire_preimage out to bitcoin/preimage.c.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
27220646c3 common/wire: move bitcoin-specific marshalling functions into bitcoin files.
We did this originally because these types are referred to in the bolts, and we
had no way of injecting the correct include lines into those.  Now we do, so
there's less excuse for this.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
Rusty Russell
fda5f0b427 common/channel_id: move channel_id into its own file.
The definition was in wire/wire.h, and helper functions in fromwire.c!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-18 14:51:12 +02:00
lisa neigut
b881f7337e make the experimental features branch work ok 2020-05-12 15:46:58 +09:30
lisa neigut
8acbbca05d coins: use the chain's BIP173 name instead of a 'unit of account'
Updates the unit of account to be the chain_id, which is the BIP173 name
of the chain that the coins moved on.

Suggested-By: @rustyrussell
2020-05-12 15:46:58 +09:30
lisa neigut
de065580f6 coins: update API surface for creating coin movements
Canonicalize the signature for the 'tag-type' of coin moves by unique
constructor/method calls.

Suggested-By: @rustyrussell
2020-05-12 15:46:58 +09:30
lisa neigut
087ab166b3 coins, fix: don't crash if the to_us amount is greater than our_msat
It's possible for our peer to publish a commitment tx that has already
updated our balance for an htlc before we've completed removing it from
our commitment tx (aka before we've updated our balance). This used to
crash, now we just update our balance (and the channel balance logs!)
and keep going.

If they've removed anything from our balance, we'll end up counting it
as chain_fees below. Not ideal but fine... probably.
2020-05-12 15:46:58 +09:30
lisa neigut
e9d26a46e0 coin moves: actually record the blockheight for all chain moves
Previously we were annotating every movement with the blockheight of
lightningd at notification time. Which is lossy in terms of info, and
won't be helpful for reorg reconciliation. Here we switch over to
logging chain moves iff they've been confirmed.

Next PR will fix this up for withdrawals, which are currently tagged
with a blockheight of zero, since we log on successful send.
2020-05-12 15:46:58 +09:30
lisa neigut
9caf20f636 coin moves: don't log coin moves in onchaind if we're replaying
On node start we replay onchaind's transactions from the database/from
our loaded htlc table.  To keep things tidy, we shouldn't notify the
ledger about these, so we wrap pretty much everything in a flag that
tells us whether or not this is a replay.

There's a very small corner case where dust transactions will get missed
if the node crashes after the htlc has been added to the database but
before we've successfully notified onchaind about it.

Notably, most of the obtrusive updates to onchaind wrappings are due to
the fact that we record dust (ignored outputs) before we receive
confirmation of its confirmation.
2020-05-12 15:46:58 +09:30
lisa neigut
e623143c9f fix: the tx types for element fee updates were annotated wrong
Fixes the tx type annotation in a few places.
2020-05-12 15:46:58 +09:30
lisa neigut
9b429cdf4f coin moves: some additional htlc handling
We record htlcs when they're fulfilled as 'withdrawals' that are
onchain. This should make use of the payment_hash that we stashed.

Additionally, if an htlc spend comes through that's not ours, it's
probably them resolving our attempted cheat; we should allow it to
proceed without bombing, and just do our accounting as necessary. It'll
all come out in the wash.
2020-05-12 15:46:58 +09:30
lisa neigut
6ee6cdc280 coin moves: record their attempted cheat (and our handling thereof)
For cheats, we do a little bit of weird accounting. First we 'update'
our on-ledger balance to be the entirety of the channel's balance. Then,
as outputs get resolved, we record the fees and outputs as withdrawals
from this amount.

It's possible that they might successfully 'cheat', in which case we
record those as 'penalty' but debits (not credits).
2020-05-12 15:46:58 +09:30
lisa neigut
007a62a369 coin moves: handle ignored outputs
Ignored outputs don't end up in the same 'resolved' pathway as other
tracked outputs do, so we mark them as moved when proposed/broadcast
instead of when resolved (since they'll never flow through as resolved)
2020-05-12 15:46:58 +09:30
lisa neigut
19268afba5 coin moves: record moves for unilateral closes 2020-05-12 15:46:58 +09:30
lisa neigut
c215a00c45 coin moves: record cheats / loss due to 'unknown' txs
Whenever we detect an 'unknown' tx is published, we should count that as
a loss, as needed.
2020-05-12 15:46:58 +09:30
lisa neigut
034b2c7ee4 coin moves: add handling for mutual closure case 2020-05-12 15:46:58 +09:30
lisa neigut
1f0cfa71b0 coin moves: pass our currently known channel balance to onchaind
We'll need it to do reconciliation for unexpected/penalty closures and
to compute fees paid / outputs trimmed.
2020-05-12 15:46:58 +09:30
lisa neigut
e8d10edbe5 coin moves: record onchain movements after they've been resolved
We pass them back to lightningd who sends out a notification for them
2020-05-12 15:46:58 +09:30
lisa neigut
175515b914 coin moves: stash the payment hash for onchaind in tracked_output
We'll use it when we record 'onchain' htlc movements that are fulfilled
2020-05-12 15:46:58 +09:30
Rusty Russell
4eb1233ccb lightningd: don't report spurious temporary_node_failure on local failures.
I noticed the following in logs for tests/test_connection.py::test_feerate_stress:

```
DEBUG 022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-chan#1: Failing HTLC 18446744073709551615 due to peer death
DEBUG 022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-chan#1: local_routing_failure: 8194 (WIRE_TEMPORARY_NODE_FAILURE)
```

This is because it reports the (transient) node_failure error, because
our channel_failure message is incomplete.  Fix this wart up.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-05-04 18:56:33 +09:30
lisa neigut
0e20e3c5e7 df: rename 'funder' to 'opener'
Previously we've used the term 'funder' to refer to the peer
paying the fees for a transaction; v2 of openchannel will make
this no longer true. Instead we rename this to 'opener', or the
peer sending the 'open_channel' message, since this will be universally
true in a dual-funding world.
2020-05-04 10:22:26 +09:30
Rusty Russell
c95e58ad4b subdaemons: initialize feature routines with explicit feature_set.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-03-31 13:36:02 +02:00
darosior
8cbc0038bc onchaind: a feerate per transaction type
This allows us to set more fine-grained feerate for onchain resolution.

We still give it the same feerate for all types, but this will change as
we move feerates to bcli.
2020-03-30 20:17:18 +10:30
Christian Decker
c236bf0fbd tx: Make elements_add_fee_output private 2020-03-24 09:52:33 +10:30
darosior
273029f244 wallet: set nLockTime to the tip for withdrawal transactions
This sets the nLockTime to the tip (and accordingly each input's nSequence to
0xfffffffe) for withdrawal transactions.

Even if the anti fee-sniping argument might not be valid until some time yet,
this makes our regular wallet transactions far less distinguishable from
bitcoind's ones since it now defaults to using native Segwit transactions
(like us). Moreover other wallets are likely to implement this (if they
haven't already).

Changelog-Added: wallet: withdrawal transactions now sets nlocktime to the current tip.
2020-02-03 00:45:27 +00:00
Rusty Russell
1099f6a5e1 common: use struct onionreply.
This makes it clear we're dealing with a message which is a wrapped error
reply (needing unwrap_onionreply), not an already-wrapped one.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2020-01-23 16:17:42 +10:30
Rusty Russell
00cb5adfe6 common: allow subdaemons to specify the node_id in status messages.
This is ignored in subdaemons which are per-peer, but very useful for
multi-peer daemons like connectd and gossipd.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-11-18 04:50:22 +00:00
Christian Decker
ff4a2bf38f onchaind: Annotate inputs and outputs not the transactions 2019-10-07 20:03:24 -05:00
Christian Decker
7283efa5b5 elements: Add amount_asset to support more than just plain satoshis
Currently the only source for amount_asset is the value getter on a tx output,
and we don't hand it too far around (mainly ignoring it if it isn't the
chain's main currency). Eventually we could bubble them up to the wallet, use
them to select outputs or actually support assets in the channels.

Since we don't hand them around too widely I thought it was ok for them to be
pass-by-value rather than having to allocate them and pass them around by
reference. They're just 41 bytes currently so the overhead should be ok.

Signed-off-by: Christian Decker <@cdecker>
2019-10-03 04:32:57 +00:00
Christian Decker
d5f0c08a88 elements: Remove global is_elements variable in favor of chainparams
No need to keep duplicate globals.
2019-10-03 04:32:57 +00:00
Christian Decker
ef7a63d8f8 elements: Move from a global is_elements to a global chainparams
We now have a pointer to chainparams, that fails valgrind if we do anything
chain-specific before setting it.

Suggested-by: Rusty Russell <@rustyrussell>
2019-10-03 04:32:57 +00:00
Christian Decker
378745391d elements: Change function prefix to elements_ for some functions
Suggested-by: Rusty Russell <@rustyrussell>
2019-10-03 04:32:57 +00:00
Christian Decker
91a311ee0d elements: Added better handling of NULL output scripts
We used to match specifically on `is_elements && coinbase`, but we can just
hand off responsibility to libwally and then make sure we handle it correctly.
2019-10-03 04:32:57 +00:00
Christian Decker
81abf14142 elements: Add elements overhead to sweep transactions
Turns out we weren't yet.
2019-10-03 04:32:57 +00:00
Christian Decker
314622028f onchaind: Eliminate a chicken-and-egg problem with msg parsing
Turns out that if we have the init message contain both the chainparams as
well as a transaction that needs to be parsed we need to set the parser to
elements mode before we reach the transaction...
2019-10-03 04:32:57 +00:00
Christian Decker
fad9a74662 tx: Use the context chainparams to determine the fee asset
This is the main reason we started weaving the chainparams everywhere: being
able to compare the asset type with the fee paying asset tag, thus determining
the value of the asset correctly (we still treat any non-fee-paying assets as
having value 0).

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
9f3922344b onchaind: Pass genesis hash to onchaind so it knows the chainparams
It'll be creating quite a few transactions and we will have to know which
params to use.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
83140892fb elements: Fix fee estimation for the htlc success and timeout txs
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
557f6063a7 elements: Consolidate weight computation to be handled by wally
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
84144bcef6 elements: Tell onchaind it may ignore fee outputs
We'd get upset otherwise since we can't grab those.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Christian Decker
bb76d6daa6 elements: onchaind must add fees to its transactions
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-10-03 04:32:57 +00:00
Rusty Russell
15612d269a Make option_static_remotekey non-EXPERIMENTAL now it's in spec.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-30 01:50:44 +00:00
Rusty Russell
226e2aee48 option_static_remotekey: update to latest draft.
531c8d7d9b

In this one, we always send my_current_per_commitment_point, though it's
ignored.  And we have our official feature numbers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-10 16:18:25 -05:00
Rusty Russell
ee3480e56b derive_keyset: don't rotate key for remote iff option_static_remotekey.
The largest change is inside hsmd: it hands a null per-commitment key
to the wallet to tell it to spend the to_remote output.

It can also now resolve unknown commitments, even if it doesn't have a
possible_remote_per_commitment_point from the peer.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-10 16:18:25 -05:00
Rusty Russell
160f27061e common/utxo: make commitment_point optional in close_info.
We don't rotate key for option_static_remotekey, so we don't need
this point for such channels.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-10 16:18:25 -05:00
Rusty Russell
87f0ee6351 channeld: set option_static_remotekey when negotiated.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-10 16:18:25 -05:00
darosior
0b0ad4c22d transition from status_trace() to status_debug 2019-09-10 02:02:51 +00:00
darosior
6193d22594 onchaind: Use louder warning where needed 2019-09-10 02:02:51 +00:00
Rusty Russell
837e6232c3 common: reduce header differences for DEVELOPER vs non-DEVELOPER.
`make update-mocks` is usually run in DEVELOPER mode, but then it includes
definitions for functions which aren't declared in non-DEVELOPER mode.

We hacked this in a few places, but it's fragile, and worst, now we
have EXPERIMENTAL_FEATURES as well, it's complex.

Instead, declare developer-only functions (but don't define them).
This is a bit more awkward if you accidentally use one in
non-DEVELOPER code (link error rather than compile error), but makes
autogenerating test mocks much easier.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-09-06 14:35:01 +02:00
Rusty Russell
c9817b225b bitcoin/tx: pass struct amount_sat by copy.
This is the normal convention for this type; it makes using converters
a little easier.  See next patch.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-08-26 08:44:22 +00:00
Rusty Russell
39b34a35c8 bitcoin/tx.c: don't free witness implicitly.
This causes a crash in mkfunding, which didn't expect it:

    $ devtools/mkfunding 16835ac8c154b616baac524163f41fb0c4f82c7b972ad35d4d6f18d854f6856b 1 0.01btc 253 76edf0c303b9e692da9cb491abedef46ca5b81d32f102eb4648461b239cb0f99 0000000000000000000000000000000000000000000000000000000000000010 0000000000000000000000000000000000000000000000000000000000000020
    # funding sig: 798d96d5a057b5b7797988a855217f41af05ece3ba8278366e2f69763c72e78565d5dd7eeddc0766ddf65557c92b9c52c301f23f94d2cf681860d32153e6ae1e
    # funding witnesses: [
    Aborted (core dumped)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-08-26 08:44:22 +00:00
Rusty Russell
a7a9f1c9d3 onchaind: fix bug when grinding feerates with multiple possibilities.
Fixes: #2820
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-08-14 05:53:36 +00:00
Rusty Russell
9424477cb5 onchaind/test: new test, for grinding feerate when multiple possibilities.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-08-14 05:53:36 +00:00
Rusty Russell
cc70b9c4ec wire: use common/bigsize routines
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-31 23:25:59 +00:00
Christian Decker
5dff67900e tx: Add chainparams when deserializing transactions from wire msgs
This is the other origin, besides `bitcoin_tx`, where we create `bitcoin_tx`
instances, so add the context as soon as possible. Sadly I can't weave the
chainparams into the deserialization code since that'd need to change all the
generated wire code as well.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-31 23:22:54 +00:00
Christian Decker
9288a7906b tx: Add chainparams to struct bitcoin_tx as context
The way we build transactions, serialize them, and compute fees depends on the
chain we are working on, so let's add some context to the transactions.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-31 23:22:54 +00:00
Christian Decker
15e73e3dc3 onchaind: Pass genesis hash to onchaind so it knows the chainparams
It'll be creating quite a few transactions and we will have to know which
params to use.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-07-31 23:22:54 +00:00
lisa neigut
46cbca97ea bolt-gen: use 'enum' instead of 'e:' prefix for enums
use 'enum ' in wirespec instead of 'e:' as an indicator
that a field is an enum.
2019-07-24 06:31:46 +00:00
lisa neigut
32eaae0cb9 wire-gen: move in-house wire delcarations to new format
tidying things up!
2019-07-24 06:31:46 +00:00
Rusty Russell
2945b25b57 onchaind: don't free proposal, correctly check it's not resolved in billboard.
Instead of freeing proposals, which we did in *some* places, we just
set ->resolved and check that in billboard_update which didn't get it right.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-07 00:12:34 +00:00
Rusty Russell
e746e9c202 onchaind: fix resolution detection of complex outputs.
We shouldn't set out->resolved until we've actually resolved it.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-07-07 00:12:34 +00:00
lisa neigut
7046d0220c makefiles: move all unit tests under make check-units
Isolate unit tests under their own make directive.
2019-06-30 16:41:30 +09:30
Rusty Russell
f1b57063f7 bitcoin/tx: use fromwire_fail in pull_bitcoin_tx.
This is the correct way to mark failure: it also sets *max to 0.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-06-21 03:56:59 +00:00
Christian Decker
b6b548a983 wallet: Rip out the txtypes type in favor of enum wallet_tx_type
Suggested-by: Rusty Russell <@rustyrussell>
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Christian Decker
605358f2a3 onchaind: Have onchaind annotate unilateral, cheat and mutual closes
onchaind knows best, no need to guess outside.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Christian Decker
49a0de7b1d onchaind: Annotate their sweep transactions
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Christian Decker
94e024af41 onchaind: Have onchaind annotate htlc-{succes,failure} and penalties
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Christian Decker
a54b7da705 onchaind: Allow onchaind to annotate transactions we watch
This is important for things we automatically watched because it spends a
watch txo, but only onchaind knows the details about what the TX really is and
how it should be handled.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Christian Decker
ae0bc4aed0 onchaind: Store and annotate transactions we broadcast ourselves
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-06-08 02:58:27 +00:00
Rusty Russell
837a095d68 pubkey: rename PUBKEY_DER_LEN to PUBKEY_CMPR_LEN.
Pubkeys are not not actually DER encoding, but Pieter Wuille corrected
me: it's SEC 1 documented encoding.

Results from 5 runs, min-max(mean +/- stddev):
	store_load_msec,vsz_kb,store_rewrite_sec,listnodes_sec,listchannels_sec,routing_sec,peer_write_all_sec
	38922-39297(39180.6+/-1.3e+02),2880728,41.040000-41.160000(41.106+/-0.05),2.270000-2.530000(2.338+/-0.097),44.570000-53.980000(49.696+/-3),32.840000-33.080000(32.95+/-0.095),43.060000-44.950000(43.696+/-0.72)

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-04-09 12:37:16 -07:00
Christian Decker
50ade7349f wally: Migrate onchaind to use the wally tx and the helpers
Weaning `onchaind` off its use of the internal bitcoin_tx input and output
fields, since we're going to remove them soon, I promise.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
9fe481b967 wally: Move input amounts into a separate array
The `wally_tx_input`s do not keep track of their input value, which means we
need to track them ourselves if we try to sign these transactions at a later
point in time.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
4f0c386d32 wally: Use input and output setters in onchaind and htlc_tx
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
369a85e289 wally: Use output and input setters when signing / grinding feerate
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Christian Decker
16f72cb160 wally: Migrate version and locktime to libwally tx
Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-04-08 00:00:00 +00:00
Rusty Russell
02faadfb93 amount: make it work with gcc-4.8.
```
In file included from bitcoin/chainparams.h:7:0,from bitcoin/chainparams.c:1:
./common/amount.h:36:11: error: initializer element is not constant
((struct amount_sat){(constant) + AMOUNT_MUST_BE_CONST(constant)})
^
bitcoin/chainparams.c:20:21: note: in expansion of macro ‘AMOUNT_SAT’
.max_funding = AMOUNT_SAT((1 << 24) - 1),
^
./common/amount.h:36:11: error: (near initialization for ‘networks[0].max_funding’)
((struct amount_sat){(constant) + AMOUNT_MUST_BE_CONST(constant)})
^
bitcoin/chainparams.c:20:21: note: in expansion of macro ‘AMOUNT_SAT’
.max_funding = AMOUNT_SAT((1 << 24) - 1),
```

Fixes: #2404
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-27 23:12:50 +00:00
Christian Decker
478e2d7084 onchaind: Have onchaind also tell us the scriptPubKey of our outputs
onchaind is in the correct position to tell us about them, so have it pass
them up as well.

Signed-off-by: Christian Decker <decker.christian@gmail.com>
2019-02-22 11:15:24 -08:00
Rusty Russell
948ca470ad bitcoin: use amount_sat/amount_msat.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
3ac0e814d0 daemons: use amount_msat/amount_sat in all internal wire transfers.
As a side-effect of using amount_msat in gossipd/routing.c, we explicitly
handle overflows and don't need to pre-prune ridiculous-fee channels.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
3412c5d392 commit_tx & htlc_tx: use amount_sat/amount_msat.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 08:01:37 +00:00
Rusty Russell
7fad7bccba common/amount: new types struct amount_msat and struct amount_sat.
They're generally used pass-by-copy (unusual for C structs, but
convenient they're basically u64) and all possibly problematic
operations return WARN_UNUSED_RESULT bool to make you handle the
over/underflow cases.

The new #include in json.h means we bolt11.c sees the amount.h definition
of MSAT_PER_BTC, so delete its local version.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-02-21 00:44:57 +00:00
Rusty Russell
26dda57cc0 utils: make tal_arr_expand safer.
Christian and I both unwittingly used it in form:

	*tal_arr_expand(&x) = tal(x, ...)

Since '=' isn't a sequence point, the compiler can (and does!) cache
the value of x, handing it to tal *after* tal_arr_expand() moves it
due to tal_resize().

The new version is somewhat less convenient to use, but doesn't have
this problem, since the assignment is always evaluated after the
resize.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2019-01-15 12:01:38 +01:00
Christian Decker
94eb2620dc bolt: Updated the BOLT specification to the latest version
This is mainly just copying over the copy-editing from the
lightning-rfc repository.

[ Split to just perform changes after the UNKNOWN_PAYMENT_HASH change --RR ]

Signed-off-by: Christian Decker <decker.christian@gmail.com>
Reported-by: Rusty Russell <@rustyrussell>
2019-01-15 02:19:56 +00:00
Christian Decker
65054ae72e bolt: Updated the BOLT specification to a07dc3df3b4611989e3359f28f96c574f7822850
This is mainly just copying over the copy-editing from the
lightning-rfc repository.

[ Split to just perform changes prior to the UNKNOWN_PAYMENT_HASH change --RR ]

Signed-off-by: Christian Decker <decker.christian@gmail.com>
Reported-by: Rusty Russell <@rustyrussell>
2019-01-15 02:19:56 +00:00
Rusty Russell
dffe2f516a signature: wrap almost all signatures in struct bitcoin_signature.
This is prep work for when we sign htlc txs with
SIGHASH_SINGLE|SIGHASH_ANYONECANPAY.

We still deal with raw signatures for the htlc txs at the moment, since
we send them like that across the wire, and changing that was simply too
painful (for the moment?).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-12-06 23:11:51 +01:00
Rusty Russell
55306fc3eb onchaind: wire up dev_memleak.
For onchaind we need to remove globals from memleak consideration;
we also change the htlc pointer to an htlc copy, which simplifies
things as well.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-11-22 05:15:42 +00:00
William Casarin
ad1cf8b40c build: fix compilation error on gcc 7.3.0
Signed-off-by: William Casarin <jb55@jb55.com>
2018-11-04 04:22:40 +00:00
Rusty Russell
c5cd4791be onchaind: allow multiple candidate HTLCs for output match
When we have multiple HTLCs with the same preimage and the same CLTV,
it doesn't matter what order we treat them (they're literally
identical).  But when we offer HTLCs with the same preimage but
different CLTVs, the commitment tx outputs look identical, but the
HTLC txs are different: if we simply take the first HTLC which matches
(and that's not the right one), the HTLC signature we got from them
won't match.  As we rely on the signature matching to detect the fee
paid, we get:

	onchaind: STATUS_FAIL_INTERNAL_ERROR: grind_fee failed

So we alter match_htlc_output() to return an array of all matching
HTLC indices, which can have more than one entry for offered HTLCs.
If it's our commitment, we loop through until one of the HTLC
signatures matches.  If it's their commitment, we choose the HTLC with
the largest CLTV: we're going to ignore it once that hits anyway, so
this is the most conservative approach.  If it's a penalty, it doesn't
matter since we steal all HTLC outputs the same independent of CLTV.

For accepted HTLCs, the CLTV value is encoded in the witness script,
so this confusion isn't possible.  We nonetheless assert that the
CLTVs all match in that case.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-10-23 16:55:35 +02:00
Rusty Russell
c919551109 onchaind: include htlc id in htlc_stub so we agree on what HTLC we're closing.
If there are two HTLCs with the same preimage, lightningd would always
find the first one.  By including the id in the `struct htlc_stub`
it's both faster (normal HTLC lookup) and allows lightningd to detect
that onchaind wants to fail both of them.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-10-23 16:55:35 +02:00
Rusty Russell
96f05549b2 common/utils.h: add tal_arr_expand helper.
We do this a lot, and had boutique helpers in various places.  So add
a more generic one; for convenience it returns a pointer to the new
end element.

I prefer the name tal_arr_expand to tal_arr_append, since it's up to
the caller to populate the new array entry.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-27 22:57:19 +02:00
Rusty Russell
e012e94ab2 hsmd: rename hsm_client_wire_csv to hsm_wire.csv
That matches the other CSV names (HSM was the first, so it was written
before the pattern emerged).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-20 09:49:39 +02:00
Rusty Russell
8f1f1784b3 hsmd: remove hsmd/client.c
It was only used by handshake.c.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-20 09:49:39 +02:00
Rusty Russell
0d46a3d6b0 Put the 'd' back in the daemons.
@renepickhardt: why is it actually lightningd.c with a d but hsm.c without d ?

And delete unused gossipd/gossip.h.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-09-03 05:01:40 +00:00
Rusty Russell
a217392fca onchaind: remove useless continue.
Reported-by: Christian Decker <@cdecker>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
Rusty Russell
1a4084442b onchaind: use a point-of-last-resort if we see an unknown transaction.
This may have been supplied by the peer if it's nice and supports
option_data_loss_protect.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
Rusty Russell
b123b1867d shachain: shachain_get_secret helper.
This is a wrapper around shachain_get_hash, which converts the
commit_num to an index and returns a 'struct secret' rather than a
'struct sha256' (which is really an internal detail).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-08-23 14:46:22 +02:00
Rusty Russell
5cf34d6618 Remove tal_len, use tal_count() or tal_bytelen().
tal_count() is used where there's a type, even if it's char or u8, and
tal_bytelen() is going to replace tal_len() for clarity: it's only needed
where a pointer is void.

We shim tal_bytelen() for now.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-30 11:31:17 +02:00
Rusty Russell
ae8b459932 onchaind: tell wallet when we see our revoked commitment tx to_remote output
Without this, the wallet won't know how to spend it.

Fixes: #1738
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-27 11:36:22 +02:00
Rusty Russell
613b65eede onchaind: use the HSM to get the per-commitment-point.
This means onchaind doesn't need the per-channel secret at all (aka. peer seed)
so we remove that from the onchaind_init message.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
14d6fc4a31 onchaind: use HSM for signing htlc transactions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
4098f47cfc onchaind: use HSM to sign "to-us" transactions.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
437b65eba1 onchaind: clean up types for penalty transactions.
We can use pubkey_from_secret() to avoid the ugly sha->secret->privkey
conversion.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
dd2773dfc0 common/keyset: use struct basepoints rather than open-coding fields.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
76cc428923 onchaind: make commit number a global.
The HSM will to need it to create signatures: we currently use it to create
privkeys then don't hand it around.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-24 00:40:01 +02:00
Rusty Russell
b2b85100d7 common/derive_basepoints: add routines for marshal/unmarshal.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-17 12:32:00 +02:00
Rusty Russell
6c98457ef2 per-peer seed is a 'struct secret' not a 'struct privkey'.
They're both 32 bytes, but it's not a privkey at all.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-17 12:32:00 +02:00
Rusty Russell
fed5a117e7 Update ccan/structeq.
structeq() is too dangerous: if a structure has padding, it can fail
silently.

The new ccan/structeq instead provides a macro to define foo_eq(),
which does the right thing in case of padding (which none of our
structures currently have anyway).

Upgrade ccan, and use it everywhere.  Except run-peer-wire.c, which
is only testing code and can use raw memcmp(): valgrind will tell us
if padding exists.

Interestingly, we still declared short_channel_id_eq, even though
we didn't define it any more!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-07-04 23:57:00 +02:00
Rusty Russell
c78afa9201 onchaind: use lowball fee instead of donating to miners.
As of bitcoind 0.16.1, you can't send a single-input OP_RETURN output,
as you get 'tx-too-small'.

	sendrawtx exit 26, gave error code: -26?error message:?tx-size-small (code 64)?'

So instead we use the minimum fee we can, but otherwise ignore it and
don't wait for it to be mined.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-06-21 13:43:32 +02:00
Rusty Russell
3460b42513 onchaind: fix up BOLT references.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-06-18 12:31:09 +02:00
practicalswift
abf510740d Force the use of the POSIX C locale for all commands and their subprocesses 2018-04-27 14:02:59 +02:00
Rusty Russell
b4db228aa1 onchaind: add BOLT 3 comment for fee calculations.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00
Rusty Russell
1764d6c907 grind_htlc_tx_fee: benchmark.
Takes 15 seconds on my laptop to do the worst-case grind:

	$ onchaind/test/run-grind_feerate 250001
	250001 iterations in 15893 msec = 63574 nsec each

It's not worth optimizing as it's 75% in libsecp:

    29.65%  run-grind_feera  run-grind_feerate  [.] secp256k1_fe_mul_inner
    23.51%  run-grind_feera  run-grind_feerate  [.] secp256k1_fe_sqr_inner
    11.04%  run-grind_feera  run-grind_feerate  [.] secp256k1_gej_double_var.part.6.constprop.34
     9.56%  run-grind_feera  run-grind_feerate  [.] secp256k1_scalar_reduce_512
     5.70%  run-grind_feera  run-grind_feerate  [.] Round

Even forcing a compile with -O3 -flto, it's only 13883 msec = 55534 nsec each.

Fixes: #291
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00
Rusty Russell
c52222848d onchaind: support tests.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00
Rusty Russell
5f1c77d249 test_lightning.py: add test for onchain with different feerates.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00
Rusty Russell
4234321f7e onchain: get feerate min/max from master.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2018-04-04 02:31:41 +00:00