Commit Graph

9938 Commits

Author SHA1 Message Date
Rusty Russell
3c5ea7fd8e Makefile: make it easier to check bolt text.
Instead of "only check suffix quotes when EXPERIMENTAL_FEATURES", make
it so we only check suffix quotes if you override BOLTVERSION on the
cmdline.

Before this, "make check-source-bolt" was effectively a NOOP with
--enable-experimental-features.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-04-07 14:34:39 +09:30
Rusty Russell
9dbac21d3b doc: remove suffix for included-in-master BOLTs.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-04-07 14:34:39 +09:30
Rusty Russell
3ccb6d6e7a Makefile: update to latest BOLT versions.
The main change which affects us is that 2016 blocks to forget a channel
is a fixed number in the spec; we make this clear by renaming the
(developer-only) max_funding_unconfirmed to dev_max_funding_unconfirmed
and making it compile DEVELOPER only.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-04-07 14:34:39 +09:30
Christian Decker
c8dbcac38e pay: Use gossmap for reachability check 2021-04-06 11:03:47 +09:30
niftynei
5e289efdde wire: clean up patch revision files in clean
Make all the ....csv.* things disappear
2021-04-06 11:02:08 +09:30
Rusty Russell
5ffc516133 CHANGELOG.md: update for v0.10.0
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-31 15:34:56 +10:30
Rusty Russell
7fbf728a34 gossipd: assert we're not blatting the version header.
Suggested-by: whitslack
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-31 12:26:21 +10:30
Rusty Russell
7b853d0fa5 gossip_store: don't make bogus assumption that writes are atomic wrt readers.
They're not defined to be, though we've not seen this on Linux (testing
showed that it is page-level atomic, which means it can still happen across
page boundaries though!).  This was pointed out by whitslack in
https://github.com/ElementsProject/lightning/issues/4288

In practice, this just means not complaining when it happens, and also
not trying to get tricky to use it on MacOS (we can safely seek & write,
since we're single-threaded).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Removed: Removed bogus UNUSUAL log about gossip_store 'short test'.
2021-03-31 12:26:21 +10:30
niftynei
cbde1f8158 pyln-proto: make an error message more detailed
Easier to figure out what's going wrong
2021-03-30 13:44:34 +10:30
niftynei
5142dc81f6 pyln-proto: write out length of arrays of subtypes to wire
We weren't writing out the length of a nested subtype's
dynamicarraylenght, now we do. The trick is to iterate through the
fields on a subtype (since the length field is added separately)
and to also iterate down through the otherfield values as we 'descend'
2021-03-30 13:44:34 +10:30
niftynei
6db6ba6c03 dual-funding: introduce racy state
It's unlikely but possible that a race condition will result in us not
being at the 'secured' state yet here.

Crashlogs. All required msgs are received (in order)
from peers, but the crash suggests they weren't relayed/processed by the
spender plugin in the order received.

WIRE_TX_SIGNATURES is passed the the plugin via a notification;
WIRE_COMMITMENT_SIGNED is returned as the result of an RPC call.

```
021-03-25T12:12:33.5213247Z lightningd-1: 2021-03-25T11:50:13.351Z DEBUG   035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d-dualopend-chan#3: peer_in WIRE_COMMITMENT_SIGNED
2021-03-25T12:12:33.5221140Z lightningd-1: 2021-03-25T11:50:13.659Z DEBUG   022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-dualopend-chan#1: peer_in WIRE_COMMITMENT_SIGNED
2021-03-25T12:12:33.5228462Z lightningd-1: 2021-03-25T11:50:14.169Z DEBUG   035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d-dualopend-chan#3: peer_in WIRE_TX_SIGNATURES
2021-03-25T12:12:33.5230957Z lightningd-1: 2021-03-25T11:50:14.375Z DEBUG   plugin-spenderp: mfc 275, dest 1: openchannel_update 035d2b1192dfba134e10e540875d366ebc8bc353d5aa766b80c090b39c3a5d885d returned.
2021-03-25T12:12:33.5233307Z lightningd-1: 2021-03-25T11:50:14.539Z DEBUG   022d223620a359a47ff7f7ac447c85c46c923da53389221a0054c11c1e3ca31d59-dualopend-chan#1: peer_in WIRE_TX_SIGNATURES
2021-03-25T12:12:33.5235120Z lightningd-1: 2021-03-25T11:50:17.240Z INFO    plugin-spenderp: Killing plugin: exited during normal operation
2021-03-25T12:12:33.5236707Z lightningd-1: 2021-03-25T11:50:17.260Z **BROKEN** plugin-spenderp: Plugin marked as important, shutting down lightningd!
```

Fixes #4455
2021-03-30 13:44:11 +10:30
Rusty Russell
f891c7096b v0.10.0-rc2
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-28 14:14:54 +10:30
Rusty Russell
2dabe35c2c CHANGELOG.md: update for recent changes.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-28 14:14:54 +10:30
Rusty Russell
006300ab96 lightningd: set "direction" correctly for connect which is already connected.
This means remembering the connection direction.  We also use the address to try
to reconnect, which we shouldn't bother with if they connect to us.

For peers from the database, we currently always save the addr: we shouldn't really
do this if they connected to us, since it's not useful for reconnecting (we don't
show the addr in JSON reply to listpeers unless we're connected, so it's only an
internal issue).  This is left for future work.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-26 13:22:33 +10:30
Rusty Russell
b0d6996ed6 lightningd: get connection direction from connectd.
This matters: if we connected, the address is probably usable for future connections.
But if they connected, the port is probably not (but the IP address may be).

Changelog-Added: JSON-RPC: `connect` returns "direction" ("in": they iniatated, or "out": we initiated)
Changelog-Added: plugins: `peer_connected` hook and `connect` notifications have "direction" field.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-26 13:22:33 +10:30
Rusty Russell
b689d33e97 gossipd: fix rolling corruption.
If gossip_store is an incorrect version, we will recreate it: with an incorrect
version!  This means we never get persistent gossip, *and* the pay plugin will
fail to map the gossip_store.  Everyone will be sad.

Debugged-by: Matt Whitlock
Fixes: #4376
Fixes: #4288
Typing-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-26 12:13:51 +10:30
niftynei
1275af6fbb df-tests: update to take 'no channel_id' into account; use exp-df flag
The logs we're looking for don't exist anymore, we got rid of them.
2021-03-25 20:05:11 +10:30
Rusty Russell
a52517bd81 pytest: fix up rbf tests which use dev-disconnect.
They must be marked DEVELOPER-only.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-25 20:05:11 +10:30
niftynei
e549746578 features: match up feature names to feature bit
Aligns the feature bit number to the name-label. Is this correct?
2021-03-25 20:05:11 +10:30
niftynei
3e8f575f9e dual-funding: convert to runtime flag, --experimental-dual-fund
You can now activate dual-funded channels using the
`--experimental-dual-fund` flag

Changelog-Changed: Config: `--experimental-dual-fund` runtime flag will enable dual-funded protocol on this node
2021-03-25 20:05:11 +10:30
niftynei
737658503f dual-funding: use correct feature bit number!!
Use designated feature bit, instead of future-bit.
2021-03-25 20:05:11 +10:30
niftynei
2baa24801e dual-funding: implies anchor outputs.
| 28/29 | `option_dual_fund`             | Use v2 of channel open, enables dual funding              | IN9      | `option_anchor_outputs`, `option_static_remotekey`   | [BOLT #2](02-peer-protocol.md)        |
2021-03-25 20:05:11 +10:30
Rusty Russell
6dae0118f9 connectd: clearly differentiate incoming and outgoing paths.
This should make it clearer where the problem seen in
https://github.com/ElementsProject/lightning/issues/4297 is.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-25 11:31:58 +10:30
niftynei
3c87e1f338 test_v2_open_sigs_restart: dont mine blocks until funding tx in mempool
This was flaky because sometimes we'd generate blocks before the funding
transaction reached the mempool.

If we wait until it's in, it works as expected.

[ Neatened to use wait_for_mempool arg --RR ]
2021-03-24 06:56:26 +10:30
niftynei
66a2826976 df-tests: make bad tests a bit better, maybe
We updated the "UNKNOWN TYPE channel_id" -> the actual channel id;
the reason for why the error fails shouldn't be restrictive (we just
know that it fails)
2021-03-24 06:56:26 +10:30
Rusty Russell
de52abbcde common: fix MacOS compile error.
clang 10.0.0 (erroneously?) claims an enum_side cannot be >= NUM_SIDES.
Make it clear that we're testing the raw u8 for validity.

Fixes: #4409
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-23 14:24:38 -05:00
Rusty Russell
d06e84cceb ccan: import latest
Which includes not asserting in timer.c should time go backwards.

Fixes: #4401
Changelog-Fixed: lightningd: don't assert if time goes backwards temporarily.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-23 14:24:38 -05:00
Christian Decker
777f0b1145 doc: Remove leftover conflict marker in the docs 2021-03-22 12:33:16 +10:30
Rusty Russell
19b0ab8403 0.10.0-rc1.
Finally!

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-19 14:35:19 +10:30
Rusty Russell
69b7b013e4 CI: Disable EXPERIMENTAL_FEATURES temporarily.
It's flaky, and interfering with the rc1 release.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-19 10:18:42 +10:30
Christian Decker
71c45dc55c plugin: Call invoice_payment hook before the matching notification
As @fiatjaf points out we were notifying before we were actually set
on accepting, since the hook could also still reject. Switched them
around does and calling the notification only once it's been decided
is the correct thing to do.

Changelog-Fixed: plugin: The `invoice_payment` notification was being sent before the hook was called, which could still abort it.
Suggested-by: Fiatjaf <@fiatjaf>
Signed-off-by: Christian Decker <@cdecker>
2021-03-19 10:18:42 +10:30
Christian Decker
6cfb72ea1b keysend: Add error when trying to send to self
There is little point in faking a self-payment, but we should also not
crash :-)

Fixes #4438

Changelog-Fixed: keysend: Keysend returns an error when a self-payment is requested
2021-03-19 10:18:42 +10:30
Christian Decker
3a031bf0e3 keysend: Fix a use-after-free error
By stealing the underlying buffer we could end up freeing it, causing
the next read to access a freed buffer. Copying is however safe.
2021-03-19 10:18:42 +10:30
Rusty Russell
286c526a81 channel: initialize inflight->tx_broadcast (EXPERIMENTAL_FEATURES)
valgrind rightfully complains:

```
Valgrind error file: valgrind-errors.182892
==182892== Conditional jump or move depends on uninitialised value(s)
==182892==    at 0x16B381: handle_peer_tx_sigs_sent (dual_open_control.c:1415)
==182892==    by 0x16E9F4: dual_opend_msg (dual_open_control.c:2681)
==182892==    by 0x165759: sd_msg_read (subd.c:480)
==182892==    by 0x1EECCB: next_plan (io.c:59)
==182892==    by 0x1EF8B0: do_plan (io.c:407)
==182892==    by 0x1EF8F2: io_ready (io.c:417)
==182892==    by 0x1F1B8A: io_loop (poll.c:445)
==182892==    by 0x131332: io_loop_with_timers (io_loop_with_timers.c:24)
==182892==    by 0x13711B: main (lightningd.c:1102)
==182892==
--------------------------------------------------------------------------------
------------------------------- Valgrind errors --------------------------------
Valgrind error file: valgrind-errors.182899
==182899== Conditional jump or move depends on uninitialised value(s)
==182899==    at 0x16C0EE: handle_peer_tx_sigs_msg (dual_open_control.c:1737)
==182899==    by 0x16E9D3: dual_opend_msg (dual_open_control.c:2678)
==182899==    by 0x165759: sd_msg_read (subd.c:480)
==182899==    by 0x1EECCB: next_plan (io.c:59)
==182899==    by 0x1EF8B0: do_plan (io.c:407)
==182899==    by 0x1EF8F2: io_ready (io.c:417)
==182899==    by 0x1F1B8A: io_loop (poll.c:445)
==182899==    by 0x131332: io_loop_with_timers (io_loop_with_timers.c:24)
==182899==    by 0x13711B: main (lightningd.c:1102)
==182899==
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-18 13:25:52 +10:30
niftynei
38fee517d7 mfc: turn "UNKNOWN TYPE channel_id" logs into actually the channel id
Get rid of unuseful "UNKNOWN TYPE channel_id" prints in logs; only
affected usage for `type_to_string` of plugins/Makefile built things
2021-03-17 11:35:37 +10:30
niftynei
2f2981c4e0 df: more reconnection tests 2021-03-17 10:25:18 +10:30
niftynei
fba1191f06 df: actually save the peer's sigs transmission to disk
Otherwise we have no idea whether or not they actually sent their sigs
or not.
2021-03-17 10:25:18 +10:30
niftynei
fc64ebdb53 dual-funding: don't not update the state! log the issue and move on with
with your life
2021-03-17 10:25:18 +10:30
niftynei
bc90c4f822 df: don't ignore their sigs, even if we've already seen them
In the case of failures/disconnects between dualopend receiving the sigs
and the main man disconnecting (as can happen using the testing
disconnects), failing to forward their sigs over to lightningd can
result in the channel never progressing from DUALOPEND_OPEN_INIT
to DUALOPEND_AWAITING_LOCKIN.

Always re-relay.
2021-03-17 10:25:18 +10:30
niftynei
dd696a7c05 df: move from warning to unusual
There are perfectly valid reasons for us to not have a command on return
(something went boom while sending them our sigs and we've now gotten
their sigs during a reconnect and subsequently broadcast the tx)
2021-03-17 10:25:18 +10:30
niftynei
61df08c50d df-broadcasts: use an impermanent marker to make sure we've sent things
This can result in us logging a warning if we've 1) dropped their sigs
response, 2) only us (the opener) added inputs, 3) and we broadcast on
their reconnect (when they retransmit their sigs)
2021-03-17 10:25:18 +10:30
niftynei
c317b642c3 channel: why were these commas in the first place
How did this ever work?
2021-03-17 10:25:18 +10:30
Rusty Russell
6c9d9ee9a2 connect: return address we actually connected to.
Otherwise, we might find an address other than the one given and
the user might think that address worked.

Fixes: #4185
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: JSON-RPC: `connect` returns `address` it actually connected to
2021-03-17 08:38:08 +10:30
Rusty Russell
3fd22f86df channeld: allow remote node to exceed their own HTLC count limits.
We try not to exceed either side, but the spec still allows them to
(we don't, but older nodes would have, as could other implementations).

Fixes: #3953
Changelog-Fixed: protocol: overzealous close when peer sent more HTLCs than they'd told us we could send.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-17 06:07:51 +10:30
fiatjaf
a7af106321 remove duplicated erring_node from paystatus. 2021-03-17 06:05:35 +10:30
Rusty Russell
72ad260e9d pytest: fix now-obsolete use of fundchannel_complete via txid.
This was merged almost at the same time as the API change.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-16 14:21:42 +10:30
Rusty Russell
b563cafd83 lightningd: don't complain about bad funding PSBT for elements.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-16 13:10:07 +10:30
Rusty Russell
22e1107581 lightningd/opening_control: deprecate old fundchannel_complete args.
And update all the in-tree callers.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Deprecated: JSON-RPC: `fundchannel_complete` `txid` and `txout` parameters (use `psbt`)
2021-03-16 13:10:07 +10:30
Rusty Russell
43a553f5ac txprepare, withdraw: return the PSBT as well as raw tx.
In particular, txprepare gives us a nice way to get a valid PSBT for
testing.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Changelog-Added: JSON-RPC: `txprepare` and `withdraw` now return a `psbt` field.
2021-03-16 13:10:07 +10:30
Rusty Russell
dc44737fb8 python: handle psbt-version of fundchannel_complete, deprecate old.
I didn't change the callers yet, so I can test the backwards compat code
works.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2021-03-16 13:10:07 +10:30