We've seen a few reports of local channels sometimes being ignored during
path-finding (e.g. #2176).
When that happens, it's currently hard to know whether the channel is in
the graph or not: knowing that would let us know if there is a bug in the
graph management code or the path-finding algorithm itself.
Eclair fails at startup when eclair.bitcoind.wallet is mis-configured or not loaded by bitcoind. We now show different error messages for specific failure situations and report the current wallet configuration and loaded wallets where appropriate.
This is a classic race condition that can appear when we register to
events in tests. We need to make sure that the subscription is taken
into account before moving forward.
Instead of defining a separate type `FeatureScope` with its own
hierarchy, that was then mixed in `Feature` using the cake pattern, we
go with a simpler type hierarchy for `Feature`.
This significantly simplifies type declarations (no more `Feature with
FeatureScope`) especially in the tests.
Add the ability to set different min-funding limits for private and public channels.
Replace min-funding-satoshis config parameter with min-public-funding-satoshis and min-private-funding-satoshis.
Show a deprecation message if min-funding-satoshis is defined.
Prevent relayed payments from failing due to an insufficient fee rate caused by a delay in gossip propagation with the new fee rate. Payments that satisfy the base and proportional relay fee rates from either the current or previous local channel update will not be failed during the `relay.fees.enforcement-delay` period (default 10 minutes) after the latest local fee update.
The previous fee update is only stored in memory, so after restarting the node all fee updates will be enforced immediately. To enforce a fee update with out a delay you can also issue the same update twice so that the previous and current fee rates are the same.
When we know for sure that an incoming htlc will never be fulfilled, we can safely ignore it. We used to only handle htlc fulfillment. Fixes#2168.
Note that when we receive a preimage for a htlc during a local/remote force close, we need to only update the htlcs and keep the rest of `LocalCommitPublished` untouched. In particular, we don't regenerate the claim-main tx (which can cause issues if fees change), and leave the `irrevocablySpent` untouched.
Also renamed and reorganized a few helper methods.
An invoice that doesn't explicitly set min_final_cltv_expiry has an default min_final_cltv_expiry of 18.
This default allows invoices to be slightly shorter but does not mean that the min_final_cltv_expiry can be unknown and needs to be provided from somewhere else.
Because of the virtual cost per hop, a path with several "good" channels may be considered better than using a direct channel.
We remove the virtual cost for the first hop of the path to ensure that a direct channel is always selected when available.
Building an inconsistent intermediate `RemoteCommitPublished` object was error-prone and defeats the purpose of strong typing.
We also handle the `paysDirectlyToWallet` case directly in the method, which enables a nice factorization and better contains this now deprecated feature.
When Eclair first starts, search for all unpaid expired incoming payments and purge them from the payments database. These payments take up space in the database but will no longer be paid and so should be removed to improve performance and reduce the size of the database.
Purges will be triggered every 24 hours by default but can be disabled or configured with a different interval.
The invoice purger only looks back 15 days for expired invoices when triggered after the initial scan to reduce its impact on database performance.
Co-authored-by: Thomas HUET <81159533+thomash-acinq@users.noreply.github.com>
Co-authored-by: Bastien Teinturier <31281497+t-bast@users.noreply.github.com>
When starting bitcoind on regtest, it sets the IBD flag until a few blocks
have been mined. However, this isn't a real IBD and it doesn't prevent
eclair from working at all, so we should ignore that requirement.
We changed the logging MDC key for tx-publishing in #2131, but forgot to
add a formatting rule in logback.xml for that new field, so it wasn't
written to logs.
We used to compute the edge weight before checking that the edge could actually relay the payment.
Since #2111 we throw an exception in case `heuristicsConstants` are used and the edge can't relay the payment instead of just ignoring the edge.
We fix this by checking that the edge can relay the payment before trying to call `addEdgeWeight`.
Give different types to init features / node announcement features / invoice features.
We now accept more invoices (we would previously reject invoices if they required a feature that we don't support but that we know is irrelevant for invoices).
Created new files for pages that were in the wiki, but not already in the docs directory. Also made following fixes to README.md and existing files in the docs directory:
* update bolt links to avoid redirect
* link to logging guide from logging section (README.md)
* fixed typo in Backup section and capitalization of Bitcoin Core (README.md)
* Alice does not need trampoline feature enabled (TrampolinePayments.md)
* link to 2021 edition of Trampoline PR (TrampolinePayments.md)
* fixed API examples and removed quotes from password (API.md)
* use --nodeIds for sendtoroute examples (TrampolinePayments.md and MultipartPayments.md)
* update CLI example 3 to use jq (Usage.md)
* fix typo in docs/FAQ.md
* updated Guide.md to point to all pages that are guides
Makes the code a bit cleaner and fixes a bug where `Postman` could respond with both a failure to send and later a `NoReply` after the timeout in case we were expecting a reply.
Refactoring of `PaymentRequest` to pave the way for bolt12 invoices
`PaymentRequest` is renamed to `Invoice` and is now a trait extended by `Bolt11Invoice` and `Bolt12Invoice`. `Bolt12Invoice` will come in a future PR.
Co-authored-by: t-bast <bastuc@hotmail.fr>
If a channel is force-closed before the funding transaction is confirmed,
broadcasting our local commit can be a problem if the funding
tx is double spent. When that happens, the channel stays stuck in the
closing state trying to publish a commit tx with an invalid input.
If we haven't even seen the funding tx in the mempool, we have no way of
being sure that it was double spent, so we would need to keep trying
forever, which pollutes the logs with publishing errors.
Whenever the funding transaction isn't confirmed and we have nothing
at stake, we now directly go to the closed state without publishing our
commitment. This will be an issue for peers who lost state and rely on
us for dataloss protection, but it's not worth exposing ourselves to that
annoying edge case. Our peers should be able to at least keep state
long enough for the funding tx to confirm or for them to force-close.
When we restart, if a downstream channel is closing with a revoked commit,
we should fail the corresponding htlcs in upstream channels.
Otherwise they will be ignored until they timeout, which will cause the
upstream channel to force-close.
If a funding tx is double-spent, we can't publish our commit tx. However,
the previous code would retry very regularly in a loop, polluting the logs.
When that happens, we now only retry when a new block is found.
This has the same kind of impact as the typing of `Features`. In particular we can now explicitly set the values in `eclair.conf`:
`eclair.channel.channel-flags.announce-channel=true`. I took the opportunity to move this channel-related config key in its own config section, with the goal that we move the other fields in a follow-up PR.
It also has the nice side effect of providing a pretty json formatting out of the box:
```json
"channelFlags": {
"announceChannel": true
}
```
The `open` method of the API has been updated: `channelFlags` has been replaced by a new `announceChannel` parameter.
The PaymentInitiator now stores all pending payments, where it previously
only stored trampoline payments (for which it handled the retries).
Whenever the DB doesn't contain any pending payment we also ask the
payment initiator whether a payment attempt is being started, which lets
us provide more accurate information with the `sentinfo` RPC.
An optimistic schedule for confirmation during force-close scenarios
could in theory help malicious peers starve us of our utxos, making it
hard to fee-bump HTLC transactions in high-fee environments.
If we detect that our safe utxos count is low, we try to get force-close
transactions confirmed as quickly as possible, which will yield a new utxo
that can be used to fund other transactions.
Instead of always using the last known peer address from the `PeersDb`,
we randomly pick the address from the `PeersDb` and the `NetworkDb`.
We use clearnet or tor addresses depending on the node configuration:
- tor not supported: always use clearnet addresses
- tor supported but not enabled for clearnet addresses: use clearnet
addresses when available
- tor supported and enabled for clearnet addresses: use tor
addresses when available
When using postgres, at startup we optionnally run a few basic safety
checks, e.g. the number of local channels, how long since the last local
channel update, etc. The goal is to make sure that we are connected to
the correct database instance.
This adds the option to report a remote IP address back to a connecting
peer using the `init` message. A node can decide to use that information
to discover a potential update to its public IP address (NAT) and use
that for a `node_announcement` update message containing the new address.
See https://github.com/lightningnetwork/lightning-rfc/pull/917
* consistency in feature names
Since we're not always following the `option_` prefix from the spec,
let's at least be consistent with ourselves.
* add alternative to `def nodeFees()`
This feature is now ready to be widely deployed.
The transaction format has been tested for a long time
(between Phoenix iOS and our node) and automatic
fee-bumping has been implemented in #2113.
This data class is actually used for more than logging, we also use it to
track the id of a publish request.
We also switch to a different MDC key for transaction publishing instead
of re-using the paymentId one.
We now have this better type to remove ambiguity.
We should use it wherever it makes sense.
There shouldn't be any business logic change in this commit.
* Add deadline information to tx publication
When a channel is force-closed, we tell the `TxPublisher` the block before
which the transaction should be confirmed. Then it will be up to the
`TxPublisher` to set the feerate appropriately and fee-bump whenever
it becomes necessary.
* Evaluate feerate at tx broadcast time
We previously evaluated the feerate when we issued the command to publish
a transaction. However, the transaction may actually be published many
blocks later (especially for HTLC-timeout transactions, for which we may
issue commands long before the timeout has been reached).
We change the command to include the deadline, and evaluate the
feerate to meet that deadline when we're ready to broadcast a valid
transaction.
* Retry conflicting replaceable transactions
We should retry replaceable transactions whenever we find a conflict in
the mempool: as we get closer to the deadline, we will try higher fees.
This ensures we either succeed in replacing the mempool transaction, or
it gets confirmed before the deadline, which is good as well.
In particular, this handles the case where we restart our node. The mempool
conflict can be a transaction that we submitted ourselves, but we've
lost the context in the restart. We want to keep increasing the fees of
that transaction as we get closer to the deadline, so we need this retry
mechanism.
* Regularly bump transaction fees
Once we've published a first version of a replaceable transaction, at every
new block we evaluate whether we should RBF it.
When we choose to RBF, we try to reuse the previous wallet inputs and
simply lower the change amount. When that's not possible, we ask bitcoind
to add more wallet inputs.
