Add support for variable-length onion payloads at the Sphinx (cryptographic) layer.
This is currently unused as we keep using the legacy format by default (this will be changed in a later commit).
This commit also refactors quite heavily the Sphinx file.
When we want to fulfill an HTLC but the upstream peer is unresponsive, we must close the channel if we get too close to the HTLC timeout on their side.
Otherwise we risk an on-chain race condition between our HTLC success transaction and their HTLC timeout transaction, which could result in a loss of funds.
This PR adds support for truncated integers as defined in the spec.
The test vectors are updated to include all test vectors from rusty's spec PR.
It also provides many changes to the tlv and tlv stream classes:
- The tlv trait doesn't need a type field, the codec should handle that
- A TLV stream should be scoped to a specific subtrait of tlv
- Stream validation is done inside the codec instead of the tlv stream: it makes it more convenient for application layers to create tlv streams and manipulate them
All the data contained in `node_announcement`, `channel_announcement`
and `channel_update` is to be included in the signature, including
unknown trailing fields. We were ignoring them, causing signature
verification to fail when there was unknown fields.
In the case of `channel_update` there is a backward compatibility issue
to handle, because when persisting channel data in state `NORMAL`, we
used to store the `channel_update` followed by other data, and without
prefixing it with size information.
To work around that we use the same trick as before, based on an
additional discriminator codec.
* connect immediately on restart, then wait
This is to allow herd effect when we restart the app and have numerous
peers.
Also removed the unnecessary transition and cleaned up delay
computation.
* always reconnect immediately when disconnected
Whether we go to this state from startup, or after getting disconnected.
It makes the transition logic simpler, and the potential herd effect at
startup is inevitable anyway since our peers will try to reconnect too.
* add randomization when reconnecting
* randomize delay for first reconnection attempt after startup
* make some parameters configurable
If we are fundee and after 5 days the funding isn't even in the mempool,
then we give up waiting and consider the channel closed. Note that if
the funding tx stays unconfirmed forever we won't give up waiting.
If we are funder, we never give up until the funding tx is double spent,
and we periodically republish it.
This applies to states `WAIT_FOR_FUNDING_CONFIRMED` and `CLOSING` (and
also `OFFLINE`/`SYNCING` when underlying state is
`WAIT_FOR_FUNDING_CONFIRMED`).
Also, added a generic way of passing context to `ElectrumClient`
requests/responses.
Fixes#1029.
TLV (tag-length-value) types and TLV streams have been defined in the following spec PR: https://github.com/lightningnetwork/lightning-rfc/pull/607
New Lightning Messages should use TLV extensively instead of ad-hoc per-message encoding. This also allows ignoring unknown odd TLV types, which lets implementers safely test new features on mainnet without impacting legacy nodes. It also allows type re-use which speeds up new features development.
Also cleaned-up and refactored common codecs.
Currently balances can be obtained from `channels` call but this requires a lot of work on caller side and also some specific knowledge (reserves, commit tx fee, in-flight payments), so this new `balances` endpoint only returns a correct balance info for each channel.
In the event when we receive an unexpected message, the `Peer` was just logging a warning and not sending an `Ack` to the `TransportHandler`. This resulted in a stuck connection, because no more data was read on the connection.
Fixes#1037.
It turns out that performance gains of the cached codec are not that
great, and they come at a cost of significant pressure on the GC. In
other words: premature optimization.
When removed, the heap usage becomes very stable, which is much better
than hypothetical performance gains.
Fixes#1031.
* use 64B representation instead of DER for sigs
It is more compact, and as an added bonus it frees us from the
completely unrelated Bitcoin-specific `0x01` trailing sig hash.
Note that we already used the 64B representation for storage everywhere,
except in `ChannelCodecs.htlcTxAndSigsCodec`, which required a backward
compatibility codec. Added a nonreg test for this.
* Use updated secp256k1 JNI bindings
* Replace scalar with private key and point with public key
We now use the simplified/unified design proposed in bitcoin-lib where:
- there are no more specific types for scalar/point
- private and public keys are compressed unless explicitly requested
* Generate and use 32 bytes seeds (and not 33)
We used serialized random private keys which were represented a 33 bytes (with a 01 suffix).
Using random 32 bytes values is more consistent.
We must make sure that upgraded apps that already have a 33 bytes seed will still generate the same secrets, which is why LocalKeyManager still uses the 01 suffix when needed
We store `CMD_FULFILL_HTLC`/`CMD_FAIL_HTLC`/`CMD_FAIL_MALFORMED_HTLC` in
a database (see `CommandBuffer`) because we don't want to lose
preimages, or to forget to fail incoming htlcs, which would lead to
unwanted channel closings.
But we currently only clean up this database on success, and because of
the way our watcher works, in a scenario where a downstream channel has
gone to the blockchain, it may send several times the same command. Only
the first one will be acked and cleaned up by the upstream channel,
causing the remaining commands to stay forever in the "pending relay
db".
With this change we clean up the commands when they fail too.
We also clean up the pending relay db on startup.
If the closing type is known:
- there is no need to watch the funding tx because it has already
been spent and the spending tx has already reached min_depth
- there is no need to attempt to publish transactions for other
type of closes.
* differentiate current/next remote close
We can still match on the trait `RemoteClose` if we don't need that
level of precision.
* Use node announcements as fallback to load peer addresses during startup
* Add NetworkDb.getNode to retrieve a node_announcement by nodeId
* When connecting to a peer use node_announcement as fallback for its IP address
* Support connection to peer via pubKey
* Increase finite max of exponential backoff time to 1h.
* Add peer disconnect API call
This only happens when we are fundee. We *could* have some funds at
stake if there was a non-zero `push_msat`, but we already allows 5 days
for the funding tx to confirm so the best option is probably to forget
about the channel.
When relaying a payment, we look in the onion to find the next
`shortChannelId`. But we may choose a different channel (to the same
node), because the requested channel may not have enough balance, of for
some other reasons, as permitted by the spec.
Currently we limit ourselves to only two attempts: one with a
"preferred" channel, and one with the originally requested channel if is
different from the preferred one. This has drawbacks, because if we have
multiple channels to the same node, we may not be able to relay a
payment if the "preferred" channel is currently unavailable (e.g.
because of an htlc in-flight value that is too high).
We now retry as many times as there are available channels, in our order
of preference, and if all fail, then we return a failure message for the
originally requested channel.
`Globals.feeratePerKB` is an atomic reference initialized to `null` and
is asynchronously set by the fee provider only once it's ready. This
means that it is possible to retrieve a null object from feeratePerKB,
scenario that must be handled separately to prevent any issues.
This commit now initialize `Globals.feeratePerKB` with the default
values set in the configuration file. This makes sure that the
feerate is always set to a meaningful value.
It was obsole since
068b0bccf9.
Note that we use a signed long, but it doesn't matter since 2^64
milli-satoshis is greater than the total number of bitcoins.
* Electrum: update mainnet and testnet servers list
* Electrum: request missing history transactions on reconnect
Upon connection/reconnection, ask for transactions that are included in our history but
which we don't have and don't have a pending request for.
* Electrum: add disconnect/reconnect tests
Simulate disconnections and check that wallet eventually gets it history and transactions.
* Add /sendtoroute API and functionality
* Do not use extractor pattern in PaymentLifecycle::SendPaymentToRoute
* /sendtoroute: support route parameter as comma separated list
* Add test for 'sendtoroute' in EclairImplSpec
* /payinvoice: assert the override amount is being used in the invoice
* /updaterelayfee: assert the values passed through the API call are forwarder to EclairImpl
* 'receive' API: test for fallback address usage and parameters passing
* 'close' API: test for parameters handling
* 'networkFees': test for default parameters
* Add test dependency mockito-scala, rewrite a test using the mock framework
* Factor out query filter parsing in EclairImpl, Add test for networkFees/audit/allinvoice
* Move getDefaultTimestampFilters in companion object, group together EclairImpl-scoped classes
