mirror of
https://github.com/lightningdevkit/rust-lightning.git
synced 2025-02-25 07:17:40 +01:00
Matt Corallo
GitHub
commit
f53d13bcb8
5 changed files with 77 additions and 22 deletions
|
|
@ -745,9 +745,13 @@ pub const COMMITMENT_TX_WEIGHT_PER_HTLC: u64 = 172;
|
|||
|
||||
pub const ANCHOR_OUTPUT_VALUE_SATOSHI: u64 = 330;
|
||||
|
||||
/// Maximum `funding_satoshis` value, according to the BOLT #2 specification
|
||||
/// it's 2^24.
|
||||
pub const MAX_FUNDING_SATOSHIS: u64 = 1 << 24;
|
||||
/// Maximum `funding_satoshis` value according to the BOLT #2 specification, if
|
||||
/// `option_support_large_channel` (aka wumbo channels) is not supported.
|
||||
/// It's 2^24 - 1.
|
||||
pub const MAX_FUNDING_SATOSHIS_NO_WUMBO: u64 = (1 << 24) - 1;
|
||||
|
||||
/// Total bitcoin supply in satoshis.
|
||||
pub const TOTAL_BITCOIN_SUPPLY_SATOSHIS: u64 = 21_000_000 * 1_0000_0000;
|
||||
|
||||
/// The maximum network dust limit for standard script formats. This currently represents the
|
||||
/// minimum output value for a P2SH output before Bitcoin Core 22 considers the entire
|
||||
|
|
@ -861,8 +865,11 @@ impl<Signer: Sign> Channel<Signer> {
|
|||
let holder_signer = keys_provider.get_channel_signer(false, channel_value_satoshis);
|
||||
let pubkeys = holder_signer.pubkeys().clone();
|
||||
|
||||
if channel_value_satoshis >= MAX_FUNDING_SATOSHIS {
|
||||
return Err(APIError::APIMisuseError{err: format!("funding_value must be smaller than {}, it was {}", MAX_FUNDING_SATOSHIS, channel_value_satoshis)});
|
||||
if !their_features.supports_wumbo() && channel_value_satoshis > MAX_FUNDING_SATOSHIS_NO_WUMBO {
|
||||
return Err(APIError::APIMisuseError{err: format!("funding_value must not exceed {}, it was {}", MAX_FUNDING_SATOSHIS_NO_WUMBO, channel_value_satoshis)});
|
||||
}
|
||||
if channel_value_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
|
||||
return Err(APIError::APIMisuseError{err: format!("funding_value must be smaller than the total bitcoin supply, it was {}", channel_value_satoshis)});
|
||||
}
|
||||
let channel_value_msat = channel_value_satoshis * 1000;
|
||||
if push_msat > channel_value_msat {
|
||||
|
|
@ -1087,8 +1094,11 @@ impl<Signer: Sign> Channel<Signer> {
|
|||
}
|
||||
|
||||
// Check sanity of message fields:
|
||||
if msg.funding_satoshis >= MAX_FUNDING_SATOSHIS {
|
||||
return Err(ChannelError::Close(format!("Funding must be smaller than {}. It was {}", MAX_FUNDING_SATOSHIS, msg.funding_satoshis)));
|
||||
if msg.funding_satoshis > config.peer_channel_config_limits.max_funding_satoshis {
|
||||
return Err(ChannelError::Close(format!("Per our config, funding must be at most {}. It was {}", config.peer_channel_config_limits.max_funding_satoshis, msg.funding_satoshis)));
|
||||
}
|
||||
if msg.funding_satoshis >= TOTAL_BITCOIN_SUPPLY_SATOSHIS {
|
||||
return Err(ChannelError::Close(format!("Funding must be smaller than the total bitcoin supply. It was {}", msg.funding_satoshis)));
|
||||
}
|
||||
if msg.channel_reserve_satoshis > msg.funding_satoshis {
|
||||
return Err(ChannelError::Close(format!("Bogus channel_reserve_satoshis ({}). Must be not greater than funding_satoshis: {}", msg.channel_reserve_satoshis, msg.funding_satoshis)));
|
||||
|
|
@ -4120,7 +4130,7 @@ impl<Signer: Sign> Channel<Signer> {
|
|||
if !self.pending_inbound_htlcs.is_empty() || !self.pending_outbound_htlcs.is_empty() {
|
||||
return Err(ChannelError::Close("Remote end sent us a closing_signed while there were still pending HTLCs".to_owned()));
|
||||
}
|
||||
if msg.fee_satoshis > 21_000_000 * 1_0000_0000 { //this is required to stop potential overflow in build_closing_transaction
|
||||
if msg.fee_satoshis > TOTAL_BITCOIN_SUPPLY_SATOSHIS { // this is required to stop potential overflow in build_closing_transaction
|
||||
return Err(ChannelError::Close("Remote tried to send us a closing tx with > 21 million BTC fee".to_owned()));
|
||||
}
|
||||
|
||||
|
|
@ -6327,7 +6337,7 @@ mod tests {
|
|||
use ln::PaymentHash;
|
||||
use ln::channelmanager::{HTLCSource, PaymentId};
|
||||
use ln::channel::{Channel, InboundHTLCOutput, OutboundHTLCOutput, InboundHTLCState, OutboundHTLCState, HTLCCandidate, HTLCInitiator};
|
||||
use ln::channel::MAX_FUNDING_SATOSHIS;
|
||||
use ln::channel::{MAX_FUNDING_SATOSHIS_NO_WUMBO, TOTAL_BITCOIN_SUPPLY_SATOSHIS};
|
||||
use ln::features::InitFeatures;
|
||||
use ln::msgs::{ChannelUpdate, DataLossProtect, DecodeError, OptionalField, UnsignedChannelUpdate};
|
||||
use ln::script::ShutdownScript;
|
||||
|
|
@ -6363,9 +6373,10 @@ mod tests {
|
|||
}
|
||||
|
||||
#[test]
|
||||
fn test_max_funding_satoshis() {
|
||||
assert!(MAX_FUNDING_SATOSHIS <= 21_000_000 * 100_000_000,
|
||||
"MAX_FUNDING_SATOSHIS is greater than all satoshis in existence");
|
||||
fn test_max_funding_satoshis_no_wumbo() {
|
||||
assert_eq!(TOTAL_BITCOIN_SUPPLY_SATOSHIS, 21_000_000 * 100_000_000);
|
||||
assert!(MAX_FUNDING_SATOSHIS_NO_WUMBO <= TOTAL_BITCOIN_SUPPLY_SATOSHIS,
|
||||
"MAX_FUNDING_SATOSHIS_NO_WUMBO is greater than all satoshis in existence");
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
|
|||
|
|
@ -1516,8 +1516,6 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
|
|||
///
|
||||
/// Non-proportional fees are fixed according to our risk using the provided fee estimator.
|
||||
///
|
||||
/// panics if channel_value_satoshis is >= `MAX_FUNDING_SATOSHIS`!
|
||||
///
|
||||
/// Users need to notify the new ChannelManager when a new block is connected or
|
||||
/// disconnected using its `block_connected` and `block_disconnected` methods, starting
|
||||
/// from after `params.latest_hash`.
|
||||
|
|
|
|||
|
|
@ -137,7 +137,7 @@ mod sealed {
|
|||
// Byte 1
|
||||
,
|
||||
// Byte 2
|
||||
BasicMPP,
|
||||
BasicMPP | Wumbo,
|
||||
// Byte 3
|
||||
ShutdownAnySegwit,
|
||||
// Byte 4
|
||||
|
|
@ -169,7 +169,7 @@ mod sealed {
|
|||
// Byte 1
|
||||
,
|
||||
// Byte 2
|
||||
BasicMPP,
|
||||
BasicMPP | Wumbo,
|
||||
// Byte 3
|
||||
ShutdownAnySegwit,
|
||||
// Byte 4
|
||||
|
|
@ -390,6 +390,9 @@ mod sealed {
|
|||
define_feature!(17, BasicMPP, [InitContext, NodeContext, InvoiceContext],
|
||||
"Feature flags for `basic_mpp`.", set_basic_mpp_optional, set_basic_mpp_required,
|
||||
supports_basic_mpp, requires_basic_mpp);
|
||||
define_feature!(19, Wumbo, [InitContext, NodeContext],
|
||||
"Feature flags for `option_support_large_channel` (aka wumbo channels).", set_wumbo_optional, set_wumbo_required,
|
||||
supports_wumbo, requires_wumbo);
|
||||
define_feature!(27, ShutdownAnySegwit, [InitContext, NodeContext],
|
||||
"Feature flags for `opt_shutdown_anysegwit`.", set_shutdown_any_segwit_optional,
|
||||
set_shutdown_any_segwit_required, supports_shutdown_anysegwit, requires_shutdown_anysegwit);
|
||||
|
|
@ -740,6 +743,15 @@ impl<T: sealed::ShutdownAnySegwit> Features<T> {
|
|||
self
|
||||
}
|
||||
}
|
||||
|
||||
impl<T: sealed::Wumbo> Features<T> {
|
||||
#[cfg(test)]
|
||||
pub(crate) fn clear_wumbo(mut self) -> Self {
|
||||
<T as sealed::Wumbo>::clear_bits(&mut self.flags);
|
||||
self
|
||||
}
|
||||
}
|
||||
|
||||
macro_rules! impl_feature_len_prefixed_write {
|
||||
($features: ident) => {
|
||||
impl Writeable for $features {
|
||||
|
|
@ -843,6 +855,11 @@ mod tests {
|
|||
assert!(!InitFeatures::known().requires_scid_privacy());
|
||||
assert!(!NodeFeatures::known().requires_scid_privacy());
|
||||
|
||||
assert!(InitFeatures::known().supports_wumbo());
|
||||
assert!(NodeFeatures::known().supports_wumbo());
|
||||
assert!(!InitFeatures::known().requires_wumbo());
|
||||
assert!(!NodeFeatures::known().requires_wumbo());
|
||||
|
||||
let mut init_features = InitFeatures::known();
|
||||
assert!(init_features.initial_routing_sync());
|
||||
init_features.clear_initial_routing_sync();
|
||||
|
|
@ -878,14 +895,14 @@ mod tests {
|
|||
// Check that the flags are as expected:
|
||||
// - option_data_loss_protect
|
||||
// - var_onion_optin (req) | static_remote_key (req) | payment_secret(req)
|
||||
// - basic_mpp
|
||||
// - basic_mpp | wumbo
|
||||
// - opt_shutdown_anysegwit
|
||||
// -
|
||||
// - option_channel_type | option_scid_alias
|
||||
assert_eq!(node_features.flags.len(), 6);
|
||||
assert_eq!(node_features.flags[0], 0b00000010);
|
||||
assert_eq!(node_features.flags[1], 0b01010001);
|
||||
assert_eq!(node_features.flags[2], 0b00000010);
|
||||
assert_eq!(node_features.flags[2], 0b00001010);
|
||||
assert_eq!(node_features.flags[3], 0b00001000);
|
||||
assert_eq!(node_features.flags[4], 0b00000000);
|
||||
assert_eq!(node_features.flags[5], 0b10100000);
|
||||
|
|
|
|||
|
|
@ -58,9 +58,12 @@ use ln::chan_utils::CommitmentTransaction;
|
|||
#[test]
|
||||
fn test_insane_channel_opens() {
|
||||
// Stand up a network of 2 nodes
|
||||
use ln::channel::TOTAL_BITCOIN_SUPPLY_SATOSHIS;
|
||||
let mut cfg = UserConfig::default();
|
||||
cfg.peer_channel_config_limits.max_funding_satoshis = TOTAL_BITCOIN_SUPPLY_SATOSHIS + 1;
|
||||
let chanmon_cfgs = create_chanmon_cfgs(2);
|
||||
let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
|
||||
let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
|
||||
let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, Some(cfg)]);
|
||||
let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
|
||||
|
||||
// Instantiate channel parameters where we push the maximum msats given our
|
||||
|
|
@ -92,11 +95,11 @@ fn test_insane_channel_opens() {
|
|||
} else { assert!(false); }
|
||||
};
|
||||
|
||||
use ln::channel::MAX_FUNDING_SATOSHIS;
|
||||
use ln::channelmanager::MAX_LOCAL_BREAKDOWN_TIMEOUT;
|
||||
|
||||
// Test all mutations that would make the channel open message insane
|
||||
insane_open_helper(format!("Funding must be smaller than {}. It was {}", MAX_FUNDING_SATOSHIS, MAX_FUNDING_SATOSHIS).as_str(), |mut msg| { msg.funding_satoshis = MAX_FUNDING_SATOSHIS; msg });
|
||||
insane_open_helper(format!("Per our config, funding must be at most {}. It was {}", TOTAL_BITCOIN_SUPPLY_SATOSHIS + 1, TOTAL_BITCOIN_SUPPLY_SATOSHIS + 2).as_str(), |mut msg| { msg.funding_satoshis = TOTAL_BITCOIN_SUPPLY_SATOSHIS + 2; msg });
|
||||
insane_open_helper(format!("Funding must be smaller than the total bitcoin supply. It was {}", TOTAL_BITCOIN_SUPPLY_SATOSHIS).as_str(), |mut msg| { msg.funding_satoshis = TOTAL_BITCOIN_SUPPLY_SATOSHIS; msg });
|
||||
|
||||
insane_open_helper("Bogus channel_reserve_satoshis", |mut msg| { msg.channel_reserve_satoshis = msg.funding_satoshis + 1; msg });
|
||||
|
||||
|
|
@ -113,6 +116,25 @@ fn test_insane_channel_opens() {
|
|||
insane_open_helper("max_accepted_htlcs was 484. It must not be larger than 483", |mut msg| { msg.max_accepted_htlcs = 484; msg });
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_funding_exceeds_no_wumbo_limit() {
|
||||
// Test that if a peer does not support wumbo channels, we'll refuse to open a wumbo channel to
|
||||
// them.
|
||||
use ln::channel::MAX_FUNDING_SATOSHIS_NO_WUMBO;
|
||||
let chanmon_cfgs = create_chanmon_cfgs(2);
|
||||
let mut node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
|
||||
node_cfgs[1].features = InitFeatures::known().clear_wumbo();
|
||||
let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
|
||||
let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
|
||||
|
||||
match nodes[0].node.create_channel(nodes[1].node.get_our_node_id(), MAX_FUNDING_SATOSHIS_NO_WUMBO + 1, 0, 42, None) {
|
||||
Err(APIError::APIMisuseError { err }) => {
|
||||
assert_eq!(format!("funding_value must not exceed {}, it was {}", MAX_FUNDING_SATOSHIS_NO_WUMBO, MAX_FUNDING_SATOSHIS_NO_WUMBO + 1), err);
|
||||
},
|
||||
_ => panic!()
|
||||
}
|
||||
}
|
||||
|
||||
fn do_test_counterparty_no_reserve(send_from_initiator: bool) {
|
||||
// A peer providing a channel_reserve_satoshis of 0 (or less than our dust limit) is insecure,
|
||||
// but only for them. Because some LSPs do it with some level of trust of the clients (for a
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@
|
|||
//! Various user-configurable channel limits and settings which ChannelManager
|
||||
//! applies for you.
|
||||
|
||||
use ln::channel::MAX_FUNDING_SATOSHIS_NO_WUMBO;
|
||||
use ln::channelmanager::{BREAKDOWN_TIMEOUT, MAX_LOCAL_BREAKDOWN_TIMEOUT};
|
||||
|
||||
/// Configuration we set when applicable.
|
||||
|
|
@ -95,11 +96,16 @@ impl Default for ChannelHandshakeConfig {
|
|||
/// are applied mostly only to incoming channels that's not much of a problem.
|
||||
#[derive(Copy, Clone, Debug)]
|
||||
pub struct ChannelHandshakeLimits {
|
||||
/// Minimum allowed satoshis when a channel is funded, this is supplied by the sender and so
|
||||
/// Minimum allowed satoshis when a channel is funded. This is supplied by the sender and so
|
||||
/// only applies to inbound channels.
|
||||
///
|
||||
/// Default value: 0.
|
||||
pub min_funding_satoshis: u64,
|
||||
/// Maximum allowed satoshis when a channel is funded. This is supplied by the sender and so
|
||||
/// only applies to inbound channels.
|
||||
///
|
||||
/// Default value: 2^24 - 1.
|
||||
pub max_funding_satoshis: u64,
|
||||
/// The remote node sets a limit on the minimum size of HTLCs we can send to them. This allows
|
||||
/// you to limit the maximum minimum-size they can require.
|
||||
///
|
||||
|
|
@ -151,6 +157,7 @@ impl Default for ChannelHandshakeLimits {
|
|||
fn default() -> Self {
|
||||
ChannelHandshakeLimits {
|
||||
min_funding_satoshis: 0,
|
||||
max_funding_satoshis: MAX_FUNDING_SATOSHIS_NO_WUMBO,
|
||||
max_htlc_minimum_msat: <u64>::max_value(),
|
||||
min_max_htlc_value_in_flight_msat: 0,
|
||||
max_channel_reserve_satoshis: <u64>::max_value(),
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue