Commit graph

1000 commits

Author SHA1 Message Date
Matt Corallo
487452fa97
Merge pull request #368 from TheBlueMatt/2019-07-travis-fix
Fix travis failure if previous travis run on branch failed to build
2019-07-30 18:26:11 +00:00
Matt Corallo
347f5bfc4c Fix travis failure if previous travis run on branch failed to build 2019-07-30 13:41:12 -04:00
Antoine Riard
2869e50d67 Support option_data_loss_protect for remote peer
In case of sending channel_reestablish message, we join
our current per_commitment_point and their highest revocation
secret we know about

We set data_loss_protect by default and adjust encoding_init
test in consequence
2019-07-30 00:38:20 -04:00
Matt Corallo
283d40f2e4
Merge pull request #364 from TheBlueMatt/2019-07-no-unimpl
Implement the last three (relevant) unimplemented()s in ChannelManager
2019-07-29 19:20:35 +00:00
Matt Corallo
20bd2b142d
Merge pull request #366 from TheBlueMatt/2019-07-useless-todo-removal
Drop some useless TODO messages to clean things up pre-0.1
2019-07-29 17:48:42 +00:00
Matt Corallo
8ba3529522 Handle monitor update failure during funding on the fundee side
This carries a surprising amount of complexity despite only being
possible in the case where monitor updating failed during the
processing of funding_generated. Specifically, this requires
handling rebroadcasting funding_locked once we successfully persist
our monitor again.

As an alternative we could never send funding_signed when the
monitor failed to persist, but this approach avoids needless
delays during funding.
2019-07-29 13:45:35 -04:00
Matt Corallo
b27f788e91 Allow a counterparty to resend their funding_locked before ours 2019-07-29 13:44:47 -04:00
Matt Corallo
a1e0ca410e Handle monitor update failures during funding on the funder side 2019-07-29 13:26:22 -04:00
Matt Corallo
e5c8f05891 Make temporary channel ids unique in full_stack_target
This avoids a crash where a channel with a duplicate id is created
immediately after another is closed, where the other still has a
pending funding generation event. Resulting in funding generation
being passed to the wrong channel (which isn't in an appropriate
state).
2019-07-29 12:51:33 -04:00
Matt Corallo
ce6f561485 Drop TODO suggesting we avoid a test-only function to get chan keys
It suggested figuring something else out after #81, but the API we
settled on after #81 (which I think is just fine) doesn't allow for
anything cleaner, so this is fine as-is.
2019-07-27 20:50:51 -04:00
Matt Corallo
95dc2762ff Drop update_fee TODOs as we're gonna drop it before 0.1 anyway
See #365 for more.
2019-07-27 20:50:51 -04:00
Matt Corallo
2fd2fef796
Merge pull request #363 from TheBlueMatt/2019-07-codecov
Generate codecov.io reports
2019-07-25 21:34:16 +00:00
Matt Corallo
e14b9f07d3 Generate codecov.io reports 2019-07-25 16:59:20 -04:00
Matt Corallo
4d0993f0d4
Merge pull request #361 from TheBlueMatt/2019-07-cmfc-crash
Make chanmon_fail_consistency slightly less aggressive
2019-07-25 19:47:48 +00:00
Matt Corallo
4e81d8d74a
Merge pull request #362 from TheBlueMatt/2019-07-no-bogus-sec-required
Do not require upfront_shutdown as the security gain is marginal
2019-07-25 19:46:58 +00:00
Matt Corallo
c05e087c43 Do not require upfront_shutdown as the security gain is marginal
There is really no reason to want to never open a channel just
because a counterparty doesn't support upfront_shutdown.
2019-07-25 14:22:00 -04:00
Matt Corallo
a9aa3c37fe Make chanmon_fail_consistency slightly less aggressive
This resolves some crashes that both afl and honggfuzz found.
2019-07-25 11:30:53 -04:00
Matt Corallo
07e927c171
Merge pull request #360 from TheBlueMatt/2019-07-new-warnings
Fix unused variable introduced in my changes in bdbf5666a9
2019-07-24 22:38:34 +00:00
Matt Corallo
60bf1fe601
Merge pull request #355 from ariard/2019-07-fix-csv-delay-check-remote-htlc
Fix bug in check_spend_remote_htlc and let csv delays being user configurable
2019-07-24 22:33:20 +00:00
Antoine Riard
e78c25b605 Add test_user_configurable_csv_delay
Extend test_justice_tx with user-set csv delay to test that
we are able to claim revokeable outputs with different csv delay
between both peers.
2019-07-24 17:56:42 -04:00
Antoine Riard
7ebc0a9365 Add user configurable csv delay encumbering channel refund output,
within reasonable lower or upper bound

Add our_to_self_delay in Channel, to cache user config field at
channel construction.
2019-07-24 17:56:40 -04:00
Antoine Riard
3b09db80ea Move BREAKDOWN_TIMEOUT/MAX_LOCAL_BREAKDOWN_TIMEOUT in ChannelManager
Let these values being used as default ones in UserConfig.

Also, reduce them to something more reasonable, for BREAKDOWN_TIMEOUT
from 1 week to 1 day, for MAX_LOCAL_BREAKDOWN_TIMEOUT from 2 weeks
to 1.
2019-07-24 17:53:04 -04:00
Matt Corallo
1db907f47a Fix unused variable introduced in my changes in bdbf5666a9
The original was written by Tamas, but I made one small tweak and
broke the warning-free-ness of it.
2019-07-24 17:22:03 -04:00
Matt Corallo
19a0f8438d
Merge pull request #359 from rust-bitcoin/2019-07-bump-percentage
Bump progress tracker
2019-07-24 21:19:48 +00:00
Matt Corallo
3f557cb020
Merge pull request #356 from TheBlueMatt/2019-07-more-chanmon-fuzz
Add deserialize+load steps to chanmon_fail_consistency (fixes #327)
2019-07-24 21:19:39 +00:00
Matt Corallo
c779278bcf
Bump progress tracker
Honestly mostly cause we have progress on simplified_commitment in Core, but also our punishment transaction generation stuff is really coming along nicely.
2019-07-24 20:03:48 +00:00
Matt Corallo
38098ba657
Merge pull request #358 from TheBlueMatt/2019-07-no-unsafe
forbid unsafe
2019-07-24 19:47:44 +00:00
Matt Corallo
20efabdaa6 Add deserialize+load steps to chanmon_fail_consistency (fixes #327) 2019-07-24 15:31:29 -04:00
Tamas Blummer
bdbf5666a9 forbid unsafe 2019-07-24 15:12:15 -04:00
Antoine Riard
3f409a8903 Fix: use our_to_self_delay in check_spend_remote_htlc
We were previously using their_to_self_delay to regenerate scripts for
spending remote revoked htlc transactions, and that's a bug.

Their_to_self_delay is delay enforced by peer upon outputs returning
funds back to us.

Our_to_self_delay is delay enforced by us upon outputs returning funds
back to peer.
2019-07-23 16:23:34 -04:00
Matt Corallo
c2f72b9de3 Drop msgs bound for a disconnecting peer at disconnect time
This simplifies chanmon_fail_consistency greatly and makes it a
tiny bit more realistic. It also sets us up for more
disconnect-relatex events without the complexity blowing up.
2019-07-23 15:53:47 -04:00
Matt Corallo
2ca697aefa Fix some newly-introduced unused-$THING warnings 2019-07-23 15:52:20 -04:00
Matt Corallo
cd8f1de394
Merge pull request #353 from TheBlueMatt/2019-07-no-rand
Make rand a dev-dependency
2019-07-23 19:10:07 +00:00
Matt Corallo
bf7eeb1ec7 Make rand a dev-dep by having the user randomize HTLC forward delay
This removes the last calls to rand outside of test and moves the
dep to a dev-dependency, dropping our fuzz rng wrapper in the
process.
2019-07-23 14:29:56 -04:00
Matt Corallo
084ef28708 Stop using rng in peer_channel_encryptor to generate ephemeral keys
This removes the bulk of our reliance on the rand crate in non-test
envs, paving a way towards a syscall-less rust-lightning and WASM.
Since this is a breaking change for full_stack_target (and several
fuzz targets), go ahead and make other changes to make things more
distinct.
2019-07-23 14:29:56 -04:00
Matt Corallo
1650992ec2 Update commitment tx to match actual tx (dunno when it broke) 2019-07-23 14:29:56 -04:00
Matt Corallo
c50aa05231 Move travis fuzzing to 1.34.2 to get integer atomics 2019-07-23 14:29:56 -04:00
Matt Corallo
d9043b51bb Remove dangling link in fuzz/ 2019-07-23 14:29:56 -04:00
Matt Corallo
8f4e095e03 Drop rng and SystemTime calls from KeysManager
They were only used for ensuring generated keys were globally
unique (ie in case the user opened the same seed at a different
time, we need generated keys to be globally unique).

Instead, we let the user specify a time in secs/nanos, and provide
a precise meaning for the user to understand.
2019-07-23 14:29:53 -04:00
Matt Corallo
ef3e9dd704
Merge pull request #348 from ariard/2019-07-upfront-shutdown-script
Implement option_upfront_shutdown_script on both sides
2019-07-22 21:35:55 +00:00
Antoine Riard
504d9f59e9 Test option_upfront_shutdown_script 2019-07-22 17:03:28 -04:00
Antoine Riard
a4620afdb5 Pass UserConfig to node creation test utilities
We way want more granularity on the set of user opt-in features at
a given time, specially with new 1.1 spec features
2019-07-22 17:03:28 -04:00
Antoine Riard
d2647e0449 Pass LocalFeatures flag to channel creation test utilities
We may want more granularity on the set of features activated at
a given time, specially with new 1.1 spec features
2019-07-22 17:03:28 -04:00
Antoine Riard
4769b944de Implement option_upfront_shutdown_script user-side
We use user config to decide to commit to closing script
in open_channel/accept_channel messages. We don't check
that other peer supporting the option as including
script without other peer public support is borne by
the protocol. If user opt-out, following protocol and
due to the fact we always signal, we provide a zero-length
script
2019-07-22 17:03:28 -04:00
Antoine Riard
675cf4ac1d Support option_upfront_shutdown_script for local peer
Track shutdown_pubkey of peer at open/accept_channel messages

Fix encoding_init test
2019-07-22 17:03:00 -04:00
Antoine Riard
0052b2c5c3 Provide peer local_features to handle_open_channel/accept_channel
Peer may send us a shutdown_scriptpubkey in open_channel or
accept_channel messages. Before to enforce this policy on channel
closing, we want to be sure that our peer has opt-in to it.

Extend LocalFeatures new method visibilty from crate to public
for fuzz tests
2019-07-22 13:13:01 -04:00
Matt Corallo
8470e60415
Merge pull request #336 from ariard/2019-04-in-flight-txn-tracking-clean
2019 04 in flight txn tracking clean
2019-07-19 18:02:25 -04:00
Antoine Riard
757bcc2951 Implement dynamic height timer for bump candidates txn
We must adapt our delay between two bumps of claim txn in respect
to the timelock encumbering the targeted outpoint. If HTLC or
revoked output is near to expire, we should try to get our claim
in every block. If it's reasonably in the future, we may give us
more latency to bump
2019-07-19 17:31:27 -04:00
Antoine Riard
81cea88d38 Add in-flight claim-tx tracking
When we generate a justice tx, a htlc tx on remote commitment or
a htlc tx on local commitment we track them until first conf.
2019-07-19 17:21:00 -04:00
Antoine Riard
963f002056 Add more comments about timelock assumptions and security model
Rename HTLC_FAIL_ANTI_REORG_DELAY to ANTI_REORG_DELAY because
we are going to rely on it also to remove bump candidates outpoint
from tracker after claim get enough depth.

Rename HTLC_FAIL_TIMEOUT_BLOCKS to LATENCY_GRACE_PERIOD_BLOCKS because
it's carrying more meaningfully that we are doing a favor to our
peer instead of ruthlessly enforcing the contract.

CLTV_EXPIRY_DELTA should be > to LATENCY_GRACE_PERIOD_BLOCKS +
+CLTV_CLAIM_BUFFER + ANTI_REORG_DELAY + LATENCY_GRACE_PERIOD_BLOCKS
When we reached height + LATENCY_GRACE_PERIOD_BLOCKS and we have pending
unsolved outbound HTLC, we fail onchain with
our local commitment tx. At this point we expect to get in chain in a
worst-case delay of CLTV_CLAIM_BUFFER. When our HTLC-timeout is
confirmed with ANTI_REORG_DELAY we may safely fail backward the
corresponding inbound output.
2019-07-19 17:19:46 -04:00