experimental: dual-funding (II of IV) #3122
Conversation
| @@ -628,36 +629,23 @@ static void json_add_channel(struct lightningd *ld, | |||
| response, "private", | |||
| !(channel->channel_flags & CHANNEL_FLAGS_ANNOUNCE_CHANNEL)); | |||
|
|
|||
| // FIXME @conscott : Modify this when dual-funded channels | |||
|
Locks good 👍 Minor nits, Withdraw funds tx has change output set to zero, all funds gone to miner fees, then crash exit with , if full node excepts high fees Try to withdraw send 123456 sats at 2500perkw, from a 5,4321 BTC wallet Miner say's thanks ... 💰 |
niftynei
changed the title
|
|
openingd/openingd.c
Outdated
| @@ -113,6 +113,15 @@ struct state { | |||
| u32 feerate_per_kw_funding; | |||
| }; | |||
|
|
|||
| static struct amount_sat total_funding(struct state *state) | |||
There was a problem hiding this comment.
const struct state *state. ABC: Always Be Const.
openingd/openingd.c
Outdated
| { | ||
| struct amount_sat total; | ||
| assert(amount_sat_add(&total, state->opener_funding, | ||
| state->accepter_funding)); |
There was a problem hiding this comment.
it's a bad habit to wrap active code in assert(), because if you define NDEBUG, assert() vanishes along with its contents.
prefer a simple if(!xxx) abort(); or status_failed().
| @@ -1350,7 +1355,8 @@ static u8 *handle_master_in(struct state *state) | |||
| if (!fromwire_opening_funder_start(msg, &state->funding, | |||
| &state->push_msat, | |||
| &state->feerate_per_kw, | |||
| &channel_flags)) | |||
| &channel_flags, | |||
| &state->use_v2)) | |||
There was a problem hiding this comment.
For the benefit of the next patch, we should init accepter_funding to AMOUNT_SAT(0) if !use_v2.
| "Cannot fund a v2 channel with external tx.", | ||
| type_to_string(tmpctx, struct bitcoin_txid, funding_txid), | ||
| funding_txout); | ||
| tx = utx->tx; |
There was a problem hiding this comment.
Yech. We were too soon with fundchannel_start API, it seems :(
|
Partial review: ack 51d903f |
If we can't broadcast the transaction, we free the utx anyway. You're going to have to start over regardless.
Previously we've used the term 'funder' to refer to the peer paying the fees for a transaction; v2 of openchannel will make this no longer true. Instead we rename this to 'opener', or the peer sending the 'open_channel' message, since this will be universally true in a dual-funding world.
plus tests, with some of the corruption tests taken out, since it crashes. will be re-enabled in the next commit.
Since wires can now have TLVs, we need to change up the truncation check to account for the fact that truncated TLVs are kosher.
lightningd/opening_control.c
Outdated
| @@ -736,14 +741,22 @@ static void opening_fundee_finished(struct subd *openingd, | |||
| goto failed; | |||
| } | |||
|
|
|||
| assert(amount_sat_add(&total_funding, opener_funding, accepter_funding)); | |||
There was a problem hiding this comment.
this needs to be moved to a fail/abort also
we need a way to tell openingd to use v2 for channel open.
We've now got two amounts we need to keep track of: the opener's funding and the accpeter's. We add a utlity to help keep track of the full funding. Also wires in the calls for open/accept v2 for when we're the opener.
so we can refer to it later when doing 'complete' things
for v2 we need to know the inputs/outputs of the transaction so we look them up. there's more problems here that we need to unwind still: figuring out which the funding output is plus how to handle change.
going to need to re-use this later.
We're not using the change_outnum for withdraw tx's (and the way we were calculating it was broken as of the addition of 'multiple outputs'). This removes the change output knowhow from withdraw_tx entirely, and pushes the responsibility up to the caller to include the change output in the output set if desired. Consequently, we also remove the change output knowhow from hsmd.
Make it such that we can include other inputs on a transaction, sort them, and sign the ones we need. We're going to need this for dual-funded transactions.
pull up output parser into reusable method
Function and helpers for making a dual funded funding tx
Update some assumtions of wallet_commit_channel to better take the dual-funded reality into account
dual funding needs an output who's value is set to zero in order to correctly specify change for the opener. this modifies txprepare to allow for generating such an output
allows us to use them in wire definitions other than where they are defined.
We'll need it to represent to user in `listpeers`
Allow the utxo object to bear the scriptSig as well; also fixes broken scriptPubkey parsing on utxo
We need the change amount to be correct when we send the tx, so we save the change amount and pipe it through.
method plus wire calls
Allow openingd to call hmsd for dual_funding tx's (accepter flow)
When we're the accepter, we need to be able to tell a plugin hook what the total available sats we have for an open channel offer. This new wallet method will calculate the total amount of sats we have available, based on our top X highest valued utxos.
Update fundchannel to correctly update the txid for txsend and to know whether or not we're using v2 (needed for knowing whether or not to use the zero_output flag)
Calculate the correct funding amounts to display for dual funded channels.
Send info that we need for doing the right thing in the openchannel plugin back to opening_control
Implements accepter side of df
Adds fields that are only relevant for v2 of openchannel protocol to the openchannel hook.
Add documentation for new openchannel fields to doc/PLUGINS.md
There was a problem hiding this comment.
Some minor cleanups, but I'd like this in for -rc1 please!
Ack db88f68
| input_weight += inputs[i]->max_witness_len; | ||
| weight += input_weight; | ||
|
|
||
| assert(amount_sat_add(total, *total, inputs[i]->input_satoshis)); |
There was a problem hiding this comment.
Not assert(): see previous "no code inside assert()" advice.
But what if they were to get a tx through to us claiming BIGNUM satoshis incoming? You need to be explicit and return bool here, all the way through the callchain.
| for (i = 0; i < tal_count(outputs); i++) { | ||
| if (amount_sat_eq(outputs[i]->output_satoshis, AMOUNT_SAT(0))) | ||
| return outputs[i]; | ||
| } |
There was a problem hiding this comment.
And if they were to give us a 0-value output? That's certainly possible...
There was a problem hiding this comment.
are 🤔OP_RETURN outputs zero-value?
The way that the 'change' output is specified is via a zero-value output in the opener's change set; it's specified in the spec.
| struct amount_sat total = AMOUNT_SAT(0); | ||
|
|
||
| for (i = 0; i < tal_count(outputs); i++) { | ||
| assert(amount_sat_add(&total, total, outputs[i]->output_satoshis)); |
There was a problem hiding this comment.
Definitely needs to hand back the failure...
| } | ||
| } | ||
|
|
||
| struct bitcoin_tx *dual_funding_funding_tx(const tal_t *ctx, |
There was a problem hiding this comment.
I think this is missing a few BOLT quotes, too. That way if the spec changes, you will get a hint as to where to change things.
| @@ -5,6 +5,9 @@ | |||
| #include <ccan/short_types/short_types.h> | |||
| #include <ccan/tal/tal.h> | |||
| #include <common/amount.h> | |||
| #if EXPERIMENTAL_FEATURES | |||
| #include <wire/gen_peer_wire.h> | |||
| #endif /* EXPERIMENTAL_FEATURES */ | |||
There was a problem hiding this comment.
Don't need #if around includes (do we?)
| @@ -179,6 +179,7 @@ static struct command_result *json_prepare_tx(struct command *cmd, | |||
| u32 *feerate_per_kw = NULL; | |||
| struct command_result *result; | |||
| u32 *minconf, maxheight; | |||
| bool *zero_out_change = NULL; | |||
There was a problem hiding this comment.
Don't need to initialize?
|
|
||
| changekey = tal(tmpctx, struct pubkey); | ||
| if (!bip32_pubkey(cmd->ld->wallet->bip32_base, changekey, | ||
| (*utx)->wtx->change_key_index)) | ||
| return command_fail(cmd, LIGHTNINGD, "Keys generation failure"); | ||
|
|
||
| change_output = new_tx_output(outputs, (*utx)->wtx->change, | ||
|
|
||
| if (zero_out_change && *zero_out_change) |
There was a problem hiding this comment.
zero_out_change will be non-NULL, since you used p_opt_def().
| @@ -477,6 +477,7 @@ static struct migration dbmigrations[] = { | |||
| ");"), NULL}, | |||
| {SQL("ALTER TABLE channels ADD shutdown_scriptpubkey_local BLOB;"), | |||
| NULL}, | |||
| {SQL("ALTER TABLE channels ADD COLUMN our_funding_satoshi INTEGER;"), NULL}, | |||
There was a problem hiding this comment.
Should we initialize it to one of the other fields? Or is the null value a special flag indicating a v1 channel? (If so, a comment here would be great).
wallet/wallet.c
Outdated
| available = sorted_confirmed_utxos(NULL, w, output_state_available); | ||
|
|
||
| *sat = AMOUNT_SAT(0); | ||
| /* Mark them all as reserved and sum up total */ |
There was a problem hiding this comment.
I can't see us marking them as reserved here?
There was a problem hiding this comment.
this comment was made in error, it's been removed. :D
| @@ -344,6 +344,8 @@ static void funding_started_success(struct funding_channel *fc, | |||
| json_add_hex_talarr(response, "scriptpubkey", scriptPubkey); | |||
| } | |||
|
|
|||
| json_add_string(response, "open_channel_version", fc->is_v2 ? "2" : "1"); | |||
There was a problem hiding this comment.
json_add_number perhaps?
first pass at implementing dual-funding. working, but has some bugs.
32e6a29..c6ee3d5 are also in #3121. For best results, it's suggested that reviewers begin at 09d5125.
RFC specification can be found at lightning/bolts#524