Enable 0conf and 0reserve on channels with trusted peers

[tankyleo]

No description provided.

[ldk-reviews-bot]

👋 Thanks for assigning @tnull as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[tankyleo]

• For now, we restrict the API to a single list of "trusted peers", and for all the peers on that list, we'll accept 0-conf and 0-reserve channels from them, and open 0-reserve channels to them (for outbound channels the 0-conf decision rests with the accepter of the channel).
• I would rather make these restrictions for now; and if there is user-demand later, we can add greater flexibility.
• We already have 4 similar fn open_channel calls (given the "fund_with_all", and "announced" bits), I did not want to multiply the number of such calls by two just for 0-reserve channels. So I read what peers to set 0-reserve for outbound channels from the same list that determines 0-conf, 0-reserve for inbound channels, though I grant that this could be a source of confusion.

[jkczyz]

Should we use rev here? Seems otherwise the revision could move if the branch is updated.

[tnull]

Suggested change

	/// allow the counterparty to make cheating attempts with no financial penalty.
	/// allow the counterparty to attempt cheating with no financial penalty.

[tnull]

nit: Please expand the first sentence slightly and give it its own paragraph.

[tnull]

Hmm, I'm a bit dubious if we indeed should always opt for 0reserve if the peer is marked trusted?

[tnull]

Hmm, to be honest this is what makes it a bit weird to mix the concepts: yes, both require trust in the counterparty, but the AFAIU the use case is entirely opposite:

• We usually opt into 0conf if we are the client and want to allow the LSP to open 0conf channels
• If we are the client, there is little incentive to allow the LSP to not keep any reserve? So setting 0 reserve only makes sense if we are the LSP and want to allow the client to spend their full channel funds, no?

So, rather than also setting 0reserve if we are a LSPS client (see above), shouldn't we only set that if we are the LSP? Or maybe I'm missing something?

[tankyleo]

If we are the client, there is little incentive to allow the LSP to not keep any reserve? So setting 0 reserve only makes sense if we are the LSP and want to allow the client to spend their full channel funds, no?

Thanks for the review will mull on this more, a quick reaction to this point: the LSP might want 0-reserve on their side of the channel for greater capital efficiency, ie dedicate as much of their capital as possible towards allowing clients to receive payments. If they get caught making even a single cheating attempt, their entire reputation is burned, and their business goes to 0 (hopefully !) so the incentives are aligned. 1000sats (the min reserve) * x users quickly becomes a lot of dead capital.

So, rather than also setting 0reserve if we are a LSPS client (see above), shouldn't we only set that if we are the LSP? Or maybe I'm missing something?

I see your point yes. Do you have in mind to not offer any public API for setting 0-reserve on outbound channels (assuming the client is usually the opener of the channel, and not the LSP) ?

If we were to offer a completely separate API we have these options:

• Standalone function calls; this would at least require two more open_channel functions, one with max funding, and one with a parameterized amount.
• A separate list, similar to what we currently have for inbound channels.
• Some kind of boolean / enum flag on the existing open_channel functions.