Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Explicitly support counterparty setting 0 channel reserve #1163

Conversation

TheBlueMatt
Copy link
Collaborator

A peer providing a channel_reserve_satoshis of 0 (or less than our
dust limit) is insecure, but only for them. Because some LSPs do it
with some level of trust of the clients (for a substantial UX
improvement), we explicitly allow it. Because its unlikely to
happen often in normal testing, we test it explicitly here.

Based on #1162, but mostly just so I don't have to fix silent merge conflicts in the tests.

@codecov
Copy link

codecov bot commented Nov 10, 2021

Codecov Report

Merging #1163 (c7bfed3) into main (ef86a3e) will increase coverage by 0.31%.
The diff coverage is 98.86%.

❗ Current head c7bfed3 differs from pull request most recent head 25f4a54. Consider uploading reports for the commit 25f4a54 to get more accurate results
Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1163      +/-   ##
==========================================
+ Coverage   90.47%   90.79%   +0.31%     
==========================================
  Files          69       69              
  Lines       37137    38593    +1456     
==========================================
+ Hits        33600    35040    +1440     
- Misses       3537     3553      +16     
Impacted Files Coverage Δ
lightning/src/ln/channel.rs 89.05% <97.05%> (+0.01%) ⬆️
lightning/src/ln/channelmanager.rs 83.77% <100.00%> (ø)
lightning/src/ln/functional_test_utils.rs 95.18% <100.00%> (+0.04%) ⬆️
lightning/src/ln/functional_tests.rs 97.37% <100.00%> (-0.06%) ⬇️
lightning/src/util/logger.rs 84.12% <0.00%> (-0.25%) ⬇️
lightning-invoice/src/payment.rs 94.28% <0.00%> (+1.05%) ⬆️
lightning/src/routing/scoring.rs 93.48% <0.00%> (+1.85%) ⬆️
lightning/src/routing/router.rs 94.41% <0.00%> (+2.27%) ⬆️
... and 1 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ef86a3e...25f4a54. Read the comment docs.

Previously, `holder_selected_channel_reserve_satoshis` and
`holder_max_htlc_value_in_flight_msat` were constant functions
of the channel value satoshis. However, in the future we may allow
allow users to specify it. In order to do so, we'll need to track
them explicitly, including serializing them as appropriate.

We go ahead and do so here, in part as it will make testing
different counterparty-selected channel reserve values easier.
@TheBlueMatt TheBlueMatt force-pushed the 2021-11-support-insecure-counterparty branch from e4746a2 to 44dc1be Compare November 23, 2021 21:05
Copy link
Contributor

@valentinewallace valentinewallace left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm pretty much ACK! Cool to get this in

lightning/src/ln/functional_tests.rs Outdated Show resolved Hide resolved
lightning/src/ln/functional_tests.rs Outdated Show resolved Hide resolved
let remote_reserve = Channel::<Signer>::get_holder_selected_channel_reserve_satoshis(self.channel_value_satoshis);
if msg.dust_limit_satoshis > remote_reserve {
return Err(ChannelError::Close(format!("Dust limit ({}) is bigger than our channel reserve ({})", msg.dust_limit_satoshis, remote_reserve)));
if msg.dust_limit_satoshis > self.holder_selected_channel_reserve_satoshis {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like we don't currently check that max_htlc_value_in_flight is less than total channel value in this method

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, do we need to? I assume a max_htlc_value_in_flight of 21 million BTC is fine, we just (of course) won't send more than the channel value.

Copy link

@ariard ariard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review ACK c165359, comment isn't a blocker.

lightning/src/ln/channel.rs Show resolved Hide resolved
@TheBlueMatt
Copy link
Collaborator Author

Assigning @valentinewallace, post-re-ack I'll merge.

Copy link
Contributor

@valentinewallace valentinewallace left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK mod CI

@TheBlueMatt
Copy link
Collaborator Author

Oops lol, pushed a trivial fix.

Copy link

@ariard ariard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review ACK c7bfed3

A peer providing a channel_reserve_satoshis of 0 (or less than our
dust limit) is insecure, but only for them. Because some LSPs do it
with some level of trust of the clients (for a substantial UX
improvement), we explicitly allow it. Because its unlikely to
happen often in normal testing, we test it explicitly here.
@TheBlueMatt TheBlueMatt force-pushed the 2021-11-support-insecure-counterparty branch from c7bfed3 to 25f4a54 Compare November 29, 2021 16:57
@TheBlueMatt
Copy link
Collaborator Author

TheBlueMatt commented Nov 29, 2021

Squashed without changes, will land after CI. Diff since val's comment is below:

$ git diff-tree -U1 3bb466f863e23513de18dd34cbaa4797b1177e02 25f4a54a2
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
index 64a55c6fb..ae5df9a15 100644
--- a/lightning/src/ln/channel.rs
+++ b/lightning/src/ln/channel.rs
@@ -5921,2 +5921,3 @@ mod tests {
 		let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
+		let logger = test_utils::TestLogger::new();
 
@@ -5934,3 +5935,3 @@ mod tests {
 		let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
-		let node_b_chan = Channel::<EnforcingSigner>::new_from_req(&&feeest, &&keys_provider, node_b_node_id, &InitFeatures::known(), &open_channel_msg, 7, &config, 0).unwrap();
+		let node_b_chan = Channel::<EnforcingSigner>::new_from_req(&&feeest, &&keys_provider, node_b_node_id, &InitFeatures::known(), &open_channel_msg, 7, &config, 0, &&logger).unwrap();
 
@@ -6052,3 +6053,3 @@ mod tests {
 		let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
-		let mut node_b_chan = Channel::<EnforcingSigner>::new_from_req(&&feeest, &&keys_provider, node_b_node_id, &InitFeatures::known(), &open_channel_msg, 7, &config, 0).unwrap();
+		let mut node_b_chan = Channel::<EnforcingSigner>::new_from_req(&&feeest, &&keys_provider, node_b_node_id, &InitFeatures::known(), &open_channel_msg, 7, &config, 0, &&logger).unwrap();
 
diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs
index f60b43589..48d56b43b 100644
--- a/lightning/src/ln/functional_tests.rs
+++ b/lightning/src/ln/functional_tests.rs
@@ -7150,3 +7150,3 @@ fn test_user_configurable_csv_delay() {
 	open_channel.to_self_delay = 200;
-	if let Err(error) = Channel::new_from_req(&&test_utils::TestFeeEstimator { sat_per_kw: Mutex::new(253) }, &nodes[0].keys_manager, nodes[1].node.get_our_node_id(), &InitFeatures::known(), &open_channel, 0, &low_our_to_self_config, 0) {
+	if let Err(error) = Channel::new_from_req(&&test_utils::TestFeeEstimator { sat_per_kw: Mutex::new(253) }, &nodes[0].keys_manager, nodes[1].node.get_our_node_id(), &InitFeatures::known(), &open_channel, 0, &low_our_to_self_config, 0, &nodes[0].logger) {
 		match error {
@@ -7179,3 +7179,3 @@ fn test_user_configurable_csv_delay() {
 	open_channel.to_self_delay = 200;
-	if let Err(error) = Channel::new_from_req(&&test_utils::TestFeeEstimator { sat_per_kw: Mutex::new(253) }, &nodes[0].keys_manager, nodes[1].node.get_our_node_id(), &InitFeatures::known(), &open_channel, 0, &high_their_to_self_config, 0) {
+	if let Err(error) = Channel::new_from_req(&&test_utils::TestFeeEstimator { sat_per_kw: Mutex::new(253) }, &nodes[0].keys_manager, nodes[1].node.get_our_node_id(), &InitFeatures::known(), &open_channel, 0, &high_their_to_self_config, 0, &nodes[0].logger) {
 		match error {
$ git diff-tree -U1 c7bfed3b9 25f4a54a2
$

@TheBlueMatt
Copy link
Collaborator Author

Fuzz CI failure is an upstream regression, not specific to this PR, will open a PR to resolve separately.

@TheBlueMatt TheBlueMatt merged commit 9fcc626 into lightningdevkit:main Nov 29, 2021
vss96 added a commit to vss96/rust-lightning that referenced this pull request Jan 20, 2022
commit 1dff7564dd698c616e40c8ef208249202e3bef71
Author: vss96 <shettyvikas209@gmail.com>
Date:   Wed Jan 19 23:19:32 2022 +0530

    spendable_outputs sanity check

commit 7cb7b1558e7be1e9e70d1e7fd01aeca6a060384b
Author: vss96 <shettyvikas209@gmail.com>
Date:   Wed Jan 19 12:08:28 2022 +0530

    Using p2wpkh for generating the payment script

commit be70ba1f9a383715aa88aab777f39e2d5f875852
Author: vss96 <shettyvikas209@gmail.com>
Date:   Wed Jan 19 00:58:41 2022 +0530

    Create script using p2wsh for comparison

commit 4c7d2c0e8cb6cd5d37d11b93b8deca99d339aa30
Author: vss96 <shettyvikas209@gmail.com>
Date:   Tue Jan 18 20:20:24 2022 +0530

    Fix build errors

commit 3c48ce338c3d7d243dd2c1d28d5efc9405fc0742
Merge: b647d10d 34cdca91
Author: Vikas <shettyvikas209@gmail.com>
Date:   Tue Jan 18 17:35:15 2022 +0530

    Merge branch 'main' into sanity_check

commit b647d10dcf9d1450656bcf4551b2ce3c25e0f3e3
Author: vss96 <shettyvikas209@gmail.com>
Date:   Tue Jan 18 17:30:19 2022 +0530

    Sanity check for ChannelManager and KeysInterface

commit 34cdca91baa0187d13969855129073c764f4c895
Merge: 89cbb6d7 8f007c7d
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Jan 14 16:59:42 2022 +0000

    Merge pull request #1238 from TheBlueMatt/2022-01-lockorder-checks

    Fix and test lockorder

commit 8f007c7dbb3635cd92b9fa78ca19dc06a842f6ee
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Jan 13 01:00:43 2022 +0000

    Check lockorders in tests with a trivial lockorder tracker

commit 89cbb6d74b32b1d23090761dec216c942a846a04
Merge: a82067d3 9c2270c7
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Jan 14 04:10:14 2022 +0000

    Merge pull request #1229 from lightning-signer/2021-12-htlc-anchor-sighashtype

    anchors: Fix SigHashType and weight calculations for anchors

commit 9c2270c72225afa1b8b1ad14c61799e04bc93c7a
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Wed Jan 12 18:29:05 2022 -0800

    Fixed comment on weight_received_htlc

commit bee00124d2b5f36b6b2d8979cfc1c22e984b762c
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Wed Jan 12 17:10:07 2022 -0800

    Set opt_anchors for calls to CommitmentTransaction::new_with_auxiliary_htlc_data

commit 299b6657d53dc77e55d5fb85774747b5337c4092
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Jan 4 14:53:44 2022 -0800

    Add anchor tests to outbound_commitment_test

commit 35a6e00b03835f87adbae0b3a4229f6a13b9ca8b
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Jan 4 16:05:28 2022 -0800

    Debit funder's output to cover anchors

commit 557a83096f694a2e638361b65b828f52e979591a
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Wed Jan 5 13:40:08 2022 -0800

    Convert HTLC_{SUCCESS,TIMEOUT}_TX_WEIGHT to anchor-aware functions

commit 9566795c97ec241a7102b741475318747645fd91
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Jan 4 15:54:54 2022 -0800

    Convert COMMITMENT_TX_BASE_WEIGHT to anchor-aware function

commit c47d014a8ef76018edd1d82185d6f783f406eed9
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Sun Jan 2 15:00:54 2022 -0800

    Add unit test coverage for package::weight_{offered,received}_htlc

commit 37001b8b0e730f37fbe66b5f29ec75b1b266155d
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Fri Dec 31 12:21:22 2021 -0800

    make WEIGHT{_REVOKED,}_{OFFERED,RECEIVED}_HTLC functions with opt_anchors parameter

commit 3a163d2c6152c83539469a8674d8a9f7bbabcbff
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Fri Dec 31 08:47:38 2021 -0800

    Isolated channelmonitor weight unit tests and added anchor loops

commit 8f09e5a7ff464109ca1d7de065f56635c17bd0ac
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Dec 28 20:37:20 2021 -0800

    Set the SigHashType of remote htlc signatures w/ anchors to SinglePlusAnyoneCanPay

commit feb203d3b16538e279dba05fe3a8c6cbe1d9be97
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Jan 13 01:51:29 2022 +0000

    Fix some (non-bug) lock-order-inversions in tests

commit 6ccd07bc2d6213061b2ae579ccad9cfef4bc02cd
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Jan 12 19:58:08 2022 +0000

    Make lockorder consistent in channelmanager

    This resolves a lockorder inversion in
    `ChannelManager::finalize_claims` where `pending_outbound_payments`
    is locked after `pending_events`, opposite of, for example, the
    lockorder in `ChannelManager::fail_htlc_backwards_internal` where
    `pending_outbound_payments` is locked at the top of the
    `HTLCSource::OutboundRoute` handling and then `pending_events` is
    locked at the end.

commit a82067d3595a782d656f18d544145b547e27abc4
Merge: bb248617 d786bfae
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Jan 11 22:52:44 2022 +0000

    Merge pull request #1013 from TheBlueMatt/2021-07-warning-msgs

commit d786bfaef27b9e49f71ac5b8bf5a4e02cd484f79
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Jan 7 20:11:31 2022 +0000

    Rely on Error/Warning message data lengths being correct

    In https://github.com/lightning/bolts/pull/950, the (somewhat
    strange) requirement that error messages be handled even if the
    length field is set larger than the size of the package was
    removed. Here we change the code to drop the special handling for
    this, opting to just fail to read the message if the length is
    incorrect.

commit 2d7b06e6194df42f171bde203500fe10e8b28370
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Jan 7 20:30:50 2022 +0000

    Send `warning` instead of `error` when we incounter bogus gossip

commit 26fe0f753dc5116ab6fe5d078c9f30a318559502
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Sep 30 22:45:07 2021 +0000

    Convert `shutdown` invalid script checks to warning messages

    As required by the warning messages PR, we should simply warn our
    counterparty in this case and let them try again, continuing to try
    to use the channel until they tell us otherwise.

commit e137cfb3c48e11ee1ad1e1febdb6511b4dbbbcb4
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Jul 22 16:06:33 2021 +0000

    Send warning messages when appropriate in gossip handling pipeline

commit 1b3249a1929929170bba9d2553d7a9c8670193e5
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Jul 22 16:05:48 2021 +0000

    Handle sending and receiving warning messages

commit f676f5585f46eefbababdc19a5a90d5e0c77f0ca
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Jul 22 15:25:13 2021 +0000

    Add a new `WarningMessage` message to send and receive warnings

commit bb248617a52c073d317538119a9dbe2703999993
Merge: b62b244c 1a779ce6
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Jan 10 18:34:40 2022 +0000

    Merge pull request #1230 from lightning-signer/2021-01-invoice-bech32-dep

    Do not turn on bech32/std by default for lightning-invoice

commit 1a779ce6583e53ea4fd62e0bc8a9897b477c7e60
Author: Devrandom <c1.devrandom@niftybox.net>
Date:   Sun Jan 9 12:26:14 2022 +0100

    Do not turn on bech32/std by default for lightning-invoice

commit b62b244c3c826523a81631037cd060bafef8e402
Merge: 94c41d8c 01915810
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Thu Jan 6 19:25:36 2022 +0000

    Merge pull request #1223 from lightning-signer/2021-12-invoice-nostd

    Adapt lightning-invoice to no_std

commit 01915810d42506addbaef244b0cbb31e8b3856b5
Author: Devrandom <c1.devrandom@niftybox.net>
Date:   Wed Dec 22 17:43:25 2021 +0100

    Adapt lightning-invoice to no_std

commit 94c41d8c0ac6e0ae2409719e7ca67213cc14ecbf
Merge: 3ca63426 ffbef9fe
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Jan 5 21:01:06 2022 +0000

    Merge pull request #1226 from TheBlueMatt/2022-01-bindings-no-std

    Support building `cfg=c_bindings` with `no-std`

commit ffbef9fec72fa33ce86d3c68dbcebf45ebc34927
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Jan 4 22:34:15 2022 +0000

    Support building `cfg=c_bindings` with `no-std`

    This will be needed for JavaScript bindings eventually.

commit 3ca63426f98af6817516597b6ad762324bfd2ac4
Merge: 036ea119 d5a14359
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Jan 3 19:54:20 2022 +0000

    Merge pull request #1220 from TheBlueMatt/2021-12-stale-update-gossip-log

    Log gossip rejections due to stale channel_updates at GOSSIP level

commit 036ea119541553bdd17db84a48eb18e0232b2333
Merge: 56555900 d46c2a20
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 29 19:57:05 2021 +0000

    Merge pull request #1225 from hackerrdave/update-repo-lightningdevkit

    update repo name to use lightningdevkit

commit d46c2a20e125b3c5af6862ac556fc92a736c9864
Author: hackerrdave <dave@hackerrdave.com>
Date:   Sun Dec 26 22:53:16 2021 -0500

    update repo name to use lightningdevkit

commit 565559005ec241d8f4f45a373652eb4ee4e13b9c
Merge: 2a8a396f 7d1e1873
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Sun Dec 19 23:55:09 2021 +0000

    Merge pull request #1218 from TheBlueMatt/2021-12-minor-bindings-tweaks

    Minor Bindings Tweaks

commit d5a1435905a82045bd9a984421d180d0f12187a4
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Dec 19 20:13:38 2021 +0000

    Log gossip rejections due to stale channel_updates at GOSSIP level

    This further reduces noise at the TRACE level during initial gossip
    sync.

commit 7d1e1873f34b1de87ec9cfbe13c9111f892b5c8d
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Dec 18 19:52:11 2021 +0000

    Swap around generic argument ordering in InvoicePayer for bindings

    The bindings generation really should support generic bounds other
    than Deref::Target in where clauses, but currently does not. To
    avoid needing to add support during the current release process,
    we simply swap around the arguments to move them to the first <>
    instead of the where.

commit d26469a77a96bcf3717d321b6befce64661e8ed4
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Dec 18 03:43:34 2021 +0000

    Add a C-not exported tag to `NetGraphMsgHandler.network_graph`

commit ae4f6198db4bf1dd5ab708c625276143d53239ba
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Dec 18 03:38:15 2021 +0000

    Add a constructor to MultiThreadedLockableScore

    ...as otherwise the struct is rather useless.

commit 2a8a396f1ed612ed0cbd2b6cef7d1816b128c5c9
Merge: 1c157a23 27d5c7a2
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Dec 17 23:30:54 2021 +0000

    Merge pull request #1217 from TheBlueMatt/2021-12-0.0.104

    Cut 0.0.104

commit 27d5c7a2106f163f1c0df462db4ca6247f891af2
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 17 22:38:46 2021 +0000

    Swap around generic argument ordering in DefaultRouter for bindings

    The bindings generation really should support default generic types
    in where clauses, but currently does not. To avoid needing to add
    support during the current release process, we simply swap around
    the arguments to move them to the first <> instead of the where.

commit ec86e2a1a7a1b2cd680a46e2bdd4274dd39bb78c
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 17 21:28:24 2021 +0000

    Bump versions to 0.0.104/invoice 0.12

commit 8f9d1c9a8cd9af70b7d93cf905ce3ba1352787c5
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 17 01:49:39 2021 +0000

    Update CHANGELOG for 0.0.104

commit 1c157a2328d23079230143314819d0128ec314fd
Merge: 86d5944b 41cfd833
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Dec 17 17:34:47 2021 +0000

    Merge pull request #1216 from valentinewallace/2021-12-preimage-getter

    Add utility for retrieving an LDK payment preimage

commit a3330acecfd50611a3b3ab09dc4dd564603bd4dc
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 17 00:32:28 2021 +0000

    Remove trailing whitespace in the FeeEstimator interface

commit 41cfd833f1337c890d3fec0fe18bfa2c6bea75f2
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Dec 13 18:40:16 2021 -0500

    inbound_payment: Add utility to get payment preimage given hash/secret

    User-requested feature

commit d734ad814e14097f1b1a053e8d63b3a84b1c9435
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Dec 13 17:36:09 2021 -0500

    inbound_payment: DRY verify method for use in getting preimage

    in the next commit(s)

commit d20239bbeb28daf94b8ca34304a0e7c3a12a4808
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Thu Dec 16 16:27:13 2021 -0800

    create_inbound_payment: warn about dup hashes

    Leftover feedback from #1177

commit 6e0820ca197d8e318ad74ad959b17f70889434be
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Thu Dec 16 16:24:24 2021 -0800

    Salt inbound payment ExpandedKey

    Leftover feedback from #1177

commit 86d5944b0d4b85577d9eede80843dda445ad28e9
Merge: cec8ce0f d41499a2
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Dec 17 00:15:24 2021 +0000

    Merge pull request #1177 from valentinewallace/2021-11-derivable-payment-secret

    Stop storing pending inbound payment data; instead make it derivable on receive

commit d41499a26084c828de6542380b0b615093bda954
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Thu Dec 9 17:41:33 2021 -0500

    Add new invoice CreationError::InvalidAmount for use in checking `create_inbound_payment`

    in an invoice creation utility. Note that if the error type of `create_inbound_payment` ever
    changed, we'd be forced to update the invoice utility's callsite to handle the new error

commit 846487555556d8465c5b7b811f976e78f265c48f
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Nov 29 19:59:18 2021 -0500

    Drop need to store pending inbound payments

    and replace payment_secret with encrypted metadata

    See docs on `inbound_payment::verify` for details

    Also add min_value checks to all create_inbound_payment* methods

commit 1d516a6fc505783ce752f0289322ce73ae10bcf4
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Nov 29 19:36:59 2021 -0500

    Add get_single_block to chacha20 module

    In the next commit, we'll want to get a single block from a chacha stream that
    takes a 16-byte nonce.

commit 063b7583c13e17e339fc9f3083ca3d54e2d2d050
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Nov 22 16:53:18 2021 -0500

    Macro-ize checking that the total value of an MPP's parts is sane

    This DRY-ed code will be used in upcoming commits when we stop storing inbound
    payment data

commit 6dd1ec1feda39ee87f0b2cff7168751d827e0a43
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Mon Nov 29 12:50:47 2021 -0500

    Add get_inbound_payment_key_material to KeysInterface

    This will allow us to retrieve key material for encrypting/decrypting inbound
    payment info, in upcoming commits

commit cec8ce0fcbfb3073791d4427d8b155ab9ad5ba22
Merge: 6e27ca03 73e8dc41
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Thu Dec 16 23:04:00 2021 +0000

    Merge pull request #1212 from TheBlueMatt/2021-12-timeout-graph

    Add a method to prune stale channels from NetworkGraph

commit 73e8dc41a6c277b001587d88426f0c0872f21a0f
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Dec 15 18:59:15 2021 +0000

    Automatically prune NetworkGraph of stale channels hourly in BP

commit cd43ff4a5ed47cf67a3c553007b36de3e38b476b
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Dec 14 01:33:37 2021 +0000

    Reject channel_update messages with timestamps too old or new

    Because we time out channel info that is older than two weeks now,
    we should also reject new channel info that is older than two
    weeks, in addition to rejecting future channel info.

commit 4677e14c007a5453613afc20b088cbe938251226
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 10 06:46:29 2021 +0000

    Add a method to prune stale channels from `NetworkGraph`

    We define "stale" as "haven't heard an updated channel_update in
    two weeks", as described in BOLT 7.

    We also filter out stale channels at write-time for `std` users, as
    we can look up the current time.

commit c575429639a388ef3d5fc2b036163914bc947c57
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 10 05:57:30 2021 +0000

    Drop `allow_wallclock_use` feature in favor of simply using `std`

    Fixes #1147.

commit 11d644824efc78624330a7acbc96eabf9d481e89
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Dec 15 22:38:13 2021 +0000

    DRY up network_graph tests substantially with message creation fns

commit 6e27ca0316ee161ae328394606d708b1d4fd8ab0
Merge: 064d7099 01ef55ae
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Thu Dec 16 17:44:21 2021 +0000

    Merge pull request #1214 from TheBlueMatt/2021-12-fix-tokio-msrv-bump

commit 01ef55ae86d9fce4b1741c542b8a0d77081a3163
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Dec 16 02:21:48 2021 +0000

    Build no-std on 1.47 now that core2 supports it

commit 144145e4f93e7d34c8034dceb920f367aee0ae4a
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Dec 16 02:10:09 2021 +0000

    Pin tokio to 1.14.0 in CI for older rustc's

commit 064d709910df70403e84176804c9dcb137b73572
Merge: 88a86d12 e88c7210
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 15 23:32:30 2021 +0000

    Merge pull request #1148 from dunxen/2021-11-new-onion-errors

    Add mpp_timeout and invalid_onion_payload descriptions

commit 88a86d126f1bab0af8270a6388843dcc4a354e70
Merge: 54114c9d 0c34737e
Author: Conor Okus <conor.okus@hotmail.co.uk>
Date:   Wed Dec 15 16:15:21 2021 +0000

    Merge pull request #1211 from ConorOkus/2021-11-add-max-conversion

    Update docs to add max return value to conversion list

commit 54114c9d858fba00d0885d06419f4650629bf6c7
Merge: 09714e6f 05d7a33a
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 15 04:58:46 2021 +0000

    Merge pull request #1202 from TheBlueMatt/2021-12-fix-retries-races

    Fix payment retry races and inform users when a payment fails

commit 05d7a33a581076fbea1e9d626c40e0c3c44031b1
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Dec 13 17:41:36 2021 +0000

    Make attempting to retry a succeeded payment an APIError, not Route

    This is symmetric with the new failure once a payment is abandoned.

commit 3086bd8c8e3f4c1d2c5fa99279f516817ce05587
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Dec 4 23:41:37 2021 +0000

    Use `Event::PaymentFailed` in `InvoicePayer` to remove retry count

    This finally fixes the bug described in the previous commits where
    we retry a payment after its retry count has expired due to early
    removal of the payment from the retry count tracking map. A test is
    also added which demonstrates the bug in previous versions and
    which passes now.

    Fixes #1164.

commit 7782d0a1ef9fb4e9d26f78a042da16939708d697
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 10 00:28:24 2021 +0000

    Expose an event when a payment has failed and retries complete

    When a payment fails, a payer needs to know when they can consider
    a payment as fully-failed, and when only some of the HTLCs in the
    payment have failed. This isn't possible with the current event
    scheme, as discovered recently and as described in the previous
    commit.

    This adds a new event which describes when a payment is fully and
    irrevocably failed, generating it only after the payment has
    expired or been marked as expired with
    `ChannelManager::mark_retries_exceeded` *and* all HTLCs for it
    have failed. With this, a payer can more simply deduce when a
    payment has failed and use that to remove payment state or
    finalize a payment failure.

commit 0b3240ee6a6e1baeafaed9e766997098be588358
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Dec 3 19:57:37 2021 +0000

    Add a variant to `PendingOutboundPayment` for retries-exceeded

    When a payer gives up trying to retry a payment, they don't know
    for sure what the current state of the event queue is.
    Specifically, they cannot be sure that there are not multiple
    additional `PaymentPathFailed` or even `PaymentSuccess` events
    pending which they will see later. Thus, they have a very hard
    time identifying whether a payment has truly failed (and informing
    the UI of that fact) or if it is still pending. See [1] for more
    information.

    In order to avoid this mess, we will resolve it here by having the
    payer give `ChannelManager` a bit more information - when they
    have given up on a payment - and using that to generate a
    `PaymentFailed` event when all paths have failed.

    This commit adds the neccessary storage and changes for the new
    state inside `ChannelManager` and a public method to mark a payment
    as failed, the next few commits will add the new `Event` and use
    the new features in our `PaymentRetrier`.

    [1] https://github.com/lightningdevkit/rust-lightning/issues/1164

commit 8c9615e8d6be6d4e3ff2d861a8a30266217672b2
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Dec 4 23:41:01 2021 +0000

    DRY up payment failure macros in functional_test_utils

    ... with a more extensible expectation-checking framework for them.

commit e88c7210f81d5c09d9f60f7f9d6946de4f18146f
Author: Duncan Dean <duncangleeddean@gmail.com>
Date:   Sat Oct 30 10:25:44 2021 +0200

    Add mpp_timeout and invalid_onion_payload descriptions & handling

commit 0c34737e3512e7e254a93ce6fa44d35843a594d5
Author: Conor Okus <cokus@cokus-macbookpro.local>
Date:   Wed Dec 8 17:15:57 2021 +0000

    Updates Fee estimator docs to include a max return value for get_est_sat_per_1000_weight

    Updates docs to include a max return value for get_est_sat_per_1000_weight

    Adds max to both conversions

    Additional detail

commit 09714e6fe286b8cd5863b616748362b76c2fbdf0
Merge: 61518f97 0fe2aef0
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Thu Dec 9 18:21:55 2021 +0000

    Merge pull request #1169 from TheBlueMatt/2021-11-fix-update-announcements

    Fix announcements of our own gossip

commit 0fe2aef0e6f12838e05521d3f38a51e7c03e5380
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Dec 9 03:49:50 2021 +0000

    Add a comment describing the timestamp field's use

commit 61518f97212fd6a4c40cdd62a3ee5ab7a15d1971
Merge: 3cf1b15b 02a9f92e
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 8 02:24:32 2021 +0000

    Merge pull request #1203 from lightning-signer/2021-12-value-to-self

    Getter for the total channel balance

commit 3cf1b15b787cdbb3160e2ca15c63df8edd01433a
Merge: cd4dc39a 4fc7bcee
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 8 01:01:34 2021 +0000

    Merge pull request #1210 from TheBlueMatt/2021-12-new-codecod-upload

    Upgrade to codecov uploader v2

commit 4fc7bcee5849bf362a7fa1052817d5b6f378e463
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Dec 7 19:17:57 2021 +0000

    Upgrade to codecov uploader v2

    Some time ago codecov stopped supporting their old v1 uploader, and
    it seems they've now finally turned it off, so we aren't getting
    any coverage reports anymore. Hopefully upgrading is pretty trivial.

commit cd4dc39a8c4732bea1a3221617f86e34dfb7efb8
Merge: cd9cd47f d5e70ad1
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Dec 7 20:11:47 2021 +0000

    Merge pull request #1208 from TheBlueMatt/2021-12-less-force-close

    Reduce force-closures with user fee estimators which round poorly

commit cd9cd47f686c0ac6543e05fd23fe67d74407c409
Merge: 3ec529d7 8f4a22fe
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Dec 7 19:28:29 2021 +0000

    Merge pull request #1205 from TheBlueMatt/2021-12-new-feature-bit

    Support the channel_type feature bit.

commit d5e70ad185137d2b23744aeaaa0116a0b5b80372
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Dec 7 17:23:42 2021 +0000

    Reduce force-closures with user fee estimators which round poorly

    See comment for more

commit 8f4a22fe310a0a1643a82a5d3e17617da000b912
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Dec 6 00:18:59 2021 +0000

    Support the `channel_type` feature bit.

    Note that this feature bit does absolutely nothing. We signal it
    (as we already support channel type negotiation), but do not bother
    to look to see if peers support it, as we don't care - we simply
    look for the TLV entry and deduce if a peer supports channel type
    negotiation from that.

    The only behavioral change at all here is that we don't barf if a
    peer sets channel type negotiation to required via the feature bit
    (instead of failing the channel at open-time), but of course no
    implementations do this, and likely won't for some time (if ever -
    you can simply fail channels with unknown types later, and there's
    no reason to refuse connections, really).

    As defined in https://github.com/lightning/bolts/pull/906

commit 02a9f92ea4f345b99e0d77b37018b23cb63a0516
Author: Devrandom <c1.devrandom@niftybox.net>
Date:   Sun Dec 5 12:42:25 2021 +0100

    Getter for the total channel balance

    The existing balance getters subtract reserve, this one does not.

commit 3ec529d7cc06e15c0d55161e30b931ac115fac95
Merge: 9c6961ea c453d041
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Dec 7 00:42:02 2021 +0000

    Merge pull request #1201 from jkczyz/2021-12-idempotent-channelmanager

    Ensure ChannelManager methods are idempotent

commit c453d04137997f8ca2f79ae123b4915062e2f369
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Fri Dec 3 13:04:58 2021 -0600

    Ensure ChannelManager methods are idempotent

    During event handling, ChannelManager methods may need to be called as
    indicated in the Event documentation. Ensure that these calls are
    idempotent for the same event rather than panicking. This allows users
    to persist events for later handling without needing to worry about
    processing the same event twice (e.g., if ChannelManager is not
    persisted but the events were, the restarted ChannelManager would return
    some of the same events).

commit 9c6961ea8463580810a591474fcae819b0433b16
Merge: d47aebca 361639de
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Dec 6 22:49:18 2021 +0000

    Merge pull request #1204 from TheBlueMatt/2021-12-no-torv2

    Remove OnionV2 parsing support

commit d47aebca38ca8bfbd06f57052ed2712121593d6f
Merge: ea892865 1b88f163
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Dec 6 19:35:58 2021 +0000

    Merge pull request #1130 from TheBlueMatt/2021-10-mon-fail-after-conf

    Always return failure in update_monitor after funding spend

commit 1b88f1638e5d743dc827b5f0e1ccd35f00b69907
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Nov 28 17:13:38 2021 +0000

    Add trivial test of monitor update failure during block connection

commit 9fe0cf19f6dba5895bcb21c7158c04fbc90c1fb6
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Oct 19 23:44:29 2021 +0000

    Add a test for MonitorEvent holding when they complete out-of-order

commit fa62775f9d2306051f0134a9d6d0183e9f246623
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Oct 17 21:24:39 2021 +0000

    Add a simple test for ChainMonitor MonitorUpdate-holding behavior

commit 6bcb270ae10472a1dd28a3211e80257b1a2b1fd1
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Oct 17 21:24:53 2021 +0000

    Make APIError debug output more clear by including the variant

commit 87b687962237c3bfc596a0963b1ef2bc2e9ba6f7
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 29 21:36:12 2021 +0000

    Drop `MonitorUpdateErr` in favor of opaque errors.

    We don't expect users to ever change behavior based on the string
    contained in a `MonitorUpdateErr`, except log it, so there's little
    reason to not just log it ourselves and return a `()` for errors.

    We do so here, simplifying the callsite in `ChainMonitor` as well.

commit 25542b8157e95e362e097b73a366da3f8bfe962d
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Oct 17 21:28:50 2021 +0000

    Always return failure in `update_monitor` after funding spend

    Previously, monitor updates were allowed freely even after a
    funding-spend transaction confirmed. This would allow a race
    condition where we could receive a payment (including the
    counterparty revoking their broadcasted state!) and accept it
    without recourse as long as the ChannelMonitor receives the block
    first, the full commitment update dance occurs after the block is
    connected, and before the ChannelManager receives the block.

    Obviously this is an incredibly contrived race given the
    counterparty would be risking their full channel balance for it,
    but its worth fixing nonetheless as it makes the potential
    ChannelMonitor states simpler to reason about.

    The test in this commit also tests the behavior changed in the
    previous commit.

commit aa5e5f967375eb31d8b0d0ed7f20ef31242693f7
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Jul 23 15:49:24 2021 +0000

    Define public getters for all feature flags

    There's not a ton of reason not to do this, and moving it to the
    macro removes some code.

commit 361639decf9c98ff43d228415e3cab5955e2b973
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Dec 6 00:12:35 2021 +0000

    Remove OnionV2 parsing support

    OnionV2s don't (really) work on Tor anymore anyway, and the field
    is set for removal in the BOLTs [1]. Sadly because of the way
    addresses are parsed we have to continue to understand that type 3
    addresses are 12 bytes long. Thus, for simplicity we keep the
    `OnionV2` enum variant around and just make it an opaque 12 bytes,
    with the documentation updated to note the deprecation.

    [1] https://github.com/lightning/bolts/pull/940

commit ea89286569c95c4eb9a692f9aaf9f1e647d012ef
Merge: a3e4af0b 857b4c08
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Dec 3 21:04:41 2021 +0000

    Merge pull request #1197 from jkczyz/2021-11-score-successful-payment-path

    Score successful payment paths

commit 857b4c08a5870025a3aeb5e606972ef375d4bbea
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 30 22:57:32 2021 -0600

    Fix shift overflow in Scorer::channel_penalty_msat

    An unchecked shift of more than 64 bits on u64 values causes a shift
    overflow panic. This may happen if a channel is penalized only once and
    (1) is not successfully routed through and (2) after 64 or more half
    life decays. Use a checked shift to prevent this from happening.

commit d28d6a5403682d2d1539bf73552a4490a2309578
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 30 18:27:08 2021 -0600

    Decay channel failure penalty upon success

    If a payment failed to route through a channel, a penalty is applied to
    the channel in the future when finding a route. This penalty decays over
    time. Immediately decay the penalty by one half life when a payment is
    successfully routed through the channel.

commit c36bf9249978dce2b72b3b67d01e22c6c8d78431
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 30 17:16:05 2021 -0600

    Score successful payment paths

    Expand the Score trait with a payment_path_successful function for
    scoring successful payment paths. Called by InvoicePayer's EventHandler
    implementation when processing PaymentPathSuccessful events. May be used
    by Score implementations to revert any channel penalties that were
    applied by calls to payment_path_failed.

commit a3e4af0bb800a7fbc9d7908a41706d211eeda835
Merge: 0cdea66b ef246ed7
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Dec 1 20:14:14 2021 +0000

    Merge pull request #1196 from TheBlueMatt/2021-11-bad-rustdoc

    Fix compilation in `payment` rustdoc examples

commit ef246ed7862efc8c9be42f2c27eecb43d22e6b97
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 30 21:01:39 2021 +0000

    Fix compilation in `payment` rustdoc examples

    The samples were not valid rust, but previous versions of rustc had
    a bug where they were accepted anyway. Latest rustc beta no longer
    accepts these.

commit 0cdea66b0e73d45b2a137eed145a294b7d713cc4
Merge: 9fcc626e e62bd9d1
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 30 15:35:27 2021 +0000

    Merge pull request #1195 from TheBlueMatt/2021-11-chanman-read-regression

    Fix regression when reading `Event::PaymentReceived` in some cases

commit e62bd9d137e8e82ad38b820c7bd34b229b241fe9
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 29 20:05:35 2021 +0000

    Fix regression when reading `Event::PaymentReceived` in some cases

    For some reason rustc was deciding on a type for the `Option` being
    deserialized for us as `_user_payment_id`. This really, really,
    absolutely should have been a compile failure - the type (with
    methods called on it!) was ambiguous! Instead, rustc seems to have
    been defaulting to `Option<()>`, causing us to read zero of the
    eight bytes in the `user_payment_id` field, which returns an
    `Err(InvalidValue)` error as TLVs must always be read fully.

    This should likely be reported to rustc as its definitely a bug,
    but I cannot seem to cause the same error on any kinda of
    vaguely-minimized version of the same code.

    Found by `chanmon_consistency` fuzz target.

commit 9fcc626ee4d23a276fc8dd87ddb2538f4d5565f9
Merge: e9774aeb 25f4a54a
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 29 21:02:36 2021 +0000

    Merge pull request #1163 from TheBlueMatt/2021-11-support-insecure-counterparty

    Explicitly support counterparty setting 0 channel reserve

commit 25f4a54a2bdda91232a62034befc3c6d20611058
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 9 21:25:33 2021 +0000

    Explicitly support counterparty setting 0 channel reserve

    A peer providing a channel_reserve_satoshis of 0 (or less than our
    dust limit) is insecure, but only for them. Because some LSPs do it
    with some level of trust of the clients (for a substantial UX
    improvement), we explicitly allow it. Because its unlikely to
    happen often in normal testing, we test it explicitly here.

commit e9774aeb2eaf27dccd2d3d4422b65040995bdc9b
Merge: 1a743672 f118bb77
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 29 16:56:23 2021 +0000

    Merge pull request #1189 from TheBlueMatt/2021-11-trivial-impls

    Derive `Clone` and friends on additional public structs

commit f118bb776a5d242916f836e538511cd70f6d01a4
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Oct 19 06:20:12 2021 +0000

    Implement Clone for InvalidShutdownScript

    Users hopefully shouldn't have much of a reason to use this, but
    the bindings may need it to ensure no leaking pointers over an ffi.

commit 04d0cca87293f5a47812d19920686755892f8446
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Oct 19 06:19:28 2021 +0000

    Implement Clone, Hash, PartialEq for ClosingTransaction

    This is a public struct intended to be used as an object by users,
    so it should likely have common implementations, given they're
    trivial.

commit 37c6c18789151b2a8c7c3b7e4c1d98f7f86e906a
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Oct 17 21:26:04 2021 +0000

    Continue after a single failure in `ChannelMonitor::update_monitor`

    `ChannelMonitorUpdate`s may contain multiple updates, including, eg
    a payment preimage after a commitment transaction update. While
    such updates are generally not generated today, we shouldn't return
    early out of the update loop, causing us to miss any updates after
    an earlier update fails.

commit 1ce922c631aac879b3569047a8f17e2a5df5e76a
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Oct 17 21:23:51 2021 +0000

    Prefer fully-specified paths in test macros

    This avoids macros being context-specific use-dependent.

commit 63698ecbbfec96998257424e0b09224182a81239
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Oct 20 01:35:01 2021 +0000

    Allow missing-docs on test-only macros

commit 1a743672b92a65e3d401a11001354f3b514bf956
Merge: 937403ed 3539f270
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Nov 24 20:03:14 2021 +0000

    Merge pull request #1184 from TheBlueMatt/2021-11-c-bindings-tweaks

    C Bindings Compatibility Tweaks

commit 3539f270c47ec8b525bac65fce2b85c94eb55be9
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 22 18:00:08 2021 +0000

    Seal `scoring::Time` and only use `Instant` or `Eternity` publicly

    `scoring::Time` exists in part to make testing the passage of time
    in `Scorer` practical. To allow no-std users to provide a time
    source it was exposed as a trait as well. However, it seems
    somewhat unlikely that a no-std user is going to have a use for
    providing their own time source (otherwise they wouldn't be a
    no-std user), and likely they won't have a graph in memory either.

    `scoring::Time` as currently written is also exceptionally hard to
    write C bindings for - the C bindings trait mappings relies on the
    ability to construct trait implementations at runtime with function
    pointers (i.e. `dyn Trait`s). `scoring::Time`, on the other hand,
    is a supertrait of `core::ops::Sub` which requires a `sub` method
    which takes a type parameter and returns a type parameter. Both of
    which aren't practical in bindings, especially given the
    `Sub::Output` associated type is not bound by any trait bounds at
    all (implying we cannot simply map the `sub` function to return an
    opaque trait object).

    Thus, for simplicity, we here simply seal `scoring::Time` and make
    it effectively-private, ensuring the bindings don't need to bother
    with it.

commit a173ded03f84193f8da14301e81fdec419c5e441
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 22 03:27:17 2021 +0000

    Make `Score : Writeable` in c_bindings and impl on `LockedScore`

    Ultimately we likely need to wrap the locked `Score` in a struct
    that exposes writeable somehow, but because all traits have to be
    fully concretized for C bindings we'll still need `Writeable` on
    all `Score` in order to expose `Writeable` on the locked score.
    Otherwise, we'll only have a `LockedScore` with a `Score` visible
    that only has the `Score` methods, never the original type.

commit 937403ed780f63a8a48fe1939f9af23b12d04f9c
Merge: ef86a3e2 4831de41
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Nov 24 16:31:32 2021 +0000

    Merge pull request #1186 from TheBlueMatt/2021-11-fix-log-select

    Fix the `max_level_trace` feature

commit 4831de41ec40f842148358592da8c1ded7e2d523
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 23 23:03:34 2021 +0000

    Test all log-limiting features in CI

commit 31e592bedf0899dc425036d1518dd83fb0161609
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 23 23:03:13 2021 +0000

    Fix compilation with the max_level_trace feature

commit d2ac683f4e6267b1ae8997a97b1c1dec1cd540c2
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 16 20:55:10 2021 +0000

    Add a comment describing `update_time_counter` and when its updated

commit 391fbfbe1abbd011395542f5f0f96dbc57b8655e
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Nov 13 01:54:54 2021 +0000

    Re-broadcast our own gossip even if its same as the last broadcast

    Even if our gossip hasn't changed, we should be willing to
    re-broadcast it to our peers. All our peers may have been
    disconnected the last time we broadcasted it.

commit 8f89371bae42d127f28b4362322682fe22718175
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Nov 13 01:06:09 2021 +0000

    Update `ChannelUpdate::timestamp` when channels are dis-/en-abled

    We update the `Channel::update_time_counter` field (which is copied
    into `ChannelUpdate::timestamp`) only when the channel is
    initialized or closes, and when a new block is connected. However,
    if a peer disconnects or reconnects, we may wish to generate
    `ChannelUpdate` updates in between new blocks. In such a case, we
    need to make sure the `timestamp` field is newer than any previous
    updates' `timestamp` fields, which we do here by simply
    incrementing it when the channel status is changed.

    As a side effect of this we have to update
    `test_background_processor` to ensure it eventually succeeds even
    if the serialization of the `ChannelManager` changes after the test
    begins.

commit 74828d243567af448cec5f09eb2d6a8eeed3ca48
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Nov 13 00:27:05 2021 +0000

    Separate ChannelAnnouncement and ChannelUpdate broadcast conditions

    When a `ChannelUpdate` message is generated for broadcast as a part
    of a `BroadcastChannelAnnouncement` event, it may be newer than our
    previous `ChannelUpdate` and need to be broadcast. However, if the
    `ChannelAnnouncement` had already been seen we wouldn't
    re-broadcast either message as the `handle_channel_announcement`
    call would fail, short-circuiting the condition to broadcast both.

    Instead, we split the broadcast of each message as well as the
    conditional so that we always attempt to handle each message and
    update our local graph state, then broadcast the message if its
    update was processed successfully.

commit f69311ccff517f01211415461db666db22290232
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 9 21:12:30 2021 +0000

    Store holder channel reserve and max-htlc-in-flight explicitly

    Previously, `holder_selected_channel_reserve_satoshis` and
    `holder_max_htlc_value_in_flight_msat` were constant functions
    of the channel value satoshis. However, in the future we may allow
    allow users to specify it. In order to do so, we'll need to track
    them explicitly, including serializing them as appropriate.

    We go ahead and do so here, in part as it will make testing
    different counterparty-selected channel reserve values easier.

commit ef86a3e20952a96f7b646a9a4154aa5dc220147a
Merge: 19191b45 13e4fd58
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 23 20:46:38 2021 +0000

    Merge pull request #1162 from TheBlueMatt/2021-11-fix-accept-chan-checks

    Correct initial commitment tx fee affordability checks on open

commit 19191b450c8f07e7b703ec83eabaa0d268757bd7
Merge: 2b789578 2c4f16d5
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 23 20:39:28 2021 +0000

    Merge pull request #1178 from jkczyz/2021-11-payment-path-successful

    Generate PaymentPathSuccessful event for each path

commit 2b78957888b86760bb16325a23302d9c979b5602
Merge: ba50dd57 530abc5e
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 23 19:37:09 2021 +0000

    Merge pull request #1176 from lightning-signer/2021-11-htlc-anchors

    Add anchors support for HTLCs

commit 2c4f16d5e39e6d4e90d1b9836cceaad11810fbaa
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Thu Nov 18 16:24:14 2021 -0600

    Generate PaymentPathSuccessful event for each path

    A single PaymentSent event is generated when a payment is fulfilled.
    This is occurs when the preimage is revealed on the first claimed HTLC.
    For subsequent HTLCs, the event is not generated.

    In order to score channels involved with a successful payments, the
    scorer must be notified of each successful path involved in the payment.
    Add a PaymentPathSuccessful event for this purpose. Generate it whenever
    a part is removed from a pending outbound payment. This avoids duplicate
    events when reconnecting to a peer.

commit 530abc5efd96da693316f2c45c6169c1ee7064e6
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Nov 16 11:40:27 2021 -0800

    Add test vectors for get_htlc_redeemscript wrt anchors

commit 50d81220df0d1f73541f39863657ca9bde193afc
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Tue Nov 16 09:27:33 2021 -0800

    Adjust HTLC_{SUCCESS,TIMEOUT}_TX_WEIGHT when anchors used

commit 6c36e011a80cd3d02db8591fb9a19111dceecb86
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Mon Nov 15 19:39:39 2021 -0800

    Add anchor support to build_htlc_transaction

commit c077f36b4b231b05b9c6bfadd5ef0c017b17eaa0
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Mon Nov 15 18:50:57 2021 -0800

    Increase visibility of anchor related methods

commit 3efcbab5d42d5c2cd7d37ce18a8bcca211569bb8
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Mon Nov 15 18:03:46 2021 -0800

    Add anchor support to commitment HTLC outputs

commit 016eb96fc7170bdbab238292d3cc9338c2a66eb9
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Nov 21 22:29:48 2021 +0000

    Support `logger::Record` in C by String-ing the fmt::Arguments

    This adds a new (non-feature) cfg argument `c_bindings` which will
    be set when building C bindings. With this, we can (slightly) tweak
    behavior and API based on whether we are being built for Rust or C
    users.

    Ideally we'd never need this, but as long as we can keep the API
    consistent-enough to avoid material code drift, this gives us a
    cheap way of doing the "right" thing for both C and Rust when the
    two are in tension.

    We also move lightning-background-processor to support the same
    MSRV as the main lightning crate, instead of only
    lightning-net-tokio's MSRV.

commit 13e4fd586ed0c8439dcada150c4fffa33fa67db9
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Nov 10 04:40:33 2021 +0000

    Test fixed channel reserve checks on channel open

commit 940ef05371221138a930b1afc1243cb1cdf63873
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Nov 10 01:36:26 2021 +0000

    Correct initial commitment tx fee affordability checks on open

    Previously, we would reject inbound channels if the funder wasn't
    able to meet our channel reserve on their first commitment
    transaction only if they also failed to push enough to us for us
    to not meet their initial channel reserve as well.

    There's not a lot of reason to care about us meeting their reserve,
    however - its largely expected that they may not push enough to us
    in the initial open to meet it, and its not actually our problem if
    they don't.

    Further, we used our own fee, instead of the channel's actual fee,
    to calculate fee affordability of the initial commitment
    transaction.

    We resolve both issues here, rewriting the combined affordability
    check conditionals in inbound channel open handling and adding a
    fee affordability check for outbound channels as well.

    The prior code may have allowed a counterparty to start the channel
    with "no punishment" states - violating the reason for the reserve
    threshold.

commit 1d30e06893ff6e19fbbe472ea74ef150f296cbfc
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Nov 10 03:44:04 2021 +0000

    Rewrite test_update_fee_that_funder_cannot_afford to avoid magic

    Instead of magic hard-coded constants, its better for tests to
    derive the values used so that they change if constants are changed
    and so that it is easier to re-derive constants in the future as
    needed.

commit a33d3b98d7c6c4c786e53f5c904cb8620ec54e24
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 15 23:22:08 2021 +0000

    Make Channel::commit_tx_fee_msat static and take fee explicitly

    This may avoid risk of bugs in the future as it requires the caller
    to think about the fee being used, not just blindly use the current
    (committed) channel feerate.

commit ba50dd57868a78d00ed1a3c7a9089cf39d3ca235
Merge: 22398853 c3c0e602
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 22 22:45:51 2021 +0000

    Merge pull request #1054 from ariard/2021-08-check-outbound-feerate

    Check for outbound feerate update affordability before sending

commit 22398853c97966f42c709669fff3c63486d82993
Merge: 3cb3d18e 1180b633
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 22 21:55:06 2021 +0000

    Merge pull request #1168 from TheBlueMatt/2021-11-mpp-routing-fixes

    Fix MPP routefinding when we first collect 95% of payment value

commit c3c0e60226c594f8a5b949b424e74078fd7a24ce
Author: Antoine Riard <dev@ariard.me>
Date:   Sun Nov 21 21:42:58 2021 -0500

    Check outbound update_fee affordance incremented with holding cell HTLCs

commit 1180b633b409029b45c5dbe31b698eaabc79f81a
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Nov 8 03:17:34 2021 +0000

    Fix MPP routefinding when we first collect 95% of payment value

    See comment in new test for more details.

commit 3cb3d18e1d3a7ab8f1ecaa3923faaf7a6887b062
Merge: 58539b84 3b4b74bc
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 22 18:58:56 2021 +0000

    Merge pull request #1145 from tnull/add_gossip_log_level

    Introduce GOSSIP log level to PeerHandler

commit 3b4b74bc6643fbc87e252ad346263fdc22048e51
Author: Elias Rohrer <elias.rohrer@tu-berlin.de>
Date:   Mon Nov 22 18:19:08 2021 +0100

    Add a new log-level for gossip messages.

commit 58539b8440e62dbfe54085949ab6246f4f93cba5
Merge: 1f170dba a4822e5b
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 22 16:40:37 2021 +0000

    Merge pull request #1180 from valentinewallace/2021-11-remove-user-pmt-id

    Remove user_payment_id

commit 1f170dba02c45b061116bbb5f1f82a329b6c9a89
Merge: 293e5f21 dea1310c
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 22 15:41:19 2021 +0000

    Merge pull request #1182 from TheBlueMatt/2021-11-fix-txid-log

    Trivial Logging Fixes

commit efd9ad22fc7d7c3ab131a7fc08b2aa1e1f46c1c0
Author: Antoine Riard <dev@ariard.me>
Date:   Thu Nov 18 21:23:41 2021 -0500

    Introduce CommitmentStats

commit 40f48def109c61d6b569e03113820ee042837d1b
Author: Antoine Riard <dev@ariard.me>
Date:   Mon Sep 27 20:14:06 2021 -0400

    Re-add `test_max_dust_htlc_exposure`

commit dea1310c55171f03a23dc8d76b0f5cda666a93bf
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Nov 20 22:49:11 2021 +0000

    Ensure current channel state is logged for all channels on startup

commit 0b072834ab92081bba4ec907b39f1aa78953016c
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Nov 20 22:27:10 2021 +0000

    Correct txid logging to reverse bytes.

    We also take this opportunity to log the channel being closed when
    one is closed by an on-chain spend of the funding output.

commit 293e5f21ffd286a2037efcf52a025205e624e744
Merge: 8d886ee9 e81ec4a5
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Sat Nov 20 03:26:24 2021 +0000

    Merge pull request #1027 from TheBlueMatt/2021-07-check-dust

    Check all outputs meet the dust threshold in `check_spends!()`

commit ab11f450b67628284e80c28bce2b7d1e9033e97e
Author: Antoine Riard <dev@ariard.me>
Date:   Sat Aug 21 18:52:05 2021 -0400

    Check we won't overflow `max_dust_htlc_exposure_msat` at outbound feerate update

commit a4822e5b27b7bffbae2e5337709c75f7c18dc800
Author: Valentine Wallace <vwallace@protonmail.com>
Date:   Fri Nov 12 14:48:39 2021 -0500

    Remove user_payment_id

    In upcoming commits, we'll be making the payment secret and payment hash/preimage
    derivable from info about the payment + a node secret. This means we don't
    need to store any info about incoming payments and can eventually get rid of the
    channelmanager::pending_inbound_payments map.

commit e81ec4a5adc1b4775ff650a7cd962ab4ea69e30f
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Jul 31 18:33:57 2021 +0000

    Check all outputs meet the dust threshold in check_spends!()

commit 9c1c7c496c34d274bfd66f04810676d215d2e904
Author: Matt Corallo <git@bluematt.me>
Date:   Sat Jul 31 22:19:45 2021 +0000

    Limit minimum output size to the dust limit when RBF-bumping

commit 31975c5994c8daca5b69c7c3b7d5466409ae8c2d
Author: Antoine Riard <dev@ariard.me>
Date:   Sat Aug 21 18:05:51 2021 -0400

    Cancel the outbound feerate update if above what we can afford

commit ee7c5b572b84bfa0a2d88c72ed7032297869b130
Author: Antoine Riard <dev@ariard.me>
Date:   Tue Oct 19 13:29:50 2021 -0400

    Introduce new helper commit_tx_fee_sat

commit 8d886ee92439fdda911fd43887cd7e39d1b41c75
Merge: 2b4ca9e9 e7b2bca1
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Nov 17 19:06:19 2021 +0000

    Merge pull request #1173 from tnull/add_accept_inbound_channels_option

    Add 'accept_inbound_channels' config option.

commit e7b2bca1d6b58ff9e2ccc3c0ca7d3c9afadb67e2
Author: Elias Rohrer <elias.rohrer@tu-berlin.de>
Date:   Wed Nov 17 18:54:47 2021 +0100

    Add 'accept_inbound_channels' config option.

commit 2b4ca9e9c53ee676620932754165bcc5e2308153
Merge: 77948dbc 35829214
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Wed Nov 17 17:28:36 2021 +0000

    Merge pull request #1083 from TheBlueMatt/2021-09-funding-timeout

    Automatically close channels that go unfunded for 2016 blocks

commit 77948dbcd7b167ff4386f1b9de13bd2d2aa97032
Merge: e1ad422c 42ebf774
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 16 22:10:42 2021 +0000

    Merge pull request #1166 from TheBlueMatt/2021-11-chan-size-scoring

commit 358292141a02ae52bdd54f44c63404267b5150db
Author: Matt Corallo <git@bluematt.me>
Date:   Sun Sep 19 23:49:57 2021 +0000

    Automatically close channels that go unfunded for 2016 blocks

    As recommended by BOLT 2 added in
    https://github.com/lightningnetwork/lightning-rfc/pull/839

commit b288a2739afa18c5aedaacb00ed809c98be47187
Author: Matt Corallo <git@bluematt.me>
Date:   Thu Sep 30 21:35:40 2021 +0000

    Return `ClosureReason` from `Channel` chain update methods

    This fixes a few `ClosureReason`s and allows us to have
    finer-grained user-visible errors when a channel closes due to an
    on-chain event.

commit 42ebf774155632b5656fd5820eb8c28d0003d9b6
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Nov 12 15:52:59 2021 +0000

    Move `Score` into a `scoring` module instead of a top-level module

    Traits in top-level modules is somewhat confusing - generally
    top-level modules are just organizational modules and don't contain
    things themselves, instead placing traits and structs in
    sub-modules. Further, its incredibly awkward to have a `scorer`
    sub-module, but only have a single struct in it, with the relevant
    trait it is the only implementation of somewhere else. Not having
    `Score` in the `scorer` sub-module is further confusing because
    it's the only module anywhere that references scoring at all.

commit 9bec35ddde1750359c47b0a83f820ab7287cfd03
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Nov 12 04:16:23 2021 +0000

    Penalize large HTLCs relative to channels in default `Scorer`

    Sending HTLCs which are any greater than a very small fraction of the
    channel size tend to fail at a much higher rate. Thus, by default
    we start applying a penalty at only 1/8th the channel size and
    increase it linearly as the amount reaches the channel's capacity,
    20 msat per 1024th of the channel capacity.

commit 8dc7cfab3af7e26cddd8c65a913d5ee021907442
Author: Matt Corallo <git@bluematt.me>
Date:   Fri Nov 12 03:52:58 2021 +0000

    Provide `Score` the HTLC amount and channel capacity

    This should allow `Score` implementations to make substantially
    better decisions, including of the form "willing to pay X to avoid
    routing over this channel which may have a high failure rate".

commit e1ad422c1b9bb114f20411777faaee750c670ec5
Merge: 4a3139d2 592bfd7c
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 16 20:56:40 2021 +0000

    Merge pull request #1160 from jkczyz/2011-11-spontaneous-invoice-payer

    Retries for spontaneous payments

commit 592bfd7c58e73eaa5cfd5032d982883878510037
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Thu Nov 11 21:47:59 2021 -0600

    Add PaymentHash parameter to Router::find_route

    Implementations of Router may need the payment hash in order to look up
    pre-computed routes from a probe for a given payment. Add a PaymentHash
    parameter to Router::find_route to allow for this.

commit 756b3051573ed9b4e04cc2227af93c45fe0d8104
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Mon Nov 15 22:47:40 2021 -0600

    Test retrying payment on partial send failure

    Add some test coverage for when InvoicePayer retries within pay_invoice
    because the Payer returned a partial failure.

commit ab9576201d358881583a0327104d798b7f3e4fb0
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 9 18:07:23 2021 -0600

    Replace expect_value_msat with expect_send

    Modify all InvoicePayer unit tests to use expect_send instead of
    expect_value_msat, since the former can discern whether the send was for
    an invoice, spontaneous payment, or a retry. Updates tests to set payer
    expectations if they weren't already and assert these before returning a
    failure.

commit b4c7370d26a23ccf044b3d0e8b4c344c743433c9
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 9 17:32:37 2021 -0600

    Support spontaneous payments in InvoicePayer

    InvoicePayer handles retries not only when handling PaymentPathFailed
    events but also for some types of PaymentSendFailure on the initial
    send. Expand InvoicePayer's interface with a pay_pubkey function for
    spontaneous (keysend) payments. Add a send_spontaneous_payment function
    to the Payer trait to support this and implement it for ChannelManager.

commit c9ce344d56991ffa49c1867d5041bc136cedbece
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Tue Nov 9 09:37:34 2021 -0600

    Refactor InvoicePayer for spontaneous payments

    To support spontaneous payments, InvoicePayer's sending logic must be
    invoice-agnostic. Refactor InvoicePayer::pay_invoice_internal such that
    invoice-specific code is in pay_invoice_using_amount and the remaining
    logic is in pay_internal.

    Further refactor the code's payment_cache locking such that it is
    accessed consistently when needed, and tidy up the code a bit.

commit 4a3139d24df6b7e60161816b2272f0b0e2a622f9
Merge: 4d6c2624 a44587d9
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 16 18:18:01 2021 +0000

    Merge pull request #1161 from TheBlueMatt/2021-11-fix-chan-type-ser

    Correct Channel type serialization logic

commit a44587d9aabe45b5ad419996ec7dbe3e5ddd724b
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Nov 9 21:22:47 2021 +0000

    Correct Channel type serialization logic

    Currently, we write out the Channel's `ChannelTypeFeatures` as an
    odd type, implying clients which don't understand the
    `ChannelTypeFeatures` field can simply ignore it. This is obviously
    nonsense if the channel type is some future version - the client
    needs to fail to deserialize as it doesn't understand the channel's
    type.

    We adapt the serialization logic here to only write out the
    `ChannelTypeFeatures` field if it is something other than
    only-static-remote-key, and simply consider that "default" (as it
    is the only supported type today). Then, we write out the channel
    type as an even TLV, implying clients which do not understand it
    must fail to read the `Channel`.

    Note that we do not need to bother reserving the TLV type no longer
    written as it never appeared in a release (merged post-0.0.103).

commit 4d6c26248d85abe9a3c8aeefe31b4ebafd3b5bee
Merge: 4bb81ff5 5e998cce
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Tue Nov 16 16:18:20 2021 +0000

    Merge pull request #1119 from TheBlueMatt/2021-10-less-aggressive-htlc-timeouts

    Be less aggressive in outbound HTLC CLTV timeout checks

commit 5e998cce6ba4511df483cf893cd19b51a0ac0214
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Oct 13 04:19:13 2021 +0000

    Be less aggressive in outbound HTLC CLTV timeout checks

    We currently assume our counterparty is naive and misconfigured and
    may force-close a channel to get an HTLC we just forwarded them.

    There shouldn't be any reason to do this - we don't have any such
    bug, and we shouldn't start by assuming our counterparties are
    buggy. Worse, this results in refusing to forward payments today,
    failing HTLCs for largely no reason.

    Instead, we keep a fairly conservative check, but not one which
    will fail HTLC forwarding spuriously - testing only that the HTLC
    doesn't expire for a few blocks from now.

    Fixes #1114.

commit 4bb81ff5942749077613827d6807b64230ecbcd5
Merge: 1beccf18 119841a2
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Sat Nov 13 00:23:28 2021 +0000

    Merge pull request #1131 from TheBlueMatt/2021-10-upstream-dust

    Use upstream rust-bitcoin's dust calculation instead of our own

commit 119841a24365174c0744fbe8916225c0c576f0d6
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Oct 11 17:22:08 2021 +0000

    Use upstream rust-bitcoin's dust calculation instead of our own

    Not only does this move to common code, but it fixes handling of
    all output types except for a few trivial cases.

commit 1beccf188d157cc3147d348a348ad8d2e5d5fe59
Merge: 081ce7c8 0ec13f61
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Nov 12 17:59:18 2021 +0000

    Merge pull request #1143 from TheBlueMatt/2021-10-no-payment-id-leaks

    Fix a minor memory leak on PermanentFailure mon errs when sending

commit 081ce7c843713a42803097a6d2dcf3631778beda
Merge: 7c4dfad4 7dd8bd70
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Nov 12 15:22:41 2021 +0000

    Merge pull request #1165 from lightning-signer/2021-11-fix-anchors

    Fix countersignatory (to_remote) output redeemscript when anchors enabled

commit 7dd8bd7068fdaab3c83e152b304086e1c363e999
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Thu Nov 11 12:01:44 2021 -0800

    Renamed script_for_p2wpkh to get_p2wpkh_redeemscript to match convention

commit 1366d305312a591b0f889919a7ba41b903fa1973
Author: Ken Sedgwick <ken@bonsai.com>
Date:   Wed Nov 10 00:09:24 2021 -0800

    Fix to_remote output redeemscript when anchors enabled

commit 0ec13f611bbbee831e37416f052c97d924b23ec0
Author: Matt Corallo <git@bluematt.me>
Date:   Tue Oct 26 21:40:14 2021 +0000

    Fix a minor memory leak on PermanentFailure mon errs when sending

    If we send a payment and fail to update the first-hop channel state
    with a `PermanentFailure` ChannelMonitorUpdateErr, we would have an
    entry in our pending payments map, but possibly not return the
    PaymentId back to the user to retry the payment, leading to a (rare
    and relatively minor) memory leak.

commit 7c4dfad4fe97c9d8bc37c38e15b9dab95f27e37a
Merge: 6f053e48 8e96f6b9
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Thu Nov 11 15:47:37 2021 +0000

    Merge pull request #1105 from TheBlueMatt/2021-10-log-persist-time

    Log before+after ChannelMonitor/Manager updates for visibility

commit 8e96f6b92efb2a04e957629f281bdb491f62dc9a
Author: Matt Corallo <git@bluematt.me>
Date:   Mon Oct 4 03:11:36 2021 +0000

    Log before+after ChannelMonitor/Manager updates for visibility

    I realized on my own node that I don't have any visibility into how
    long a monitor or manager persistence call takes, potentially
    blocking other operations. This makes it much more clear by adding
    a relevant log_trace!() print immediately before and immediately
    after persistence.

commit 6f053e48b021d516b562a449c91f977397502e73
Merge: d2f401a7 b57ed798
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Mon Nov 8 23:56:47 2021 +0000

    Merge pull request #1158 from jkczyz/2021-11-scorer-tests

    Scorer unit tests

commit b57ed7982f735c91171dfcf1d0dde5c607dba702
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Thu Nov 4 16:55:01 2021 -0500

    Add unit tests for Scorer

    Test basic and channel failure penalties, including after a
    (de-)serialization round trip.

commit 2a7d9c8ddd08bcc205eec223a0f35730271de072
Author: Jeffrey Czyz <jkczyz@gmail.com>
Date:   Thu Nov 4 13:58:11 2021 -0500

    Add SinceEpoch time to test Scorer hermetically

    In order to test Scorer hermetically, sleeps must be avoided. Add a
    SinceEpoch abstraction for manually advancing time. Implement the Time
    trait for SinceEpoch so that it can be used with ScorerUsingTime in
    tests.

commit d2f401a79e03a0816301fe25a089ad61cc70e52e
Merge: c0bbd4d9 7df087a3
Author: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com>
Date:   Fri Nov 5 15:45:21 2021 +0000

    Merge pull request #1154 from TheBlueMatt/2021-11-103-doc-tweaks

    0.0.103 CHANGELOG tweaks from Jeff

commit 7df087a36af69bd94edb5368f21ceb8d47c721b4
Author: Matt Corallo <git@bluematt.me>
Date:   Wed Nov 3 16:51:56 2021 +0000

    Add note about PaymentId fields to 0.0.103 changelog

commit 31cd00ebf5cc1e3eb0efb09a…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants