Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fail HTLCs which were removed from a channel but not persisted #1857

Merged
merged 3 commits into from Dec 5, 2022
Merged

Fail HTLCs which were removed from a channel but not persisted #1857

merged 3 commits into from Dec 5, 2022

Conversation

TheBlueMatt
Copy link
Collaborator

@TheBlueMatt TheBlueMatt commented Nov 16, 2022
edited

Based on #1830 (I didn't pull it all in, but there's one commit that just takes one function from there).

When a channel is force-closed, if a ChannelMonitor update is
completed but a ChannelManager persist has not yet happened,
HTLCs which were removed in the latest (persisted) ChannelMonitor
update will not be failed even though they do not appear in the
commitment transaction which went on chain. This is because the
ChannelManager thinks the ChannelMonitor is responsible for
them (as it is stale), but the ChannelMonitor has no knowledge of
the HTLC at all (as it is not stale).

The fix for this is relatively simple - we need to check for this
specific case and fail back such HTLCs when deserializing a
ChannelManager

@TheBlueMatt TheBlueMatt added this to the 0.0.113 milestone Nov 16, 2022
@TheBlueMatt TheBlueMatt force-pushed the 2022-11-reload-htlc branch 2 times, most recently from 5180e9e to d793bb8 Compare November 16, 2022 18:37
@TheBlueMatt TheBlueMatt mentioned this pull request Nov 16, 2022
Closed
@codecov-commenter
Copy link

codecov-commenter commented Nov 16, 2022
edited

Codecov Report

Base: 90.60% // Head: 91.78% // Increases project coverage by +1.17% 🎉

Coverage data is based on head (3149544) compared to base (a4c4301).
Patch coverage: 93.36% of modified lines in pull request are covered.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1857      +/-   ##
==========================================
+ Coverage   90.60%   91.78%   +1.17%     
==========================================
  Files          91       91              
  Lines       47969    56197    +8228     
  Branches    47969    56197    +8228     
==========================================
+ Hits        43463    51581    +8118     
- Misses       4506     4616     +110
Impacted Files Coverage Δ
lightning/src/ln/functional_test_utils.rs 96.52% <ø> (+2.87%) ⬆️
lightning/src/ln/channel.rs 91.30% <80.00%> (+2.56%) ⬆️
lightning/src/ln/channelmanager.rs 89.40% <82.97%> (+4.29%) ⬆️
lightning/src/ln/reload_tests.rs 95.50% <96.55%> (+0.25%) ⬆️
lightning/src/chain/channelmonitor.rs 93.29% <97.67%> (+2.55%) ⬆️
lightning/src/chain/onchaintx.rs 94.44% <0.00%> (-0.43%) ⬇️
lightning/src/ln/peer_channel_encryptor.rs 93.38% <0.00%> (-0.25%) ⬇️
lightning/src/ln/reorg_tests.rs 100.00% <0.00%> (ø)
lightning/src/ln/payment_tests.rs 98.92% <0.00%> (+0.02%) ⬆️
lightning/src/ln/monitor_tests.rs 99.66% <0.00%> (+0.10%) ⬆️
... and 12 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@valentinewallace
Copy link
Contributor

Needs rebase

@TheBlueMatt
Copy link
Collaborator Author

Rebased.

@dunxen dunxen self-requested a review November 28, 2022 17:44
dunxen
dunxen reviewed Nov 29, 2022
View reviewed changes
Copy link
Contributor

@dunxen dunxen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM AFAICT. Just nits. One optional.

lightning/src/chain/channelmonitor.rs Outdated Show resolved Hide resolved
lightning/src/ln/reload_tests.rs Outdated Show resolved Hide resolved
dunxen
dunxen previously approved these changes Dec 5, 2022
View reviewed changes
@TheBlueMatt
Expose the full set of outbound HTLCs from a ChannelMonitor
e142f67 
This expands the outbound-HTLC-listing support in `ChannelMonitor`
to include not only the set of outbound HTLCs which have not yet
been resolved but to also include the full set of HTLCs which the
`ChannelMonitor` is currently able to to or has already finalized.

This will be used in the next commit to fail-back HTLCs which were
removed from a channel in the ChannelMonitor but not in a Channel.
Using the existing `get_pending_outbound_htlcs` for this purpose is
subtly broken - if the channel is already closed, an HTLC fail may
have completed on chain and is no longer "pending" to the monitor,
but the fail event is still in the monitor waiting to be handed
back to the `ChannelMonitor` when polled.
@TheBlueMatt
Avoid attempting to forward to a closed chan on stale-data reload
0bb87dd 
If, after forwarding a payment to our counterparty, we restart with
a ChannelMonitor update having been persisted, but the
corresponding ChannelManager update was not persisted, we'll still
have the forwarded HTLC in the `forward_htlcs` map on start. This
will cause us to generate a (spurious) `PendingHTLCsForwardable`
event. However, when we go to forward said HTLC, we'll notice the
channel has been closed and leave it up to the `ChannelMontior` to
finalize the HTLC.

This is all fine today - we won't lose any funds, we'll just
generate an excess forwardable event and then fail to forward.
However, in the future when we allow for forward-time channel
changes this could break. Thus, its worth adding tests for this
behavior today, and, while we're at it, removing the spurious
forwardable HTLCs event.
@TheBlueMatt
Fail HTLCs which were removed from a channel but not persisted
dbe4aad 
When a channel is force-closed, if a `ChannelMonitor` update is
completed but a `ChannelManager` persist has not yet happened,
HTLCs which were removed in the latest (persisted) `ChannelMonitor`
update will not be failed even though they do not appear in the
commitment transaction which went on chain. This is because the
`ChannelManager` thinks the `ChannelMonitor` is responsible for
them (as it is stale), but the `ChannelMonitor` has no knowledge of
the HTLC at all (as it is not stale).

The fix for this is relatively simple - we need to check for this
specific case and fail back such HTLCs when deserializing a
`ChannelManager`
@TheBlueMatt
Copy link
Collaborator Author

Squashed fixups.

@TheBlueMatt TheBlueMatt merged commit f4ab077 into lightningdevkit:main Dec 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dunxen dunxen dunxen approved these changes

@wpaulino wpaulino wpaulino approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.0.113
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@TheBlueMatt @codecov-commenter @valentinewallace @dunxen @wpaulino