Don't trim HTLCs when calculating the commit tx fee including the fee spike multiple

[tankyleo]

We previously accounted for HTLC trims at the spiked feerate when calculating the reserved commitment transaction fees.

This could cause an underestimate of the real current commitment fee at the current channel feerate. This is because a 2x increase in the feerate could trim enough HTLCs to result in a smaller commitment transaction fee.

Also, the previous code only reserved the fee for an exact 2x increase in the feerate, instead of reserving the fee for any increase in the feerate between 1x to 2x.

Fixes #4563.

[ldk-reviews-bot]

👋 Thanks for assigning @carlaKC as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.43%. Comparing base (964a84f) to head (6d8b153).
⚠️ Report is 18 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4574      +/-   ##
==========================================
+ Coverage   86.18%   86.43%   +0.25%     
==========================================
  Files         156      158       +2     
  Lines      108528   108752     +224     
  Branches   108528   108752     +224     
==========================================
+ Hits        93532    93998     +466     
+ Misses      12386    12221     -165     
+ Partials     2610     2533      -77     

Flag	Coverage Δ
fuzzing-fake-hashes	5.11% <0.00%> (?)
fuzzing-real-hashes	22.75% <96.36%> (?)
tests	86.18% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[ldk-claude-review-bot]

The is_outbound_from_holder guard has been removed from the spiked feerate calculation. Previously, only the channel funder (outbound) applied the 2x fee spike buffer here; now it applies to both funder and fundee channels.

This is a behavioral change beyond the stated fix: for non-anchor inbound (fundee) channels, spiked_feerate was previously just feerate_per_kw, and now it's feerate_per_kw * 2. This affects downstream calculations including:

• local_max_commit_tx_fee_sat / local_min_commit_tx_fee_sat (though only used in the outbound branch)
• get_next_splice_out_maximum_sat (uses spiked_feerate for the has_output check)
• Both adjust_boundaries_if_max_dust_htlc_produces_no_output calls (now use 2x feerate for inbound channels)

This makes capacity reporting more conservative for fundee channels, which may be intentional (aligning reported capacity with what can_accept_incoming_htlc actually accepts). If so, it would be good to mention this in the PR description / commit message as a deliberate secondary change.

[ldk-claude-review-bot]

Identifying HTLCs by hardcoded first-byte values of payment hashes (0x75, 0x64, 0x72, 0x66) is fragile. This depends on the internal deterministic hash generation of the test framework, and will panic at the unwrap() if the test infrastructure changes how payment hashes are derived.

Consider tracking payment hashes directly from the route_payment return values instead. For example, store them in a Vec as they are created, and reference them by index to build htlcs_in_tx.

[ldk-claude-review-bot]

Review Summary

The core logic change — using the base-feerate nondust HTLC count with the spiked feerate for fee reservation — is correct. This properly ensures the funder can afford any feerate increase between 1x and 2x (not just exactly 2x), since commit_tx_fee(2x, nondust_count_at_1x) is a tight upper bound on the fee at any intermediate feerate.

Inline comments posted:

• lightning/src/sign/tx_builder.rs:464-469 — Behavioral change for fundee (inbound) channels: the is_outbound_from_holder guard was removed from the spiked feerate calculation in get_available_balances, making capacity reporting more conservative for non-anchor inbound channels. This is a secondary change not mentioned in the PR description.
• lightning/src/ln/htlc_reserve_unit_tests.rs:3793-3829 — Fragile test: HTLCs are identified by hardcoded first-byte values of payment hashes, which will panic if the test framework's hash generation changes.