-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Option Upfront Shutdown #3655
Add Option Upfront Shutdown #3655
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did a high level pass, things are coming together! Need to read up more on BOLT-2 before I can give it a more detailed look 😅
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@carlaKC solid PR! looks pretty complete to me, well tested and well documented :) completed an initial pass
if err != nil && err != io.EOF { | ||
return err | ||
} | ||
return nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
note to self/spec: adding a TLV field after this seems difficult, as it requires knowing whether or not to expect the delivery address. we might accidentally parse a tlv stream into a delivery address, cc @Roasbeef @joostjager
a212935
to
49aa391
Compare
Pushed some small fixes + the ability to enable upfront shutdown a with |
lnwire/accept_channel.go
Outdated
return err | ||
} | ||
|
||
if len(a.UpfrontShutdownScript) == 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The spec says
if both nodes advertised the option_upfront_shutdown_script feature:
MUST include either a valid shutdown_scriptpubkey as required by shutdown scriptpubkey, or a zero-length shutdown_scriptpubkey.`
I read this as we must write a zero length field in this case?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked this out and you're right about the 0 value 👍
So proceeding with the following:
- Encode a 0 for empty shutdown address (fine for non upfront shutdown understanding lnd, will have to double check interop)
- Encode
len
/addr
when given a non-0 delivery address - Always try to decode with the EOF trick
lnwallet/reservation.go
Outdated
|
||
errChan := make(chan error, 1) | ||
|
||
r.wallet.msgChan <- &addUpfrontShutdown{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As there's no real validation going on here (other than the script size), I don't think this needs to go into the wallet. Instead, we can extend the normal contributions to encompass this new piece of information, as after the first two funding flow messages, all the necessary information is known.
discovery/mock_test.go
Outdated
// embed the peer interface so that mockPeer will implement lnpeer.Peer by | ||
// default. Methods that need to be called in tests still need to be | ||
// implemented. | ||
lnpeer.Peer |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if this is a good move, as it may cause confusion when the interface is extended, but the tests aren't updated and fail. Also tbh, I didn't know this was possible :p
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My argument for using this is that it results in tests failing loudly. If you extend an interface and a test uses the new function call it will panic, which you'll pick up and have to go see exactly what your change is affecting. If the tests need the new function, you will have to update the mock in your PR (as before), this just saves on some boilerplate :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like this boilerplate-free world :)
lnwallet/reservation.go
Outdated
flags lnwire.FundingFlag, | ||
tweaklessCommit bool) (*ChannelReservation, error) { | ||
flags lnwire.FundingFlag, tweaklessCommit bool, localShutdown, | ||
remoteShutdown lnwire.DeliveryAddress) (*ChannelReservation, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Following from my other comment, I think this can be handled as a contribution.
49aa391
to
a8a3a10
Compare
a8a3a10
to
1b7c6e4
Compare
a24d0a2
to
3ff97a2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@carlaKC latest version is 🔥well tested and easy to follow, only minor comments
chancloser.go
Outdated
// Now that we know this is a valid shutdown message, we'll | ||
// If the remote node opened the channel with option upfront shutdown | ||
// script, check that the script they provided matches. | ||
err := maybeMatchScript( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it possible to pull this into a helper so that isn't duplicated?
channeldb/channel_test.go
Outdated
expectedRemote lnwire.DeliveryAddress | ||
}{ | ||
{ | ||
name: "No shutdown scripts", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typically we use all lower cases for test names, not a blocker tho
shutdown, err := getUpfrontShutdownScript( | ||
msg.peer, | ||
msg.openChanReq.shutdownScript, | ||
func() (lnwire.DeliveryAddress, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps extract this closure as a member of the funding manager? can this pass it to both as, e.g., f.genDeliveryAddr
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Peer already has a genDeliveryScript
, so this (as is, and if added to funding manager) results in some duplication. An alternative would be to expose genDeliveryScript
on the peer interface, or move all of the logic in getUpfrontShutdownScript
into f.genUpfrontShutdown
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it is just to avoid some clutter and indentation here, instead having the method be
func(f *fundingmanager) genDeliveryAddr() (lnwire.DeliveryAddress, error) {
addr, err := f.cfg.Wallet.NewAddress(lnwallet.WitnessPubKey, false)
if err != nil {
return nil, err
}
return txscript.PayToAddrScript(addr)
}
adf00b8
to
ef67638
Compare
Done some testing to make sure these changes work with other impls/ lnd as is. lnd: c-lightning: C-Lightning does disconnect from us on channel close, but this occurs on master as well, so I'm assuming that's because they only support single channels so do cleanup on close. Will double check. eclair: Just want to clarify the meaning of "MUST fail the connection" in BOLT 2 before requesting review again. Specifically whether we should error out of the close channel interaction or disconnect from the peer entirely. |
0792a15
to
e2b0509
Compare
Ecalir interop done, they don't support upfront shutdown so I just checked that channel open/close work as before. Updated disconnection function call to permanently disconnect from the violating peer by removing them from our persistent peers. We do still have a channel open with the peer, and they will most likely just reconnect to us anyway (since we don't have the ability to ban). |
This commit adds the feature bit and additional fields required in `open_channel` and `accept_channel` wire messages for `option_upfront_shutdown_script`.
This commit enables signalling for the optional upfront shutdown script feature bit.
This commit sets our close addresss to the address specified by option upfront shutdown, if specified, and disconnects from peers that fail to provide their upfront shutdown address for coopertaive closes of channels that were opened with the option set.
This commit adds fields for upfront shutdown scripts set by the local and remote peer to the OpenChannel struct. These values are optional, so they are added with their own keys in the chanBucket in the DB.
This commit gets upfront shutdown scripts from openchannel and acceptchannel wire messages sent from our peer and sets upfront shutdown scripts in our open and accept channel messages when the remote peer supports option upfront shutdown and we have the feature enabled.
e2b0509
to
9b35c34
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome work, this LGTM now! 💯
Follow-up would be to enable the feature on channel opens. Maybe create an issue for that for someone to pick up? :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
beautiful PR, LGTM 💯
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 💸
👀 |
This PR adds support for
option_upfront_shutdown_commitment
, which allows nodes to specify a script to which funds should be paid out in the event of a cooperative close during channel negotiation.Upfront shutdown addresses are set by default for channels that we open or accept if the remote peer supports this feature.
Replaces #449