diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index dddd97cae45..ea0b78dc8ae 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -267,6 +267,7 @@ impl SignerProvider for KeyProvider { inner, state, disable_revocation_policy_check: false, + available: Arc::new(Mutex::new(true)), }) } diff --git a/lightning/src/ln/async_signer_tests.rs b/lightning/src/ln/async_signer_tests.rs new file mode 100644 index 00000000000..a82fd2e4201 --- /dev/null +++ b/lightning/src/ln/async_signer_tests.rs @@ -0,0 +1,323 @@ +// This file is Copyright its original authors, visible in version control +// history. +// +// This file is licensed under the Apache License, Version 2.0 or the MIT license +// , at your option. +// You may not use this file except in accordance with one or both of these +// licenses. + +//! Tests for asynchronous signing. These tests verify that the channel state machine behaves +//! properly with a signer implementation that asynchronously derives signatures. + +use crate::events::{Event, MessageSendEvent, MessageSendEventsProvider}; +use crate::ln::functional_test_utils::*; +use crate::ln::msgs::ChannelMessageHandler; +use crate::ln::channelmanager::{PaymentId, RecipientOnionFields}; + +#[test] +fn test_async_commitment_signature_for_funding_created() { + // Simulate acquiring the signature for `funding_created` asynchronously. + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + + nodes[0].node.create_channel(nodes[1].node.get_our_node_id(), 100000, 10001, 42, None).unwrap(); + + // nodes[0] --- open_channel --> nodes[1] + let mut open_chan_msg = get_event_msg!(nodes[0], MessageSendEvent::SendOpenChannel, nodes[1].node.get_our_node_id()); + nodes[1].node.handle_open_channel(&nodes[0].node.get_our_node_id(), &open_chan_msg); + + // nodes[0] <-- accept_channel --- nodes[1] + nodes[0].node.handle_accept_channel(&nodes[1].node.get_our_node_id(), &get_event_msg!(nodes[1], MessageSendEvent::SendAcceptChannel, nodes[0].node.get_our_node_id())); + + // nodes[0] --- funding_created --> nodes[1] + // + // But! Let's make node[0]'s signer be unavailable: we should *not* broadcast a funding_created + // message... + let (temporary_channel_id, tx, _) = create_funding_transaction(&nodes[0], &nodes[1].node.get_our_node_id(), 100000, 42); + nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &temporary_channel_id, false); + nodes[0].node.funding_transaction_generated(&temporary_channel_id, &nodes[1].node.get_our_node_id(), tx.clone()).unwrap(); + check_added_monitors(&nodes[0], 0); + + assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); + + // Now re-enable the signer and simulate a retry. The temporary_channel_id won't work anymore so + // we have to dig out the real channel ID. + let chan_id = { + let channels = nodes[0].node.list_channels(); + assert_eq!(channels.len(), 1, "expected one channel, not {}", channels.len()); + channels[0].channel_id + }; + + nodes[0].set_channel_signer_available(&nodes[1].node.get_our_node_id(), &chan_id, true); + nodes[0].node.signer_unblocked(Some((nodes[1].node.get_our_node_id(), chan_id))); + + let mut funding_created_msg = get_event_msg!(nodes[0], MessageSendEvent::SendFundingCreated, nodes[1].node.get_our_node_id()); + nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); + check_added_monitors(&nodes[1], 1); + expect_channel_pending_event(&nodes[1], &nodes[0].node.get_our_node_id()); + + // nodes[0] <-- funding_signed --- nodes[1] + let funding_signed_msg = get_event_msg!(nodes[1], MessageSendEvent::SendFundingSigned, nodes[0].node.get_our_node_id()); + nodes[0].node.handle_funding_signed(&nodes[1].node.get_our_node_id(), &funding_signed_msg); + check_added_monitors(&nodes[0], 1); + expect_channel_pending_event(&nodes[0], &nodes[1].node.get_our_node_id()); +} + +#[test] +fn test_async_commitment_signature_for_funding_signed() { + // Simulate acquiring the signature for `funding_signed` asynchronously. + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + + nodes[0].node.create_channel(nodes[1].node.get_our_node_id(), 100000, 10001, 42, None).unwrap(); + + // nodes[0] --- open_channel --> nodes[1] + let mut open_chan_msg = get_event_msg!(nodes[0], MessageSendEvent::SendOpenChannel, nodes[1].node.get_our_node_id()); + nodes[1].node.handle_open_channel(&nodes[0].node.get_our_node_id(), &open_chan_msg); + + // nodes[0] <-- accept_channel --- nodes[1] + nodes[0].node.handle_accept_channel(&nodes[1].node.get_our_node_id(), &get_event_msg!(nodes[1], MessageSendEvent::SendAcceptChannel, nodes[0].node.get_our_node_id())); + + // nodes[0] --- funding_created --> nodes[1] + let (temporary_channel_id, tx, _) = create_funding_transaction(&nodes[0], &nodes[1].node.get_our_node_id(), 100000, 42); + nodes[0].node.funding_transaction_generated(&temporary_channel_id, &nodes[1].node.get_our_node_id(), tx.clone()).unwrap(); + check_added_monitors(&nodes[0], 0); + + let mut funding_created_msg = get_event_msg!(nodes[0], MessageSendEvent::SendFundingCreated, nodes[1].node.get_our_node_id()); + + // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should + // *not* broadcast a `funding_signed`... + nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); + check_added_monitors(&nodes[1], 1); + + assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); + + // Now re-enable the signer and simulate a retry. The temporary_channel_id won't work anymore so + // we have to dig out the real channel ID. + let chan_id = { + let channels = nodes[0].node.list_channels(); + assert_eq!(channels.len(), 1, "expected one channel, not {}", channels.len()); + channels[0].channel_id + }; + nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); + + expect_channel_pending_event(&nodes[1], &nodes[0].node.get_our_node_id()); + + // nodes[0] <-- funding_signed --- nodes[1] + let funding_signed_msg = get_event_msg!(nodes[1], MessageSendEvent::SendFundingSigned, nodes[0].node.get_our_node_id()); + nodes[0].node.handle_funding_signed(&nodes[1].node.get_our_node_id(), &funding_signed_msg); + check_added_monitors(&nodes[0], 1); + expect_channel_pending_event(&nodes[0], &nodes[1].node.get_our_node_id()); +} + +#[test] +fn test_async_commitment_signature_for_commitment_signed() { + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + let (_, _, chan_id, _) = create_announced_chan_between_nodes(&nodes, 0, 1); + + // Send a payment. + let src = &nodes[0]; + let dst = &nodes[1]; + let (route, our_payment_hash, _our_payment_preimage, our_payment_secret) = get_route_and_payment_hash!(src, dst, 8000000); + src.node.send_payment_with_route(&route, our_payment_hash, + RecipientOnionFields::secret_only(our_payment_secret), PaymentId(our_payment_hash.0)).unwrap(); + check_added_monitors!(src, 1); + + // Pass the payment along the route. + let payment_event = { + let mut events = src.node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + SendEvent::from_event(events.remove(0)) + }; + assert_eq!(payment_event.node_id, dst.node.get_our_node_id()); + assert_eq!(payment_event.msgs.len(), 1); + + dst.node.handle_update_add_htlc(&src.node.get_our_node_id(), &payment_event.msgs[0]); + + // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a + // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. + dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); + check_added_monitors(dst, 1); + + get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); + + // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. + dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + + let events = dst.node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1, "expected one message, got {}", events.len()); + if let MessageSendEvent::UpdateHTLCs { ref node_id, .. } = events[0] { + assert_eq!(node_id, &src.node.get_our_node_id()); + } else { + panic!("expected UpdateHTLCs message, not {:?}", events[0]); + }; +} + +#[test] +fn test_async_commitment_signature_for_funding_signed_0conf() { + // Simulate acquiring the signature for `funding_signed` asynchronously for a zero-conf channel. + let mut manually_accept_config = test_default_channel_config(); + manually_accept_config.manually_accept_inbound_channels = true; + + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, Some(manually_accept_config)]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + + // nodes[0] --- open_channel --> nodes[1] + nodes[0].node.create_channel(nodes[1].node.get_our_node_id(), 100000, 10001, 42, None).unwrap(); + let open_channel = get_event_msg!(nodes[0], MessageSendEvent::SendOpenChannel, nodes[1].node.get_our_node_id()); + + nodes[1].node.handle_open_channel(&nodes[0].node.get_our_node_id(), &open_channel); + + { + let events = nodes[1].node.get_and_clear_pending_events(); + assert_eq!(events.len(), 1, "Expected one event, got {}", events.len()); + match &events[0] { + Event::OpenChannelRequest { temporary_channel_id, .. } => { + nodes[1].node.accept_inbound_channel_from_trusted_peer_0conf( + temporary_channel_id, &nodes[0].node.get_our_node_id(), 0) + .expect("Unable to accept inbound zero-conf channel"); + }, + ev => panic!("Expected OpenChannelRequest, not {:?}", ev) + } + } + + // nodes[0] <-- accept_channel --- nodes[1] + let accept_channel = get_event_msg!(nodes[1], MessageSendEvent::SendAcceptChannel, nodes[0].node.get_our_node_id()); + assert_eq!(accept_channel.minimum_depth, 0, "Expected minimum depth of 0"); + nodes[0].node.handle_accept_channel(&nodes[1].node.get_our_node_id(), &accept_channel); + + // nodes[0] --- funding_created --> nodes[1] + let (temporary_channel_id, tx, _) = create_funding_transaction(&nodes[0], &nodes[1].node.get_our_node_id(), 100000, 42); + nodes[0].node.funding_transaction_generated(&temporary_channel_id, &nodes[1].node.get_our_node_id(), tx.clone()).unwrap(); + check_added_monitors(&nodes[0], 0); + + let mut funding_created_msg = get_event_msg!(nodes[0], MessageSendEvent::SendFundingCreated, nodes[1].node.get_our_node_id()); + + // Now let's make node[1]'s signer be unavailable while handling the `funding_created`. It should + // *not* broadcast a `funding_signed`... + nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &temporary_channel_id, false); + nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created_msg); + check_added_monitors(&nodes[1], 1); + + assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); + + // Now re-enable the signer and simulate a retry. The temporary_channel_id won't work anymore so + // we have to dig out the real channel ID. + let chan_id = { + let channels = nodes[0].node.list_channels(); + assert_eq!(channels.len(), 1, "expected one channel, not {}", channels.len()); + channels[0].channel_id + }; + + // At this point, we basically expect the channel to open like a normal zero-conf channel. + nodes[1].set_channel_signer_available(&nodes[0].node.get_our_node_id(), &chan_id, true); + nodes[1].node.signer_unblocked(Some((nodes[0].node.get_our_node_id(), chan_id))); + + let (funding_signed, channel_ready_1) = { + let events = nodes[1].node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 2); + let funding_signed = match &events[0] { + MessageSendEvent::SendFundingSigned { msg, .. } => msg.clone(), + ev => panic!("Expected SendFundingSigned, not {:?}", ev) + }; + let channel_ready = match &events[1] { + MessageSendEvent::SendChannelReady { msg, .. } => msg.clone(), + ev => panic!("Expected SendChannelReady, not {:?}", ev) + }; + (funding_signed, channel_ready) + }; + + nodes[0].node.handle_funding_signed(&nodes[1].node.get_our_node_id(), &funding_signed); + expect_channel_pending_event(&nodes[0], &nodes[1].node.get_our_node_id()); + expect_channel_pending_event(&nodes[1], &nodes[0].node.get_our_node_id()); + check_added_monitors(&nodes[0], 1); + + let channel_ready_0 = get_event_msg!(nodes[0], MessageSendEvent::SendChannelReady, nodes[1].node.get_our_node_id()); + + nodes[0].node.handle_channel_ready(&nodes[1].node.get_our_node_id(), &channel_ready_1); + expect_channel_ready_event(&nodes[0], &nodes[1].node.get_our_node_id()); + + nodes[1].node.handle_channel_ready(&nodes[0].node.get_our_node_id(), &channel_ready_0); + expect_channel_ready_event(&nodes[1], &nodes[0].node.get_our_node_id()); + + let channel_update_0 = get_event_msg!(nodes[0], MessageSendEvent::SendChannelUpdate, nodes[1].node.get_our_node_id()); + let channel_update_1 = get_event_msg!(nodes[1], MessageSendEvent::SendChannelUpdate, nodes[0].node.get_our_node_id()); + + nodes[0].node.handle_channel_update(&nodes[1].node.get_our_node_id(), &channel_update_1); + nodes[1].node.handle_channel_update(&nodes[0].node.get_our_node_id(), &channel_update_0); + + assert_eq!(nodes[0].node.list_usable_channels().len(), 1); + assert_eq!(nodes[1].node.list_usable_channels().len(), 1); +} + +#[test] +fn test_async_commitment_signature_for_peer_disconnect() { + let chanmon_cfgs = create_chanmon_cfgs(2); + let node_cfgs = create_node_cfgs(2, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]); + let nodes = create_network(2, &node_cfgs, &node_chanmgrs); + let (_, _, chan_id, _) = create_announced_chan_between_nodes(&nodes, 0, 1); + + // Send a payment. + let src = &nodes[0]; + let dst = &nodes[1]; + let (route, our_payment_hash, _our_payment_preimage, our_payment_secret) = get_route_and_payment_hash!(src, dst, 8000000); + src.node.send_payment_with_route(&route, our_payment_hash, + RecipientOnionFields::secret_only(our_payment_secret), PaymentId(our_payment_hash.0)).unwrap(); + check_added_monitors!(src, 1); + + // Pass the payment along the route. + let payment_event = { + let mut events = src.node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1); + SendEvent::from_event(events.remove(0)) + }; + assert_eq!(payment_event.node_id, dst.node.get_our_node_id()); + assert_eq!(payment_event.msgs.len(), 1); + + dst.node.handle_update_add_htlc(&src.node.get_our_node_id(), &payment_event.msgs[0]); + + // Mark dst's signer as unavailable and handle src's commitment_signed: while dst won't yet have a + // `commitment_signed` of its own to offer, it should publish a `revoke_and_ack`. + dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, false); + dst.node.handle_commitment_signed(&src.node.get_our_node_id(), &payment_event.commitment_msg); + check_added_monitors(dst, 1); + + get_event_msg!(dst, MessageSendEvent::SendRevokeAndACK, src.node.get_our_node_id()); + + // Now disconnect and reconnect the peers. + src.node.peer_disconnected(&dst.node.get_our_node_id()); + dst.node.peer_disconnected(&src.node.get_our_node_id()); + let mut reconnect_args = ReconnectArgs::new(&nodes[0], &nodes[1]); + reconnect_args.send_channel_ready = (false, false); + reconnect_args.pending_raa = (true, false); + reconnect_nodes(reconnect_args); + + // Mark dst's signer as available and retry: we now expect to see dst's `commitment_signed`. + dst.set_channel_signer_available(&src.node.get_our_node_id(), &chan_id, true); + dst.node.signer_unblocked(Some((src.node.get_our_node_id(), chan_id))); + + { + let events = dst.node.get_and_clear_pending_msg_events(); + assert_eq!(events.len(), 1, "expected one message, got {}", events.len()); + if let MessageSendEvent::UpdateHTLCs { ref node_id, .. } = events[0] { + assert_eq!(node_id, &src.node.get_our_node_id()); + } else { + panic!("expected UpdateHTLCs message, not {:?}", events[0]); + }; + } +} diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs index 33a46084abb..52db68c1323 100644 --- a/lightning/src/ln/channel.rs +++ b/lightning/src/ln/channel.rs @@ -533,6 +533,15 @@ pub(super) struct MonitorRestoreUpdates { pub announcement_sigs: Option, } +/// The return value of `signer_maybe_unblocked` +#[allow(unused)] +pub(super) struct SignerResumeUpdates { + pub commitment_update: Option, + pub funding_signed: Option, + pub funding_created: Option, + pub channel_ready: Option, +} + /// The return value of `channel_reestablish` pub(super) struct ReestablishResponses { pub channel_ready: Option, @@ -749,6 +758,18 @@ pub(super) struct ChannelContext where SP::Target: SignerProvider { monitor_pending_failures: Vec<(HTLCSource, PaymentHash, HTLCFailReason)>, monitor_pending_finalized_fulfills: Vec, + /// If we went to send a commitment update (ie some messages then [`msgs::CommitmentSigned`]) + /// but our signer (initially) refused to give us a signature, we should retry at some point in + /// the future when the signer indicates it may have a signature for us. + /// + /// This flag is set in such a case. Note that we don't need to persist this as we'll end up + /// setting it again as a side-effect of [`Channel::channel_reestablish`]. + signer_pending_commitment_update: bool, + /// Similar to [`Self::signer_pending_commitment_update`] but we're waiting to send either a + /// [`msgs::FundingCreated`] or [`msgs::FundingSigned`] depending on if this channel is + /// outbound or inbound. + signer_pending_funding: bool, + // pending_update_fee is filled when sending and receiving update_fee. // // Because it follows the same commitment flow as HTLCs, `FeeUpdateState` is either `Outbound` @@ -1056,6 +1077,12 @@ impl ChannelContext where SP::Target: SignerProvider { self.outbound_scid_alias } + /// Returns the holder signer for this channel. + #[cfg(test)] + pub fn get_signer(&self) -> &ChannelSignerType<::Signer> { + return &self.holder_signer + } + /// Only allowed immediately after deserialization if get_outbound_scid_alias returns 0, /// indicating we were written by LDK prior to 0.0.106 which did not set outbound SCID aliases /// or prior to any channel actions during `Channel` initialization. @@ -2079,6 +2106,71 @@ impl ChannelContext where SP::Target: SignerProvider { unbroadcasted_batch_funding_txid, } } + + /// Only allowed after [`Self::channel_transaction_parameters`] is set. + fn get_funding_created_msg(&mut self, logger: &L) -> Option where L::Target: Logger { + let counterparty_keys = self.build_remote_transaction_keys(); + let counterparty_initial_commitment_tx = self.build_commitment_transaction(self.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx; + let signature = match &self.holder_signer { + // TODO (taproot|arik): move match into calling method for Taproot + ChannelSignerType::Ecdsa(ecdsa) => { + ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), &self.secp_ctx) + .map(|(sig, _)| sig).ok()? + } + }; + + if self.signer_pending_funding { + log_trace!(logger, "Counterparty commitment signature ready for funding_created message: clearing signer_pending_funding"); + self.signer_pending_funding = false; + } + + Some(msgs::FundingCreated { + temporary_channel_id: self.temporary_channel_id.unwrap(), + funding_txid: self.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().txid, + funding_output_index: self.channel_transaction_parameters.funding_outpoint.as_ref().unwrap().index, + signature, + #[cfg(taproot)] + partial_signature_with_nonce: None, + #[cfg(taproot)] + next_local_nonce: None, + }) + } + + /// Only allowed after [`Self::channel_transaction_parameters`] is set. + fn get_funding_signed_msg(&mut self, logger: &L) -> (CommitmentTransaction, Option) where L::Target: Logger { + let counterparty_keys = self.build_remote_transaction_keys(); + let counterparty_initial_commitment_tx = self.build_commitment_transaction(self.cur_counterparty_commitment_transaction_number + 1, &counterparty_keys, false, false, logger).tx; + + let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust(); + let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction(); + log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}", + &self.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction)); + + match &self.holder_signer { + // TODO (arik): move match into calling method for Taproot + ChannelSignerType::Ecdsa(ecdsa) => { + let funding_signed = ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), &self.secp_ctx) + .map(|(signature, _)| msgs::FundingSigned { + channel_id: self.channel_id(), + signature, + #[cfg(taproot)] + partial_signature_with_nonce: None, + }) + .ok(); + + if funding_signed.is_none() { + log_trace!(logger, "Counterparty commitment signature not available for funding_signed message; setting signer_pending_funding"); + self.signer_pending_funding = true; + } else if self.signer_pending_funding { + log_trace!(logger, "Counterparty commitment signature available for funding_signed message; clearing signer_pending_funding"); + self.signer_pending_funding = false; + } + + // We sign "counterparty" commitment transaction, allowing them to broadcast the tx if they wish. + (counterparty_initial_commitment_tx, funding_signed) + } + } + } } // Internal utility functions for channels @@ -3166,8 +3258,8 @@ impl Channel where self.context.monitor_pending_revoke_and_ack = true; if need_commitment && (self.context.channel_state & (ChannelState::AwaitingRemoteRevoke as u32)) == 0 { // If we were going to send a commitment_signed after the RAA, go ahead and do all - // the corresponding HTLC status updates so that get_last_commitment_update - // includes the right HTLCs. + // the corresponding HTLC status updates so that + // get_last_commitment_update_for_send includes the right HTLCs. self.context.monitor_pending_commitment_signed = true; let mut additional_update = self.build_commitment_no_status_check(logger); // build_commitment_no_status_check may bump latest_monitor_id but we want them to be @@ -3541,9 +3633,10 @@ impl Channel where // cells) while we can't update the monitor, so we just return what we have. if require_commitment { self.context.monitor_pending_commitment_signed = true; - // When the monitor updating is restored we'll call get_last_commitment_update(), - // which does not update state, but we're definitely now awaiting a remote revoke - // before we can step forward any more, so set it here. + // When the monitor updating is restored we'll call + // get_last_commitment_update_for_send(), which does not update state, but we're + // definitely now awaiting a remote revoke before we can step forward any more, so + // set it here. let mut additional_update = self.build_commitment_no_status_check(logger); // build_commitment_no_status_check may bump latest_monitor_id but we want them to be // strictly increasing by one, so decrement it here. @@ -3846,9 +3939,11 @@ impl Channel where Some(self.get_last_revoke_and_ack()) } else { None }; let commitment_update = if self.context.monitor_pending_commitment_signed { - self.mark_awaiting_response(); - Some(self.get_last_commitment_update(logger)) + self.get_last_commitment_update_for_send(logger).ok() } else { None }; + if commitment_update.is_some() { + self.mark_awaiting_response(); + } self.context.monitor_pending_revoke_and_ack = false; self.context.monitor_pending_commitment_signed = false; @@ -3897,6 +3992,37 @@ impl Channel where Ok(()) } + /// Indicates that the signer may have some signatures for us, so we should retry if we're + /// blocked. + #[allow(unused)] + pub fn signer_maybe_unblocked(&mut self, logger: &L) -> SignerResumeUpdates where L::Target: Logger { + let commitment_update = if self.context.signer_pending_commitment_update { + self.get_last_commitment_update_for_send(logger).ok() + } else { None }; + let funding_signed = if self.context.signer_pending_funding && !self.context.is_outbound() { + self.context.get_funding_signed_msg(logger).1 + } else { None }; + let channel_ready = if funding_signed.is_some() { + self.check_get_channel_ready(0) + } else { None }; + let funding_created = if self.context.signer_pending_funding && self.context.is_outbound() { + self.context.get_funding_created_msg(logger) + } else { None }; + + log_trace!(logger, "Signer unblocked with {} commitment_update, {} funding_signed, {} funding_created, and {} channel_ready", + if commitment_update.is_some() { "a" } else { "no" }, + if funding_signed.is_some() { "a" } else { "no" }, + if funding_created.is_some() { "a" } else { "no" }, + if channel_ready.is_some() { "a" } else { "no" }); + + SignerResumeUpdates { + commitment_update, + funding_signed, + funding_created, + channel_ready, + } + } + fn get_last_revoke_and_ack(&self) -> msgs::RevokeAndACK { let next_per_commitment_point = self.context.holder_signer.as_ref().get_per_commitment_point(self.context.cur_holder_commitment_transaction_number, &self.context.secp_ctx); let per_commitment_secret = self.context.holder_signer.as_ref().release_commitment_secret(self.context.cur_holder_commitment_transaction_number + 2); @@ -3909,7 +4035,8 @@ impl Channel where } } - fn get_last_commitment_update(&self, logger: &L) -> msgs::CommitmentUpdate where L::Target: Logger { + /// Gets the last commitment update for immediate sending to our peer. + fn get_last_commitment_update_for_send(&mut self, logger: &L) -> Result where L::Target: Logger { let mut update_add_htlcs = Vec::new(); let mut update_fulfill_htlcs = Vec::new(); let mut update_fail_htlcs = Vec::new(); @@ -3965,13 +4092,26 @@ impl Channel where }) } else { None }; - log_trace!(logger, "Regenerated latest commitment update in channel {} with{} {} update_adds, {} update_fulfills, {} update_fails, and {} update_fail_malformeds", + log_trace!(logger, "Regenerating latest commitment update in channel {} with{} {} update_adds, {} update_fulfills, {} update_fails, and {} update_fail_malformeds", &self.context.channel_id(), if update_fee.is_some() { " update_fee," } else { "" }, update_add_htlcs.len(), update_fulfill_htlcs.len(), update_fail_htlcs.len(), update_fail_malformed_htlcs.len()); - msgs::CommitmentUpdate { + let commitment_signed = if let Ok(update) = self.send_commitment_no_state_update(logger).map(|(cu, _)| cu) { + if self.context.signer_pending_commitment_update { + log_trace!(logger, "Commitment update generated: clearing signer_pending_commitment_update"); + self.context.signer_pending_commitment_update = false; + } + update + } else { + if !self.context.signer_pending_commitment_update { + log_trace!(logger, "Commitment update awaiting signer: setting signer_pending_commitment_update"); + self.context.signer_pending_commitment_update = true; + } + return Err(()); + }; + Ok(msgs::CommitmentUpdate { update_add_htlcs, update_fulfill_htlcs, update_fail_htlcs, update_fail_malformed_htlcs, update_fee, - commitment_signed: self.send_commitment_no_state_update(logger).expect("It looks like we failed to re-generate a commitment_signed we had previously sent?").0, - } + commitment_signed, + }) } /// Gets the `Shutdown` message we should send our peer on reconnect, if any. @@ -4151,7 +4291,7 @@ impl Channel where Ok(ReestablishResponses { channel_ready, shutdown_msg, announcement_sigs, raa: required_revoke, - commitment_update: Some(self.get_last_commitment_update(logger)), + commitment_update: self.get_last_commitment_update_for_send(logger).ok(), order: self.context.resend_order.clone(), }) } @@ -4792,6 +4932,12 @@ impl Channel where return None; } + // If we're still pending the signature on a funding transaction, then we're not ready to send a + // channel_ready yet. + if self.context.signer_pending_funding { + return None; + } + // Note that we don't include ChannelState::WaitingForBatch as we don't want to send // channel_ready until the entire batch is ready. let non_shutdown_state = self.context.channel_state & (!MULTI_STATE_FLAGS); @@ -5525,7 +5671,7 @@ impl Channel where } let res = ecdsa.sign_counterparty_commitment(&commitment_stats.tx, commitment_stats.preimages, &self.context.secp_ctx) - .map_err(|_| ChannelError::Close("Failed to get signatures for new commitment_signed".to_owned()))?; + .map_err(|_| ChannelError::Ignore("Failed to get signatures for new commitment_signed".to_owned()))?; signature = res.0; htlc_signatures = res.1; @@ -5848,6 +5994,9 @@ impl OutboundV1Channel where SP::Target: SignerProvider { monitor_pending_failures: Vec::new(), monitor_pending_finalized_fulfills: Vec::new(), + signer_pending_commitment_update: false, + signer_pending_funding: false, + #[cfg(debug_assertions)] holder_max_commitment_tx_output: Mutex::new((channel_value_satoshis * 1000 - push_msat, push_msat)), #[cfg(debug_assertions)] @@ -5928,19 +6077,6 @@ impl OutboundV1Channel where SP::Target: SignerProvider { }) } - /// If an Err is returned, it is a ChannelError::Close (for get_funding_created) - fn get_funding_created_signature(&mut self, logger: &L) -> Result where L::Target: Logger { - let counterparty_keys = self.context.build_remote_transaction_keys(); - let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx; - match &self.context.holder_signer { - // TODO (taproot|arik): move match into calling method for Taproot - ChannelSignerType::Ecdsa(ecdsa) => { - Ok(ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), &self.context.secp_ctx) - .map_err(|_| ChannelError::Close("Failed to get signatures for new commitment_signed".to_owned()))?.0) - } - } - } - /// Updates channel state with knowledge of the funding transaction's txid/index, and generates /// a funding_created message for the remote peer. /// Panics if called at some time other than immediately after initial handshake, if called twice, @@ -5949,7 +6085,7 @@ impl OutboundV1Channel where SP::Target: SignerProvider { /// Do NOT broadcast the funding transaction until after a successful funding_signed call! /// If an Err is returned, it is a ChannelError::Close. pub fn get_funding_created(mut self, funding_transaction: Transaction, funding_txo: OutPoint, is_batch_funding: bool, logger: &L) - -> Result<(Channel, msgs::FundingCreated), (Self, ChannelError)> where L::Target: Logger { + -> Result<(Channel, Option), (Self, ChannelError)> where L::Target: Logger { if !self.context.is_outbound() { panic!("Tried to create outbound funding_created message on an inbound channel!"); } @@ -5965,17 +6101,6 @@ impl OutboundV1Channel where SP::Target: SignerProvider { self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo); self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters); - let signature = match self.get_funding_created_signature(logger) { - Ok(res) => res, - Err(e) => { - log_error!(logger, "Got bad signatures: {:?}!", e); - self.context.channel_transaction_parameters.funding_outpoint = None; - return Err((self, e)); - } - }; - - let temporary_channel_id = self.context.channel_id; - // Now that we're past error-generating stuff, update our local state: self.context.channel_state = ChannelState::FundingCreated as u32; @@ -5992,20 +6117,19 @@ impl OutboundV1Channel where SP::Target: SignerProvider { self.context.funding_transaction = Some(funding_transaction); self.context.is_batch_funding = Some(()).filter(|_| is_batch_funding); + let funding_created = self.context.get_funding_created_msg(logger); + if funding_created.is_none() { + if !self.context.signer_pending_funding { + log_trace!(logger, "funding_created awaiting signer; setting signer_pending_funding"); + self.context.signer_pending_funding = true; + } + } + let channel = Channel { context: self.context, }; - Ok((channel, msgs::FundingCreated { - temporary_channel_id, - funding_txid: funding_txo.txid, - funding_output_index: funding_txo.index, - signature, - #[cfg(taproot)] - partial_signature_with_nonce: None, - #[cfg(taproot)] - next_local_nonce: None, - })) + Ok((channel, funding_created)) } fn get_initial_channel_type(config: &UserConfig, their_features: &InitFeatures) -> ChannelTypeFeatures { @@ -6502,6 +6626,9 @@ impl InboundV1Channel where SP::Target: SignerProvider { monitor_pending_failures: Vec::new(), monitor_pending_finalized_fulfills: Vec::new(), + signer_pending_commitment_update: false, + signer_pending_funding: false, + #[cfg(debug_assertions)] holder_max_commitment_tx_output: Mutex::new((msg.push_msat, msg.funding_satoshis * 1000 - msg.push_msat)), #[cfg(debug_assertions)] @@ -6649,46 +6776,27 @@ impl InboundV1Channel where SP::Target: SignerProvider { self.generate_accept_channel_message() } - fn funding_created_signature(&mut self, sig: &Signature, logger: &L) -> Result<(CommitmentTransaction, CommitmentTransaction, Signature), ChannelError> where L::Target: Logger { + fn check_funding_created_signature(&mut self, sig: &Signature, logger: &L) -> Result where L::Target: Logger { let funding_script = self.context.get_funding_redeemscript(); let keys = self.context.build_holder_transaction_keys(self.context.cur_holder_commitment_transaction_number); let initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_holder_commitment_transaction_number, &keys, true, false, logger).tx; - { - let trusted_tx = initial_commitment_tx.trust(); - let initial_commitment_bitcoin_tx = trusted_tx.built_transaction(); - let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis); - // They sign the holder commitment transaction... - log_trace!(logger, "Checking funding_created tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} for channel {}.", - log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.context.counterparty_funding_pubkey().serialize()), - encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]), - encode::serialize_hex(&funding_script), &self.context.channel_id()); - secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &sig, self.context.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned()); - } + let trusted_tx = initial_commitment_tx.trust(); + let initial_commitment_bitcoin_tx = trusted_tx.built_transaction(); + let sighash = initial_commitment_bitcoin_tx.get_sighash_all(&funding_script, self.context.channel_value_satoshis); + // They sign the holder commitment transaction... + log_trace!(logger, "Checking funding_created tx signature {} by key {} against tx {} (sighash {}) with redeemscript {} for channel {}.", + log_bytes!(sig.serialize_compact()[..]), log_bytes!(self.context.counterparty_funding_pubkey().serialize()), + encode::serialize_hex(&initial_commitment_bitcoin_tx.transaction), log_bytes!(sighash[..]), + encode::serialize_hex(&funding_script), &self.context.channel_id()); + secp_check!(self.context.secp_ctx.verify_ecdsa(&sighash, &sig, self.context.counterparty_funding_pubkey()), "Invalid funding_created signature from peer".to_owned()); - let counterparty_keys = self.context.build_remote_transaction_keys(); - let counterparty_initial_commitment_tx = self.context.build_commitment_transaction(self.context.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, logger).tx; - - let counterparty_trusted_tx = counterparty_initial_commitment_tx.trust(); - let counterparty_initial_bitcoin_tx = counterparty_trusted_tx.built_transaction(); - log_trace!(logger, "Initial counterparty tx for channel {} is: txid {} tx {}", - &self.context.channel_id(), counterparty_initial_bitcoin_tx.txid, encode::serialize_hex(&counterparty_initial_bitcoin_tx.transaction)); - - match &self.context.holder_signer { - // TODO (arik): move match into calling method for Taproot - ChannelSignerType::Ecdsa(ecdsa) => { - let counterparty_signature = ecdsa.sign_counterparty_commitment(&counterparty_initial_commitment_tx, Vec::new(), &self.context.secp_ctx) - .map_err(|_| ChannelError::Close("Failed to get signatures for new commitment_signed".to_owned()))?.0; - - // We sign "counterparty" commitment transaction, allowing them to broadcast the tx if they wish. - Ok((counterparty_initial_commitment_tx, initial_commitment_tx, counterparty_signature)) - } - } + Ok(initial_commitment_tx) } pub fn funding_created( mut self, msg: &msgs::FundingCreated, best_block: BestBlock, signer_provider: &SP, logger: &L - ) -> Result<(Channel, msgs::FundingSigned, ChannelMonitor<::Signer>), (Self, ChannelError)> + ) -> Result<(Channel, Option, ChannelMonitor<::Signer>), (Self, ChannelError)> where L::Target: Logger { @@ -6710,10 +6818,10 @@ impl InboundV1Channel where SP::Target: SignerProvider { let funding_txo = OutPoint { txid: msg.funding_txid, index: msg.funding_output_index }; self.context.channel_transaction_parameters.funding_outpoint = Some(funding_txo); // This is an externally observable change before we finish all our checks. In particular - // funding_created_signature may fail. + // check_funding_created_signature may fail. self.context.holder_signer.as_mut().provide_channel_parameters(&self.context.channel_transaction_parameters); - let (counterparty_initial_commitment_tx, initial_commitment_tx, signature) = match self.funding_created_signature(&msg.signature, logger) { + let initial_commitment_tx = match self.check_funding_created_signature(&msg.signature, logger) { Ok(res) => res, Err(ChannelError::Close(e)) => { self.context.channel_transaction_parameters.funding_outpoint = None; @@ -6722,7 +6830,7 @@ impl InboundV1Channel where SP::Target: SignerProvider { Err(e) => { // The only error we know how to handle is ChannelError::Close, so we fall over here // to make sure we don't continue with an inconsistent state. - panic!("unexpected error type from funding_created_signature {:?}", e); + panic!("unexpected error type from check_funding_created_signature {:?}", e); } }; @@ -6740,6 +6848,13 @@ impl InboundV1Channel where SP::Target: SignerProvider { // Now that we're past error-generating stuff, update our local state: + self.context.channel_state = ChannelState::FundingSent as u32; + self.context.channel_id = funding_txo.to_channel_id(); + self.context.cur_counterparty_commitment_transaction_number -= 1; + self.context.cur_holder_commitment_transaction_number -= 1; + + let (counterparty_initial_commitment_tx, funding_signed) = self.context.get_funding_signed_msg(logger); + let funding_redeemscript = self.context.get_funding_redeemscript(); let funding_txo_script = funding_redeemscript.to_v0_p2wsh(); let obscure_factor = get_commitment_transaction_number_obscure_factor(&self.context.get_holder_pubkeys().payment_point, &self.context.get_counterparty_pubkeys().payment_point, self.context.is_outbound()); @@ -6756,33 +6871,23 @@ impl InboundV1Channel where SP::Target: SignerProvider { channel_monitor.provide_initial_counterparty_commitment_tx( counterparty_initial_commitment_tx.trust().txid(), Vec::new(), - self.context.cur_counterparty_commitment_transaction_number, + self.context.cur_counterparty_commitment_transaction_number + 1, self.context.counterparty_cur_commitment_point.unwrap(), self.context.feerate_per_kw, counterparty_initial_commitment_tx.to_broadcaster_value_sat(), counterparty_initial_commitment_tx.to_countersignatory_value_sat(), logger); - self.context.channel_state = ChannelState::FundingSent as u32; - self.context.channel_id = funding_txo.to_channel_id(); - self.context.cur_counterparty_commitment_transaction_number -= 1; - self.context.cur_holder_commitment_transaction_number -= 1; - - log_info!(logger, "Generated funding_signed for peer for channel {}", &self.context.channel_id()); + log_info!(logger, "{} funding_signed for peer for channel {}", + if funding_signed.is_some() { "Generated" } else { "Waiting for signature on" }, &self.context.channel_id()); // Promote the channel to a full-fledged one now that we have updated the state and have a // `ChannelMonitor`. let mut channel = Channel { context: self.context, }; - let channel_id = channel.context.channel_id.clone(); let need_channel_ready = channel.check_get_channel_ready(0).is_some(); channel.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new()); - Ok((channel, msgs::FundingSigned { - channel_id, - signature, - #[cfg(taproot)] - partial_signature_with_nonce: None, - }, channel_monitor)) + Ok((channel, funding_signed, channel_monitor)) } } @@ -7593,6 +7698,9 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch monitor_pending_failures, monitor_pending_finalized_fulfills: monitor_pending_finalized_fulfills.unwrap(), + signer_pending_commitment_update: false, + signer_pending_funding: false, + pending_update_fee, holding_cell_update_fee, next_holder_htlc_id, @@ -7864,10 +7972,10 @@ mod tests { }]}; let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 }; let (mut node_a_chan, funding_created_msg) = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap(); - let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg, best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); + let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); // Node B --> Node A: funding signed - let _ = node_a_chan.funding_signed(&funding_signed_msg, best_block, &&keys_provider, &&logger).unwrap(); + let _ = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger).unwrap(); // Put some inbound and outbound HTLCs in A's channel. let htlc_amount_msat = 11_092_000; // put an amount below A's effective dust limit but above B's. @@ -7991,10 +8099,10 @@ mod tests { }]}; let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 }; let (mut node_a_chan, funding_created_msg) = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap(); - let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg, best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); + let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); // Node B --> Node A: funding signed - let _ = node_a_chan.funding_signed(&funding_signed_msg, best_block, &&keys_provider, &&logger).unwrap(); + let _ = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger).unwrap(); // Now disconnect the two nodes and check that the commitment point in // Node B's channel_reestablish message is sane. @@ -8179,10 +8287,10 @@ mod tests { }]}; let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 }; let (mut node_a_chan, funding_created_msg) = node_a_chan.get_funding_created(tx.clone(), funding_outpoint, false, &&logger).map_err(|_| ()).unwrap(); - let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg, best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); + let (_, funding_signed_msg, _) = node_b_chan.funding_created(&funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger).map_err(|_| ()).unwrap(); // Node B --> Node A: funding signed - let _ = node_a_chan.funding_signed(&funding_signed_msg, best_block, &&keys_provider, &&logger).unwrap(); + let _ = node_a_chan.funding_signed(&funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger).unwrap(); // Make sure that receiving a channel update will update the Channel as expected. let update = ChannelUpdate { @@ -9251,7 +9359,7 @@ mod tests { &&logger, ).map_err(|_| ()).unwrap(); let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created( - &funding_created_msg, + &funding_created_msg.unwrap(), best_block, &&keys_provider, &&logger, @@ -9267,7 +9375,7 @@ mod tests { // Receive funding_signed, but the channel will be configured to hold sending channel_ready and // broadcasting the funding transaction until the batch is ready. let _ = node_a_chan.funding_signed( - &funding_signed_msg, + &funding_signed_msg.unwrap(), best_block, &&keys_provider, &&logger, diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index fe050de9136..37a8feb446d 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -3802,7 +3802,7 @@ where let mut peer_state_lock = peer_state_mutex.lock().unwrap(); let peer_state = &mut *peer_state_lock; - let (chan, msg) = match peer_state.channel_by_id.remove(temporary_channel_id) { + let (chan, msg_opt) = match peer_state.channel_by_id.remove(temporary_channel_id) { Some(ChannelPhase::UnfundedOutboundV1(chan)) => { let funding_txo = find_funding_output(&chan, &funding_transaction)?; @@ -3841,10 +3841,12 @@ where }), }; - peer_state.pending_msg_events.push(events::MessageSendEvent::SendFundingCreated { - node_id: chan.context.get_counterparty_node_id(), - msg, - }); + if let Some(msg) = msg_opt { + peer_state.pending_msg_events.push(events::MessageSendEvent::SendFundingCreated { + node_id: chan.context.get_counterparty_node_id(), + msg, + }); + } match peer_state.channel_by_id.entry(chan.context.channel_id()) { hash_map::Entry::Occupied(_) => { panic!("Generated duplicate funding txid?"); @@ -6229,7 +6231,7 @@ where let mut peer_state_lock = peer_state_mutex.lock().unwrap(); let peer_state = &mut *peer_state_lock; - let (chan, funding_msg, monitor) = + let (chan, funding_msg_opt, monitor) = match peer_state.channel_by_id.remove(&msg.temporary_channel_id) { Some(ChannelPhase::UnfundedInboundV1(inbound_chan)) => { match inbound_chan.funding_created(msg, best_block, &self.signer_provider, &self.logger) { @@ -6252,9 +6254,12 @@ where None => return Err(MsgHandleErrInternal::send_err_msg_no_close(format!("Got a message for a channel from the wrong node! No such channel for the passed counterparty_node_id {}", counterparty_node_id), msg.temporary_channel_id)) }; - match peer_state.channel_by_id.entry(funding_msg.channel_id) { + match peer_state.channel_by_id.entry(chan.context.channel_id()) { hash_map::Entry::Occupied(_) => { - Err(MsgHandleErrInternal::send_err_msg_no_close("Already had channel with the new channel_id".to_owned(), funding_msg.channel_id)) + Err(MsgHandleErrInternal::send_err_msg_no_close( + "Already had channel with the new channel_id".to_owned(), + chan.context.channel_id() + )) }, hash_map::Entry::Vacant(e) => { let mut id_to_peer_lock = self.id_to_peer.lock().unwrap(); @@ -6262,7 +6267,7 @@ where hash_map::Entry::Occupied(_) => { return Err(MsgHandleErrInternal::send_err_msg_no_close( "The funding_created message had the same funding_txid as an existing channel - funding is not possible".to_owned(), - funding_msg.channel_id)) + chan.context.channel_id())) }, hash_map::Entry::Vacant(i_e) => { let monitor_res = self.chain_monitor.watch_channel(monitor.get_funding_txo().0, monitor); @@ -6274,10 +6279,12 @@ where // hasn't persisted to disk yet - we can't lose money on a transaction that we haven't // accepted payment from yet. We do, however, need to wait to send our channel_ready // until we have persisted our monitor. - peer_state.pending_msg_events.push(events::MessageSendEvent::SendFundingSigned { - node_id: counterparty_node_id.clone(), - msg: funding_msg, - }); + if let Some(msg) = funding_msg_opt { + peer_state.pending_msg_events.push(events::MessageSendEvent::SendFundingSigned { + node_id: counterparty_node_id.clone(), + msg, + }); + } if let ChannelPhase::Funded(chan) = e.insert(ChannelPhase::Funded(chan)) { handle_new_monitor_update!(self, persist_state, peer_state_lock, peer_state, @@ -6288,9 +6295,13 @@ where Ok(()) } else { log_error!(self.logger, "Persisting initial ChannelMonitor failed, implying the funding outpoint was duplicated"); + let channel_id = match funding_msg_opt { + Some(msg) => msg.channel_id, + None => chan.context.channel_id(), + }; return Err(MsgHandleErrInternal::send_err_msg_no_close( "The funding_created message had the same funding_txid as an existing channel - funding is not possible".to_owned(), - funding_msg.channel_id)); + channel_id)); } } } @@ -7216,6 +7227,66 @@ where has_update } + /// When a call to a [`ChannelSigner`] method returns an error, this indicates that the signer + /// is (temporarily) unavailable, and the operation should be retried later. + /// + /// This method allows for that retry - either checking for any signer-pending messages to be + /// attempted in every channel, or in the specifically provided channel. + /// + /// [`ChannelSigner`]: crate::sign::ChannelSigner + #[cfg(test)] // This is only implemented for one signer method, and should be private until we + // actually finish implementing it fully. + pub fn signer_unblocked(&self, channel_opt: Option<(PublicKey, ChannelId)>) { + let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(self); + + let unblock_chan = |phase: &mut ChannelPhase, pending_msg_events: &mut Vec| { + let node_id = phase.context().get_counterparty_node_id(); + if let ChannelPhase::Funded(chan) = phase { + let msgs = chan.signer_maybe_unblocked(&self.logger); + if let Some(updates) = msgs.commitment_update { + pending_msg_events.push(events::MessageSendEvent::UpdateHTLCs { + node_id, + updates, + }); + } + if let Some(msg) = msgs.funding_signed { + pending_msg_events.push(events::MessageSendEvent::SendFundingSigned { + node_id, + msg, + }); + } + if let Some(msg) = msgs.funding_created { + pending_msg_events.push(events::MessageSendEvent::SendFundingCreated { + node_id, + msg, + }); + } + if let Some(msg) = msgs.channel_ready { + send_channel_ready!(self, pending_msg_events, chan, msg); + } + } + }; + + let per_peer_state = self.per_peer_state.read().unwrap(); + if let Some((counterparty_node_id, channel_id)) = channel_opt { + if let Some(peer_state_mutex) = per_peer_state.get(&counterparty_node_id) { + let mut peer_state_lock = peer_state_mutex.lock().unwrap(); + let peer_state = &mut *peer_state_lock; + if let Some(chan) = peer_state.channel_by_id.get_mut(&channel_id) { + unblock_chan(chan, &mut peer_state.pending_msg_events); + } + } + } else { + for (_cp_id, peer_state_mutex) in per_peer_state.iter() { + let mut peer_state_lock = peer_state_mutex.lock().unwrap(); + let peer_state = &mut *peer_state_lock; + for (_, chan) in peer_state.channel_by_id.iter_mut() { + unblock_chan(chan, &mut peer_state.pending_msg_events); + } + } + } + } + /// Check whether any channels have finished removing all pending updates after a shutdown /// exchange and can now send a closing_signed. /// Returns whether any closing_signed messages were generated. diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs index c3fc4b137e1..08dbda3fe75 100644 --- a/lightning/src/ln/functional_test_utils.rs +++ b/lightning/src/ln/functional_test_utils.rs @@ -30,6 +30,8 @@ use crate::util::test_utils::{panicking, TestChainMonitor, TestScorer, TestKeysI use crate::util::errors::APIError; use crate::util::config::{UserConfig, MaxDustHTLCExposure}; use crate::util::ser::{ReadableArgs, Writeable}; +#[cfg(test)] +use crate::util::logger::Logger; use bitcoin::blockdata::block::{Block, BlockHeader}; use bitcoin::blockdata::transaction::{Transaction, TxOut}; @@ -436,6 +438,25 @@ impl<'a, 'b, 'c> Node<'a, 'b, 'c> { pub fn get_block_header(&self, height: u32) -> BlockHeader { self.blocks.lock().unwrap()[height as usize].0.header } + /// Changes the channel signer's availability for the specified peer and channel. + /// + /// When `available` is set to `true`, the channel signer will behave normally. When set to + /// `false`, the channel signer will act like an off-line remote signer and will return `Err` for + /// several of the signing methods. Currently, only `get_per_commitment_point` and + /// `release_commitment_secret` are affected by this setting. + #[cfg(test)] + pub fn set_channel_signer_available(&self, peer_id: &PublicKey, chan_id: &ChannelId, available: bool) { + let per_peer_state = self.node.per_peer_state.read().unwrap(); + let chan_lock = per_peer_state.get(peer_id).unwrap().lock().unwrap(); + let signer = (|| { + match chan_lock.channel_by_id.get(chan_id) { + Some(phase) => phase.context().get_signer(), + None => panic!("Couldn't find a channel with id {}", chan_id), + } + })(); + log_debug!(self.logger, "Setting channel signer for {} as available={}", chan_id, available); + signer.as_ecdsa().unwrap().set_available(available); + } } /// If we need an unsafe pointer to a `Node` (ie to reference it in a thread @@ -924,7 +945,8 @@ macro_rules! unwrap_send_err { pub fn check_added_monitors>(node: &H, count: usize) { if let Some(chain_monitor) = node.chain_monitor() { let mut added_monitors = chain_monitor.added_monitors.lock().unwrap(); - assert_eq!(added_monitors.len(), count); + let n = added_monitors.len(); + assert_eq!(n, count, "expected {} monitors to be added, not {}", count, n); added_monitors.clear(); } } @@ -2119,12 +2141,13 @@ macro_rules! expect_channel_shutdown_state { } #[cfg(any(test, ldk_bench, feature = "_test_utils"))] -pub fn expect_channel_pending_event<'a, 'b, 'c, 'd>(node: &'a Node<'b, 'c, 'd>, expected_counterparty_node_id: &PublicKey) { +pub fn expect_channel_pending_event<'a, 'b, 'c, 'd>(node: &'a Node<'b, 'c, 'd>, expected_counterparty_node_id: &PublicKey) -> ChannelId { let events = node.node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); - match events[0] { - crate::events::Event::ChannelPending { ref counterparty_node_id, .. } => { + match &events[0] { + crate::events::Event::ChannelPending { channel_id, counterparty_node_id, .. } => { assert_eq!(*expected_counterparty_node_id, *counterparty_node_id); + *channel_id }, _ => panic!("Unexpected event"), } @@ -3232,24 +3255,28 @@ pub fn reconnect_nodes<'a, 'b, 'c, 'd>(args: ReconnectArgs<'a, 'b, 'c, 'd>) { // If a expects a channel_ready, it better not think it has received a revoke_and_ack // from b for reestablish in reestablish_1.iter() { - assert_eq!(reestablish.next_remote_commitment_number, 0); + let n = reestablish.next_remote_commitment_number; + assert_eq!(n, 0, "expected a->b next_remote_commitment_number to be 0, got {}", n); } } if send_channel_ready.1 { // If b expects a channel_ready, it better not think it has received a revoke_and_ack // from a for reestablish in reestablish_2.iter() { - assert_eq!(reestablish.next_remote_commitment_number, 0); + let n = reestablish.next_remote_commitment_number; + assert_eq!(n, 0, "expected b->a next_remote_commitment_number to be 0, got {}", n); } } if send_channel_ready.0 || send_channel_ready.1 { // If we expect any channel_ready's, both sides better have set // next_holder_commitment_number to 1 for reestablish in reestablish_1.iter() { - assert_eq!(reestablish.next_local_commitment_number, 1); + let n = reestablish.next_local_commitment_number; + assert_eq!(n, 1, "expected a->b next_local_commitment_number to be 1, got {}", n); } for reestablish in reestablish_2.iter() { - assert_eq!(reestablish.next_local_commitment_number, 1); + let n = reestablish.next_local_commitment_number; + assert_eq!(n, 1, "expected b->a next_local_commitment_number to be 1, got {}", n); } } diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs index 1d67b736ae3..8ceb9728931 100644 --- a/lightning/src/ln/functional_tests.rs +++ b/lightning/src/ln/functional_tests.rs @@ -9045,7 +9045,7 @@ fn test_duplicate_chan_id() { } }; check_added_monitors!(nodes[0], 0); - nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created); + nodes[1].node.handle_funding_created(&nodes[0].node.get_our_node_id(), &funding_created.unwrap()); // At this point we'll look up if the channel_id is present and immediately fail the channel // without trying to persist the `ChannelMonitor`. check_added_monitors!(nodes[1], 0); diff --git a/lightning/src/ln/mod.rs b/lightning/src/ln/mod.rs index beefd2d463b..6a9a10c80c0 100644 --- a/lightning/src/ln/mod.rs +++ b/lightning/src/ln/mod.rs @@ -73,6 +73,9 @@ mod monitor_tests; #[cfg(test)] #[allow(unused_mut)] mod shutdown_tests; +#[cfg(test)] +#[allow(unused_mut)] +mod async_signer_tests; pub use self::peer_channel_encryptor::LN_MAX_MSG_LEN; diff --git a/lightning/src/util/test_channel_signer.rs b/lightning/src/util/test_channel_signer.rs index 942671cf46b..ab576fee90d 100644 --- a/lightning/src/util/test_channel_signer.rs +++ b/lightning/src/util/test_channel_signer.rs @@ -56,6 +56,9 @@ pub struct TestChannelSigner { /// Channel state used for policy enforcement pub state: Arc>, pub disable_revocation_policy_check: bool, + /// When `true` (the default), the signer will respond immediately with signatures. When `false`, + /// the signer will return an error indicating that it is unavailable. + pub available: Arc>, } impl PartialEq for TestChannelSigner { @@ -71,7 +74,8 @@ impl TestChannelSigner { Self { inner, state, - disable_revocation_policy_check: false + disable_revocation_policy_check: false, + available: Arc::new(Mutex::new(true)), } } @@ -84,7 +88,8 @@ impl TestChannelSigner { Self { inner, state, - disable_revocation_policy_check + disable_revocation_policy_check, + available: Arc::new(Mutex::new(true)), } } @@ -94,6 +99,16 @@ impl TestChannelSigner { pub fn get_enforcement_state(&self) -> MutexGuard { self.state.lock().unwrap() } + + /// Marks the signer's availability. + /// + /// When `true`, methods are forwarded to the underlying signer as normal. When `false`, some + /// methods will return `Err` indicating that the signer is unavailable. Intended to be used for + /// testing asynchronous signing. + #[cfg(test)] + pub fn set_available(&self, available: bool) { + *self.available.lock().unwrap() = available; + } } impl ChannelSigner for TestChannelSigner { @@ -133,6 +148,9 @@ impl EcdsaChannelSigner for TestChannelSigner { self.verify_counterparty_commitment_tx(commitment_tx, secp_ctx); { + if !*self.available.lock().unwrap() { + return Err(()); + } let mut state = self.state.lock().unwrap(); let actual_commitment_number = commitment_tx.commitment_number(); let last_commitment_number = state.last_counterparty_commitment; @@ -149,6 +167,9 @@ impl EcdsaChannelSigner for TestChannelSigner { } fn validate_counterparty_revocation(&self, idx: u64, _secret: &SecretKey) -> Result<(), ()> { + if !*self.available.lock().unwrap() { + return Err(()); + } let mut state = self.state.lock().unwrap(); assert!(idx == state.last_counterparty_revoked_commitment || idx == state.last_counterparty_revoked_commitment - 1, "expecting to validate the current or next counterparty revocation - trying {}, current {}", idx, state.last_counterparty_revoked_commitment); state.last_counterparty_revoked_commitment = idx; @@ -156,6 +177,9 @@ impl EcdsaChannelSigner for TestChannelSigner { } fn sign_holder_commitment(&self, commitment_tx: &HolderCommitmentTransaction, secp_ctx: &Secp256k1) -> Result { + if !*self.available.lock().unwrap() { + return Err(()); + } let trusted_tx = self.verify_holder_commitment_tx(commitment_tx, secp_ctx); let state = self.state.lock().unwrap(); let commitment_number = trusted_tx.commitment_number();