Review comments

Author: wvanlint

lightning/src/ln/channel.rs

@@ -1944,16 +1944,28 @@ impl<Signer: ChannelSigner> ChannelContext<Signer> {
 		res
 	}
 
-	/// Returns transaction if there is pending funding transaction that is yet to broadcast
-	pub fn unbroadcasted_funding(&self) -> Option<Transaction> {
+	fn map_unbroadcasted_funding<F, R>(&self, f: F) -> Option<R>
+		where F: Fn(&Transaction) -> R {
 		if self.channel_state & ChannelState::FundingCreated as u32 != 0 ||
 				self.channel_state & ChannelState::WaitingForBatch as u32 != 0 {
-			self.funding_transaction.clone()
+			self.funding_transaction.as_ref().map(f)
 		} else {
 			None
 		}
 	}
 
+	/// Returns the transaction if there is a pending funding transaction that is yet to be
+	/// broadcast.
+	pub fn unbroadcasted_funding(&self) -> Option<Transaction> {
+		self.map_unbroadcasted_funding(|tx| tx.clone())
+	}
+
+	/// Returns the transaction ID if there is a pending funding transaction that is yet to be
+	/// broadcast.
+	pub fn unbroadcasted_funding_txid(&self) -> Option<Txid> {
+		self.map_unbroadcasted_funding(|tx| tx.txid())
+	}
+
 	/// Gets the latest commitment transaction and any dependent transactions for relay (forcing
 	/// shutdown of this channel - no more calls into this Channel may be made afterwards except
 	/// those explicitly stated to be allowed after shutdown completes, eg some simple getters).
@@ -2613,7 +2625,7 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 
 		let non_shutdown_state = self.context.channel_state & (!MULTI_STATE_FLAGS);
 
-		if non_shutdown_state == ChannelState::FundingSent as u32 {
+		if non_shutdown_state & !(ChannelState::WaitingForBatch as u32) == ChannelState::FundingSent as u32 {
 			self.context.channel_state |= ChannelState::TheirChannelReady as u32;
 		} else if non_shutdown_state == (ChannelState::FundingSent as u32 | ChannelState::OurChannelReady as u32) {
 			self.context.channel_state = ChannelState::ChannelReady as u32 | (self.context.channel_state & MULTI_STATE_FLAGS);
@@ -4565,7 +4577,7 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 	pub fn is_awaiting_initial_mon_persist(&self) -> bool {
 		if !self.is_awaiting_monitor_update() { return false; }
 		if self.context.channel_state &
-			!(ChannelState::TheirChannelReady as u32 | ChannelState::PeerDisconnected as u32 | ChannelState::MonitorUpdateInProgress as u32)
+			!(ChannelState::TheirChannelReady as u32 | ChannelState::PeerDisconnected as u32 | ChannelState::MonitorUpdateInProgress as u32 | ChannelState::WaitingForBatch as u32)
 				== ChannelState::FundingSent as u32 {
 			// If we're not a 0conf channel, we'll be waiting on a monitor update with only
 			// FundingSent set, though our peer could have sent their channel_ready.
@@ -4645,6 +4657,8 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
 			return None;
 		}
 
+		// Note that we don't include ChannelState::WaitingForBatch as we don't want to send
+		// channel_ready until the entire batch is ready.
 		let non_shutdown_state = self.context.channel_state & (!MULTI_STATE_FLAGS);
 		let need_commitment_update = if non_shutdown_state == ChannelState::FundingSent as u32 {
 			self.context.channel_state |= ChannelState::OurChannelReady as u32;
@@ -7477,7 +7491,7 @@ mod tests {
 	use crate::ln::PaymentHash;
 	use crate::ln::channelmanager::{self, HTLCSource, PaymentId};
 	use crate::ln::channel::InitFeatures;
-	use crate::ln::channel::{Channel, InboundHTLCOutput, OutboundV1Channel, InboundV1Channel, OutboundHTLCOutput, InboundHTLCState, OutboundHTLCState, HTLCCandidate, HTLCInitiator, commit_tx_fee_msat};
+	use crate::ln::channel::{Channel, ChannelState, InboundHTLCOutput, OutboundV1Channel, InboundV1Channel, OutboundHTLCOutput, InboundHTLCState, OutboundHTLCState, HTLCCandidate, HTLCInitiator, commit_tx_fee_msat};
 	use crate::ln::channel::{MAX_FUNDING_SATOSHIS_NO_WUMBO, TOTAL_BITCOIN_SUPPLY_SATOSHIS, MIN_THEIR_CHAN_RESERVE_SATOSHIS};
 	use crate::ln::features::ChannelTypeFeatures;
 	use crate::ln::msgs::{ChannelUpdate, DecodeError, UnsignedChannelUpdate, MAX_VALUE_MSAT};
@@ -8952,4 +8966,148 @@ mod tests {
 		);
 		assert!(res.is_err());
 	}
+
+	#[test]
+	fn test_waiting_for_batch() {
+		let feeest = LowerBoundedFeeEstimator::new(&TestFeeEstimator{fee_est: 15000});
+		let logger = test_utils::TestLogger::new();
+		let secp_ctx = Secp256k1::new();
+		let seed = [42; 32];
+		let network = Network::Testnet;
+		let best_block = BestBlock::from_network(network);
+		let chain_hash = genesis_block(network).header.block_hash();
+		let keys_provider = test_utils::TestKeysInterface::new(&seed, network);
+
+		let mut config = UserConfig::default();
+		// Set trust_own_funding_0conf while ensuring we don't send channel_ready for a
+		// channel in a batch before all channels are ready.
+		config.channel_handshake_limits.trust_own_funding_0conf = true;
+
+		// Create a channel from node a to node b that will be part of batch funding.
+		let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
+		let mut node_a_chan = OutboundV1Channel::<EnforcingSigner>::new(
+			&feeest,
+			&&keys_provider,
+			&&keys_provider,
+			node_b_node_id,
+			&channelmanager::provided_init_features(&config),
+			10000000,
+			100000,
+			42,
+			&config,
+			0,
+			42,
+		).unwrap();
+
+		let open_channel_msg = node_a_chan.get_open_channel(genesis_block(network).header.block_hash());
+		let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap());
+		let mut node_b_chan = InboundV1Channel::<EnforcingSigner>::new(
+			&feeest,
+			&&keys_provider,
+			&&keys_provider,
+			node_b_node_id,
+			&channelmanager::provided_channel_type_features(&config),
+			&channelmanager::provided_init_features(&config),
+			&open_channel_msg,
+			7,
+			&config,
+			0,
+			&&logger,
+			42,
+		).unwrap();
+
+		// Allow node b to send a 0conf channel_ready.
+		node_b_chan.set_0conf();
+
+		let accept_channel_msg = node_b_chan.accept_inbound_channel(0);
+		node_a_chan.accept_channel(
+			&accept_channel_msg,
+			&config.channel_handshake_limits,
+			&channelmanager::provided_init_features(&config),
+		).unwrap();
+
+		// Fund the channel with a batch funding transaction.
+		let output_script = node_a_chan.context.get_funding_redeemscript();
+		let tx = Transaction {
+			version: 1,
+			lock_time: PackedLockTime::ZERO,
+			input: Vec::new(),
+			output: vec![
+				TxOut {
+					value: 10000000, script_pubkey: output_script.clone(),
+				},
+				TxOut {
+					value: 10000000, script_pubkey: Builder::new().into_script(),
+				},
+			]};
+		let funding_outpoint = OutPoint{ txid: tx.txid(), index: 0 };
+		let (mut node_a_chan, funding_created_msg) = node_a_chan.get_funding_created(
+			tx.clone(),
+			funding_outpoint,
+			&&logger,
+		).map_err(|_| ()).unwrap();
+		let (mut node_b_chan, funding_signed_msg, _) = node_b_chan.funding_created(
+			&funding_created_msg,
+			best_block,
+			&&keys_provider,
+			&&logger,
+		).map_err(|_| ()).unwrap();
+		let node_b_updates = node_b_chan.monitor_updating_restored(
+			&&logger,
+			&&keys_provider,
+			chain_hash,
+			&config,
+			0,
+		);
+
+		// Receive funding_signed, but the channel will be configured to hold sending channel_ready and
+		// broadcasting the funding transaction until the batch is ready.
+		let _ = node_a_chan.funding_signed(
+			&funding_signed_msg,
+			best_block,
+			&&keys_provider,
+			true,
+			&&logger,
+		).unwrap();
+		let node_a_updates = node_a_chan.monitor_updating_restored(
+			&&logger,
+			&&keys_provider,
+			chain_hash,
+			&config,
+			0,
+		);
+		// Our channel_ready shouldn't be sent yet, even with trust_own_funding_0conf set,
+		// as the funding transaction depends on all channels in the batch becoming ready.
+		assert!(node_a_updates.channel_ready.is_none());
+		assert!(node_a_updates.funding_broadcastable.is_none());
+		assert_eq!(
+			node_a_chan.context.channel_state,
+			ChannelState::FundingSent as u32 |
+			ChannelState::WaitingForBatch as u32,
+		);
+
+		// It is possible to receive a 0conf channel_ready from the remote node.
+		node_a_chan.channel_ready(
+			&node_b_updates.channel_ready.unwrap(),
+			&&keys_provider,
+			chain_hash,
+			&config,
+			&best_block,
+			&&logger,
+		).unwrap();
+		assert_eq!(
+			node_a_chan.context.channel_state,
+			ChannelState::FundingSent as u32 |
+			ChannelState::WaitingForBatch as u32 |
+			ChannelState::TheirChannelReady as u32,
+		);
+
+		// Clear the ChannelState::WaitingForBatch only when called by ChannelManager.
+		node_a_chan.set_batch_ready();
+		assert_eq!(
+			node_a_chan.context.channel_state,
+			ChannelState::FundingSent as u32 |
+			ChannelState::TheirChannelReady as u32,
+		);
+	}
 }

lightning/src/ln/channelmanager.rs

@@ -1766,9 +1766,9 @@ macro_rules! update_maps_on_chan_removal {
 		// If the channel was part of a batch funding transaction, all channels in that
 		// batch are affected.
 		let v1_funding_batch_states = $self.v1_funding_batch_states.read().unwrap();
-		$channel_context.unbroadcasted_funding().map(|tx| {
-			if v1_funding_batch_states.contains_key(&tx.txid()) {
-				$self.v1_funding_batches_to_be_closed.lock().unwrap().push(tx.txid());
+		$channel_context.unbroadcasted_funding_txid().map(|txid| {
+			if v1_funding_batch_states.contains_key(&txid) {
+				$self.v1_funding_batches_to_be_closed.lock().unwrap().push(txid);
 			}
 		})
 	}}
@@ -1920,8 +1920,8 @@ macro_rules! handle_monitor_update_completion {
 		let mut completed_batch = None;
 		{
 			let v1_funding_batch_states = $self.v1_funding_batch_states.read().unwrap();
-			let batch_state_key_value = $chan.context.unbroadcasted_funding()
-					.and_then(|tx| v1_funding_batch_states.get_key_value(&tx.txid()));
+			let batch_state_key_value = $chan.context.unbroadcasted_funding_txid()
+					.and_then(|txid| v1_funding_batch_states.get_key_value(&txid));
 			if let Some((txid, batch_state)) = batch_state_key_value {
 				let mut batch_state = batch_state.lock().unwrap();
 				batch_state.insert(
@@ -3575,42 +3575,41 @@ where
 	/// If there is an error, all channels in the batch are to be considered closed.
 	pub fn batch_funding_transaction_generated(&self, temporary_channels: &[(&[u8; 32], &PublicKey)], funding_transaction: Transaction) -> Result<(), APIError> {
 		let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(self);
+		let mut result = Ok(());
 
 		for inp in funding_transaction.input.iter() {
 			if inp.witness.is_empty() {
-				return Err(APIError::APIMisuseError {
+				result = result.and(Err(APIError::APIMisuseError {
 					err: "Funding transaction must be fully signed and spend Segwit outputs".to_owned()
-				});
+				}));
 			}
 		}
+		if funding_transaction.output.len() > u16::max_value() as usize {
+			result = result.and(Err(APIError::APIMisuseError {
+				err: "Transaction had more than 2^16 outputs, which is not supported".to_owned()
+			}));
+		}
 		{
 			let height = self.best_block.read().unwrap().height();
 			// Transactions are evaluated as final by network mempools if their locktime is strictly
 			// lower than the next block height. However, the modules constituting our Lightning
 			// node might not have perfect sync about their blockchain views. Thus, if the wallet
 			// module is ahead of LDK, only allow one more block of headroom.
 			if !funding_transaction.input.iter().all(|input| input.sequence == Sequence::MAX) && LockTime::from(funding_transaction.lock_time).is_block_height() && funding_transaction.lock_time.0 > height + 1 {
-				return Err(APIError::APIMisuseError {
+				result = result.and(Err(APIError::APIMisuseError {
 					err: "Funding transaction absolute timelock is non-final".to_owned()
-				});
+				}));
 			}
 		}
 
 		let is_batch_funding = temporary_channels.len() > 1;
 		let v1_funding_batch_state = RefCell::new(HashMap::new());
-		let mut result = Ok(());
 		for (temporary_channel_id, counterparty_node_id) in temporary_channels {
 			result = result.and_then(|_| self.funding_transaction_generated_intern(
 				temporary_channel_id,
 				counterparty_node_id,
 				funding_transaction.clone(),
 				|chan, tx| {
-					if tx.output.len() > u16::max_value() as usize {
-						return Err(APIError::APIMisuseError {
-							err: "Transaction had more than 2^16 outputs, which is not supported".to_owned()
-						});
-					}
-
 					let mut output_index = None;
 					let expected_spk = chan.context.get_funding_redeemscript().to_v0_p2wsh();
 					for (idx, outp) in tx.output.iter().enumerate() {
@@ -3634,36 +3633,34 @@ where
 				})
 			);
 		}
-		if is_batch_funding {
-			if let Err(ref e) = result {
-				// Remaining channels in the batch need to be removed on any error.
-				let e = format!("Error in batch transaction funding: {:?}", e);
-				let per_peer_state = self.per_peer_state.read().unwrap();
-				for (temporary_channel_id, counterparty_node_id) in temporary_channels {
-					per_peer_state.get(counterparty_node_id)
-							.map(|peer_state_mutex| peer_state_mutex.lock().unwrap())
-							.and_then(|mut peer_state| peer_state.outbound_v1_channel_by_id.remove(*temporary_channel_id))
-							.map(|chan| {
-								update_maps_on_chan_removal!(self, &chan.context);
-								self.issue_channel_close_events(&chan.context, ClosureReason::ProcessingError { err: e.clone() });
-							});
-				}
-				for (channel_id, counterparty_node_id) in v1_funding_batch_state.borrow().keys() {
-					per_peer_state.get(counterparty_node_id)
-							.map(|peer_state_mutex| peer_state_mutex.lock().unwrap())
-							.and_then(|mut peer_state| peer_state.channel_by_id.remove(channel_id))
-							.map(|chan| {
-								update_maps_on_chan_removal!(self, &chan.context);
-								self.issue_channel_close_events(&chan.context, ClosureReason::ProcessingError { err: e.clone() });
-							});
-				}
-			} else {
-				// Initialize the state of the batch.
-				self.v1_funding_batch_states.write().unwrap().insert(
-					funding_transaction.txid(),
-					Mutex::new(v1_funding_batch_state.into_inner()),
-				);
+		if let Err(ref e) = result {
+			// Remaining channels need to be removed on any error.
+			let e = format!("Error in transaction funding: {:?}", e);
+			let per_peer_state = self.per_peer_state.read().unwrap();
+			for (temporary_channel_id, counterparty_node_id) in temporary_channels {
+				per_peer_state.get(counterparty_node_id)
+						.map(|peer_state_mutex| peer_state_mutex.lock().unwrap())
+						.and_then(|mut peer_state| peer_state.outbound_v1_channel_by_id.remove(*temporary_channel_id))
+						.map(|chan| {
+							update_maps_on_chan_removal!(self, &chan.context);
+							self.issue_channel_close_events(&chan.context, ClosureReason::ProcessingError { err: e.clone() });
+						});
+			}
+			for (channel_id, counterparty_node_id) in v1_funding_batch_state.borrow().keys() {
+				per_peer_state.get(counterparty_node_id)
+						.map(|peer_state_mutex| peer_state_mutex.lock().unwrap())
+						.and_then(|mut peer_state| peer_state.channel_by_id.remove(channel_id))
+						.map(|chan| {
+							update_maps_on_chan_removal!(self, &chan.context);
+							self.issue_channel_close_events(&chan.context, ClosureReason::ProcessingError { err: e.clone() });
+						});
 			}
+		} else if is_batch_funding {
+			// Initialize the state of the batch.
+			self.v1_funding_batch_states.write().unwrap().insert(
+				funding_transaction.txid(),
+				Mutex::new(v1_funding_batch_state.into_inner()),
+			);
 		}
 		result
 	}
@@ -5718,8 +5715,8 @@ where
 		let peer_state = &mut *peer_state_lock;
 		match peer_state.channel_by_id.entry(msg.channel_id) {
 			hash_map::Entry::Occupied(mut chan) => {
-				let is_batch_funding = chan.get().context.unbroadcasted_funding()
-						.map(|tx| self.v1_funding_batch_states.read().unwrap().contains_key(&tx.txid()))
+				let is_batch_funding = chan.get().context.unbroadcasted_funding_txid()
+						.map(|txid| self.v1_funding_batch_states.read().unwrap().contains_key(&txid))
 						.unwrap_or(false);
 				let monitor = try_chan_entry!(self,
 					chan.get_mut().funding_signed(&msg, best_block, &self.signer_provider, is_batch_funding, &self.logger), chan);
@@ -7408,7 +7405,7 @@ where
 				let peer_state = &mut *peer_state_lock;
 
 				peer_state.channel_by_id.retain(|_, chan| {
-					if chan.context.unbroadcasted_funding().is_some() {
+					if !chan.context.is_funding_initiated() {
 						// It is possible to have persisted the monitor upon funding_signed
 						// but not have broadcast the transaction, especially for batch funding.
 						// The monitor should be moved to the correct state.