lightningnetwork / lnd / 10418626636

package contractcourt

import (

        "errors"

        "fmt"

        "sync"

        "sync/atomic"

        "time"

        "github.com/btcsuite/btcd/btcutil"

        "github.com/btcsuite/btcd/chaincfg/chainhash"

        "github.com/btcsuite/btcd/wire"

        "github.com/btcsuite/btcwallet/walletdb"

        "github.com/lightningnetwork/lnd/chainntnfs"

        "github.com/lightningnetwork/lnd/channeldb"

        "github.com/lightningnetwork/lnd/channeldb/models"

        "github.com/lightningnetwork/lnd/clock"

        "github.com/lightningnetwork/lnd/fn"

        "github.com/lightningnetwork/lnd/input"

        "github.com/lightningnetwork/lnd/kvdb"

        "github.com/lightningnetwork/lnd/labels"

        "github.com/lightningnetwork/lnd/lnwallet"

        "github.com/lightningnetwork/lnd/lnwallet/chainfee"

        "github.com/lightningnetwork/lnd/lnwire"

)

// ErrChainArbExiting signals that the chain arbitrator is shutting down.

var ErrChainArbExiting = errors.New("ChainArbitrator exiting")

// ResolutionMsg is a message sent by resolvers to outside sub-systems once an

// outgoing contract has been fully resolved. For multi-hop contracts, if we

// resolve the outgoing contract, we'll also need to ensure that the incoming

// contract is resolved as well. We package the items required to resolve the

// incoming contracts within this message.

type ResolutionMsg struct {

        // SourceChan identifies the channel that this message is being sent

        // from. This is the channel's short channel ID.

        SourceChan lnwire.ShortChannelID

        // HtlcIndex is the index of the contract within the original

        // commitment trace.

        HtlcIndex uint64

        // Failure will be non-nil if the incoming contract should be canceled

        // all together. This can happen if the outgoing contract was dust, if

        // if the outgoing HTLC timed out.

        Failure lnwire.FailureMessage

        // PreImage will be non-nil if the incoming contract can successfully

        // be redeemed. This can happen if we learn of the preimage from the

        // outgoing HTLC on-chain.

        PreImage *[32]byte

}

// ChainArbitratorConfig is a configuration struct that contains all the

// function closures and interface that required to arbitrate on-chain

// contracts for a particular chain.

type ChainArbitratorConfig struct {

        // ChainHash is the chain that this arbitrator is to operate within.

        ChainHash chainhash.Hash

        // IncomingBroadcastDelta is the delta that we'll use to decide when to

        // broadcast our commitment transaction if we have incoming htlcs. This

        // value should be set based on our current fee estimation of the

        // commitment transaction. We use this to determine when we should

        // broadcast instead of just the HTLC timeout, as we want to ensure

        // that the commitment transaction is already confirmed, by the time the

        // HTLC expires. Otherwise we may end up not settling the htlc on-chain

        // because the other party managed to time it out.

        IncomingBroadcastDelta uint32

        // OutgoingBroadcastDelta is the delta that we'll use to decide when to

        // broadcast our commitment transaction if there are active outgoing

        // htlcs. This value can be lower than the incoming broadcast delta.

        OutgoingBroadcastDelta uint32

        // NewSweepAddr is a function that returns a new address under control

        // by the wallet. We'll use this to sweep any no-delay outputs as a

        // result of unilateral channel closes.

        //

        // NOTE: This SHOULD return a p2wkh script.

        NewSweepAddr func() ([]byte, error)

        // PublishTx reliably broadcasts a transaction to the network. Once

        // this function exits without an error, then they transaction MUST

        // continually be rebroadcast if needed.

        PublishTx func(*wire.MsgTx, string) error

        // DeliverResolutionMsg is a function that will append an outgoing

        // message to the "out box" for a ChannelLink. This is used to cancel

        // backwards any HTLC's that are either dust, we're timing out, or

        // settling on-chain to the incoming link.

        DeliverResolutionMsg func(...ResolutionMsg) error

        // MarkLinkInactive is a function closure that the ChainArbitrator will

        // use to mark that active HTLC's shouldn't be attempted to be routed

        // over a particular channel. This function will be called in that a

        // ChannelArbitrator decides that it needs to go to chain in order to

        // resolve contracts.

        //

        // TODO(roasbeef): rename, routing based

        MarkLinkInactive func(wire.OutPoint) error

        // ContractBreach is a function closure that the ChainArbitrator will

        // use to notify the BreachArbitrator about a contract breach. It should

        // only return a non-nil error when the BreachArbitrator has preserved

        // the necessary breach info for this channel point. Once the breach

        // resolution is persisted in the ChannelArbitrator, it will be safe

        // to mark the channel closed.

        ContractBreach func(wire.OutPoint, *lnwallet.BreachRetribution) error

        // IsOurAddress is a function that returns true if the passed address

        // is known to the underlying wallet. Otherwise, false should be

        // returned.

        IsOurAddress func(btcutil.Address) bool

        // IncubateOutputs sends either an incoming HTLC, an outgoing HTLC, or

        // both to the utxo nursery. Once this function returns, the nursery

        // should have safely persisted the outputs to disk, and should start

        // the process of incubation. This is used when a resolver wishes to

        // pass off the output to the nursery as we're only waiting on an

        // absolute/relative item block.

        IncubateOutputs func(wire.OutPoint,

                fn.Option[lnwallet.OutgoingHtlcResolution],

                fn.Option[lnwallet.IncomingHtlcResolution],

                uint32, fn.Option[int32]) error

        // PreimageDB is a global store of all known pre-images. We'll use this

        // to decide if we should broadcast a commitment transaction to claim

        // an HTLC on-chain.

        PreimageDB WitnessBeacon

        // Notifier is an instance of a chain notifier we'll use to watch for

        // certain on-chain events.

        Notifier chainntnfs.ChainNotifier

        // Mempool is the a mempool watcher that allows us to watch for events

        // happened in mempool.

        Mempool chainntnfs.MempoolWatcher

        // Signer is a signer backed by the active lnd node. This should be

        // capable of producing a signature as specified by a valid

        // SignDescriptor.

        Signer input.Signer

        // FeeEstimator will be used to return fee estimates.

        FeeEstimator chainfee.Estimator

        // ChainIO allows us to query the state of the current main chain.

        ChainIO lnwallet.BlockChainIO

        // DisableChannel disables a channel, resulting in it not being able to

        // forward payments.

        DisableChannel func(wire.OutPoint) error

        // Sweeper allows resolvers to sweep their final outputs.

        Sweeper UtxoSweeper

        // Registry is the invoice database that is used by resolvers to lookup

        // preimages and settle invoices.

        Registry Registry

        // NotifyClosedChannel is a function closure that the ChainArbitrator

        // will use to notify the ChannelNotifier about a newly closed channel.

        NotifyClosedChannel func(wire.OutPoint)

        // NotifyFullyResolvedChannel is a function closure that the

        // ChainArbitrator will use to notify the ChannelNotifier about a newly

        // resolved channel. The main difference to NotifyClosedChannel is that

        // in case of a local force close the NotifyClosedChannel is called when

        // the published commitment transaction confirms while

        // NotifyFullyResolvedChannel is only called when the channel is fully

        // resolved (which includes sweeping any time locked funds).

        NotifyFullyResolvedChannel func(point wire.OutPoint)

        // OnionProcessor is used to decode onion payloads for on-chain

        // resolution.

        OnionProcessor OnionProcessor

        // PaymentsExpirationGracePeriod indicates a time window we let the

        // other node to cancel an outgoing htlc that our node has initiated and

        // has timed out.

        PaymentsExpirationGracePeriod time.Duration

        // IsForwardedHTLC checks for a given htlc, identified by channel id and

        // htlcIndex, if it is a forwarded one.

        IsForwardedHTLC func(chanID lnwire.ShortChannelID, htlcIndex uint64) bool

        // Clock is the clock implementation that ChannelArbitrator uses.

        // It is useful for testing.

        Clock clock.Clock

        // SubscribeBreachComplete is used by the breachResolver to register a

        // subscription that notifies when the breach resolution process is

        // complete.

        SubscribeBreachComplete func(op *wire.OutPoint, c chan struct{}) (

                bool, error)

        // PutFinalHtlcOutcome stores the final outcome of an htlc in the

        // database.

        PutFinalHtlcOutcome func(chanId lnwire.ShortChannelID,

                htlcId uint64, settled bool) error

        // HtlcNotifier is an interface that htlc events are sent to.

        HtlcNotifier HtlcNotifier

        // Budget is the configured budget for the arbitrator.

        Budget BudgetConfig

        // QueryIncomingCircuit is used to find the outgoing HTLC's

        // corresponding incoming HTLC circuit. It queries the circuit map for

        // a given outgoing circuit key and returns the incoming circuit key.

        //

        // TODO(yy): this is a hacky way to get around the cycling import issue

        // as we cannot import `htlcswitch` here. A proper way is to define an

        // interface here that asks for method `LookupOpenCircuit`,

        // meanwhile, turn `PaymentCircuit` into an interface or bring it to a

        // lower package.

        QueryIncomingCircuit func(circuit models.CircuitKey) *models.CircuitKey

}

// ChainArbitrator is a sub-system that oversees the on-chain resolution of all

// active, and channel that are in the "pending close" state. Within the

// contractcourt package, the ChainArbitrator manages a set of active

// ContractArbitrators. Each ContractArbitrators is responsible for watching

// the chain for any activity that affects the state of the channel, and also

// for monitoring each contract in order to determine if any on-chain activity is

// required. Outside sub-systems interact with the ChainArbitrator in order to

// forcibly exit a contract, update the set of live signals for each contract,

// and to receive reports on the state of contract resolution.

type ChainArbitrator struct {

        started int32 // To be used atomically.

        stopped int32 // To be used atomically.

        sync.Mutex

        // activeChannels is a map of all the active contracts that are still

        // open, and not fully resolved.

        activeChannels map[wire.OutPoint]*ChannelArbitrator

        // activeWatchers is a map of all the active chainWatchers for channels

        // that are still considered open.

        activeWatchers map[wire.OutPoint]*chainWatcher

        // cfg is the config struct for the arbitrator that contains all

        // methods and interface it needs to operate.

        cfg ChainArbitratorConfig

        // chanSource will be used by the ChainArbitrator to fetch all the

        // active channels that it must still watch over.

        chanSource *channeldb.DB

        quit chan struct{}

        wg sync.WaitGroup

}

// NewChainArbitrator returns a new instance of the ChainArbitrator using the

// passed config struct, and backing persistent database.

func NewChainArbitrator(cfg ChainArbitratorConfig,

// arbChannel is a wrapper around an open channel that channel arbitrators

// interact with.

type arbChannel struct {

        // channel is the in-memory channel state.

        channel *channeldb.OpenChannel

        // c references the chain arbitrator and is used by arbChannel

        // internally.

        c *ChainArbitrator

}

// NewAnchorResolutions returns the anchor resolutions for currently valid

// commitment transactions.

//

// NOTE: Part of the ArbChannel interface.

func (a *arbChannel) NewAnchorResolutions() (*lnwallet.AnchorResolutions,

}

// ForceCloseChan should force close the contract that this attendant is

// watching over. We'll use this when we decide that we need to go to chain. It

// should in addition tell the switch to remove the corresponding link, such

// that we won't accept any new updates. The returned summary contains all items

// needed to eventually resolve all outputs on chain.

//

// NOTE: Part of the ArbChannel interface.

        // With the channel marked as borked, we'll now remove

        // the link from the switch if its there. If the link

        // is active, then this method will block until it

        // exits.

        // Now that we know the link can't mutate the channel

        // state, we'll read the channel from disk the target

        // channel according to its channel point.

        // Finally, we'll force close the channel completing

        // the force close workflow.

}

// newActiveChannelArbitrator creates a new instance of an active channel

// arbitrator given the state of the target channel.

func newActiveChannelArbitrator(channel *channeldb.OpenChannel,

                },

                IsPendingClose:        false,

                ChainArbitratorConfig: c.cfg,

                ChainEvents:           chanEvents,

                PutResolverReport: func(tx kvdb.RwTx,

                FindOutgoingHTLCDeadline: func(

        }

        // The final component needed is an arbitrator log that the arbitrator

        // will use to keep track of its internal state using a backed

        // persistent log.

        //

        // TODO(roasbeef); abstraction leak...

        //  * rework: adaptor method to set log scope w/ factory func

        }

        // Finally, we'll need to construct a series of htlc Sets based on all

        // currently known valid commitments.

}

// getArbChannel returns an open channel wrapper for use by channel arbitrators.

func (c *ChainArbitrator) getArbChannel(

// ResolveContract marks a contract as fully resolved within the database.

// This is only to be done once all contracts which were live on the channel

// before hitting the chain have been resolved.

        // Now that the channel has been marked as fully closed, we'll stop

        // both the channel arbitrator and chain watcher for this channel if

        // they're still active.

        }

        }

        // Once this has been marked as resolved, we'll wipe the log that the

        // channel arbitrator was using to store its persistent state. We do

        // this after marking the channel resolved, as otherwise, the

        // arbitrator would be re-created, and think it was starting from the

        // default state.

        }

}

// Start launches all goroutines that the ChainArbitrator needs to operate.

        // For each open channel, we'll configure then launch a corresponding

        // ChannelArbitrator.

        }

        // In addition to the channels that we know to be open, we'll also

        // launch arbitrators to finishing resolving any channels that are in

        // the pending close state.

        // Next, for each channel is the closing state, we'll launch a

        // corresponding more restricted resolver, as we don't have to watch

        // the chain any longer, only resolve the contracts on the confirmed

        // commitment.

        //nolint:lll

                        FindOutgoingHTLCDeadline: func(

                }

                }

                // We create an empty map of HTLC's here since it's possible

                // that the channel is in StateDefault and updateActiveHTLCs is

                // called. We want to avoid writing to an empty map. Since the

                // channel is already in the process of being resolved, no new

                // HTLCs will be added.

        }

        // Now, we'll start all chain watchers in parallel to shorten start up

        // duration. In neutrino mode, this allows spend registrations to take

        // advantage of batch spend reporting, instead of doing a single rescan

        // per chain watcher.

        //

        // NOTE: After this point, we Stop the chain arb to ensure that any

        // lingering goroutines are cleaned up before exiting.

                        }

                }(watcher)

        }

        // Once all chain watchers have been started, seal the err chan to

        // signal the end of the err stream.

        // stopAndLog is a helper function which shuts down the chain arb and

        // logs errors if they occur.

        }

        // Handle all errors returned from spawning our chain watchers. If any

        // of them failed, we will stop the chain arb to shutdown any active

        // goroutines.

        }

        // Before we start all of our arbitrators, we do a preliminary state

        // lookup so that we can combine all of these lookups in a single db

        // transaction.

                }

        // Launch all the goroutines for each arbitrator so they can carry out

        // their duties.

        }

        // Subscribe to a single stream of block epoch notifications that we

        // will dispatch to all active arbitrators.

        // Start our goroutine which will dispatch blocks to each arbitrator.

        // TODO(roasbeef): eventually move all breach watching here

}

// blockRecipient contains the information we need to dispatch a block to a

// channel arbitrator.

type blockRecipient struct {

        // chanPoint is the funding outpoint of the channel.

        chanPoint wire.OutPoint

        // blocks is the channel that new block heights are sent into. This

        // channel should be sufficiently buffered as to not block the sender.

        blocks chan<- int32

        // quit is closed if the receiving entity is shutting down.

        quit chan struct{}

}

// dispatchBlocks consumes a block epoch notification stream and dispatches

// blocks to each of the chain arb's active channel arbitrators. This function

// must be run in a goroutine.

func (c *ChainArbitrator) dispatchBlocks(

        }

        // On exit, cancel our blocks subscription and close each block channel

        // so that the arbitrators know they will no longer be receiving blocks.

        }()

        // Consume block epochs until we receive the instruction to shutdown.

                // Consume block epochs, exiting if our subscription is

                // terminated.

                        // Get the set of currently active channels block

                        // subscription channels and dispatch the block to

                        // each.

                                // Deliver the block to the arbitrator.

                                // If the recipient is shutting down, exit

                                // without delivering the block. This may be

                                // the case when two blocks are mined in quick

                                // succession, and the arbitrator resolves

                                // after the first block, and does not need to

                                // consume the second block.

                                // If the chain arb is shutting down, we don't

                                // need to deliver any more blocks (everything

                                // will be shutting down).

                                }

                        }

                // Exit if the chain arbitrator is shutting down.

                }

        }

}

// republishClosingTxs will load any stored cooperative or unilateral closing

// transactions and republish them. This helps ensure propagation of the

// transactions in the event that prior publications failed.

func (c *ChainArbitrator) republishClosingTxs(

        }

        // If the channel has had its cooperative close broadcasted

        // already, republish it in case it didn't propagate.

        }

}

// rebroadcast is a helper method which will republish the unilateral or

// cooperative close transaction or a channel in a particular state.

//

// NOTE: There is no risk to calling this method if the channel isn't in either

// CommitmentBroadcasted or CoopBroadcasted, but the logs will be misleading.

func (c *ChainArbitrator) rebroadcast(channel *channeldb.OpenChannel,

        }

        // This can happen for channels that had their closing tx published

        // before we started storing it to disk.

        }

}

// Stop signals the ChainArbitrator to trigger a graceful shutdown. Any active

// channel arbitrators will be signalled to exit, and this method will block

// until they've all exited.