13157733617

Committed 05 Feb 2025 12:49PM UTC coverage: 57.712% (-1.1%) from 58.82%

Build # 13157733617

Build Type

Pull #9447

github

Committed by

yyforyongyu

Commit Message

sweep: rename methods for clarity

We now rename "third party" to "unknown" as the inputs can be spent via
an older sweeping tx, a third party (anchor), or a remote party (pin).
In fee bumper we don't have the info to distinguish the above cases, and
leave them to be further handled by the sweeper as it has more context.

Pull Request Pull Request #9447: sweep: start tracking input spending status in the fee bumper

Run Details

83 of 87 new or added lines in 2 files covered. (95.4%)

19472 existing lines in 252 files now uncovered.

103634 of 179570 relevant lines covered (57.71%)

24840.31 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

68.26

/funding/manager.go

package funding

import (
        "bytes"
        "encoding/binary"
        "fmt"
        "io"
        "sync"
        "sync/atomic"
        "time"

        "github.com/btcsuite/btcd/blockchain"
        "github.com/btcsuite/btcd/btcec/v2"
        "github.com/btcsuite/btcd/btcec/v2/ecdsa"
        "github.com/btcsuite/btcd/btcec/v2/schnorr/musig2"
        "github.com/btcsuite/btcd/btcutil"
        "github.com/btcsuite/btcd/chaincfg/chainhash"
        "github.com/btcsuite/btcd/txscript"
        "github.com/btcsuite/btcd/wire"
        "github.com/davecgh/go-spew/spew"
        "github.com/go-errors/errors"
        "github.com/lightningnetwork/lnd/chainntnfs"
        "github.com/lightningnetwork/lnd/chanacceptor"
        "github.com/lightningnetwork/lnd/channeldb"
        "github.com/lightningnetwork/lnd/discovery"
        "github.com/lightningnetwork/lnd/fn/v2"
        "github.com/lightningnetwork/lnd/graph"
        "github.com/lightningnetwork/lnd/graph/db/models"
        "github.com/lightningnetwork/lnd/input"
        "github.com/lightningnetwork/lnd/keychain"
        "github.com/lightningnetwork/lnd/labels"
        "github.com/lightningnetwork/lnd/lnpeer"
        "github.com/lightningnetwork/lnd/lnrpc"
        "github.com/lightningnetwork/lnd/lnutils"
        "github.com/lightningnetwork/lnd/lnwallet"
        "github.com/lightningnetwork/lnd/lnwallet/chainfee"
        "github.com/lightningnetwork/lnd/lnwallet/chanfunding"
        "github.com/lightningnetwork/lnd/lnwire"
        "golang.org/x/crypto/salsa20"
)

var (
        // byteOrder defines the endian-ness we use for encoding to and from
        // buffers.
        byteOrder = binary.BigEndian

        // checkPeerChannelReadyInterval is used when we are waiting for the
        // peer to send us ChannelReady. We will check every 1 second to see
        // if the message is received.
        //
        // NOTE: for itest, this value is changed to 10ms.
        checkPeerChannelReadyInterval = 1 * time.Second

        // errNoLocalNonce is returned when a local nonce is not found in the
        // expected TLV.
        errNoLocalNonce = fmt.Errorf("local nonce not found")

        // errNoPartialSig is returned when a partial sig is not found in the
        // expected TLV.
        errNoPartialSig = fmt.Errorf("partial sig not found")
)

// WriteOutpoint writes an outpoint to an io.Writer. This is not the same as
// the channeldb variant as this uses WriteVarBytes for the Hash.
func WriteOutpoint(w io.Writer, o *wire.OutPoint) error {
        scratch := make([]byte, 4)

        if err := wire.WriteVarBytes(w, 0, o.Hash[:]); err != nil {
                return err
        }

        byteOrder.PutUint32(scratch, o.Index)
        _, err := w.Write(scratch)
        return err
}

const (
        // MinBtcRemoteDelay is the minimum CSV delay we will require the remote
        // to use for its commitment transaction.
        MinBtcRemoteDelay uint16 = 144

        // MaxBtcRemoteDelay is the maximum CSV delay we will require the remote
        // to use for its commitment transaction.
        MaxBtcRemoteDelay uint16 = 2016

        // MinChanFundingSize is the smallest channel that we'll allow to be
        // created over the RPC interface.
        MinChanFundingSize = btcutil.Amount(20000)

        // MaxBtcFundingAmount is a soft-limit of the maximum channel size
        // currently accepted on the Bitcoin chain within the Lightning
        // Protocol. This limit is defined in BOLT-0002, and serves as an
        // initial precautionary limit while implementations are battle tested
        // in the real world.
        MaxBtcFundingAmount = btcutil.Amount(1<<24) - 1

        // MaxBtcFundingAmountWumbo is a soft-limit on the maximum size of wumbo
        // channels. This limit is 10 BTC and is the only thing standing between
        // you and limitless channel size (apart from 21 million cap).
        MaxBtcFundingAmountWumbo = btcutil.Amount(1000000000)

        msgBufferSize = 50

        // MaxWaitNumBlocksFundingConf is the maximum number of blocks to wait
        // for the funding transaction to be confirmed before forgetting
        // channels that aren't initiated by us. 2016 blocks is ~2 weeks.
        MaxWaitNumBlocksFundingConf = 2016

        // pendingChansLimit is the maximum number of pending channels that we
        // can have. After this point, pending channel opens will start to be
        // rejected.
        pendingChansLimit = 1_000
)

var (
        // ErrFundingManagerShuttingDown is an error returned when attempting to
        // process a funding request/message but the funding manager has already
        // been signaled to shut down.
        ErrFundingManagerShuttingDown = errors.New("funding manager shutting " +
                "down")

        // ErrConfirmationTimeout is an error returned when we as a responder
        // are waiting for a funding transaction to confirm, but too many
        // blocks pass without confirmation.
        ErrConfirmationTimeout = errors.New("timeout waiting for funding " +
                "confirmation")

        // errUpfrontShutdownScriptNotSupported is returned if an upfront
        // shutdown script is set for a peer that does not support the feature
        // bit.
        errUpfrontShutdownScriptNotSupported = errors.New("peer does not " +
                "support option upfront shutdown script")

        zeroID [32]byte
)

// reservationWithCtx encapsulates a pending channel reservation. This wrapper
// struct is used internally within the funding manager to track and progress
// the funding workflow initiated by incoming/outgoing methods from the target
// peer. Additionally, this struct houses a response and error channel which is
// used to respond to the caller in the case a channel workflow is initiated
// via a local signal such as RPC.
//
// TODO(roasbeef): actually use the context package
//   - deadlines, etc.
type reservationWithCtx struct {
        reservation *lnwallet.ChannelReservation
        peer        lnpeer.Peer

        chanAmt btcutil.Amount

        // forwardingPolicy is the policy provided by the initFundingMsg.
        forwardingPolicy models.ForwardingPolicy

        // Constraints we require for the remote.
        remoteCsvDelay    uint16
        remoteMinHtlc     lnwire.MilliSatoshi
        remoteMaxValue    lnwire.MilliSatoshi
        remoteMaxHtlcs    uint16
        remoteChanReserve btcutil.Amount

        // maxLocalCsv is the maximum csv we will accept from the remote.
        maxLocalCsv uint16

        // channelType is the explicit channel type proposed by the initiator of
        // the channel.
        channelType *lnwire.ChannelType

        updateMtx   sync.RWMutex
        lastUpdated time.Time

        updates chan *lnrpc.OpenStatusUpdate
        err     chan error
}

// isLocked checks the reservation's timestamp to determine whether it is
// locked.
func (r *reservationWithCtx) isLocked() bool {
        r.updateMtx.RLock()
        defer r.updateMtx.RUnlock()

        // The time zero value represents a locked reservation.
        return r.lastUpdated.IsZero()
}

// updateTimestamp updates the reservation's timestamp with the current time.
func (r *reservationWithCtx) updateTimestamp() {
        r.updateMtx.Lock()
        defer r.updateMtx.Unlock()

        r.lastUpdated = time.Now()
}

// InitFundingMsg is sent by an outside subsystem to the funding manager in
// order to kick off a funding workflow with a specified target peer. The
// original request which defines the parameters of the funding workflow are
// embedded within this message giving the funding manager full context w.r.t
// the workflow.
type InitFundingMsg struct {
        // Peer is the peer that we want to open a channel to.
        Peer lnpeer.Peer

        // TargetPubkey is the public key of the peer.
        TargetPubkey *btcec.PublicKey

        // ChainHash is the target genesis hash for this channel.
        ChainHash chainhash.Hash

        // SubtractFees set to true means that fees will be subtracted
        // from the LocalFundingAmt.
        SubtractFees bool

        // LocalFundingAmt is the size of the channel.
        LocalFundingAmt btcutil.Amount

        // BaseFee is the base fee charged for routing payments regardless of
        // the number of milli-satoshis sent.
        BaseFee *uint64

        // FeeRate is the fee rate in ppm (parts per million) that will be
        // charged proportionally based on the value of each forwarded HTLC, the
        // lowest possible rate is 0 with a granularity of 0.000001
        // (millionths).
        FeeRate *uint64

        // PushAmt is the amount pushed to the counterparty.
        PushAmt lnwire.MilliSatoshi

        // FundingFeePerKw is the fee for the funding transaction.
        FundingFeePerKw chainfee.SatPerKWeight

        // Private determines whether or not this channel will be private.
        Private bool

        // MinHtlcIn is the minimum incoming HTLC that we accept.
        MinHtlcIn lnwire.MilliSatoshi

        // RemoteCsvDelay is the CSV delay we require for the remote peer.
        RemoteCsvDelay uint16

        // RemoteChanReserve is the channel reserve we required for the remote
        // peer.
        RemoteChanReserve btcutil.Amount

        // MinConfs indicates the minimum number of confirmations that each
        // output selected to fund the channel should satisfy.
        MinConfs int32

        // ShutdownScript is an optional upfront shutdown script for the
        // channel. This value is optional, so may be nil.
        ShutdownScript lnwire.DeliveryAddress

        // MaxValueInFlight is the maximum amount of coins in MilliSatoshi
        // that can be pending within the channel. It only applies to the
        // remote party.
        MaxValueInFlight lnwire.MilliSatoshi

        // MaxHtlcs is the maximum number of HTLCs that the remote peer
        // can offer us.
        MaxHtlcs uint16

        // MaxLocalCsv is the maximum local csv delay we will accept from our
        // peer.
        MaxLocalCsv uint16

        // FundUpToMaxAmt is the maximum amount to try to commit to. If set, the
        // MinFundAmt field denotes the acceptable minimum amount to commit to,
        // while trying to commit as many coins as possible up to this value.
        FundUpToMaxAmt btcutil.Amount

        // MinFundAmt must be set iff FundUpToMaxAmt is set. It denotes the
        // minimum amount to commit to.
        MinFundAmt btcutil.Amount

        // Outpoints is a list of client-selected outpoints that should be used
        // for funding a channel. If LocalFundingAmt is specified then this
        // amount is allocated from the sum of outpoints towards funding. If
        // the FundUpToMaxAmt is specified the entirety of selected funds is
        // allocated towards channel funding.
        Outpoints []wire.OutPoint

        // ChanFunder is an optional channel funder that allows the caller to
        // control exactly how the channel funding is carried out. If not
        // specified, then the default chanfunding.WalletAssembler will be
        // used.
        ChanFunder chanfunding.Assembler

        // PendingChanID is not all zeroes (the default value), then this will
        // be the pending channel ID used for the funding flow within the wire
        // protocol.
        PendingChanID PendingChanID

        // ChannelType allows the caller to use an explicit channel type for the
        // funding negotiation. This type will only be observed if BOTH sides
        // support explicit channel type negotiation.
        ChannelType *lnwire.ChannelType

        // Memo is any arbitrary information we wish to store locally about the
        // channel that will be useful to our future selves.
        Memo []byte

        // Updates is a channel which updates to the opening status of the
        // channel are sent on.
        Updates chan *lnrpc.OpenStatusUpdate

        // Err is a channel which errors encountered during the funding flow are
        // sent on.
        Err chan error
}

// fundingMsg is sent by the ProcessFundingMsg function and packages a
// funding-specific lnwire.Message along with the lnpeer.Peer that sent it.
type fundingMsg struct {
        msg  lnwire.Message
        peer lnpeer.Peer
}

// pendingChannels is a map instantiated per-peer which tracks all active
// pending single funded channels indexed by their pending channel identifier,
// which is a set of 32-bytes generated via a CSPRNG.
type pendingChannels map[PendingChanID]*reservationWithCtx

// serializedPubKey is used within the FundingManager's activeReservations list
// to identify the nodes with which the FundingManager is actively working to
// initiate new channels.
type serializedPubKey [33]byte

// newSerializedKey creates a new serialized public key from an instance of a
// live pubkey object.
func newSerializedKey(pubKey *btcec.PublicKey) serializedPubKey {
        var s serializedPubKey
        copy(s[:], pubKey.SerializeCompressed())
        return s
}

// DevConfig specifies configs used for integration test only.
type DevConfig struct {
        // ProcessChannelReadyWait is the duration to sleep before processing
        // remote node's channel ready message once the channel as been marked
        // as `channelReadySent`.
        ProcessChannelReadyWait time.Duration
}

// Config defines the configuration for the FundingManager. All elements
// within the configuration MUST be non-nil for the FundingManager to carry out
// its duties.
type Config struct {
        // Dev specifies config values used in integration test. For
        // production, this config will always be an empty struct.
        Dev *DevConfig

        // NoWumboChans indicates if we're to reject all incoming wumbo channel
        // requests, and also reject all outgoing wumbo channel requests.
        NoWumboChans bool

        // IDKey is the PublicKey that is used to identify this node within the
        // Lightning Network.
        IDKey *btcec.PublicKey

        // IDKeyLoc is the locator for the key that is used to identify this
        // node within the LightningNetwork.
        IDKeyLoc keychain.KeyLocator

        // Wallet handles the parts of the funding process that involves moving
        // funds from on-chain transaction outputs into Lightning channels.
        Wallet *lnwallet.LightningWallet

        // PublishTransaction facilitates the process of broadcasting a
        // transaction to the network.
        PublishTransaction func(*wire.MsgTx, string) error

        // UpdateLabel updates the label that a transaction has in our wallet,
        // overwriting any existing labels.
        UpdateLabel func(chainhash.Hash, string) error

        // FeeEstimator calculates appropriate fee rates based on historical
        // transaction information.
        FeeEstimator chainfee.Estimator

        // Notifier is used by the FundingManager to determine when the
        // channel's funding transaction has been confirmed on the blockchain
        // so that the channel creation process can be completed.
        Notifier chainntnfs.ChainNotifier

        // ChannelDB is the database that keeps track of all channel state.
        ChannelDB *channeldb.ChannelStateDB

        // SignMessage signs an arbitrary message with a given public key. The
        // actual digest signed is the double sha-256 of the message. In the
        // case that the private key corresponding to the passed public key
        // cannot be located, then an error is returned.
        //
        // TODO(roasbeef): should instead pass on this responsibility to a
        // distinct sub-system?
        SignMessage func(keyLoc keychain.KeyLocator,
                msg []byte, doubleHash bool) (*ecdsa.Signature, error)

        // CurrentNodeAnnouncement should return the latest, fully signed node
        // announcement from the backing Lightning Network node with a fresh
        // timestamp.
        CurrentNodeAnnouncement func() (lnwire.NodeAnnouncement, error)

        // SendAnnouncement is used by the FundingManager to send announcement
        // messages to the Gossiper to possibly broadcast to the greater
        // network. A set of optional message fields can be provided to populate
        // any information within the graph that is not included in the gossip
        // message.
        SendAnnouncement func(msg lnwire.Message,
                optionalFields ...discovery.OptionalMsgField) chan error

        // NotifyWhenOnline allows the FundingManager to register with a
        // subsystem that will notify it when the peer comes online. This is
        // used when sending the channelReady message, since it MUST be
        // delivered after the funding transaction is confirmed.
        //
        // NOTE: The peerChan channel must be buffered.
        NotifyWhenOnline func(peer [33]byte, peerChan chan<- lnpeer.Peer)

        // FindChannel queries the database for the channel with the given
        // channel ID. Providing the node's public key is an optimization that
        // prevents deserializing and scanning through all possible channels.
        FindChannel func(node *btcec.PublicKey,
                chanID lnwire.ChannelID) (*channeldb.OpenChannel, error)

        // TempChanIDSeed is a cryptographically random string of bytes that's
        // used as a seed to generate pending channel ID's.
        TempChanIDSeed [32]byte

        // DefaultRoutingPolicy is the default routing policy used when
        // initially announcing channels.
        DefaultRoutingPolicy models.ForwardingPolicy

        // DefaultMinHtlcIn is the default minimum incoming htlc value that is
        // set as a channel parameter.
        DefaultMinHtlcIn lnwire.MilliSatoshi

        // NumRequiredConfs is a function closure that helps the funding
        // manager decide how many confirmations it should require for a
        // channel extended to it. The function is able to take into account
        // the amount of the channel, and any funds we'll be pushed in the
        // process to determine how many confirmations we'll require.
        NumRequiredConfs func(btcutil.Amount, lnwire.MilliSatoshi) uint16

        // RequiredRemoteDelay is a function that maps the total amount in a
        // proposed channel to the CSV delay that we'll require for the remote
        // party. Naturally a larger channel should require a higher CSV delay
        // in order to give us more time to claim funds in the case of a
        // contract breach.
        RequiredRemoteDelay func(btcutil.Amount) uint16

        // RequiredRemoteChanReserve is a function closure that, given the
        // channel capacity and dust limit, will return an appropriate amount
        // for the remote peer's required channel reserve that is to be adhered
        // to at all times.
        RequiredRemoteChanReserve func(capacity,
                dustLimit btcutil.Amount) btcutil.Amount

        // RequiredRemoteMaxValue is a function closure that, given the channel
        // capacity, returns the amount of MilliSatoshis that our remote peer
        // can have in total outstanding HTLCs with us.
        RequiredRemoteMaxValue func(btcutil.Amount) lnwire.MilliSatoshi

        // RequiredRemoteMaxHTLCs is a function closure that, given the channel
        // capacity, returns the number of maximum HTLCs the remote peer can
        // offer us.
        RequiredRemoteMaxHTLCs func(btcutil.Amount) uint16

        // WatchNewChannel is to be called once a new channel enters the final
        // funding stage: waiting for on-chain confirmation. This method sends
        // the channel to the ChainArbitrator so it can watch for any on-chain
        // events related to the channel. We also provide the public key of the
        // node we're establishing a channel with for reconnection purposes.
        WatchNewChannel func(*channeldb.OpenChannel, *btcec.PublicKey) error

        // ReportShortChanID allows the funding manager to report the confirmed
        // short channel ID of a formerly pending zero-conf channel to outside
        // sub-systems.
        ReportShortChanID func(wire.OutPoint) error

        // ZombieSweeperInterval is the periodic time interval in which the
        // zombie sweeper is run.
        ZombieSweeperInterval time.Duration

        // ReservationTimeout is the length of idle time that must pass before
        // a reservation is considered a zombie.
        ReservationTimeout time.Duration

        // MinChanSize is the smallest channel size that we'll accept as an
        // inbound channel. We have such a parameter, as otherwise, nodes could
        // flood us with very small channels that would never really be usable
        // due to fees.
        MinChanSize btcutil.Amount

        // MaxChanSize is the largest channel size that we'll accept as an
        // inbound channel. We have such a parameter, so that you may decide how
        // WUMBO you would like your channel.
        MaxChanSize btcutil.Amount

        // MaxPendingChannels is the maximum number of pending channels we
        // allow for each peer.
        MaxPendingChannels int

        // RejectPush is set true if the fundingmanager should reject any
        // incoming channels having a non-zero push amount.
        RejectPush bool

        // MaxLocalCSVDelay is the maximum csv delay we will allow for our
        // commit output. Channels that exceed this value will be failed.
        MaxLocalCSVDelay uint16

        // NotifyOpenChannelEvent informs the ChannelNotifier when channels
        // transition from pending open to open.
        NotifyOpenChannelEvent func(wire.OutPoint)

        // OpenChannelPredicate is a predicate on the lnwire.OpenChannel message
        // and on the requesting node's public key that returns a bool which
        // tells the funding manager whether or not to accept the channel.
        OpenChannelPredicate chanacceptor.ChannelAcceptor

        // NotifyPendingOpenChannelEvent informs the ChannelNotifier when
        // channels enter a pending state.
        NotifyPendingOpenChannelEvent func(wire.OutPoint,
                *channeldb.OpenChannel)

        // EnableUpfrontShutdown specifies whether the upfront shutdown script
        // is enabled.
        EnableUpfrontShutdown bool

        // MaxAnchorsCommitFeeRate is the max commitment fee rate we'll use as
        // the initiator for channels of the anchor type.
        MaxAnchorsCommitFeeRate chainfee.SatPerKWeight

        // DeleteAliasEdge allows the Manager to delete an alias channel edge
        // from the graph. It also returns our local to-be-deleted policy.
        DeleteAliasEdge func(scid lnwire.ShortChannelID) (
                *models.ChannelEdgePolicy, error)

        // AliasManager is an implementation of the aliasHandler interface that
        // abstracts away the handling of many alias functions.
        AliasManager aliasHandler

        // IsSweeperOutpoint queries the sweeper store for successfully
        // published sweeps. This is useful to decide for the internal wallet
        // backed funding flow to not use utxos still being swept by the sweeper
        // subsystem.
        IsSweeperOutpoint func(wire.OutPoint) bool

        // AuxLeafStore is an optional store that can be used to store auxiliary
        // leaves for certain custom channel types.
        AuxLeafStore fn.Option[lnwallet.AuxLeafStore]

        // AuxFundingController is an optional controller that can be used to
        // modify the way we handle certain custom channel types. It's also
        // able to automatically handle new custom protocol messages related to
        // the funding process.
        AuxFundingController fn.Option[AuxFundingController]

        // AuxSigner is an optional signer that can be used to sign auxiliary
        // leaves for certain custom channel types.
        AuxSigner fn.Option[lnwallet.AuxSigner]

        // AuxResolver is an optional interface that can be used to modify the
        // way contracts are resolved.
        AuxResolver fn.Option[lnwallet.AuxContractResolver]
}

// Manager acts as an orchestrator/bridge between the wallet's
// 'ChannelReservation' workflow, and the wire protocol's funding initiation
// messages. Any requests to initiate the funding workflow for a channel,
// either kicked-off locally or remotely are handled by the funding manager.
// Once a channel's funding workflow has been completed, any local callers, the
// local peer, and possibly the remote peer are notified of the completion of
// the channel workflow. Additionally, any temporary or permanent access
// controls between the wallet and remote peers are enforced via the funding
// manager.
type Manager struct {
        started sync.Once
        stopped sync.Once

        // cfg is a copy of the configuration struct that the FundingManager
        // was initialized with.
        cfg *Config

        // chanIDKey is a cryptographically random key that's used to generate
        // temporary channel ID's.
        chanIDKey [32]byte

        // chanIDNonce is a nonce that's incremented for each new funding
        // reservation created.
        chanIDNonce atomic.Uint64

        // nonceMtx is a mutex that guards the pendingMusigNonces.
        nonceMtx sync.RWMutex

        // pendingMusigNonces is used to store the musig2 nonce we generate to
        // send funding locked until we receive a funding locked message from
        // the remote party. We'll use this to keep track of the nonce we
        // generated, so we send the local+remote nonces to the peer state
        // machine.
        //
        // NOTE: This map is protected by the nonceMtx above.
        //
        // TODO(roasbeef): replace w/ generic concurrent map
        pendingMusigNonces map[lnwire.ChannelID]*musig2.Nonces

        // activeReservations is a map which houses the state of all pending
        // funding workflows.
        activeReservations map[serializedPubKey]pendingChannels

        // signedReservations is a utility map that maps the permanent channel
        // ID of a funding reservation to its temporary channel ID. This is
        // required as mid funding flow, we switch to referencing the channel
        // by its full channel ID once the commitment transactions have been
        // signed by both parties.
        signedReservations map[lnwire.ChannelID]PendingChanID

        // resMtx guards both of the maps above to ensure that all access is
        // goroutine safe.
        resMtx sync.RWMutex

        // fundingMsgs is a channel that relays fundingMsg structs from
        // external sub-systems using the ProcessFundingMsg call.
        fundingMsgs chan *fundingMsg

        // fundingRequests is a channel used to receive channel initiation
        // requests from a local subsystem within the daemon.
        fundingRequests chan *InitFundingMsg

        localDiscoverySignals *lnutils.SyncMap[lnwire.ChannelID, chan struct{}]

        handleChannelReadyBarriers *lnutils.SyncMap[lnwire.ChannelID, struct{}]

        quit chan struct{}
        wg   sync.WaitGroup
}

// channelOpeningState represents the different states a channel can be in
// between the funding transaction has been confirmed and the channel is
// announced to the network and ready to be used.
type channelOpeningState uint8

const (
        // markedOpen is the opening state of a channel if the funding
        // transaction is confirmed on-chain, but channelReady is not yet
        // successfully sent to the other peer.
        markedOpen channelOpeningState = iota

        // channelReadySent is the opening state of a channel if the
        // channelReady message has successfully been sent to the other peer,
        // but we still haven't announced the channel to the network.
        channelReadySent

        // addedToGraph is the opening state of a channel if the channel has
        // been successfully added to the graph immediately after the
        // channelReady message has been sent, but we still haven't announced
        // the channel to the network.
        addedToGraph
)

func (c channelOpeningState) String() string {
        switch c {
        case markedOpen:
                return "markedOpen"
        case channelReadySent:
                return "channelReadySent"
        case addedToGraph:
                return "addedToGraph"
        default:
                return "unknown"
        }
}

// NewFundingManager creates and initializes a new instance of the
// fundingManager.
func NewFundingManager(cfg Config) (*Manager, error) {
        return &Manager{
                cfg:       &cfg,
                chanIDKey: cfg.TempChanIDSeed,
                activeReservations: make(
                        map[serializedPubKey]pendingChannels,
                ),
                signedReservations: make(
                        map[lnwire.ChannelID][32]byte,
                ),
                fundingMsgs: make(
                        chan *fundingMsg, msgBufferSize,
                ),
                fundingRequests: make(
                        chan *InitFundingMsg, msgBufferSize,
                ),
                localDiscoverySignals: &lnutils.SyncMap[
                        lnwire.ChannelID, chan struct{},
                ]{},
                handleChannelReadyBarriers: &lnutils.SyncMap[
                        lnwire.ChannelID, struct{},
                ]{},
                pendingMusigNonces: make(
                        map[lnwire.ChannelID]*musig2.Nonces,
                ),
                quit: make(chan struct{}),
        }, nil
}

// Start launches all helper goroutines required for handling requests sent
// to the funding manager.
func (f *Manager) Start() error {
        var err error
        f.started.Do(func() {
                log.Info("Funding manager starting")
                err = f.start()
        })
        return err
}

func (f *Manager) start() error {
        // Upon restart, the Funding Manager will check the database to load any
        // channels that were  waiting for their funding transactions to be
        // confirmed on the blockchain at the time when the daemon last went
        // down.
        // TODO(roasbeef): store height that funding finished?
        //  * would then replace call below
        allChannels, err := f.cfg.ChannelDB.FetchAllChannels()
        if err != nil {
                return err
        }

        for _, channel := range allChannels {
                chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)

                // For any channels that were in a pending state when the
                // daemon was last connected, the Funding Manager will
                // re-initialize the channel barriers, and republish the
                // funding transaction if we're the initiator.
                if channel.IsPending {
                        log.Tracef("Loading pending ChannelPoint(%v), "+
                                "creating chan barrier",
                                channel.FundingOutpoint)

                        f.localDiscoverySignals.Store(
                                chanID, make(chan struct{}),
                        )

                        // Rebroadcast the funding transaction for any pending
                        // channel that we initiated. No error will be returned
                        // if the transaction already has been broadcast.
                        chanType := channel.ChanType
                        if chanType.IsSingleFunder() &&
                                chanType.HasFundingTx() &&
                                channel.IsInitiator {

                                f.rebroadcastFundingTx(channel)
                        }
                } else if channel.ChanType.IsSingleFunder() &&
                        channel.ChanType.HasFundingTx() &&
                        channel.IsZeroConf() && channel.IsInitiator &&
                        !channel.ZeroConfConfirmed() {

                        // Rebroadcast the funding transaction for unconfirmed
                        // zero-conf channels if we have the funding tx and are
                        // also the initiator.
                        f.rebroadcastFundingTx(channel)
                }

                // We will restart the funding state machine for all channels,
                // which will wait for the channel's funding transaction to be
                // confirmed on the blockchain, and transmit the messages
                // necessary for the channel to be operational.
                f.wg.Add(1)
                go f.advanceFundingState(channel, chanID, nil)
        }

        f.wg.Add(1) // TODO(roasbeef): tune
        go f.reservationCoordinator()

        return nil
}

// Stop signals all helper goroutines to execute a graceful shutdown. This
// method will block until all goroutines have exited.
func (f *Manager) Stop() error {
        f.stopped.Do(func() {
                log.Info("Funding manager shutting down...")
                defer log.Debug("Funding manager shutdown complete")

                close(f.quit)
                f.wg.Wait()
        })

        return nil
}

// rebroadcastFundingTx publishes the funding tx on startup for each
// unconfirmed channel.
func (f *Manager) rebroadcastFundingTx(c *channeldb.OpenChannel) {
        var fundingTxBuf bytes.Buffer
        err := c.FundingTxn.Serialize(&fundingTxBuf)
        if err != nil {
                log.Errorf("Unable to serialize funding transaction %v: %v",
                        c.FundingTxn.TxHash(), err)

                // Clear the buffer of any bytes that were written before the
                // serialization error to prevent logging an incomplete
                // transaction.
                fundingTxBuf.Reset()
        } else {
                log.Debugf("Rebroadcasting funding tx for ChannelPoint(%v): "+
                        "%x", c.FundingOutpoint, fundingTxBuf.Bytes())
        }

        // Set a nil short channel ID at this stage because we do not know it
        // until our funding tx confirms.
        label := labels.MakeLabel(labels.LabelTypeChannelOpen, nil)

        err = f.cfg.PublishTransaction(c.FundingTxn, label)
        if err != nil {
                log.Errorf("Unable to rebroadcast funding tx %x for "+
                        "ChannelPoint(%v): %v", fundingTxBuf.Bytes(),
                        c.FundingOutpoint, err)
        }
}

// PendingChanID is a type that represents a pending channel ID. This might be
// selected by the caller, but if not, will be automatically selected.
type PendingChanID = [32]byte

// nextPendingChanID returns the next free pending channel ID to be used to
// identify a particular future channel funding workflow.
func (f *Manager) nextPendingChanID() PendingChanID {
        // Obtain a fresh nonce. We do this by encoding the incremented nonce.
        nextNonce := f.chanIDNonce.Add(1)

        var nonceBytes [8]byte
        binary.LittleEndian.PutUint64(nonceBytes[:], nextNonce)

        // We'll generate the next pending channelID by "encrypting" 32-bytes
        // of zeroes which'll extract 32 random bytes from our stream cipher.
        var (
                nextChanID PendingChanID
                zeroes     [32]byte
        )
        salsa20.XORKeyStream(
                nextChanID[:], zeroes[:], nonceBytes[:], &f.chanIDKey,
        )

        return nextChanID
}

// CancelPeerReservations cancels all active reservations associated with the
// passed node. This will ensure any outputs which have been pre committed,
// (and thus locked from coin selection), are properly freed.
func (f *Manager) CancelPeerReservations(nodePub [33]byte) {
        log.Debugf("Cancelling all reservations for peer %x", nodePub[:])

        f.resMtx.Lock()
        defer f.resMtx.Unlock()

        // We'll attempt to look up this node in the set of active
        // reservations.  If they don't have any, then there's no further work
        // to be done.
        nodeReservations, ok := f.activeReservations[nodePub]
        if !ok {
                log.Debugf("No active reservations for node: %x", nodePub[:])
                return
        }

        // If they do have any active reservations, then we'll cancel all of
        // them (which releases any locked UTXO's), and also delete it from the
        // reservation map.
        for pendingID, resCtx := range nodeReservations {
                if err := resCtx.reservation.Cancel(); err != nil {
                        log.Errorf("unable to cancel reservation for "+
                                "node=%x: %v", nodePub[:], err)
                }

                resCtx.err <- fmt.Errorf("peer disconnected")
                delete(nodeReservations, pendingID)
        }

        // Finally, we'll delete the node itself from the set of reservations.
        delete(f.activeReservations, nodePub)
}

// chanIdentifier wraps pending channel ID and channel ID into one struct so
// it's easier to identify a specific channel.
//
// TODO(yy): move to a different package to hide the private fields so direct
// access is disabled.
type chanIdentifier struct {
        // tempChanID is the pending channel ID created by the funder when
        // initializing the funding flow. For fundee, it's received from the
        // `open_channel` message.
        tempChanID lnwire.ChannelID

        // chanID is the channel ID created by the funder once the
        // `accept_channel` message is received. For fundee, it's received from
        // the `funding_created` message.
        chanID lnwire.ChannelID

        // chanIDSet is a boolean indicates whether the active channel ID is
        // set for this identifier. For zero conf channels, the `chanID` can be
        // all-zero, which is the same as the empty value of `ChannelID`. To
        // avoid the confusion, we use this boolean to explicitly signal
        // whether the `chanID` is set or not.
        chanIDSet bool
}

// newChanIdentifier creates a new chanIdentifier.
func newChanIdentifier(tempChanID lnwire.ChannelID) *chanIdentifier {
        return &chanIdentifier{
                tempChanID: tempChanID,
        }
}

// setChanID updates the `chanIdentifier` with the active channel ID.
func (c *chanIdentifier) setChanID(chanID lnwire.ChannelID) {
        c.chanID = chanID
        c.chanIDSet = true
}

// hasChanID returns true if the active channel ID has been set.
func (c *chanIdentifier) hasChanID() bool {
        return c.chanIDSet
}

// failFundingFlow will fail the active funding flow with the target peer,
// identified by its unique temporary channel ID. This method will send an
// error to the remote peer, and also remove the reservation from our set of
// pending reservations.
//
// TODO(roasbeef): if peer disconnects, and haven't yet broadcast funding
// transaction, then all reservations should be cleared.
func (f *Manager) failFundingFlow(peer lnpeer.Peer, cid *chanIdentifier,
        fundingErr error) {

        log.Debugf("Failing funding flow for pending_id=%v: %v",
                cid.tempChanID, fundingErr)

        // First, notify Brontide to remove the pending channel.
        //
        // NOTE: depending on where we fail the flow, we may not have the
        // active channel ID yet.
        if cid.hasChanID() {
                err := peer.RemovePendingChannel(cid.chanID)
                if err != nil {
                        log.Errorf("Unable to remove channel %v with peer %x: "+
                                "%v", cid,
                                peer.IdentityKey().SerializeCompressed(), err)
                }
        }

        ctx, err := f.cancelReservationCtx(
                peer.IdentityKey(), cid.tempChanID, false,
        )
        if err != nil {
                log.Errorf("unable to cancel reservation: %v", err)
        }

        // In case the case where the reservation existed, send the funding
        // error on the error channel.
        if ctx != nil {
                ctx.err <- fundingErr
        }

        // We only send the exact error if it is part of out whitelisted set of
        // errors (lnwire.FundingError or lnwallet.ReservationError).
        var msg lnwire.ErrorData
        switch e := fundingErr.(type) {
        // Let the actual error message be sent to the remote for the
        // whitelisted types.
        case lnwallet.ReservationError:
                msg = lnwire.ErrorData(e.Error())
        case lnwire.FundingError:
                msg = lnwire.ErrorData(e.Error())
        case chanacceptor.ChanAcceptError:
                msg = lnwire.ErrorData(e.Error())

        // For all other error types we just send a generic error.
        default:
                msg = lnwire.ErrorData("funding failed due to internal error")
        }

        errMsg := &lnwire.Error{
                ChanID: cid.tempChanID,
                Data:   msg,
        }

        log.Debugf("Sending funding error to peer (%x): %v",
                peer.IdentityKey().SerializeCompressed(), spew.Sdump(errMsg))
        if err := peer.SendMessage(false, errMsg); err != nil {
                log.Errorf("unable to send error message to peer %v", err)
        }
}

// sendWarning sends a new warning message to the target peer, targeting the
// specified cid with the passed funding error.
func (f *Manager) sendWarning(peer lnpeer.Peer, cid *chanIdentifier,
        fundingErr error) {

        msg := fundingErr.Error()

        errMsg := &lnwire.Warning{
                ChanID: cid.tempChanID,
                Data:   lnwire.WarningData(msg),
        }

        log.Debugf("Sending funding warning to peer (%x): %v",
                peer.IdentityKey().SerializeCompressed(),
                spew.Sdump(errMsg),
        )

        if err := peer.SendMessage(false, errMsg); err != nil {
                log.Errorf("unable to send error message to peer %v", err)
        }
}

// reservationCoordinator is the primary goroutine tasked with progressing the
// funding workflow between the wallet, and any outside peers or local callers.
//
// NOTE: This MUST be run as a goroutine.
func (f *Manager) reservationCoordinator() {
        defer f.wg.Done()

        zombieSweepTicker := time.NewTicker(f.cfg.ZombieSweeperInterval)
        defer zombieSweepTicker.Stop()

        for {
                select {
                case fmsg := <-f.fundingMsgs:
                        switch msg := fmsg.msg.(type) {
                        case *lnwire.OpenChannel:
                                f.fundeeProcessOpenChannel(fmsg.peer, msg)

                        case *lnwire.AcceptChannel:
                                f.funderProcessAcceptChannel(fmsg.peer, msg)

                        case *lnwire.FundingCreated:
                                f.fundeeProcessFundingCreated(fmsg.peer, msg)

                        case *lnwire.FundingSigned:
                                f.funderProcessFundingSigned(fmsg.peer, msg)

                        case *lnwire.ChannelReady:
                                f.wg.Add(1)
                                go f.handleChannelReady(fmsg.peer, msg)

                        case *lnwire.Warning:
                                f.handleWarningMsg(fmsg.peer, msg)

                        case *lnwire.Error:
                                f.handleErrorMsg(fmsg.peer, msg)
                        }
                case req := <-f.fundingRequests:
                        f.handleInitFundingMsg(req)

                case <-zombieSweepTicker.C:
                        f.pruneZombieReservations()

                case <-f.quit:
                        return
                }
        }
}

// advanceFundingState will advance the channel through the steps after the
// funding transaction is broadcasted, up until the point where the channel is
// ready for operation. This includes waiting for the funding transaction to
// confirm, sending channel_ready to the peer, adding the channel to the graph,
// and announcing the channel. The updateChan can be set non-nil to get
// OpenStatusUpdates.
//
// NOTE: This MUST be run as a goroutine.
func (f *Manager) advanceFundingState(channel *channeldb.OpenChannel,
        pendingChanID PendingChanID,
        updateChan chan<- *lnrpc.OpenStatusUpdate) {

        defer f.wg.Done()

        // If the channel is still pending we must wait for the funding
        // transaction to confirm.
        if channel.IsPending {
                err := f.advancePendingChannelState(channel, pendingChanID)
                if err != nil {
                        log.Errorf("Unable to advance pending state of "+
                                "ChannelPoint(%v): %v",
                                channel.FundingOutpoint, err)
                        return
                }
        }

        var chanOpts []lnwallet.ChannelOpt
        f.cfg.AuxLeafStore.WhenSome(func(s lnwallet.AuxLeafStore) {
                chanOpts = append(chanOpts, lnwallet.WithLeafStore(s))
        })
        f.cfg.AuxSigner.WhenSome(func(s lnwallet.AuxSigner) {
                chanOpts = append(chanOpts, lnwallet.WithAuxSigner(s))
        })
        f.cfg.AuxResolver.WhenSome(func(s lnwallet.AuxContractResolver) {
                chanOpts = append(chanOpts, lnwallet.WithAuxResolver(s))
        })

        // We create the state-machine object which wraps the database state.
        lnChannel, err := lnwallet.NewLightningChannel(
                nil, channel, nil, chanOpts...,
        )
        if err != nil {
                log.Errorf("Unable to create LightningChannel(%v): %v",
                        channel.FundingOutpoint, err)
                return
        }

        for {
                channelState, shortChanID, err := f.getChannelOpeningState(
                        &channel.FundingOutpoint,
                )
                if err == channeldb.ErrChannelNotFound {
                        // Channel not in fundingManager's opening database,
                        // meaning it was successfully announced to the
                        // network.
                        // TODO(halseth): could do graph consistency check
                        // here, and re-add the edge if missing.
                        log.Debugf("ChannelPoint(%v) with chan_id=%x not "+
                                "found in opening database, assuming already "+
                                "announced to the network",
                                channel.FundingOutpoint, pendingChanID)
                        return
                } else if err != nil {
                        log.Errorf("Unable to query database for "+
                                "channel opening state(%v): %v",
                                channel.FundingOutpoint, err)
                        return
                }

                // If we did find the channel in the opening state database, we
                // have seen the funding transaction being confirmed, but there
                // are still steps left of the setup procedure. We continue the
                // procedure where we left off.
                err = f.stateStep(
                        channel, lnChannel, shortChanID, pendingChanID,
                        channelState, updateChan,
                )
                if err != nil {
                        log.Errorf("Unable to advance state(%v): %v",
                                channel.FundingOutpoint, err)
                        return
                }
        }
}

// stateStep advances the confirmed channel one step in the funding state
// machine. This method is synchronous and the new channel opening state will
// have been written to the database when it successfully returns. The
// updateChan can be set non-nil to get OpenStatusUpdates.
func (f *Manager) stateStep(channel *channeldb.OpenChannel,
        lnChannel *lnwallet.LightningChannel,
        shortChanID *lnwire.ShortChannelID, pendingChanID PendingChanID,
        channelState channelOpeningState,
        updateChan chan<- *lnrpc.OpenStatusUpdate) error {

        chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)
        log.Debugf("Channel(%v) with ShortChanID %v has opening state %v",
                chanID, shortChanID, channelState)

        switch channelState {
        // The funding transaction was confirmed, but we did not successfully
        // send the channelReady message to the peer, so let's do that now.
        case markedOpen:
                err := f.sendChannelReady(channel, lnChannel)
                if err != nil {
                        return fmt.Errorf("failed sending channelReady: %w",
                                err)
                }

                // As the channelReady message is now sent to the peer, the
                // channel is moved to the next state of the state machine. It
                // will be moved to the last state (actually deleted from the
                // database) after the channel is finally announced.
                err = f.saveChannelOpeningState(
                        &channel.FundingOutpoint, channelReadySent,
                        shortChanID,
                )
                if err != nil {
                        return fmt.Errorf("error setting channel state to"+
                                " channelReadySent: %w", err)
                }

                log.Debugf("Channel(%v) with ShortChanID %v: successfully "+
                        "sent ChannelReady", chanID, shortChanID)

                return nil

        // channelReady was sent to peer, but the channel was not added to the
        // graph and the channel announcement was not sent.
        case channelReadySent:
                // We must wait until we've received the peer's channel_ready
                // before sending a channel_update according to BOLT#07.
                received, err := f.receivedChannelReady(
                        channel.IdentityPub, chanID,
                )
                if err != nil {
                        return fmt.Errorf("failed to check if channel_ready "+
                                "was received: %v", err)
                }

                if !received {
                        // We haven't received ChannelReady, so we'll continue
                        // to the next iteration of the loop after sleeping for
                        // checkPeerChannelReadyInterval.
                        select {
                        case <-time.After(checkPeerChannelReadyInterval):
                        case <-f.quit:
                                return ErrFundingManagerShuttingDown
                        }

                        return nil
                }

                return f.handleChannelReadyReceived(
                        channel, shortChanID, pendingChanID, updateChan,
                )

        // The channel was added to the Router's topology, but the channel
        // announcement was not sent.
        case addedToGraph:
                if channel.IsZeroConf() {
                        // If this is a zero-conf channel, then we will wait
                        // for it to be confirmed before announcing it to the
                        // greater network.
                        err := f.waitForZeroConfChannel(channel)
                        if err != nil {
                                return fmt.Errorf("failed waiting for zero "+
                                        "channel: %v", err)
                        }

                        // Update the local shortChanID variable such that
                        // annAfterSixConfs uses the confirmed SCID.
                        confirmedScid := channel.ZeroConfRealScid()
                        shortChanID = &confirmedScid
                }

                err := f.annAfterSixConfs(channel, shortChanID)
                if err != nil {
                        return fmt.Errorf("error sending channel "+
                                "announcement: %v", err)
                }

                // We delete the channel opening state from our internal
                // database as the opening process has succeeded. We can do
                // this because we assume the AuthenticatedGossiper queues the
                // announcement messages, and persists them in case of a daemon
                // shutdown.
                err = f.deleteChannelOpeningState(&channel.FundingOutpoint)
                if err != nil {
                        return fmt.Errorf("error deleting channel state: %w",
                                err)
                }

                // After the fee parameters have been stored in the
                // announcement we can delete them from the database. For
                // private channels we do not announce the channel policy to
                // the network but still need to delete them from the database.
                err = f.deleteInitialForwardingPolicy(chanID)
                if err != nil {
                        log.Infof("Could not delete initial policy for chanId "+
                                "%x", chanID)
                }

                log.Debugf("Channel(%v) with ShortChanID %v: successfully "+
                        "announced", chanID, shortChanID)

                return nil
        }

        return fmt.Errorf("undefined channelState: %v", channelState)
}

// advancePendingChannelState waits for a pending channel's funding tx to
// confirm, and marks it open in the database when that happens.
func (f *Manager) advancePendingChannelState(channel *channeldb.OpenChannel,
        pendingChanID PendingChanID) error {

        if channel.IsZeroConf() {
                // Persist the alias to the alias database.
                baseScid := channel.ShortChannelID
                err := f.cfg.AliasManager.AddLocalAlias(
                        baseScid, baseScid, true, false,
                )
                if err != nil {
                        return fmt.Errorf("error adding local alias to "+
                                "store: %v", err)
                }

                // We don't wait for zero-conf channels to be confirmed and
                // instead immediately proceed with the rest of the funding
                // flow. The channel opening state is stored under the alias
                // SCID.
                err = f.saveChannelOpeningState(
                        &channel.FundingOutpoint, markedOpen,
                        &channel.ShortChannelID,
                )
                if err != nil {
                        return fmt.Errorf("error setting zero-conf channel "+
                                "state to markedOpen: %v", err)
                }

                // The ShortChannelID is already set since it's an alias, but
                // we still need to mark the channel as no longer pending.
                err = channel.MarkAsOpen(channel.ShortChannelID)
                if err != nil {
                        return fmt.Errorf("error setting zero-conf channel's "+
                                "pending flag to false: %v", err)
                }

                // Inform the ChannelNotifier that the channel has transitioned
                // from pending open to open.
                f.cfg.NotifyOpenChannelEvent(channel.FundingOutpoint)

                // Find and close the discoverySignal for this channel such
                // that ChannelReady messages will be processed.
                chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)
                discoverySignal, ok := f.localDiscoverySignals.Load(chanID)
                if ok {
                        close(discoverySignal)
                }

                return nil
        }

        confChannel, err := f.waitForFundingWithTimeout(channel)
        if err == ErrConfirmationTimeout {
                return f.fundingTimeout(channel, pendingChanID)
        } else if err != nil {
                return fmt.Errorf("error waiting for funding "+
                        "confirmation for ChannelPoint(%v): %v",
                        channel.FundingOutpoint, err)
        }

        if blockchain.IsCoinBaseTx(confChannel.fundingTx) {
                // If it's a coinbase transaction, we need to wait for it to
                // mature. We wait out an additional MinAcceptDepth on top of
                // the coinbase maturity as an extra margin of safety.
                maturity := f.cfg.Wallet.Cfg.NetParams.CoinbaseMaturity
                numCoinbaseConfs := uint32(maturity)

                if channel.NumConfsRequired > maturity {
                        numCoinbaseConfs = uint32(channel.NumConfsRequired)
                }

                txid := &channel.FundingOutpoint.Hash
                fundingScript, err := makeFundingScript(channel)
                if err != nil {
                        log.Errorf("unable to create funding script for "+
                                "ChannelPoint(%v): %v",
                                channel.FundingOutpoint, err)

                        return err
                }

                confNtfn, err := f.cfg.Notifier.RegisterConfirmationsNtfn(
                        txid, fundingScript, numCoinbaseConfs,
                        channel.BroadcastHeight(),
                )
                if err != nil {
                        log.Errorf("Unable to register for confirmation of "+
                                "ChannelPoint(%v): %v",
                                channel.FundingOutpoint, err)

                        return err
                }

                select {
                case _, ok := <-confNtfn.Confirmed:
                        if !ok {
                                return fmt.Errorf("ChainNotifier shutting "+
                                        "down, can't complete funding flow "+
                                        "for ChannelPoint(%v)",
                                        channel.FundingOutpoint)
                        }

                case <-f.quit:
                        return ErrFundingManagerShuttingDown
                }
        }

        // Success, funding transaction was confirmed.
        chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)
        log.Debugf("ChannelID(%v) is now fully confirmed! "+
                "(shortChanID=%v)", chanID, confChannel.shortChanID)

        err = f.handleFundingConfirmation(channel, confChannel)
        if err != nil {
                return fmt.Errorf("unable to handle funding "+
                        "confirmation for ChannelPoint(%v): %v",
                        channel.FundingOutpoint, err)
        }

        return nil
}

// ProcessFundingMsg sends a message to the internal fundingManager goroutine,
// allowing it to handle the lnwire.Message.
func (f *Manager) ProcessFundingMsg(msg lnwire.Message, peer lnpeer.Peer) {
        select {
        case f.fundingMsgs <- &fundingMsg{msg, peer}:
        case <-f.quit:
                return
        }
}

// fundeeProcessOpenChannel creates an initial 'ChannelReservation' within the
// wallet, then responds to the source peer with an accept channel message
// progressing the funding workflow.
//
// TODO(roasbeef): add error chan to all, let channelManager handle
// error+propagate.
//
//nolint:funlen
func (f *Manager) fundeeProcessOpenChannel(peer lnpeer.Peer,
        msg *lnwire.OpenChannel) {

        // Check number of pending channels to be smaller than maximum allowed
        // number and send ErrorGeneric to remote peer if condition is
        // violated.
        peerPubKey := peer.IdentityKey()
        peerIDKey := newSerializedKey(peerPubKey)

        amt := msg.FundingAmount

        // We get all pending channels for this peer. This is the list of the
        // active reservations and the channels pending open in the database.
        f.resMtx.RLock()
        reservations := f.activeReservations[peerIDKey]

        // We don't count reservations that were created from a canned funding
        // shim. The user has registered the shim and therefore expects this
        // channel to arrive.
        numPending := 0
        for _, res := range reservations {
                if !res.reservation.IsCannedShim() {
                        numPending++
                }
        }
        f.resMtx.RUnlock()

        // Create the channel identifier.
        cid := newChanIdentifier(msg.PendingChannelID)

        // Also count the channels that are already pending. There we don't know
        // the underlying intent anymore, unfortunately.
        channels, err := f.cfg.ChannelDB.FetchOpenChannels(peerPubKey)
        if err != nil {
                f.failFundingFlow(peer, cid, err)
                return
        }

        for _, c := range channels {
                // Pending channels that have a non-zero thaw height were also
                // created through a canned funding shim. Those also don't
                // count towards the DoS protection limit.
                //
                // TODO(guggero): Properly store the funding type (wallet, shim,
                // PSBT) on the channel so we don't need to use the thaw height.
                if c.IsPending && c.ThawHeight == 0 {
                        numPending++
                }
        }

        // TODO(roasbeef): modify to only accept a _single_ pending channel per
        // block unless white listed
        if numPending >= f.cfg.MaxPendingChannels {
                f.failFundingFlow(peer, cid, lnwire.ErrMaxPendingChannels)

                return
        }

        // Ensure that the pendingChansLimit is respected.
        pendingChans, err := f.cfg.ChannelDB.FetchPendingChannels()
        if err != nil {
                f.failFundingFlow(peer, cid, err)
                return
        }

        if len(pendingChans) > pendingChansLimit {
                f.failFundingFlow(peer, cid, lnwire.ErrMaxPendingChannels)
                return
        }

        // We'll also reject any requests to create channels until we're fully
        // synced to the network as we won't be able to properly validate the
        // confirmation of the funding transaction.
        isSynced, _, err := f.cfg.Wallet.IsSynced()
        if err != nil || !isSynced {
                if err != nil {
                        log.Errorf("unable to query wallet: %v", err)
                }
                err := errors.New("Synchronizing blockchain")
                f.failFundingFlow(peer, cid, err)
                return
        }

        // Ensure that the remote party respects our maximum channel size.
        if amt > f.cfg.MaxChanSize {
                f.failFundingFlow(
                        peer, cid,
                        lnwallet.ErrChanTooLarge(amt, f.cfg.MaxChanSize),
                )
                return
        }

        // We'll, also ensure that the remote party isn't attempting to propose
        // a channel that's below our current min channel size.
        if amt < f.cfg.MinChanSize {
                f.failFundingFlow(
                        peer, cid,
                        lnwallet.ErrChanTooSmall(amt, f.cfg.MinChanSize),
                )
                return
        }

        // If request specifies non-zero push amount and 'rejectpush' is set,
        // signal an error.
        if f.cfg.RejectPush && msg.PushAmount > 0 {
                f.failFundingFlow(peer, cid, lnwallet.ErrNonZeroPushAmount())
                return
        }

        // Send the OpenChannel request to the ChannelAcceptor to determine
        // whether this node will accept the channel.
        chanReq := &chanacceptor.ChannelAcceptRequest{
                Node:        peer.IdentityKey(),
                OpenChanMsg: msg,
        }

        // Query our channel acceptor to determine whether we should reject
        // the channel.
        acceptorResp := f.cfg.OpenChannelPredicate.Accept(chanReq)
        if acceptorResp.RejectChannel() {
                f.failFundingFlow(peer, cid, acceptorResp.ChanAcceptError)
                return
        }

        log.Infof("Recv'd fundingRequest(amt=%v, push=%v, delay=%v, "+
                "pendingId=%x) from peer(%x)", amt, msg.PushAmount,
                msg.CsvDelay, msg.PendingChannelID,
                peer.IdentityKey().SerializeCompressed())

        // Attempt to initialize a reservation within the wallet. If the wallet
        // has insufficient resources to create the channel, then the
        // reservation attempt may be rejected. Note that since we're on the
        // responding side of a single funder workflow, we don't commit any
        // funds to the channel ourselves.
        //
        // Before we init the channel, we'll also check to see what commitment
        // format we can use with this peer. This is dependent on *both* us and
        // the remote peer are signaling the proper feature bit if we're using
        // implicit negotiation, and simply the channel type sent over if we're
        // using explicit negotiation.
        chanType, commitType, err := negotiateCommitmentType(
                msg.ChannelType, peer.LocalFeatures(), peer.RemoteFeatures(),
        )
        if err != nil {
                // TODO(roasbeef): should be using soft errors
                log.Errorf("channel type negotiation failed: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        var scidFeatureVal bool
        if hasFeatures(
                peer.LocalFeatures(), peer.RemoteFeatures(),
                lnwire.ScidAliasOptional,
        ) {

                scidFeatureVal = true
        }

        var (
                zeroConf bool
                scid     bool
        )

        // Only echo back a channel type in AcceptChannel if we actually used
        // explicit negotiation above.
        if chanType != nil {
                // Check if the channel type includes the zero-conf or
                // scid-alias bits.
                featureVec := lnwire.RawFeatureVector(*chanType)
                zeroConf = featureVec.IsSet(lnwire.ZeroConfRequired)
                scid = featureVec.IsSet(lnwire.ScidAliasRequired)

                // If the zero-conf channel type was negotiated, ensure that
                // the acceptor allows it.
                if zeroConf && !acceptorResp.ZeroConf {
                        // Fail the funding flow.
                        flowErr := fmt.Errorf("channel acceptor blocked " +
                                "zero-conf channel negotiation")
                        log.Errorf("Cancelling funding flow for %v based on "+
                                "channel acceptor response: %v", cid, flowErr)
                        f.failFundingFlow(peer, cid, flowErr)
                        return
                }

                // If the zero-conf channel type wasn't negotiated and the
                // fundee still wants a zero-conf channel, perform more checks.
                // Require that both sides have the scid-alias feature bit set.
                // We don't require anchors here - this is for compatibility
                // with LDK.
                if !zeroConf && acceptorResp.ZeroConf {
                        if !scidFeatureVal {
                                // Fail the funding flow.
                                flowErr := fmt.Errorf("scid-alias feature " +
                                        "must be negotiated for zero-conf")
                                log.Errorf("Cancelling funding flow for "+
                                        "zero-conf channel %v: %v", cid,
                                        flowErr)
                                f.failFundingFlow(peer, cid, flowErr)
                                return
                        }

                        // Set zeroConf to true to enable the zero-conf flow.
                        zeroConf = true
                }
        }

        public := msg.ChannelFlags&lnwire.FFAnnounceChannel != 0
        switch {
        // Sending the option-scid-alias channel type for a public channel is
        // disallowed.
        case public && scid:
                err = fmt.Errorf("option-scid-alias chantype for public " +
                        "channel")
                log.Errorf("Cancelling funding flow for public channel %v "+
                        "with scid-alias: %v", cid, err)
                f.failFundingFlow(peer, cid, err)

                return

        // The current variant of taproot channels can only be used with
        // unadvertised channels for now.
        case commitType.IsTaproot() && public:
                err = fmt.Errorf("taproot channel type for public channel")
                log.Errorf("Cancelling funding flow for public taproot "+
                        "channel %v: %v", cid, err)
                f.failFundingFlow(peer, cid, err)

                return
        }

        // At this point, if we have an AuxFundingController active, we'll
        // check to see if we have a special tapscript root to use in our
        // MuSig funding output.
        tapscriptRoot, err := fn.MapOptionZ(
                f.cfg.AuxFundingController,
                func(c AuxFundingController) AuxTapscriptResult {
                        return c.DeriveTapscriptRoot(msg.PendingChannelID)
                },
        ).Unpack()
        if err != nil {
                err = fmt.Errorf("error deriving tapscript root: %w", err)
                log.Error(err)
                f.failFundingFlow(peer, cid, err)

                return
        }

        req := &lnwallet.InitFundingReserveMsg{
                ChainHash:        &msg.ChainHash,
                PendingChanID:    msg.PendingChannelID,
                NodeID:           peer.IdentityKey(),
                NodeAddr:         peer.Address(),
                LocalFundingAmt:  0,
                RemoteFundingAmt: amt,
                CommitFeePerKw:   chainfee.SatPerKWeight(msg.FeePerKiloWeight),
                FundingFeePerKw:  0,
                PushMSat:         msg.PushAmount,
                Flags:            msg.ChannelFlags,
                MinConfs:         1,
                CommitType:       commitType,
                ZeroConf:         zeroConf,
                OptionScidAlias:  scid,
                ScidAliasFeature: scidFeatureVal,
                TapscriptRoot:    tapscriptRoot,
        }

        reservation, err := f.cfg.Wallet.InitChannelReservation(req)
        if err != nil {
                log.Errorf("Unable to initialize reservation: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        log.Debugf("Initialized channel reservation: zeroConf=%v, psbt=%v, "+
                "cannedShim=%v", reservation.IsZeroConf(),
                reservation.IsPsbt(), reservation.IsCannedShim())

        if zeroConf {
                // Store an alias for zero-conf channels. Other option-scid
                // channels will do this at a later point.
                aliasScid, err := f.cfg.AliasManager.RequestAlias()
                if err != nil {
                        log.Errorf("Unable to request alias: %v", err)
                        f.failFundingFlow(peer, cid, err)
                        return
                }

                reservation.AddAlias(aliasScid)
        }

        // As we're the responder, we get to specify the number of confirmations
        // that we require before both of us consider the channel open. We'll
        // use our mapping to derive the proper number of confirmations based on
        // the amount of the channel, and also if any funds are being pushed to
        // us. If a depth value was set by our channel acceptor, we will use
        // that value instead.
        numConfsReq := f.cfg.NumRequiredConfs(msg.FundingAmount, msg.PushAmount)
        if acceptorResp.MinAcceptDepth != 0 {
                numConfsReq = acceptorResp.MinAcceptDepth
        }

        // We'll ignore the min_depth calculated above if this is a zero-conf
        // channel.
        if zeroConf {
                numConfsReq = 0
        }

        reservation.SetNumConfsRequired(numConfsReq)

        // We'll also validate and apply all the constraints the initiating
        // party is attempting to dictate for our commitment transaction.
        stateBounds := &channeldb.ChannelStateBounds{
                ChanReserve:      msg.ChannelReserve,
                MaxPendingAmount: msg.MaxValueInFlight,
                MinHTLC:          msg.HtlcMinimum,
                MaxAcceptedHtlcs: msg.MaxAcceptedHTLCs,
        }
        commitParams := &channeldb.CommitmentParams{
                DustLimit: msg.DustLimit,
                CsvDelay:  msg.CsvDelay,
        }
        err = reservation.CommitConstraints(
                stateBounds, commitParams, f.cfg.MaxLocalCSVDelay, true,
        )
        if err != nil {
                log.Errorf("Unacceptable channel constraints: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // Check whether the peer supports upfront shutdown, and get a new
        // wallet address if our node is configured to set shutdown addresses by
        // default. We use the upfront shutdown script provided by our channel
        // acceptor (if any) in lieu of user input.
        shutdown, err := getUpfrontShutdownScript(
                f.cfg.EnableUpfrontShutdown, peer, acceptorResp.UpfrontShutdown,
                f.selectShutdownScript,
        )
        if err != nil {
                f.failFundingFlow(
                        peer, cid,
                        fmt.Errorf("getUpfrontShutdownScript error: %w", err),
                )
                return
        }
        reservation.SetOurUpfrontShutdown(shutdown)

        // If a script enforced channel lease is being proposed, we'll need to
        // validate its custom TLV records.
        if commitType == lnwallet.CommitmentTypeScriptEnforcedLease {
                if msg.LeaseExpiry == nil {
                        err := errors.New("missing lease expiry")
                        f.failFundingFlow(peer, cid, err)
                        return
                }

                // If we had a shim registered for this channel prior to
                // receiving its corresponding OpenChannel message, then we'll
                // validate the proposed LeaseExpiry against what was registered
                // in our shim.
                if reservation.LeaseExpiry() != 0 {
                        if uint32(*msg.LeaseExpiry) !=
                                reservation.LeaseExpiry() {

                                err := errors.New("lease expiry mismatch")
                                f.failFundingFlow(peer, cid, err)
                                return
                        }
                }
        }

        log.Infof("Requiring %v confirmations for pendingChan(%x): "+
                "amt=%v, push_amt=%v, committype=%v, upfrontShutdown=%x",
                numConfsReq, msg.PendingChannelID, amt, msg.PushAmount,
                commitType, msg.UpfrontShutdownScript)

        // Generate our required constraints for the remote party, using the
        // values provided by the channel acceptor if they are non-zero.
        remoteCsvDelay := f.cfg.RequiredRemoteDelay(amt)
        if acceptorResp.CSVDelay != 0 {
                remoteCsvDelay = acceptorResp.CSVDelay
        }

        // If our default dust limit was above their ChannelReserve, we change
        // it to the ChannelReserve. We must make sure the ChannelReserve we
        // send in the AcceptChannel message is above both dust limits.
        // Therefore, take the maximum of msg.DustLimit and our dust limit.
        //
        // NOTE: Even with this bounding, the ChannelAcceptor may return an
        // BOLT#02-invalid ChannelReserve.
        maxDustLimit := reservation.OurContribution().DustLimit
        if msg.DustLimit > maxDustLimit {
                maxDustLimit = msg.DustLimit
        }

        chanReserve := f.cfg.RequiredRemoteChanReserve(amt, maxDustLimit)
        if acceptorResp.Reserve != 0 {
                chanReserve = acceptorResp.Reserve
        }

        remoteMaxValue := f.cfg.RequiredRemoteMaxValue(amt)
        if acceptorResp.InFlightTotal != 0 {
                remoteMaxValue = acceptorResp.InFlightTotal
        }

        maxHtlcs := f.cfg.RequiredRemoteMaxHTLCs(amt)
        if acceptorResp.HtlcLimit != 0 {
                maxHtlcs = acceptorResp.HtlcLimit
        }

        // Default to our default minimum hltc value, replacing it with the
        // channel acceptor's value if it is set.
        minHtlc := f.cfg.DefaultMinHtlcIn
        if acceptorResp.MinHtlcIn != 0 {
                minHtlc = acceptorResp.MinHtlcIn
        }

        // If we are handling a FundingOpen request then we need to specify the
        // default channel fees since they are not provided by the responder
        // interactively.
        ourContribution := reservation.OurContribution()
        forwardingPolicy := f.defaultForwardingPolicy(
                ourContribution.ChannelStateBounds,
        )

        // Once the reservation has been created successfully, we add it to
        // this peer's map of pending reservations to track this particular
        // reservation until either abort or completion.
        f.resMtx.Lock()
        if _, ok := f.activeReservations[peerIDKey]; !ok {
                f.activeReservations[peerIDKey] = make(pendingChannels)
        }
        resCtx := &reservationWithCtx{
                reservation:       reservation,
                chanAmt:           amt,
                forwardingPolicy:  *forwardingPolicy,
                remoteCsvDelay:    remoteCsvDelay,
                remoteMinHtlc:     minHtlc,
                remoteMaxValue:    remoteMaxValue,
                remoteMaxHtlcs:    maxHtlcs,
                remoteChanReserve: chanReserve,
                maxLocalCsv:       f.cfg.MaxLocalCSVDelay,
                channelType:       chanType,
                err:               make(chan error, 1),
                peer:              peer,
        }
        f.activeReservations[peerIDKey][msg.PendingChannelID] = resCtx
        f.resMtx.Unlock()

        // Update the timestamp once the fundingOpenMsg has been handled.
        defer resCtx.updateTimestamp()

        cfg := channeldb.ChannelConfig{
                ChannelStateBounds: channeldb.ChannelStateBounds{
                        MaxPendingAmount: remoteMaxValue,
                        ChanReserve:      chanReserve,
                        MinHTLC:          minHtlc,
                        MaxAcceptedHtlcs: maxHtlcs,
                },
                CommitmentParams: channeldb.CommitmentParams{
                        DustLimit: msg.DustLimit,
                        CsvDelay:  remoteCsvDelay,
                },
                MultiSigKey: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.FundingKey),
                },
                RevocationBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.RevocationPoint),
                },
                PaymentBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.PaymentPoint),
                },
                DelayBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.DelayedPaymentPoint),
                },
                HtlcBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.HtlcPoint),
                },
        }

        // With our parameters set, we'll now process their contribution so we
        // can move the funding workflow ahead.
        remoteContribution := &lnwallet.ChannelContribution{
                FundingAmount:        amt,
                FirstCommitmentPoint: msg.FirstCommitmentPoint,
                ChannelConfig:        &cfg,
                UpfrontShutdown:      msg.UpfrontShutdownScript,
        }

        if resCtx.reservation.IsTaproot() {
                localNonce, err := msg.LocalNonce.UnwrapOrErrV(errNoLocalNonce)
                if err != nil {
                        log.Error(errNoLocalNonce)

                        f.failFundingFlow(resCtx.peer, cid, errNoLocalNonce)

                        return
                }

                remoteContribution.LocalNonce = &musig2.Nonces{
                        PubNonce: localNonce,
                }
        }

        err = reservation.ProcessSingleContribution(remoteContribution)
        if err != nil {
                log.Errorf("unable to add contribution reservation: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        log.Infof("Sending fundingResp for pending_id(%x)",
                msg.PendingChannelID)
        bounds := remoteContribution.ChannelConfig.ChannelStateBounds
        log.Debugf("Remote party accepted channel state space bounds: %v",
                lnutils.SpewLogClosure(bounds))
        params := remoteContribution.ChannelConfig.CommitmentParams
        log.Debugf("Remote party accepted commitment rendering params: %v",
                lnutils.SpewLogClosure(params))

        reservation.SetState(lnwallet.SentAcceptChannel)

        // With the initiator's contribution recorded, respond with our
        // contribution in the next message of the workflow.
        fundingAccept := lnwire.AcceptChannel{
                PendingChannelID:      msg.PendingChannelID,
                DustLimit:             ourContribution.DustLimit,
                MaxValueInFlight:      remoteMaxValue,
                ChannelReserve:        chanReserve,
                MinAcceptDepth:        uint32(numConfsReq),
                HtlcMinimum:           minHtlc,
                CsvDelay:              remoteCsvDelay,
                MaxAcceptedHTLCs:      maxHtlcs,
                FundingKey:            ourContribution.MultiSigKey.PubKey,
                RevocationPoint:       ourContribution.RevocationBasePoint.PubKey,
                PaymentPoint:          ourContribution.PaymentBasePoint.PubKey,
                DelayedPaymentPoint:   ourContribution.DelayBasePoint.PubKey,
                HtlcPoint:             ourContribution.HtlcBasePoint.PubKey,
                FirstCommitmentPoint:  ourContribution.FirstCommitmentPoint,
                UpfrontShutdownScript: ourContribution.UpfrontShutdown,
                ChannelType:           chanType,
                LeaseExpiry:           msg.LeaseExpiry,
        }

        if commitType.IsTaproot() {
                fundingAccept.LocalNonce = lnwire.SomeMusig2Nonce(
                        ourContribution.LocalNonce.PubNonce,
                )
        }

        if err := peer.SendMessage(true, &fundingAccept); err != nil {
                log.Errorf("unable to send funding response to peer: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }
}

// funderProcessAcceptChannel processes a response to the workflow initiation
// sent by the remote peer. This message then queues a message with the funding
// outpoint, and a commitment signature to the remote peer.
//
//nolint:funlen
func (f *Manager) funderProcessAcceptChannel(peer lnpeer.Peer,
        msg *lnwire.AcceptChannel) {

        pendingChanID := msg.PendingChannelID
        peerKey := peer.IdentityKey()
        var peerKeyBytes []byte
        if peerKey != nil {
                peerKeyBytes = peerKey.SerializeCompressed()
        }

        resCtx, err := f.getReservationCtx(peerKey, pendingChanID)
        if err != nil {
                log.Warnf("Can't find reservation (peerKey:%x, chan_id:%v)",
                        peerKeyBytes, pendingChanID)
                return
        }

        // Update the timestamp once the fundingAcceptMsg has been handled.
        defer resCtx.updateTimestamp()

        if resCtx.reservation.State() != lnwallet.SentOpenChannel {
                return
        }

        log.Infof("Recv'd fundingResponse for pending_id(%x)",
                pendingChanID[:])

        // Create the channel identifier.
        cid := newChanIdentifier(msg.PendingChannelID)

        // Perform some basic validation of any custom TLV records included.
        //
        // TODO: Return errors as funding.Error to give context to remote peer?
        if resCtx.channelType != nil {
                // We'll want to quickly check that the ChannelType echoed by
                // the channel request recipient matches what we proposed.
                if msg.ChannelType == nil {
                        err := errors.New("explicit channel type not echoed " +
                                "back")
                        f.failFundingFlow(peer, cid, err)
                        return
                }
                proposedFeatures := lnwire.RawFeatureVector(*resCtx.channelType)
                ackedFeatures := lnwire.RawFeatureVector(*msg.ChannelType)
                if !proposedFeatures.Equals(&ackedFeatures) {
                        err := errors.New("channel type mismatch")
                        f.failFundingFlow(peer, cid, err)
                        return
                }

                // We'll want to do the same with the LeaseExpiry if one should
                // be set.
                if resCtx.reservation.LeaseExpiry() != 0 {
                        if msg.LeaseExpiry == nil {
                                err := errors.New("lease expiry not echoed " +
                                        "back")
                                f.failFundingFlow(peer, cid, err)
                                return
                        }
                        if uint32(*msg.LeaseExpiry) !=
                                resCtx.reservation.LeaseExpiry() {

                                err := errors.New("lease expiry mismatch")
                                f.failFundingFlow(peer, cid, err)
                                return
                        }
                }
        } else if msg.ChannelType != nil {
                // The spec isn't too clear about whether it's okay to set the
                // channel type in the accept_channel response if we didn't
                // explicitly set it in the open_channel message. For now, we
                // check that it's the same type we'd have arrived through
                // implicit negotiation. If it's another type, we fail the flow.
                _, implicitCommitType := implicitNegotiateCommitmentType(
                        peer.LocalFeatures(), peer.RemoteFeatures(),
                )

                _, negotiatedCommitType, err := negotiateCommitmentType(
                        msg.ChannelType, peer.LocalFeatures(),
                        peer.RemoteFeatures(),
                )
                if err != nil {
                        err := errors.New("received unexpected channel type")
                        f.failFundingFlow(peer, cid, err)
                        return
                }

                if implicitCommitType != negotiatedCommitType {
                        err := errors.New("negotiated unexpected channel type")
                        f.failFundingFlow(peer, cid, err)
                        return
                }
        }

        // The required number of confirmations should not be greater than the
        // maximum number of confirmations required by the ChainNotifier to
        // properly dispatch confirmations.
        if msg.MinAcceptDepth > chainntnfs.MaxNumConfs {
                err := lnwallet.ErrNumConfsTooLarge(
                        msg.MinAcceptDepth, chainntnfs.MaxNumConfs,
                )
                log.Warnf("Unacceptable channel constraints: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // Check that zero-conf channels have minimum depth set to 0.
        if resCtx.reservation.IsZeroConf() && msg.MinAcceptDepth != 0 {
                err = fmt.Errorf("zero-conf channel has min_depth non-zero")
                log.Warn(err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // If this is not a zero-conf channel but the peer responded with a
        // min-depth of zero, we will use our minimum of 1 instead.
        minDepth := msg.MinAcceptDepth
        if !resCtx.reservation.IsZeroConf() && minDepth == 0 {
                log.Infof("Responder to pending_id=%v sent a minimum "+
                        "confirmation depth of 0 for non-zero-conf channel. "+
                        "We will use a minimum depth of 1 instead.",
                        cid.tempChanID)

                minDepth = 1
        }

        // We'll also specify the responder's preference for the number of
        // required confirmations, and also the set of channel constraints
        // they've specified for commitment states we can create.
        resCtx.reservation.SetNumConfsRequired(uint16(minDepth))
        bounds := channeldb.ChannelStateBounds{
                ChanReserve:      msg.ChannelReserve,
                MaxPendingAmount: msg.MaxValueInFlight,
                MinHTLC:          msg.HtlcMinimum,
                MaxAcceptedHtlcs: msg.MaxAcceptedHTLCs,
        }
        commitParams := channeldb.CommitmentParams{
                DustLimit: msg.DustLimit,
                CsvDelay:  msg.CsvDelay,
        }
        err = resCtx.reservation.CommitConstraints(
                &bounds, &commitParams, resCtx.maxLocalCsv, false,
        )
        if err != nil {
                log.Warnf("Unacceptable channel constraints: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        cfg := channeldb.ChannelConfig{
                ChannelStateBounds: channeldb.ChannelStateBounds{
                        MaxPendingAmount: resCtx.remoteMaxValue,
                        ChanReserve:      resCtx.remoteChanReserve,
                        MinHTLC:          resCtx.remoteMinHtlc,
                        MaxAcceptedHtlcs: resCtx.remoteMaxHtlcs,
                },
                CommitmentParams: channeldb.CommitmentParams{
                        DustLimit: msg.DustLimit,
                        CsvDelay:  resCtx.remoteCsvDelay,
                },
                MultiSigKey: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.FundingKey),
                },
                RevocationBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.RevocationPoint),
                },
                PaymentBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.PaymentPoint),
                },
                DelayBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.DelayedPaymentPoint),
                },
                HtlcBasePoint: keychain.KeyDescriptor{
                        PubKey: copyPubKey(msg.HtlcPoint),
                },
        }

        // The remote node has responded with their portion of the channel
        // contribution. At this point, we can process their contribution which
        // allows us to construct and sign both the commitment transaction, and
        // the funding transaction.
        remoteContribution := &lnwallet.ChannelContribution{
                FirstCommitmentPoint: msg.FirstCommitmentPoint,
                ChannelConfig:        &cfg,
                UpfrontShutdown:      msg.UpfrontShutdownScript,
        }

        if resCtx.reservation.IsTaproot() {
                localNonce, err := msg.LocalNonce.UnwrapOrErrV(errNoLocalNonce)
                if err != nil {
                        log.Error(errNoLocalNonce)

                        f.failFundingFlow(resCtx.peer, cid, errNoLocalNonce)

                        return
                }

                remoteContribution.LocalNonce = &musig2.Nonces{
                        PubNonce: localNonce,
                }
        }

        err = resCtx.reservation.ProcessContribution(remoteContribution)

        // The wallet has detected that a PSBT funding process was requested by
        // the user and has halted the funding process after negotiating the
        // multisig keys. We now have everything that is needed for the user to
        // start constructing a PSBT that sends to the multisig funding address.
        var psbtIntent *chanfunding.PsbtIntent
        if psbtErr, ok := err.(*lnwallet.PsbtFundingRequired); ok {
                // Return the information that is needed by the user to
                // construct the PSBT back to the caller.
                addr, amt, packet, err := psbtErr.Intent.FundingParams()
                if err != nil {
                        log.Errorf("Unable to process PSBT funding params "+
                                "for contribution from %x: %v", peerKeyBytes,
                                err)
                        f.failFundingFlow(peer, cid, err)
                        return
                }
                var buf bytes.Buffer
                err = packet.Serialize(&buf)
                if err != nil {
                        log.Errorf("Unable to serialize PSBT for "+
                                "contribution from %x: %v", peerKeyBytes, err)
                        f.failFundingFlow(peer, cid, err)
                        return
                }
                resCtx.updates <- &lnrpc.OpenStatusUpdate{
                        PendingChanId: pendingChanID[:],
                        Update: &lnrpc.OpenStatusUpdate_PsbtFund{
                                PsbtFund: &lnrpc.ReadyForPsbtFunding{
                                        FundingAddress: addr.EncodeAddress(),
                                        FundingAmount:  amt,
                                        Psbt:           buf.Bytes(),
                                },
                        },
                }
                psbtIntent = psbtErr.Intent
        } else if err != nil {
                log.Errorf("Unable to process contribution from %x: %v",
                        peerKeyBytes, err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        log.Infof("pendingChan(%x): remote party proposes num_confs=%v, "+
                "csv_delay=%v", pendingChanID[:], msg.MinAcceptDepth,
                msg.CsvDelay)
        bounds = remoteContribution.ChannelConfig.ChannelStateBounds
        log.Debugf("Remote party accepted channel state space bounds: %v",
                lnutils.SpewLogClosure(bounds))
        commitParams = remoteContribution.ChannelConfig.CommitmentParams
        log.Debugf("Remote party accepted commitment rendering params: %v",
                lnutils.SpewLogClosure(commitParams))

        // If the user requested funding through a PSBT, we cannot directly
        // continue now and need to wait for the fully funded and signed PSBT
        // to arrive. To not block any other channels from opening, we wait in
        // a separate goroutine.
        if psbtIntent != nil {
                f.wg.Add(1)
                go func() {
                        defer f.wg.Done()

                        f.waitForPsbt(psbtIntent, resCtx, cid)
                }()

                // With the new goroutine spawned, we can now exit to unblock
                // the main event loop.
                return
        }

        // In a normal, non-PSBT funding flow, we can jump directly to the next
        // step where we expect our contribution to be finalized.
        f.continueFundingAccept(resCtx, cid)
}

// waitForPsbt blocks until either a signed PSBT arrives, an error occurs or
// the funding manager shuts down. In the case of a valid PSBT, the funding flow
// is continued.
//
// NOTE: This method must be called as a goroutine.
func (f *Manager) waitForPsbt(intent *chanfunding.PsbtIntent,
        resCtx *reservationWithCtx, cid *chanIdentifier) {

        // failFlow is a helper that logs an error message with the current
        // context and then fails the funding flow.
        peerKey := resCtx.peer.IdentityKey()
        failFlow := func(errMsg string, cause error) {
                log.Errorf("Unable to handle funding accept message "+
                        "for peer_key=%x, pending_chan_id=%x: %s: %v",
                        peerKey.SerializeCompressed(), cid.tempChanID, errMsg,
                        cause)
                f.failFundingFlow(resCtx.peer, cid, cause)
        }

        // We'll now wait until the intent has received the final and complete
        // funding transaction. If the channel is closed without any error being
        // sent, we know everything's going as expected.
        select {
        case err := <-intent.PsbtReady:
                switch err {
                // If the user canceled the funding reservation, we need to
                // inform the other peer about us canceling the reservation.
                case chanfunding.ErrUserCanceled:
                        failFlow("aborting PSBT flow", err)
                        return

                // If the remote canceled the funding reservation, we don't need
                // to send another fail message. But we want to inform the user
                // about what happened.
                case chanfunding.ErrRemoteCanceled:
                        log.Infof("Remote canceled, aborting PSBT flow "+
                                "for peer_key=%x, pending_chan_id=%x",
                                peerKey.SerializeCompressed(), cid.tempChanID)
                        return

                // Nil error means the flow continues normally now.
                case nil:

                // For any other error, we'll fail the funding flow.
                default:
                        failFlow("error waiting for PSBT flow", err)
                        return
                }

                // At this point, we'll see if there's an AuxFundingDesc we
                // need to deliver so the funding process can continue
                // properly.
                auxFundingDesc, err := fn.MapOptionZ(
                        f.cfg.AuxFundingController,
                        func(c AuxFundingController) AuxFundingDescResult {
                                return c.DescFromPendingChanID(
                                        cid.tempChanID,
                                        lnwallet.NewAuxChanState(
                                                resCtx.reservation.ChanState(),
                                        ),
                                        resCtx.reservation.CommitmentKeyRings(),
                                        true,
                                )
                        },
                ).Unpack()
                if err != nil {
                        failFlow("error continuing PSBT flow", err)
                        return
                }

                // A non-nil error means we can continue the funding flow.
                // Notify the wallet so it can prepare everything we need to
                // continue.
                //
                // We'll also pass along the aux funding controller as well,
                // which may be used to help process the finalized PSBT.
                err = resCtx.reservation.ProcessPsbt(auxFundingDesc)
                if err != nil {
                        failFlow("error continuing PSBT flow", err)
                        return
                }

                // We are now ready to continue the funding flow.
                f.continueFundingAccept(resCtx, cid)

        // Handle a server shutdown as well because the reservation won't
        // survive a restart as it's in memory only.
        case <-f.quit:
                log.Errorf("Unable to handle funding accept message "+
                        "for peer_key=%x, pending_chan_id=%x: funding manager "+
                        "shutting down", peerKey.SerializeCompressed(),
                        cid.tempChanID)
                return
        }
}

// continueFundingAccept continues the channel funding flow once our
// contribution is finalized, the channel output is known and the funding
// transaction is signed.
func (f *Manager) continueFundingAccept(resCtx *reservationWithCtx,
        cid *chanIdentifier) {

        // Now that we have their contribution, we can extract, then send over
        // both the funding out point and our signature for their version of
        // the commitment transaction to the remote peer.
        outPoint := resCtx.reservation.FundingOutpoint()
        _, sig := resCtx.reservation.OurSignatures()

        // A new channel has almost finished the funding process. In order to
        // properly synchronize with the writeHandler goroutine, we add a new
        // channel to the barriers map which will be closed once the channel is
        // fully open.
        channelID := lnwire.NewChanIDFromOutPoint(*outPoint)
        log.Debugf("Creating chan barrier for ChanID(%v)", channelID)

        // The next message that advances the funding flow will reference the
        // channel via its permanent channel ID, so we'll set up this mapping
        // so we can retrieve the reservation context once we get the
        // FundingSigned message.
        f.resMtx.Lock()
        f.signedReservations[channelID] = cid.tempChanID
        f.resMtx.Unlock()

        log.Infof("Generated ChannelPoint(%v) for pending_id(%x)", outPoint,
                cid.tempChanID[:])

        // Before sending FundingCreated sent, we notify Brontide to keep track
        // of this pending open channel.
        err := resCtx.peer.AddPendingChannel(channelID, f.quit)
        if err != nil {
                pubKey := resCtx.peer.IdentityKey().SerializeCompressed()
                log.Errorf("Unable to add pending channel %v with peer %x: %v",
                        channelID, pubKey, err)
        }

        // Once Brontide is aware of this channel, we need to set it in
        // chanIdentifier so this channel will be removed from Brontide if the
        // funding flow fails.
        cid.setChanID(channelID)

        // Send the FundingCreated msg.
        fundingCreated := &lnwire.FundingCreated{
                PendingChannelID: cid.tempChanID,
                FundingPoint:     *outPoint,
        }

        // If this is a taproot channel, then we'll need to populate the musig2
        // partial sig field instead of the regular commit sig field.
        if resCtx.reservation.IsTaproot() {
                partialSig, ok := sig.(*lnwallet.MusigPartialSig)
                if !ok {
                        err := fmt.Errorf("expected musig partial sig, got %T",
                                sig)
                        log.Error(err)
                        f.failFundingFlow(resCtx.peer, cid, err)

                        return
                }

                fundingCreated.PartialSig = lnwire.MaybePartialSigWithNonce(
                        partialSig.ToWireSig(),
                )
        } else {
                fundingCreated.CommitSig, err = lnwire.NewSigFromSignature(sig)
                if err != nil {
                        log.Errorf("Unable to parse signature: %v", err)
                        f.failFundingFlow(resCtx.peer, cid, err)
                        return
                }
        }

        resCtx.reservation.SetState(lnwallet.SentFundingCreated)

        if err := resCtx.peer.SendMessage(true, fundingCreated); err != nil {
                log.Errorf("Unable to send funding complete message: %v", err)
                f.failFundingFlow(resCtx.peer, cid, err)
                return
        }
}

// fundeeProcessFundingCreated progresses the funding workflow when the daemon
// is on the responding side of a single funder workflow. Once this message has
// been processed, a signature is sent to the remote peer allowing it to
// broadcast the funding transaction, progressing the workflow into the final
// stage.
//
//nolint:funlen
func (f *Manager) fundeeProcessFundingCreated(peer lnpeer.Peer,
        msg *lnwire.FundingCreated) {

        peerKey := peer.IdentityKey()
        pendingChanID := msg.PendingChannelID

        resCtx, err := f.getReservationCtx(peerKey, pendingChanID)
        if err != nil {
                log.Warnf("can't find reservation (peer_id:%v, chan_id:%x)",
                        peerKey, pendingChanID[:])
                return
        }

        // The channel initiator has responded with the funding outpoint of the
        // final funding transaction, as well as a signature for our version of
        // the commitment transaction. So at this point, we can validate the
        // initiator's commitment transaction, then send our own if it's valid.
        fundingOut := msg.FundingPoint
        log.Infof("completing pending_id(%x) with ChannelPoint(%v)",
                pendingChanID[:], fundingOut)

        if resCtx.reservation.State() != lnwallet.SentAcceptChannel {
                return
        }

        // Create the channel identifier without setting the active channel ID.
        cid := newChanIdentifier(pendingChanID)

        // For taproot channels, the commit signature is actually the partial
        // signature. Otherwise, we can convert the ECDSA commit signature into
        // our internal input.Signature type.
        var commitSig input.Signature
        if resCtx.reservation.IsTaproot() {
                partialSig, err := msg.PartialSig.UnwrapOrErrV(errNoPartialSig)
                if err != nil {
                        f.failFundingFlow(peer, cid, err)

                        return
                }

                commitSig = new(lnwallet.MusigPartialSig).FromWireSig(
                        &partialSig,
                )
        } else {
                commitSig, err = msg.CommitSig.ToSignature()
                if err != nil {
                        log.Errorf("unable to parse signature: %v", err)
                        f.failFundingFlow(peer, cid, err)
                        return
                }
        }

        // At this point, we'll see if there's an AuxFundingDesc we need to
        // deliver so the funding process can continue properly.
        auxFundingDesc, err := fn.MapOptionZ(
                f.cfg.AuxFundingController,
                func(c AuxFundingController) AuxFundingDescResult {
                        return c.DescFromPendingChanID(
                                cid.tempChanID, lnwallet.NewAuxChanState(
                                        resCtx.reservation.ChanState(),
                                ), resCtx.reservation.CommitmentKeyRings(),
                                true,
                        )
                },
        ).Unpack()
        if err != nil {
                log.Errorf("error continuing PSBT flow: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // With all the necessary data available, attempt to advance the
        // funding workflow to the next stage. If this succeeds then the
        // funding transaction will broadcast after our next message.
        // CompleteReservationSingle will also mark the channel as 'IsPending'
        // in the database.
        //
        // We'll also directly pass in the AuxFunding controller as well,
        // which may be used by the reservation system to finalize funding our
        // side.
        completeChan, err := resCtx.reservation.CompleteReservationSingle(
                &fundingOut, commitSig, auxFundingDesc,
        )
        if err != nil {
                log.Errorf("unable to complete single reservation: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // Get forwarding policy before deleting the reservation context.
        forwardingPolicy := resCtx.forwardingPolicy

        // The channel is marked IsPending in the database, and can be removed
        // from the set of active reservations.
        f.deleteReservationCtx(peerKey, cid.tempChanID)

        // If something goes wrong before the funding transaction is confirmed,
        // we use this convenience method to delete the pending OpenChannel
        // from the database.
        deleteFromDatabase := func() {
                localBalance := completeChan.LocalCommitment.LocalBalance.ToSatoshis()
                closeInfo := &channeldb.ChannelCloseSummary{
                        ChanPoint:               completeChan.FundingOutpoint,
                        ChainHash:               completeChan.ChainHash,
                        RemotePub:               completeChan.IdentityPub,
                        CloseType:               channeldb.FundingCanceled,
                        Capacity:                completeChan.Capacity,
                        SettledBalance:          localBalance,
                        RemoteCurrentRevocation: completeChan.RemoteCurrentRevocation,
                        RemoteNextRevocation:    completeChan.RemoteNextRevocation,
                        LocalChanConfig:         completeChan.LocalChanCfg,
                }

                // Close the channel with us as the initiator because we are
                // deciding to exit the funding flow due to an internal error.
                if err := completeChan.CloseChannel(
                        closeInfo, channeldb.ChanStatusLocalCloseInitiator,
                ); err != nil {
                        log.Errorf("Failed closing channel %v: %v",
                                completeChan.FundingOutpoint, err)
                }
        }

        // A new channel has almost finished the funding process. In order to
        // properly synchronize with the writeHandler goroutine, we add a new
        // channel to the barriers map which will be closed once the channel is
        // fully open.
        channelID := lnwire.NewChanIDFromOutPoint(fundingOut)
        log.Debugf("Creating chan barrier for ChanID(%v)", channelID)

        fundingSigned := &lnwire.FundingSigned{}

        // For taproot channels, we'll need to send over a partial signature
        // that includes the nonce along side the signature.
        _, sig := resCtx.reservation.OurSignatures()
        if resCtx.reservation.IsTaproot() {
                partialSig, ok := sig.(*lnwallet.MusigPartialSig)
                if !ok {
                        err := fmt.Errorf("expected musig partial sig, got %T",
                                sig)
                        log.Error(err)
                        f.failFundingFlow(resCtx.peer, cid, err)
                        deleteFromDatabase()

                        return
                }

                fundingSigned.PartialSig = lnwire.MaybePartialSigWithNonce(
                        partialSig.ToWireSig(),
                )
        } else {
                fundingSigned.CommitSig, err = lnwire.NewSigFromSignature(sig)
                if err != nil {
                        log.Errorf("unable to parse signature: %v", err)
                        f.failFundingFlow(peer, cid, err)
                        deleteFromDatabase()

                        return
                }
        }

        // Before sending FundingSigned, we notify Brontide first to keep track
        // of this pending open channel.
        if err := peer.AddPendingChannel(channelID, f.quit); err != nil {
                pubKey := peer.IdentityKey().SerializeCompressed()
                log.Errorf("Unable to add pending channel %v with peer %x: %v",
                        cid.chanID, pubKey, err)
        }

        // Once Brontide is aware of this channel, we need to set it in
        // chanIdentifier so this channel will be removed from Brontide if the
        // funding flow fails.
        cid.setChanID(channelID)

        fundingSigned.ChanID = cid.chanID

        log.Infof("sending FundingSigned for pending_id(%x) over "+
                "ChannelPoint(%v)", pendingChanID[:], fundingOut)

        // With their signature for our version of the commitment transaction
        // verified, we can now send over our signature to the remote peer.
        if err := peer.SendMessage(true, fundingSigned); err != nil {
                log.Errorf("unable to send FundingSigned message: %v", err)
                f.failFundingFlow(peer, cid, err)
                deleteFromDatabase()
                return
        }

        // With a permanent channel id established we can save the respective
        // forwarding policy in the database. In the channel announcement phase
        // this forwarding policy is retrieved and applied.
        err = f.saveInitialForwardingPolicy(cid.chanID, &forwardingPolicy)
        if err != nil {
                log.Errorf("Unable to store the forwarding policy: %v", err)
        }

        // Now that we've sent over our final signature for this channel, we'll
        // send it to the ChainArbitrator so it can watch for any on-chain
        // actions during this final confirmation stage.
        if err := f.cfg.WatchNewChannel(completeChan, peerKey); err != nil {
                log.Errorf("Unable to send new ChannelPoint(%v) for "+
                        "arbitration: %v", fundingOut, err)
        }

        // Create an entry in the local discovery map so we can ensure that we
        // process the channel confirmation fully before we receive a
        // channel_ready message.
        f.localDiscoverySignals.Store(cid.chanID, make(chan struct{}))

        // Inform the ChannelNotifier that the channel has entered
        // pending open state.
        f.cfg.NotifyPendingOpenChannelEvent(fundingOut, completeChan)

        // At this point we have sent our last funding message to the
        // initiating peer before the funding transaction will be broadcast.
        // With this last message, our job as the responder is now complete.
        // We'll wait for the funding transaction to reach the specified number
        // of confirmations, then start normal operations.
        //
        // When we get to this point we have sent the signComplete message to
        // the channel funder, and BOLT#2 specifies that we MUST remember the
        // channel for reconnection. The channel is already marked
        // as pending in the database, so in case of a disconnect or restart,
        // we will continue waiting for the confirmation the next time we start
        // the funding manager. In case the funding transaction never appears
        // on the blockchain, we must forget this channel. We therefore
        // completely forget about this channel if we haven't seen the funding
        // transaction in 288 blocks (~ 48 hrs), by canceling the reservation
        // and canceling the wait for the funding confirmation.
        f.wg.Add(1)
        go f.advanceFundingState(completeChan, pendingChanID, nil)
}

// funderProcessFundingSigned processes the final message received in a single
// funder workflow. Once this message is processed, the funding transaction is
// broadcast. Once the funding transaction reaches a sufficient number of
// confirmations, a message is sent to the responding peer along with a compact
// encoding of the location of the channel within the blockchain.
func (f *Manager) funderProcessFundingSigned(peer lnpeer.Peer,
        msg *lnwire.FundingSigned) {

        // As the funding signed message will reference the reservation by its
        // permanent channel ID, we'll need to perform an intermediate look up
        // before we can obtain the reservation.
        f.resMtx.Lock()
        pendingChanID, ok := f.signedReservations[msg.ChanID]
        delete(f.signedReservations, msg.ChanID)
        f.resMtx.Unlock()

        // Create the channel identifier and set the channel ID.
        //
        // NOTE: we may get an empty pending channel ID here if the key cannot
        // be found, which means when we cancel the reservation context in
        // `failFundingFlow`, we will get an error. In this case, we will send
        // an error msg to our peer using the active channel ID.
        //
        // TODO(yy): refactor the funding flow to fix this case.
        cid := newChanIdentifier(pendingChanID)
        cid.setChanID(msg.ChanID)

        // If the pending channel ID is not found, fail the funding flow.
        if !ok {
                // NOTE: we directly overwrite the pending channel ID here for
                // this rare case since we don't have a valid pending channel
                // ID.
                cid.tempChanID = msg.ChanID

                err := fmt.Errorf("unable to find signed reservation for "+
                        "chan_id=%x", msg.ChanID)
                log.Warnf(err.Error())
                f.failFundingFlow(peer, cid, err)
                return
        }

        peerKey := peer.IdentityKey()
        resCtx, err := f.getReservationCtx(peerKey, pendingChanID)
        if err != nil {
                log.Warnf("Unable to find reservation (peer_id:%v, "+
                        "chan_id:%x)", peerKey, pendingChanID[:])
                // TODO: add ErrChanNotFound?
                f.failFundingFlow(peer, cid, err)
                return
        }

        if resCtx.reservation.State() != lnwallet.SentFundingCreated {
                err := fmt.Errorf("unable to find reservation for chan_id=%x",
                        msg.ChanID)
                f.failFundingFlow(peer, cid, err)

                return
        }

        // Create an entry in the local discovery map so we can ensure that we
        // process the channel confirmation fully before we receive a
        // channel_ready message.
        fundingPoint := resCtx.reservation.FundingOutpoint()
        permChanID := lnwire.NewChanIDFromOutPoint(*fundingPoint)
        f.localDiscoverySignals.Store(permChanID, make(chan struct{}))

        // We have to store the forwardingPolicy before the reservation context
        // is deleted. The policy will then be read and applied in
        // newChanAnnouncement.
        err = f.saveInitialForwardingPolicy(
                permChanID, &resCtx.forwardingPolicy,
        )
        if err != nil {
                log.Errorf("Unable to store the forwarding policy: %v", err)
        }

        // For taproot channels, the commit signature is actually the partial
        // signature. Otherwise, we can convert the ECDSA commit signature into
        // our internal input.Signature type.
        var commitSig input.Signature
        if resCtx.reservation.IsTaproot() {
                partialSig, err := msg.PartialSig.UnwrapOrErrV(errNoPartialSig)
                if err != nil {
                        f.failFundingFlow(peer, cid, err)

                        return
                }

                commitSig = new(lnwallet.MusigPartialSig).FromWireSig(
                        &partialSig,
                )
        } else {
                commitSig, err = msg.CommitSig.ToSignature()
                if err != nil {
                        log.Errorf("unable to parse signature: %v", err)
                        f.failFundingFlow(peer, cid, err)
                        return
                }
        }

        completeChan, err := resCtx.reservation.CompleteReservation(
                nil, commitSig,
        )
        if err != nil {
                log.Errorf("Unable to complete reservation sign "+
                        "complete: %v", err)
                f.failFundingFlow(peer, cid, err)
                return
        }

        // The channel is now marked IsPending in the database, and we can
        // delete it from our set of active reservations.
        f.deleteReservationCtx(peerKey, pendingChanID)

        // Broadcast the finalized funding transaction to the network, but only
        // if we actually have the funding transaction.
        if completeChan.ChanType.HasFundingTx() {
                fundingTx := completeChan.FundingTxn
                var fundingTxBuf bytes.Buffer
                if err := fundingTx.Serialize(&fundingTxBuf); err != nil {
                        log.Errorf("Unable to serialize funding "+
                                "transaction %v: %v", fundingTx.TxHash(), err)

                        // Clear the buffer of any bytes that were written
                        // before the serialization error to prevent logging an
                        // incomplete transaction.
                        fundingTxBuf.Reset()
                }

                log.Infof("Broadcasting funding tx for ChannelPoint(%v): %x",
                        completeChan.FundingOutpoint, fundingTxBuf.Bytes())

                // Set a nil short channel ID at this stage because we do not
                // know it until our funding tx confirms.
                label := labels.MakeLabel(
                        labels.LabelTypeChannelOpen, nil,
                )

                err = f.cfg.PublishTransaction(fundingTx, label)
                if err != nil {
                        log.Errorf("Unable to broadcast funding tx %x for "+
                                "ChannelPoint(%v): %v", fundingTxBuf.Bytes(),
                                completeChan.FundingOutpoint, err)

                        // We failed to broadcast the funding transaction, but
                        // watch the channel regardless, in case the
                        // transaction made it to the network. We will retry
                        // broadcast at startup.
                        //
                        // TODO(halseth): retry more often? Handle with CPFP?
                        // Just delete from the DB?
                }
        }

        // Before we proceed, if we have a funding hook that wants a
        // notification that it's safe to broadcast the funding transaction,
        // then we'll send that now.
        err = fn.MapOptionZ(
                f.cfg.AuxFundingController,
                func(controller AuxFundingController) error {
                        return controller.ChannelFinalized(cid.tempChanID)
                },
        )
        if err != nil {
                log.Errorf("Failed to inform aux funding controller about "+
                        "ChannelPoint(%v) being finalized: %v", fundingPoint,
                        err)
        }

        // Now that we have a finalized reservation for this funding flow,
        // we'll send the to be active channel to the ChainArbitrator so it can
        // watch for any on-chain actions before the channel has fully
        // confirmed.
        if err := f.cfg.WatchNewChannel(completeChan, peerKey); err != nil {
                log.Errorf("Unable to send new ChannelPoint(%v) for "+
                        "arbitration: %v", fundingPoint, err)
        }

        log.Infof("Finalizing pending_id(%x) over ChannelPoint(%v), "+
                "waiting for channel open on-chain", pendingChanID[:],
                fundingPoint)

        // Send an update to the upstream client that the negotiation process
        // is over.
        upd := &lnrpc.OpenStatusUpdate{
                Update: &lnrpc.OpenStatusUpdate_ChanPending{
                        ChanPending: &lnrpc.PendingUpdate{
                                Txid:        fundingPoint.Hash[:],
                                OutputIndex: fundingPoint.Index,
                        },
                },
                PendingChanId: pendingChanID[:],
        }

        select {
        case resCtx.updates <- upd:
                // Inform the ChannelNotifier that the channel has entered
                // pending open state.
                f.cfg.NotifyPendingOpenChannelEvent(*fundingPoint, completeChan)
        case <-f.quit:
                return
        }

        // At this point we have broadcast the funding transaction and done all
        // necessary processing.
        f.wg.Add(1)
        go f.advanceFundingState(completeChan, pendingChanID, resCtx.updates)
}

// confirmedChannel wraps a confirmed funding transaction, as well as the short
// channel ID which identifies that channel into a single struct. We'll use
// this to pass around the final state of a channel after it has been
// confirmed.
type confirmedChannel struct {
        // shortChanID expresses where in the block the funding transaction was
        // located.
        shortChanID lnwire.ShortChannelID

        // fundingTx is the funding transaction that created the channel.
        fundingTx *wire.MsgTx
}

// fundingTimeout is called when callers of waitForFundingWithTimeout receive
// an ErrConfirmationTimeout. It is used to clean-up channel state and mark the
// channel as closed. The error is only returned for the responder of the
// channel flow.
func (f *Manager) fundingTimeout(c *channeldb.OpenChannel,
        pendingID PendingChanID) error {

        // We'll get a timeout if the number of blocks mined since the channel
        // was initiated reaches MaxWaitNumBlocksFundingConf and we are not the
        // channel initiator.
        localBalance := c.LocalCommitment.LocalBalance.ToSatoshis()
        closeInfo := &channeldb.ChannelCloseSummary{
                ChainHash:               c.ChainHash,
                ChanPoint:               c.FundingOutpoint,
                RemotePub:               c.IdentityPub,
                Capacity:                c.Capacity,
                SettledBalance:          localBalance,
                CloseType:               channeldb.FundingCanceled,
                RemoteCurrentRevocation: c.RemoteCurrentRevocation,
                RemoteNextRevocation:    c.RemoteNextRevocation,
                LocalChanConfig:         c.LocalChanCfg,
        }

        // Close the channel with us as the initiator because we are timing the
        // channel out.
        if err := c.CloseChannel(
                closeInfo, channeldb.ChanStatusLocalCloseInitiator,
        ); err != nil {
                return fmt.Errorf("failed closing channel %v: %w",
                        c.FundingOutpoint, err)
        }

        timeoutErr := fmt.Errorf("timeout waiting for funding tx (%v) to "+
                "confirm", c.FundingOutpoint)

        // When the peer comes online, we'll notify it that we are now
        // considering the channel flow canceled.
        f.wg.Add(1)
        go func() {
                defer f.wg.Done()

                peer, err := f.waitForPeerOnline(c.IdentityPub)
                switch err {
                // We're already shutting down, so we can just return.
                case ErrFundingManagerShuttingDown:
                        return

                // nil error means we continue on.
                case nil:

                // For unexpected errors, we print the error and still try to
                // fail the funding flow.
                default:
                        log.Errorf("Unexpected error while waiting for peer "+
                                "to come online: %v", err)
                }

                // Create channel identifier and set the channel ID.
                cid := newChanIdentifier(pendingID)
                cid.setChanID(lnwire.NewChanIDFromOutPoint(c.FundingOutpoint))

                // TODO(halseth): should this send be made
                // reliable?

                // The reservation won't exist at this point, but we'll send an
                // Error message over anyways with ChanID set to pendingID.
                f.failFundingFlow(peer, cid, timeoutErr)
        }()

        return timeoutErr
}

// waitForFundingWithTimeout is a wrapper around waitForFundingConfirmation and
// waitForTimeout that will return ErrConfirmationTimeout if we are not the
// channel initiator and the MaxWaitNumBlocksFundingConf has passed from the
// funding broadcast height. In case of confirmation, the short channel ID of
// the channel and the funding transaction will be returned.
func (f *Manager) waitForFundingWithTimeout(
        ch *channeldb.OpenChannel) (*confirmedChannel, error) {

        confChan := make(chan *confirmedChannel)
        timeoutChan := make(chan error, 1)
        cancelChan := make(chan struct{})

        f.wg.Add(1)
        go f.waitForFundingConfirmation(ch, cancelChan, confChan)

        // If we are not the initiator, we have no money at stake and will
        // timeout waiting for the funding transaction to confirm after a
        // while.
        if !ch.IsInitiator && !ch.IsZeroConf() {
                f.wg.Add(1)
                go f.waitForTimeout(ch, cancelChan, timeoutChan)
        }
        defer close(cancelChan)

        select {
        case err := <-timeoutChan:
                if err != nil {
                        return nil, err
                }
                return nil, ErrConfirmationTimeout

        case <-f.quit:
                // The fundingManager is shutting down, and will resume wait on
                // startup.
                return nil, ErrFundingManagerShuttingDown

        case confirmedChannel, ok := <-confChan:
                if !ok {
                        return nil, fmt.Errorf("waiting for funding" +
                                "confirmation failed")
                }
                return confirmedChannel, nil
        }
}

// makeFundingScript re-creates the funding script for the funding transaction
// of the target channel.
func makeFundingScript(channel *channeldb.OpenChannel) ([]byte, error) {
        localKey := channel.LocalChanCfg.MultiSigKey.PubKey
        remoteKey := channel.RemoteChanCfg.MultiSigKey.PubKey

        if channel.ChanType.IsTaproot() {
                pkScript, _, err := input.GenTaprootFundingScript(
                        localKey, remoteKey, int64(channel.Capacity),
                        channel.TapscriptRoot,
                )
                if err != nil {
                        return nil, err
                }

                return pkScript, nil
        }

        multiSigScript, err := input.GenMultiSigScript(
                localKey.SerializeCompressed(),
                remoteKey.SerializeCompressed(),
        )
        if err != nil {
                return nil, err
        }

        return input.WitnessScriptHash(multiSigScript)
}

// waitForFundingConfirmation handles the final stages of the channel funding
// process once the funding transaction has been broadcast. The primary
// function of waitForFundingConfirmation is to wait for blockchain
// confirmation, and then to notify the other systems that must be notified
// when a channel has become active for lightning transactions.
// The wait can be canceled by closing the cancelChan. In case of success,
// a *lnwire.ShortChannelID will be passed to confChan.
//
// NOTE: This MUST be run as a goroutine.
func (f *Manager) waitForFundingConfirmation(
        completeChan *channeldb.OpenChannel, cancelChan <-chan struct{},
        confChan chan<- *confirmedChannel) {

        defer f.wg.Done()
        defer close(confChan)

        // Register with the ChainNotifier for a notification once the funding
        // transaction reaches `numConfs` confirmations.
        txid := completeChan.FundingOutpoint.Hash
        fundingScript, err := makeFundingScript(completeChan)
        if err != nil {
                log.Errorf("unable to create funding script for "+
                        "ChannelPoint(%v): %v", completeChan.FundingOutpoint,
                        err)
                return
        }
        numConfs := uint32(completeChan.NumConfsRequired)

        // If the underlying channel is a zero-conf channel, we'll set numConfs
        // to 6, since it will be zero here.
        if completeChan.IsZeroConf() {
                numConfs = 6
        }

        confNtfn, err := f.cfg.Notifier.RegisterConfirmationsNtfn(
                &txid, fundingScript, numConfs,
                completeChan.BroadcastHeight(),
        )
        if err != nil {
                log.Errorf("Unable to register for confirmation of "+
                        "ChannelPoint(%v): %v", completeChan.FundingOutpoint,
                        err)
                return
        }

        log.Infof("Waiting for funding tx (%v) to reach %v confirmations",
                txid, numConfs)

        var confDetails *chainntnfs.TxConfirmation
        var ok bool

        // Wait until the specified number of confirmations has been reached,
        // we get a cancel signal, or the wallet signals a shutdown.
        select {
        case confDetails, ok = <-confNtfn.Confirmed:
                // fallthrough

        case <-cancelChan:
                log.Warnf("canceled waiting for funding confirmation, "+
                        "stopping funding flow for ChannelPoint(%v)",
                        completeChan.FundingOutpoint)
                return

        case <-f.quit:
                log.Warnf("fundingManager shutting down, stopping funding "+
                        "flow for ChannelPoint(%v)",
                        completeChan.FundingOutpoint)
                return
        }

        if !ok {
                log.Warnf("ChainNotifier shutting down, cannot complete "+
                        "funding flow for ChannelPoint(%v)",
                        completeChan.FundingOutpoint)
                return
        }

        fundingPoint := completeChan.FundingOutpoint
        log.Infof("ChannelPoint(%v) is now active: ChannelID(%v)",
                fundingPoint, lnwire.NewChanIDFromOutPoint(fundingPoint))

        // With the block height and the transaction index known, we can
        // construct the compact chanID which is used on the network to unique
        // identify channels.
        shortChanID := lnwire.ShortChannelID{
                BlockHeight: confDetails.BlockHeight,
                TxIndex:     confDetails.TxIndex,
                TxPosition:  uint16(fundingPoint.Index),
        }

        select {
        case confChan <- &confirmedChannel{
                shortChanID: shortChanID,
                fundingTx:   confDetails.Tx,
        }:
        case <-f.quit:
                return
        }
}

// waitForTimeout will close the timeout channel if MaxWaitNumBlocksFundingConf
// has passed from the broadcast height of the given channel. In case of error,
// the error is sent on timeoutChan. The wait can be canceled by closing the
// cancelChan.
//
// NOTE: timeoutChan MUST be buffered.
// NOTE: This MUST be run as a goroutine.
func (f *Manager) waitForTimeout(completeChan *channeldb.OpenChannel,
        cancelChan <-chan struct{}, timeoutChan chan<- error) {

        defer f.wg.Done()

        epochClient, err := f.cfg.Notifier.RegisterBlockEpochNtfn(nil)
        if err != nil {
                timeoutChan <- fmt.Errorf("unable to register for epoch "+
                        "notification: %v", err)
                return
        }

        defer epochClient.Cancel()

        // On block maxHeight we will cancel the funding confirmation wait.
        broadcastHeight := completeChan.BroadcastHeight()
        maxHeight := broadcastHeight + MaxWaitNumBlocksFundingConf
        for {
                select {
                case epoch, ok := <-epochClient.Epochs:
                        if !ok {
                                timeoutChan <- fmt.Errorf("epoch client " +
                                        "shutting down")
                                return
                        }

                        // Close the timeout channel and exit if the block is
                        // above the max height.
                        if uint32(epoch.Height) >= maxHeight {
                                log.Warnf("Waited for %v blocks without "+
                                        "seeing funding transaction confirmed,"+
                                        " cancelling.",
                                        MaxWaitNumBlocksFundingConf)

                                // Notify the caller of the timeout.
                                close(timeoutChan)
                                return
                        }

                        // TODO: If we are the channel initiator implement
                        // a method for recovering the funds from the funding
                        // transaction

                case <-cancelChan:
                        return

                case <-f.quit:
                        // The fundingManager is shutting down, will resume
                        // waiting for the funding transaction on startup.
                        return
                }
        }
}

// makeLabelForTx updates the label for the confirmed funding transaction. If
// we opened the channel, and lnd's wallet published our funding tx (which is
// not the case for some channels) then we update our transaction label with
// our short channel ID, which is known now that our funding transaction has
// confirmed. We do not label transactions we did not publish, because our
// wallet has no knowledge of them.
func (f *Manager) makeLabelForTx(c *channeldb.OpenChannel) {
        if c.IsInitiator && c.ChanType.HasFundingTx() {
                shortChanID := c.ShortChanID()

                // For zero-conf channels, we'll use the actually-confirmed
                // short channel id.
                if c.IsZeroConf() {
                        shortChanID = c.ZeroConfRealScid()
                }

                label := labels.MakeLabel(
                        labels.LabelTypeChannelOpen, &shortChanID,
                )

                err := f.cfg.UpdateLabel(c.FundingOutpoint.Hash, label)
                if err != nil {
                        log.Errorf("unable to update label: %v", err)
                }
        }
}

// handleFundingConfirmation marks a channel as open in the database, and set
// the channelOpeningState markedOpen. In addition it will report the now
// decided short channel ID to the switch, and close the local discovery signal
// for this channel.
func (f *Manager) handleFundingConfirmation(
        completeChan *channeldb.OpenChannel,
        confChannel *confirmedChannel) error {

        fundingPoint := completeChan.FundingOutpoint
        chanID := lnwire.NewChanIDFromOutPoint(fundingPoint)

        // TODO(roasbeef): ideally persistent state update for chan above
        // should be abstracted

        // Now that that the channel has been fully confirmed, we'll request
        // that the wallet fully verify this channel to ensure that it can be
        // used.
        err := f.cfg.Wallet.ValidateChannel(completeChan, confChannel.fundingTx)
        if err != nil {
                // TODO(roasbeef): delete chan state?
                return fmt.Errorf("unable to validate channel: %w", err)
        }

        // Now that the channel has been validated, we'll persist an alias for
        // this channel if the option-scid-alias feature-bit was negotiated.
        if completeChan.NegotiatedAliasFeature() {
                aliasScid, err := f.cfg.AliasManager.RequestAlias()
                if err != nil {
                        return fmt.Errorf("unable to request alias: %w", err)
                }

                err = f.cfg.AliasManager.AddLocalAlias(
                        aliasScid, confChannel.shortChanID, true, false,
                )
                if err != nil {
                        return fmt.Errorf("unable to request alias: %w", err)
                }
        }

        // The funding transaction now being confirmed, we add this channel to
        // the fundingManager's internal persistent state machine that we use
        // to track the remaining process of the channel opening. This is
        // useful to resume the opening process in case of restarts. We set the
        // opening state before we mark the channel opened in the database,
        // such that we can receover from one of the db writes failing.
        err = f.saveChannelOpeningState(
                &fundingPoint, markedOpen, &confChannel.shortChanID,
        )
        if err != nil {
                return fmt.Errorf("error setting channel state to "+
                        "markedOpen: %v", err)
        }

        // Now that the channel has been fully confirmed and we successfully
        // saved the opening state, we'll mark it as open within the database.
        err = completeChan.MarkAsOpen(confChannel.shortChanID)
        if err != nil {
                return fmt.Errorf("error setting channel pending flag to "+
                        "false:        %v", err)
        }

        // Update the confirmed funding transaction label.
        f.makeLabelForTx(completeChan)

        // Inform the ChannelNotifier that the channel has transitioned from
        // pending open to open.
        f.cfg.NotifyOpenChannelEvent(completeChan.FundingOutpoint)

        // Close the discoverySignal channel, indicating to a separate
        // goroutine that the channel now is marked as open in the database
        // and that it is acceptable to process channel_ready messages
        // from the peer.
        if discoverySignal, ok := f.localDiscoverySignals.Load(chanID); ok {
                close(discoverySignal)
        }

        return nil
}

// sendChannelReady creates and sends the channelReady message.
// This should be called after the funding transaction has been confirmed,
// and the channelState is 'markedOpen'.
func (f *Manager) sendChannelReady(completeChan *channeldb.OpenChannel,
        channel *lnwallet.LightningChannel) error {

        chanID := lnwire.NewChanIDFromOutPoint(completeChan.FundingOutpoint)

        var peerKey [33]byte
        copy(peerKey[:], completeChan.IdentityPub.SerializeCompressed())

        // Next, we'll send over the channel_ready message which marks that we
        // consider the channel open by presenting the remote party with our
        // next revocation key. Without the revocation key, the remote party
        // will be unable to propose state transitions.
        nextRevocation, err := channel.NextRevocationKey()
        if err != nil {
                return fmt.Errorf("unable to create next revocation: %w", err)
        }
        channelReadyMsg := lnwire.NewChannelReady(chanID, nextRevocation)

        // If this is a taproot channel, then we also need to send along our
        // set of musig2 nonces as well.
        if completeChan.ChanType.IsTaproot() {
                log.Infof("ChanID(%v): generating musig2 nonces...",
                        chanID)

                f.nonceMtx.Lock()
                localNonce, ok := f.pendingMusigNonces[chanID]
                if !ok {
                        // If we don't have any nonces generated yet for this
                        // first state, then we'll generate them now and stow
                        // them away.  When we receive the funding locked
                        // message, we'll then pass along this same set of
                        // nonces.
                        newNonce, err := channel.GenMusigNonces()
                        if err != nil {
                                f.nonceMtx.Unlock()
                                return err
                        }

                        // Now that we've generated the nonce for this channel,
                        // we'll store it in the set of pending nonces.
                        localNonce = newNonce
                        f.pendingMusigNonces[chanID] = localNonce
                }
                f.nonceMtx.Unlock()

                channelReadyMsg.NextLocalNonce = lnwire.SomeMusig2Nonce(
                        localNonce.PubNonce,
                )
        }

        // If the channel negotiated the option-scid-alias feature bit, we'll
        // send a TLV segment that includes an alias the peer can use in their
        // invoice hop hints. We'll send the first alias we find for the
        // channel since it does not matter which alias we send. We'll error
        // out in the odd case that no aliases are found.
        if completeChan.NegotiatedAliasFeature() {
                aliases := f.cfg.AliasManager.GetAliases(
                        completeChan.ShortChanID(),
                )
                if len(aliases) == 0 {
                        return fmt.Errorf("no aliases found")
                }

                // We can use a pointer to aliases since GetAliases returns a
                // copy of the alias slice.
                channelReadyMsg.AliasScid = &aliases[0]
        }

        // If the peer has disconnected before we reach this point, we will need
        // to wait for him to come back online before sending the channelReady
        // message. This is special for channelReady, since failing to send any
        // of the previous messages in the funding flow just cancels the flow.
        // But now the funding transaction is confirmed, the channel is open
        // and we have to make sure the peer gets the channelReady message when
        // it comes back online. This is also crucial during restart of lnd,
        // where we might try to resend the channelReady message before the
        // server has had the time to connect to the peer. We keep trying to
        // send channelReady until we succeed, or the fundingManager is shut
        // down.
        for {
                peer, err := f.waitForPeerOnline(completeChan.IdentityPub)
                if err != nil {
                        return err
                }

                localAlias := peer.LocalFeatures().HasFeature(
                        lnwire.ScidAliasOptional,
                )
                remoteAlias := peer.RemoteFeatures().HasFeature(
                        lnwire.ScidAliasOptional,
                )

                // We could also refresh the channel state instead of checking
                // whether the feature was negotiated, but this saves us a
                // database read.
                if channelReadyMsg.AliasScid == nil && localAlias &&
                        remoteAlias {

                        // If an alias was not assigned above and the scid
                        // alias feature was negotiated, check if we already
                        // have an alias stored in case handleChannelReady was
                        // called before this. If an alias exists, use that in
                        // channel_ready. Otherwise, request and store an
                        // alias and use that.
                        aliases := f.cfg.AliasManager.GetAliases(
                                completeChan.ShortChannelID,
                        )
                        if len(aliases) == 0 {
                                // No aliases were found.
                                alias, err := f.cfg.AliasManager.RequestAlias()
                                if err != nil {
                                        return err
                                }

                                err = f.cfg.AliasManager.AddLocalAlias(
                                        alias, completeChan.ShortChannelID,
                                        false, false,
                                )
                                if err != nil {
                                        return err
                                }

                                channelReadyMsg.AliasScid = &alias
                        } else {
                                channelReadyMsg.AliasScid = &aliases[0]
                        }
                }

                log.Infof("Peer(%x) is online, sending ChannelReady "+
                        "for ChannelID(%v)", peerKey, chanID)

                if err := peer.SendMessage(true, channelReadyMsg); err == nil {
                        // Sending succeeded, we can break out and continue the
                        // funding flow.
                        break
                }

                log.Warnf("Unable to send channelReady to peer %x: %v. "+
                        "Will retry when online", peerKey, err)
        }

        return nil
}

// receivedChannelReady checks whether or not we've received a ChannelReady
// from the remote peer. If we have, RemoteNextRevocation will be set.
func (f *Manager) receivedChannelReady(node *btcec.PublicKey,
        chanID lnwire.ChannelID) (bool, error) {

        // If the funding manager has exited, return an error to stop looping.
        // Note that the peer may appear as online while the funding manager
        // has stopped due to the shutdown order in the server.
        select {
        case <-f.quit:
                return false, ErrFundingManagerShuttingDown
        default:
        }

        // Avoid a tight loop if peer is offline.
        if _, err := f.waitForPeerOnline(node); err != nil {
                log.Errorf("Wait for peer online failed: %v", err)
                return false, err
        }

        // If we cannot find the channel, then we haven't processed the
        // remote's channelReady message.
        channel, err := f.cfg.FindChannel(node, chanID)
        if err != nil {
                log.Errorf("Unable to locate ChannelID(%v) to determine if "+
                        "ChannelReady was received", chanID)
                return false, err
        }

        // If we haven't insert the next revocation point, we haven't finished
        // processing the channel ready message.
        if channel.RemoteNextRevocation == nil {
                return false, nil
        }

        // Finally, the barrier signal is removed once we finish
        // `handleChannelReady`. If we can still find the signal, we haven't
        // finished processing it yet.
        _, loaded := f.handleChannelReadyBarriers.Load(chanID)

        return !loaded, nil
}

// extractAnnounceParams extracts the various channel announcement and update
// parameters that will be needed to construct a ChannelAnnouncement and a
// ChannelUpdate.
func (f *Manager) extractAnnounceParams(c *channeldb.OpenChannel) (
        lnwire.MilliSatoshi, lnwire.MilliSatoshi) {

        // We'll obtain the min HTLC value we can forward in our direction, as
        // we'll use this value within our ChannelUpdate. This constraint is
        // originally set by the remote node, as it will be the one that will
        // need to determine the smallest HTLC it deems economically relevant.
        fwdMinHTLC := c.LocalChanCfg.MinHTLC

        // We don't necessarily want to go as low as the remote party allows.
        // Check it against our default forwarding policy.
        if fwdMinHTLC < f.cfg.DefaultRoutingPolicy.MinHTLCOut {
                fwdMinHTLC = f.cfg.DefaultRoutingPolicy.MinHTLCOut
        }

        // We'll obtain the max HTLC value we can forward in our direction, as
        // we'll use this value within our ChannelUpdate. This value must be <=
        // channel capacity and <= the maximum in-flight msats set by the peer.
        fwdMaxHTLC := c.LocalChanCfg.MaxPendingAmount
        capacityMSat := lnwire.NewMSatFromSatoshis(c.Capacity)
        if fwdMaxHTLC > capacityMSat {
                fwdMaxHTLC = capacityMSat
        }

        return fwdMinHTLC, fwdMaxHTLC
}

// addToGraph sends a ChannelAnnouncement and a ChannelUpdate to the
// gossiper so that the channel is added to the graph builder's internal graph.
// These announcement messages are NOT broadcasted to the greater network,
// only to the channel counter party. The proofs required to announce the
// channel to the greater network will be created and sent in annAfterSixConfs.
// The peerAlias is used for zero-conf channels to give the counter-party a
// ChannelUpdate they understand. ourPolicy may be set for various
// option-scid-alias channels to re-use the same policy.
func (f *Manager) addToGraph(completeChan *channeldb.OpenChannel,
        shortChanID *lnwire.ShortChannelID,
        peerAlias *lnwire.ShortChannelID,
        ourPolicy *models.ChannelEdgePolicy) error {

        chanID := lnwire.NewChanIDFromOutPoint(completeChan.FundingOutpoint)

        fwdMinHTLC, fwdMaxHTLC := f.extractAnnounceParams(completeChan)

        ann, err := f.newChanAnnouncement(
                f.cfg.IDKey, completeChan.IdentityPub,
                &completeChan.LocalChanCfg.MultiSigKey,
                completeChan.RemoteChanCfg.MultiSigKey.PubKey, *shortChanID,
                chanID, fwdMinHTLC, fwdMaxHTLC, ourPolicy,
                completeChan.ChanType,
        )
        if err != nil {
                return fmt.Errorf("error generating channel "+
                        "announcement: %v", err)
        }

        // Send ChannelAnnouncement and ChannelUpdate to the gossiper to add
        // to the Router's topology.
        errChan := f.cfg.SendAnnouncement(
                ann.chanAnn, discovery.ChannelCapacity(completeChan.Capacity),
                discovery.ChannelPoint(completeChan.FundingOutpoint),
                discovery.TapscriptRoot(completeChan.TapscriptRoot),
        )
        select {
        case err := <-errChan:
                if err != nil {
                        if graph.IsError(err, graph.ErrOutdated,
                                graph.ErrIgnored) {

                                log.Debugf("Graph rejected "+
                                        "ChannelAnnouncement: %v", err)
                        } else {
                                return fmt.Errorf("error sending channel "+
                                        "announcement: %v", err)
                        }
                }
        case <-f.quit:
                return ErrFundingManagerShuttingDown
        }

        errChan = f.cfg.SendAnnouncement(
                ann.chanUpdateAnn, discovery.RemoteAlias(peerAlias),
        )
        select {
        case err := <-errChan:
                if err != nil {
                        if graph.IsError(err, graph.ErrOutdated,
                                graph.ErrIgnored) {

                                log.Debugf("Graph rejected "+
                                        "ChannelUpdate: %v", err)
                        } else {
                                return fmt.Errorf("error sending channel "+
                                        "update: %v", err)
                        }
                }
        case <-f.quit:
                return ErrFundingManagerShuttingDown
        }

        return nil
}

// annAfterSixConfs broadcasts the necessary channel announcement messages to
// the network after 6 confs. Should be called after the channelReady message
// is sent and the channel is added to the graph (channelState is
// 'addedToGraph') and the channel is ready to be used. This is the last
// step in the channel opening process, and the opening state will be deleted
// from the database if successful.
func (f *Manager) annAfterSixConfs(completeChan *channeldb.OpenChannel,
        shortChanID *lnwire.ShortChannelID) error {

        // If this channel is not meant to be announced to the greater network,
        // we'll only send our NodeAnnouncement to our counterparty to ensure we
        // don't leak any of our information.
        announceChan := completeChan.ChannelFlags&lnwire.FFAnnounceChannel != 0
        if !announceChan {
                log.Debugf("Will not announce private channel %v.",
                        shortChanID.ToUint64())

                peer, err := f.waitForPeerOnline(completeChan.IdentityPub)
                if err != nil {
                        return err
                }

                nodeAnn, err := f.cfg.CurrentNodeAnnouncement()
                if err != nil {
                        return fmt.Errorf("unable to retrieve current node "+
                                "announcement: %v", err)
                }

                chanID := lnwire.NewChanIDFromOutPoint(
                        completeChan.FundingOutpoint,
                )
                pubKey := peer.PubKey()
                log.Debugf("Sending our NodeAnnouncement for "+
                        "ChannelID(%v) to %x", chanID, pubKey)

                // TODO(halseth): make reliable. If the peer is not online this
                // will fail, and the opening process will stop. Should instead
                // block here, waiting for the peer to come online.
                if err := peer.SendMessage(true, &nodeAnn); err != nil {
                        return fmt.Errorf("unable to send node announcement "+
                                "to peer %x: %v", pubKey, err)
                }
        } else {
                // Otherwise, we'll wait until the funding transaction has
                // reached 6 confirmations before announcing it.
                numConfs := uint32(completeChan.NumConfsRequired)
                if numConfs < 6 {
                        numConfs = 6
                }
                txid := completeChan.FundingOutpoint.Hash
                log.Debugf("Will announce channel %v after ChannelPoint"+
                        "(%v) has gotten %d confirmations",
                        shortChanID.ToUint64(), completeChan.FundingOutpoint,
                        numConfs)

                fundingScript, err := makeFundingScript(completeChan)
                if err != nil {
                        return fmt.Errorf("unable to create funding script "+
                                "for ChannelPoint(%v): %v",
                                completeChan.FundingOutpoint, err)
                }

                // Register with the ChainNotifier for a notification once the
                // funding transaction reaches at least 6 confirmations.
                confNtfn, err := f.cfg.Notifier.RegisterConfirmationsNtfn(
                        &txid, fundingScript, numConfs,
                        completeChan.BroadcastHeight(),
                )
                if err != nil {
                        return fmt.Errorf("unable to register for "+
                                "confirmation of ChannelPoint(%v): %v",
                                completeChan.FundingOutpoint, err)
                }

                // Wait until 6 confirmations has been reached or the wallet
                // signals a shutdown.
                select {
                case _, ok := <-confNtfn.Confirmed:
                        if !ok {
                                return fmt.Errorf("ChainNotifier shutting "+
                                        "down, cannot complete funding flow "+
                                        "for ChannelPoint(%v)",
                                        completeChan.FundingOutpoint)
                        }
                        // Fallthrough.

                case <-f.quit:
                        return fmt.Errorf("%v, stopping funding flow for "+
                                "ChannelPoint(%v)",
                                ErrFundingManagerShuttingDown,
                                completeChan.FundingOutpoint)
                }

                fundingPoint := completeChan.FundingOutpoint
                chanID := lnwire.NewChanIDFromOutPoint(fundingPoint)

                log.Infof("Announcing ChannelPoint(%v), short_chan_id=%v",
                        &fundingPoint, shortChanID)

                // If this is a non-zero-conf option-scid-alias channel, we'll
                // delete the mappings the gossiper uses so that ChannelUpdates
                // with aliases won't be accepted. This is done elsewhere for
                // zero-conf channels.
                isScidFeature := completeChan.NegotiatedAliasFeature()
                isZeroConf := completeChan.IsZeroConf()
                if isScidFeature && !isZeroConf {
                        baseScid := completeChan.ShortChanID()
                        err := f.cfg.AliasManager.DeleteSixConfs(baseScid)
                        if err != nil {
                                return fmt.Errorf("failed deleting six confs "+
                                        "maps: %v", err)
                        }

                        // We'll delete the edge and add it again via
                        // addToGraph. This is because the peer may have
                        // sent us a ChannelUpdate with an alias and we don't
                        // want to relay this.
                        ourPolicy, err := f.cfg.DeleteAliasEdge(baseScid)
                        if err != nil {
                                return fmt.Errorf("failed deleting real edge "+
                                        "for alias channel from graph: %v",
                                        err)
                        }

                        err = f.addToGraph(
                                completeChan, &baseScid, nil, ourPolicy,
                        )
                        if err != nil {
                                return fmt.Errorf("failed to re-add to "+
                                        "graph: %v", err)
                        }
                }

                // Create and broadcast the proofs required to make this channel
                // public and usable for other nodes for routing.
                err = f.announceChannel(
                        f.cfg.IDKey, completeChan.IdentityPub,
                        &completeChan.LocalChanCfg.MultiSigKey,
                        completeChan.RemoteChanCfg.MultiSigKey.PubKey,
                        *shortChanID, chanID, completeChan.ChanType,
                )
                if err != nil {
                        return fmt.Errorf("channel announcement failed: %w",
                                err)
                }

                log.Debugf("Channel with ChannelPoint(%v), short_chan_id=%v "+
                        "sent to gossiper", &fundingPoint, shortChanID)
        }

        return nil
}

// waitForZeroConfChannel is called when the state is addedToGraph with
// a zero-conf channel. This will wait for the real confirmation, add the
// confirmed SCID to the router graph, and then announce after six confs.
func (f *Manager) waitForZeroConfChannel(c *channeldb.OpenChannel) error {
        // First we'll check whether the channel is confirmed on-chain. If it
        // is already confirmed, the chainntnfs subsystem will return with the
        // confirmed tx. Otherwise, we'll wait here until confirmation occurs.
        confChan, err := f.waitForFundingWithTimeout(c)
        if err != nil {
                return fmt.Errorf("error waiting for zero-conf funding "+
                        "confirmation for ChannelPoint(%v): %v",
                        c.FundingOutpoint, err)
        }

        // We'll need to refresh the channel state so that things are properly
        // populated when validating the channel state. Otherwise, a panic may
        // occur due to inconsistency in the OpenChannel struct.
        err = c.Refresh()
        if err != nil {
                return fmt.Errorf("unable to refresh channel state: %w", err)
        }

        // Now that we have the confirmed transaction and the proper SCID,
        // we'll call ValidateChannel to ensure the confirmed tx is properly
        // formatted.
        err = f.cfg.Wallet.ValidateChannel(c, confChan.fundingTx)
        if err != nil {
                return fmt.Errorf("unable to validate zero-conf channel: "+
                        "%v", err)
        }

        // Once we know the confirmed ShortChannelID, we'll need to save it to
        // the database and refresh the OpenChannel struct with it.
        err = c.MarkRealScid(confChan.shortChanID)
        if err != nil {
                return fmt.Errorf("unable to set confirmed SCID for zero "+
                        "channel: %v", err)
        }

        // Six confirmations have been reached. If this channel is public,
        // we'll delete some of the alias mappings the gossiper uses.
        isPublic := c.ChannelFlags&lnwire.FFAnnounceChannel != 0
        if isPublic {
                err = f.cfg.AliasManager.DeleteSixConfs(c.ShortChannelID)
                if err != nil {
                        return fmt.Errorf("unable to delete base alias after "+
                                "six confirmations: %v", err)
                }

                // TODO: Make this atomic!
                ourPolicy, err := f.cfg.DeleteAliasEdge(c.ShortChanID())
                if err != nil {
                        return fmt.Errorf("unable to delete alias edge from "+
                                "graph: %v", err)
                }

                // We'll need to update the graph with the new ShortChannelID
                // via an addToGraph call. We don't pass in the peer's
                // alias since we'll be using the confirmed SCID from now on
                // regardless if it's public or not.
                err = f.addToGraph(
                        c, &confChan.shortChanID, nil, ourPolicy,
                )
                if err != nil {
                        return fmt.Errorf("failed adding confirmed zero-conf "+
                                "SCID to graph: %v", err)
                }
        }

        // Since we have now marked down the confirmed SCID, we'll also need to
        // tell the Switch to refresh the relevant ChannelLink so that forwards
        // under the confirmed SCID are possible if this is a public channel.
        err = f.cfg.ReportShortChanID(c.FundingOutpoint)
        if err != nil {
                // This should only fail if the link is not found in the
                // Switch's linkIndex map. If this is the case, then the peer
                // has gone offline and the next time the link is loaded, it
                // will have a refreshed state. Just log an error here.
                log.Errorf("unable to report scid for zero-conf channel "+
                        "channel: %v", err)
        }

        // Update the confirmed transaction's label.
        f.makeLabelForTx(c)

        return nil
}

// genFirstStateMusigNonce generates a nonces for the "first" local state. This
// is the verification nonce for the state created for us after the initial
// commitment transaction signed as part of the funding flow.
func genFirstStateMusigNonce(channel *channeldb.OpenChannel,
) (*musig2.Nonces, error) {

        musig2ShaChain, err := channeldb.DeriveMusig2Shachain(
                channel.RevocationProducer,
        )
        if err != nil {
                return nil, fmt.Errorf("unable to generate musig channel "+
                        "nonces: %v", err)
        }

        // We use the _next_ commitment height here as we need to generate the
        // nonce for the next state the remote party will sign for us.
        verNonce, err := channeldb.NewMusigVerificationNonce(
                channel.LocalChanCfg.MultiSigKey.PubKey,
                channel.LocalCommitment.CommitHeight+1,
                musig2ShaChain,
        )
        if err != nil {
                return nil, fmt.Errorf("unable to generate musig channel "+
                        "nonces: %v", err)
        }

        return verNonce, nil
}

// handleChannelReady finalizes the channel funding process and enables the
// channel to enter normal operating mode.
func (f *Manager) handleChannelReady(peer lnpeer.Peer, //nolint:funlen
        msg *lnwire.ChannelReady) {

        defer f.wg.Done()

        // If we are in development mode, we'll wait for specified duration
        // before processing the channel ready message.
        if f.cfg.Dev != nil {
                duration := f.cfg.Dev.ProcessChannelReadyWait
                log.Warnf("Channel(%v): sleeping %v before processing "+
                        "channel_ready", msg.ChanID, duration)

                select {
                case <-time.After(duration):
                        log.Warnf("Channel(%v): slept %v before processing "+
                                "channel_ready", msg.ChanID, duration)
                case <-f.quit:
                        log.Warnf("Channel(%v): quit sleeping", msg.ChanID)
                        return
                }
        }

        log.Debugf("Received ChannelReady for ChannelID(%v) from "+
                "peer %x", msg.ChanID,
                peer.IdentityKey().SerializeCompressed())

        // We now load or create a new channel barrier for this channel.
        _, loaded := f.handleChannelReadyBarriers.LoadOrStore(
                msg.ChanID, struct{}{},
        )

        // If we are currently in the process of handling a channel_ready
        // message for this channel, ignore.
        if loaded {
                log.Infof("Already handling channelReady for "+
                        "ChannelID(%v), ignoring.", msg.ChanID)
                return
        }

        // If not already handling channelReady for this channel, then the
        // `LoadOrStore` has set up a barrier, and it will be removed once this
        // function exits.
        defer f.handleChannelReadyBarriers.Delete(msg.ChanID)

        localDiscoverySignal, ok := f.localDiscoverySignals.Load(msg.ChanID)
        if ok {
                // Before we proceed with processing the channel_ready
                // message, we'll wait for the local waitForFundingConfirmation
                // goroutine to signal that it has the necessary state in
                // place. Otherwise, we may be missing critical information
                // required to handle forwarded HTLC's.
                select {
                case <-localDiscoverySignal:
                        // Fallthrough
                case <-f.quit:
                        return
                }

                // With the signal received, we can now safely delete the entry
                // from the map.
                f.localDiscoverySignals.Delete(msg.ChanID)
        }

        // First, we'll attempt to locate the channel whose funding workflow is
        // being finalized by this message. We go to the database rather than
        // our reservation map as we may have restarted, mid funding flow. Also
        // provide the node's public key to make the search faster.
        chanID := msg.ChanID
        channel, err := f.cfg.FindChannel(peer.IdentityKey(), chanID)
        if err != nil {
                log.Errorf("Unable to locate ChannelID(%v), cannot complete "+
                        "funding", chanID)
                return
        }

        // If this is a taproot channel, then we can generate the set of nonces
        // the remote party needs to send the next remote commitment here.
        var firstVerNonce *musig2.Nonces
        if channel.ChanType.IsTaproot() {
                firstVerNonce, err = genFirstStateMusigNonce(channel)
                if err != nil {
                        log.Error(err)
                        return
                }
        }

        // We'll need to store the received TLV alias if the option_scid_alias
        // feature was negotiated. This will be used to provide route hints
        // during invoice creation. In the zero-conf case, it is also used to
        // provide a ChannelUpdate to the remote peer. This is done before the
        // call to InsertNextRevocation in case the call to PutPeerAlias fails.
        // If it were to fail on the first call to handleChannelReady, we
        // wouldn't want the channel to be usable yet.
        if channel.NegotiatedAliasFeature() {
                // If the AliasScid field is nil, we must fail out. We will
                // most likely not be able to route through the peer.
                if msg.AliasScid == nil {
                        log.Debugf("Consider closing ChannelID(%v), peer "+
                                "does not implement the option-scid-alias "+
                                "feature properly", chanID)
                        return
                }

                // We'll store the AliasScid so that invoice creation can use
                // it.
                err = f.cfg.AliasManager.PutPeerAlias(chanID, *msg.AliasScid)
                if err != nil {
                        log.Errorf("unable to store peer's alias: %v", err)
                        return
                }

                // If we do not have an alias stored, we'll create one now.
                // This is only used in the upgrade case where a user toggles
                // the option-scid-alias feature-bit to on. We'll also send the
                // channel_ready message here in case the link is created
                // before sendChannelReady is called.
                aliases := f.cfg.AliasManager.GetAliases(
                        channel.ShortChannelID,
                )
                if len(aliases) == 0 {
                        // No aliases were found so we'll request and store an
                        // alias and use it in the channel_ready message.
                        alias, err := f.cfg.AliasManager.RequestAlias()
                        if err != nil {
                                log.Errorf("unable to request alias: %v", err)
                                return
                        }

                        err = f.cfg.AliasManager.AddLocalAlias(
                                alias, channel.ShortChannelID, false, false,
                        )
                        if err != nil {
                                log.Errorf("unable to add local alias: %v",
                                        err)
                                return
                        }

                        secondPoint, err := channel.SecondCommitmentPoint()
                        if err != nil {
                                log.Errorf("unable to fetch second "+
                                        "commitment point: %v", err)
                                return
                        }

                        channelReadyMsg := lnwire.NewChannelReady(
                                chanID, secondPoint,
                        )
                        channelReadyMsg.AliasScid = &alias

                        if firstVerNonce != nil {
                                channelReadyMsg.NextLocalNonce = lnwire.SomeMusig2Nonce( //nolint:ll
                                        firstVerNonce.PubNonce,
                                )
                        }

                        err = peer.SendMessage(true, channelReadyMsg)
                        if err != nil {
                                log.Errorf("unable to send channel_ready: %v",
                                        err)
                                return
                        }
                }
        }

        // If the RemoteNextRevocation is non-nil, it means that we have
        // already processed channelReady for this channel, so ignore. This
        // check is after the alias logic so we store the peer's most recent
        // alias. The spec requires us to validate that subsequent
        // channel_ready messages use the same per commitment point (the
        // second), but it is not actually necessary since we'll just end up
        // ignoring it. We are, however, required to *send* the same per
        // commitment point, since another pedantic implementation might
        // verify it.
        if channel.RemoteNextRevocation != nil {
                log.Infof("Received duplicate channelReady for "+
                        "ChannelID(%v), ignoring.", chanID)
                return
        }

        // If this is a taproot channel, then we'll need to map the received
        // nonces to a nonce pair, and also fetch our pending nonces, which are
        // required in order to make the channel whole.
        var chanOpts []lnwallet.ChannelOpt
        if channel.ChanType.IsTaproot() {
                f.nonceMtx.Lock()
                localNonce, ok := f.pendingMusigNonces[chanID]
                if !ok {
                        // If there's no pending nonce for this channel ID,
                        // we'll use the one generated above.
                        localNonce = firstVerNonce
                        f.pendingMusigNonces[chanID] = firstVerNonce
                }
                f.nonceMtx.Unlock()

                log.Infof("ChanID(%v): applying local+remote musig2 nonces",
                        chanID)

                remoteNonce, err := msg.NextLocalNonce.UnwrapOrErrV(
                        errNoLocalNonce,
                )
                if err != nil {
                        cid := newChanIdentifier(msg.ChanID)
                        f.sendWarning(peer, cid, err)

                        return
                }

                chanOpts = append(
                        chanOpts,
                        lnwallet.WithLocalMusigNonces(localNonce),
                        lnwallet.WithRemoteMusigNonces(&musig2.Nonces{
                                PubNonce: remoteNonce,
                        }),
                )

                // Inform the aux funding controller that the liquidity in the
                // custom channel is now ready to be advertised. We potentially
                // haven't sent our own channel ready message yet, but other
                // than that the channel is ready to count toward available
                // liquidity.
                err = fn.MapOptionZ(
                        f.cfg.AuxFundingController,
                        func(controller AuxFundingController) error {
                                return controller.ChannelReady(
                                        lnwallet.NewAuxChanState(channel),
                                )
                        },
                )
                if err != nil {
                        cid := newChanIdentifier(msg.ChanID)
                        f.sendWarning(peer, cid, err)

                        return
                }
        }

        // The channel_ready message contains the next commitment point we'll
        // need to create the next commitment state for the remote party. So
        // we'll insert that into the channel now before passing it along to
        // other sub-systems.
        err = channel.InsertNextRevocation(msg.NextPerCommitmentPoint)
        if err != nil {
                log.Errorf("unable to insert next commitment point: %v", err)
                return
        }

        // Before we can add the channel to the peer, we'll need to ensure that
        // we have an initial forwarding policy set.
        if err := f.ensureInitialForwardingPolicy(chanID, channel); err != nil {
                log.Errorf("Unable to ensure initial forwarding policy: %v",
                        err)
        }

        err = peer.AddNewChannel(&lnpeer.NewChannel{
                OpenChannel: channel,
                ChanOpts:    chanOpts,
        }, f.quit)
        if err != nil {
                log.Errorf("Unable to add new channel %v with peer %x: %v",
                        channel.FundingOutpoint,
                        peer.IdentityKey().SerializeCompressed(), err,
                )
        }
}

// handleChannelReadyReceived is called once the remote's channelReady message
// is received and processed. At this stage, we must have sent out our
// channelReady message, once the remote's channelReady is processed, the
// channel is now active, thus we change its state to `addedToGraph` to
// let the channel start handling routing.
func (f *Manager) handleChannelReadyReceived(channel *channeldb.OpenChannel,
        scid *lnwire.ShortChannelID, pendingChanID PendingChanID,
        updateChan chan<- *lnrpc.OpenStatusUpdate) error {

        chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)

        // Since we've sent+received funding locked at this point, we
        // can clean up the pending musig2 nonce state.
        f.nonceMtx.Lock()
        delete(f.pendingMusigNonces, chanID)
        f.nonceMtx.Unlock()

        var peerAlias *lnwire.ShortChannelID
        if channel.IsZeroConf() {
                // We'll need to wait until channel_ready has been received and
                // the peer lets us know the alias they want to use for the
                // channel. With this information, we can then construct a
                // ChannelUpdate for them.  If an alias does not yet exist,
                // we'll just return, letting the next iteration of the loop
                // check again.
                var defaultAlias lnwire.ShortChannelID
                chanID := lnwire.NewChanIDFromOutPoint(channel.FundingOutpoint)
                foundAlias, _ := f.cfg.AliasManager.GetPeerAlias(chanID)
                if foundAlias == defaultAlias {
                        return nil
                }

                peerAlias = &foundAlias
        }

        err := f.addToGraph(channel, scid, peerAlias, nil)
        if err != nil {
                return fmt.Errorf("failed adding to graph: %w", err)
        }

        // As the channel is now added to the ChannelRouter's topology, the
        // channel is moved to the next state of the state machine. It will be
        // moved to the last state (actually deleted from the database) after
        // the channel is finally announced.
        err = f.saveChannelOpeningState(
                &channel.FundingOutpoint, addedToGraph, scid,
        )
        if err != nil {
                return fmt.Errorf("error setting channel state to"+
                        " addedToGraph: %w", err)
        }

        log.Debugf("Channel(%v) with ShortChanID %v: successfully "+
                "added to graph", chanID, scid)

        err = fn.MapOptionZ(
                f.cfg.AuxFundingController,
                func(controller AuxFundingController) error {
                        return controller.ChannelReady(
                                lnwallet.NewAuxChanState(channel),
                        )
                },
        )
        if err != nil {
                return fmt.Errorf("failed notifying aux funding controller "+
                        "about channel ready: %w", err)
        }

        // Give the caller a final update notifying them that the channel is
        fundingPoint := channel.FundingOutpoint
        cp := &lnrpc.ChannelPoint{
                FundingTxid: &lnrpc.ChannelPoint_FundingTxidBytes{
                        FundingTxidBytes: fundingPoint.Hash[:],
                },
                OutputIndex: fundingPoint.Index,
        }

        if updateChan != nil {
                upd := &lnrpc.OpenStatusUpdate{
                        Update: &lnrpc.OpenStatusUpdate_ChanOpen{
                                ChanOpen: &lnrpc.ChannelOpenUpdate{
                                        ChannelPoint: cp,
                                },
                        },
                        PendingChanId: pendingChanID[:],
                }

                select {
                case updateChan <- upd:
                case <-f.quit:
                        return ErrFundingManagerShuttingDown
                }
        }

        return nil
}

// ensureInitialForwardingPolicy ensures that we have an initial forwarding
// policy set for the given channel. If we don't, we'll fall back to the default
// values.
func (f *Manager) ensureInitialForwardingPolicy(chanID lnwire.ChannelID,
        channel *channeldb.OpenChannel) error {

        // Before we can add the channel to the peer, we'll need to ensure that
        // we have an initial forwarding policy set. This should always be the
        // case except for a channel that was created with lnd <= 0.15.5 and
        // is still pending while updating to this version.
        var needDBUpdate bool
        forwardingPolicy, err := f.getInitialForwardingPolicy(chanID)
        if err != nil {
                log.Errorf("Unable to fetch initial forwarding policy, "+
                        "falling back to default values: %v", err)

                forwardingPolicy = f.defaultForwardingPolicy(
                        channel.LocalChanCfg.ChannelStateBounds,
                )
                needDBUpdate = true
        }

        // We only started storing the actual values for MinHTLCOut and MaxHTLC
        // after 0.16.x, so if a channel was opened with such a version and is
        // still pending while updating to this version, we'll need to set the
        // values to the default values.
        if forwardingPolicy.MinHTLCOut == 0 {
                forwardingPolicy.MinHTLCOut = channel.LocalChanCfg.MinHTLC
                needDBUpdate = true
        }
        if forwardingPolicy.MaxHTLC == 0 {
                forwardingPolicy.MaxHTLC = channel.LocalChanCfg.MaxPendingAmount
                needDBUpdate = true
        }

        // And finally, if we found that the values currently stored aren't
        // sufficient for the link, we'll update the database.
        if needDBUpdate {
                err := f.saveInitialForwardingPolicy(chanID, forwardingPolicy)
                if err != nil {
                        return fmt.Errorf("unable to update initial "+
                                "forwarding policy: %v", err)
                }
        }

        return nil
}

// chanAnnouncement encapsulates the two authenticated announcements that we
// send out to the network after a new channel has been created locally.
type chanAnnouncement struct {
        chanAnn       *lnwire.ChannelAnnouncement1
        chanUpdateAnn *lnwire.ChannelUpdate1
        chanProof     *lnwire.AnnounceSignatures1
}

// newChanAnnouncement creates the authenticated channel announcement messages
// required to broadcast a newly created channel to the network. The
// announcement is two part: the first part authenticates the existence of the
// channel and contains four signatures binding the funding pub keys and
// identity pub keys of both parties to the channel, and the second segment is
// authenticated only by us and contains our directional routing policy for the
// channel. ourPolicy may be set in order to re-use an existing, non-default
// policy.
func (f *Manager) newChanAnnouncement(localPubKey,
        remotePubKey *btcec.PublicKey, localFundingKey *keychain.KeyDescriptor,
        remoteFundingKey *btcec.PublicKey, shortChanID lnwire.ShortChannelID,
        chanID lnwire.ChannelID, fwdMinHTLC, fwdMaxHTLC lnwire.MilliSatoshi,
        ourPolicy *models.ChannelEdgePolicy,
        chanType channeldb.ChannelType) (*chanAnnouncement, error) {

        chainHash := *f.cfg.Wallet.Cfg.NetParams.GenesisHash

        // The unconditional section of the announcement is the ShortChannelID
        // itself which compactly encodes the location of the funding output
        // within the blockchain.
        chanAnn := &lnwire.ChannelAnnouncement1{
                ShortChannelID: shortChanID,
                Features:       lnwire.NewRawFeatureVector(),
                ChainHash:      chainHash,
        }

        // If this is a taproot channel, then we'll set a special bit in the
        // feature vector to indicate to the routing layer that this needs a
        // slightly different type of validation.
        //
        // TODO(roasbeef): temp, remove after gossip 1.5
        if chanType.IsTaproot() {
                log.Debugf("Applying taproot feature bit to "+
                        "ChannelAnnouncement for %v", chanID)

                chanAnn.Features.Set(
                        lnwire.SimpleTaprootChannelsRequiredStaging,
                )
        }

        // The chanFlags field indicates which directed edge of the channel is
        // being updated within the ChannelUpdateAnnouncement announcement
        // below. A value of zero means it's the edge of the "first" node and 1
        // being the other node.
        var chanFlags lnwire.ChanUpdateChanFlags

        // The lexicographical ordering of the two identity public keys of the
        // nodes indicates which of the nodes is "first". If our serialized
        // identity key is lower than theirs then we're the "first" node and
        // second otherwise.
        selfBytes := localPubKey.SerializeCompressed()
        remoteBytes := remotePubKey.SerializeCompressed()
        if bytes.Compare(selfBytes, remoteBytes) == -1 {
                copy(chanAnn.NodeID1[:], localPubKey.SerializeCompressed())
                copy(chanAnn.NodeID2[:], remotePubKey.SerializeCompressed())
                copy(
                        chanAnn.BitcoinKey1[:],
                        localFundingKey.PubKey.SerializeCompressed(),
                )
                copy(
                        chanAnn.BitcoinKey2[:],
                        remoteFundingKey.SerializeCompressed(),
                )

                // If we're the first node then update the chanFlags to
                // indicate the "direction" of the update.
                chanFlags = 0
        } else {
                copy(chanAnn.NodeID1[:], remotePubKey.SerializeCompressed())
                copy(chanAnn.NodeID2[:], localPubKey.SerializeCompressed())
                copy(
                        chanAnn.BitcoinKey1[:],
                        remoteFundingKey.SerializeCompressed(),
                )
                copy(
                        chanAnn.BitcoinKey2[:],
                        localFundingKey.PubKey.SerializeCompressed(),
                )

                // If we're the second node then update the chanFlags to
                // indicate the "direction" of the update.
                chanFlags = 1
        }

        // Our channel update message flags will signal that we support the
        // max_htlc field.
        msgFlags := lnwire.ChanUpdateRequiredMaxHtlc

        // We announce the channel with the default values. Some of
        // these values can later be changed by crafting a new ChannelUpdate.
        chanUpdateAnn := &lnwire.ChannelUpdate1{
                ShortChannelID: shortChanID,
                ChainHash:      chainHash,
                Timestamp:      uint32(time.Now().Unix()),
                MessageFlags:   msgFlags,
                ChannelFlags:   chanFlags,
                TimeLockDelta: uint16(
                        f.cfg.DefaultRoutingPolicy.TimeLockDelta,
                ),
                HtlcMinimumMsat: fwdMinHTLC,
                HtlcMaximumMsat: fwdMaxHTLC,
        }

        // The caller of newChanAnnouncement is expected to provide the initial
        // forwarding policy to be announced. If no persisted initial policy
        // values are found, then we will use the default policy values in the
        // channel announcement.
        storedFwdingPolicy, err := f.getInitialForwardingPolicy(chanID)
        if err != nil && !errors.Is(err, channeldb.ErrChannelNotFound) {
                return nil, errors.Errorf("unable to generate channel "+
                        "update announcement: %v", err)
        }

        switch {
        case ourPolicy != nil:
                // If ourPolicy is non-nil, modify the default parameters of the
                // ChannelUpdate.
                chanUpdateAnn.MessageFlags = ourPolicy.MessageFlags
                chanUpdateAnn.ChannelFlags = ourPolicy.ChannelFlags
                chanUpdateAnn.TimeLockDelta = ourPolicy.TimeLockDelta
                chanUpdateAnn.HtlcMinimumMsat = ourPolicy.MinHTLC
                chanUpdateAnn.HtlcMaximumMsat = ourPolicy.MaxHTLC
                chanUpdateAnn.BaseFee = uint32(ourPolicy.FeeBaseMSat)
                chanUpdateAnn.FeeRate = uint32(
                        ourPolicy.FeeProportionalMillionths,
                )

        case storedFwdingPolicy != nil:
                chanUpdateAnn.BaseFee = uint32(storedFwdingPolicy.BaseFee)
                chanUpdateAnn.FeeRate = uint32(storedFwdingPolicy.FeeRate)

        default:
                log.Infof("No channel forwarding policy specified for channel "+
                        "announcement of ChannelID(%v). "+
                        "Assuming default fee parameters.", chanID)
                chanUpdateAnn.BaseFee = uint32(
                        f.cfg.DefaultRoutingPolicy.BaseFee,
                )
                chanUpdateAnn.FeeRate = uint32(
                        f.cfg.DefaultRoutingPolicy.FeeRate,
                )
        }

        // With the channel update announcement constructed, we'll generate a
        // signature that signs a double-sha digest of the announcement.
        // This'll serve to authenticate this announcement and any other future
        // updates we may send.
        chanUpdateMsg, err := chanUpdateAnn.DataToSign()
        if err != nil {
                return nil, err
        }
        sig, err := f.cfg.SignMessage(f.cfg.IDKeyLoc, chanUpdateMsg, true)
        if err != nil {
                return nil, errors.Errorf("unable to generate channel "+
                        "update announcement signature: %v", err)
        }
        chanUpdateAnn.Signature, err = lnwire.NewSigFromSignature(sig)
        if err != nil {
                return nil, errors.Errorf("unable to generate channel "+
                        "update announcement signature: %v", err)
        }

        // The channel existence proofs itself is currently announced in
        // distinct message. In order to properly authenticate this message, we
        // need two signatures: one under the identity public key used which
        // signs the message itself and another signature of the identity
        // public key under the funding key itself.
        //
        // TODO(roasbeef): use SignAnnouncement here instead?
        chanAnnMsg, err := chanAnn.DataToSign()
        if err != nil {
                return nil, err
        }
        nodeSig, err := f.cfg.SignMessage(f.cfg.IDKeyLoc, chanAnnMsg, true)
        if err != nil {
                return nil, errors.Errorf("unable to generate node "+
                        "signature for channel announcement: %v", err)
        }
        bitcoinSig, err := f.cfg.SignMessage(
                localFundingKey.KeyLocator, chanAnnMsg, true,
        )
        if err != nil {
                return nil, errors.Errorf("unable to generate bitcoin "+
                        "signature for node public key: %v", err)
        }

        // Finally, we'll generate the announcement proof which we'll use to
        // provide the other side with the necessary signatures required to
        // allow them to reconstruct the full channel announcement.
        proof := &lnwire.AnnounceSignatures1{
                ChannelID:      chanID,
                ShortChannelID: shortChanID,
        }
        proof.NodeSignature, err = lnwire.NewSigFromSignature(nodeSig)
        if err != nil {
                return nil, err
        }
        proof.BitcoinSignature, err = lnwire.NewSigFromSignature(bitcoinSig)
        if err != nil {
                return nil, err
        }

        return &chanAnnouncement{
                chanAnn:       chanAnn,
                chanUpdateAnn: chanUpdateAnn,
                chanProof:     proof,
        }, nil
}

// announceChannel announces a newly created channel to the rest of the network
// by crafting the two authenticated announcements required for the peers on
// the network to recognize the legitimacy of the channel. The crafted
// announcements are then sent to the channel router to handle broadcasting to
// the network during its next trickle.
// This method is synchronous and will return when all the network requests
// finish, either successfully or with an error.
func (f *Manager) announceChannel(localIDKey, remoteIDKey *btcec.PublicKey,
        localFundingKey *keychain.KeyDescriptor,
        remoteFundingKey *btcec.PublicKey, shortChanID lnwire.ShortChannelID,
        chanID lnwire.ChannelID, chanType channeldb.ChannelType) error {

        // First, we'll create the batch of announcements to be sent upon
        // initial channel creation. This includes the channel announcement
        // itself, the channel update announcement, and our half of the channel
        // proof needed to fully authenticate the channel.
        //
        // We can pass in zeroes for the min and max htlc policy, because we
        // only use the channel announcement message from the returned struct.
        ann, err := f.newChanAnnouncement(
                localIDKey, remoteIDKey, localFundingKey, remoteFundingKey,
                shortChanID, chanID, 0, 0, nil, chanType,
        )
        if err != nil {
                log.Errorf("can't generate channel announcement: %v", err)
                return err
        }

        // We only send the channel proof announcement and the node announcement
        // because addToGraph previously sent the ChannelAnnouncement and
        // the ChannelUpdate announcement messages. The channel proof and node
        // announcements are broadcast to the greater network.
        errChan := f.cfg.SendAnnouncement(ann.chanProof)
        select {
        case err := <-errChan:
                if err != nil {
                        if graph.IsError(err, graph.ErrOutdated,
                                graph.ErrIgnored) {

                                log.Debugf("Graph rejected "+
                                        "AnnounceSignatures: %v", err)
                        } else {
                                log.Errorf("Unable to send channel "+
                                        "proof: %v", err)
                                return err
                        }
                }

        case <-f.quit:
                return ErrFundingManagerShuttingDown
        }

        // Now that the channel is announced to the network, we will also
        // obtain and send a node announcement. This is done since a node
        // announcement is only accepted after a channel is known for that
        // particular node, and this might be our first channel.
        nodeAnn, err := f.cfg.CurrentNodeAnnouncement()
        if err != nil {
                log.Errorf("can't generate node announcement: %v", err)
                return err
        }

        errChan = f.cfg.SendAnnouncement(&nodeAnn)
        select {
        case err := <-errChan:
                if err != nil {
                        if graph.IsError(err, graph.ErrOutdated,
                                graph.ErrIgnored) {

                                log.Debugf("Graph rejected "+
                                        "NodeAnnouncement: %v", err)
                        } else {
                                log.Errorf("Unable to send node "+
                                        "announcement: %v", err)
                                return err
                        }
                }

        case <-f.quit:
                return ErrFundingManagerShuttingDown
        }

        return nil
}

// InitFundingWorkflow sends a message to the funding manager instructing it
// to initiate a single funder workflow with the source peer.
func (f *Manager) InitFundingWorkflow(msg *InitFundingMsg) {
        f.fundingRequests <- msg
}

// getUpfrontShutdownScript takes a user provided script and a getScript
// function which can be used to generate an upfront shutdown script. If our
// peer does not support the feature, this function will error if a non-zero
// script was provided by the user, and return an empty script otherwise. If
// our peer does support the feature, we will return the user provided script
// if non-zero, or a freshly generated script if our node is configured to set
// upfront shutdown scripts automatically.
func getUpfrontShutdownScript(enableUpfrontShutdown bool, peer lnpeer.Peer,
        script lnwire.DeliveryAddress,
        getScript func(bool) (lnwire.DeliveryAddress, error)) (lnwire.DeliveryAddress,
        error) {

        // Check whether the remote peer supports upfront shutdown scripts.
        remoteUpfrontShutdown := peer.RemoteFeatures().HasFeature(
                lnwire.UpfrontShutdownScriptOptional,
        )

        // If the peer does not support upfront shutdown scripts, and one has been
        // provided, return an error because the feature is not supported.
        if !remoteUpfrontShutdown && len(script) != 0 {
                return nil, errUpfrontShutdownScriptNotSupported
        }

        // If the peer does not support upfront shutdown, return an empty address.
        if !remoteUpfrontShutdown {
                return nil, nil
        }

        // If the user has provided an script and the peer supports the feature,
        // return it. Note that user set scripts override the enable upfront
        // shutdown flag.
        if len(script) > 0 {
                return script, nil
        }

        // If we do not have setting of upfront shutdown script enabled, return
        // an empty script.
        if !enableUpfrontShutdown {
                return nil, nil
        }

        // We can safely send a taproot address iff, both sides have negotiated
        // the shutdown-any-segwit feature.
        taprootOK := peer.RemoteFeatures().HasFeature(lnwire.ShutdownAnySegwitOptional) &&
                peer.LocalFeatures().HasFeature(lnwire.ShutdownAnySegwitOptional)

        return getScript(taprootOK)
}

// handleInitFundingMsg creates a channel reservation within the daemon's
// wallet, then sends a funding request to the remote peer kicking off the
// funding workflow.
func (f *Manager) handleInitFundingMsg(msg *InitFundingMsg) {
        var (
                peerKey        = msg.Peer.IdentityKey()
                localAmt       = msg.LocalFundingAmt
                baseFee        = msg.BaseFee
                feeRate        = msg.FeeRate
                minHtlcIn      = msg.MinHtlcIn
                remoteCsvDelay = msg.RemoteCsvDelay
                maxValue       = msg.MaxValueInFlight
                maxHtlcs       = msg.MaxHtlcs
                maxCSV         = msg.MaxLocalCsv
                chanReserve    = msg.RemoteChanReserve
                outpoints      = msg.Outpoints
        )

        // If no maximum CSV delay was set for this channel, we use our default
        // value.
        if maxCSV == 0 {
                maxCSV = f.cfg.MaxLocalCSVDelay
        }

        log.Infof("Initiating fundingRequest(local_amt=%v "+
                "(subtract_fees=%v), push_amt=%v, chain_hash=%v, peer=%x, "+
                "min_confs=%v)", localAmt, msg.SubtractFees, msg.PushAmt,
                msg.ChainHash, peerKey.SerializeCompressed(), msg.MinConfs)

        // We set the channel flags to indicate whether we want this channel to
        // be announced to the network.
        var channelFlags lnwire.FundingFlag
        if !msg.Private {
                // This channel will be announced.
                channelFlags = lnwire.FFAnnounceChannel
        }

        // If the caller specified their own channel ID, then we'll use that.
        // Otherwise we'll generate a fresh one as normal.  This will be used
        // to track this reservation throughout its lifetime.
        var chanID PendingChanID
        if msg.PendingChanID == zeroID {
                chanID = f.nextPendingChanID()
        } else {
                // If the user specified their own pending channel ID, then
                // we'll ensure it doesn't collide with any existing pending
                // channel ID.
                chanID = msg.PendingChanID
                if _, err := f.getReservationCtx(peerKey, chanID); err == nil {
                        msg.Err <- fmt.Errorf("pendingChannelID(%x) "+
                                "already present", chanID[:])
                        return
                }
        }

        // Check whether the peer supports upfront shutdown, and get an address
        // which should be used (either a user specified address or a new
        // address from the wallet if our node is configured to set shutdown
        // address by default).
        shutdown, err := getUpfrontShutdownScript(
                f.cfg.EnableUpfrontShutdown, msg.Peer, msg.ShutdownScript,
                f.selectShutdownScript,
        )
        if err != nil {
                msg.Err <- err
                return
        }

        // Initialize a funding reservation with the local wallet. If the
        // wallet doesn't have enough funds to commit to this channel, then the
        // request will fail, and be aborted.
        //
        // Before we init the channel, we'll also check to see what commitment
        // format we can use with this peer. This is dependent on *both* us and
        // the remote peer are signaling the proper feature bit.
        chanType, commitType, err := negotiateCommitmentType(
                msg.ChannelType, msg.Peer.LocalFeatures(),
                msg.Peer.RemoteFeatures(),
        )
        if err != nil {
                log.Errorf("channel type negotiation failed: %v", err)
                msg.Err <- err
                return
        }

        var (
                zeroConf bool
                scid     bool
        )

        if chanType != nil {
                // Check if the returned chanType includes either the zero-conf
                // or scid-alias bits.
                featureVec := lnwire.RawFeatureVector(*chanType)
                zeroConf = featureVec.IsSet(lnwire.ZeroConfRequired)
                scid = featureVec.IsSet(lnwire.ScidAliasRequired)

                // The option-scid-alias channel type for a public channel is
                // disallowed.
                if scid && !msg.Private {
                        err = fmt.Errorf("option-scid-alias chantype for " +
                                "public channel")
                        log.Error(err)
                        msg.Err <- err

                        return
                }
        }

        // First, we'll query the fee estimator for a fee that should get the
        // commitment transaction confirmed by the next few blocks (conf target
        // of 3). We target the near blocks here to ensure that we'll be able
        // to execute a timely unilateral channel closure if needed.
        commitFeePerKw, err := f.cfg.FeeEstimator.EstimateFeePerKW(3)
        if err != nil {
                msg.Err <- err
                return
        }

        // For anchor channels cap the initial commit fee rate at our defined
        // maximum.
        if commitType.HasAnchors() &&
                commitFeePerKw > f.cfg.MaxAnchorsCommitFeeRate {

                commitFeePerKw = f.cfg.MaxAnchorsCommitFeeRate
        }

        var scidFeatureVal bool
        if hasFeatures(
                msg.Peer.LocalFeatures(), msg.Peer.RemoteFeatures(),
                lnwire.ScidAliasOptional,
        ) {

                scidFeatureVal = true
        }

        // At this point, if we have an AuxFundingController active, we'll check
        // to see if we have a special tapscript root to use in our MuSig2
        // funding output.
        tapscriptRoot, err := fn.MapOptionZ(
                f.cfg.AuxFundingController,
                func(c AuxFundingController) AuxTapscriptResult {
                        return c.DeriveTapscriptRoot(chanID)
                },
        ).Unpack()
        if err != nil {
                err = fmt.Errorf("error deriving tapscript root: %w", err)
                log.Error(err)
                msg.Err <- err

                return
        }

        req := &lnwallet.InitFundingReserveMsg{
                ChainHash:         &msg.ChainHash,
                PendingChanID:     chanID,
                NodeID:            peerKey,
                NodeAddr:          msg.Peer.Address(),
                SubtractFees:      msg.SubtractFees,
                LocalFundingAmt:   localAmt,
                RemoteFundingAmt:  0,
                FundUpToMaxAmt:    msg.FundUpToMaxAmt,
                MinFundAmt:        msg.MinFundAmt,
                RemoteChanReserve: chanReserve,
                Outpoints:         outpoints,
                CommitFeePerKw:    commitFeePerKw,
                FundingFeePerKw:   msg.FundingFeePerKw,
                PushMSat:          msg.PushAmt,
                Flags:             channelFlags,
                MinConfs:          msg.MinConfs,
                CommitType:        commitType,
                ChanFunder:        msg.ChanFunder,
                // Unconfirmed Utxos which are marked by the sweeper subsystem
                // are excluded from the coin selection because they are not
                // final and can be RBFed by the sweeper subsystem.
                AllowUtxoForFunding: func(u lnwallet.Utxo) bool {
                        // Utxos with at least 1 confirmation are safe to use
                        // for channel openings because they don't bare the risk
                        // of being replaced (BIP 125 RBF).
                        if u.Confirmations > 0 {
                                return true
                        }

                        // Query the sweeper storage to make sure we don't use
                        // an unconfirmed utxo still in use by the sweeper
                        // subsystem.
                        return !f.cfg.IsSweeperOutpoint(u.OutPoint)
                },
                ZeroConf:         zeroConf,
                OptionScidAlias:  scid,
                ScidAliasFeature: scidFeatureVal,
                Memo:             msg.Memo,
                TapscriptRoot:    tapscriptRoot,
        }

        reservation, err := f.cfg.Wallet.InitChannelReservation(req)
        if err != nil {
                msg.Err <- err
                return
        }

        if zeroConf {
                // Store the alias for zero-conf channels in the underlying
                // partial channel state.
                aliasScid, err := f.cfg.AliasManager.RequestAlias()
                if err != nil {
                        msg.Err <- err
                        return
                }

                reservation.AddAlias(aliasScid)
        }

        // Set our upfront shutdown address in the existing reservation.
        reservation.SetOurUpfrontShutdown(shutdown)

        // Now that we have successfully reserved funds for this channel in the
        // wallet, we can fetch the final channel capacity. This is done at
        // this point since the final capacity might change in case of
        // SubtractFees=true.
        capacity := reservation.Capacity()

        log.Infof("Target commit tx sat/kw for pendingID(%x): %v", chanID,
                int64(commitFeePerKw))

        // If the remote CSV delay was not set in the open channel request,
        // we'll use the RequiredRemoteDelay closure to compute the delay we
        // require given the total amount of funds within the channel.
        if remoteCsvDelay == 0 {
                remoteCsvDelay = f.cfg.RequiredRemoteDelay(capacity)
        }

        // If no minimum HTLC value was specified, use the default one.
        if minHtlcIn == 0 {
                minHtlcIn = f.cfg.DefaultMinHtlcIn
        }

        // If no max value was specified, use the default one.
        if maxValue == 0 {
                maxValue = f.cfg.RequiredRemoteMaxValue(capacity)
        }

        if maxHtlcs == 0 {
                maxHtlcs = f.cfg.RequiredRemoteMaxHTLCs(capacity)
        }

        // Once the reservation has been created, and indexed, queue a funding
        // request to the remote peer, kicking off the funding workflow.
        ourContribution := reservation.OurContribution()

        // Prepare the optional channel fee values from the initFundingMsg. If
        // useBaseFee or useFeeRate are false the client did not provide fee
        // values hence we assume default fee settings from the config.
        forwardingPolicy := f.defaultForwardingPolicy(
                ourContribution.ChannelStateBounds,
        )
        if baseFee != nil {
                forwardingPolicy.BaseFee = lnwire.MilliSatoshi(*baseFee)
        }

        if feeRate != nil {
                forwardingPolicy.FeeRate = lnwire.MilliSatoshi(*feeRate)
        }

        // Fetch our dust limit which is part of the default channel
        // constraints, and log it.
        ourDustLimit := ourContribution.DustLimit

        log.Infof("Dust limit for pendingID(%x): %v", chanID, ourDustLimit)

        // If the channel reserve is not specified, then we calculate an
        // appropriate amount here.
        if chanReserve == 0 {
                chanReserve = f.cfg.RequiredRemoteChanReserve(
                        capacity, ourDustLimit,
                )
        }

        // If a pending channel map for this peer isn't already created, then
        // we create one, ultimately allowing us to track this pending
        // reservation within the target peer.
        peerIDKey := newSerializedKey(peerKey)
        f.resMtx.Lock()
        if _, ok := f.activeReservations[peerIDKey]; !ok {
                f.activeReservations[peerIDKey] = make(pendingChannels)
        }

        resCtx := &reservationWithCtx{
                chanAmt:           capacity,
                forwardingPolicy:  *forwardingPolicy,
                remoteCsvDelay:    remoteCsvDelay,
                remoteMinHtlc:     minHtlcIn,
                remoteMaxValue:    maxValue,
                remoteMaxHtlcs:    maxHtlcs,
                remoteChanReserve: chanReserve,
                maxLocalCsv:       maxCSV,
                channelType:       chanType,
                reservation:       reservation,
                peer:              msg.Peer,
                updates:           msg.Updates,
                err:               msg.Err,
        }
        f.activeReservations[peerIDKey][chanID] = resCtx
        f.resMtx.Unlock()

        // Update the timestamp once the InitFundingMsg has been handled.
        defer resCtx.updateTimestamp()

        // Check the sanity of the selected channel constraints.
        bounds := &channeldb.ChannelStateBounds{
                ChanReserve:      chanReserve,
                MaxPendingAmount: maxValue,
                MinHTLC:          minHtlcIn,
                MaxAcceptedHtlcs: maxHtlcs,
        }
        commitParams := &channeldb.CommitmentParams{
                DustLimit: ourDustLimit,
                CsvDelay:  remoteCsvDelay,
        }
        err = lnwallet.VerifyConstraints(
                bounds, commitParams, resCtx.maxLocalCsv, capacity,
        )
        if err != nil {
                _, reserveErr := f.cancelReservationCtx(peerKey, chanID, false)
                if reserveErr != nil {
                        log.Errorf("unable to cancel reservation: %v",
                                reserveErr)
                }

                msg.Err <- err
                return
        }

        // When opening a script enforced channel lease, include the required
        // expiry TLV record in our proposal.
        var leaseExpiry *lnwire.LeaseExpiry
        if commitType == lnwallet.CommitmentTypeScriptEnforcedLease {
                leaseExpiry = new(lnwire.LeaseExpiry)
                *leaseExpiry = lnwire.LeaseExpiry(reservation.LeaseExpiry())
        }

        log.Infof("Starting funding workflow with %v for pending_id(%x), "+
                "committype=%v", msg.Peer.Address(), chanID, commitType)

        reservation.SetState(lnwallet.SentOpenChannel)

        fundingOpen := lnwire.OpenChannel{
                ChainHash:             *f.cfg.Wallet.Cfg.NetParams.GenesisHash,
                PendingChannelID:      chanID,
                FundingAmount:         capacity,
                PushAmount:            msg.PushAmt,
                DustLimit:             ourDustLimit,
                MaxValueInFlight:      maxValue,
                ChannelReserve:        chanReserve,
                HtlcMinimum:           minHtlcIn,
                FeePerKiloWeight:      uint32(commitFeePerKw),
                CsvDelay:              remoteCsvDelay,
                MaxAcceptedHTLCs:      maxHtlcs,
                FundingKey:            ourContribution.MultiSigKey.PubKey,
                RevocationPoint:       ourContribution.RevocationBasePoint.PubKey,
                PaymentPoint:          ourContribution.PaymentBasePoint.PubKey,
                HtlcPoint:             ourContribution.HtlcBasePoint.PubKey,
                DelayedPaymentPoint:   ourContribution.DelayBasePoint.PubKey,
                FirstCommitmentPoint:  ourContribution.FirstCommitmentPoint,
                ChannelFlags:          channelFlags,
                UpfrontShutdownScript: shutdown,
                ChannelType:           chanType,
                LeaseExpiry:           leaseExpiry,
        }

        if commitType.IsTaproot() {
                fundingOpen.LocalNonce = lnwire.SomeMusig2Nonce(
                        ourContribution.LocalNonce.PubNonce,
                )
        }

        if err := msg.Peer.SendMessage(true, &fundingOpen); err != nil {
                e := fmt.Errorf("unable to send funding request message: %w",
                        err)
                log.Errorf(e.Error())

                // Since we were unable to send the initial message to the peer
                // and start the funding flow, we'll cancel this reservation.
                _, err := f.cancelReservationCtx(peerKey, chanID, false)
                if err != nil {
                        log.Errorf("unable to cancel reservation: %v", err)
                }

                msg.Err <- e
                return
        }
}

// handleWarningMsg processes the warning which was received from remote peer.
func (f *Manager) handleWarningMsg(peer lnpeer.Peer, msg *lnwire.Warning) {
        log.Warnf("received warning message from peer %x: %v",
                peer.IdentityKey().SerializeCompressed(), msg.Warning())
}

// handleErrorMsg processes the error which was received from remote peer,
// depending on the type of error we should do different clean up steps and
// inform the user about it.
func (f *Manager) handleErrorMsg(peer lnpeer.Peer, msg *lnwire.Error) {
        chanID := msg.ChanID
        peerKey := peer.IdentityKey()

        // First, we'll attempt to retrieve and cancel the funding workflow
        // that this error was tied to. If we're unable to do so, then we'll
        // exit early as this was an unwarranted error.
        resCtx, err := f.cancelReservationCtx(peerKey, chanID, true)
        if err != nil {
                log.Warnf("Received error for non-existent funding "+
                        "flow: %v (%v)", err, msg.Error())
                return
        }

        // If we did indeed find the funding workflow, then we'll return the
        // error back to the caller (if any), and cancel the workflow itself.
        fundingErr := fmt.Errorf("received funding error from %x: %v",
                peerKey.SerializeCompressed(), msg.Error(),
        )
        log.Errorf(fundingErr.Error())

        // If this was a PSBT funding flow, the remote likely timed out because
        // we waited too long. Return a nice error message to the user in that
        // case so the user knows what's the problem.
        if resCtx.reservation.IsPsbt() {
                fundingErr = fmt.Errorf("%w: %v", chanfunding.ErrRemoteCanceled,
                        fundingErr)
        }

        resCtx.err <- fundingErr
}

// pruneZombieReservations loops through all pending reservations and fails the
// funding flow for any reservations that have not been updated since the
// ReservationTimeout and are not locked waiting for the funding transaction.
func (f *Manager) pruneZombieReservations() {
        zombieReservations := make(pendingChannels)

        f.resMtx.RLock()
        for _, pendingReservations := range f.activeReservations {
                for pendingChanID, resCtx := range pendingReservations {
                        if resCtx.isLocked() {
                                continue
                        }

                        // We don't want to expire PSBT funding reservations.
                        // These reservations are always initiated by us and the
                        // remote peer is likely going to cancel them after some
                        // idle time anyway. So no need for us to also prune
                        // them.
                        sinceLastUpdate := time.Since(resCtx.lastUpdated)
                        isExpired := sinceLastUpdate > f.cfg.ReservationTimeout
                        if !resCtx.reservation.IsPsbt() && isExpired {
                                zombieReservations[pendingChanID] = resCtx
                        }
                }
        }
        f.resMtx.RUnlock()

        for pendingChanID, resCtx := range zombieReservations {
                err := fmt.Errorf("reservation timed out waiting for peer "+
                        "(peer_id:%x, chan_id:%x)",
                        resCtx.peer.IdentityKey().SerializeCompressed(),
                        pendingChanID[:])
                log.Warnf(err.Error())

                chanID := lnwire.NewChanIDFromOutPoint(
                        *resCtx.reservation.FundingOutpoint(),
                )

                // Create channel identifier and set the channel ID.
                cid := newChanIdentifier(pendingChanID)
                cid.setChanID(chanID)

                f.failFundingFlow(resCtx.peer, cid, err)
        }
}

// cancelReservationCtx does all needed work in order to securely cancel the
// reservation.
func (f *Manager) cancelReservationCtx(peerKey *btcec.PublicKey,
        pendingChanID PendingChanID,
        byRemote bool) (*reservationWithCtx, error) {

        log.Infof("Cancelling funding reservation for node_key=%x, "+
                "chan_id=%x", peerKey.SerializeCompressed(), pendingChanID[:])

        peerIDKey := newSerializedKey(peerKey)
        f.resMtx.Lock()
        defer f.resMtx.Unlock()

        nodeReservations, ok := f.activeReservations[peerIDKey]
        if !ok {
                // No reservations for this node.
                return nil, errors.Errorf("no active reservations for peer(%x)",
                        peerIDKey[:])
        }

        ctx, ok := nodeReservations[pendingChanID]
        if !ok {
                return nil, errors.Errorf("unknown channel (id: %x) for "+
                        "peer(%x)", pendingChanID[:], peerIDKey[:])
        }

        // If the reservation was a PSBT funding flow and it was canceled by the
        // remote peer, then we need to thread through a different error message
        // to the subroutine that's waiting for the user input so it can return
        // a nice error message to the user.
        if ctx.reservation.IsPsbt() && byRemote {
                ctx.reservation.RemoteCanceled()
        }

        if err := ctx.reservation.Cancel(); err != nil {
                return nil, errors.Errorf("unable to cancel reservation: %v",
                        err)
        }

        delete(nodeReservations, pendingChanID)

        // If this was the last active reservation for this peer, delete the
        // peer's entry altogether.
        if len(nodeReservations) == 0 {
                delete(f.activeReservations, peerIDKey)
        }
        return ctx, nil
}

// deleteReservationCtx deletes the reservation uniquely identified by the
// target public key of the peer, and the specified pending channel ID.
func (f *Manager) deleteReservationCtx(peerKey *btcec.PublicKey,
        pendingChanID PendingChanID) {

        peerIDKey := newSerializedKey(peerKey)
        f.resMtx.Lock()
        defer f.resMtx.Unlock()

        nodeReservations, ok := f.activeReservations[peerIDKey]
        if !ok {
                // No reservations for this node.
                return
        }
        delete(nodeReservations, pendingChanID)

        // If this was the last active reservation for this peer, delete the
        // peer's entry altogether.
        if len(nodeReservations) == 0 {
                delete(f.activeReservations, peerIDKey)
        }
}

// getReservationCtx returns the reservation context for a particular pending
// channel ID for a target peer.
func (f *Manager) getReservationCtx(peerKey *btcec.PublicKey,
        pendingChanID PendingChanID) (*reservationWithCtx, error) {

        peerIDKey := newSerializedKey(peerKey)
        f.resMtx.RLock()
        resCtx, ok := f.activeReservations[peerIDKey][pendingChanID]
        f.resMtx.RUnlock()

        if !ok {
                return nil, errors.Errorf("unknown channel (id: %x) for "+
                        "peer(%x)", pendingChanID[:], peerIDKey[:])
        }

        return resCtx, nil
}

// IsPendingChannel returns a boolean indicating whether the channel identified
// by the pendingChanID and given peer is pending, meaning it is in the process
// of being funded. After the funding transaction has been confirmed, the
// channel will receive a new, permanent channel ID, and will no longer be
// considered pending.
func (f *Manager) IsPendingChannel(pendingChanID PendingChanID,
        peer lnpeer.Peer) bool {

        peerIDKey := newSerializedKey(peer.IdentityKey())
        f.resMtx.RLock()
        _, ok := f.activeReservations[peerIDKey][pendingChanID]
        f.resMtx.RUnlock()

        return ok
}

func copyPubKey(pub *btcec.PublicKey) *btcec.PublicKey {
        var tmp btcec.JacobianPoint
        pub.AsJacobian(&tmp)
        tmp.ToAffine()
        return btcec.NewPublicKey(&tmp.X, &tmp.Y)
}

// defaultForwardingPolicy returns the default forwarding policy based on the
// default routing policy and our local channel constraints.
func (f *Manager) defaultForwardingPolicy(
        bounds channeldb.ChannelStateBounds) *models.ForwardingPolicy {

        return &models.ForwardingPolicy{
                MinHTLCOut:    bounds.MinHTLC,
                MaxHTLC:       bounds.MaxPendingAmount,
                BaseFee:       f.cfg.DefaultRoutingPolicy.BaseFee,
                FeeRate:       f.cfg.DefaultRoutingPolicy.FeeRate,
                TimeLockDelta: f.cfg.DefaultRoutingPolicy.TimeLockDelta,
        }
}

// saveInitialForwardingPolicy saves the forwarding policy for the provided
// chanPoint in the channelOpeningStateBucket.
func (f *Manager) saveInitialForwardingPolicy(chanID lnwire.ChannelID,
        forwardingPolicy *models.ForwardingPolicy) error {

        return f.cfg.ChannelDB.SaveInitialForwardingPolicy(
                chanID, forwardingPolicy,
        )
}

// getInitialForwardingPolicy fetches the initial forwarding policy for a given
// channel id from the database which will be applied during the channel
// announcement phase.
func (f *Manager) getInitialForwardingPolicy(
        chanID lnwire.ChannelID) (*models.ForwardingPolicy, error) {

        return f.cfg.ChannelDB.GetInitialForwardingPolicy(chanID)
}

// deleteInitialForwardingPolicy removes channel fees for this chanID from
// the database.
func (f *Manager) deleteInitialForwardingPolicy(chanID lnwire.ChannelID) error {
        return f.cfg.ChannelDB.DeleteInitialForwardingPolicy(chanID)
}

// saveChannelOpeningState saves the channelOpeningState for the provided
// chanPoint to the channelOpeningStateBucket.
func (f *Manager) saveChannelOpeningState(chanPoint *wire.OutPoint,
        state channelOpeningState, shortChanID *lnwire.ShortChannelID) error {

        var outpointBytes bytes.Buffer
        if err := WriteOutpoint(&outpointBytes, chanPoint); err != nil {
                return err
        }

        // Save state and the uint64 representation of the shortChanID
        // for later use.
        scratch := make([]byte, 10)
        byteOrder.PutUint16(scratch[:2], uint16(state))
        byteOrder.PutUint64(scratch[2:], shortChanID.ToUint64())

        return f.cfg.ChannelDB.SaveChannelOpeningState(
                outpointBytes.Bytes(), scratch,
        )
}

// getChannelOpeningState fetches the channelOpeningState for the provided
// chanPoint from the database, or returns ErrChannelNotFound if the channel
// is not found.
func (f *Manager) getChannelOpeningState(chanPoint *wire.OutPoint) (
        channelOpeningState, *lnwire.ShortChannelID, error) {

        var outpointBytes bytes.Buffer
        if err := WriteOutpoint(&outpointBytes, chanPoint); err != nil {
                return 0, nil, err
        }

        value, err := f.cfg.ChannelDB.GetChannelOpeningState(
                outpointBytes.Bytes(),
        )
        if err != nil {
                return 0, nil, err
        }

        state := channelOpeningState(byteOrder.Uint16(value[:2]))
        shortChanID := lnwire.NewShortChanIDFromInt(byteOrder.Uint64(value[2:]))
        return state, &shortChanID, nil
}

// deleteChannelOpeningState removes any state for chanPoint from the database.
func (f *Manager) deleteChannelOpeningState(chanPoint *wire.OutPoint) error {
        var outpointBytes bytes.Buffer
        if err := WriteOutpoint(&outpointBytes, chanPoint); err != nil {
                return err
        }

        return f.cfg.ChannelDB.DeleteChannelOpeningState(
                outpointBytes.Bytes(),
        )
}

// selectShutdownScript selects the shutdown script we should send to the peer.
// If we can use taproot, then we prefer that, otherwise we'll use a p2wkh
// script.
func (f *Manager) selectShutdownScript(taprootOK bool,
) (lnwire.DeliveryAddress, error) {

        addrType := lnwallet.WitnessPubKey
        if taprootOK {
                addrType = lnwallet.TaprootPubkey
        }

        addr, err := f.cfg.Wallet.NewAddress(
                addrType, false, lnwallet.DefaultAccountName,
        )
        if err != nil {
                return nil, err
        }

        return txscript.PayToAddrScript(addr)
}

// waitForPeerOnline blocks until the peer specified by peerPubkey comes online
// and then returns the online peer.
func (f *Manager) waitForPeerOnline(peerPubkey *btcec.PublicKey) (lnpeer.Peer,
        error) {

        peerChan := make(chan lnpeer.Peer, 1)

        var peerKey [33]byte
        copy(peerKey[:], peerPubkey.SerializeCompressed())

        f.cfg.NotifyWhenOnline(peerKey, peerChan)

        var peer lnpeer.Peer
        select {
        case peer = <-peerChan:
        case <-f.quit:
                return peer, ErrFundingManagerShuttingDown
        }
        return peer, nil
}

lightningnetwork / lnd / 13157733617

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous