lightningnetwork / lnd / 17189880600

package contractcourt

import (

        "bytes"

        "context"

        "errors"

        "fmt"

        "math"

        "sync"

        "sync/atomic"

        "time"

        "github.com/btcsuite/btcd/btcutil"

        "github.com/btcsuite/btcd/chaincfg/chainhash"

        "github.com/btcsuite/btcd/txscript"

        "github.com/btcsuite/btcd/wire"

        "github.com/lightningnetwork/lnd/chainio"

        "github.com/lightningnetwork/lnd/channeldb"

        "github.com/lightningnetwork/lnd/fn/v2"

        "github.com/lightningnetwork/lnd/graph/db/models"

        "github.com/lightningnetwork/lnd/htlcswitch/hop"

        "github.com/lightningnetwork/lnd/input"

        "github.com/lightningnetwork/lnd/invoices"

        "github.com/lightningnetwork/lnd/kvdb"

        "github.com/lightningnetwork/lnd/labels"

        "github.com/lightningnetwork/lnd/lntypes"

        "github.com/lightningnetwork/lnd/lnutils"

        "github.com/lightningnetwork/lnd/lnwallet"

        "github.com/lightningnetwork/lnd/lnwire"

        "github.com/lightningnetwork/lnd/sweep"

)

var (

        // errAlreadyForceClosed is an error returned when we attempt to force

        // close a channel that's already in the process of doing so.

        errAlreadyForceClosed = errors.New("channel is already in the " +

                "process of being force closed")

)

const (

        // arbitratorBlockBufferSize is the size of the buffer we give to each

        // channel arbitrator.

        arbitratorBlockBufferSize = 20

        // AnchorOutputValue is the output value for the anchor output of an

        // anchor channel.

        // See BOLT 03 for more details:

        // https://github.com/lightning/bolts/blob/master/03-transactions.md

        AnchorOutputValue = btcutil.Amount(330)

)

// WitnessSubscription represents an intent to be notified once new witnesses

// are discovered by various active contract resolvers. A contract resolver may

// use this to be notified of when it can satisfy an incoming contract after we

// discover the witness for an outgoing contract.

type WitnessSubscription struct {

        // WitnessUpdates is a channel that newly discovered witnesses will be

        // sent over.

        //

        // TODO(roasbeef): couple with WitnessType?

        WitnessUpdates <-chan lntypes.Preimage

        // CancelSubscription is a function closure that should be used by a

        // client to cancel the subscription once they are no longer interested

        // in receiving new updates.

        CancelSubscription func()

}

// WitnessBeacon is a global beacon of witnesses. Contract resolvers will use

// this interface to lookup witnesses (preimages typically) of contracts

// they're trying to resolve, add new preimages they resolve, and finally

// receive new updates each new time a preimage is discovered.

//

// TODO(roasbeef): need to delete the pre-images once we've used them

// and have been sufficiently confirmed?

type WitnessBeacon interface {

        // SubscribeUpdates returns a channel that will be sent upon *each* time

        // a new preimage is discovered.

        SubscribeUpdates(chanID lnwire.ShortChannelID, htlc *channeldb.HTLC,

                payload *hop.Payload,

                nextHopOnionBlob []byte) (*WitnessSubscription, error)

        // LookupPreimage attempts to lookup a preimage in the global cache.

        // True is returned for the second argument if the preimage is found.

        LookupPreimage(payhash lntypes.Hash) (lntypes.Preimage, bool)

        // AddPreimages adds a batch of newly discovered preimages to the global

        // cache, and also signals any subscribers of the newly discovered

        // witness.

        AddPreimages(preimages ...lntypes.Preimage) error

}

// ArbChannel is an abstraction that allows the channel arbitrator to interact

// with an open channel.

type ArbChannel interface {

        // ForceCloseChan should force close the contract that this attendant

        // is watching over. We'll use this when we decide that we need to go

        // to chain. It should in addition tell the switch to remove the

        // corresponding link, such that we won't accept any new updates. The

        // returned summary contains all items needed to eventually resolve all

        // outputs on chain.

        ForceCloseChan() (*wire.MsgTx, error)

        // NewAnchorResolutions returns the anchor resolutions for currently

        // valid commitment transactions.

        NewAnchorResolutions() (*lnwallet.AnchorResolutions, error)

}

// ChannelArbitratorConfig contains all the functionality that the

// ChannelArbitrator needs in order to properly arbitrate any contract dispute

// on chain.

type ChannelArbitratorConfig struct {

        // ChanPoint is the channel point that uniquely identifies this

        // channel.

        ChanPoint wire.OutPoint

        // Channel is the full channel data structure. For legacy channels, this

        // field may not always be set after a restart.

        Channel ArbChannel

        // ShortChanID describes the exact location of the channel within the

        // chain. We'll use this to address any messages that we need to send

        // to the switch during contract resolution.

        ShortChanID lnwire.ShortChannelID

        // ChainEvents is an active subscription to the chain watcher for this

        // channel to be notified of any on-chain activity related to this

        // channel.

        ChainEvents *ChainEventSubscription

        // MarkCommitmentBroadcasted should mark the channel as the commitment

        // being broadcast, and we are waiting for the commitment to confirm.

        MarkCommitmentBroadcasted func(*wire.MsgTx, lntypes.ChannelParty) error

        // MarkChannelClosed marks the channel closed in the database, with the

        // passed close summary. After this method successfully returns we can

        // no longer expect to receive chain events for this channel, and must

        // be able to recover from a failure without getting the close event

        // again. It takes an optional channel status which will update the

        // channel status in the record that we keep of historical channels.

        MarkChannelClosed func(*channeldb.ChannelCloseSummary,

                ...channeldb.ChannelStatus) error

        // IsPendingClose is a boolean indicating whether the channel is marked

        // as pending close in the database.

        IsPendingClose bool

        // ClosingHeight is the height at which the channel was closed. Note

        // that this value is only valid if IsPendingClose is true.

        ClosingHeight uint32

        // CloseType is the type of the close event in case IsPendingClose is

        // true. Otherwise this value is unset.

        CloseType channeldb.ClosureType

        // NotifyChannelResolved is used by the channel arbitrator to signal

        // that a given channel has been resolved.

        NotifyChannelResolved func()

        // PutResolverReport records a resolver report for the channel. If the

        // transaction provided is nil, the function should write the report

        // in a new transaction.

        PutResolverReport func(tx kvdb.RwTx,

                report *channeldb.ResolverReport) error

        // FetchHistoricalChannel retrieves the historical state of a channel.

        // This is mostly used to supplement the ContractResolvers with

        // additional information required for proper contract resolution.

        FetchHistoricalChannel func() (*channeldb.OpenChannel, error)

        // FindOutgoingHTLCDeadline returns the deadline in absolute block

        // height for the specified outgoing HTLC. For an outgoing HTLC, its

        // deadline is defined by the timeout height of its corresponding

        // incoming HTLC - this is the expiry height the that remote peer can

        // spend his/her outgoing HTLC via the timeout path.

        FindOutgoingHTLCDeadline func(htlc channeldb.HTLC) fn.Option[int32]

        ChainArbitratorConfig

}

// ReportOutputType describes the type of output that is being reported

// on.

type ReportOutputType uint8

const (

        // ReportOutputIncomingHtlc is an incoming hash time locked contract on

        // the commitment tx.

        ReportOutputIncomingHtlc ReportOutputType = iota

        // ReportOutputOutgoingHtlc is an outgoing hash time locked contract on

        // the commitment tx.

        ReportOutputOutgoingHtlc

        // ReportOutputUnencumbered is an uncontested output on the commitment

        // transaction paying to us directly.

        ReportOutputUnencumbered

        // ReportOutputAnchor is an anchor output on the commitment tx.

        ReportOutputAnchor

)

// ContractReport provides a summary of a commitment tx output.

type ContractReport struct {

        // Outpoint is the final output that will be swept back to the wallet.

        Outpoint wire.OutPoint

        // Type indicates the type of the reported output.

        Type ReportOutputType

        // Amount is the final value that will be swept in back to the wallet.

        Amount btcutil.Amount

        // MaturityHeight is the absolute block height that this output will

        // mature at.

        MaturityHeight uint32

        // Stage indicates whether the htlc is in the CLTV-timeout stage (1) or

        // the CSV-delay stage (2). A stage 1 htlc's maturity height will be set

        // to its expiry height, while a stage 2 htlc's maturity height will be

        // set to its confirmation height plus the maturity requirement.

        Stage uint32

        // LimboBalance is the total number of frozen coins within this

        // contract.

        LimboBalance btcutil.Amount

        // RecoveredBalance is the total value that has been successfully swept

        // back to the user's wallet.

        RecoveredBalance btcutil.Amount

}

// resolverReport creates a resolve report using some of the information in the

// contract report.

func (c *ContractReport) resolverReport(spendTx *chainhash.Hash,

        resolverType channeldb.ResolverType,

// htlcSet represents the set of active HTLCs on a given commitment

// transaction.

type htlcSet struct {

        // incomingHTLCs is a map of all incoming HTLCs on the target

        // commitment transaction. We may potentially go onchain to claim the

        // funds sent to us within this set.

        incomingHTLCs map[uint64]channeldb.HTLC

        // outgoingHTLCs is a map of all outgoing HTLCs on the target

        // commitment transaction. We may potentially go onchain to reclaim the

        // funds that are currently in limbo.

        outgoingHTLCs map[uint64]channeldb.HTLC

}

// newHtlcSet constructs a new HTLC set from a slice of HTLC's.

                }

        }

}

// HtlcSetKey is a two-tuple that uniquely identifies a set of HTLCs on a

// commitment transaction.

type HtlcSetKey struct {

        // IsRemote denotes if the HTLCs are on the remote commitment

        // transaction.

        IsRemote bool

        // IsPending denotes if the commitment transaction that HTLCS are on

        // are pending (the higher of two unrevoked commitments).

        IsPending bool

}

var (

        // LocalHtlcSet is the HtlcSetKey used for local commitments.

        LocalHtlcSet = HtlcSetKey{IsRemote: false, IsPending: false}

        // RemoteHtlcSet is the HtlcSetKey used for remote commitments.

        RemoteHtlcSet = HtlcSetKey{IsRemote: true, IsPending: false}

        // RemotePendingHtlcSet is the HtlcSetKey used for dangling remote

        // commitment transactions.

        RemotePendingHtlcSet = HtlcSetKey{IsRemote: true, IsPending: true}

)

// String returns a human readable string describing the target HtlcSetKey.

        }

}

// ChannelArbitrator is the on-chain arbitrator for a particular channel. The

// struct will keep in sync with the current set of HTLCs on the commitment

// transaction. The job of the attendant is to go on-chain to either settle or

// cancel an HTLC as necessary iff: an HTLC times out, or we known the

// pre-image to an HTLC, but it wasn't settled by the link off-chain. The

// ChannelArbitrator will factor in an expected confirmation delta when

// broadcasting to ensure that we avoid any possibility of race conditions, and

// sweep the output(s) without contest.

type ChannelArbitrator struct {

        started int32 // To be used atomically.

        stopped int32 // To be used atomically.

        // Embed the blockbeat consumer struct to get access to the method

        // `NotifyBlockProcessed` and the `BlockbeatChan`.

        chainio.BeatConsumer

        // startTimestamp is the time when this ChannelArbitrator was started.

        startTimestamp time.Time

        // log is a persistent log that the attendant will use to checkpoint

        // its next action, and the state of any unresolved contracts.

        log ArbitratorLog

        // activeHTLCs is the set of active incoming/outgoing HTLC's on all

        // currently valid commitment transactions.

        activeHTLCs map[HtlcSetKey]htlcSet

        // unmergedSet is used to update the activeHTLCs map in two callsites:

        // checkLocalChainActions and sweepAnchors. It contains the latest

        // updates from the link. It is not deleted from, its entries may be

        // replaced on subsequent calls to notifyContractUpdate.

        unmergedSet map[HtlcSetKey]htlcSet

        unmergedMtx sync.RWMutex

        // cfg contains all the functionality that the ChannelArbitrator requires

        // to do its duty.

        cfg ChannelArbitratorConfig

        // signalUpdates is a channel that any new live signals for the channel

        // we're watching over will be sent.

        signalUpdates chan *signalUpdateMsg

        // activeResolvers is a slice of any active resolvers. This is used to

        // be able to signal them for shutdown in the case that we shutdown.

        activeResolvers []ContractResolver

        // activeResolversLock prevents simultaneous read and write to the

        // resolvers slice.

        activeResolversLock sync.RWMutex

        // resolutionSignal is a channel that will be sent upon by contract

        // resolvers once their contract has been fully resolved. With each

        // send, we'll check to see if the contract is fully resolved.

        resolutionSignal chan struct{}

        // forceCloseReqs is a channel that requests to forcibly close the

        // contract will be sent over.

        forceCloseReqs chan *forceCloseReq

        // state is the current state of the arbitrator. This state is examined

        // upon start up to decide which actions to take.

        state ArbitratorState

        wg   sync.WaitGroup

        quit chan struct{}

}

// NewChannelArbitrator returns a new instance of a ChannelArbitrator backed by

// the passed config struct.

func NewChannelArbitrator(cfg ChannelArbitratorConfig,

}

// Compile-time check for the chainio.Consumer interface.

var _ chainio.Consumer = (*ChannelArbitrator)(nil)

// chanArbStartState contains the information from disk that we need to start

// up a channel arbitrator.

type chanArbStartState struct {

        currentState ArbitratorState

        commitSet    *CommitSet

}

// getStartState retrieves the information from disk that our channel arbitrator

// requires to start.

func (c *ChannelArbitrator) getStartState(tx kvdb.RTx) (*chanArbStartState,

        // Next we'll fetch our confirmed commitment set. This will only exist

        // if the channel has been closed out on chain for modern nodes. For

        // older nodes, this won't be found at all, and will rely on the

        // existing written chain actions. Additionally, if this channel hasn't

        // logged any actions in the log, then this field won't be present.

}

// Start starts all the goroutines that the ChannelArbitrator needs to operate.

// If takes a start state, which will be looked up on disk if it is not

// provided.

func (c *ChannelArbitrator) Start(state *chanArbStartState,

        }

}

// progressStateMachineAfterRestart attempts to progress the state machine

// after a restart. This makes sure that if the state transition failed, we

// will try to progress the state machine again. Moreover it will relaunch

// resolvers if the channel is still in the pending close state and has not

// been fully resolved yet.

func (c *ChannelArbitrator) progressStateMachineAfterRestart(bestHeight int32,

                        }

                }

        }

                // If we detect that we tried to fetch resolutions, but failed,

                // this channel was marked closed in the database before

                // resolutions successfully written. In this case there is not

                // much we can do, so we don't return the error.

                }

        }

        // If we start and ended at the awaiting full resolution state, then

        // we'll relaunch our set of unresolved contracts.

        }

}

// maybeAugmentTaprootResolvers will update the contract resolution information

// for taproot channels. This ensures that all the resolvers have the latest

// resolution, which may also include data such as the control block and tap

// tweaks.

func maybeAugmentTaprootResolvers(chanType channeldb.ChannelType,

        resolver ContractResolver,

        // The on disk resolutions contains all the ctrl block

        // information, so we'll set that now for the relevant

        // resolvers.

                }

                }

                }

                }

        }

}

// relauchResolvers relaunches the set of resolvers for unresolved contracts in

// order to provide them with information that's not immediately available upon

// starting the ChannelArbitrator. This information should ideally be stored in

// the database, so this only serves as a intermediate work-around to prevent a

// migration.

func (c *ChannelArbitrator) relaunchResolvers(commitSet *CommitSet,

        // Retrieve the commitment tx hash from the log.

        }

        // Reconstruct the htlc outpoints and data from the chain action log.

        // The purpose of the constructed htlc map is to supplement to

        // resolvers restored from database with extra data. Ideally this data

        // is stored as part of the resolver in the log. This is a workaround

        // to prevent a db migration. We use all available htlc sets here in

        // order to ensure we have complete coverage.

        // We'll also fetch the historical state of this channel, as it should

        // have been marked as closed by now, and supplement it to each resolver

        // such that we can properly resolve our pending contracts.

        // If we don't find this channel, then it may be the case that it

        // was closed before we started to retain the final state

        // information for open channels.

        }

                }

        }

        // The anchor resolver is stateless and can always be re-instantiated.

}

// Report returns htlc reports for the active resolvers.

                }

                }

        }

}

// Stop signals the ChannelArbitrator for a graceful shutdown.

}

// transitionTrigger is an enum that denotes exactly *why* a state transition

// was initiated. This is useful as depending on the initial trigger, we may

// skip certain states as those actions are expected to have already taken

// place as a result of the external trigger.

type transitionTrigger uint8

const (

        // chainTrigger is a transition trigger that has been attempted due to

        // changing on-chain conditions such as a block which times out HTLC's

        // being attached.

        chainTrigger transitionTrigger = iota

        // userTrigger is a transition trigger driven by user action. Examples

        // of such a trigger include a user requesting a force closure of the

        // channel.

        userTrigger

        // remoteCloseTrigger is a transition trigger driven by the remote

        // peer's commitment being confirmed.

        remoteCloseTrigger

        // localCloseTrigger is a transition trigger driven by our commitment

        // being confirmed.

        localCloseTrigger

        // coopCloseTrigger is a transition trigger driven by a cooperative

        // close transaction being confirmed.

        coopCloseTrigger

        // breachCloseTrigger is a transition trigger driven by a remote breach

        // being confirmed. In this case the channel arbitrator will wait for

        // the BreachArbitrator to finish and then clean up gracefully.

        breachCloseTrigger

)

// String returns a human readable string describing the passed

// transitionTrigger.

        }

}

// stateStep is a help method that examines our internal state, and attempts

// the appropriate state transition if necessary. The next state we transition

// to is returned, Additionally, if the next transition results in a commitment

// broadcast, the commitment transaction itself is returned.

func (c *ChannelArbitrator) stateStep(

        triggerHeight uint32, trigger transitionTrigger,

        // If we're in the default state, then we'll check our set of actions

        // to see if while we were down, conditions have changed.