Add preimages extraction in block_connected to claim funds

backward

Add caching of PreviousHopData even in case of non-terminal peer to be
able to route backward from on-chain resolution and prune them when htlc
is updated by other node

Author: Antoine Riard

src/ln/channel.rs

@@ -1508,7 +1508,7 @@ impl Channel {
 
 	/// Removes an outbound HTLC which has been commitment_signed by the remote end
 	#[inline]
-	fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<[u8; 32]>, fail_reason: Option<HTLCFailReason>) -> Result<&HTLCSource, ChannelError> {
+	fn mark_outbound_htlc_removed(&mut self, htlc_id: u64, check_preimage: Option<[u8; 32]>, fail_reason: Option<HTLCFailReason>) -> Result<(&HTLCSource, [u8;32]), ChannelError> {
 		for htlc in self.pending_outbound_htlcs.iter_mut() {
 			if htlc.htlc_id == htlc_id {
 				match check_preimage {
@@ -1528,13 +1528,13 @@ impl Channel {
 					OutboundHTLCState::AwaitingRemoteRevokeToRemove | OutboundHTLCState::AwaitingRemovedRemoteRevoke | OutboundHTLCState::RemoteRemoved =>
 						return Err(ChannelError::Close("Remote tried to fulfill HTLC that they'd already fulfilled")),
 				}
-				return Ok(&htlc.source);
+				return Ok((&htlc.source, htlc.payment_hash));
 			}
 		}
 		Err(ChannelError::Close("Remote tried to fulfill/fail an HTLC we couldn't find"))
 	}
 
-	pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<&HTLCSource, ChannelError> {
+	pub fn update_fulfill_htlc(&mut self, msg: &msgs::UpdateFulfillHTLC) -> Result<(&HTLCSource, [u8;32]), ChannelError> {
 		if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) {
 			return Err(ChannelError::Close("Got fulfill HTLC message when channel was not in an operational state"));
 		}
@@ -1550,7 +1550,7 @@ impl Channel {
 		self.mark_outbound_htlc_removed(msg.htlc_id, Some(payment_hash), None)
 	}
 
-	pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<&HTLCSource, ChannelError> {
+	pub fn update_fail_htlc(&mut self, msg: &msgs::UpdateFailHTLC, fail_reason: HTLCFailReason) -> Result<(&HTLCSource, [u8;32]), ChannelError> {
 		if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) {
 			return Err(ChannelError::Close("Got fail HTLC message when channel was not in an operational state"));
 		}
@@ -1561,7 +1561,7 @@ impl Channel {
 		self.mark_outbound_htlc_removed(msg.htlc_id, None, Some(fail_reason))
 	}
 
-	pub fn update_fail_malformed_htlc<'a>(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<&HTLCSource, ChannelError> {
+	pub fn update_fail_malformed_htlc<'a>(&mut self, msg: &msgs::UpdateFailMalformedHTLC, fail_reason: HTLCFailReason) -> Result<(&HTLCSource, [u8;32]), ChannelError> {
 		if (self.channel_state & (ChannelState::ChannelFunded as u32)) != (ChannelState::ChannelFunded as u32) {
 			return Err(ChannelError::Close("Got fail malformed HTLC message when channel was not in an operational state"));
 		}

src/ln/channelmanager.rs

@@ -39,6 +39,7 @@ use crypto::mac::{Mac,MacResult};
 use crypto::hmac::Hmac;
 use crypto::digest::Digest;
 use crypto::symmetriccipher::SynchronousStreamCipher;
+use crypto::ripemd160::Ripemd160;
 
 use std::{ptr, mem};
 use std::collections::HashMap;
@@ -518,13 +519,7 @@ impl ChannelManager {
 		for tx in local_txn {
 			self.tx_broadcaster.broadcast_transaction(&tx);
 		}
-		//TODO: We need to have a way where outbound HTLC claims can result in us claiming the
-		//now-on-chain HTLC output for ourselves (and, thereafter, passing the HTLC backwards).
-		//TODO: We need to handle monitoring of pending offered HTLCs which just hit the chain and
-		//may be claimed, resulting in us claiming the inbound HTLCs (and back-failing after
-		//timeouts are hit and our claims confirm).
-		//TODO: In any case, we need to make sure we remove any pending htlc tracking (via
-		//fail_backwards or claim_funds) eventually for all HTLCs that were in the channel
+
 	}
 
 	/// Force closes a channel, immediately broadcasting the latest local commitment transaction to
@@ -1207,11 +1202,16 @@ impl ChannelManager {
 
 					let mut add_htlc_msgs = Vec::new();
 					for HTLCForwardInfo { prev_short_channel_id, prev_htlc_id, forward_info } in pending_forwards.drain(..) {
-						let htlc_source = HTLCSource::PreviousHopData(HTLCPreviousHopData {
+						let prev_hop_data = HTLCPreviousHopData {
 							short_channel_id: prev_short_channel_id,
 							htlc_id: prev_htlc_id,
 							incoming_packet_shared_secret: forward_info.incoming_shared_secret,
-						});
+						};
+						match channel_state.claimable_htlcs.entry(forward_info.payment_hash) {
+							hash_map::Entry::Occupied(mut entry) => entry.get_mut().push(prev_hop_data.clone()),
+							hash_map::Entry::Vacant(entry) => { entry.insert(vec![prev_hop_data.clone()]); },
+						};
+						let htlc_source = HTLCSource::PreviousHopData(prev_hop_data);
 						match forward_chan.send_htlc(forward_info.amt_to_forward, forward_info.payment_hash, forward_info.outgoing_cltv_value, htlc_source.clone(), forward_info.onion_packet.unwrap()) {
 							Err(_e) => {
 								let chan_update = self.get_channel_update(forward_chan).unwrap();
@@ -1731,34 +1731,47 @@ impl ChannelManager {
 
 	fn internal_update_fulfill_htlc(&self, their_node_id: &PublicKey, msg: &msgs::UpdateFulfillHTLC) -> Result<(), MsgHandleErrInternal> {
 		let mut channel_state = self.channel_state.lock().unwrap();
-		let htlc_source = match channel_state.by_id.get_mut(&msg.channel_id) {
+		let (htlc_source, payment_hash) = match channel_state.by_id.get_mut(&msg.channel_id) {
 			Some(chan) => {
 				if chan.get_their_node_id() != *their_node_id {
 					//TODO: here and below MsgHandleErrInternal, #153 case
 					return Err(MsgHandleErrInternal::send_err_msg_no_close("Got a message for a channel from the wrong node!", msg.channel_id));
 				}
-				chan.update_fulfill_htlc(&msg)
-					.map_err(|e| MsgHandleErrInternal::from_chan_maybe_close(e, msg.channel_id))?.clone()
+				let (htlc_source, payment_hash) = chan.update_fulfill_htlc(&msg)
+					.map_err(|e| MsgHandleErrInternal::from_chan_maybe_close(e, msg.channel_id))?;
+				(htlc_source.clone(), payment_hash)
 			},
 			None => return Err(MsgHandleErrInternal::send_err_msg_no_close("Failed to find corresponding channel", msg.channel_id))
 		};
+		if let Some(sources) = channel_state.claimable_htlcs.get_mut(&payment_hash) {
+			if let HTLCSource::PreviousHopData(previous_hop_data) = htlc_source.clone() {
+				sources.retain(|ref source| !(source.short_channel_id == previous_hop_data.short_channel_id && source.htlc_id == previous_hop_data.htlc_id));
+			}
+		}
 		self.claim_funds_internal(channel_state, htlc_source, msg.payment_preimage.clone());
 		Ok(())
 	}
 
 	fn internal_update_fail_htlc(&self, their_node_id: &PublicKey, msg: &msgs::UpdateFailHTLC) -> Result<Option<msgs::HTLCFailChannelUpdate>, MsgHandleErrInternal> {
-		let mut channel_state = self.channel_state.lock().unwrap();
-		let htlc_source = match channel_state.by_id.get_mut(&msg.channel_id) {
+		let mut channel_state_lock = self.channel_state.lock().unwrap();
+		let channel_state = channel_state_lock.borrow_parts();
+		let (htlc_source, payment_hash) = match channel_state.by_id.get_mut(&msg.channel_id) {
 			Some(chan) => {
 				if chan.get_their_node_id() != *their_node_id {
 					//TODO: here and below MsgHandleErrInternal, #153 case
 					return Err(MsgHandleErrInternal::send_err_msg_no_close("Got a message for a channel from the wrong node!", msg.channel_id));
 				}
-				chan.update_fail_htlc(&msg, HTLCFailReason::ErrorPacket { err: msg.reason.clone() })
-					.map_err(|e| MsgHandleErrInternal::from_chan_maybe_close(e, msg.channel_id))
+				let (htlc_source, payment_hash) = chan.update_fail_htlc(&msg, HTLCFailReason::ErrorPacket { err: msg.reason.clone() })
+					.map_err(|e| MsgHandleErrInternal::from_chan_maybe_close(e, msg.channel_id))?;
+				(htlc_source, payment_hash)
 			},
 			None => return Err(MsgHandleErrInternal::send_err_msg_no_close("Failed to find corresponding channel", msg.channel_id))
-		}?;
+		};
+		if let Some(sources) = channel_state.claimable_htlcs.get_mut(&payment_hash) {
+			if let HTLCSource::PreviousHopData(previous_hop_data) = htlc_source.clone() {
+				sources.retain(|ref source| !(source.short_channel_id == previous_hop_data.short_channel_id && source.htlc_id == previous_hop_data.htlc_id));
+			}
+		}
 
 		match htlc_source {
 			&HTLCSource::OutboundRoute { ref route, ref session_priv, .. } => {
@@ -1821,7 +1834,7 @@ impl ChannelManager {
 
 	fn internal_update_fail_malformed_htlc(&self, their_node_id: &PublicKey, msg: &msgs::UpdateFailMalformedHTLC) -> Result<(), MsgHandleErrInternal> {
 		let mut channel_state = self.channel_state.lock().unwrap();
-		match channel_state.by_id.get_mut(&msg.channel_id) {
+		let (htlc_source, payment_hash) = match channel_state.by_id.get_mut(&msg.channel_id) {
 			Some(chan) => {
 				if chan.get_their_node_id() != *their_node_id {
 					//TODO: here and below MsgHandleErrInternal, #153 case
@@ -1830,12 +1843,18 @@ impl ChannelManager {
 				if (msg.failure_code & 0x8000) != 0 {
 					return Err(MsgHandleErrInternal::send_err_msg_close_chan("Got update_fail_malformed_htlc with BADONION set", msg.channel_id));
 				}
-				chan.update_fail_malformed_htlc(&msg, HTLCFailReason::Reason { failure_code: msg.failure_code, data: Vec::new() })
+				let (htlc_source, payment_hash) = chan.update_fail_malformed_htlc(&msg, HTLCFailReason::Reason { failure_code: msg.failure_code, data: Vec::new() })
 					.map_err(|e| MsgHandleErrInternal::from_chan_maybe_close(e, msg.channel_id))?;
-				Ok(())
+				(htlc_source.clone(), payment_hash)
 			},
 			None => return Err(MsgHandleErrInternal::send_err_msg_no_close("Failed to find corresponding channel", msg.channel_id))
+		};
+		if let Some(sources) = channel_state.claimable_htlcs.get_mut(&payment_hash) {
+			if let HTLCSource::PreviousHopData(previous_hop_data) = htlc_source {
+				sources.retain(|ref source| !(source.short_channel_id == previous_hop_data.short_channel_id && source.htlc_id == previous_hop_data.htlc_id));
+			}
 		}
+		Ok(())
 	}
 
 	fn internal_commitment_signed(&self, their_node_id: &PublicKey, msg: &msgs::CommitmentSigned) -> Result<(msgs::RevokeAndACK, Option<msgs::CommitmentSigned>), MsgHandleErrInternal> {
@@ -2040,6 +2059,7 @@ impl ChainListener for ChannelManager {
 	fn block_connected(&self, header: &BlockHeader, height: u32, txn_matched: &[&Transaction], indexes_of_txn_matched: &[u32]) {
 		let mut new_events = Vec::new();
 		let mut failed_channels = Vec::new();
+		let mut hash_to_remove = Vec::new();
 		{
 			let mut channel_lock = self.channel_state.lock().unwrap();
 			let channel_state = channel_lock.borrow_parts();
@@ -2102,10 +2122,47 @@ impl ChainListener for ChannelManager {
 				}
 				true
 			});
+
+			for tx in txn_matched {
+				for (htlc_with_hash, _) in channel_state.claimable_htlcs.iter() {
+					let mut ripemd = Ripemd160::new();
+					ripemd.input(htlc_with_hash);
+					let mut payment_hash160 = [0; 20];
+					ripemd.result(&mut payment_hash160);
+
+					if tx.input.len() > 0 && tx.input[0].witness.len() == 5 && tx.input[0].witness[4].len() == 138 && payment_hash160 == tx.input[0].witness[4][69..89] {
+						//TODO: macro?
+						let mut payment_preimage = [0; 32];
+						for (arr, vec) in payment_preimage.iter_mut().zip(tx.input[0].witness[3].iter()) {
+							*arr = *vec;
+						}
+						hash_to_remove.push((payment_preimage, htlc_with_hash.clone()));
+					} else if tx.input.len() > 0 && tx.input[0].witness.len() == 3 && tx.input[0].witness[2].len() == 133 && payment_hash160 == tx.input[0].witness[2][109..129] {
+						let mut payment_preimage = [0; 32];
+						for (arr, vec) in payment_preimage.iter_mut().zip(tx.input[0].witness[1].iter()) {
+							*arr = *vec;
+						}
+						hash_to_remove.push((payment_preimage, htlc_with_hash.clone()));
+					}
+				}
+			}
 		}
 		for failure in failed_channels.drain(..) {
 			self.finish_force_close_channel(failure);
 		}
+
+		{
+			let mut channel_state = Some(self.channel_state.lock().unwrap());
+			for (preimage, hash) in hash_to_remove {
+				if channel_state.is_none() { channel_state = Some(self.channel_state.lock().unwrap());}
+				if let Some(mut sources) = channel_state.as_mut().unwrap().claimable_htlcs.remove(&hash) {
+					for source in sources.drain(..) {
+						self.claim_funds_internal(channel_state.take().unwrap(), HTLCSource::PreviousHopData(source), preimage);
+					}
+				}
+			}
+		}
+
 		let mut pending_events = self.pending_events.lock().unwrap();
 		for funding_locked in new_events.drain(..) {
 			pending_events.push(funding_locked);
@@ -3817,7 +3874,7 @@ mod tests {
 	}
 
 	/// Tests that the given node has broadcast a claim transaction against the provided revoked
-	/// HTLC transaction.
+	/// HTLC transaction issued from a revoked commitment tx
 	fn test_revoked_htlc_claim_txn_broadcast(node: &Node, revoked_tx: Transaction) {
 		let mut node_txn = node.tx_broadcaster.txn_broadcasted.lock().unwrap();
 		assert_eq!(node_txn.len(), 1);
@@ -4205,6 +4262,105 @@ mod tests {
 		assert_eq!(nodes[1].node.list_channels().len(), 0);
 	}
 
+	#[test]
+	fn test_htlc_on_chain_success() {
+		// Test that in case of an unilateral close onchain, we detect the state of output thanks to
+		// ChainWatchInterface and pass the preimage backward accordingly. So here we test that ChannelManager is
+		// broadcasting the right event to other nodes in payment path.
+		// A --------------------> B ----------------------> C (preimage)
+		//    A's commitment tx			C's commitment tx
+		// 	       \				   \
+		// 	   B's preimage tx		 	C's HTLC Success tx
+
+		let nodes = create_network(3);
+
+		// Create some initial channels
+		let chan_1 = create_announced_chan_between_nodes(&nodes, 0, 1);
+		let chan_2 = create_announced_chan_between_nodes(&nodes, 1, 2);
+
+		// Rebalance the network a bit by relaying one payment through all the channels...
+		send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000);
+		send_payment(&nodes[0], &vec!(&nodes[1], &nodes[2])[..], 8000000);
+
+		let (payment_preimage, _payment_hash) = route_payment(&nodes[0], &vec!(&nodes[1], &nodes[2]), 3000000);
+		let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42};
+
+		// Broadcast legit commitment tx from C on B's chain
+		// Broadcast HTLC Success transation by C on received output from C's commitment tx on B's chain
+		let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get(&chan_2.2).unwrap().last_local_commitment_txn.clone();
+		nodes[2].node.claim_funds(payment_preimage);
+		{
+			let mut added_monitors = nodes[2].chan_monitor.added_monitors.lock().unwrap();
+			assert_eq!(added_monitors.len(), 1);
+			added_monitors.clear();
+		}
+		let events = nodes[2].node.get_and_clear_pending_events();
+		assert_eq!(events.len(), 1);
+		match events[0] {
+			Event::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fulfill_htlcs, ref update_fail_htlcs, ref update_fail_malformed_htlcs, .. } } => {
+				assert!(update_add_htlcs.is_empty());
+				assert!(update_fail_htlcs.is_empty());
+				assert!(!update_fulfill_htlcs.is_empty());
+				assert!(update_fail_malformed_htlcs.is_empty());
+				assert_eq!(nodes[1].node.get_our_node_id(), *node_id);
+			},
+			_ => panic!("Unexpected event"),
+		};
+		nodes[2].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1);
+		let events = nodes[2].node.get_and_clear_pending_events();
+		assert_eq!(events.len(), 1);
+		match events[0] {
+			Event::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {},
+			_ => panic!("Unexpected event"),
+		}
+		let node_txn = nodes[2].tx_broadcaster.txn_broadcasted.lock().unwrap().clone();
+
+		// Verify that B's ChannelManager is able to extract preimage from HTLC Success tx and pass it backward
+		nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: node_txn}, 1);
+		{
+			let mut added_monitors = nodes[1].chan_monitor.added_monitors.lock().unwrap();
+			assert_eq!(added_monitors.len(), 1);
+			added_monitors.clear();
+		}
+		let events = nodes[1].node.get_and_clear_pending_events();
+		assert_eq!(events.len(), 2);
+		match events[0] {
+			Event::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {},
+			_ => panic!("Unexpected event"),
+		}
+		match events[1] {
+			Event::UpdateHTLCs { ref node_id, updates: msgs::CommitmentUpdate { ref update_add_htlcs, ref update_fail_htlcs, ref update_fulfill_htlcs, ref update_fail_malformed_htlcs, .. } } => {
+				assert!(update_add_htlcs.is_empty());
+				assert!(update_fail_htlcs.is_empty());
+				assert!(!update_fulfill_htlcs.is_empty());
+				assert!(update_fail_malformed_htlcs.is_empty());
+				assert_eq!(nodes[0].node.get_our_node_id(), *node_id);
+			},
+			_ => panic!("Unexpected event"),
+		};
+
+		// Broadcast legit commitment tx from A on B's chain
+		// Broadcast preimage tx by B on offered output from A commitment tx  on A's chain
+		let commitment_tx = nodes[0].node.channel_state.lock().unwrap().by_id.get(&chan_1.2).unwrap().last_local_commitment_txn.clone();
+		nodes[1].chain_monitor.block_connected_with_filtering(&Block { header, txdata: vec![commitment_tx[0].clone()]}, 1);
+		let events = nodes[1].node.get_and_clear_pending_events();
+		assert_eq!(events.len(), 1);
+		match events[0] {
+			Event::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {},
+			_ => panic!("Unexpected event"),
+		}
+		let node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap().clone();
+
+		// Verify that A's ChannelManager is able to extract preimage from preimage tx and pass it backward
+		nodes[0].chain_monitor.block_connected_with_filtering(&Block { header, txdata: node_txn }, 1);
+		let events = nodes[0].node.get_and_clear_pending_events();
+		assert_eq!(events.len(), 1);
+		match events[0] {
+			Event::BroadcastChannelUpdate { msg: msgs::ChannelUpdate { .. } } => {},
+			_ => panic!("Unexpected event"),
+		}
+	}
+
 	#[test]
 	fn test_htlc_ignore_latest_remote_commitment() {
 		// Test that HTLC transactions spending the latest remote commitment transaction are simply