Track HTLC-failure trigger tx until anti-reorg delay reached

Antoine Riard · Antoine Riard · commit 98fc5dce2a59 · 2019-02-04T20:43:26.000-05:00
Broadcasting a commitment tx means that we have to fail
inbound HTLC in backward channel. Doing it prematurely would
put us at risk in case of reorg and outbound HTLCs solved
differently (i.e by a preimage). So we delay passing failure
update upstream until solving tx mature to HTLC_FAIL_ANTI_
REORG_DELAY.
Requirements differ if HTLC is a revoked/non-revoked dust/
non-revoked non-dust one.

Add connect_blocks in test_utils to fix broken tests due to
anti-reorg delay enforcement
diff --git a/src/ln/channelmonitor.rs b/src/ln/channelmonitor.rs
@@ -385,6 +385,9 @@ pub struct ChannelMonitor {
 
 	destination_script: Script,
 
+	htlc_updated_waiting_outpoint_solving: HashMap<BitcoinOutPoint, (HTLCSource, Option<PaymentPreimage>, PaymentHash)>,
+	htlc_updated_waiting_threshold_conf: HashMap<u32, Vec<(Option<BitcoinOutPoint>, (HTLCSource, Option<PaymentPreimage>, PaymentHash))>>,
+
 	// We simply modify last_block_hash in Channel's block_connected so that serialization is
 	// consistent but hopefully the users' copy handles block_connected in a consistent way.
 	// (we do *not*, however, update them in insert_combine to ensure any local user copies keep
@@ -414,7 +417,9 @@ impl PartialEq for ChannelMonitor {
 			self.current_remote_commitment_number != other.current_remote_commitment_number ||
 			self.current_local_signed_commitment_tx != other.current_local_signed_commitment_tx ||
 			self.payment_preimages != other.payment_preimages ||
-			self.destination_script != other.destination_script
+			self.destination_script != other.destination_script ||
+			self.htlc_updated_waiting_outpoint_solving != other.htlc_updated_waiting_outpoint_solving ||
+			self.htlc_updated_waiting_threshold_conf != other.htlc_updated_waiting_threshold_conf
 		{
 			false
 		} else {
@@ -464,6 +469,9 @@ impl ChannelMonitor {
 			payment_preimages: HashMap::new(),
 			destination_script: destination_script,
 
+			htlc_updated_waiting_outpoint_solving: HashMap::new(),
+			htlc_updated_waiting_threshold_conf: HashMap::new(),
+
 			last_block_hash: Default::default(),
 			secp_ctx: Secp256k1::new(),
 			logger,
@@ -951,6 +959,26 @@ impl ChannelMonitor {
 		self.last_block_hash.write(writer)?;
 		self.destination_script.write(writer)?;
 
+		writer.write_all(&byte_utils::be64_to_array(self.htlc_updated_waiting_outpoint_solving.len() as u64))?;
+		for (ref outpoint, ref update) in self.htlc_updated_waiting_outpoint_solving.iter() {
+			outpoint.write(writer)?;
+			update.0.write(writer)?;
+			update.1.write(writer)?;
+			update.2.write(writer)?;
+		}
+
+		writer.write_all(&byte_utils::be64_to_array(self.htlc_updated_waiting_threshold_conf.len() as u64))?;
+		for (ref target, ref updates) in self.htlc_updated_waiting_threshold_conf.iter() {
+			writer.write_all(&byte_utils::be32_to_array(**target))?;
+			writer.write_all(&byte_utils::be64_to_array(updates.len() as u64))?;
+			for &(ref outpoint, ref update) in updates.iter() {
+				outpoint.write(writer)?;
+				update.0.write(writer)?;
+				update.1.write(writer)?;
+				update.2.write(writer)?;
+			}
+		}
+
 		Ok(())
 	}
 
@@ -1014,13 +1042,12 @@ impl ChannelMonitor {
 	/// HTLC-Success/HTLC-Timeout transactions.
 	/// Return updates for HTLC pending in the channel and failed automatically by the broadcast of
 	/// revoked remote commitment tx
-	fn check_spend_remote_transaction(&mut self, tx: &Transaction, height: u32) -> (Vec<Transaction>, (Sha256dHash, Vec<TxOut>), Vec<SpendableOutputDescriptor>, Vec<(HTLCSource, Option<PaymentPreimage>, PaymentHash)>)  {
+	fn check_spend_remote_transaction(&mut self, tx: &Transaction, height: u32) -> (Vec<Transaction>, (Sha256dHash, Vec<TxOut>), Vec<SpendableOutputDescriptor>) {
 		// Most secp and related errors trying to create keys means we have no hope of constructing
 		// a spend transaction...so we return no transactions to broadcast
 		let mut txn_to_broadcast = Vec::new();
 		let mut watch_outputs = Vec::new();
 		let mut spendable_outputs = Vec::new();
-		let mut htlc_updated = Vec::new();
 
 		let commitment_txid = tx.txid(); //TODO: This is gonna be a performance bottleneck for watchtowers!
 		let per_commitment_option = self.remote_claimable_outpoints.get(&commitment_txid);
@@ -1029,7 +1056,7 @@ impl ChannelMonitor {
 			( $thing : expr ) => {
 				match $thing {
 					Ok(a) => a,
-					Err(_) => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated)
+					Err(_) => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs)
 				}
 			};
 		}
@@ -1054,7 +1081,7 @@ impl ChannelMonitor {
 			};
 			let delayed_key = ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, &PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key), &self.their_delayed_payment_base_key.unwrap()));
 			let a_htlc_key = match self.their_htlc_base_key {
-				None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated),
+				None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs),
 				Some(their_htlc_base_key) => ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, &PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key), &their_htlc_base_key)),
 			};
 
@@ -1134,7 +1161,7 @@ impl ChannelMonitor {
 						if transaction_output_index as usize >= tx.output.len() ||
 								tx.output[transaction_output_index as usize].value != htlc.amount_msat / 1000 ||
 								tx.output[transaction_output_index as usize].script_pubkey != expected_script.to_v0_p2wsh() {
-							return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); // Corrupted per_commitment_data, fuck this user
+							return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); // Corrupted per_commitment_data, fuck this user
 						}
 						let input = TxIn {
 							previous_output: BitcoinOutPoint {
@@ -1182,8 +1209,15 @@ impl ChannelMonitor {
 						if let Some(ref outpoints) = self.remote_claimable_outpoints.get(&$txid) {
 							for &(ref htlc, ref source_option) in outpoints.iter() {
 								if let &Some(ref source) = source_option {
-									log_trace!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of revoked remote commitment transaction", log_bytes!(htlc.payment_hash.0), $commitment_tx);
-									htlc_updated.push(((**source).clone(), None, htlc.payment_hash.clone()));
+									log_info!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of revoked remote commitment transaction, waiting confirmation until {} height", log_bytes!(htlc.payment_hash.0), $commitment_tx, height + HTLC_FAIL_ANTI_REORG_DELAY - 1);
+									match self.htlc_updated_waiting_threshold_conf.entry(height + HTLC_FAIL_ANTI_REORG_DELAY - 1) {
+										hash_map::Entry::Occupied(mut entry) => {
+											entry.get_mut().push((None, ((**source).clone(), None, htlc.payment_hash.clone())));
+										}
+										hash_map::Entry::Vacant(entry) => {
+											entry.insert(vec![(None, ((**source).clone(), None, htlc.payment_hash.clone()))]);
+										}
+									}
 								}
 							}
 						}
@@ -1199,7 +1233,7 @@ impl ChannelMonitor {
 				}
 				// No need to check local commitment txn, symmetric HTLCSource must be present as per-htlc data on remote commitment tx
 			}
-			if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); } // Nothing to be done...probably a false positive/local tx
+			if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); } // Nothing to be done...probably a false positive/local tx
 
 			let outputs = vec!(TxOut {
 				script_pubkey: self.destination_script.clone(),
@@ -1257,11 +1291,19 @@ impl ChannelMonitor {
 								// need to here.
 								for &(ref broadcast_htlc, ref broadcast_source) in per_commitment_data.iter() {
 									if broadcast_htlc.transaction_output_index.is_some() && Some(source) == broadcast_source.as_ref() {
+										self.htlc_updated_waiting_outpoint_solving.insert(BitcoinOutPoint { txid: commitment_txid.clone(), vout: broadcast_htlc.transaction_output_index.unwrap() }, ((**source).clone(), None, htlc.payment_hash.clone()));
 										continue $id;
 									}
 								}
 								log_trace!(self, "Failing HTLC with payment_hash {} from {} remote commitment tx due to broadcast of remote commitment transaction", log_bytes!(htlc.payment_hash.0), $commitment_tx);
-								htlc_updated.push(((**source).clone(), None, htlc.payment_hash.clone()));
+								match self.htlc_updated_waiting_threshold_conf.entry(height + HTLC_FAIL_ANTI_REORG_DELAY - 1) {
+									hash_map::Entry::Occupied(mut entry) => {
+										entry.get_mut().push((None, ((**source).clone(), None, htlc.payment_hash.clone())));
+									}
+									hash_map::Entry::Vacant(entry) => {
+										entry.insert(vec![(None, ((**source).clone(), None, htlc.payment_hash.clone()))]);
+									}
+								}
 							}
 						}
 					}
@@ -1294,7 +1336,7 @@ impl ChannelMonitor {
 						},
 					};
 					let a_htlc_key = match self.their_htlc_base_key {
-						None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated),
+						None => return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs),
 						Some(their_htlc_base_key) => ignore_error!(chan_utils::derive_public_key(&self.secp_ctx, revocation_point, &their_htlc_base_key)),
 					};
 
@@ -1349,7 +1391,7 @@ impl ChannelMonitor {
 							if transaction_output_index as usize >= tx.output.len() ||
 									tx.output[transaction_output_index as usize].value != htlc.amount_msat / 1000 ||
 									tx.output[transaction_output_index as usize].script_pubkey != expected_script.to_v0_p2wsh() {
-								return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); // Corrupted per_commitment_data, fuck this user
+								return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); // Corrupted per_commitment_data, fuck this user
 							}
 							if let Some(payment_preimage) = self.payment_preimages.get(&htlc.payment_hash) {
 								let input = TxIn {
@@ -1412,7 +1454,7 @@ impl ChannelMonitor {
 						}
 					}
 
-					if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated); } // Nothing to be done...probably a false positive/local tx
+					if inputs.is_empty() { return (txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs); } // Nothing to be done...probably a false positive/local tx
 
 					let outputs = vec!(TxOut {
 						script_pubkey: self.destination_script.clone(),
@@ -1442,7 +1484,7 @@ impl ChannelMonitor {
 			}
 		}
 
-		(txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs, htlc_updated)
+		(txn_to_broadcast, (commitment_txid, watch_outputs), spendable_outputs)
 	}
 
 	/// Attempts to claim a remote HTLC-Success/HTLC-Timeout's outputs using the revocation key
@@ -1697,6 +1739,7 @@ impl ChannelMonitor {
 		let mut watch_outputs = Vec::new();
 		let mut spendable_outputs = Vec::new();
 		let mut htlc_updated = Vec::new();
+		//log_info!(self, "Height at {}", height);
 		for tx in txn_matched {
 			if tx.input.len() == 1 {
 				// Assuming our keys were not leaked (in which case we're screwed no matter what),
@@ -1714,7 +1757,7 @@ impl ChannelMonitor {
 					}
 				};
 				if funding_txo.is_none() || (prevout.txid == funding_txo.as_ref().unwrap().0.txid && prevout.vout == funding_txo.as_ref().unwrap().0.index as u32) {
-					let (remote_txn, new_outputs, mut spendable_output, mut updated) = self.check_spend_remote_transaction(tx, height);
+					let (remote_txn, new_outputs, mut spendable_output) = self.check_spend_remote_transaction(tx, height);
 					txn = remote_txn;
 					spendable_outputs.append(&mut spendable_output);
 					if !new_outputs.1.is_empty() {
@@ -1733,9 +1776,6 @@ impl ChannelMonitor {
 							spendable_outputs.push(spendable_output);
 						}
 					}
-					if updated.len() > 0 {
-						htlc_updated.append(&mut updated);
-					}
 				} else {
 					if let Some(&(commitment_number, _)) = self.remote_commitment_txn_on_chain.get(&prevout.txid) {
 						let (tx, spendable_output) = self.check_spend_remote_htlc(tx, commitment_number);
@@ -1758,6 +1798,22 @@ impl ChannelMonitor {
 			if updated.len() > 0 {
 				htlc_updated.append(&mut updated);
 			}
+			for inp in tx.input.iter() {
+				if let Some(htlc_update) = self.htlc_updated_waiting_outpoint_solving.remove(&inp.previous_output) {
+					if inp.witness.len() == 5 && inp.witness[4].len() == ACCEPTED_HTLC_SCRIPT_WEIGHT && inp.witness.len() == 3 && inp.witness[2].len() == OFFERED_HTLC_SCRIPT_WEIGHT {
+						htlc_updated.append(&mut vec![htlc_update]); 
+					} else {
+						match self.htlc_updated_waiting_threshold_conf.entry(height + HTLC_FAIL_ANTI_REORG_DELAY - 1) {
+							hash_map::Entry::Occupied(mut entry) => {
+								entry.get_mut().push((Some(inp.previous_output.clone()), htlc_update));
+							}
+							hash_map::Entry::Vacant(entry) => {
+								entry.insert(vec![(Some(inp.previous_output.clone()), htlc_update)]);
+							}
+						}
+					}
+				}
+			}
 		}
 		if let Some(ref cur_local_tx) = self.current_local_signed_commitment_tx {
 			if self.would_broadcast_at_height(height) {
@@ -1786,6 +1842,15 @@ impl ChannelMonitor {
 				}
 			}
 		}
+		if let Some(updates) = self.htlc_updated_waiting_threshold_conf.remove(&height) {
+			for (outpoint, update) in updates {
+				if let Some(oup) = outpoint {
+					self.htlc_updated_waiting_outpoint_solving.remove(&oup);
+				}
+				log_info!(self, "HTLC {} failure update has get enough confirmation to be pass upstream", log_bytes!((update.2).0));
+				htlc_updated.push(update);
+			}
+		}
 		self.last_block_hash = block_hash.clone();
 		(watch_outputs, spendable_outputs, htlc_updated)
 	}
@@ -2159,6 +2224,34 @@ impl<R: ::std::io::Read> ReadableArgs<R, Arc<Logger>> for (Sha256dHash, ChannelM
 		let last_block_hash: Sha256dHash = Readable::read(reader)?;
 		let destination_script = Readable::read(reader)?;
 
+		let waiting_outpoint_solving_len: u64 = Readable::read(reader)?;
+		let mut htlc_updated_waiting_outpoint_solving = HashMap::with_capacity(cmp::min(waiting_outpoint_solving_len as usize, MAX_ALLOC_SIZE / 128));
+		for _ in 0..waiting_outpoint_solving_len {
+			let outpoint  = Readable::read(reader)?;
+			let htlc_source = Readable::read(reader)?;
+			let preimage = Readable::read(reader)?;
+			let hash = Readable::read(reader)?;
+			if let Some(_) = htlc_updated_waiting_outpoint_solving.insert(outpoint, (htlc_source, preimage, hash)) {
+				return Err(DecodeError::InvalidValue);
+			}
+		}
+
+		let waiting_threshold_conf_len: u64 = Readable::read(reader)?;
+		let mut htlc_updated_waiting_threshold_conf = HashMap::with_capacity(cmp::min(waiting_threshold_conf_len as usize, MAX_ALLOC_SIZE / 128));
+		for _ in 0..waiting_threshold_conf_len {
+			let height_target = Readable::read(reader)?;
+			let updates_len: u64 = Readable::read(reader)?;
+			let mut updates = Vec::with_capacity(cmp::min(updates_len as usize, MAX_ALLOC_SIZE / 128));
+			for _ in 0..updates_len {
+				let outpoint = Readable::read(reader)?;
+				let htlc_source = Readable::read(reader)?;
+				let preimage = Readable::read(reader)?;
+				let hash = Readable::read(reader)?;
+				updates.push((outpoint, (htlc_source, preimage, hash)));
+			}
+			htlc_updated_waiting_threshold_conf.insert(height_target, updates);
+		}
+
 		Ok((last_block_hash.clone(), ChannelMonitor {
 			commitment_transaction_number_obscure_factor,
 
@@ -2182,6 +2275,10 @@ impl<R: ::std::io::Read> ReadableArgs<R, Arc<Logger>> for (Sha256dHash, ChannelM
 			payment_preimages,
 
 			destination_script,
+
+			htlc_updated_waiting_outpoint_solving,
+			htlc_updated_waiting_threshold_conf,
+
 			last_block_hash,
 			secp_ctx,
 			logger,
diff --git a/src/ln/functional_test_utils.rs b/src/ln/functional_test_utils.rs
@@ -14,7 +14,7 @@ use util::errors::APIError;
 use util::logger::Logger;
 use util::config::UserConfig;
 
-use bitcoin::util::hash::BitcoinHash;
+use bitcoin::util::hash::{BitcoinHash, Sha256dHash};
 use bitcoin::blockdata::block::BlockHeader;
 use bitcoin::blockdata::transaction::{Transaction, TxOut};
 use bitcoin::network::constants::Network;
@@ -46,6 +46,15 @@ pub fn confirm_transaction(chain: &chaininterface::ChainWatchInterfaceUtil, tx:
 	}
 }
 
+pub fn connect_blocks(chain: &chaininterface::ChainWatchInterfaceUtil, depth: u32, height: u32, parent: bool, prev_blockhash: Sha256dHash) {
+	let mut header = BlockHeader { version: 0x2000000, prev_blockhash: if parent { prev_blockhash } else { Default::default() }, merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
+	chain.block_connected_checked(&header, height + 1, &Vec::new(), &Vec::new());
+	for i in 2..depth {
+		header = BlockHeader { version: 0x20000000, prev_blockhash: header.bitcoin_hash(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
+		chain.block_connected_checked(&header, height + i, &Vec::new(), &Vec::new());
+	}
+}
+
 pub struct Node {
 	pub chain_monitor: Arc<chaininterface::ChainWatchInterfaceUtil>,
 	pub tx_broadcaster: Arc<test_utils::TestBroadcaster>,
diff --git a/src/ln/functional_tests.rs b/src/ln/functional_tests.rs
