Making message size limit an exportable constant

[dr-orlovsky]

It's always better to have all magic numbers defined in specs in form of global constants rather than in-code literals

[moneyball]

concept ACK :)

i don't know the code base well enough to give actual ACK although it looks right to me

[codecov]

Codecov Report

Merging #623 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff            @@
##           master     #623    +/-   ##
========================================
  Coverage   91.26%   91.26%            
========================================
  Files          35       35            
  Lines       21229    20787   -442     
========================================
- Hits        19375    18972   -403     
+ Misses       1854     1815    -39     

Impacted Files	Coverage Δ
lightning/src/ln/wire.rs	66.15% <ø> (ø)
lightning/src/ln/peer_channel_encryptor.rs	94.40% <100.00%> (ø)
lightning/src/util/test_utils.rs	77.84% <0.00%> (-7.37%)	⬇️
lightning/src/ln/channelmonitor.rs	95.52% <0.00%> (-0.19%)	⬇️
lightning/src/ln/channel.rs	86.61% <0.00%> (-0.17%)	⬇️
lightning/src/ln/msgs.rs	90.03% <0.00%> (ø)
lightning/src/util/ser.rs	87.45% <0.00%> (ø)
lightning/src/util/logger.rs	59.67% <0.00%> (ø)
lightning/src/ln/chan_utils.rs	97.17% <0.00%> (ø)
lightning/src/chain/transaction.rs	100.00% <0.00%> (ø)
... and 12 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d6d01ba...f186ae8. Read the comment docs.

[naumenkogs]

Not sure the quote adds much value, but it takes readers' attention.
Keeping a number is also not useful, because it's already in the field.

[dr-orlovsky]

You mean quotation marks or the quoted text?

[naumenkogs]

I mean the text. I think it's enough to say:
" /// Maximum Lightning message data length according to BOLT-8"

[dr-orlovsky]

I've used spec referencing model from c-lightning, where they directly cite a part of the spec right in the code — and it works really good for code reading

[naumenkogs]

Never read c-lightning, but big files generally want me to close the tab all the time. And this seems like a path to get there. Maybe you are right.

Anyway, I don't have the energy to argue about this, feel free to do whatever :)

[jkczyz]

The counter argument is that the spec changes, so quoting it can lead to the code comment getting out of sync with the spec as it evolves. It is also mentioned in BOLT 1:

The size of the message is required by the transport layer to fit into a 2-byte unsigned int; therefore, the maximum possible size is 65535 bytes.

My preference would be to reference the spec but leave out the quote.

[TheBlueMatt]

In general, we tend to never quote the spec - the spec can be confusing, and docs should be self-contained - users should be able to read them and figure out what's going on without having to flip to another reference.

[dr-orlovsky]

Done

[naumenkogs]

You deliberately leave "65535" in the comments or you just missed it? I actually don't know what is better. Probably you're right and the number works fine for a doc reader.

[dr-orlovsky]

Deliberately. Constant is unreadable in text, you have to look up for the value; while integer literal allow to check what value the constant must have and understand on which conditions the code will fail.

[TheBlueMatt]

I mean, its more because the length is encoded with two bytes than because the spec says so :p.

[dr-orlovsky]

or the spec uses two byte length encoding to enforce the message size limitation :)

[dr-orlovsky]

Done

[jkczyz]

The counter argument is that the spec changes, so quoting it can lead to the code comment getting out of sync with the spec as it evolves. It is also mentioned in BOLT 1:

The size of the message is required by the transport layer to fit into a 2-byte unsigned int; therefore, the maximum possible size is 65535 bytes.

My preference would be to reference the spec but leave out the quote.

[jkczyz]

Given the spec references the transport layer, would it be more appropriate to define this constant there (i.e. where it is used)? Especially given #494 refactors that code but seems to have missed this restriction. It would be easily caught if defined there, IMHO. It may have not been caught in the review since the old code has not (yet) been removed in that PR.

[dr-orlovsky]

Done

[jkczyz]

Could we simply use std::u16::MAX given the intention given in BOLT 1?

[arik-so]

I agree, it makes more sense to define the constant here. 65535 is more convenient to the reader though, so perhaps just std::u16::MAX; // 65535 for optimal legibility

[dr-orlovsky]

Done

[dr-orlovsky]

With new force-push I have matched all questions, rebased to the current master, added test cases + fixed some of the issues with the existing panic messages and test cases, related to message encryption/decryption. Each of these changes is done as a separate commit to make review easier.

[TheBlueMatt]

Thanks!