Use MonotonicTime as Instant shifted by 10 years forward

Such implementation allows `MonotonicTime` to go backward up to 10
years on all platforms. On some platforms (e.g. iOS) `Instant` is
represented as `u64` of nanoseconds since the boot of the system.
Obviously such implementation does not allow to go backward before the
time of the boot.

Co-authored-by: Andrei <[email protected]>
Co-authored-by: Jeffrey Czyz <[email protected]>

Author: andrei-21

lightning/src/routing/scoring.rs

@@ -325,7 +325,7 @@ impl ReadableArgs<u64> for FixedPenaltyScorer {
 }
 
 #[cfg(not(feature = "no-std"))]
-type ConfiguredTime = std::time::Instant;
+type ConfiguredTime = crate::util::time::MonotonicTime;
 #[cfg(feature = "no-std")]
 use crate::util::time::Eternity;
 #[cfg(feature = "no-std")]

lightning/src/util/time.rs

@@ -58,6 +58,51 @@ impl Sub<Duration> for Eternity {
 	}
 }
 
+#[derive(Clone, Copy, Debug, PartialEq, Eq)]
+#[cfg(not(feature = "no-std"))]
+pub struct MonotonicTime(std::time::Instant);
+
+// The amount of time to shift `Instant` forward to prevent overflow when subtracting a `Duration`
+// from `Instant::now` on some operating systems (e.g., iOS representing `Instance` as `u64`).
+#[cfg(not(feature = "no-std"))]
+static SHIFT: Duration = Duration::from_secs(10 * 365 * 24 * 60 * 60); // 10 years.
+
+#[cfg(not(feature = "no-std"))]
+impl Time for MonotonicTime {
+	fn now() -> Self {
+		let instant = std::time::Instant::now().checked_add(SHIFT).expect("Overflow on MonotonicTime instantiation");
+		Self(instant)
+	}
+
+	fn duration_since(&self, earlier: Self) -> Duration {
+		// On rust prior to 1.60 `Instant::duration_since` will panic if time goes backwards.
+		// However, we support rust versions prior to 1.60 and some users appear to have "monotonic
+		// clocks" that go backwards in practice (likely relatively ancient kernels/etc). Thus, we
+		// manually check for time going backwards here and return a duration of zero in that case.
+		let now = Self::now();
+		if now.0 > earlier.0 { now.0 - earlier.0 } else { Duration::from_secs(0) }
+	}
+
+	fn duration_since_epoch() -> Duration {
+		use std::time::SystemTime;
+		SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap()
+	}
+
+	fn elapsed(&self) -> Duration {
+		self.0.elapsed()
+	}
+}
+
+#[cfg(not(feature = "no-std"))]
+impl Sub<Duration> for MonotonicTime {
+	type Output = Self;
+
+	fn sub(self, other: Duration) -> Self {
+		let instant = self.0.checked_sub(other).expect("MonotonicTime is not supposed to go backward futher than 10 years");
+		Self(instant)
+	}
+}
+
 #[cfg(not(feature = "no-std"))]
 impl Time for std::time::Instant {
 	fn now() -> Self {
@@ -84,7 +129,7 @@ impl Time for std::time::Instant {
 
 #[cfg(test)]
 pub mod tests {
-	use super::{Time, Eternity};
+	use super::{Time, Eternity, MonotonicTime};
 
 	use core::time::Duration;
 	use core::ops::Sub;
@@ -154,4 +199,11 @@ pub mod tests {
 		assert_eq!(now.elapsed(), Duration::from_secs(0));
 		assert_eq!(later - elapsed, now);
 	}
+
+	#[test]
+	fn monotonic_time_go_backward() {
+		let now = MonotonicTime::now();
+		let ten_years = Duration::from_secs(10 * 365 * 24 * 60 * 60);
+		let _past = now - ten_years;
+	}
 }