Skip to content

Commit 5a90f01

Browse files
committed
Use CLOSED_CHANNEL_UPDATE_ID in force closing ChannelMonitorUpdates
Currently, all that is required to force close a channel is to broadcast either of the available commitment transactions, but this changes with anchor outputs – commitment transactions may need to have additional fees attached in order to confirm in a timely manner. While we may be able to just queue a new update using the channel's next available update ID, this may result in a violation of the `ChannelMonitor` API (each update ID must strictly increase by 1) if the channel had updates that were persisted by its `ChannelMonitor`, but not the `ChannelManager`. Therefore, we choose to re-purpose the existing `CLOSED_CHANNEL_UPDATE_ID` update ID to also apply to `ChannelMonitorUpdate`s that will force close their respective channel by broadcasting the holder's latest commitment transaction.
1 parent 14ee173 commit 5a90f01

File tree

3 files changed

+23
-15
lines changed

3 files changed

+23
-15
lines changed

lightning-persister/src/lib.rs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -141,6 +141,7 @@ mod tests {
141141
use bitcoin::{Txid, TxMerkleNode};
142142
use lightning::chain::ChannelMonitorUpdateStatus;
143143
use lightning::chain::chainmonitor::Persist;
144+
use lightning::chain::channelmonitor::CLOSED_CHANNEL_UPDATE_ID;
144145
use lightning::chain::transaction::OutPoint;
145146
use lightning::{check_closed_broadcast, check_closed_event, check_added_monitors};
146147
use lightning::ln::functional_test_utils::*;
@@ -253,7 +254,7 @@ mod tests {
253254
check_added_monitors!(nodes[1], 1);
254255

255256
// Make sure everything is persisted as expected after close.
256-
check_persisted_data!(11);
257+
check_persisted_data!(CLOSED_CHANNEL_UPDATE_ID);
257258
}
258259

259260
// Test that if the persister's path to channel data is read-only, writing a

lightning/src/chain/channelmonitor.rs

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -76,27 +76,30 @@ pub struct ChannelMonitorUpdate {
7676
pub(crate) updates: Vec<ChannelMonitorUpdateStep>,
7777
/// The sequence number of this update. Updates *must* be replayed in-order according to this
7878
/// sequence number (and updates may panic if they are not). The update_id values are strictly
79-
/// increasing and increase by one for each new update, with one exception specified below.
79+
/// increasing and increase by one for each new update, with two exceptions specified below.
8080
///
8181
/// This sequence number is also used to track up to which points updates which returned
8282
/// [`ChannelMonitorUpdateStatus::InProgress`] have been applied to all copies of a given
8383
/// ChannelMonitor when ChannelManager::channel_monitor_updated is called.
8484
///
85-
/// The only instance where update_id values are not strictly increasing is the case where we
86-
/// allow post-force-close updates with a special update ID of [`CLOSED_CHANNEL_UPDATE_ID`]. See
87-
/// its docs for more details.
85+
/// The only instances we allow where update_id values are not strictly increasing have a
86+
/// special update ID of [`CLOSED_CHANNEL_UPDATE_ID`]. This update ID is used for updates that
87+
/// will force close the channel by broadcasting the latest commitment transaction or
88+
/// special post-force-close updates, like providing preimages necessary to claim outputs on the
89+
/// broadcast commitment transaction. See its docs for more details.
8890
///
8991
/// [`ChannelMonitorUpdateStatus::InProgress`]: super::ChannelMonitorUpdateStatus::InProgress
9092
pub update_id: u64,
9193
}
9294

93-
/// If:
94-
/// (1) a channel has been force closed and
95-
/// (2) we receive a preimage from a forward link that allows us to spend an HTLC output on
96-
/// this channel's (the backward link's) broadcasted commitment transaction
97-
/// then we allow the `ChannelManager` to send a `ChannelMonitorUpdate` with this update ID,
98-
/// with the update providing said payment preimage. No other update types are allowed after
99-
/// force-close.
95+
/// The update ID used for a [`ChannelMonitorUpdate`] that is either:
96+
///
97+
/// (1) attempting to force close the channel by broadcasting our latest commitment transaction or
98+
/// (2) providing a preimage (after the channel has been force closed) from a forward link that
99+
/// allows us to spend an HTLC output on this channel's (the backward link's) broadcasted
100+
/// commitment transaction.
101+
///
102+
/// No other [`ChannelMonitorUpdate`]s are allowed after force-close.
100103
pub const CLOSED_CHANNEL_UPDATE_ID: u64 = core::u64::MAX;
101104

102105
impl Writeable for ChannelMonitorUpdate {
@@ -2272,7 +2275,11 @@ impl<Signer: WriteableEcdsaChannelSigner> ChannelMonitorImpl<Signer> {
22722275
if updates.update_id == CLOSED_CHANNEL_UPDATE_ID {
22732276
assert_eq!(updates.updates.len(), 1);
22742277
match updates.updates[0] {
2275-
ChannelMonitorUpdateStep::PaymentPreimage { .. } => {},
2278+
ChannelMonitorUpdateStep::ChannelForceClosed { .. } => {},
2279+
// We should have already seen a `ChannelForceClosed` update if we're trying to
2280+
// provide a preimage at this point.
2281+
ChannelMonitorUpdateStep::PaymentPreimage { .. } =>
2282+
debug_assert_eq!(self.latest_update_id, CLOSED_CHANNEL_UPDATE_ID),
22762283
_ => {
22772284
log_error!(logger, "Attempted to apply post-force-close ChannelMonitorUpdate of type {}", updates.updates[0].variant_name());
22782285
panic!("Attempted to apply post-force-close ChannelMonitorUpdate that wasn't providing a payment preimage");

lightning/src/ln/channel.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ use crate::ln::chan_utils;
3333
use crate::ln::onion_utils::HTLCFailReason;
3434
use crate::chain::BestBlock;
3535
use crate::chain::chaininterface::{FeeEstimator, ConfirmationTarget, LowerBoundedFeeEstimator};
36-
use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, ChannelMonitorUpdateStep, LATENCY_GRACE_PERIOD_BLOCKS};
36+
use crate::chain::channelmonitor::{ChannelMonitor, ChannelMonitorUpdate, ChannelMonitorUpdateStep, LATENCY_GRACE_PERIOD_BLOCKS, CLOSED_CHANNEL_UPDATE_ID};
3737
use crate::chain::transaction::{OutPoint, TransactionData};
3838
use crate::chain::keysinterface::{WriteableEcdsaChannelSigner, EntropySource, ChannelSigner, SignerProvider, NodeSigner, Recipient};
3939
use crate::routing::gossip::NodeId;
@@ -6081,7 +6081,7 @@ impl<Signer: WriteableEcdsaChannelSigner> Channel<Signer> {
60816081
// monitor update to the user, even if we return one).
60826082
// See test_duplicate_chan_id and test_pre_lockin_no_chan_closed_update for more.
60836083
if self.channel_state & (ChannelState::FundingSent as u32 | ChannelState::ChannelReady as u32 | ChannelState::ShutdownComplete as u32) != 0 {
6084-
self.latest_monitor_update_id += 1;
6084+
self.latest_monitor_update_id = CLOSED_CHANNEL_UPDATE_ID;
60856085
Some((funding_txo, ChannelMonitorUpdate {
60866086
update_id: self.latest_monitor_update_id,
60876087
updates: vec![ChannelMonitorUpdateStep::ChannelForceClosed { should_broadcast }],

0 commit comments

Comments
 (0)