Add HolderCommitmentPoint struct to ChannelContext

alecchendev · alecchendev · commit ee53ded028a0 · 2024-05-30T17:18:19.000-05:00
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -1119,6 +1119,81 @@ pub(crate) struct ShutdownResult {
 	pub(crate) channel_funding_txo: Option<OutPoint>,
 }
 
+#[derive(Debug, Copy, Clone)]
+enum HolderCommitmentPoint {
+	Uninitialized { transaction_number: u64 },
+	PendingNext { transaction_number: u64, current: PublicKey },
+	Available { transaction_number: u64, current: PublicKey, next: PublicKey },
+}
+
+impl HolderCommitmentPoint where {
+	pub fn new() -> Self {
+		HolderCommitmentPoint::Uninitialized { transaction_number: INITIAL_COMMITMENT_NUMBER }
+	}
+
+	pub fn is_available(&self) -> bool {
+		if let HolderCommitmentPoint::Available { .. } = self { true } else { false }
+	}
+
+	pub fn transaction_number(&self) -> u64 {
+		match self {
+			HolderCommitmentPoint::Uninitialized { transaction_number } => *transaction_number,
+			HolderCommitmentPoint::PendingNext { transaction_number, .. } => *transaction_number,
+			HolderCommitmentPoint::Available { transaction_number, .. } => *transaction_number,
+		}
+	}
+
+	pub fn current_point(&self) -> PublicKey {
+		match self {
+			HolderCommitmentPoint::Uninitialized { .. } => panic!("holder commitment is uninitialized"),
+			HolderCommitmentPoint::PendingNext { current, .. } => *current,
+			HolderCommitmentPoint::Available { current, .. } => *current,
+		}
+	}
+
+	pub fn next_point(&self) -> Option<PublicKey> {
+		match self {
+			HolderCommitmentPoint::Uninitialized { .. } => panic!("holder commitment is uninitialized"),
+			HolderCommitmentPoint::PendingNext { .. } => None,
+			HolderCommitmentPoint::Available { next, .. } => Some(*next),
+		}
+	}
+
+	pub fn advance<SP: Deref, L: Deref>(&self, signer: &ChannelSignerType<SP>, secp_ctx: &Secp256k1<secp256k1::All>, logger: &L) -> Self
+		where SP::Target: SignerProvider, L::Target: Logger
+	{
+		match self {
+			HolderCommitmentPoint::Available { transaction_number, next, .. } => {
+				HolderCommitmentPoint::PendingNext {
+					transaction_number: transaction_number - 1,
+					current: *next,
+				}.request_next(signer, secp_ctx, logger)
+			}
+			_ => panic!("Cannot advance holder commitment; there is no next point available")
+		}
+	}
+
+	pub fn request_next<SP: Deref, L: Deref>(&self, signer: &ChannelSignerType<SP>, secp_ctx: &Secp256k1<secp256k1::All>, logger: &L) -> Self
+		where SP::Target: SignerProvider, L::Target: Logger
+	{
+		match self {
+			HolderCommitmentPoint::Uninitialized { transaction_number } => {
+				let current = signer.as_ref().get_per_commitment_point(*transaction_number, secp_ctx);
+				log_trace!(logger, "Retrieved current per-commitment point {}", transaction_number);
+				HolderCommitmentPoint::PendingNext { transaction_number: *transaction_number, current }.request_next(signer, secp_ctx, logger)
+				// TODO: handle error case when get_per_commitment_point becomes async
+			}
+			HolderCommitmentPoint::PendingNext { transaction_number, current } => {
+				let next = signer.as_ref().get_per_commitment_point(transaction_number - 1, secp_ctx);
+				log_trace!(logger, "Retrieved next per-commitment point {}", transaction_number - 1);
+				HolderCommitmentPoint::Available { transaction_number: *transaction_number, current: *current, next }
+				// TODO: handle error case when get_per_commitment_point becomes async
+			}
+			HolderCommitmentPoint::Available { .. } => *self,
+		}
+	}
+}
+
 /// If the majority of the channels funds are to the fundee and the initiator holds only just
 /// enough funds to cover their reserve value, channels are at risk of getting "stuck". Because the
 /// initiator controls the feerate, if they then go to increase the channel fee, they may have no
@@ -1297,6 +1372,7 @@ pub(super) struct ChannelContext<SP: Deref> where SP::Target: SignerProvider {
 	// generation start at 0 and count up...this simplifies some parts of implementation at the
 	// cost of others, but should really just be changed.
 
+	holder_commitment_point: HolderCommitmentPoint,
 	cur_holder_commitment_transaction_number: u64,
 	cur_counterparty_commitment_transaction_number: u64,
 	value_to_self_msat: u64, // Excluding all pending_htlcs, fees, and anchor outputs
@@ -1739,6 +1815,9 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider  {
 
 		let value_to_self_msat = our_funding_satoshis * 1000 + msg_push_msat;
 
+		let holder_signer = ChannelSignerType::Ecdsa(holder_signer);
+		let holder_commitment_point = HolderCommitmentPoint::new().request_next(&holder_signer, &secp_ctx, &&logger);
+
 		// TODO(dual_funding): Checks for `funding_feerate_sat_per_1000_weight`?
 
 		let channel_context = ChannelContext {
@@ -1764,10 +1843,11 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider  {
 
 			latest_monitor_update_id: 0,
 
-			holder_signer: ChannelSignerType::Ecdsa(holder_signer),
+			holder_signer,
 			shutdown_scriptpubkey,
 			destination_script,
 
+			holder_commitment_point,
 			cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
 			cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
 			value_to_self_msat,
@@ -1965,6 +2045,9 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider  {
 
 		let temporary_channel_id = temporary_channel_id.unwrap_or_else(|| ChannelId::temporary_from_entropy_source(entropy_source));
 
+		let holder_signer = ChannelSignerType::Ecdsa(holder_signer);
+		let holder_commitment_point = HolderCommitmentPoint::new().request_next(&holder_signer, &secp_ctx, logger);
+
 		Ok(Self {
 			user_id,
 
@@ -1988,10 +2071,11 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider  {
 
 			latest_monitor_update_id: 0,
 
-			holder_signer: ChannelSignerType::Ecdsa(holder_signer),
+			holder_signer,
 			shutdown_scriptpubkey,
 			destination_script,
 
+			holder_commitment_point,
 			cur_holder_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
 			cur_counterparty_commitment_transaction_number: INITIAL_COMMITMENT_NUMBER,
 			value_to_self_msat,
@@ -8783,6 +8867,9 @@ impl<SP: Deref> Writeable for Channel<SP> where SP::Target: SignerProvider {
 			monitor_pending_update_adds = Some(&self.context.monitor_pending_update_adds);
 		}
 
+		let cur_holder_commitment_point = self.context.holder_commitment_point.current_point();
+		let next_holder_commitment_point = self.context.holder_commitment_point.next_point();
+
 		write_tlv_fields!(writer, {
 			(0, self.context.announcement_sigs, option),
 			// minimum_depth and counterparty_selected_channel_reserve_satoshis used to have a
@@ -8819,7 +8906,8 @@ impl<SP: Deref> Writeable for Channel<SP> where SP::Target: SignerProvider {
 			(39, pending_outbound_blinding_points, optional_vec),
 			(41, holding_cell_blinding_points, optional_vec),
 			(43, malformed_htlcs, optional_vec), // Added in 0.0.119
-			// 45 and 47 are reserved for async signing
+			(45, cur_holder_commitment_point, required),
+			(47, next_holder_commitment_point, option),
 			(49, self.context.local_initiated_shutdown, option), // Added in 0.0.122
 		});
 
@@ -9130,6 +9218,9 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 		let mut malformed_htlcs: Option<Vec<(u64, u16, [u8; 32])>> = None;
 		let mut monitor_pending_update_adds: Option<Vec<msgs::UpdateAddHTLC>> = None;
 
+		let mut cur_holder_commitment_point_opt: Option<PublicKey> = None;
+		let mut next_holder_commitment_point_opt: Option<PublicKey> = None;
+
 		read_tlv_fields!(reader, {
 			(0, announcement_sigs, option),
 			(1, minimum_depth, option),
@@ -9160,7 +9251,8 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 			(39, pending_outbound_blinding_points_opt, optional_vec),
 			(41, holding_cell_blinding_points_opt, optional_vec),
 			(43, malformed_htlcs, optional_vec), // Added in 0.0.119
-			// 45 and 47 are reserved for async signing
+			(45, cur_holder_commitment_point_opt, option),
+			(47, next_holder_commitment_point_opt, option),
 			(49, local_initiated_shutdown, option),
 		});
 
@@ -9272,6 +9364,21 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 			}
 		}
 
+		// If we're restoring this channel for the first time after an upgrade, then we require that the
+		// signer be available so that we can immediately populate the current commitment point. Channel
+		// restoration will fail if this is not possible.
+		let holder_commitment_point = match (cur_holder_commitment_point_opt, next_holder_commitment_point_opt) {
+			(Some(current), Some(next)) => HolderCommitmentPoint::Available {
+				transaction_number: cur_holder_commitment_transaction_number, current, next
+			},
+			(Some(current), _) => HolderCommitmentPoint::PendingNext {
+				transaction_number: cur_holder_commitment_transaction_number, current
+			},
+			(_, _) => HolderCommitmentPoint::Uninitialized {
+				transaction_number: cur_holder_commitment_transaction_number
+			}
+		};
+
 		Ok(Channel {
 			context: ChannelContext {
 				user_id,
@@ -9297,6 +9404,7 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 				shutdown_scriptpubkey,
 				destination_script,
 
+				holder_commitment_point,
 				cur_holder_commitment_transaction_number,
 				cur_counterparty_commitment_transaction_number,
 				value_to_self_msat,
