Implement bumping engine in ChannelMonitor::block_connected

Add RBF-bumping of justice txn, given they are only signed by us we
can RBF at wish.

Aggregation of bump-candidates and more aggresive bumping heuristics
are left open

Fix tests broken by introduction of more txn broadcast.
Some tests may have a relaxed check (claim_htlc_ouputs_single_tx)
as broadcast bumped txn are now interwining in previous broadcast ones
and breaking simple expectations

Author: Antoine Riard

lightning/src/ln/channelmonitor.rs

@@ -34,7 +34,7 @@ use ln::chan_utils;
 use ln::chan_utils::HTLCOutputInCommitment;
 use ln::channelmanager::{HTLCSource, PaymentPreimage, PaymentHash};
 use ln::channel::{ACCEPTED_HTLC_SCRIPT_WEIGHT, OFFERED_HTLC_SCRIPT_WEIGHT};
-use chain::chaininterface::{ChainListener, ChainWatchInterface, BroadcasterInterface, FeeEstimator, ConfirmationTarget};
+use chain::chaininterface::{ChainListener, ChainWatchInterface, BroadcasterInterface, FeeEstimator, ConfirmationTarget, MIN_RELAY_FEE_SAT_PER_1000_WEIGHT};
 use chain::transaction::OutPoint;
 use chain::keysinterface::SpendableOutputDescriptor;
 use util::logger::Logger;
@@ -2297,6 +2297,22 @@ impl ChannelMonitor {
 				}
 			}
 		}
+		let mut bump_candidates = Vec::new();
+		for (lead_outpoint, ref mut cached_claim_datas) in self.our_claim_txn_waiting_first_conf.iter_mut() {
+			if cached_claim_datas.height_timer == height {
+				bump_candidates.push((lead_outpoint.clone(), cached_claim_datas.clone()));
+			}
+		}
+		for &mut (lead_outpoint, ref mut cached_claim_datas) in bump_candidates.iter_mut() {
+			if let Some((new_timer, new_feerate, bump_tx)) = self.bump_claim_tx(height, &lead_outpoint, &cached_claim_datas, fee_estimator) {
+				cached_claim_datas.height_timer = new_timer;
+				cached_claim_datas.feerate_previous = new_feerate;
+				broadcaster.broadcast_transaction(&bump_tx);
+			}
+		}
+		for (lead_outpoint, cached_claim_datas) in bump_candidates.drain(..) {
+			self.our_claim_txn_waiting_first_conf.insert(lead_outpoint, cached_claim_datas);
+		}
 		self.last_block_hash = block_hash.clone();
 		(watch_outputs, spendable_outputs, htlc_updated)
 	}
@@ -2510,6 +2526,129 @@ impl ChannelMonitor {
 		}
 		htlc_updated
 	}
+
+	/// Lightning security model (i.e being able to redeem/timeout HTLC or penalize coutnerparty onchain) lays on the assumption of claim transactions getting confirmed before timelock expiration
+	/// (CSV or CLTV following cases). In case of high-fee spikes, claim tx may stuck in the mempool, so you need to bump its feerate quickly using Replace-By-Fee or Child-Pay-For-Parent.
+	fn bump_claim_tx(&self, height: u32, outp: &BitcoinOutPoint, cached_claim_datas: &ClaimTxBumpMaterial, fee_estimator: &FeeEstimator) -> Option<(u32, u64, Transaction)> {
+		let mut inputs = Vec::new();
+		for vout in cached_claim_datas.per_input_material.keys() {
+			inputs.push(TxIn {
+				previous_output: BitcoinOutPoint {
+					txid: outp.txid,
+					vout: *vout,
+				},
+				script_sig: Script::new(),
+				sequence: 0xfffffffd,
+				witness: Vec::new(),
+			});
+		}
+		let mut bumped_tx = Transaction {
+			version: 2,
+			lock_time: 0,
+			input: inputs,
+			output: vec![TxOut {
+				script_pubkey: self.destination_script.clone(),
+				value: 0
+			}],
+		};
+
+		macro_rules! RBF_bump {
+			($amount: expr, $old_feerate: expr, $fee_estimator: expr, $predicted_weight: expr, $txid: expr) => {
+				{
+					let mut used_feerate;
+					// If old feerate inferior to actual one given back by Fee Estimator, use it to compute new fee...
+					let new_fee = if $old_feerate < $fee_estimator.get_est_sat_per_1000_weight(ConfirmationTarget::HighPriority) {
+						let mut value = $amount;
+						if subtract_high_prio_fee!(self, $fee_estimator, value, $predicted_weight, outp.txid, used_feerate) {
+							// Overflow check is done in subtract_high_prio_fee
+							$amount - value
+						} else {
+							log_trace!(self, "Can't new-estimation bump claiming on {}, amount {} is too small", $txid, $amount);
+							return None;
+						}
+					// ...else just increase the previous feerate by 25% (because that's a nice number)
+					} else {
+						let fee = $old_feerate * $predicted_weight / 750;
+						if $amount <= fee {
+							log_trace!(self, "Can't 25% bump claiming on {}, amount {} is too small", $txid, $amount);
+							return None;
+						}
+						fee
+					};
+
+					let previous_fee = $old_feerate * $predicted_weight / 1000;
+					let min_relay_fee = MIN_RELAY_FEE_SAT_PER_1000_WEIGHT * $predicted_weight / 1000;
+					// BIP 125 Opt-in Full Replace-by-Fee Signaling
+					// 	* 3. The replacement transaction pays an absolute fee of at least the sum paid by the original transactions.
+					//	* 4. The replacement transaction must also pay for its own bandwidth at or above the rate set by the node's minimum relay fee setting.
+					let new_fee = if new_fee < previous_fee + min_relay_fee {
+						new_fee + previous_fee + min_relay_fee - new_fee
+					} else {
+						new_fee
+					};
+					Some((new_fee, new_fee * 1000 / $predicted_weight))
+				}
+			}
+		}
+
+		let new_timer = Self::get_height_timer(height, cached_claim_datas.soonest_timelock);
+		let mut inputs_witnesses_weight = 0;
+		let mut amt = 0;
+		for per_outp_material in cached_claim_datas.per_input_material.values() {
+			match per_outp_material {
+				&InputMaterial::Revoked { ref script, ref is_htlc, ref amount, .. } => {
+					inputs_witnesses_weight += Self::get_witnesses_weight(if !is_htlc { &[InputDescriptors::RevokedOutput] } else if script.len() == OFFERED_HTLC_SCRIPT_WEIGHT { &[InputDescriptors::RevokedOfferedHTLC] } else if script.len() == ACCEPTED_HTLC_SCRIPT_WEIGHT { &[InputDescriptors::RevokedReceivedHTLC] } else { &[] });
+					amt += *amount;
+				},
+				&InputMaterial::RemoteHTLC { .. } => { return None; },
+				&InputMaterial::LocalHTLC { .. } => { return None; }
+			}
+		}
+		assert!(amt != 0);
+
+		let predicted_weight = bumped_tx.get_weight() + inputs_witnesses_weight;
+		let new_feerate;
+		if let Some((new_fee, feerate)) = RBF_bump!(amt, cached_claim_datas.feerate_previous, fee_estimator, predicted_weight as u64, outp.txid) {
+			// If new computed fee is superior at the whole claimable amount burn all in fees
+			if new_fee > amt {
+				bumped_tx.output[0].value = 0;
+			} else {
+				bumped_tx.output[0].value = amt - new_fee;
+			}
+			new_feerate = feerate;
+		} else {
+			return None;
+		}
+		assert!(new_feerate != 0);
+
+		for (i, (vout, per_outp_material)) in cached_claim_datas.per_input_material.iter().enumerate() {
+			match per_outp_material {
+				&InputMaterial::Revoked { ref script, ref pubkey, ref key, ref is_htlc, ref amount } => {
+					let sighash_parts = bip143::SighashComponents::new(&bumped_tx);
+					let sighash = hash_to_message!(&sighash_parts.sighash_all(&bumped_tx.input[i], &script, *amount)[..]);
+					let sig = self.secp_ctx.sign(&sighash, &key);
+					bumped_tx.input[i].witness.push(sig.serialize_der().to_vec());
+					bumped_tx.input[i].witness[0].push(SigHashType::All as u8);
+					if *is_htlc {
+						bumped_tx.input[i].witness.push(pubkey.unwrap().clone().serialize().to_vec());
+					} else {
+						bumped_tx.input[i].witness.push(vec!(1));
+					}
+					bumped_tx.input[i].witness.push(script.clone().into_bytes());
+					log_trace!(self, "Going to broadcast bumped Penalty Transaction {} claiming revoked {} output {} from {} with new feerate {}", bumped_tx.txid(), if !is_htlc { "to_local" } else if script.len() == OFFERED_HTLC_SCRIPT_WEIGHT { "offered" } else if script.len() == ACCEPTED_HTLC_SCRIPT_WEIGHT { "received" } else { "" }, vout, outp.txid, new_feerate);
+				},
+				&InputMaterial::RemoteHTLC { .. } => {},
+				&InputMaterial::LocalHTLC { .. } => {
+					//TODO : Given that Local Commitment Transaction and HTLC-Timeout/HTLC-Success are counter-signed by peer, we can't
+					// RBF them. Need a Lightning specs change and package relay modification :
+					// https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-November/016518.html
+					return None;
+				}
+			}
+		}
+		assert!(predicted_weight >= bumped_tx.get_weight());
+		Some((new_timer, new_feerate, bumped_tx))
+	}
 }
 
 const MAX_ALLOC_SIZE: usize = 64*1024;

lightning/src/ln/functional_tests.rs

@@ -1884,6 +1884,7 @@ fn test_justice_tx() {
 
 			check_spends!(node_txn[0], revoked_local_txn[0].clone());
 			node_txn.swap_remove(0);
+			node_txn.truncate(1);
 		}
 		test_txn_broadcast(&nodes[1], &chan_5, None, HTLCType::NONE);
 
@@ -1901,6 +1902,10 @@ fn test_justice_tx() {
 	// We test justice_tx build by A on B's revoked HTLC-Success tx
 	// Create some new channels:
 	let chan_6 = create_announced_chan_between_nodes(&nodes, 0, 1, LocalFeatures::new(), LocalFeatures::new());
+	{
+		let mut node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap();
+		node_txn.clear();
+	}
 
 	// A pending HTLC which will be revoked:
 	let payment_preimage_4 = route_payment(&nodes[0], &vec!(&nodes[1])[..], 3000000).0;
@@ -2078,7 +2083,7 @@ fn claim_htlc_outputs_single_tx() {
 		}
 
 		let node_txn = nodes[1].tx_broadcaster.txn_broadcasted.lock().unwrap();
-		assert_eq!(node_txn.len(), 22); // ChannelManager : 2, ChannelMontitor: 8 (1 standard revoked output, 2 revocation htlc tx, 1 local commitment tx + 1 htlc timeout tx) * 2 (block-rescan) + 5 * (1 local commitment tx + 1 htlc timeout tx)
+		assert_eq!(node_txn.len(), 24); // ChannelManager : 2, ChannelMontitor: 8 (1 standard revoked output, 2 revocation htlc tx, 1 local commitment tx + 1 htlc timeout tx) * 2 (block-rescan) + 5 * (1 local commitment tx + 1 htlc timeout tx)
 
 		assert_eq!(node_txn[0], node_txn[7]);
 		assert_eq!(node_txn[1], node_txn[8]);
@@ -2088,10 +2093,6 @@ fn claim_htlc_outputs_single_tx() {
 		assert_eq!(node_txn[3], node_txn[5]); //local commitment tx + htlc timeout tx broadcasted by ChannelManger
 		assert_eq!(node_txn[4], node_txn[6]);
 
-		for i in 12..22 {
-			if i % 2 == 0 { assert_eq!(node_txn[3], node_txn[i]); } else { assert_eq!(node_txn[4], node_txn[i]); }
-		}
-
 		assert_eq!(node_txn[0].input.len(), 1);
 		assert_eq!(node_txn[1].input.len(), 1);
 		assert_eq!(node_txn[2].input.len(), 1);