Add commit_upfront_shutdown_pubkey to ChannelHandshakeConfig #1270
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1270 +/- ##
==========================================
+ Coverage 90.41% 90.49% +0.07%
==========================================
Files 69 71 +2
Lines 38002 39053 +1051
==========================================
+ Hits 34360 35341 +981
- Misses 3642 3712 +70
Continue to review full report at Codecov.
|
lightning/src/util/config.rs
Outdated
| /// Default value: true. | ||
| pub commit_upfront_shutdown_pubkey: bool, | ||
| /// This value is moved to ChannelHandshakeConfig, optional here for old serialiization | ||
| pub commit_upfront_shutdown_pubkey: Option<bool>, |
There was a problem hiding this comment.
Lets make this pub(crate) and default to None? That way its really only used internally and we'll start defaulting to using the new one instead by seeing its None.
lightning/src/ln/channel.rs
Outdated
| @@ -5460,6 +5461,8 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<(&'a K, u32)> for Channel<Signer> | |||
| // Read the 8 bytes of backwards-compatibility ChannelConfig data. | |||
| let mut _val: u64 = Readable::read(reader)?; | |||
| } | |||
|
|
|||
| handshake_config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?; | |||
There was a problem hiding this comment.
We can't just add a new field to be read in the middle of the object - its not there in old serialized data! Instead, we should, I think, just store the commit_upfront_shutdown_pubkey field explicitly in a new boolean and load it explicitly.
|
Any update on this @matchacactus? No particular rush, but I may make some changes in this area soon that would conflict. |
im struggling with testing the writer/reader and decided to understand rust a bit more - feel free to land changes, i can rebase. |
Okay, no rush. We're also happy to answer questions, we have a #rust-101 room on slack/discord :) |
There was a problem hiding this comment.
Yea, okay, I can't blame you for getting confused here, our serialization stuff is (a) relatively poorly documented (b) not made clear what the requirements are for developers anywhere. I pushed something I believe to probably be correct at https://git.bitcoin.ninja/index.cgi?p=rust-lightning;a=shortlog;h=refs/heads/2022-02-1270-ser-backwards-compat
lightning/src/ln/channel.rs
Outdated
| @@ -5191,7 +5193,8 @@ impl<Signer: Sign> Writeable for Channel<Signer> { | |||
| self.config.forwarding_fee_proportional_millionths.write(writer)?; | |||
| self.config.cltv_expiry_delta.write(writer)?; | |||
| self.config.announced_channel.write(writer)?; | |||
| self.config.commit_upfront_shutdown_pubkey.write(writer)?; | |||
| // self.config.commit_upfront_shutdown_pubkey.write(writer)?; | |||
There was a problem hiding this comment.
Yep, this line should just be removed - we can't change the bytes written here for backwards/forwards compatibility - we currently write one byte to indicate the status of commit_upfront_shutdown_pubkey, old versions expect to read exactly one byte for it, and current versions need to read exactly one byte for it to read content written by old versions.
lightning/src/ln/channel.rs
Outdated
| } else { | ||
| // Read the 8 bytes of backwards-compatibility ChannelConfig data. | ||
| let mut _val: u64 = Readable::read(reader)?; | ||
| } | ||
|
|
||
| let channel_id = Readable::read(reader)?; | ||
| let handshake_config = Some(ChannelHandshakeConfig::default()); let channel_id = Readable::read(reader)?; |
There was a problem hiding this comment.
Note here that you're creating a fresh handshake_config with default values, never reading any data to update it, then later setting commit_upfront_shutdown_pubkey with the value from the fresh object.
lightning/src/ln/channel.rs
Outdated
| @@ -5455,13 +5458,12 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<(&'a K, u32)> for Channel<Signer> | |||
| config.as_mut().unwrap().forwarding_fee_proportional_millionths = Readable::read(reader)?; | |||
| config.as_mut().unwrap().cltv_expiry_delta = Readable::read(reader)?; | |||
| config.as_mut().unwrap().announced_channel = Readable::read(reader)?; | |||
| config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?; | |||
| // config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?; | |||
There was a problem hiding this comment.
Note that because the type of commit_upfront_shutdown_pubkey has changed from a bool (represented as a single byte) to an Option, we have to change how we read it here - otherwise we try to read a byte indicating if the value is Some or None and then try to read a second byte for the value.
matchacactus
force-pushed
the
handshake-1
branch
5 times, most recently
from
f1366d8 to
4a2cbf5
Compare
Thank you so much for taking a look. I guess I completely missed understanding how |
matchacactus
force-pushed
the
handshake-1
branch
from
1070c6d to
0de25dd
Compare
| /// lightning payments, so we never require that our counterparties support this option. | ||
| /// | ||
| /// This cannot be changed after a channel has been initialized. | ||
| /// |
There was a problem hiding this comment.
You can add "The upfront key committed is provided from [KeysInterface::get_shutdown_pubkey]".
lightning/src/ln/channel.rs
Outdated
| let mut secp_ctx = Secp256k1::new(); | ||
| secp_ctx.seeded_randomize(&keys_source.get_secure_random_bytes()); | ||
|
|
||
| Ok(Channel { | ||
| user_id, | ||
|
|
||
There was a problem hiding this comment.
nit: please drop the excess whitespace here.
lightning/src/ln/channel.rs
Outdated
| let mut preimages_opt: Option<Vec<Option<PaymentPreimage>>> = None; | ||
|
|
||
| // If we read an old Channel, for simplicity we just treat it as "we never sent an | ||
| // AnnouncementSignatures" which implies we'll re-send it on reconnect, but that's fine. | ||
| let mut announcement_sigs_state = Some(AnnouncementSigsState::NotSent); | ||
|
|
||
| let mut commit_upfront_shutdown_pubkey = None; | ||
|
|
There was a problem hiding this comment.
nit: looks like there's spare whitespace on this line.
lightning/src/ln/channel.rs
Outdated
| @@ -5939,12 +5943,14 @@ impl<'a, Signer: Sign, K: Deref> ReadableArgs<(&'a K, u32)> for Channel<Signer> | |||
| // only, so we default to that if none was written. | |||
| let mut channel_type = Some(ChannelTypeFeatures::only_static_remote_key()); | |||
| let mut channel_creation_height = Some(serialized_height); | |||
|
|
|||
There was a problem hiding this comment.
I can't leave a comment there, but on L 5717 we change the bytes read, which will break backwards compat.
config.as_mut().unwrap().commit_upfront_shutdown_pubkey = Readable::read(reader)?; is no longer reading a single bool, but instead an Option<bool> now, which is written as 2 bytes instead of 1. We should instead set it to Some(Readable::read(reader)?);
matchacactus
force-pushed
the
handshake-1
branch
2 times, most recently
from
1366c2c to
bd3f694
Compare
matchacactus
force-pushed
the
handshake-1
branch
from
bd3f694 to
b41c2fb
Compare
| @@ -269,7 +274,7 @@ impl_writeable_tlv_based!(ChannelConfig, { | |||
| (2, cltv_expiry_delta, required), | |||
| (3, force_close_avoidance_max_fee_satoshis, (default_value, 1000)), | |||
| (4, announced_channel, required), | |||
| (6, commit_upfront_shutdown_pubkey, required), | |||
| (6, commit_upfront_shutdown_pubkey, option), | |||
There was a problem hiding this comment.
Actually, this presents a backwards-compatibility concern - one thing we explicitly support in LDK is for users to downgrade (at least a version or two) and still be able to open objects serialized with the newest version. Here, if a user did that, they'd fail to read the ChannelConfig because the value went from always present (and required) to defaulting to None. We can paper over this, though, by always defaulting to creating commit_upfront_shutdown_pubkey and setting it to Some(...) but then setting the "correct" value on the write side of channel to ensure old versions read the current/new value.
|
Are you still interested in working on this, @matchacactus? |
|
Unfortunately I will not be able to work on this at this moment. Will pick
something else up in the future! Sorry for the churn.
…On Wed, Mar 9, 2022 at 12:00 PM Matt Corallo ***@***.***> wrote:
Are you still interested in working on this, @matchacactus
<https://github.com/matchacactus>?
—
Reply to this email directly, view it on GitHub
<#1270 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACLAI7KD2MVPBFCZX337NWLU7D7MFANCNFSM5MOMLAUQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
No problem! Gonna close this for now. |
|
Eventually landed rebased as #1529. |
First step for #216