@ -74,15 +74,6 @@ static struct bitcoin_tx *close_tx(const tal_t *ctx,
return tx ;
}
static u64 one_towards ( u64 target , u64 value )
{
if ( value > target )
return value - 1 ;
else if ( value < target )
return value + 1 ;
return value ;
}
/* Handle random messages we might get, returning the first non-handled one. */
static u8 * closing_read_peer_msg ( const tal_t * ctx ,
struct crypto_state * cs ,
@ -157,82 +148,24 @@ static void do_reconnect(struct crypto_state *cs,
tal_free ( tmpctx ) ;
}
int main ( int argc , char * argv [ ] )
static void send_offer ( struct crypto_state * cs ,
const struct channel_id * channel_id ,
const struct pubkey funding_pubkey [ NUM_SIDES ] ,
const u8 * funding_wscript ,
u8 * scriptpubkey [ NUM_SIDES ] ,
const struct bitcoin_txid * funding_txid ,
unsigned int funding_txout ,
u64 funding_satoshi ,
const u64 satoshi_out [ NUM_SIDES ] ,
enum side funder ,
uint64_t our_dust_limit ,
const struct secrets * secrets ,
uint64_t fee_to_offer )
{
struct crypto_state cs ;
const tal_t * ctx = tal_tmpctx ( NULL ) ;
u8 * msg ;
struct privkey seed ;
struct pubkey funding_pubkey [ NUM_SIDES ] ;
struct bitcoin_txid funding_txid ;
u16 funding_txout ;
u64 funding_satoshi , satoshi_out [ NUM_SIDES ] ;
u64 our_dust_limit ;
u64 minfee , feelimit , maxfee , sent_fee ;
s64 last_received_fee = - 1 ;
enum side funder ;
u8 * scriptpubkey [ NUM_SIDES ] , * funding_wscript ;
struct channel_id channel_id ;
struct secrets secrets ;
secp256k1_ecdsa_signature sig ;
bool reconnected ;
u64 next_index [ NUM_SIDES ] , revocations_received ;
u64 gossip_index ;
subdaemon_setup ( argc , argv ) ;
status_setup_sync ( REQ_FD ) ;
msg = wire_sync_read ( ctx , REQ_FD ) ;
if ( ! fromwire_closing_init ( ctx , msg , NULL ,
& cs , & gossip_index , & seed ,
& funding_txid , & funding_txout ,
& funding_satoshi ,
& funding_pubkey [ REMOTE ] ,
& funder ,
& satoshi_out [ LOCAL ] ,
& satoshi_out [ REMOTE ] ,
& our_dust_limit ,
& minfee , & maxfee , & sent_fee ,
& scriptpubkey [ LOCAL ] ,
& scriptpubkey [ REMOTE ] ,
& reconnected ,
& next_index [ LOCAL ] ,
& next_index [ REMOTE ] ,
& revocations_received ) )
master_badmsg ( WIRE_CLOSING_INIT , msg ) ;
status_trace ( " satoshi_out = % " PRIu64 " /% " PRIu64 ,
satoshi_out [ LOCAL ] , satoshi_out [ REMOTE ] ) ;
status_trace ( " dustlimit = % " PRIu64 , our_dust_limit ) ;
status_trace ( " fee = % " PRIu64 , sent_fee ) ;
derive_channel_id ( & channel_id , & funding_txid , funding_txout ) ;
derive_basepoints ( & seed , & funding_pubkey [ LOCAL ] , NULL ,
& secrets , NULL ) ;
funding_wscript = bitcoin_redeem_2of2 ( ctx ,
& funding_pubkey [ LOCAL ] ,
& funding_pubkey [ REMOTE ] ) ;
if ( reconnected )
do_reconnect ( & cs , & channel_id , next_index , revocations_received ) ;
/* BOLT #2:
*
* Nodes SHOULD send a ` closing_signed ` message after ` shutdown ` has
* been received and no HTLCs remain in either commitment transaction .
*/
/* BOLT #2:
*
* On reconnection , . . . if the node has sent a previous
* ` closing_signed ` it MUST send another ` closing_signed ` , otherwise
* if the node has sent a previous ` shutdown ` it MUST retransmit it .
*/
for ( ; ; ) {
const tal_t * tmpctx = tal_tmpctx ( ctx ) ;
const tal_t * tmpctx = tal_tmpctx ( NULL ) ;
struct bitcoin_tx * tx ;
u64 received_fee , limit_fee , new_fee ;
secp256k1_ecdsa_signature our_sig ;
u8 * msg ;
/* BOLT #2:
*
@ -240,12 +173,13 @@ int main(int argc, char *argv[])
* the close transaction as specified in [ BOLT
* # 3 ] ( 03 - transactions . md # closing - transaction ) .
*/
tx = close_tx ( tmpctx , & cs , & channel_id ,
tx = close_tx ( tmpctx , cs , channel_id ,
scriptpubkey ,
& funding_txid ,
funding_txid ,
funding_txout ,
funding_satoshi ,
satoshi_out , funder , sent_fee , our_dust_limit ) ;
satoshi_out ,
funder , fee_to_offer , our_dust_limit ) ;
/* BOLT #3:
*
@ -256,25 +190,61 @@ int main(int argc, char *argv[])
*/
/* (We don't do this). */
sign_tx_input ( tx , 0 , NULL , funding_wscript ,
& secrets . funding_privkey ,
& secrets - > funding_privkey ,
& funding_pubkey [ LOCAL ] ,
& sig ) ;
& our_ sig) ;
status_trace ( " sending fee offer % " PRIu64 , sent_fee ) ;
status_trace ( " sending fee offer % " PRIu64 , fee_to_offer ) ;
/* Now send closing offer */
msg = towire_closing_signed ( tmpctx , & channel_id , sent_fee , & sig ) ;
if ( ! sync_crypto_write ( & cs , PEER_FD , take ( msg ) ) )
msg = towire_closing_signed ( tmpctx , channel_id , fee_to_offer , & our_sig ) ;
if ( ! sync_crypto_write ( cs , PEER_FD , take ( msg ) ) )
status_failed ( STATUS_FAIL_PEER_IO ,
" Writing closing_signed " ) ;
/* Did we just agree with them? If so, we're done. */
if ( sent_fee = = last_received_fee )
break ;
tal_free ( tmpctx ) ;
}
static void tell_master_their_offer ( u64 their_offer ,
const secp256k1_ecdsa_signature * their_sig ,
const struct bitcoin_tx * tx )
{
u8 * msg = towire_closing_received_signature ( NULL , their_sig , tx ) ;
if ( ! wire_sync_write ( REQ_FD , take ( msg ) ) )
status_failed ( STATUS_FAIL_MASTER_IO ,
" Writing received to master: %s " ,
strerror ( errno ) ) ;
/* Wait for master to ack, to make sure it's in db. */
msg = wire_sync_read ( NULL , REQ_FD ) ;
if ( ! fromwire_closing_received_signature_reply ( msg , NULL ) )
master_badmsg ( WIRE_CLOSING_RECEIVED_SIGNATURE_REPLY , msg ) ;
tal_free ( msg ) ;
}
/* Returns fee they offered. */
static uint64_t receive_offer ( struct crypto_state * cs ,
const struct channel_id * channel_id ,
const struct pubkey funding_pubkey [ NUM_SIDES ] ,
const u8 * funding_wscript ,
u8 * scriptpubkey [ NUM_SIDES ] ,
const struct bitcoin_txid * funding_txid ,
unsigned int funding_txout ,
u64 funding_satoshi ,
const u64 satoshi_out [ NUM_SIDES ] ,
enum side funder ,
uint64_t our_dust_limit ,
u64 min_fee_to_accept )
{
const tal_t * tmpctx = tal_tmpctx ( NULL ) ;
u8 * msg ;
struct channel_id their_channel_id ;
u64 received_fee ;
secp256k1_ecdsa_signature their_sig ;
struct bitcoin_tx * tx ;
again :
/* Wait for them to say something interesting */
msg = closing_read_peer_msg ( tmpctx , & cs , & channel_id ) ;
do {
msg = closing_read_peer_msg ( tmpctx , cs , channel_id ) ;
/* BOLT #2:
*
@ -283,24 +253,20 @@ int main(int argc, char *argv[])
*/
/* This should only happen if we've made no commitments, but
* we don ' t have to check that : it ' s their problem . */
if ( fromwire_peektype ( msg ) = = WIRE_FUNDING_LOCKED ) {
tal_free ( msg ) ;
goto again ;
}
if ( fromwire_peektype ( msg ) = = WIRE_FUNDING_LOCKED )
msg = tal_free ( msg ) ;
/* BOLT #2:
*
* . . . if the node has sent a previous ` shutdown ` it MUST
* retransmit it .
*/
if ( fromwire_peektype ( msg ) = = WIRE_SHUTDOWN ) {
tal_free ( msg ) ;
goto again ;
}
else if ( fromwire_peektype ( msg ) = = WIRE_SHUTDOWN )
msg = tal_free ( msg ) ;
} while ( ! msg ) ;
if ( ! fromwire_closing_signed ( msg , NULL , & channel_id ,
& received_fee , & sig ) )
peer_failed ( PEER_FD , & cs , & channel_id ,
if ( ! fromwire_closing_signed ( msg , NULL , & their_ channel_id,
& received_fee , & their_ sig) )
peer_failed ( PEER_FD , cs , channel_id ,
" Expected closing_signed: %s " ,
tal_hex ( trc , msg ) ) ;
@ -311,15 +277,15 @@ int main(int argc, char *argv[])
* # 3 ] ( 03 - transactions . md # closing - transaction ) , and MUST fail
* the connection if it is not .
*/
tx = close_tx ( tmpctx , & cs , & channel_id ,
tx = close_tx ( tmpctx , cs , channel_id ,
scriptpubkey ,
& funding_txid ,
funding_txid ,
funding_txout ,
funding_satoshi ,
satoshi_out , funder , received_fee , our_dust_limit ) ;
if ( ! check_tx_sig ( tx , 0 , NULL , funding_wscript ,
& funding_pubkey [ REMOTE ] , & sig ) ) {
& funding_pubkey [ REMOTE ] , & their_ sig) ) {
/* Trim it by reducing their output to minimum */
struct bitcoin_tx * trimmed ;
u64 trimming_satoshi_out [ NUM_SIDES ] ;
@ -332,23 +298,22 @@ int main(int argc, char *argv[])
/* BOLT #3:
*
* Each node offering a signature MUST subtract the
* fee given by ` fee_satoshis ` from the output to the
* funder ; it MUST then remove any output below its
* own ` dust_limit_satoshis ` , and MAY also eliminate
* its own output .
* Each node offering a signature MUST subtract the fee given
* by ` fee_satoshis ` from the output to the funder ; it MUST
* then remove any output below its own ` dust_limit_satoshis ` ,
* and MAY also eliminate its own output .
*/
trimmed = close_tx ( tmpctx , & cs , & channel_id ,
trimmed = close_tx ( tmpctx , cs , channel_id ,
scriptpubkey ,
& funding_txid ,
funding_txid ,
funding_txout ,
funding_satoshi ,
trimming_satoshi_out ,
funder , received_fee , our_dust_limit ) ;
if ( ! trimmed
| | ! check_tx_sig ( trimmed , 0 , NULL , funding_wscript ,
& funding_pubkey [ REMOTE ] , & sig ) ) {
peer_failed ( PEER_FD , & cs , & channel_id ,
& funding_pubkey [ REMOTE ] , & their_ sig) ) {
peer_failed ( PEER_FD , cs , channel_id ,
" Bad closing_signed signature for "
" %s (and trimmed version %s) " ,
type_to_string ( tmpctx ,
@ -365,103 +330,222 @@ int main(int argc, char *argv[])
status_trace ( " Received fee offer % " PRIu64 , received_fee ) ;
/* BOLT #2:
*
* Otherwise , the recipient MUST fail the connection if
* ` fee_satoshis ` is greater than the base fee of the final
* commitment transaction as calculated in [ BOLT # 3 ] */
if ( received_fee > maxfee )
peer_failed ( PEER_FD , & cs , & channel_id ,
" Bad closing_signed fee % " PRIu64 " > % " PRIu64 ,
received_fee , maxfee ) ;
/* Is fee reasonable? Tell master. */
if ( received_fee < minfee ) {
status_trace ( " Fee too low, below % " PRIu64 , minfee ) ;
limit_fee = minfee ;
} else {
status_trace ( " Fee accepted. " ) ;
msg = towire_closing_received_signature ( tmpctx ,
& sig , tx ) ;
if ( ! wire_sync_write ( REQ_FD , take ( msg ) ) )
status_failed ( STATUS_FAIL_MASTER_IO ,
" Writing received to master: %s " ,
strerror ( errno ) ) ;
msg = wire_sync_read ( tmpctx , REQ_FD ) ;
if ( ! fromwire_closing_received_signature_reply ( msg , NULL ) )
master_badmsg ( WIRE_CLOSING_RECEIVED_SIGNATURE_REPLY ,
msg ) ;
limit_fee = received_fee ;
/* Master sorts out what is best offer, we just tell it any above min */
if ( received_fee > = min_fee_to_accept ) {
status_trace ( " ...offer is reasonable " ) ;
tell_master_their_offer ( received_fee , & their_sig , tx ) ;
}
tal_free ( tmpctx ) ;
return received_fee ;
}
struct feerange {
enum side higher_side ;
u64 min , max ;
} ;
static void init_feerange ( struct feerange * feerange ,
u64 commitment_fee ,
const u64 offer [ NUM_SIDES ] )
{
feerange - > min = 0 ;
/* BOLT #2:
*
* If ` fee_satoshis ` is equal to its previously sent
* ` fee_satoshis ` , the receiver SHOULD sign and broadcast the
* final closing transaction and MAY close the connection .
* - MUST set ` fee_satoshis ` less than or equal to the base
* fee of the final commitment transaction , as calculated
* in [ BOLT # 3 ] ( 03 - transactions . md # fee - calculation ) .
*/
if ( received_fee = = sent_fee )
break ;
feerange - > max = commitment_fee ;
if ( offer [ LOCAL ] > offer [ REMOTE ] )
feerange - > higher_side = LOCAL ;
else
feerange - > higher_side = REMOTE ;
status_trace ( " Feerange init % " PRIu64 " -% " PRIu64 " , %s higher " ,
feerange - > min , feerange - > max ,
feerange - > higher_side = = LOCAL ? " local " : " remote " ) ;
}
static void adjust_feerange ( struct crypto_state * cs ,
const struct channel_id * channel_id ,
struct feerange * feerange ,
u64 offer , enum side side )
{
if ( offer < feerange - > min | | offer > feerange - > max )
peer_failed ( PEER_FD , cs , channel_id ,
" %s offer % " PRIu64
" not between % " PRIu64 " and % " PRIu64 ,
side = = LOCAL ? " local " : " remote " ,
offer , feerange - > min , feerange - > max ) ;
/* BOLT #2:
*
* the recipient SHOULD fail the connection if ` fee_satoshis `
* is not strictly between its last - sent ` fee_satoshis ` and
* its previously - received ` fee_satoshis ` , unless it has
* reconnected since then . */
if ( last_received_fee ! = - 1 ) {
bool previous_dir = sent_fee < last_received_fee ;
bool dir = received_fee < last_received_fee ;
bool next_dir = sent_fee < received_fee ;
/* They went away from our offer? */
if ( dir ! = previous_dir )
peer_failed ( PEER_FD , & cs , & channel_id ,
" Their fee went % "
PRIu64 " to % " PRIu64
" when ours was % " PRIu64 ,
last_received_fee ,
received_fee ,
sent_fee ) ;
/* They jumped over our offer? */
if ( next_dir ! = previous_dir )
peer_failed ( PEER_FD , & cs , & channel_id ,
" Their fee jumped % "
PRIu64 " to % " PRIu64
" when ours was % " PRIu64 ,
last_received_fee ,
received_fee ,
sent_fee ) ;
}
* . . . otherwise it MUST propose a value strictly between the received
* ` fee_satoshis ` and its previously - sent ` fee_satoshis ` .
*/
if ( side = = feerange - > higher_side )
feerange - > max = offer - 1 ;
else
feerange - > min = offer + 1 ;
status_trace ( " Feerange %s update % " PRIu64 " : now % " PRIu64 " -% " PRIu64 ,
side = = LOCAL ? " local " : " remote " ,
offer , feerange - > min , feerange - > max ) ;
}
/* Figure out what we should offer now. */
static u64 adjust_offer ( struct crypto_state * cs ,
const struct channel_id * channel_id ,
const struct feerange * feerange ,
u64 remote_offer ,
u64 min_fee_to_accept )
{
/* Within 1 satoshi? Agree. */
if ( feerange - > min + 1 > = feerange - > max )
return remote_offer ;
/* Max is below our minimum acceptable? */
if ( feerange - > max < min_fee_to_accept )
peer_failed ( PEER_FD , cs , channel_id ,
" Feerange % " PRIu64 " -% " PRIu64
" below minimum acceptable % " PRIu64 ,
feerange - > min , feerange - > max ,
min_fee_to_accept ) ;
/* Bisect between our minimum and max. */
if ( feerange - > min > min_fee_to_accept )
min_fee_to_accept = feerange - > min ;
return ( feerange - > max + min_fee_to_accept ) / 2 ;
}
int main ( int argc , char * argv [ ] )
{
struct crypto_state cs ;
const tal_t * ctx = tal_tmpctx ( NULL ) ;
u8 * msg ;
struct privkey seed ;
struct pubkey funding_pubkey [ NUM_SIDES ] ;
struct bitcoin_txid funding_txid ;
u16 funding_txout ;
u64 funding_satoshi , satoshi_out [ NUM_SIDES ] ;
u64 our_dust_limit ;
u64 min_fee_to_accept , commitment_fee , offer [ NUM_SIDES ] ;
struct feerange feerange ;
enum side funder ;
u8 * scriptpubkey [ NUM_SIDES ] , * funding_wscript ;
struct channel_id channel_id ;
struct secrets secrets ;
bool reconnected ;
u64 next_index [ NUM_SIDES ] , revocations_received ;
u64 gossip_index ;
enum side whose_turn ;
subdaemon_setup ( argc , argv ) ;
status_setup_sync ( REQ_FD ) ;
msg = wire_sync_read ( ctx , REQ_FD ) ;
if ( ! fromwire_closing_init ( ctx , msg , NULL ,
& cs , & gossip_index , & seed ,
& funding_txid , & funding_txout ,
& funding_satoshi ,
& funding_pubkey [ REMOTE ] ,
& funder ,
& satoshi_out [ LOCAL ] ,
& satoshi_out [ REMOTE ] ,
& our_dust_limit ,
& min_fee_to_accept , & commitment_fee ,
& offer [ LOCAL ] ,
& scriptpubkey [ LOCAL ] ,
& scriptpubkey [ REMOTE ] ,
& reconnected ,
& next_index [ LOCAL ] ,
& next_index [ REMOTE ] ,
& revocations_received ) )
master_badmsg ( WIRE_CLOSING_INIT , msg ) ;
status_trace ( " satoshi_out = % " PRIu64 " /% " PRIu64 ,
satoshi_out [ LOCAL ] , satoshi_out [ REMOTE ] ) ;
status_trace ( " dustlimit = % " PRIu64 , our_dust_limit ) ;
status_trace ( " fee = % " PRIu64 , offer [ LOCAL ] ) ;
derive_channel_id ( & channel_id , & funding_txid , funding_txout ) ;
derive_basepoints ( & seed , & funding_pubkey [ LOCAL ] , NULL ,
& secrets , NULL ) ;
funding_wscript = bitcoin_redeem_2of2 ( ctx ,
& funding_pubkey [ LOCAL ] ,
& funding_pubkey [ REMOTE ] ) ;
if ( reconnected )
do_reconnect ( & cs , & channel_id , next_index , revocations_received ) ;
/* BOLT #2:
*
* . . . otherwise it MUST propose a value strictly between the
* received ` fee_satoshis ` and its previously - sent
* ` fee_satoshis ` .
* The funding node :
* - after ` shutdown ` has been received , AND no HTLCs remain in either
* commitment transaction :
* - SHOULD send a ` closing_signed ` message .
*/
whose_turn = funder ;
for ( size_t i = 0 ; i < 2 ; i + + , whose_turn = ! whose_turn ) {
if ( whose_turn = = LOCAL ) {
send_offer ( & cs , & channel_id , funding_pubkey ,
funding_wscript ,
scriptpubkey , & funding_txid , funding_txout ,
funding_satoshi , satoshi_out , funder ,
our_dust_limit , & secrets , offer [ LOCAL ] ) ;
} else {
offer [ REMOTE ]
= receive_offer ( & cs , & channel_id , funding_pubkey ,
funding_wscript ,
scriptpubkey , & funding_txid ,
funding_txout , funding_satoshi ,
satoshi_out , funder ,
our_dust_limit ,
min_fee_to_accept ) ;
}
}
/* We do it by bisection, with twists:
* 1. Don ' t go outside limits , or reach them immediately :
* treat out - of - limit offers as on - limit offers .
* 2. Round towards the target , otherwise we can ' t close
* a final 1 - satoshi gap .
*
* Note : Overflow impossible here , since fee < = funder amount */
new_fee = one_towards ( limit_fee , limit_fee + sent_fee ) / 2 ;
/* If we didn't move, give up (we're ~ at min/max). */
if ( new_fee = = sent_fee )
peer_failed ( PEER_FD , & cs , & channel_id ,
" Final fee % " PRIu64 " vs % " PRIu64
" at limits % " PRIu64 " -% " PRIu64 ,
sent_fee , received_fee ,
minfee , maxfee ) ;
last_received_fee = received_fee ;
sent_fee = new_fee ;
tal_free ( tmpctx ) ;
/* Now we have first two points, we can init fee range. */
init_feerange ( & feerange , commitment_fee , offer ) ;
/* Now apply the one constraint from above (other is inside loop). */
adjust_feerange ( & cs , & channel_id , & feerange ,
offer [ ! whose_turn ] , ! whose_turn ) ;
/* Now any extra rounds required. */
while ( offer [ LOCAL ] ! = offer [ REMOTE ] ) {
/* If they differ, adjust feerate. */
adjust_feerange ( & cs , & channel_id , & feerange ,
offer [ whose_turn ] , whose_turn ) ;
/* Now its the other side's turn. */
whose_turn = ! whose_turn ;
if ( whose_turn = = LOCAL ) {
offer [ LOCAL ] = adjust_offer ( & cs , & channel_id ,
& feerange , offer [ REMOTE ] ,
min_fee_to_accept ) ;
send_offer ( & cs , & channel_id , funding_pubkey ,
funding_wscript ,
scriptpubkey , & funding_txid , funding_txout ,
funding_satoshi , satoshi_out , funder ,
our_dust_limit , & secrets , offer [ LOCAL ] ) ;
} else {
offer [ REMOTE ]
= receive_offer ( & cs , & channel_id , funding_pubkey ,
funding_wscript ,
scriptpubkey , & funding_txid ,
funding_txout , funding_satoshi ,
satoshi_out , funder ,
our_dust_limit ,
min_fee_to_accept ) ;
}
}
/* We're done! */
Rusty Russell
7 years ago
Christian Decker