Currently we get the odd message "Own anchor has insufficient funds".
Reported-by: Christian Decker
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We had enum channel_side (OURS, THEIRS) for which end of a channel we
had, and htlc_side (LOCAL, REMOTE) for who proposed the HTLC.
Combine these both into simply "enum side".
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
When they propose an HTLC to us, they need to be able to cover both it,
and the associated fees. When it gets acked and applied to them, however,
they may no longer be able to afford the fees; this is OK and expected.
So add a flag to say whether they can dig into fees or not: without
this patch the code calls fatal() on the next patch which tests it.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
We don't have an ordering of HTLCs between peers: we don't know
whether your HTLC 0 or my HTLC 0 occurred first. This matters,
as we play them all back to reconstruct state (probably overkill anyway).
So we add force_* operators which don't do bounds checks, and do
bounds checks at the end. We also note that we don't need to apply
fee changes: that should be in the database already.
Also relax db constraints: IDs are not unique, they are unique per
side (we can both have HTLC #0).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It fits in a u32, but we mix it with other values which could cause
overflow, so let's just use u64 everywhere.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is generally redundant, since HTLC pointer is in that side's
commit_info, but makes HTLC completely self-contained.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
No more copies!
I tried changing the cstate->side[].htlcs to htlc_map rather than a
simple pointer array, but we rely on those array indices heavily for
permutation mapping, and it turned into a major rewrite (especially
for the steal case).
Eventually, we're going to want to reconstruct the commit info for
older commit txs rather than keeping all the permutation and
per-commit-info HTLC information in memory, so we can do the work
then.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
It's a more logical name, and a more logical place. We change
"funding" to "channel" in the remaining exposed symbols, too.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is the logical place for it to belong: with the HTLC. For the manually-created
HTLCs, we create a simple one-hop route.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
While the pointer is only valid until the funding changes, that's also
true of the offset; and a pointer has a convenient "not found"
sentinal value.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Previous to this, we kept the remote side's 'struct channel_state'
backwards: peer->remote.commit->cstate.side[OURS] was their HTLCs,
and [THEIRS] was our HTLCs. This made some things easier, but was
horrible for readability.
This inverts things so we keep track of the remote side's state from
our point of view: [OURS] is ours, [THEIRS] is theirs. Which makes
much more sense.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
BOLT#2 says we MUST NOT send out commit messages with no changes (and
we drop the connection if the peer does). But that's harder than it
sounds: we can have changes in theory which cancel out (eg. fee
adjustments, not yet implemented) or others which don't change the
commit tx (eg. dust outputs). Simplest is to have a generation count,
which also allows us to simply show number of pending changes in RPC.
It's 32 bit, but you can only use it to screw yourself really (each
side can only add 1500 htlcs, so the rest would have to be fee
changes; wrapping will only make us hang up on you).
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
And divide fees as specified there.
We still use fixed values rather than floating, and we don't send or
handle update_fee messages.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
The channel funding code needs to know who offered the anchor, as they
are responsible for paying fees until the other side is able to. This
is actually a hack, but at least now it's internal to funding and not
passed in at every funding_delta() call.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This is used for figuring out the close transaction balances,
but can also be used in the future for dynamic fee support.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Use our own structure with the information we need about HTLCs,
and remove protobufs from the API.
The is_funder() helper goes inside gather_updates.h.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This gets truncated for on-chain transactions (thus, rounding may
contribute to fees).
This also means we currently have an upper bound of 0.04 BTC per HTLC;
this can be increased later if required.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This shows where funds are going at any time (fees vs to each side).
funding.c is mainly rewritten, and should be clearer now.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Both sides elect a commitment fee, and the lowest is chosen. That means
you can't game the other side (but if you offer too low, then can error
out of course).
Fees are split 50-50 if possible: originally the whole fee has to be
paid by the (single) funder. Neither side can withdraw funds which
would make them unable to pay fees.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Most complex change was gather_updates(), which handles all the "what
is the current state of the channel" logic for our dumb test utils.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Rusty Russell