Add a PaymentForwarded Event
#1004
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1004 +/- ##
==========================================
- Coverage 90.81% 90.79% -0.03%
==========================================
Files 60 61 +1
Lines 31428 31578 +150
==========================================
+ Hits 28542 28671 +129
- Misses 2886 2907 +21
Continue to review full report at Codecov.
|
TheBlueMatt
force-pushed
the
2021-07-forward-event
branch
2 times, most recently
from
7cd334a to
25379af
Compare
| clients cannot read. The likelihood of this can be reduced by ensuring you | ||
| process all pending events immediately before serialization. | ||
|
|
||
|
|
There was a problem hiding this comment.
Mentions e00bf8d serialization relaxation? Maybe we'll have users eager to experiment with the odd type semantic
There was a problem hiding this comment.
I don't believe you can currently (reasonably) serialize events in a way that LDK cares about - I believe we only (really) read them as a part of a ChannelManager or ChannelMonitor, so in order for users to get anything out of it they'd need to be editing ChannelManagers in the middle of the serialization logic.
lightning/src/util/events.rs
Outdated
| /// | ||
| /// If the channel which sent us the payment has been force-closed, we will claim the funds | ||
| /// via an on-chain transaction. In that case we do not consider the on-chain transaction | ||
| /// fees involved in such a claim and this value will be `None`. |
There was a problem hiding this comment.
Wait I think a onchain_value_satoshis value is passed in process_pending_monitor_events and consumed as part of the generated PaymentForwarded there ? Or are you thinking about another case ?
There was a problem hiding this comment.
Wait, I'm confused, those are only about claims that our counterparty did on-chain, causing us to update off-chain state. Did I miss something about how HTLCUpdate events are generated?
There was a problem hiding this comment.
I think Antoine's right, seems like this will always be non-None with the current code?
There was a problem hiding this comment.
If claim_funds_from_hop hits the short_to_id.get(..) == None branch right at the top, it'll return (None, Err(None)) which gets translated into our ChannelMonitorUpdate-generation branch, but should still consider claimed_htlc to be true, resulting in claimed_value_msat being None.
There was a problem hiding this comment.
You say this value can be None in the case where the backward channel has been force-closed and we won't fetch the claimed amount from onchain, thus only yielding None as earned fees. So IIUC, I think it's confusing to say "on-chain transaction fees", it should say "amount" or values" ?
There was a problem hiding this comment.
See updated doc commit, is that sufficient?
|
Rebase plz |
The wait_threshold_conf!() macro in check_spend_holder_transaction was only used once, making it a good candidate for inlining at the callsite. Further, it incorrectly always logged that we were failing HTLCs from the "latest" commitment transaction, when it is sometimes actually failing HTLCs from the previous commitment transaction.
This should provide some additional future extensibility, allowing for new informational events which can be safely ignored to be ignored by older versions.
test_onchain_to_onchain_claim was connecting additional blocks in order to reach HTLC timeout and broadcast an HTLC-Timeout transaction, resulting in it not testing whether HTLC preimages are learned instantly in response to HTLC-Success transactions.
TheBlueMatt
force-pushed
the
2021-07-forward-event
branch
from
25379af to
997899d
Compare
|
Rebased. |
| if claimed_htlc { | ||
| if let Some(forwarded_htlc_value) = forwarded_htlc_value_msat { | ||
| let fee_earned_msat = if let Some(claimed_htlc_value) = claimed_value_msat { | ||
| Some(claimed_htlc_value - forwarded_htlc_value) |
There was a problem hiding this comment.
No risk/need for mitigation of overflow here, right?
There was a problem hiding this comment.
I think not, my logic is this:
- for only-off-chain forwards + claims, the
fee_insufficientcheck indecode_update_add_htlc_onionshould preventforwarded_htlc_valuefrom ever being belowclaimed_htlc_value(obviously if it ever did happen that would be a massive bug anyway), - for on-chain claims leading to a backwards off-chain claim,
claimed_htlc_valuewill always be the original received value, whereasforwarded_htlc_valuecan only decrease (as its rounded down to the nearest whole satoshi value), so the above applies. - we do not get here for off-chain claims leading to a backwards on-chain claim, which would be possible to underflow on.
lightning/src/util/events.rs
Outdated
| fee_earned_msat: Option<u64>, | ||
| /// If this is `true`, the forwarded HTLC was claimed on-chain after a force-closure. | ||
| claim_from_onchain_tx: bool, |
There was a problem hiding this comment.
Could these be combined into an enum, something like:
ForwardClaim::OnChain
ForwardClaim::OffChain(fee_earned_msat: u64)
There was a problem hiding this comment.
They are two separate concepts - one is about the forward edge of the HTLC, the other is about the backwards edge of the HTLC. Any suggestions for how to make the docs more clear?
lightning/src/util/events.rs
Outdated
| /// | ||
| /// If the channel which sent us the payment has been force-closed, we will claim the funds | ||
| /// via an on-chain transaction. In that case we do not consider the on-chain transaction | ||
| /// fees involved in such a claim and this value will be `None`. |
There was a problem hiding this comment.
I think Antoine's right, seems like this will always be non-None with the current code?
lightning/src/ln/channelmanager.rs
Outdated
| @@ -207,6 +207,12 @@ pub(super) enum HTLCFailReason { | |||
| } | |||
| } | |||
|
|
|||
| /// Return value for claim_funds_from_hop | |||
| struct ClaimFundsRes { | |||
There was a problem hiding this comment.
Could we switch this to be an enum, something along these lines:
enum ClaimFundsRes {
PrevHopForceClosed,
MonitorUpdateFailed((u64, PublicKey, MsgHandleErrInternal)),
... other states
}
This refactor is @jkczyz -approved 😛
There was a problem hiding this comment.
Hmm, I'm not sure that that's that much clearer. All four possible states of (None, Ok(..)), (Some(..), Ok(..)), (None, Err(..)), and (Some(..), Err(..)) are used, so we'd need at least four variants, and we'd have a really hard time keeping the callsite match DRY.
There was a problem hiding this comment.
IMO seeing a descriptive name like PrevHopForceClosed makes the code more readable at a glance than seeing (None, Ok(..)).
It seems like the callsite might only need to repeat a few lines? Is that off?
There was a problem hiding this comment.
I mean I can split it into a struct containing two enums, but that seems to border on enough volume that it becomes unreadable just by weight. Sticking it all in one enum (with four variants) would be really harsh for claim-funds, too, which only actually cares about one of the two fields, now it would have to have a match and conversion instead of being able to just access the field. I agree having names for things is useful, but I don't think I agree it is if it results in more code by volume including matches that the reader has to figure out. Maybe there's a way to rename the fields in ClaimFundsRes to make it more clear instead?
There was a problem hiding this comment.
Briefly jammed with @jkczyz on this patch: valentinewallace@f9d338d It seems more readable and the code volume doesn't seem significantly increased!
There was a problem hiding this comment.
Yea, I guess I underestimated the amount of parameter conversion in the current code. I do think the MonitorUpdateFail overload that can mean both "channel is bogus, closing" and Success, we claimed is a bit confusing, but its not strictly worse than it was. I took that commit and added one tweak.
lightning/src/util/events.rs
Outdated
| /// fees involved in such a claim and this value will be `None`. It is possible duplicate | ||
| /// `PaymentForwarded` events are generated for the same payment iff `fee_earned_msat` is | ||
| /// `None`. |
There was a problem hiding this comment.
Because duplicates may be generated, could a (future?) direction be to add some kind of unique identifier of the HTLC to this event?
There was a problem hiding this comment.
Yea, what we'd really need to do is have the event be generated by the ChannelMonitor if the inbound leg of the payment has gone on-chain, but there's a lot of complexity to ensuring we de-duplicate them all properly that we don't currently do that I figured it wasn't worth it for now.
There was a problem hiding this comment.
Yeah we could return either a monotonic payment_id or PaymentHash at least.
There was a problem hiding this comment.
or
PaymentHashat least.
I'm a little torn on this. I initially didn't include it on purpose because, at least my thinking was, we really dont want users to log that or even care about it - its not their payment, and logging/giving users details about the payments others made (at least the parts that don't matter to you) is generally a bad idea.
On the other hand, I see the point about wanting to de-dup by them, but of course note that you can have the same PaymentHash multiple times, even if its insecure.
Ultimately I think adding PaymentHash is just not more confusing than helpful, especially since users may try to de-duplicate by it and have bad accounting, much better to just say you will have bad accounting, and leave it at that.
There was a problem hiding this comment.
Right, we already have case where accounting might not be exact like rouding down or backward channel closed and where fee_earned_msat is None. We can revisit in the future if needed.
TheBlueMatt
force-pushed
the
2021-07-forward-event
branch
from
9a6398d to
eebb0d1
Compare
lol it was working locally. Anyway, I just dropped the whole partialeq thing. Also went ahead and squashed. |
lightning/src/util/events.rs
Outdated
| /// fees involved in such a claim and this value will be `None`. It is possible duplicate | ||
| /// `PaymentForwarded` events are generated for the same payment iff `fee_earned_msat` is | ||
| /// `None`. |
There was a problem hiding this comment.
Yeah we could return either a monotonic payment_id or PaymentHash at least.
lightning/src/util/events.rs
Outdated
| /// `None`. | ||
| fee_earned_msat: Option<u64>, | ||
| /// If this is `true`, the forwarded HTLC will be claimed on-chain after the channel on | ||
| /// which we received the HTLC was force-closed. |
There was a problem hiding this comment.
I think claim_funds_internal() in process_pending_monitor_events is called with from_onchain=true. Though this callsite at monitor events processing doesn't imply the backward channel has been force-closed, a check we only realize at the beginning of claim_funds_from_hop.
So I think this comment is confusing...Shouldn't this say "we offered the HTLC was force-closed" to be correct ?
There was a problem hiding this comment.
Lol, these docs are just entirely wrong. I pushed a fixup commit.
TheBlueMatt
force-pushed
the
2021-07-forward-event
branch
2 times, most recently
from
b9dab4e to
90c5d00
Compare
|
Pushed an additional doc change commit to take changes from @ariard. |
|
Code Review ACK 90c5d00 |
It is useful for accounting and informational reasons for users to be informed when a payment has been successfully forwarded. Thus, when an HTLC which represents a forwarded leg is claimed, we generate a new `PaymentForwarded` event. This requires some additional plumbing to return HTLC values from `OnchainEvent`s. Further, when we have to go on-chain to claim the inbound side of the payment, we do not inform the user of the fee reward, as we cannot calculate it until we see what is confirmed on-chain. Substantial code structure rewrites by: Valentine Wallace <[email protected]>
While we should never reach `ClaimFundsFromHop::DuplicateClaim` in most cases, if we do, it likely indicates the HTLC was timed out some time ago and is no longer available to be claimed. Thus, it does not make sense to imply that we `claimed_any_htlcs`.
TheBlueMatt
force-pushed
the
2021-07-forward-event
branch
from
90c5d00 to
50f47ec
Compare
|
Squashed without changes. Diff since Val's review is all docs, so will merge after CI. |
Based on #977.
It is useful for accounting and informational reasons for users to
be informed when a payment has been successfully forwarded. Thus,
when an HTLC which represents a forwarded leg is claimed, we
generate a new
PaymentForwardedevent.This requires some additional plumbing to return HTLC values from
OnchainEvents. Further, when we have to go on-chain to claim theinbound side of the payment, we do not inform the user of the fee
reward, as we cannot calculate it until we see what is confirmed
on-chain.