Yield BumpHTLCResolution events

wpaulino · wpaulino · commit 7f1cb8e9920e · 2022-11-30T14:44:25.000-08:00
diff --git a/lightning/src/chain/channelmonitor.rs b/lightning/src/chain/channelmonitor.rs
@@ -53,7 +53,7 @@ use crate::util::ser::{Readable, ReadableArgs, MaybeReadable, Writer, Writeable,
 use crate::util::byte_utils;
 use crate::util::events::Event;
 #[cfg(anchors)]
-use crate::util::events::{AnchorDescriptor, BumpTransactionEvent};
+use crate::util::events::{AnchorDescriptor, HTLCDescriptor, BumpTransactionEvent};
 
 use crate::prelude::*;
 use core::{cmp, mem};
@@ -2394,7 +2394,27 @@ impl<Signer: Sign> ChannelMonitorImpl<Signer> {
 						pending_htlcs,
 					}));
 				},
-				_ => {},
+				ClaimEvent::BumpHTLC {
+					target_feerate_sat_per_1000_weight, htlcs,
+				} => {
+					let mut htlc_descriptors = Vec::with_capacity(htlcs.len());
+					for htlc in htlcs {
+						htlc_descriptors.push(HTLCDescriptor {
+							channel_keys_id: self.channel_keys_id,
+							channel_value_satoshis: self.channel_value_satoshis,
+							channel_parameters: self.onchain_tx_handler.channel_transaction_parameters.clone(),
+							commitment_txid: htlc.commitment_txid,
+							per_commitment_number: htlc.per_commitment_number,
+							htlc: htlc.htlc,
+							preimage: htlc.preimage,
+							counterparty_sig: htlc.counterparty_sig,
+						});
+					}
+					ret.push(Event::BumpTransaction(BumpTransactionEvent::HTLCResolution {
+						target_feerate_sat_per_1000_weight,
+						htlc_descriptors,
+					}));
+				}
 			}
 		}
 		ret
diff --git a/lightning/src/ln/chan_utils.rs b/lightning/src/ln/chan_utils.rs
@@ -445,7 +445,7 @@ impl_writeable_tlv_based!(TxCreationKeys, {
 });
 
 /// One counterparty's public keys which do not change over the life of a channel.
-#[derive(Clone, PartialEq, Eq)]
+#[derive(Clone, Debug, PartialEq, Eq)]
 pub struct ChannelPublicKeys {
 	/// The public key which is used to sign all commitment transactions, as it appears in the
 	/// on-chain channel lock-in 2-of-2 multisig output.
@@ -794,7 +794,7 @@ pub fn build_anchor_input_witness(funding_key: &PublicKey, funding_sig: &Signatu
 ///
 /// Normally, this is converted to the broadcaster/countersignatory-organized DirectedChannelTransactionParameters
 /// before use, via the as_holder_broadcastable and as_counterparty_broadcastable functions.
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub struct ChannelTransactionParameters {
 	/// Holder public keys
 	pub holder_pubkeys: ChannelPublicKeys,
@@ -818,7 +818,7 @@ pub struct ChannelTransactionParameters {
 }
 
 /// Late-bound per-channel counterparty data used to build transactions.
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub struct CounterpartyChannelTransactionParameters {
 	/// Counter-party public keys
 	pub pubkeys: ChannelPublicKeys,
diff --git a/lightning/src/util/events.rs b/lightning/src/util/events.rs
@@ -16,7 +16,7 @@
 
 use crate::chain::keysinterface::SpendableOutputDescriptor;
 #[cfg(anchors)]
-use crate::ln::chan_utils::HTLCOutputInCommitment;
+use crate::ln::chan_utils::{self, ChannelTransactionParameters, HTLCOutputInCommitment};
 use crate::ln::channelmanager::PaymentId;
 use crate::ln::channel::FUNDING_CONF_DEADLINE_BLOCKS;
 use crate::ln::features::ChannelTypeFeatures;
@@ -29,11 +29,15 @@ use crate::routing::router::{RouteHop, RouteParameters};
 
 use bitcoin::{PackedLockTime, Transaction};
 #[cfg(anchors)]
-use bitcoin::OutPoint;
+use bitcoin::{OutPoint, Txid, TxIn, TxOut, Witness};
 use bitcoin::blockdata::script::Script;
 use bitcoin::hashes::Hash;
 use bitcoin::hashes::sha256::Hash as Sha256;
 use bitcoin::secp256k1::PublicKey;
+#[cfg(anchors)]
+use bitcoin::secp256k1::{self, Secp256k1};
+#[cfg(anchors)]
+use bitcoin::secp256k1::ecdsa::Signature;
 use crate::io;
 use crate::prelude::*;
 use core::time::Duration;
@@ -228,6 +232,87 @@ pub struct AnchorDescriptor {
 	pub outpoint: OutPoint,
 }
 
+#[cfg(anchors)]
+/// A descriptor used to sign for a commitment transaction's HTLC output.
+#[derive(Clone, Debug)]
+pub struct HTLCDescriptor {
+	/// A unique identifier used along with `channel_value_satoshis` to re-derive the
+	/// [`InMemorySigner`] required to sign `input`.
+	///
+	/// [`InMemorySigner`]: crate::chain::keysinterface::InMemorySigner
+	pub channel_keys_id: [u8; 32],
+	/// The value in satoshis of the channel we're attempting to spend the anchor output of. This is
+	/// used along with `channel_keys_id` to re-derive the [`InMemorySigner`] required to sign
+	/// `input`.
+	///
+	/// [`InMemorySigner`]: crate::chain::keysinterface::InMemorySigner
+	pub channel_value_satoshis: u64,
+	/// The necessary channel parameters that need to be provided to the re-derived signer.
+	pub channel_parameters: ChannelTransactionParameters,
+	/// The txid of the commitment transaction in which the HTLC output lives.
+	pub commitment_txid: Txid,
+	/// The number of the commitment transaction in which the HTLC output lives.
+	pub per_commitment_number: u64,
+	/// The details of the HTLC as it appears in a commitment transaction.
+	pub htlc: HTLCOutputInCommitment,
+	/// The preimage, if one exists, to claim the HTLC output with.
+	pub preimage: Option<PaymentPreimage>,
+	/// The counterparty's signature required to spend the HTLC output.
+	pub counterparty_sig: Signature
+}
+
+#[cfg(anchors)]
+impl HTLCDescriptor {
+	pub fn unsigned_tx_input(&self) -> TxIn {
+		chan_utils::build_htlc_input(&self.commitment_txid, &self.htlc, true /* opt_anchors */)
+	}
+
+	pub fn tx_output<C: secp256k1::Signing + secp256k1::Verification>(
+		&self, per_commitment_point: &PublicKey, secp: &Secp256k1<C>
+	) -> Result<TxOut, ()> {
+		let channel_params = self.channel_parameters.as_holder_broadcastable();
+		let broadcaster_keys = channel_params.broadcaster_pubkeys();
+		let counterparty_keys = channel_params.countersignatory_pubkeys();
+		let broadcaster_delayed_key = chan_utils::derive_public_key(
+			secp, per_commitment_point, &broadcaster_keys.delayed_payment_basepoint
+		).map_err(|_| ())?;
+		let counterparty_revocation_key = chan_utils::derive_public_revocation_key(
+			secp, per_commitment_point, &counterparty_keys.revocation_basepoint
+		).map_err(|_| ())?;
+		Ok(chan_utils::build_htlc_output(
+			0 /* feerate_per_kw */, channel_params.contest_delay(), &self.htlc, true /* opt_anchors */,
+			false /* use_non_zero_fee_anchors */, &broadcaster_delayed_key, &counterparty_revocation_key
+		))
+	}
+
+	pub fn witness_script<C: secp256k1::Signing + secp256k1::Verification>(
+		&self, per_commitment_point: &PublicKey, secp: &Secp256k1<C>
+	) -> Result<Script, ()> {
+		let channel_params = self.channel_parameters.as_holder_broadcastable();
+		let broadcaster_keys = channel_params.broadcaster_pubkeys();
+		let counterparty_keys = channel_params.countersignatory_pubkeys();
+		let broadcaster_htlc_key = chan_utils::derive_public_key(
+			secp, per_commitment_point, &broadcaster_keys.htlc_basepoint
+		).map_err(|_| ())?;
+		let counterparty_htlc_key = chan_utils::derive_public_key(
+			secp, per_commitment_point, &counterparty_keys.htlc_basepoint
+		).map_err(|_| ())?;
+		let counterparty_revocation_key = chan_utils::derive_public_revocation_key(
+			secp, per_commitment_point, &counterparty_keys.revocation_basepoint
+		).map_err(|_| ())?;
+		Ok(chan_utils::get_htlc_redeemscript_with_explicit_keys(
+			&self.htlc, true /* opt_anchors */, &broadcaster_htlc_key, &counterparty_htlc_key,
+			&counterparty_revocation_key,
+		))
+	}
+
+	pub fn tx_input_witness(&self, signature: &Signature, witness_script: &Script) -> Witness {
+		chan_utils::build_htlc_input_witness(
+			signature, &self.counterparty_sig, &self.preimage, witness_script, true /* opt_anchors */
+		)
+	}
+}
+
 #[cfg(anchors)]
 /// Represents the different types of transactions, originating from LDK, to be bumped.
 #[derive(Clone, Debug)]
@@ -247,7 +332,10 @@ pub enum BumpTransactionEvent {
 	/// The consumer should be able to sign for any of the additional inputs included within the
 	/// child anchor transaction. To sign its anchor input, an [`InMemorySigner`] should be
 	/// re-derived through [`KeysManager::derive_channel_keys`] with the help of
-	/// [`AnchorDescriptor::channel_keys_id`] and [`AnchorDescriptor::channel_value_satoshis`].
+	/// [`AnchorDescriptor::channel_keys_id`] and [`AnchorDescriptor::channel_value_satoshis`]. The
+	/// anchor input signature can be computed with [`InMemorySigner::sign_holder_anchor_input`],
+	/// which can then be provided to [`build_anchor_input_witness`] along with the `funding_pubkey`
+	/// to obtain the full witness required to spend.
 	///
 	/// It is possible to receive more than one instance of this event if a valid child anchor
 	/// transaction is never broadcast or is but not with a sufficient fee to be mined. Care should
@@ -268,6 +356,8 @@ pub enum BumpTransactionEvent {
 	///
 	/// [`InMemorySigner`]: crate::chain::keysinterface::InMemorySigner
 	/// [`KeysManager::derive_channel_keys`]: crate::chain::keysinterface::KeysManager::derive_channel_keys
+	/// [`InMemorySigner::sign_holder_anchor_input`]: crate::chain::keysinterface::InMemorySigner::sign_holder_anchor_input
+	/// [`build_anchor_input_witness`]: crate::ln::chan_utils::build_anchor_input_witness
 	ChannelClose {
 		/// The target feerate that the transaction package, which consists of the commitment
 		/// transaction and the to-be-crafted child anchor transaction, must meet.
@@ -286,6 +376,39 @@ pub enum BumpTransactionEvent {
 		/// commitment transaction confirms.
 		pending_htlcs: Vec<HTLCOutputInCommitment>,
 	},
+	/// Indicates that a channel featuring anchor outputs has HTLC(s) that need to be resolved
+	/// onchain. With the zero-HTLC-transaction-fee variant of anchor outputs, the pre-signed HTLC
+	/// transactions have a zero fee, thus requiring additional inputs and/or outputs to be attached
+	/// for a timely confirmation within the chain. These additional inputs and/or outputs must be
+	/// appended to the enclosed `tx_template` to meet the target feerate. Failure to meet the
+	/// target feerate decreases the confirmation odds of the transaction, possibly resulting in a
+	/// loss of funds. Once the transaction is amended to meet the target feerate, it must be signed
+	/// for and broadcast by the consumer of the event.
+	///
+	/// The consumer should be able to sign for any of the additional inputs added to `tx_template`.
+	/// To sign HTLC inputs, an [`InMemorySigner`] should be re-derived through
+	/// [`KeysManager::derive_channel_keys`] with the help of `channel_keys_id` and
+	/// `channel_value_satoshis`. Each HTLC input's signature can be computed with
+	/// [`InMemorySigner::sign_holder_htlc_transaction`], which can then be provided to
+	/// [`build_htlc_input_witness`] along with the enclosed [`HTLCDescriptor`] to obtain the full
+	/// witness required to spend.
+	///
+	/// It is possible to receive more than one instance of this event if a valid HTLC transaction
+	/// is never broadcast or is but not with a sufficient fee to be mined. Care should be taken by
+	/// the consumer of the event to ensure any future iterations of the HTLC transaction adhere to
+	/// the [Replace-By-Fee rules](https://github.com/bitcoin/bitcoin/blob/master/doc/policy/mempool-replacements.md)
+	/// for fee bumps to be accepted into the mempool, and eventually the chain. As the frequency of
+	/// these events is not user-controlled, users may ignore/drop the event if they are no longer
+	/// able to commit external confirmed funds to the HTLC transaction.
+	///
+	/// [`InMemorySigner`]: crate::chain::keysinterface::InMemorySigner
+	/// [`KeysManager::derive_channel_keys`]: crate::chain::keysinterface::KeysManager::derive_channel_keys
+	/// [`InMemorySigner::sign_holder_htlc_transaction`]: crate::chain::keysinterface::InMemorySigner::sign_holder_htlc_transaction
+	/// [`build_htlc_input_witness`]: crate::ln::chan_utils::build_htlc_input_witness
+	HTLCResolution {
+		target_feerate_sat_per_1000_weight: u32,
+		htlc_descriptors: Vec<HTLCDescriptor>,
+	},
 }
 
 /// An Event which you should probably take some action in response to.
@@ -890,9 +1013,10 @@ impl Writeable for Event {
 			&Event::BumpTransaction(ref event)=> {
 				27u8.write(writer)?;
 				match event {
-					// We never write the ChannelClose events as they'll be replayed upon restarting
-					// anyway if the commitment transaction remains unconfirmed.
+					// We never write the ChannelClose|HTLCResolution events as they'll be replayed
+					// upon restarting anyway if they remain unresolved.
 					BumpTransactionEvent::ChannelClose { .. } => {}
+					BumpTransactionEvent::HTLCResolution { .. } => {}
 				}
 			}
 			&Event::ChannelReady { ref channel_id, ref user_channel_id, ref counterparty_node_id, ref channel_type } => {
