Rename a's keys as local's keys and b's keys as remote's keys

[ariard]

Downstreaming this while working on anchor, follow-up of #613. This is an attempt to make keys variable names less confusing based on script semantic as an invariant.

Variables should be named according to the script semantic which is
an invariant with regards to generating a local or remote commitment
transaction.

I.e a local_delayed_payment key will always offer to the owner
of the commitment transaction to be paid back after a given delay.

[TheBlueMatt]

This isnt always the remote/local key though, no? We also call this with the keys swapped to get redeemscripts for their transactions. We probably need to standardize on some kind of nomenclature cause remote/local is often confusing.

[ariard]

From the script layout as described in the BOLT3, how local_htlcpubkey is instanced depends if we are building a transaction for _us _ or for our counterparty.

I think when we generate a transaction, including its scripts, there is no such thing aslocal or remote it's always a local commitment transaction. Now when we sign such transaction and what we sign depends if its a local transaction or remote one.

So, as a nomenclature, I propose:

• for all our helpers in chan_utils bind to local/remote to match BOLT3
• in channel/channelmonitor label transaction as local_tx or remote_tx (no changes expected)
• for holding our or counterparty elements such as their_keys in Channel bind to owner/counterparty to avoid confusion when we instance our helpers.

We may have to move helpers from Channel to chan_utils to make it cleaner.

[jkczyz]

The naming is definitely contextual. So I would agree that we should not settle on always one way of describing the relationship.

I would like to see "counterparty" used when generally referring to the other side (i.e., when the relationship can be flipped). I don't have a strong opinion on "owner" being the opposite of "counterparty" just yet. It may make sense to not have any prefix in that case. I'd need to see a concrete example.

I'm generally not in favor of using possessive pronouns like "our" and "their" in code. I'd prefer a more descriptive name for the relationship being modeled.

[ariard]

@jkczyz fyi, even the BOLT isn't clear on this lightning/bolts#638

The naming is definitely contextual. So I would agree that we should not settle on always one way of describing the relationship.

I agree, do you see another context that the ones I'm describing, namely chan_utils, Channel, channel/channelmonitor or if those contexts make sense ? Maybe 2) and 3) are the same.

[jkczyz]

My thinking was that if chan_utils is suppose to be agnostic to what is local and what is remote (at least in some places), then the "local" and "remote" naming may not make sense in those particular contexts.

So for instance, AFAICT, TxCreationKeys should not use the words "local" and "remote" since it is used in both contexts:

https://github.com/rust-bitcoin/rust-lightning/blob/c09c9fb9a00ebaf60cd44755e7a14df1dbb7c7a7/lightning/src/ln/channel.rs#L1102

https://github.com/rust-bitcoin/rust-lightning/blob/c09c9fb9a00ebaf60cd44755e7a14df1dbb7c7a7/lightning/src/ln/channel.rs#L1116

Additionally, there is a lot of redundancy in some of the naming that isn't necessary in the given context. e.g., initial_local_commitment_tx.local_keys.local_htlc_key.

[TheBlueMatt]

Right there's kind of two different things we'll want two words for:

• Something is our's/our counterparty's (I think I like ours/counterpartys or so?)
• Something is for the "owner of the transaction" (ie the party that can broadcast it), which is what local/remote mean here.

Its true the BOLTs are a mess in this regard, but thats precisely why we should try to do better.

As a concrete proposal, I think ours/counterpartys and local/remote (which is whats there already in TxCreationKeys) is reasonable, but am open to other ideas.

[jkczyz]

For ours and counterpartys, I would prefer no prefix and counterparty.

[TheBlueMatt]

Hmm, guess I never responded to this. I'm really not a fan of no prefix - it seems ripe for confusion. "Yep, code reads right, it says to_self_delay" when its really the wrong "to_self_delay".

[codecov]

Codecov Report

Merging #633 into master will decrease coverage by 3.68%.
The diff coverage is 79.31%.

@@            Coverage Diff             @@
##           master     #633      +/-   ##
==========================================
- Coverage   78.40%   74.72%   -3.69%     
==========================================
  Files          55       55              
  Lines       27568    24477    -3091     
==========================================
- Hits        21616    18290    -3326     
- Misses       5952     6187     +235     

Impacted Files	Coverage Δ
lightning-c-bindings/src/chain/keysinterface.rs	0.00% <0.00%> (ø)
lightning-c-bindings/src/ln/chan_utils.rs	0.00% <0.00%> (ø)
lightning-c-bindings/src/ln/channelmonitor.rs	0.00% <0.00%> (ø)
lightning/src/ln/channel.rs	84.27% <ø> (-1.50%)	⬇️
lightning/src/ln/channelmonitor.rs	94.83% <ø> (-1.92%)	⬇️
lightning/src/ln/functional_test_utils.rs	94.02% <ø> (-0.93%)	⬇️
lightning/src/ln/channelmanager.rs	79.80% <90.97%> (-5.72%)	⬇️
lightning/src/chain/keysinterface.rs	89.71% <93.61%> (-5.14%)	⬇️
lightning/src/util/enforcing_trait_impls.rs	98.76% <94.11%> (-1.24%)	⬇️
lightning/src/ln/chan_utils.rs	90.84% <96.10%> (-5.13%)	⬇️
... and 37 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 253af8d...21d0a95. Read the comment docs.

[ariard]

Updated with a new commit re-labeling fields according to Matt's suggestion: #633 (comment). "Local"/"Remote" references aren't all dead in channel.rs but it kill a lot of them.

Lmk if you find this clearer and worthy of the change.

[jkczyz]

Updated with a new commit re-labeling fields according to Matt's suggestion: #633 (comment). "Local"/"Remote" references aren't all dead in channel.rs but it kill a lot of them.

Lmk if you find this clearer and worthy of the change.

I'm very close to settling on the naming. But I have a qualm with using "our" which I'll try to articulate better now that my understanding is clearer. I don't think we should ever use the possessive pronoun "our" in identifiers for the same reason we shouldn't use "their": more meaningful names should be used instead of these.

One case is when we need to differentiate roles (e.g., funder/fundee, sender/receiver, local/remote, etc). Having this symmetry in naming is good, IMHO.

The other case is when there are no such roles. I don't think symmetry in naming is needed here. In this instance, "our" refers to the node that this code is implementing and "their" is the node it is communicating or has a channel with.

For the latter case, "counterparty" adequately replaces "their" as it describes a relationship that is relative to the node. Further, the counterparty_ prefix implies that same entity without the prefix is "ours". So, using our_ is redundant and -- to put more plainly -- stating the obvious. So I'd prefer that it be left off entirely.

[jkczyz]

Is remote_ needed on revocation_base? Or put differently, would we ever talk about a local_revocation_base?

[ariard]

We never talk about it, no more we talk about remote_delayedpubkey in script format. If we drop, by consistency we should also drop the local_ prefix for local_delayed_payment_base. Seems a shortcoming of the spec here.

Not updated, I would rather keep the prefix to mark origin of this pubkey with regards to script generation.

[jkczyz]

Not sure that I follow. What is a shortcoming of the spec? Trying to learn more than anything.

[ariard]

For e.g, if you take offered script with a revocationpubkey. It should have been called remote_revocationpubkey even if there is a contribution from local (per_commitment_point) it's used by remote to punish you. Keys names should be labeled according to their ownership.

[jkczyz]

Here is where I think there is a bit of redundancy. We have self which is of type LocalCommitmentTransaction with field local_keys which in turn has a local_htlc_key field.

Questions would be:

• Do we need to prefix LocalCommitmentTransaction with "Local" if we don't have a RemoteCommitmentTransaction?
• Do we need to prefix the field local_keys with "local" given the context?

My thinking is either the second or both could be eliminated without loss of meaning.

[ariard]

Dropped prefix local_ for keys.

[jkczyz]

I've seen similar occurrences like this. Why would there not be a prefix on this variable name when the context (i.e., self since this is inside a method) is not the counterparty? I'd expect missing prefixes to be where we'd normally use our_.

[ariard]

You're right, I've been confused by this first one. In fact the pubkey has a clear owner but redeemScript and txo is common. Corrected.

[jkczyz]

Thanks for making the change! Eventually, we may want to encapsulate these into separate structs with related elements (e.g., limits, balance, scripts, etc?) and expose behaviors rather than fields.

[jkczyz]

Should this still be "local" as per #633 (comment)? Not sure if I misinterpreted when "local" and "remote" should be used.

Other places throughout the file were similarly changed.

[ariard]

I interpret code here as "We build a commitment transaction. Owner is us" So no prefix.

[jkczyz]

Hmm, so I thought this would have fallen under the second bullet in the linked comment. Would we ever say local_commitment_tx and remote_commitment_tx in your interpretation? If so, in what context?

[ariard]

I think we should restrain pointed distinction (local/remote) to templates as used by our chan helpers (chan_utils.rs) and avoid leaking local/remote in Channel storage fields. Even it's not perfect for now.

[jkczyz]

Likewise, but "remote".

[ariard]

Same reasoning. Builder has the notion of local/remote, its ouput has clearly an owner.

[jkczyz]

Not sure I understand this change. Why "counterparty" here? Should we just call them node_a_id and node_b_id in the appropriate places?

[ariard]

Right I think here that's zeal. Corrected.

[jkczyz]

I believe the node ids aren't accurately named even with your change reverted. That is, node_a_chan should be created with node B's id. In practice, it doesn't matter since the ids aren't used after the Channel is created.

[ariard]

You right, updated comments to make it clearer.

[jkczyz]

Personally, for all these methods I'd just call the parameter node_id and features. From the context, it should be clear that we aren't passing in our own node id and features.

[ariard]

I'm ~0 on this. It's quite obvious when you're used to, but for newcomers that's clearly helpful ?

[jkczyz]

Not sure what ~0 means. 😄 Indifferent?

My argument is these are (helpers for) implementing ChannelMessageHandler, so it should be clear. I'd be fine with leaving these unchanged and moving to node_id and features in a follow-up that included updating ChannelMessageHandler.

[ariard]

Yes indifferent, let's keep it for a follow-up.

[ariard]

Thanks @jkczyz for review, rebased and updated.

Thanks for making the change! Eventually, we may want to encapsulate these into separate structs with related elements (e.g., limits, balance, scripts, etc?) and expose behaviors rather than fields.

Yes, let's do this post-anchor output implementation ? I'm modifying few things here.
I generally agree on encapsulating related elements, also to split build_commitment_transactions right now it's melting balance computation and pure transaction generation.

[TheBlueMatt]

This needs rebase. Maybe instead of local_ and remote_ we could use broadcaster_ and broadcastee_ or something to describe whats really happening? local and remote are still sooo ripe for confusion.

[ariard]

@TheBlueMatt @jkczyz Sorry for latency, finally back working on this :)

This needs rebase. Maybe instead of local_ and remote_ we could use broadcaster_ and broadcastee_ or something to describe whats really happening? local and remote are still sooo ripe for confusion.

I agree that local_/remote_ should disappear, I'm thinking about owner_/contributor_ as when generating a transaction it must have a unique final owner while we might integrate contributions from another participant. These contributions can be either our key material or our counterparty's one according to message processing flow. IMO, better than broadcaster_/broadcastee_, we don't necessary broadcast commitment transactions.

Overall, there is a huge part of the codebase still bearing the local_/remote_ nomenclature, this PR is just a step forward and should have follow-ups.

[TheBlueMatt]

I'm thinking about owner_/contributor_

Hmm, I still think its possible to confuse that - the node which sends all the data on the wire here is not the owner, but it feels like they should be the owner since they decided when to create the commitment tx and when to send information about it (though not when to finalize it or broadcast it).

I agree broadcaster is confusing because we often don't broadcast, but I'm not sure how else to describe a potentially-broadcastable transaction. Maybe broadcastable_node_*, though that seems verbose.

[ariard]

Hmm, I still think its possible to confuse that - the node which sends all the data on the wire here is not the owner, but it feels like they should be the owner since they decided when to create the commitment tx and when to send information about it (though not when to finalize it or broadcast it).

I don't agree on when to create the commitment as Alice can send a update_add_htlc/commitment_signed to Bob, whom in reply will send back signatures for updating Alice's commitment. So you can analyze as Alice who decided the creation, assuming honest protocol behavior from Bob.

I like owner as ultimately you're deciding for the finalization and thus authorizing this transaction to spend the funding output. Also it underscores you have to reject counterparty contribution if they're not valid (like invalid signatures/pubkeys).

Sounds we won't agree here, @jkczyz do you want serve as a tie-breaker ? Does owner/contributor sound like a meaningful improvement on local/remote :) ?

[jkczyz]

Sounds we won't agree here, @jkczyz do you want serve as a tie-breaker ? Does owner/contributor sound like a meaningful improvement on local/remote :) ?

I think I got a little lost in the discussion. :) Could you point me to a concrete example in the PR where these would be used in replace of local/remote?

[jkczyz]

The side ("our") of the reserve is immaterial here since its implied by this being a receive. I'd try to avoid "us" and "our" in these messages by stating as:

Cannot receive value that would put the channel under its reserve value

That said, there are other messages that use "our" and "their" pronouns it appears.

[ariard]

Good suggestion but I took it a bit differently "Cannot accept HTLC that would put counterparty balance under channel reserve value" as it underscores both purpose of this check and ownership of checked value.

[jkczyz]

I guess this where I'm a bit confused. Here we are mixing "counterparty" and "remote".

[ariard]

My bad, I think this variable was really badly-named. Switched it to next_counterparty_commitment_number as we used this value to build counterparty's commitment transaction.

[jkczyz]

Likewise.

[ariard]

Thanks @jkczyz for the new parse. As an example of new owner/contributor usage, see TxCreationKeys in 2fb8a21

@TheBlueMatt what about remittee/recipient instead of owner ? Transactions are like letters, issued and signed by a sender but aiming to an exclusive remittee to whom only they will provide value.

New proposal remittee/countersignatory ?

[TheBlueMatt]

remittee/recipient or remittee/countersignatory sounds maybe ok for payments, as they are remitted, but I don't think you'd generally use the term "remit" for pure data - personally I'm still a fan of broadcastor-based language as the whole point of a transaction is to possibly be broadcast, even if it never is.

[jkczyz]

Thanks @jkczyz for the new parse. As an example of new owner/contributor usage, see TxCreationKeys in 2fb8a21

Is there an argument against why we shouldn't simply use no prefix and counterparty_ in TxCreationKeys as well?

When I read the documentation:

A contributor key is coming from a protocol participant contributing to the computed transaction.

I think that is just a verbose but complicated way of saying the counterparty. So rather than introduce new terminology (i.e. owner/contributor), why not be consistent by using no prefix and counterparty_ as used elsewhere? The nice thing about "counterparty" IMHO is that it is a relative term. That is, it can be used equally well within a channel or within a commitment transaction (regardless of whose it is).

[jkczyz]

I understand that "contrib" is short for "contribution", but using this with "counterparty" may be confusing when "contributor" is later used as the counterparty of "owner" in TxCreationKeys. We can remove this possible confusion by not using "contributor" in TxCreationKeys, FWIW.

[jkczyz]

s/A owner/An owner
s/intented/intended

[ariard]

I'm settling on broadcaster/countersignatory, broadcastee is too much near-collision.

@jkczyz

why not be consistent by using no prefix and counterparty_ as used elsewhere? The nice thing about "counterparty" IMHO is that it is a relative term. That is, it can be used equally well within a channel or within a commitment transaction (regardless of whose it is).

I think using counterparty_ in this transaction/keys builder helpers would get us back where we're before.
Namely confusing remote as our protocol counterparty with whom we're operating this channel and remote as the protocol participant authorizing the transaction but devoid of capability to broadcast the transaction. And in those modified builders, we can be remote, like when we're initiating a channel update by sending a commitment_signed.

[TheBlueMatt]

Shouldnt this be broadcaster/countersignatory?

[ariard]

That's intentional, as we never derive counterparty revocation key as it's only used to punish them, revocation appears to me directed thus the counterparty_ nomenclature. I concede that can be confusing ?

[TheBlueMatt]

Its also a pub function, so users can do whatever :p. But, sure, that's fine with me, maybe leave a comment, though.

[TheBlueMatt]

I posted this above, but re: no-prefix versions: I'm really not a fan of no prefix - it seems ripe for confusion. "Yep, code reads right, it says to_self_delay" when its really the wrong "to_self_delay". Seems that would be easy to miss in a code review.

[ariard]

Updated with restoring the local_ prefix for our to_self_delay in keysinterface, if I understood well your concern. Even if we have context there to dissociate, I concede that can be confusing.

[jkczyz]

I'm settling on broadcaster/countersignatory, broadcastee is too much near-collision.

SGTM. Please update the commit message for a513747 as it still mentions "owner" and "contributor".

I think using counterparty_ in this transaction/keys builder helpers would get us back where we're before.
Namely confusing remote as our protocol counterparty with whom we're operating this channel and remote as the protocol participant authorizing the transaction but devoid of capability to broadcast the transaction. And in those modified builders, we can be remote, like when we're initiating a channel update by sending a commitment_signed.

Not sure I 100% agree as there shouldn't be a concept of "our" in TxCreationKeys, but I like your choice of "broadcaster" and "countersignatory" much better. No need to argue the point any further. :)

[jkczyz]

Remove "our"?

[ariard]

Updated with last comments.

[TheBlueMatt]

What do we think about counterparty_set_to_local_delay and local_set_to_counterparty_delay? I still have a hard time thinking that this is that much clearer.

[TheBlueMatt]

Should we leave the broadcaster_ prefix here?

[ariard]

There is only one delayed_payment_key per-commitment transaction. Previously revocation_key didn't have a prefix. This is converging towards this nomenclature antecedent.

[TheBlueMatt]

Sure, its the only one, but there's no harm in indicating who's it is, and it can only help readability.

[TheBlueMatt]

nit: Can we leave the local_ prefix here?

[TheBlueMatt]

Its also a pub function, so users can do whatever :p. But, sure, that's fine with me, maybe leave a comment, though.

[TheBlueMatt]

Here, on the other hand, my point at https://github.com/rust-bitcoin/rust-lightning/pull/633/files#r475152575 stands (and maybe its nice that they use the same nomenclature)

[TheBlueMatt]

s/is coming from/is provided by/

[TheBlueMatt]

Can we keep local here?

[TheBlueMatt]

same here.

[TheBlueMatt]

Same here and for derive_dust_limit.

[TheBlueMatt]

Shouldnt this be counteraprty_selected?

[ariard]

I think it's a bit more subtle, it's the max counterparty_selected as enforced by our configuration, but yeah updated.

[TheBlueMatt]

Same, maybe don't drop our.

[TheBlueMatt]

The comments/variables/etc here still have a ton of references to remote_, to_self_delay, etc.

[ariard]

Right corrected, note there is still remote/local references around SpendableOutputDescriptors as they're relative to ChannelMonitor (and I'll do post-anchor to avoid a confusing rebase).

[TheBlueMatt]

Should we change the function names in ChannelKeys (above)

[ariard]

Add a new commit scoping ChannelKeys under new nomenclature.

[TheBlueMatt]

This still says remote_, as does the variable name further down.

[ariard]

Updated all ChannelMonitor/OnchainTxHandler-side, as it was tied down with using this version of Remote.

[TheBlueMatt]

Maybe lets rename this to get_commitment_sig or get_tx_sig to mirror get_htlc_sigs instead of using the "local" name.

[ariard]

Done, LocalCommitmentTx -> HolderCommitmentTx

[TheBlueMatt]

nit: s/come/comes/, twice plus in comments below.

[ariard]

Not gonna to take it, to avoid modifying commits

[TheBlueMatt]

s/revoked/revocable/ plus in the comment below.

[ariard]

Not gonna to take it, to avoid modifying commits.

[TheBlueMatt]

Wait, isn't this fully opposite, though - only the countersignatory of the originally-broadcasted commitment transaction can create a valid witness to broadcast a revocation key? I suppose its now a little confused - the commitment-tx-countersignatory is now the broadcaster of the revocation-punishment transaction (hence the per_commitment_secret is sent). I don't know that this needs to be captured in the names per se, but its probably worth at least fixing the comment (a new commit is fine by me, though).

[jkczyz]

"holder" is growing on me. :)

[jkczyz]

Could you add documentation for "holder" and "counterparty" on the relevant structs/traits?

[ariard]

Add a solo comment in Channel. As it now used everywhere I don't know if it useful to replicate through the codebase, but not strong opinion ?

[jkczyz]

Any reason to prefer "locally" over "holder"?

[ariard]

Add a cleanup commit, iteration from a previous round of review.

[TheBlueMatt]

Note that there are a ton of places in channel.rs that still have the /local_// conversion instead of /local_/holder_/. It seems they're all in function-scope variables so I'm ok with it if you dont want to fix it, but figured I'd note in case you or Jeff feel strongly.

[ariard]

Yes at first try I was aiming to savagely converse everything then figured out a lot of references are meddled with ChannelState names.

I'm aiming to fix it when we refactor/cleanup further Channel internals. And have some on anchor branch.

[TheBlueMatt]

This should probably be holder (therea re a bunch of places which did the s/our// translation instead of s/our/holder/, but I think this is the only non-funciton-scope one).

[TheBlueMatt]

Not a new bug, but this looks very broken - I'm kinda sad we don't have test coverage for it.

[ariard]

That's was the starting point of : #670, and we know how it ends up. Add a reference in #680

[TheBlueMatt]

Wait, I dont recall you mentioning this - I was under the impression 670 was NOTABUG, this is definitely a bug.

[TheBlueMatt]

I think I'd be happier if this just said "revocation_key" to match "per_commitment_point" - its a private key that requires private data from both sides, and really only the countersignatory can ever learn the private key part, but its awkward to suggest its owned by either side. Note that this change would effect a few other cases of "revocation_key" in this file.

[ariard]

Good call, shared keys are hard to attribute ownership. Corrected and normally other references spread over.

[TheBlueMatt]

s/counterparty//

[TheBlueMatt]

s/counterparty// (but not on the next line down).

[TheBlueMatt]

Not your bug, but can you fix this comment to not refer to ours/theirs/counterparty/etc - this struct is generic across both sides (and thus should only ever use broadcaster/countersignatory).

[ariard]

Hmmm I keep the counterparty's it makese sense here, as this immediate spend is only available if it's the counterparty commitment ?

[TheBlueMatt]

There are still a number of references to broadcaster_revocation_key - can you remove those too?

[TheBlueMatt]

Still reviewing, but one comment came up.

[TheBlueMatt]

This is about counterparty-announced and our balance, not the other way around.

[ariard]

Corrected.

[TheBlueMatt]

One more note plus this needs squashed or at least 4491986 fixed (it doesn't build on its own).

[TheBlueMatt]

This reads a bit confusing - its the countersignatory's balance in a broadcaster's transaction, but reading it I'd think its a broadcaster's balance.

[TheBlueMatt]

Verified that every commit except 4491986 builds + passes tests, so just that one commit needs fixedup/the next squashed into it.