-
Notifications
You must be signed in to change notification settings - Fork 895
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement flag to require confirmations for v2 opens #5900
Implement flag to require confirmations for v2 opens #5900
Conversation
f341789
to
b4b3eea
Compare
b4b3eea
to
ffa4d89
Compare
Rebased now prereq is merged, for review. |
Trivial rebase now prereq is merged. |
ffa4d89
to
483afd2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a pile of nits.
It's always a pleasure to review the code of a master!
channel_internal_error(dualopend->channel, | ||
"Bad DUALOPEND_VALIDATE_INPUTS: %s", | ||
tal_hex(msg, msg)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return after this (I know, shouldn't happen, but still...)
lightningd/dual_open_control.c
Outdated
static void openchannel_invalid_psbt(struct psbt_validator *pv, char *err_msg) | ||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
const char *err_msg
openingd/dualopend.c
Outdated
if (state->require_confirmed_inputs[REMOTE] && | ||
!validate_inputs(state, tx_state, state->our_role)) | ||
return; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks a bit weird, right? Maybe get validate_inputs() to return NULL or errmsg, and then do the open_abort() here if return is non-NULL? Fits the pattern in the rest, and seems more explicit?
not amazing, since we'll probably call openchannel_update multiple times per open, but this is the simplest way to confirm that we're not sending unconfirmed outputs to peer.
We're going to use this in a bit to pass role type btw dualopend/lightningd
technically we don't need this info after the channel opens, but for any subsequent RBF (and maybe splice?) we need to remember what the open/accept peer signaled
We push this info out to the various RPCs/hooks.
`openchannel_init` takes a psbt, which we pipe over to dualopend process. If the peer requests that they'll only accept confirmed inputs, we need to go validate those before we continue. This wires up the harness for this (validation check yet tc)
Add callback methods to extant psbt validator, and expand usage to include the handling psbt validation requests from dualopend.
If set, require peers to only provide confirmed inputs for any v2 open (both in accepter + opener role)
Pass in the "validate inputs confirmed" flag from lightningd; use flag to determine whether or not to validate the inputs we've recieved from peer.
It's not likely but possible that the node's settings will shift btw a start and an RBF; we persist the setting to the database so we don't lose it. Right now holding onto it forever is kind of extra but maybe we'll reuse the setting for splices? idk. Should this be a channel type??
483afd2
to
8a00ce7
Compare
Ack 8a00ce7 |
Requested-By: @t-bast
Respect and enable users to send a flag that requests the peer only use confirmed inputs for any v2 open request. Persists through to RBFs for the same channel as well.
Built on #5767, new commits begin at 1e09bdd