Skip to content

Commit

Permalink
Anchor: do not aggregate claim of revoked output
Browse files Browse the repository at this point in the history 
See lightning/bolts#803

This protect the justice claim of counterparty revoked output. As
otherwise if the all the revoked outputs claims are batched in a
single transaction, low-feerate HTLCs transactions can delay our
honest justice claim transaction until BREAKDOWN_TIMEOUT expires.
  • Loading branch information
@ariard
Antoine Riard authored and ariard committed Nov 23, 2022
1 parent 505102d commit 29ab7af
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 7 deletions.
8 changes: 5 additions & 3 deletions lightning/src/chain/channelmonitor.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2436,8 +2436,10 @@ impl<Signer: Sign> ChannelMonitorImpl<Signer> {
// First, process non-htlc outputs (to_holder & to_counterparty)
for (idx, outp) in tx.output.iter().enumerate() {
if outp.script_pubkey == revokeable_p2wsh {
let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, outp.value, self.counterparty_commitment_params.on_counterparty_tx_csv);
let justice_package = PackageTemplate::build_package(commitment_txid, idx as u32, PackageSolvingData::RevokedOutput(revk_outp), height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, true, height);
let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, outp.value, self.counterparty_commitment_params.on_counterparty_tx_csv, self.onchain_tx_handler.opt_anchors(), true);
// Post-anchor, aggregation of outputs of different types is unsafe. See https://github.com/lightning/bolts/pull/803.
let aggregation = if self.onchain_tx_handler.opt_anchors() { false } else { true };
let justice_package = PackageTemplate::build_package(commitment_txid, idx as u32, PackageSolvingData::RevokedOutput(revk_outp), height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, aggregation, height);
claimable_outpoints.push(justice_package);
to_counterparty_output_info =
Some((idx.try_into().expect("Txn can't have more than 2^32 outputs"), outp.value));
Expand Down Expand Up @@ -2624,7 +2626,7 @@ impl<Signer: Sign> ChannelMonitorImpl<Signer> {
let per_commitment_point = PublicKey::from_secret_key(&self.secp_ctx, &per_commitment_key);

log_error!(logger, "Got broadcast of revoked counterparty HTLC transaction, spending {}:{}", htlc_txid, 0);
let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, tx.output[0].value, self.counterparty_commitment_params.on_counterparty_tx_csv);
let revk_outp = RevokedOutput::build(per_commitment_point, self.counterparty_commitment_params.counterparty_delayed_payment_base_key, self.counterparty_commitment_params.counterparty_htlc_base_key, per_commitment_key, tx.output[0].value, self.counterparty_commitment_params.on_counterparty_tx_csv, self.onchain_tx_handler.opt_anchors(), false);
let justice_package = PackageTemplate::build_package(htlc_txid, 0, PackageSolvingData::RevokedOutput(revk_outp), height + self.counterparty_commitment_params.on_counterparty_tx_csv as u32, true, height);
let claimable_outpoints = vec!(justice_package);
let outputs = vec![(0, tx.output[0].clone())];
Expand Down
16 changes: 12 additions & 4 deletions lightning/src/chain/package.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,30 +97,36 @@ pub(crate) struct RevokedOutput {
weight: u64,
amount: u64,
on_counterparty_tx_csv: u16,
opt_anchors: Option<()>,
is_counterparty_balance: Option<()>,
}

impl RevokedOutput {
pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, per_commitment_key: SecretKey, amount: u64, on_counterparty_tx_csv: u16) -> Self {
pub(crate) fn build(per_commitment_point: PublicKey, counterparty_delayed_payment_base_key: PublicKey, counterparty_htlc_base_key: PublicKey, per_commitment_key: SecretKey, amount: u64, on_counterparty_tx_csv: u16, opt_anchors: bool, is_counterparty_balance: bool) -> Self {
RevokedOutput {
per_commitment_point,
counterparty_delayed_payment_base_key,
counterparty_htlc_base_key,
per_commitment_key,
weight: WEIGHT_REVOKED_OUTPUT,
amount,
on_counterparty_tx_csv
on_counterparty_tx_csv,
opt_anchors: if opt_anchors { Some(()) } else { None },
is_counterparty_balance: if is_counterparty_balance { Some(()) } else { None },
}
}
}

impl_writeable_tlv_based!(RevokedOutput, {
(0, per_commitment_point, required),
(2, counterparty_delayed_payment_base_key, required),
(3, is_counterparty_balance, option),
(4, counterparty_htlc_base_key, required),
(6, per_commitment_key, required),
(8, weight, required),
(10, amount, required),
(12, on_counterparty_tx_csv, required),
(14, opt_anchors, option),
});

/// A struct to describe a revoked offered output and corresponding information to generate a
Expand Down Expand Up @@ -800,7 +806,9 @@ impl Readable for PackageTemplate {
}
let (malleability, aggregable) = if let Some((_, lead_input)) = inputs.first() {
match lead_input {
PackageSolvingData::RevokedOutput(..) => { (PackageMalleability::Malleable, true) },
PackageSolvingData::RevokedOutput(RevokedOutput { is_counterparty_balance: None, .. }) => { (PackageMalleability::Malleable, true) },
PackageSolvingData::RevokedOutput(RevokedOutput { opt_anchors: Some(..), .. }) => { (PackageMalleability::Malleable, false) },
PackageSolvingData::RevokedOutput(RevokedOutput { opt_anchors: None, .. }) => { (PackageMalleability::Malleable, true) },
PackageSolvingData::RevokedHTLCOutput(..) => { (PackageMalleability::Malleable, true) },
PackageSolvingData::CounterpartyOfferedHTLCOutput(..) => { (PackageMalleability::Malleable, true) },
PackageSolvingData::CounterpartyReceivedHTLCOutput(..) => { (PackageMalleability::Malleable, false) },
Expand Down Expand Up @@ -930,7 +938,7 @@ mod tests {
{
let dumb_scalar = SecretKey::from_slice(&hex::decode("0101010101010101010101010101010101010101010101010101010101010101").unwrap()[..]).unwrap();
let dumb_point = PublicKey::from_secret_key(&$secp_ctx, &dumb_scalar);
PackageSolvingData::RevokedOutput(RevokedOutput::build(dumb_point, dumb_point, dumb_point, dumb_scalar, 0, 0))
PackageSolvingData::RevokedOutput(RevokedOutput::build(dumb_point, dumb_point, dumb_point, dumb_scalar, 0, 0, false, false))
}
}
}
Expand Down

0 comments on commit 29ab7af

Please sign in to comment.