Splice: Interop Final (probably) with Eclair #8021
Open
+990
−276
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@remyers reported this fix made his splice interop test pass! 🎉🚀 |
ddustin
changed the title
ddustin
changed the title
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
from
e86bfbc to
facfeeb
Compare
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
9 times, most recently
from
29d52d1 to
45ae772
Compare
niftynei
reviewed
Feb 4, 2025
| @@ -200,6 +200,7 @@ new_inflight(struct channel *channel, | |||
|
|
|||
| inflight->i_am_initiator = i_am_initiator; | |||
| inflight->force_sign_first = force_sign_first; | |||
| inflight->is_locked = false; | |||
| inflight->splice_locked_memonly = false; | |||
There was a problem hiding this comment.
it'd be great to add this to wallet/tests/run-wallet.c for the inflights
| @@ -3829,7 +3829,7 @@ static void splice_accepter(struct peer *peer, const u8 *inmsg) | |||
| new_inflight->remote_funding = peer->splicing->remote_funding_pubkey; | |||
| new_inflight->outpoint = outpoint; | |||
| new_inflight->amnt = both_amount; | |||
| new_inflight->psbt = tal_steal(new_inflight, ictx->current_psbt); | |||
| new_inflight->psbt = clone_psbt(new_inflight, ictx->current_psbt); | |||
There was a problem hiding this comment.
yeah tal_steal and psbt code aren't good friends
There was a problem hiding this comment.
No more theft among psbt 🙅
|
|
||
| if (!fromwire_splice_locked(msg, &chanid)) | ||
| if (!fromwire_splice_locked(msg, &chanid, &splice_txid)) |
There was a problem hiding this comment.
Added a check for it in e117ec4
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
3 times, most recently
from
e117ec4 to
e91b6b7
Compare
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
10 times, most recently
from
c31f4cc to
d991a45
Compare
Interop testing with Eclair revealed an issue with remote funding key rotation. This searches for the funding output using the rotated remote funding pubkey instead of the furrent funding pubkey. Also update the variable name to be more clear which this represents. Changelog-Changed: Interop fixes for compatability with Eclair
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
2 times, most recently
from
cd71829 to
6c9979e
Compare
remyers
added a commit
to remyers/lightning
that referenced
this pull request
May 2, 2025
This is an alternative to what we discussed on Friday to fix the interop test where we splice-out funds from cln that were received via an htlc payment. ElementsProject#8021 (comment) It should be safer to use `amount_msat_to_sat_round_down` instead of `amount_msat_to_sat` because we can drop sub-sat amounts for splices. Also if `amount_msat_to_sat` fails it won't set `local_funds` and create UB.
This is needed to remember if a splice was locked and reconnect occurs mid `splice_locked` attempted so it can be resumed in reestablish.
A new case where `splice_locked` must be sent again on reestablish. This handles the case where `splice_locked` did not complete locally or remotely and must be resumed.
Upscale user provided PSBTs to v2 and convert them back to user preference when returned.
This is needed to remember if a splice was locked and reconnect occurs mid `splice_locked` attempted so it can be resumed in reestablish.
Check that the peer sent the correct txid in their `splice_locked` message. We have to check this later on in `check_mutal_splice_locked` so we store the value in `splice_state`
PSBT changeset routines were using linearize_output which mutated the memory of the objects it was comparing. This commit fixes that and also cleans up the memory usage to be more clear and more guarentee there is no memory corruption. Changelog-None
Update splice flows to use the new `clone_psbt` method instead of stealing back and forth.
`bitcoin_tx_with_psbt` would somewhat opaquely steal the passed `psbt` value. This caused a bug where code made a `bitcoin_tx` using a psbt without realizing the value was stolen. Because the resulting `bitcoin_tx` was placed in tmpctx it was not immediately clear that using `psbt` afterwards was an error until the tmpctx was cleared — creating a valgrind backtrace far from the actual issue. Switching to the routine to using TAKES and adding documentation in the header, makes it explicitly clear which operation the user is doing — helping prevent future regressions of this kind. Changelog-None
A routine that audit’s and asserts PSBT memory to confirm it has a sane memory allocation hierarchy. Changelog-None
Default wally_tal_ctx to NULL, add extra asserts and tal_checks, and documentation explaning the usage of tal_wally_start/end. Changelog-None
An extra check to ensure the user doesn’t try to sign a splice that wasn’t finalized.
Cleaning up the memory hierarchy of PSBT usage in splicing and `psbt_finalize_input`
Error statement was misformatted and caused a crash instead of reporting the error. Changelog-None
The value of `our_funds` inlightningd is the funds added to the channel during creation. Splicing is a quasi-creation event. This change makes our pending funds be considered funding funds at the moment of splice confirmation. Changelog-None
Other implementations are sending commit_sig batches in different orders. We add support for them being in any order by ordering the batch of messages after receiving them. Changelog-Changed: Increase interop compatability by loosening requirement that commitment signed messages be received in a particular order and sorting them internally.
Update to use Eclair’s spec’d version of reestablish. Changelog-None
Eclair requires `next_commitment_number` to be decremented to resend the individual splice commitment_signed message.
Be more conservative about when we request of send commit sig for splice to match the Eclair behavior.
Turn on the receiving of splice RBF attempts.
The result of splice_signed can fail for many reasons that are non-critical (already in mempool for instance). Don’t abort channels in this case as that causes a force close.
Allow user’s to RBF existing splices. For now this is done by simple executing an additional splice command, in the future this will can also be done with dedicated RPCs. Changelog-Added: Enabled the ability to RBF splices
A splice where reestablish happens at the right moment causes an infinite loop of announcement signatures being sent back and forth. Limit the announcement sigs we send in response to announcement sigs to once per channel session. ChangelogNone
ddustin
force-pushed
the
ddustin/splice_interop_final_(probably)
branch
from
6c9979e to
52f74f6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Interop testing with Eclair revealed an issue with remote funding key rotation.
This searches for the funding output using the rotated remote funding pubkey instead of the current funding pubkey.
Update the variable name to be more clear which this represents.
Implement new pending spec changes for
splice_lockedresuming in reestablish.Fixes #8030