fixup: client_trusts_lsp is now a dynamic flag. also channel_needs_manual_broadcast logs error if it fails

Author: martinsaposnic

src/event.rs

@@ -514,16 +514,20 @@ where
 					locktime,
 				) {
 					Ok(final_tx) => {
-						let needs_manual_broadcast = self
-							.liquidity_source
-							.as_ref()
-							.map(|ls| {
+						let needs_manual_broadcast =
+							match self.liquidity_source.as_ref().map(|ls| {
 								ls.as_ref().lsps2_channel_needs_manual_broadcast(
 									counterparty_node_id,
 									user_channel_id,
 								)
-							})
-							.unwrap_or(false);
+							}) {
+								Some(Ok(v)) => v,
+								Some(Err(e)) => {
+									log_error!(self.logger, "Failed to determine if channel needs manual broadcast: {:?}", e);
+									false
+								},
+								None => false,
+							};
 
 						let result = if needs_manual_broadcast {
 							self.liquidity_source.as_ref().map(|ls| {

src/lib.rs

@@ -1010,6 +1010,14 @@ impl Node {
 		self.channel_manager.list_channels().into_iter().map(|c| c.into()).collect()
 	}
 
+	/// Dynamically set whether the LSPS2 service operates in `client_trusts_lsp` mode.
+	pub fn set_lsps2_client_trusts_lsp(&self, trust: bool) -> Result<(), Error> {
+		let liquidity_source =
+			self.liquidity_source.as_ref().ok_or(Error::LiquiditySourceUnavailable)?;
+		liquidity_source.set_client_trusts_lsp(trust);
+		Ok(())
+	}
+
 	/// Connect to a node on the peer-to-peer network.
 	///
 	/// If `persist` is set to `true`, we'll remember the peer and reconnect to it on restart.

src/liquidity.rs

@@ -20,6 +20,7 @@ use lightning::ln::msgs::SocketAddress;
 use lightning::ln::types::ChannelId;
 use lightning::routing::router::{RouteHint, RouteHintHop};
 
+use lightning::util::errors::APIError;
 use lightning_invoice::{Bolt11Invoice, Bolt11InvoiceDescription, InvoiceBuilder, RoutingFees};
 
 use lightning_liquidity::events::LiquidityEvent;
@@ -92,9 +93,12 @@ pub(crate) struct LSPS2ClientConfig {
 	pub token: Option<String>,
 }
 
+use std::sync::atomic::{AtomicBool, Ordering};
+
 struct LSPS2Service {
 	service_config: LSPS2ServiceConfig,
 	ldk_service_config: LdkLSPS2ServiceConfig,
+	client_trusts_lsp: AtomicBool,
 }
 
 /// Represents the configuration of the LSPS2 service.
@@ -133,8 +137,6 @@ pub struct LSPS2ServiceConfig {
 	pub min_payment_size_msat: u64,
 	/// The maximum payment size that we will accept when opening a channel.
 	pub max_payment_size_msat: u64,
-	/// Use the client trusts lsp model
-	pub client_trusts_lsp: bool,
 }
 
 pub(crate) struct LiquiditySourceBuilder<L: Deref>
@@ -217,7 +219,11 @@ where
 		&mut self, promise_secret: [u8; 32], service_config: LSPS2ServiceConfig,
 	) -> &mut Self {
 		let ldk_service_config = LdkLSPS2ServiceConfig { promise_secret };
-		self.lsps2_service = Some(LSPS2Service { service_config, ldk_service_config });
+		self.lsps2_service = Some(LSPS2Service {
+			client_trusts_lsp: AtomicBool::new(false),
+			service_config,
+			ldk_service_config,
+		});
 		self
 	}
 
@@ -295,23 +301,21 @@ where
 
 	pub(crate) fn lsps2_channel_needs_manual_broadcast(
 		&self, counterparty_node_id: PublicKey, user_channel_id: u128,
-	) -> bool {
+	) -> Result<bool, APIError> {
 		// if we are not in a client_trusts_lsp model, we don't check and just return false
 		if !self.is_client_trusts_lsp() {
 			log_debug!(self.logger, "Skipping funding transaction broadcast as client trusts LSP.");
-			return false;
+			return Ok(false);
 		}
 
 		// if we are in a client_trusts_lsp model, then we check if the LSP has an LSPS2 operation in progress
-		self.lsps2_service.as_ref().map_or(false, |_| {
+		self.lsps2_service.as_ref().map_or(Ok(false), |_| {
 			let lsps2_service_handler = self.liquidity_manager.lsps2_service_handler();
 			if let Some(handler) = lsps2_service_handler {
-				handler
-					.channel_needs_manual_broadcast(user_channel_id, &counterparty_node_id)
-					.unwrap_or(false)
+				handler.channel_needs_manual_broadcast(user_channel_id, &counterparty_node_id)
 			} else {
 				log_error!(self.logger, "LSPS2 service handler is not available.");
-				false
+				Ok(false)
 			}
 		})
 	}
@@ -360,9 +364,21 @@ where
 		});
 	}
 
+	pub(crate) fn set_client_trusts_lsp(&self, trust: bool) {
+		if let Some(service) = self.lsps2_service.as_ref() {
+			service.client_trusts_lsp.store(trust, Ordering::SeqCst);
+			log_info!(self.logger, "Updated LSPS2 client_trusts_lsp to {}", trust);
+		} else {
+			log_error!(
+				self.logger,
+				"Attempted to update LSPS2 trust mode but service not configured"
+			);
+		}
+	}
+
 	fn is_client_trusts_lsp(&self) -> bool {
 		if let Some(lsps2_service) = self.lsps2_service.as_ref() {
-			lsps2_service.service_config.client_trusts_lsp
+			lsps2_service.client_trusts_lsp.load(Ordering::SeqCst)
 		} else {
 			false
 		}
@@ -547,10 +563,8 @@ where
 				if let Some(lsps2_service_handler) =
 					self.liquidity_manager.lsps2_service_handler().as_ref()
 				{
-					let service_config = if let Some(service_config) =
-						self.lsps2_service.as_ref().map(|s| s.service_config.clone())
-					{
-						service_config
+					let service_config = if let Some(service) = self.lsps2_service.as_ref() {
+						service.service_config.clone()
 					} else {
 						log_error!(self.logger, "Failed to handle LSPS2ServiceEvent as LSPS2 liquidity service was not configured.",);
 						return;
@@ -616,10 +630,13 @@ where
 				if let Some(lsps2_service_handler) =
 					self.liquidity_manager.lsps2_service_handler().as_ref()
 				{
-					let service_config = if let Some(service_config) =
-						self.lsps2_service.as_ref().map(|s| s.service_config.clone())
+					let (service_config, trusts_lsp) = if let Some(service) =
+						self.lsps2_service.as_ref()
 					{
-						service_config
+						(
+							service.service_config.clone(),
+							service.client_trusts_lsp.load(Ordering::SeqCst),
+						)
 					} else {
 						log_error!(self.logger, "Failed to handle LSPS2ServiceEvent as LSPS2 liquidity service was not configured.",);
 						return;
@@ -656,7 +673,7 @@ where
 						request_id,
 						intercept_scid,
 						LSPS2_CHANNEL_CLTV_EXPIRY_DELTA,
-						service_config.client_trusts_lsp,
+						trusts_lsp,
 						user_channel_id,
 					) {
 						Ok(()) => {},

tests/integration_tests_rust.rs

@@ -1263,7 +1263,6 @@ fn lsps2_client_service_integration() {
 		min_channel_lifetime: 100,
 		min_channel_opening_fee_msat: 0,
 		max_client_to_self_delay: 1024,
-		client_trusts_lsp: false,
 	};
 
 	let service_config = random_config(true);
@@ -1409,7 +1408,6 @@ fn lsps2_client_trusts_lsp() {
 		min_channel_lifetime: 100,
 		min_channel_opening_fee_msat: 0,
 		max_client_to_self_delay: 1024,
-		client_trusts_lsp: true,
 	};
 
 	let service_config = random_config(true);
@@ -1418,7 +1416,7 @@ fn lsps2_client_trusts_lsp() {
 	service_builder.set_liquidity_provider_lsps2(lsps2_service_config);
 	let service_node = service_builder.build().unwrap();
 	service_node.start().unwrap();
-
+	service_node.set_lsps2_client_trusts_lsp(true).unwrap();
 	let service_node_id = service_node.node_id();
 	let service_addr = service_node.listening_addresses().unwrap().first().unwrap().clone();
 
@@ -1530,6 +1528,119 @@ fn lsps2_client_trusts_lsp() {
 	assert!(funding_tx_found, "Funding transaction should be broadcast after the client claims it");
 }
 
+#[test]
+fn lsps2_in_flight_under_attack_switch() {
+	let (bitcoind, electrsd) = setup_bitcoind_and_electrsd();
+
+	let esplora_url = format!("http://{}", electrsd.esplora_url.as_ref().unwrap());
+
+	let sync_config = EsploraSyncConfig { background_sync_config: None };
+
+	// Setup three nodes: service, client, and payer
+	let channel_opening_fee_ppm = 10_000;
+	let channel_over_provisioning_ppm = 100_000;
+	let lsps2_service_config = LSPS2ServiceConfig {
+		require_token: None,
+		advertise_service: false,
+		channel_opening_fee_ppm,
+		channel_over_provisioning_ppm,
+		max_payment_size_msat: 1_000_000_000,
+		min_payment_size_msat: 0,
+		min_channel_lifetime: 100,
+		min_channel_opening_fee_msat: 0,
+		max_client_to_self_delay: 1024,
+	};
+
+	let service_config = random_config(true);
+	setup_builder!(service_builder, service_config.node_config);
+	service_builder.set_chain_source_esplora(esplora_url.clone(), Some(sync_config));
+	service_builder.set_liquidity_provider_lsps2(lsps2_service_config);
+	let service_node = service_builder.build().unwrap();
+	service_node.start().unwrap();
+
+	let service_node_id = service_node.node_id();
+	let service_addr = service_node.listening_addresses().unwrap().first().unwrap().clone();
+
+	let client_config = random_config(true);
+	setup_builder!(client_builder, client_config.node_config);
+	client_builder.set_chain_source_esplora(esplora_url.clone(), Some(sync_config));
+	client_builder.set_liquidity_source_lsps2(service_node_id, service_addr.clone(), None);
+	let client_node = client_builder.build().unwrap();
+	client_node.start().unwrap();
+
+	let payer_config = random_config(true);
+	setup_builder!(payer_builder, payer_config.node_config);
+	payer_builder.set_chain_source_esplora(esplora_url.clone(), Some(sync_config));
+	let payer_node = payer_builder.build().unwrap();
+	payer_node.start().unwrap();
+
+	let service_addr_onchain = service_node.onchain_payment().new_address().unwrap();
+	let client_addr_onchain = client_node.onchain_payment().new_address().unwrap();
+	let payer_addr_onchain = payer_node.onchain_payment().new_address().unwrap();
+
+	let premine_amount_sat = 10_000_000;
+
+	premine_and_distribute_funds(
+		&bitcoind.client,
+		&electrsd.client,
+		vec![service_addr_onchain, client_addr_onchain, payer_addr_onchain],
+		Amount::from_sat(premine_amount_sat),
+	);
+	service_node.sync_wallets().unwrap();
+	client_node.sync_wallets().unwrap();
+	payer_node.sync_wallets().unwrap();
+	println!("Premine complete!");
+	// Open a channel payer -> service that will allow paying the JIT invoice
+	open_channel(&payer_node, &service_node, 5_000_000, false, &electrsd);
+
+	generate_blocks_and_wait(&bitcoind.client, &electrsd.client, 6);
+	service_node.sync_wallets().unwrap();
+	payer_node.sync_wallets().unwrap();
+	expect_channel_ready_event!(payer_node, service_node.node_id());
+	expect_channel_ready_event!(service_node, payer_node.node_id());
+
+	let initial_mempool_size = bitcoind.client.get_raw_mempool().unwrap().0.len();
+
+	let invoice_description =
+		Bolt11InvoiceDescription::Direct(Description::new(String::from("asdf")).unwrap());
+	let jit_amount_msat = 100_000_000;
+
+	println!("Generating JIT invoice!");
+	let jit_invoice = client_node
+		.bolt11_payment()
+		.receive_via_jit_channel(jit_amount_msat, &invoice_description.into(), 1024, None)
+		.unwrap();
+
+	// Have the payer_node pay the invoice, thereby triggering channel open service_node -> client_node.
+	println!("Paying JIT invoice!");
+	let _payment_id = payer_node.bolt11_payment().send(&jit_invoice, None).unwrap();
+
+	// Switch trust mode immediately after payment is sent, before events are processed.
+	// This simulates the LSP going into "under-attack" mode.
+	println!("Switching trust mode on LSP during in-flight JIT channel opening.");
+	service_node.set_lsps2_client_trusts_lsp(true).unwrap();
+
+	expect_channel_pending_event!(service_node, client_node.node_id());
+	expect_channel_ready_event!(service_node, client_node.node_id());
+	expect_channel_pending_event!(client_node, service_node.node_id());
+	expect_channel_ready_event!(client_node, service_node.node_id());
+
+	println!("Waiting for funding transaction to be broadcast...");
+	let mut funding_tx_found = false;
+	for _ in 0..500 {
+		std::thread::sleep(std::time::Duration::from_millis(100));
+		let current_mempool = bitcoind.client.get_raw_mempool().unwrap();
+		if current_mempool.0.len() > initial_mempool_size {
+			funding_tx_found = true;
+			break;
+		}
+	}
+	assert!(
+        funding_tx_found,
+        "Funding transaction should be broadcast immediately as the JIT process started before the trust switch"
+    );
+}
+
 #[test]
 fn lsps2_lsp_trusts_client_but_client_does_not_claim() {
 	let (bitcoind, electrsd) = setup_bitcoind_and_electrsd();
@@ -1551,7 +1662,6 @@ fn lsps2_lsp_trusts_client_but_client_does_not_claim() {
 		min_channel_lifetime: 100,
 		min_channel_opening_fee_msat: 0,
 		max_client_to_self_delay: 1024,
-		client_trusts_lsp: false,
 	};
 
 	let service_config = random_config(true);