channel state check

Author: joostjager

lightning/src/chain/channelmonitor.rs

@@ -50,7 +50,7 @@ use crate::ln::chan_utils::{
 	self, ChannelTransactionParameters, CommitmentTransaction, CounterpartyCommitmentSecrets,
 	HTLCClaim, HTLCOutputInCommitment, HolderCommitmentTransaction,
 };
-use crate::ln::channel::INITIAL_COMMITMENT_NUMBER;
+use crate::ln::channel::{read_check_data, INITIAL_COMMITMENT_NUMBER};
 use crate::ln::channel_keys::{
 	DelayedPaymentBasepoint, DelayedPaymentKey, HtlcBasepoint, HtlcKey, RevocationBasepoint,
 	RevocationKey,
@@ -1535,6 +1535,9 @@ const MIN_SERIALIZATION_VERSION: u8 = 1;
 pub(crate) fn write_chanmon_internal<Signer: EcdsaChannelSigner, W: Writer>(
 	channel_monitor: &ChannelMonitorImpl<Signer>, _is_stub: bool, writer: &mut W,
 ) -> Result<(), Error> {
+	if let Some(ref encoded_channel) = channel_monitor.encoded_channel {
+		channel_monitor.check_encoded_channel_consistency(encoded_channel);
+	}
 	write_ver_prefix!(writer, SERIALIZATION_VERSION, MIN_SERIALIZATION_VERSION);
 
 	channel_monitor.latest_update_id.write(writer)?;
@@ -2160,9 +2163,10 @@ impl<Signer: EcdsaChannelSigner> ChannelMonitor<Signer> {
 		self.inner.lock().unwrap().encoded_channel.clone()
 	}
 
-	/// Updates the encoded channel data associated with this ChannelMonitor.
+	/// Updates the encoded channel data associated with this ChannelMonitor. To clear the encoded channel data (for
+	/// example after shut down of a channel), pass an empty vector.
 	pub fn update_encoded_channel(&self, encoded: Vec<u8>) {
-		self.inner.lock().unwrap().encoded_channel = Some(encoded);
+		self.inner.lock().unwrap().update_encoded_channel(encoded);
 	}
 
 	/// Gets the update_id from the latest ChannelMonitorUpdate which was applied to this
@@ -2770,6 +2774,34 @@ impl<Signer: EcdsaChannelSigner> ChannelMonitor<Signer> {
 }
 
 impl<Signer: EcdsaChannelSigner> ChannelMonitorImpl<Signer> {
+	fn check_encoded_channel_consistency(&self, encoded: &[u8]) {
+		let encoded_channel_reader = &mut &encoded[..];
+		let check_data = read_check_data(encoded_channel_reader).unwrap();
+
+		assert!(
+			check_data.cur_holder_commitment_transaction_number
+				<= self.get_cur_holder_commitment_number()
+		);
+		assert!(
+			check_data.revoked_counterparty_commitment_transaction_number
+				<= self.get_min_seen_secret()
+		);
+		assert!(
+			check_data.cur_counterparty_commitment_transaction_number
+				<= self.get_cur_counterparty_commitment_number()
+		);
+		assert!(check_data.latest_monitor_update_id >= self.get_latest_update_id());
+	}
+
+	fn update_encoded_channel(&mut self, encoded: Vec<u8>) {
+		if encoded.len() > 0 {
+			self.check_encoded_channel_consistency(&encoded);
+			self.encoded_channel = Some(encoded);
+		} else {
+			self.encoded_channel = None;
+		}
+	}
+
 	/// Helper for get_claimable_balances which does the work for an individual HTLC, generating up
 	/// to one `Balance` for the HTLC.
 	#[rustfmt::skip]
@@ -4464,7 +4496,7 @@ impl<Signer: EcdsaChannelSigner> ChannelMonitorImpl<Signer> {
 				// Assume that if the updates contains no encoded channel, that the channel remained unchanged. We
 				// therefore do not update the monitor.
 				if let Some(encoded_channel) = updates.encoded_channel.as_ref() {
-					self.encoded_channel = Some(encoded_channel.clone());
+					self.update_encoded_channel(encoded_channel.clone());
 				}
 				Ok(())
 			}
@@ -7079,6 +7111,7 @@ mod tests {
 		check_added_monitors(&nodes[1], 1);
 	}
 
+	#[cfg(not(feature = "safe_channels"))]
 	#[test]
 	fn test_funding_spend_refuses_updates() {
 		do_test_funding_spend_refuses_updates(true);

lightning/src/ln/chanmon_update_fail_tests.rs

@@ -3581,6 +3581,7 @@ fn do_test_blocked_chan_preimage_release(completion_mode: BlockedUpdateComplMode
 	expect_payment_sent(&nodes[2], payment_preimage_2, None, true, true);
 }
 
+#[cfg(not(feature = "safe_channels"))]
 #[test]
 fn test_blocked_chan_preimage_release() {
 	do_test_blocked_chan_preimage_release(BlockedUpdateComplMode::AtReload);

lightning/src/ln/channel.rs

@@ -6045,7 +6045,7 @@ where
 						should_broadcast: broadcast,
 					}],
 					channel_id: Some(self.channel_id()),
-					encoded_channel: None,
+					encoded_channel: Some(Vec::new()), // Clear channel on shut down.
 				};
 				Some((self.get_counterparty_node_id(), funding_txo, self.channel_id(), update))
 			} else {
@@ -8195,6 +8195,7 @@ where
 			}
 			log_debug!(logger, "Received valid commitment_signed from peer in channel {}, updated HTLC state but awaiting a monitor update resolution to reply.",
 				&self.context.channel_id);
+			monitor_update.encoded_channel = Some(self.encode());
 			return Ok(self.push_ret_blockable_mon_update(monitor_update));
 		}
 
@@ -12724,13 +12725,13 @@ where
 		}
 
 		self.context.latest_monitor_update_id += 1;
+		self.context.channel_state.set_awaiting_remote_revoke();
 		let monitor_update = ChannelMonitorUpdate {
 			update_id: self.context.latest_monitor_update_id,
 			updates: vec![update],
 			channel_id: Some(self.context.channel_id()),
 			encoded_channel: Some(self.encode()),
 		};
-		self.context.channel_state.set_awaiting_remote_revoke();
 		monitor_update
 	}
 
@@ -15601,6 +15602,62 @@ where
 	}
 }
 
+pub struct ChannelStateCheckData {
+	pub cur_holder_commitment_transaction_number: u64,
+	pub revoked_counterparty_commitment_transaction_number: u64,
+	pub cur_counterparty_commitment_transaction_number: u64,
+	pub latest_monitor_update_id: u64,
+}
+
+pub fn read_check_data<R: io::Read>(reader: &mut R) -> Result<ChannelStateCheckData, DecodeError> {
+	let ver = read_ver_prefix!(reader, SERIALIZATION_VERSION);
+	if ver <= 2 {
+		return Err(DecodeError::UnknownVersion);
+	}
+
+	// `user_id` used to be a single u64 value. In order to remain backwards compatible with
+	// versions prior to 0.0.113, the u128 is serialized as two separate u64 values. We read
+	// the low bytes now and the high bytes later.
+	let user_id_low: u64 = Readable::read(reader)?;
+
+	let mut config = LegacyChannelConfig::default();
+	{
+		// Read the 8 bytes of backwards-compatibility ChannelConfig data.
+		let mut _val: u64 = Readable::read(reader)?;
+	}
+
+	let channel_id: ChannelId = Readable::read(reader)?;
+	let channel_state =
+		ChannelState::from_u32(Readable::read(reader)?).map_err(|_| DecodeError::InvalidValue)?;
+	let channel_value_satoshis: u64 = Readable::read(reader)?;
+
+	let latest_monitor_update_id = Readable::read(reader)?;
+
+	// Read the old serialization for shutdown_pubkey, preferring the TLV field later if set.
+	let mut shutdown_scriptpubkey = match <PublicKey as Readable>::read(reader) {
+		Ok(pubkey) => Some(ShutdownScript::new_p2wpkh_from_pubkey(pubkey)),
+		Err(_) => None,
+	};
+	let destination_script: ScriptBuf = Readable::read(reader)?;
+
+	let holder_commitment_next_transaction_number: u64 = Readable::read(reader)?;
+	let counterparty_next_commitment_transaction_number: u64 = Readable::read(reader)?;
+
+	let cur_holder_commitment_transaction_number = holder_commitment_next_transaction_number + 1;
+	let revoked_counterparty_commitment_transaction_number =
+		counterparty_next_commitment_transaction_number + 2;
+	let cur_counterparty_commitment_transaction_number =
+		counterparty_next_commitment_transaction_number
+			+ if channel_state.is_awaiting_remote_revoke() { 0 } else { 1 };
+
+	Ok(ChannelStateCheckData {
+		cur_holder_commitment_transaction_number,
+		revoked_counterparty_commitment_transaction_number,
+		cur_counterparty_commitment_transaction_number,
+		latest_monitor_update_id,
+	})
+}
+
 fn duration_since_epoch() -> Option<Duration> {
 	#[cfg(not(feature = "std"))]
 	let now = None;

lightning/src/ln/channelmanager.rs

@@ -16787,7 +16787,12 @@ where
 		let mut channel_closures = VecDeque::new();
 		let mut close_background_events = Vec::new();
 		for (_, monitor) in args.channel_monitors.iter() {
-			let encoded_channel = monitor.get_encoded_channel().unwrap();
+			let opt_encoded_channel = monitor.get_encoded_channel();
+			if opt_encoded_channel.is_none() {
+				// Monitor still exists, but there is no more channel state. This can happen after channel shut down.
+				continue;
+			}
+			let encoded_channel = opt_encoded_channel.unwrap();
 			let encoded_channel_reader = &mut &encoded_channel[..];
 			let mut channel: FundedChannel<SP> = FundedChannel::read(
 				encoded_channel_reader,