Support accepting splice-out

jkczyz · jkczyz · commit 4a02574ffff1 · 2025-08-15T16:29:57.000-05:00
When a counterparty sends splice_init with a negative contribution, they
are requesting to remove funds from a channel. Remove conditions
guarding against this and check that they have enough channel balance to
cover the removed funds.
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -10809,11 +10809,21 @@ where
 			)));
 		}
 
+		debug_assert_eq!(our_funding_contribution, SignedAmount::ZERO);
+
 		// TODO(splicing): Move this check once user-provided contributions are supported for
 		// counterparty-initiated splices.
 		if our_funding_contribution > SignedAmount::MAX_MONEY {
 			return Err(ChannelError::WarnAndDisconnect(format!(
-				"Channel {} cannot be spliced; our contribution exceeds total bitcoin supply: {}",
+				"Channel {} cannot be spliced in; our {} contribution exceeds the total bitcoin supply",
+				self.context.channel_id(),
+				our_funding_contribution,
+			)));
+		}
+
+		if our_funding_contribution < -SignedAmount::MAX_MONEY {
+			return Err(ChannelError::WarnAndDisconnect(format!(
+				"Channel {} cannot be spliced out; our {} contribution exhausts the total bitcoin supply",
 				self.context.channel_id(),
 				our_funding_contribution,
 			)));
@@ -10822,22 +10832,38 @@ where
 		let their_funding_contribution = SignedAmount::from_sat(msg.funding_contribution_satoshis);
 		if their_funding_contribution > SignedAmount::MAX_MONEY {
 			return Err(ChannelError::WarnAndDisconnect(format!(
-				"Channel {} cannot be spliced; their contribution exceeds total bitcoin supply: {}",
+				"Channel {} cannot be spliced in; their {} contribution exceeds the total bitcoin supply",
 				self.context.channel_id(),
 				their_funding_contribution,
 			)));
 		}
 
-		debug_assert_eq!(our_funding_contribution, SignedAmount::ZERO);
-		if their_funding_contribution < SignedAmount::ZERO {
+		if their_funding_contribution < -SignedAmount::MAX_MONEY {
 			return Err(ChannelError::WarnAndDisconnect(format!(
-				"Splice-out not supported, only splice in, contribution is {} ({} + {})",
-				their_funding_contribution + our_funding_contribution,
+				"Channel {} cannot be spliced out; their {} contribution exhausts the total bitcoin supply",
+				self.context.channel_id(),
 				their_funding_contribution,
-				our_funding_contribution,
 			)));
 		}
 
+		let their_channel_balance = Amount::from_sat(self.funding.get_value_satoshis())
+			- Amount::from_sat(self.funding.get_value_to_self_msat() / 1000);
+		let post_channel_balance = AddSigned::checked_add_signed(
+			their_channel_balance.to_sat(),
+			their_funding_contribution.to_sat(),
+		);
+
+		if post_channel_balance.is_none() {
+			return Err(ChannelError::WarnAndDisconnect(format!(
+				"Channel {} cannot be spliced out; their {} contribution exhausts their channel balance: {}",
+				self.context.channel_id(),
+				their_funding_contribution,
+				their_channel_balance,
+			)));
+		}
+
+		// TODO(splicing): Check that channel balance does not go below the channel reserve
+
 		let splice_funding = FundingScope::for_splice(
 			&self.funding,
 			&self.context,
