Remove extra sum of tx fee dust on the counterparty tx dust exposure

tankyleo · tankyleo · commit bb658c25ed2f · 2025-02-15T19:25:34.000Z
Previously, `get_pending_htlc_stats` did not account for the inbound htlc because `can_accept_incoming_htlc` was called before the htlc was irrevocably committed. But after commit d8d9dc7, `can_accept_incoming_htlc` is called only when the htlc is irrevocably committed, hence `get_pending_htlc_stats` does account for the inbound htlc. Nonetheless, in the case of a non-dust htlc, our calculation of the counterparty tx dust exposure still assumed that `get_pending_htlc_stats` did not account for the inbound htlc, causing us to add the dust exposure due to that inbound htlc twice. This commit removes this extra sum.
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -7303,6 +7303,8 @@ impl<SP: Deref> FundedChannel<SP> where
 			})
 	}
 
+	/// When this function is called, the HTLC is already irrevocably committed to the channel;
+	/// this function determines whether to fail the HTLC, or forward / claim it.
 	pub fn can_accept_incoming_htlc<F: Deref, L: Deref>(
 		&self, msg: &msgs::UpdateAddHTLC, fee_estimator: &LowerBoundedFeeEstimator<F>, logger: L
 	) -> Result<(), (&'static str, u16)>
@@ -7317,33 +7319,19 @@ impl<SP: Deref> FundedChannel<SP> where
 		let dust_exposure_limiting_feerate = self.context.get_dust_exposure_limiting_feerate(&fee_estimator);
 		let htlc_stats = self.context.get_pending_htlc_stats(None, dust_exposure_limiting_feerate);
 		let max_dust_htlc_exposure_msat = self.context.get_max_dust_htlc_exposure_msat(dust_exposure_limiting_feerate);
-		let (htlc_timeout_dust_limit, htlc_success_dust_limit) = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
-			(0, 0)
+		let on_counterparty_tx_dust_htlc_exposure_msat = htlc_stats.on_counterparty_tx_dust_exposure_msat;
+		if on_counterparty_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
+			// Note that the total dust exposure includes both the dust HTLCs and the excess mining fees of the counterparty commitment transaction
+			log_info!(logger, "Cannot accept value that would put our total dust exposure at {} over the limit {} on counterparty commitment tx",
+				on_counterparty_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
+			return Err(("Exceeded our total dust exposure limit on counterparty commitment tx", 0x1000|7))
+		}
+		let htlc_success_dust_limit = if self.context.get_channel_type().supports_anchors_zero_fee_htlc_tx() {
+			0
 		} else {
 			let dust_buffer_feerate = self.context.get_dust_buffer_feerate(None) as u64;
-			(dust_buffer_feerate * htlc_timeout_tx_weight(self.context.get_channel_type()) / 1000,
-				dust_buffer_feerate * htlc_success_tx_weight(self.context.get_channel_type()) / 1000)
+			dust_buffer_feerate * htlc_success_tx_weight(self.context.get_channel_type()) / 1000
 		};
-		let exposure_dust_limit_timeout_sats = htlc_timeout_dust_limit + self.context.counterparty_dust_limit_satoshis;
-		if msg.amount_msat / 1000 < exposure_dust_limit_timeout_sats {
-			let on_counterparty_tx_dust_htlc_exposure_msat = htlc_stats.on_counterparty_tx_dust_exposure_msat;
-			if on_counterparty_tx_dust_htlc_exposure_msat > max_dust_htlc_exposure_msat {
-				log_info!(logger, "Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on counterparty commitment tx",
-					on_counterparty_tx_dust_htlc_exposure_msat, max_dust_htlc_exposure_msat);
-				return Err(("Exceeded our dust exposure limit on counterparty commitment tx", 0x1000|7))
-			}
-		} else {
-			let htlc_dust_exposure_msat =
-				per_outbound_htlc_counterparty_commit_tx_fee_msat(self.context.feerate_per_kw, &self.context.channel_type);
-			let counterparty_tx_dust_exposure =
-				htlc_stats.on_counterparty_tx_dust_exposure_msat.saturating_add(htlc_dust_exposure_msat);
-			if counterparty_tx_dust_exposure > max_dust_htlc_exposure_msat {
-				log_info!(logger, "Cannot accept value that would put our exposure to tx fee dust at {} over the limit {} on counterparty commitment tx",
-					counterparty_tx_dust_exposure, max_dust_htlc_exposure_msat);
-				return Err(("Exceeded our tx fee dust exposure limit on counterparty commitment tx", 0x1000|7))
-			}
-		}
-
 		let exposure_dust_limit_success_sats = htlc_success_dust_limit + self.context.holder_dust_limit_satoshis;
 		if msg.amount_msat / 1000 < exposure_dust_limit_success_sats {
 			let on_holder_tx_dust_htlc_exposure_msat = htlc_stats.on_holder_tx_dust_exposure_msat;
diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs
@@ -10300,13 +10300,13 @@ fn do_test_max_dust_htlc_exposure(dust_outbound_balance: bool, exposure_breach_e
 	} else { 0 };
 	let initial_feerate = if apply_excess_fee { 253 * 2 } else { 253 };
 	let expected_dust_buffer_feerate = initial_feerate + 2530;
-	let mut commitment_tx_cost = commit_tx_fee_msat(initial_feerate - 253, nondust_htlc_count_in_limit, &ChannelTypeFeatures::empty());
-	commitment_tx_cost +=
+	let mut commitment_tx_cost_msat = commit_tx_fee_msat(initial_feerate - 253, nondust_htlc_count_in_limit, &ChannelTypeFeatures::empty());
+	commitment_tx_cost_msat +=
 		if on_holder_tx {
 			htlc_success_tx_weight(&ChannelTypeFeatures::empty())
 		} else {
 			htlc_timeout_tx_weight(&ChannelTypeFeatures::empty())
-		} * (initial_feerate as u64 - 253) / 1000 * nondust_htlc_count_in_limit;
+		} * (initial_feerate as u64 - 253) * nondust_htlc_count_in_limit;
 	{
 		let mut feerate_lock = chanmon_cfgs[0].fee_estimator.sat_per_kw.lock().unwrap();
 		*feerate_lock = initial_feerate;
@@ -10315,8 +10315,8 @@ fn do_test_max_dust_htlc_exposure(dust_outbound_balance: bool, exposure_breach_e
 		// Default test fee estimator rate is 253 sat/kw, so we set the multiplier to 5_000_000 / 253
 		// to get roughly the same initial value as the default setting when this test was
 		// originally written.
-		MaxDustHTLCExposure::FeeRateMultiplier((5_000_000 + commitment_tx_cost) / 253)
-	} else { MaxDustHTLCExposure::FixedLimitMsat(5_000_000 + commitment_tx_cost) };
+		MaxDustHTLCExposure::FeeRateMultiplier((5_000_000 + commitment_tx_cost_msat) / 253)
+	} else { MaxDustHTLCExposure::FixedLimitMsat(5_000_000 + commitment_tx_cost_msat) };
 	let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
 	let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[Some(config), None]);
 	let mut nodes = create_network(2, &node_cfgs, &node_chanmgrs);
@@ -10460,8 +10460,8 @@ fn do_test_max_dust_htlc_exposure(dust_outbound_balance: bool, exposure_breach_e
 		} else {
 			// Outbound dust balance: 5200 sats
 			nodes[0].logger.assert_log("lightning::ln::channel",
-				format!("Cannot accept value that would put our exposure to dust HTLCs at {} over the limit {} on counterparty commitment tx",
-					dust_htlc_on_counterparty_tx_msat * dust_htlc_on_counterparty_tx + commitment_tx_cost + 4,
+				format!("Cannot accept value that would put our total dust exposure at {} over the limit {} on counterparty commitment tx",
+					dust_htlc_on_counterparty_tx_msat * dust_htlc_on_counterparty_tx + commitment_tx_cost_msat + 4,
 					max_dust_htlc_exposure_msat), 1);
 		}
 	} else if exposure_breach_event == ExposureEvent::AtUpdateFeeOutbound {
