f! specify amount in sats + missing external funding set equality check

wpaulino · wpaulino · commit 19116f3b11a6 · 2022-11-15T16:47:27.000-08:00
diff --git a/lightning/src/chain/onchaintx.rs b/lightning/src/chain/onchaintx.rs
@@ -174,7 +174,7 @@ impl Writeable for Option<Vec<Option<(usize, Signature)>>> {
 pub(crate) enum ExternalHTLCClaim {
 	/// The claim commonly referred to as the pre-signed second-stage HTLC transaction.
 	SecondStage {
-		amount: u64,
+		amount_sats: u64,
 		per_commitment_number: u64,
 		redeem_script: Script,
 		preimage: Option<PaymentPreimage>,
@@ -681,7 +681,12 @@ impl<ChannelSigner: Sign> OnchainTxHandler<ChannelSigner> {
 						// outpoints to know if transaction is the original claim or a bumped one issued
 						// by us.
 						let mut set_equality = true;
-						if !request.requires_external_funding() {
+						if !request.requires_external_funding() ||
+							(request.requires_external_funding() && !request.is_malleable())
+						{
+							// If the claim does not require external funds to be allocated through
+							// additional inputs we can simply check the inputs in order as they
+							// cannot change under us.
 							if request.outpoints().len() != tx.input.len() {
 								set_equality = false;
 							} else {
@@ -692,17 +697,17 @@ impl<ChannelSigner: Sign> OnchainTxHandler<ChannelSigner> {
 								}
 							}
 						} else {
-							let request_inputs = request.outpoints();
-							let mut input_set = HashSet::with_capacity(request_inputs.len());
-							for input in request_inputs {
-								let _ = input_set.insert(input);
-							}
-							for tx_input in &tx.input {
-								let _ = input_set.remove(&tx_input.previous_output);
-							}
-							if !input_set.is_empty() {
-								set_equality = false;
+							// Otherwise, we'll do a linear search for each input (we don't expect
+							// large input sets to exist) to ensure the request's input set is fully
+							// spent to be resilient against the external claim reordering inputs.
+							let mut spends_all_inputs = true;
+							for request_input in request.outpoints() {
+								if tx.input.iter().find(|input| input.previous_output == *request_input).is_none() {
+									spends_all_inputs = false;
+									break;
+								}
 							}
+							set_equality = spends_all_inputs;
 						}
 
 						macro_rules! clean_claim_request_after_safety_delay {
@@ -1026,7 +1031,7 @@ impl<ChannelSigner: Sign> OnchainTxHandler<ChannelSigner> {
 						&self.channel_transaction_parameters.as_holder_broadcastable(), htlc_idx, preimage,
 					);
 					(htlc_tx, ExternalHTLCClaim::SecondStage {
-						amount: htlc.amount_msat / 1000,
+						amount_sats: htlc.amount_msat / 1000,
 						per_commitment_number: trusted_tx.commitment_number(),
 						redeem_script: chan_utils::get_htlc_redeemscript_with_explicit_keys(
 							&htlc, self.opt_anchors(), &trusted_tx.keys().broadcaster_htlc_key,
