Skip to content

Add missing pending FundingScope checks #3811

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 13 commits into
base: main
Choose a base branch
from
Open

Add missing pending FundingScope checks #3811

wants to merge 13 commits into from

Conversation

jkczyz
Copy link
Contributor

@jkczyz jkczyz commented May 29, 2025

When sending or receiving update_add_htlc, update_fee, or revoke_and_ack messages, check that the messages (or amount or fee rates, as is appropriate) are valid for any pending FundingScope. Otherwise, the promoted FundingScope will be invalid when the splice is locked.

This assumes FundingScope::is_outbound is the same across all FundingScopes. This PR does not fix similar issues for funding negotiation and funding confirmation, which should be handled in #3736 and #3741, respectively.

@jkczyz
Check pending funding when validating update_add_htlc
afe4d64 
If there are any pending splices when an update_add_htlc message is
received, it must be validated against each pending FundingScope.
Otherwise, the HTLC could be invalid once the splice is locked.
@ldk-reviews-bot
Copy link

ldk-reviews-bot commented May 29, 2025
edited
Loading

👋 Thanks for assigning @wpaulino as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@jkczyz jkczyz requested a review from wpaulino May 29, 2025 21:26
wpaulino
wpaulino reviewed May 29, 2025
View reviewed changes
@ldk-reviews-bot
Copy link

👋 The first review has been submitted!

Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer.

@jkczyz jkczyz force-pushed the 2025-05-missed-funding-checks branch from bc3ede2 to 30ac751 Compare May 30, 2025 17:08
@wpaulino
Copy link
Contributor

Good to squash

jkczyz added 12 commits May 30, 2025 15:48
@jkczyz
f - use try_for_each
b4ee03d
@jkczyz
Update pending funding when handling revoke_and_ack
7a3013b 
If there are any pending splices when a revoke_and_ack message is
received, FundingScope::value_to_self_msat needs to be updated for each.
Otherwise, the promoted FundingScope will be invalid when the splice is
locked.
@jkczyz
f - update next_{local|remote}_commitment_tx_fee_info_cached
9707653
@jkczyz
Check pending funding when validating update_fee
506c271 
If there are any pending splices when an update_fee message is received,
it must be validated against each pending FundingScope.
Otherwise, it may be invalid once the splice is locked.
@jkczyz
f - use try_for_each
da9ddb2
@jkczyz
Check pending funding in send_update_fee
1b783ce 
If there are any pending splices when an sending an update_fee message,
the new fee rate must be validated against each pending FundingScope.
Otherwise, it may be invalid once the splice is locked.
@jkczyz
f - can_send_update_fee
5bae8ab
@jkczyz
f - drop unnecessary map
9d54620
@jkczyz
Check pending funding in can_accept_incoming_htlc
f9c56c3 
If there are any pending splices when an accepting an incoming HTLC, the
HTLC needs to be validated against each pending FundingScope. Otherwise,
once the splice is locked, the HTLC could have been failed when it
should have been forwarded / claimed, or vice versa, under the promoted
FundingScope.
@jkczyz
f - use try_for_each
e75dbd0
@jkczyz
Check pending funding in send_htlc
d228c55 
If there are any pending splices when an sending an update_add_htlc
message, the HTLC amount must be validated against each pending
FundingScope. Otherwise, it may be invalid once the splice is locked.
@jkczyz
s - drop redundant LocalHTLCFailureReason::AmountExceedsCapacity
c6b2d01
@jkczyz jkczyz force-pushed the 2025-05-missed-funding-checks branch from 30ac751 to c6b2d01 Compare May 30, 2025 21:19
@jkczyz
Copy link
Contributor Author

jkczyz commented May 30, 2025

Oops, sorry more fixups to address lint checks.

@jkczyz
Copy link
Contributor Author

jkczyz commented May 30, 2025

@wpaulino Any thoughts on moving the helpers to ChannelContext? We did this for get_available_balance and maybe some other places. It's nice in that it prevents us from accidentally using self.funding instead of the passed in funding. But the functions are only relevant for contexts contained in a FundedChannel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wpaulino wpaulino wpaulino left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jkczyz @ldk-reviews-bot @wpaulino