-
Notifications
You must be signed in to change notification settings - Fork 358
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump transaction event handler fixups #2393
Bump transaction event handler fixups #2393
Conversation
Codecov ReportPatch coverage:
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. Additional details and impacted files@@ Coverage Diff @@
## main #2393 +/- ##
==========================================
- Coverage 90.30% 90.26% -0.05%
==========================================
Files 106 106
Lines 55175 55188 +13
Branches 55175 55188 +13
==========================================
- Hits 49828 49816 -12
- Misses 5347 5372 +25
☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! CI break is due to doc links, this diff should fix it:
diff --git a/lightning/src/events/bump_transaction.rs b/lightning/src/events/bump_transaction.rs
index fd2e9b93..efeec55c 100644
--- a/lightning/src/events/bump_transaction.rs
+++ b/lightning/src/events/bump_transaction.rs
@@ -238,8 +238,8 @@ pub enum BumpTransactionEvent {
/// child anchor transaction. To sign its anchor input, an [`InMemorySigner`] should be
/// re-derived through [`KeysManager::derive_channel_keys`] with the help of
- /// [`AnchorDescriptor::channel_keys_id`] and [`AnchorDescriptor::channel_value_satoshis`]. The
- /// anchor input signature can be computed with [`EcdsaChannelSigner::sign_holder_anchor_input`],
- /// which can then be provided to [`build_anchor_input_witness`] along with the `funding_pubkey`
- /// to obtain the full witness required to spend.
+ /// [`AnchorDescriptor::channel_derivation_parameters`]. The anchor input signature can be
+ /// computed with [`EcdsaChannelSigner::sign_holder_anchor_input`], which can then be provided
+ /// to [`build_anchor_input_witness`] along with the `funding_pubkey` to obtain the full
+ /// witness required to spend.
///
/// It is possible to receive more than one instance of this event if a valid child anchor
@@ -614,4 +614,6 @@ impl<W: Deref> CoinSelectionSource for Wallet<W> where W::Target: WalletSource {
/// [`CoinSelectionSource`] to fee bump transactions via Child-Pays-For-Parent (CPFP) or
/// Replace-By-Fee (RBF).
+///
+/// [`Event::BumpTransaction`]: crate::events::Event::BumpTransaction
pub struct BumpTransactionEventHandler<B: Deref, C: Deref, SP: Deref, L: Deref>
where
@@ -636,4 +638,6 @@ where
{
/// Returns a new instance capable of handling [`Event::BumpTransaction`] events.
+ ///
+ /// [`Event::BumpTransaction`]: crate::events::Event::BumpTransaction
pub fn new(broadcaster: B, utxo_source: C, signer_provider: SP, logger: L) -> Self {
Self {
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm unfortunately still struggling to use BDK's TxBuilder
to implement CoinSelectionSource::select_confirmed_utxos
.
- If I'm not overlooking something BDK's interface doesn't allow me to filter the selected UTXOs to only include confirmed outputs, see Expose way to select only (n-)confirmed UTXOs for TX creation bitcoindevkit/bdk#1029.
- I'm trying to add the
must_spend: &[Input]
given byCoinSelectionSource::select_confirmed_utxos
viaTxBuilder::add_foreign_utxo
, which however takes apsbt::Input
that IIUC in turn requires me to at least supply the previousTxOut
the input is spending from, possibly also the fullTransaction
if we want to include thenon_witness_utxo
, which BDK's signer requires by default. Would be nice to have them included inbump_transaction::Input
.
For now, I'll probably have to stick with using WalletSource
(cf. lightningdevkit/ldk-node#105)
04e916f
to
e413165
Compare
Providing the full transaction will be a bit tricky for HTLCs, better to leave it as a follow-up and not block the release on it. For now, at least the spending |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if a smarter move in term of codebase interfaces wouldn’t be to have the AnchorDescriptor
here specified as real output descriptors, and therefore from the LDK-side we put the burden on downstream projects like ldk-node
for the compatibility.
Specifying the descriptors make it easier to have them compatible with other LDK downstream projects like VLS, or LDK-based server nodes. Descriptors are nice as they start to be integrated with hardware wallets descriptors.
/// The transaction input's outpoint corresponding to the commitment transaction's anchor | ||
/// output. | ||
pub outpoint: OutPoint, | ||
} | ||
|
||
impl AnchorDescriptor { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we can update the AnchorDescriptor
document to say its a “custom LDK” descriptor and not an output descriptors as documented in https://github.com/bitcoin/bitcoin/blob/master/doc/descriptors.md. All the *Descriptor
in lightning/src/sign/mod.rs
are coming in an inspiration from the Core’s descriptor. When we introduced *Descriptor
in rust-lightning, I think I discussed with the Core’s side to have the lightning scripts standardized as such real descriptors. They would have to modify the base descriptor language at that time to include the preimage operation iirc.
I don't see how we could build Bitcoin Core-style descriptors out of lightning anchor outputs given the requirements/format, I'm not sure how that's relevant. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of these commit messages need to be longer and explain why we're exposing things.
/// [`ChannelSigner::provide_channel_parameters`]. | ||
/// | ||
/// [`ChannelSigner::provide_channel_parameters`]: crate::sign::ChannelSigner::provide_channel_parameters | ||
pub transaction_parameters: ChannelTransactionParameters, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do these need to be exposed? Signers doing enforcement should have this cached, if not they shouldn't need it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, that's a fair point, but from the current documentation users may expect the parameters to be provided shortly after derivation instead of storing them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm, then I'd rather update the docs (on the anchor handling structs and the trait) and mention this rather than storing the channel parameters in all our events and shuffling them around just to copy them into the signer and then ignore them...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We still need them to obtain the per-commitment keys and re-derive the descriptor's witness script. Unless you'd rather just provide each party's ChannelPublicKeys
directly, which ChannelTransactionParameters
essentially is a small wrapper over, so it doesn't seem like a big deal to keep things as is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, grrrrrrrrrrrrrrrr, man that's a lot of crap to schlep around for one pubkey. I guess I'm fine with it the way it is, just annoyed.
That's the thing, I had the discussion with sipa back in the days and there would be a need to upgrade the descriptor format/requirements. The idea is good given integration with hardware wallets and "cold" signers, though given if it does happen it will take a bunch of time, let's not take it as a bottleneck here. Already have a lot of more priority things on my todo on the LN-side (and I think same on folks on this PR thread), so I'll see if I can find a summer-of-bitcoin enthusiast to champion the idea. |
e413165
to
f17c05a
Compare
Needs rebase. |
There's no reason to accept the general `Event` enum.
These are meant to be provided by the user, so they need to be exposed in the API.
f17c05a
to
ceacdbf
Compare
/// Returns the UTXO to be spent by the anchor input, which can be obtained via | ||
/// [`Self::unsigned_tx_input`]. | ||
pub fn previous_utxo(&self) -> TxOut { | ||
TxOut { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would very much like to see some test coverage of this so we can check that this and the HTLC variant's scripts are right.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See #2403. Each transaction produced by the event handler should have a check_spends
assertion to verify script execution.
This allows us to obtain the HTLC input and output from its descriptor without needing to derive the `per_commitment_point` through the signer.
Users may expect these to be provided manually after derivation in the event they need to perform any enforcement prior to signing.
This provides a similar interface as `HTLCDescriptor` for users which choose to implement their own bump transaction event handler.
This may be required by some wallets that rely on PSBTs internally to create/sign transactions.
ceacdbf
to
4c7883c
Compare
This PR addresses some follow-up comments from #2089 and a few gaps in the API that were found by @tnull when adding anchors support in
ldk-node
.