Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BOLT 2: allow multiple shutdown message from the sender side. #976

Conversation

vincenzopalazzo
Copy link
Contributor

@vincenzopalazzo vincenzopalazzo commented Apr 11, 2022

This is something that I'm reasoning about during my lnprototest work, and maybe opening a PR gives me more opportunities to get feedback.

What happens if, during a Close Channel operation, the sender sent multiple shutdowns?

At this moment, the spec doesn't tell anything about this case, but I think this is information to add. In my opinion, we need to allow multiple shutdown message from the sender (maybe after a timeout if we have no answer back), but in this case, there is some problem to resolve:

  1. What do we need to do if the sender set the different scriptpubkey in the message? accept any of the scriptpubkey sent? or accept only the last one? In the last case, we can have more control over what we are doing but we can fall into a loop if the received is slow to answer again.
  2. Do We need to set limits to the "multiple" message?

Think that this may introduce a complicated state machine in the spec, which I want to avoid!

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
@vincenzopalazzo vincenzopalazzo force-pushed the macros/multiple_shutdown branch from 2be3f10 to 2b919c9 Compare April 11, 2022 15:20
@TheBlueMatt
Copy link
Collaborator

I don't see a reason to make this explicit. I don't think we bother verifying it but if anything I'd think we'd make it explicit you can't send a redundant one but not bother specifying it for the receiver end.

vincenzopalazzo added a commit to vincenzopalazzo/bolts that referenced this pull request Apr 11, 2022
This is a second proposal different from lightning#976 where it is not allowed to send multiple shutdown messages from the receiver viewpoint.

The rationale for this is to avoid bad cases like the following one that is permitted by the spec

```
     ____________________________________________
    | sender -> shutdown(script_one) -> receiver |
    | sender -> shutdown(script_two) -> receiver |
    | sender <- shutdown(script_one) <- receiver |
     --------------------------------------------
```

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo added a commit to vincenzopalazzo/bolts that referenced this pull request May 9, 2022
This is a second proposal different from lightning#976 where it is not allowed to send multiple shutdown messages from the receiver viewpoint.

The rationale for this is to avoid bad cases like the following one that is permitted by the spec

```
     ____________________________________________
    | sender -> shutdown(script_one) -> receiver |
    | sender -> shutdown(script_two) -> receiver |
    | sender <- shutdown(script_one) <- receiver |
     --------------------------------------------
```

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
@t-bast
Copy link
Collaborator

t-bast commented May 18, 2022

@vincenzopalazzo we should probably close this PR as we're going with #977 instead?

@vincenzopalazzo
Copy link
Contributor Author

Yes @t-bast, I was planning to jump inside the spec today to align all the details about the close, so we can conclude the conversation from this side

vincenzopalazzo added a commit to vincenzopalazzo/bolts that referenced this pull request May 18, 2022
This is a second proposal different from lightning#976 where it is not allowed to send multiple shutdown messages from the receiver viewpoint.

The rationale for this is to avoid bad cases like the following one that is permitted by the spec

```
     ____________________________________________
    | sender -> shutdown(script_one) -> receiver |
    | sender -> shutdown(script_two) -> receiver |
    | sender <- shutdown(script_one) <- receiver |
     --------------------------------------------
```

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo added a commit to vincenzopalazzo/bolts that referenced this pull request May 18, 2022
This is a second proposal different from lightning#976 where it is not allowed to send multiple shutdown messages from the receiver viewpoint.

The rationale for this is to avoid bad cases like the following one that is permitted by the spec

```
     ____________________________________________
    | sender -> shutdown(script_one) -> receiver |
    | sender -> shutdown(script_two) -> receiver |
    | sender <- shutdown(script_one) <- receiver |
     --------------------------------------------
```

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants