[7/?] - funding: update funding manager w/ new musig2+taproot funding flow #7346
Conversation
funding/manager.go
Outdated
There was a problem hiding this comment.
Do you expect the same feature bit to be used eventually for public channels?
There was a problem hiding this comment.
Should this modify the feature bit dependency mapping to use "INC+" instead of "IN"?
There was a problem hiding this comment.
No, this is a temp hack so we're able to signal to the gossiper exactly what type of channel this is. When things get to the router, we'll still verify the channel on-chain (compared the output to the expected script), so we need this in order to signal that this is a different type of channel.
joostjager
left a comment
joostjager
left a comment
There was a problem hiding this comment.
Shallow-reviewed all the PRs in the series and overall the addition of simple taproot channels does not look too involved at all! Of course relative to the expectation, because obviously it is still a large diff.
General comments:
- Perhaps it is good to make the changes so that taproot channels follow the default flow instead of being the exception. So
if !taproot { ... }rather thanif taproot { ...} - Related to the first point: would it be feasible to take a more object-oriented approach for adding taproot channels? More grouping of taproot-channel-specific code in a single location and fewer selects on chan type could possibly improve code quality.
- For public channels, gossip needs to change. Is there already anything concrete in terms of spec for that? Would be helpful to complete the mental model, even if not implemented.
- To reduce complexity, it would be great if all non-taproot channels would just go away 😬
Roasbeef
changed the base branch from
master
to
simple-taproot-chans-channel-statemachine
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
from
ff09526 to
3ccb4e1
Compare
ellemouton
left a comment
ellemouton
left a comment
There was a problem hiding this comment.
Did first pass - looks good! Sooo cool how the funding manager could be made taproot-chan-ready with such a slim diff 🔥
funding/manager.go
Outdated
| if !ok { | ||
| // If there's no pending nonce for this channel ID, | ||
| // then we'll generate one now. | ||
| verNonce, err := lnwallet.NewMusigVerificationNonce( |
There was a problem hiding this comment.
can use channel.GenMusigNonces() as is done for createFundingLocked
There was a problem hiding this comment.
So can't use it here as we don't yet have the full channel state machine created. So instead we need to call the function manually. Also spotted a bug here (will be covered by the eventual itests): it uses the current commitment height, but should actually use the next commitment height. I think @ellemouton ran into this in the past.
| } | ||
|
|
||
| // TODO(roasbeef): don't also need to apply | ||
| // nonces here? get from chan reest |
There was a problem hiding this comment.
I think it gets confusing because they may send a channel_ready and channel_reestablish
There was a problem hiding this comment.
Goa here is to have the "last" one override the nonce that we'll store for them.
There was a problem hiding this comment.
Goal here is to have the "last" one override the nonce that we'll store for them.
There was a problem hiding this comment.
I think that means that the channel_ready will override the nonces previously set in channel_reestablish? IMO if channel_reestablish has been exchanged, we should ignore nonces in channel_ready and then we never need to worry about overriding nonces with scid alias rotation
funding/manager.go
Outdated
There was a problem hiding this comment.
Should this modify the feature bit dependency mapping to use "INC+" instead of "IN"?
Roasbeef
force-pushed
the
simple-taproot-chans-channel-statemachine
branch
from
717c9a3 to
4a43a07
Compare
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
2 times, most recently
from
7b91e27 to
a9dd0f4
Compare
positiveblue
left a comment
positiveblue
left a comment
There was a problem hiding this comment.
First pass done.
The code looks good and the changes are pretty straight forward 🎉
There are some issues to resolve before merging (like make it panic proof). I also did not see any tests in the commits, are they added later in the PR chain?
Roasbeef
force-pushed
the
simple-taproot-chans-channel-statemachine
branch
from
4a43a07 to
763d774
Compare
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
2 times, most recently
from
138c6c5 to
c8e9287
Compare
Roasbeef
force-pushed
the
simple-taproot-chans-channel-statemachine
branch
4 times, most recently
from
b3a68b0 to
07d8f36
Compare
|
@Roasbeef, remember to re-request review from reviewers when ready |
Crypt-iQ
left a comment
Crypt-iQ
left a comment
There was a problem hiding this comment.
I think that this might be an outdated branch because there are three panics?
msg.LocalNonceinhandleFundingOpenmsg.LocalNonceinhandleFundingAcceptsig.NonceinVerifyCommitSig
funding/manager.go
Outdated
| } | ||
|
|
||
| // TODO(roasbeef): call sendFundingLocked here? | ||
|
|
There was a problem hiding this comment.
think we need to include nonces here. Also think the spec needs to clarify what to do when we receive another FundingLocked that rotates the alias, do we ignore the nonces?
There was a problem hiding this comment.
Yes as is we'll ignore the second one (existing logic). We'll use the same nonce each time until the channel state has moved forward one.
| } | ||
|
|
||
| // TODO(roasbeef): don't also need to apply | ||
| // nonces here? get from chan reest |
There was a problem hiding this comment.
I think that means that the channel_ready will override the nonces previously set in channel_reestablish? IMO if channel_reestablish has been exchanged, we should ignore nonces in channel_ready and then we never need to worry about overriding nonces with scid alias rotation
Roasbeef
changed the base branch from
simple-taproot-chans-channel-statemachine
to
simple-taproot-chans-staging
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
from
c8e9287 to
171e993
Compare
|
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
2 times, most recently
from
af2fe2b to
e47cced
Compare
There was a problem hiding this comment.
LGTM pending resolution on @Crypt-iQ's comment re RegisterSpendNtfn & CI fixes.
Left one comment re allowing unsetting of the new feature bit.
if |
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
2 times, most recently
from
8cfdf30 to
a1b6a0d
Compare
yyforyongyu
left a comment
yyforyongyu
left a comment
There was a problem hiding this comment.
Think it's very close. Got one question - should we update the commit weight and fee here when calling NewChannelReservation?
funding/manager.go
Outdated
There was a problem hiding this comment.
nit: would put this check after L1968 to align with other checks such as if !resCtx.reservation.IsZeroConf() && msg.MinAcceptDepth == 0 { .
funding/manager.go
Outdated
There was a problem hiding this comment.
This is probably a bug, not introduced from this PR tho. At L2320 we already called f.deleteReservationCtx which removes the channel from f.activeReservations. Hence when we call failFundingFlow here, it will error out because f.cancelReservationCtx won't find the reservation.
Crypt-iQ
left a comment
Crypt-iQ
left a comment
There was a problem hiding this comment.
LGTM pending two comments:
In this commit, we add support for the new musig2 channel funding flow. This flow is identical to the existing flow, but not both sides need to exchange local nonces up front, and then signatures sent are now partial signatures instead of regular signatures. The funding manager also gains some new state of the local nonces it needs to generate in order to send the funding locked message, and also process the funding locked message from the remote party. In order to allow the funding manger to generate the nonces that need to be applied to each channel, then AddNewChannel method has been modified to accept a set of options that the peer will then use to bind the nonces to a new channel.
… channels In this commit, we start to set _internally_ a new feature bit in the channel announcements we generate. As these taproot channels can only be unadvertised, this will never actually leak to the public network. The funding manager will then set this field to allow the router to properly validate these channels.
In this commit, we update the chain watcher to be able to generate the correct pkScript so it can register for confirmation and spend notifications for taproot channels.
This ensures that when loading the channel again after a normal chan reest, we generate the local nonces, which ensures we can then process nonces the remote party sends us in their chan reest message.
This ensures that we end up playing the target output on chain for taproot channels.
Roasbeef
force-pushed
the
simple-taproot-chans-funding-mgr
branch
from
a1b6a0d to
ea25054
Compare
|
Pushed up a final set of commits adding unit test coverage for the new funding manager flows, cc @positiveblue |
|
@ellemouton comment was that |
9 participants
Change Description
Depends on #7345.
Only the last 6 commits are new.
In this PR, we build on the prior PR that updated the channel state machine to update the funding manager to be aware of the new funding flow.
This flow is identical to the existing flow, but both sides need to exchange local nonces up front, and then signatures sent are now partial signatures instead of regular signatures.
The funding manager also gains some new state of the local nonces it needs to generate in order to send the funding locked message, and also process the funding locked message from the remote party.
In order to allow the funding manger to generate the nonces that need to be applied to each channel, then AddNewChannel method has been modified to accept a set of options that the peer will then use to bind the nonces to a new channel.
We also update the link+peer interaction to know how to initialize the new channel, as well as the extra information that needs to be sent in funding locked and the channel reest message.
As a stop gap before Gossip 1.5, we need to set a new feature bit in the channel announcement itself. Otherwise, the router won't know how to validate the funding script of the newly created channel.
Steps to Test
Steps for reviewers to follow to test the change.
Pull Request Checklist
Testing
Code Style and Documentation
[skip ci]in the commit message for small changes.📝 Please see our Contribution Guidelines for further guidance.