Add TxBuilder::build_commitment_transaction

When the `TxBuilder` API is made public in the future, this trait method
will let implementers build custom commitment transactions as part of
the lightning state machine.

Author: tankyleo

lightning/src/ln/channel.rs

@@ -1130,13 +1130,14 @@ struct CommitmentData<'a> {
 }
 
 /// A struct gathering stats on a commitment transaction, either local or remote.
-struct CommitmentStats {
+#[derive(Debug, PartialEq)]
+pub(crate) struct CommitmentStats {
 	/// The total fee included in the commitment transaction
-	commit_tx_fee_sat: u64,
+	pub commit_tx_fee_sat: u64,
 	/// The local balance before fees *not* considering dust limits
-	local_balance_before_fee_msat: u64,
+	pub local_balance_before_fee_msat: u64,
 	/// The remote balance before fees *not* considering dust limits
-	remote_balance_before_fee_msat: u64,
+	pub remote_balance_before_fee_msat: u64,
 }
 
 /// Used when calculating whether we or the remote can afford an additional HTLC.
@@ -4533,16 +4534,10 @@ where
 		let broadcaster_dust_limit_sat = if local { self.holder_dust_limit_satoshis } else { self.counterparty_dust_limit_satoshis };
 		let feerate_per_kw = self.get_commitment_feerate(funding, generated_by_local);
 
-		let stats = self.build_commitment_stats(funding, local, generated_by_local, None, None);
-		let CommitmentStats {
-			commit_tx_fee_sat,
-			local_balance_before_fee_msat,
-			remote_balance_before_fee_msat
-		} = stats;
-
 		let num_htlcs = self.pending_inbound_htlcs.len() + self.pending_outbound_htlcs.len();
 		let mut htlcs_included: Vec<(HTLCOutputInCommitment, Option<&HTLCSource>)> = Vec::with_capacity(num_htlcs);
-		let mut nondust_htlcs: Vec<HTLCOutputInCommitment> = Vec::with_capacity(num_htlcs);
+		let mut value_to_self_claimed_msat = 0;
+		let mut value_to_remote_claimed_msat = 0;
 
 		log_trace!(logger, "Building commitment transaction number {} (really {} xor {}) for channel {} for {}, generated by {} with fee {}...",
 			commitment_number, (INITIAL_COMMITMENT_NUMBER - commitment_number),
@@ -4557,21 +4552,15 @@ where
 					amount_msat: $htlc.amount_msat,
 					cltv_expiry: $htlc.cltv_expiry,
 					payment_hash: $htlc.payment_hash,
-					transaction_output_index: None
+					transaction_output_index: None,
 				}
 			}
 		}
 
 		macro_rules! add_htlc_output {
 			($htlc: expr, $outbound: expr, $source: expr) => {
-				let htlc_in_tx = get_htlc_in_commitment!($htlc, $outbound == local);
-				htlcs_included.push((htlc_in_tx.clone(), $source));
-				if $htlc.is_dust(local, feerate_per_kw, broadcaster_dust_limit_sat, funding.get_channel_type()) {
-					log_trace!(logger, "   ...including {} {} dust HTLC {} (hash {}) with value {} due to dust limit", if $outbound { "outbound" } else { "inbound" }, $htlc.state, $htlc.htlc_id, $htlc.payment_hash, $htlc.amount_msat);
-				} else {
-					log_trace!(logger, "   ...including {} {} HTLC {} (hash {}) with value {}", if $outbound { "outbound" } else { "inbound" }, $htlc.state, $htlc.htlc_id, $htlc.payment_hash, $htlc.amount_msat);
-					nondust_htlcs.push(htlc_in_tx);
-				}
+				let htlc = get_htlc_in_commitment!($htlc, $outbound == local);
+				htlcs_included.push((htlc, $source));
 			}
 		}
 
@@ -4580,11 +4569,13 @@ where
 
 		for htlc in self.pending_inbound_htlcs.iter() {
 			if htlc.state.included_in_commitment(generated_by_local) {
+				log_trace!(logger, "   ...including inbound {} HTLC {} (hash {}) with value {}", htlc.state, htlc.htlc_id, htlc.payment_hash, htlc.amount_msat);
 				add_htlc_output!(htlc, false, None);
 			} else {
 				log_trace!(logger, "   ...not including inbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, htlc.payment_hash, htlc.amount_msat, htlc.state);
 				if let Some(preimage) = htlc.state.preimage() {
 					inbound_htlc_preimages.push(preimage);
+					value_to_self_claimed_msat += htlc.amount_msat;
 				}
 			}
 		};
@@ -4594,53 +4585,35 @@ where
 				outbound_htlc_preimages.push(preimage);
 			}
 			if htlc.state.included_in_commitment(generated_by_local) {
+				log_trace!(logger, "   ...including outbound {} HTLC {} (hash {}) with value {}", htlc.state, htlc.htlc_id, htlc.payment_hash, htlc.amount_msat);
 				add_htlc_output!(htlc, true, Some(&htlc.source));
 			} else {
 				log_trace!(logger, "   ...not including outbound HTLC {} (hash {}) with value {} due to state ({})", htlc.htlc_id, htlc.payment_hash, htlc.amount_msat, htlc.state);
+				if htlc.state.preimage().is_some() {
+					value_to_remote_claimed_msat += htlc.amount_msat;
+				}
 			}
 		};
 
-		// We MUST use saturating subs here, as the funder's balance is not guaranteed to be greater
-		// than or equal to `commit_tx_fee_sat`.
+		// # Panics
 		//
-		// This is because when the remote party sends an `update_fee` message, we build the new
-		// commitment transaction *before* checking whether the remote party's balance is enough to
-		// cover the total fee.
-
-		let (value_to_self, value_to_remote) = if funding.is_outbound() {
-			((local_balance_before_fee_msat / 1000).saturating_sub(commit_tx_fee_sat), remote_balance_before_fee_msat / 1000)
-		} else {
-			(local_balance_before_fee_msat / 1000, (remote_balance_before_fee_msat / 1000).saturating_sub(commit_tx_fee_sat))
-		};
-
-		let mut to_broadcaster_value_sat = if local { value_to_self } else { value_to_remote };
-		let mut to_countersignatory_value_sat = if local { value_to_remote } else { value_to_self };
-
-		if to_broadcaster_value_sat >= broadcaster_dust_limit_sat {
-			log_trace!(logger, "   ...including {} output with value {}", if local { "to_local" } else { "to_remote" }, to_broadcaster_value_sat);
-		} else {
-			to_broadcaster_value_sat = 0;
-		}
+		// After all HTLC claims have been accounted for, the local balance MUST remain greater than or equal to 0.
 
-		if to_countersignatory_value_sat >= broadcaster_dust_limit_sat {
-			log_trace!(logger, "   ...including {} output with value {}", if local { "to_remote" } else { "to_local" }, to_countersignatory_value_sat);
-		} else {
-			to_countersignatory_value_sat = 0;
-		}
+		let value_to_self_msat = (funding.value_to_self_msat + value_to_self_claimed_msat).checked_sub(value_to_remote_claimed_msat).unwrap();
 
-		let channel_parameters =
-			if local { funding.channel_transaction_parameters.as_holder_broadcastable() }
-			else { funding.channel_transaction_parameters.as_counterparty_broadcastable() };
-		let tx = CommitmentTransaction::new(
+		let (tx, stats) = SpecTxBuilder {}.build_commitment_transaction(
+			local,
 			commitment_number,
 			per_commitment_point,
-			to_broadcaster_value_sat,
-			to_countersignatory_value_sat,
-			feerate_per_kw,
-			nondust_htlcs,
-			&channel_parameters,
+			&funding.channel_transaction_parameters,
 			&self.secp_ctx,
+			value_to_self_msat,
+			htlcs_included.iter().map(|(htlc, _source)| htlc).cloned().collect(),
+			feerate_per_kw,
+			broadcaster_dust_limit_sat,
+			logger,
 		);
+		debug_assert_eq!(stats, self.build_commitment_stats(funding, local, generated_by_local, None, None));
 
 		// This populates the HTLC-source table with the indices from the HTLCs in the commitment
 		// transaction.

lightning/src/sign/tx_builder.rs

@@ -1,9 +1,17 @@
 //! Defines the `TxBuilder` trait, and the `SpecTxBuilder` type
 
-use types::features::ChannelTypeFeatures;
+use core::ops::Deref;
 
-use crate::ln::chan_utils::commit_tx_fee_sat;
-use crate::ln::channel::ANCHOR_OUTPUT_VALUE_SATOSHI;
+use bitcoin::secp256k1::{self, PublicKey, Secp256k1};
+
+use crate::ln::chan_utils::{
+	commit_tx_fee_sat, htlc_success_tx_weight, htlc_timeout_tx_weight,
+	ChannelTransactionParameters, CommitmentTransaction, HTLCOutputInCommitment,
+};
+use crate::ln::channel::{CommitmentStats, ANCHOR_OUTPUT_VALUE_SATOSHI};
+use crate::prelude::*;
+use crate::types::features::ChannelTypeFeatures;
+use crate::util::logger::Logger;
 
 pub(crate) trait TxBuilder {
 	fn commit_tx_fee_sat(
@@ -13,6 +21,14 @@ pub(crate) trait TxBuilder {
 		&self, is_outbound_from_holder: bool, value_to_self_after_htlcs: u64,
 		value_to_remote_after_htlcs: u64, channel_type: &ChannelTypeFeatures,
 	) -> (u64, u64);
+	fn build_commitment_transaction<L: Deref>(
+		&self, local: bool, commitment_number: u64, per_commitment_point: &PublicKey,
+		channel_parameters: &ChannelTransactionParameters, secp_ctx: &Secp256k1<secp256k1::All>,
+		value_to_self_msat: u64, htlcs_in_tx: Vec<HTLCOutputInCommitment>, feerate_per_kw: u32,
+		broadcaster_dust_limit_sat: u64, logger: &L,
+	) -> (CommitmentTransaction, CommitmentStats)
+	where
+		L::Target: Logger;
 }
 
 pub(crate) struct SpecTxBuilder {}
@@ -53,4 +69,112 @@ impl TxBuilder for SpecTxBuilder {
 
 		(local_balance_before_fee_msat, remote_balance_before_fee_msat)
 	}
+	#[rustfmt::skip]
+	fn build_commitment_transaction<L: Deref>(
+		&self, local: bool, commitment_number: u64, per_commitment_point: &PublicKey,
+		channel_parameters: &ChannelTransactionParameters, secp_ctx: &Secp256k1<secp256k1::All>,
+		value_to_self_msat: u64, mut htlcs_in_tx: Vec<HTLCOutputInCommitment>, feerate_per_kw: u32,
+		broadcaster_dust_limit_sat: u64, logger: &L,
+	) -> (CommitmentTransaction, CommitmentStats)
+	where
+		L::Target: Logger,
+	{
+		let mut local_htlc_total_msat = 0;
+		let mut remote_htlc_total_msat = 0;
+		let channel_type = &channel_parameters.channel_type_features;
+
+		let is_dust = |offered: bool, amount_msat: u64| -> bool {
+			let htlc_tx_fee_sat = if channel_type.supports_anchors_zero_fee_htlc_tx() {
+				0
+			} else {
+				let htlc_tx_weight = if offered {
+					htlc_timeout_tx_weight(channel_type)
+				} else {
+					htlc_success_tx_weight(channel_type)
+				};
+				// As required by the spec, round down
+				feerate_per_kw as u64 * htlc_tx_weight / 1000
+			};
+			amount_msat / 1000 < broadcaster_dust_limit_sat + htlc_tx_fee_sat
+		};
+
+		// Trim dust htlcs
+		htlcs_in_tx.retain(|htlc| {
+			if htlc.offered == local {
+				// This is an outbound htlc
+				local_htlc_total_msat += htlc.amount_msat;
+			} else {
+				remote_htlc_total_msat += htlc.amount_msat;
+			}
+			if is_dust(htlc.offered, htlc.amount_msat) {
+				log_trace!(logger, "   ...trimming {} HTLC with value {}sat, hash {}, due to dust limit {}", if htlc.offered == local { "outbound" } else { "inbound" }, htlc.amount_msat / 1000, htlc.payment_hash, broadcaster_dust_limit_sat);
+				false
+			} else {
+				true
+			}
+		});
+
+		// # Panics
+		//
+		// The value going to each party MUST be 0 or positive, even if all HTLCs pending in the
+		// commitment clear by failure.
+
+		let commit_tx_fee_sat = self.commit_tx_fee_sat(feerate_per_kw, htlcs_in_tx.len(), &channel_parameters.channel_type_features);
+		let value_to_self_after_htlcs_msat = value_to_self_msat.checked_sub(local_htlc_total_msat).unwrap();
+		let value_to_remote_after_htlcs_msat =
+			(channel_parameters.channel_value_satoshis * 1000).checked_sub(value_to_self_msat).unwrap().checked_sub(remote_htlc_total_msat).unwrap();
+		let (local_balance_before_fee_msat, remote_balance_before_fee_msat) =
+			self.subtract_non_htlc_outputs(channel_parameters.is_outbound_from_holder, value_to_self_after_htlcs_msat, value_to_remote_after_htlcs_msat, &channel_parameters.channel_type_features);
+
+		// We MUST use saturating subs here, as the funder's balance is not guaranteed to be greater
+		// than or equal to `commit_tx_fee_sat`.
+		//
+		// This is because when the remote party sends an `update_fee` message, we build the new
+		// commitment transaction *before* checking whether the remote party's balance is enough to
+		// cover the total fee.
+
+		let (value_to_self, value_to_remote) = if channel_parameters.is_outbound_from_holder {
+			((local_balance_before_fee_msat / 1000).saturating_sub(commit_tx_fee_sat), remote_balance_before_fee_msat / 1000)
+		} else {
+			(local_balance_before_fee_msat / 1000, (remote_balance_before_fee_msat / 1000).saturating_sub(commit_tx_fee_sat))
+		};
+
+		let mut to_broadcaster_value_sat = if local { value_to_self } else { value_to_remote };
+		let mut to_countersignatory_value_sat = if local { value_to_remote } else { value_to_self };
+
+		if to_broadcaster_value_sat >= broadcaster_dust_limit_sat {
+			log_trace!(logger, "   ...including {} output with value {}", if local { "to_local" } else { "to_remote" }, to_broadcaster_value_sat);
+		} else {
+			to_broadcaster_value_sat = 0;
+		}
+
+		if to_countersignatory_value_sat >= broadcaster_dust_limit_sat {
+			log_trace!(logger, "   ...including {} output with value {}", if local { "to_remote" } else { "to_local" }, to_countersignatory_value_sat);
+		} else {
+			to_countersignatory_value_sat = 0;
+		}
+
+		let directed_parameters =
+			if local { channel_parameters.as_holder_broadcastable() }
+			else { channel_parameters.as_counterparty_broadcastable() };
+		let tx = CommitmentTransaction::new(
+			commitment_number,
+			per_commitment_point,
+			to_broadcaster_value_sat,
+			to_countersignatory_value_sat,
+			feerate_per_kw,
+			htlcs_in_tx,
+			&directed_parameters,
+			secp_ctx,
+		);
+
+		(
+			tx,
+			CommitmentStats {
+				commit_tx_fee_sat,
+				local_balance_before_fee_msat,
+				remote_balance_before_fee_msat,
+			},
+		)
+	}
 }