Skip to content

Validate negative funding contributions in splice_init and splice_ack messages #4011

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Validate negative funding contributions in splice_init and splice_ack messages #4011

wants to merge 4 commits into from
+98 −46

Conversation

tankyleo
Copy link
Contributor 

From BOLT 2:

- If `funding_contribution_satoshis` is negative and its absolute value
  is greater than the sending node's current channel balance:
  - MUST send a `warning` and close the connection or send an `error`
    and fail the channel.

We allow the remote to be below the new reserve as long as their
funding contribution is not negative; we don't care whether they were
above or below the previous funding reserve.

@tankyleo
Do some validation in splice_ack before taking a &mut self
c8c9ab5 
As much as possible, we want to only mutate state once we are done with
input validation.

It also helps with introducing helper validation functions that take a
`&self` in the next commits.
@tankyleo
Add validate_splice_ack helper function
1edbe7e 
As in `splice_init`, this helps clearly delineate `splice_ack` message
validation from the subsequent state mutations.

This is a code-move.
@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Aug 14, 2025
edited
Loading

👋 Thanks for assigning @wpaulino as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@tankyleo tankyleo changed the title Validate negative funding contributions in splice_ack and splice_init messages Validate negative funding contributions in splice_init and splice_ack messages Aug 14, 2025
@tankyleo
Validate negative splice_ack.funding_contribution_satoshis
95c17dc 
From BOLT 2:
```
- If `funding_contribution_satoshis` is negative and its absolute value
  is greater than the sending node's current channel balance:
  - MUST send a `warning` and close the connection or send an `error`
    and fail the channel.
```

We allow the remote to be below the new reserve as long as their
funding contribution is not negative; we don't care whether they were
above or below the previous funding reserve.
@tankyleo
Validate negative splice_init.funding_contribution_satoshis
93965c6 
From BOLT 2:
```
- If `funding_contribution_satoshis` is negative and its absolute value
  is greater than the sending node's current channel balance:
  - MUST send a `warning` and close the connection or send an `error`
    and fail the channel.
```

We allow the remote to be below the new reserve as long as their
funding contribution is not negative; we don't care whether they were
above or below the previous funding reserve.
@tankyleo tankyleo force-pushed the splice-reserve-check branch from 6d6b07c to 93965c6 Compare August 14, 2025 01:24
@tankyleo tankyleo requested a review from wpaulino August 14, 2025 01:25
@codecov Codecov
Copy link

codecov bot commented Aug 14, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.86%. Comparing base (df9232b) to head (93965c6).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4011      +/-   ##
==========================================
+ Coverage   88.85%   88.86%   +0.01%     
==========================================
  Files         175      175              
  Lines      127710   127710              
  Branches   127710   127710              
==========================================
+ Hits       113475   113493      +18     
+ Misses      11672    11661      -11     
+ Partials     2563     2556       -7
Flag Coverage Δ
fuzzing 21.86% <ø> (ø)
tests 88.70% <ø> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@tankyleo tankyleo self-assigned this Aug 14, 2025
@ldk-reviews-bot
Copy link

🔔 1st Reminder

Hey @wpaulino! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wpaulino wpaulino Awaiting requested review from wpaulino

At least 1 approving review is required to merge this pull request.

Assignees

@tankyleo tankyleo

Labels
None yet
Projects
Weekly Goals
Status: No status
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tankyleo @ldk-reviews-bot