Introduce interactive signing state flags and session persistence

dunxen · dunxen · commit 6614c65249de · 2025-03-04T13:07:22.000+02:00
This intoduces the INTERACTIVE_SIGNING, THEIR_TX_SIGNATURES_SENT, and
OUR_TX_SIGNATURES_SENT funded state flags.

A top-level state flag for INTERACTIVE_SIGNING was avoided so that this
work is compatible with splicing as well as V2 channel establishment
(dual-funding).
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -432,6 +432,12 @@ macro_rules! define_state_flags {
 			is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent);
 		define_state_flags!($flag_type, FundedStateFlags::LOCAL_SHUTDOWN_SENT,
 			is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent);
+		define_state_flags!($flag_type, FundedStateFlags::INTERACTIVE_SIGNING,
+			is_interactive_signing, set_interactive_signing, clear_interactive_signing);
+		define_state_flags!($flag_type, FundedStateFlags::THEIR_TX_SIGNATURES_SENT,
+			is_their_tx_signatures_sent, set_their_tx_signatures_sent, clear_their_tx_signatures_sent);
+		define_state_flags!($flag_type, FundedStateFlags::OUR_TX_SIGNATURES_SENT,
+			is_our_tx_signatures_sent, set_our_tx_signatures_sent, clear_our_tx_signatures_sent);
 
 		impl core::ops::BitOr<FundedStateFlags> for $flag_type {
 			type Output = Self;
@@ -477,6 +483,9 @@ mod state_flags {
 	pub const LOCAL_STFU_SENT: u32 = 1 << 15;
 	pub const REMOTE_STFU_SENT: u32 = 1 << 16;
 	pub const QUIESCENT: u32 = 1 << 17;
+	pub const INTERACTIVE_SIGNING: u32 = 1 << 18;
+	pub const OUR_TX_SIGNATURES_SENT: u32 = 1 << 19;
+	pub const THEIR_TX_SIGNATURES_SENT: u32 = 1 << 20;
 }
 
 define_state_flags!(
@@ -495,7 +504,16 @@ define_state_flags!(
 			is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent),
 		("Indicates we sent a `shutdown` message. At this point, we may not add any new HTLCs to \
 			the channel.", LOCAL_SHUTDOWN_SENT, state_flags::LOCAL_SHUTDOWN_SENT,
-			is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent)
+			is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent),
+		("Indicates we have an active interactive signing session for an interactive transaction",
+			INTERACTIVE_SIGNING, state_flags::INTERACTIVE_SIGNING,
+			is_interactive_signing, set_interactive_signing, clear_interactive_singing),
+		("Indicates they sent us a `tx_signatures` message.",
+			THEIR_TX_SIGNATURES_SENT, state_flags::THEIR_TX_SIGNATURES_SENT,
+			is_their_tx_signatures_sent, set_their_tx_signatures_sent, clear_their_tx_signatures_sent),
+		("Indicates we sent them a `tx_signatures` message.",
+			OUR_TX_SIGNATURES_SENT, state_flags::OUR_TX_SIGNATURES_SENT,
+			is_our_tx_signatures_sent, set_our_tx_signatures_sent, clear_our_tx_signatures_sent)
 	]
 );
 
@@ -566,7 +584,8 @@ enum ChannelState {
 	NegotiatingFunding(NegotiatingFundingFlags),
 	/// We have sent `funding_created` and are awaiting a `funding_signed` to advance to
 	/// `AwaitingChannelReady`. Note that this is nonsense for an inbound channel as we immediately generate
-	/// `funding_signed` upon receipt of `funding_created`, so simply skip this state.
+	/// `funding_signed` upon receipt of `funding_created`, so simply skip this state. For dual-funded (V2)
+	/// channels, this state is also skipped.
 	FundingNegotiated,
 	/// We've received/sent `funding_created` and `funding_signed` and are thus now waiting on the
 	/// funding transaction to confirm.
@@ -683,6 +702,9 @@ impl ChannelState {
 	impl_state_flag!(is_monitor_update_in_progress, set_monitor_update_in_progress, clear_monitor_update_in_progress, FUNDED_STATES);
 	impl_state_flag!(is_local_shutdown_sent, set_local_shutdown_sent, clear_local_shutdown_sent, FUNDED_STATES);
 	impl_state_flag!(is_remote_shutdown_sent, set_remote_shutdown_sent, clear_remote_shutdown_sent, FUNDED_STATES);
+	impl_state_flag!(is_interactive_signing, set_interactive_signing, clear_interactive_signing, FUNDED_STATES);
+	impl_state_flag!(is_our_tx_signatures_sent, set_our_tx_signatures_sent, clear_our_tx_signatures_sent, FUNDED_STATES);
+	impl_state_flag!(is_their_tx_signatures_sent, set_their_tx_signatures_sent, clear_their_tx_signatures_sent, FUNDED_STATES);
 	impl_state_flag!(is_our_channel_ready, set_our_channel_ready, clear_our_channel_ready, AwaitingChannelReady);
 	impl_state_flag!(is_their_channel_ready, set_their_channel_ready, clear_their_channel_ready, AwaitingChannelReady);
 	impl_state_flag!(is_waiting_for_batch, set_waiting_for_batch, clear_waiting_for_batch, AwaitingChannelReady);
@@ -2084,10 +2106,15 @@ trait InitialRemoteCommitmentReceiver<SP: Deref> where SP::Target: SignerProvide
 		context.channel_id = channel_id;
 
 		assert!(!context.channel_state.is_monitor_update_in_progress()); // We have not had any monitor(s) yet to fail update!
-		if context.is_batch_funding() {
-			context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH);
-		} else {
-			context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
+		if !matches!(
+			context.channel_state,
+			ChannelState::AwaitingChannelReady(flags) if flags.is_set(FundedStateFlags::INTERACTIVE_SIGNING.into())
+		) {
+			if context.is_batch_funding() {
+				context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::WAITING_FOR_BATCH);
+			} else {
+				context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
+			}
 		}
 		if holder_commitment_point.advance(&context.holder_signer, &context.secp_ctx, logger).is_err() {
 			// We only fail to advance our commitment point/number if we're currently
@@ -2348,7 +2375,9 @@ impl<SP: Deref> PendingV2Channel<SP> where SP::Target: SignerProvider {
 			)));
 		};
 
-		self.context.channel_state = ChannelState::FundingNegotiated;
+		let mut channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
+		channel_state.set_interactive_signing();
+		self.context.channel_state = channel_state;
 
 		// Clear the interactive transaction constructor
 		self.interactive_tx_constructor.take();
@@ -4289,7 +4318,8 @@ impl<SP: Deref> ChannelContext<SP> where SP::Target: SignerProvider {
 			ChannelState::FundingNegotiated => f(),
 			ChannelState::AwaitingChannelReady(flags) =>
 				if flags.is_set(AwaitingChannelReadyFlags::WAITING_FOR_BATCH) ||
-					flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into())
+					flags.is_set(FundedStateFlags::MONITOR_UPDATE_IN_PROGRESS.into()) ||
+					(flags.is_set(FundedStateFlags::THEIR_TX_SIGNATURES_SENT.into()) && flags.is_set(FundedStateFlags::OUR_TX_SIGNATURES_SENT.into()))
 				{
 					f()
 				} else {
@@ -5440,7 +5470,7 @@ impl<SP: Deref> FundedChannel<SP> where
 	) -> Result<ChannelMonitor<<SP::Target as SignerProvider>::EcdsaSigner>, ChannelError>
 	where L::Target: Logger
 	{
-		if !matches!(self.context.channel_state, ChannelState::FundingNegotiated) {
+		if !matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(_)) {
 			return Err(ChannelError::Close(
 				(
 					"Received initial commitment_signed before funding transaction constructed!".to_owned(),
@@ -5458,7 +5488,6 @@ impl<SP: Deref> FundedChannel<SP> where
 		log_info!(logger, "Received initial commitment_signed from peer for channel {}", &self.context.channel_id());
 
 		let need_channel_ready = self.check_get_channel_ready(0, logger).is_some();
-		self.context.channel_state = ChannelState::AwaitingChannelReady(AwaitingChannelReadyFlags::new());
 		self.monitor_updating_paused(false, false, need_channel_ready, Vec::new(), Vec::new(), Vec::new());
 
 		if let Some(tx_signatures) = self.interactive_tx_signing_session.as_mut().and_then(
@@ -6156,7 +6185,7 @@ impl<SP: Deref> FundedChannel<SP> where
 	pub fn tx_signatures<L: Deref>(&mut self, msg: &msgs::TxSignatures, logger: &L) -> Result<Option<msgs::TxSignatures>, ChannelError>
 		where L::Target: Logger
 	{
-		if !matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(_)) {
+		if !matches!(self.context.channel_state, ChannelState::AwaitingChannelReady(flags) if flags.is_interactive_signing()) {
 			return Err(ChannelError::close("Received tx_signatures in strange state!".to_owned()));
 		}
 
@@ -6201,6 +6230,12 @@ impl<SP: Deref> FundedChannel<SP> where
 				self.interactive_tx_signing_session = None;
 			}
 
+			if holder_tx_signatures_opt.is_some() {
+				// We set our tx_signatures as sent even if we're waiting for initial monitor persist as
+				// we'll eventually send them after persist.
+				self.context.channel_state.set_our_tx_signatures_sent();
+			}
+
 			if holder_tx_signatures_opt.is_some() && self.is_awaiting_initial_mon_persist() {
 				log_debug!(logger, "Not sending tx_signatures: a monitor update is in progress. Setting monitor_pending_tx_signatures.");
 				self.context.monitor_pending_tx_signatures = holder_tx_signatures_opt;
@@ -10348,6 +10383,7 @@ impl<SP: Deref> Writeable for FundedChannel<SP> where SP::Target: SignerProvider
 			(49, self.context.local_initiated_shutdown, option), // Added in 0.0.122
 			(51, is_manual_broadcast, option), // Added in 0.0.124
 			(53, funding_tx_broadcast_safe_event_emitted, option), // Added in 0.0.124
+			(55, self.interactive_tx_signing_session, option) // Added in 0.2
 		});
 
 		Ok(())
@@ -10636,6 +10672,8 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 		let mut next_holder_commitment_point_opt: Option<PublicKey> = None;
 		let mut is_manual_broadcast = None;
 
+		let mut interactive_tx_signing_session: Option<InteractiveTxSigningSession> = None;
+
 		read_tlv_fields!(reader, {
 			(0, announcement_sigs, option),
 			(1, minimum_depth, option),
@@ -10671,6 +10709,7 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 			(49, local_initiated_shutdown, option),
 			(51, is_manual_broadcast, option),
 			(53, funding_tx_broadcast_safe_event_emitted, option),
+			(55, interactive_tx_signing_session, option),
 		});
 
 		let (channel_keys_id, holder_signer) = if let Some(channel_keys_id) = channel_keys_id {
@@ -10800,6 +10839,24 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 			&channel_parameters.counterparty_parameters.as_ref()
 				.expect("Persisted channel must have counterparty parameters").pubkeys.revocation_basepoint);
 
+		let interactive_tx_signing_session = if matches!(
+			channel_state,
+			ChannelState::AwaitingChannelReady(flags) if flags.is_set(FundedStateFlags::INTERACTIVE_SIGNING.into())
+		) {
+			if let Some(mut signing_session) = interactive_tx_signing_session {
+				if let Some(ref funding_tx) = funding_transaction {
+					signing_session.update_from_funding_tx_after_read(funding_tx);
+					Some(signing_session)
+				} else {
+					None
+				}
+			} else {
+				None
+			}
+		} else {
+			None
+		};
+
 		Ok(FundedChannel {
 			funding: FundingScope {
 				value_to_self_msat,
@@ -10932,7 +10989,7 @@ impl<'a, 'b, 'c, ES: Deref, SP: Deref> ReadableArgs<(&'a ES, &'b SP, u32, &'c Ch
 
 				is_holder_quiescence_initiator: None,
 			},
-			interactive_tx_signing_session: None,
+			interactive_tx_signing_session,
 			is_v2_established,
 			holder_commitment_point,
 		})
diff --git a/lightning/src/ln/interactivetxs.rs b/lightning/src/ln/interactivetxs.rs
@@ -8,7 +8,7 @@
 // licenses.
 
 use crate::io_extras::sink;
-use crate::prelude::*;
+use crate::{io, prelude::*};
 
 use bitcoin::absolute::LockTime as AbsoluteLockTime;
 use bitcoin::amount::Amount;
@@ -27,11 +27,13 @@ use crate::ln::msgs;
 use crate::ln::msgs::{SerialId, TxSignatures};
 use crate::ln::types::ChannelId;
 use crate::sign::{EntropySource, P2TR_KEY_PATH_WITNESS_WEIGHT, P2WPKH_WITNESS_WEIGHT};
-use crate::util::ser::TransactionU16LenLimited;
+use crate::util::ser::{Readable, TransactionU16LenLimited, Writeable, Writer};
 
 use core::fmt::Display;
 use core::ops::Deref;
 
+use super::msgs::DecodeError;
+
 /// The number of received `tx_add_input` messages during a negotiation at which point the
 /// negotiation MUST be failed.
 const MAX_RECEIVED_TX_ADD_INPUT_COUNT: u16 = 4096;
@@ -431,6 +433,116 @@ impl InteractiveTxSigningSession {
 			output: outputs.iter().cloned().map(|output| output.into_tx_out()).collect(),
 		}
 	}
+
+	pub fn update_from_funding_tx_after_read(&mut self, funding_tx: &Transaction) {
+		self.unsigned_tx.inputs.iter_mut().zip(funding_tx.input.iter().cloned()).for_each(
+			|(placeholder, real)| {
+				*placeholder.txin_mut() = real;
+			},
+		);
+		self.unsigned_tx.outputs.iter_mut().zip(funding_tx.output.iter().cloned()).for_each(
+			|(placeholder, real)| {
+				(*placeholder).output = OutputOwned::Single(real);
+			},
+		);
+	}
+}
+
+impl Writeable for InteractiveTxSigningSession {
+	fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
+		self.unsigned_tx.holder_is_initiator.write(writer)?;
+		self.unsigned_tx.holder_sends_tx_signatures_first.write(writer)?;
+		self.unsigned_tx
+			.inputs
+			.iter()
+			.map(|input| input.serial_id())
+			.collect::<Vec<_>>()
+			.write(writer)?;
+		self.unsigned_tx
+			.outputs
+			.iter()
+			.map(|output| output.serial_id)
+			.collect::<Vec<_>>()
+			.write(writer)?;
+		self.holder_tx_signatures.write(writer)?;
+		self.counterparty_sent_tx_signatures.write(writer)?;
+		self.has_received_commitment_signed.write(writer)?;
+		Ok(())
+	}
+}
+
+impl Readable for InteractiveTxSigningSession {
+	fn read<R: io::Read>(reader: &mut R) -> Result<Self, DecodeError> {
+		let holder_is_initiator: bool = Readable::read(reader)?;
+		let holder_sends_tx_signatures_first: bool = Readable::read(reader)?;
+		let inputs: Vec<SerialId> = Readable::read(reader)?;
+		let outputs: Vec<SerialId> = Readable::read(reader)?;
+		let holder_tx_signatures: Option<TxSignatures> = Readable::read(reader)?;
+		let counterparty_sent_tx_signatures: bool = Readable::read(reader)?;
+		let has_received_commitment_signed: bool = Readable::read(reader)?;
+
+		// We use an empty dummy `TxOut` for all `TxOut`s as they will be populated with their real
+		// values from `funding_transaction` after reading.
+		let dummy_txout = TxOut { value: Amount::default(), script_pubkey: ScriptBuf::new() };
+
+		Ok(InteractiveTxSigningSession {
+			counterparty_sent_tx_signatures,
+			holder_sends_tx_signatures_first,
+			has_received_commitment_signed,
+			holder_tx_signatures,
+			unsigned_tx: ConstructedTransaction {
+				holder_is_initiator,
+				holder_sends_tx_signatures_first,
+				inputs: inputs
+					.into_iter()
+					.map(|serial_id| {
+						if is_serial_id_valid_for_counterparty(holder_is_initiator, serial_id) {
+							InteractiveTxInput::Remote(LocalOrRemoteInput {
+								serial_id,
+								input: TxIn::default(),
+								prev_output: dummy_txout.clone(),
+							})
+						} else {
+							InteractiveTxInput::Local(
+								// We use a dummy TxOut that will be populated from the funding_transaction after read.
+								LocalOrRemoteInput {
+									serial_id,
+									input: TxIn::default(),
+									prev_output: dummy_txout.clone(),
+								},
+							)
+						}
+					})
+					.collect(),
+				outputs: outputs
+					.into_iter()
+					.map(|serial_id| {
+						let added_by = if is_serial_id_valid_for_counterparty(
+							holder_is_initiator,
+							serial_id,
+						) {
+							AddingRole::Remote
+						} else {
+							AddingRole::Local
+						};
+						InteractiveTxOutput {
+							serial_id,
+							added_by,
+							// The ownership of the output is irrelevant at this point as the read would only happen
+							// at `ChannelState::InteractiveSigning`, so we just use `Single` here.
+							output: OutputOwned::Single(dummy_txout.clone()),
+						}
+					})
+					.collect(),
+				local_inputs_value_satoshis: 0,
+				local_outputs_value_satoshis: 0,
+				remote_inputs_value_satoshis: 0,
+				remote_outputs_value_satoshis: 0,
+				lock_time: AbsoluteLockTime::from_height(0)
+					.expect("0 is a valid absolute locktime"),
+			},
+		})
+	}
 }
 
 #[derive(Debug)]
diff --git a/lightning/src/util/ser.rs b/lightning/src/util/ser.rs
@@ -43,9 +43,9 @@ use bitcoin::{consensus, Witness};
 use dnssec_prover::rr::Name;
 
 use crate::chain::ClaimId;
-use crate::ln::msgs::DecodeError;
 #[cfg(taproot)]
 use crate::ln::msgs::PartialSignatureWithNonce;
+use crate::ln::msgs::{DecodeError, SerialId};
 use crate::types::payment::{PaymentHash, PaymentPreimage, PaymentSecret};
 use core::time::Duration;
 
@@ -1058,6 +1058,7 @@ impl_for_vec!(crate::ln::channelmanager::MonitorUpdateCompletionAction);
 impl_for_vec!(crate::ln::channelmanager::PaymentClaimDetails);
 impl_for_vec!(crate::ln::msgs::SocketAddress);
 impl_for_vec!((A, B), A, B);
+impl_for_vec!(SerialId);
 impl_writeable_for_vec!(&crate::routing::router::BlindedTail);
 impl_readable_for_vec!(crate::routing::router::BlindedTail);
 impl_for_vec!(crate::routing::router::TrampolineHop);
