Replace use of HolderSignedTx with HolderCommitment

[wpaulino]

As we move to a custom commitment transactions world, we'll no longer be able to rely on HolderSignedTx and should instead track the actual commitment transaction itself. This commit does so by introducing a new HolderCommitment struct, which we'll use as a replacement to HolderSignedTx to hold all relevant holder commitment data, including the HolderCommitmentTransaction, without data duplication.

Luckily, this is a backwards and forwards compatible change due to the OnchainTxHandler tracking the latest HolderCommitmentTransactions. In the future, we aim to remove them from the OnchainTxHandler entirely and begin storing them at the ChannelMonitor level.

Aside from how the data is represented internally, there shouldn't be any functional changes within this patch.

Depends on #3663.

[ldk-reviews-bot]

👋 Thanks for assigning @jkczyz as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[TheBlueMatt]

What's gonna happen here? Are we just gonna keep writing the legacy versions and converting, or should we have some upgrade path?

[wpaulino]

Was planning to address this in a follow-up PR that removes them from OnchainTxHandler such that we can no longer rely on getting them from there and instead store them as a new TLV in the monitor.

[ldk-reviews-bot]

👋 The first review has been submitted!

Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer.

[TheBlueMatt]

This does seem like the kind of thing that might want an 👋 upgrade test 👋

[codecov]

Codecov Report

Attention: Patch coverage is 89.71963% with 33 lines in your changes missing coverage. Please review.

Project coverage is 89.15%. Comparing base (030a784) to head (5d13fdc).
Report is 28 commits behind head on main.

Files with missing lines	Patch %	Lines
lightning/src/chain/channelmonitor.rs	89.57%	19 Missing and 13 partials ⚠️
lightning/src/ln/channel.rs	88.88%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3664      +/-   ##
==========================================
- Coverage   89.25%   89.15%   -0.11%     
==========================================
  Files         155      155              
  Lines      119959   121059    +1100     
  Branches   119959   121059    +1100     
==========================================
+ Hits       107069   107925     +856     
- Misses      10276    10478     +202     
- Partials     2614     2656      +42     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[wpaulino]

This does seem like the kind of thing that might want an 👋 upgrade test 👋

Will need to wait for #3584 first

[dunxen]

Needs rebase.

[tankyleo]

Didn't make it through everything, some initial comments.

I'm also unclear how this helps with custom commitment transactions in particular ? Thanks for clarifying here.

[jkczyz]

Made it through everything. Nothing out of the ordinary pops out aside from what other reviewers have raised.

I'm also unclear how this helps with custom commitment transactions in particular ? Thanks for clarifying here.

Will let @wpaulino confirm, but IIUC prior to this PR we were only storing parts of the commitment transaction, so anything additional in a custom one would be missing.

[wpaulino]

IIUC prior to this PR we were only storing parts of the commitment transaction, so anything additional in a custom one would be missing.

Correct. We were already tracking the actual commitment transaction at the OnchainTxHandler, so HolderSignedTx was redundant. The plan is to move the commitment transaction storage from OnchainTxHandler -> ChannelMonitor.

[tankyleo]

IIUC prior to this PR we were only storing parts of the commitment transaction, so anything additional in a custom one would be missing.

Correct. We were already tracking the actual commitment transaction at the OnchainTxHandler, so HolderSignedTx was redundant. The plan is to move the commitment transaction storage from OnchainTxHandler -> ChannelMonitor.

Ok! From my side here's how I've been approaching custom transactions in channel monitor. Many details I haven't worked out yet but big picture:

• While storing the fully built holder commitment transactions is ok as we only store two, we will likely not store all the previous counterparty commitment transactions (even custom ones), as the storage cost would be too high.
• For this problem, me and Matt have been going for a roundtrip to some signer-like object to generate the claims.
• ie "hey signer ! here's a commitment tx that confirmed, what can we claim out of this?"
• this could work for all the counterparty transactions (revoked and non-revoked), and I've been making it work for holder transactions too.

Experimental API currently looks like this:

	/// Returns claims on a counterparty commitment transaction
	fn generate_claims_from_counterparty_tx(&self,
		per_commitment_point: &PublicKey,
		channel_parameters: &ChannelTransactionParameters,
		tx: &Transaction,
		per_commitment_claimable_data: &Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
		payment_preimages: &HashMap<PaymentHash, (PaymentPreimage, Vec<PaymentClaimDetails>)>,
		secp_ctx: &Secp256k1<secp256k1::All>,
	) -> (Vec<PackageTemplate>, CommitmentTxCounterpartyOutputInfo);

	/// Returns claims on a counterparty's revoked commitment transaction
	fn generate_claims_from_revoked_tx(
		&self,
		per_commitment_key: &SecretKey,
		channel_parameters: &ChannelTransactionParameters,
		tx: &Transaction,
		per_commitment_claimable_data: &Vec<(HTLCOutputInCommitment, Option<Box<HTLCSource>>)>,
		height: u32,
		secp_ctx: &Secp256k1<secp256k1::All>,
	) -> (Vec<PackageTemplate>, CommitmentTxCounterpartyOutputInfo);

	/// Returns claims on a holder's commitment transaction
	fn generate_claims_from_holder_tx(
		&self,
		holder_tx: &HolderSignedTx,
		conf_height: u32,
		channel_parameters: &ChannelTransactionParameters,
		payment_preimages: &HashMap<PaymentHash, (PaymentPreimage, Vec<PaymentClaimDetails>)>,
		secp_ctx: &Secp256k1<secp256k1::All>,
	) -> Vec<PackageTemplate>;

What's missing:

• When we force close, we want to generate claims even though our holder commit tx hasn't confirmed yet.
• When we learn a preimage, we want to generate claims against already confirmed outputs.
• Generate claims on htlc transactions.

Let me know if this syncs up with what you were thinking @wpaulino happy to chat here or elsewhere.

This branch here contains this API together with an implementation that passes the test suite:

https://github.com/tankyleo/rust-lightning/tree/check

[jkczyz]

LGTM aside from pending discussions. Please re-request a review once those are resolved.

[wpaulino]

@tankyleo your proposal seems fine so far. The only change as a result of this PR would be to the function argument in generate_claims_from_holder_tx, we would've probably wanted to provide the HolderCommitmentTransaction there to begin with anyway. The rest is mostly unrelated to this change, so happy to chat about this work offline.

[tankyleo]

The only change as a result of this PR would be to the function argument in generate_claims_from_holder_tx, we would've probably wanted to provide the HolderCommitmentTransaction there to begin with anyway.

Yes agreed

The rest is mostly unrelated to this change, so happy to chat about this work offline.

Sounds good

[TheBlueMatt]

Can we rename this now that its something different?

[wpaulino]

It might still have the old meaning when we read. Would you rather change it now anyway or wait until we know for sure we'll only ever find dust_htlcs?

[TheBlueMatt]

Maybe mostly_dust_htlcs? :). I mean we can certainly do it later, just seems easy for a bug to slip in because of a bad name.

[wpaulino]

I'd rather defer it. I don't think a bug could happen where non-dust HTLCs are included because we still have code to support that, and the current name already assumed dust HTLCs must be included.

[wpaulino]

Had to rebase due to a conflict with #3606 and implemented write_as_legacy.

[TheBlueMatt]

Would be nice to reduce the clones in a few places still, but we can also do it in a followup.

[ldk-reviews-bot]

🔔 1st Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.