lnwallet

package
v0.4.2-beta Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 29, 2018 License: MIT Imports: 40 Imported by: 0

README

lnwallet

Build Status MIT licensed GoDoc

The lnwallet package implements an abstracted wallet controller that is able to drive channel funding workflows, a number of script utilities, witness generation functions for the various Lightning scripts, revocation key derivation, and the commitment update state machine.

The package is used within lnd as the core wallet of the daemon. The wallet itself is composed of several distinct interfaces that decouple the implementation of things like signing and blockchain access. This separation allows new WalletController implementations to be easily dropped into lnd without disrupting the code base. A series of integration tests at the interface level are also in place to ensure conformance of the implementation with the interface.

Installation and Updating

$ go get -u github.com/lightningnetwork/lnd/lnwallet

Documentation

Index

Constants

View Source 
const (
	// Add is an update type that adds a new HTLC entry into the log.
	// Either side can add a new pending HTLC by adding a new Add entry
	// into their update log.
	Add updateType = iota

	// Fail is an update type which removes a prior HTLC entry from the
	// log. Adding a Fail entry to ones log will modify the _remote_
	// parties update log once a new commitment view has been evaluated
	// which contains the Fail entry.
	Fail

	// MalformedFail is an update type which removes a prior HTLC entry
	// from the log. Adding a MalformedFail entry to ones log will modify
	// the _remote_ parties update log once a new commitment view has been
	// evaluated which contains the MalformedFail entry. The difference
	// from Fail type lie in the different data we have to store.
	MalformedFail

	// Settle is an update type which settles a prior HTLC crediting the
	// balance of the receiving node. Adding a Settle entry to a log will
	// result in the settle entry being removed on the log as well as the
	// original add entry from the remote party's log after the next state
	// transition.
	Settle
)
View Source 
const (
	// CommitWeight is the weight of the base commitment transaction which
	// includes: one p2wsh input, out p2wkh output, and one p2wsh output.
	CommitWeight int64 = 724

	// HtlcWeight is the weight of an HTLC output.
	HtlcWeight int64 = 172
)
View Source 
const (

	// P2WPKHSize 22 bytes
	//	- OP_0: 1 byte
	//	- OP_DATA: 1 byte (PublicKeyHASH160 length)
	//	- PublicKeyHASH160: 20 bytes
	P2WPKHSize = 1 + 1 + 20

	// P2WSHSize 34 bytes
	//	- OP_0: 1 byte
	//	- OP_DATA: 1 byte (WitnessScriptSHA256 length)
	//	- WitnessScriptSHA256: 32 bytes
	P2WSHSize = 1 + 1 + 32

	// P2PKHOutputSize 34 bytes
	//      - value: 8 bytes
	//      - var_int: 1 byte (pkscript_length)
	//      - pkscript (p2pkh): 25 bytes
	P2PKHOutputSize = 8 + 1 + 25

	// P2WKHOutputSize 31 bytes
	//      - value: 8 bytes
	//      - var_int: 1 byte (pkscript_length)
	//      - pkscript (p2wpkh): 22 bytes
	P2WKHOutputSize = 8 + 1 + P2WPKHSize

	// P2WSHOutputSize 43 bytes
	//      - value: 8 bytes
	//      - var_int: 1 byte (pkscript_length)
	//      - pkscript (p2wsh): 34 bytes
	P2WSHOutputSize = 8 + 1 + P2WSHSize

	// P2SHOutputSize 32 bytes
	//      - value: 8 bytes
	//      - var_int: 1 byte (pkscript_length)
	//      - pkscript (p2sh): 23 bytes
	P2SHOutputSize = 8 + 1 + 23

	// P2PKHScriptSigSize 108 bytes
	//      - OP_DATA: 1 byte (signature length)
	//      - signature
	//      - OP_DATA: 1 byte (pubkey length)
	//      - pubkey
	P2PKHScriptSigSize = 1 + 73 + 1 + 33

	// P2WKHWitnessSize 109 bytes
	//      - number_of_witness_elements: 1 byte
	//      - signature_length: 1 byte
	//      - signature
	//      - pubkey_length: 1 byte
	//      - pubkey
	P2WKHWitnessSize = 1 + 1 + 73 + 1 + 33

	// MultiSigSize 71 bytes
	//	- OP_2: 1 byte
	//	- OP_DATA: 1 byte (pubKeyAlice length)
	//	- pubKeyAlice: 33 bytes
	//	- OP_DATA: 1 byte (pubKeyBob length)
	//	- pubKeyBob: 33 bytes
	//	- OP_2: 1 byte
	//	- OP_CHECKMULTISIG: 1 byte
	MultiSigSize = 1 + 1 + 33 + 1 + 33 + 1 + 1

	// WitnessSize 222 bytes
	//	- NumberOfWitnessElements: 1 byte
	//	- NilLength: 1 byte
	//	- sigAliceLength: 1 byte
	//	- sigAlice: 73 bytes
	//	- sigBobLength: 1 byte
	//	- sigBob: 73 bytes
	//	- WitnessScriptLength: 1 byte
	//	- WitnessScript (MultiSig)
	WitnessSize = 1 + 1 + 1 + 73 + 1 + 73 + 1 + MultiSigSize

	// InputSize 41 bytes
	//	- PreviousOutPoint:
	//		- Hash: 32 bytes
	//		- Index: 4 bytes
	//	- OP_DATA: 1 byte (ScriptSigLength)
	//	- ScriptSig: 0 bytes
	//	- Witness <----	we use "Witness" instead of "ScriptSig" for
	// 			transaction validation, but "Witness" is stored
	// 			separately and weight for it size is smaller. So
	// 			we separate the calculation of ordinary data
	// 			from witness data.
	//	- Sequence: 4 bytes
	InputSize = 32 + 4 + 1 + 4

	// FundingInputSize represents the size of an input to a funding
	// transaction, and is equivalent to the size of a standard segwit input
	// as calculated above.
	FundingInputSize = InputSize

	// CommitmentDelayOutput 43 bytes
	//	- Value: 8 bytes
	//	- VarInt: 1 byte (PkScript length)
	//	- PkScript (P2WSH)
	CommitmentDelayOutput = 8 + 1 + P2WSHSize

	// CommitmentKeyHashOutput 31 bytes
	//	- Value: 8 bytes
	//	- VarInt: 1 byte (PkScript length)
	//	- PkScript (P2WPKH)
	CommitmentKeyHashOutput = 8 + 1 + P2WPKHSize

	// HTLCSize 43 bytes
	//	- Value: 8 bytes
	//	- VarInt: 1 byte (PkScript length)
	//	- PkScript (PW2SH)
	HTLCSize = 8 + 1 + P2WSHSize

	// WitnessHeaderSize 2 bytes
	//	- Flag: 1 byte
	//	- Marker: 1 byte
	WitnessHeaderSize = 1 + 1

	// BaseTxSize 8 bytes
	// - Version: 4 bytes
	// - LockTime: 4 bytes
	BaseTxSize = 4 + 4

	// BaseCommitmentTxSize 125 + 43 * num-htlc-outputs bytes
	//	- Version: 4 bytes
	//	- WitnessHeader <---- part of the witness data
	//	- CountTxIn: 1 byte
	//	- TxIn: 41 bytes
	//		FundingInput
	//	- CountTxOut: 1 byte
	//	- TxOut: 74 + 43 * num-htlc-outputs bytes
	//		OutputPayingToThem,
	//		OutputPayingToUs,
	//		....HTLCOutputs...
	//	- LockTime: 4 bytes
	BaseCommitmentTxSize = 4 + 1 + FundingInputSize + 1 +
		CommitmentDelayOutput + CommitmentKeyHashOutput + 4

	// BaseCommitmentTxWeight 500 weight
	BaseCommitmentTxWeight = witnessScaleFactor * BaseCommitmentTxSize

	// WitnessCommitmentTxWeight 224 weight
	WitnessCommitmentTxWeight = WitnessHeaderSize + WitnessSize

	// HTLCWeight 172 weight
	HTLCWeight = witnessScaleFactor * HTLCSize

	// HtlcTimeoutWeight is the weight of the HTLC timeout transaction
	// which will transition an outgoing HTLC to the delay-and-claim state.
	HtlcTimeoutWeight = 663

	// HtlcSuccessWeight is the weight of the HTLC success transaction
	// which will transition an incoming HTLC to the delay-and-claim state.
	HtlcSuccessWeight = 703

	// MaxHTLCNumber is the maximum number HTLCs which can be included in a
	// commitment transaction. This limit was chosen such that, in the case
	// of a contract breach, the punishment transaction is able to sweep
	// all the HTLC's yet still remain below the widely used standard
	// weight limits.
	MaxHTLCNumber = 966

	// ToLocalScriptSize 83 bytes
	//      - OP_IF: 1 byte
	//              - OP_DATA: 1 byte (revocationkey length)
	//              - revocationkey: 33 bytes
	//              - OP_CHECKSIG: 1 byte
	//      - OP_ELSE: 1 byte
	//              - OP_DATA: 1 byte (localkey length)
	//              - local_delay_key: 33 bytes
	//              - OP_CHECKSIG_VERIFY: 1 byte
	//              - OP_DATA: 1 byte (delay length)
	//              - delay: 8 bytes
	//              -OP_CHECKSEQUENCEVERIFY: 1 byte
	//      - OP_ENDIF: 1 byte
	ToLocalScriptSize = 1 + 1 + 33 + 1 + 1 + 1 + 33 + 1 + 1 + 8 + 1 + 1

	// ToLocalTimeoutWitnessSize x bytes
	//     - number_of_witness_elements: 1 byte
	//     - local_delay_sig_length: 1 byte
	//     - local_delay_sig: 73 bytes
	//     - zero_length: 1 byte
	//     - witness_script_length: 1 byte
	//     - witness_script (to_local_script)
	ToLocalTimeoutWitnessSize = 1 + 1 + 73 + 1 + 1 + ToLocalScriptSize

	// ToLocalPenaltyWitnessSize 160 bytes
	//      - number_of_witness_elements: 1 byte
	//      - revocation_sig_length: 1 byte
	//      - revocation_sig: 73 bytes
	//      - one_length: 1 byte
	//      - witness_script_length: 1 byte
	//      - witness_script (to_local_script)
	ToLocalPenaltyWitnessSize = 1 + 1 + 73 + 1 + 1 + ToLocalScriptSize

	// SecondLevelHtlcScriptSize 73 bytes
	//      - OP_IF: 1 byte
	//          - OP_DATA: 1 byte
	//          - revoke_key: 33 bytes
	//      - OP_ELSE: 1 byte
	//          - csv_delay: 1 byte
	//          - OP_CHECKSEQUENCEVERIFY: 1 byte
	//          - OP_DROP: 1 byte
	//          - delay_key: 33 bytes
	//      - OP_ENDIF: 1 byte
	//      - OP_CHECKSIG: 1 byte
	SecondLevelHtlcScriptSize = 73

	// SecondLevelHtlcPenaltyWitnessSize 149 bytes
	//  - number_of_witness_elements: 1 byte
	//  - revoke_sig_length: 1 byte
	//  - revoke_sig: 73 bytes
	//  - OP_TRUE: 1 byte
	//  - witness_script (second_level_script_size)
	SecondLevelHtlcPenaltyWitnessSize = 1 + 1 + 73 + 1 + SecondLevelHtlcScriptSize

	// SecondLevelHtlcSuccessWitnessSize 149 bytes
	//  - number_of_witness_elements: 1 byte
	//  - success_sig_length: 1 byte
	//  - success_sig: 73 bytes
	//  - nil_length: 1 byte
	//  - witness_script (second_level_script_size)
	SecondLevelHtlcSuccessWitnessSize = 1 + 1 + 73 + 1 + SecondLevelHtlcScriptSize

	// AcceptedHtlcScriptSize 139 bytes
	//      - OP_DUP: 1 byte
	//      - OP_HASH160: 1 byte
	//      - OP_DATA: 1 byte (RIPEMD160(SHA256(revocationkey)) length)
	//      - RIPEMD160(SHA256(revocationkey)): 20 bytes
	//      - OP_EQUAL: 1 byte
	//      - OP_IF: 1 byte
	//              - OP_CHECKSIG: 1 byte
	//      - OP_ELSE: 1 byte
	//              - OP_DATA: 1 byte (remotekey length)
	//              - remotekey: 33 bytes
	//              - OP_SWAP: 1 byte
	//              - OP_SIZE: 1 byte
	//              - 32: 1 byte
	//              - OP_EQUAL: 1 byte
	//              - OP_IF: 1 byte
	//                      - OP_HASH160: 1 byte
	//                      - OP_DATA: 1 byte (RIPEMD160(payment_hash) length)
	//                      - RIPEMD160(payment_hash): 20 bytes
	//                      - OP_EQUALVERIFY: 1 byte
	//                      - 2: 1 byte
	//                      - OP_SWAP: 1 byte
	//                      - OP_DATA: 1 byte (localkey length)
	//                      - localkey: 33 bytes
	//                      - 2: 1 byte
	//                      - OP_CHECKMULTISIG: 1 byte
	//              - OP_ELSE: 1 byte
	//                      - OP_DROP: 1 byte
	//                      - OP_DATA: 1 byte (cltv_expiry length)
	//                      - cltv_expiry: 4 bytes
	//                      - OP_CHECKLOCKTIMEVERIFY: 1 byte
	//                      - OP_DROP: 1 byte
	//                      - OP_CHECKSIG: 1 byte
	//              - OP_ENDIF: 1 byte
	//      - OP_ENDIF: 1 byte
	AcceptedHtlcScriptSize = 3*1 + 20 + 5*1 + 33 + 7*1 + 20 + 4*1 +
		33 + 5*1 + 4 + 5*1

	// AcceptedHtlcTimeoutWitnessSize 214
	//  - number_of_witness_elements: 1 byte
	//  - sender_sig: 73 bytes
	//  - nil_length: 1 byte
	//  - witness_script: (accepted_htlc_script)
	AcceptedHtlcTimeoutWitnessSize = 1 + 73 + 1 + AcceptedHtlcScriptSize

	// AcceptedHtlcSuccessWitnessSize 325 bytes
	//    - number_of_witness_elements: 1 byte
	//    - nil_length: 1 byte
	//    - sig_alice_length: 1 byte
	//    - sig_alice: 73 bytes
	//    - sig_bob_length: 1 byte
	//    - sig_bob: 73 bytes
	//    - preimage_length: 1 byte
	//    - preimage: 32 bytes
	//    - witness_script_length: 1 byte
	//    - witness_script (accepted_htlc_script)
	AcceptedHtlcSuccessWitnessSize = 1 + 1 + 73 + 1 + 73 + 1 + 32 + 1 + AcceptedHtlcScriptSize

	// AcceptedHtlcPenaltyWitnessSize 249 bytes
	//    - number_of_witness_elements: 1 byte
	//    - revocation_sig_length: 1 byte
	//    - revocation_sig: 73 bytes
	//    - revocation_key_length: 1 byte
	//    - revocation_key: 33 bytes
	//    - witness_script_length: 1 byte
	//    - witness_script (accepted_htlc_script)
	AcceptedHtlcPenaltyWitnessSize = 1 + 1 + 73 + 1 + 33 + 1 + AcceptedHtlcScriptSize

	// OfferedHtlcScriptSize 133 bytes
	//      - OP_DUP: 1 byte
	//      - OP_HASH160: 1 byte
	//      - OP_DATA: 1 byte (RIPEMD160(SHA256(revocationkey)) length)
	//      - RIPEMD160(SHA256(revocationkey)): 20 bytes
	//      - OP_EQUAL: 1 byte
	//      - OP_IF: 1 byte
	//              - OP_CHECKSIG: 1 byte
	//      - OP_ELSE: 1 byte
	//              - OP_DATA: 1 byte (remotekey length)
	//              - remotekey: 33 bytes
	//              - OP_SWAP: 1 byte
	//              - OP_SIZE: 1 byte
	//              - OP_DATA: 1 byte (32 length)
	//              - 32: 1 byte
	//              - OP_EQUAL: 1 byte
	//              - OP_NOTIF: 1 byte
	//                      - OP_DROP: 1 byte
	//                      - 2: 1 byte
	//                      - OP_SWAP: 1 byte
	//                      - OP_DATA: 1 byte (localkey length)
	//                      - localkey: 33 bytes
	//                      - 2: 1 byte
	//                      - OP_CHECKMULTISIG: 1 byte
	//              - OP_ELSE: 1 byte
	//                      - OP_HASH160: 1 byte
	//                      - OP_DATA: 1 byte (RIPEMD160(payment_hash) length)
	//                      - RIPEMD160(payment_hash): 20 bytes
	//                      - OP_EQUALVERIFY: 1 byte
	//                      - OP_CHECKSIG: 1 byte
	//              - OP_ENDIF: 1 byte
	//      - OP_ENDIF: 1 byte
	OfferedHtlcScriptSize = 3*1 + 20 + 5*1 + 33 + 10*1 + 33 + 5*1 + 20 + 4*1

	// OfferedHtlcTimeoutWitnessSize 285 bytes
	// - number_of_witness_elements: 1 byte
	// - nil_length: 1 byte
	// - sig_alice_length: 1 byte
	// - sig_alice: 73 bytes
	// - sig_bob_length: 1 byte
	// - sig_bob: 73 bytes
	// - nil_length: 1 byte
	// - witness_script_length: 1 byte
	// - witness_script (offered_htlc_script)
	OfferedHtlcTimeoutWitnessSize = 1 + 1 + 1 + 73 + 1 + 73 + 1 + 1 + OfferedHtlcScriptSize

	// OfferedHtlcSuccessWitnessSize 283 bytes
	// - number_of_witness_elements: 1 byte
	// - nil_length: 1 byte
	// - receiver_sig: 73 bytes
	// - sender_sigs: 73 bytes
	// - payment_preimage: 32 bytes
	// - witness_script_length: 1 byte
	// - witness_script (offered_htlc_script)
	OfferedHtlcSuccessWitnessSize = 1 + 1 + 73 + 73 + 73 + 32 + 1 + OfferedHtlcScriptSize

	// OfferedHtlcPenaltyWitnessSize 243 bytes
	//      - number_of_witness_elements: 1 byte
	//      - revocation_sig_length: 1 byte
	//      - revocation_sig: 73 bytes
	//      - revocation_key_length: 1 byte
	//      - revocation_key: 33 bytes
	//      - witness_script_length: 1 byte
	//      - witness_script (offered_htlc_script)
	OfferedHtlcPenaltyWitnessSize = 1 + 1 + 73 + 1 + 1 + OfferedHtlcScriptSize
)
View Source 
const (
	// StateHintSize is the total number of bytes used between the sequence
	// number and locktime of the commitment transaction use to encode a hint
	// to the state number of a particular commitment transaction.
	StateHintSize = 6
)

Variables

View Source 
var (
	// ErrChanClosing is returned when a caller attempts to close a channel
	// that has already been closed or is in the process of being closed.
	ErrChanClosing = fmt.Errorf("channel is being closed, operation disallowed")

	// ErrNoWindow is returned when revocation window is exhausted.
	ErrNoWindow = fmt.Errorf("unable to sign new commitment, the current" +
		" revocation window is exhausted")

	// ErrMaxWeightCost is returned when the cost/weight (see segwit)
	// exceeds the widely used maximum allowed policy weight limit. In this
	// case the commitment transaction can't be propagated through the
	// network.
	ErrMaxWeightCost = fmt.Errorf("commitment transaction exceed max " +
		"available cost")

	// ErrMaxHTLCNumber is returned when a proposed HTLC would exceed the
	// maximum number of allowed HTLC's if committed in a state transition
	ErrMaxHTLCNumber = fmt.Errorf("commitment transaction exceed max " +
		"htlc number")

	// ErrMaxPendingAmount is returned when a proposed HTLC would exceed
	// the overall maximum pending value of all HTLCs if committed in a
	// state transition.
	ErrMaxPendingAmount = fmt.Errorf("commitment transaction exceed max" +
		"overall pending htlc value")

	// ErrBelowChanReserve is returned when a proposed HTLC would cause
	// one of the peer's funds to dip below the channel reserve limit.
	ErrBelowChanReserve = fmt.Errorf("commitment transaction dips peer " +
		"below chan reserve")

	// ErrBelowMinHTLC is returned when a proposed HTLC has a value that
	// is below the minimum HTLC value constraint for either us or our
	// peer depending on which flags are set.
	ErrBelowMinHTLC = fmt.Errorf("proposed HTLC value is below minimum " +
		"allowed HTLC value")

	// ErrCannotSyncCommitChains is returned if, upon receiving a ChanSync
	// message, the state machine deems that is unable to properly
	// synchronize states with the remote peer.
	ErrCannotSyncCommitChains = fmt.Errorf("unable to sync commit chains")

	// ErrInvalidLastCommitSecret is returned in the case that the
	// commitment secret sent by the remote party in their
	// ChannelReestablish message doesn't match the last secret we sent.
	ErrInvalidLastCommitSecret = fmt.Errorf("commit secret is incorrect")

	// ErrCommitSyncDataLoss is returned in the case that we receive a
	// valid commit secret within the ChannelReestablish message from the
	// remote node AND they advertise a RemoteCommitTailHeight higher than
	// our current known height.
	ErrCommitSyncDataLoss = fmt.Errorf("possible commitment state data " +
		"loss")
)
View Source 
var (

	// SequenceLockTimeSeconds is the 22nd bit which indicates the lock
	// time is in seconds.
	SequenceLockTimeSeconds = uint32(1 << 22)

	// TimelockShift is used to make sure the commitment transaction is
	// spendable by setting the locktime with it so that it is larger than
	// 500,000,000, thus interpreting it as Unix epoch timestamp and not
	// a block height. It is also smaller than the current timestamp which
	// has bit (1 << 30) set, so there is no risk of having the commitment
	// transaction be rejected. This way we can safely use the lower 24 bits
	// of the locktime field for part of the obscured commitment transaction
	// number.
	TimelockShift = uint32(1 << 29)
)
View Source 
var ErrDoubleSpend = errors.New("Transaction rejected: output already spent")

ErrDoubleSpend is returned from PublishTransaction in case the tx being published is spending an output spent by a conflicting transaction.

View Source 
var ErrNotMine = errors.New("the passed output doesn't belong to the wallet")

ErrNotMine is an error denoting that a WalletController instance is unable to spend a specified output.

View Source 
var (
	// ErrTweakOverdose signals a SignDescriptor is invalid because both of its
	// SingleTweak and DoubleTweak are non-nil.
	ErrTweakOverdose = errors.New("sign descriptor should only have one tweak")
)

Functions

func CommitSpendNoDelay 

func CommitSpendNoDelay(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

CommitSpendNoDelay constructs a valid witness allowing a node to spend their settled no-delay output on the counterparty's commitment transaction.

NOTE: The passed SignDescriptor should include the raw (untweaked) public key of the receiver and also the proper single tweak value based on the current commitment point.

func CommitSpendRevoke 

func CommitSpendRevoke(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

CommitSpendRevoke constructs a valid witness allowing a node to sweep the settled output of a malicious counterparty who broadcasts a revoked commitment transaction.

NOTE: The passed SignDescriptor should include the raw (untweaked) revocation base public key of the receiver and also the proper double tweak value based on the commitment secret of the revoked commitment.

func CommitSpendTimeout 

func CommitSpendTimeout(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

CommitSpendTimeout constructs a valid witness allowing the owner of a particular commitment transaction to spend the output returning settled funds back to themselves after a relative block timeout. In order to properly spend the transaction, the target input's sequence number should be set accordingly based off of the target relative block timeout within the redeem script. Additionally, OP_CSV requires that the version of the transaction spending a pkscript with OP_CSV within it *must* be >= 2.

func ComputeCommitmentPoint 

func ComputeCommitmentPoint(commitSecret []byte) *btcec.PublicKey

ComputeCommitmentPoint generates a commitment point given a commitment secret. The commitment point for each state is used to randomize each key in the key-ring and also to used as a tweak to derive new public+private keys for the state.

func CreateCommitTx 

func CreateCommitTx(fundingOutput wire.TxIn,
	keyRing *CommitmentKeyRing, csvTimeout uint32,
	amountToSelf, amountToThem, dustLimit btcutil.Amount) (*wire.MsgTx, error)

CreateCommitTx creates a commitment transaction, spending from specified funding output. The commitment transaction contains two outputs: one paying to the "owner" of the commitment transaction which can be spent after a relative block delay or revocation event, and the other paying the counterparty within the channel, which can be spent immediately.

func CreateCommitmentTxns 

func CreateCommitmentTxns(localBalance, remoteBalance btcutil.Amount,
	ourChanCfg, theirChanCfg *channeldb.ChannelConfig,
	localCommitPoint, remoteCommitPoint *btcec.PublicKey,
	fundingTxIn wire.TxIn) (*wire.MsgTx, *wire.MsgTx, error)

CreateCommitmentTxns is a helper function that creates the initial commitment transaction for both parties. This function is used during the initial funding workflow as both sides must generate a signature for the remote party's commitment transaction, and verify the signature for their version of the commitment transaction.

func CreateCooperativeCloseTx 

func CreateCooperativeCloseTx(fundingTxIn wire.TxIn,
	localDust, remoteDust, ourBalance, theirBalance btcutil.Amount,
	ourDeliveryScript, theirDeliveryScript []byte,
	initiator bool) *wire.MsgTx

CreateCooperativeCloseTx creates a transaction which if signed by both parties, then broadcast cooperatively closes an active channel. The creation of the closure transaction is modified by a boolean indicating if the party constructing the channel is the initiator of the closure. Currently it is expected that the initiator pays the transaction fees for the closing transaction in full.

func CreateTestChannels 

func CreateTestChannels() (*LightningChannel, *LightningChannel, func(), error)

CreateTestChannels creates to fully populated channels to be used within testing fixtures. The channels will be returned as if the funding process has just completed. The channel itself is funded with 10 BTC, with 5 BTC allocated to each side. Within the channel, Alice is the initiator. The function also returns a "cleanup" function that is meant to be called once the test has been finalized. The clean up function will remote all temporary files created

func DefaultDustLimit 

func DefaultDustLimit() btcutil.Amount

DefaultDustLimit is used to calculate the dust HTLC amount which will be send to other node during funding process.

func DeriveRevocationPrivKey 

func DeriveRevocationPrivKey(revokeBasePriv *btcec.PrivateKey,
	commitSecret *btcec.PrivateKey) *btcec.PrivateKey

DeriveRevocationPrivKey derives the revocation private key given a node's commitment private key, and the preimage to a previously seen revocation hash. Using this derived private key, a node is able to claim the output within the commitment transaction of a node in the case that they broadcast a previously revoked commitment transaction.

The private key is derived as follows: 

revokePriv := (revokeBasePriv * sha256(revocationBase || commitPoint)) +
              (commitSecret * sha256(commitPoint || revocationBase)) mod N

Where N is the order of the sub-group.

func DeriveRevocationPubkey 

func DeriveRevocationPubkey(revokeBase, commitPoint *btcec.PublicKey) *btcec.PublicKey

DeriveRevocationPubkey derives the revocation public key given the counterparty's commitment key, and revocation preimage derived via a pseudo-random-function. In the event that we (for some reason) broadcast a revoked commitment transaction, then if the other party knows the revocation preimage, then they'll be able to derive the corresponding private key to this private key by exploiting the homomorphism in the elliptic curve group:

The derivation is performed as follows: 

revokeKey := revokeBase * sha256(revocationBase || commitPoint) +
             commitPoint * sha256(commitPoint || revocationBase)

          := G*(revokeBasePriv * sha256(revocationBase || commitPoint)) +
             G*(commitSecret * sha256(commitPoint || revocationBase))

          := G*(revokeBasePriv * sha256(revocationBase || commitPoint) +
                commitSecret * sha256(commitPoint || revocationBase))

Therefore, once we divulge the revocation secret, the remote peer is able to compute the proper private key for the revokeKey by computing: 

revokePriv := (revokeBasePriv * sha256(revocationBase || commitPoint)) +
              (commitSecret * sha256(commitPoint || revocationBase)) mod N

Where N is the order of the sub-group.

func DeriveStateHintObfuscator 

func DeriveStateHintObfuscator(key1, key2 *btcec.PublicKey) [StateHintSize]byte

DeriveStateHintObfuscator derives the bytes to be used for obfuscating the state hints from the root to be used for a new channel. The obfuscator is generated via the following computation:

  • sha256(initiatorKey || responderKey)[26:]
  • where both keys are the multi-sig keys of the respective parties

The first 6 bytes of the resulting hash are used as the state hint.

func DisableLog 

func DisableLog()

DisableLog disables all library log output. Logging output is disabled by default until UseLogger is called.

func FindScriptOutputIndex 

func FindScriptOutputIndex(tx *wire.MsgTx, script []byte) (bool, uint32)

FindScriptOutputIndex finds the index of the public key script output matching 'script'. Additionally, a boolean is returned indicating if a matching output was found at all.

NOTE: The search stops after the first matching script is found.

func GenFundingPkScript 

func GenFundingPkScript(aPub, bPub []byte, amt int64) ([]byte, *wire.TxOut, error)

GenFundingPkScript creates a redeem script, and its matching p2wsh output for the funding transaction.

func GetStateNumHint 

func GetStateNumHint(commitTx *wire.MsgTx, obfuscator [StateHintSize]byte) uint64

GetStateNumHint recovers the current state number given a commitment transaction which has previously had the state number encoded within it via setStateNumHint and a shared obfuscator.

See setStateNumHint for further details w.r.t exactly how the state-hints are encoded.

func HtlcSecondLevelSpend 

func HtlcSecondLevelSpend(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

HtlcSecondLevelSpend exposes the public witness generation function for spending an HTLC success transaction, either due to an expiring time lock or having had the payment preimage. This method is able to spend any second-level HTLC transaction, assuming the caller sets the locktime or seqno properly.

NOTE: The caller MUST set the txn version, sequence number, and sign descriptor's sig hash cache before invocation.

func ReadSignDescriptor 

func ReadSignDescriptor(r io.Reader, sd *SignDescriptor) error

ReadSignDescriptor deserializes a SignDescriptor struct from the passed io.Reader stream.

func ReceiverHtlcSpendRevoke 

func ReceiverHtlcSpendRevoke(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

ReceiverHtlcSpendRevoke constructs a valid witness allowing the sender of an HTLC within a previously revoked commitment transaction to re-claim the pending funds in the case that the receiver broadcasts this revoked commitment transaction. This method first derives the appropriate revocation key, and requires that the provided SignDescriptor has a local revocation basepoint and commitment secret in the PubKey and DoubleTweak fields, respectively.

func RegisterWallet 

func RegisterWallet(driver *WalletDriver) error

RegisterWallet registers a WalletDriver which is capable of driving a concrete WalletController interface. In the case that this driver has already been registered, an error is returned.

NOTE: This function is safe for concurrent access.

func SenderHtlcSpendRedeem 

func SenderHtlcSpendRedeem(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx, paymentPreimage []byte) (wire.TxWitness, error)

SenderHtlcSpendRedeem constructs a valid witness allowing the receiver of an HTLC to redeem the pending output in the scenario that the sender broadcasts their version of the commitment transaction. A valid spend requires knowledge of the payment preimage, and a valid signature under the receivers public key.

func SenderHtlcSpendRevoke 

func SenderHtlcSpendRevoke(signer Signer, signDesc *SignDescriptor,
	sweepTx *wire.MsgTx) (wire.TxWitness, error)

SenderHtlcSpendRevoke constructs a valid witness allowing the receiver of an HTLC to claim the output with knowledge of the revocation private key in the scenario that the sender of the HTLC broadcasts a previously revoked commitment transaction. This method first derives the appropriate revocation key, and requires that the provided SignDescriptor has a local revocation basepoint and commitment secret in the PubKey and DoubleTweak fields, respectively.

func SetStateNumHint 

func SetStateNumHint(commitTx *wire.MsgTx, stateNum uint64,
	obfuscator [StateHintSize]byte) error

SetStateNumHint encodes the current state number within the passed commitment transaction by re-purposing the locktime and sequence fields in the commitment transaction to encode the obfuscated state number. The state number is encoded using 48 bits. The lower 24 bits of the lock time are the lower 24 bits of the obfuscated state number and the lower 24 bits of the sequence field are the higher 24 bits. Finally before encoding, the obfuscator is XOR'd against the state number in order to hide the exact state number from the PoV of outside parties.

func SingleTweakBytes 

func SingleTweakBytes(commitPoint, basePoint *btcec.PublicKey) []byte

SingleTweakBytes computes set of bytes we call the single tweak. The purpose of the single tweak is to randomize all regular delay and payment base points. To do this, we generate a hash that binds the commitment point to the pay/delay base point. The end end results is that the basePoint is tweaked as follows:

  • key = basePoint + sha256(commitPoint || basePoint)*G

func SpendMultiSig 

func SpendMultiSig(witnessScript, pubA, sigA, pubB, sigB []byte) [][]byte

SpendMultiSig generates the witness stack required to redeem the 2-of-2 p2wsh multi-sig output.

func SupportedWallets 

func SupportedWallets() []string

SupportedWallets returns a slice of strings that represents the wallet drivers that have been registered and are therefore supported.

NOTE: This function is safe for concurrent access.

func TweakPrivKey 

func TweakPrivKey(basePriv *btcec.PrivateKey, commitTweak []byte) *btcec.PrivateKey

TweakPrivKey tweaks the private key of a public base point given a per commitment point. The per commitment secret is the revealed revocation secret for the commitment state in question. This private key will only need to be generated in the case that a channel counter party broadcasts a revoked state. Precisely, the following operation is used to derive a tweaked private key:

  • tweakPriv := basePriv + sha256(commitment || basePub) mod N

Where N is the order of the sub-group.

func TweakPubKey 

func TweakPubKey(basePoint, commitPoint *btcec.PublicKey) *btcec.PublicKey

TweakPubKey tweaks a public base point given a per commitment point. The per commitment point is a unique point on our target curve for each commitment transaction. When tweaking a local base point for use in a remote commitment transaction, the remote party's current per commitment point is to be used. The opposite applies for when tweaking remote keys. Precisely, the following operation is used to "tweak" public keys: 

tweakPub := basePoint + sha256(commitPoint || basePoint) * G
         := G*k + sha256(commitPoint || basePoint)*G
         := G*(k + sha256(commitPoint || basePoint))

Therefore, if a party possess the value k, the private key of the base point, then they are able to derive the private key by computing: compute the proper private key for the revokeKey by computing: 

revokePriv := k + sha256(commitPoint || basePoint) mod N

Where N is the order of the sub-group.

The rationale for tweaking all public keys used within the commitment contracts is to ensure that all keys are properly delinearized to avoid any funny business when jointly collaborating to compute public and private keys. Additionally, the use of the per commitment point ensures that each commitment state houses a unique set of keys which is useful when creating blinded channel outsourcing protocols.

TODO(roasbeef): should be using double-scalar mult here

func TweakPubKeyWithTweak 

func TweakPubKeyWithTweak(pubKey *btcec.PublicKey, tweakBytes []byte) *btcec.PublicKey

TweakPubKeyWithTweak is the exact same as the TweakPubKey function, however it accepts the raw tweak bytes directly rather than the commitment point.

func UseLogger 

func UseLogger(logger btclog.Logger)

UseLogger uses a specified Logger to output package logging info. This should be used in preference to SetLogWriter if the caller is also using btclog.

func WriteSignDescriptor 

func WriteSignDescriptor(w io.Writer, sd *SignDescriptor) error

WriteSignDescriptor serializes a SignDescriptor struct into the passed io.Writer stream.

NOTE: We assume the SigHashes and InputIndex fields haven't been assigned yet, since that is usually done just before broadcast by the witness generator.

Types

type AddressType 

type AddressType uint8

AddressType is an enum-like type which denotes the possible address types WalletController supports. 

const (
	// WitnessPubKey represents a p2wkh address.
	WitnessPubKey AddressType = iota

	// NestedWitnessPubKey represents a p2sh output which is itself a
	// nested p2wkh output.
	NestedWitnessPubKey

	// UnknownAddressType represents an output with an unknown or non-standard
	// script.
	UnknownAddressType
)

type BitcoindFeeEstimator 

type BitcoindFeeEstimator struct {
	// contains filtered or unexported fields
}

BitcoindFeeEstimator is an implementation of the FeeEstimator interface backed by the RPC interface of an active bitcoind node. This implementation will proxy any fee estimation requests to bitcoind's RPC interface.

func NewBitcoindFeeEstimator 

func NewBitcoindFeeEstimator(rpcConfig rpcclient.ConnConfig,
	fallBackFeeRate SatPerVByte) (*BitcoindFeeEstimator, error)

NewBitcoindFeeEstimator creates a new BitcoindFeeEstimator given a fully populated rpc config that is able to successfully connect and authenticate with the bitcoind node, and also a fall back fee rate. The fallback fee rate is used in the occasion that the estimator has insufficient data, or returns zero for a fee estimate.

func (*BitcoindFeeEstimator) EstimateFeePerVSize 

func (b *BitcoindFeeEstimator) EstimateFeePerVSize(numBlocks uint32) (SatPerVByte, error)

EstimateFeePerVSize takes in a target for the number of blocks until an initial confirmation and returns the estimated fee expressed in satoshis/vbyte.

NOTE: This method is part of the FeeEstimator interface.

func (*BitcoindFeeEstimator) Start 

func (b *BitcoindFeeEstimator) Start() error

Start signals the FeeEstimator to start any processes or goroutines it needs to perform its duty.

NOTE: This method is part of the FeeEstimator interface.

func (*BitcoindFeeEstimator) Stop 

func (b *BitcoindFeeEstimator) Stop() error

Stop stops any spawned goroutines and cleans up the resources used by the fee estimator.

NOTE: This method is part of the FeeEstimator interface.

type BlockChainIO 

type BlockChainIO interface {
	// GetBestBlock returns the current height and block hash of the valid
	// most-work chain the implementation is aware of.
	GetBestBlock() (*chainhash.Hash, int32, error)

	// GetUtxo attempts to return the passed outpoint if it's still a
	// member of the utxo set. The passed height hint should be the "birth
	// height" of the passed outpoint. In the case that the output is in
	// the UTXO set, then the output corresponding to that output is
	// returned.  Otherwise, a non-nil error will be returned.
	GetUtxo(op *wire.OutPoint, heightHint uint32) (*wire.TxOut, error)

	// GetBlockHash returns the hash of the block in the best blockchain
	// at the given height.
	GetBlockHash(blockHeight int64) (*chainhash.Hash, error)

	// GetBlock returns the block in the main chain identified by the given
	// hash.
	GetBlock(blockHash *chainhash.Hash) (*wire.MsgBlock, error)
}

BlockChainIO is a dedicated source which will be used to obtain queries related to the current state of the blockchain. The data returned by each of the defined methods within this interface should always return the most up to date data possible.

TODO(roasbeef): move to diff package perhaps? TODO(roasbeef): move publish txn here?

type BreachRetribution 

type BreachRetribution struct {
	// BreachTransaction is the transaction which breached the channel
	// contract by spending from the funding multi-sig with a revoked
	// commitment transaction.
	BreachTransaction *wire.MsgTx

	// BreachHeight records the block height confirming the breach
	// transaction, used as a height hint when registering for
	// confirmations.
	BreachHeight uint32

	// ChainHash is the chain that the contract beach was identified
	// within. This is also the resident chain of the contract (the chain
	// the contract was created on).
	ChainHash chainhash.Hash

	// RevokedStateNum is the revoked state number which was broadcast.
	RevokedStateNum uint64

	// PendingHTLCs is a slice of the HTLCs which were pending at this
	// point within the channel's history transcript.
	PendingHTLCs []channeldb.HTLC

	// LocalOutputSignDesc is a SignDescriptor which is capable of
	// generating the signature necessary to sweep the output within the
	// BreachTransaction that pays directly us.
	//
	// NOTE: A nil value indicates that the local output is considered dust
	// according to the remote party's dust limit.
	LocalOutputSignDesc *SignDescriptor

	// LocalOutpoint is the outpoint of the output paying to us (the local
	// party) within the breach transaction.
	LocalOutpoint wire.OutPoint

	// RemoteOutputSignDesc is a SignDescriptor which is capable of
	// generating the signature required to claim the funds as described
	// within the revocation clause of the remote party's commitment
	// output.
	//
	// NOTE: A nil value indicates that the local output is considered dust
	// according to the remote party's dust limit.
	RemoteOutputSignDesc *SignDescriptor

	// RemoteOutpoint is the outpoint of the output paying to the remote
	// party within the breach transaction.
	RemoteOutpoint wire.OutPoint

	// HtlcRetributions is a slice of HTLC retributions for each output
	// active HTLC output within the breached commitment transaction.
	HtlcRetributions []HtlcRetribution
}

BreachRetribution contains all the data necessary to bring a channel counterparty to justice claiming ALL lingering funds within the channel in the scenario that they broadcast a revoked commitment transaction. A BreachRetribution is created by the closeObserver if it detects an uncooperative close of the channel which uses a revoked commitment transaction. The BreachRetribution is then sent over the ContractBreach channel in order to allow the subscriber of the channel to dispatch justice.

func NewBreachRetribution 

func NewBreachRetribution(chanState *channeldb.OpenChannel, stateNum uint64,
	broadcastCommitment *wire.MsgTx,
	breachHeight uint32) (*BreachRetribution, error)

NewBreachRetribution creates a new fully populated BreachRetribution for the passed channel, at a particular revoked state number, and one which targets the passed commitment transaction.

type BtcdFeeEstimator 

type BtcdFeeEstimator struct {
	// contains filtered or unexported fields
}

BtcdFeeEstimator is an implementation of the FeeEstimator interface backed by the RPC interface of an active btcd node. This implementation will proxy any fee estimation requests to btcd's RPC interface.

func NewBtcdFeeEstimator 

func NewBtcdFeeEstimator(rpcConfig rpcclient.ConnConfig,
	fallBackFeeRate SatPerVByte) (*BtcdFeeEstimator, error)

NewBtcdFeeEstimator creates a new BtcdFeeEstimator given a fully populated rpc config that is able to successfully connect and authenticate with the btcd node, and also a fall back fee rate. The fallback fee rate is used in the occasion that the estimator has insufficient data, or returns zero for a fee estimate.

func (*BtcdFeeEstimator) EstimateFeePerVSize 

func (b *BtcdFeeEstimator) EstimateFeePerVSize(numBlocks uint32) (SatPerVByte, error)

EstimateFeePerVSize takes in a target for the number of blocks until an initial confirmation and returns the estimated fee expressed in satoshis/vbyte.

NOTE: This method is part of the FeeEstimator interface.

func (*BtcdFeeEstimator) Start 

func (b *BtcdFeeEstimator) Start() error

Start signals the FeeEstimator to start any processes or goroutines it needs to perform its duty.

NOTE: This method is part of the FeeEstimator interface.

func (*BtcdFeeEstimator) Stop 

func (b *BtcdFeeEstimator) Stop() error

Stop stops any spawned goroutines and cleans up the resources used by the fee estimator.

NOTE: This method is part of the FeeEstimator interface.

type ChannelContribution 

type ChannelContribution struct {
	// FundingOutpoint is the amount of funds contributed to the funding
	// transaction.
	FundingAmount btcutil.Amount

	// Inputs to the funding transaction.
	Inputs []*wire.TxIn

	// ChangeOutputs are the Outputs to be used in the case that the total
	// value of the funding inputs is greater than the total potential
	// channel capacity.
	ChangeOutputs []*wire.TxOut

	// FirstCommitmentPoint is the first commitment point that will be used
	// to create the revocation key in the first commitment transaction we
	// send to the remote party.
	FirstCommitmentPoint *btcec.PublicKey

	// ChannelConfig is the concrete contribution that this node is
	// offering to the channel. This includes all the various constraints
	// such as the min HTLC, and also all the keys which will be used for
	// the duration of the channel.
	*channeldb.ChannelConfig
}

ChannelContribution is the primary constituent of the funding workflow within lnwallet. Each side first exchanges their respective contributions along with channel specific parameters like the min fee/KB. Once contributions have been exchanged, each side will then produce signatures for all their inputs to the funding transactions, and finally a signature for the other party's version of the commitment transaction.

type ChannelReservation 

type ChannelReservation struct {
	// This mutex MUST be held when either reading or modifying any of the
	// fields below.
	sync.RWMutex
	// contains filtered or unexported fields
}

ChannelReservation represents an intent to open a lightning payment channel with a counterparty. The funding processes from reservation to channel opening is a 3-step process. In order to allow for full concurrency during the reservation workflow, resources consumed by a contribution are "locked" themselves. This prevents a number of race conditions such as two funding transactions double-spending the same input. A reservation can also be cancelled, which removes the resources from limbo, allowing another reservation to claim them.

The reservation workflow consists of the following three steps:

  1. lnwallet.InitChannelReservation * One requests the wallet to allocate the necessary resources for a channel reservation. These resources are put in limbo for the lifetime of a reservation. * Once completed the reservation will have the wallet's contribution accessible via the .OurContribution() method. This contribution contains the necessary items to allow the remote party to build both the funding, and commitment transactions.
  2. ChannelReservation.ProcessContribution/ChannelReservation.ProcessSingleContribution * The counterparty presents their contribution to the payment channel. This allows us to build the funding, and commitment transactions ourselves. * We're now able to sign our inputs to the funding transactions, and the counterparty's version of the commitment transaction. * All signatures crafted by us, are now available via .OurSignatures().
  3. ChannelReservation.CompleteReservation/ChannelReservation.CompleteReservationSingle * The final step in the workflow. The counterparty presents the signatures for all their inputs to the funding transaction, as well as a signature to our version of the commitment transaction. * We then verify the validity of all signatures before considering the channel "open".

func NewChannelReservation 

func NewChannelReservation(capacity, fundingAmt btcutil.Amount,
	commitFeePerKw SatPerKWeight, wallet *LightningWallet,
	id uint64, pushMSat lnwire.MilliSatoshi, chainHash *chainhash.Hash,
	flags lnwire.FundingFlag) (*ChannelReservation, error)

NewChannelReservation creates a new channel reservation. This function is used only internally by lnwallet. In order to concurrent safety, the creation of all channel reservations should be carried out via the lnwallet.InitChannelReservation interface.

func (*ChannelReservation) Cancel 

func (r *ChannelReservation) Cancel() error

Cancel abandons this channel reservation. This method should be called in the scenario that communications with the counterparty break down. Upon cancellation, all resources previously reserved for this pending payment channel are returned to the free pool, allowing subsequent reservations to utilize the now freed resources.

func (*ChannelReservation) CommitConstraints 

func (r *ChannelReservation) CommitConstraints(csvDelay, maxHtlcs uint16,
	maxValueInFlight, minHtlc lnwire.MilliSatoshi,
	chanReserve, dustLimit btcutil.Amount) error

CommitConstraints takes the constraints that the remote party specifies for the type of commitments that we can generate for them. These constraints include several parameters that serve as flow control restricting the amount of satoshis that can be transferred in a single commitment. This function will also attempt to verify the constraints for sanity, returning an error if the parameters are seemed unsound.

func (*ChannelReservation) CompleteReservation 

func (r *ChannelReservation) CompleteReservation(fundingInputScripts []*InputScript,
	commitmentSig []byte) (*channeldb.OpenChannel, error)

CompleteReservation finalizes the pending channel reservation, transitioning from a pending payment channel, to an open payment channel. All passed signatures to the counterparty's inputs to the funding transaction will be fully verified. Signatures are expected to be passed in sorted order according to BIP-69: https://github.com/bitcoin/bips/blob/master/bip-0069.mediawiki. Additionally, verification is performed in order to ensure that the counterparty supplied a valid signature to our version of the commitment transaction. Once this method returns, caller's should then call .WaitForChannelOpen() which will block until the funding transaction obtains the configured number of confirmations. Once the method unblocks, a LightningChannel instance is returned, marking the channel available for updates.

func (*ChannelReservation) CompleteReservationSingle 

func (r *ChannelReservation) CompleteReservationSingle(fundingPoint *wire.OutPoint,
	commitSig []byte) (*channeldb.OpenChannel, error)

CompleteReservationSingle finalizes the pending single funder channel reservation. Using the funding outpoint of the constructed funding transaction, and the initiator's signature for our version of the commitment transaction, we are able to verify the correctness of our commitment transaction as crafted by the initiator. Once this method returns, our signature for the initiator's version of the commitment transaction is available via the .OurSignatures() method. As this method should only be called as a response to a single funder channel, only a commitment signature will be populated.

func (*ChannelReservation) FinalFundingTx 

func (r *ChannelReservation) FinalFundingTx() *wire.MsgTx

FinalFundingTx returns the finalized, fully signed funding transaction for this reservation.

NOTE: If this reservation was created as the non-initiator to a single funding workflow, then the full funding transaction will not be available. Instead we will only have the final outpoint of the funding transaction.

func (*ChannelReservation) FundingOutpoint 

func (r *ChannelReservation) FundingOutpoint() *wire.OutPoint

FundingOutpoint returns the outpoint of the funding transaction.

NOTE: The pointer returned will only be set once the .ProcessContribution() method is called in the case of the initiator of a single funder workflow, and after the .CompleteReservationSingle() method is called in the case of a responder to a single funder workflow.

func (*ChannelReservation) OurContribution 

func (r *ChannelReservation) OurContribution() *ChannelContribution

OurContribution returns the wallet's fully populated contribution to the pending payment channel. See 'ChannelContribution' for further details regarding the contents of a contribution.

NOTE: This SHOULD NOT be modified. TODO(roasbeef): make copy?

func (*ChannelReservation) OurSignatures 

func (r *ChannelReservation) OurSignatures() ([]*InputScript, []byte)

OurSignatures retrieves the wallet's signatures to all inputs to the funding transaction belonging to itself, and also a signature for the counterparty's version of the commitment transaction. The signatures for the wallet's inputs to the funding transaction are returned in sorted order according to BIP-69: https://github.com/bitcoin/bips/blob/master/bip-0069.mediawiki.

NOTE: These signatures will only be populated after a call to .ProcesContribution()

func (*ChannelReservation) ProcessContribution 

func (r *ChannelReservation) ProcessContribution(theirContribution *ChannelContribution) error

ProcessContribution verifies the counterparty's contribution to the pending payment channel. As a result of this incoming message, lnwallet is able to build the funding transaction, and both commitment transactions. Once this message has been processed, all signatures to inputs to the funding transaction belonging to the wallet are available. Additionally, the wallet will generate a signature to the counterparty's version of the commitment transaction.

func (*ChannelReservation) ProcessSingleContribution 

func (r *ChannelReservation) ProcessSingleContribution(theirContribution *ChannelContribution) error

ProcessSingleContribution verifies, and records the initiator's contribution to this pending single funder channel. Internally, no further action is taken other than recording the initiator's contribution to the single funder channel.

func (*ChannelReservation) SetNumConfsRequired 

func (r *ChannelReservation) SetNumConfsRequired(numConfs uint16)

SetNumConfsRequired sets the number of confirmations that are required for the ultimate funding transaction before the channel can be considered open. This is distinct from the main reservation workflow as it allows implementations a bit more flexibility w.r.t to if the responder of the initiator sets decides the number of confirmations needed.

func (*ChannelReservation) TheirContribution 

func (r *ChannelReservation) TheirContribution() *ChannelContribution

TheirContribution returns the counterparty's pending contribution to the payment channel. See 'ChannelContribution' for further details regarding the contents of a contribution. This attribute will ONLY be available after a call to .ProcesContribution().

NOTE: This SHOULD NOT be modified.

func (*ChannelReservation) TheirSignatures 

func (r *ChannelReservation) TheirSignatures() ([]*InputScript, []byte)

TheirSignatures returns the counterparty's signatures to all inputs to the funding transaction belonging to them, as well as their signature for the wallet's version of the commitment transaction. This methods is provided for additional verification, such as needed by tests.

NOTE: These attributes will be unpopulated before a call to .CompleteReservation().

type CommitOutputResolution 

type CommitOutputResolution struct {
	// SelfOutPoint is the full outpoint that points to out pay-to-self
	// output within the closing commitment transaction.
	SelfOutPoint wire.OutPoint

	// SelfOutputSignDesc is a fully populated sign descriptor capable of
	// generating a valid signature to sweep the output paying to us.
	SelfOutputSignDesc SignDescriptor

	// MaturityDelay is the relative time-lock, in blocks for all outputs
	// that pay to the local party within the broadcast commitment
	// transaction. This value will be non-zero iff, this output was on our
	// commitment transaction.
	MaturityDelay uint32
}

CommitOutputResolution carries the necessary information required to allow us to sweep our direct commitment output in the case that either party goes to chain.

type CommitmentKeyRing 

type CommitmentKeyRing struct {
	// commitPoint is the "per commitment point" used to derive the tweak
	// for each base point.
	CommitPoint *btcec.PublicKey

	// LocalCommitKeyTweak is the tweak used to derive the local public key
	// from the local payment base point or the local private key from the
	// base point secret. This may be included in a SignDescriptor to
	// generate signatures for the local payment key.
	LocalCommitKeyTweak []byte

	// LocalHtlcKeyTweak is the teak used to derive the local HTLC key from
	// the local HTLC base point. This value is needed in order to
	// derive the final key used within the HTLC scripts in the commitment
	// transaction.
	LocalHtlcKeyTweak []byte

	// LocalHtlcKey is the key that will be used in the "to self" clause of
	// any HTLC scripts within the commitment transaction for this key ring
	// set.
	LocalHtlcKey *btcec.PublicKey

	// RemoteHtlcKey is the key that will be used in clauses within the
	// HTLC script that send money to the remote party.
	RemoteHtlcKey *btcec.PublicKey

	// DelayKey is the commitment transaction owner's key which is included
	// in HTLC success and timeout transaction scripts.
	DelayKey *btcec.PublicKey

	// NoDelayKey is the other party's payment key in the commitment tx.
	// This is the key used to generate the unencumbered output within the
	// commitment transaction.
	NoDelayKey *btcec.PublicKey

	// RevocationKey is the key that can be used by the other party to
	// redeem outputs from a revoked commitment transaction if it were to
	// be published.
	RevocationKey *btcec.PublicKey
}

CommitmentKeyRing holds all derived keys needed to construct commitment and HTLC transactions. The keys are derived differently depending whether the commitment transaction is ours or the remote peer's. Private keys associated with each key may belong to the commitment owner or the "other party" which is referred to in the field comments, regardless of which is local and which is remote.

type Config 

type Config struct {
	// Database is a wrapper around a namespace within boltdb reserved for
	// ln-based wallet metadata. See the 'channeldb' package for further
	// information.
	Database *channeldb.DB

	// Notifier is used by in order to obtain notifications about funding
	// transaction reaching a specified confirmation depth, and to catch
	// counterparty's broadcasting revoked commitment states.
	Notifier chainntnfs.ChainNotifier

	// SecretKeyRing is used by the wallet during the funding workflow
	// process to obtain keys to be used directly within contracts. Usage
	// of this interface ensures that all key derivation is itself fully
	// deterministic.
	SecretKeyRing keychain.SecretKeyRing

	// WalletController is the core wallet, all non Lightning Network
	// specific interaction is proxied to the internal wallet.
	WalletController WalletController

	// Signer is the wallet's current Signer implementation. This Signer is
	// used to generate signature for all inputs to potential funding
	// transactions, as well as for spends from the funding transaction to
	// update the commitment state.
	Signer Signer

	// FeeEstimator is the implementation that the wallet will use for the
	// calculation of on-chain transaction fees.
	FeeEstimator FeeEstimator

	// ChainIO is an instance of the BlockChainIO interface. ChainIO is
	// used to lookup the existence of outputs within the UTXO set.
	ChainIO BlockChainIO

	// DefaultConstraints is the set of default constraints that will be
	// used for any incoming or outgoing channel reservation requests.
	DefaultConstraints channeldb.ChannelConstraints

	// NetParams is the set of parameters that tells the wallet which chain
	// it will be operating on.
	NetParams chaincfg.Params
}

Config is a struct which houses configuration parameters which modify the behaviour of LightningWallet.

NOTE: The passed channeldb, and ChainNotifier should already be fully initialized/started before being passed as a function argument.

type ErrInsufficientFunds 

type ErrInsufficientFunds struct {
	// contains filtered or unexported fields
}

ErrInsufficientFunds is a type matching the error interface which is returned when coin selection for a new funding transaction fails to due having an insufficient amount of confirmed funds.

func (*ErrInsufficientFunds) Error 

func (e *ErrInsufficientFunds) Error() string

type FeeEstimator 

type FeeEstimator interface {
	// EstimateFeePerVSize takes in a target for the number of blocks until
	// an initial confirmation and returns the estimated fee expressed in
	// satoshis/vbyte.
	EstimateFeePerVSize(numBlocks uint32) (SatPerVByte, error)

	// Start signals the FeeEstimator to start any processes or goroutines
	// it needs to perform its duty.
	Start() error

	// Stop stops any spawned goroutines and cleans up the resources used
	// by the fee estimator.
	Stop() error
}

FeeEstimator provides the ability to estimate on-chain transaction fees for various combinations of transaction sizes and desired confirmation time (measured by number of blocks).

type HtlcResolutions 

type HtlcResolutions struct {
	// IncomingHTLCs contains a set of structs that can be used to sweep
	// all the incoming HTL'C that we know the preimage to.
	IncomingHTLCs []IncomingHtlcResolution

	// OutgoingHTLCs contains a set of structs that contains all the info
	// needed to sweep an outgoing HTLC we've sent to the remote party
	// after an absolute delay has expired.
	OutgoingHTLCs []OutgoingHtlcResolution
}

HtlcResolutions contains the items necessary to sweep HTLC's on chain directly from a commitment transaction. We'll use this in case either party goes broadcasts a commitment transaction with live HTLC's.

type HtlcRetribution 

type HtlcRetribution struct {
	// SignDesc is a design descriptor capable of generating the necessary
	// signatures to satisfy the revocation clause of the HTLC's public key
	// script.
	SignDesc SignDescriptor

	// OutPoint is the target outpoint of this HTLC pointing to the
	// breached commitment transaction.
	OutPoint wire.OutPoint

	// SecondLevelWitnessScript is the witness script that will be created
	// if the second level HTLC transaction for this output is
	// broadcast/confirmed. We provide this as if the remote party attempts
	// to go to the second level to claim the HTLC then we'll need to
	// update the SignDesc above accordingly to sweep properly.
	SecondLevelWitnessScript []byte

	// IsIncoming is a boolean flag that indicates whether or not this
	// HTLC was accepted from the counterparty. A false value indicates that
	// this HTLC was offered by us. This flag is used determine the exact
	// witness type should be used to sweep the output.
	IsIncoming bool
}

HtlcRetribution contains all the items necessary to seep a revoked HTLC transaction from a revoked commitment transaction broadcast by the remote party.

type IncomingHtlcResolution 

type IncomingHtlcResolution struct {
	// Preimage is the preimage that will be used to satisfy the contract
	// of the HTLC.
	//
	// NOTE: This field will only be populated if we know the preimage at
	// the time a unilateral or force close occurs.
	Preimage [32]byte

	// SignedSuccessTx is the fully signed HTLC success transaction. This
	// transaction (if non-nil) can be broadcast immediately. After a csv
	// delay (included below), then the output created by this transactions
	// can be swept on-chain.
	//
	// NOTE: If this field is nil, then this indicates that we don't need
	// to go to the second level to claim this HTLC. Instead, it can be
	// claimed directly from the outpoint listed below.
	SignedSuccessTx *wire.MsgTx

	// CsvDelay is the relative time lock (expressed in blocks) that must
	// pass after the SignedSuccessTx is confirmed in the chain before the
	// output can be swept.
	//
	// NOTE: If SignedSuccessTx is nil, then this field isn't needed.
	CsvDelay uint32

	// ClaimOutpoint is the final outpoint that needs to be spent in order
	// to fully sweep the HTLC. The SignDescriptor below should be used to
	// spend this outpoint. In the case of a second-level HTLC (non-nil
	// SignedTimeoutTx), then we'll be spending a new transaction.
	// Otherwise, it'll be an output in the commitment transaction.
	ClaimOutpoint wire.OutPoint

	// SweepSignDesc is a sign descriptor that has been populated with the
	// necessary items required to spend the sole output of the above
	// transaction.
	SweepSignDesc SignDescriptor
}

IncomingHtlcResolution houses the information required to sweep any incoming HTLC's that we know the preimage to. We'll need to sweep an HTLC manually using this struct if we need to go on-chain for any reason, or if we detect that the remote party broadcasts their commitment transaction.

type InputScript 

type InputScript struct {
	Witness   [][]byte
	ScriptSig []byte
}

InputScript represents any script inputs required to redeem a previous output. This struct is used rather than just a witness, or scripSig in order to accommodate nested p2sh which utilizes both types of input scripts.

type InvalidCommitSigError 

type InvalidCommitSigError struct {
	// contains filtered or unexported fields
}

InvalidCommitSigError is a struct that implements the error interface to report a failure to validate a commitment signature for a remote peer. We'll use the items in this struct to generate a rich error message for the remote peer when we receive an invalid signature from it. Doing so can greatly aide in debugging cross implementation issues.

func (*InvalidCommitSigError) Error 

func (i *InvalidCommitSigError) Error() string

Error returns a detailed error string including the exact transaction that caused an invalid commitment signature.

type InvalidHtlcSigError 

type InvalidHtlcSigError struct {
	// contains filtered or unexported fields
}

InvalidCommitSigError is a struc that implements the error interface to report a failure to validate an htlc signature from a remote peer. We'll use the items in this struct to generate a rich error message for the remote peer when we receive an invalid signature from it. Doing so can greatly aide in debugging across implementation issues.

func (*InvalidHtlcSigError) Error 

func (i *InvalidHtlcSigError) Error() string

Error returns a detailed error string including the exact transaction that caused an invalid htlc signature.

type LightningChannel 

type LightningChannel struct {
	// Signer is the main signer instances that will be responsible for
	// signing any HTLC and commitment transaction generated by the state
	// machine.
	Signer Signer

	// ChanPoint is the funding outpoint of this channel.
	ChanPoint *wire.OutPoint

	// Capacity is the total capacity of this channel.
	Capacity btcutil.Amount

	// LocalFundingKey is the public key under control by the wallet that
	// was used for the 2-of-2 funding output which created this channel.
	LocalFundingKey *btcec.PublicKey

	// RemoteFundingKey is the public key for the remote channel counter
	// party  which used for the 2-of-2 funding output which created this
	// channel.
	RemoteFundingKey *btcec.PublicKey

	sync.RWMutex
	// contains filtered or unexported fields
}

LightningChannel implements the state machine which corresponds to the current commitment protocol wire spec. The state machine implemented allows for asynchronous fully desynchronized, batched+pipelined updates to commitment transactions allowing for a high degree of non-blocking bi-directional payment throughput.

In order to allow updates to be fully non-blocking, either side is able to create multiple new commitment states up to a pre-determined window size. This window size is encoded within InitialRevocationWindow. Before the start of a session, both side should send out revocation messages with nil preimages in order to populate their revocation window for the remote party.

The state machine has for main methods:

  • .SignNextCommitment()
  • Called one one wishes to sign the next commitment, either initiating a new state update, or responding to a received commitment.
  • .ReceiveNewCommitment()
  • Called upon receipt of a new commitment from the remote party. If the new commitment is valid, then a revocation should immediately be generated and sent.
  • .RevokeCurrentCommitment()
  • Revokes the current commitment. Should be called directly after receiving a new commitment.
  • .ReceiveRevocation()
  • Processes a revocation from the remote party. If successful creates a new defacto broadcastable state.

See the individual comments within the above methods for further details.

func NewLightningChannel 

func NewLightningChannel(signer Signer, pCache PreimageCache,
	state *channeldb.OpenChannel) (*LightningChannel, error)

NewLightningChannel creates a new, active payment channel given an implementation of the chain notifier, channel database, and the current settled channel state. Throughout state transitions, then channel will automatically persist pertinent state to the database in an efficient manner.

func (*LightningChannel) ActiveHtlcs 

func (lc *LightningChannel) ActiveHtlcs() []channeldb.HTLC

ActiveHtlcs returns a slice of HTLC's which are currently active on *both* commitment transactions.

func (*LightningChannel) AddHTLC 

func (lc *LightningChannel) AddHTLC(htlc *lnwire.UpdateAddHTLC,
	openKey *channeldb.CircuitKey) (uint64, error)

AddHTLC adds an HTLC to the state machine's local update log. This method should be called when preparing to send an outgoing HTLC.

The additional openKey argument corresponds to the incoming CircuitKey of the committed circuit for this HTLC. This value should never be nil.

NOTE: It is okay for sourceRef to be nil when unit testing the wallet.

func (*LightningChannel) AvailableBalance 

func (lc *LightningChannel) AvailableBalance() lnwire.MilliSatoshi

AvailableBalance returns the current available balance within the channel. By available balance, we mean that if at this very instance s new commitment were to be created which evals all the log entries, what would our available balance me. This method is useful when deciding if a given channel can accept an HTLC in the multi-hop forwarding scenario.

func (*LightningChannel) CalcFee 

func (lc *LightningChannel) CalcFee(feeRate SatPerKWeight) btcutil.Amount

CalcFee returns the commitment fee to use for the given fee rate (fee-per-kw).

func (*LightningChannel) ChanSyncMsg 

func (lc *LightningChannel) ChanSyncMsg() (*lnwire.ChannelReestablish, error)

ChanSyncMsg returns the ChannelReestablish message that should be sent upon reconnection with the remote peer that we're maintaining this channel with. The information contained within this message is necessary to re-sync our commitment chains in the case of a last or only partially processed message. When the remote party receiver this message one of three things may happen:

  1. We're fully synced and no messages need to be sent.
  2. We didn't get the last CommitSig message they sent, to they'll re-send it.
  3. We didn't get the last RevokeAndAck message they sent, so they'll re-send it.

func (*LightningChannel) ChannelPoint 

func (lc *LightningChannel) ChannelPoint() *wire.OutPoint

ChannelPoint returns the outpoint of the original funding transaction which created this active channel. This outpoint is used throughout various subsystems to uniquely identify an open channel.

func (*LightningChannel) CommitFeeRate 

func (lc *LightningChannel) CommitFeeRate() SatPerKWeight

CommitFeeRate returns the current fee rate of the commitment transaction in units of sat-per-kw.

func (*LightningChannel) CompleteCooperativeClose 

func (lc *LightningChannel) CompleteCooperativeClose(localSig, remoteSig []byte,
	localDeliveryScript, remoteDeliveryScript []byte,
	proposedFee btcutil.Amount) (*wire.MsgTx, btcutil.Amount, error)

CompleteCooperativeClose completes the cooperative closure of the target active lightning channel. A fully signed closure transaction as well as the signature itself are returned. Additionally, we also return our final settled balance, which reflects any fees we may have paid.

NOTE: The passed local and remote sigs are expected to be fully complete signatures including the proper sighash byte.

func (*LightningChannel) CreateCloseProposal 

func (lc *LightningChannel) CreateCloseProposal(proposedFee btcutil.Amount,
	localDeliveryScript []byte,
	remoteDeliveryScript []byte) ([]byte, *chainhash.Hash, btcutil.Amount, error)

CreateCloseProposal is used by both parties in a cooperative channel close workflow to generate proposed close transactions and signatures. This method should only be executed once all pending HTLCs (if any) on the channel have been cleared/removed. Upon completion, the source channel will shift into the "closing" state, which indicates that all incoming/outgoing HTLC requests should be rejected. A signature for the closing transaction is returned.

TODO(roasbeef): caller should initiate signal to reject all incoming HTLCs, settle any in flight.

func (*LightningChannel) FailHTLC 

func (lc *LightningChannel) FailHTLC(htlcIndex uint64, reason []byte,
	sourceRef *channeldb.AddRef, destRef *channeldb.SettleFailRef,
	closeKey *channeldb.CircuitKey) error

FailHTLC attempts to fail a targeted HTLC by its payment hash, inserting an entry which will remove the target log entry within the next commitment update. This method is intended to be called in order to cancel in _incoming_ HTLC.

The additional arguments correspond to:

  • sourceRef: specifies the location of the Add HTLC within a forwarding package that this HTLC is failing. Every Fail fails exactly one Add, so this should never be empty in practice.

  • destRef: specifies the location of the Fail HTLC within another channel's forwarding package. This value can be nil if the corresponding Add HTLC was never locked into an outgoing commitment txn, or this HTLC does not originate as a response from the peer on the outgoing link, e.g. on-chain resolutions.

  • closeKey: identifies the circuit that should be deleted after this Fail HTLC is included in a commitment txn. This value should only be nil if the HTLC was failed locally before committing a circuit to the circuit map.

NOTE: It is okay for sourceRef, destRef, and closeKey to be nil when unit testing the wallet.

func (*LightningChannel) ForceClose 

func (lc *LightningChannel) ForceClose() (*LocalForceCloseSummary, error)

ForceClose executes a unilateral closure of the transaction at the current lowest commitment height of the channel. Following a force closure, all state transitions, or modifications to the state update logs will be rejected. Additionally, this function also returns a LocalForceCloseSummary which includes the necessary details required to sweep all the time-locked outputs within the commitment transaction.

TODO(roasbeef): all methods need to abort if in dispute state TODO(roasbeef): method to generate CloseSummaries for when the remote peer does a unilateral close

func (*LightningChannel) FullySynced 

func (lc *LightningChannel) FullySynced() bool

FullySynced returns a boolean value reflecting if both commitment chains (remote+local) are fully in sync. Both commitment chains are fully in sync if the tip of each chain includes the latest committed changes from both sides.

func (*LightningChannel) InitNextRevocation 

func (lc *LightningChannel) InitNextRevocation(revKey *btcec.PublicKey) error

InitNextRevocation inserts the passed commitment point as the _next_ revocation to be used when creating a new commitment state for the remote party. This function MUST be called before the channel can accept or propose any new states.

func (*LightningChannel) IsInitiator 

func (lc *LightningChannel) IsInitiator() bool

IsInitiator returns true if we were the ones that initiated the funding workflow which led to the creation of this channel. Otherwise, it returns false.

func (*LightningChannel) IsPending 

func (lc *LightningChannel) IsPending() bool

IsPending returns true if the channel's funding transaction has been fully confirmed, and false otherwise.

func (*LightningChannel) LoadFwdPkgs 

func (lc *LightningChannel) LoadFwdPkgs() ([]*channeldb.FwdPkg, error)

LoadFwdPkgs loads any pending log updates from disk and returns the payment descriptors to be processed by the link.

func (*LightningChannel) LocalChanReserve 

func (lc *LightningChannel) LocalChanReserve() btcutil.Amount

LocalChanReserve returns our local ChanReserve requirement for the remote party.

func (*LightningChannel) MalformedFailHTLC 

func (lc *LightningChannel) MalformedFailHTLC(htlcIndex uint64,
	failCode lnwire.FailCode, shaOnionBlob [sha256.Size]byte,
	sourceRef *channeldb.AddRef) error

MalformedFailHTLC attempts to fail a targeted HTLC by its payment hash, inserting an entry which will remove the target log entry within the next commitment update. This method is intended to be called in order to cancel in _incoming_ HTLC.

The additional sourceRef specifies the location of the Add HTLC within a forwarding package that this HTLC is failing. This value should never be empty.

NOTE: It is okay for sourceRef to be nil when unit testing the wallet.

func (*LightningChannel) MarkCommitmentBroadcasted 

func (lc *LightningChannel) MarkCommitmentBroadcasted() error

MarkCommitmentBroadcasted marks the channel as a commitment transaction has been broadcast, either our own or the remote, and we should watch the chain for it to confirm before taking any further action.

func (*LightningChannel) NextLocalHtlcIndex 

func (lc *LightningChannel) NextLocalHtlcIndex() (uint64, error)

NextLocalHtlcIndex returns the next unallocated local htlc index. To ensure this always returns the next index that has been not been allocated, this will first try to examine any pending commitments, before falling back to the last locked-in local commitment.

func (*LightningChannel) NextRevocationKey 

func (lc *LightningChannel) NextRevocationKey() (*btcec.PublicKey, error)

NextRevocationKey returns the commitment point for the _next_ commitment height. The pubkey returned by this function is required by the remote party along with their revocation base to extend our commitment chain with a new commitment.

func (*LightningChannel) ProcessChanSyncMsg 

func (lc *LightningChannel) ProcessChanSyncMsg(
	msg *lnwire.ChannelReestablish) ([]lnwire.Message, []channeldb.CircuitKey,
	[]channeldb.CircuitKey, error)

ProcessChanSyncMsg processes a ChannelReestablish message sent by the remote connection upon re establishment of our connection with them. This method will return a single message if we are currently out of sync, otherwise a nil lnwire.Message will be returned. If it is decided that our level of de-synchronization is irreconcilable, then an error indicating the issue will be returned. In this case that an error is returned, the channel should be force closed, as we cannot continue updates.

One of two message sets will be returned:

  • CommitSig+Updates: if we have a pending remote commit which they claim to have not received
  • RevokeAndAck: if we sent a revocation message that they claim to have not received

If we detect a scenario where we need to send a CommitSig+Updates, this method also returns two sets channeldb.CircuitKeys identifying the circuits that were opened and closed, respectively, as a result of signing the previous commitment txn. This allows the link to clear its mailbox of those circuits in case they are still in memory, and ensure the switch's circuit map has been updated by deleting the closed circuits.

func (*LightningChannel) ReceiveFailHTLC 

func (lc *LightningChannel) ReceiveFailHTLC(htlcIndex uint64, reason []byte,
) error

ReceiveFailHTLC attempts to cancel a targeted HTLC by its log index, inserting an entry which will remove the target log entry within the next commitment update. This method should be called in response to the upstream party cancelling an outgoing HTLC. The value of the failed HTLC is returned along with an error indicating success.

func (*LightningChannel) ReceiveHTLC 

func (lc *LightningChannel) ReceiveHTLC(htlc *lnwire.UpdateAddHTLC) (uint64, error)

ReceiveHTLC adds an HTLC to the state machine's remote update log. This method should be called in response to receiving a new HTLC from the remote party.

func (*LightningChannel) ReceiveHTLCSettle 

func (lc *LightningChannel) ReceiveHTLCSettle(preimage [32]byte, htlcIndex uint64) error

ReceiveHTLCSettle attempts to settle an existing outgoing HTLC indexed by an index into the local log. If the specified index doesn't exist within the log, and error is returned. Similarly if the preimage is invalid w.r.t to the referenced of then a distinct error is returned.

func (*LightningChannel) ReceiveNewCommitment 

func (lc *LightningChannel) ReceiveNewCommitment(commitSig lnwire.Sig,
	htlcSigs []lnwire.Sig) error

ReceiveNewCommitment process a signature for a new commitment state sent by the remote party. This method should be called in response to the remote party initiating a new change, or when the remote party sends a signature fully accepting a new state we've initiated. If we are able to successfully validate the signature, then the generated commitment is added to our local commitment chain. Once we send a revocation for our prior state, then this newly added commitment becomes our current accepted channel state.

func (*LightningChannel) ReceiveRevocation 

func (lc *LightningChannel) ReceiveRevocation(revMsg *lnwire.RevokeAndAck) (
	*channeldb.FwdPkg, []*PaymentDescriptor, []*PaymentDescriptor, error)

ReceiveRevocation processes a revocation sent by the remote party for the lowest unrevoked commitment within their commitment chain. We receive a revocation either during the initial session negotiation wherein revocation windows are extended, or in response to a state update that we initiate. If successful, then the remote commitment chain is advanced by a single commitment, and a log compaction is attempted.

The returned values correspond to:

  1. The forwarding package corresponding to the remote commitment height that was revoked.
  2. The PaymentDescriptor of any Add HTLCs that were locked in by this revocation.
  3. The PaymentDescriptor of any Settle/Fail HTLCs that were locked in by this revocation.

func (*LightningChannel) ReceiveUpdateFee 

func (lc *LightningChannel) ReceiveUpdateFee(feePerKw SatPerKWeight) error

ReceiveUpdateFee handles an updated fee sent from remote. This method will return an error if called as channel initiator.

func (*LightningChannel) RemoteCommitHeight 

func (lc *LightningChannel) RemoteCommitHeight() uint64

RemoteCommitHeight returns the commitment height of the remote chain.

func (*LightningChannel) RemoteNextRevocation 

func (lc *LightningChannel) RemoteNextRevocation() *btcec.PublicKey

RemoteNextRevocation returns the channelState's RemoteNextRevocation.

func (*LightningChannel) RemoveFwdPkg 

func (lc *LightningChannel) RemoveFwdPkg(height uint64) error

RemoveFwdPkg permanently deletes the forwarding package at the given height.

func (*LightningChannel) ResetState 

func (lc *LightningChannel) ResetState()

ResetState resets the state of the channel back to the default state. This ensures that any active goroutines which need to act based on on-chain events do so properly.

func (*LightningChannel) RevokeCurrentCommitment 

func (lc *LightningChannel) RevokeCurrentCommitment() (*lnwire.RevokeAndAck, []channeldb.HTLC, error)

RevokeCurrentCommitment revokes the next lowest unrevoked commitment transaction in the local commitment chain. As a result the edge of our revocation window is extended by one, and the tail of our local commitment chain is advanced by a single commitment. This now lowest unrevoked commitment becomes our currently accepted state within the channel. This method also returns the set of HTLC's currently active within the commitment transaction. This return value allows callers to act once an HTLC has been locked into our commitment transaction.

func (*LightningChannel) SetFwdFilter 

func (lc *LightningChannel) SetFwdFilter(height uint64,
	fwdFilter *channeldb.PkgFilter) error

SetFwdFilter writes the forwarding decision for a given remote commitment height.

func (*LightningChannel) SettleHTLC 

func (lc *LightningChannel) SettleHTLC(preimage [32]byte,
	htlcIndex uint64, sourceRef *channeldb.AddRef,
	destRef *channeldb.SettleFailRef, closeKey *channeldb.CircuitKey) error

SettleHTLC attempts to settle an existing outstanding received HTLC. The remote log index of the HTLC settled is returned in order to facilitate creating the corresponding wire message. In the case the supplied preimage is invalid, an error is returned.

The additional arguments correspond to:

  • sourceRef: specifies the location of the Add HTLC within a forwarding package that this HTLC is settling. Every Settle fails exactly one Add, so this should never be empty in practice.

  • destRef: specifies the location of the Settle HTLC within another channel's forwarding package. This value can be nil if the corresponding Add HTLC was never locked into an outgoing commitment txn, or this HTLC does not originate as a response from the peer on the outgoing link, e.g. on-chain resolutions.

  • closeKey: identifies the circuit that should be deleted after this Settle HTLC is included in a commitment txn. This value should only be nil if the HTLC was settled locally before committing a circuit to the circuit map.

NOTE: It is okay for sourceRef, destRef, and closeKey to be nil when unit testing the wallet.

func (*LightningChannel) ShortChanID 

func (lc *LightningChannel) ShortChanID() lnwire.ShortChannelID

ShortChanID returns the short channel ID for the channel. The short channel ID encodes the exact location in the main chain that the original funding output can be found.

func (*LightningChannel) SignNextCommitment 

func (lc *LightningChannel) SignNextCommitment() (lnwire.Sig, []lnwire.Sig, error)

SignNextCommitment signs a new commitment which includes any previous unsettled HTLCs, any new HTLCs, and any modifications to prior HTLCs committed in previous commitment updates. Signing a new commitment decrements the available revocation window by 1. After a successful method call, the remote party's commitment chain is extended by a new commitment which includes all updates to the HTLC log prior to this method invocation. The first return parameter is the signature for the commitment transaction itself, while the second parameter is a slice of all HTLC signatures (if any). The HTLC signatures are sorted according to the BIP 69 order of the HTLC's on the commitment transaction.

func (*LightningChannel) State 

func (lc *LightningChannel) State() *channeldb.OpenChannel

State provides access to the channel's internal state for testing.

func (*LightningChannel) StateSnapshot 

func (lc *LightningChannel) StateSnapshot() *channeldb.ChannelSnapshot

StateSnapshot returns a snapshot of the current fully committed state within the channel.

func (*LightningChannel) Stop 

func (lc *LightningChannel) Stop()

Stop gracefully shuts down any active goroutines spawned by the LightningChannel during regular duties.

func (*LightningChannel) UpdateFee 

func (lc *LightningChannel) UpdateFee(feePerKw SatPerKWeight) error

UpdateFee initiates a fee update for this channel. Must only be called by the channel initiator, and must be called before sending update_fee to the remote.

func (*LightningChannel) WaitForClose 

func (lc *LightningChannel) WaitForClose()

WaitForClose blocks until the channel's close observer has terminated.

type LightningWallet 

type LightningWallet struct {
	// Cfg is the configuration struct that will be used by the wallet to
	// access the necessary interfaces and default it needs to carry on its
	// duties.
	Cfg Config

	// WalletController is the core wallet, all non Lightning Network
	// specific interaction is proxied to the internal wallet.
	WalletController

	// SecretKeyRing is the interface we'll use to derive any keys related
	// to our purpose within the network including: multi-sig keys, node
	// keys, revocation keys, etc.
	keychain.SecretKeyRing
	// contains filtered or unexported fields
}

LightningWallet is a domain specific, yet general Bitcoin wallet capable of executing workflow required to interact with the Lightning Network. It is domain specific in the sense that it understands all the fancy scripts used within the Lightning Network, channel lifetimes, etc. However, it embeds a general purpose Bitcoin wallet within it. Therefore, it is also able to serve as a regular Bitcoin wallet which uses HD keys. The wallet is highly concurrent internally. All communication, and requests towards the wallet are dispatched as messages over channels, ensuring thread safety across all operations. Interaction has been designed independent of any peer-to-peer communication protocol, allowing the wallet to be self-contained and embeddable within future projects interacting with the Lightning Network.

NOTE: At the moment the wallet requires a btcd full node, as it's dependent on btcd's websockets notifications as event triggers during the lifetime of a channel. However, once the chainntnfs package is complete, the wallet will be compatible with multiple RPC/notification services such as Electrum, Bitcoin Core + ZeroMQ, etc. Eventually, the wallet won't require a full-node at all, as SPV support is integrated into btcwallet.

func NewLightningWallet 

func NewLightningWallet(Cfg Config) (*LightningWallet, error)

NewLightningWallet creates/opens and initializes a LightningWallet instance. If the wallet has never been created (according to the passed dataDir), first-time setup is executed.

func (*LightningWallet) ActiveReservations 

func (l *LightningWallet) ActiveReservations() []*ChannelReservation

ActiveReservations returns a slice of all the currently active (non-cancelled) reservations.

func (*LightningWallet) InitChannelReservation 

func (l *LightningWallet) InitChannelReservation(
	capacity, ourFundAmt btcutil.Amount, pushMSat lnwire.MilliSatoshi,
	commitFeePerKw SatPerKWeight, fundingFeePerVSize SatPerVByte,
	theirID *btcec.PublicKey, theirAddr net.Addr,
	chainHash *chainhash.Hash, flags lnwire.FundingFlag) (*ChannelReservation, error)

InitChannelReservation kicks off the 3-step workflow required to successfully open a payment channel with a remote node. As part of the funding reservation, the inputs selected for the funding transaction are 'locked'. This ensures that multiple channel reservations aren't double spending the same inputs in the funding transaction. If reservation initialization is successful, a ChannelReservation containing our completed contribution is returned. Our contribution contains all the items necessary to allow the counterparty to build the funding transaction, and both versions of the commitment transaction. Otherwise, an error occurred and a nil pointer along with an error are returned.

Once a ChannelReservation has been obtained, two additional steps must be processed before a payment channel can be considered 'open'. The second step validates, and processes the counterparty's channel contribution. The third, and final step verifies all signatures for the inputs of the funding transaction, and that the signature we record for our version of the commitment transaction is valid.

func (*LightningWallet) LockedOutpoints 

func (l *LightningWallet) LockedOutpoints() []*wire.OutPoint

LockedOutpoints returns a list of all currently locked outpoint.

func (*LightningWallet) ResetReservations 

func (l *LightningWallet) ResetReservations()

ResetReservations reset the volatile wallet state which tracks all currently active reservations.

func (*LightningWallet) Shutdown 

func (l *LightningWallet) Shutdown() error

Shutdown gracefully stops the wallet, and all active goroutines.

func (*LightningWallet) Startup 

func (l *LightningWallet) Startup() error

Startup establishes a connection to the RPC source, and spins up all goroutines required to handle incoming messages.

type LocalForceCloseSummary 

type LocalForceCloseSummary struct {
	// ChanPoint is the outpoint that created the channel which has been
	// force closed.
	ChanPoint wire.OutPoint

	// CloseTx is the transaction which can be used to close the channel
	// on-chain. When we initiate a force close, this will be our latest
	// commitment state.
	CloseTx *wire.MsgTx

	// CommitResolution contains all the data required to sweep the output
	// to ourselves. Since this is our commitment transaction, we'll need
	// to wait a time delay before we can sweep the output.
	//
	// NOTE: If our commitment delivery output is below the dust limit,
	// then this will be nil.
	CommitResolution *CommitOutputResolution

	// HtlcResolutions contains all the data required to sweep any outgoing
	// HTLC's and incoming HTLc's we know the preimage to. For each of these
	// HTLC's, we'll need to go to the second level to sweep them fully.
	HtlcResolutions *HtlcResolutions

	// ChanSnapshot is a snapshot of the final state of the channel at the
	// time the summary was created.
	ChanSnapshot channeldb.ChannelSnapshot
}

LocalForceCloseSummary describes the final commitment state before the channel is locked-down to initiate a force closure by broadcasting the latest state on-chain. If we intend to broadcast this this state, the channel should not be used after generating this close summary. The summary includes all the information required to claim all rightfully owned outputs when the commitment gets confirmed.

func NewLocalForceCloseSummary 

func NewLocalForceCloseSummary(chanState *channeldb.OpenChannel, signer Signer,
	pCache PreimageCache, commitTx *wire.MsgTx,
	localCommit channeldb.ChannelCommitment) (*LocalForceCloseSummary, error)

NewLocalForceCloseSummary generates a LocalForceCloseSummary from the given channel state. The passed commitTx must be a fully signed commitment transaction corresponding to localCommit.

type MessageSigner 

type MessageSigner interface {
	// SignMessage attempts to sign a target message with the private key
	// that corresponds to the passed public key. If the target private key
	// is unable to be found, then an error will be returned. The actual
	// digest signed is the double SHA-256 of the passed message.
	SignMessage(pubKey *btcec.PublicKey, msg []byte) (*btcec.Signature, error)
}

MessageSigner represents an abstract object capable of signing arbitrary messages. The capabilities of this interface are used to sign announcements to the network, or just arbitrary messages that leverage the wallet's keys to attest to some message.

type OpenChannelDetails 

type OpenChannelDetails struct {
	// Channel is the active channel created by an instance of a
	// ChannelReservation and the required funding workflow.
	Channel *LightningChannel

	// ConfirmationHeight is the block height within the chain that
	// included the channel.
	ConfirmationHeight uint32

	// TransactionIndex is the index within the confirming block that the
	// transaction resides.
	TransactionIndex uint32
}

OpenChannelDetails wraps the finalized fully confirmed channel which resulted from a ChannelReservation instance with details concerning exactly _where_ in the chain the channel was ultimately opened.

type OutgoingHtlcResolution 

type OutgoingHtlcResolution struct {
	// Expiry the absolute timeout of the HTLC. This value is expressed in
	// block height, meaning after this height the HLTC can be swept.
	Expiry uint32

	// SignedTimeoutTx is the fully signed HTLC timeout transaction. This
	// must be broadcast immediately after timeout has passed. Once this
	// has been confirmed, the HTLC output will transition into the
	// delay+claim state.
	//
	// NOTE: If this field is nil, then this indicates that we don't need
	// to go to the second level to claim this HTLC. Instead, it can be
	// claimed directly from the outpoint listed below.
	SignedTimeoutTx *wire.MsgTx

	// CsvDelay is the relative time lock (expressed in blocks) that must
	// pass after the SignedTimeoutTx is confirmed in the chain before the
	// output can be swept.
	//
	// NOTE: If SignedTimeoutTx is nil, then this field isn't needed.
	CsvDelay uint32

	// ClaimOutpoint is the final outpoint that needs to be spent in order
	// to fully sweep the HTLC. The SignDescriptor below should be used to
	// spend this outpoint. In the case of a second-level HTLC (non-nil
	// SignedTimeoutTx), then we'll be spending a new transaction.
	// Otherwise, it'll be an output in the commitment transaction.
	ClaimOutpoint wire.OutPoint

	// SweepSignDesc is a sign descriptor that has been populated with the
	// necessary items required to spend the sole output of the above
	// transaction.
	SweepSignDesc SignDescriptor
}

OutgoingHtlcResolution houses the information necessary to sweep any outgoing HTLC's after their contract has expired. This struct will be needed in one of two cases: the local party force closes the commitment transaction or the remote party unilaterally closes with their version of the commitment transaction.

type PaymentDescriptor 

type PaymentDescriptor struct {
	// RHash is the payment hash for this HTLC. The HTLC can be settled iff
	// the preimage to this hash is presented.
	RHash PaymentHash

	// RPreimage is the preimage that settles the HTLC pointed to within the
	// log by the ParentIndex.
	RPreimage PaymentHash

	// Timeout is the absolute timeout in blocks, after which this HTLC
	// expires.
	Timeout uint32

	// Amount is the HTLC amount in milli-satoshis.
	Amount lnwire.MilliSatoshi

	// LogIndex is the log entry number that his HTLC update has within the
	// log. Depending on if IsIncoming is true, this is either an entry the
	// remote party added, or one that we added locally.
	LogIndex uint64

	// HtlcIndex is the index within the main update log for this HTLC.
	// Entries within the log of type Add will have this field populated,
	// as other entries will point to the entry via this counter.
	//
	// NOTE: This field will only be populate if EntryType is Add.
	HtlcIndex uint64

	// ParentIndex is the HTLC index of the entry that this update settles or
	// times out.
	//
	// NOTE: This field will only be populate if EntryType is Fail or
	// Settle.
	ParentIndex uint64

	// SourceRef points to an Add update in a forwarding package owned by
	// this channel.
	//
	// NOTE: This field will only be populated if EntryType is Fail or
	// Settle.
	SourceRef *channeldb.AddRef

	// DestRef points to a Fail/Settle update in another link's forwarding
	// package.
	//
	// NOTE: This field will only be populated if EntryType is Fail or
	// Settle, and the forwarded Add successfully included in an outgoing
	// link's commitment txn.
	DestRef *channeldb.SettleFailRef

	// OpenCircuitKey references the incoming Chan/HTLC ID of an Add HTLC
	// packet delivered by the switch.
	//
	// NOTE: This field is only populated for payment descriptors in the
	// *local* update log, and if the Add packet was delivered by the
	// switch.
	OpenCircuitKey *channeldb.CircuitKey

	// ClosedCircuitKey references the incoming Chan/HTLC ID of the Add HTLC
	// that opened the circuit.
	//
	// NOTE: This field is only populated for payment descriptors in the
	// *local* update log, and if settle/fails have a committed circuit in
	// the circuit map.
	ClosedCircuitKey *channeldb.CircuitKey

	// OnionBlob is an opaque blob which is used to complete multi-hop
	// routing.
	//
	// NOTE: Populated only on add payment descriptor entry types.
	OnionBlob []byte

	// ShaOnionBlob is a sha of the onion blob.
	//
	// NOTE: Populated only in payment descriptor with MalfromedFail type.
	ShaOnionBlob [sha256.Size]byte

	// FailReason stores the reason why a particular payment was cancelled.
	//
	// NOTE: Populate only in fail payment descriptor entry types.
	FailReason []byte

	// FailCode stores the code why a particular payment was cancelled.
	//
	// NOTE: Populated only in payment descriptor with MalfromedFail type.
	FailCode lnwire.FailCode

	// EntryType denotes the exact type of the PaymentDescriptor. In the
	// case of a Timeout, or Settle type, then the Parent field will point
	// into the log to the HTLC being modified.
	EntryType updateType
	// contains filtered or unexported fields
}

PaymentDescriptor represents a commitment state update which either adds, settles, or removes an HTLC. PaymentDescriptors encapsulate all necessary metadata w.r.t to an HTLC, and additional data pairing a settle message to the original added HTLC.

TODO(roasbeef): LogEntry interface??

  • need to separate attrs for cancel/add/settle

func PayDescsFromRemoteLogUpdates 

func PayDescsFromRemoteLogUpdates(chanID lnwire.ShortChannelID, height uint64,
	logUpdates []channeldb.LogUpdate) []*PaymentDescriptor

PayDescsFromRemoteLogUpdates converts a slice of LogUpdates received from the remote peer into PaymentDescriptors to inform a link's forwarding decisions.

NOTE: The provided `logUpdates` MUST corresponding exactly to either the Adds or SettleFails in this channel's forwarding package at `height`.

type PaymentHash 

type PaymentHash [32]byte

PaymentHash represents the sha256 of a random value. This hash is used to uniquely track incoming/outgoing payments within this channel, as well as payments requested by the wallet/daemon.

type PreimageCache 

type PreimageCache interface {
	// LookupPreimage attempts to look up a preimage according to its hash.
	// If found, the preimage is returned along with true for the second
	// argument. Otherwise, it'll return false.
	LookupPreimage(hash []byte) ([]byte, bool)

	// AddPreimage attempts to add a new preimage to the global cache. If
	// successful a nil error will be returned.
	AddPreimage(preimage []byte) error
}

PreimageCache is an interface that represents a global cache for preimages. We'll utilize this cache to communicate the discovery of new preimages across sub-systems.

type ReservationError 

type ReservationError struct {
	// contains filtered or unexported fields
}

ReservationError wraps certain errors returned during channel reservation that can be sent across the wire to the remote peer. Errors not being ReservationErrors will not be sent to the remote in case of a failed channel reservation, as they may contain private information.

func ErrChainMismatch 

func ErrChainMismatch(knownChain,
	unknownChain *chainhash.Hash) ReservationError

ErrChainMismatch returns an error indicating that the initiator tried to open a channel for an unknown chain.

func ErrChanReserveTooLarge 

func ErrChanReserveTooLarge(reserve,
	maxReserve btcutil.Amount) ReservationError

ErrChanReserveTooLarge returns an error indicating that the chan reserve the remote is requiring, is too large to be accepted.

func ErrChanReserveTooSmall 

func ErrChanReserveTooSmall(reserve, dustLimit btcutil.Amount) ReservationError

ErrChanReserveTooSmall returns an error indicating that the channel reserve the remote is requiring is too small to be accepted.

func ErrChanTooSmall 

func ErrChanTooSmall(chanSize, minChanSize btcutil.Amount) ReservationError

ErrChanTooSmall returns an error indicating that an incoming channel request was too small. We'll reject any incoming channels if they're below our configured value for the min channel size we'll accept.

func ErrCsvDelayTooLarge 

func ErrCsvDelayTooLarge(remoteDelay, maxDelay uint16) ReservationError

ErrCsvDelayTooLarge returns an error indicating that the CSV delay was to large to be accepted, along with the current max.

func ErrFunderBalanceDust 

func ErrFunderBalanceDust(commitFee, funderBalance,
	minBalance int64) ReservationError

ErrFunderBalanceDust returns an error indicating the initial balance of the funder is considered dust at the current commitment fee.

func ErrMaxHtlcNumTooLarge 

func ErrMaxHtlcNumTooLarge(maxHtlc, maxMaxHtlc uint16) ReservationError

ErrMaxHtlcNumTooLarge returns an error indicating that the 'max HTLCs in flight' value the remote required is too large to be accepted.

func ErrMaxHtlcNumTooSmall 

func ErrMaxHtlcNumTooSmall(maxHtlc, minMaxHtlc uint16) ReservationError

ErrMaxHtlcNumTooSmall returns an error indicating that the 'max HTLCs in flight' value the remote required is too small to be accepted.

func ErrMaxValueInFlightTooSmall 

func ErrMaxValueInFlightTooSmall(maxValInFlight,
	minMaxValInFlight lnwire.MilliSatoshi) ReservationError

ErrMaxValueInFlightTooSmall returns an error indicating that the 'max HTLC value in flight' the remote required is too small to be accepted.

func ErrMinHtlcTooLarge 

func ErrMinHtlcTooLarge(minHtlc,
	maxMinHtlc lnwire.MilliSatoshi) ReservationError

ErrMinHtlcTooLarge returns an error indicating that the MinHTLC value the remote required is too large to be accepted.

func ErrZeroCapacity 

func ErrZeroCapacity() ReservationError

ErrZeroCapacity returns an error indicating the funder attempted to put zero funds into the channel.

type SatPerKWeight 

type SatPerKWeight btcutil.Amount

SatPerKWeight represents a fee rate in satoshis per kilo weight unit.

func (SatPerKWeight) FeeForWeight 

func (s SatPerKWeight) FeeForWeight(wu int64) btcutil.Amount

FeeForWeight calculates the fee resulting from this fee rate and the given weight in weight units (wu).

type SatPerVByte 

type SatPerVByte btcutil.Amount

SatPerVByte represents a fee rate in satoshis per vbyte.

func (SatPerVByte) FeeForVSize 

func (s SatPerVByte) FeeForVSize(vbytes int64) btcutil.Amount

FeeForVSize calculates the fee resulting from this fee rate and the given vsize in vbytes.

func (SatPerVByte) FeePerKWeight 

func (s SatPerVByte) FeePerKWeight() SatPerKWeight

FeePerKWeight converts the fee rate into SatPerKWeight.

type SignDescriptor 

type SignDescriptor struct {
	// KeyDesc is a descriptor that precisely describes *which* key to use
	// for signing. This may provide the raw public key directly, or
	// require the Signer to re-derive the key according to the populated
	// derivation path.
	KeyDesc keychain.KeyDescriptor

	// SingleTweak is a scalar value that will be added to the private key
	// corresponding to the above public key to obtain the private key to
	// be used to sign this input. This value is typically derived via the
	// following computation:
	//
	//  * derivedKey = privkey + sha256(perCommitmentPoint || pubKey) mod N
	//
	// NOTE: If this value is nil, then the input can be signed using only
	// the above public key. Either a SingleTweak should be set or a
	// DoubleTweak, not both.
	SingleTweak []byte

	// DoubleTweak is a private key that will be used in combination with
	// its corresponding private key to derive the private key that is to
	// be used to sign the target input. Within the Lightning protocol,
	// this value is typically the commitment secret from a previously
	// revoked commitment transaction. This value is in combination with
	// two hash values, and the original private key to derive the private
	// key to be used when signing.
	//
	//  * k = (privKey*sha256(pubKey || tweakPub) +
	//        tweakPriv*sha256(tweakPub || pubKey)) mod N
	//
	// NOTE: If this value is nil, then the input can be signed using only
	// the above public key. Either a SingleTweak should be set or a
	// DoubleTweak, not both.
	DoubleTweak *btcec.PrivateKey

	// WitnessScript is the full script required to properly redeem the
	// output. This field will only be populated if a p2wsh or a p2sh
	// output is being signed.
	WitnessScript []byte

	// Output is the target output which should be signed. The PkScript and
	// Value fields within the output should be properly populated,
	// otherwise an invalid signature may be generated.
	Output *wire.TxOut

	// HashType is the target sighash type that should be used when
	// generating the final sighash, and signature.
	HashType txscript.SigHashType

	// SigHashes is the pre-computed sighash midstate to be used when
	// generating the final sighash for signing.
	SigHashes *txscript.TxSigHashes

	// InputIndex is the target input within the transaction that should be
	// signed.
	InputIndex int
}

SignDescriptor houses the necessary information required to successfully sign a given output. This struct is used by the Signer interface in order to gain access to critical data needed to generate a valid signature.

type Signer 

type Signer interface {
	// SignOutputRaw generates a signature for the passed transaction
	// according to the data within the passed SignDescriptor.
	//
	// NOTE: The resulting signature should be void of a sighash byte.
	SignOutputRaw(tx *wire.MsgTx, signDesc *SignDescriptor) ([]byte, error)

	// ComputeInputScript generates a complete InputIndex for the passed
	// transaction with the signature as defined within the passed
	// SignDescriptor. This method should be capable of generating the
	// proper input script for both regular p2wkh output and p2wkh outputs
	// nested within a regular p2sh output.
	//
	// NOTE: This method will ignore any tweak parameters set within the
	// passed SignDescriptor as it assumes a set of typical script
	// templates (p2wkh, np2wkh, etc).
	ComputeInputScript(tx *wire.MsgTx, signDesc *SignDescriptor) (*InputScript, error)
}

Signer represents an abstract object capable of generating raw signatures as well as full complete input scripts given a valid SignDescriptor and transaction. This interface fully abstracts away signing paving the way for Signer implementations such as hardware wallets, hardware tokens, HSM's, or simply a regular wallet.

type StaticFeeEstimator 

type StaticFeeEstimator struct {
	// FeeRate is the static fee rate in satoshis-per-vbyte that will be
	// returned by this fee estimator.
	FeeRate SatPerVByte
}

StaticFeeEstimator will return a static value for all fee calculation requests. It is designed to be replaced by a proper fee calculation implementation.

func (StaticFeeEstimator) EstimateFeePerVSize 

func (e StaticFeeEstimator) EstimateFeePerVSize(numBlocks uint32) (SatPerVByte, error)

EstimateFeePerVSize will return a static value for fee calculations.

NOTE: This method is part of the FeeEstimator interface.

func (StaticFeeEstimator) Start 

func (e StaticFeeEstimator) Start() error

Start signals the FeeEstimator to start any processes or goroutines it needs to perform its duty.

NOTE: This method is part of the FeeEstimator interface.

func (StaticFeeEstimator) Stop 

func (e StaticFeeEstimator) Stop() error

Stop stops any spawned goroutines and cleans up the resources used by the fee estimator.

NOTE: This method is part of the FeeEstimator interface.

type TransactionDetail 

type TransactionDetail struct {
	// Hash is the transaction hash of the transaction.
	Hash chainhash.Hash

	// Value is the net value of this transaction (in satoshis) from the
	// PoV of the wallet. If this transaction purely spends from the
	// wallet's funds, then this value will be negative. Similarly, if this
	// transaction credits the wallet, then this value will be positive.
	Value btcutil.Amount

	// NumConfirmations is the number of confirmations this transaction
	// has. If the transaction is unconfirmed, then this value will be
	// zero.
	NumConfirmations int32

	// BlockHeight is the hash of the block which includes this
	// transaction. Unconfirmed transactions will have a nil value for this
	// field.
	BlockHash *chainhash.Hash

	// BlockHeight is the height of the block including this transaction.
	// Unconfirmed transaction will show a height of zero.
	BlockHeight int32

	// Timestamp is the unix timestamp of the block including this
	// transaction. If the transaction is unconfirmed, then this will be a
	// timestamp of txn creation.
	Timestamp int64

	// TotalFees is the total fee in satoshis paid by this transaction.
	TotalFees int64

	// DestAddresses are the destinations for a transaction
	DestAddresses []btcutil.Address
}

TransactionDetail describes a transaction with either inputs which belong to the wallet, or has outputs that pay to the wallet.

type TransactionSubscription 

type TransactionSubscription interface {
	// ConfirmedTransactions returns a channel which will be sent on as new
	// relevant transactions are confirmed.
	ConfirmedTransactions() chan *TransactionDetail

	// UnconfirmedTransactions returns a channel which will be sent on as
	// new relevant transactions are seen within the network.
	UnconfirmedTransactions() chan *TransactionDetail

	// Cancel finalizes the subscription, cleaning up any resources
	// allocated.
	Cancel()
}

TransactionSubscription is an interface which describes an object capable of receiving notifications of new transaction related to the underlying wallet. TODO(roasbeef): add balance updates?

type TxWeightEstimator 

type TxWeightEstimator struct {
	// contains filtered or unexported fields
}

TxWeightEstimator is able to calculate weight estimates for transactions based on the input and output types. For purposes of estimation, all signatures are assumed to be of the maximum possible size, 73 bytes. Each method of the estimator returns an instance with the estimate applied. This allows callers to chain each of the methods

func (*TxWeightEstimator) AddNestedP2WKHInput 

func (twe *TxWeightEstimator) AddNestedP2WKHInput() *TxWeightEstimator

AddNestedP2WKHInput updates the weight estimate to account for an additional input spending a P2SH output with a nested P2WKH redeem script.

func (*TxWeightEstimator) AddNestedP2WSHInput 

func (twe *TxWeightEstimator) AddNestedP2WSHInput(witnessSize int) *TxWeightEstimator

AddNestedP2WSHInput updates the weight estimate to account for an additional input spending a P2SH output with a nested P2WSH redeem script.

func (*TxWeightEstimator) AddP2PKHInput 

func (twe *TxWeightEstimator) AddP2PKHInput() *TxWeightEstimator

AddP2PKHInput updates the weight estimate to account for an additional input spending a P2PKH output.

func (*TxWeightEstimator) AddP2PKHOutput 

func (twe *TxWeightEstimator) AddP2PKHOutput() *TxWeightEstimator

AddP2PKHOutput updates the weight estimate to account for an additional P2PKH output.

func (*TxWeightEstimator) AddP2SHOutput 

func (twe *TxWeightEstimator) AddP2SHOutput() *TxWeightEstimator

AddP2SHOutput updates the weight estimate to account for an additional P2SH output.

func (*TxWeightEstimator) AddP2WKHInput 

func (twe *TxWeightEstimator) AddP2WKHInput() *TxWeightEstimator

AddP2WKHInput updates the weight estimate to account for an additional input spending a native P2PWKH output.

func (*TxWeightEstimator) AddP2WKHOutput 

func (twe *TxWeightEstimator) AddP2WKHOutput() *TxWeightEstimator

AddP2WKHOutput updates the weight estimate to account for an additional native P2WKH output.

func (*TxWeightEstimator) AddP2WSHOutput 

func (twe *TxWeightEstimator) AddP2WSHOutput() *TxWeightEstimator

AddP2WSHOutput updates the weight estimate to account for an additional native P2WSH output.

func (*TxWeightEstimator) AddWitnessInput 

func (twe *TxWeightEstimator) AddWitnessInput(witnessSize int) *TxWeightEstimator

AddWitnessInput updates the weight estimate to account for an additional input spending a native pay-to-witness output. This accepts the total size of the witness as a parameter.

func (*TxWeightEstimator) VSize 

func (twe *TxWeightEstimator) VSize() int

VSize gets the estimated virtual size of the transactions, in vbytes.

func (*TxWeightEstimator) Weight 

func (twe *TxWeightEstimator) Weight() int

Weight gets the estimated weight of the transaction.

type UnilateralCloseSummary 

type UnilateralCloseSummary struct {
	// SpendDetail is a struct that describes how and when the funding
	// output was spent.
	*chainntnfs.SpendDetail

	// ChannelCloseSummary is a struct describing the final state of the
	// channel and in which state is was closed.
	channeldb.ChannelCloseSummary

	// CommitResolution contains all the data required to sweep the output
	// to ourselves. If this is our commitment transaction, then we'll need
	// to wait a time delay before we can sweep the output.
	//
	// NOTE: If our commitment delivery output is below the dust limit,
	// then this will be nil.
	CommitResolution *CommitOutputResolution

	// HtlcResolutions contains a fully populated HtlcResolutions struct
	// which contains all the data required to sweep any outgoing HTLC's,
	// and also any incoming HTLC's that we know the pre-image to.
	HtlcResolutions *HtlcResolutions

	// RemoteCommit is the exact commitment state that the remote party
	// broadcast.
	RemoteCommit channeldb.ChannelCommitment
}

UnilateralCloseSummary describes the details of a detected unilateral channel closure. This includes the information about with which transactions, and block the channel was unilaterally closed, as well as summarization details concerning the _state_ of the channel at the point of channel closure. Additionally, if we had a commitment output above dust on the remote party's commitment transaction, the necessary a SignDescriptor with the material necessary to seep the output are returned. Finally, if we had any outgoing HTLC's within the commitment transaction, then an OutgoingHtlcResolution for each output will included.

func NewUnilateralCloseSummary 

func NewUnilateralCloseSummary(chanState *channeldb.OpenChannel, signer Signer,
	pCache PreimageCache, commitSpend *chainntnfs.SpendDetail,
	remoteCommit channeldb.ChannelCommitment,
	remotePendingCommit bool) (*UnilateralCloseSummary, error)

NewUnilateralCloseSummary creates a new summary that provides the caller with all the information required to claim all funds on chain in the event that the remote party broadcasts their commitment. If the remotePendingCommit value is set to true, then we'll use the next (second) unrevoked commitment point to construct the summary. Otherwise, we assume that the remote party broadcast the lower of their two possible commits.

type Utxo 

type Utxo struct {
	AddressType   AddressType
	Value         btcutil.Amount
	PkScript      []byte
	RedeemScript  []byte
	WitnessScript []byte
	wire.OutPoint
}

Utxo is an unspent output denoted by its outpoint, and output value of the original output.

type WalletController 

type WalletController interface {
	// FetchInputInfo queries for the WalletController's knowledge of the
	// passed outpoint. If the base wallet determines this output is under
	// its control, then the original txout should be returned. Otherwise,
	// a non-nil error value of ErrNotMine should be returned instead.
	FetchInputInfo(prevOut *wire.OutPoint) (*wire.TxOut, error)

	// ConfirmedBalance returns the sum of all the wallet's unspent outputs
	// that have at least confs confirmations. If confs is set to zero,
	// then all unspent outputs, including those currently in the mempool
	// will be included in the final sum.
	//
	// NOTE: Only witness outputs should be included in the computation of
	// the total spendable balance of the wallet. We require this as only
	// witness inputs can be used for funding channels.
	ConfirmedBalance(confs int32) (btcutil.Amount, error)

	// NewAddress returns the next external or internal address for the
	// wallet dictated by the value of the `change` parameter. If change is
	// true, then an internal address should be used, otherwise an external
	// address should be returned. The type of address returned is dictated
	// by the wallet's capabilities, and may be of type: p2sh, p2wkh,
	// p2wsh, etc.
	NewAddress(addrType AddressType, change bool) (btcutil.Address, error)

	// GetPrivKey retrieves the underlying private key associated with the
	// passed address. If the wallet is unable to locate this private key
	// due to the address not being under control of the wallet, then an
	// error should be returned.
	GetPrivKey(a btcutil.Address) (*btcec.PrivateKey, error)

	// SendOutputs funds, signs, and broadcasts a Bitcoin transaction
	// paying out to the specified outputs. In the case the wallet has
	// insufficient funds, or the outputs are non-standard, an error should
	// be returned. This method also takes the target fee expressed in
	// sat/vbyte that should be used when crafting the transaction.
	SendOutputs(outputs []*wire.TxOut,
		feeRate SatPerVByte) (*chainhash.Hash, error)

	// ListUnspentWitness returns all unspent outputs which are version 0
	// witness programs. The 'confirms' parameter indicates the minimum
	// number of confirmations an output needs in order to be returned by
	// this method. Passing -1 as 'confirms' indicates that even
	// unconfirmed outputs should be returned.
	ListUnspentWitness(confirms int32) ([]*Utxo, error)

	// ListTransactionDetails returns a list of all transactions which are
	// relevant to the wallet.
	ListTransactionDetails() ([]*TransactionDetail, error)

	// LockOutpoint marks an outpoint as locked meaning it will no longer
	// be deemed as eligible for coin selection. Locking outputs are
	// utilized in order to avoid race conditions when selecting inputs for
	// usage when funding a channel.
	LockOutpoint(o wire.OutPoint)

	// UnlockOutpoint unlocks a previously locked output, marking it
	// eligible for coin selection.
	UnlockOutpoint(o wire.OutPoint)

	// PublishTransaction performs cursory validation (dust checks, etc),
	// then finally broadcasts the passed transaction to the Bitcoin network.
	// If the transaction is rejected because it is conflicting with an
	// already known transaction, ErrDoubleSpend is returned. If the
	// transaction is already known (published already), no error will be
	// returned. Other error returned depends on the currently active chain
	// backend.
	PublishTransaction(tx *wire.MsgTx) error

	// SubscribeTransactions returns a TransactionSubscription client which
	// is capable of receiving async notifications as new transactions
	// related to the wallet are seen within the network, or found in
	// blocks.
	//
	// NOTE: a non-nil error should be returned if notifications aren't
	// supported.
	//
	// TODO(roasbeef): make distinct interface?
	SubscribeTransactions() (TransactionSubscription, error)

	// IsSynced returns a boolean indicating if from the PoV of the wallet,
	// it has fully synced to the current best block in the main chain.
	// It also returns an int64 indicating the timestamp of the best block
	// known to the wallet, expressed in Unix epoch time
	IsSynced() (bool, int64, error)

	// Start initializes the wallet, making any necessary connections,
	// starting up required goroutines etc.
	Start() error

	// Stop signals the wallet for shutdown. Shutdown may entail closing
	// any active sockets, database handles, stopping goroutines, etc.
	Stop() error

	// BackEnd returns a name for the wallet's backing chain service,
	// which could be e.g. btcd, bitcoind, neutrino, or another consensus
	// service.
	BackEnd() string
}

WalletController defines an abstract interface for controlling a local Pure Go wallet, a local or remote wallet via an RPC mechanism, or possibly even a daemon assisted hardware wallet. This interface serves the purpose of allowing LightningWallet to be seamlessly compatible with several wallets such as: uspv, btcwallet, Bitcoin Core, Electrum, etc. This interface then serves as a "base wallet", with Lightning Network awareness taking place at a "higher" level of abstraction. Essentially, an overlay wallet. Implementors of this interface must closely adhere to the documented behavior of all interface methods in order to ensure identical behavior across all concrete implementations.

type WalletDriver 

type WalletDriver struct {
	// WalletType is a string which uniquely identifies the
	// WalletController that this driver, drives.
	WalletType string

	// New creates a new instance of a concrete WalletController
	// implementation given a variadic set up arguments. The function takes
	// a variadic number of interface parameters in order to provide
	// initialization flexibility, thereby accommodating several potential
	// WalletController implementations.
	New func(args ...interface{}) (WalletController, error)

	// BackEnds returns a list of available chain service drivers for the
	// wallet driver. This could be e.g. bitcoind, btcd, neutrino, etc.
	BackEnds func() []string
}

WalletDriver represents a "driver" for a particular concrete WalletController implementation. A driver is identified by a globally unique string identifier along with a 'New()' method which is responsible for initializing a particular WalletController concrete implementation.

func RegisteredWallets 

func RegisteredWallets() []*WalletDriver

RegisteredWallets returns a slice of all currently registered notifiers.

NOTE: This function is safe for concurrent access.

type WitnessGenerator 

type WitnessGenerator func(tx *wire.MsgTx, hc *txscript.TxSigHashes,
	inputIndex int) ([][]byte, error)

WitnessGenerator represents a function which is able to generate the final witness for a particular public key script. This function acts as an abstraction layer, hiding the details of the underlying script.

type WitnessType 

type WitnessType uint16

WitnessType determines how an output's witness will be generated. The default commitmentTimeLock type will generate a witness that will allow spending of a time-locked transaction enforced by CheckSequenceVerify. 

const (
	// CommitmentTimeLock is a witness that allows us to spend the output of
	// a commitment transaction after a relative lock-time lockout.
	CommitmentTimeLock WitnessType = 0

	// CommitmentNoDelay is a witness that allows us to spend a settled
	// no-delay output immediately on a counterparty's commitment
	// transaction.
	CommitmentNoDelay WitnessType = 1

	// CommitmentRevoke is a witness that allows us to sweep the settled
	// output of a malicious counterparty's who broadcasts a revoked
	// commitment transaction.
	CommitmentRevoke WitnessType = 2

	// HtlcOfferedRevoke is a witness that allows us to sweep an HTLC which
	// we offered to the remote party in the case that they broadcast a
	// revoked commitment state.
	HtlcOfferedRevoke WitnessType = 3

	// HtlcAcceptedRevoke is a witness that allows us to sweep an HTLC
	// output sent to us in the case that the remote party broadcasts a
	// revoked commitment state.
	HtlcAcceptedRevoke WitnessType = 4

	// HtlcOfferedTimeoutSecondLevel is a witness that allows us to sweep
	// an HTLC output that we extended to a party, but was never fulfilled.
	// This HTLC output isn't directly on the commitment transaction, but
	// is the result of a confirmed second-level HTLC transaction. As a
	// result, we can only spend this after a CSV delay.
	HtlcOfferedTimeoutSecondLevel WitnessType = 5

	// HtlcAcceptedSuccessSecondLevel is a witness that allows us to sweep
	// an HTLC output that was offered to us, and for which we have a
	// payment preimage. This HTLC output isn't directly on our commitment
	// transaction, but is the result of confirmed second-level HTLC
	// transaction. As a result, we can only spend this after a CSV delay.
	HtlcAcceptedSuccessSecondLevel WitnessType = 6

	// HtlcOfferedRemoteTimeout is a witness that allows us to sweep an
	// HTLC that we offered to the remote party which lies in the
	// commitment transaction of the remote party. We can spend this output
	// after the absolute CLTV timeout of the HTLC as passed.
	HtlcOfferedRemoteTimeout WitnessType = 7

	// HtlcAcceptedRemoteSuccess is a witness that allows us to sweep an
	// HTLC that was offered to us by the remote party. We use this witness
	// in the case that the remote party goes to chain, and we know the
	// pre-image to the HTLC. We can sweep this without any additional
	// timeout.
	HtlcAcceptedRemoteSuccess WitnessType = 8

	// HtlcSecondLevelRevoke is a witness that allows us to sweep an HTLC
	// from the remote party's commitment transaction in the case that the
	// broadcast a revoked commitment, but then also immediately attempt to
	// go to the second level to claim the HTLC.
	HtlcSecondLevelRevoke WitnessType = 9
)

func (WitnessType) GenWitnessFunc 

func (wt WitnessType) GenWitnessFunc(signer Signer,
	descriptor *SignDescriptor) WitnessGenerator

GenWitnessFunc will return a WitnessGenerator function that an output uses to generate the witness for a sweep transaction.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.