Allow for trusted inbound 0conf channels

Author: tnull

bindings/ldk_node.udl

@@ -33,11 +33,11 @@ interface Node {
 	[Throws=NodeError]
 	u64 total_onchain_balance_sats();
 	[Throws=NodeError]
-	void connect(PublicKey node_id, SocketAddr address, boolean permanently);
+	void connect(PublicKey node_id, SocketAddr address, boolean permanently, boolean trusted_0conf);
 	[Throws=NodeError]
 	void disconnect([ByRef]PublicKey node_id);
 	[Throws=NodeError]
-	void connect_open_channel(PublicKey node_id, SocketAddr address, u64 channel_amount_sats, u64? push_to_counterparty_msat, boolean announce_channel);
+	void connect_open_channel(PublicKey node_id, SocketAddr address, u64 channel_amount_sats, u64? push_to_counterparty_msat, boolean announce_channel, boolean trusted_0conf);
 	[Throws=NodeError]
 	void close_channel([ByRef]ChannelId channel_id, [ByRef]PublicKey counterparty_node_id);
 	[Throws=NodeError]

src/event.rs

@@ -11,6 +11,7 @@ use crate::io::{
 	KVStore, TransactionalWrite, EVENT_QUEUE_PERSISTENCE_KEY, EVENT_QUEUE_PERSISTENCE_NAMESPACE,
 };
 use crate::logger::{log_error, log_info, Logger};
+use crate::peer_store::PeerStore;
 
 use lightning::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator};
 use lightning::events::Event as LdkEvent;
@@ -251,6 +252,7 @@ where
 	network_graph: Arc<NetworkGraph>,
 	keys_manager: Arc<KeysManager>,
 	payment_store: Arc<PaymentStore<K, L>>,
+	peer_store: Arc<PeerStore<K, L>>,
 	tokio_runtime: Arc<tokio::runtime::Runtime>,
 	logger: L,
 	_config: Arc<Config>,
@@ -265,7 +267,8 @@ where
 		wallet: Arc<Wallet<bdk::database::SqliteDatabase>>, event_queue: Arc<EventQueue<K, L>>,
 		channel_manager: Arc<ChannelManager>, network_graph: Arc<NetworkGraph>,
 		keys_manager: Arc<KeysManager>, payment_store: Arc<PaymentStore<K, L>>,
-		tokio_runtime: Arc<tokio::runtime::Runtime>, logger: L, _config: Arc<Config>,
+		peer_store: Arc<PeerStore<K, L>>, tokio_runtime: Arc<tokio::runtime::Runtime>, logger: L,
+		_config: Arc<Config>,
 	) -> Self {
 		Self {
 			event_queue,
@@ -274,6 +277,7 @@ where
 			network_graph,
 			keys_manager,
 			payment_store,
+			peer_store,
 			logger,
 			tokio_runtime,
 			_config,
@@ -567,7 +571,85 @@ where
 					}
 				}
 			}
-			LdkEvent::OpenChannelRequest { .. } => {}
+			LdkEvent::OpenChannelRequest {
+				temporary_channel_id,
+				counterparty_node_id,
+				funding_satoshis,
+				channel_type,
+				push_msat: _,
+			} => {
+				let user_channel_id: u128 = rand::thread_rng().gen::<u128>();
+				if channel_type.requires_zero_conf() {
+					if let Some(peer_info) = self.peer_store.get_peer(&counterparty_node_id) {
+						if peer_info.trusted_0conf {
+							match self
+								.channel_manager
+								.accept_inbound_channel_from_trusted_peer_0conf(
+									&temporary_channel_id,
+									&counterparty_node_id,
+									user_channel_id,
+								) {
+								Ok(()) => {
+									log_info!(
+										self.logger,
+										"Accepting inbound 0conf channel of {}sats from {}",
+										funding_satoshis,
+										counterparty_node_id,
+									);
+								}
+								Err(e) => {
+									log_error!(
+										self.logger,
+										"Error while accepting inbound 0conf channel: {:?}",
+										e
+									);
+								}
+							}
+						}
+					} else {
+						log_error!(
+							self.logger,
+							"Rejecting request for inbound 0conf channel from untrusted peer {}",
+							counterparty_node_id,
+						);
+						match self.channel_manager.force_close_without_broadcasting_txn(
+							&temporary_channel_id,
+							&counterparty_node_id,
+						) {
+							Ok(()) => {}
+							Err(e) => {
+								log_error!(
+									self.logger,
+									"Error while rejecting untrusted inbound 0conf channel: {:?}",
+									e
+								);
+							}
+						}
+					}
+				} else {
+					match self.channel_manager.accept_inbound_channel(
+						&temporary_channel_id,
+						&counterparty_node_id,
+						user_channel_id,
+					) {
+						Ok(()) => {
+							log_info!(
+								self.logger,
+								"Accepting inbound channel of {}sats from {}",
+								funding_satoshis,
+								counterparty_node_id,
+							);
+						}
+						Err(e) => {
+							log_error!(
+								self.logger,
+								"Error while accepting inbound channel: {:?}",
+								e
+							);
+						}
+					}
+				}
+			}
 			LdkEvent::PaymentForwarded {
 				prev_channel_id,
 				next_channel_id,

src/lib.rs

@@ -418,6 +418,7 @@ impl Builder {
 		// Initialize the ChannelManager
 		let mut user_config = UserConfig::default();
 		user_config.channel_handshake_limits.force_announced_channel_preference = false;
+		user_config.manually_accept_inbound_channels = true;
 		let channel_manager = {
 			if let Ok(mut reader) = kv_store
 				.read(CHANNEL_MANAGER_PERSISTENCE_NAMESPACE, CHANNEL_MANAGER_PERSISTENCE_KEY)
@@ -654,6 +655,7 @@ impl Node {
 			Arc::clone(&self.network_graph),
 			Arc::clone(&self.keys_manager),
 			Arc::clone(&self.payment_store),
+			Arc::clone(&self.peer_store),
 			Arc::clone(&tokio_runtime),
 			Arc::clone(&self.logger),
 			Arc::clone(&self.config),
@@ -858,8 +860,10 @@ impl Node {
 	/// Connect to a node on the peer-to-peer network.
 	///
 	/// If `permanently` is set to `true`, we'll remember the peer and reconnect to it on restart.
+	///
+	/// If `trusted_0conf` is set to `true`, we will trust incoming 0conf channels from this peer.
 	pub fn connect(
-		&self, node_id: PublicKey, address: SocketAddr, permanently: bool,
+		&self, node_id: PublicKey, address: SocketAddr, permanently: bool, trusted_0conf: bool,
 	) -> Result<(), Error> {
 		let runtime_lock = self.running.read().unwrap();
 		if runtime_lock.is_none() {
@@ -868,7 +872,7 @@ impl Node {
 
 		let runtime = runtime_lock.as_ref().unwrap();
 
-		let peer_info = PeerInfo { pubkey: node_id, address };
+		let peer_info = PeerInfo { pubkey: node_id, address, trusted_0conf };
 
 		let con_peer_pubkey = peer_info.pubkey.clone();
 		let con_peer_addr = peer_info.address.clone();
@@ -930,10 +934,12 @@ impl Node {
 	/// channel counterparty on channel open. This can be useful to start out with the balance not
 	/// entirely shifted to one side, therefore allowing to receive payments from the getgo.
 	///
+	/// If `trusted_0conf` is set to `true`, we will trust incoming 0conf channels from this peer.
+	///
 	/// Returns a temporary channel id.
 	pub fn connect_open_channel(
 		&self, node_id: PublicKey, address: SocketAddr, channel_amount_sats: u64,
-		push_to_counterparty_msat: Option<u64>, announce_channel: bool,
+		push_to_counterparty_msat: Option<u64>, announce_channel: bool, trusted_0conf: bool,
 	) -> Result<(), Error> {
 		let runtime_lock = self.running.read().unwrap();
 		if runtime_lock.is_none() {
@@ -948,7 +954,7 @@ impl Node {
 			return Err(Error::InsufficientFunds);
 		}
 
-		let peer_info = PeerInfo { pubkey: node_id, address };
+		let peer_info = PeerInfo { pubkey: node_id, address, trusted_0conf };
 
 		let con_peer_pubkey = peer_info.pubkey.clone();
 		let con_peer_addr = peer_info.address.clone();

src/peer_store.rs

@@ -36,6 +36,10 @@ where
 	pub(crate) fn add_peer(&self, peer_info: PeerInfo) -> Result<(), Error> {
 		let mut locked_peers = self.peers.write().unwrap();
 
+		if locked_peers.contains_key(&peer_info.pubkey) {
+			return Ok(());
+		}
+
 		locked_peers.insert(peer_info.pubkey, peer_info);
 		self.write_peers_and_commit(&*locked_peers)
 	}
@@ -145,6 +149,7 @@ impl Writeable for PeerStoreSerWrapper<'_> {
 pub(crate) struct PeerInfo {
 	pub pubkey: PublicKey,
 	pub address: SocketAddr,
+	pub trusted_0conf: bool,
 }
 
 impl Readable for PeerInfo {
@@ -166,10 +171,10 @@ impl Readable for PeerInfo {
 		};
 
 		let port: u16 = Readable::read(reader)?;
-
 		let address = SocketAddr::new(ip_addr, port);
+		let trusted_0conf = Readable::read(reader)?;
 
-		Ok(PeerInfo { pubkey, address })
+		Ok(PeerInfo { pubkey, address, trusted_0conf })
 	}
 }
 
@@ -189,6 +194,7 @@ impl Writeable for PeerInfo {
 		}
 
 		self.address.port().write(writer)?;
+		self.trusted_0conf.write(writer)?;
 
 		Ok(())
 	}
@@ -212,7 +218,8 @@ mod tests {
 		)
 		.unwrap();
 		let address: SocketAddr = "127.0.0.1:9738".parse().unwrap();
-		let expected_peer_info = PeerInfo { pubkey, address };
+		let trusted_0conf = true;
+		let expected_peer_info = PeerInfo { pubkey, address, trusted_0conf };
 		peer_store.add_peer(expected_peer_info.clone()).unwrap();
 		assert!(store.get_and_clear_did_persist());
 

src/test/functional_tests.rs

@@ -43,6 +43,7 @@ fn channel_full_cycle() {
 			funding_amount_sat,
 			Some(push_msat),
 			true,
+			false,
 		)
 		.unwrap();
 
@@ -243,7 +244,8 @@ fn channel_open_fails_when_funds_insufficient() {
 			*node_b.listening_address().unwrap(),
 			120000,
 			None,
-			true
+			true,
+			false,
 		)
 	);
 }