f Add reserve checks for outbound channels when we're receiving, and inbound channels when we're sending

valentinewallace · valentinewallace · commit ba6ffbf45c0e · 2020-04-27T21:19:19.000-04:00
TODO: update tests
TODO: I left an open question I have in the comments
diff --git a/lightning/src/ln/channel.rs b/lightning/src/ln/channel.rs
@@ -1766,7 +1766,21 @@ impl<ChanSigner: ChannelKeys> Channel<ChanSigner> {
 			}
 		}
 
-		// The + 1 is for the HTLC that is currently being added to the commitment tx.
+		if self.channel_outbound {
+			// Check that they won't violate our channel reserve by adding this HTLC.
+
+			// One of the +1's is for the HTLC that is currently being added to the commitment tx
+			// and the other is a fee spike buffer we're keeping for the remote (this deviates
+			// from the spec but should help protect us from stuck channels).
+			// TODO: is the reason this added HTLC's amount can't count toward's the receiver's
+			// fee spike buffer because that doesn't work with existing HTLC output spend scripts?
+			let local_fee_cost_msat = self.commit_tx_fee_msat(self.htlc_count_next_local_commit_tx() + 1 + 1);
+			if self.value_to_self_msat < self.their_channel_reserve_satoshis * 1000 + local_fee_cost_msat {
+				return Err(ChannelError::Ignore("Cannot receive value that would put us over their reserve value"));
+			}
+		}
+
+		// The +1 is for the HTLC that is currently being added to the commitment tx.
 		let remote_fee_cost_msat = if self.channel_outbound { 0 } else {
 			self.commit_tx_fee_msat(self.htlc_count_next_remote_commit_tx() + 1)
 		};
@@ -3589,10 +3603,22 @@ impl<ChanSigner: ChannelKeys> Channel<ChanSigner> {
 			return Err(ChannelError::Ignore("Cannot send value that would put us over the max HTLC value in flight our peer will accept"));
 		}
 
-		// Add additional reserve that avoids stuck channels in the case of fee spikes.
+		if !self.channel_outbound {
+			// Check that we won't violate their channel reserve by adding this HTLC.
+
+			let their_balance = self.channel_value_satoshis * 1000 - self.value_to_self_msat;
+			let chan_reserve_we_require_msat = Channel::<ChanSigner>::get_our_channel_reserve_satoshis(self.channel_value_satoshis);
+			// +1 for this HTLC, +2 for their fee spike buffer
+			// TODO: is the reason this added HTLC's amount can't count toward's the receiver's
+			// fee spike buffer because that doesn't work with existing HTLC output spend scripts?
+			let remote_commit_tx_fee_msat = self.commit_tx_fee_msat(self.htlc_count_next_remote_commit_tx() + 1 + 2);
+			if their_balance < chan_reserve_we_require_msat + remote_commit_tx_fee_msat {
+				return Err(ChannelError::Ignore("Cannot send value that would put them over our reserve value"));
+			}
+		}
 
 		// The +1 is for the HTLC currently being added to the commitment tx and
-		// the +2 is for the fee spike reserve.
+		// the +2 is for the fee spike buffer.
 		let local_fee_cost_msat = if self.channel_outbound {
 			self.commit_tx_fee_msat(self.htlc_count_next_local_commit_tx() + 1 + 2)
 		} else { 0 };
