Rename a's keys as local's keys and b's keys as remote's keys #633
Conversation
lightning/src/ln/chan_utils.rs
Outdated
| @@ -374,7 +374,7 @@ impl_writeable!(HTLCOutputInCommitment, 1 + 8 + 4 + 32 + 5, { | |||
| }); | |||
|
|
|||
| #[inline] | |||
| pub(crate) fn get_htlc_redeemscript_with_explicit_keys(htlc: &HTLCOutputInCommitment, a_htlc_key: &PublicKey, b_htlc_key: &PublicKey, revocation_key: &PublicKey) -> Script { | |||
| pub(crate) fn get_htlc_redeemscript_with_explicit_keys(htlc: &HTLCOutputInCommitment, local_htlc_key: &PublicKey, remote_htlc_key: &PublicKey, revocation_key: &PublicKey) -> Script { | |||
There was a problem hiding this comment.
This isnt always the remote/local key though, no? We also call this with the keys swapped to get redeemscripts for their transactions. We probably need to standardize on some kind of nomenclature cause remote/local is often confusing.
There was a problem hiding this comment.
From the script layout as described in the BOLT3, how local_htlcpubkey is instanced depends if we are building a transaction for _us _ or for our counterparty.
I think when we generate a transaction, including its scripts, there is no such thing aslocal or remote it's always a local commitment transaction. Now when we sign such transaction and what we sign depends if its a local transaction or remote one.
So, as a nomenclature, I propose:
- for all our helpers in
chan_utilsbind to local/remote to match BOLT3 - in
channel/channelmonitorlabel transaction as local_tx or remote_tx (no changes expected) - for holding our or counterparty elements such as
their_keysinChannelbind to owner/counterparty to avoid confusion when we instance our helpers.
We may have to move helpers from Channel to chan_utils to make it cleaner.
There was a problem hiding this comment.
The naming is definitely contextual. So I would agree that we should not settle on always one way of describing the relationship.
I would like to see "counterparty" used when generally referring to the other side (i.e., when the relationship can be flipped). I don't have a strong opinion on "owner" being the opposite of "counterparty" just yet. It may make sense to not have any prefix in that case. I'd need to see a concrete example.
I'm generally not in favor of using possessive pronouns like "our" and "their" in code. I'd prefer a more descriptive name for the relationship being modeled.
There was a problem hiding this comment.
@jkczyz fyi, even the BOLT isn't clear on this lightning/bolts#638
The naming is definitely contextual. So I would agree that we should not settle on always one way of describing the relationship.
I agree, do you see another context that the ones I'm describing, namely chan_utils, Channel, channel/channelmonitor or if those contexts make sense ? Maybe 2) and 3) are the same.
There was a problem hiding this comment.
My thinking was that if chan_utils is suppose to be agnostic to what is local and what is remote (at least in some places), then the "local" and "remote" naming may not make sense in those particular contexts.
So for instance, AFAICT, TxCreationKeys should not use the words "local" and "remote" since it is used in both contexts:
Additionally, there is a lot of redundancy in some of the naming that isn't necessary in the given context. e.g., initial_local_commitment_tx.local_keys.local_htlc_key.
There was a problem hiding this comment.
Right there's kind of two different things we'll want two words for:
- Something is our's/our counterparty's (I think I like ours/counterpartys or so?)
- Something is for the "owner of the transaction" (ie the party that can broadcast it), which is what local/remote mean here.
Its true the BOLTs are a mess in this regard, but thats precisely why we should try to do better.
As a concrete proposal, I think ours/counterpartys and local/remote (which is whats there already in TxCreationKeys) is reasonable, but am open to other ideas.
There was a problem hiding this comment.
For ours and counterpartys, I would prefer no prefix and counterparty.
There was a problem hiding this comment.
Hmm, guess I never responded to this. I'm really not a fan of no prefix - it seems ripe for confusion. "Yep, code reads right, it says to_self_delay" when its really the wrong "to_self_delay".
Codecov Report
@@ Coverage Diff @@
## master #633 +/- ##
==========================================
- Coverage 78.40% 74.72% -3.69%
==========================================
Files 55 55
Lines 27568 24477 -3091
==========================================
- Hits 21616 18290 -3326
- Misses 5952 6187 +235
Continue to review full report at Codecov.
|
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
c09c9fb to
e0b9f5b
Compare
|
Updated with a new commit re-labeling fields according to Matt's suggestion: #633 (comment). "Local"/"Remote" references aren't all dead in channel.rs but it kill a lot of them. Lmk if you find this clearer and worthy of the change. |
There was a problem hiding this comment.
Updated with a new commit re-labeling fields according to Matt's suggestion: #633 (comment). "Local"/"Remote" references aren't all dead in channel.rs but it kill a lot of them.
Lmk if you find this clearer and worthy of the change.
I'm very close to settling on the naming. But I have a qualm with using "our" which I'll try to articulate better now that my understanding is clearer. I don't think we should ever use the possessive pronoun "our" in identifiers for the same reason we shouldn't use "their": more meaningful names should be used instead of these.
One case is when we need to differentiate roles (e.g., funder/fundee, sender/receiver, local/remote, etc). Having this symmetry in naming is good, IMHO.
The other case is when there are no such roles. I don't think symmetry in naming is needed here. In this instance, "our" refers to the node that this code is implementing and "their" is the node it is communicating or has a channel with.
For the latter case, "counterparty" adequately replaces "their" as it describes a relationship that is relative to the node. Further, the counterparty_ prefix implies that same entity without the prefix is "ours". So, using our_ is redundant and -- to put more plainly -- stating the obvious. So I'd prefer that it be left off entirely.
lightning/src/ln/chan_utils.rs
Outdated
| a_htlc_key: derive_public_key(&secp_ctx, &per_commitment_point, &a_htlc_base)?, | ||
| b_htlc_key: derive_public_key(&secp_ctx, &per_commitment_point, &b_htlc_base)?, | ||
| a_delayed_payment_key: derive_public_key(&secp_ctx, &per_commitment_point, &a_delayed_payment_base)?, | ||
| revocation_key: derive_public_revocation_key(&secp_ctx, &per_commitment_point, &remote_revocation_base)?, |
There was a problem hiding this comment.
Is remote_ needed on revocation_base? Or put differently, would we ever talk about a local_revocation_base?
There was a problem hiding this comment.
We never talk about it, no more we talk about remote_delayedpubkey in script format. If we drop, by consistency we should also drop the local_ prefix for local_delayed_payment_base. Seems a shortcoming of the spec here.
Not updated, I would rather keep the prefix to mark origin of this pubkey with regards to script generation.
There was a problem hiding this comment.
Not sure that I follow. What is a shortcoming of the spec? Trying to learn more than anything.
There was a problem hiding this comment.
For e.g, if you take offered script with a revocationpubkey. It should have been called remote_revocationpubkey even if there is a contribution from local (per_commitment_point) it's used by remote to punish you. Keys names should be labeled according to their ownership.
lightning/src/ln/chan_utils.rs
Outdated
|
|
||
| let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc.0, &self.local_keys.a_htlc_key, &self.local_keys.b_htlc_key, &self.local_keys.revocation_key); | ||
| let htlc_redeemscript = get_htlc_redeemscript_with_explicit_keys(&this_htlc.0, &self.local_keys.local_htlc_key, &self.local_keys.remote_htlc_key, &self.local_keys.revocation_key); |
There was a problem hiding this comment.
Here is where I think there is a bit of redundancy. We have self which is of type LocalCommitmentTransaction with field local_keys which in turn has a local_htlc_key field.
Questions would be:
- Do we need to prefix
LocalCommitmentTransactionwith "Local" if we don't have aRemoteCommitmentTransaction? - Do we need to prefix the field
local_keyswith "local" given the context?
My thinking is either the second or both could be eliminated without loss of meaning.
lightning/src/ln/channel.rs
Outdated
| @@ -1893,13 +1893,13 @@ impl<ChanSigner: ChannelKeys> Channel<ChanSigner> { | |||
| } | |||
| } | |||
|
|
|||
| let their_funding_pubkey = self.their_pubkeys.as_ref().unwrap().funding_pubkey; | |||
| let funding_pubkey = self.counterparty_pubkeys.as_ref().unwrap().funding_pubkey; | |||
There was a problem hiding this comment.
I've seen similar occurrences like this. Why would there not be a prefix on this variable name when the context (i.e., self since this is inside a method) is not the counterparty? I'd expect missing prefixes to be where we'd normally use our_.
There was a problem hiding this comment.
You're right, I've been confused by this first one. In fact the pubkey has a clear owner but redeemScript and txo is common. Corrected.
ariard
force-pushed
the
2020-05-rename-keys-var
branch
2 times, most recently
from
a399d16 to
b801a63
Compare
lightning/src/ln/channel.rs
Outdated
| let local_initial_commitment_tx = self.build_commitment_transaction(self.cur_local_commitment_transaction_number, &local_keys, true, false, self.feerate_per_kw, logger).0; | ||
| let local_sighash = hash_to_message!(&bip143::SighashComponents::new(&local_initial_commitment_tx).sighash_all(&local_initial_commitment_tx.input[0], &funding_script, self.channel_value_satoshis)[..]); | ||
| let keys = self.build_local_transaction_keys(self.cur_commtment_transaction_number)?; | ||
| let initial_commitment_tx = self.build_commitment_transaction(self.cur_commtment_transaction_number, &keys, true, false, self.feerate_per_kw, logger).0; |
There was a problem hiding this comment.
Should this still be "local" as per #633 (comment)? Not sure if I misinterpreted when "local" and "remote" should be used.
Other places throughout the file were similarly changed.
There was a problem hiding this comment.
I interpret code here as "We build a commitment transaction. Owner is us" So no prefix.
There was a problem hiding this comment.
Hmm, so I thought this would have fallen under the second bullet in the linked comment. Would we ever say local_commitment_tx and remote_commitment_tx in your interpretation? If so, in what context?
There was a problem hiding this comment.
I think we should restrain pointed distinction (local/remote) to templates as used by our chan helpers (chan_utils.rs) and avoid leaking local/remote in Channel storage fields. Even it's not perfect for now.
| let remote_initial_commitment_tx = self.build_commitment_transaction(self.cur_remote_commitment_transaction_number, &remote_keys, false, false, self.feerate_per_kw, logger).0; | ||
| let remote_signature = self.local_keys.sign_remote_commitment(self.feerate_per_kw, &remote_initial_commitment_tx, &remote_keys, &Vec::new(), self.our_to_self_delay, &self.secp_ctx) | ||
| let counterparty_keys = self.build_remote_transaction_keys()?; | ||
| let counterparty_initial_commitment_tx = self.build_commitment_transaction(self.cur_counterparty_commitment_transaction_number, &counterparty_keys, false, false, self.feerate_per_kw, logger).0; |
There was a problem hiding this comment.
Same reasoning. Builder has the notion of local/remote, its ouput has clearly an owner.
lightning/src/ln/channel.rs
Outdated
| let node_a_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap()); | ||
| let node_a_counterparty_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap()); | ||
| let config = UserConfig::default(); | ||
| let mut node_a_chan = Channel::<EnforcingChannelKeys>::new_outbound(&&feeest, &&keys_provider, node_a_node_id, 10000000, 100000, 42, &config).unwrap(); | ||
| let mut node_a_chan = Channel::<EnforcingChannelKeys>::new_outbound(&&feeest, &&keys_provider, node_a_counterparty_node_id, 10000000, 100000, 42, &config).unwrap(); | ||
|
|
||
| // Create Node B's channel by receiving Node A's open_channel message | ||
| let open_channel_msg = node_a_chan.get_open_channel(genesis_block(network).header.bitcoin_hash(), &&feeest); | ||
| let node_b_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap()); | ||
| let mut node_b_chan = Channel::<EnforcingChannelKeys>::new_from_req(&&feeest, &&keys_provider, node_b_node_id, InitFeatures::known(), &open_channel_msg, 7, &config).unwrap(); | ||
| let node_b_counterparty_node_id = PublicKey::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[7; 32]).unwrap()); | ||
| let mut node_b_chan = Channel::<EnforcingChannelKeys>::new_from_req(&&feeest, &&keys_provider, node_b_counterparty_node_id, InitFeatures::known(), &open_channel_msg, 7, &config).unwrap(); |
There was a problem hiding this comment.
Not sure I understand this change. Why "counterparty" here? Should we just call them node_a_id and node_b_id in the appropriate places?
There was a problem hiding this comment.
Right I think here that's zeal. Corrected.
There was a problem hiding this comment.
I believe the node ids aren't accurately named even with your change reverted. That is, node_a_chan should be created with node B's id. In practice, it doesn't matter since the ids aren't used after the Channel is created.
There was a problem hiding this comment.
You right, updated comments to make it clearer.
| fn internal_open_channel(&self, their_node_id: &PublicKey, their_features: InitFeatures, msg: &msgs::OpenChannel) -> Result<(), MsgHandleErrInternal> { | ||
| fn internal_open_channel(&self, counterparty_node_id: &PublicKey, their_features: InitFeatures, msg: &msgs::OpenChannel) -> Result<(), MsgHandleErrInternal> { |
There was a problem hiding this comment.
Personally, for all these methods I'd just call the parameter node_id and features. From the context, it should be clear that we aren't passing in our own node id and features.
There was a problem hiding this comment.
I'm ~0 on this. It's quite obvious when you're used to, but for newcomers that's clearly helpful ?
There was a problem hiding this comment.
Not sure what ~0 means. 😄 Indifferent?
My argument is these are (helpers for) implementing ChannelMessageHandler, so it should be clear. I'd be fine with leaving these unchanged and moving to node_id and features in a follow-up that included updating ChannelMessageHandler.
There was a problem hiding this comment.
Yes indifferent, let's keep it for a follow-up.
ariard
force-pushed
the
2020-05-rename-keys-var
branch
2 times, most recently
from
88a2b38 to
fa4ee8d
Compare
|
Thanks @jkczyz for review, rebased and updated.
Yes, let's do this post-anchor output implementation ? I'm modifying few things here. |
|
This needs rebase. Maybe instead of |
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
fa4ee8d to
724ad6e
Compare
|
@TheBlueMatt @jkczyz Sorry for latency, finally back working on this :)
I agree that local_/remote_ should disappear, I'm thinking about owner_/contributor_ as when generating a transaction it must have a unique final owner while we might integrate contributions from another participant. These contributions can be either our key material or our counterparty's one according to message processing flow. IMO, better than broadcaster_/broadcastee_, we don't necessary broadcast commitment transactions. Overall, there is a huge part of the codebase still bearing the local_/remote_ nomenclature, this PR is just a step forward and should have follow-ups. |
Hmm, I still think its possible to confuse that - the node which sends all the data on the wire here is not the owner, but it feels like they should be the owner since they decided when to create the commitment tx and when to send information about it (though not when to finalize it or broadcast it). I agree broadcaster is confusing because we often don't broadcast, but I'm not sure how else to describe a potentially-broadcastable transaction. Maybe broadcastable_node_*, though that seems verbose. |
I don't agree on when to create the commitment as Alice can send a I like owner as ultimately you're deciding for the finalization and thus authorizing this transaction to spend the funding output. Also it underscores you have to reject counterparty contribution if they're not valid (like invalid signatures/pubkeys). Sounds we won't agree here, @jkczyz do you want serve as a tie-breaker ? Does owner/contributor sound like a meaningful improvement on local/remote :) ? |
I think I got a little lost in the discussion. :) Could you point me to a concrete example in the PR where these would be used in replace of local/remote? |
lightning/src/ln/channel.rs
Outdated
| if self.value_to_self_msat < self.local_channel_reserve_satoshis * 1000 + local_commit_tx_fee_msat { | ||
| return Err(ChannelError::Close("Cannot receive value that would put us under local channel reserve value".to_owned())); | ||
| if self.value_to_self_msat < self.channel_reserve_satoshis * 1000 + local_commit_tx_fee_msat { | ||
| return Err(ChannelError::Close("Cannot receive value that would put us under our channel reserve value".to_owned())); |
There was a problem hiding this comment.
The side ("our") of the reserve is immaterial here since its implied by this being a receive. I'd try to avoid "us" and "our" in these messages by stating as:
Cannot receive value that would put the channel under its reserve value
That said, there are other messages that use "our" and "their" pronouns it appears.
There was a problem hiding this comment.
Good suggestion but I took it a bit differently "Cannot accept HTLC that would put counterparty balance under channel reserve value" as it underscores both purpose of this check and ownership of checked value.
lightning/src/ln/channel.rs
Outdated
| // revoke_and_ack, not on sending commitment_signed, so we add one if have | ||
| // AwaitingRemoteRevoke set, which indicates we sent a commitment_signed but haven't gotten | ||
| // the corresponding revoke_and_ack back yet. | ||
| let our_next_remote_commitment_number = INITIAL_COMMITMENT_NUMBER - self.cur_remote_commitment_transaction_number + if (self.channel_state & ChannelState::AwaitingRemoteRevoke as u32) != 0 { 1 } else { 0 }; | ||
| let next_remote_commitment_number = INITIAL_COMMITMENT_NUMBER - self.cur_counterparty_commitment_transaction_number + if (self.channel_state & ChannelState::AwaitingRemoteRevoke as u32) != 0 { 1 } else { 0 }; |
There was a problem hiding this comment.
I guess this where I'm a bit confused. Here we are mixing "counterparty" and "remote".
There was a problem hiding this comment.
My bad, I think this variable was really badly-named. Switched it to next_counterparty_commitment_number as we used this value to build counterparty's commitment transaction.
lightning/src/ln/channel.rs
Outdated
| return Err(ChannelError::Ignore(format!("Cannot send value that would put us under local channel reserve value ({})", chan_reserve_msat))); | ||
| let chan_reserve_msat = self.channel_reserve_satoshis * 1000; | ||
| if pending_value_to_self_msat - amount_msat - commit_tx_fee_msat < chan_reserve_msat { | ||
| return Err(ChannelError::Ignore(format!("Cannot send value that would put us under our channel reserve value ({})", chan_reserve_msat))); |
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
724ad6e to
f763041
Compare
|
Thanks @jkczyz for the new parse. As an example of new @TheBlueMatt what about New proposal |
|
|
There was a problem hiding this comment.
Thanks @jkczyz for the new parse. As an example of new
owner/contributorusage, seeTxCreationKeysin 2fb8a21
Is there an argument against why we shouldn't simply use no prefix and counterparty_ in TxCreationKeys as well?
When I read the documentation:
A contributor key is coming from a protocol participant contributing to the computed transaction.
I think that is just a verbose but complicated way of saying the counterparty. So rather than introduce new terminology (i.e. owner/contributor), why not be consistent by using no prefix and counterparty_ as used elsewhere? The nice thing about "counterparty" IMHO is that it is a relative term. That is, it can be used equally well within a channel or within a commitment transaction (regardless of whose it is).
lightning/src/ln/chan_utils.rs
Outdated
| let mut counterparty_contrib = revocation_base_secret.clone(); | ||
| counterparty_contrib.mul_assign(&rev_append_commit_hash_key)?; | ||
| let mut our_contrib = per_commitment_secret.clone(); |
There was a problem hiding this comment.
I understand that "contrib" is short for "contribution", but using this with "counterparty" may be confusing when "contributor" is later used as the counterparty of "owner" in TxCreationKeys. We can remove this possible confusion by not using "contributor" in TxCreationKeys, FWIW.
lightning/src/ln/chan_utils.rs
Outdated
| } | ||
|
|
||
| /// The set of public keys which are used in the creation of one commitment transaction. | ||
| /// These are derived from the channel base keys and per-commitment data. | ||
| /// | ||
| /// A owner key is coming from intented owner of the computed transaction. A contributor |
There was a problem hiding this comment.
s/A owner/An owner
s/intented/intended
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
f763041 to
975a68e
Compare
|
I'm settling on
I think using counterparty_ in this transaction/keys builder helpers would get us back where we're before. |
lightning/src/ln/chan_utils.rs
Outdated
| part_b.mul_assign(&commit_append_rev_hash_key)?; | ||
| part_a.add_assign(&part_b[..])?; | ||
| Ok(part_a) | ||
| let mut counterparty_contrib = revocation_base_secret.clone(); |
There was a problem hiding this comment.
Shouldnt this be broadcaster/countersignatory?
There was a problem hiding this comment.
That's intentional, as we never derive counterparty revocation key as it's only used to punish them, revocation appears to me directed thus the counterparty_ nomenclature. I concede that can be confusing ?
There was a problem hiding this comment.
Its also a pub function, so users can do whatever :p. But, sure, that's fine with me, maybe leave a comment, though.
|
I posted this above, but re: no-prefix versions: I'm really not a fan of no prefix - it seems ripe for confusion. "Yep, code reads right, it says to_self_delay" when its really the wrong "to_self_delay". Seems that would be easy to miss in a code review. |
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
975a68e to
1b590ea
Compare
|
Updated with restoring the |
There was a problem hiding this comment.
I'm settling on
broadcaster/countersignatory,broadcasteeis too much near-collision.
SGTM. Please update the commit message for a513747 as it still mentions "owner" and "contributor".
I think using counterparty_ in this transaction/keys builder helpers would get us back where we're before.
Namely confusing remote as our protocol counterparty with whom we're operating this channel and remote as the protocol participant authorizing the transaction but devoid of capability to broadcast the transaction. And in those modified builders, we can beremote, like when we're initiating a channel update by sending acommitment_signed.
Not sure I 100% agree as there shouldn't be a concept of "our" in TxCreationKeys, but I like your choice of "broadcaster" and "countersignatory" much better. No need to argue the point any further. :)
lightning/src/chain/keysinterface.rs
Outdated
| @@ -318,13 +318,13 @@ pub trait ChannelKeys : Send+Clone { | |||
| /// protocol. | |||
| fn sign_channel_announcement<T: secp256k1::Signing>(&self, msg: &msgs::UnsignedChannelAnnouncement, secp_ctx: &Secp256k1<T>) -> Result<Signature, ()>; | |||
|
|
|||
| /// Set the remote channel basepoints and remote/local to_self_delay. | |||
| /// Set the remote channel basepoints and counterparty/our local_to_self_delay. | |||
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
1b590ea to
7767542
Compare
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
af4c0e4 to
e10aa15
Compare
Variables should be named according to the script semantic which is an invariant with regards to generating a local or remote commitment transaction. I.e a broadcaster_htlc_key will always guard a HTLC to the party able to broadcast the computed transactions whereas countersignatory_htlc_key will guard HTLC to a countersignatory of the commitment transaction.
ariard
force-pushed
the
2020-05-rename-keys-var
branch
2 times, most recently
from
652553c to
205a84c
Compare
lightning/src/chain/keysinterface.rs
Outdated
| /// The remote_revocation_pubkey used to derive witnessScript | ||
| remote_revocation_pubkey: PublicKey | ||
| /// The counterparty_revocation_pubkey used to derive witnessScript | ||
| counterparty_revocation_pubkey: PublicKey |
lightning/src/chain/keysinterface.rs
Outdated
| /// ChannelKeys::pubkeys().delayed_payment_basepoint) and the provided per_commitment_point to | ||
| /// chan_utils::derive_private_key. The public key can be generated without the secret key | ||
| /// using chan_utils::derive_public_key and only the delayed_payment_basepoint which appears in | ||
| /// ChannelKeys::pubkeys(). | ||
| /// | ||
| /// To derive the remote_revocation_pubkey provided here (which is used in the witness | ||
| /// script generation), you must pass the remote revocation_basepoint (which appears in the | ||
| /// To derive the counterparty_revocation_pubkey provided here (which is used in the witness |
There was a problem hiding this comment.
s/counterparty// (but not on the next line down).
| @@ -335,7 +350,7 @@ pub struct ChannelPublicKeys { | |||
| /// states. | |||
| pub revocation_basepoint: PublicKey, | |||
| /// The public key which receives our immediately spendable primary channel balance in | |||
| /// remote-broadcasted commitment transactions. This key is static across every commitment | |||
There was a problem hiding this comment.
Not your bug, but can you fix this comment to not refer to ours/theirs/counterparty/etc - this struct is generic across both sides (and thus should only ever use broadcaster/countersignatory).
There was a problem hiding this comment.
Hmmm I keep the counterparty's it makese sense here, as this immediate spend is only available if it's the counterparty commitment ?
lightning/src/ln/chan_utils.rs
Outdated
| let payment_hash160 = Ripemd160::hash(&htlc.payment_hash.0[..]).into_inner(); | ||
| if htlc.offered { | ||
| Builder::new().push_opcode(opcodes::all::OP_DUP) | ||
| .push_opcode(opcodes::all::OP_HASH160) | ||
| .push_slice(&PubkeyHash::hash(&revocation_key.serialize())[..]) | ||
| .push_slice(&PubkeyHash::hash(&broadcaster_revocation_key.serialize())[..]) |
There was a problem hiding this comment.
There are still a number of references to broadcaster_revocation_key - can you remove those too?
ariard
force-pushed
the
2020-05-rename-keys-var
branch
2 times, most recently
from
9890e6f to
874a1b0
Compare
lightning/src/ln/channel.rs
Outdated
| if self.value_to_self_msat < self.local_channel_reserve_satoshis * 1000 + local_commit_tx_fee_msat { | ||
| return Err(ChannelError::Close("Cannot receive value that would put us under local channel reserve value".to_owned())); | ||
| if self.value_to_self_msat < self.counterparty_selected_channel_reserve_satoshis * 1000 + local_commit_tx_fee_msat { | ||
| return Err(ChannelError::Close("Cannot accept HTLC that would put counterparty balance under our-announced channel reserve value".to_owned())); |
There was a problem hiding this comment.
This is about counterparty-announced and our balance, not the other way around.
Previously most of variable fields relative to data belonging to our node or counterparty were labeled "local"/"remote". It has been deemed confusing with regards to transaction construction which is always done from a "local" viewpoint, even if owner is our counterparty
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
874a1b0 to
8c284b8
Compare
There was a problem hiding this comment.
One more note plus this needs squashed or at least 4491986 fixed (it doesn't build on its own).
| /// The public key which receives our immediately spendable primary channel balance in | ||
| /// remote-broadcasted commitment transactions. This key is static across every commitment | ||
| /// The public key which receives an immediately spendable primary channel balance in | ||
| /// a broadcaster's commitment transactions. This key is static across every commitment |
There was a problem hiding this comment.
This reads a bit confusing - its the countersignatory's balance in a broadcaster's transaction, but reading it I'd think its a broadcaster's balance.
|
Verified that every commit except 4491986 builds + passes tests, so just that one commit needs fixedup/the next squashed into it. |
To avoid reviewers confusion, rename counterparty_to_self_delay to counteparty_selected_contest_delay, i.e the justice delay announced by a channel counterparty restraining our transactions, and to_self_delay to locally_selected_contest_delay, i.e the justice delay announced by us restraining counterparty's transactions We deviate from wider nomenclature by prefixing local data with a locally_ extension due to the leak of this value in transactions/scripts builder, where the confusion may happen. Rename further AcceptChannelData to the new nomenclature.
A TxCreationKeys set represents the key which will be embedded in output scripts of a party's commitment tx state. Among them there is a always a key belonging to counter-party, the HTLC pubkey. To dissociate strongly, prefix keys with broadcaster/countersignatory. A revocation keypair is attributed to the broadcaster as it's used to punish a fraudulent broadcast while minding that such keypair derivation method will be always used by countersignatory as it's its task to enforce punishement thanks to the release secret.
Transaction signing methods are changed from local_/remote_ prefix to newer holder_/counterparty_ wihout any semantic changes.
Comment meaning of holder/counterparty Diverse chan_utils cleanups Cleanups post-cbindings merge Fix misusage of holder_selected_contest_delay instead of counterparty _selected_contest_delay in HolderCommitmentTransaction Fix old payment_point comment
ariard
force-pushed
the
2020-05-rename-keys-var
branch
from
8c284b8 to
21d0a95
Compare
Downstreaming this while working on anchor, follow-up of #613. This is an attempt to make keys variable names less confusing based on script semantic as an invariant.
Variables should be named according to the script semantic which is
an invariant with regards to generating a local or remote commitment
transaction.
I.e a local_delayed_payment key will always offer to the owner
of the commitment transaction to be paid back after a given delay.