-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
multi: make reassignment of alias channel edge atomic #8777
base: master
Are you sure you want to change the base?
multi: make reassignment of alias channel edge atomic #8777
Conversation
Important Review skippedAuto reviews are limited to specific labels. 🏷️ Labels to auto review (1)
Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
@Crypt-iQ could you take a look and evaluate if this is the right direction I am going, it relates to the atomic deletion of the option-scid channels also discussed here(#7759 (comment)) Thank you in advance 🙏 |
Yes this approach looks good |
655f5b0
to
ef2a738
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🎉
I left comments, mostly nits. One important question is if the announcement is still broadcasted to the channel peer as before (via addToGraph
). See the question in the first commit.
graph/db/graph_test.go
Outdated
|
||
// Define the new channel id (under real conditions this is the new | ||
// confirmed channel id). | ||
newChanSCID := rand.Uint64() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's make it more deterministic and exclude (small but real) probability of newChanSCID == oldSCID:
newChanSCID := oldSCID
BTW what happens if ReAddChannelEdge
is called with newChanSCID == oldSCID? IIUC, it succeeds. But this is not expected that newChanSCID == oldSCID, so maybe we should change this to fail with an error "new channel ID is equal to old channel ID" and add a test for such edge case here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no it should succeed aslo with the same SCID, in case of an option-scid channel but not zeroconf.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But made the newChanID deterministic:
newChanSCID := oldSCID + 1
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no it should succeed aslo with the same SCID, in case of an option-scid channel but not zeroconf.
I propose to unit test that when the same SCID is passed, ReAddChannelEdge succeeds in case of an option-scid channel, but fails for a zeroconf channel.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm I think I was not clear in my description what I meant is that for zeroconf-alias channels the channelid for the reassignment is always different,
For non-zeroconf alias channels the ChannelID for the reassignment is always the same, we do this only to clear the graph data storage to remove potential ChanUpdates which where based on the alias not the channelID. Which might happen in the period between channelconfirmation (usually 3 blocks) and the 6 blocks public gossip limit.
0784e6b
to
9ddb66e
Compare
71f2dc6
to
fd595ba
Compare
err = f.addToGraph( | ||
c, &confChan.shortChanID, nil, ourPolicy, | ||
aliasScid := c.ShortChanID() | ||
confirmedScid := confChan.shortChanID |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The variables can be used above in the ReAssignSCID
call and below in the sendChanUpdate
call.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks like this is not addressed
graph/db/graph_test.go
Outdated
|
||
// Define the new channel id (under real conditions this is the new | ||
// confirmed channel id). | ||
newChanSCID := rand.Uint64() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no it should succeed aslo with the same SCID, in case of an option-scid channel but not zeroconf.
I propose to unit test that when the same SCID is passed, ReAddChannelEdge succeeds in case of an option-scid channel, but fails for a zeroconf channel.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! 🌴
The code looks good!
Few suggestions about tests coverage and removing copy-paste.
err = f.sendChanUpdate( | ||
completeChan, &baseScid, ourPolicy, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The unit tests pass even with this call commented out. I propose to cover this case of announcement sending in unit tests as well.
Another idea. DeleteSixConfs, ReAssignSCID, and sendChanUpdate is a common sequence in both cases where they are used. Does it make sense to create a method doing DeleteSixConfs, ReAssignSCID, and sendChanUpdate and reuse it in both cases? It case there will be a third case in the future, there will be less chances to use incorrectly (e.g. to forget to call sendChanUpdate).
fd595ba
to
ac5ede1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the fix! I think it may explain some of the flakes I've seen from the itest. Meanwhile, could you do a rebase on #9368 and change the base branch to that one? This way we can get a clean CI build and I wanna analyze the logs to understand the changes here.
funding/manager.go
Outdated
// sendChanUpdate sends a ChannelUpdate to the gossiper which is as a | ||
// consequence sent to the peer. | ||
// | ||
// TODO(ziggie): Refactor the gossip msges so that not always all msges have |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
msges
-> msgs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unresolving as it's not addressed
errChan := f.cfg.SendAnnouncement(ann.chanUpdateAnn) | ||
select { | ||
case err := <-errChan: | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can be simplified to,
if graph.IsError(err, graph.ErrOutdated, graph.ErrIgnored) {
log.Debugf("Graph rejected ChannelUpdate: %v", err)
return nil
}
if err != nil {
return fmt.Errorf("error sending channel update: %v",
err)
}
or just,
if graph.IsError(err, graph.ErrOutdated, graph.ErrIgnored) {
log.Debugf("Graph rejected ChannelUpdate: %v", err)
return nil
}
return err
since all the returned error from sendChanUpdate
have already been wrapped with contexts and save us from a long chained error msgs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not addressed
funding/manager.go
Outdated
fwdMinHTLC, fwdMaxHTLC := f.extractAnnounceParams(completeChan) | ||
|
||
ann, err := f.newChanAnnouncement( | ||
chanAnn, err := f.newChanAnnouncement( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this belongs to another PR - since the PR is aimed at fixing the atomic behavior, and this commit is touching a different aspect (gossip), and I think there's already a de-dup logic in our gossiper?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
true, I was more referring to the creation of these messages, we do not always use all of them so I decided to not create them in the first place.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure - in the case we should fix it in a different PR, I also wanna this change as this commit also fixes the confusing names such as newChanAnnouncement
. Plus I don't see any dependencies between the atomic fix and this depup fix?
3a37dc6
to
a13596d
Compare
76fb9af
to
7877c7d
Compare
9d62968
to
d259917
Compare
funding/manager.go
Outdated
// DeleteAliasEdge allows the Manager to delete an alias channel edge | ||
// from the graph. It also returns our local to-be-deleted policy. | ||
DeleteAliasEdge func(scid lnwire.ShortChannelID) ( | ||
// ReassignSCID allows the Manager to assign a new SCID to an |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ReassignSCID -> ReAssignSCID
@@ -1206,6 +1206,16 @@ func (b *Builder) processUpdate(msg interface{}, | |||
"chan_id=%v", msg.ChannelID) | |||
} | |||
|
|||
// Look up the funding pk script so that we can register the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In case we assume valid channels or have alias channels we make
sure we also add the channel point to the block filter so that
we are notified if the channel point is spent in a block.
Did you encounter this or can you demonstrate the behavior in a test? I think we have itests for the alias channels and the UTXO filter seems to work fine?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes the zeroconf channel test is failing if we don't do this because we would never be notified if the channel closed because for alias channels we are not funneling through the channel_announcement again as before, we are just swapping it in the ReAssignmentSCID method, before we would send it again via addToGraph
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't we already UpdateFilter
below after validating the funding outpoint?
funding/manager.go
Outdated
fwdMinHTLC, fwdMaxHTLC := f.extractAnnounceParams(completeChan) | ||
|
||
ann, err := f.newChanAnnouncement( | ||
chanAnn, err := f.newChanAnnouncement( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure - in the case we should fix it in a different PR, I also wanna this change as this commit also fixes the confusing names such as newChanAnnouncement
. Plus I don't see any dependencies between the atomic fix and this depup fix?
d259917
to
4430487
Compare
// reassigned with the new confirmed scid. Moreover channel | ||
// updates with the alias scid are removed so that we do not | ||
// relay them to the broader network. | ||
ourPolicy, err := f.cfg.ReAssignSCID( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this fixes the issue mentioned in the PR description re the possible race. We can still receive an channel_update
from the peer while we are in the process of re-assigning the SCID. Meanwhile, in the gossiper, if we receive a channel_update
that we don't understand, it's put in the prematureChannelUpdates
and will be processed later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I described the problem in detail here: ef6cd7a
Looking back I think this issue could have been solved by deleting the rejectCache before adding the edge via the addToGraph
function. Tho I think having the deletion and addition atomic is the better desing wdyt ?
// addToGraph. This is because the peer may have | ||
// sent us a ChannelUpdate with an alias and we don't | ||
// want to relay this. | ||
ourPolicy, err := f.cfg.DeleteAliasEdge(baseScid) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the actually issue is we call DeleteSixConfs
too early - if we only call it once the edge is recreated, we can fix the case where the peer sends a channel_update
using alias?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm I don't think so, we don't want this ChanUpdate with the Alias so we need to delete the mapping earlier so we do not risk adding the Alias ChanUpdate after we readded the Edge ?
// database and adds the new edge to guarantee atomicity. | ||
// This is important for option-scid-alias channels which may change its SCID | ||
// over the course of its lifetime (e.g., public zero-conf channels). | ||
func (c *ChannelGraph) ReAddChannelEdge( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A typical flow for adding an edge,
ChannelAnnouncement
msg received by the gossiper- the gossiper validates it and sends it to the channel graph
- the channel graph validates and adds it to the graph db
And a similar flow is used for ChannelUpdate
, but now we just bypass all the validations here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it is ok to skip the validation for the ChannelAnnouncement
we created ourselves ? Why should we not trust our own ChannelAnnouncment and ChannelUpdate when its internally sourced ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The point is to make sure there are no side effects - the full chain of processing ChannelUpdate
consists of fundingManager -> gossiper -> router
, each processing the msg and updating their states. One example is the validation barrier, where the router and gossiper each have one to ensure the ordering of msgs. Basically I need more time to access the flow changes here, so far it looks good as indicated by the itests, although the behavior does change as I'm seeing this log which is weird,
2025-01-20 20:09:57.115 [DBG] DISC gossiper.go:3546: Unable to fetch node announcement for [Dave]: node does not have node announcement
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Going into detail in this case I think this was also a side effect before this PR, I guess you also noticed that we prioritize the AnnouncementSig
before the NodeAnnouncement
. IMO it does not make sense to wait for the nodeAnnouncment here but rather add it to the msges we propagate if it's available or just neglect it.
4430487
to
e885bf5
Compare
This will make it simple in the next commits to test soley single messages rather than always the combination of announcement and channel update msg.
7b4e121
to
e8e8b94
Compare
When the option SCID is used we need to make sure we update the channel data in an atomic way so that we don't miss any updates by our peer and remove all edge info which still uses the alias as the channel id (e.g. ChannelUpdate msgs). Moreover add unit test for the new ReAddEdge method.
In case we assume valid channels or have alias channels we make sure we also add the channel point to the block filter so that we are notified if the channel point is spent in a block.
e8e8b94
to
115451c
Compare
@Crypt-iQ: review reminder |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can be rebased now
"ChannelUpdate: %v", err) | ||
} else { | ||
return fmt.Errorf("error sending channel "+ | ||
"update: %v", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
%v
-> %w
, weird the linter didn't catch this case.
err = f.addToGraph( | ||
c, &confChan.shortChanID, nil, ourPolicy, | ||
aliasScid := c.ShortChanID() | ||
confirmedScid := confChan.shortChanID |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks like this is not addressed
errChan := f.cfg.SendAnnouncement(ann.chanUpdateAnn) | ||
select { | ||
case err := <-errChan: | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not addressed
|
||
t.Helper() | ||
|
||
// Validate custom parameter arrays have expected length |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: missing a period
nodes := []*testNode{alice, bob} | ||
for i, node := range nodes { | ||
// Each node should send exactly 2 announcements | ||
// ChannelAnnouncement and ChannelUpdate. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
think we need to assert there are no ChannelAnnouncement
otherwise it behaves the same as assertChannelAnnouncements
?
graph.db, node1, node2, | ||
) | ||
if err := graph.AddChannelEdge(edgeInfo); err != nil { | ||
t.Fatalf("unable to create channel edge: %v", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: use require.NoError
require.ErrorContains(t, err, "ChannelID doesn't match") | ||
|
||
// Edge 2 should be nil, because we deleted the former peer data. | ||
require.Nil(t, newEdge2) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it mean after this change the newEdge2
is temporarily missing until the remote sends us a ChannelUpdate
?
// database and adds the new edge to guarantee atomicity. | ||
// This is important for option-scid-alias channels which may change its SCID | ||
// over the course of its lifetime (e.g., public zero-conf channels). | ||
func (c *ChannelGraph) ReAddChannelEdge( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The point is to make sure there are no side effects - the full chain of processing ChannelUpdate
consists of fundingManager -> gossiper -> router
, each processing the msg and updating their states. One example is the validation barrier, where the router and gossiper each have one to ensure the ordering of msgs. Basically I need more time to access the flow changes here, so far it looks good as indicated by the itests, although the behavior does change as I'm seeing this log which is weird,
2025-01-20 20:09:57.115 [DBG] DISC gossiper.go:3546: Unable to fetch node announcement for [Dave]: node does not have node announcement
@@ -1206,6 +1206,16 @@ func (b *Builder) processUpdate(msg interface{}, | |||
"chan_id=%v", msg.ChannelID) | |||
} | |||
|
|||
// Look up the funding pk script so that we can register the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't we already UpdateFilter
below after validating the funding outpoint?
nodes := tx.ReadWriteBucket(nodeBucket) | ||
if nodes == nil { | ||
return ErrGraphNodeNotFound | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you think we need this consistency check ? I mean the nodebucket is a toplevel bucket so there shouldn't be ever the case that we do not have it ? I cpy pasted this part from the DeleteChannelEdges
code (and I don't think it is needed there as well) @yyforyongyu
When the option SCID is used we need to make sure we update the
channel data in an atomic way so that we don't miss any updates
by our peer because we rate limit ChanUpdate msg which can cause some side effects revealed in #8582
Prerequisite for: #8582
EDIT:
So the main rational behind this change is, that we need to make sure that in case a channel is an alias channel (zero-conf or non-zeroconf) that we "ReAdd" the edge info atomically. This guarantees that we delete all data which might still have the alias channel as a channel id and moreover we need to do it atomically so that we do not receive updates in the meantime and therefore rate-limit the gossip-messages.