backups: Keep channel backup in case of local force close #5528
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
guggero
added
safety
Roasbeef
approved these changes
Jul 22, 2021
| // by Carol since it was already force closed before we started the | ||
| // recovery. All we need is for Carol to send us over the commit height | ||
| // so we can sweep the time locked output with the correct commit point. | ||
| if testCase.localForceClose { |
There was a problem hiding this comment.
As you mentioned in the OP, in the future we could provide the brute force logic locally in the chain watcher if we detect this case.
guggero
force-pushed
the
keep-channel-backup-local-force-close
branch
2 times, most recently
from
f56bfb4
to
aa2706f
Compare
|
With the latest test run, looks like some other tests need to be updated for the extra even that gets emitted now (itests). |
We'll want to be informed about a channel that's been fully resolved on chain in case it was involved in a force close. We add a new event type and emit method for it.
We might want to react to a channel being fully resolved after being involved in a force close. For this we add a new callback and invoke it where appropriate.
In case we force close a channel from our end the funds can be time locked for up to 2 weeks worst case. If something happens to our node in that time, we don't have any information on that channel anymore because currently the channel is removed from the channel backup file the moment the commitment transaction confirms. Instead we want to keep the channel around in the SCB file until we've actually swept the time locked funds. It looks like lnd even supports recovering from such a case if the peer is still online and can tell us what commit height to use for deriving the commit point. If the peer isn't around anymore then external tools could be used to brute force the commit height.
This commit adds the new channel update event for a channel that is now fully resolved to the event subscription RPC.
With one more notification event being dispatched in the local force close case we need to update one of the integration tests to account for the additional message.
We want to make sure we can recover funds from a channel that was force closed by the local node just before the node needed to be restored. We add a special test case with specific assertions for that scenario.
guggero
force-pushed
the
keep-channel-backup-local-force-close
branch
from
aa2706f
to
dee28ee
Compare
Because we now get one more update per channel when closing it, we need to update our test that looks at the close notifications sent by the SubscribeChannelEvent RPC.
guggero
force-pushed
the
keep-channel-backup-local-force-close
branch
from
dee28ee
to
527c6f0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In case we force close a channel from our end the funds can be time
locked for up to 2 weeks worst case. If something happens to our node in
that time, we don't have any information on that channel anymore because
currently the channel is removed from the channel backup file the moment
the commitment transaction confirms.
Instead we want to keep the channel around in the SCB file until we've
actually swept the time locked funds.
It looks like lnd even supports recovering from such a case if the peer
is still online and can tell us what commit height to use for deriving
the commit point. If the peer isn't around anymore then external tools
could be used to brute force the commit height.
Thanks to @joostjager for making me aware this problem existed.