rules+firewall: rules and privacy mappings for channel creation

lightninglabs / lightning-terminal

Lightning Terminal: Your Home for Lightning Liquidity

MIT License

488 stars 82 forks source link

rules+firewall: rules and privacy mappings for channel creation #752

Open bitromortac opened 2 months ago

bitromortac commented 2 months ago

Based on #746

This PR adds functionality to litd in order to make automatic channel opens possible.

We add two new rules:

ChannelConstraint: to limit channel sizes
OnChainBudget: to limit onchain interactions with a per session budget
update the peer restriction rule to be active for channel opening endpoints

Automatic channel creation involves the following additional endpoints:

WalletBalance: check whether enough funds are available
PendingChannels: check if a channel is already pending with a node
ClosedChannels: for peer sanity checks
ConnectPeer: connect to a peer before opening
BatchOpenChannel: the request for opening

bitromortac commented 1 month ago

Really great work! Pretty much g2g I think. One main question though:

How does session linking worth with the on-chain budget? Does the same budget carry over & do we prevent them from providing a new one? or do we update the budget when a session is linked?

Thank you for the reviews :pray:! It's possible to change the budget, it's used as a mechanism to top up funds for a session, so we don't prevent it. We could enforce it that it's only allowed to be increased though.

bitromortac commented 4 weeks ago

Thanks a lot for the suggestions and the itest @ellemouton :pray: :100:.

I removed the OpenChannel streaming RPC functionality, which was not fully built out and added privacy mapping for OpenChannelSync.

During itests I found that there was an issue when combining other rules with the budget rule, which is stateful. It may happen that a request adds a temporary budget reservation while another rule is violated, resulting in the reserved budget not being removed. I tried to fix this by adding a RollbackRequest method to the Enforcer interface, which is called after any rule is violated for a request. In principle we would need to add something similar to commit a balance reservation after knowing that all response rules were followed. We don't have restrictions on responses right now which is why I didn't add that.

lightninglabs-deploy commented 3 weeks ago

@ellemouton: review reminder @bitromortac, remember to re-request review from reviewers when ready

ellemouton commented 2 weeks ago

re-requesting from @ViktorTigerstrom since quite a bit has changed