splice: signer must be informed of splice params

The signer needs to know when the splice operation starts and the splice parameters for each splice transaction candidate. The channel establishment v2 (dual funding) code path already notifies the signer via the hsmd API hsmd_ready_channel calls However, the splicing code path does not. Link: ElementsProject#6723 Suggested-by: @devrandom Co-Developed-by: @devrandom Co-Developed-by: Ken Sedgwick <[email protected]> Signed-off-by: Vincenzo Palazzo <[email protected]>
lightning-signer · Oct 6, 2023 · e873db1 · e873db1
1 parent ff26562
commit e873db1
Showing 1 changed file with 61 additions and 0 deletions.
diff --git a/channeld/channeld.c b/channeld/channeld.c
@@ -2960,6 +2960,26 @@ static size_t calc_weight(enum tx_role role, const struct wally_psbt *psbt)
 	return weight;
 }
 
+/* Get the non-initiator (acceptor) amount after the splice */
+static struct amount_msat splice_acceptor_balance(struct peer *peer,
+						  enum tx_role our_role)
+{
+	struct amount_msat acceptor_value;
+
+	/* Start with the acceptor's balance before the splice */
+	acceptor_value =
+		peer->channel->view->owed[our_role == TX_INITIATOR ? REMOTE : LOCAL];
+
+	/* Adjust by the acceptor's relative splice amount (signed) */
+	if (!amount_msat_add_sat_s64(&acceptor_value, acceptor_value,
+				     peer->splicing->accepter_relative))
+		peer_failed_warn(
+			peer->pps, &peer->channel_id,
+			"Unable to add accepter's relative splice to prior balance.");
+
+	return acceptor_value;
+}
+
 /* Returns the total channel funding output amount if all checks pass.
  * Otherwise, exits via peer_failed_warn. DTODO: Change to `tx_abort`. */
 static struct amount_sat check_balances(struct peer *peer,
@@ -3492,6 +3512,39 @@ static struct inflight *inflights_new(struct peer *peer)
 	return inf;
 }
 
+static void update_hsmd_with_splice(struct peer *peer,
+				    struct inflight *inflight,
+				    const struct amount_msat push_val)
+{
+	u8 *msg;
+
+	/* local_upfront_shutdown_script, local_upfront_shutdown_wallet_index,
+	 * remote_upfront_shutdown_script aren't allowed to change, so we
+	 * don't need to gather them */
+	msg = towire_hsmd_ready_channel(
+		NULL,
+		peer->channel->opener == LOCAL,
+		inflight->amnt,
+		push_val,
+		&inflight->outpoint.txid,
+		inflight->outpoint.n,
+		peer->channel->config[LOCAL].to_self_delay,
+		/*local_upfront_shutdown_script*/ NULL,
+		/*local_upfront_shutdown_wallet_index*/ NULL,
+		&peer->channel->basepoints[REMOTE],
+		&peer->channel->funding_pubkey[REMOTE],
+		peer->channel->config[REMOTE].to_self_delay,
+		/*remote_upfront_shutdown_script*/ NULL,
+		peer->channel->type);
+
+	wire_sync_write(HSM_FD, take(msg));
+	msg = wire_sync_read(tmpctx, HSM_FD);
+	if (!fromwire_hsmd_ready_channel_reply(msg))
+		status_failed(STATUS_FAIL_HSM_IO, "Bad ready_channel_reply %s",
+			      tal_hex(tmpctx, msg));
+}
+
+
 /* ACCEPTER side of the splice. Here we handle all the accepter's steps for the
  * splice. Since the channel must be in STFU mode we block the daemon here until
  * the splice is finished or aborted. */
@@ -3628,6 +3681,10 @@ static void splice_accepter(struct peer *peer, const u8 *inmsg)
 	new_inflight->last_tx = NULL;
 	new_inflight->i_am_initiator = false;
 
+	update_hsmd_with_splice(peer,
+				new_inflight,
+				splice_acceptor_balance(peer, TX_ACCEPTER));
+
 	update_view_from_inflights(peer);
 
 	peer->splice_state->count++;
@@ -3862,6 +3919,10 @@ static void splice_initiator_user_finalized(struct peer *peer)
 	new_inflight->last_tx = NULL;
 	new_inflight->i_am_initiator = true;
 
+	update_hsmd_with_splice(peer,
+				new_inflight,
+				splice_acceptor_balance(peer, TX_INITIATOR));
+
 	update_view_from_inflights(peer);
 
 	peer->splice_state->count++;