1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212
//! Various user-configurable channel limits and settings which ChannelManager //! applies for you. use ln::channelmanager::{BREAKDOWN_TIMEOUT, MAX_LOCAL_BREAKDOWN_TIMEOUT}; /// Top-level config which holds ChannelHandshakeLimits and ChannelConfig. /// /// Default::default() provides sane defaults for most configurations /// (but currently with 0 relay fees!) #[derive(Clone, Debug)] pub struct UserConfig { /// Channel config that we propose to our counterparty. pub own_channel_config: ChannelHandshakeConfig, /// Limits applied to our counterparty's proposed channel config settings. pub peer_channel_config_limits: ChannelHandshakeLimits, /// Channel config which affects behavior during channel lifetime. pub channel_options: ChannelConfig, } impl Default for UserConfig { fn default() -> Self { UserConfig { own_channel_config: ChannelHandshakeConfig::default(), peer_channel_config_limits: ChannelHandshakeLimits::default(), channel_options: ChannelConfig::default(), } } } /// Configuration we set when applicable. /// /// Default::default() provides sane defaults. #[derive(Clone, Debug)] pub struct ChannelHandshakeConfig { /// Confirmations we will wait for before considering the channel locked in. /// Applied only for inbound channels (see ChannelHandshakeLimits::max_minimum_depth for the /// equivalent limit applied to outbound channels). /// /// Default value: 6. pub minimum_depth: u32, /// Set to the amount of time we require our counterparty to wait to claim their money. /// /// It's one of the main parameter of our security model. We (or one of our watchtowers) MUST /// be online to check for peer having broadcast a revoked transaction to steal our funds /// at least once every our_to_self_delay blocks. /// /// Meanwhile, asking for a too high delay, we bother peer to freeze funds for nothing in /// case of an honest unilateral channel close, which implicitly decrease the economic value of /// our channel. /// /// Default value: BREAKDOWN_TIMEOUT (currently 144), we enforce it as a minimum at channel /// opening so you can tweak config to ask for more security, not less. pub our_to_self_delay: u16, } impl Default for ChannelHandshakeConfig { fn default() -> ChannelHandshakeConfig { ChannelHandshakeConfig { minimum_depth: 6, our_to_self_delay: BREAKDOWN_TIMEOUT, } } } /// Optional channel limits which are applied during channel creation. /// /// These limits are only applied to our counterparty's limits, not our own. /// /// Use 0/<type>::max_value() as appropriate to skip checking. /// /// Provides sane defaults for most configurations. /// /// Most additional limits are disabled except those with which specify a default in individual /// field documentation. Note that this may result in barely-usable channels, but since they /// are applied mostly only to incoming channels that's not much of a problem. #[derive(Copy, Clone, Debug)] pub struct ChannelHandshakeLimits { /// Minimum allowed satoshis when a channel is funded, this is supplied by the sender and so /// only applies to inbound channels. /// /// Default value: 0. pub min_funding_satoshis: u64, /// The remote node sets a limit on the minimum size of HTLCs we can send to them. This allows /// you to limit the maximum minimum-size they can require. /// /// Default value: u64::max_value. pub max_htlc_minimum_msat: u64, /// The remote node sets a limit on the maximum value of pending HTLCs to them at any given /// time to limit their funds exposure to HTLCs. This allows you to set a minimum such value. /// /// Default value: 0. pub min_max_htlc_value_in_flight_msat: u64, /// The remote node will require we keep a certain amount in direct payment to ourselves at all /// time, ensuring that we are able to be punished if we broadcast an old state. This allows to /// you limit the amount which we will have to keep to ourselves (and cannot use for HTLCs). /// /// Default value: u64::max_value. pub max_channel_reserve_satoshis: u64, /// The remote node sets a limit on the maximum number of pending HTLCs to them at any given /// time. This allows you to set a minimum such value. /// /// Default value: 0. pub min_max_accepted_htlcs: u16, /// Outputs below a certain value will not be added to on-chain transactions. The dust value is /// required to always be higher than this value so this only applies to HTLC outputs (and /// potentially to-self outputs before any payments have been made). /// Thus, HTLCs below this amount plus HTLC transaction fees are not enforceable on-chain. /// This setting allows you to set a minimum dust limit for their commitment transactions, /// reflecting the reality that tiny outputs are not considered standard transactions and will /// not propagate through the Bitcoin network. /// /// Default value: 546, the current dust limit on the Bitcoin network. pub min_dust_limit_satoshis: u64, /// Maximum allowed threshold above which outputs will not be generated in their commitment /// transactions. /// HTLCs below this amount plus HTLC transaction fees are not enforceable on-chain. /// /// Default value: u64::max_value. pub max_dust_limit_satoshis: u64, /// Before a channel is usable the funding transaction will need to be confirmed by at least a /// certain number of blocks, specified by the node which is not the funder (as the funder can /// assume they aren't going to double-spend themselves). /// This config allows you to set a limit on the maximum amount of time to wait. /// /// Default value: 144, or roughly one day and only applies to outbound channels. pub max_minimum_depth: u32, /// Set to force the incoming channel to match our announced channel preference in /// ChannelConfig. /// /// Default value: true, to make the default that no announced channels are possible (which is /// appropriate for any nodes which are not online very reliably). pub force_announced_channel_preference: bool, /// Set to the amount of time we're willing to wait to claim money back to us. /// /// Not checking this value would be a security issue, as our peer would be able to set it to /// max relative lock-time (a year) and we would "lose" money as it would be locked for a long time. /// /// Default value: MAX_LOCAL_BREAKDOWN_TIMEOUT (1008), which we also enforce as a maximum value /// so you can tweak config to reduce the loss of having useless locked funds (if your peer accepts) pub their_to_self_delay: u16 } impl Default for ChannelHandshakeLimits { fn default() -> Self { ChannelHandshakeLimits { min_funding_satoshis: 0, max_htlc_minimum_msat: <u64>::max_value(), min_max_htlc_value_in_flight_msat: 0, max_channel_reserve_satoshis: <u64>::max_value(), min_max_accepted_htlcs: 0, min_dust_limit_satoshis: 546, max_dust_limit_satoshis: <u64>::max_value(), max_minimum_depth: 144, force_announced_channel_preference: true, their_to_self_delay: MAX_LOCAL_BREAKDOWN_TIMEOUT, } } } /// Options which apply on a per-channel basis and may change at runtime or based on negotiation /// with our counterparty. #[derive(Copy, Clone, Debug)] pub struct ChannelConfig { /// Amount (in millionths of a satoshi) the channel will charge per transferred satoshi. /// This may be allowed to change at runtime in a later update, however doing so must result in /// update messages sent to notify all nodes of our updated relay fee. /// /// Default value: 0. pub fee_proportional_millionths: u32, /// Set to announce the channel publicly and notify all nodes that they can route via this /// channel. /// /// This should only be set to true for nodes which expect to be online reliably. /// /// As the node which funds a channel picks this value this will only apply for new outbound /// channels unless ChannelHandshakeLimits::force_announced_channel_preferences is set. /// /// This cannot be changed after the initial channel handshake. /// /// Default value: false. pub announced_channel: bool, /// When set, we commit to an upfront shutdown_pubkey at channel open. If our counterparty /// supports it, they will then enforce the mutual-close output to us matches what we provided /// at intialization, preventing us from closing to an alternate pubkey. /// /// This is set to true by default to provide a slight increase in security, though ultimately /// any attacker who is able to take control of a channel can just as easily send the funds via /// lightning payments, so we never require that our counterparties support this option. /// /// This cannot be changed after a channel has been initialized. /// /// Default value: true. pub commit_upfront_shutdown_pubkey: bool } impl Default for ChannelConfig { /// Provides sane defaults for most configurations (but with zero relay fees!). fn default() -> Self { ChannelConfig { fee_proportional_millionths: 0, announced_channel: false, commit_upfront_shutdown_pubkey: true, } } } //Add write and readable traits to channelconfig impl_writeable!(ChannelConfig, 8+1+1, { fee_proportional_millionths, announced_channel, commit_upfront_shutdown_pubkey });