Add a reason to HTLCHandlingFailed event #3601
Conversation
lightning/src/events/mod.rs
Outdated
| /// The HTLC was failed by the local node. | ||
| Local { | ||
| /// The BOLT 04 failure code providing a specific failure reason. | ||
| failure_code: u16 |
There was a problem hiding this comment.
I admit I'm not super excited about exposing the failure code as-is for two reasons - (a) we have very different constraints on the code - we may not always want to give the sender all the details about a failure (eg if the sender used a private channel but we didn't mean to expose it we might pretend the channel doesnt exist) vs what we want to tell the user about a failure (basically everything), (b) its not particularly easy to parse - users have to go read the BOLT then map that to what is actually happening in LDK code, if we had a big enum here we'd be able to provide good docs linking to config knobs and reasons why failures happened.
There was a problem hiding this comment.
Makes sense, will take a look at adding a more detailed enum or adding to HTLCDestination 👍
There was a problem hiding this comment.
we may not always want to give the sender all the details about a failure (eg if the sender used a private channel but we didn't mean to expose it we might pretend the channel doesnt exist)
Maybe I don't understand this fully, but why would you want to hide information from a local api user?
There was a problem hiding this comment.
The private channel example is a case where the BOLT 04 code hides information from the sender of the payment, but we do want to surface that information on the API (comment is from a previous approach that just surfaced the BOLT 04 failure code, so wouldn't provide this additional information).
why would you want to hide information from a local api user?
I do think there are some cases where the end user probably doesn't care about very detailed errors. For example, InvalidOnionPayload - do we really care whether the version is unknown or the onion key is bad when there's nothing that we can do about it?
There was a problem hiding this comment.
I see, outdated.
About your second remark - the end user is a user of the library, I assume. Maybe hard to know what they care about. But still it's probably more efficient to wait for someone asking for it than it is to add it potentially unnecessarily. In that context interested to know whether the failure code itself is useful? (posted #3541 (comment))
There was a problem hiding this comment.
About your second remark - the end user is a user of the library, I assume.
Yeah, whoever is consuming LDK's events 👍
But still it's probably more efficient to wait for someone asking for it than it is to add it potentially unnecessarily.
Complaint driven development FTW 😅
In that context interested to know whether the failure code itself is useful?
As discussed on call, this does fall into the nice to have category. I do also think it's also a nice readability improvement to get rid of the failure codes scattered through the codebase, reduces the chances of using the wrong values IMO.
lightning/src/events/mod.rs
Outdated
| @@ -1441,6 +1461,10 @@ pub enum Event { | |||
| prev_channel_id: ChannelId, | |||
| /// Destination of the HTLC that failed to be processed. | |||
| failed_next_destination: HTLCDestination, | |||
| /// The cause of the processing failure. | |||
There was a problem hiding this comment.
Its worth noting that HTLCDestination has some "reason"-like attributes (I meant to mention this in the issue, but apparently forgot), they're just incomplete and too broad. Up to you if you want to try to add more details there vs adding a new enum.
|
I'm going to be out on vacation until 3 March, but will pick this up when I get back! |
carlaKC
force-pushed
the
3541-failure-reason
branch
from
4a14deb to
26326ea
Compare
|
Pushing* for a conceptual look because I haven't found a way of doing this that I'm super happy with.
If this looks okay, I'll go ahead and clean up tests+docs and add a similar for * Force pushed because this is a different approach; old version that just surfaces B04 failure codes is here. |
lightning/src/ln/onion_utils.rs
Outdated
| /// The raw BOLT04 failure code for the HTLC. | ||
| /// | ||
| /// See: https://github.com/lightning/bolts/blob/master/04-onion-routing.md#returning-errors. | ||
| FailureCode { code: u16 }, |
There was a problem hiding this comment.
Hmmm, rather than having a variant that just holds the error code (and exposing it), can we just convert every use of error codes to the enum version and then only write it out as a u16 when we go to serialize the failure? This would also have the nice side-effect of ensuring that we have all the error codes we generate written in one place instead of strewn all over the codebase.
Maybe I'm not quite sure I understand why you needed to do this?
There was a problem hiding this comment.
an we just convert every use of error codes to the enum version and then only write it out as a u16 when we go to serialize the failure
Yeah can def do that. I thought that some of the error codes were overly-specific (so not something that we want to expose to the end user), but if that's okay then it's a much simpler approach.
|
Played with this a bit locally out of fear of sending you down a dead end... It looks like it's possible to avoid the nested enums and have one big |
carlaKC
force-pushed
the
3541-failure-reason
branch
from
26326ea to
0882ed5
Compare
| } | ||
|
|
||
| impl LocalHTLCFailureReason { | ||
| pub(super) fn failure_code(&self) -> u16 { |
There was a problem hiding this comment.
these methods are quite verbose, and it's annoying to have to specify the values for each enum variant twice (failure_code and u16.into())
could try to do something smarter here, but decided to keep it simple - interested in other opinions here!
There was a problem hiding this comment.
Could we assign the value when defining the enum using explicit discriminants?
https://doc.rust-lang.org/reference/items/enumerations.html#r-items.enum.unit-only
https://doc.rust-lang.org/reference/items/enumerations.html#r-items.enum.discriminant.explicit.unit-only
This failure code isn't used anywhere in the codebase and is not defined in BOLT 04.
Realm is no longer specified in BOLT04, use the specified version error instead.
ln: persist failure_reason with HTLCFailureReason
To be able to obtain the underlying error reason for the pending HTLC, break up the helper method into two parts. This also removes some unnecessary wrapping/unwrapping of messages in PendingHTLCStatus types.
In upcoming commits, we'll make stronger assertions about the type of failure that we're getting when we set fail_backwards. This will be different depending on the type of route we're using - blinded routes fail malformed onion blinded and regular routes just see a downstream failure. This refactor prepares for adding those assertions by threading a failure reason through. The commitment_signed_dance macro is not updated because it already has an invocation with 5 parameters.
Surface the reason for HTLC failure for forwards. Additional information is unlikely to be useful for InvalidOnion and UnknownNextHop, and adding information to FailedPayment is left for future PRs to keep the scope of this PR down.
carlaKC
force-pushed
the
3541-failure-reason
branch
from
0882ed5 to
bb45736
Compare
|
Rebased because there were some non-trivial conflicts, and added tests + docs. In an effort to keep the scope down, decided not to:
Of all of these, the most compelling to change in this PR is |
|
In terms of the API for the event, it looks like it would be best to refactor This is a pretty significant refactor though so I agree it would be best to split out some preliminary changes into an initial PR. Do you have any instincts for what would be good to start with? Maybe we could start by just returning the big enum from the internal |
|
Serialization is also a question here, but I think we can do something similar to what we do for the |
|
Excited for this change! This will help a lot with observability into forwarding failures.
Definitely interested in exposing the cases inside If this change will expose local failures when forwarding HTLCs, is there a plan to expose failures received at the origin node later on as well? |
| DroppedPending, | ||
| /// The HTLC was failed back because its channel is closed and it has timed out on chain. | ||
| ChannelClosed, | ||
| /// UnknownFaliureCode represents BOLT04 failure codes that we are not familiar with. We will |
There was a problem hiding this comment.
| /// UnknownFaliureCode represents BOLT04 failure codes that we are not familiar with. We will | |
| /// UnknownFailureCode represents BOLT04 failure codes that we are not familiar with. We will |
| /// - We read a deprecated failure code from disk that LDK no longer uses. | ||
| /// | ||
| /// See <https://github.com/lightning/bolts/blob/master/04-onion-routing.md#returning-errors> | ||
| /// for latesst defined error codes. |
There was a problem hiding this comment.
| /// for latesst defined error codes. | |
| /// for latest defined error codes. |
| const NODE: u16 = 0x2000; | ||
| const UPDATE: u16 = 0x1000; | ||
|
|
||
| /// The reason that a HTLC was failed by the local node. These errors either represent direct, |
There was a problem hiding this comment.
by the local node
Could this potentially be reused later on when exposing the failure reason on the origin side? If so, should the naming be more generic?
| PrivateChannelForward, | ||
| /// The HTLC was failed because it made a request to forward over the real channel ID of a | ||
| /// channel that implements `option_scid_alias` which is a privacy feature to prevent the | ||
| /// real |
There was a problem hiding this comment.
| /// real | |
| /// real channel ID from being known. |
I think that the advantage of the current Certainly defer to the opinions of the people who've worked on the API longer, but this approach worked reasonably well with LND/LNDMon.
@wvanlint's suggestion to tackle
Just so I'm clear here, this would mean returning
With the one large
This is a much larger refactor than I was expecting, so I also want to make sure that it's going to be worth the review time for the project (esp since I'm new here)? My main goal was to learn more about the codebase, which I have, so it's already been worth it for me! |
|
Good points there and also appreciate the link to the LND APIs, seeing the example of what works in prod today was helpful! Will get back in more detail on your comment soon, but FYI I finally took a look at the updates from the last big push and most of the commits here already look great. So would def be happy to start with that, especially since this PR is pretty big so it's nice to split it up anyway. How does it sound to start with landing most of the commits prior to the last one that actually surfaces anything in the public API? |
Opinions on API solidified a bit for me after offline discussion, I think that deprecating We'd be able to map these two fields to
sgtm! Perhaps also adding a refactor of |
|
API looks great! Thanks a lot for the patience on this.
Definitely think that could make sense! |
Just to be 100% sure we're on the same page -- I chatted with @TheBlueMatt yesterday and he emphasized that (1) the way the current PR code replaces the BOLT 4 raw error codes with the enum is already a solid improvement to readability, and (2) it's really nice that we only have one enum used for both the event and for onion error codes in LN messages. Mainly pointing this out in case there was any risk of rewriting some of the commits here, since they seem to align with these goals as-is. |
This seems fine to me. The reason |
| } | ||
|
|
||
| impl LocalHTLCFailureReason { | ||
| pub(super) fn failure_code(&self) -> u16 { |
There was a problem hiding this comment.
Could we assign the value when defining the enum using explicit discriminants?
https://doc.rust-lang.org/reference/items/enumerations.html#r-items.enum.unit-only
https://doc.rust-lang.org/reference/items/enumerations.html#r-items.enum.discriminant.explicit.unit-only
IIUC explicit discriminants require a unique value per variant, so they won't work here because we're mapping many variants to one error code. |
This PR adds a
HTLCHandlingFailurereason toHTLCHandlingFailedto fix #3541.A simpler version of this would be to make
HTLCFailReasonpublic and just surface that on the API. Decided against this approach because it exposes not-so-user-friendly types on the API with types likeOnionErrorPacket, but happy to go with that way if it's preferred!