htlcswitch: add an always on mode to htlc interceptor#6232
htlcswitch: add an always on mode to htlc interceptor#6232guggero merged 2 commits intolightningnetwork:masterfrom
Conversation
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
To prevent startup order issues, I think it is key to have this boolean here in the interceptable switch.
See also #6165 (comment)
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
Upon further inspection, it seems that linkQuit is not worth the hassle to thread through.
There was a problem hiding this comment.
This effectively removes the feature entirely, doesn't it? Since packets always come through here. I'm not sure about the merits linkQuit has, or lacks, but it IMO this is not the PR to kill it or the way to do it. If desired, it should be removed completely from htlcSwitch rather than silently disused.
There was a problem hiding this comment.
Not killing it complicates matters because we also have the resume path to the switch. In current master, linkQuit is stored and may not be usable anymore when resume is called. I think that might be a bug.
I think it is indeed best to kill it completely, but first wanted to await review of the change. Probably going to cause a large but simple delta.
There was a problem hiding this comment.
Added commit deleting linkQuit.
There was a problem hiding this comment.
I also deleted a complicated test case TestChannelLinkShutdownDuringForward testing linkQuit. To me it seems that the case where the switch is completely blocked isn't realistic, but maybe someone with more context can weigh in.
There was a problem hiding this comment.
forwardInterceptor can be cleaned up a lot now that it doesn't need the synchronization anymore to manage the hold list.
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
This is the main change. holdForwards are now kept here. This prevents complexities with InterceptableSwitch and forwardInterceptor both trying to do things with held htlcs.
joostjager
force-pushed
the
require-interceptor
branch
from
7fa5a7e to
ce8c203
Compare
joostjager
force-pushed
the
require-interceptor
branch
from
ce8c203 to
be81292
Compare
htlcswitch/interceptable_switch.go
Outdated
joostjager
force-pushed
the
require-interceptor
branch
from
be81292 to
368c715
Compare
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
Height watching can happen in this loop as well.
There was a problem hiding this comment.
Discussed offline that this will be a follow up PR
joostjager
force-pushed
the
require-interceptor
branch
4 times, most recently
from
ae808b2 to
2499a6a
Compare
joostjager
changed the title
joostjager
force-pushed
the
require-interceptor
branch
2 times, most recently
from
390dc05 to
64580c5
Compare
joostjager
force-pushed
the
require-interceptor
branch
3 times, most recently
from
cbe83d6 to
d01e22f
Compare
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
Why should an error here stop the loop? Feels like either LND should crash or carry on.
There was a problem hiding this comment.
Good point. Converted to log and carry on.
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
nit: I'd reference the comment on ForwardPackets below regarding linkQuit here
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
given that s.intercepted is an unbuffered channel, doesn't this stop the switch processing completely? ForwardPackets would block on s.intercepted <- packets until an interceptor is registered. I checked the call sites to ForwardPackets and they are not ready for it to be a blocking call. In particular, it would block the links main loop which smells like it can trigger unwanted force closes (I'm clearly not an expert on that subsystem and I can certainly be wrong).
IMO interceptForward should be handling this by simply adding the packet to the map. The logic to re-send intercepted packets on setInterceptor would handle the rest when the intercept comes back up.
There was a problem hiding this comment.
Excellent point. @carlaKC also expressed concerns about this blocking behavior.
Implemented your suggestion, which is indeed simpler and cleaner.
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
This effectively removes the feature entirely, doesn't it? Since packets always come through here. I'm not sure about the merits linkQuit has, or lacks, but it IMO this is not the PR to kill it or the way to do it. If desired, it should be removed completely from htlcSwitch rather than silently disused.
|
This is a great improvement! Moving the logic to interceptable switch makes a lot of sense. |
carlaKC
left a comment
carlaKC
left a comment
There was a problem hiding this comment.
Great refactor and nice solution to the "always on" question.
joostjager
force-pushed
the
require-interceptor
branch
from
c3d1b4a to
f4d855d
Compare
htlcswitch/interceptable_switch.go
Outdated
There was a problem hiding this comment.
shouldn't this pass the interceptable switch quit channel?
There was a problem hiding this comment.
This code is no longer running on the link goroutine. The original reason was to prevent a deadlock with switch and link. I think the deadlock can't happen in this case.
|
@yyforyongyu: review reminder |
In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
joostjager
force-pushed
the
require-interceptor
branch
2 times, most recently
from
01a3dac to
5c89c14
Compare
|
Rebased |
|
Taking over review from @yyforyongyu to balance his load a bit. |
|
|
||
| log.Infof("Interceptor disconnected, resolving held packets") | ||
|
|
||
| for _, fwd := range s.holdForwards { |
There was a problem hiding this comment.
This is preexisting but looping through s.holdForwards may change the order of packets.
There was a problem hiding this comment.
Interesting. Do you think there is a point in guarantees about ordering? I am not sure to what extend order is maintained elsewhere. For example when update_add messages come in in the link. Also a replay from the on-chain flow to the interceptor (next pr) just cuts through whatever order there may have been.
There was a problem hiding this comment.
Had to dig a bit deeper to fully understand how the forwarding works. There doesn't seem to be any risk in reordering since the interceptor sits right before the Switch.
Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
joostjager
force-pushed
the
require-interceptor
branch
from
5c89c14 to
ae314ec
Compare
|
Who can hit the merge button on this triple green check pr? 🙏 There is more work to do within this theme! 🚀 |
8 participants
Adds a flag that makes htlc interception a requirement. The switch will queue htlcs as long as there is no interceptor connected. When the stream disconnects, htlcs waiting for resolution will not resume automatically.
Supersedes #6165
Solves #6161