Very helpful, thank you for the quick reply! Ben ________________________________ From: SomberNight <[email protected]> Sent: Tuesday, December 13, 2022 10:53 To: Benjamin Weintraub <[email protected]> Cc: [email protected] <[email protected]> Subject: Re: [Lightning-dev] Unclear HTLC scenario
Hi Ben, This is handled earlier than update_fail_htlc: when the recipient sees the update_add_htlc, some sanity checks will fail and it won't commit it to the commitment tx. See here: https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flightning%2Fbolts%2Fblame%2Fa0bbe47b0278b4f152dbaa4f5fab2562413a217c%2F02-peer-protocol.md%23L1036&data=05%7C01%7Cweintraub.b%40northeastern.edu%7C5e9d13700f58406b671208dadd223e31%7Ca8eec281aaa34daeac9b9a398b9215e7%7C0%7C0%7C638065437441102846%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=6GUyG4x9dxZnhGZpIJY6SQBmA%2FH4%2Bcw8kkD3aQaNZ%2Bk%3D&reserved=0 > 1. type: 128 (`update_add_htlc`) > [...] > A receiving node: > [...] > - receiving an `amount_msat` that the sending node cannot afford at the > current `feerate_per_kw` (while maintaining its channel reserve and any > `to_local_anchor` and `to_remote_anchor` costs): > - SHOULD send a `warning` and close the connection, or send an `error` and fail the channel. If the recipient decides to simply close the transport connection, the update_add_htlc message is forgotten (due to the rules of how channel_reestablish works), and the channel is back to a usable state. ghost43 ------- Original Message ------- On Tuesday, December 13th, 2022 at 2:51 PM, Benjamin Weintraub via Lightning-dev <[email protected]> wrote: > Hi list, > > > > I have a question about how update_fail_htlcs are handled. Consider this > scenario: a node, potentially adversarial, forwards an HTLC along a channel > that does not have the funds to support a payment of that size. How does the > recipient of the HTLC respond? > > > > I see this line in BOLT #2: > > “until the corresponding HTLC is irrevocably committed in both sides' > commitment transactions: MUST NOT send an `update_fulfill_htlc`, > `update_fail_htlc`, or `update_fail_malformed_htlc`" > > > > But this seems confusing to me in the context of the scenario I suggested. Is > it saying that even though the channel cannot support the payment, the nodes > still need to commit to it? > > > > I assume that this interpretation is not correct, but then when is it okay > for a node to send an update_fail_htlc? Immediately upon receiving an invalid > transaction? > > > > Any insight you could provide would be great. > > > > Thanks in advance, > > Ben
_______________________________________________ Lightning-dev mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/lightning-dev
