📅 Original date posted:2020-08-23
📝 Original message:
Olaoluwa Osuntokun <laolu32 at gmail.com> writes:
> After getting some feedback from the Lightning Labs squad, we're thinking
> that it may be better to make the initial switch over double-opt-in, similar
> to the current `shutdown` message flow. So with this variant, we'd add two
> new messages: `commit_switch` and `commit_switch_reply` (placeholder
> names). We may want to retain the "initiator" only etiquette for simplicity,
> but if we want to allow both sides to initiate then we'll need to handle
> collisions (with a randomized back off possibly).
(Sorry for long delay catching up with backlog).
Yeah, modelling on the shutdown flow makes more sense to me, due to
simplicity.
I think we will end up with a linear progression of channel types (type
n+1 is always preferred over type n). This has the benefit of
*reducing* the test matrix at some point by dropping older formats.
(You can't drop older format completely without an onchain event, of
course, since you need to be able to penalize ancient commit txs.
Though perhaps you just pregen penalty txs for those cases and behave like
a watchtower, maybe even not bothering about HTLCs?)
I think inventing a new commitment type numbering scheme is unnecessary:
just use existing feature bits and define what upgrades are permissable.
I send `commit_switch` with features, you send `commit_switch` with
features, we do feature matching to determine new features for channel.
You can easily figure out the intersection: if one requires a feature
the other doesn't offer, it's a noop (upgrade failure). Similarly, if
the combination offers no new features, it's a noop.
You can't add HTLCs after you've sent `commit_switch`. You can add
again (under the new rules) once:
1. You've both sent and received `commit_switch`.
2. You have no outstanding HTLCs (in either direction).
This means we don't have to worry about the case where we both propose
upgrades at once, it Just Works. It's also Just Works to always send on
reconnect, and simply echo your current features if you receive an
unexpected `commit_switch`.
---
I'd like to Upgrade The World to anchor_outputs, so maybe cleanest would
be:
1. Release supports anchor_outputs (odd).
2. Release supports upgrading to anchor_outputs.
3. Release requires anchor_outputs (even), unilaterally closes channels
w/o (ideally very few!).
We need a feature bit for upgrades, since we don't want to stop the flow
if they don't respond to commit_switch (i.e. it should be even).
Anyone working on this right now?
Cheers,
Rusty.
Rusty Russell [ARCHIVE] /
npub1zw…hkhpx
2023-06-09 13:00:43
in reply to nevent1q…ja0z
Author Public Key
npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpxPublished at
2023-06-09 13:00:43Event JSON
{
"id": "50d2431aa1cb693b4f874feef8d0fc657dd92dc15c21f789a1a26b207e51301b",
"pubkey": "13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425",
"created_at": 1686315643,
"kind": 1,
"tags": [
[
"e",
"024679dadf93e7890e21152b2d6b6ed85f9d1e9ce6280ffcf4e8fdf0f0f05b08",
"",
"reply"
],
[
"p",
"9456f7acb763eaab2e02bd8e60cf17df74f352c2ae579dce1f1dd25c95dd611c"
]
],
"content": "📅 Original date posted:2020-08-23\n📝 Original message:\nOlaoluwa Osuntokun \u003claolu32 at gmail.com\u003e writes:\n\u003e After getting some feedback from the Lightning Labs squad, we're thinking\n\u003e that it may be better to make the initial switch over double-opt-in, similar\n\u003e to the current `shutdown` message flow. So with this variant, we'd add two\n\u003e new messages: `commit_switch` and `commit_switch_reply` (placeholder\n\u003e names). We may want to retain the \"initiator\" only etiquette for simplicity,\n\u003e but if we want to allow both sides to initiate then we'll need to handle\n\u003e collisions (with a randomized back off possibly).\n\n(Sorry for long delay catching up with backlog).\n\nYeah, modelling on the shutdown flow makes more sense to me, due to\nsimplicity.\n\nI think we will end up with a linear progression of channel types (type\nn+1 is always preferred over type n). This has the benefit of\n*reducing* the test matrix at some point by dropping older formats.\n\n(You can't drop older format completely without an onchain event, of\ncourse, since you need to be able to penalize ancient commit txs.\nThough perhaps you just pregen penalty txs for those cases and behave like\na watchtower, maybe even not bothering about HTLCs?)\n\nI think inventing a new commitment type numbering scheme is unnecessary:\njust use existing feature bits and define what upgrades are permissable.\n\nI send `commit_switch` with features, you send `commit_switch` with\nfeatures, we do feature matching to determine new features for channel.\nYou can easily figure out the intersection: if one requires a feature\nthe other doesn't offer, it's a noop (upgrade failure). Similarly, if\nthe combination offers no new features, it's a noop.\n\nYou can't add HTLCs after you've sent `commit_switch`. You can add\nagain (under the new rules) once:\n1. You've both sent and received `commit_switch`.\n2. You have no outstanding HTLCs (in either direction).\n\nThis means we don't have to worry about the case where we both propose\nupgrades at once, it Just Works. It's also Just Works to always send on\nreconnect, and simply echo your current features if you receive an\nunexpected `commit_switch`.\n\n---\nI'd like to Upgrade The World to anchor_outputs, so maybe cleanest would\nbe:\n\n1. Release supports anchor_outputs (odd).\n2. Release supports upgrading to anchor_outputs.\n3. Release requires anchor_outputs (even), unilaterally closes channels\n w/o (ideally very few!).\n\nWe need a feature bit for upgrades, since we don't want to stop the flow\nif they don't respond to commit_switch (i.e. it should be even).\n\nAnyone working on this right now?\n\nCheers,\nRusty.",
"sig": "8ea15988845df964f5061fd8587052d866816751d3157702e18727a618e459baca156f3154deaf6bcc55cb7be93fefe9d24506e4c75e9619b701ad1c9a8df4fa"
}