{"type":"rich","version":"1.0","title":"Rusty Russell [ARCHIVE] wrote","author_name":"Rusty Russell [ARCHIVE] (npub1zw…hkhpx)","author_url":"https://yabu.me/npub1zw7cc8z78v6s3grujfvcv3ckpvg6kr0w7nz9yzvwyglyg0qu5sjsqhkhpx","provider_name":"njump","provider_url":"https://yabu.me","html":"📅 Original date posted:2018-10-10\n📝 Original message:\nHi all!\n\n        We've had increasing numbers of c-lightning users get upset they\ncan't open multiple channels, so I guess we're most motivated to allow\nsplicing of existing channels.  Hence this rough proposal.\n\nFor simplicity, I've chosen to only allow a single splice at a time.\nIt's still complex :(\n\nFeedback welcome!\n--\nSplice Negotiation:\n\n1. type: 40 (`splice_add_input`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`8`: `satoshis`]\n   * [`32`: `prevtxid`]\n   * [`4`: `prevtxoutnum`]\n   * [`2`: `scriptlen`]\n   * [`scriptlen`: `scriptpubkey`]\n\n1. type: 41 (`splice_add_output`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`8`: `satoshis`]\n   * [`2`: `scriptlen`]\n   * [`scriptlen`: `outscript`]\n\n1. type: 42 (`splice_all_added`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`4`:`feerate_per_kw`]\n   * [`4`:`minimum_depth`]\n\nEach side sends 0 or more `splice_add_input` and 0 or more\n`splice_add_output` followed by `spice_all_added` to complete the splice\nproposal.  This is done either to initiate a splice, or to respond to a\n`splice_*` from the other party.\n\n`splice_add_input` is checked for the following:\n- must not be during a current splice\n- scriptpubkey is empty, or of form 'HASH160 \u003c20-byte-script-hash\u003e EQUAL'\n- `satoshis` doesn't wrap on addition.\n- MAY check that it matches outpoint specified (sig will simply be\n  invalid if so), and that outpoint is segwit.\n\n`splice_add_output` is checked for the following:\n- must not be during a current splice\n- `satoshis` is less than or equal to amount owing to proposer, minus\n  current reserve, and greater than or equal to `dust_limit_satoshis` we\n  sent in our open_channel/accept_channel ,sg.\n- script is one of the approved forms as it is for `shutdown`.\n\nFIXME: Do we disallow splice-out if they specified\n       option_upfront_shutdown_script?\n\n`splice_all_added` is checked for the following:\n- average of `feerate_per_kw` by both sides (round down) is sufficient.\n- average of `feerate_per_kw` by both sides not grossly excessive, if we're\n  paying some of the fees (see below!)\n- both sides can afford the fees from their post-splice funds (see\n  Verification Changes below)\n- maximum of the two `minimum_depth` is not grossly excessive.\n- There is at least one splice_add_input or splice_add_output.\n\nSplice negotiation, like closing negotiation, does not have persistent\nstate.  Reconnecting forgets previous negotiation.\n\n\nSplice Signing\n--------------\n\nOnce `splice_all_added` is both sent and received, we need to create and\nsign both the splice tx itself, and the first commitment transaction\nwhich spends it (but not in that order!).\n\n1. One input spends the current funding tx output.\n2. There is one additional input for each splice_add_input.\n3. One output creates the new funding tx.\n4. There is one additional output for each splice_add_output.\n5. The entire transaction is sorted into BIP69 order.\n6. The feerate is the sum of the two `feerate_per_kw` divided by 2,\n   rounded down.\n\n1. type: 43 (`splice_commitment_signature`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`64`:`commitment_signature`]\n   * [`2`:`num_htlcs`]\n   * [`num_htlcs*64`:`htlc_signature`]\n\n1. type: 44 (`splice_signature`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`64`:`splice_signature`]\n\n1. type: 45 (`splice_witness`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`2`: `num_witness_elements`\n   * [`2`:`len`]\n   * [`len`:`witnesses`]\n\n`witnesses` itself is serialized as `num_witness_elements` of:\n* `2`:`len`\n* `len`: `witness_element`\n\nEach side sends `splice_commitment_signature` and waits to receive and\nverify the other side's `splice_commitment_signature` before sending\n`splice_signature` and `splice_witness` for each `splice_add_input` it\nproposed, in BIP69 input order.\n\nOnce a node has sent `splice_commitment_signature` it should remember\nthe splice proposal across reconnects.  Once it has both sent\n`splice_signature`, the splice is locked in.\n\n\nSplice Announcement\n-------------------\n\nWe have to tell the network about the new channel, otherwise there will\nbe a distruption when it sees the old funding transaction spent.  This\nis inevitable for older nodes who won't understand splicing anyway.\n\nWe can't send out a `channel_announcement` or `channel_update` for the\nnew channel until after the new funding transaction has 6 confirmations,\nso we append to the existing `channel_update` for the original channel,\nusing a new `message_flags` field:\n\n| Bit Position  | Name                      | Field                            |\n| ------------- | ------------------------- | -------------------------------- |\n| 0             | `option_channel_htlc_max` | `htlc_maximum_msat`              |\n| 1             | `option_channel_moving`   | `moving_txid                     |\n\nThe `channel_update` gains the following field:\n    * [`32`: moving_txid`] (option_channel_moving)\n\nIf a current `channel_update` for a closing channel contains\n`option_channel_moving` a node SHOULD ignore the channel close for at\nleast 100 blocks iff spent by `moving_txid`.\n\nA node SHOULD immediately forward a `channel_update` it sees containing\n`option_channel_moving` if neither previous `channel_update` for the\nchannel contains `option_channel_moving`.\n\nEach side of the splice can send these unilaterally, and SHOULD allow a\nfew minutes for propagation (remember, average propagation from old\nnodes is still 30 seconds) prior to broadcast of the splice transaction.\n\n\nMessage Changes During Splicing\n-------------------------------\nOnce you've sent `splice_commitment_signature` each commitment\ntransaction is duplicated: one spends the old funding transaction, one\nspends the splice transaction:\n\n1. type: 39 (`closing_signed`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`8`:`fee_satoshis`]\n   * [`64`:`signature`]\n   * [`64`:`splice_signature`] (`option_splice`)\n\n1. type: 132 (`commitment_signed`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`64`:`signature`]\n   * [`2`:`num_htlcs`]\n   * [`num_htlcs*64`:`htlc_signature`]\n   * [`num_htlcs*64`:`htlc_splice_signature`] (`option_splice`)\n\nIf a reconnection occurs between between sending and receiving\n`splice_commitment_signature`) the peer's status is uncertain (similarly\nfor closing).  This we have a new field in `channel_reestablish` to flag\nthat we consider ourselves to be splicing:\n\n1. type: 136 (`channel_reestablish`)\n2. data:\n   * [`32`:`channel_id`]\n   * [`8`:`next_local_commitment_number`]\n   * [`8`:`next_remote_revocation_number`]\n   * [`32`:`your_last_per_commitment_secret`] (`option_data_loss_protect`)\n   * [`33`:`my_current_per_commitment_point`] (`option_data_loss_protect`)\n   * [`32`:`splice_txid`] (`option_splice`)\n\nThe splice_txid field indicates that this side considers itself to be\nsplicing.\n\nThe sender:\n- if it has sent `splice_commitment_signature` and not sent the corresponding\n  `splice_closed`, MUST set `splice_txid` to the txid of the splice tx.\n   - Otherwise MUST NOT.\n\nThe recipient:\n- if it has sent `splice_commitment_signature` and not sent the corresponding\n  `splice_closed`:\n  - if `splice_txid` does not exist or does not match the current splice:\n    - SHOULD fail the channel\n  - otherwise:\n    - MUST retransmit `splice_signature`\n- otherwise:\n  - if `splice_txid` field exists and is not all zeroes:\n    - MUST send `splice_closed`\n\n\nValidation Changes During Splicing\n----------------------------------\nWe track \"post-splice\" values as well as current values during\nsplicing.\n\nThe post-splice reserve is 1% of post-splice capcacity (rounded down).\n\nThe fees for the splicing transaction itself are divided into parts by\nthe number of `splice_add_input` plus `splice_add_output`, rounded up.\nEach side pays as many parts as it proposed `splice_add_input` plus\n`splice_add_output`.\n\n(So if Alice proposes two and Bob proposes one, and the total fee is 1000\nsatoshi, each part is 334 satoshi: Alice pays 668 and Bob pays 334.)\n\nEach side's post-splice funds are debited their `splice_add_output`\namounts, and credited their `splice_add_input` amounts, a debited the\nsplice tx fees.  If any debiting occurs, the funds must be above the\npost-splice reserve (ie. you can have below reserve, but you can't spend\nif you're below reserve).\n\nAll update_add_htlc must be valid for the *both* the current and\npost-splice balances.\n\nCompleting Splicing\n-------------------\nOnce you've seen both side's `minimum_depth` confirmations of the splice\ntransaction (ie. the maximum of the two `minimum_depth` values), you can\ncomplete the splice by sending:\n\n1. type: 46 (`splice_closed`) (`option_splice`)\n2. data:\n   * [`32`:`channel_id`]\n\nOnce you've sent and received `splice_closed` you can send\n`announcement_signatures` for the new channel as per normal rules (ie. 6\nconfirmations, `announce_channel` bit set).\n\nIn addition, you can forget everything about the old channel (including\nold HTLCs and revocation requirements)."}