commit_tx & htlc_tx: use amount_sat/amount_msat.

Signed-off-by: Rusty Russell <[email protected]>

Author: rustyrussell

channeld/commit_tx.c

@@ -12,10 +12,11 @@
 #endif
 
 static bool trim(const struct htlc *htlc,
-		 u32 feerate_per_kw, u64 dust_limit_satoshis,
+		 u32 feerate_per_kw,
+		 struct amount_sat dust_limit,
 		 enum side side)
 {
-	u64 htlc_fee;
+	struct amount_sat htlc_fee, htlc_min;
 
 	/* BOLT #3:
 	 *
@@ -41,17 +42,21 @@ static bool trim(const struct htlc *htlc,
 	else
 		htlc_fee = htlc_success_fee(feerate_per_kw);
 
-	return htlc->msatoshi / 1000 < dust_limit_satoshis + htlc_fee;
+	/* If these overflow, it implies htlc must be less. */
+	if (!amount_sat_add(&htlc_min, dust_limit, htlc_fee))
+		return true;
+	return htlc->msatoshi / 1000 < htlc_min.satoshis;
 }
 
 size_t commit_tx_num_untrimmed(const struct htlc **htlcs,
-			       u32 feerate_per_kw, u64 dust_limit_satoshis,
+			       u32 feerate_per_kw,
+			       struct amount_sat dust_limit,
 			       enum side side)
 {
 	size_t i, n;
 
 	for (i = n = 0; i < tal_count(htlcs); i++)
-		n += !trim(htlcs[i], feerate_per_kw, dust_limit_satoshis, side);
+		n += !trim(htlcs[i], feerate_per_kw, dust_limit, side);
 
 	return n;
 }
@@ -91,25 +96,28 @@ static void add_received_htlc_out(struct bitcoin_tx *tx, size_t n,
 struct bitcoin_tx *commit_tx(const tal_t *ctx,
 			     const struct bitcoin_txid *funding_txid,
 			     unsigned int funding_txout,
-			     u64 funding_satoshis,
+			     struct amount_sat funding,
 			     enum side funder,
 			     u16 to_self_delay,
 			     const struct keyset *keyset,
 			     u32 feerate_per_kw,
-			     u64 dust_limit_satoshis,
-			     u64 self_pay_msat,
-			     u64 other_pay_msat,
+			     struct amount_sat dust_limit,
+			     struct amount_msat self_pay,
+			     struct amount_msat other_pay,
 			     const struct htlc **htlcs,
 			     const struct htlc ***htlcmap,
 			     u64 obscured_commitment_number,
 			     enum side side)
 {
 	struct amount_sat base_fee;
+	struct amount_msat total_pay;
 	struct bitcoin_tx *tx;
 	size_t i, n, untrimmed;
 	u32 *cltvs;
 
-	assert(self_pay_msat + other_pay_msat <= funding_satoshis * 1000);
+	if (!amount_msat_add(&total_pay, self_pay, other_pay))
+		abort();
+	assert(!amount_msat_greater_sat(total_pay, funding));
 
 	/* BOLT #3:
 	 *
@@ -118,7 +126,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	 */
 	untrimmed = commit_tx_num_untrimmed(htlcs,
 					    feerate_per_kw,
-					    dust_limit_satoshis, side);
+					    dust_limit, side);
 
 	/* BOLT #3:
 	 *
@@ -135,28 +143,22 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	 * 3. Subtract this base fee from the funder (either `to_local` or
 	 * `to_remote`), with a floor of 0 (see [Fee Payment](#fee-payment)).
 	 */
-	struct amount_msat self_pay, other_pay;
-	self_pay.millisatoshis = self_pay_msat;
-	other_pay.millisatoshis = other_pay_msat;
-
 	try_subtract_fee(funder, side, base_fee, &self_pay, &other_pay);
-	self_pay_msat = self_pay.millisatoshis;
-	other_pay_msat = other_pay.millisatoshis;
 
 #ifdef PRINT_ACTUAL_FEE
 	{
 		u64 satoshis_out = 0;
 		for (i = 0; i < tal_count(htlcs); i++) {
-			if (!trim(htlcs[i], feerate_per_kw, dust_limit_satoshis,
+			if (!trim(htlcs[i], feerate_per_kw, dust_limit,
 				  side))
 				satoshis_out += htlcs[i]->msatoshi / 1000;
 		}
-		if (self_pay_msat / 1000 >= dust_limit_satoshis)
-			satoshis_out += self_pay_msat / 1000;
-		if (other_pay_msat / 1000 >= dust_limit_satoshis)
-			satoshis_out += other_pay_msat / 1000;
+		if (amount_msat_greater_sat(self_pay, dust_limit))
+			satoshis_out += self_pay.millisatoshis / 1000;
+		if (amount_msat_greater_sat(other_pay, dust_limit))
+			satoshis_out += other_pay.millisatoshis / 1000;
 		SUPERVERBOSE("# actual commitment transaction fee = %"PRIu64"\n",
-			     funding_satoshis - satoshis_out);
+			     funding.satoshis - satoshis_out);
 	}
 #endif
 
@@ -182,7 +184,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	for (i = 0; i < tal_count(htlcs); i++) {
 		if (htlc_owner(htlcs[i]) != side)
 			continue;
-		if (trim(htlcs[i], feerate_per_kw, dust_limit_satoshis, side))
+		if (trim(htlcs[i], feerate_per_kw, dust_limit, side))
 			continue;
 		add_offered_htlc_out(tx, n, htlcs[i], keyset);
 		(*htlcmap)[n] = htlcs[i];
@@ -198,7 +200,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	for (i = 0; i < tal_count(htlcs); i++) {
 		if (htlc_owner(htlcs[i]) == side)
 			continue;
-		if (trim(htlcs[i], feerate_per_kw, dust_limit_satoshis, side))
+		if (trim(htlcs[i], feerate_per_kw, dust_limit, side))
 			continue;
 		add_received_htlc_out(tx, n, htlcs[i], keyset);
 		(*htlcmap)[n] = htlcs[i];
@@ -212,9 +214,9 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	 *    `dust_limit_satoshis`, add a [`to_local`
 	 *    output](#to_local-output).
 	 */
-	if (self_pay_msat / 1000 >= dust_limit_satoshis) {
+	if (amount_msat_greater_eq_sat(self_pay, dust_limit)) {
 		u8 *wscript = to_self_wscript(tmpctx, to_self_delay,keyset);
-		tx->output[n].amount = self_pay_msat / 1000;
+		tx->output[n].amount = self_pay.millisatoshis / 1000;
 		tx->output[n].script = scriptpubkey_p2wsh(tx, wscript);
 		(*htlcmap)[n] = NULL;
 		/* We don't assign cltvs[n]: if we use it, order doesn't matter.
@@ -231,15 +233,15 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 	 *    `dust_limit_satoshis`, add a [`to_remote`
 	 *    output](#to_remote-output).
 	 */
-	if (other_pay_msat / 1000 >= dust_limit_satoshis) {
+	if (amount_msat_greater_eq_sat(other_pay, dust_limit)) {
 		/* BOLT #3:
 		 *
 		 * #### `to_remote` Output
 		 *
 		 * This output sends funds to the other peer and thus is a simple
 		 * P2WPKH to `remotepubkey`.
 		 */
-		tx->output[n].amount = other_pay_msat / 1000;
+		tx->output[n].amount = other_pay.millisatoshis / 1000;
 		tx->output[n].script = scriptpubkey_p2wpkh(tx,
 						   &keyset->other_payment_key);
 		(*htlcmap)[n] = NULL;
@@ -295,7 +297,7 @@ struct bitcoin_tx *commit_tx(const tal_t *ctx,
 		= (0x80000000 | ((obscured_commitment_number>>24) & 0xFFFFFF));
 
 	/* Input amount needed for signature code. */
-	tx->input[0].amount = tal_dup(tx->input, u64, &funding_satoshis);
+	tx->input[0].amount = tal_dup(tx->input, u64, &funding.satoshis);
 
 	return tx;
 }

channeld/commit_tx.h

@@ -12,26 +12,27 @@ struct keyset;
  * commit_tx_num_untrimmed: how many of these htlc outputs will commit tx have?
  * @htlcs: tal_arr of HTLCs
  * @feerate_per_kw: feerate to use
- * @dust_limit_satoshis: dust limit below which to trim outputs.
+ * @dust_limit: dust limit below which to trim outputs.
  * @side: from which side's point of view
  *
  * We need @side because HTLC fees are different for offered and
  * received HTLCs.
  */
 size_t commit_tx_num_untrimmed(const struct htlc **htlcs,
-			       u32 feerate_per_kw, u64 dust_limit_satoshis,
+			       u32 feerate_per_kw,
+			       struct amount_sat dust_limit,
 			       enum side side);
 
 /**
  * commit_tx: create (unsigned) commitment tx to spend the funding tx output
  * @ctx: context to allocate transaction and @htlc_map from.
- * @funding_txid, @funding_out, @funding_satoshis: funding outpoint.
+ * @funding_txid, @funding_out, @funding: funding outpoint.
  * @funder: is the LOCAL or REMOTE paying the fee?
  * @keyset: keys derived for this commit tx.
  * @feerate_per_kw: feerate to use
- * @dust_limit_satoshis: dust limit below which to trim outputs.
- * @self_pay_msat: amount to pay directly to self
- * @other_pay_msat: amount to pay directly to the other side
+ * @dust_limit: dust limit below which to trim outputs.
+ * @self_pay: amount to pay directly to self
+ * @other_pay: amount to pay directly to the other side
  * @htlcs: tal_arr of htlcs committed by transaction (some may be trimmed)
  * @htlc_map: outputed map of outnum->HTLC (NULL for direct outputs).
  * @obscured_commitment_number: number to encode in commitment transaction
@@ -44,14 +45,14 @@ size_t commit_tx_num_untrimmed(const struct htlc **htlcs,
 struct bitcoin_tx *commit_tx(const tal_t *ctx,
 			     const struct bitcoin_txid *funding_txid,
 			     unsigned int funding_txout,
-			     u64 funding_satoshis,
+			     struct amount_sat funding,
 			     enum side funder,
 			     u16 to_self_delay,
 			     const struct keyset *keyset,
 			     u32 feerate_per_kw,
-			     u64 dust_limit_satoshis,
-			     u64 self_pay_msat,
-			     u64 other_pay_msat,
+			     struct amount_sat dust_limit,
+			     struct amount_msat self_pay,
+			     struct amount_msat other_pay,
 			     const struct htlc **htlcs,
 			     const struct htlc ***htlcmap,
 			     u64 obscured_commitment_number,

channeld/full_channel.c

@@ -211,13 +211,15 @@ static void add_htlcs(struct bitcoin_tx ***txs,
 		const struct htlc *htlc = htlcmap[i];
 		struct bitcoin_tx *tx;
 		u8 *wscript;
+		struct amount_msat htlc_amount;
 
 		if (!htlc)
 			continue;
 
+		htlc_amount.millisatoshis = htlc->msatoshi;
 		if (htlc_owner(htlc) == side) {
 			tx = htlc_timeout_tx(*txs, &txid, i,
-					     htlc->msatoshi,
+					     htlc_amount,
 					     htlc->expiry.locktime,
 					     channel->config[!side].to_self_delay,
 					     feerate_per_kw,
@@ -229,7 +231,7 @@ static void add_htlcs(struct bitcoin_tx ***txs,
 						     &keyset->self_revocation_key);
 		} else {
 			tx = htlc_success_tx(*txs, &txid, i,
-					     htlc->msatoshi,
+					     htlc_amount,
 					     channel->config[!side].to_self_delay,
 					     feerate_per_kw,
 					     keyset);
@@ -274,14 +276,14 @@ struct bitcoin_tx **channel_txs(const tal_t *ctx,
 	txs = tal_arr(ctx, struct bitcoin_tx *, 1);
 	txs[0] = commit_tx(ctx, &channel->funding_txid,
 		       channel->funding_txout,
-		       channel->funding.satoshis,
+		       channel->funding,
 		       channel->funder,
 		       channel->config[!side].to_self_delay,
 		       &keyset,
 		       channel->view[side].feerate_per_kw,
-		       channel->config[side].dust_limit.satoshis,
-		       channel->view[side].owed[side].millisatoshis,
-		       channel->view[side].owed[!side].millisatoshis,
+		       channel->config[side].dust_limit,
+		       channel->view[side].owed[side],
+		       channel->view[side].owed[!side],
 		       committed,
 		       htlcmap,
 		       commitment_number ^ channel->commitment_number_obscurer,
@@ -438,14 +440,14 @@ static enum channel_add_err add_htlc(struct channel *channel,
 	 */
 	if (channel->funder == htlc_owner(htlc)) {
 		u32 feerate = view->feerate_per_kw;
-		u64 dust = channel->config[recipient].dust_limit.satoshis;
+		struct amount_sat dust_limit = channel->config[recipient].dust_limit;
 		size_t untrimmed;
 
-		untrimmed = commit_tx_num_untrimmed(committed, feerate, dust,
+		untrimmed = commit_tx_num_untrimmed(committed, feerate, dust_limit,
 						    recipient)
-			+ commit_tx_num_untrimmed(adding, feerate, dust,
+			+ commit_tx_num_untrimmed(adding, feerate, dust_limit,
 						  recipient)
-			- commit_tx_num_untrimmed(removing, feerate, dust,
+			- commit_tx_num_untrimmed(removing, feerate, dust_limit,
 						  recipient);
 
 		fee = commit_tx_base_fee(feerate, untrimmed);
@@ -793,17 +795,17 @@ u32 approx_max_feerate(const struct channel *channel)
 bool can_funder_afford_feerate(const struct channel *channel, u32 feerate_per_kw)
 {
 	struct amount_sat needed, fee;
-	u64 dust = channel->config[!channel->funder].dust_limit.satoshis;
+	struct amount_sat dust_limit = channel->config[!channel->funder].dust_limit;
 	size_t untrimmed;
 	const struct htlc **committed, **adding, **removing;
 	gather_htlcs(tmpctx, channel, !channel->funder,
 		     &committed, &removing, &adding);
 
-	untrimmed = commit_tx_num_untrimmed(committed, feerate_per_kw, dust,
+	untrimmed = commit_tx_num_untrimmed(committed, feerate_per_kw, dust_limit,
 					    !channel->funder)
-			+ commit_tx_num_untrimmed(adding, feerate_per_kw, dust,
+			+ commit_tx_num_untrimmed(adding, feerate_per_kw, dust_limit,
 						  !channel->funder)
-			- commit_tx_num_untrimmed(removing, feerate_per_kw, dust,
+			- commit_tx_num_untrimmed(removing, feerate_per_kw, dust_limit,
 						  !channel->funder);
 
 	fee = commit_tx_base_fee(feerate_per_kw, untrimmed);