- bdk to 0.22.0 #1126
- ecdsa_fun to 7c3d592 #1127
- sigma_fun to 7c3d592 #1128
- sha2 to 0.10.2 #948
- serde to 1.0.144 #1115
- bitcoin-harness to bff9a64
Revert "ci: specify previous dprint version until fixed"
This reverts commit 11eb1737ce.
934: Don't wait for refund transaction to receive confirmations r=binarybaron a=binarybaron
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
Closes https://github.com/comit-network/xmr-btc-swap/issues/903
Co-authored-by: binarybaron <86064887+binarybaron@users.noreply.github.com>
Don't wait for refund transaction to receive confirmations to mitigate a scenario where the swap is stuck in `BtcCancelled` because it's not resumable.
This solves issues where the CLI went offline after sending the BTC transaction, and the monero wallet restore blockheight being recorded after Alice locked the Monero, resulting in the generated XMR redeem wallet not detecting the transaction and reporting `No unlocked balance in the specified account`.
We do not have a way to enable tracing through a command line
argument so it did not make sense to have these messages set to
trace. Ideally a trace flag should be added but it is not that
straightforward with structopt. We could add a --log-level arg
that allows you select a log level but this is verbose.
The "swap started" message was being too early, before the ASB had
confirmed they could perform the swap. This was leading to a confusing
scenario where the UI incorrectly indicated to the user that the swap
had started. Users were trying to resume or refund the swaps but there
was no swap id in the db. Moving this message after the swap setup
should resolve this problem. Closes#756, #729, #560.
Bob was timing out if the encrypted signature could not be sent in 60
seconds. This behaviour is unnecessary because we are racing against
the cancel timelock anyway. By timing out before this, we remove the
opportunity for bob and alice to re-establish a connection.
1. Clearly separate the log messages from any fields that are
captured. The log message itself should be meaningful because it
depends on the underlying formatter, how/if the fields are displayed.
2. Some log messages had very little context, expand that.
3. Wording of errors was inconsistent, hopefully all errors should
now start with `Failed to ...`.
4. Some log messages were duplicated across multiple layers (like opening
the database).
5. Some log messages were split into two where one part is now an `error!`
and the 2nd part is an `info!` on what is happening next.
6. Where appropriate, punctuation has been removed to not interrupt
the reader's flow.
Log statements end up getting changed constantly and having to clean
up imports after that is annoying, for example, if the last `info!`
in a file disappears, you end up with an unused import warning.
Fully qualifying tracing's macros prevents that and also communicates
clearly that we are using tracing and not log.
Some network and application specific code does not belong in the protocol module and was moved.
Eventloop, recovery and the outside behaviour were moved to the respective application module because they are application specific.
The `swap_setup` was moved into the network module because upon change both sides will have to be changed and should thus stay close together.
Having `spot_price` and `execution_setup` as separate protocols did not bring any advantages, but was problematic because we had to ensure that `execution_setup` would be triggered after `spot_price`. Because of this dependency it is better to combine the protocols into one.
Combining the protocols also allows a refactoring to get rid of the `libp2p-async-await` dependency.
Alice always listens for the `swap_setup` protocol. When Bob opens a substream on that protocol the spot price is communicated, and then all execution setup messages (swap-id and signature exchange).
Includes a new state that is used to await BTC lock tx finality. Upon starting the swap we initially only wait for the BTC lock tx to be seen in the mempool.
This is guarded by a short timeout (3 mins), because it is assumed that in the current setup (sport_price + execution_setup only triggered upon funds being available already) the lock transaction should be picked up almost instanly after the execution setup succeeded.
Similar to the CLI the ASB has to ensure that the execution_setup is executed within a certain time.
Without a timeout the price (returned by `spot_price` would be guaranteed with the CLI indefinitely.
It seems the current chosen channel timeouts are still not optimal.
I ran into issues with swapping over Tor and traced them down to the CLI timeout of the bmrng channel.
It appears that the ASB was not running as quick as the CLI, which caused a timeout on the CLI side (in addition to the delay when sending messages over Tor).
Only `execution_setup` caused the problem so far, but I would recommend changing all the channel timeouts to one minute to avoid this problem.
Adds the ping behaviour to both ASB and CLI behaviour that periodically pings a connected party to ensure that the underlying network connection is still alive.
This fixes problems with long-running connections that become dead without a connection closure being reported back to the swarm.
This improves the error handling on the ASB.
Once the Bitcoin redeem transaction is seen in mempool, the state machine cannot transition to a cancel scenario anymore because at that point the CLI will have redeemed the Monero.
The additional state then waits for transaction finality.
Introduces a minimum buy Bitcoin amount similar to the maximum amount already present.
For the CLI the minimum amount is enforced by waiting until at least the minimum is available as max-giveable amount.
Adds `cancel`, `refund`, `punish`, `redeem` and `safely-abort` commands to the ASB that can be used to trigger the specific scenario for the swap by ID.
In the production code it is a weird indirection that we load the state and then pass in the state and the database.
In the tests we have one additional load by doing it inside the command, but loading from the db is not expensive.
Each test spawns swarm for Alice and Bob that only contains the spot_price behaviours and uses a memory transport.
Tests cover happy path (i.e. expected price is returned) and error scenarios.
Implementation of `TestRate` on `LatestRate` allows testing rate fetch error and quote calculation error behaviour.
Thanks to @thomaseizinger for ramping up the test framework for comit-rs in the past!
Instead of handling all errors on the inside spot_price errors are bubbled up (as `SwapRequestDeclined`).
This allows us to test both Alice's and Bob's behaviour for all scenarios.
What goes over the wire should not be coupled to the errors being printed.
For the CLI and ASB we introduce a separate error enum that is used for logging.
When sending over the wire the errors are mapped to and from the `network::spot_price::Error`.
As part of Bob-specific spot_price code was moved from the network into bob.
Clearly separation of the network API from bob/alice.
Move Alice's spot price logic into a dedicated network behaviour that handles all the logic.
The new behaviour encapsulates the complete state necessary for spot price request decision making.
The network behaviour cannot handle asynchronous calls, thus the balance is managed inside the spot price and has to updated regularly from the outside to ensure the spot price balance check has up to date data.
At the moment the balance is updated upon an incoming quote requests.
Code that is relevant for both ASB and CLI remains in the `network::spot_price` module (e.g. `network::spot_price::Error`).
When a CLI requests a spot price have some errors that are expected, where we can provide a proper error message for the CLI:
- Balance of ASB too low
- Buy amount sent by CLI exceeds maximum buy amount accepted by ASB
- ASB is running in maintenance mode and does not accept incoming swap requests
All of these errors returns a proper error to the CLI and prints a warning in the ASB logs.
Any other unexpected error will result in closing the channel with the CLI and printing an error in the ASB logs.