|
11 | 11 | //! |
12 | 12 | //! [`Event`]: crate::events::Event |
13 | 13 |
|
| 14 | +//! LDK offers the ability to its users to open Lightning [anchor outputs](https://bitcoinops.org/en/topics/anchor-outputs/) |
| 15 | +//! channels (`option_anchors_zero_fee_htlc_tx`) with its counterparties. |
| 16 | +//! |
| 17 | +//! Under the Lightning security model, confirmation of commitment and second-stage HTLC transactions |
| 18 | +//! (BOLT3's `HTLC-timeout` and `HTLC-preimage` and the corresponding spends on counterparty commitment |
| 19 | +//! transaction) must be realized in a time-sensitive manner if there are pending HTLCs. Lack of chain |
| 20 | +//! confirmation before HTLC expiration timelocks can constitute a loss of funds, as the counterparty can |
| 21 | +//! claim the HTLC output with a [competing transaction](https://bitcoinops.org/en/blog/waiting-for-confirmation/#policy-as-an-interface). |
| 22 | +//! |
| 23 | +//! Failure of confirmation might be provoked by blockspace demand spikes provoked by unrelated Bitcoin on-chain |
| 24 | +//! transaction issuers. Anchor output enables to remedy to this issue by allowing a Lightning node to dynamically |
| 25 | +//! adjust the feerate of its commitment and second-stage HTLC transactions in an unilateral way. |
| 26 | +//! |
| 27 | +//! However, anchor output channels are requiring from the user the provision and maintenance of fee-bumping |
| 28 | +//! reserves to attach feerate increase to the commitment (via a Child-Pay-For-Parent) or the second-stage HTLC |
| 29 | +//! transactions (via `SIGHASH_SINGLE | SIGHASH_ANYONECANPAY`). Those fee-bumping reserves should be a collection |
| 30 | +//! of UTXOs, of which the state and signing capabilites should be maintained on a "hot" host. A "hot" host is a |
| 31 | +//! computing machine with 24/7 Internet connectivity as fee-bumping UTXOs might need to be signed as soon there is |
| 32 | +//! a pending HTLC. A LDK user can implement management of fee-bumping reserves through the `CoinSelectionSource` |
| 33 | +//! and `WalletSource` traits. |
| 34 | +//! |
| 35 | +//! The total value of the collection of the UTXOs maintained must be high enough to pay for channel transactions |
| 36 | +//! weight at high-level of network mempools feerates. |
| 37 | +//! |
| 38 | +//! A _predictive_ worst-case `feerate_per_kw` based on historical network mempools traffic must be selected. |
| 39 | +//! Predictive worst-case must be understood as the worst-historical network mempools feerate with an additional |
| 40 | +//! safety margin. A factor of 2 is a conservative estimation. |
| 41 | +//! |
| 42 | +//! The number of opened anchor outputs channels must be selected, i.e `current_opened_channels`. As of 0.0.116 |
| 43 | +//! release, LDK does not have a max number of opened channels enforced by default. |
| 44 | +//! |
| 45 | +//! The maximum number of HTLC outputs per-commitment transaction on both directions must be selected, i.e |
| 46 | +//! `max_htlc_allsides`. As of 0.0.116 release, LDK has a BOLT3's `max_accepted_htlcs` of 50 (`DEFAULT_MAX_HTLCS`) |
| 47 | +//! and the value can be adjusted with the config setting `our_max_accepted_htlcs`. There is no LDK mechanism to |
| 48 | +//! limit the number of forward HTLCs (i.e offered HTLC outputs on a commitment transaction). As such `max_htlc_allsides` |
| 49 | +//! is `our_max_accepted_htlcs` + `483` (BOLT3 maximum for outgoing HTLCs). |
| 50 | +//! |
| 51 | +//! Each channel included in the `current_opened_channels` set has a combined transaction weight surface computed in |
| 52 | +//! the following (according to [BOLT3 annex](https://github.com/lightning/bolts/blob/master/03-transactions.md#appendix-a-expected-weights): |
| 53 | +//! - `a`: 900 WU for the base commitment fields with the 4 outputs (`output_paying_to_remote`, `output_paying_to_local`, `output_anchor`, `output_anchor`) present |
| 54 | +//! - `b`: 172 WU * `max_htlc_allsides` |
| 55 | +//! - `c`: 666 WU * `our_max_accepted_htlcs` |
| 56 | +//! - `d`: 706 WU * 483 |
| 57 | +//! |
| 58 | +//! If the Lightning node does not accept HTLC routing (i.e incoming HTLCs), the compomnent `c` can be assigned a 0 value. |
| 59 | +//! |
| 60 | +//! The sum of `a` + `b` + `c` + `d` is called `max_channel_weight_surface`, a worst-case estimation of the transaction |
| 61 | +//! weight surface to fee-bump. |
| 62 | +//! |
| 63 | +//! To obtain the amount in satoshis that must be maintained as fee-bumping reserves, the following equation can be resolved: |
| 64 | +//! |
| 65 | +//! `current_opened_channel` * `max_channel_weight_surface` * `worst_case_feerate_per_kw` / 1000 |
| 66 | +//! |
| 67 | +//! The `worst_case_feerate_per_kw` is a conservative estimation of the level of fee-bumping reserves that must be |
| 68 | +//! maintained. A Lightning node operator may ponder this level of reserves with its subjective timevalue cost of the |
| 69 | +//! immobilized satoshis capital. |
| 70 | +//! |
| 71 | +//! Those fee-bumping reserves recommendations do not assume Taproot channel type usage, where the weight of the channel |
| 72 | +//! transactions weight are modified due to P2TR scriptpubkeys and corresponding witness spends. |
| 73 | +
|
14 | 74 | use alloc::collections::BTreeMap; |
15 | 75 | use core::ops::Deref; |
16 | 76 |
|
|
0 commit comments