-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
boltz: Validate initial claim destination address #246
base: master
Are you sure you want to change the base?
boltz: Validate initial claim destination address #246
Conversation
After a bit more research on the code and my DB state, I see there is a more robust system around
So... perhaps there is also an issue with address generation prior to the validation crash, as well. |
Changed the query to exclude loading empty addresses from the address cache. An additional idea might be to run a quick SQL query to clean up the address cache on plugin startup by deleting records with empty address fields. Need to revisit whether the initial validation changes are still appropriate. |
1cf7746
to
58f96fc
Compare
Added an additional sanity check to not insert blank addresses from failed swaps into the address cache. |
fba0bc3
to
b267ef8
Compare
Also added an SQL query run when the Haven't tested this PR yet, as I only have a prod node right now, but taking this PR out of draft to solicit initial feedback. |
Chris Guida recommends checking whether CLBOSS needs any P2TR support. |
@ksedgwic I don't think that's the cause here as clboss is calling But yes, generally it it probably good for us to make sure clboss is cool with taproot addresses. |
I just tested the
So... I think this is caused mainly by corruption of empty addresses getting into the I believe this PR has merit as-is and plan to try and test run this on my own node eventually, but will wait a few days for others to inspect their nodes' cache tables. Or maybe I will spin up a testnet Raspiblitz as @chrisguida suggested, if I can find the time. |
b267ef8
to
daa6469
Compare
I've been running this PR branch on my |
@ksedgwic In an effort to understand the root cause of this issue more completely, and hopefully assist in your review, here is an outline of code locations for consideration:
The implementation is using concurrency and the event driven model, which is cool, but makes it challenging for me to trace the issue mentally. It feels like there is a race condition. If two swaps kick off at the exact same time, and one fails prior to getting an address assigned (by the concurrent process), it populates the address cache table with an empty row, and this empty value gets reused in subsequent swap address assignments, hanging up future swaps. Not 100% sure this is the whole story, but hopefully on the right track and helps point you in the right direction to understand. I was thinking to try and add some additional logging and a stacktrace when we detect an empty address is inserted into the cache table, but for now, I'm convinced that preventing that from happening is a comprehensive fix. cc @chrisguida |
daa6469
to
48a6ec2
Compare
Rebased against |
Tries to prevent the following error in the logs:
In my case, the database table
BoltzServiceFactory_rsub
has four entries, all of which contain empty strings for thedestinationAddress
field. These blank fields are predictably un-parsable as Bitcoin addresses.Without the validation, the empty addresses get passed in to building an initial claim tx here and an error is thrown here.
I have next to 0 experience with
clboss
code and am no C++ expert by any means. Submitting this as a PoC / draft PR for a quick glance and if it's on the right track, I'll attempt to finish the address parsing validation.