lnwallet: in NewChannelReservation ensure commit fees are payable

In this commit, we fix a bug introduced by the recent change of lnwire.MilliSatoshi to be an unsigned integer. After this change an integer underflow was left undetected, as a result we’ll now momentarily cast to a signed integer in order to ensure that both sides can pay the proper fee.
2018-02-24 19:11:14 -08:00 · 2018-02-24 19:11:14 -08:00 · 8425a35684
parent 5ecef17e0f
commit 8425a35684
1 changed files with 18 additions and 0 deletions
--- a/lnwallet/reservation.go
+++ b/lnwallet/reservation.go
@ -157,6 +157,15 @@ func NewChannelReservation(capacity, fundingAmt btcutil.Amount,
 		ourBalance = pushMSat
 		theirBalance = capacityMSat - feeMSat - pushMSat
 		initiator = false
+
+		// If the responder doesn't have enough funds to actually pay
+		// the fees, then we'll bail our early.
+		if int64(theirBalance) < 0 {
+			return nil, ErrFunderBalanceDust(
+				int64(commitFee), int64(theirBalance.ToSatoshis()),
+				int64(2*DefaultDustLimit()),
+			)
+		}
 	} else {
 		// TODO(roasbeef): need to rework fee structure in general and
 		// also when we "unlock" dual funder within the daemon
@ -177,6 +186,15 @@ func NewChannelReservation(capacity, fundingAmt btcutil.Amount,
 		}

 		initiator = true
+
+		// If we, the initiator don't have enough funds to actually pay
+		// the fees, then we'll exit with an error.
+		if int64(ourBalance) < 0 {
+			return nil, ErrFunderBalanceDust(
+				int64(commitFee), int64(ourBalance),
+				int64(2*DefaultDustLimit()),
+			)
+		}
 	}

 	// If we're the initiator and our starting balance within the channel