From df9f1485a7de068e60d3c93241a7ae962d6e0fb8 Mon Sep 17 00:00:00 2001 From: Mohamed Awnallah Date: Sun, 31 Mar 2024 07:31:20 +0200 Subject: [PATCH 1/2] chainreg: add `checkOutboundPeers` function In this commit we add `checkOutboundPeers` function to the `cc.HealthCheck` function. --- chainreg/chainregistry.go | 65 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 63 insertions(+), 2 deletions(-) diff --git a/chainreg/chainregistry.go b/chainreg/chainregistry.go index 02da263912..c3d4286117 100644 --- a/chainreg/chainregistry.go +++ b/chainreg/chainregistry.go @@ -122,6 +122,11 @@ const ( // DefaultBitcoinStaticMinRelayFeeRate is the min relay fee used for // static estimators. DefaultBitcoinStaticMinRelayFeeRate = chainfee.FeePerKwFloor + + // DefaultMinOutboundPeers is the min number of connected + // outbound peers the chain backend should have to maintain a + // healthy connection to the network. + DefaultMinOutboundPeers = 6 ) // PartialChainControl contains all the primary interfaces of the chain control @@ -504,7 +509,21 @@ func NewPartialChainControl(cfg *Config) (*PartialChainControl, func(), error) { cc.HealthCheck = func() error { _, err := chainConn.RawRequest(cmd, nil) - return err + if err != nil { + return err + } + + // On local test networks we usually don't have multiple + // chain backend peers, so we can skip + // the checkOutboundPeers test. + if cfg.Bitcoin.SimNet || cfg.Bitcoin.RegTest { + return nil + } + + // Make sure the bitcoind chain backend maintains a + // healthy connection to the network by checking the + // number of outbound peers. + return checkOutboundPeers(chainConn) } case "btcd": @@ -613,7 +632,21 @@ func NewPartialChainControl(cfg *Config) (*PartialChainControl, func(), error) { // Use a query for our best block as a health check. cc.HealthCheck = func() error { _, _, err := cc.ChainSource.GetBestBlock() - return err + if err != nil { + return err + } + + // On local test networks we usually don't have multiple + // chain backend peers, so we can skip + // the checkOutboundPeers test. + if cfg.Bitcoin.SimNet || cfg.Bitcoin.RegTest { + return nil + } + + // Make sure the btcd chain backend maintains a + // healthy connection to the network by checking the + // number of outbound peers. + return checkOutboundPeers(chainRPC.Client) } // If we're not in simnet or regtest mode, then we'll attempt @@ -840,3 +873,31 @@ var ( }, } ) + +// checkOutboundPeers checks the number of outbound peers connected to the +// provided RPC client. If the number of outbound peers is below 6, a warning +// is logged. This function is intended to ensure that the chain backend +// maintains a healthy connection to the network. +func checkOutboundPeers(client *rpcclient.Client) error { + peers, err := client.GetPeerInfo() + if err != nil { + return err + } + + var outboundPeers int + for _, peer := range peers { + if !peer.Inbound { + outboundPeers++ + } + } + + if outboundPeers < DefaultMinOutboundPeers { + log.Warnf("The chain backend has an insufficient number "+ + "of connected outbound peers (%d connected, expected "+ + "minimum is %d) which can be a security issue. "+ + "Connect to more trusted nodes manually if necessary.", + outboundPeers, DefaultMinOutboundPeers) + } + + return nil +} From 130fdbde73c4943723b04c9b9f0adce8ba62cf02 Mon Sep 17 00:00:00 2001 From: Mohamed Awnallah Date: Tue, 2 Apr 2024 15:02:02 +0200 Subject: [PATCH 2/2] docs: update the release-notes-0.18.0.md --- docs/release-notes/release-notes-0.18.0.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/release-notes/release-notes-0.18.0.md b/docs/release-notes/release-notes-0.18.0.md index f554cd3e80..13685ec935 100644 --- a/docs/release-notes/release-notes-0.18.0.md +++ b/docs/release-notes/release-notes-0.18.0.md @@ -265,6 +265,11 @@ bitcoin peers' feefilter values into account](https://github.com/lightningnetwor types](https://github.com/lightningnetwork/lnd/pull/8554) defined in `btcd/rpcclient`. +* [checkOutboundPeers](https://github.com/lightningnetwork/lnd/pull/8576) is + added to `chainHealthCheck` to make sure chain backend `bitcoind` and `btcd` + maintain a healthy connection to the network by checking the number of + outbound peers if they are below 6. + ### Logging * [Add the htlc amount](https://github.com/lightningnetwork/lnd/pull/8156) to contract court logs in case of timed-out HTLCs in order to easily spot dust