state: remove anchor timeout.

We'll bring it back as a block-based timeout at the end.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

daemon/db.c

@@ -304,9 +304,8 @@ static void load_peer_anchor(struct peer *peer)
 		peer->anchor.satoshis = sqlite3_column_int64(stmt, 3);
 		peer->anchor.ours = sqlite3_column_int(stmt, 6);
 
-		/* FIXME: Do timeout! */
-		peer_watch_anchor(peer,
-				  sqlite3_column_int(stmt, 4), INPUT_NONE);
+		/* FIXME: Set up timeout in case they don't make progress */
+		peer_watch_anchor(peer, sqlite3_column_int(stmt, 4));
 		peer->anchor.min_depth = sqlite3_column_int(stmt, 5);
 		anchor_set = true;
 	}

daemon/peer.c

@@ -2340,6 +2340,7 @@ static struct io_plan *peer_crypto_on(struct io_conn *conn, struct peer *peer)
 	if (!db_create_peer(peer))
 		fatal("Database error in %s", __func__);
 
+	/* FIXME: Start timeout, and close peer if they don't progress! */
 	state_event(peer, peer->local.offer_anchor, NULL);
 
 	return peer_send_init(conn,peer);
@@ -3999,53 +4000,15 @@ unknown_spend:
 	return DELETE_WATCH;
 }
 
-static void anchor_timeout(struct peer *peer)
-{
-	/* FIXME: We could just forget timeout once we're not opening. */
-	if (state_is_opening(peer->state))
-		state_event(peer, BITCOIN_ANCHOR_TIMEOUT, NULL);
-}
-
-void peer_watch_anchor(struct peer *peer,
-		       int depth,
-		       enum state_input timeout)
+void peer_watch_anchor(struct peer *peer, int depth)
 {
 	log_debug_struct(peer->log, "watching for anchor %s",
 			 struct sha256_double, &peer->anchor.txid);
 	log_add(peer->log, " to hit depth %i", depth);
 
-	/* We assume this. */
-	assert(timeout == BITCOIN_ANCHOR_TIMEOUT || timeout == INPUT_NONE);
-
 	peer->anchor.ok_depth = depth;
 	watch_txid(peer, peer, &peer->anchor.txid, anchor_depthchange, NULL);
 	watch_txo(peer, peer, &peer->anchor.txid, 0, anchor_spent, NULL);
-
-	/* For anchor timeout, expect 20 minutes per block, +2 hours.
-	 *
-	 * Probability(no block in time N) = e^(-N/600).
-	 * Thus for 1 block, P = e^(-(7200+1*1200)/600) = 0.83 in a million.
-	 *
-	 * Glenn Willen says, if we want to know how many 10-minute intervals for
-	 * a 1 in a million chance of spurious failure for N blocks, put
-	 * this into http://www.wolframalpha.com:
-	 *
-	 *   e^(-x) * sum x^i / fact(i), i=0 to N < 1/1000000
-	 * 
-	 * N=20: 51
-	 * N=10: 35
-	 * N=8:  31
-	 * N=6:  28
-	 * N=4:  24
-	 * N=3:  22
-	 * N=2:  20
-	 *
-	 * So, our formula of 12 + N*2 holds for N <= 20 at least.
-	 */
-	if (timeout != INPUT_NONE)
-		new_reltimer(peer->dstate, peer,
-			     time_from_sec(7200 + 20*peer->anchor.ok_depth),
-			     anchor_timeout, peer);
 }
 
 struct bitcoin_tx *peer_create_close_tx(const tal_t *ctx,

daemon/test/Makefile

@@ -9,26 +9,25 @@ daemon-test.sh-1-%:
 daemon-test.sh-2-%:
 	NO_VALGRIND=$(NO_VALGRIND) VARIANT=2 daemon/test/test.sh --$*
 
+# FIXME: Timeout-anchor tests.
+
 # These don't work in parallel, so chain the deps
 daemon-test.sh-0-steal: daemon-test.sh-0-dump-onchain
-daemon-test.sh-0-dump-onchain: daemon-test.sh-0-timeout-anchor
-daemon-test.sh-0-timeout-anchor: daemon-test.sh-0-different-fee-rates
+daemon-test.sh-0-dump-onchain: daemon-test.sh-0-different-fee-rates
 daemon-test.sh-0-different-fee-rates: daemon-test.sh-0-mutual-close-with-htlcs
 daemon-test.sh-0-mutual-close-with-htlcs: daemon-test.sh-0-manual-commit
 daemon-test.sh-0-manual-commit: daemon-test.sh-0-normal
 daemon-test.sh-0-normal: daemon-test-setup-0
 
 daemon-test.sh-1-steal\ --restart: daemon-test.sh-1-dump-onchain\ --restart
-daemon-test.sh-1-dump-onchain\ --restart: daemon-test.sh-1-timeout-anchor\ --restart
-daemon-test.sh-1-timeout-anchor\ --restart: daemon-test.sh-1-different-fee-rates\ --restart
+daemon-test.sh-1-dump-onchain\ --restart: daemon-test.sh-1-different-fee-rates\ --restart
 daemon-test.sh-1-different-fee-rates\ --restart: daemon-test.sh-1-mutual-close-with-htlcs\ --restart
 daemon-test.sh-1-mutual-close-with-htlcs\ --restart: daemon-test.sh-1-manual-commit\ --restart
 daemon-test.sh-1-manual-commit\ --restart: daemon-test.sh-1-normal\ --restart
 daemon-test.sh-1-normal\ --restart: daemon-test-setup-1
 
 daemon-test.sh-2-steal\ --reconnect: daemon-test.sh-2-dump-onchain\ --reconnect
-daemon-test.sh-2-dump-onchain\ --reconnect: daemon-test.sh-2-timeout-anchor\ --reconnect
-daemon-test.sh-2-timeout-anchor\ --reconnect: daemon-test.sh-2-different-fee-rates\ --reconnect
+daemon-test.sh-2-dump-onchain\ --reconnect: daemon-test.sh-2-different-fee-rates\ --reconnect
 daemon-test.sh-2-different-fee-rates\ --reconnect: daemon-test.sh-2-mutual-close-with-htlcs\ --reconnect
 daemon-test.sh-2-mutual-close-with-htlcs\ --reconnect: daemon-test.sh-2-manual-commit\ --reconnect
 daemon-test.sh-2-manual-commit\ --reconnect: daemon-test.sh-2-normal\ --reconnect

state.c

@@ -166,9 +166,7 @@ enum state state(struct peer *peer,
 			}
 
 			queue_pkt_open_commit_sig(peer);
-			peer_watch_anchor(peer,
-					  peer->local.mindepth,
-					  BITCOIN_ANCHOR_TIMEOUT);
+			peer_watch_anchor(peer, peer->local.mindepth);
 
 			return next_state(peer, STATE_OPEN_WAITING_THEIRANCHOR);
 		} else if (input_is_pkt(input)) {
@@ -214,9 +212,7 @@ enum state state(struct peer *peer,
 				goto err_breakdown;
 			}
 			queue_tx_broadcast(broadcast, bitcoin_anchor(peer));
-			peer_watch_anchor(peer,
-					  peer->local.mindepth,
-					  INPUT_NONE);
+			peer_watch_anchor(peer, peer->local.mindepth);
 			return next_state(peer, STATE_OPEN_WAITING_OURANCHOR);
 		} else if (input_is_pkt(input)) {
 			bitcoin_release_anchor(peer, INPUT_NONE);
@@ -256,11 +252,7 @@ enum state state(struct peer *peer,
 		}
 	/* Fall thru */
 	case STATE_OPEN_WAITING_THEIRANCHOR_THEYCOMPLETED:
-		if (input_is(input, BITCOIN_ANCHOR_TIMEOUT)) {
-			/* Anchor didn't reach blockchain in reasonable time. */
-			queue_pkt_err(peer, pkt_err(peer, "Anchor timed out"));
-			return next_state(peer, STATE_ERR_ANCHOR_TIMEOUT);
-		} else if (input_is(input, PKT_CLOSE_SHUTDOWN)) {
+		if (input_is(input, PKT_CLOSE_SHUTDOWN)) {
 			peer_open_complete(peer, "Received PKT_CLOSE_SHUTDOWN");
 			goto accept_shutdown;
 		} else if (input_is_pkt(input)) {

state.h

@@ -103,14 +103,8 @@ static inline bool input_is(enum state_input a, enum state_input b)
  * peer_watch_anchor: create a watch for the anchor transaction.
  * @peer: the state data for this peer.
  * @depth: depth at which to fire @depthok.
- * @timeout: the input to give if anchor doesn't reach depth in time.
- *
- * @timeout can be INPUT_NONE if it's our anchor (we don't time
- * ourselves out).
  */
-void peer_watch_anchor(struct peer *peer,
-		       int depth,
-		       enum state_input timeout);
+void peer_watch_anchor(struct peer *peer, int depth);
 
 /* Start creation of the bitcoin anchor tx. */
 void bitcoin_create_anchor(struct peer *peer);

state_types.h

@@ -89,14 +89,6 @@ enum state_input {
 	 */
 	INPUT_NONE,
 
-	/*
-	 * Bitcoin events
-	 */
-	/* It didn't reach the required depth in time. */
-	BITCOIN_ANCHOR_TIMEOUT,
-	/* No more HTLCs in either commitment tx. */
-	INPUT_HTLCS_CLEARED,
-	
 	/*
 	 * Timeouts.
 	 */