Fix min relay fee to be 1s/vB

[arik-so]

Bitcoin Core relay policy does not require 16s/vB, which it was
previously set to.

This should address #3438.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.04%. Comparing base (2c5a1f6) to head (92fa97b).
Report is 39 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3457      +/-   ##
==========================================
+ Coverage   88.43%   89.04%   +0.60%     
==========================================
  Files         149      149              
  Lines      113302   118322    +5020     
  Branches   113302   118322    +5020     
==========================================
+ Hits       100203   105362    +5159     
+ Misses      10631    10511     -120     
+ Partials     2468     2449      -19     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[tankyleo]

Could we delete this in favor of FEERATE_FLOOR_SATS_PER_KW below ? Different types, but same number.

[arik-so]

I don't think we can, because one is the regular broadcast fee rate, and the other is the eviction/incremental fee rate per RBF rule 4 (https://gist.github.com/glozow/25d9662c52453bd08b4b4b1d3783b9ff)

[arik-so]

that said, looking at these values

"mempoolminfee": 0.00001373,
"minrelaytxfee": 0.00001000,
"incrementalrelayfee": 0.00001000

I don't know when minrelaytxfee and incrementalrelayfee wouldn't align short of an explicit config change.

[tankyleo]

Thank you where did you find them ? I've been grepping the bitcoin repo, can't see them.

I agree these are two different settings - I suggest we clarify one of them is the incremental fee rate, the other is the broadcast fee rate, as you've described - "MIN_RELAY_FEE" and "FEERATE_FLOOR" is a little too similar.

[arik-so]

oh I just called getmempoolinfo on my node's RPC lol

[arik-so]

fair point, honestly both names suck

[tankyleo]

could use the names from bitcoin core, minrelaytxfee and incrementalrelayfee

[arik-so]

let's start with renaming minrelaytxfee to incrementalrelayfee for now, and we can get more ambitious with the other one in a separate PR

[morehouse]

It would be good to add some unit tests for feerate_bump.

[morehouse]

Why was the value changed to 546?

Also the naming is bound to cause confusion: payment_value_sats sounds like it should correspond to the same payment as the payment_preimage and payment_hash variables, but it actually is a different payment.

Also, we should define the variables closer to where they are used.

[arik-so]

I added a comment explaining the reasoning, and revised the variable once again. The fee bumping was succeeding much more often with the lower minrelayfee, resulting in indeterminism depending on whether the block connection style skipped intermediates or not. Now the value is fine-tuned to accommodate a single 25% fee bump.

[morehouse]

Shouldn't the claim transactions be deterministic? Why are we accepting a range of transactions now?

It would be good to add a comment explaining the transactions expected to be broadcast.

[arik-so]

Funnily enough, with intermediate blocks being skipped, it is theoretically fine to have non-determinism, but I adjusted the values such that it can only happen once.

[morehouse]

Why are the payment values changed?

[arik-so]

I added a comment explaining these. In principle they don't even have to differ, but both 842 and 843 only allow one bump. I could make one of them the necessary satoshi amount for two bumps - 1 if you like?

[morehouse]

Return value is unused.

Suggested change

	route_payment(&nodes[1], &vec!(&nodes[0])[..], htlc_value_b_msats).0;
	route_payment(&nodes[1], &vec!(&nodes[0])[..], htlc_value_b_msats);

[morehouse]

If additional bumps can occur, we should verify all of them below (not just the first bump).

[arik-so]

They no longer should be able to.

[morehouse]

So the bumping strategy can vary depending on how the user calls the block connection APIs?

How specifically is bumping affected, and could this lead to transactions not confirming in time?

[arik-so]

So technically it's not the bumping strategy as the block connection strategy. The bumping strategy is technically the same, but in one case there's a time jump and it lacks the opportunity to attempt intermediate bumps.

[morehouse]

I still think it would be good to have unit tests specifically for feerate_bump.

The CI incremental-mutants failure provides further evidence that such unit tests would be beneficial.

[morehouse]

This naive feerate/fee logging is a little confusing. IMO we could just remove it.

[arik-so]

I felt it was quite valuable for debugging purposes seeing whether the bump would be failing simply due to the 25% increment or due to the incremental relay fee. Do you think perhaps a different phrasing might help?

[morehouse]

I think the log message you added above clarifies things. We can remove the "(naive: ..)" logging from this log line now.

[arik-so]

You're right, I was just tinkering with some values for the test. The potential list of confirmation target / fee strategy combinations would be rather exhaustive, so I focused on the main scenario that was not previously being caught, but let me know if there are others you think I should add to the test.

[morehouse]

Did the unit tests pass for you locally? At least one of them looks incorrect to me.

Also, I'm not sure we should be relying so heavily on pattern matching the logs. feerate_bump is a pure function that we should be able to test by verifying outputs alone.

[morehouse]

I think the log message you added above clarifies things. We can remove the "(naive: ..)" logging from this log line now.

[morehouse]

Nit: "new-estimation bump" seems confusing.

Suggested change

	log_warn!(logger, "Can't new-estimation bump new claiming tx, output amount {} would end up below dust threshold {}", remaining_output_amount, dust_limit_sats);
	log_warn!(logger, "Can't bump new claiming tx, output amount {} would end up below dust threshold {}", remaining_output_amount, dust_limit_sats);

[morehouse]

Nit: "new-estimation bump" seems confusing.

Suggested change

	log_warn!(logger, "Can't new-estimation bump new claiming tx, output amount {} would end up below dust threshold {}", remaining_output_amount, dust_limit_sats);
	log_warn!(logger, "Can't bump new claiming tx, output amount {} would end up below dust threshold {}", remaining_output_amount, dust_limit_sats);

[morehouse]

This doesn't seem right...

• Weight: 1000
• Input amount: 861
• Previous feerate: 253
• new_fee = max(1.25 * 253, 253 + 253) = 506
• remaining_output_amount = 861 - 506 = 355

Yet test test expects output amount of 545.

What am I missing?

[arik-so]

Here it notices that the remaining amount is insufficient even before applying the min relay fee, which only happens at the end of feerate_bump. It's an early termination path.

[morehouse]

Got it, thanks for explaining. By the way, it looks like that early termination path can be removed since the dust check is repeated here as well.

[arik-so]

Yeah, I was wondering myself if I should add that. The reason I did was because there were a bunch of "amount too small" terminations specifically within the 25% bump clause, which I guess might be a helpful hint for users, but those checks would technically also be preëmpted by a single final check ensuring the remaining amount was at or above the dust threshold.

Technically this method could be cleaned up quite significantly, but at the potential expense of logic traceability. You figure that's a non-issue?

[arik-so]

Or rather, because there was a 25%-bump-specific amount-too-small-check and one in the else clause, as opposed to a singular one that would come after the bump strategy processing.

[morehouse]

My intuition is that during debugging most of the path can be inferred by the amount of the fee bump (e.g., is it 25% or the incremental relay fee), especially for a short, fairly simple function like this one. In cases where something unexpected could happen, that's when logging is more helpful.

For instance, I'm not sure it's super helpful to have logs like this:

... Initiating fee rate bump from X to Y.
... Attempting forced 25% fee rate bump from X to (X*1.25)
... Naive fee bump of (X*.25) does not meet min relay fee of 253
... Fee rate bumped by 253 from X to (X+253)

when something like this communicates almost as much:

... Fee rate bumped from X to X+253

[arik-so]

So both the modified unit tests pass highly consistently for me; in fact, I haven't been able to get them to fail once, and I tried hard-coding the block connection strategies to ensure it worked for every single one.

Can you elaborate on what looks wrong to you? The unit tests are now performing the same checks as they had been originally.

[morehouse]

Can you elaborate on what looks wrong to you? The unit tests are now performing the same checks as they had been originally.

I was referring to the unit test that had a remaining output amount I didn't expect, which you clarified for me.

The unit tests look correct to me, though I would prefer if they didn't rely so heavily on whitebox testing with the log pattern matching. It would also be good to add a short description to each test case explaining what it's testing.

[arik-so]

Ah gotcha. Yeah, I can remove the log output checks, and will add some comments

[TheBlueMatt]

Test changes lgtm, obv need squashed into the commit that broke the tests.

[TheBlueMatt]

Since we're doing this on a timer for a rare event, we don't need to log as trace and should log more at debug or info.

[TheBlueMatt]

Having two separate logs isn't communicating any additional new info that couln't be communicated in one log line if we included the FeerateStrategy that was used in the first.

[arik-so]

we don't get the post-25%-bump value in the first, which would just show something like "bump from 300 to 300"

[TheBlueMatt]

The last log communicates the ultimate bump calculation. The inclusion of a FeerateStategy will provide anyone reading the code side-by-side with the log enough information to figure out which code path was taken.

[TheBlueMatt]

I'm not sure I understand the point of this commit (and the commit has no description in it to explain why). The logic is called from compute_package_output which already does the appropriate max before returning, so this just returns early and avoids bumping if we'll hit the dust limit, which I'm not sure accomplishes anything?

[arik-so]

compute_package_output does not update the returned fee rate if the dust threshold is violated, which resulted in bumping attempts growing ever more insane despite nothing happening, and the corresponding unit test failures. I can move this logic up into the calling function, but feerate_bump seems like the more appropriate place to enforce this invariant

[morehouse]

Doing the dust check in feerate_bump sounds good to me. But we should also remove the now redundant max from compute_package_output.

[morehouse]

Yikes! The input_amounts <= bumped_fee short-circuit was removed from the ForceBump case above, so now we can get an unsigned underflow here.

[arik-so]

We actually still cannot, but you're right, this should be a saturating_sub.

[morehouse]

Looks pretty good to me.

I'll approve after the max is removed from compute_package_output and commits are squashed and cleaned up.

[morehouse]

Doing the dust check in feerate_bump sounds good to me. But we should also remove the now redundant max from compute_package_output.

[arik-so]

Thanks! I'm also thinking of squishing commits "log fee bump process" into "enforce dust threshold" as well as reordering "test fee rate bumping" and "fix min relay" to ensure test integrity.