eclair-mobile icon indicating copy to clipboard operation
eclair-mobile copied to clipboard
verified publisher icon ACINQ

Opening a channel with "Use all funds" option always creates change

Open maflcko opened this issue 6 years ago • 6 comments

The eclair-mobile wallet does not offer fine-grained coin control (coin selection) to the user, thus it makes sense to always swipe all available funds into a channel. Otherwise the change output could be tracked on-chain and hurt the user's privacy.

However, all version of eclair-mobile (including 0.4.8) create a change output, even if "Use all funds" is selected.

I could not reproduce the issue when all funds are sent to an on-chain address (not opening a channel)

Steps to reproduce:

  • Have two coins in the eclair-mobile wallet
  • Open a channel with all funds

Result:

  • A change output is created (The amount of the change correlates with the selected fee rate)

Expected result:

  • No change is created

maflcko avatar Sep 18 '19 22:09 maflcko

Log:

eclair-wallet.log(1).txt

Tx (with blockstream privacy analysis):

https://blockstream.info/testnet/tx/06a50e5eac661605f6ed81dca6b5eea730539f575fd2716d879b1ce2eb98e1eb

Screenshot:

Screenshot_20190918-175931

maflcko avatar Sep 18 '19 22:09 maflcko

From https://github.com/ACINQ/eclair-mobile/pull/210#issuecomment-533048398:

To know what channel capacity would exhaust our balance, we need first to estimate the fees for a multisig tx (i.e simulating a channel), and that does not work well. So the issue must be either in the method creating the fake multisig tx, or in the wallet in eclair-core.

maflcko avatar Sep 19 '19 10:09 maflcko

The core issue is that in eclair-core we don't use the same logic for computing the placeholder transaction using all available funds, and for sending the actual channel funding transaction. This leads to a discrepancy in the fees and causes the funding transaction to fail with an Insufficient funds error.

This is the reason why eclair mobile tweaks the total available funds returned by the core afterwards, it allows the funding transaction to go through but leave some change. To properly fix this, we need to address the first issue mentioned above.

dpad85 avatar Sep 20 '19 09:09 dpad85

sending the actual channel funding transaction

I couldn't find where that tx is created. Could you help me with that please?

maflcko avatar Sep 20 '19 12:09 maflcko

Sure, the funding transaction is created here: https://github.com/ACINQ/eclair/blob/android/eclair-core/src/main/scala/fr/acinq/eclair/blockchain/electrum/ElectrumEclairWallet.scala#L39

Which uses the completeTransaction method (the actual part that bothers me is here)

The InsufficientFunds error is raised here.

dpad85 avatar Sep 20 '19 15:09 dpad85

Indeed, the current completeTransaction function is unsuitable for sending all funds because it will always create change (or donate the change to miner fee, if it is too small).

I wonder if it makes sense to have separate logic to sign a transaction that shouldn't create a change output.

maflcko avatar Sep 20 '19 16:09 maflcko