Use next_splice_out_maximum_sat to validate funding_contributed

This is equivalent to the previous commit, see the debug assertions
added in the previous commit. We now also get to communicate the
exact maximum back to the user, instead of some "balance is lower
than our reserve" message, which is hard to react to.

Author: tankyleo

lightning/src/ln/channel.rs

@@ -12579,13 +12579,14 @@ where
 		}
 
 		let our_funding_contribution = contribution.net_value();
-
-		if let Err(e) = self.validate_splice_contributions(
-			our_funding_contribution,
-			SignedAmount::ZERO,
-			self.funding.get_counterparty_pubkeys().funding_pubkey,
-			self.funding.get_holder_pubkeys().clone(),
-		) {
+		let unsigned_contribution = our_funding_contribution.unsigned_abs();
+		if let Err(e) = self.get_next_splice_out_maximum(&self.funding)
+			.and_then(|splice_max| splice_max
+				.to_sat()
+				.checked_add_signed(our_funding_contribution.to_sat())
+				.ok_or(format!("Our splice-out value of {unsigned_contribution} is greater than the maximum {splice_max}"))
+			)
+		{
 			log_error!(logger, "Channel {} cannot be funded: {}", self.context.channel_id(), e);
 			return Err(QuiescentError::FailSplice(self.splice_funding_failed_for(contribution)));
 		}
@@ -14207,12 +14208,14 @@ where
 					// balance. If invalid, disconnect and return the contribution so
 					// the user can reclaim their inputs.
 					let our_funding_contribution = contribution.net_value();
-					if let Err(e) = self.validate_splice_contributions(
-						our_funding_contribution,
-						SignedAmount::ZERO,
-						self.funding.get_counterparty_pubkeys().funding_pubkey,
-						self.funding.get_holder_pubkeys().clone(),
-					) {
+					let unsigned_contribution = our_funding_contribution.unsigned_abs();
+					if let Err(e) = self.get_next_splice_out_maximum(&self.funding)
+						.and_then(|splice_max| splice_max
+							.to_sat()
+							.checked_add_signed(our_funding_contribution.to_sat())
+							.ok_or(format!("Our splice-out value of {unsigned_contribution} is greater than the maximum {splice_max}"))
+						)
+					{
 						let failed = self.splice_funding_failed_for(contribution);
 						return Err((
 							ChannelError::WarnAndDisconnect(format!(

lightning/src/ln/splicing_tests.rs

@@ -4045,8 +4045,8 @@ fn do_test_splice_pending_htlcs(config: UserConfig) {
 			format!("Channel {} cannot accept funding contribution", channel_id);
 		assert_eq!(error, APIError::APIMisuseError { err: cannot_accept_contribution });
 		let cannot_be_funded = format!(
-			"Channel {} cannot be funded: Channel {} cannot be spliced out; our post-splice channel balance {} is smaller than their selected v2 reserve {}",
-			channel_id, channel_id, post_splice_reserve - Amount::ONE_SAT, post_splice_reserve
+			"Channel {} cannot be funded: Our splice-out value of {} is greater than the maximum {}",
+			channel_id, splice_out_incl_fees + Amount::ONE_SAT, splice_out_incl_fees,
 		);
 		initiator.logger.assert_log("lightning::ln::channel", cannot_be_funded, 1);