Fix blinded recipient fail on malformed HTLC

If a blinded recipient to a multihop blinded path needs to fail back a
malformed HTLC, they should use error code INVALID_ONION_BLINDING and a zeroed
out onion hash per BOLT 4.

diff --git a/lightning/src/ln/blinded_payment_tests.rs b/lightning/src/ln/blinded_payment_tests.rs
index 1494efdaad9263e4a8ae728f34572ed3baa30683..c14c75a5e02a56244c7fcebd5a51252b1916a714 100644 (file)
--- a/lightning/src/ln/blinded_payment_tests.rs
+++ b/lightning/src/ln/blinded_payment_tests.rs
@@ -281,7 +281,12 @@ fn failed_backwards_to_intro_node() {
 
        let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
        let mut update_malformed = &mut updates.update_fail_malformed_htlcs[0];
-       // Ensure the final hop does not correctly blind their error.
+       // Check that the final node encodes its failure correctly.
+       assert_eq!(update_malformed.failure_code, INVALID_ONION_BLINDING);
+       assert_eq!(update_malformed.sha256_of_onion, [0; 32]);
+
+       // Modify such the final hop does not correctly blind their error so we can ensure the intro node
+       // converts it to the correct error.
        update_malformed.sha256_of_onion = [1; 32];
        nodes[1].node.handle_update_fail_malformed_htlc(&nodes[2].node.get_our_node_id(), update_malformed);
        do_commitment_signed_dance(&nodes[1], &nodes[2], &updates.commitment_signed, true, false);

diff --git a/lightning/src/ln/onion_payment.rs b/lightning/src/ln/onion_payment.rs
index 5ea07cfab30db4325bc71415f1b3f331ca1a37dc..f2488570542ccb26da9dad072fe5b052a8f98657 100644 (file)
--- a/lightning/src/ln/onion_payment.rs
+++ b/lightning/src/ln/onion_payment.rs
@@ -319,11 +319,16 @@ where
                ($msg: expr, $err_code: expr) => {
                        {
                                log_info!(logger, "Failed to accept/forward incoming HTLC: {}", $msg);
+                               let (sha256_of_onion, failure_code) = if msg.blinding_point.is_some() {
+                                       ([0; 32], INVALID_ONION_BLINDING)
+                               } else {
+                                       (Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(), $err_code)
+                               };
                                return Err(HTLCFailureMsg::Malformed(msgs::UpdateFailMalformedHTLC {
                                        channel_id: msg.channel_id,
                                        htlc_id: msg.htlc_id,
-                                       sha256_of_onion: Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(),
-                                       failure_code: $err_code,
+                                       sha256_of_onion,
+                                       failure_code,
                                }));
                        }
                }