Fix sender double-including shadow offset in CLTV expiry height.
The excess delta is included in the final RouteHop::cltv_expiry_delta, so by
adding it explicitly to cur_cltv we were erroneously including it twice in the
total cltv expiry.
This could've add up to an extra MAX_SHADOW_CLTV_DELTA_OFFSET (432) blocks to
the total cltv expiry.
Previously, we were setting the final blinded hop's CLTV expiry height to
best_block_height + total_blinded_path_cltv_delta + shadow_cltv_offset. This is
incorrect, it should instead be set to best_block_height + shadow_cltv_offset
only -- it doesn't make sense to include the delta for the other blinded hops
in the final hop's expiry.
The reason this too-high final cltv value didn't cause test failures previously
is because of a 2nd bug that is fixed in an upcoming commit where the sender
adds the shadow offset twice to the total path CLTV expiry. This 2nd offset
meant that intermediate nodes had some buffer CLTV to subtract their delta from
while still (usually) have enough leftover to meet the expiry in the final hop's
onion.
Matt Corallo [Wed, 10 Jan 2024 18:27:57 +0000 (18:27 +0000)]
Expose `onion_message` items directly rather than via re-exports
When we originally added the `onion_message` module, there weren't
a lot of public items in it, and it didn't make a lot of sense to
export the whole sub-module structure publicly. So, instead, we
exported the public items via re-exports directly in the
`onion_message` top-level module. However, as time went on, more
and more things entered the module, which left the top-level module
rather cluttered.
Worse, in 0.0.119, we exposed
`onion_message::messenger::SendSuccess` via the return type of
`send_message`, but forgot to re-export the enum itself, making
it impossible to actually use from external code.
Here we address both issues and simply replace the re-export with
the underlying sub-module structure.
The prior name seems to reference onion decode errors specifically, when in
fact the error contents are generic failure codes for any error that occurs
during HTLC receipt.
Matt Corallo [Mon, 27 Nov 2023 18:51:13 +0000 (18:51 +0000)]
Drop the unused `PaymentKey` type
935a716cc6c4fada075e2b740a70bb1b7b349d49 added new wrappers for the
various channel keys, including a payment_key. However, the
`payment_key` has been unused in lightning since the introduction
(and broad requiring) of the `static_remotekey` feature.
Thus, we simply remove it (and an incredibly stale TODO) here.
Matt Corallo [Tue, 9 Jan 2024 17:11:03 +0000 (17:11 +0000)]
Test individual monitor update compl in chanmon_consistency fuzzer
When users do async monitor updating, it may not be the case that
all pending monitors will complete updating at once. Thus, we
should fuzz monitor updates completing out of order, which we do
here.
Elias Rohrer [Tue, 9 Jan 2024 08:37:14 +0000 (09:37 +0100)]
Feature-gate `time` use also in `ElectrumSyncClient`
A previous commit introduced the `time` feature to gate the use of
`SystemTime` dependent APIs in `EsploraSyncClient`. It however omitted
doing the same for the Electrum side of things. Here, we address this
oversight.
Matt Corallo [Sun, 24 Dec 2023 17:12:10 +0000 (17:12 +0000)]
Fix reachable unwrap on non-channel_type manual channel acceptance
If we receive an `OpenChannel` message without a `channel_type`
with `manually_accept_inbound_channels` set, we will `unwrap()`
`None`.
This is uncommon these days as most nodes support `channel_type`,
but sadly is rather trivial for a peer to hit for those with manual
channel acceptance enabled.
Reported in and fixes #2804. Luckily, the updated
`full_stack_target` has no issue reaching this issue quickly.
Matt Corallo [Tue, 19 Dec 2023 18:21:21 +0000 (18:21 +0000)]
Move `CandidateRouteHop` enum variant fields into structs
The bindings generator struggles a bit with the references in enum
variant fields in `CandidateRouteHop`. While we could probably fix
this, its much eaiser (and less risky) to inline the enum variant
fields from `CandidateRouteHop` into structs. This also lets us
make some of the fields non-public, which seems better at least for
the opaque `hint_idx` in the blinded paths.
Matt Corallo [Mon, 25 Dec 2023 06:55:08 +0000 (06:55 +0000)]
Fix handling of duplicate initial `ChannelMonitor` writing
In e06484b0f44155e647ff29810d2f187967e45813, we added specific
handling for outbound-channel initial monitor updates failing -
in such a case we have a counterparty who tried to open a second
channel with the same funding info we just gave them, causing us
to force-close our outbound channel as it shows up as
duplicate-funding. Its largely harmless as it leads to a spurious
force-closure of a channel with a peer doing something absurd,
however it causes the `full_stack_target` fuzzer to fail.
Sadly, in 574c77e7bc95fd8dea5a8058b6b35996cc99db8d, as we were
dropping handling of `PermanentFailure` handling for updates, we
accidentally dropped handling for initial updates as well.
Matt Corallo [Tue, 26 Dec 2023 18:16:51 +0000 (18:16 +0000)]
Do not panic if a peer learns our funding info before we fund
We'd previously assumed that LDK would receive
`funding_transaction_generated` prior to our peer learning the txid
and panicked if the peer tried to open a redundant channel to us
with the same funding outpoint.
While this assumption is generally safe, some users may have
out-of-band protocols where they notify their LSP about a funding
outpoint first, or this may be violated in the future with
collaborative transaction construction protocols, i.e. the upcoming
dual-funding protocol.
Matt Corallo [Fri, 29 Dec 2023 03:23:59 +0000 (03:23 +0000)]
Move ChannelClosed generation into finish_close_channel
Currently the channel shutdown sequence has a number of steps which
all the shutdown callsites have to call. Because many shutdown
cases are rare error cases, its relatively easy to miss a call and
leave users without `Event`s or miss some important cleanup.
One of those steps, calling `issue_channel_close_events`, is rather
easy to remove, as it only generates two events, which can simply
be moved to another shutdown step.
Here we remove `issue_channel_close_events` by moving
`ChannelClosed` event generation into `finish_force_close_channel`.
Matt Corallo [Fri, 29 Dec 2023 03:15:18 +0000 (03:15 +0000)]
Move DiscardFunding generation into finish_close_channel
Currently the channel shutdown sequence has a number of steps which
all the shutdown callsites have to call. Because many shutdown
cases are rare error cases, its relatively easy to miss a call and
leave users without `Event`s or miss some important cleanup.
One of those steps, calling `issue_channel_close_events`, is rather
easy to remove, as it only generates two events, which can simply
be moved to another shutdown step.
Here we move the first of the two events, `DiscardFunding`, into
`finish_force_close_channel`.
Matt Corallo [Fri, 29 Dec 2023 00:45:07 +0000 (00:45 +0000)]
Consider `MONITOR_UPDATE_IN_PROGRESS` as unbroadcasted funding
If we promote our channel to `AwaitingChannelReady` after adding
funding info, but still have `MONITOR_UPDATE_IN_PROGRESS` set, we
haven't broadcasted the funding transaction yet and thus should
return values from `unbroadcasted_funding[_txid]` and generate a
`DiscardFunding` event.
Matt Corallo [Sun, 24 Dec 2023 06:24:38 +0000 (06:24 +0000)]
Fix dust buffer feerate calculation overflow
If a peer provides a feerate which nears `u32::MAX`, we may
overflow calculating the dust buffer feerate, leading to spuriously
keeping non-anchor channels open when they should be force-closed.
Matt Corallo [Sun, 24 Dec 2023 06:10:38 +0000 (06:10 +0000)]
Fix debug assertion on opening a channel with a disconnected peer
If we try to open a channel with a peer that is disconnected (but
with which we have some other channels), we'll end up with an
unfunded channel which will lead to a panic when the peer
reconnects. Here we drop this debug assertion without bother to add
a new test, given this behavior will change in a PR very soon.
Matt Corallo [Sun, 24 Dec 2023 05:55:11 +0000 (05:55 +0000)]
Fix `REVOKEABLE_REDEEMSCRIPT_MAX_LENGTH` for contest delays >0x7fff
When contest delays are >= 0x8000, script pushes require an extra
byte to avoid being interpreted as a negative int. Thus, for
channels with CSV delays longer than ~7.5 months we may generate
transactions with slightly too little fee. This isn't really a huge
deal, but we should prefer to be conservative here, and slightly
too high fee in the general case is better than slightly too little
fee in other cases.
Matt Corallo [Sun, 24 Dec 2023 05:17:29 +0000 (05:17 +0000)]
Stop including dust values in feerate affordability checks
When we or our counterparty are updating the fees on the channel,
we currently check that the resulting balance is sufficient not
only to meet the reserve threshold, but also not push it below
dust. This isn't required in the BOLTs and may lead to spurious
force-closures (which would be a bit safer, but reserve should
always exceed the dust threshold).
Worse, the current logic is broken - it compares the output value
in *billionths of satoshis* to the dust limit in satoshis. Thus,
the code is borderline dead anyway, but can overflow for channels
with several million Bitcoin, causing the fuzzer to get mad (and
lead to spurious force-closures for few-billion-dollar channels).
Matt Corallo [Sun, 24 Dec 2023 04:49:24 +0000 (04:49 +0000)]
Fix `Feature` eq + hash to ignore excess zero bytes
If we get a `Feature` object which has excess zero bytes, we
shouldn't consider it a different `Feature` from another with the
same bits set, but no excess zero bytes. Here we fix both the
`Hash` and `PartialEq` implementation for `Features` to ignore
excess zero bytes.
Matt Corallo [Fri, 15 Dec 2023 22:32:24 +0000 (22:32 +0000)]
Use correct default value when comparing to `htlc_maximum_msat`
62f866965436fff1a8e98ee655a8a6dcbb8716c1 added two
`htlc_maximum_msat.unwrap_or`s, but used a default value of 0,
spuriously causing all HTLCs to fail if we don't have an htlc
maximum value. This should be mostly harmless, but we should fix it
anyway.
Matt Corallo [Fri, 15 Dec 2023 18:23:42 +0000 (18:23 +0000)]
Make `FinalOnionHopData` public
In 4b5db8c3ce, `channelmanager::PendingHTLCRouting` was made
public, exposing a `FinalOnionHopData` field to the world. However,
`FinalOnionHopData` was left crate-private, making the enum
impossible to construct.
There isn't a strong reason for this (even though the
`FinalOnionHopData` API is somewhat confusing, being separated from
the rest of the onion structs), so we expose it here.
Matt Corallo [Fri, 15 Dec 2023 18:14:56 +0000 (18:14 +0000)]
Drop explicit `bitcoin_hashes` dependency in `lightning-invoice`
Since `lightning-invoice` now depends on the `bitcoin` crate
directly, also depending on the `bitcoin_hashes` crate is redundant
and just means we confuse users by setting the `std` flag only on
`bitcoin`. Thus, we drop the explicit dependency here and replace
it with `bitcoin::hashes`.
Matt Corallo [Thu, 14 Dec 2023 22:49:58 +0000 (22:49 +0000)]
Un-export the `PrivateRoute` inner field as there are invariants
When we make the `PrivateRoute` inner `RouteHint` `pub`, we failed
to note that the `PrivateRoute::new` constructor actually verifies
a length invariant. Thus, we un-export the inner field and force
users to go back through the `new` fn.
Jeffrey Czyz [Fri, 15 Dec 2023 03:19:57 +0000 (21:19 -0600)]
Use one-hop blinded paths only for announced nodes
To avoid exposing a node's identity in a blinded path, only create
one-hop blinded paths if the node has been announced, and thus has
public channels. Otherwise, there is no way to route a payment to the
node, exposing its identity needlessly.
Jeffrey Czyz [Fri, 8 Dec 2023 21:54:21 +0000 (15:54 -0600)]
Multi-hop blinded payment paths in ChannelManager
When constructing blinded payment paths for Bolt12Invoice, delegate to
Router::create_blinded_payment_paths which may produce multi-hop blinded
paths. Fallback to one-hop blinded paths if the Router fails or returns
no paths.
Jeffrey Czyz [Fri, 8 Dec 2023 18:03:06 +0000 (12:03 -0600)]
Add create_blinded_payment_paths to Router
The Router trait is used to find a Route for paying a node. Expand the
interface with a create_blinded_payment paths method for creating such
paths to a recipient node.
Provide an implementation for DefaultRouter that creates two-hop
blinded paths where the recipient's peers serve as the introduction
nodes.
Jeffrey Czyz [Fri, 3 Mar 2023 15:38:45 +0000 (09:38 -0600)]
Multi-hop blinded paths in ChannelManager
When constructing blinded paths for Offer and Refund, delegate to
MessageRouter::create_blinded_paths which may produce multi-hop blinded
paths. Fallback to one-hop blinded paths if the MessageRouter fails or
returns no paths.
Likewise, do the same for InvoiceRequest and Bolt12Invoice reply paths.
Jeffrey Czyz [Fri, 15 Dec 2023 21:37:18 +0000 (15:37 -0600)]
Use CLTV_FAR_FAR_AWAY in PaymentConstraints
When finding a route through a blinded path, a random CLTV offset may be
added to the path in order to preserve privacy. This needs to be
accounted for in the blinded path's PaymentConstraints. Add
CLTV_FAR_FAR_AWAY to the max_cltv_expiry constraint to allow for such
offsets.
Matt Corallo [Thu, 30 Nov 2023 00:04:09 +0000 (00:04 +0000)]
Consistently clean up when failing in `internal_funding_created`
When we fail to accept a counterparty's funding for various
reasons, we should ensure we call the correct cleanup methods in
`internal_funding_created` to remove the temporary data for the
channel in our various internal structs (primarily the SCID alias
map).
This adds the missing cleanup, using `convert_chan_phase_err`
consistently in all the error paths.
This also ensures we get a `ChannelClosed` event when relevant.
Jeffrey Czyz [Thu, 7 Dec 2023 21:53:15 +0000 (15:53 -0600)]
Require any Router also implements MessageRouter
ChannelManager is parameterized by a Router in order to find routes when
sending and retrying payments. For the offers flow, it needs to be able
to construct blinded paths (e.g., in the offer and in reply paths).
Instead of adding yet another parameter to ChannelManager, require that
any Router also implements MessageRouter. Implement this for
DefaultRouter by delegating to a DefaultMessageRouter.
Jeffrey Czyz [Thu, 7 Dec 2023 21:48:43 +0000 (15:48 -0600)]
Add create_blinded_paths to MessageRouter
The MessageRouter trait is used to find an OnionMessagePath to a
Destination (e.g., to a BlindedPath). Expand the interface with a
create_blinded_paths method for creating such paths to a recipient.
Provide a default implementation creating two-hop blinded paths where
the recipient's peers serve as introduction nodes.
Jeffrey Czyz [Thu, 2 Mar 2023 20:57:07 +0000 (14:57 -0600)]
Add RouteBlinding feature flag
The RouteBlinding feature flag is signals support for relaying payments
over blinded paths. It is used for paying BOLT 12 invoices, which are
required to included at least one blinded path.