From d99089e16a6e7c4744af5dda0750a7c7a17caba6 Mon Sep 17 00:00:00 2001 From: Valentine Wallace Date: Mon, 16 Oct 2023 15:46:55 -0400 Subject: [PATCH] Fix blinded recipient fail on malformed HTLC If a blinded recipient to a multihop blinded path needs to fail back a malformed HTLC, they should use error code INVALID_ONION_BLINDING and a zeroed out onion hash per BOLT 4. --- lightning/src/ln/blinded_payment_tests.rs | 7 ++++++- lightning/src/ln/onion_payment.rs | 9 +++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/lightning/src/ln/blinded_payment_tests.rs b/lightning/src/ln/blinded_payment_tests.rs index 1494efdaa..c14c75a5e 100644 --- a/lightning/src/ln/blinded_payment_tests.rs +++ b/lightning/src/ln/blinded_payment_tests.rs @@ -281,7 +281,12 @@ fn failed_backwards_to_intro_node() { let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); let mut update_malformed = &mut updates.update_fail_malformed_htlcs[0]; - // Ensure the final hop does not correctly blind their error. + // Check that the final node encodes its failure correctly. + assert_eq!(update_malformed.failure_code, INVALID_ONION_BLINDING); + assert_eq!(update_malformed.sha256_of_onion, [0; 32]); + + // Modify such the final hop does not correctly blind their error so we can ensure the intro node + // converts it to the correct error. update_malformed.sha256_of_onion = [1; 32]; nodes[1].node.handle_update_fail_malformed_htlc(&nodes[2].node.get_our_node_id(), update_malformed); do_commitment_signed_dance(&nodes[1], &nodes[2], &updates.commitment_signed, true, false); diff --git a/lightning/src/ln/onion_payment.rs b/lightning/src/ln/onion_payment.rs index 5ea07cfab..f24885705 100644 --- a/lightning/src/ln/onion_payment.rs +++ b/lightning/src/ln/onion_payment.rs @@ -319,11 +319,16 @@ where ($msg: expr, $err_code: expr) => { { log_info!(logger, "Failed to accept/forward incoming HTLC: {}", $msg); + let (sha256_of_onion, failure_code) = if msg.blinding_point.is_some() { + ([0; 32], INVALID_ONION_BLINDING) + } else { + (Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(), $err_code) + }; return Err(HTLCFailureMsg::Malformed(msgs::UpdateFailMalformedHTLC { channel_id: msg.channel_id, htlc_id: msg.htlc_id, - sha256_of_onion: Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(), - failure_code: $err_code, + sha256_of_onion, + failure_code, })); } } -- 2.39.5