// You may not use this file except in accordance with one or both of these
// licenses.
+//! Utilities for creating and parsing short channel ids.
+
/// Maximum block height that can be used in a `short_channel_id`. This
/// value is based on the 3-bytes available for block height.
pub const MAX_SCID_BLOCK: u64 = 0x00ffffff;
pub const MAX_SCID_VOUT_INDEX: u64 = 0xffff;
/// A `short_channel_id` construction error
-#[derive(Debug, PartialEq)]
+#[derive(Debug, PartialEq, Eq)]
pub enum ShortChannelIdError {
+ /// Block height too high
BlockOverflow,
+ /// Tx index too high
TxIndexOverflow,
+ /// Vout index too high
VoutIndexOverflow,
}
/// Extracts the block height (most significant 3-bytes) from the `short_channel_id`
-pub fn block_from_scid(short_channel_id: &u64) -> u32 {
+pub fn block_from_scid(short_channel_id: u64) -> u32 {
return (short_channel_id >> 40) as u32;
}
/// Extracts the tx index (bytes [2..4]) from the `short_channel_id`
-pub fn tx_index_from_scid(short_channel_id: &u64) -> u32 {
+pub fn tx_index_from_scid(short_channel_id: u64) -> u32 {
return ((short_channel_id >> 16) & MAX_SCID_TX_INDEX) as u32;
}
/// Extracts the vout (bytes [0..2]) from the `short_channel_id`
-pub fn vout_from_scid(short_channel_id: &u64) -> u16 {
+pub fn vout_from_scid(short_channel_id: u64) -> u16 {
return ((short_channel_id) & MAX_SCID_VOUT_INDEX) as u16;
}
Ok((block << 40) | (tx_index << 16) | vout_index)
}
+/// LDK has multiple reasons to generate fake short channel ids:
+/// 1) outbound SCID aliases we use for private channels
+/// 2) phantom node payments, to get an scid for the phantom node's phantom channel
+/// 3) payments intended to be intercepted will route using a fake scid (this is typically used so
+/// the forwarding node can open a JIT channel to the next hop)
+pub(crate) mod fake_scid {
+ use bitcoin::blockdata::constants::ChainHash;
+ use bitcoin::network::constants::Network;
+ use crate::sign::EntropySource;
+ use crate::crypto::chacha20::ChaCha20;
+ use crate::util::scid_utils;
+ use crate::prelude::*;
+
+ use core::ops::Deref;
+
+ const TEST_SEGWIT_ACTIVATION_HEIGHT: u32 = 1;
+ const MAINNET_SEGWIT_ACTIVATION_HEIGHT: u32 = 481_824;
+ const MAX_TX_INDEX: u32 = 2_500;
+ const MAX_NAMESPACES: u8 = 8; // We allocate 3 bits for the namespace identifier.
+ const NAMESPACE_ID_BITMASK: u8 = 0b111;
+
+ const BLOCKS_PER_MONTH: u32 = 144 /* blocks per day */ * 30 /* days per month */;
+ pub(crate) const MAX_SCID_BLOCKS_FROM_NOW: u32 = BLOCKS_PER_MONTH;
+
+
+ /// Fake scids are divided into namespaces, with each namespace having its own identifier between
+ /// [0..7]. This allows us to identify what namespace a fake scid corresponds to upon HTLC
+ /// receipt, and handle the HTLC accordingly. The namespace identifier is encrypted when encoded
+ /// into the fake scid.
+ #[derive(Copy, Clone)]
+ pub(crate) enum Namespace {
+ /// Phantom nodes namespace
+ Phantom,
+ /// SCID aliases for outbound private channels
+ OutboundAlias,
+ /// Payment interception namespace
+ Intercept
+ }
+
+ impl Namespace {
+ /// We generate "realistic-looking" random scids here, meaning the scid's block height is
+ /// between segwit activation and the current best known height, and the tx index and output
+ /// index are also selected from a "reasonable" range. We add this logic because it makes it
+ /// non-obvious at a glance that the scid is fake, e.g. if it appears in invoice route hints.
+ pub(crate) fn get_fake_scid<ES: Deref>(&self, highest_seen_blockheight: u32, chain_hash: &ChainHash, fake_scid_rand_bytes: &[u8; 32], entropy_source: &ES) -> u64
+ where ES::Target: EntropySource,
+ {
+ // Ensure we haven't created a namespace that doesn't fit into the 3 bits we've allocated for
+ // namespaces.
+ assert!((*self as u8) < MAX_NAMESPACES);
+ let rand_bytes = entropy_source.get_secure_random_bytes();
+
+ let segwit_activation_height = segwit_activation_height(chain_hash);
+ let mut blocks_since_segwit_activation = highest_seen_blockheight.saturating_sub(segwit_activation_height);
+
+ // We want to ensure that this fake channel won't conflict with any transactions we haven't
+ // seen yet, in case `highest_seen_blockheight` is updated before we get full information
+ // about transactions confirmed in the given block.
+ blocks_since_segwit_activation = blocks_since_segwit_activation.saturating_sub(MAX_SCID_BLOCKS_FROM_NOW);
+
+ let rand_for_height = u32::from_be_bytes(rand_bytes[..4].try_into().unwrap());
+ let fake_scid_height = segwit_activation_height + rand_for_height % (blocks_since_segwit_activation + 1);
+
+ let rand_for_tx_index = u32::from_be_bytes(rand_bytes[4..8].try_into().unwrap());
+ let fake_scid_tx_index = rand_for_tx_index % MAX_TX_INDEX;
+
+ // Put the scid in the given namespace.
+ let fake_scid_vout = self.get_encrypted_vout(fake_scid_height, fake_scid_tx_index, fake_scid_rand_bytes);
+ scid_utils::scid_from_parts(fake_scid_height as u64, fake_scid_tx_index as u64, fake_scid_vout as u64).unwrap()
+ }
+
+ /// We want to ensure that a 3rd party can't identify a payment as belong to a given
+ /// `Namespace`. Therefore, we encrypt it using a random bytes provided by `ChannelManager`.
+ fn get_encrypted_vout(&self, block_height: u32, tx_index: u32, fake_scid_rand_bytes: &[u8; 32]) -> u8 {
+ let mut salt = [0 as u8; 8];
+ let block_height_bytes = block_height.to_be_bytes();
+ salt[0..4].copy_from_slice(&block_height_bytes);
+ let tx_index_bytes = tx_index.to_be_bytes();
+ salt[4..8].copy_from_slice(&tx_index_bytes);
+
+ let mut chacha = ChaCha20::new(fake_scid_rand_bytes, &salt);
+ let mut vout_byte = [*self as u8];
+ chacha.process_in_place(&mut vout_byte);
+ vout_byte[0] & NAMESPACE_ID_BITMASK
+ }
+ }
+
+ fn segwit_activation_height(chain_hash: &ChainHash) -> u32 {
+ if *chain_hash == ChainHash::using_genesis_block(Network::Bitcoin) {
+ MAINNET_SEGWIT_ACTIVATION_HEIGHT
+ } else {
+ TEST_SEGWIT_ACTIVATION_HEIGHT
+ }
+ }
+
+ /// Returns whether the given fake scid falls into the phantom namespace.
+ pub fn is_valid_phantom(fake_scid_rand_bytes: &[u8; 32], scid: u64, chain_hash: &ChainHash) -> bool {
+ let block_height = scid_utils::block_from_scid(scid);
+ let tx_index = scid_utils::tx_index_from_scid(scid);
+ let namespace = Namespace::Phantom;
+ let valid_vout = namespace.get_encrypted_vout(block_height, tx_index, fake_scid_rand_bytes);
+ block_height >= segwit_activation_height(chain_hash)
+ && valid_vout == scid_utils::vout_from_scid(scid) as u8
+ }
+
+ /// Returns whether the given fake scid falls into the intercept namespace.
+ pub fn is_valid_intercept(fake_scid_rand_bytes: &[u8; 32], scid: u64, chain_hash: &ChainHash) -> bool {
+ let block_height = scid_utils::block_from_scid(scid);
+ let tx_index = scid_utils::tx_index_from_scid(scid);
+ let namespace = Namespace::Intercept;
+ let valid_vout = namespace.get_encrypted_vout(block_height, tx_index, fake_scid_rand_bytes);
+ block_height >= segwit_activation_height(chain_hash)
+ && valid_vout == scid_utils::vout_from_scid(scid) as u8
+ }
+
+ #[cfg(test)]
+ mod tests {
+ use bitcoin::blockdata::constants::ChainHash;
+ use bitcoin::network::constants::Network;
+ use crate::util::scid_utils::fake_scid::{is_valid_intercept, is_valid_phantom, MAINNET_SEGWIT_ACTIVATION_HEIGHT, MAX_TX_INDEX, MAX_NAMESPACES, Namespace, NAMESPACE_ID_BITMASK, segwit_activation_height, TEST_SEGWIT_ACTIVATION_HEIGHT};
+ use crate::util::scid_utils;
+ use crate::util::test_utils;
+ use crate::sync::Arc;
+
+ #[test]
+ fn namespace_identifier_is_within_range() {
+ let phantom_namespace = Namespace::Phantom;
+ assert!((phantom_namespace as u8) < MAX_NAMESPACES);
+ assert!((phantom_namespace as u8) <= NAMESPACE_ID_BITMASK);
+
+ let intercept_namespace = Namespace::Intercept;
+ assert!((intercept_namespace as u8) < MAX_NAMESPACES);
+ assert!((intercept_namespace as u8) <= NAMESPACE_ID_BITMASK);
+ }
+
+ #[test]
+ fn test_segwit_activation_height() {
+ let mainnet_genesis = ChainHash::using_genesis_block(Network::Bitcoin);
+ assert_eq!(segwit_activation_height(&mainnet_genesis), MAINNET_SEGWIT_ACTIVATION_HEIGHT);
+
+ let testnet_genesis = ChainHash::using_genesis_block(Network::Testnet);
+ assert_eq!(segwit_activation_height(&testnet_genesis), TEST_SEGWIT_ACTIVATION_HEIGHT);
+
+ let signet_genesis = ChainHash::using_genesis_block(Network::Signet);
+ assert_eq!(segwit_activation_height(&signet_genesis), TEST_SEGWIT_ACTIVATION_HEIGHT);
+
+ let regtest_genesis = ChainHash::using_genesis_block(Network::Regtest);
+ assert_eq!(segwit_activation_height(®test_genesis), TEST_SEGWIT_ACTIVATION_HEIGHT);
+ }
+
+ #[test]
+ fn test_is_valid_phantom() {
+ let namespace = Namespace::Phantom;
+ let fake_scid_rand_bytes = [0; 32];
+ let testnet_genesis = ChainHash::using_genesis_block(Network::Testnet);
+ let valid_encrypted_vout = namespace.get_encrypted_vout(0, 0, &fake_scid_rand_bytes);
+ let valid_fake_scid = scid_utils::scid_from_parts(1, 0, valid_encrypted_vout as u64).unwrap();
+ assert!(is_valid_phantom(&fake_scid_rand_bytes, valid_fake_scid, &testnet_genesis));
+ let invalid_fake_scid = scid_utils::scid_from_parts(1, 0, 12).unwrap();
+ assert!(!is_valid_phantom(&fake_scid_rand_bytes, invalid_fake_scid, &testnet_genesis));
+ }
+
+ #[test]
+ fn test_is_valid_intercept() {
+ let namespace = Namespace::Intercept;
+ let fake_scid_rand_bytes = [0; 32];
+ let testnet_genesis = ChainHash::using_genesis_block(Network::Testnet);
+ let valid_encrypted_vout = namespace.get_encrypted_vout(0, 0, &fake_scid_rand_bytes);
+ let valid_fake_scid = scid_utils::scid_from_parts(1, 0, valid_encrypted_vout as u64).unwrap();
+ assert!(is_valid_intercept(&fake_scid_rand_bytes, valid_fake_scid, &testnet_genesis));
+ let invalid_fake_scid = scid_utils::scid_from_parts(1, 0, 12).unwrap();
+ assert!(!is_valid_intercept(&fake_scid_rand_bytes, invalid_fake_scid, &testnet_genesis));
+ }
+
+ #[test]
+ fn test_get_fake_scid() {
+ let mainnet_genesis = ChainHash::using_genesis_block(Network::Bitcoin);
+ let seed = [0; 32];
+ let fake_scid_rand_bytes = [1; 32];
+ let keys_manager = Arc::new(test_utils::TestKeysInterface::new(&seed, Network::Testnet));
+ let namespace = Namespace::Phantom;
+ let fake_scid = namespace.get_fake_scid(500_000, &mainnet_genesis, &fake_scid_rand_bytes, &keys_manager);
+
+ let fake_height = scid_utils::block_from_scid(fake_scid);
+ assert!(fake_height >= MAINNET_SEGWIT_ACTIVATION_HEIGHT);
+ assert!(fake_height <= 500_000);
+
+ let fake_tx_index = scid_utils::tx_index_from_scid(fake_scid);
+ assert!(fake_tx_index <= MAX_TX_INDEX);
+
+ let fake_vout = scid_utils::vout_from_scid(fake_scid);
+ assert!(fake_vout < MAX_NAMESPACES as u16);
+ }
+ }
+}
+
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_block_from_scid() {
- assert_eq!(block_from_scid(&0x000000_000000_0000), 0);
- assert_eq!(block_from_scid(&0x000001_000000_0000), 1);
- assert_eq!(block_from_scid(&0x000001_ffffff_ffff), 1);
- assert_eq!(block_from_scid(&0x800000_ffffff_ffff), 0x800000);
- assert_eq!(block_from_scid(&0xffffff_ffffff_ffff), 0xffffff);
+ assert_eq!(block_from_scid(0x000000_000000_0000), 0);
+ assert_eq!(block_from_scid(0x000001_000000_0000), 1);
+ assert_eq!(block_from_scid(0x000001_ffffff_ffff), 1);
+ assert_eq!(block_from_scid(0x800000_ffffff_ffff), 0x800000);
+ assert_eq!(block_from_scid(0xffffff_ffffff_ffff), 0xffffff);
}
#[test]
fn test_tx_index_from_scid() {
- assert_eq!(tx_index_from_scid(&0x000000_000000_0000), 0);
- assert_eq!(tx_index_from_scid(&0x000000_000001_0000), 1);
- assert_eq!(tx_index_from_scid(&0xffffff_000001_ffff), 1);
- assert_eq!(tx_index_from_scid(&0xffffff_800000_ffff), 0x800000);
- assert_eq!(tx_index_from_scid(&0xffffff_ffffff_ffff), 0xffffff);
+ assert_eq!(tx_index_from_scid(0x000000_000000_0000), 0);
+ assert_eq!(tx_index_from_scid(0x000000_000001_0000), 1);
+ assert_eq!(tx_index_from_scid(0xffffff_000001_ffff), 1);
+ assert_eq!(tx_index_from_scid(0xffffff_800000_ffff), 0x800000);
+ assert_eq!(tx_index_from_scid(0xffffff_ffffff_ffff), 0xffffff);
}
#[test]
fn test_vout_from_scid() {
- assert_eq!(vout_from_scid(&0x000000_000000_0000), 0);
- assert_eq!(vout_from_scid(&0x000000_000000_0001), 1);
- assert_eq!(vout_from_scid(&0xffffff_ffffff_0001), 1);
- assert_eq!(vout_from_scid(&0xffffff_ffffff_8000), 0x8000);
- assert_eq!(vout_from_scid(&0xffffff_ffffff_ffff), 0xffff);
+ assert_eq!(vout_from_scid(0x000000_000000_0000), 0);
+ assert_eq!(vout_from_scid(0x000000_000000_0001), 1);
+ assert_eq!(vout_from_scid(0xffffff_ffffff_0001), 1);
+ assert_eq!(vout_from_scid(0xffffff_ffffff_8000), 0x8000);
+ assert_eq!(vout_from_scid(0xffffff_ffffff_ffff), 0xffff);
}
#[test]