X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=lightning%2Fsrc%2Fln%2Fmsgs.rs;h=43005ad1d65370095f70e28823fc53ef2b95386f;hb=07db23d102738d1e84e3d2cb36101cef92e1761d;hp=519c56542ba491856329319c9df6bd231ba88ed2;hpb=b7f4f764afbe7105d9fa5f70e2c30c71ad90caa2;p=rust-lightning

diff --git a/lightning/src/ln/msgs.rs b/lightning/src/ln/msgs.rs
index 519c5654..43005ad1 100644
--- a/lightning/src/ln/msgs.rs
+++ b/lightning/src/ln/msgs.rs
@@ -15,23 +15,25 @@
 //! raw socket events into your non-internet-facing system and then send routing events back to
 //! track the network on the less-secure system.
 
-use secp256k1::key::PublicKey;
-use secp256k1::Signature;
-use secp256k1;
-use bitcoin_hashes::sha256d::Hash as Sha256dHash;
+use bitcoin::secp256k1::key::PublicKey;
+use bitcoin::secp256k1::Signature;
+use bitcoin::secp256k1;
 use bitcoin::blockdata::script::Script;
+use bitcoin::hash_types::{Txid, BlockHash};
 
 use ln::features::{ChannelFeatures, InitFeatures, NodeFeatures};
 
-use std::error::Error;
 use std::{cmp, fmt};
 use std::io::Read;
 use std::result::Result;
 
 use util::events;
-use util::ser::{Readable, Writeable, Writer};
+use util::ser::{Readable, Writeable, Writer, FixedLengthReader, HighZeroBytesDroppedVarInt};
 
-use ln::channelmanager::{PaymentPreimage, PaymentHash};
+use ln::channelmanager::{PaymentPreimage, PaymentHash, PaymentSecret};
+
+/// 21 million * 10^8 * 1000
+pub(crate) const MAX_VALUE_MSAT: u64 = 21_000_000_0000_0000_000;
 
 /// An error in decoding a message or struct.
 #[derive(Debug)]
@@ -39,15 +41,14 @@ pub enum DecodeError {
 	/// A version byte specified something we don't know how to handle.
 	/// Includes unknown realm byte in an OnionHopData packet
 	UnknownVersion,
-	/// Unknown feature mandating we fail to parse message
+	/// Unknown feature mandating we fail to parse message (eg TLV with an even, unknown type)
 	UnknownRequiredFeature,
 	/// Value was invalid, eg a byte which was supposed to be a bool was something other than a 0
-	/// or 1, a public key/private key/signature was invalid, text wasn't UTF-8, etc
+	/// or 1, a public key/private key/signature was invalid, text wasn't UTF-8, TLV was
+	/// syntactically incorrect, etc
 	InvalidValue,
 	/// Buffer too short
 	ShortRead,
-	/// node_announcement included more than one address of a given type!
-	ExtraAddressesPerType,
 	/// A length descriptor in the packet didn't describe the later data correctly
 	BadLengthDescriptor,
 	/// Error from std::io
@@ -83,7 +84,7 @@ pub struct Pong {
 /// An open_channel message to be sent or received from a peer
 #[derive(Clone)]
 pub struct OpenChannel {
-	pub(crate) chain_hash: Sha256dHash,
+	pub(crate) chain_hash: BlockHash,
 	pub(crate) temporary_channel_id: [u8; 32],
 	pub(crate) funding_satoshis: u64,
 	pub(crate) push_msat: u64,
@@ -96,7 +97,7 @@ pub struct OpenChannel {
 	pub(crate) max_accepted_htlcs: u16,
 	pub(crate) funding_pubkey: PublicKey,
 	pub(crate) revocation_basepoint: PublicKey,
-	pub(crate) payment_basepoint: PublicKey,
+	pub(crate) payment_point: PublicKey,
 	pub(crate) delayed_payment_basepoint: PublicKey,
 	pub(crate) htlc_basepoint: PublicKey,
 	pub(crate) first_per_commitment_point: PublicKey,
@@ -117,7 +118,7 @@ pub struct AcceptChannel {
 	pub(crate) max_accepted_htlcs: u16,
 	pub(crate) funding_pubkey: PublicKey,
 	pub(crate) revocation_basepoint: PublicKey,
-	pub(crate) payment_basepoint: PublicKey,
+	pub(crate) payment_point: PublicKey,
 	pub(crate) delayed_payment_basepoint: PublicKey,
 	pub(crate) htlc_basepoint: PublicKey,
 	pub(crate) first_per_commitment_point: PublicKey,
@@ -128,7 +129,7 @@ pub struct AcceptChannel {
 #[derive(Clone)]
 pub struct FundingCreated {
 	pub(crate) temporary_channel_id: [u8; 32],
-	pub(crate) funding_txid: Sha256dHash,
+	pub(crate) funding_txid: Txid,
 	pub(crate) funding_output_index: u16,
 	pub(crate) signature: Signature,
 }
@@ -303,6 +304,9 @@ impl NetAddress {
 			&NetAddress::OnionV3 { .. } => { 37 },
 		}
 	}
+
+	/// The maximum length of any address descriptor, not including the 1-byte type
+	pub(crate) const MAX_LEN: u16 = 37;
 }
 
 impl Writeable for NetAddress {
@@ -335,9 +339,9 @@ impl Writeable for NetAddress {
 	}
 }
 
-impl<R: ::std::io::Read>  Readable<R> for Result<NetAddress, u8> {
-	fn read(reader: &mut R) -> Result<Result<NetAddress, u8>, DecodeError> {
-		let byte = <u8 as Readable<R>>::read(reader)?;
+impl Readable for Result<NetAddress, u8> {
+	fn read<R: Read>(reader: &mut R) -> Result<Result<NetAddress, u8>, DecodeError> {
+		let byte = <u8 as Readable>::read(reader)?;
 		match byte {
 			1 => {
 				Ok(Ok(NetAddress::IPv4 {
@@ -399,7 +403,7 @@ pub struct NodeAnnouncement {
 #[derive(PartialEq, Clone, Debug)]
 pub struct UnsignedChannelAnnouncement {
 	pub(crate) features: ChannelFeatures,
-	pub(crate) chain_hash: Sha256dHash,
+	pub(crate) chain_hash: BlockHash,
 	pub(crate) short_channel_id: u64,
 	/// One of the two node_ids which are endpoints of this channel
 	pub        node_id_1: PublicKey,
@@ -421,7 +425,7 @@ pub struct ChannelAnnouncement {
 
 #[derive(PartialEq, Clone, Debug)]
 pub(crate) struct UnsignedChannelUpdate {
-	pub(crate) chain_hash: Sha256dHash,
+	pub(crate) chain_hash: BlockHash,
 	pub(crate) short_channel_id: u64,
 	pub(crate) timestamp: u32,
 	pub(crate) flags: u16,
@@ -598,32 +602,49 @@ pub trait RoutingMessageHandler : Send + Sync {
 	fn handle_htlc_fail_channel_update(&self, update: &HTLCFailChannelUpdate);
 	/// Gets a subset of the channel announcements and updates required to dump our routing table
 	/// to a remote node, starting at the short_channel_id indicated by starting_point and
-	/// including batch_amount entries.
-	fn get_next_channel_announcements(&self, starting_point: u64, batch_amount: u8) -> Vec<(ChannelAnnouncement, ChannelUpdate, ChannelUpdate)>;
+	/// including the batch_amount entries immediately higher in numerical value than starting_point.
+	fn get_next_channel_announcements(&self, starting_point: u64, batch_amount: u8) -> Vec<(ChannelAnnouncement, Option<ChannelUpdate>, Option<ChannelUpdate>)>;
 	/// Gets a subset of the node announcements required to dump our routing table to a remote node,
-	/// starting at the node *after* the provided publickey and including batch_amount entries.
+	/// starting at the node *after* the provided publickey and including batch_amount entries
+	/// immediately higher (as defined by <PublicKey as Ord>::cmp) than starting_point.
 	/// If None is provided for starting_point, we start at the first node.
 	fn get_next_node_announcements(&self, starting_point: Option<&PublicKey>, batch_amount: u8) -> Vec<NodeAnnouncement>;
 	/// Returns whether a full sync should be requested from a peer.
 	fn should_request_full_sync(&self, node_id: &PublicKey) -> bool;
 }
 
-pub(crate) struct OnionRealm0HopData {
-	pub(crate) short_channel_id: u64,
-	pub(crate) amt_to_forward: u64,
-	pub(crate) outgoing_cltv_value: u32,
-	// 12 bytes of 0-padding
-}
-
 mod fuzzy_internal_msgs {
+	use ln::channelmanager::PaymentSecret;
+
 	// These types aren't intended to be pub, but are exposed for direct fuzzing (as we deserialize
 	// them from untrusted input):
+	#[derive(Clone)]
+	pub(crate) struct FinalOnionHopData {
+		pub(crate) payment_secret: PaymentSecret,
+		/// The total value, in msat, of the payment as received by the ultimate recipient.
+		/// Message serialization may panic if this value is more than 21 million Bitcoin.
+		pub(crate) total_msat: u64,
+	}
+
+	pub(crate) enum OnionHopDataFormat {
+		Legacy { // aka Realm-0
+			short_channel_id: u64,
+		},
+		NonFinalNode {
+			short_channel_id: u64,
+		},
+		FinalNode {
+			payment_data: Option<FinalOnionHopData>,
+		},
+	}
 
-	use super::OnionRealm0HopData;
 	pub struct OnionHopData {
-		pub(crate) realm: u8,
-		pub(crate) data: OnionRealm0HopData,
-		pub(crate) hmac: [u8; 32],
+		pub(crate) format: OnionHopDataFormat,
+		/// The value, in msat, of the payment after this hop's fee is deducted.
+		/// Message serialization may panic if this value is more than 21 million Bitcoin.
+		pub(crate) amt_to_forward: u64,
+		pub(crate) outgoing_cltv_value: u32,
+		// 12 bytes of 0-padding for Legacy format
 	}
 
 	pub struct DecodedOnionErrorPacket {
@@ -666,22 +687,16 @@ pub(crate) struct OnionErrorPacket {
 	pub(crate) data: Vec<u8>,
 }
 
-impl Error for DecodeError {
-	fn description(&self) -> &str {
-		match *self {
-			DecodeError::UnknownVersion => "Unknown realm byte in Onion packet",
-			DecodeError::UnknownRequiredFeature => "Unknown required feature preventing decode",
-			DecodeError::InvalidValue => "Nonsense bytes didn't map to the type they were interpreted as",
-			DecodeError::ShortRead => "Packet extended beyond the provided bytes",
-			DecodeError::ExtraAddressesPerType => "More than one address of a single type",
-			DecodeError::BadLengthDescriptor => "A length descriptor in the packet didn't describe the later data correctly",
-			DecodeError::Io(ref e) => e.description(),
-		}
-	}
-}
 impl fmt::Display for DecodeError {
 	fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-		f.write_str(self.description())
+		match *self {
+			DecodeError::UnknownVersion => f.write_str("Unknown realm byte in Onion packet"),
+			DecodeError::UnknownRequiredFeature => f.write_str("Unknown required feature preventing decode"),
+			DecodeError::InvalidValue => f.write_str("Nonsense bytes didn't map to the type they were interpreted as"),
+			DecodeError::ShortRead => f.write_str("Packet extended beyond the provided bytes"),
+			DecodeError::BadLengthDescriptor => f.write_str("A length descriptor in the packet didn't describe the later data correctly"),
+			DecodeError::Io(ref e) => e.fmt(f),
+		}
 	}
 }
 
@@ -714,9 +729,9 @@ impl Writeable for OptionalField<Script> {
 	}
 }
 
-impl<R: Read> Readable<R> for OptionalField<Script> {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
-		match <u16 as Readable<R>>::read(r) {
+impl Readable for OptionalField<Script> {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
+		match <u16 as Readable>::read(r) {
 			Ok(len) => {
 				let mut buf = vec![0; len as usize];
 				r.read_exact(&mut buf)?;
@@ -742,7 +757,7 @@ impl_writeable_len_match!(AcceptChannel, {
 	max_accepted_htlcs,
 	funding_pubkey,
 	revocation_basepoint,
-	payment_basepoint,
+	payment_point,
 	delayed_payment_basepoint,
 	htlc_basepoint,
 	first_per_commitment_point,
@@ -773,14 +788,14 @@ impl Writeable for ChannelReestablish {
 	}
 }
 
-impl<R: Read> Readable<R> for ChannelReestablish{
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for ChannelReestablish{
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Self {
 			channel_id: Readable::read(r)?,
 			next_local_commitment_number: Readable::read(r)?,
 			next_remote_commitment_number: Readable::read(r)?,
 			data_loss_protect: {
-				match <[u8; 32] as Readable<R>>::read(r) {
+				match <[u8; 32] as Readable>::read(r) {
 					Ok(your_last_per_commitment_secret) =>
 						OptionalField::Present(DataLossProtect {
 							your_last_per_commitment_secret,
@@ -842,8 +857,8 @@ impl Writeable for Init {
 	}
 }
 
-impl<R: Read> Readable<R> for Init {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for Init {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		let global_features: InitFeatures = Readable::read(r)?;
 		let features: InitFeatures = Readable::read(r)?;
 		Ok(Init {
@@ -869,7 +884,7 @@ impl_writeable_len_match!(OpenChannel, {
 	max_accepted_htlcs,
 	funding_pubkey,
 	revocation_basepoint,
-	payment_basepoint,
+	payment_point,
 	delayed_payment_basepoint,
 	htlc_basepoint,
 	first_per_commitment_point,
@@ -936,8 +951,8 @@ impl Writeable for OnionPacket {
 	}
 }
 
-impl<R: Read> Readable<R> for OnionPacket {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for OnionPacket {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(OnionPacket {
 			version: Readable::read(r)?,
 			public_key: {
@@ -960,53 +975,119 @@ impl_writeable!(UpdateAddHTLC, 32+8+8+32+4+1366, {
 	onion_routing_packet
 });
 
-impl Writeable for OnionRealm0HopData {
+impl Writeable for FinalOnionHopData {
 	fn write<W: Writer>(&self, w: &mut W) -> Result<(), ::std::io::Error> {
-		w.size_hint(32);
-		self.short_channel_id.write(w)?;
-		self.amt_to_forward.write(w)?;
-		self.outgoing_cltv_value.write(w)?;
-		w.write_all(&[0;12])?;
-		Ok(())
+		w.size_hint(32 + 8 - (self.total_msat.leading_zeros()/8) as usize);
+		self.payment_secret.0.write(w)?;
+		HighZeroBytesDroppedVarInt(self.total_msat).write(w)
 	}
 }
 
-impl<R: Read> Readable<R> for OnionRealm0HopData {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
-		Ok(OnionRealm0HopData {
-			short_channel_id: Readable::read(r)?,
-			amt_to_forward: Readable::read(r)?,
-			outgoing_cltv_value: {
-				let v: u32 = Readable::read(r)?;
-				r.read_exact(&mut [0; 12])?;
-				v
-			}
-		})
+impl Readable for FinalOnionHopData {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let secret: [u8; 32] = Readable::read(r)?;
+		let amt: HighZeroBytesDroppedVarInt<u64> = Readable::read(r)?;
+		Ok(Self { payment_secret: PaymentSecret(secret), total_msat: amt.0 })
 	}
 }
 
 impl Writeable for OnionHopData {
 	fn write<W: Writer>(&self, w: &mut W) -> Result<(), ::std::io::Error> {
-		w.size_hint(65);
-		self.realm.write(w)?;
-		self.data.write(w)?;
-		self.hmac.write(w)?;
+		w.size_hint(33);
+		// Note that this should never be reachable if Rust-Lightning generated the message, as we
+		// check values are sane long before we get here, though its possible in the future
+		// user-generated messages may hit this.
+		if self.amt_to_forward > MAX_VALUE_MSAT { panic!("We should never be sending infinite/overflow onion payments"); }
+		match self.format {
+			OnionHopDataFormat::Legacy { short_channel_id } => {
+				0u8.write(w)?;
+				short_channel_id.write(w)?;
+				self.amt_to_forward.write(w)?;
+				self.outgoing_cltv_value.write(w)?;
+				w.write_all(&[0;12])?;
+			},
+			OnionHopDataFormat::NonFinalNode { short_channel_id } => {
+				encode_varint_length_prefixed_tlv!(w, {
+					(2, HighZeroBytesDroppedVarInt(self.amt_to_forward)),
+					(4, HighZeroBytesDroppedVarInt(self.outgoing_cltv_value)),
+					(6, short_channel_id)
+				});
+			},
+			OnionHopDataFormat::FinalNode { payment_data: Some(ref final_data) } => {
+				if final_data.total_msat > MAX_VALUE_MSAT { panic!("We should never be sending infinite/overflow onion payments"); }
+				encode_varint_length_prefixed_tlv!(w, {
+					(2, HighZeroBytesDroppedVarInt(self.amt_to_forward)),
+					(4, HighZeroBytesDroppedVarInt(self.outgoing_cltv_value)),
+					(8, final_data)
+				});
+			},
+			OnionHopDataFormat::FinalNode { payment_data: None } => {
+				encode_varint_length_prefixed_tlv!(w, {
+					(2, HighZeroBytesDroppedVarInt(self.amt_to_forward)),
+					(4, HighZeroBytesDroppedVarInt(self.outgoing_cltv_value))
+				});
+			},
+		}
 		Ok(())
 	}
 }
 
-impl<R: Read> Readable<R> for OnionHopData {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
-		Ok(OnionHopData {
-			realm: {
-				let r: u8 = Readable::read(r)?;
-				if r != 0 {
-					return Err(DecodeError::UnknownVersion);
+impl Readable for OnionHopData {
+	fn read<R: Read>(mut r: &mut R) -> Result<Self, DecodeError> {
+		use bitcoin::consensus::encode::{Decodable, Error, VarInt};
+		let v: VarInt = Decodable::consensus_decode(&mut r)
+			.map_err(|e| match e {
+				Error::Io(ioe) => DecodeError::from(ioe),
+				_ => DecodeError::InvalidValue
+			})?;
+		const LEGACY_ONION_HOP_FLAG: u64 = 0;
+		let (format, amt, cltv_value) = if v.0 != LEGACY_ONION_HOP_FLAG {
+			let mut rd = FixedLengthReader::new(r, v.0);
+			let mut amt = HighZeroBytesDroppedVarInt(0u64);
+			let mut cltv_value = HighZeroBytesDroppedVarInt(0u32);
+			let mut short_id: Option<u64> = None;
+			let mut payment_data: Option<FinalOnionHopData> = None;
+			decode_tlv!(&mut rd, {
+				(2, amt),
+				(4, cltv_value)
+			}, {
+				(6, short_id),
+				(8, payment_data)
+			});
+			rd.eat_remaining().map_err(|_| DecodeError::ShortRead)?;
+			let format = if let Some(short_channel_id) = short_id {
+				if payment_data.is_some() { return Err(DecodeError::InvalidValue); }
+				OnionHopDataFormat::NonFinalNode {
+					short_channel_id,
 				}
-				r
-			},
-			data: Readable::read(r)?,
-			hmac: Readable::read(r)?,
+			} else {
+				if let &Some(ref data) = &payment_data {
+					if data.total_msat > MAX_VALUE_MSAT {
+						return Err(DecodeError::InvalidValue);
+					}
+				}
+				OnionHopDataFormat::FinalNode {
+					payment_data
+				}
+			};
+			(format, amt.0, cltv_value.0)
+		} else {
+			let format = OnionHopDataFormat::Legacy {
+				short_channel_id: Readable::read(r)?,
+			};
+			let amt: u64 = Readable::read(r)?;
+			let cltv_value: u32 = Readable::read(r)?;
+			r.read_exact(&mut [0; 12])?;
+			(format, amt, cltv_value)
+		};
+
+		if amt > MAX_VALUE_MSAT {
+			return Err(DecodeError::InvalidValue);
+		}
+		Ok(OnionHopData {
+			format,
+			amt_to_forward: amt,
+			outgoing_cltv_value: cltv_value,
 		})
 	}
 }
@@ -1020,8 +1101,8 @@ impl Writeable for Ping {
 	}
 }
 
-impl<R: Read> Readable<R> for Ping {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for Ping {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Ping {
 			ponglen: Readable::read(r)?,
 			byteslen: {
@@ -1041,8 +1122,8 @@ impl Writeable for Pong {
 	}
 }
 
-impl<R: Read> Readable<R> for Pong {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for Pong {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Pong {
 			byteslen: {
 				let byteslen = Readable::read(r)?;
@@ -1068,8 +1149,8 @@ impl Writeable for UnsignedChannelAnnouncement {
 	}
 }
 
-impl<R: Read> Readable<R> for UnsignedChannelAnnouncement {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for UnsignedChannelAnnouncement {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Self {
 			features: Readable::read(r)?,
 			chain_hash: Readable::read(r)?,
@@ -1114,8 +1195,8 @@ impl Writeable for UnsignedChannelUpdate {
 	}
 }
 
-impl<R: Read> Readable<R> for UnsignedChannelUpdate {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for UnsignedChannelUpdate {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Self {
 			chain_hash: Readable::read(r)?,
 			short_channel_id: Readable::read(r)?,
@@ -1152,12 +1233,12 @@ impl Writeable for ErrorMessage {
 	}
 }
 
-impl<R: Read> Readable<R> for ErrorMessage {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for ErrorMessage {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		Ok(Self {
 			channel_id: Readable::read(r)?,
 			data: {
-				let mut sz: usize = <u16 as Readable<R>>::read(r)? as usize;
+				let mut sz: usize = <u16 as Readable>::read(r)? as usize;
 				let mut data = vec![];
 				let data_len = r.read_to_end(&mut data)?;
 				sz = cmp::min(data_len, sz);
@@ -1180,8 +1261,7 @@ impl Writeable for UnsignedNodeAnnouncement {
 		self.alias.write(w)?;
 
 		let mut addrs_to_encode = self.addresses.clone();
-		addrs_to_encode.sort_unstable_by(|a, b| { a.get_id().cmp(&b.get_id()) });
-		addrs_to_encode.dedup_by(|a, b| { a.get_id() == b.get_id() });
+		addrs_to_encode.sort_by(|a, b| { a.get_id().cmp(&b.get_id()) });
 		let mut addr_len = 0;
 		for addr in &addrs_to_encode {
 			addr_len += 1 + addr.len();
@@ -1196,8 +1276,8 @@ impl Writeable for UnsignedNodeAnnouncement {
 	}
 }
 
-impl<R: Read> Readable<R> for UnsignedNodeAnnouncement {
-	fn read(r: &mut R) -> Result<Self, DecodeError> {
+impl Readable for UnsignedNodeAnnouncement {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
 		let features: NodeFeatures = Readable::read(r)?;
 		let timestamp: u32 = Readable::read(r)?;
 		let node_id: PublicKey = Readable::read(r)?;
@@ -1206,7 +1286,8 @@ impl<R: Read> Readable<R> for UnsignedNodeAnnouncement {
 		let alias: [u8; 32] = Readable::read(r)?;
 
 		let addr_len: u16 = Readable::read(r)?;
-		let mut addresses: Vec<NetAddress> = Vec::with_capacity(4);
+		let mut addresses: Vec<NetAddress> = Vec::new();
+		let mut highest_addr_type = 0;
 		let mut addr_readpos = 0;
 		let mut excess = false;
 		let mut excess_byte = 0;
@@ -1214,28 +1295,11 @@ impl<R: Read> Readable<R> for UnsignedNodeAnnouncement {
 			if addr_len <= addr_readpos { break; }
 			match Readable::read(r) {
 				Ok(Ok(addr)) => {
-					match addr {
-						NetAddress::IPv4 { .. } => {
-							if addresses.len() > 0 {
-								return Err(DecodeError::ExtraAddressesPerType);
-							}
-						},
-						NetAddress::IPv6 { .. } => {
-							if addresses.len() > 1 || (addresses.len() == 1 && addresses[0].get_id() != 1) {
-								return Err(DecodeError::ExtraAddressesPerType);
-							}
-						},
-						NetAddress::OnionV2 { .. } => {
-							if addresses.len() > 2 || (addresses.len() > 0 && addresses.last().unwrap().get_id() > 2) {
-								return Err(DecodeError::ExtraAddressesPerType);
-							}
-						},
-						NetAddress::OnionV3 { .. } => {
-							if addresses.len() > 3 || (addresses.len() > 0 && addresses.last().unwrap().get_id() > 3) {
-								return Err(DecodeError::ExtraAddressesPerType);
-							}
-						},
+					if addr.get_id() < highest_addr_type {
+						// Addresses must be sorted in increasing order
+						return Err(DecodeError::InvalidValue);
 					}
+					highest_addr_type = addr.get_id();
 					if addr_len < addr_readpos + 1 + addr.len() {
 						return Err(DecodeError::BadLengthDescriptor);
 					}
@@ -1282,7 +1346,7 @@ impl<R: Read> Readable<R> for UnsignedNodeAnnouncement {
 
 impl_writeable_len_match!(NodeAnnouncement, {
 		{ NodeAnnouncement { contents: UnsignedNodeAnnouncement { ref features, ref addresses, ref excess_address_data, ref excess_data, ..}, .. },
-			64 + 76 + features.byte_count() + addresses.len()*38 + excess_address_data.len() + excess_data.len() }
+			64 + 76 + features.byte_count() + addresses.len()*(NetAddress::MAX_LEN as usize + 1) + excess_address_data.len() + excess_data.len() }
 	}, {
 	signature,
 	contents
@@ -1292,19 +1356,21 @@ impl_writeable_len_match!(NodeAnnouncement, {
 mod tests {
 	use hex;
 	use ln::msgs;
-	use ln::msgs::{ChannelFeatures, InitFeatures, NodeFeatures, OptionalField, OnionErrorPacket};
-	use ln::channelmanager::{PaymentPreimage, PaymentHash};
-	use util::ser::Writeable;
+	use ln::msgs::{ChannelFeatures, FinalOnionHopData, InitFeatures, NodeFeatures, OptionalField, OnionErrorPacket, OnionHopDataFormat};
+	use ln::channelmanager::{PaymentPreimage, PaymentHash, PaymentSecret};
+	use util::ser::{Writeable, Readable};
 
-	use bitcoin_hashes::sha256d::Hash as Sha256dHash;
-	use bitcoin_hashes::hex::FromHex;
+	use bitcoin::hashes::hex::FromHex;
 	use bitcoin::util::address::Address;
 	use bitcoin::network::constants::Network;
 	use bitcoin::blockdata::script::Builder;
 	use bitcoin::blockdata::opcodes;
+	use bitcoin::hash_types::{Txid, BlockHash};
 
-	use secp256k1::key::{PublicKey,SecretKey};
-	use secp256k1::{Secp256k1, Message};
+	use bitcoin::secp256k1::key::{PublicKey,SecretKey};
+	use bitcoin::secp256k1::{Secp256k1, Message};
+
+	use std::io::Cursor;
 
 	#[test]
 	fn encoding_channel_reestablish_no_secret() {
@@ -1389,13 +1455,13 @@ mod tests {
 		let sig_2 = get_sig_on!(privkey_2, secp_ctx, String::from("01010101010101010101010101010101"));
 		let sig_3 = get_sig_on!(privkey_3, secp_ctx, String::from("01010101010101010101010101010101"));
 		let sig_4 = get_sig_on!(privkey_4, secp_ctx, String::from("01010101010101010101010101010101"));
-		let mut features = ChannelFeatures::supported();
+		let mut features = ChannelFeatures::known();
 		if unknown_features_bits {
 			features = ChannelFeatures::from_le_bytes(vec![0xFF, 0xFF]);
 		}
 		let unsigned_channel_announcement = msgs::UnsignedChannelAnnouncement {
 			features,
-			chain_hash: if !non_bitcoin_chain_hash { Sha256dHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { Sha256dHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
+			chain_hash: if !non_bitcoin_chain_hash { BlockHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { BlockHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
 			short_channel_id: 2316138423780173,
 			node_id_1: pubkey_1,
 			node_id_2: pubkey_2,
@@ -1545,7 +1611,7 @@ mod tests {
 		let (privkey_1, _) = get_keys_from!("0101010101010101010101010101010101010101010101010101010101010101", secp_ctx);
 		let sig_1 = get_sig_on!(privkey_1, secp_ctx, String::from("01010101010101010101010101010101"));
 		let unsigned_channel_update = msgs::UnsignedChannelUpdate {
-			chain_hash: if !non_bitcoin_chain_hash { Sha256dHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { Sha256dHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
+			chain_hash: if !non_bitcoin_chain_hash { BlockHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { BlockHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
 			short_channel_id: 2316138423780173,
 			timestamp: 20190119,
 			flags: if direction { 1 } else { 0 } | if disable { 1 << 1 } else { 0 } | if htlc_maximum_msat { 1 << 8 } else { 0 },
@@ -1607,7 +1673,7 @@ mod tests {
 		let (_, pubkey_5) = get_keys_from!("0505050505050505050505050505050505050505050505050505050505050505", secp_ctx);
 		let (_, pubkey_6) = get_keys_from!("0606060606060606060606060606060606060606060606060606060606060606", secp_ctx);
 		let open_channel = msgs::OpenChannel {
-			chain_hash: if !non_bitcoin_chain_hash { Sha256dHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { Sha256dHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
+			chain_hash: if !non_bitcoin_chain_hash { BlockHash::from_hex("6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000").unwrap() } else { BlockHash::from_hex("000000000933ea01ad0ee984209779baaec3ced90fa3f408719526f8d77f4943").unwrap() },
 			temporary_channel_id: [2; 32],
 			funding_satoshis: 1311768467284833366,
 			push_msat: 2536655962884945560,
@@ -1620,7 +1686,7 @@ mod tests {
 			max_accepted_htlcs: 49340,
 			funding_pubkey: pubkey_1,
 			revocation_basepoint: pubkey_2,
-			payment_basepoint: pubkey_3,
+			payment_point: pubkey_3,
 			delayed_payment_basepoint: pubkey_4,
 			htlc_basepoint: pubkey_5,
 			first_per_commitment_point: pubkey_6,
@@ -1674,7 +1740,7 @@ mod tests {
 			max_accepted_htlcs: 49340,
 			funding_pubkey: pubkey_1,
 			revocation_basepoint: pubkey_2,
-			payment_basepoint: pubkey_3,
+			payment_point: pubkey_3,
 			delayed_payment_basepoint: pubkey_4,
 			htlc_basepoint: pubkey_5,
 			first_per_commitment_point: pubkey_6,
@@ -1701,7 +1767,7 @@ mod tests {
 		let sig_1 = get_sig_on!(privkey_1, secp_ctx, String::from("01010101010101010101010101010101"));
 		let funding_created = msgs::FundingCreated {
 			temporary_channel_id: [2; 32],
-			funding_txid: Sha256dHash::from_hex("c2d4449afa8d26140898dd54d3390b057ba2a5afcf03ba29d7dc0d8b9ffe966e").unwrap(),
+			funding_txid: Txid::from_hex("c2d4449afa8d26140898dd54d3390b057ba2a5afcf03ba29d7dc0d8b9ffe966e").unwrap(),
 			funding_output_index: 255,
 			signature: sig_1,
 		};
@@ -1945,4 +2011,85 @@ mod tests {
 		let target_value = hex::decode("004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000").unwrap();
 		assert_eq!(encoded_value, target_value);
 	}
+
+	#[test]
+	fn encoding_legacy_onion_hop_data() {
+		let msg = msgs::OnionHopData {
+			format: OnionHopDataFormat::Legacy {
+				short_channel_id: 0xdeadbeef1bad1dea,
+			},
+			amt_to_forward: 0x0badf00d01020304,
+			outgoing_cltv_value: 0xffffffff,
+		};
+		let encoded_value = msg.encode();
+		let target_value = hex::decode("00deadbeef1bad1dea0badf00d01020304ffffffff000000000000000000000000").unwrap();
+		assert_eq!(encoded_value, target_value);
+	}
+
+	#[test]
+	fn encoding_nonfinal_onion_hop_data() {
+		let mut msg = msgs::OnionHopData {
+			format: OnionHopDataFormat::NonFinalNode {
+				short_channel_id: 0xdeadbeef1bad1dea,
+			},
+			amt_to_forward: 0x0badf00d01020304,
+			outgoing_cltv_value: 0xffffffff,
+		};
+		let encoded_value = msg.encode();
+		let target_value = hex::decode("1a02080badf00d010203040404ffffffff0608deadbeef1bad1dea").unwrap();
+		assert_eq!(encoded_value, target_value);
+		msg = Readable::read(&mut Cursor::new(&target_value[..])).unwrap();
+		if let OnionHopDataFormat::NonFinalNode { short_channel_id } = msg.format {
+			assert_eq!(short_channel_id, 0xdeadbeef1bad1dea);
+		} else { panic!(); }
+		assert_eq!(msg.amt_to_forward, 0x0badf00d01020304);
+		assert_eq!(msg.outgoing_cltv_value, 0xffffffff);
+	}
+
+	#[test]
+	fn encoding_final_onion_hop_data() {
+		let mut msg = msgs::OnionHopData {
+			format: OnionHopDataFormat::FinalNode {
+				payment_data: None,
+			},
+			amt_to_forward: 0x0badf00d01020304,
+			outgoing_cltv_value: 0xffffffff,
+		};
+		let encoded_value = msg.encode();
+		let target_value = hex::decode("1002080badf00d010203040404ffffffff").unwrap();
+		assert_eq!(encoded_value, target_value);
+		msg = Readable::read(&mut Cursor::new(&target_value[..])).unwrap();
+		if let OnionHopDataFormat::FinalNode { payment_data: None } = msg.format { } else { panic!(); }
+		assert_eq!(msg.amt_to_forward, 0x0badf00d01020304);
+		assert_eq!(msg.outgoing_cltv_value, 0xffffffff);
+	}
+
+	#[test]
+	fn encoding_final_onion_hop_data_with_secret() {
+		let expected_payment_secret = PaymentSecret([0x42u8; 32]);
+		let mut msg = msgs::OnionHopData {
+			format: OnionHopDataFormat::FinalNode {
+				payment_data: Some(FinalOnionHopData {
+					payment_secret: expected_payment_secret,
+					total_msat: 0x1badca1f
+				}),
+			},
+			amt_to_forward: 0x0badf00d01020304,
+			outgoing_cltv_value: 0xffffffff,
+		};
+		let encoded_value = msg.encode();
+		let target_value = hex::decode("3602080badf00d010203040404ffffffff082442424242424242424242424242424242424242424242424242424242424242421badca1f").unwrap();
+		assert_eq!(encoded_value, target_value);
+		msg = Readable::read(&mut Cursor::new(&target_value[..])).unwrap();
+		if let OnionHopDataFormat::FinalNode {
+			payment_data: Some(FinalOnionHopData {
+				payment_secret,
+				total_msat: 0x1badca1f
+			})
+		} = msg.format {
+			assert_eq!(payment_secret, expected_payment_secret);
+		} else { panic!(); }
+		assert_eq!(msg.amt_to_forward, 0x0badf00d01020304);
+		assert_eq!(msg.outgoing_cltv_value, 0xffffffff);
+	}
 }