Impl Base AMP in the receive pipeline and expose payment_secret

author Matt Corallo <git@bluematt.me>

Thu, 2 Jan 2020 06:23:48 +0000 (01:23 -0500)

committer Matt Corallo <git@bluematt.me>

Mon, 3 Feb 2020 02:38:53 +0000 (21:38 -0500)
author Matt Corallo <git@bluematt.me>
Thu, 2 Jan 2020 06:23:48 +0000 (01:23 -0500)
committer Matt Corallo <git@bluematt.me>
Mon, 3 Feb 2020 02:38:53 +0000 (21:38 -0500)
diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs

index b01fabad3053468347303272b0151c9db33ca849..1d549bf76308b2124cd979a1c339a7c841ea5175 100644 (file)
--- a/fuzz/src/chanmon_consistency.rs
+++ b/fuzz/src/chanmon_consistency.rs
@@ -421,7 +421,7 @@ pub fn do_test(data: &[u8]) {
                                                 fee_msat: 5000000,
                                                 cltv_expiry_delta: 200,
                                         }],
-                               }, PaymentHash(payment_hash.into_inner())) {
+                               }, PaymentHash(payment_hash.into_inner()), None) {
                                         // Probably ran out of funds
                                         test_return!();
                                 }
@@ -445,7 +445,7 @@ pub fn do_test(data: &[u8]) {
                                                 fee_msat: 5000000,
                                                 cltv_expiry_delta: 200,
                                         }],
-                               }, PaymentHash(payment_hash.into_inner())) {
+                               }, PaymentHash(payment_hash.into_inner()), None) {
                                         // Probably ran out of funds
                                         test_return!();
                                 }
@@ -606,9 +606,9 @@ pub fn do_test(data: &[u8]) {
                                                 events::Event::PaymentReceived { payment_hash, .. } => {
                                                         if claim_set.insert(payment_hash.0) {
                                                                 if $fail {
-                                                                       assert!(nodes[$node].fail_htlc_backwards(&payment_hash));
+                                                                       assert!(nodes[$node].fail_htlc_backwards(&payment_hash, &None));
                                                                 } else {
-                                                                       assert!(nodes[$node].claim_funds(PaymentPreimage(payment_hash.0), 5_000_000));
+                                                                       assert!(nodes[$node].claim_funds(PaymentPreimage(payment_hash.0), &None, 5_000_000));
                                                                 }
                                                         }
                                                 },
diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs

index b39d061b7e5bac742622020bb7235e1ee8af53af..6c2597c50f158cce53ff6fb5fee50b1c7605508f 100644 (file)
--- a/fuzz/src/full_stack.rs
+++ b/fuzz/src/full_stack.rs
@@ -339,7 +339,7 @@ pub fn do_test(data: &[u8], logger: &Arc<dyn Logger>) {
         }, our_network_key, &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 15, 0], Arc::clone(&logger)));
  
         let mut should_forward = false;
-       let mut payments_received: Vec<(PaymentHash, u64)> = Vec::new();
+       let mut payments_received: Vec<(PaymentHash, Option<[u8; 32]>, u64)> = Vec::new();
         let mut payments_sent = 0;
         let mut pending_funding_generation: Vec<([u8; 32], u64, Script)> = Vec::new();
         let mut pending_funding_signatures = HashMap::new();
@@ -397,7 +397,7 @@ pub fn do_test(data: &[u8], logger: &Arc<dyn Logger>) {
                                 sha.input(&payment_hash.0[..]);
                                 payment_hash.0 = Sha256::from_engine(sha).into_inner();
                                 payments_sent += 1;
-                               match channelmanager.send_payment(route, payment_hash) {
+                               match channelmanager.send_payment(route, payment_hash, None) {
                                         Ok(_) => {},
                                         Err(_) => return,
                                 }
@@ -424,23 +424,23 @@ pub fn do_test(data: &[u8], logger: &Arc<dyn Logger>) {
                                 }
                         },
                         8 => {
-                               for (payment, amt) in payments_received.drain(..) {
+                               for (payment, payment_secret, amt) in payments_received.drain(..) {
                                         // SHA256 is defined as XOR of all input bytes placed in the first byte, and 0s
                                         // for the remaining bytes. Thus, if not all remaining bytes are 0s we cannot
                                         // fulfill this HTLC, but if they are, we can just take the first byte and
                                         // place that anywhere in our preimage.
                                         if &payment.0[1..] != &[0; 31] {
-                                               channelmanager.fail_htlc_backwards(&payment);
+                                               channelmanager.fail_htlc_backwards(&payment, &payment_secret);
                                         } else {
                                                 let mut payment_preimage = PaymentPreimage([0; 32]);
                                                 payment_preimage.0[0] = payment.0[0];
-                                               channelmanager.claim_funds(payment_preimage, amt);
+                                               channelmanager.claim_funds(payment_preimage, &payment_secret, amt);
                                         }
                                 }
                         },
                         9 => {
-                               for (payment, _) in payments_received.drain(..) {
-                                       channelmanager.fail_htlc_backwards(&payment);
+                               for (payment, payment_secret, _) in payments_received.drain(..) {
+                                       channelmanager.fail_htlc_backwards(&payment, &payment_secret);
                                 }
                         },
                         10 => {
@@ -514,9 +514,9 @@ pub fn do_test(data: &[u8], logger: &Arc<dyn Logger>) {
                                 Event::FundingBroadcastSafe { funding_txo, .. } => {
                                         pending_funding_relay.push(pending_funding_signatures.remove(&funding_txo).unwrap());
                                 },
-                               Event::PaymentReceived { payment_hash, amt } => {
+                               Event::PaymentReceived { payment_hash, payment_secret, amt } => {
                                         //TODO: enhance by fetching random amounts from fuzz input?
-                                       payments_received.push((payment_hash, amt));
+                                       payments_received.push((payment_hash, payment_secret, amt));
                                 },
                                 Event::PaymentSent {..} => {},
                                 Event::PaymentFailed {..} => {},
diff --git a/lightning/src/ln/chanmon_update_fail_tests.rs b/lightning/src/ln/chanmon_update_fail_tests.rs

index 5772d015b5680fc7bd1b25cd13c6464356ab944d..50c179d2f7658d5b5f2b1327765baad839911229 100644 (file)
--- a/lightning/src/ln/chanmon_update_fail_tests.rs
+++ b/lightning/src/ln/chanmon_update_fail_tests.rs
@@ -28,7 +28,7 @@ fn test_simple_monitor_permanent_update_fail() {
         let (_, payment_hash_1) = get_payment_preimage_hash!(&nodes[0]);
  
         *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::PermanentFailure);
-       if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route, payment_hash_1) {} else { panic!(); }
+       if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route, payment_hash_1, None) {} else { panic!(); }
         check_added_monitors!(nodes[0], 1);
  
         let events_1 = nodes[0].node.get_and_clear_pending_msg_events();
@@ -60,7 +60,7 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) {
         let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(&nodes[0]);
  
         *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
-       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_1) {} else { panic!(); }
+       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_1, None) {} else { panic!(); }
         check_added_monitors!(nodes[0], 1);
  
         assert!(nodes[0].node.get_and_clear_pending_events().is_empty());
@@ -89,8 +89,9 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) {
         let events_3 = nodes[1].node.get_and_clear_pending_events();
         assert_eq!(events_3.len(), 1);
         match events_3[0] {
-               Event::PaymentReceived { ref payment_hash, amt } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                         assert_eq!(payment_hash_1, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                         assert_eq!(amt, 1000000);
                 },
                 _ => panic!("Unexpected event"),
@@ -101,7 +102,7 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) {
         // Now set it to failed again...
         let (_, payment_hash_2) = get_payment_preimage_hash!(&nodes[0]);
         *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
-       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route, payment_hash_2) {} else { panic!(); }
+       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route, payment_hash_2, None) {} else { panic!(); }
         check_added_monitors!(nodes[0], 1);
  
         assert!(nodes[0].node.get_and_clear_pending_events().is_empty());
@@ -164,7 +165,7 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) {
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
  
         *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
-       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_2) {} else { panic!(); }
+       if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_2, None) {} else { panic!(); }
         check_added_monitors!(nodes[0], 1);
  
         assert!(nodes[0].node.get_and_clear_pending_events().is_empty());
@@ -173,7 +174,7 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) {
  
         // Claim the previous payment, which will result in a update_fulfill_htlc/CS from nodes[1]
         // but nodes[0] won't respond since it is frozen.
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000));
         check_added_monitors!(nodes[1], 1);
         let events_2 = nodes[1].node.get_and_clear_pending_msg_events();
         assert_eq!(events_2.len(), 1);
@@ -440,8 +441,9 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) {
         let events_5 = nodes[1].node.get_and_clear_pending_events();
         assert_eq!(events_5.len(), 1);
         match events_5[0] {
-               Event::PaymentReceived { ref payment_hash, amt } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                         assert_eq!(payment_hash_2, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                         assert_eq!(amt, 1000000);
                 },
                 _ => panic!("Unexpected event"),
@@ -487,7 +489,7 @@ fn test_monitor_update_fail_cs() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0));
@@ -546,8 +548,9 @@ fn test_monitor_update_fail_cs() {
         let events = nodes[1].node.get_and_clear_pending_events();
         assert_eq!(events.len(), 1);
         match events[0] {
-               Event::PaymentReceived { payment_hash, amt } => {
+               Event::PaymentReceived { payment_hash, payment_secret, amt } => {
                         assert_eq!(payment_hash, our_payment_hash);
+                       assert_eq!(payment_secret, None);
                         assert_eq!(amt, 1000000);
                 },
                 _ => panic!("Unexpected event"),
@@ -568,7 +571,7 @@ fn test_monitor_update_fail_no_rebroadcast() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_1, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0));
@@ -614,13 +617,13 @@ fn test_monitor_update_raa_while_paused() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_1, our_payment_hash_1) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash_1).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash_1, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let send_event_1 = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0));
  
         let route = nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, our_payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[1].node.send_payment(route, our_payment_hash_2).unwrap();
+       nodes[1].node.send_payment(route, our_payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[1], 1);
         let send_event_2 = SendEvent::from_event(nodes[1].node.get_and_clear_pending_msg_events().remove(0));
  
@@ -687,7 +690,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) {
         let (_, payment_hash_1) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 1000000);
  
         // Fail the payment backwards, failing the monitor update on nodes[1]'s receipt of the RAA
-       assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1));
+       assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1, &None));
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
  
@@ -706,7 +709,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) {
         // holding cell.
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
         let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
-       nodes[0].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let mut send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0));
@@ -731,7 +734,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) {
  
         let (_, payment_hash_3) = get_payment_preimage_hash!(nodes[0]);
         let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
-       nodes[0].node.send_payment(route, payment_hash_3).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_3, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         *nodes[1].chan_monitor.update_ret.lock().unwrap() = Ok(()); // We succeed in updating the monitor for the first channel
@@ -778,7 +781,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) {
                 // Try to route another payment backwards from 2 to make sure 1 holds off on responding
                 let (payment_preimage_4, payment_hash_4) = get_payment_preimage_hash!(nodes[0]);
                 let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
-               nodes[2].node.send_payment(route, payment_hash_4).unwrap();
+               nodes[2].node.send_payment(route, payment_hash_4, None).unwrap();
                 check_added_monitors!(nodes[2], 1);
  
                 send_event = SendEvent::from_event(nodes[2].node.get_and_clear_pending_msg_events().remove(0));
@@ -940,7 +943,7 @@ fn test_monitor_update_fail_reestablish() {
         nodes[1].node.peer_disconnected(&nodes[0].node.get_our_node_id(), false);
         nodes[0].node.peer_disconnected(&nodes[1].node.get_our_node_id(), false);
  
-       assert!(nodes[2].node.claim_funds(our_payment_preimage, 1_000_000));
+       assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 1_000_000));
         check_added_monitors!(nodes[2], 1);
         let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
         assert!(updates.update_add_htlcs.is_empty());
@@ -1024,9 +1027,9 @@ fn raa_no_response_awaiting_raa_state() {
         // immediately after a CS. By setting failing the monitor update failure from the CS (which
         // requires only an RAA response due to AwaitingRAA) we can deliver the RAA and require the CS
         // generation during RAA while in monitor-update-failed state.
-       nodes[0].node.send_payment(route.clone(), payment_hash_1).unwrap();
+       nodes[0].node.send_payment(route.clone(), payment_hash_1, None).unwrap();
         check_added_monitors!(nodes[0], 1);
-       nodes[0].node.send_payment(route.clone(), payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route.clone(), payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 0);
  
         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -1073,7 +1076,7 @@ fn raa_no_response_awaiting_raa_state() {
         // We send a third payment here, which is somewhat of a redundant test, but the
         // chanmon_fail_consistency test required it to actually find the bug (by seeing out-of-sync
         // commitment transaction states) whereas here we can explicitly check for it.
-       nodes[0].node.send_payment(route.clone(), payment_hash_3).unwrap();
+       nodes[0].node.send_payment(route.clone(), payment_hash_3, None).unwrap();
         check_added_monitors!(nodes[0], 0);
         assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty());
  
@@ -1135,7 +1138,7 @@ fn claim_while_disconnected_monitor_update_fail() {
         nodes[0].node.peer_disconnected(&nodes[1].node.get_our_node_id(), false);
         nodes[1].node.peer_disconnected(&nodes[0].node.get_our_node_id(), false);
  
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000));
         check_added_monitors!(nodes[1], 1);
  
         nodes[0].node.peer_connected(&nodes[1].node.get_our_node_id(), &msgs::Init { features: InitFeatures::empty() });
@@ -1161,7 +1164,7 @@ fn claim_while_disconnected_monitor_update_fail() {
         // the monitor still failed
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let as_updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
@@ -1250,7 +1253,7 @@ fn monitor_failed_no_reestablish_response() {
         // on receipt).
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_1).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_1, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
@@ -1318,7 +1321,7 @@ fn first_message_on_recv_ordering() {
         // can deliver it and fail the monitor update.
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_1).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_1, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -1340,7 +1343,7 @@ fn first_message_on_recv_ordering() {
         // Route the second payment, generating an update_add_htlc/commitment_signed
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
         assert_eq!(events.len(), 1);
@@ -1408,12 +1411,12 @@ fn test_monitor_update_fail_claim() {
         let (payment_preimage_1, _) = route_payment(&nodes[0], &[&nodes[1]], 1000000);
  
         *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000));
         check_added_monitors!(nodes[1], 1);
  
         let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[2].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[2].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[2], 1);
  
         // Successfully update the monitor on the 1<->2 channel, but the 0<->1 channel should still be
@@ -1481,7 +1484,7 @@ fn test_monitor_update_on_pending_forwards() {
         send_payment(&nodes[0], &[&nodes[1], &nodes[2]], 5000000, 5_000_000);
  
         let (_, payment_hash_1) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 1000000);
-       assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1));
+       assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1, &None));
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
  
@@ -1492,7 +1495,7 @@ fn test_monitor_update_on_pending_forwards() {
  
         let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[2].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[2].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[2], 1);
  
         let mut events = nodes[2].node.get_and_clear_pending_msg_events();
@@ -1549,7 +1552,7 @@ fn monitor_update_claim_fail_no_response() {
         // Now start forwarding a second payment, skipping the last RAA so B is in AwaitingRAA
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -1559,7 +1562,7 @@ fn monitor_update_claim_fail_no_response() {
         let as_raa = commitment_signed_dance!(nodes[1], nodes[0], payment_event.commitment_msg, false, true, false, true);
  
         *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure);
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000));
         check_added_monitors!(nodes[1], 1);
         let events = nodes[1].node.get_and_clear_pending_msg_events();
         assert_eq!(events.len(), 0);
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs

index 4f2fbad19e5edf06bd88827694d77e5ee6b8072e..d69665c5e30fc105cc0521c4e641b0c2b25538b5 100644 (file)
--- a/lightning/src/ln/channelmanager.rs
+++ b/lightning/src/ln/channelmanager.rs
@@ -284,11 +284,14 @@ pub(super) struct ChannelHolder<ChanSigner: ChannelKeys> {
         /// guarantees are made about the existence of a channel with the short id here, nor the short
         /// ids in the PendingHTLCInfo!
         pub(super) forward_htlcs: HashMap<u64, Vec<HTLCForwardInfo>>,
-       /// Tracks things that were to us and can be failed/claimed by the user
+       /// (payment_hash, payment_secret) -> Vec<HTLCs> for tracking things that
+       /// were to us and can be failed/claimed by the user
         /// Note that while this is held in the same mutex as the channels themselves, no consistency
         /// guarantees are made about the channels given here actually existing anymore by the time you
         /// go to read them!
-       claimable_htlcs: HashMap<PaymentHash, Vec<ClaimableHTLC>>,
+       /// TODO: We need to time out HTLCs sitting here which are waiting on other AMP HTLCs to
+       /// arrive.
+       claimable_htlcs: HashMap<(PaymentHash, Option<[u8; 32]>), Vec<ClaimableHTLC>>,
         /// Messages to send to peers - pushed to in the same lock that they are generated in (except
         /// for broadcast messages, where ordering isn't as strict).
         pub(super) pending_msg_events: Vec<events::MessageSendEvent>,
@@ -1178,7 +1181,14 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
         /// In case of APIError::MonitorUpdateFailed, the commitment update has been irrevocably
         /// committed on our end and we're just waiting for a monitor update to send it. Do NOT retry
         /// the payment via a different route unless you intend to pay twice!
-       pub fn send_payment(&self, route: Route, payment_hash: PaymentHash) -> Result<(), APIError> {
+       ///
+       /// payment_secret is unrelated to payment_hash (or PaymentPreimage) and exists to authenticate
+       /// the sender to the recipient and prevent payment-probing (deanonymization) attacks. For
+       /// newer nodes, it will be provided to you in the invoice. If you do not have one, the Route
+       /// must not contain multiple paths as otherwise the multipath data cannot be sent.
+       /// If a payment_secret *is* provided, we assume that the invoice had the basic_mpp feature bit
+       /// set (either as required or as available).
+       pub fn send_payment(&self, route: Route, payment_hash: PaymentHash, payment_secret: Option<&[u8; 32]>) -> Result<(), APIError> {
                 if route.hops.len() < 1 || route.hops.len() > 20 {
                         return Err(APIError::RouteError{err: "Route didn't go anywhere/had bogus size"});
                 }
@@ -1195,7 +1205,7 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
  
                 let onion_keys = secp_call!(onion_utils::construct_onion_keys(&self.secp_ctx, &route, &session_priv),
                                 APIError::RouteError{err: "Pubkey along hop was maliciously selected"});
-               let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height)?;
+               let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, payment_secret, cur_height)?;
                 if onion_utils::route_size_insane(&onion_payloads) {
                         return Err(APIError::RouteError{err: "Route had too large size once"});
                 }
@@ -1406,7 +1416,9 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
                                                                                         htlc_id: prev_htlc_id,
                                                                                         incoming_packet_shared_secret: forward_info.incoming_shared_secret,
                                                                                 });
-                                                                               failed_forwards.push((htlc_source, forward_info.payment_hash, 0x4000 | 10, None));
+                                                                               failed_forwards.push((htlc_source, forward_info.payment_hash,
+                                                                                       HTLCFailReason::Reason { failure_code: 0x1000 | 7, data: Vec::new() }
+                                                                               ));
                                                                         },
                                                                         HTLCForwardInfo::FailHTLC { .. } => {
                                                                                 // Channel went away before we could fail it. This implies
@@ -1442,7 +1454,9 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
                                                                                                 panic!("Stated return value requirements in send_htlc() were not met");
                                                                                         }
                                                                                         let chan_update = self.get_channel_update(chan.get()).unwrap();
-                                                                                       failed_forwards.push((htlc_source, payment_hash, 0x1000 | 7, Some(chan_update)));
+                                                                                       failed_forwards.push((htlc_source, payment_hash,
+                                                                                               HTLCFailReason::Reason { failure_code: 0x1000 | 7, data: chan_update.encode_with_len() }
+                                                                                       ));
                                                                                         continue;
                                                                                 },
                                                                                 Ok(update_add) => {
@@ -1551,15 +1565,48 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
                                                                         htlc_id: prev_htlc_id,
                                                                         incoming_packet_shared_secret: incoming_shared_secret,
                                                                 };
-                                                               channel_state.claimable_htlcs.entry(payment_hash).or_insert(Vec::new()).push(ClaimableHTLC {
+
+                                                               let mut total_value = 0;
+                                                               let htlcs = channel_state.claimable_htlcs.entry((payment_hash, if let &Some(ref data) = &payment_data {
+                                                                       Some(data.payment_secret.clone()) } else { None }))
+                                                                       .or_insert(Vec::new());
+                                                               htlcs.push(ClaimableHTLC {
                                                                         src: prev_hop_data,
                                                                         value: amt_to_forward,
-                                                                       payment_data,
-                                                               });
-                                                               new_events.push(events::Event::PaymentReceived {
-                                                                       payment_hash: payment_hash,
-                                                                       amt: amt_to_forward,
+                                                                       payment_data: payment_data.clone(),
                                                                 });
+                                                               if let &Some(ref data) = &payment_data {
+                                                                       for htlc in htlcs.iter() {
+                                                                               total_value += htlc.value;
+                                                                               if htlc.payment_data.as_ref().unwrap().total_msat != data.total_msat {
+                                                                                       total_value = msgs::MAX_VALUE_MSAT;
+                                                                               }
+                                                                               if total_value >= msgs::MAX_VALUE_MSAT { break; }
+                                                                       }
+                                                                       if total_value >= msgs::MAX_VALUE_MSAT {
+                                                                               for htlc in htlcs.iter() {
+                                                                                       failed_forwards.push((HTLCSource::PreviousHopData(HTLCPreviousHopData {
+                                                                                                       short_channel_id: htlc.src.short_channel_id,
+                                                                                                       htlc_id: htlc.src.htlc_id,
+                                                                                                       incoming_packet_shared_secret: htlc.src.incoming_packet_shared_secret,
+                                                                                               }), payment_hash,
+                                                                                               HTLCFailReason::Reason { failure_code: 0x4000 | 15, data: byte_utils::be64_to_array(htlc.value).to_vec() }
+                                                                                       ));
+                                                                               }
+                                                                       } else if total_value >= data.total_msat {
+                                                                               new_events.push(events::Event::PaymentReceived {
+                                                                                       payment_hash: payment_hash,
+                                                                                       payment_secret: Some(data.payment_secret),
+                                                                                       amt: total_value,
+                                                                               });
+                                                                       }
+                                                               } else {
+                                                                       new_events.push(events::Event::PaymentReceived {
+                                                                               payment_hash: payment_hash,
+                                                                               payment_secret: None,
+                                                                               amt: amt_to_forward,
+                                                                       });
+                                                               }
                                                         },
                                                         HTLCForwardInfo::AddHTLC { .. } => {
                                                                 panic!("short_channel_id == 0 should imply any pending_forward entries are of type Receive");
@@ -1573,11 +1620,8 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
                         }
                 }
  
-               for (htlc_source, payment_hash, failure_code, update) in failed_forwards.drain(..) {
-                       match update {
-                               None => self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, HTLCFailReason::Reason { failure_code, data: Vec::new() }),
-                               Some(chan_update) => self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, HTLCFailReason::Reason { failure_code, data: chan_update.encode_with_len() }),
-                       };
+               for (htlc_source, payment_hash, failure_reason) in failed_forwards.drain(..) {
+                       self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, failure_reason);
                 }
  
                 if handle_errors.len() > 0 {
@@ -1622,11 +1666,11 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
         /// along the path (including in our own channel on which we received it).
         /// Returns false if no payment was found to fail backwards, true if the process of failing the
         /// HTLC backwards has been started.
-       pub fn fail_htlc_backwards(&self, payment_hash: &PaymentHash) -> bool {
+       pub fn fail_htlc_backwards(&self, payment_hash: &PaymentHash, payment_secret: &Option<[u8; 32]>) -> bool {
                 let _ = self.total_consistency_lock.read().unwrap();
  
                 let mut channel_state = Some(self.channel_state.lock().unwrap());
-               let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(payment_hash);
+               let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&(*payment_hash, *payment_secret));
                 if let Some(mut sources) = removed_source {
                         for htlc in sources.drain(..) {
                                 if channel_state.is_none() { channel_state = Some(self.channel_state.lock().unwrap()); }
@@ -1748,13 +1792,13 @@ impl<ChanSigner: ChannelKeys, M: Deref> ChannelManager<ChanSigner, M> where M::T
         /// motivated attackers.
         ///
         /// May panic if called except in response to a PaymentReceived event.
-       pub fn claim_funds(&self, payment_preimage: PaymentPreimage, expected_amount: u64) -> bool {
+       pub fn claim_funds(&self, payment_preimage: PaymentPreimage, payment_secret: &Option<[u8; 32]>, expected_amount: u64) -> bool {
                 let payment_hash = PaymentHash(Sha256::hash(&payment_preimage.0).into_inner());
  
                 let _ = self.total_consistency_lock.read().unwrap();
  
                 let mut channel_state = Some(self.channel_state.lock().unwrap());
-               let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&payment_hash);
+               let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&(payment_hash, *payment_secret));
                 if let Some(mut sources) = removed_source {
                         for htlc in sources.drain(..) {
                                 if channel_state.is_none() { channel_state = Some(self.channel_state.lock().unwrap()); }
diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs

index 08061fcd7a67f83f8cfaab0f82af3bd122151218..c40e2e9e4f74ac186ab5ea72c8b713c28029ea8f 100644 (file)
--- a/lightning/src/ln/functional_test_utils.rs
+++ b/lightning/src/ln/functional_test_utils.rs
@@ -614,8 +614,9 @@ macro_rules! expect_payment_received {
                 let events = $node.node.get_and_clear_pending_events();
                 assert_eq!(events.len(), 1);
                 match events[0] {
-                       Event::PaymentReceived { ref payment_hash, amt } => {
+                       Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                                 assert_eq!($expected_payment_hash, *payment_hash);
+                               assert_eq!(*payment_secret, None);
                                 assert_eq!($expected_recv_value, amt);
                         },
                         _ => panic!("Unexpected event"),
@@ -636,9 +637,9 @@ macro_rules! expect_payment_sent {
         }
  }
  
-pub fn send_along_route_with_hash<'a, 'b>(origin_node: &Node<'a, 'b>, route: Route, expected_route: &[&Node<'a, 'b>], recv_value: u64, our_payment_hash: PaymentHash) {
+pub fn send_along_route_with_secret<'a, 'b>(origin_node: &Node<'a, 'b>, route: Route, expected_route: &[&Node<'a, 'b>], recv_value: u64, our_payment_hash: PaymentHash, our_payment_secret: Option<[u8; 32]>) {
         let mut payment_event = {
-               origin_node.node.send_payment(route, our_payment_hash).unwrap();
+               origin_node.node.send_payment(route, our_payment_hash, our_payment_secret.as_ref()).unwrap();
                 check_added_monitors!(origin_node, 1);
  
                 let mut events = origin_node.node.get_and_clear_pending_msg_events();
@@ -660,8 +661,9 @@ pub fn send_along_route_with_hash<'a, 'b>(origin_node: &Node<'a, 'b>, route: Rou
                         let events_2 = node.node.get_and_clear_pending_events();
                         assert_eq!(events_2.len(), 1);
                         match events_2[0] {
-                               Event::PaymentReceived { ref payment_hash, amt } => {
+                               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                                         assert_eq!(our_payment_hash, *payment_hash);
+                                       assert_eq!(our_payment_secret, *payment_secret);
                                         assert_eq!(amt, recv_value);
                                 },
                                 _ => panic!("Unexpected event"),
@@ -678,14 +680,18 @@ pub fn send_along_route_with_hash<'a, 'b>(origin_node: &Node<'a, 'b>, route: Rou
         }
  }
  
+pub fn send_along_route_with_hash<'a, 'b>(origin_node: &Node<'a, 'b>, route: Route, expected_route: &[&Node<'a, 'b>], recv_value: u64, our_payment_hash: PaymentHash) {
+       send_along_route_with_secret(origin_node, route, expected_route, recv_value, our_payment_hash, None);
+}
+
  pub fn send_along_route<'a, 'b>(origin_node: &Node<'a, 'b>, route: Route, expected_route: &[&Node<'a, 'b>], recv_value: u64) -> (PaymentPreimage, PaymentHash) {
         let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(origin_node);
         send_along_route_with_hash(origin_node, route, expected_route, recv_value, our_payment_hash);
         (our_payment_preimage, our_payment_hash)
  }
  
-pub fn claim_payment_along_route<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&Node<'a, 'b>], skip_last: bool, our_payment_preimage: PaymentPreimage, expected_amount: u64) {
-       assert!(expected_route.last().unwrap().node.claim_funds(our_payment_preimage, expected_amount));
+pub fn claim_payment_along_route_with_secret<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&Node<'a, 'b>], skip_last: bool, our_payment_preimage: PaymentPreimage, our_payment_secret: Option<[u8; 32]>, expected_amount: u64) {
+       assert!(expected_route.last().unwrap().node.claim_funds(our_payment_preimage, &our_payment_secret, expected_amount));
         check_added_monitors!(expected_route.last().unwrap(), 1);
  
         let mut next_msgs: Option<(msgs::UpdateFulfillHTLC, msgs::CommitmentSigned)> = None;
@@ -762,6 +768,10 @@ pub fn claim_payment_along_route<'a, 'b>(origin_node: &Node<'a, 'b>, expected_ro
         }
  }
  
+pub fn claim_payment_along_route<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&Node<'a, 'b>], skip_last: bool, our_payment_preimage: PaymentPreimage, expected_amount: u64) {
+       claim_payment_along_route_with_secret(origin_node, expected_route, skip_last, our_payment_preimage, None, expected_amount);
+}
+
  pub fn claim_payment<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&Node<'a, 'b>], our_payment_preimage: PaymentPreimage, expected_amount: u64) {
         claim_payment_along_route(origin_node, expected_route, false, our_payment_preimage, expected_amount);
  }
@@ -787,7 +797,7 @@ pub fn route_over_limit<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&N
  
         let (_, our_payment_hash) = get_payment_preimage_hash!(origin_node);
  
-       let err = origin_node.node.send_payment(route, our_payment_hash).err().unwrap();
+       let err = origin_node.node.send_payment(route, our_payment_hash, None).err().unwrap();
         match err {
                 APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept"),
                 _ => panic!("Unknown error variants"),
@@ -800,7 +810,7 @@ pub fn send_payment<'a, 'b>(origin: &Node<'a, 'b>, expected_route: &[&Node<'a, '
  }
  
  pub fn fail_payment_along_route<'a, 'b>(origin_node: &Node<'a, 'b>, expected_route: &[&Node<'a, 'b>], skip_last: bool, our_payment_hash: PaymentHash)  {
-       assert!(expected_route.last().unwrap().node.fail_htlc_backwards(&our_payment_hash));
+       assert!(expected_route.last().unwrap().node.fail_htlc_backwards(&our_payment_hash, &None));
         expect_pending_htlcs_forwardable!(expected_route.last().unwrap());
         check_added_monitors!(expected_route.last().unwrap(), 1);
  
diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs

index 0ac64cd9ae8e8d0ffd85c585374da44c08c6a77a..3e3ac42b02c90ee3c4c716a779f1bf03fc7f5a4a 100644 (file)
--- a/lightning/src/ln/functional_tests.rs
+++ b/lightning/src/ln/functional_tests.rs
@@ -153,7 +153,7 @@ fn test_async_inbound_update_fee() {
  
         // ...but before it's delivered, nodes[1] starts to send a payment back to nodes[0]...
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash).unwrap();
+       nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[1], 1);
  
         let payment_event = {
@@ -248,7 +248,7 @@ fn test_update_fee_unordered_raa() {
  
         // ...but before it's delivered, nodes[1] starts to send a payment back to nodes[0]...
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash).unwrap();
+       nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[1], 1);
  
         let payment_event = {
@@ -502,7 +502,7 @@ fn test_update_fee_with_fundee_update_add_htlc() {
         let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[1]);
  
         // nothing happens since node[1] is in AwaitingRemoteRevoke
-       nodes[1].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[1].node.send_payment(route, our_payment_hash, None).unwrap();
         {
                 let mut added_monitors = nodes[0].chan_monitor.added_monitors.lock().unwrap();
                 assert_eq!(added_monitors.len(), 0);
@@ -718,12 +718,12 @@ fn updates_shutdown_wait() {
         assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty());
  
         let (_, payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route_1, payment_hash) {}
+       if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route_1, payment_hash, None) {}
         else { panic!("New sends should fail!") };
-       if let Err(APIError::ChannelUnavailable {..}) = nodes[1].node.send_payment(route_2, payment_hash) {}
+       if let Err(APIError::ChannelUnavailable {..}) = nodes[1].node.send_payment(route_2, payment_hash, None) {}
         else { panic!("New sends should fail!") };
  
-       assert!(nodes[2].node.claim_funds(our_payment_preimage, 100_000));
+       assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 100_000));
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
         assert!(updates.update_add_htlcs.is_empty());
@@ -780,7 +780,7 @@ fn htlc_fail_async_shutdown() {
  
         let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         assert_eq!(updates.update_add_htlcs.len(), 1);
@@ -900,7 +900,7 @@ fn do_test_shutdown_rebroadcast(recv_count: u8) {
         assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty());
         assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty());
  
-       assert!(nodes[2].node.claim_funds(our_payment_preimage, 100_000));
+       assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 100_000));
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
         assert!(updates.update_add_htlcs.is_empty());
@@ -1157,7 +1157,7 @@ fn holding_cell_htlc_counting() {
         for _ in 0..::ln::channel::OUR_MAX_HTLCS {
                 let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap();
                 let (payment_preimage, payment_hash) = get_payment_preimage_hash!(nodes[0]);
-               nodes[1].node.send_payment(route, payment_hash).unwrap();
+               nodes[1].node.send_payment(route, payment_hash, None).unwrap();
                 payments.push((payment_preimage, payment_hash));
         }
         check_added_monitors!(nodes[1], 1);
@@ -1172,7 +1172,7 @@ fn holding_cell_htlc_counting() {
         // another HTLC.
         let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap();
         let (_, payment_hash_1) = get_payment_preimage_hash!(nodes[0]);
-       if let APIError::ChannelUnavailable { err } = nodes[1].node.send_payment(route, payment_hash_1).unwrap_err() {
+       if let APIError::ChannelUnavailable { err } = nodes[1].node.send_payment(route, payment_hash_1, None).unwrap_err() {
                 assert_eq!(err, "Cannot push more than their max accepted HTLCs");
         } else { panic!("Unexpected event"); }
         assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty());
@@ -1181,7 +1181,7 @@ fn holding_cell_htlc_counting() {
         // This should also be true if we try to forward a payment.
         let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap();
         let (_, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route, payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -1320,7 +1320,7 @@ fn test_duplicate_htlc_different_direction_onchain() {
         send_along_route_with_hash(&nodes[1], route, &vec!(&nodes[0])[..], 800_000, payment_hash);
  
         // Provide preimage to node 0 by claiming payment
-       nodes[0].node.claim_funds(payment_preimage, 800_000);
+       nodes[0].node.claim_funds(payment_preimage, &None, 800_000);
         check_added_monitors!(nodes[0], 1);
  
         // Broadcast node 1 commitment txn
@@ -1413,7 +1413,7 @@ fn do_channel_reserve_test(test_recv: bool) {
         {
                 let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_0 + 1);
                 assert!(route.hops.iter().rev().skip(1).all(|h| h.fee_msat == feemsat));
-               let err = nodes[0].node.send_payment(route, our_payment_hash).err().unwrap();
+               let err = nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap();
                 match err {
                         APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept"),
                         _ => panic!("Unknown error variants"),
@@ -1451,7 +1451,7 @@ fn do_channel_reserve_test(test_recv: bool) {
                 let recv_value = stat01.value_to_self_msat - stat01.channel_reserve_msat - total_fee_msat;
                 // attempt to get channel_reserve violation
                 let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value + 1);
-               let err = nodes[0].node.send_payment(route.clone(), our_payment_hash).err().unwrap();
+               let err = nodes[0].node.send_payment(route.clone(), our_payment_hash, None).err().unwrap();
                 match err {
                         APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"),
                         _ => panic!("Unknown error variants"),
@@ -1466,7 +1466,7 @@ fn do_channel_reserve_test(test_recv: bool) {
  
         let (route_1, our_payment_hash_1, our_payment_preimage_1) = get_route_and_payment_hash!(recv_value_1);
         let payment_event_1 = {
-               nodes[0].node.send_payment(route_1, our_payment_hash_1).unwrap();
+               nodes[0].node.send_payment(route_1, our_payment_hash_1, None).unwrap();
                 check_added_monitors!(nodes[0], 1);
  
                 let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -1479,7 +1479,7 @@ fn do_channel_reserve_test(test_recv: bool) {
         let recv_value_2 = stat01.value_to_self_msat - amt_msat_1 - stat01.channel_reserve_msat - total_fee_msat;
         {
                 let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_2 + 1);
-               match nodes[0].node.send_payment(route, our_payment_hash).err().unwrap() {
+               match nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap() {
                         APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"),
                         _ => panic!("Unknown error variants"),
                 }
@@ -1502,7 +1502,7 @@ fn do_channel_reserve_test(test_recv: bool) {
  
                 let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1;
                 let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route, &session_priv).unwrap();
-               let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap();
+               let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap();
                 let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash);
                 let msg = msgs::UpdateAddHTLC {
                         channel_id: chan_1.2,
@@ -1535,7 +1535,7 @@ fn do_channel_reserve_test(test_recv: bool) {
         // now see if they go through on both sides
         let (route_21, our_payment_hash_21, our_payment_preimage_21) = get_route_and_payment_hash!(recv_value_21);
         // but this will stuck in the holding cell
-       nodes[0].node.send_payment(route_21, our_payment_hash_21).unwrap();
+       nodes[0].node.send_payment(route_21, our_payment_hash_21, None).unwrap();
         check_added_monitors!(nodes[0], 0);
         let events = nodes[0].node.get_and_clear_pending_events();
         assert_eq!(events.len(), 0);
@@ -1543,7 +1543,7 @@ fn do_channel_reserve_test(test_recv: bool) {
         // test with outbound holding cell amount > 0
         {
                 let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_22+1);
-               match nodes[0].node.send_payment(route, our_payment_hash).err().unwrap() {
+               match nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap() {
                         APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"),
                         _ => panic!("Unknown error variants"),
                 }
@@ -1553,7 +1553,7 @@ fn do_channel_reserve_test(test_recv: bool) {
  
         let (route_22, our_payment_hash_22, our_payment_preimage_22) = get_route_and_payment_hash!(recv_value_22);
         // this will also stuck in the holding cell
-       nodes[0].node.send_payment(route_22, our_payment_hash_22).unwrap();
+       nodes[0].node.send_payment(route_22, our_payment_hash_22, None).unwrap();
         check_added_monitors!(nodes[0], 0);
         assert!(nodes[0].node.get_and_clear_pending_events().is_empty());
         assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty());
@@ -1603,15 +1603,17 @@ fn do_channel_reserve_test(test_recv: bool) {
         let events = nodes[2].node.get_and_clear_pending_events();
         assert_eq!(events.len(), 2);
         match events[0] {
-               Event::PaymentReceived { ref payment_hash, amt } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                         assert_eq!(our_payment_hash_21, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                         assert_eq!(recv_value_21, amt);
                 },
                 _ => panic!("Unexpected event"),
         }
         match events[1] {
-               Event::PaymentReceived { ref payment_hash, amt } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                         assert_eq!(our_payment_hash_22, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                         assert_eq!(recv_value_22, amt);
                 },
                 _ => panic!("Unexpected event"),
@@ -1674,7 +1676,7 @@ fn channel_reserve_in_flight_removes() {
         let (payment_preimage_3, payment_hash_3) = get_payment_preimage_hash!(nodes[0]);
         let send_1 = {
                 let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap();
-               nodes[0].node.send_payment(route, payment_hash_3).unwrap();
+               nodes[0].node.send_payment(route, payment_hash_3, None).unwrap();
                 check_added_monitors!(nodes[0], 1);
                 let mut events = nodes[0].node.get_and_clear_pending_msg_events();
                 assert_eq!(events.len(), 1);
@@ -1683,13 +1685,13 @@ fn channel_reserve_in_flight_removes() {
  
         // Now claim both of the first two HTLCs on B's end, putting B in AwaitingRAA and generating an
         // initial fulfill/CS.
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, b_chan_values.channel_reserve_msat - b_chan_values.value_to_self_msat - 10000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, b_chan_values.channel_reserve_msat - b_chan_values.value_to_self_msat - 10000));
         check_added_monitors!(nodes[1], 1);
         let bs_removes = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
  
         // This claim goes in B's holding cell, allowing us to have a pending B->A RAA which does not
         // remove the second HTLC when we send the HTLC back from B to A.
-       assert!(nodes[1].node.claim_funds(payment_preimage_2, 20000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_2, &None, 20000));
         check_added_monitors!(nodes[1], 1);
         assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty());
  
@@ -1746,7 +1748,7 @@ fn channel_reserve_in_flight_removes() {
         let (payment_preimage_4, payment_hash_4) = get_payment_preimage_hash!(nodes[1]);
         let send_2 = {
                 let route = nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &[], 10000, TEST_FINAL_CLTV).unwrap();
-               nodes[1].node.send_payment(route, payment_hash_4).unwrap();
+               nodes[1].node.send_payment(route, payment_hash_4, None).unwrap();
                 check_added_monitors!(nodes[1], 1);
                 let mut events = nodes[1].node.get_and_clear_pending_msg_events();
                 assert_eq!(events.len(), 1);
@@ -1835,7 +1837,7 @@ fn channel_monitor_network_test() {
         macro_rules! claim_funds {
                 ($node: expr, $prev_node: expr, $preimage: expr, $amount: expr) => {
                         {
-                               assert!($node.node.claim_funds($preimage, $amount));
+                               assert!($node.node.claim_funds($preimage, &None, $amount));
                                 check_added_monitors!($node, 1);
  
                                 let events = $node.node.get_and_clear_pending_msg_events();
@@ -2261,8 +2263,8 @@ fn test_htlc_on_chain_success() {
         let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn();
         assert_eq!(commitment_tx.len(), 1);
         check_spends!(commitment_tx[0], chan_2.3.clone());
-       nodes[2].node.claim_funds(our_payment_preimage, 3_000_000);
-       nodes[2].node.claim_funds(our_payment_preimage_2, 3_000_000);
+       nodes[2].node.claim_funds(our_payment_preimage, &None, 3_000_000);
+       nodes[2].node.claim_funds(our_payment_preimage_2, &None, 3_000_000);
         check_added_monitors!(nodes[2], 2);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
         assert!(updates.update_add_htlcs.is_empty());
@@ -2425,7 +2427,7 @@ fn test_htlc_on_chain_timeout() {
         // Broadcast legit commitment tx from C on B's chain
         let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn();
         check_spends!(commitment_tx[0], chan_2.3.clone());
-       nodes[2].node.fail_htlc_backwards(&payment_hash);
+       nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         check_added_monitors!(nodes[2], 0);
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
@@ -2612,7 +2614,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use
         let (_, second_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], value);
         let (_, third_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], value);
  
-       assert!(nodes[2].node.fail_htlc_backwards(&first_payment_hash));
+       assert!(nodes[2].node.fail_htlc_backwards(&first_payment_hash, &None));
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
@@ -2625,7 +2627,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use
         let bs_raa = commitment_signed_dance!(nodes[1], nodes[2], updates.commitment_signed, false, true, false, true);
         // Drop the last RAA from 3 -> 2
  
-       assert!(nodes[2].node.fail_htlc_backwards(&second_payment_hash));
+       assert!(nodes[2].node.fail_htlc_backwards(&second_payment_hash, &None));
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
@@ -2642,7 +2644,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use
         nodes[2].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &as_raa);
         check_added_monitors!(nodes[2], 1);
  
-       assert!(nodes[2].node.fail_htlc_backwards(&third_payment_hash));
+       assert!(nodes[2].node.fail_htlc_backwards(&third_payment_hash, &None));
         expect_pending_htlcs_forwardable!(nodes[2]);
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
@@ -2665,7 +2667,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use
         // on nodes[2]'s RAA.
         let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, fourth_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[1].node.send_payment(route, fourth_payment_hash).unwrap();
+       nodes[1].node.send_payment(route, fourth_payment_hash, None).unwrap();
         assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty());
         assert!(nodes[1].node.get_and_clear_pending_events().is_empty());
         check_added_monitors!(nodes[1], 0);
@@ -2835,7 +2837,7 @@ fn test_force_close_fail_back() {
         let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
  
         let mut payment_event = {
-               nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+               nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
                 check_added_monitors!(nodes[0], 1);
  
                 let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -3000,7 +3002,7 @@ fn do_test_drop_messages_peer_disconnect(messages_delivered: u8) {
         let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]);
  
         let payment_event = {
-               nodes[0].node.send_payment(route.clone(), payment_hash_1).unwrap();
+               nodes[0].node.send_payment(route.clone(), payment_hash_1, None).unwrap();
                 check_added_monitors!(nodes[0], 1);
  
                 let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -3075,14 +3077,15 @@ fn do_test_drop_messages_peer_disconnect(messages_delivered: u8) {
         let events_2 = nodes[1].node.get_and_clear_pending_events();
         assert_eq!(events_2.len(), 1);
         match events_2[0] {
-               Event::PaymentReceived { ref payment_hash, amt } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => {
                         assert_eq!(payment_hash_1, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                         assert_eq!(amt, 1000000);
                 },
                 _ => panic!("Unexpected event"),
         }
  
-       nodes[1].node.claim_funds(payment_preimage_1, 1_000_000);
+       nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000);
         check_added_monitors!(nodes[1], 1);
  
         let events_3 = nodes[1].node.get_and_clear_pending_msg_events();
@@ -3289,7 +3292,7 @@ fn test_drop_messages_peer_disconnect_dual_htlc() {
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap();
         let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]);
  
-       nodes[0].node.send_payment(route.clone(), payment_hash_2).unwrap();
+       nodes[0].node.send_payment(route.clone(), payment_hash_2, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let events_1 = nodes[0].node.get_and_clear_pending_msg_events();
@@ -3299,7 +3302,7 @@ fn test_drop_messages_peer_disconnect_dual_htlc() {
                 _ => panic!("Unexpected event"),
         }
  
-       assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000));
         check_added_monitors!(nodes[1], 1);
  
         let events_2 = nodes[1].node.get_and_clear_pending_msg_events();
@@ -3402,8 +3405,9 @@ fn test_drop_messages_peer_disconnect_dual_htlc() {
         let events_5 = nodes[1].node.get_and_clear_pending_events();
         assert_eq!(events_5.len(), 1);
         match events_5[0] {
-               Event::PaymentReceived { ref payment_hash, amt: _ } => {
+               Event::PaymentReceived { ref payment_hash, ref payment_secret, amt: _ } => {
                         assert_eq!(payment_hash_2, *payment_hash);
+                       assert_eq!(*payment_secret, None);
                 },
                 _ => panic!("Unexpected event"),
         }
@@ -3907,7 +3911,7 @@ fn test_static_spendable_outputs_preimage_tx() {
  
         // Settle A's commitment tx on B's chain
         let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
-       assert!(nodes[1].node.claim_funds(payment_preimage, 3_000_000));
+       assert!(nodes[1].node.claim_funds(payment_preimage, &None, 3_000_000));
         check_added_monitors!(nodes[1], 1);
         nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![commitment_tx[0].clone()] }, 1);
         let events = nodes[1].node.get_and_clear_pending_msg_events();
@@ -4087,7 +4091,7 @@ fn test_onchain_to_onchain_claim() {
         let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42};
         let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn();
         check_spends!(commitment_tx[0], chan_2.3.clone());
-       nodes[2].node.claim_funds(payment_preimage, 3_000_000);
+       nodes[2].node.claim_funds(payment_preimage, &None, 3_000_000);
         check_added_monitors!(nodes[2], 1);
         let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
         assert!(updates.update_add_htlcs.is_empty());
@@ -4199,7 +4203,7 @@ fn test_duplicate_payment_hash_one_failure_one_success() {
                 htlc_timeout_tx = node_txn[1].clone();
         }
  
-       nodes[2].node.claim_funds(our_payment_preimage, 900_000);
+       nodes[2].node.claim_funds(our_payment_preimage, &None, 900_000);
         nodes[2].block_notifier.block_connected(&Block { header, txdata: vec![commitment_txn[0].clone()] }, 1);
         check_added_monitors!(nodes[2], 2);
         let events = nodes[2].node.get_and_clear_pending_msg_events();
@@ -4294,7 +4298,7 @@ fn test_dynamic_spendable_outputs_local_htlc_success_tx() {
         check_spends!(local_txn[0], chan_1.3.clone());
  
         // Give B knowledge of preimage to be able to generate a local HTLC-Success Tx
-       nodes[1].node.claim_funds(payment_preimage, 9_000_000);
+       nodes[1].node.claim_funds(payment_preimage, &None, 9_000_000);
         check_added_monitors!(nodes[1], 1);
         let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
         nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![local_txn[0].clone()] }, 1);
@@ -4387,10 +4391,10 @@ fn do_test_fail_backwards_unrevoked_remote_announce(deliver_last_raa: bool, anno
  
         // Now fail back three of the over-dust-limit and three of the under-dust-limit payments in one go.
         // Fail 0th below-dust, 4th above-dust, 8th above-dust, 10th below-dust HTLCs
-       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_1));
-       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_3));
-       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_5));
-       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_6));
+       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_1, &None));
+       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_3, &None));
+       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_5, &None));
+       assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_6, &None));
         check_added_monitors!(nodes[4], 0);
         expect_pending_htlcs_forwardable!(nodes[4]);
         check_added_monitors!(nodes[4], 1);
@@ -4403,8 +4407,8 @@ fn do_test_fail_backwards_unrevoked_remote_announce(deliver_last_raa: bool, anno
         commitment_signed_dance!(nodes[3], nodes[4], four_removes.commitment_signed, false);
  
         // Fail 3rd below-dust and 7th above-dust HTLCs
-       assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_2));
-       assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_4));
+       assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_2, &None));
+       assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_4, &None));
         check_added_monitors!(nodes[5], 0);
         expect_pending_htlcs_forwardable!(nodes[5]);
         check_added_monitors!(nodes[5], 1);
@@ -4641,7 +4645,7 @@ fn do_htlc_claim_local_commitment_only(use_dust: bool) {
  
         // Claim the payment, but don't deliver A's commitment_signed, resulting in the HTLC only being
         // present in B's local commitment transaction, but none of A's commitment transactions.
-       assert!(nodes[1].node.claim_funds(our_payment_preimage, if use_dust { 50_000 } else { 3_000_000 }));
+       assert!(nodes[1].node.claim_funds(our_payment_preimage, &None, if use_dust { 50_000 } else { 3_000_000 }));
         check_added_monitors!(nodes[1], 1);
  
         let bs_updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
@@ -4678,7 +4682,7 @@ fn do_htlc_claim_current_remote_commitment_only(use_dust: bool) {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), if use_dust { 50000 } else { 3000000 }, TEST_FINAL_CLTV).unwrap();
         let (_, payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, payment_hash).unwrap();
+       nodes[0].node.send_payment(route, payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let _as_update = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
@@ -4709,7 +4713,7 @@ fn do_htlc_claim_previous_remote_commitment_only(use_dust: bool, check_revoke_no
         // actually revoked.
         let htlc_value = if use_dust { 50000 } else { 3000000 };
         let (_, our_payment_hash) = route_payment(&nodes[0], &[&nodes[1]], htlc_value);
-       assert!(nodes[1].node.fail_htlc_backwards(&our_payment_hash));
+       assert!(nodes[1].node.fail_htlc_backwards(&our_payment_hash, &None));
         expect_pending_htlcs_forwardable!(nodes[1]);
         check_added_monitors!(nodes[1], 1);
  
@@ -4823,7 +4827,7 @@ fn run_onion_failure_test_with_fail_intercept<F1,F2,F3>(_name: &str, test_case:
         }
  
         // 0 ~~> 2 send payment
-       nodes[0].node.send_payment(route.clone(), payment_hash.clone()).unwrap();
+       nodes[0].node.send_payment(route.clone(), payment_hash.clone(), None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         // temper update_add (0 => 1)
@@ -5014,7 +5018,7 @@ fn test_onion_failure() {
                 let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
                 let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1;
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
-               let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap();
+               let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap();
                 let mut new_payloads = Vec::new();
                 for payload in onion_payloads.drain(..) {
                         new_payloads.push(BogusOnionHopData::new(payload));
@@ -5030,7 +5034,7 @@ fn test_onion_failure() {
                 let session_priv = SecretKey::from_slice(&[3; 32]).unwrap();
                 let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1;
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
-               let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap();
+               let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap();
                 let mut new_payloads = Vec::new();
                 for payload in onion_payloads.drain(..) {
                         new_payloads.push(BogusOnionHopData::new(payload));
@@ -5061,7 +5065,7 @@ fn test_onion_failure() {
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
                 msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], NODE|2, &[0;0]);
         }, ||{
-               nodes[2].node.fail_htlc_backwards(&payment_hash);
+               nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         }, true, Some(NODE|2), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: false}));
  
         // intermediate node failure
@@ -5079,7 +5083,7 @@ fn test_onion_failure() {
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
                 msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|2, &[0;0]);
         }, ||{
-               nodes[2].node.fail_htlc_backwards(&payment_hash);
+               nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         }, false, Some(PERM|NODE|2), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: true}));
  
         // intermediate node failure
@@ -5090,7 +5094,7 @@ fn test_onion_failure() {
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
                 msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|3, &[0;0]);
         }, ||{
-               nodes[2].node.fail_htlc_backwards(&payment_hash);
+               nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         }, true, Some(PERM|NODE|3), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[0].pubkey, is_permanent: true}));
  
         // final node failure
@@ -5099,7 +5103,7 @@ fn test_onion_failure() {
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
                 msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|3, &[0;0]);
         }, ||{
-               nodes[2].node.fail_htlc_backwards(&payment_hash);
+               nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         }, false, Some(PERM|NODE|3), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: true}));
  
         run_onion_failure_test("invalid_onion_version", 0, &nodes, &route, &payment_hash, |msg| { msg.onion_routing_packet.version = 1; }, ||{}, true,
@@ -5167,7 +5171,7 @@ fn test_onion_failure() {
         }, ||{}, true, Some(UPDATE|14), Some(msgs::HTLCFailChannelUpdate::ChannelUpdateMessage{msg: ChannelUpdate::dummy()}));
  
         run_onion_failure_test("unknown_payment_hash", 2, &nodes, &route, &payment_hash, |_| {}, || {
-               nodes[2].node.fail_htlc_backwards(&payment_hash);
+               nodes[2].node.fail_htlc_backwards(&payment_hash, &None);
         }, false, Some(PERM|15), None);
  
         run_onion_failure_test("final_expiry_too_soon", 1, &nodes, &route, &payment_hash, |msg| {
@@ -5215,7 +5219,7 @@ fn test_onion_failure() {
                 let height = 1;
                 route.hops[1].cltv_expiry_delta += CLTV_FAR_FAR_AWAY + route.hops[0].cltv_expiry_delta + 1;
                 let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap();
-               let (onion_payloads, _, htlc_cltv) = onion_utils::build_onion_payloads(&route, height).unwrap();
+               let (onion_payloads, _, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, height).unwrap();
                 let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash);
                 msg.cltv_expiry = htlc_cltv;
                 msg.onion_routing_packet = onion_packet;
@@ -5305,7 +5309,7 @@ fn test_update_add_htlc_bolt2_sender_value_below_minimum_msat() {
  
         route.hops[0].fee_msat = 0;
  
-       let err = nodes[0].node.send_payment(route, our_payment_hash);
+       let err = nodes[0].node.send_payment(route, our_payment_hash, None);
  
         if let Err(APIError::ChannelUnavailable{err}) = err {
                 assert_eq!(err, "Cannot send less than their minimum HTLC value");
@@ -5327,7 +5331,7 @@ fn test_update_add_htlc_bolt2_sender_cltv_expiry_too_high() {
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000000, 500000001).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
  
-       let err = nodes[0].node.send_payment(route, our_payment_hash);
+       let err = nodes[0].node.send_payment(route, our_payment_hash, None);
  
         if let Err(APIError::RouteError{err}) = err {
                 assert_eq!(err, "Channel CLTV overflowed?!");
@@ -5351,7 +5355,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_num_and_htlc_id_increment()
                 let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap();
                 let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
                 let payment_event = {
-                       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+                       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
                         check_added_monitors!(nodes[0], 1);
  
                         let mut events = nodes[0].node.get_and_clear_pending_msg_events();
@@ -5372,7 +5376,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_num_and_htlc_id_increment()
         }
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       let err = nodes[0].node.send_payment(route, our_payment_hash);
+       let err = nodes[0].node.send_payment(route, our_payment_hash, None);
  
         if let Err(APIError::ChannelUnavailable{err}) = err {
                 assert_eq!(err, "Cannot push more than their max accepted HTLCs");
@@ -5397,7 +5401,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_value_in_flight() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], max_in_flight+1, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       let err = nodes[0].node.send_payment(route, our_payment_hash);
+       let err = nodes[0].node.send_payment(route, our_payment_hash, None);
  
         if let Err(APIError::ChannelUnavailable{err}) = err {
                 assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept");
@@ -5426,7 +5430,7 @@ fn test_update_add_htlc_bolt2_receiver_check_amount_received_more_than_min() {
         }
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], htlc_minimum_msat, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         updates.update_add_htlcs[0].amount_msat = htlc_minimum_msat-1;
@@ -5448,7 +5452,7 @@ fn test_update_add_htlc_bolt2_receiver_sender_can_afford_amount_sent() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 5000000-their_channel_reserve, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
  
@@ -5480,7 +5484,7 @@ fn test_update_add_htlc_bolt2_receiver_check_max_htlc_limit() {
  
         let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1;
         let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::signing_only(), &route, &session_priv).unwrap();
-       let (onion_payloads, _htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap();
+       let (onion_payloads, _htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap();
         let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash);
  
         let mut msg = msgs::UpdateAddHTLC {
@@ -5513,7 +5517,7 @@ fn test_update_add_htlc_bolt2_receiver_check_max_in_flight_msat() {
         let chan = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1000000, 1000000, InitFeatures::supported(), InitFeatures::supported());
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         updates.update_add_htlcs[0].amount_msat = get_channel_value_stat!(nodes[1], chan.2).their_max_htlc_value_in_flight_msat + 1;
@@ -5533,7 +5537,7 @@ fn test_update_add_htlc_bolt2_receiver_check_cltv_expiry() {
         create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 100000, 95000000, InitFeatures::supported(), InitFeatures::supported());
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 3999999, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         updates.update_add_htlcs[0].cltv_expiry = 500000000;
@@ -5555,7 +5559,7 @@ fn test_update_add_htlc_bolt2_receiver_check_repeated_id_ignore() {
         create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::supported(), InitFeatures::supported());
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]);
@@ -5599,7 +5603,7 @@ fn test_update_fulfill_htlc_bolt2_update_fulfill_htlc_before_commitment() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]);
@@ -5628,7 +5632,7 @@ fn test_update_fulfill_htlc_bolt2_update_fail_htlc_before_commitment() {
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]);
@@ -5657,7 +5661,7 @@ fn test_update_fulfill_htlc_bolt2_update_fail_malformed_htlc_before_commitment()
  
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
         let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
         nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]);
@@ -5687,7 +5691,7 @@ fn test_update_fulfill_htlc_bolt2_incorrect_htlc_id() {
  
         let our_payment_preimage = route_payment(&nodes[0], &[&nodes[1]], 100000).0;
  
-       nodes[1].node.claim_funds(our_payment_preimage, 100_000);
+       nodes[1].node.claim_funds(our_payment_preimage, &None, 100_000);
         check_added_monitors!(nodes[1], 1);
  
         let events = nodes[1].node.get_and_clear_pending_msg_events();
@@ -5726,7 +5730,7 @@ fn test_update_fulfill_htlc_bolt2_wrong_preimage() {
  
         let our_payment_preimage = route_payment(&nodes[0], &[&nodes[1]], 100000).0;
  
-       nodes[1].node.claim_funds(our_payment_preimage, 100_000);
+       nodes[1].node.claim_funds(our_payment_preimage, &None, 100_000);
         check_added_monitors!(nodes[1], 1);
  
         let events = nodes[1].node.get_and_clear_pending_msg_events();
@@ -5765,7 +5769,7 @@ fn test_update_fulfill_htlc_bolt2_missing_badonion_bit_for_malformed_htlc_messag
         create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1000000, 1000000, InitFeatures::supported(), InitFeatures::supported());
         let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap();
         let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]);
-       nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+       nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
         check_added_monitors!(nodes[0], 1);
  
         let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
@@ -5814,7 +5818,7 @@ fn test_update_fulfill_htlc_bolt2_after_malformed_htlc_message_must_forward_upda
  
         //First hop
         let mut payment_event = {
-               nodes[0].node.send_payment(route, our_payment_hash).unwrap();
+               nodes[0].node.send_payment(route, our_payment_hash, None).unwrap();
                 check_added_monitors!(nodes[0], 1);
                 let mut events = nodes[0].node.get_and_clear_pending_msg_events();
                 assert_eq!(events.len(), 1);
@@ -5896,7 +5900,7 @@ fn do_test_failure_delay_dust_htlc_local_commitment(announce_latest: bool) {
         let as_prev_commitment_tx = nodes[0].node.channel_state.lock().unwrap().by_id.get_mut(&chan.2).unwrap().channel_monitor().get_latest_local_commitment_txn();
  
         // Fail one HTLC to prune it in the will-be-latest-local commitment tx
-       assert!(nodes[1].node.fail_htlc_backwards(&payment_hash_2));
+       assert!(nodes[1].node.fail_htlc_backwards(&payment_hash_2, &None));
         check_added_monitors!(nodes[1], 0);
         expect_pending_htlcs_forwardable!(nodes[1]);
         check_added_monitors!(nodes[1], 1);
@@ -6445,7 +6449,7 @@ fn test_check_htlc_underpaying() {
  
         // Node 3 is expecting payment of 100_000 but receive 10_000,
         // fail htlc like we didn't know the preimage.
-       nodes[1].node.claim_funds(payment_preimage, 100_000);
+       nodes[1].node.claim_funds(payment_preimage, &None, 100_000);
         nodes[1].node.process_pending_htlc_forwards();
  
         let events = nodes[1].node.get_and_clear_pending_msg_events();
@@ -6815,7 +6819,7 @@ fn test_bump_penalty_txn_on_remote_commitment() {
         assert_eq!(remote_txn[0].input[0].previous_output.txid, chan.3.txid());
  
         // Claim a HTLC without revocation (provide B monitor with preimage)
-       nodes[1].node.claim_funds(payment_preimage, 3_000_000);
+       nodes[1].node.claim_funds(payment_preimage, &None, 3_000_000);
         let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 };
         nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![remote_txn[0].clone()] }, 1);
         check_added_monitors!(nodes[1], 1);
@@ -6929,8 +6933,8 @@ fn test_set_outpoints_partial_claiming() {
         // Connect blocks on node A to advance height towards TEST_FINAL_CLTV
         let prev_header_100 = connect_blocks(&nodes[1].block_notifier, 100, 0, false, Default::default());
         // Provide node A with both preimage
-       nodes[0].node.claim_funds(payment_preimage_1, 3_000_000);
-       nodes[0].node.claim_funds(payment_preimage_2, 3_000_000);
+       nodes[0].node.claim_funds(payment_preimage_1, &None, 3_000_000);
+       nodes[0].node.claim_funds(payment_preimage_2, &None, 3_000_000);
         check_added_monitors!(nodes[0], 2);
         nodes[0].node.get_and_clear_pending_events();
         nodes[0].node.get_and_clear_pending_msg_events();
@@ -7045,3 +7049,25 @@ fn test_bump_txn_sanitize_tracking_maps() {
                 }
         }
  }
+
+#[test]
+fn test_simple_payment_secret() {
+       // Simple test of sending a payment with a payment_secret present. This does not use any AMP
+       // features, however.
+       let node_cfgs = create_node_cfgs(3);
+       let node_chanmgrs = create_node_chanmgrs(3, &node_cfgs, &[None, None, None]);
+       let nodes = create_network(3, &node_cfgs, &node_chanmgrs);
+
+       create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::supported(), InitFeatures::supported());
+       create_announced_chan_between_nodes(&nodes, 1, 2, InitFeatures::supported(), InitFeatures::supported());
+
+       let (payment_preimage, payment_hash) = get_payment_preimage_hash!(&nodes[0]);
+       let (_, payment_secret) = get_payment_preimage_hash!(&nodes[0]);
+       let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap();
+       send_along_route_with_secret(&nodes[0], route, &[&nodes[1], &nodes[2]], 100000, payment_hash, Some(payment_secret.0));
+       // Claiming with all the correct values but the wrong secret should result in nothing...
+       assert_eq!(nodes[2].node.claim_funds(payment_preimage, &None, 100_000), false);
+       assert_eq!(nodes[2].node.claim_funds(payment_preimage, &Some([42; 32]), 100_000), false);
+       // ...but with the right secret we should be able to claim all the way back
+       claim_payment_along_route_with_secret(&nodes[0], &[&nodes[1], &nodes[2]], false, payment_preimage, Some(payment_secret.0), 100_000);
+}
diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs

index 92da7833309152e12e0aac26a0d51e6d619092c6..df549b4070a01a732f9e51d559d1a2b029529cff 100644 (file)
--- a/lightning/src/ln/onion_utils.rs
+++ b/lightning/src/ln/onion_utils.rs
@@ -108,7 +108,7 @@ pub(super) fn construct_onion_keys<T: secp256k1::Signing>(secp_ctx: &Secp256k1<T
  }
  
  /// returns the hop data, as well as the first-hop value_msat and CLTV value we should send.
-pub(super) fn build_onion_payloads(route: &Route, starting_htlc_offset: u32) -> Result<(Vec<msgs::OnionHopData>, u64, u32), APIError> {
+pub(super) fn build_onion_payloads(route: &Route, payment_secret_option: Option<&[u8; 32]>, starting_htlc_offset: u32) -> Result<(Vec<msgs::OnionHopData>, u64, u32), APIError> {
         let mut cur_value_msat = 0u64;
         let mut cur_cltv = starting_htlc_offset;
         let mut last_short_channel_id = 0;
@@ -124,7 +124,12 @@ pub(super) fn build_onion_payloads(route: &Route, starting_htlc_offset: u32) ->
                         format: if hop.node_features.supports_variable_length_onion() {
                                 if idx == 0 {
                                         msgs::OnionHopDataFormat::FinalNode {
-                                               payment_data: None,
+                                               payment_data: if let Some(payment_secret) = payment_secret_option {
+                                                       Some(msgs::FinalOnionHopData {
+                                                               payment_secret: payment_secret.clone(),
+                                                               total_msat: hop.fee_msat,
+                                                       })
+                                               } else { None },
                                         }
                                 } else {
                                         msgs::OnionHopDataFormat::NonFinalNode {
diff --git a/lightning/src/util/events.rs b/lightning/src/util/events.rs

index 2f114685c04966f2d2fd3b4b1b8aac6a30933bd0..3d0b680ace45ba6a4ab6ac18b23b282f0e0478ed 100644 (file)
--- a/lightning/src/util/events.rs
+++ b/lightning/src/util/events.rs
@@ -60,6 +60,16 @@ pub enum Event {
         PaymentReceived {
                 /// The hash for which the preimage should be handed to the ChannelManager.
                 payment_hash: PaymentHash,
+               /// The "payment secret". This authenticates the sender to the recipient, preventing a
+               /// number of deanonymization attacks during the routing process.
+               /// As nodes upgrade, the invoices you provide should likely migrate to setting the
+               /// var_onion_optin feature to required, at which point you should fail_backwards any HTLCs
+               /// which have a None here.
+               /// Until then, however, values of None should be ignored, and only incorrect Some values
+               /// should result in an HTLC fail_backwards.
+               /// Note that, in any case, this value must be passed as-is to any fail or claim calls as
+               /// the HTLC index includes this value.
+               payment_secret: Option<[u8; 32]>,
                 /// The value, in thousandths of a satoshi, that this payment is for. Note that you must
                 /// compare this to the expected value before accepting the payment (as otherwise you are
                 /// providing proof-of-payment for less than the value you expected!).
author	Matt Corallo <git@bluematt.me>
	Thu, 2 Jan 2020 06:23:48 +0000 (01:23 -0500)
committer	Matt Corallo <git@bluematt.me>
	Mon, 3 Feb 2020 02:38:53 +0000 (21:38 -0500)
fuzz/src/chanmon_consistency.rs		patch \| blob \| history
fuzz/src/full_stack.rs		patch \| blob \| history
lightning/src/ln/chanmon_update_fail_tests.rs		patch \| blob \| history
lightning/src/ln/channelmanager.rs		patch \| blob \| history
lightning/src/ln/functional_test_utils.rs		patch \| blob \| history
lightning/src/ln/functional_tests.rs		patch \| blob \| history
lightning/src/ln/onion_utils.rs		patch \| blob \| history
lightning/src/util/events.rs		patch \| blob \| history