steps:
- name: Checkout source code
uses: actions/checkout@v2
- - name: Install Rust ${{ env.TOOLCHAIN }} toolchain
+ - name: Install Rust 1.58 toolchain
uses: actions-rs/toolchain@v1
with:
- toolchain: ${{ env.TOOLCHAIN }}
+ toolchain: 1.58
override: true
profile: minimal
- name: Install dependencies for honggfuzz
+# 0.0.105 - 2022-02-28
+
+## API Updates
+ * `Phantom node` payments are now supported, allowing receipt of a payment on
+ any one of multiple nodes without any coordination across the nodes being
+ required. See the new `PhantomKeysManager`'s docs for more, as well as
+ requirements on `KeysInterface::get_inbound_payment_key_material` and
+ `lightning_invoice::utils::create_phantom_invoice` (#1199).
+ * In order to support phantom node payments, several `KeysInterface` methods
+ now accept a `Recipient` parameter to select between the local `node_id` and
+ a phantom-specific one.
+ * `ProbabilisticScorer`, a `Score` based on learning the current balances of
+ channels in the network, was added. It attempts to better capture payment
+ success probability than the existing `Scorer`, though may underperform on
+ nodes with low payment volume. We welcome feedback on performance (#1227).
+ * `Score::channel_penalty_msat` now always takes the channel value, instead of
+ an `Option` (#1227).
+ * `UserConfig::manually_accept_inbound_channels` was added which, when set,
+ generates a new `Event::OpenChannelRequest`, which allows manual acceptance
+ or rejection of incoming channels on a per-channel basis (#1281).
+ * `Payee` has been renamed to `PaymentParameters` (#1271).
+ * `PaymentParameters` now has a `max_total_cltv_expiry_delta` field. This
+ defaults to 1008 and limits the maximum amount of time an HTLC can be pending
+ before it will either fail or be claimed (#1234).
+ * The `lightning-invoice` crate now supports no-std environments. This required
+ numerous API changes around timestamp handling and std+no-std versions of
+ several methods that previously assumed knowledge of the time (#1223, #1230).
+ * `lightning-invoice` now supports parsing invoices with expiry times of more
+ than one year. This required changing the semantics of `ExpiryTime` (#1273).
+ * The `CounterpartyCommitmentSecrets` is now public, allowing external uses of
+ the `BOLT 3` secret storage scheme (#1299).
+ * Several `Sign` methods now receive HTLC preimages as proof of state
+ transition, see new documentation for more (#1251).
+ * `KeysInterface::sign_invoice` now provides the HRP and other invoice data
+ separately to make it simpler for external signers to parse (#1272).
+ * `Sign::sign_channel_announcement` now returns both the node's signature and
+ the per-channel signature. `InMemorySigner` now requires the node's secret
+ key in order to implement this (#1179).
+ * `ChannelManager` deserialization will now fail if the `KeysInterface` used
+ has a different `node_id` than the `ChannelManager` expects (#1250).
+ * A new `ErrorAction` variant was added to send `warning` messages (#1013).
+ * Several references to `chain::Listen` objects in `lightning-block-sync` no
+ longer require a mutable reference (#1304).
+
+## Bug Fixes
+ * Fixed a regression introduced in 0.0.104 where `ChannelManager`'s internal
+ locks could have an order violation leading to a deadlock (#1238).
+ * Fixed cases where slow code (including user I/O) could cause us to
+ disconnect peers with ping timeouts in `BackgroundProcessor` (#1269).
+ * Now persist the `ChannelManager` prior to `BackgroundProcessor` stopping,
+ preventing race conditions where channels are closed on startup even with a
+ clean shutdown. This requires that users stop network processing and
+ disconnect peers prior to `BackgroundProcessor` shutdown (#1253).
+ * Fields in `ChannelHandshakeLimits` provided via the `override_config` to
+ `create_channel` are now applied instead of the default config (#1292).
+ * Fixed the generation of documentation on docs.rs to include API surfaces
+ which are hidden behind feature flags (#1303).
+ * Added the `channel_type` field to `accept_channel` messages we send, which
+ may avoid some future compatibility issues with other nodes (#1314).
+ * Fixed a bug where, if a previous LDK run using `lightning-persister` crashed
+ while persisting updated data, we may have failed to initialize (#1332).
+ * Fixed a rare bug where having both pending inbound and outbound HTLCs on a
+ just-opened inbound channel could cause `ChannelDetails::balance_msat` to
+ underflow and be reported as large, or cause panics in debug mode (#1268).
+ * Moved more instances of verbose gossip logging from the `Trace` level to the
+ `Gossip` level (#1220).
+ * Delayed `announcement_signatures` until the channel has six confirmations,
+ slightly improving propagation of channel announcements (#1179).
+ * Several fixes in script and transaction weight calculations when anchor
+ outputs are enabled (#1229).
+
+## Serialization Compatibility
+ * Using `ChannelManager` data written by versions prior to 0.0.105 will result
+ in preimages for HTLCs that were pending at startup to be missing in calls
+ to `KeysInterface` methods (#1251).
+ * Any phantom invoice payments received on a node that is not upgraded to
+ 0.0.105 will fail with an "unknown channel" error. Further, downgrading to
+ 0.0.104 or before and then upgrading again will invalidate existing phantom
+ SCIDs which may be included in invoices (#1199).
+
+In total, this release features 108 files changed, 6914 insertions, 2095
+deletions in 102 commits from 15 authors, in alphabetical order:
+ * Conor Okus
+ * Devrandom
+ * Elias Rohrer
+ * Jeffrey Czyz
+ * Jurvis Tan
+ * Ken Sedgwick
+ * Matt Corallo
+ * Naveen
+ * Tibo-lg
+ * Valentine Wallace
+ * Viktor Tigerström
+ * dependabot[bot]
+ * hackerrdave
+ * naveen
+ * vss96
+
+
# 0.0.104 - 2021-12-17
## API Updates
best_block: BestBlock::from_genesis(network),
};
let channelmanager = Arc::new(ChannelManager::new(fee_est.clone(), monitor.clone(), broadcast.clone(), Arc::clone(&logger), keys_manager.clone(), config, params));
+ // Adding new calls to `KeysInterface::get_secure_random_bytes` during startup can change all the
+ // keys subsequently generated in this test. Rather than regenerating all the messages manually,
+ // it's easier to just increment the counter here so the keys don't change.
keys_manager.counter.fetch_sub(1, Ordering::AcqRel);
let our_id = PublicKey::from_secret_key(&Secp256k1::signing_only(), &keys_manager.get_node_secret(Recipient::Node).unwrap());
let network_graph = Arc::new(NetworkGraph::new(genesis_block(network).block_hash()));
[package]
name = "lightning-background-processor"
-version = "0.0.104"
+version = "0.0.105"
authors = ["Valentine Wallace <vwallace@protonmail.com>"]
license = "MIT OR Apache-2.0"
repository = "http://github.com/lightningdevkit/rust-lightning"
"""
edition = "2018"
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
[dependencies]
bitcoin = "0.27"
-lightning = { version = "0.0.104", path = "../lightning", features = ["std"] }
-lightning-persister = { version = "0.0.104", path = "../lightning-persister" }
+lightning = { version = "0.0.105", path = "../lightning", features = ["std"] }
+lightning-persister = { version = "0.0.105", path = "../lightning-persister" }
[dev-dependencies]
-lightning = { version = "0.0.104", path = "../lightning", features = ["_test_utils"] }
-lightning-invoice = { version = "0.12.0", path = "../lightning-invoice" }
+lightning = { version = "0.0.105", path = "../lightning", features = ["_test_utils"] }
+lightning-invoice = { version = "0.13.0", path = "../lightning-invoice" }
#![deny(missing_docs)]
#![deny(unsafe_code)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
#[macro_use] extern crate lightning;
use lightning::chain;
[package]
name = "lightning-block-sync"
-version = "0.0.104"
+version = "0.0.105"
authors = ["Jeffrey Czyz", "Matt Corallo"]
license = "MIT OR Apache-2.0"
repository = "http://github.com/lightningdevkit/rust-lightning"
"""
edition = "2018"
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
[features]
rest-client = [ "serde", "serde_json", "chunked_transfer" ]
rpc-client = [ "serde", "serde_json", "chunked_transfer" ]
[dependencies]
bitcoin = "0.27"
-lightning = { version = "0.0.104", path = "../lightning" }
+lightning = { version = "0.0.105", path = "../lightning" }
tokio = { version = "1.0", features = [ "io-util", "net", "time" ], optional = true }
serde = { version = "1.0", features = ["derive"], optional = true }
serde_json = { version = "1.0", optional = true }
}
/// Converts a JSON value into a transaction. WATCH OUT! this cannot be used for zero-input transactions
-/// (e.g. createrawtransaction). See https://github.com/rust-bitcoin/rust-bitcoincore-rpc/issues/197
+/// (e.g. createrawtransaction). See <https://github.com/rust-bitcoin/rust-bitcoincore-rpc/issues/197>
impl TryInto<Transaction> for JsonResponse {
type Error = std::io::Error;
fn try_into(self) -> std::io::Result<Transaction> {
#![deny(missing_docs)]
#![deny(unsafe_code)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
#[cfg(any(feature = "rest-client", feature = "rpc-client"))]
pub mod http;
[package]
name = "lightning-invoice"
description = "Data structures to parse and serialize BOLT11 lightning invoices"
-version = "0.12.0"
+version = "0.13.0"
authors = ["Sebastian Geisler <sgeisler@wh2.tu-dresden.de>"]
documentation = "https://docs.rs/lightning-invoice/"
license = "MIT OR Apache-2.0"
keywords = [ "lightning", "bitcoin", "invoice", "BOLT11" ]
readme = "README.md"
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
[features]
default = ["std"]
no-std = ["hashbrown", "lightning/no-std", "core2/alloc"]
[dependencies]
bech32 = { version = "0.8", default-features = false }
-lightning = { version = "0.0.104", path = "../lightning", default-features = false }
+lightning = { version = "0.0.105", path = "../lightning", default-features = false }
secp256k1 = { version = "0.20", default-features = false, features = ["recovery", "alloc"] }
num-traits = { version = "0.2.8", default-features = false }
bitcoin_hashes = { version = "0.10", default-features = false }
core2 = { version = "0.3.0", default-features = false, optional = true }
[dev-dependencies]
-lightning = { version = "0.0.104", path = "../lightning", default-features = false, features = ["_test_utils"] }
+lightning = { version = "0.0.105", path = "../lightning", default-features = false, features = ["_test_utils"] }
hex = "0.4"
#![deny(unused_mut)]
#![deny(broken_intra_doc_links)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
#![cfg_attr(feature = "strict", deny(warnings))]
#![cfg_attr(all(not(feature = "std"), not(test)), no_std)]
[package]
name = "lightning-net-tokio"
-version = "0.0.104"
+version = "0.0.105"
authors = ["Matt Corallo"]
license = "MIT OR Apache-2.0"
repository = "https://github.com/lightningdevkit/rust-lightning/"
"""
edition = "2018"
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
[dependencies]
bitcoin = "0.27"
-lightning = { version = "0.0.104", path = "../lightning" }
+lightning = { version = "0.0.105", path = "../lightning" }
tokio = { version = "1.0", features = [ "io-util", "macros", "rt", "sync", "net", "time" ] }
[dev-dependencies]
#![deny(broken_intra_doc_links)]
#![deny(missing_docs)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
use bitcoin::secp256k1::key::PublicKey;
use tokio::net::TcpStream;
[package]
name = "lightning-persister"
-version = "0.0.104"
+version = "0.0.105"
authors = ["Valentine Wallace", "Matt Corallo"]
license = "MIT OR Apache-2.0"
repository = "https://github.com/lightningdevkit/rust-lightning/"
Utilities to manage Rust-Lightning channel data persistence and retrieval.
"""
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs"]
+
[features]
_bench_unstable = ["lightning/_bench_unstable"]
[dependencies]
bitcoin = "0.27"
-lightning = { version = "0.0.104", path = "../lightning" }
+lightning = { version = "0.0.105", path = "../lightning" }
libc = "0.2"
[target.'cfg(windows)'.dependencies]
winapi = { version = "0.3", features = ["winbase"] }
[dev-dependencies]
-lightning = { version = "0.0.104", path = "../lightning", features = ["_test_utils"] }
+lightning = { version = "0.0.105", path = "../lightning", features = ["_test_utils"] }
#![deny(broken_intra_doc_links)]
#![deny(missing_docs)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
#![cfg_attr(all(test, feature = "_bench_unstable"), feature(test))]
#[cfg(all(test, feature = "_bench_unstable"))] extern crate test;
"Invalid ChannelMonitor file name",
));
}
+ if filename.unwrap().ends_with(".tmp") {
+ // If we were in the middle of committing an new update and crashed, it should be
+ // safe to ignore the update - we should never have returned to the caller and
+ // irrevocably committed to the new state in any way.
+ continue;
+ }
let txid = Txid::from_hex(filename.unwrap().split_at(64).0);
if txid.is_err() {
[package]
name = "lightning"
-version = "0.0.104"
+version = "0.0.105"
authors = ["Matt Corallo"]
license = "MIT OR Apache-2.0"
repository = "https://github.com/lightningdevkit/rust-lightning/"
Still missing tons of error-handling. See GitHub issues for suggested projects if you want to contribute. Don't have to bother telling you not to use this for anything serious, because you'd have to build a client around it to even try.
"""
+[package.metadata.docs.rs]
+features = ["std"]
+rustdoc-args = ["--cfg", "docsrs"]
+
[features]
# Internal test utilities exposed to other repo crates
_test_utils = ["hex", "regex", "bitcoin/bitcoinconsensus"]
},
}
+impl ChannelMonitorUpdateStep {
+ fn variant_name(&self) -> &'static str {
+ match self {
+ ChannelMonitorUpdateStep::LatestHolderCommitmentTXInfo { .. } => "LatestHolderCommitmentTXInfo",
+ ChannelMonitorUpdateStep::LatestCounterpartyCommitmentTXInfo { .. } => "LatestCounterpartyCommitmentTXInfo",
+ ChannelMonitorUpdateStep::PaymentPreimage { .. } => "PaymentPreimage",
+ ChannelMonitorUpdateStep::CommitmentSecret { .. } => "CommitmentSecret",
+ ChannelMonitorUpdateStep::ChannelForceClosed { .. } => "ChannelForceClosed",
+ ChannelMonitorUpdateStep::ShutdownScript { .. } => "ShutdownScript",
+ }
+ }
+}
+
impl_writeable_tlv_based_enum_upgradable!(ChannelMonitorUpdateStep,
(0, LatestHolderCommitmentTXInfo) => {
(0, commitment_tx, required),
F::Target: FeeEstimator,
L::Target: Logger,
{
+ log_info!(logger, "Applying update to monitor {}, bringing update_id from {} to {} with {} changes.",
+ log_funding_info!(self), self.latest_update_id, updates.update_id, updates.updates.len());
// ChannelMonitor updates may be applied after force close if we receive a
// preimage for a broadcasted commitment transaction HTLC output that we'd
// like to claim on-chain. If this is the case, we no longer have guaranteed
// access to the monitor's update ID, so we use a sentinel value instead.
if updates.update_id == CLOSED_CHANNEL_UPDATE_ID {
+ assert_eq!(updates.updates.len(), 1);
match updates.updates[0] {
ChannelMonitorUpdateStep::PaymentPreimage { .. } => {},
- _ => panic!("Attempted to apply post-force-close ChannelMonitorUpdate that wasn't providing a payment preimage"),
+ _ => {
+ log_error!(logger, "Attempted to apply post-force-close ChannelMonitorUpdate of type {}", updates.updates[0].variant_name());
+ panic!("Attempted to apply post-force-close ChannelMonitorUpdate that wasn't providing a payment preimage");
+ },
}
- assert_eq!(updates.updates.len(), 1);
} else if self.latest_update_id + 1 != updates.update_id {
panic!("Attempted to apply ChannelMonitorUpdates out of order, check the update_id before passing an update to update_monitor!");
}
#![allow(bare_trait_objects)]
#![allow(ellipsis_inclusive_range_patterns)]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+
#![cfg_attr(all(not(feature = "std"), not(test)), no_std)]
#![cfg_attr(all(any(test, feature = "_test_utils"), feature = "_bench_unstable"), feature(test))]
// our payment, which we can use to decode errors or inform the user that the payment was sent.
#[derive(Clone)] // See Channel::revoke_and_ack for why, tl;dr: Rust bug
-enum PendingHTLCRouting {
+pub(super) enum PendingHTLCRouting {
Forward {
onion_packet: msgs::OnionPacket,
short_channel_id: u64, // This should be NonZero<u64> eventually when we bump MSRV
Receive {
payment_data: msgs::FinalOnionHopData,
incoming_cltv_expiry: u32, // Used to track when we should expire pending HTLCs that go unclaimed
+ phantom_shared_secret: Option<[u8; 32]>,
},
ReceiveKeysend {
payment_preimage: PaymentPreimage,
#[derive(Clone)] // See Channel::revoke_and_ack for why, tl;dr: Rust bug
pub(super) struct PendingHTLCInfo {
- routing: PendingHTLCRouting,
- incoming_shared_secret: [u8; 32],
+ pub(super) routing: PendingHTLCRouting,
+ pub(super) incoming_shared_secret: [u8; 32],
payment_hash: PaymentHash,
pub(super) amt_to_forward: u64,
pub(super) outgoing_cltv_value: u32,
short_channel_id: u64,
htlc_id: u64,
incoming_packet_shared_secret: [u8; 32],
+ phantom_shared_secret: Option<[u8; 32]>,
// This field is consumed by `claim_funds_from_hop()` when updating a force-closed backwards
// channel with a preimage provided by the forward channel.
}
fn construct_recv_pending_htlc_info(&self, hop_data: msgs::OnionHopData, shared_secret: [u8; 32],
- payment_hash: PaymentHash, amt_msat: u64, cltv_expiry: u32) -> Result<PendingHTLCInfo, ReceiveError>
+ payment_hash: PaymentHash, amt_msat: u64, cltv_expiry: u32, phantom_shared_secret: Option<[u8; 32]>) -> Result<PendingHTLCInfo, ReceiveError>
{
// final_incorrect_cltv_expiry
if hop_data.outgoing_cltv_value != cltv_expiry {
PendingHTLCRouting::Receive {
payment_data: data,
incoming_cltv_expiry: hop_data.outgoing_cltv_value,
+ phantom_shared_secret,
}
} else if let Some(payment_preimage) = keysend_preimage {
// We need to check that the sender knows the keysend preimage before processing this
let pending_forward_info = match next_hop {
onion_utils::Hop::Receive(next_hop_data) => {
// OUR PAYMENT!
- match self.construct_recv_pending_htlc_info(next_hop_data, shared_secret, msg.payment_hash, msg.amount_msat, msg.cltv_expiry) {
+ match self.construct_recv_pending_htlc_info(next_hop_data, shared_secret, msg.payment_hash, msg.amount_msat, msg.cltv_expiry, None) {
Ok(info) => {
// Note that we could obviously respond immediately with an update_fulfill_htlc
// message, however that would leak that we are the recipient of this payment, so
routing, incoming_shared_secret, payment_hash, amt_to_forward, outgoing_cltv_value },
prev_funding_outpoint } => {
macro_rules! fail_forward {
- ($msg: expr, $err_code: expr, $err_data: expr) => {
+ ($msg: expr, $err_code: expr, $err_data: expr, $phantom_ss: expr) => {
{
log_info!(self.logger, "Failed to accept/forward incoming HTLC: {}", $msg);
let htlc_source = HTLCSource::PreviousHopData(HTLCPreviousHopData {
- short_channel_id: short_chan_id,
+ short_channel_id: prev_short_channel_id,
outpoint: prev_funding_outpoint,
htlc_id: prev_htlc_id,
incoming_packet_shared_secret: incoming_shared_secret,
+ phantom_shared_secret: $phantom_ss,
});
failed_forwards.push((htlc_source, payment_hash,
- HTLCFailReason::Reason { failure_code: $err_code, data: $err_data }
+ HTLCFailReason::Reason { failure_code: $err_code, data: $err_data }
));
continue;
}
if let PendingHTLCRouting::Forward { onion_packet, .. } = routing {
let phantom_secret_res = self.keys_manager.get_node_secret(Recipient::PhantomNode);
if phantom_secret_res.is_ok() && fake_scid::is_valid_phantom(&self.fake_scid_rand_bytes, short_chan_id) {
- let shared_secret = {
+ let phantom_shared_secret = {
let mut arr = [0; 32];
arr.copy_from_slice(&SharedSecret::new(&onion_packet.public_key.unwrap(), &phantom_secret_res.unwrap())[..]);
arr
};
- let next_hop = match onion_utils::decode_next_hop(shared_secret, &onion_packet.hop_data, onion_packet.hmac, payment_hash) {
+ let next_hop = match onion_utils::decode_next_hop(phantom_shared_secret, &onion_packet.hop_data, onion_packet.hmac, payment_hash) {
Ok(res) => res,
Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code }) => {
- fail_forward!(err_msg, err_code, Vec::new());
+ let sha256_of_onion = Sha256::hash(&onion_packet.hop_data).into_inner();
+ // In this scenario, the phantom would have sent us an
+ // `update_fail_malformed_htlc`, meaning here we encrypt the error as
+ // if it came from us (the second-to-last hop) but contains the sha256
+ // of the onion.
+ fail_forward!(err_msg, err_code, sha256_of_onion.to_vec(), None);
},
Err(onion_utils::OnionDecodeErr::Relay { err_msg, err_code }) => {
- fail_forward!(err_msg, err_code, Vec::new());
+ fail_forward!(err_msg, err_code, Vec::new(), Some(phantom_shared_secret));
},
};
match next_hop {
onion_utils::Hop::Receive(hop_data) => {
- match self.construct_recv_pending_htlc_info(hop_data, shared_secret, payment_hash, amt_to_forward, outgoing_cltv_value) {
+ match self.construct_recv_pending_htlc_info(hop_data, incoming_shared_secret, payment_hash, amt_to_forward, outgoing_cltv_value, Some(phantom_shared_secret)) {
Ok(info) => phantom_receives.push((prev_short_channel_id, prev_funding_outpoint, vec![(info, prev_htlc_id)])),
- Err(ReceiveError { err_code, err_data, msg }) => fail_forward!(msg, err_code, err_data)
+ Err(ReceiveError { err_code, err_data, msg }) => fail_forward!(msg, err_code, err_data, Some(phantom_shared_secret))
}
},
_ => panic!(),
}
} else {
- fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new());
+ fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new(), None);
}
} else {
- fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new());
+ fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new(), None);
}
},
HTLCForwardInfo::FailHTLC { .. } => {
// the channel is now on chain and our counterparty is
// trying to broadcast the HTLC-Timeout, but that's their
// problem, not ours.
- //
- // `fail_htlc_backwards_internal` is never called for
- // phantom payments, so this is unreachable for them.
}
}
}
outpoint: prev_funding_outpoint,
htlc_id: prev_htlc_id,
incoming_packet_shared_secret: incoming_shared_secret,
+ // Phantom payments are only PendingHTLCRouting::Receive.
+ phantom_shared_secret: None,
});
match chan.get_mut().send_htlc(amt_to_forward, payment_hash, outgoing_cltv_value, htlc_source.clone(), onion_packet, &self.logger) {
Err(e) => {
HTLCForwardInfo::AddHTLC { prev_short_channel_id, prev_htlc_id, forward_info: PendingHTLCInfo {
routing, incoming_shared_secret, payment_hash, amt_to_forward, .. },
prev_funding_outpoint } => {
- let (cltv_expiry, onion_payload) = match routing {
- PendingHTLCRouting::Receive { payment_data, incoming_cltv_expiry } =>
- (incoming_cltv_expiry, OnionPayload::Invoice(payment_data)),
+ let (cltv_expiry, onion_payload, phantom_shared_secret) = match routing {
+ PendingHTLCRouting::Receive { payment_data, incoming_cltv_expiry, phantom_shared_secret } =>
+ (incoming_cltv_expiry, OnionPayload::Invoice(payment_data), phantom_shared_secret),
PendingHTLCRouting::ReceiveKeysend { payment_preimage, incoming_cltv_expiry } =>
- (incoming_cltv_expiry, OnionPayload::Spontaneous(payment_preimage)),
+ (incoming_cltv_expiry, OnionPayload::Spontaneous(payment_preimage), None),
_ => {
panic!("short_channel_id == 0 should imply any pending_forward entries are of type Receive");
}
outpoint: prev_funding_outpoint,
htlc_id: prev_htlc_id,
incoming_packet_shared_secret: incoming_shared_secret,
+ phantom_shared_secret,
},
value: amt_to_forward,
cltv_expiry,
outpoint: prev_funding_outpoint,
htlc_id: $htlc.prev_hop.htlc_id,
incoming_packet_shared_secret: $htlc.prev_hop.incoming_packet_shared_secret,
+ phantom_shared_secret,
}), payment_hash,
HTLCFailReason::Reason { failure_code: 0x4000 | 15, data: htlc_msat_height_data }
));
pending_events.push(path_failure);
if let Some(ev) = full_failure_ev { pending_events.push(ev); }
},
- HTLCSource::PreviousHopData(HTLCPreviousHopData { short_channel_id, htlc_id, incoming_packet_shared_secret, .. }) => {
+ HTLCSource::PreviousHopData(HTLCPreviousHopData { short_channel_id, htlc_id, incoming_packet_shared_secret, phantom_shared_secret, .. }) => {
let err_packet = match onion_error {
HTLCFailReason::Reason { failure_code, data } => {
log_trace!(self.logger, "Failing HTLC with payment_hash {} backwards from us with code {}", log_bytes!(payment_hash.0), failure_code);
- let packet = onion_utils::build_failure_packet(&incoming_packet_shared_secret, failure_code, &data[..]).encode();
- onion_utils::encrypt_failure_packet(&incoming_packet_shared_secret, &packet)
+ if let Some(phantom_ss) = phantom_shared_secret {
+ let phantom_packet = onion_utils::build_failure_packet(&phantom_ss, failure_code, &data[..]).encode();
+ let encrypted_phantom_packet = onion_utils::encrypt_failure_packet(&phantom_ss, &phantom_packet);
+ onion_utils::encrypt_failure_packet(&incoming_packet_shared_secret, &encrypted_phantom_packet.data[..])
+ } else {
+ let packet = onion_utils::build_failure_packet(&incoming_packet_shared_secret, failure_code, &data[..]).encode();
+ onion_utils::encrypt_failure_packet(&incoming_packet_shared_secret, &packet)
+ }
},
HTLCFailReason::LightningError { err } => {
log_trace!(self.logger, "Failing HTLC with payment_hash {} backwards with pre-built LightningError", log_bytes!(payment_hash.0));
onion_utils::build_first_hop_failure_packet(incoming_shared_secret, error_code, &{
let mut res = Vec::with_capacity(8 + 128);
// TODO: underspecified, follow https://github.com/lightningnetwork/lightning-rfc/issues/791
- res.extend_from_slice(&byte_utils::be16_to_array(0));
+ if error_code == 0x1000 | 20 {
+ res.extend_from_slice(&byte_utils::be16_to_array(0));
+ }
res.extend_from_slice(&upd.encode_with_len()[..]);
res
}[..])
},
(1, Receive) => {
(0, payment_data, required),
+ (1, phantom_shared_secret, option),
(2, incoming_cltv_expiry, required),
},
(2, ReceiveKeysend) => {
impl_writeable_tlv_based!(HTLCPreviousHopData, {
(0, short_channel_id, required),
+ (1, phantom_shared_secret, option),
(2, outpoint, required),
(4, htlc_id, required),
(6, incoming_packet_shared_secret, required)
impl Writeable for OnionHopData {
fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
- // Note that this should never be reachable if Rust-Lightning generated the message, as we
- // check values are sane long before we get here, though its possible in the future
- // user-generated messages may hit this.
- if self.amt_to_forward > MAX_VALUE_MSAT { panic!("We should never be sending infinite/overflow onion payments"); }
match self.format {
OnionHopDataFormat::Legacy { short_channel_id } => {
0u8.write(w)?;
});
},
OnionHopDataFormat::FinalNode { ref payment_data, ref keysend_preimage } => {
- if let Some(final_data) = payment_data {
- if final_data.total_msat > MAX_VALUE_MSAT { panic!("We should never be sending infinite/overflow onion payments"); }
- }
encode_varint_length_prefixed_tlv!(w, {
(2, HighZeroBytesDroppedVarInt(self.amt_to_forward), required),
(4, HighZeroBytesDroppedVarInt(self.outgoing_cltv_value), required),
//! returned errors decode to the correct thing.
use chain::channelmonitor::{CLTV_CLAIM_BUFFER, LATENCY_GRACE_PERIOD_BLOCKS};
+use chain::keysinterface::{KeysInterface, Recipient};
use ln::{PaymentHash, PaymentSecret};
-use ln::channelmanager::{HTLCForwardInfo, CLTV_FAR_FAR_AWAY};
+use ln::channelmanager::{HTLCForwardInfo, CLTV_FAR_FAR_AWAY, MIN_CLTV_EXPIRY_DELTA, PendingHTLCInfo, PendingHTLCRouting};
use ln::onion_utils;
-use routing::network_graph::NetworkUpdate;
-use routing::router::Route;
-use ln::features::InitFeatures;
+use routing::network_graph::{NetworkUpdate, RoutingFees};
+use routing::router::{get_route, PaymentParameters, Route, RouteHint, RouteHintHop};
+use ln::features::{InitFeatures, InvoiceFeatures};
use ln::msgs;
use ln::msgs::{ChannelMessageHandler, ChannelUpdate, OptionalField};
use util::events::{Event, MessageSendEvent, MessageSendEventsProvider};
use util::ser::{Writeable, Writer};
+use util::{byte_utils, test_utils};
use util::config::UserConfig;
use bitcoin::hash_types::BlockHash;
use bitcoin::hashes::Hash;
+use bitcoin::hashes::sha256::Hash as Sha256;
use bitcoin::secp256k1;
use bitcoin::secp256k1::Secp256k1;
-use bitcoin::secp256k1::key::SecretKey;
+use bitcoin::secp256k1::key::{PublicKey, SecretKey};
use io;
use prelude::*;
nodes[2].node.fail_htlc_backwards(&payment_hash);
}, true, Some(23), None, None);
}
+
+macro_rules! get_phantom_route {
+ ($nodes: expr, $amt: expr, $channel: expr) => {{
+ let secp_ctx = Secp256k1::new();
+ let phantom_secret = $nodes[1].keys_manager.get_node_secret(Recipient::PhantomNode).unwrap();
+ let phantom_pubkey = PublicKey::from_secret_key(&secp_ctx, &phantom_secret);
+ let phantom_route_hint = $nodes[1].node.get_phantom_route_hints();
+ let payment_params = PaymentParameters::from_node_id(phantom_pubkey)
+ .with_features(InvoiceFeatures::known())
+ .with_route_hints(vec![RouteHint(vec![
+ RouteHintHop {
+ src_node_id: $nodes[0].node.get_our_node_id(),
+ short_channel_id: $channel.0.contents.short_channel_id,
+ fees: RoutingFees {
+ base_msat: $channel.0.contents.fee_base_msat,
+ proportional_millionths: $channel.0.contents.fee_proportional_millionths,
+ },
+ cltv_expiry_delta: $channel.0.contents.cltv_expiry_delta,
+ htlc_minimum_msat: None,
+ htlc_maximum_msat: None,
+ },
+ RouteHintHop {
+ src_node_id: phantom_route_hint.real_node_pubkey,
+ short_channel_id: phantom_route_hint.phantom_scid,
+ fees: RoutingFees {
+ base_msat: 0,
+ proportional_millionths: 0,
+ },
+ cltv_expiry_delta: MIN_CLTV_EXPIRY_DELTA,
+ htlc_minimum_msat: None,
+ htlc_maximum_msat: None,
+ }
+ ])]);
+ let scorer = test_utils::TestScorer::with_penalty(0);
+ (get_route(
+ &$nodes[0].node.get_our_node_id(), &payment_params, $nodes[0].network_graph,
+ Some(&$nodes[0].node.list_usable_channels().iter().collect::<Vec<_>>()),
+ $amt, TEST_FINAL_CLTV, $nodes[0].logger, &scorer
+ ).unwrap(), phantom_route_hint.phantom_scid)
+ }
+}}
+
+#[test]
+fn test_phantom_onion_hmac_failure() {
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route.
+ let recv_value_msat = 10_000;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_value_msat));
+ let (route, phantom_scid) = get_phantom_route!(nodes, recv_value_msat, channel);
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ // Modify the payload so the phantom hop's HMAC is bogus.
+ let sha256_of_onion = {
+ let mut channel_state = nodes[1].node.channel_state.lock().unwrap();
+ let mut pending_forward = channel_state.forward_htlcs.get_mut(&phantom_scid).unwrap();
+ match pending_forward[0] {
+ HTLCForwardInfo::AddHTLC {
+ forward_info: PendingHTLCInfo {
+ routing: PendingHTLCRouting::Forward { ref mut onion_packet, .. },
+ ..
+ }, ..
+ } => {
+ onion_packet.hmac[onion_packet.hmac.len() - 1] ^= 1;
+ Sha256::hash(&onion_packet.hop_data).into_inner().to_vec()
+ },
+ _ => panic!("Unexpected forward"),
+ }
+ };
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .blamed_chan_closed(true)
+ .expected_htlc_error_data(0x8000 | 0x4000 | 5, &sha256_of_onion);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, false, fail_conditions);
+}
+
+#[test]
+fn test_phantom_invalid_onion_payload() {
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let mut nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route.
+ let recv_value_msat = 10_000;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_value_msat));
+ let (route, phantom_scid) = get_phantom_route!(nodes, recv_value_msat, channel);
+
+ // We'll use the session priv later when constructing an invalid onion packet.
+ let session_priv = [3; 32];
+ *nodes[0].keys_manager.override_session_priv.lock().unwrap() = Some(session_priv);
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ // Modify the onion packet to have an invalid payment amount.
+ for (_, pending_forwards) in nodes[1].node.channel_state.lock().unwrap().forward_htlcs.iter_mut() {
+ for f in pending_forwards.iter_mut() {
+ match f {
+ &mut HTLCForwardInfo::AddHTLC {
+ forward_info: PendingHTLCInfo {
+ routing: PendingHTLCRouting::Forward { ref mut onion_packet, .. },
+ ..
+ }, ..
+ } => {
+ // Construct the onion payloads for the entire route and an invalid amount.
+ let height = nodes[0].best_block_info().1;
+ let session_priv = SecretKey::from_slice(&session_priv).unwrap();
+ let mut onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
+ let (mut onion_payloads, _, _) = onion_utils::build_onion_payloads(&route.paths[0], msgs::MAX_VALUE_MSAT + 1, &Some(payment_secret), height + 1, &None).unwrap();
+ // We only want to construct the onion packet for the last hop, not the entire route, so
+ // remove the first hop's payload and its keys.
+ onion_keys.remove(0);
+ onion_payloads.remove(0);
+
+ let new_onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash);
+ onion_packet.hop_data = new_onion_packet.hop_data;
+ onion_packet.hmac = new_onion_packet.hmac;
+ },
+ _ => panic!("Unexpected forward"),
+ }
+ }
+ }
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let error_data = Vec::new();
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .blamed_chan_closed(true)
+ .expected_htlc_error_data(0x4000 | 22, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, true, fail_conditions);
+}
+
+#[test]
+fn test_phantom_final_incorrect_cltv_expiry() {
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route.
+ let recv_value_msat = 10_000;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_value_msat));
+ let (route, phantom_scid) = get_phantom_route!(nodes, recv_value_msat, channel);
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ // Modify the payload so the phantom hop's HMAC is bogus.
+ for (_, pending_forwards) in nodes[1].node.channel_state.lock().unwrap().forward_htlcs.iter_mut() {
+ for f in pending_forwards.iter_mut() {
+ match f {
+ &mut HTLCForwardInfo::AddHTLC {
+ forward_info: PendingHTLCInfo { ref mut outgoing_cltv_value, .. }, ..
+ } => {
+ *outgoing_cltv_value += 1;
+ },
+ _ => panic!("Unexpected forward"),
+ }
+ }
+ }
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let expected_cltv = 82;
+ let error_data = byte_utils::be32_to_array(expected_cltv).to_vec();
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .expected_htlc_error_data(18, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, false, fail_conditions);
+}
+
+#[test]
+fn test_phantom_failure_too_low_cltv() {
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route.
+ let recv_value_msat = 10_000;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_value_msat));
+ let (mut route, phantom_scid) = get_phantom_route!(nodes, recv_value_msat, channel);
+
+ // Modify the route to have a too-low cltv.
+ route.paths[0][1].cltv_expiry_delta = 5;
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let error_data = Vec::new();
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .expected_htlc_error_data(17, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, false, fail_conditions);
+}
+
+#[test]
+fn test_phantom_failure_too_low_recv_amt() {
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route with a too-low amount.
+ let recv_amt_msat = 10_000;
+ let bad_recv_amt_msat = recv_amt_msat - 10;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_amt_msat));
+ let (mut route, phantom_scid) = get_phantom_route!(nodes, bad_recv_amt_msat, channel);
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let mut error_data = byte_utils::be64_to_array(bad_recv_amt_msat).to_vec();
+ error_data.extend_from_slice(
+ &byte_utils::be32_to_array(nodes[1].node.best_block.read().unwrap().height()),
+ );
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .expected_htlc_error_data(0x4000 | 15, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, true, fail_conditions);
+}
+
+#[test]
+fn test_phantom_dust_exposure_failure() {
+ // Set the max dust exposure to the dust limit.
+ let max_dust_exposure = 546;
+ let mut receiver_config = UserConfig::default();
+ receiver_config.channel_options.max_dust_htlc_exposure_msat = max_dust_exposure;
+ receiver_config.channel_options.announced_channel = true;
+
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, Some(receiver_config)]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route with an amount exceeding the dust exposure threshold of nodes[1].
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(max_dust_exposure + 1));
+ let (mut route, _) = get_phantom_route!(nodes, max_dust_exposure + 1, channel);
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let mut error_data = channel.1.encode_with_len();
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(channel.0.contents.short_channel_id)
+ .blamed_chan_closed(false)
+ .expected_htlc_error_data(0x1000 | 7, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, false, fail_conditions);
+}
+
+#[test]
+fn test_phantom_failure_reject_payment() {
+ // Test that the user can successfully fail back a phantom node payment.
+ let chanmon_cfgs = create_chanmon_cfgs(2);
+ let node_cfgs = create_node_cfgs(2, &chanmon_cfgs);
+ let node_chanmgrs = create_node_chanmgrs(2, &node_cfgs, &[None, None]);
+ let nodes = create_network(2, &node_cfgs, &node_chanmgrs);
+
+ let channel = create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::known(), InitFeatures::known());
+
+ // Get the route with a too-low amount.
+ let recv_amt_msat = 10_000;
+ let (_, payment_hash, payment_secret) = get_payment_preimage_hash!(nodes[1], Some(recv_amt_msat));
+ let (mut route, phantom_scid) = get_phantom_route!(nodes, recv_amt_msat, channel);
+
+ // Route the HTLC through to the destination.
+ nodes[0].node.send_payment(&route, payment_hash.clone(), &Some(payment_secret)).unwrap();
+ check_added_monitors!(nodes[0], 1);
+ let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id());
+ let mut update_add = update_0.update_add_htlcs[0].clone();
+
+ nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &update_add);
+ commitment_signed_dance!(nodes[1], nodes[0], &update_0.commitment_signed, false, true);
+
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+ expect_payment_received!(nodes[1], payment_hash, payment_secret, recv_amt_msat);
+ assert!(nodes[1].node.fail_htlc_backwards(&payment_hash));
+ expect_pending_htlcs_forwardable_ignore!(nodes[1]);
+ nodes[1].node.process_pending_htlc_forwards();
+
+ let update_1 = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+ check_added_monitors!(&nodes[1], 1);
+ assert!(update_1.update_fail_htlcs.len() == 1);
+ let fail_msg = update_1.update_fail_htlcs[0].clone();
+ nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &fail_msg);
+ commitment_signed_dance!(nodes[0], nodes[1], update_1.commitment_signed, false);
+
+ // Ensure the payment fails with the expected error.
+ let mut error_data = byte_utils::be64_to_array(recv_amt_msat).to_vec();
+ error_data.extend_from_slice(
+ &byte_utils::be32_to_array(nodes[1].node.best_block.read().unwrap().height()),
+ );
+ let mut fail_conditions = PaymentFailedConditions::new()
+ .blamed_scid(phantom_scid)
+ .expected_htlc_error_data(0x4000 | 15, &error_data);
+ expect_payment_failed_conditions!(nodes[0], payment_hash, true, fail_conditions);
+}
+
/// so that we can choose cheaper paths (as per Dijkstra's algorithm).
/// Fee values should be updated only in the context of the whole path, see update_value_and_recompute_fees.
/// These fee values are useful to choose hops as we traverse the graph "payee-to-payer".
-#[derive(Clone, Debug)]
+#[derive(Clone)]
struct PathBuildingHop<'a> {
// Note that this should be dropped in favor of loading it from CandidateRouteHop, but doing so
// is a larger refactor and will require careful performance analysis.
value_contribution_msat: u64,
}
+impl<'a> core::fmt::Debug for PathBuildingHop<'a> {
+ fn fmt(&self, f: &mut core::fmt::Formatter) -> Result<(), core::fmt::Error> {
+ f.debug_struct("PathBuildingHop")
+ .field("node_id", &self.node_id)
+ .field("short_channel_id", &self.candidate.short_channel_id())
+ .field("total_fee_msat", &self.total_fee_msat)
+ .field("next_hops_fee_msat", &self.next_hops_fee_msat)
+ .field("hop_use_fee_msat", &self.hop_use_fee_msat)
+ .field("total_fee_msat - (next_hops_fee_msat + hop_use_fee_msat)", &(&self.total_fee_msat - (&self.next_hops_fee_msat + &self.hop_use_fee_msat)))
+ .field("path_penalty_msat", &self.path_penalty_msat)
+ .field("path_htlc_minimum_msat", &self.path_htlc_minimum_msat)
+ .field("cltv_expiry_delta", &self.candidate.cltv_expiry_delta())
+ .finish()
+ }
+}
+
// Instantiated with a list of hops with correct data in them collected during path finding,
// an instance of this struct should be further modified only via given methods.
#[derive(Clone)]
node_info.features.supports_basic_mpp()
} else { false }
} else { false };
- log_trace!(logger, "Searching for a route from payer {} to payee {} {} MPP", our_node_pubkey,
- payment_params.payee_pubkey, if allow_mpp { "with" } else { "without" });
+ log_trace!(logger, "Searching for a route from payer {} to payee {} {} MPP and {} first hops {}overriding the network graph", our_node_pubkey,
+ payment_params.payee_pubkey, if allow_mpp { "with" } else { "without" },
+ first_hops.map(|hops| hops.len()).unwrap_or(0), if first_hops.is_some() { "" } else { "not " });
// Step (1).
// Prepare the data we'll use for payee-to-payer search by
// semi-dummy record just to compute the fees to reach the source node.
// This will affect our decision on selecting short_channel_id
// as a way to reach the $dest_node_id.
- let mut fee_base_msat = u32::max_value();
- let mut fee_proportional_millionths = u32::max_value();
+ let mut fee_base_msat = 0;
+ let mut fee_proportional_millionths = 0;
if let Some(Some(fees)) = network_nodes.get(&$src_node_id).map(|node| node.lowest_inbound_channel_fees) {
fee_base_msat = fees.base_msat;
fee_proportional_millionths = fees.proportional_millionths;
ordered_hops.last_mut().unwrap().1 = NodeFeatures::empty();
}
} else {
- // We should be able to fill in features for everything except the last
- // hop, if the last hop was provided via a BOLT 11 invoice (though we
- // should be able to extend it further as BOLT 11 does have feature
- // flags for the last hop node itself).
- assert!(ordered_hops.last().unwrap().0.node_id == payee_node_id);
+ // We can fill in features for everything except hops which were
+ // provided via the invoice we're paying. We could guess based on the
+ // recipient's features but for now we simply avoid guessing at all.
}
}
ordered_hops.last_mut().unwrap().0.fee_msat = value_contribution_msat;
ordered_hops.last_mut().unwrap().0.hop_use_fee_msat = 0;
- log_trace!(logger, "Found a path back to us from the target with {} hops contributing up to {} msat: {:?}",
- ordered_hops.len(), value_contribution_msat, ordered_hops);
+ log_trace!(logger, "Found a path back to us from the target with {} hops contributing up to {} msat: \n {:#?}",
+ ordered_hops.len(), value_contribution_msat, ordered_hops.iter().map(|h| &(h.0)).collect::<Vec<&PathBuildingHop>>());
let mut payment_path = PaymentPath {hops: ordered_hops};
fn get_nodes(secp_ctx: &Secp256k1<All>) -> (SecretKey, PublicKey, Vec<SecretKey>, Vec<PublicKey>) {
let privkeys: Vec<SecretKey> = (2..10).map(|i| {
- SecretKey::from_slice(&hex::decode(format!("{:02}", i).repeat(32)).unwrap()[..]).unwrap()
+ SecretKey::from_slice(&hex::decode(format!("{:02x}", i).repeat(32)).unwrap()[..]).unwrap()
}).collect();
let pubkeys = privkeys.iter().map(|secret| PublicKey::from_secret_key(&secp_ctx, secret)).collect();
assert_eq!(route.paths[0][4].channel_features.le_flags(), &Vec::<u8>::new()); // We can't learn any flags from invoices, sadly
}
- fn multi_hint_last_hops(nodes: &Vec<PublicKey>) -> Vec<RouteHint> {
+ /// Builds a trivial last-hop hint that passes through the two nodes given, with channel 0xff00
+ /// and 0xff01.
+ fn multi_hop_last_hops_hint(hint_hops: [PublicKey; 2]) -> Vec<RouteHint> {
let zero_fees = RoutingFees {
base_msat: 0,
proportional_millionths: 0,
};
vec![RouteHint(vec![RouteHintHop {
- src_node_id: nodes[2],
- short_channel_id: 5,
+ src_node_id: hint_hops[0],
+ short_channel_id: 0xff00,
fees: RoutingFees {
base_msat: 100,
proportional_millionths: 0,
htlc_minimum_msat: None,
htlc_maximum_msat: None,
}, RouteHintHop {
- src_node_id: nodes[3],
- short_channel_id: 8,
+ src_node_id: hint_hops[1],
+ short_channel_id: 0xff01,
fees: zero_fees,
cltv_expiry_delta: (8 << 4) | 1,
htlc_minimum_msat: None,
htlc_maximum_msat: None,
- }]), RouteHint(vec![RouteHintHop {
- src_node_id: nodes[5],
- short_channel_id: 10,
- fees: zero_fees,
- cltv_expiry_delta: (10 << 4) | 1,
- htlc_minimum_msat: None,
- htlc_maximum_msat: None,
}])]
}
fn multi_hint_last_hops_test() {
let (secp_ctx, network_graph, net_graph_msg_handler, _, logger) = build_graph();
let (_, our_id, privkeys, nodes) = get_nodes(&secp_ctx);
- let payment_params = PaymentParameters::from_node_id(nodes[6]).with_route_hints(multi_hint_last_hops(&nodes));
+ let last_hops = multi_hop_last_hops_hint([nodes[2], nodes[3]]);
+ let payment_params = PaymentParameters::from_node_id(nodes[6]).with_route_hints(last_hops.clone());
let scorer = test_utils::TestScorer::with_penalty(0);
- // Test through channels 2, 3, 5, 8.
+ // Test through channels 2, 3, 0xff00, 0xff01.
// Test shows that multiple hop hints are considered.
// Disabling channels 6 & 7 by flags=2
assert_eq!(route.paths[0][1].channel_features.le_flags(), &id_to_feature_flags(4));
assert_eq!(route.paths[0][2].pubkey, nodes[3]);
- assert_eq!(route.paths[0][2].short_channel_id, 5);
+ assert_eq!(route.paths[0][2].short_channel_id, last_hops[0].0[0].short_channel_id);
assert_eq!(route.paths[0][2].fee_msat, 0);
assert_eq!(route.paths[0][2].cltv_expiry_delta, 129);
assert_eq!(route.paths[0][2].node_features.le_flags(), &id_to_feature_flags(4));
- assert_eq!(route.paths[0][2].channel_features.le_flags(), &Vec::<u8>::new());
+ assert_eq!(route.paths[0][2].channel_features.le_flags(), &Vec::<u8>::new()); // We can't learn any flags from invoices, sadly
+
+ assert_eq!(route.paths[0][3].pubkey, nodes[6]);
+ assert_eq!(route.paths[0][3].short_channel_id, last_hops[0].0[1].short_channel_id);
+ assert_eq!(route.paths[0][3].fee_msat, 100);
+ assert_eq!(route.paths[0][3].cltv_expiry_delta, 42);
+ assert_eq!(route.paths[0][3].node_features.le_flags(), &Vec::<u8>::new()); // We dont pass flags in from invoices yet
+ assert_eq!(route.paths[0][3].channel_features.le_flags(), &Vec::<u8>::new()); // We can't learn any flags from invoices, sadly
+ }
+
+ #[test]
+ fn private_multi_hint_last_hops_test() {
+ let (secp_ctx, network_graph, net_graph_msg_handler, _, logger) = build_graph();
+ let (_, our_id, privkeys, nodes) = get_nodes(&secp_ctx);
+
+ let non_announced_privkey = SecretKey::from_slice(&hex::decode(format!("{:02x}", 0xf0).repeat(32)).unwrap()[..]).unwrap();
+ let non_announced_pubkey = PublicKey::from_secret_key(&secp_ctx, &non_announced_privkey);
+
+ let last_hops = multi_hop_last_hops_hint([nodes[2], non_announced_pubkey]);
+ let payment_params = PaymentParameters::from_node_id(nodes[6]).with_route_hints(last_hops.clone());
+ let scorer = test_utils::TestScorer::with_penalty(0);
+ // Test through channels 2, 3, 0xff00, 0xff01.
+ // Test shows that multiple hop hints are considered.
+
+ // Disabling channels 6 & 7 by flags=2
+ update_channel(&net_graph_msg_handler, &secp_ctx, &privkeys[2], UnsignedChannelUpdate {
+ chain_hash: genesis_block(Network::Testnet).header.block_hash(),
+ short_channel_id: 6,
+ timestamp: 2,
+ flags: 2, // to disable
+ cltv_expiry_delta: 0,
+ htlc_minimum_msat: 0,
+ htlc_maximum_msat: OptionalField::Absent,
+ fee_base_msat: 0,
+ fee_proportional_millionths: 0,
+ excess_data: Vec::new()
+ });
+ update_channel(&net_graph_msg_handler, &secp_ctx, &privkeys[2], UnsignedChannelUpdate {
+ chain_hash: genesis_block(Network::Testnet).header.block_hash(),
+ short_channel_id: 7,
+ timestamp: 2,
+ flags: 2, // to disable
+ cltv_expiry_delta: 0,
+ htlc_minimum_msat: 0,
+ htlc_maximum_msat: OptionalField::Absent,
+ fee_base_msat: 0,
+ fee_proportional_millionths: 0,
+ excess_data: Vec::new()
+ });
+
+ let route = get_route(&our_id, &payment_params, &network_graph, None, 100, 42, Arc::clone(&logger), &scorer).unwrap();
+ assert_eq!(route.paths[0].len(), 4);
+
+ assert_eq!(route.paths[0][0].pubkey, nodes[1]);
+ assert_eq!(route.paths[0][0].short_channel_id, 2);
+ assert_eq!(route.paths[0][0].fee_msat, 200);
+ assert_eq!(route.paths[0][0].cltv_expiry_delta, 65);
+ assert_eq!(route.paths[0][0].node_features.le_flags(), &id_to_feature_flags(2));
+ assert_eq!(route.paths[0][0].channel_features.le_flags(), &id_to_feature_flags(2));
+
+ assert_eq!(route.paths[0][1].pubkey, nodes[2]);
+ assert_eq!(route.paths[0][1].short_channel_id, 4);
+ assert_eq!(route.paths[0][1].fee_msat, 100);
+ assert_eq!(route.paths[0][1].cltv_expiry_delta, 81);
+ assert_eq!(route.paths[0][1].node_features.le_flags(), &id_to_feature_flags(3));
+ assert_eq!(route.paths[0][1].channel_features.le_flags(), &id_to_feature_flags(4));
+
+ assert_eq!(route.paths[0][2].pubkey, non_announced_pubkey);
+ assert_eq!(route.paths[0][2].short_channel_id, last_hops[0].0[0].short_channel_id);
+ assert_eq!(route.paths[0][2].fee_msat, 0);
+ assert_eq!(route.paths[0][2].cltv_expiry_delta, 129);
+ assert_eq!(route.paths[0][2].node_features.le_flags(), &Vec::<u8>::new()); // We dont pass flags in from invoices yet
+ assert_eq!(route.paths[0][2].channel_features.le_flags(), &Vec::<u8>::new()); // We can't learn any flags from invoices, sadly
assert_eq!(route.paths[0][3].pubkey, nodes[6]);
- assert_eq!(route.paths[0][3].short_channel_id, 8);
+ assert_eq!(route.paths[0][3].short_channel_id, last_hops[0].0[1].short_channel_id);
assert_eq!(route.paths[0][3].fee_msat, 100);
assert_eq!(route.paths[0][3].cltv_expiry_delta, 42);
assert_eq!(route.paths[0][3].node_features.le_flags(), &Vec::<u8>::new()); // We dont pass flags in from invoices yet
/// [`Score`] implementation.
///
/// (C-not exported) generally all users should use the [`Scorer`] type alias.
-#[doc(hidden)]
pub struct ScorerUsingTime<T: Time> {
params: ScoringParameters,
// TODO: Remove entries of closed channels.
/// Probabilistic [`Score`] implementation.
///
/// (C-not exported) generally all users should use the [`ProbabilisticScorer`] type alias.
-#[doc(hidden)]
pub struct ProbabilisticScorerUsingTime<G: Deref<Target = NetworkGraph>, T: Time> {
params: ProbabilisticScoringParameters,
network_graph: G,
/// Note that this does *not* indicate that all paths for an MPP payment have failed, see
/// [`Event::PaymentFailed`] and [`all_paths_failed`].
///
- /// [`all_paths_failed`]: Self::all_paths_failed
+ /// [`all_paths_failed`]: Self::PaymentPathFailed::all_paths_failed
PaymentPathFailed {
/// The id returned by [`ChannelManager::send_payment`] and used with
/// [`ChannelManager::retry_payment`] and [`ChannelManager::abandon_payment`].
let rand_bytes = keys_manager.get_secure_random_bytes();
let segwit_activation_height = segwit_activation_height(genesis_hash);
- let mut valid_block_range = if highest_seen_blockheight > segwit_activation_height {
- highest_seen_blockheight - segwit_activation_height
- } else {
- 1
- };
+ let mut blocks_since_segwit_activation = highest_seen_blockheight.saturating_sub(segwit_activation_height);
+
// We want to ensure that this fake channel won't conflict with any transactions we haven't
// seen yet, in case `highest_seen_blockheight` is updated before we get full information
// about transactions confirmed in the given block.
- if valid_block_range > BLOCKS_PER_MONTH { valid_block_range -= BLOCKS_PER_MONTH; }
+ blocks_since_segwit_activation = blocks_since_segwit_activation.saturating_sub(BLOCKS_PER_MONTH);
let rand_for_height = u32::from_be_bytes(rand_bytes[..4].try_into().unwrap());
- let fake_scid_height = segwit_activation_height + rand_for_height % valid_block_range;
+ let fake_scid_height = segwit_activation_height + rand_for_height % (blocks_since_segwit_activation + 1);
let rand_for_tx_index = u32::from_be_bytes(rand_bytes[4..8].try_into().unwrap());
let fake_scid_tx_index = rand_for_tx_index % MAX_TX_INDEX;