From: Matt Corallo Date: Thu, 2 Jan 2020 06:23:48 +0000 (-0500) Subject: Impl Base AMP in the receive pipeline and expose payment_secret X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=43e5cdd381878855682cd99bbfd9608de34a15f5;p=rust-lightning Impl Base AMP in the receive pipeline and expose payment_secret Sadly a huge diff here, but almost all of it is changing the method signatures for sending/receiving/failing HTLCs and the PaymentReceived event, which all now need to expose an Option<[u8; 32]> for the payment_secret. It doesn't yet properly fail back pending HTLCs when the full AMP payment is never received (which should result in accidental channel force-closures). Further, as sending AMP payments is not yet supported, the only test here is a simple single-path payment with a payment_secret in it. --- diff --git a/fuzz/src/chanmon_consistency.rs b/fuzz/src/chanmon_consistency.rs index 7b8baec71..5d64b9521 100644 --- a/fuzz/src/chanmon_consistency.rs +++ b/fuzz/src/chanmon_consistency.rs @@ -417,7 +417,7 @@ pub fn do_test(data: &[u8]) { fee_msat: 5000000, cltv_expiry_delta: 200, }], - }, PaymentHash(payment_hash.into_inner())) { + }, PaymentHash(payment_hash.into_inner()), None) { // Probably ran out of funds test_return!(); } @@ -441,7 +441,7 @@ pub fn do_test(data: &[u8]) { fee_msat: 5000000, cltv_expiry_delta: 200, }], - }, PaymentHash(payment_hash.into_inner())) { + }, PaymentHash(payment_hash.into_inner()), None) { // Probably ran out of funds test_return!(); } @@ -602,9 +602,9 @@ pub fn do_test(data: &[u8]) { events::Event::PaymentReceived { payment_hash, .. } => { if claim_set.insert(payment_hash.0) { if $fail { - assert!(nodes[$node].fail_htlc_backwards(&payment_hash)); + assert!(nodes[$node].fail_htlc_backwards(&payment_hash, &None)); } else { - assert!(nodes[$node].claim_funds(PaymentPreimage(payment_hash.0), 5_000_000)); + assert!(nodes[$node].claim_funds(PaymentPreimage(payment_hash.0), &None, 5_000_000)); } } }, diff --git a/fuzz/src/full_stack.rs b/fuzz/src/full_stack.rs index 3879d0b1d..1abe7b8bf 100644 --- a/fuzz/src/full_stack.rs +++ b/fuzz/src/full_stack.rs @@ -343,7 +343,7 @@ pub fn do_test(data: &[u8], logger: &Arc) { }, our_network_key, &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 15, 0], Arc::clone(&logger))); let mut should_forward = false; - let mut payments_received: Vec<(PaymentHash, u64)> = Vec::new(); + let mut payments_received: Vec<(PaymentHash, Option<[u8; 32]>, u64)> = Vec::new(); let mut payments_sent = 0; let mut pending_funding_generation: Vec<([u8; 32], u64, Script)> = Vec::new(); let mut pending_funding_signatures = HashMap::new(); @@ -401,7 +401,7 @@ pub fn do_test(data: &[u8], logger: &Arc) { sha.input(&payment_hash.0[..]); payment_hash.0 = Sha256::from_engine(sha).into_inner(); payments_sent += 1; - match channelmanager.send_payment(route, payment_hash) { + match channelmanager.send_payment(route, payment_hash, None) { Ok(_) => {}, Err(_) => return, } @@ -428,23 +428,23 @@ pub fn do_test(data: &[u8], logger: &Arc) { } }, 8 => { - for (payment, amt) in payments_received.drain(..) { + for (payment, payment_secret, amt) in payments_received.drain(..) { // SHA256 is defined as XOR of all input bytes placed in the first byte, and 0s // for the remaining bytes. Thus, if not all remaining bytes are 0s we cannot // fulfill this HTLC, but if they are, we can just take the first byte and // place that anywhere in our preimage. if &payment.0[1..] != &[0; 31] { - channelmanager.fail_htlc_backwards(&payment); + channelmanager.fail_htlc_backwards(&payment, &payment_secret); } else { let mut payment_preimage = PaymentPreimage([0; 32]); payment_preimage.0[0] = payment.0[0]; - channelmanager.claim_funds(payment_preimage, amt); + channelmanager.claim_funds(payment_preimage, &payment_secret, amt); } } }, 9 => { - for (payment, _) in payments_received.drain(..) { - channelmanager.fail_htlc_backwards(&payment); + for (payment, payment_secret, _) in payments_received.drain(..) { + channelmanager.fail_htlc_backwards(&payment, &payment_secret); } }, 10 => { @@ -524,9 +524,9 @@ pub fn do_test(data: &[u8], logger: &Arc) { Event::FundingBroadcastSafe { funding_txo, .. } => { pending_funding_relay.push(pending_funding_signatures.remove(&funding_txo).unwrap()); }, - Event::PaymentReceived { payment_hash, amt } => { + Event::PaymentReceived { payment_hash, payment_secret, amt } => { //TODO: enhance by fetching random amounts from fuzz input? - payments_received.push((payment_hash, amt)); + payments_received.push((payment_hash, payment_secret, amt)); }, Event::PaymentSent {..} => {}, Event::PaymentFailed {..} => {}, diff --git a/lightning/src/ln/chanmon_update_fail_tests.rs b/lightning/src/ln/chanmon_update_fail_tests.rs index 0983cf44e..5c131722c 100644 --- a/lightning/src/ln/chanmon_update_fail_tests.rs +++ b/lightning/src/ln/chanmon_update_fail_tests.rs @@ -30,7 +30,7 @@ fn test_simple_monitor_permanent_update_fail() { let (_, payment_hash_1) = get_payment_preimage_hash!(&nodes[0]); *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::PermanentFailure); - if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route, payment_hash_1) {} else { panic!(); } + if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route, payment_hash_1, None) {} else { panic!(); } check_added_monitors!(nodes[0], 1); let events_1 = nodes[0].node.get_and_clear_pending_msg_events(); @@ -63,7 +63,7 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) { let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(&nodes[0]); *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); - if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_1) {} else { panic!(); } + if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_1, None) {} else { panic!(); } check_added_monitors!(nodes[0], 1); assert!(nodes[0].node.get_and_clear_pending_events().is_empty()); @@ -93,8 +93,9 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) { let events_3 = nodes[1].node.get_and_clear_pending_events(); assert_eq!(events_3.len(), 1); match events_3[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(payment_hash_1, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!(amt, 1000000); }, _ => panic!("Unexpected event"), @@ -105,7 +106,7 @@ fn do_test_simple_monitor_temporary_update_fail(disconnect: bool) { // Now set it to failed again... let (_, payment_hash_2) = get_payment_preimage_hash!(&nodes[0]); *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); - if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route, payment_hash_2) {} else { panic!(); } + if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route, payment_hash_2, None) {} else { panic!(); } check_added_monitors!(nodes[0], 1); assert!(nodes[0].node.get_and_clear_pending_events().is_empty()); @@ -168,7 +169,7 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) { let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); *nodes[0].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); - if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_2) {} else { panic!(); } + if let Err(APIError::MonitorUpdateFailed) = nodes[0].node.send_payment(route.clone(), payment_hash_2, None) {} else { panic!(); } check_added_monitors!(nodes[0], 1); assert!(nodes[0].node.get_and_clear_pending_events().is_empty()); @@ -177,7 +178,7 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) { // Claim the previous payment, which will result in a update_fulfill_htlc/CS from nodes[1] // but nodes[0] won't respond since it is frozen. - assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000)); check_added_monitors!(nodes[1], 1); let events_2 = nodes[1].node.get_and_clear_pending_msg_events(); assert_eq!(events_2.len(), 1); @@ -446,8 +447,9 @@ fn do_test_monitor_temporary_update_fail(disconnect_count: usize) { let events_5 = nodes[1].node.get_and_clear_pending_events(); assert_eq!(events_5.len(), 1); match events_5[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(payment_hash_2, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!(amt, 1000000); }, _ => panic!("Unexpected event"), @@ -494,7 +496,7 @@ fn test_monitor_update_fail_cs() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0)); @@ -555,8 +557,9 @@ fn test_monitor_update_fail_cs() { let events = nodes[1].node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); match events[0] { - Event::PaymentReceived { payment_hash, amt } => { + Event::PaymentReceived { payment_hash, payment_secret, amt } => { assert_eq!(payment_hash, our_payment_hash); + assert_eq!(payment_secret, None); assert_eq!(amt, 1000000); }, _ => panic!("Unexpected event"), @@ -578,7 +581,7 @@ fn test_monitor_update_fail_no_rebroadcast() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_1, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0)); @@ -626,13 +629,13 @@ fn test_monitor_update_raa_while_paused() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_1, our_payment_hash_1) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash_1).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); let send_event_1 = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0)); let route = nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, our_payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[1].node.send_payment(route, our_payment_hash_2).unwrap(); + nodes[1].node.send_payment(route, our_payment_hash_2, None).unwrap(); check_added_monitors!(nodes[1], 1); let send_event_2 = SendEvent::from_event(nodes[1].node.get_and_clear_pending_msg_events().remove(0)); @@ -701,7 +704,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) { let (_, payment_hash_1) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 1000000); // Fail the payment backwards, failing the monitor update on nodes[1]'s receipt of the RAA - assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1)); + assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1, &None)); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); @@ -720,7 +723,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) { // holding cell. let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); - nodes[0].node.send_payment(route, payment_hash_2).unwrap(); + nodes[0].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut send_event = SendEvent::from_event(nodes[0].node.get_and_clear_pending_msg_events().remove(0)); @@ -745,7 +748,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) { let (_, payment_hash_3) = get_payment_preimage_hash!(nodes[0]); let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); - nodes[0].node.send_payment(route, payment_hash_3).unwrap(); + nodes[0].node.send_payment(route, payment_hash_3, None).unwrap(); check_added_monitors!(nodes[0], 1); *nodes[1].chan_monitor.update_ret.lock().unwrap() = Ok(()); // We succeed in updating the monitor for the first channel @@ -792,7 +795,7 @@ fn do_test_monitor_update_fail_raa(test_ignore_second_cs: bool) { // Try to route another payment backwards from 2 to make sure 1 holds off on responding let (payment_preimage_4, payment_hash_4) = get_payment_preimage_hash!(nodes[0]); let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); - nodes[2].node.send_payment(route, payment_hash_4).unwrap(); + nodes[2].node.send_payment(route, payment_hash_4, None).unwrap(); check_added_monitors!(nodes[2], 1); send_event = SendEvent::from_event(nodes[2].node.get_and_clear_pending_msg_events().remove(0)); @@ -957,7 +960,7 @@ fn test_monitor_update_fail_reestablish() { nodes[1].node.peer_disconnected(&nodes[0].node.get_our_node_id(), false); nodes[0].node.peer_disconnected(&nodes[1].node.get_our_node_id(), false); - assert!(nodes[2].node.claim_funds(our_payment_preimage, 1_000_000)); + assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 1_000_000)); check_added_monitors!(nodes[2], 1); let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -1043,9 +1046,9 @@ fn raa_no_response_awaiting_raa_state() { // immediately after a CS. By setting failing the monitor update failure from the CS (which // requires only an RAA response due to AwaitingRAA) we can deliver the RAA and require the CS // generation during RAA while in monitor-update-failed state. - nodes[0].node.send_payment(route.clone(), payment_hash_1).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); - nodes[0].node.send_payment(route.clone(), payment_hash_2).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 0); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -1093,7 +1096,7 @@ fn raa_no_response_awaiting_raa_state() { // We send a third payment here, which is somewhat of a redundant test, but the // chanmon_fail_consistency test required it to actually find the bug (by seeing out-of-sync // commitment transaction states) whereas here we can explicitly check for it. - nodes[0].node.send_payment(route.clone(), payment_hash_3).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash_3, None).unwrap(); check_added_monitors!(nodes[0], 0); assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); @@ -1156,7 +1159,7 @@ fn claim_while_disconnected_monitor_update_fail() { nodes[0].node.peer_disconnected(&nodes[1].node.get_our_node_id(), false); nodes[1].node.peer_disconnected(&nodes[0].node.get_our_node_id(), false); - assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000)); check_added_monitors!(nodes[1], 1); nodes[0].node.peer_connected(&nodes[1].node.get_our_node_id(), &msgs::Init { features: InitFeatures::empty() }); @@ -1182,7 +1185,7 @@ fn claim_while_disconnected_monitor_update_fail() { // the monitor still failed let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_2).unwrap(); + nodes[0].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let as_updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); @@ -1274,7 +1277,7 @@ fn monitor_failed_no_reestablish_response() { // on receipt). let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_1).unwrap(); + nodes[0].node.send_payment(route, payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); @@ -1344,7 +1347,7 @@ fn first_message_on_recv_ordering() { // can deliver it and fail the monitor update. let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_1).unwrap(); + nodes[0].node.send_payment(route, payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -1366,7 +1369,7 @@ fn first_message_on_recv_ordering() { // Route the second payment, generating an update_add_htlc/commitment_signed let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_2).unwrap(); + nodes[0].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); assert_eq!(events.len(), 1); @@ -1437,12 +1440,12 @@ fn test_monitor_update_fail_claim() { let (payment_preimage_1, _) = route_payment(&nodes[0], &[&nodes[1]], 1000000); *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); - assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000)); check_added_monitors!(nodes[1], 1); let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (_, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[2].node.send_payment(route, payment_hash_2).unwrap(); + nodes[2].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[2], 1); // Successfully update the monitor on the 1<->2 channel, but the 0<->1 channel should still be @@ -1512,7 +1515,7 @@ fn test_monitor_update_on_pending_forwards() { send_payment(&nodes[0], &[&nodes[1], &nodes[2]], 5000000, 5_000_000); let (_, payment_hash_1) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 1000000); - assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1)); + assert!(nodes[2].node.fail_htlc_backwards(&payment_hash_1, &None)); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); @@ -1523,7 +1526,7 @@ fn test_monitor_update_on_pending_forwards() { let route = nodes[2].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[2].node.send_payment(route, payment_hash_2).unwrap(); + nodes[2].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[2], 1); let mut events = nodes[2].node.get_and_clear_pending_msg_events(); @@ -1582,7 +1585,7 @@ fn monitor_update_claim_fail_no_response() { // Now start forwarding a second payment, skipping the last RAA so B is in AwaitingRAA let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_2).unwrap(); + nodes[0].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -1592,7 +1595,7 @@ fn monitor_update_claim_fail_no_response() { let as_raa = commitment_signed_dance!(nodes[1], nodes[0], payment_event.commitment_msg, false, true, false, true); *nodes[1].chan_monitor.update_ret.lock().unwrap() = Err(ChannelMonitorUpdateErr::TemporaryFailure); - assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000)); check_added_monitors!(nodes[1], 1); let events = nodes[1].node.get_and_clear_pending_msg_events(); assert_eq!(events.len(), 0); diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 5debaa8ad..55cda5f3b 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -284,11 +284,14 @@ pub(super) struct ChannelHolder { /// guarantees are made about the existence of a channel with the short id here, nor the short /// ids in the PendingHTLCInfo! pub(super) forward_htlcs: HashMap>, - /// Tracks things that were to us and can be failed/claimed by the user + /// (payment_hash, payment_secret) -> Vec for tracking things that + /// were to us and can be failed/claimed by the user /// Note that while this is held in the same mutex as the channels themselves, no consistency /// guarantees are made about the channels given here actually existing anymore by the time you /// go to read them! - claimable_htlcs: HashMap>, + /// TODO: We need to time out HTLCs sitting here which are waiting on other AMP HTLCs to + /// arrive. + claimable_htlcs: HashMap<(PaymentHash, Option<[u8; 32]>), Vec>, /// Messages to send to peers - pushed to in the same lock that they are generated in (except /// for broadcast messages, where ordering isn't as strict). pub(super) pending_msg_events: Vec, @@ -1193,7 +1196,14 @@ impl ChannelMan /// In case of APIError::MonitorUpdateFailed, the commitment update has been irrevocably /// committed on our end and we're just waiting for a monitor update to send it. Do NOT retry /// the payment via a different route unless you intend to pay twice! - pub fn send_payment(&self, route: Route, payment_hash: PaymentHash) -> Result<(), APIError> { + /// + /// payment_secret is unrelated to payment_hash (or PaymentPreimage) and exists to authenticate + /// the sender to the recipient and prevent payment-probing (deanonymization) attacks. For + /// newer nodes, it will be provided to you in the invoice. If you do not have one, the Route + /// must not contain multiple paths as otherwise the multipath data cannot be sent. + /// If a payment_secret *is* provided, we assume that the invoice had the basic_mpp feature bit + /// set (either as required or as available). + pub fn send_payment(&self, route: Route, payment_hash: PaymentHash, payment_secret: Option<&[u8; 32]>) -> Result<(), APIError> { if route.hops.len() < 1 || route.hops.len() > 20 { return Err(APIError::RouteError{err: "Route didn't go anywhere/had bogus size"}); } @@ -1210,7 +1220,7 @@ impl ChannelMan let onion_keys = secp_call!(onion_utils::construct_onion_keys(&self.secp_ctx, &route, &session_priv), APIError::RouteError{err: "Pubkey along hop was maliciously selected"}); - let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height)?; + let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, payment_secret, cur_height)?; if onion_utils::route_size_insane(&onion_payloads) { return Err(APIError::RouteError{err: "Route size too large considering onion data"}); } @@ -1426,7 +1436,9 @@ impl ChannelMan htlc_id: prev_htlc_id, incoming_packet_shared_secret: forward_info.incoming_shared_secret, }); - failed_forwards.push((htlc_source, forward_info.payment_hash, 0x4000 | 10, None)); + failed_forwards.push((htlc_source, forward_info.payment_hash, + HTLCFailReason::Reason { failure_code: 0x1000 | 7, data: Vec::new() } + )); }, HTLCForwardInfo::FailHTLC { .. } => { // Channel went away before we could fail it. This implies @@ -1462,7 +1474,9 @@ impl ChannelMan panic!("Stated return value requirements in send_htlc() were not met"); } let chan_update = self.get_channel_update(chan.get()).unwrap(); - failed_forwards.push((htlc_source, payment_hash, 0x1000 | 7, Some(chan_update))); + failed_forwards.push((htlc_source, payment_hash, + HTLCFailReason::Reason { failure_code: 0x1000 | 7, data: chan_update.encode_with_len() } + )); continue; }, Ok(update_add) => { @@ -1571,15 +1585,48 @@ impl ChannelMan htlc_id: prev_htlc_id, incoming_packet_shared_secret: incoming_shared_secret, }; - channel_state.claimable_htlcs.entry(payment_hash).or_insert(Vec::new()).push(ClaimableHTLC { + + let mut total_value = 0; + let htlcs = channel_state.claimable_htlcs.entry((payment_hash, if let &Some(ref data) = &payment_data { + Some(data.payment_secret.clone()) } else { None })) + .or_insert(Vec::new()); + htlcs.push(ClaimableHTLC { src: prev_hop_data, value: amt_to_forward, - payment_data, - }); - new_events.push(events::Event::PaymentReceived { - payment_hash: payment_hash, - amt: amt_to_forward, + payment_data: payment_data.clone(), }); + if let &Some(ref data) = &payment_data { + for htlc in htlcs.iter() { + total_value += htlc.value; + if htlc.payment_data.as_ref().unwrap().total_msat != data.total_msat { + total_value = msgs::MAX_VALUE_MSAT; + } + if total_value >= msgs::MAX_VALUE_MSAT { break; } + } + if total_value >= msgs::MAX_VALUE_MSAT { + for htlc in htlcs.iter() { + failed_forwards.push((HTLCSource::PreviousHopData(HTLCPreviousHopData { + short_channel_id: htlc.src.short_channel_id, + htlc_id: htlc.src.htlc_id, + incoming_packet_shared_secret: htlc.src.incoming_packet_shared_secret, + }), payment_hash, + HTLCFailReason::Reason { failure_code: 0x4000 | 15, data: byte_utils::be64_to_array(htlc.value).to_vec() } + )); + } + } else if total_value >= data.total_msat { + new_events.push(events::Event::PaymentReceived { + payment_hash: payment_hash, + payment_secret: Some(data.payment_secret), + amt: total_value, + }); + } + } else { + new_events.push(events::Event::PaymentReceived { + payment_hash: payment_hash, + payment_secret: None, + amt: amt_to_forward, + }); + } }, HTLCForwardInfo::AddHTLC { .. } => { panic!("short_channel_id == 0 should imply any pending_forward entries are of type Receive"); @@ -1593,11 +1640,8 @@ impl ChannelMan } } - for (htlc_source, payment_hash, failure_code, update) in failed_forwards.drain(..) { - match update { - None => self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, HTLCFailReason::Reason { failure_code, data: Vec::new() }), - Some(chan_update) => self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, HTLCFailReason::Reason { failure_code, data: chan_update.encode_with_len() }), - }; + for (htlc_source, payment_hash, failure_reason) in failed_forwards.drain(..) { + self.fail_htlc_backwards_internal(self.channel_state.lock().unwrap(), htlc_source, &payment_hash, failure_reason); } if handle_errors.len() > 0 { @@ -1642,11 +1686,11 @@ impl ChannelMan /// along the path (including in our own channel on which we received it). /// Returns false if no payment was found to fail backwards, true if the process of failing the /// HTLC backwards has been started. - pub fn fail_htlc_backwards(&self, payment_hash: &PaymentHash) -> bool { + pub fn fail_htlc_backwards(&self, payment_hash: &PaymentHash, payment_secret: &Option<[u8; 32]>) -> bool { let _ = self.total_consistency_lock.read().unwrap(); let mut channel_state = Some(self.channel_state.lock().unwrap()); - let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(payment_hash); + let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&(*payment_hash, *payment_secret)); if let Some(mut sources) = removed_source { for htlc in sources.drain(..) { if channel_state.is_none() { channel_state = Some(self.channel_state.lock().unwrap()); } @@ -1768,13 +1812,13 @@ impl ChannelMan /// motivated attackers. /// /// May panic if called except in response to a PaymentReceived event. - pub fn claim_funds(&self, payment_preimage: PaymentPreimage, expected_amount: u64) -> bool { + pub fn claim_funds(&self, payment_preimage: PaymentPreimage, payment_secret: &Option<[u8; 32]>, expected_amount: u64) -> bool { let payment_hash = PaymentHash(Sha256::hash(&payment_preimage.0).into_inner()); let _ = self.total_consistency_lock.read().unwrap(); let mut channel_state = Some(self.channel_state.lock().unwrap()); - let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&payment_hash); + let removed_source = channel_state.as_mut().unwrap().claimable_htlcs.remove(&(payment_hash, *payment_secret)); if let Some(mut sources) = removed_source { for htlc in sources.drain(..) { if channel_state.is_none() { channel_state = Some(self.channel_state.lock().unwrap()); } diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs index 945a0dde0..10ccb75ab 100644 --- a/lightning/src/ln/functional_test_utils.rs +++ b/lightning/src/ln/functional_test_utils.rs @@ -678,8 +678,9 @@ macro_rules! expect_payment_received { let events = $node.node.get_and_clear_pending_events(); assert_eq!(events.len(), 1); match events[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!($expected_payment_hash, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!($expected_recv_value, amt); }, _ => panic!("Unexpected event"), @@ -714,9 +715,9 @@ macro_rules! expect_payment_failed { } } -pub fn send_along_route_with_hash<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, route: Route, expected_route: &[&Node<'a, 'b, 'c>], recv_value: u64, our_payment_hash: PaymentHash) { +pub fn send_along_route_with_secret<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, route: Route, expected_route: &[&Node<'a, 'b, 'c>], recv_value: u64, our_payment_hash: PaymentHash, our_payment_secret: Option<[u8; 32]>) { let mut payment_event = { - origin_node.node.send_payment(route, our_payment_hash).unwrap(); + origin_node.node.send_payment(route, our_payment_hash, our_payment_secret.as_ref()).unwrap(); check_added_monitors!(origin_node, 1); let mut events = origin_node.node.get_and_clear_pending_msg_events(); @@ -738,8 +739,9 @@ pub fn send_along_route_with_hash<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, ro let events_2 = node.node.get_and_clear_pending_events(); assert_eq!(events_2.len(), 1); match events_2[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(our_payment_hash, *payment_hash); + assert_eq!(our_payment_secret, *payment_secret); assert_eq!(amt, recv_value); }, _ => panic!("Unexpected event"), @@ -756,14 +758,18 @@ pub fn send_along_route_with_hash<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, ro } } +pub fn send_along_route_with_hash<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, route: Route, expected_route: &[&Node<'a, 'b, 'c>], recv_value: u64, our_payment_hash: PaymentHash) { + send_along_route_with_secret(origin_node, route, expected_route, recv_value, our_payment_hash, None); +} + pub fn send_along_route<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, route: Route, expected_route: &[&Node<'a, 'b, 'c>], recv_value: u64) -> (PaymentPreimage, PaymentHash) { let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(origin_node); send_along_route_with_hash(origin_node, route, expected_route, recv_value, our_payment_hash); (our_payment_preimage, our_payment_hash) } -pub fn claim_payment_along_route<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_route: &[&Node<'a, 'b, 'c>], skip_last: bool, our_payment_preimage: PaymentPreimage, expected_amount: u64) { - assert!(expected_route.last().unwrap().node.claim_funds(our_payment_preimage, expected_amount)); +pub fn claim_payment_along_route_with_secret<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_route: &[&Node<'a, 'b, 'c>], skip_last: bool, our_payment_preimage: PaymentPreimage, our_payment_secret: Option<[u8; 32]>, expected_amount: u64) { + assert!(expected_route.last().unwrap().node.claim_funds(our_payment_preimage, &our_payment_secret, expected_amount)); check_added_monitors!(expected_route.last().unwrap(), 1); let mut next_msgs: Option<(msgs::UpdateFulfillHTLC, msgs::CommitmentSigned)> = None; @@ -840,6 +846,10 @@ pub fn claim_payment_along_route<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, exp } } +pub fn claim_payment_along_route<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_route: &[&Node<'a, 'b, 'c>], skip_last: bool, our_payment_preimage: PaymentPreimage, expected_amount: u64) { + claim_payment_along_route_with_secret(origin_node, expected_route, skip_last, our_payment_preimage, None, expected_amount); +} + pub fn claim_payment<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_route: &[&Node<'a, 'b, 'c>], our_payment_preimage: PaymentPreimage, expected_amount: u64) { claim_payment_along_route(origin_node, expected_route, false, our_payment_preimage, expected_amount); } @@ -865,7 +875,7 @@ pub fn route_over_limit<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_rou let (_, our_payment_hash) = get_payment_preimage_hash!(origin_node); - let err = origin_node.node.send_payment(route, our_payment_hash).err().unwrap(); + let err = origin_node.node.send_payment(route, our_payment_hash, None).err().unwrap(); match err { APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept"), _ => panic!("Unknown error variants"), @@ -878,7 +888,7 @@ pub fn send_payment<'a, 'b, 'c>(origin: &Node<'a, 'b, 'c>, expected_route: &[&No } pub fn fail_payment_along_route<'a, 'b, 'c>(origin_node: &Node<'a, 'b, 'c>, expected_route: &[&Node<'a, 'b, 'c>], skip_last: bool, our_payment_hash: PaymentHash) { - assert!(expected_route.last().unwrap().node.fail_htlc_backwards(&our_payment_hash)); + assert!(expected_route.last().unwrap().node.fail_htlc_backwards(&our_payment_hash, &None)); expect_pending_htlcs_forwardable!(expected_route.last().unwrap()); check_added_monitors!(expected_route.last().unwrap(), 1); diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs index 089ac9ca7..b9e91f873 100644 --- a/lightning/src/ln/functional_tests.rs +++ b/lightning/src/ln/functional_tests.rs @@ -155,7 +155,7 @@ fn test_async_inbound_update_fee() { // ...but before it's delivered, nodes[1] starts to send a payment back to nodes[0]... let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash).unwrap(); + nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash, None).unwrap(); check_added_monitors!(nodes[1], 1); let payment_event = { @@ -251,7 +251,7 @@ fn test_update_fee_unordered_raa() { // ...but before it's delivered, nodes[1] starts to send a payment back to nodes[0]... let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash).unwrap(); + nodes[1].node.send_payment(nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &Vec::new(), 40000, TEST_FINAL_CLTV).unwrap(), our_payment_hash, None).unwrap(); check_added_monitors!(nodes[1], 1); let payment_event = { @@ -644,7 +644,7 @@ fn test_update_fee_with_fundee_update_add_htlc() { let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[1]); // nothing happens since node[1] is in AwaitingRemoteRevoke - nodes[1].node.send_payment(route, our_payment_hash).unwrap(); + nodes[1].node.send_payment(route, our_payment_hash, None).unwrap(); { let mut added_monitors = nodes[0].chan_monitor.added_monitors.lock().unwrap(); assert_eq!(added_monitors.len(), 0); @@ -863,12 +863,12 @@ fn updates_shutdown_wait() { assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); let (_, payment_hash) = get_payment_preimage_hash!(nodes[0]); - if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route_1, payment_hash) {} + if let Err(APIError::ChannelUnavailable {..}) = nodes[0].node.send_payment(route_1, payment_hash, None) {} else { panic!("New sends should fail!") }; - if let Err(APIError::ChannelUnavailable {..}) = nodes[1].node.send_payment(route_2, payment_hash) {} + if let Err(APIError::ChannelUnavailable {..}) = nodes[1].node.send_payment(route_2, payment_hash, None) {} else { panic!("New sends should fail!") }; - assert!(nodes[2].node.claim_funds(our_payment_preimage, 100_000)); + assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 100_000)); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -926,7 +926,7 @@ fn htlc_fail_async_shutdown() { let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); assert_eq!(updates.update_add_htlcs.len(), 1); @@ -1047,7 +1047,7 @@ fn do_test_shutdown_rebroadcast(recv_count: u8) { assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); - assert!(nodes[2].node.claim_funds(our_payment_preimage, 100_000)); + assert!(nodes[2].node.claim_funds(our_payment_preimage, &None, 100_000)); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -1306,7 +1306,7 @@ fn holding_cell_htlc_counting() { for _ in 0..::ln::channel::OUR_MAX_HTLCS { let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage, payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[1].node.send_payment(route, payment_hash).unwrap(); + nodes[1].node.send_payment(route, payment_hash, None).unwrap(); payments.push((payment_preimage, payment_hash)); } check_added_monitors!(nodes[1], 1); @@ -1321,7 +1321,7 @@ fn holding_cell_htlc_counting() { // another HTLC. let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap(); let (_, payment_hash_1) = get_payment_preimage_hash!(nodes[0]); - if let APIError::ChannelUnavailable { err } = nodes[1].node.send_payment(route, payment_hash_1).unwrap_err() { + if let APIError::ChannelUnavailable { err } = nodes[1].node.send_payment(route, payment_hash_1, None).unwrap_err() { assert_eq!(err, "Cannot push more than their max accepted HTLCs"); } else { panic!("Unexpected event"); } assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); @@ -1330,7 +1330,7 @@ fn holding_cell_htlc_counting() { // This should also be true if we try to forward a payment. let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 100000, TEST_FINAL_CLTV).unwrap(); let (_, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash_2).unwrap(); + nodes[0].node.send_payment(route, payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -1471,7 +1471,7 @@ fn test_duplicate_htlc_different_direction_onchain() { send_along_route_with_hash(&nodes[1], route, &vec!(&nodes[0])[..], 800_000, payment_hash); // Provide preimage to node 0 by claiming payment - nodes[0].node.claim_funds(payment_preimage, 800_000); + nodes[0].node.claim_funds(payment_preimage, &None, 800_000); check_added_monitors!(nodes[0], 1); // Broadcast node 1 commitment txn @@ -1563,7 +1563,7 @@ fn do_channel_reserve_test(test_recv: bool) { { let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_0 + 1); assert!(route.hops.iter().rev().skip(1).all(|h| h.fee_msat == feemsat)); - let err = nodes[0].node.send_payment(route, our_payment_hash).err().unwrap(); + let err = nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap(); match err { APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept"), _ => panic!("Unknown error variants"), @@ -1601,7 +1601,7 @@ fn do_channel_reserve_test(test_recv: bool) { let recv_value = stat01.value_to_self_msat - stat01.channel_reserve_msat - total_fee_msat; // attempt to get channel_reserve violation let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value + 1); - let err = nodes[0].node.send_payment(route.clone(), our_payment_hash).err().unwrap(); + let err = nodes[0].node.send_payment(route.clone(), our_payment_hash, None).err().unwrap(); match err { APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"), _ => panic!("Unknown error variants"), @@ -1616,7 +1616,7 @@ fn do_channel_reserve_test(test_recv: bool) { let (route_1, our_payment_hash_1, our_payment_preimage_1) = get_route_and_payment_hash!(recv_value_1); let payment_event_1 = { - nodes[0].node.send_payment(route_1, our_payment_hash_1).unwrap(); + nodes[0].node.send_payment(route_1, our_payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -1629,7 +1629,7 @@ fn do_channel_reserve_test(test_recv: bool) { let recv_value_2 = stat01.value_to_self_msat - amt_msat_1 - stat01.channel_reserve_msat - total_fee_msat; { let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_2 + 1); - match nodes[0].node.send_payment(route, our_payment_hash).err().unwrap() { + match nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap() { APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"), _ => panic!("Unknown error variants"), } @@ -1652,7 +1652,7 @@ fn do_channel_reserve_test(test_recv: bool) { let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1; let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route, &session_priv).unwrap(); - let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap(); + let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap(); let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash); let msg = msgs::UpdateAddHTLC { channel_id: chan_1.2, @@ -1685,7 +1685,7 @@ fn do_channel_reserve_test(test_recv: bool) { // now see if they go through on both sides let (route_21, our_payment_hash_21, our_payment_preimage_21) = get_route_and_payment_hash!(recv_value_21); // but this will stuck in the holding cell - nodes[0].node.send_payment(route_21, our_payment_hash_21).unwrap(); + nodes[0].node.send_payment(route_21, our_payment_hash_21, None).unwrap(); check_added_monitors!(nodes[0], 0); let events = nodes[0].node.get_and_clear_pending_events(); assert_eq!(events.len(), 0); @@ -1693,7 +1693,7 @@ fn do_channel_reserve_test(test_recv: bool) { // test with outbound holding cell amount > 0 { let (route, our_payment_hash, _) = get_route_and_payment_hash!(recv_value_22+1); - match nodes[0].node.send_payment(route, our_payment_hash).err().unwrap() { + match nodes[0].node.send_payment(route, our_payment_hash, None).err().unwrap() { APIError::ChannelUnavailable{err} => assert_eq!(err, "Cannot send value that would put us over their reserve value"), _ => panic!("Unknown error variants"), } @@ -1703,7 +1703,7 @@ fn do_channel_reserve_test(test_recv: bool) { let (route_22, our_payment_hash_22, our_payment_preimage_22) = get_route_and_payment_hash!(recv_value_22); // this will also stuck in the holding cell - nodes[0].node.send_payment(route_22, our_payment_hash_22).unwrap(); + nodes[0].node.send_payment(route_22, our_payment_hash_22, None).unwrap(); check_added_monitors!(nodes[0], 0); assert!(nodes[0].node.get_and_clear_pending_events().is_empty()); assert!(nodes[0].node.get_and_clear_pending_msg_events().is_empty()); @@ -1753,15 +1753,17 @@ fn do_channel_reserve_test(test_recv: bool) { let events = nodes[2].node.get_and_clear_pending_events(); assert_eq!(events.len(), 2); match events[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(our_payment_hash_21, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!(recv_value_21, amt); }, _ => panic!("Unexpected event"), } match events[1] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(our_payment_hash_22, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!(recv_value_22, amt); }, _ => panic!("Unexpected event"), @@ -1825,7 +1827,7 @@ fn channel_reserve_in_flight_removes() { let (payment_preimage_3, payment_hash_3) = get_payment_preimage_hash!(nodes[0]); let send_1 = { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap(); - nodes[0].node.send_payment(route, payment_hash_3).unwrap(); + nodes[0].node.send_payment(route, payment_hash_3, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); assert_eq!(events.len(), 1); @@ -1834,13 +1836,13 @@ fn channel_reserve_in_flight_removes() { // Now claim both of the first two HTLCs on B's end, putting B in AwaitingRAA and generating an // initial fulfill/CS. - assert!(nodes[1].node.claim_funds(payment_preimage_1, b_chan_values.channel_reserve_msat - b_chan_values.value_to_self_msat - 10000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, b_chan_values.channel_reserve_msat - b_chan_values.value_to_self_msat - 10000)); check_added_monitors!(nodes[1], 1); let bs_removes = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); // This claim goes in B's holding cell, allowing us to have a pending B->A RAA which does not // remove the second HTLC when we send the HTLC back from B to A. - assert!(nodes[1].node.claim_funds(payment_preimage_2, 20000)); + assert!(nodes[1].node.claim_funds(payment_preimage_2, &None, 20000)); check_added_monitors!(nodes[1], 1); assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); @@ -1897,7 +1899,7 @@ fn channel_reserve_in_flight_removes() { let (payment_preimage_4, payment_hash_4) = get_payment_preimage_hash!(nodes[1]); let send_2 = { let route = nodes[1].router.get_route(&nodes[0].node.get_our_node_id(), None, &[], 10000, TEST_FINAL_CLTV).unwrap(); - nodes[1].node.send_payment(route, payment_hash_4).unwrap(); + nodes[1].node.send_payment(route, payment_hash_4, None).unwrap(); check_added_monitors!(nodes[1], 1); let mut events = nodes[1].node.get_and_clear_pending_msg_events(); assert_eq!(events.len(), 1); @@ -1987,7 +1989,7 @@ fn channel_monitor_network_test() { macro_rules! claim_funds { ($node: expr, $prev_node: expr, $preimage: expr, $amount: expr) => { { - assert!($node.node.claim_funds($preimage, $amount)); + assert!($node.node.claim_funds($preimage, &None, $amount)); check_added_monitors!($node, 1); let events = $node.node.get_and_clear_pending_msg_events(); @@ -2425,8 +2427,8 @@ fn test_htlc_on_chain_success() { let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn(); assert_eq!(commitment_tx.len(), 1); check_spends!(commitment_tx[0], chan_2.3.clone()); - nodes[2].node.claim_funds(our_payment_preimage, 3_000_000); - nodes[2].node.claim_funds(our_payment_preimage_2, 3_000_000); + nodes[2].node.claim_funds(our_payment_preimage, &None, 3_000_000); + nodes[2].node.claim_funds(our_payment_preimage_2, &None, 3_000_000); check_added_monitors!(nodes[2], 2); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -2592,7 +2594,7 @@ fn test_htlc_on_chain_timeout() { // Broadcast legit commitment tx from C on B's chain let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn(); check_spends!(commitment_tx[0], chan_2.3.clone()); - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); check_added_monitors!(nodes[2], 0); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); @@ -2781,7 +2783,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use let (_, second_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], value); let (_, third_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], value); - assert!(nodes[2].node.fail_htlc_backwards(&first_payment_hash)); + assert!(nodes[2].node.fail_htlc_backwards(&first_payment_hash, &None)); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); @@ -2794,7 +2796,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use let bs_raa = commitment_signed_dance!(nodes[1], nodes[2], updates.commitment_signed, false, true, false, true); // Drop the last RAA from 3 -> 2 - assert!(nodes[2].node.fail_htlc_backwards(&second_payment_hash)); + assert!(nodes[2].node.fail_htlc_backwards(&second_payment_hash, &None)); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); @@ -2811,7 +2813,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use nodes[2].node.handle_revoke_and_ack(&nodes[1].node.get_our_node_id(), &as_raa); check_added_monitors!(nodes[2], 1); - assert!(nodes[2].node.fail_htlc_backwards(&third_payment_hash)); + assert!(nodes[2].node.fail_htlc_backwards(&third_payment_hash, &None)); expect_pending_htlcs_forwardable!(nodes[2]); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); @@ -2834,7 +2836,7 @@ fn do_test_commitment_revoked_fail_backward_exhaustive(deliver_bs_raa: bool, use // on nodes[2]'s RAA. let route = nodes[1].router.get_route(&nodes[2].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (_, fourth_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[1].node.send_payment(route, fourth_payment_hash).unwrap(); + nodes[1].node.send_payment(route, fourth_payment_hash, None).unwrap(); assert!(nodes[1].node.get_and_clear_pending_msg_events().is_empty()); assert!(nodes[1].node.get_and_clear_pending_events().is_empty()); check_added_monitors!(nodes[1], 0); @@ -3006,7 +3008,7 @@ fn test_force_close_fail_back() { let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); let mut payment_event = { - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -3174,7 +3176,7 @@ fn do_test_drop_messages_peer_disconnect(messages_delivered: u8) { let (payment_preimage_1, payment_hash_1) = get_payment_preimage_hash!(nodes[0]); let payment_event = { - nodes[0].node.send_payment(route.clone(), payment_hash_1).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash_1, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -3249,14 +3251,15 @@ fn do_test_drop_messages_peer_disconnect(messages_delivered: u8) { let events_2 = nodes[1].node.get_and_clear_pending_events(); assert_eq!(events_2.len(), 1); match events_2[0] { - Event::PaymentReceived { ref payment_hash, amt } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt } => { assert_eq!(payment_hash_1, *payment_hash); + assert_eq!(*payment_secret, None); assert_eq!(amt, 1000000); }, _ => panic!("Unexpected event"), } - nodes[1].node.claim_funds(payment_preimage_1, 1_000_000); + nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000); check_added_monitors!(nodes[1], 1); let events_3 = nodes[1].node.get_and_clear_pending_msg_events(); @@ -3465,7 +3468,7 @@ fn test_drop_messages_peer_disconnect_dual_htlc() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), 1000000, TEST_FINAL_CLTV).unwrap(); let (payment_preimage_2, payment_hash_2) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route.clone(), payment_hash_2).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash_2, None).unwrap(); check_added_monitors!(nodes[0], 1); let events_1 = nodes[0].node.get_and_clear_pending_msg_events(); @@ -3475,7 +3478,7 @@ fn test_drop_messages_peer_disconnect_dual_htlc() { _ => panic!("Unexpected event"), } - assert!(nodes[1].node.claim_funds(payment_preimage_1, 1_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage_1, &None, 1_000_000)); check_added_monitors!(nodes[1], 1); let events_2 = nodes[1].node.get_and_clear_pending_msg_events(); @@ -3578,8 +3581,9 @@ fn test_drop_messages_peer_disconnect_dual_htlc() { let events_5 = nodes[1].node.get_and_clear_pending_events(); assert_eq!(events_5.len(), 1); match events_5[0] { - Event::PaymentReceived { ref payment_hash, amt: _ } => { + Event::PaymentReceived { ref payment_hash, ref payment_secret, amt: _ } => { assert_eq!(payment_hash_2, *payment_hash); + assert_eq!(*payment_secret, None); }, _ => panic!("Unexpected event"), } @@ -4100,7 +4104,7 @@ fn test_static_spendable_outputs_preimage_tx() { // Settle A's commitment tx on B's chain let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 }; - assert!(nodes[1].node.claim_funds(payment_preimage, 3_000_000)); + assert!(nodes[1].node.claim_funds(payment_preimage, &None, 3_000_000)); check_added_monitors!(nodes[1], 1); nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![commitment_tx[0].clone()] }, 1); let events = nodes[1].node.get_and_clear_pending_msg_events(); @@ -4282,7 +4286,7 @@ fn test_onchain_to_onchain_claim() { let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42}; let commitment_tx = nodes[2].node.channel_state.lock().unwrap().by_id.get_mut(&chan_2.2).unwrap().channel_monitor().get_latest_local_commitment_txn(); check_spends!(commitment_tx[0], chan_2.3.clone()); - nodes[2].node.claim_funds(payment_preimage, 3_000_000); + nodes[2].node.claim_funds(payment_preimage, &None, 3_000_000); check_added_monitors!(nodes[2], 1); let updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); assert!(updates.update_add_htlcs.is_empty()); @@ -4396,7 +4400,7 @@ fn test_duplicate_payment_hash_one_failure_one_success() { htlc_timeout_tx = node_txn[1].clone(); } - nodes[2].node.claim_funds(our_payment_preimage, 900_000); + nodes[2].node.claim_funds(our_payment_preimage, &None, 900_000); nodes[2].block_notifier.block_connected(&Block { header, txdata: vec![commitment_txn[0].clone()] }, 1); check_added_monitors!(nodes[2], 2); let events = nodes[2].node.get_and_clear_pending_msg_events(); @@ -4492,7 +4496,7 @@ fn test_dynamic_spendable_outputs_local_htlc_success_tx() { check_spends!(local_txn[0], chan_1.3.clone()); // Give B knowledge of preimage to be able to generate a local HTLC-Success Tx - nodes[1].node.claim_funds(payment_preimage, 9_000_000); + nodes[1].node.claim_funds(payment_preimage, &None, 9_000_000); check_added_monitors!(nodes[1], 1); let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 }; nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![local_txn[0].clone()] }, 1); @@ -4586,10 +4590,10 @@ fn do_test_fail_backwards_unrevoked_remote_announce(deliver_last_raa: bool, anno // Now fail back three of the over-dust-limit and three of the under-dust-limit payments in one go. // Fail 0th below-dust, 4th above-dust, 8th above-dust, 10th below-dust HTLCs - assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_1)); - assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_3)); - assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_5)); - assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_6)); + assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_1, &None)); + assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_3, &None)); + assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_5, &None)); + assert!(nodes[4].node.fail_htlc_backwards(&payment_hash_6, &None)); check_added_monitors!(nodes[4], 0); expect_pending_htlcs_forwardable!(nodes[4]); check_added_monitors!(nodes[4], 1); @@ -4602,8 +4606,8 @@ fn do_test_fail_backwards_unrevoked_remote_announce(deliver_last_raa: bool, anno commitment_signed_dance!(nodes[3], nodes[4], four_removes.commitment_signed, false); // Fail 3rd below-dust and 7th above-dust HTLCs - assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_2)); - assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_4)); + assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_2, &None)); + assert!(nodes[5].node.fail_htlc_backwards(&payment_hash_4, &None)); check_added_monitors!(nodes[5], 0); expect_pending_htlcs_forwardable!(nodes[5]); check_added_monitors!(nodes[5], 1); @@ -4843,7 +4847,7 @@ fn do_htlc_claim_local_commitment_only(use_dust: bool) { // Claim the payment, but don't deliver A's commitment_signed, resulting in the HTLC only being // present in B's local commitment transaction, but none of A's commitment transactions. - assert!(nodes[1].node.claim_funds(our_payment_preimage, if use_dust { 50_000 } else { 3_000_000 })); + assert!(nodes[1].node.claim_funds(our_payment_preimage, &None, if use_dust { 50_000 } else { 3_000_000 })); check_added_monitors!(nodes[1], 1); let bs_updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id()); @@ -4881,7 +4885,7 @@ fn do_htlc_claim_current_remote_commitment_only(use_dust: bool) { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &Vec::new(), if use_dust { 50000 } else { 3000000 }, TEST_FINAL_CLTV).unwrap(); let (_, payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, payment_hash).unwrap(); + nodes[0].node.send_payment(route, payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let _as_update = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); @@ -4913,7 +4917,7 @@ fn do_htlc_claim_previous_remote_commitment_only(use_dust: bool, check_revoke_no // actually revoked. let htlc_value = if use_dust { 50000 } else { 3000000 }; let (_, our_payment_hash) = route_payment(&nodes[0], &[&nodes[1]], htlc_value); - assert!(nodes[1].node.fail_htlc_backwards(&our_payment_hash)); + assert!(nodes[1].node.fail_htlc_backwards(&our_payment_hash, &None)); expect_pending_htlcs_forwardable!(nodes[1]); check_added_monitors!(nodes[1], 1); @@ -5027,7 +5031,7 @@ fn run_onion_failure_test_with_fail_intercept(_name: &str, test_case: } // 0 ~~> 2 send payment - nodes[0].node.send_payment(route.clone(), payment_hash.clone()).unwrap(); + nodes[0].node.send_payment(route.clone(), payment_hash.clone(), None).unwrap(); check_added_monitors!(nodes[0], 1); let update_0 = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); // temper update_add (0 => 1) @@ -5219,7 +5223,7 @@ fn test_onion_failure() { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1; let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); - let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap(); + let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap(); let mut new_payloads = Vec::new(); for payload in onion_payloads.drain(..) { new_payloads.push(BogusOnionHopData::new(payload)); @@ -5235,7 +5239,7 @@ fn test_onion_failure() { let session_priv = SecretKey::from_slice(&[3; 32]).unwrap(); let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1; let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); - let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap(); + let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap(); let mut new_payloads = Vec::new(); for payload in onion_payloads.drain(..) { new_payloads.push(BogusOnionHopData::new(payload)); @@ -5266,7 +5270,7 @@ fn test_onion_failure() { let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], NODE|2, &[0;0]); }, ||{ - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); }, true, Some(NODE|2), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: false})); // intermediate node failure @@ -5284,7 +5288,7 @@ fn test_onion_failure() { let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|2, &[0;0]); }, ||{ - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); }, false, Some(PERM|NODE|2), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: true})); // intermediate node failure @@ -5295,7 +5299,7 @@ fn test_onion_failure() { let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[0].shared_secret[..], PERM|NODE|3, &[0;0]); }, ||{ - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); }, true, Some(PERM|NODE|3), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[0].pubkey, is_permanent: true})); // final node failure @@ -5304,7 +5308,7 @@ fn test_onion_failure() { let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); msg.reason = onion_utils::build_first_hop_failure_packet(&onion_keys[1].shared_secret[..], PERM|NODE|3, &[0;0]); }, ||{ - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); }, false, Some(PERM|NODE|3), Some(msgs::HTLCFailChannelUpdate::NodeFailure{node_id: route.hops[1].pubkey, is_permanent: true})); run_onion_failure_test("invalid_onion_version", 0, &nodes, &route, &payment_hash, |msg| { msg.onion_routing_packet.version = 1; }, ||{}, true, @@ -5372,7 +5376,7 @@ fn test_onion_failure() { }, ||{}, true, Some(UPDATE|14), Some(msgs::HTLCFailChannelUpdate::ChannelUpdateMessage{msg: ChannelUpdate::dummy()})); run_onion_failure_test("unknown_payment_hash", 2, &nodes, &route, &payment_hash, |_| {}, || { - nodes[2].node.fail_htlc_backwards(&payment_hash); + nodes[2].node.fail_htlc_backwards(&payment_hash, &None); }, false, Some(PERM|15), None); run_onion_failure_test("final_expiry_too_soon", 1, &nodes, &route, &payment_hash, |msg| { @@ -5420,7 +5424,7 @@ fn test_onion_failure() { let height = 1; route.hops[1].cltv_expiry_delta += CLTV_FAR_FAR_AWAY + route.hops[0].cltv_expiry_delta + 1; let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route, &session_priv).unwrap(); - let (onion_payloads, _, htlc_cltv) = onion_utils::build_onion_payloads(&route, height).unwrap(); + let (onion_payloads, _, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, height).unwrap(); let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash); msg.cltv_expiry = htlc_cltv; msg.onion_routing_packet = onion_packet; @@ -5513,7 +5517,7 @@ fn test_update_add_htlc_bolt2_sender_value_below_minimum_msat() { route.hops[0].fee_msat = 0; - let err = nodes[0].node.send_payment(route, our_payment_hash); + let err = nodes[0].node.send_payment(route, our_payment_hash, None); if let Err(APIError::ChannelUnavailable{err}) = err { assert_eq!(err, "Cannot send less than their minimum HTLC value"); @@ -5536,7 +5540,7 @@ fn test_update_add_htlc_bolt2_sender_cltv_expiry_too_high() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000000, 500000001).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - let err = nodes[0].node.send_payment(route, our_payment_hash); + let err = nodes[0].node.send_payment(route, our_payment_hash, None); if let Err(APIError::RouteError{err}) = err { assert_eq!(err, "Channel CLTV overflowed?!"); @@ -5561,7 +5565,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_num_and_htlc_id_increment() let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); let payment_event = { - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); @@ -5582,7 +5586,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_num_and_htlc_id_increment() } let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - let err = nodes[0].node.send_payment(route, our_payment_hash); + let err = nodes[0].node.send_payment(route, our_payment_hash, None); if let Err(APIError::ChannelUnavailable{err}) = err { assert_eq!(err, "Cannot push more than their max accepted HTLCs"); @@ -5608,7 +5612,7 @@ fn test_update_add_htlc_bolt2_sender_exceed_max_htlc_value_in_flight() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], max_in_flight+1, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - let err = nodes[0].node.send_payment(route, our_payment_hash); + let err = nodes[0].node.send_payment(route, our_payment_hash, None); if let Err(APIError::ChannelUnavailable{err}) = err { assert_eq!(err, "Cannot send value that would put us over the max HTLC value in flight our peer will accept"); @@ -5638,7 +5642,7 @@ fn test_update_add_htlc_bolt2_receiver_check_amount_received_more_than_min() { } let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], htlc_minimum_msat, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); updates.update_add_htlcs[0].amount_msat = htlc_minimum_msat-1; @@ -5661,7 +5665,7 @@ fn test_update_add_htlc_bolt2_receiver_sender_can_afford_amount_sent() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 5000000-their_channel_reserve, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); @@ -5694,7 +5698,7 @@ fn test_update_add_htlc_bolt2_receiver_check_max_htlc_limit() { let cur_height = nodes[0].node.latest_block_height.load(Ordering::Acquire) as u32 + 1; let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::signing_only(), &route, &session_priv).unwrap(); - let (onion_payloads, _htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, cur_height).unwrap(); + let (onion_payloads, _htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route, None, cur_height).unwrap(); let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash); let mut msg = msgs::UpdateAddHTLC { @@ -5728,7 +5732,7 @@ fn test_update_add_htlc_bolt2_receiver_check_max_in_flight_msat() { let chan = create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1000000, 1000000, InitFeatures::supported(), InitFeatures::supported()); let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); updates.update_add_htlcs[0].amount_msat = get_channel_value_stat!(nodes[1], chan.2).their_max_htlc_value_in_flight_msat + 1; @@ -5749,7 +5753,7 @@ fn test_update_add_htlc_bolt2_receiver_check_cltv_expiry() { create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 100000, 95000000, InitFeatures::supported(), InitFeatures::supported()); let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 3999999, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); updates.update_add_htlcs[0].cltv_expiry = 500000000; @@ -5772,7 +5776,7 @@ fn test_update_add_htlc_bolt2_receiver_check_repeated_id_ignore() { create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::supported(), InitFeatures::supported()); let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]); @@ -5817,7 +5821,7 @@ fn test_update_fulfill_htlc_bolt2_update_fulfill_htlc_before_commitment() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (our_payment_preimage, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]); @@ -5847,7 +5851,7 @@ fn test_update_fulfill_htlc_bolt2_update_fail_htlc_before_commitment() { let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]); @@ -5877,7 +5881,7 @@ fn test_update_fulfill_htlc_bolt2_update_fail_malformed_htlc_before_commitment() let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &updates.update_add_htlcs[0]); @@ -5908,7 +5912,7 @@ fn test_update_fulfill_htlc_bolt2_incorrect_htlc_id() { let our_payment_preimage = route_payment(&nodes[0], &[&nodes[1]], 100000).0; - nodes[1].node.claim_funds(our_payment_preimage, 100_000); + nodes[1].node.claim_funds(our_payment_preimage, &None, 100_000); check_added_monitors!(nodes[1], 1); let events = nodes[1].node.get_and_clear_pending_msg_events(); @@ -5948,7 +5952,7 @@ fn test_update_fulfill_htlc_bolt2_wrong_preimage() { let our_payment_preimage = route_payment(&nodes[0], &[&nodes[1]], 100000).0; - nodes[1].node.claim_funds(our_payment_preimage, 100_000); + nodes[1].node.claim_funds(our_payment_preimage, &None, 100_000); check_added_monitors!(nodes[1], 1); let events = nodes[1].node.get_and_clear_pending_msg_events(); @@ -5988,7 +5992,7 @@ fn test_update_fulfill_htlc_bolt2_missing_badonion_bit_for_malformed_htlc_messag create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1000000, 1000000, InitFeatures::supported(), InitFeatures::supported()); let route = nodes[0].router.get_route(&nodes[1].node.get_our_node_id(), None, &[], 1000000, TEST_FINAL_CLTV).unwrap(); let (_, our_payment_hash) = get_payment_preimage_hash!(nodes[0]); - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut updates = get_htlc_update_msgs!(nodes[0], nodes[1].node.get_our_node_id()); @@ -6038,7 +6042,7 @@ fn test_update_fulfill_htlc_bolt2_after_malformed_htlc_message_must_forward_upda //First hop let mut payment_event = { - nodes[0].node.send_payment(route, our_payment_hash).unwrap(); + nodes[0].node.send_payment(route, our_payment_hash, None).unwrap(); check_added_monitors!(nodes[0], 1); let mut events = nodes[0].node.get_and_clear_pending_msg_events(); assert_eq!(events.len(), 1); @@ -6121,7 +6125,7 @@ fn do_test_failure_delay_dust_htlc_local_commitment(announce_latest: bool) { let as_prev_commitment_tx = nodes[0].node.channel_state.lock().unwrap().by_id.get_mut(&chan.2).unwrap().channel_monitor().get_latest_local_commitment_txn(); // Fail one HTLC to prune it in the will-be-latest-local commitment tx - assert!(nodes[1].node.fail_htlc_backwards(&payment_hash_2)); + assert!(nodes[1].node.fail_htlc_backwards(&payment_hash_2, &None)); check_added_monitors!(nodes[1], 0); expect_pending_htlcs_forwardable!(nodes[1]); check_added_monitors!(nodes[1], 1); @@ -6680,7 +6684,7 @@ fn test_check_htlc_underpaying() { // Node 3 is expecting payment of 100_000 but receive 10_000, // fail htlc like we didn't know the preimage. - nodes[1].node.claim_funds(payment_preimage, 100_000); + nodes[1].node.claim_funds(payment_preimage, &None, 100_000); nodes[1].node.process_pending_htlc_forwards(); let events = nodes[1].node.get_and_clear_pending_msg_events(); @@ -7053,7 +7057,7 @@ fn test_bump_penalty_txn_on_remote_commitment() { assert_eq!(remote_txn[0].input[0].previous_output.txid, chan.3.txid()); // Claim a HTLC without revocation (provide B monitor with preimage) - nodes[1].node.claim_funds(payment_preimage, 3_000_000); + nodes[1].node.claim_funds(payment_preimage, &None, 3_000_000); let header = BlockHeader { version: 0x20000000, prev_blockhash: Default::default(), merkle_root: Default::default(), time: 42, bits: 42, nonce: 42 }; nodes[1].block_notifier.block_connected(&Block { header, txdata: vec![remote_txn[0].clone()] }, 1); check_added_monitors!(nodes[1], 1); @@ -7166,8 +7170,8 @@ fn test_set_outpoints_partial_claiming() { // Connect blocks on node A to advance height towards TEST_FINAL_CLTV let prev_header_100 = connect_blocks(&nodes[1].block_notifier, 100, 0, false, Default::default()); // Provide node A with both preimage - nodes[0].node.claim_funds(payment_preimage_1, 3_000_000); - nodes[0].node.claim_funds(payment_preimage_2, 3_000_000); + nodes[0].node.claim_funds(payment_preimage_1, &None, 3_000_000); + nodes[0].node.claim_funds(payment_preimage_2, &None, 3_000_000); check_added_monitors!(nodes[0], 2); nodes[0].node.get_and_clear_pending_events(); nodes[0].node.get_and_clear_pending_msg_events(); @@ -7329,3 +7333,26 @@ fn test_override_channel_config() { assert_eq!(res.channel_flags, 0); assert_eq!(res.to_self_delay, 200); } + +#[test] +fn test_simple_payment_secret() { + // Simple test of sending a payment with a payment_secret present. This does not use any AMP + // features, however. + let chanmon_cfgs = create_chanmon_cfgs(3); + let node_cfgs = create_node_cfgs(3, &chanmon_cfgs); + let node_chanmgrs = create_node_chanmgrs(3, &node_cfgs, &[None, None, None]); + let nodes = create_network(3, &node_cfgs, &node_chanmgrs); + + create_announced_chan_between_nodes(&nodes, 0, 1, InitFeatures::supported(), InitFeatures::supported()); + create_announced_chan_between_nodes(&nodes, 1, 2, InitFeatures::supported(), InitFeatures::supported()); + + let (payment_preimage, payment_hash) = get_payment_preimage_hash!(&nodes[0]); + let (_, payment_secret) = get_payment_preimage_hash!(&nodes[0]); + let route = nodes[0].router.get_route(&nodes[2].node.get_our_node_id(), None, &[], 100000, TEST_FINAL_CLTV).unwrap(); + send_along_route_with_secret(&nodes[0], route, &[&nodes[1], &nodes[2]], 100000, payment_hash, Some(payment_secret.0)); + // Claiming with all the correct values but the wrong secret should result in nothing... + assert_eq!(nodes[2].node.claim_funds(payment_preimage, &None, 100_000), false); + assert_eq!(nodes[2].node.claim_funds(payment_preimage, &Some([42; 32]), 100_000), false); + // ...but with the right secret we should be able to claim all the way back + claim_payment_along_route_with_secret(&nodes[0], &[&nodes[1], &nodes[2]], false, payment_preimage, Some(payment_secret.0), 100_000); +} diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs index a97621045..828f97357 100644 --- a/lightning/src/ln/onion_utils.rs +++ b/lightning/src/ln/onion_utils.rs @@ -108,7 +108,7 @@ pub(super) fn construct_onion_keys(secp_ctx: &Secp256k1 Result<(Vec, u64, u32), APIError> { +pub(super) fn build_onion_payloads(route: &Route, payment_secret_option: Option<&[u8; 32]>, starting_htlc_offset: u32) -> Result<(Vec, u64, u32), APIError> { let mut cur_value_msat = 0u64; let mut cur_cltv = starting_htlc_offset; let mut last_short_channel_id = 0; @@ -124,7 +124,12 @@ pub(super) fn build_onion_payloads(route: &Route, starting_htlc_offset: u32) -> format: if hop.node_features.supports_variable_length_onion() { if idx == 0 { msgs::OnionHopDataFormat::FinalNode { - payment_data: None, + payment_data: if let Some(payment_secret) = payment_secret_option { + Some(msgs::FinalOnionHopData { + payment_secret: payment_secret.clone(), + total_msat: hop.fee_msat, + }) + } else { None }, } } else { msgs::OnionHopDataFormat::NonFinalNode { diff --git a/lightning/src/ln/reorg_tests.rs b/lightning/src/ln/reorg_tests.rs index a1051f5d6..9fb3ec421 100644 --- a/lightning/src/ln/reorg_tests.rs +++ b/lightning/src/ln/reorg_tests.rs @@ -39,7 +39,7 @@ fn do_test_onchain_htlc_reorg(local_commitment: bool, claim: bool) { let (our_payment_preimage, our_payment_hash) = route_payment(&nodes[0], &[&nodes[1], &nodes[2]], 1000000); // Provide preimage to node 2 by claiming payment - nodes[2].node.claim_funds(our_payment_preimage, 1000000); + nodes[2].node.claim_funds(our_payment_preimage, &None, 1000000); check_added_monitors!(nodes[2], 1); get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id()); diff --git a/lightning/src/util/events.rs b/lightning/src/util/events.rs index 2e568263c..a0ebc92cc 100644 --- a/lightning/src/util/events.rs +++ b/lightning/src/util/events.rs @@ -58,6 +58,16 @@ pub enum Event { PaymentReceived { /// The hash for which the preimage should be handed to the ChannelManager. payment_hash: PaymentHash, + /// The "payment secret". This authenticates the sender to the recipient, preventing a + /// number of deanonymization attacks during the routing process. + /// As nodes upgrade, the invoices you provide should likely migrate to setting the + /// var_onion_optin feature to required, at which point you should fail_backwards any HTLCs + /// which have a None here. + /// Until then, however, values of None should be ignored, and only incorrect Some values + /// should result in an HTLC fail_backwards. + /// Note that, in any case, this value must be passed as-is to any fail or claim calls as + /// the HTLC index includes this value. + payment_secret: Option<[u8; 32]>, /// The value, in thousandths of a satoshi, that this payment is for. Note that you must /// compare this to the expected value before accepting the payment (as otherwise you are /// providing proof-of-payment for less than the value you expected!). @@ -119,9 +129,10 @@ impl Writeable for Event { funding_txo.write(writer)?; user_channel_id.write(writer)?; }, - &Event::PaymentReceived { ref payment_hash, ref amt } => { + &Event::PaymentReceived { ref payment_hash, ref payment_secret, ref amt } => { 2u8.write(writer)?; payment_hash.write(writer)?; + payment_secret.write(writer)?; amt.write(writer)?; }, &Event::PaymentSent { ref payment_preimage } => { @@ -164,6 +175,7 @@ impl MaybeReadable for Event { })), 2u8 => Ok(Some(Event::PaymentReceived { payment_hash: Readable::read(reader)?, + payment_secret: Readable::read(reader)?, amt: Readable::read(reader)?, })), 3u8 => Ok(Some(Event::PaymentSent {