]> git.bitcoin.ninja Git - rust-lightning/log
rust-lightning
3 months agoConsolidate sign_closing_transaction callsites to get_closing_signed_msg
Alec Chen [Tue, 2 Jul 2024 05:24:16 +0000 (22:24 -0700)]
Consolidate sign_closing_transaction callsites to get_closing_signed_msg

3 months agoMerge pull request #3192 from jkczyz/2024-07-invoice-error-auth
Matt Corallo [Wed, 14 Aug 2024 18:28:39 +0000 (18:28 +0000)]
Merge pull request #3192 from jkczyz/2024-07-invoice-error-auth

Authenticate `InvoiceError` messages

3 months agoMake PaymentFailureReason downgradable
Jeffrey Czyz [Fri, 9 Aug 2024 16:07:35 +0000 (11:07 -0500)]
Make PaymentFailureReason downgradable

The PaymentFailureReason variants for invoice request failures will
cause downgrades to break. Instead, use a new TLV for the reason and
continue to write the old TLV, only use None for the new reasons.

3 months agoMake PaymentFailureReason upgradable
Jeffrey Czyz [Wed, 7 Aug 2024 22:16:54 +0000 (17:16 -0500)]
Make PaymentFailureReason upgradable

This allows downgrading to version 0.0.124 or later and using None for a
PaymentFailureReason that was added after.

3 months agoAdd PaymentFailureReason::InvoiceRequestRejected
Jeffrey Czyz [Tue, 6 Aug 2024 23:33:51 +0000 (18:33 -0500)]
Add PaymentFailureReason::InvoiceRequestRejected

Instead of re-using PaymentFailureReason::RecipientRejected, define a
new InvoiceRequestRejected variant for when an InvoiceError is received
instead of a Bolt12Invoice. This allows user to differentiate the cause
of the failure.

3 months agoAdd PaymentFailureReason::InvoiceRequestExpired
Jeffrey Czyz [Tue, 6 Aug 2024 23:13:45 +0000 (18:13 -0500)]
Add PaymentFailureReason::InvoiceRequestExpired

Now that Event::PaymentFailed is generated when an InvoiceRequest times
out, define a new PaymentFailureReason for this situation.

3 months agoAdd pending changelog for Event::PaymentFailed
Jeffrey Czyz [Wed, 7 Aug 2024 21:15:35 +0000 (16:15 -0500)]
Add pending changelog for Event::PaymentFailed

3 months agoRemove Event::InvoiceRequestFailed
Jeffrey Czyz [Tue, 6 Aug 2024 22:51:16 +0000 (17:51 -0500)]
Remove Event::InvoiceRequestFailed

Now that Event::PaymentFailed has an option payment_hash, it can be used
in replace of Event::InvoiceRequestFailed. This allows for including a
reason when abandoning a payment before an invoice is received.

3 months agoMake payment_hash optional in Event::PaymentFailed
Jeffrey Czyz [Tue, 6 Aug 2024 22:17:52 +0000 (17:17 -0500)]
Make payment_hash optional in Event::PaymentFailed

When abandoning a BOLT12 payment before a Bolt12Invoice is received, an
Event::InvoiceRequestFailed is generated and the abandonment reason is
lost. Make payment_hash optional in Event::PaymentFailed so that
Event::InvoiceRequestFailed can be removed in favor of it.

3 months agoTest Bolt12Invoice with unknown required features
Jeffrey Czyz [Wed, 31 Jul 2024 22:04:39 +0000 (17:04 -0500)]
Test Bolt12Invoice with unknown required features

3 months agoRemove unused macro param
Jeffrey Czyz [Wed, 31 Jul 2024 21:08:20 +0000 (16:08 -0500)]
Remove unused macro param

3 months agoAdd InvoiceBuilder::features_unchecked
Jeffrey Czyz [Wed, 31 Jul 2024 20:57:14 +0000 (15:57 -0500)]
Add InvoiceBuilder::features_unchecked

In order to test handling of unknown required features in a
Bolt12Invoice, add a test-only function to allow setting arbitrary
feature bits.

3 months agoUse a smaller bit for UnknownFeature
Jeffrey Czyz [Wed, 31 Jul 2024 20:12:40 +0000 (15:12 -0500)]
Use a smaller bit for UnknownFeature

When testing Bolt12Invoice unknown require feature handling, a large
feature bit can cause SendError::TooBigPacket when creating an onion
message. Use a smaller feature bit for UnknownFeature, which also has
the added benefit of reducing test output.

3 months agoMove BOLT12 invoice features check
Jeffrey Czyz [Mon, 29 Jul 2024 21:10:43 +0000 (16:10 -0500)]
Move BOLT12 invoice features check

When handling a BOLT12 invoice, and invoice error is sent if the invoice
contains unknown required features. However, since the payment is still
in state AwaitingInvoice, abandoning it results in losing the reason
since an InvoiceRequestFailed event would be generated. Move the check
to PendingOutboundPayments such that the payment is first moved to state
InvoiceReceived so that a PaymentFailed event is generated instead.

3 months agoDon't include HMAC in Refund paths
Jeffrey Czyz [Fri, 2 Aug 2024 14:39:52 +0000 (09:39 -0500)]
Don't include HMAC in Refund paths

Refunds are typically communicated via QR code, where a smaller size is
desirable. Make the HMAC in OutboundPayment data optional such that it
is elided from blinded paths used in refunds. This prevents abandoning
refunds if the reader sends an invoice_error instead of an invoice
message. However, this use case isn't necessary as the corresponding
outbound payment will either timeout when the refund expires or can be
explicitly abandoned by the creator.

3 months agoDon't use UserAbandoned reason for auto-failing
Jeffrey Czyz [Wed, 24 Jul 2024 22:05:42 +0000 (17:05 -0500)]
Don't use UserAbandoned reason for auto-failing

A BOLT12 payment may be abandoned when handling the invoice or when
receiving an InvoiceError message. When abandoning the payment, don't
use UserAbandoned as the reason since that is meant for when the user
calls ChannelManager::abandon_payment.

3 months agoDon't abandon payments for duplicate invoices
Jeffrey Czyz [Wed, 24 Jul 2024 21:33:02 +0000 (16:33 -0500)]
Don't abandon payments for duplicate invoices

When making an outbound BOLT12 payment, multiple invoices may be
received for the same payment id. Instead of abandoning the payment when
a duplicate invoice received, simply ignore it without responding with
an InvoiceError. This prevents abandoning in-progress payments and
sending unnecessary onion messages.

3 months agoAuthenticate payment_id from OffersContext
Jeffrey Czyz [Thu, 18 Jul 2024 16:54:33 +0000 (11:54 -0500)]
Authenticate payment_id from OffersContext

Before abandoning a payment when receiving an InvoiceError, verify that
the PaymentId included in the OffersContext with the included HMAC. This
prevents a malicious actor sending an InvoiceError with a known payment
id from abandoning our payment.

3 months agoAdd an HMAC to OffersContext::OutboundPayment
Jeffrey Czyz [Thu, 18 Jul 2024 16:45:09 +0000 (11:45 -0500)]
Add an HMAC to OffersContext::OutboundPayment

When receiving an InvoiceError in response to an InvoiceRequest, the
corresponding payment should be abandoned. Add an HMAC to
OffersContext::OutboundPayment such that the payment ID can be
authenticated prior to abandoning the payment.

3 months agoAdd Sha256 HMAC (de)serialization
Jeffrey Czyz [Thu, 18 Jul 2024 16:42:57 +0000 (11:42 -0500)]
Add Sha256 HMAC (de)serialization

An HMAC needs to be included in OffersContext::OutboundPayment to
authenticate the included PaymentId. Implement Readable and Writeable to
allow for this.

3 months agoHMAC construction and verification for PaymentID
Jeffrey Czyz [Thu, 18 Jul 2024 16:38:44 +0000 (11:38 -0500)]
HMAC construction and verification for PaymentID

When receiving an InvoiceError in response to an InvoiceRequest, the
corresponding payment should be abandoned. Add functions for
constructing and verifying an HMAC over a Payment ID to allow for this.

3 months agoMerge pull request #3212 from dunxen/2024-07-sensible-balances
valentinewallace [Wed, 14 Aug 2024 15:22:05 +0000 (11:22 -0400)]
Merge pull request #3212 from dunxen/2024-07-sensible-balances

Accuracy fixes and differentiating sources for `Balance`

3 months agoMerge pull request #3234 from TheBlueMatt/2024-08-lightning-dep-inv
Matt Corallo [Wed, 14 Aug 2024 14:27:39 +0000 (14:27 +0000)]
Merge pull request #3234 from TheBlueMatt/2024-08-lightning-dep-inv

Swap the dep order between `lightning` and `lightning-invoice`

3 months agoMerge pull request #3020 from tnull/2024-04-drop-electrsd-autodownload-for-good
Matt Corallo [Tue, 13 Aug 2024 23:23:43 +0000 (23:23 +0000)]
Merge pull request #3020 from tnull/2024-04-drop-electrsd-autodownload-for-good

Drop `electrsd`'s auto-download feature for good

3 months agoEnable caching for `bitcoind`/`electrs` in CI
Elias Rohrer [Thu, 1 Aug 2024 15:47:45 +0000 (10:47 -0500)]
Enable caching for `bitcoind`/`electrs` in CI

3 months ago`rustfmt` new files added in the past few commits 2024-08-lightning-dep-inv
Matt Corallo [Fri, 9 Aug 2024 15:27:38 +0000 (15:27 +0000)]
`rustfmt` new files added in the past few commits

The past handful of commits were mostly moving code around, so to
aid reviewers violated our `rustfmt` rules. Here we rectify that by
`rustfmt`'ing the newly-added files.

3 months agoPrepare to `rustfmt` newly added files
Matt Corallo [Fri, 9 Aug 2024 15:42:48 +0000 (15:42 +0000)]
Prepare to `rustfmt` newly added files

In the next commit we'll `rustfmt` newly-added files, but before
we do so we clean up some code so that the resulting files won't be
quite as absurd. We also exclude the new `invoice_utils.rs` file,
as it needs quite substantial cleanups.

3 months agoProvide the signer with a full `RawBolt11Invoice` to sign
Matt Corallo [Fri, 9 Aug 2024 02:45:55 +0000 (02:45 +0000)]
Provide the signer with a full `RawBolt11Invoice` to sign

Now that the `lightning` crate depends on the `lightning-invoice`
crate, there's no reason to have the `sign_invoice` method take raw
base32 field elements as we can now give it a real
`RawBolt11Invoice`, which we do here.

This simplifies the interface and avoids a
serialization-deserialization roundtrip when signing invoices in a
validating signer.

FIxes #3227

3 months agoSwap the dep order between `lightning` and `lightning-invoice`
Matt Corallo [Fri, 9 Aug 2024 01:29:48 +0000 (01:29 +0000)]
Swap the dep order between `lightning` and `lightning-invoice`

`lightning-invoice` previously had a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

Here we finally rectify this issue, swapping the dependency order
and making `lightning` depend on `lightning-invoice` rather than
the other way around.

This moves various utilities which were in `lightning-invoice` but
relied on `lightning` payment types to make payments to where they
belong (the `lightning` crate), but doesn't bother with integrating
them well in their new home.

3 months agoAdd a `lightning-types` dependency to `lightning-invoice`
Matt Corallo [Fri, 9 Aug 2024 01:13:25 +0000 (01:13 +0000)]
Add a `lightning-types` dependency to `lightning-invoice`

`lightning-invoice` currently has a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

This takes tees us up for the final step, adding a
`lightning-types` dependency to `lightning-invoice` and using it
for imports rather than the `lightning` crate.

3 months agoUse `check_added_monitors` test utility in invoice utils tests
Matt Corallo [Fri, 9 Aug 2024 13:20:35 +0000 (13:20 +0000)]
Use `check_added_monitors` test utility in invoice utils tests

In a coming commit, the `lightning-invoice::utils` module will move
to the `lightning` crate, causing its tests to be included in the
global lockorder tests done in that crate. This should be fine,
except that the `lightning-invoice::utils` module currently holds
the `added_monitors` lock too long causing lockorder violations.

Instead, this commit replaces the legacy monitors-added test with
the `check_added_monitors` test utility.

3 months agoMove `UntrustedString` and `PrintableString` to `lightning-types`
Matt Corallo [Fri, 9 Aug 2024 01:26:21 +0000 (01:26 +0000)]
Move `UntrustedString` and `PrintableString` to `lightning-types`

`lightning-invoice` currently has a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

This takes one more step, moving the `UntrustedString` and
`PrintableString` types to `lightning-types`.

3 months agoMove `Features` into `lightning-types`
Matt Corallo [Fri, 9 Aug 2024 14:20:50 +0000 (14:20 +0000)]
Move `Features` into `lightning-types`

`lightning-invoice` currently has a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

This takes one more step, moving the `Features` types from
`lightning` to `lightning-types`.

3 months agoReplace usages of `Features::is_subset` and remove it
Matt Corallo [Fri, 9 Aug 2024 14:18:09 +0000 (14:18 +0000)]
Replace usages of `Features::is_subset` and remove it

It turns out all the places we use `Features::is_subset` we could
as well be using `Features::requires_unknown_bits_from`. Further,
in the next commit `Features` will move to a different crate so any
methods which the `lightning` crate uses will need to be public. As
the `is_subset` API is prety confusing (it doesn't consider
optional/required bits, only whether the bits themselves are
strictly a subset) it'd be nice to not have to expose it, which is
enabled here.

3 months agoMove `Rout{ingFees,eHint{,Hop}}` to `lightning-types`
Matt Corallo [Fri, 9 Aug 2024 00:29:25 +0000 (00:29 +0000)]
Move `Rout{ingFees,eHint{,Hop}}` to `lightning-types`

`lightning-invoice` currently has a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

This takes one more step, moving the routing types
`lightning-invoice` uses into `lightning-types`.

3 months agoMove `Payment{Hash,Preimage,Secret}` into a new crate
Matt Corallo [Fri, 9 Aug 2024 00:13:41 +0000 (00:13 +0000)]
Move `Payment{Hash,Preimage,Secret}` into a new crate

`lightning-invoice` currently has a dependency on the entire
`lightning` crate just because it wants to use some of the useful
types from it. This is obviously backwards and leads to some
awkwardness like the BOLT 11 invoice signing API in the `lightning`
crate taking a `[u5]` rather than a `Bolt11Invoice`.

This is the first step towards fixing that - moving the common
types we need into a new `lightning-types` crate which both can
depend on.

Since we're using a new crate and can't depend on the existing
`lightning` hex utility to implement `Display`, we also take this
opportunity to switch to the new `Display` impl macro in
`hex_conservative`.

3 months agoTest claimable balance is expected for forwarded/outbound payments
Duncan Dean [Tue, 30 Jul 2024 18:11:51 +0000 (20:11 +0200)]
Test claimable balance is expected for forwarded/outbound payments

3 months agoIndicate source of balances
Duncan Dean [Thu, 25 Jul 2024 09:54:28 +0000 (11:54 +0200)]
Indicate source of balances

Introduce the `BalanceSource` enum to differentiate between force-close,
coop-close, and HTLCs in `Balance::ClaimableAwaitingConfirmations`.

3 months agoExplain how rounded millisat values are included in overall balance
Matt Corallo [Fri, 29 Sep 2023 18:31:21 +0000 (18:31 +0000)]
Explain how rounded millisat values are included in overall balance

3 months agoTest rounded msat balances
Duncan Dean [Wed, 7 Aug 2024 07:56:46 +0000 (09:56 +0200)]
Test rounded msat balances

3 months agoInclude rounded msat balances in `Balance::ClaimableOnChannelClose`
Matt Corallo [Tue, 14 Nov 2023 22:19:19 +0000 (22:19 +0000)]
Include rounded msat balances in `Balance::ClaimableOnChannelClose`

If we're gonna push users towards using `Balance` to determine
their current balances, we really need to provide more information,
including msat balances.

Here we add rounded-out msat balances to the pre-close balance
information

3 months agoAdd tx fee information to `Balance::ClaimableOnChannelClose`
Matt Corallo [Fri, 29 Sep 2023 17:54:24 +0000 (17:54 +0000)]
Add tx fee information to `Balance::ClaimableOnChannelClose`

`Balance::ClaimableOnChannelClose` excludes the commitment
transaction fee, which makes it hard to use for current balance
calculation. Here we add it, setting the value to zero for inbound
channels (i.e. ones for which we don't pay the fee).

3 months agoMove commitment tx fee calculation helpers to `chan_utils`
Matt Corallo [Fri, 29 Sep 2023 17:26:01 +0000 (17:26 +0000)]
Move commitment tx fee calculation helpers to `chan_utils`

These don't really belong in `channel` as they're now used in other
parts of the codebase.

3 months agoDrop `chan_utils` self-import
Matt Corallo [Fri, 29 Sep 2023 17:10:40 +0000 (17:10 +0000)]
Drop `chan_utils` self-import

There's no reason to `use` a module within that module to refer to
that module...

3 months agoInclude an `outbound_payment` flag in `MaybeTimeoutClaimableHTLC`
Matt Corallo [Thu, 28 Sep 2023 23:02:26 +0000 (23:02 +0000)]
Include an `outbound_payment` flag in `MaybeTimeoutClaimableHTLC`

When the user is fetching their current balances after forwarding a
payment (before it clears), they'll see a
`MaybePreimageClaimableHTLC` and a `MaybeTimeoutClaimableHTLC` but
if they sum up their balance using
`Balance::claimable_amount_satoshis` neither will be included.

Obviously, exactly one of the two balances should be included - one
of the two resolutions should happen in our favor. This causes our
visible balance to fluctuate up and down by the full value of any
HTLCs we're in the middle of forwarding, which is incredibly
confusing to see. If we want to stop the fluctuations, we need to
pick one of the two balances to include. The obvious candidate is
`MaybeTimeoutClaimableHTLC` as it is the lower of the two, and
represents our balance without the fee we'd receive from the
forward.

Sadly, if we always include it, we'll end up also including any
HTLCs which we've sent but which haven't yet been claimed by their
recipient, which is the wrong behavior.

Luckily, we have access to the `Option<HTLCSource>` while walking
HTLCs, which allows us to add an `outbound_payment` flag to
`MaybeTimeoutClaimableHTLC`. This allows us to only include
forwarded payments in `claimable_amount_satoshis`.

Sadly, even with this in place our balance still fluctuates by the
changes in the commitment transaction fees we have to pay during
forwarding, but addressing that is left for later.

3 months agoUpgrade all github actions to `v4` variants
Elias Rohrer [Mon, 12 Aug 2024 10:54:02 +0000 (12:54 +0200)]
Upgrade all github actions to `v4` variants

3 months agoFix misc `shellcheck` complaints
Elias Rohrer [Thu, 25 Apr 2024 13:32:32 +0000 (15:32 +0200)]
Fix misc `shellcheck` complaints

3 months agoHave `shellcheck` check all scripts in `contrib`
Elias Rohrer [Mon, 12 Aug 2024 08:41:51 +0000 (10:41 +0200)]
Have `shellcheck` check all scripts in `contrib`

3 months agoHave `shellcheck` check all scripts in `ci`
Elias Rohrer [Thu, 25 Apr 2024 13:05:56 +0000 (15:05 +0200)]
Have `shellcheck` check all scripts in `ci`

3 months agoDrop `electrsd` autodownload feature for good
Elias Rohrer [Thu, 25 Apr 2024 12:37:23 +0000 (14:37 +0200)]
Drop `electrsd` autodownload feature for good

... which requires a bunch of unnecessary dev dependencies, e.g., `zip`.

Instead we lean on the `download_bitcoind_electrs.sh` script also for
local testing.

3 months agoMove CI downloading `bitcoind`/`electrsd` to dedicated shell script
Elias Rohrer [Thu, 25 Apr 2024 12:33:47 +0000 (14:33 +0200)]
Move CI downloading `bitcoind`/`electrsd` to dedicated shell script

... allowing it to be sourced locally before running
`lightning-transaction-sync` tests.

3 months agoMerge pull request #3210 from tcharding/07-31-rm-hex-dep
Matt Corallo [Mon, 12 Aug 2024 17:11:56 +0000 (17:11 +0000)]
Merge pull request #3210 from tcharding/07-31-rm-hex-dep

Remove explicit dependency on hex-conservative

3 months agoMerge pull request #3236 from TheBlueMatt/2024-08-unclonable-graph
Matt Corallo [Mon, 12 Aug 2024 14:18:08 +0000 (14:18 +0000)]
Merge pull request #3236 from TheBlueMatt/2024-08-unclonable-graph

Stop relying on a `Clone`able `NetworkGraph` ref in `DefaultRouter`

3 months agoStop relying on a `Clone`able `NetworkGraph` ref in `DefaultRouter` 2024-08-unclonable-graph
Matt Corallo [Mon, 12 Aug 2024 01:03:00 +0000 (01:03 +0000)]
Stop relying on a `Clone`able `NetworkGraph` ref in `DefaultRouter`

While there's not really much harm in requiring a `Clone`able
reference (they almost always are), it does make our bindings
struggle a bit as they don't support multi-trait bounds (as it
would require synthesizing a new C trait, which the bindings don't
do automatically). Luckily, there's really no reason for it, and we
can just call the `DefaultMessageRouter` directly when we want to
route a message.

We've carried this patch for a while on the bindings branch, but
there's not a strong reason it can't go upstream.

3 months agoMerge pull request #3214 from TheBlueMatt/2024-07-chan-by-val
Matt Corallo [Mon, 12 Aug 2024 00:40:16 +0000 (00:40 +0000)]
Merge pull request #3214 from TheBlueMatt/2024-07-chan-by-val

Make `funding_transaction_generated` take a `ChannelId` by value

3 months agoUse bitcoin::hex instead of bitcoin::hashes::hex
Tobin C. Harding [Thu, 8 Aug 2024 06:09:30 +0000 (16:09 +1000)]
Use bitcoin::hex instead of bitcoin::hashes::hex

Use the `hex-conservative` crate directly from `bitcoin` instead of from
`hashes`. Although it makes no real difference it is slightly more clear
and more terse.

3 months agoRemove explicit dependency on hex-conservative
Tobin C. Harding [Wed, 31 Jul 2024 10:46:33 +0000 (05:46 -0500)]
Remove explicit dependency on hex-conservative

The `hex` crate is re-exported by `rust-bitcoin` so we can get it from
there instead of explicitly depending on it. Doing so reduces the
maintenance burden and helps reduce the likelyhood of getting two
versions in the dependency graph.

3 months agoMerge pull request #3220 from dunxen/2024-08-config-param-consistency
Matt Corallo [Thu, 8 Aug 2024 20:47:18 +0000 (20:47 +0000)]
Merge pull request #3220 from dunxen/2024-08-config-param-consistency

Set default ChannelHandshakeLimits::min_funding_satoshis to 1000

3 months agoSet default ChannelHandshakeLimits::min_funding_satoshis to 1000
Duncan Dean [Fri, 2 Aug 2024 11:44:28 +0000 (13:44 +0200)]
Set default ChannelHandshakeLimits::min_funding_satoshis to 1000

The original default value of 0 was inconsistent with the minimum requirement
of 1000 satoshis in ChannelHandshakeConfig::their_channel_reserve_proportional_millionths.

3 months agoMerge pull request #3194 from tnull/2024-07-om-event-notifier
Matt Corallo [Thu, 8 Aug 2024 17:04:32 +0000 (17:04 +0000)]
Merge pull request #3194 from tnull/2024-07-om-event-notifier

Add `Notifier` to `OnionMessenger`

3 months agoMerge pull request #3215 from tnull/2024-08-protect-against-merkle-leaf-node-weakness
Matt Corallo [Thu, 8 Aug 2024 16:10:18 +0000 (16:10 +0000)]
Merge pull request #3215 from tnull/2024-08-protect-against-merkle-leaf-node-weakness

tx-sync: Protect against Core's Merkle leaf node weakness

3 months agoProtect against Core's Merkle leaf node weakness
Elias Rohrer [Thu, 1 Aug 2024 16:30:41 +0000 (11:30 -0500)]
Protect against Core's Merkle leaf node weakness

Bitcoin Core's Merkle tree implementation has no way to discern between
internal and leaf node entries. As a consequence it is susceptible to an
attacker injecting additional transactions by crafting 64-byte
transactions matching an inner Merkle node's hash (see
https://web.archive.org/web/20240329003521/https://bitslog.com/2018/06/09/leaf-node-weakness-in-bitcoin-merkle-tree-design/).

To protect against this (highly unlikely attack vector), we check that
the transaction isn't 64 bytes in length, and skip it otherwise.

3 months agoMerge pull request #3230 from TheBlueMatt/2024-08-old-doc-tweaks
Elias Rohrer [Thu, 8 Aug 2024 07:17:27 +0000 (09:17 +0200)]
Merge pull request #3230 from TheBlueMatt/2024-08-old-doc-tweaks

Minor doc tweaks to `MonitorHolder`

3 months agoAdd `Notifier` to `OnionMessenger`
Elias Rohrer [Fri, 19 Jul 2024 11:41:37 +0000 (13:41 +0200)]
Add `Notifier` to `OnionMessenger`

3 months agoMerge pull request #3231 from tcharding/08-08-rm-blockdata
Matt Corallo [Thu, 8 Aug 2024 00:40:02 +0000 (00:40 +0000)]
Merge pull request #3231 from tcharding/08-08-rm-blockdata

Stop using `blockdata` module

3 months agoMerge pull request #3232 from cooltexture1/fix-#3209
Matt Corallo [Thu, 8 Aug 2024 00:32:37 +0000 (00:32 +0000)]
Merge pull request #3232 from cooltexture1/fix-#3209

Small fix for #3209

3 months agoFix #3209
cooltexture [Wed, 7 Aug 2024 21:54:11 +0000 (23:54 +0200)]
Fix #3209

There was a issue with the ci/check-compiles.sh.
It would return a warning due to links not being enclosed in <>.
Fixed the issue by enclosing the links.

3 months agoRun contrib/run-rustfmt.sh
Tobin C. Harding [Wed, 7 Aug 2024 21:17:18 +0000 (07:17 +1000)]
Run contrib/run-rustfmt.sh

No other changes other than those introduced by the script.

3 months agoDo not use bitcoin::blockdata
Tobin C. Harding [Wed, 7 Aug 2024 21:13:26 +0000 (07:13 +1000)]
Do not use bitcoin::blockdata

The `rust-bitcoin` project is working towards making the public API
separate from the directory structure; eventually the
`bitcoin::blockdata` will go away, to make maintenance easier here stop
using the `blockdata` module.

Do not run the formatter, so as to make review easier. This patch was
created mechanically using:

search-and-replace bitcoin::blockdata bitcoin

and having defined

```bash
search-and-replace () {
        if (($# != 2))
        then
                echo "Usage: $0 <this> <that>"
                return
        fi
        local this="$1"
        local that="$2"
        for file in $(git grep -l "$this")
        do
                perl -pi -e "s/$this/$that/g" "$file"
        done
}
```

3 months agoMinor doc tweaks to `MonitorHolder` 2024-08-old-doc-tweaks
Matt Corallo [Wed, 7 Aug 2024 14:31:01 +0000 (14:31 +0000)]
Minor doc tweaks to `MonitorHolder`

036c31c9d0b6a243fa33aa5f8d5148d2ca065617 introduced some minor doc
changes but failed to imrpove the docs that is was changing fully
which this does. Suggested by @tnull in review.

3 months agoMerge pull request #3226 from TheBlueMatt/2024-08-rustfmt-contrib
Elias Rohrer [Wed, 7 Aug 2024 06:19:46 +0000 (01:19 -0500)]
Merge pull request #3226 from TheBlueMatt/2024-08-rustfmt-contrib

Add a script to automatically `rustfmt` all required files

3 months agoForce locale in `rustfmt` shell scripts that rely on sort order 2024-08-rustfmt-contrib
Matt Corallo [Tue, 6 Aug 2024 15:13:59 +0000 (15:13 +0000)]
Force locale in `rustfmt` shell scripts that rely on sort order

3 months agoMerge pull request #3219 from dunxen/2024-08-PR2989-followups
Matt Corallo [Tue, 6 Aug 2024 14:54:01 +0000 (14:54 +0000)]
Merge pull request #3219 from dunxen/2024-08-PR2989-followups

Fix remaining feedback and other nits for 2989

3 months agoMerge pull request #3225 from TheBlueMatt/2024-08-3019-followups
Elias Rohrer [Tue, 6 Aug 2024 07:53:30 +0000 (02:53 -0500)]
Merge pull request #3225 from TheBlueMatt/2024-08-3019-followups

Clean up `CommonOpenChannelFields` docs slightly

3 months agoMerge pull request #3224 from TheBlueMatt/2024-08-deprecate-send_payment
valentinewallace [Mon, 5 Aug 2024 19:12:42 +0000 (12:12 -0700)]
Merge pull request #3224 from TheBlueMatt/2024-08-deprecate-send_payment

Mark ChannelManager::send_payment_with_route as deprecated and take `Route` by value

3 months agoAdd a script to automatically `rustfmt` all required files
Matt Corallo [Mon, 5 Aug 2024 16:59:57 +0000 (16:59 +0000)]
Add a script to automatically `rustfmt` all required files

As we now require `rustfmt` pass on a subset of our files, its
helpful to have a script which will automatically format any
required files so that contributors don't need to think too hard
about it.

3 months agoClean up `CommonOpenChannelFields` docs slightly 2024-08-3019-followups
Matt Corallo [Mon, 5 Aug 2024 15:18:04 +0000 (15:18 +0000)]
Clean up `CommonOpenChannelFields` docs slightly

3 months agoMerge pull request #3019 from benthecarman/is-public
Matt Corallo [Mon, 5 Aug 2024 15:11:27 +0000 (15:11 +0000)]
Merge pull request #3019 from benthecarman/is-public

Add more information to OpenChannelRequest Event

3 months agoMerge pull request #3202 from jkczyz/2024-07-blinded-path-auth-follow-up
Matt Corallo [Mon, 5 Aug 2024 14:56:22 +0000 (14:56 +0000)]
Merge pull request #3202 from jkczyz/2024-07-blinded-path-auth-follow-up

Follow-ups to #3139

3 months agoMake `funding_transaction_generated` take a `ChannelId` by value 2024-07-chan-by-val
Matt Corallo [Thu, 1 Aug 2024 14:34:33 +0000 (14:34 +0000)]
Make `funding_transaction_generated` take a `ChannelId` by value

`ChannelId` is just a 32-byte array, so there's not a lot of value
in passing it by reference to `funding_transaction_generated`,
which we fix here.

This is also nice for bindings as languages like Java can better
analyze whether the `ChannelManager` ends up with a reference to
the `ChannelId`.

3 months agoMake `send_payment_with_route` take `Route` by value 2024-08-deprecate-send_payment
Matt Corallo [Sun, 4 Aug 2024 15:15:11 +0000 (15:15 +0000)]
Make `send_payment_with_route` take `Route` by value

Now that `ChannelManager::send_payment_with_route` is deprecated,
we don't care too much about making it as effecient as possible, so
there's not much cost to making it take `Route` by value. This
avoids bindings being unsure if the by-reference `Route` passed
needs to outlive the `ChannelManager` itself or if it only needs to
outlive the method call, creating some call overhead by forcing a
`Route::clone`, but avoiding a memory leak.

3 months agoMark `ChannelManager::send_payment_with_route` as deprecated
Matt Corallo [Sun, 4 Aug 2024 15:06:12 +0000 (15:06 +0000)]
Mark `ChannelManager::send_payment_with_route` as deprecated

We probably should have done this long ago a release or two after
adding `send_payment`, but we didn't and the second best time is
now.

`send_payment_with_route` has particularly hard to use retry
semantics that make it unsuitable for real use. Once we get the
last of our users off of it, we'll want to remove it (or at least
mark it test-only), but we should start by deprecating it.

3 months agoFix remaining feedback and other nits for 2989
Duncan Dean [Fri, 2 Aug 2024 09:38:59 +0000 (11:38 +0200)]
Fix remaining feedback and other nits for 2989

3 months agoMerge pull request #3216 from tnull/2024-08-pin-tokio-in-ci
dunxen [Fri, 2 Aug 2024 10:09:48 +0000 (12:09 +0200)]
Merge pull request #3216 from tnull/2024-08-pin-tokio-in-ci

Pin `tokio` in CI to fix MSRV

3 months agoPin `tokio` in CI to fix MSRV
Elias Rohrer [Thu, 1 Aug 2024 16:51:53 +0000 (11:51 -0500)]
Pin `tokio` in CI to fix MSRV

The recently released `tokio` 1.39 bumped their MSRV to rustc 1.70.
Here, we pin the `tokio` version to 1.38 for users that require to
maintain our MSRV of rustc 1.63.

3 months agoReplace use of OffersContext::Unknown with None
Jeffrey Czyz [Tue, 23 Jul 2024 23:24:43 +0000 (18:24 -0500)]
Replace use of OffersContext::Unknown with None

Now that ChannelManager uses a known OffersContext when creating blinded
paths, OffersContext::Unknown is no longer needed. Remove it and update
OffersMessageHandler to us an Option, which is more idiomatic for
signifying whether a message was delivered with or without an
OffersContext.

3 months agoInclude payment hash in Bolt12Invoice reply path
Jeffrey Czyz [Tue, 23 Jul 2024 18:49:37 +0000 (13:49 -0500)]
Include payment hash in Bolt12Invoice reply path

Instead of using OffersContext::Unknown for the Bolt12Invoice reply path
use OffersContext::InboundPayment to include the payment hash.
OffersContext::Unknown will be removed in another commit.

3 months agoInclude payment hash when logging invoice handling
Jeffrey Czyz [Wed, 3 Jul 2024 16:12:47 +0000 (11:12 -0500)]
Include payment hash when logging invoice handling

3 months agoInclude payment hash when logging InvoiceError
Jeffrey Czyz [Wed, 3 Jul 2024 16:02:08 +0000 (11:02 -0500)]
Include payment hash when logging InvoiceError

By including the payment hash from the invoice in an onion message's
reply path, it can be used when logging errors as additional context.

3 months agoUse BlindedPath::new_for_payment in fuzz tests
Jeffrey Czyz [Tue, 23 Jul 2024 20:40:32 +0000 (15:40 -0500)]
Use BlindedPath::new_for_payment in fuzz tests

When creating a Bolt12Invoice in fuzz tests, use
BlindedPath::new_for_payment instead of BlindedPath::new_for_message.
This way PaymentContext is used instead of MessageContext, as is more
realistic though should not affect the test. This allows us to remove
OffersContext::Unknown.

3 months agoUse different iv_bytes for blinded path metadata
Jeffrey Czyz [Tue, 23 Jul 2024 22:54:31 +0000 (17:54 -0500)]
Use different iv_bytes for blinded path metadata

Best practice is to use different IV bytes for different contexts.
Update Offer and Refund metadata computation to use different IV bytes
when the metadata is included in a blinded path. For invoice requests,
the metatdata will always be in the blinded path, so it remains the
same.

3 months agoDelay adding iv_bytes to MetadataMaterial::hmac
Jeffrey Czyz [Tue, 23 Jul 2024 18:36:39 +0000 (13:36 -0500)]
Delay adding iv_bytes to MetadataMaterial::hmac

In an upcoming commit, the iv_bytes used in MetadataMaterial will vary
depending on when whether a blinded path is included in the
corresponding message. Delay adding into MetadataMaterial::hmac as
otherwise the HmacEngine would need to be re-initialized using an
ExpandedKey, which won't be readily available.

3 months agoResult from Bolt12Invoice::verify_using_payer_data
Jeffrey Czyz [Tue, 23 Jul 2024 21:09:14 +0000 (16:09 -0500)]
Result from Bolt12Invoice::verify_using_payer_data

Use a Result return type instead of a bool when verifying a
Bolt12Invoice. This way ignoring the result will produce a compiler
warning.

3 months agoBolt12Invoice::is_for_refund_without_paths tests
Jeffrey Czyz [Mon, 22 Jul 2024 21:14:00 +0000 (16:14 -0500)]
Bolt12Invoice::is_for_refund_without_paths tests

3 months agoMerge pull request #3189 from tnull/2024-07-rustfmt-lightning-net-tokio
Elias Rohrer [Tue, 30 Jul 2024 14:32:44 +0000 (09:32 -0500)]
Merge pull request #3189 from tnull/2024-07-rustfmt-lightning-net-tokio

 `rustfmt`: Run on `lightning-net-tokio`

3 months agoMerge pull request #3171 from jkczyz/2024-07-propagate-error
Elias Rohrer [Tue, 30 Jul 2024 14:11:07 +0000 (09:11 -0500)]
Merge pull request #3171 from jkczyz/2024-07-propagate-error

Include routing failures in `Bolt12PaymentError`

3 months agoAdd more information to OpenChannelRequest Event
benthecarman [Thu, 25 Apr 2024 03:36:40 +0000 (22:36 -0500)]
Add more information to OpenChannelRequest Event

3 months agoMerge pull request #3203 from lexe-app/pr/description-as-inner
Elias Rohrer [Wed, 24 Jul 2024 07:55:49 +0000 (09:55 +0200)]
Merge pull request #3203 from lexe-app/pr/description-as-inner

lightning-invoice: Add `Description::as_inner`

4 months agolightning-invoice: Add `Description::as_inner`
Max Fang [Wed, 24 Jul 2024 00:11:10 +0000 (17:11 -0700)]
lightning-invoice: Add `Description::as_inner`

4 months agoMerge pull request #3196 from TheBlueMatt/2024-07-monitor-ordering
Elias Rohrer [Tue, 23 Jul 2024 08:16:00 +0000 (10:16 +0200)]
Merge pull request #3196 from TheBlueMatt/2024-07-monitor-ordering

Ensure `ChannelMonitorUpdate`s are ordered with full monitor writes