Route blinding MVP #2413
Merged
Route blinding MVP #2413
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
60 tasks
This was referenced Jul 13, 2023
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
2 times, most recently
from
f4dc1aa
to
8ed2025
Compare
Codecov ReportPatch coverage:
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## main #2413 +/- ##
==========================================
+ Coverage 90.45% 90.61% +0.15%
==========================================
Files 112 113 +1
Lines 58564 59002 +438
Branches 58564 59002 +438
==========================================
+ Hits 52976 53466 +490
+ Misses 5588 5536 -52
☔ View full report in Codecov by Sentry. |
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
from
8ed2025
to
223e2de
Compare
TheBlueMatt
reviewed
Aug 30, 2023
I'm still looking into this but we can't materially test any error handling until we have forwarding, because 1-hop blinded paths are supposed to error the same as unblinded payments, i.e. not wipe the error or return malformed. Another option would be to split forwarding+error handling off into its own PR and land sending/1-hop receiving first. |
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
from
223e2de
to
952e537
Compare
|
Removed forwarding support for now, so all forwarding + error handling will be done in #2540 (should be updated tomorrow). |
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
3 times, most recently
from
c2715bf
to
80405b4
Compare
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
from
80405b4
to
43a54c4
Compare
valentinewallace
changed the title
|
Rebased and removed support for receiving to multi-hop blinded paths. This way we can ship an MVP BOLT 12 in 117 and complete route blinding support in 118, to avoid holding up the current release. |
jkczyz
reviewed
Sep 12, 2023
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
from
43a54c4
to
4b39220
Compare
This will be used in the next commit to deserialize encrypted TLVs for receiving to 1-hop blinded paths.
Useful until forwarding and receiving to multi-hop blinded paths is supported.
valentinewallace
force-pushed
the
2023-07-route-blinding
branch
from
4b39220
to
ebdc4ae
Compare
jkczyz
approved these changes
Sep 13, 2023
Comment on lines
+107
to
+114
| let ev = remove_first_msg_event_to_node(&nodes[1].node.get_our_node_id(), &mut events); | ||
| pass_along_path(&nodes[0], expected_route[0], amt_msat, payment_hash.clone(), | ||
| Some(payment_secret), ev.clone(), false, None); | ||
|
|
||
| let ev = remove_first_msg_event_to_node(&nodes[2].node.get_our_node_id(), &mut events); | ||
| pass_along_path(&nodes[0], expected_route[1], amt_msat, payment_hash.clone(), | ||
| Some(payment_secret), ev.clone(), true, None); | ||
| claim_payment_along_route(&nodes[0], expected_route, false, payment_preimage); |
TheBlueMatt
approved these changes
Sep 13, 2023
Comment on lines
+1584
to
+1585
| amt_msat: u64, | ||
| total_msat: u64, |
There was a problem hiding this comment.
Heh, can we get away from the legacy names and use more descriptive names since we're adding new code here? Something about mpp_part_amt_msat and total_payment_msat?
| @@ -1234,7 +1234,9 @@ impl OutboundPayments { | |||
| if route.paths.len() < 1 { | |||
| return Err(PaymentSendFailure::ParameterError(APIError::InvalidRoute{err: "There must be at least one path to send over".to_owned()})); | |||
| } | |||
| if recipient_onion.payment_secret.is_none() && route.paths.len() > 1 { | |||
| if recipient_onion.payment_secret.is_none() && route.paths.len() > 1 | |||
| && !route.paths.iter().any(|p| p.blinded_tail.is_some()) | |||
There was a problem hiding this comment.
Shouldnt this be all?
| return Err(DecodeError::InvalidValue) | ||
| } | ||
| let enc_tlvs = encrypted_tlvs_opt.ok_or(DecodeError::InvalidValue)?.0; | ||
| let enc_tlvs_ss = node_signer.ecdh(Recipient::Node, &blinding_point, None) |
There was a problem hiding this comment.
I feel like we should do blinded paths to a random key and not reuse the node id. That wouldn't avoid the new trait pass cause we need it for forwards, but for nodes with the node id on a separate hardware device/VLS we'd avoid the need to call out to the hardware device here for receives, which I think would be very nice.
k0k0ne
pushed a commit
to bitlightlabs/rust-lightning
that referenced
this pull request
Sep 30, 2024
0.0.118 - Oct 23, 2023 - "Just the Twelve Sinks" API Updates =========== * BOLT12 sending and receiving is now supported as an alpha feature. You may run into unexpected issues and will need to have a direct connection with the offer's blinded path introduction points as messages are not yet routed. We are seeking feedback from early testers (lightningdevkit#2578, lightningdevkit#2039). * `ConfirmationTarget` has been rewritten to provide information about the specific use LDK needs the feerate estimate for, rather than the generic low-, medium-, and high-priority estimates. This allows LDK users to more accurately target their feerate estimates (lightningdevkit#2660). For those wishing to retain their existing behavior, see the table below for conversion. * `ChainHash` is now used in place of `BlockHash` where it represents the genesis block (lightningdevkit#2662). * `lightning-invoice` payment utilities now take a `Deref` to `AChannelManager` (lightningdevkit#2652). * `peel_onion` is provided to statelessly decode an `OnionMessage` (lightningdevkit#2599). * `ToSocketAddrs` + `Display` are now impl'd for `SocketAddress` (lightningdevkit#2636, lightningdevkit#2670) * `Display` is now implemented for `OutPoint` (lightningdevkit#2649). * `Features::from_be_bytes` is now provided (lightningdevkit#2640). For those moving to the new `ConfirmationTarget`, the new variants in terms of the old mempool/low/medium/high priorities are as follows: * `OnChainSweep` = `HighPriority` * `MaxAllowedNonAnchorChannelRemoteFee` = `max(25 * 250, HighPriority * 10)` * `MinAllowedAnchorChannelRemoteFee` = `MempoolMinimum` * `MinAllowedNonAnchorChannelRemoteFee` = `Background - 250` * `AnchorChannelFee` = `Background` * `NonAnchorChannelFee` = `Normal` * `ChannelCloseMinimum` = `Background` Bug Fixes ========= * Calling `ChannelManager::close_channel[_with_feerate_and_script]` on a channel which did not exist would immediately hang holding several key `ChannelManager`-internal locks (lightningdevkit#2657). * Channel information updates received from a failing HTLC are no longer applied to our `NetworkGraph`. This prevents a node which we attempted to route a payment through from being able to learn the sender of the payment. In some rare cases, this may result in marginally reduced payment success rates (lightningdevkit#2666). * Anchor outputs are now properly considered when calculating the amount available to send in HTLCs. This can prevent force-closes in anchor channels when sending payments which overflow the available balance (lightningdevkit#2674). * A peer that sends an `update_fulfill_htlc` message for a forwarded HTLC, then reconnects prior to sending a `commitment_signed` (thus retransmitting their `update_fulfill_htlc`) may result in the channel stalling and being unable to make progress (lightningdevkit#2661). * In exceedingly rare circumstances, messages intended to be sent to a peer prior to reconnection can be sent after reconnection. This could result in undefined channel state and force-closes (lightningdevkit#2663). Backwards Compatibility ======================= * Creating a blinded path to receive a payment then downgrading to LDK prior to 0.0.117 may result in failure to receive the payment (lightningdevkit#2413). * Calling `ChannelManager::pay_for_offer` or `ChannelManager::create_refund_builder` may prevent downgrading to LDK prior to 0.0.118 until the payment times out and has been removed (lightningdevkit#2039). Node Compatibility ================== * LDK now sends a bogus `channel_reestablish` message to peers when they ask to resume an unknown channel. This should cause LND nodes to force-close and broadcast the latest channel state to the chain. In order to trigger this when we wish to force-close a channel, LDK now disconnects immediately after sending a channel-closing `error` message. This should result in cooperative peers also working to confirm the latest commitment transaction when we wish to force-close (lightningdevkit#2658). Security ======== 0.0.118 expands mitigations against transaction cycling attacks to non-anchor channels, though note that no mitigations which exist today are considered robust to prevent the class of attacks. * In order to mitigate against transaction cycling attacks, non-anchor HTLC transactions are now properly re-signed before broadcasting (lightningdevkit#2667). In total, this release features 61 files changed, 3470 insertions, 1503 deletions in 85 commits from 12 authors, in alphabetical order: * Antonio Yang * Elias Rohrer * Evan Feenstra * Fedeparma74 * Gursharan Singh * Jeffrey Czyz * Matt Corallo * Sergi Delgado Segura * Vladimir Fomene * Wilmer Paulino * benthecarman * slanesuke
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Support sending to blinded payment paths and receiving to 1-hop paths. Partially addresses #1970. Error handling, forwarding and receiving to multi-hop blinded paths will be completed in follow-up.
Based on #2411, #2412, #2128, #2459, #2514, #2503