feat: LNSocket support for direct Core Lightning TCP connections #3557
Conversation
Summary of ChangesHello @a-khushal, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces a significant new feature by enabling direct LNSocket connections for Core Lightning (CLN) nodes. This allows users to connect to their CLN instances via a direct TCP connection, enhancing connectivity options beyond existing methods. The implementation involves a new backend service that leverages the 'lnmessage' library, alongside necessary UI adjustments for configuration and updates to project dependencies. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces support for direct Core Lightning TCP connections via LNSocket, which is a great new feature. The implementation adds a new LNSocket.ts backend and integrates it throughout the application. However, there are several critical issues that need to be addressed before merging. Most importantly, there's a hardcoded private key in the new backend, and both package.json and yarn.lock contain merge conflict markers. Additionally, I've found a few bugs, including a typo in an RPC parameter and potential crashes due to unsafe data access. I've provided detailed comments and suggestions to fix these issues.
| privateKey: | ||
| '31e9739c0d6a2eba36168dd364841cc01d3f4fde221d256e6a781a4dd46715ea', |
There was a problem hiding this comment.
Hardcoding a private key is a significant security risk. Even if it's a default key for development, it should not be committed to the repository. This key should be generated and stored securely, or at least be configurable and not a hardcoded constant in the source code. Please remove this and implement a secure way to handle the private key.
package.json
Outdated
| <<<<<<< HEAD | ||
| "react-native-system-navigation-bar": "2.8.0", | ||
| "react-native-tcp-socket": "6.2.0", | ||
| ======= | ||
| "react-native-system-navigation-bar": "2.6.4", | ||
| "react-native-tcp-socket": "^6.3.0", | ||
| >>>>>>> 03f111062 (feat: add LNSocket support for direct Core Lightning TCP connections via lnmessage) |
There was a problem hiding this comment.
This file contains multiple merge conflict markers (<<<<<<<, =======, >>>>>>>). These must be resolved before the pull request can be merged. Please rebase your branch on top of the target branch or resolve the conflicts manually.
yarn.lock
Outdated
| <<<<<<< HEAD | ||
| baseline-browser-mapping@^2.9.0: | ||
| version "2.9.11" | ||
| resolved "https://registry.yarnpkg.com/baseline-browser-mapping/-/baseline-browser-mapping-2.9.11.tgz#53724708c8db5f97206517ecfe362dbe5181deea" | ||
| integrity sha512-Sg0xJUNDU1sJNGdfGWhVHX0kkZ+HWcvmVymJbj6NSgZZmW/8S9Y2HQ5euytnIgakgxN6papOAWiwDo1ctFDcoQ== | ||
|
|
||
| ======= | ||
| >>>>>>> 03f111062 (feat: add LNSocket support for direct Core Lightning TCP connections via lnmessage) |
There was a problem hiding this comment.
This file contains merge conflict markers. This indicates an unresolved merge conflict. Please resolve the conflicts, for example by running yarn install after resolving conflicts in package.json, and commit the updated yarn.lock file.
backends/LNSocket.ts
Outdated
| })); | ||
| sendCoins = (data: TransactionRequest) => | ||
| this.rpc('withdraw', { | ||
| desination: data.addr, |
There was a problem hiding this comment.
There is a typo in the property name desination. It should be destination. This will likely cause the 'withdraw' RPC call to fail.
| desination: data.addr, | |
| destination: data.addr, |
backends/LNSocket.ts
Outdated
| getRoutes = async (urlParams?: Array<string>) => { | ||
| const msatoshi = Number(urlParams && urlParams[1]) * 1000; | ||
|
|
||
| const res = await this.rpc('getroute', { | ||
| id: urlParams && urlParams[0], | ||
| msatoshi, | ||
| riskfactor: 2 | ||
| }); | ||
|
|
||
| const route = res.route[0]; | ||
|
|
||
| return { | ||
| routes: [ | ||
| { | ||
| total_fees: (route[0].msatoshi - msatoshi) / 1000 | ||
| } | ||
| ] | ||
| }; | ||
| }; |
There was a problem hiding this comment.
There are a couple of issues in the getRoutes method that could lead to a crash:
- On line 299,
urlParams && urlParams[1]can beundefined, which results inNumber(undefined), which isNaN. This will likely cause issues in thegetrouteRPC call. - On line 307,
res.route[0]is accessed without checking ifres.routeis empty. If the RPC call returns no routes, this will cause a crash.
Please add defensive checks to handle these cases gracefully.
getRoutes = async (urlParams?: Array<string>) => {
const msatoshi = Number(urlParams?.[1] || 0) * 1000;
const id = urlParams?.[0];
if (!id || !msatoshi) {
return { routes: [] };
}
const res = await this.rpc('getroute', {
id,
msatoshi,
riskfactor: 2
});
const route = res.route?.[0];
if (!route || route.length === 0) {
return { routes: [] };
}
return {
routes: [
{
total_fees: (route[0].msatoshi - msatoshi) / 1000
}
]
};
};| createInvoice = (data: any) => | ||
| this.rpc('invoice', { | ||
| description: data.memo, | ||
| label: 'zeus.' + Math.random() * 1000000, |
There was a problem hiding this comment.
Using Math.random() for generating a unique label is not guaranteed to be unique and can lead to collisions, especially if invoices are created in quick succession. Consider using a more robust method for generating unique IDs, such as a timestamp combined with random characters, or a library like uuid.
| label: 'zeus.' + Math.random() * 1000000, | |
| label: 'zeus.' + Date.now(), |
backends/LNSocket.ts
Outdated
| decodePaymentRequest = (urlParams?: Array<string>) => | ||
| this.rpc('decodepay', [urlParams && urlParams[0]]); | ||
| payLightningInvoice = (data: any) => | ||
| this.rpc('pay', { | ||
| bolt11: data.payment_request, | ||
| msatoshi: data.amt ? Number(data.amt * 1000) : undefined | ||
| }); | ||
| closeChannel = (urlParams?: Array<string>) => | ||
| this.rpc('close', { | ||
| id: urlParams && urlParams[0], | ||
| unilateraltimeout: urlParams && urlParams[1] ? 60 : 0 | ||
| }).then(() => ({ chan_close: { success: true } })); | ||
| getNodeInfo = (urlParams?: Array<string>) => | ||
| this.rpc('listnodes', [urlParams && urlParams[0]]).then( |
There was a problem hiding this comment.
The methods decodePaymentRequest and getNodeInfo have unsafe access to urlParams. If urlParams is undefined or empty, [urlParams && urlParams[0]] becomes [undefined], which is likely not the intended behavior and could cause RPC errors. It's better to avoid passing any arguments if urlParams[0] is not available.
a-khushal
force-pushed
the
commando-lnsocket
branch
2 times, most recently
from
e3c8563 to
10aa4bc
Compare
a-khushal
force-pushed
the
commando-lnsocket
branch
from
8f25f8b to
31ea31a
Compare
a-khushal
force-pushed
the
commando-lnsocket
branch
from
31ea31a to
4e60e34
Compare
| "js-lnurl": "0.5.1", | ||
| "js-sha256": "0.9.0", | ||
| "lodash": "4.17.23", | ||
| "lnmessage": "^0.2.7", |
There was a problem hiding this comment.
@a-khushal , Can we add an isConnected method as well?
3 participants
Description
Relates to issue: ZEUS-1068
This PR is based on and extends the changes from master...kaloudis:zeus:lnsocket
cc: The LNMessage library now supports React Native. You can view it on my fork here: lnbc1QWFyb24/lnmessage@master...a-khushal:lnmessage:rn-tcp-socket. This fork ensures Commando works with React Native.
This pull request is categorized as a:
Checklist
yarn run tscand made sure my code compiles correctlyyarn run lintand made sure my code didn’t contain any problematic patternsyarn run prettierand made sure my code is formatted correctlyyarn run testand made sure all of the tests passTesting
If you modified or added a utility file, did you add new unit tests?
I have tested this PR on the following platforms (please specify OS version and phone model/VM):
I have tested this PR with the following types of nodes (please specify node version and API version where appropriate):
Locales
Third Party Dependencies and Packages
yarnafter this PR is merged inpackage.jsonandyarn.lockhave been properly updatedOther: