Introduce DummyTlv

Author: shaavan

lightning/src/blinded_path/message.rs

@@ -266,6 +266,23 @@ pub(crate) struct ForwardTlvs {
 	pub(crate) next_blinding_override: Option<PublicKey>,
 }
 
+/// Represents the dummy TLV encoded immediately before the actual [`ReceiveTlvs`] in a blinded path.
+/// These TLVs are intended for the final node and are recursively authenticated until the real
+/// [`ReceiveTlvs`] is reached.
+///
+/// Their purpose is to arbitrarily extend the path length, obscuring the receiver's position in the
+/// route and thereby enhancing privacy.
+pub(crate) struct DummyTlv {}
+
+impl Writeable for DummyTlv {
+	fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
+		encode_tlv_stream!(writer, {
+			(65539, (), required),
+		});
+		Ok(())
+	}
+}
+
 /// Similar to [`ForwardTlvs`], but these TLVs are for the final node.
 pub(crate) struct ReceiveTlvs {
 	/// If `context` is `Some`, it is used to identify the blinded path that this onion message is

lightning/src/onion_message/packet.rs

@@ -17,7 +17,9 @@ use super::async_payments::AsyncPaymentsMessage;
 use super::dns_resolution::DNSResolverMessage;
 use super::messenger::CustomOnionMessageHandler;
 use super::offers::OffersMessage;
-use crate::blinded_path::message::{BlindedMessagePath, ForwardTlvs, NextMessageHop, ReceiveTlvs};
+use crate::blinded_path::message::{
+	BlindedMessagePath, DummyTlv, ForwardTlvs, NextMessageHop, ReceiveTlvs,
+};
 use crate::crypto::streams::{ChaChaDualPolyReadAdapter, ChaChaPolyWriteAdapter};
 use crate::ln::msgs::DecodeError;
 use crate::ln::onion_utils;
@@ -112,6 +114,13 @@ impl LengthReadable for Packet {
 pub(super) enum Payload<T: OnionMessageContents> {
 	/// This payload is for an intermediate hop.
 	Forward(ForwardControlTlvs),
+	/// This payload is a dummy hop, and is intended to be peeled.
+	Dummy {
+		/// The [`DummyControlTlvs`] were authenticated with the additional key that was
+		/// provided to [`ReadableArgs::read`].
+		control_tlvs_authenticated: bool,
+		control_tlvs: DummyControlTlvs,
+	},
 	/// This payload is for the final hop.
 	Receive {
 		/// The [`ReceiveControlTlvs`] were authenticated with the additional key which was
@@ -212,6 +221,9 @@ pub(super) enum ForwardControlTlvs {
 	Unblinded(ForwardTlvs),
 }
 
+/// Dummy control TLVs, used for dummy hops.
+pub(super) struct DummyControlTlvs(pub(super) DummyTlv);
+
 /// Receive control TLVs in their blinded and unblinded form.
 pub(super) enum ReceiveControlTlvs {
 	/// See [`ForwardControlTlvs::Blinded`].
@@ -243,6 +255,13 @@ impl<T: OnionMessageContents> Writeable for (Payload<T>, [u8; 32]) {
 				let write_adapter = ChaChaPolyWriteAdapter::new(self.1, &control_tlvs);
 				_encode_varint_length_prefixed_tlv!(w, { (4, write_adapter, required) })
 			},
+			Payload::Dummy {
+				control_tlvs: DummyControlTlvs(control_tlvs),
+				control_tlvs_authenticated: _,
+			} => {
+				let write_adapter = ChaChaPolyWriteAdapter::new(self.1, &control_tlvs);
+				_encode_varint_length_prefixed_tlv!(w, { (4, write_adapter, required) })
+			},
 			Payload::Receive {
 				control_tlvs: ReceiveControlTlvs::Unblinded(control_tlvs),
 				reply_path,
@@ -323,6 +342,12 @@ impl<H: CustomOnionMessageHandler + ?Sized, L: Logger + ?Sized>
 				}
 				Ok(Payload::Forward(ForwardControlTlvs::Unblinded(tlvs)))
 			},
+			Some(ChaChaDualPolyReadAdapter { readable: ControlTlvs::Dummy(tlvs), used_aad }) => {
+				Ok(Payload::Dummy {
+					control_tlvs_authenticated: used_aad,
+					control_tlvs: DummyControlTlvs(tlvs),
+				})
+			},
 			Some(ChaChaDualPolyReadAdapter { readable: ControlTlvs::Receive(tlvs), used_aad }) => {
 				Ok(Payload::Receive {
 					control_tlvs: ReceiveControlTlvs::Unblinded(tlvs),
@@ -342,6 +367,8 @@ impl<H: CustomOnionMessageHandler + ?Sized, L: Logger + ?Sized>
 pub(crate) enum ControlTlvs {
 	/// This onion message is intended to be forwarded.
 	Forward(ForwardTlvs),
+	/// This onion message is a dummy, and is intended to be peeled.
+	Dummy(DummyTlv),
 	/// This onion message is intended to be received.
 	Receive(ReceiveTlvs),
 }
@@ -357,6 +384,7 @@ impl Readable for ControlTlvs {
 			(4, next_node_id, option),
 			(8, next_blinding_override, option),
 			(65537, context, option),
+			(65539, is_dummy, option),
 		});
 
 		let next_hop = match (short_channel_id, next_node_id) {
@@ -366,18 +394,13 @@ impl Readable for ControlTlvs {
 			(None, None) => None,
 		};
 
-		let valid_fwd_fmt = next_hop.is_some();
-		let valid_recv_fmt = next_hop.is_none() && next_blinding_override.is_none();
-
-		let payload_fmt = if valid_fwd_fmt {
-			ControlTlvs::Forward(ForwardTlvs {
-				next_hop: next_hop.unwrap(),
-				next_blinding_override,
-			})
-		} else if valid_recv_fmt {
-			ControlTlvs::Receive(ReceiveTlvs { context })
-		} else {
-			return Err(DecodeError::InvalidValue);
+		let payload_fmt = match (next_hop, next_blinding_override, is_dummy) {
+			(Some(hop), _, None) => {
+				ControlTlvs::Forward(ForwardTlvs { next_hop: hop, next_blinding_override })
+			},
+			(None, None, Some(())) => ControlTlvs::Dummy(DummyTlv {}),
+			(None, None, None) => ControlTlvs::Receive(ReceiveTlvs { context }),
+			_ => return Err(DecodeError::InvalidValue),
 		};
 
 		Ok(payload_fmt)
@@ -388,6 +411,7 @@ impl Writeable for ControlTlvs {
 	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
 		match self {
 			Self::Forward(tlvs) => tlvs.write(w),
+			Self::Dummy(tlvs) => tlvs.write(w),
 			Self::Receive(tlvs) => tlvs.write(w),
 		}
 	}