Update Default Blinded Path constructor to use Dummy Hops

shaavan · shaavan · commit fccfd04be3b3 · 2025-06-12T18:51:36.000+05:30
Applies dummy hops by default when constructing blinded paths via
`DefaultMessageRouter`, enhancing privacy by obscuring the true path length.

Uses a predefined `DUMMY_HOPS_COUNT` to apply dummy hops consistently
without requiring explicit user input.
diff --git a/lightning-background-processor/src/lib.rs b/lightning-background-processor/src/lib.rs
@@ -1659,6 +1659,7 @@ mod tests {
 			let msg_router = Arc::new(DefaultMessageRouter::new(
 				network_graph.clone(),
 				Arc::clone(&keys_manager),
+				keys_manager.get_expanded_key(),
 			));
 			let chain_source = Arc::new(test_utils::TestChainSource::new(Network::Bitcoin));
 			let kv_store =
diff --git a/lightning-liquidity/tests/common/mod.rs b/lightning-liquidity/tests/common/mod.rs
@@ -5,7 +5,6 @@
 #![allow(unused_macros)]
 
 use lightning::chain::Filter;
-use lightning::sign::{EntropySource, NodeSigner};
 
 use bitcoin::blockdata::constants::{genesis_block, ChainHash};
 use bitcoin::blockdata::transaction::Transaction;
@@ -24,7 +23,7 @@ use lightning::onion_message::messenger::DefaultMessageRouter;
 use lightning::routing::gossip::{NetworkGraph, P2PGossipSync};
 use lightning::routing::router::{CandidateRouteHop, DefaultRouter, Path};
 use lightning::routing::scoring::{ChannelUsage, ScoreLookUp, ScoreUpdate};
-use lightning::sign::{InMemorySigner, KeysManager};
+use lightning::sign::{EntropySource, InMemorySigner, KeysManager, NodeSigner};
 use lightning::util::config::UserConfig;
 use lightning::util::persist::{
 	KVStore, CHANNEL_MANAGER_PERSISTENCE_KEY, CHANNEL_MANAGER_PERSISTENCE_PRIMARY_NAMESPACE,
@@ -420,8 +419,11 @@ pub(crate) fn create_liquidity_node(
 		scorer.clone(),
 		Default::default(),
 	));
-	let msg_router =
-		Arc::new(DefaultMessageRouter::new(Arc::clone(&network_graph), Arc::clone(&keys_manager)));
+	let msg_router = Arc::new(DefaultMessageRouter::new(
+		Arc::clone(&network_graph),
+		Arc::clone(&keys_manager),
+		keys_manager.get_expanded_key(),
+	));
 	let chain_source = Arc::new(test_utils::TestChainSource::new(Network::Bitcoin));
 	let kv_store =
 		Arc::new(FilesystemStore::new(format!("{}_persister_{}", &persist_dir, i).into()));
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -17055,7 +17055,7 @@ pub mod bench {
 		let scorer = RwLock::new(test_utils::TestScorer::new());
 		let entropy = test_utils::TestKeysInterface::new(&[0u8; 32], network);
 		let router = test_utils::TestRouter::new(Arc::new(NetworkGraph::new(network, &logger_a)), &logger_a, &scorer);
-		let message_router = test_utils::TestMessageRouter::new(Arc::new(NetworkGraph::new(network, &logger_a)), &entropy);
+		let message_router = test_utils::TestMessageRouter::new(Arc::new(NetworkGraph::new(network, &logger_a)), &keys_manager, keys_manager.get_expanded_key());
 
 		let mut config: UserConfig = Default::default();
 		config.channel_config.max_dust_htlc_exposure = MaxDustHTLCExposure::FeeRateMultiplier(5_000_000 / 253);
diff --git a/lightning/src/ln/functional_test_utils.rs b/lightning/src/ln/functional_test_utils.rs
@@ -32,7 +32,7 @@ use crate::onion_message::messenger::OnionMessenger;
 use crate::ln::onion_utils::LocalHTLCFailureReason;
 use crate::routing::gossip::{P2PGossipSync, NetworkGraph, NetworkUpdate};
 use crate::routing::router::{self, PaymentParameters, Route, RouteParameters};
-use crate::sign::{EntropySource, RandomBytes};
+use crate::sign::{EntropySource, NodeSigner, RandomBytes};
 use crate::util::config::{MaxDustHTLCExposure, UserConfig};
 use crate::util::logger::Logger;
 use crate::util::scid_utils;
@@ -728,7 +728,7 @@ impl<'a, 'b, 'c> Drop for Node<'a, 'b, 'c> {
 					signer_provider: self.keys_manager,
 					fee_estimator: &test_utils::TestFeeEstimator::new(253),
 					router: &test_utils::TestRouter::new(Arc::clone(&network_graph), &self.logger, &scorer),
-					message_router: &test_utils::TestMessageRouter::new(network_graph, self.keys_manager),
+					message_router: &test_utils::TestMessageRouter::new(network_graph, self.keys_manager, self.keys_manager.get_expanded_key()),
 					chain_monitor: self.chain_monitor,
 					tx_broadcaster: &broadcaster,
 					logger: &self.logger,
@@ -3350,13 +3350,14 @@ pub fn create_node_cfgs_with_persisters<'a>(node_count: usize, chanmon_cfgs: &'a
 		let chain_monitor = test_utils::TestChainMonitor::new(Some(&chanmon_cfgs[i].chain_source), &chanmon_cfgs[i].tx_broadcaster, &chanmon_cfgs[i].logger, &chanmon_cfgs[i].fee_estimator, persisters[i], &chanmon_cfgs[i].keys_manager);
 		let network_graph = Arc::new(NetworkGraph::new(Network::Testnet, &chanmon_cfgs[i].logger));
 		let seed = [i as u8; 32];
+		let expanded_key = chanmon_cfgs[i].keys_manager.get_expanded_key();
 		nodes.push(NodeCfg {
 			chain_source: &chanmon_cfgs[i].chain_source,
 			logger: &chanmon_cfgs[i].logger,
 			tx_broadcaster: &chanmon_cfgs[i].tx_broadcaster,
 			fee_estimator: &chanmon_cfgs[i].fee_estimator,
 			router: test_utils::TestRouter::new(network_graph.clone(), &chanmon_cfgs[i].logger, &chanmon_cfgs[i].scorer),
-			message_router: test_utils::TestMessageRouter::new(network_graph.clone(), &chanmon_cfgs[i].keys_manager),
+			message_router: test_utils::TestMessageRouter::new(network_graph.clone(), &chanmon_cfgs[i].keys_manager, expanded_key),
 			chain_monitor,
 			keys_manager: &chanmon_cfgs[i].keys_manager,
 			node_seed: seed,
diff --git a/lightning/src/ln/functional_tests.rs b/lightning/src/ln/functional_tests.rs
@@ -49,7 +49,7 @@ use crate::routing::gossip::{NetworkGraph, NetworkUpdate};
 use crate::routing::router::{
 	get_route, Path, PaymentParameters, Route, RouteHop, RouteParameters,
 };
-use crate::sign::{EntropySource, OutputSpender, SignerProvider};
+use crate::sign::{EntropySource, NodeSigner, OutputSpender, SignerProvider};
 use crate::types::features::{ChannelFeatures, ChannelTypeFeatures, NodeFeatures};
 use crate::types::payment::{PaymentHash, PaymentSecret};
 use crate::util::config::{
@@ -5173,7 +5173,11 @@ pub fn test_key_derivation_params() {
 	let scorer = RwLock::new(test_utils::TestScorer::new());
 	let router =
 		test_utils::TestRouter::new(network_graph.clone(), &chanmon_cfgs[0].logger, &scorer);
-	let message_router = test_utils::TestMessageRouter::new(network_graph.clone(), &keys_manager);
+	let message_router = test_utils::TestMessageRouter::new(
+		network_graph.clone(),
+		&keys_manager,
+		keys_manager.get_expanded_key(),
+	);
 	let node = NodeCfg {
 		chain_source: &chanmon_cfgs[0].chain_source,
 		logger: &chanmon_cfgs[0].logger,
diff --git a/lightning/src/onion_message/functional_tests.rs b/lightning/src/onion_message/functional_tests.rs
@@ -279,8 +279,11 @@ fn create_nodes_using_cfgs(cfgs: Vec<MessengerCfg>) -> Vec<MessengerNode> {
 		let node_signer = Arc::new(TestNodeSigner::new(secret_key));
 
 		let node_id_lookup = Arc::new(EmptyNodeIdLookUp {});
-		let message_router =
-			Arc::new(DefaultMessageRouter::new(network_graph.clone(), entropy_source.clone()));
+		let message_router = Arc::new(DefaultMessageRouter::new(
+			network_graph.clone(),
+			entropy_source.clone(),
+			node_signer.get_expanded_key(),
+		));
 		let offers_message_handler = Arc::new(TestOffersMessageHandler {});
 		let async_payments_message_handler = Arc::new(TestAsyncPaymentsMessageHandler {});
 		let dns_resolver_message_handler = Arc::new(TestDNSResolverMessageHandler {});
diff --git a/lightning/src/onion_message/messenger.rs b/lightning/src/onion_message/messenger.rs
@@ -40,7 +40,7 @@ use crate::ln::channelmanager::Verification;
 use crate::ln::msgs::{
 	self, BaseMessageHandler, MessageSendEvent, OnionMessage, OnionMessageHandler, SocketAddress,
 };
-use crate::ln::onion_utils;
+use crate::ln::{inbound_payment, onion_utils};
 use crate::routing::gossip::{NetworkGraph, NodeId, ReadOnlyNetworkGraph};
 use crate::sign::{EntropySource, NodeSigner, Recipient};
 use crate::types::features::{InitFeatures, NodeFeatures};
@@ -541,6 +541,7 @@ where
 {
 	network_graph: G,
 	entropy_source: ES,
+	expanded_key: inbound_payment::ExpandedKey,
 }
 
 impl<G: Deref<Target = NetworkGraph<L>>, L: Deref, ES: Deref> DefaultMessageRouter<G, L, ES>
@@ -549,16 +550,19 @@ where
 	ES::Target: EntropySource,
 {
 	/// Creates a [`DefaultMessageRouter`] using the given [`NetworkGraph`].
-	pub fn new(network_graph: G, entropy_source: ES) -> Self {
-		Self { network_graph, entropy_source }
+	pub fn new(
+		network_graph: G, entropy_source: ES, expanded_key: inbound_payment::ExpandedKey,
+	) -> Self {
+		Self { network_graph, entropy_source, expanded_key }
 	}
 
 	fn create_blinded_paths_from_iter<
 		I: ExactSizeIterator<Item = MessageForwardNode>,
 		T: secp256k1::Signing + secp256k1::Verification,
 	>(
 		network_graph: &G, recipient: PublicKey, context: MessageContext, peers: I,
-		entropy_source: &ES, secp_ctx: &Secp256k1<T>, compact_paths: bool,
+		entropy_source: &ES, expanded_key: &inbound_payment::ExpandedKey, secp_ctx: &Secp256k1<T>,
+		compact_paths: bool,
 	) -> Result<Vec<BlindedMessagePath>, ()> {
 		// Limit the number of blinded paths that are computed.
 		const MAX_PATHS: usize = 3;
@@ -567,6 +571,21 @@ where
 		// recipient's node_id.
 		const MIN_PEER_CHANNELS: usize = 3;
 
+		// Add a random number (0 to 5) of dummy hops to each non-compact blinded path
+		// to make it harder to infer the recipient's position.
+		//
+		// # Note on compact paths:
+		//
+		// Compact paths are optimized for minimal size. Adding dummy hops to them
+		// would increase their size and negate their primary advantage.
+		// Therefore, we avoid adding dummy hops to compact paths.
+		let dummy_hops_count = if compact_paths {
+			0
+		} else {
+			let random_byte = entropy_source.get_secure_random_bytes()[0];
+			random_byte % 6
+		};
+
 		let network_graph = network_graph.deref().read_only();
 		let is_recipient_announced =
 			network_graph.nodes().contains_key(&NodeId::from_pubkey(&recipient));
@@ -597,7 +616,15 @@ where
 		let paths = peer_info
 			.into_iter()
 			.map(|(peer, _, _)| {
-				BlindedMessagePath::new(&[peer], recipient, context.clone(), entropy, secp_ctx)
+				BlindedMessagePath::new_with_dummy_hops(
+					&[peer],
+					dummy_hops_count,
+					recipient,
+					context.clone(),
+					entropy,
+					expanded_key,
+					secp_ctx,
+				)
 			})
 			.take(MAX_PATHS)
 			.collect::<Result<Vec<_>, _>>();
@@ -666,7 +693,7 @@ where
 
 	pub(crate) fn create_blinded_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		network_graph: &G, recipient: PublicKey, context: MessageContext, peers: Vec<PublicKey>,
-		entropy_source: &ES, secp_ctx: &Secp256k1<T>,
+		entropy_source: &ES, expanded_key: &inbound_payment::ExpandedKey, secp_ctx: &Secp256k1<T>,
 	) -> Result<Vec<BlindedMessagePath>, ()> {
 		let peers =
 			peers.into_iter().map(|node_id| MessageForwardNode { node_id, short_channel_id: None });
@@ -676,21 +703,24 @@ where
 			context,
 			peers.into_iter(),
 			entropy_source,
+			expanded_key,
 			secp_ctx,
 			false,
 		)
 	}
 
 	pub(crate) fn create_compact_blinded_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		network_graph: &G, recipient: PublicKey, context: MessageContext,
-		peers: Vec<MessageForwardNode>, entropy_source: &ES, secp_ctx: &Secp256k1<T>,
+		peers: Vec<MessageForwardNode>, entropy_source: &ES,
+		expanded_key: &inbound_payment::ExpandedKey, secp_ctx: &Secp256k1<T>,
 	) -> Result<Vec<BlindedMessagePath>, ()> {
 		Self::create_blinded_paths_from_iter(
 			network_graph,
 			recipient,
 			context,
 			peers.into_iter(),
 			entropy_source,
+			expanded_key,
 			secp_ctx,
 			true,
 		)
@@ -719,6 +749,7 @@ where
 			context,
 			peers,
 			&self.entropy_source,
+			&self.expanded_key,
 			secp_ctx,
 		)
 	}
@@ -733,6 +764,7 @@ where
 			context,
 			peers,
 			&self.entropy_source,
+			&self.expanded_key,
 			secp_ctx,
 		)
 	}
diff --git a/lightning/src/util/test_utils.rs b/lightning/src/util/test_utils.rs
@@ -26,11 +26,11 @@ use crate::events::bump_transaction::Utxo;
 #[cfg(any(test, feature = "_externalize_tests"))]
 use crate::ln::chan_utils::CommitmentTransaction;
 use crate::ln::channel_state::ChannelDetails;
-use crate::ln::channelmanager;
 use crate::ln::inbound_payment::ExpandedKey;
 use crate::ln::msgs::{BaseMessageHandler, MessageSendEvent};
 use crate::ln::script::ShutdownScript;
 use crate::ln::types::ChannelId;
+use crate::ln::{channelmanager, inbound_payment};
 use crate::ln::{msgs, wire};
 use crate::offers::invoice::UnsignedBolt12Invoice;
 use crate::onion_message::messenger::{
@@ -322,8 +322,9 @@ pub struct TestMessageRouter<'a> {
 impl<'a> TestMessageRouter<'a> {
 	pub fn new(
 		network_graph: Arc<NetworkGraph<&'a TestLogger>>, entropy_source: &'a TestKeysInterface,
+		expanded_key: inbound_payment::ExpandedKey,
 	) -> Self {
-		Self { inner: DefaultMessageRouter::new(network_graph, entropy_source) }
+		Self { inner: DefaultMessageRouter::new(network_graph, entropy_source, expanded_key) }
 	}
 }
 
@@ -1488,7 +1489,7 @@ impl TestNodeSigner {
 
 impl NodeSigner for TestNodeSigner {
 	fn get_expanded_key(&self) -> ExpandedKey {
-		unreachable!()
+		ExpandedKey::new([42; 32])
 	}
 
 	fn get_peer_storage_key(&self) -> PeerStorageKey {
