Skip to content

Correct the on-chain script checked in gossip verification #1666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 17, 2022
Merged

Correct the on-chain script checked in gossip verification #1666

merged 1 commit into from
Aug 17, 2022

Conversation

@TheBlueMatt
Copy link
Collaborator

The bitcoin_key_1 and bitcoin_key_2 fields in
channel_announcement messages are sorted according to node_ids
rather than the keys themselves, however the on-chain funding
script is sorted according to the bitcoin keys themselves. Thus,
with some probability, we end up checking that the on-chain script
matches the wrong script and rejecting the channel announcement.

The correct solution is to use our existing channel funding script
generation function which ensure we always match what we generate.

This was found in testing the Java bindings, where a test checks
that retunring the generated funding script in chain::Access
results in the constructed channel ending up in our network graph.

@TheBlueMatt TheBlueMatt added this to the 0.0.111 milestone Aug 13, 2022
dunxen
dunxen reviewed Aug 15, 2022
View reviewed changes
Copy link
Contributor

@dunxen dunxen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like get_signed_channel_announcement() in the gossip tests makes the same assumption for the bitcoin keys and needs to be updated too.

Otherwise LGTM!

tnull
tnull reviewed Aug 15, 2022
View reviewed changes
Copy link
Contributor

@tnull tnull left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally looks good mod the failing tests, i.e., the get_channel_script function (https://github.com/TheBlueMatt/rust-lightning/blob/2022-08-fix-script-check/lightning/src/routing/gossip.rs#L1945) also needs updating.

Also, could you maybe add a check to some test case to ensure we catch this (or similar) issue not only down the line in bindings generation, if there ever were to be a regression?

tnull
tnull reviewed Aug 15, 2022
View reviewed changes
valentinewallace
valentinewallace reviewed Aug 15, 2022
View reviewed changes
Copy link
Contributor

@valentinewallace valentinewallace left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good after outstanding feedback and CI

@TheBlueMatt
Copy link
Collaborator Author

Pushed a fix, as for a check for this, I'm not entirely sure how to write one that is actually useful - sure I could write a test that checks the specific scripts which failed here, but that's not all that interesting, sadly we had several checks which ultimately should have caught this, but of course we replicated the same bug into the tests, which made them not all that helpful.

@tnull
Copy link
Contributor

tnull commented Aug 16, 2022

Pushed a fix, as for a check for this, I'm not entirely sure how to write one that is actually useful - sure I could write a test that checks the specific scripts which failed here, but that's not all that interesting, sadly we had several checks which ultimately should have caught this, but of course we replicated the same bug into the tests, which made them not all that helpful.

Alright, then hopefully tests will just catch if there ever would be a regression. Seems the fix didn't do the trick entirely though.

@valentinewallace
Copy link
Contributor

Seems we're still getting a test panic. With the amount of test panics that arose, I'm happy with the coverage 😆

dunxen
dunxen previously approved these changes Aug 17, 2022
View reviewed changes
Copy link
Contributor

@dunxen dunxen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 43814f3

Back to the nominal crate test failures for those two lol

tnull
tnull previously approved these changes Aug 17, 2022
View reviewed changes
@TheBlueMatt
Correct the on-chain script checked in gossip verification
6265da0 
The `bitcoin_key_1` and `bitcoin_key_2` fields in
`channel_announcement` messages are sorted according to node_ids
rather than the keys themselves, however the on-chain funding
script is sorted according to the bitcoin keys themselves. Thus,
with some probability, we end up checking that the on-chain script
matches the wrong script and rejecting the channel announcement.

The correct solution is to use our existing channel funding script
generation function which ensure we always match what we generate.

This was found in testing the Java bindings, where a test checks
that retunring the generated funding script in `chain::Access`
results in the constructed channel ending up in our network graph.
@TheBlueMatt TheBlueMatt dismissed stale reviews from tnull and dunxen via 6265da0 August 17, 2022 16:26
@TheBlueMatt TheBlueMatt force-pushed the 2022-08-fix-script-check branch from 43814f3 to 6265da0 Compare August 17, 2022 16:26
@TheBlueMatt
Copy link
Collaborator Author

Squashed without further changes.

@TheBlueMatt TheBlueMatt merged commit b50f59d into lightningdevkit:main Aug 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tnull tnull tnull approved these changes

@dunxen dunxen dunxen approved these changes

@valentinewallace valentinewallace valentinewallace approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

0.0.111

Development

Successfully merging this pull request may close these issues.

4 participants

@TheBlueMatt @tnull @valentinewallace @dunxen