Fix some onion errors and assert their length is correct #1895
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
`impl_writeable_tlv_based_enum` shouldn't be assuming that `DecodeError` is in scope, which we address here.
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
7e29b27 to
db345a5
Compare
|
I think this was it, so |
Codecov ReportBase: 90.69% // Head: 90.63% // Decreases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## main #1895 +/- ##
==========================================
- Coverage 90.69% 90.63% -0.06%
==========================================
Files 91 91
Lines 48404 51171 +2767
Branches 48404 51171 +2767
==========================================
+ Hits 43898 46380 +2482
- Misses 4506 4791 +285
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
db345a5 to
99c91bd
Compare
|
Ah, thanks, fixed. |
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
99c91bd to
22d94a8
Compare
Comment on lines
51
to
+52
| use crate::ln::onion_utils; | ||
| use crate::ln::onion_utils::HTLCFailReason; |
There was a problem hiding this comment.
nit:
Suggested change
| use crate::ln::onion_utils; | |
| use crate::ln::onion_utils::HTLCFailReason; | |
| use crate::ln::onion_utils::{self, HTLCFailReason}; |
There was a problem hiding this comment.
I find the original more readable 🤷
lightning/src/ln/onion_utils.rs
Outdated
Comment on lines
666
to
672
| // we get a fail_malformed_htlc from the first hop | ||
| // TODO: We'd like to generate a NetworkUpdate for temporary | ||
| // failures here, but that would be insufficient as find_route | ||
| // generally ignores its view of our own channels as we provide them via | ||
| // ChannelDetails. | ||
| // TODO: For non-temporary failures, we really should be closing the | ||
| // channel here as we apparently can't relay through them anyway. |
There was a problem hiding this comment.
Do these comments still make sense here, or should they stay in fail_backwards_internal?
There was a problem hiding this comment.
The first TODO belongs here I think - it talks about building a NetworkUpdate which this fn is responsible for. The second we could debate but there's already a TODO that is equivalent at the callsite talking about if we blame our own channel.
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
22d94a8 to
af89d18
Compare
|
This test hits one of the new debug panics in I think the other phantom |
| // ChannelDetails. | ||
| if let &HTLCSource::OutboundRoute { ref path, .. } = htlc_source { | ||
| (None, Some(path.first().unwrap().short_channel_id), true, Some(*failure_code), Some(data.clone())) | ||
| } else { unreachable!(); } |
There was a problem hiding this comment.
It'd remove some unreachables to make HTLCSource::OutboundRoute have an inner struct, but I think that'd be a future consideration
There was a problem hiding this comment.
Yea, we should, agree it doesnt need to happen here.
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
a663ab2 to
35d8eb3
Compare
wpaulino
reviewed
Dec 6, 2022
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
35d8eb3 to
878a41f
Compare
Now that it's entirely abstracted, there's no reason for `HTLCFailReason` to be in `channelmanager`, it's really an onion-level abstraction.
Now that `HTLCFailReason` is opaque and in `onion_utils`, we should encapsulate it so that `ChannelManager` can no longer directly access its inner fields.
This replaces `final_expiry_too_soon` with `incorrect_or_unknown_payment` as was done in lightning/bolts#608. Note that the rationale for this (that it may expose whether you are the final recipient for the payment or not) does not currently apply to us - we don't apply different final CLTV values to different payments. However, we might in the future, and this will make us slightly more consistent with other nodes.
The spec mandates that we copy the `sha256_hash_of_onion` field from the `UpdateFailMalformedHTLC` message into the error message we send back to the sender, however we simply ignored it. Here we copy it into the message correctly.
When we're constructing an HTLCFailReason, we should check that we set the data to at least the correct length for the given failure code, which we do here.
When we receive a phantom HTLC with a bogus/modified CLTV, we should fail back with `incorrect_cltv_expiry`, but that requires a `channel_update`, which we cannot generate for a phantom HTLC which has no corresponding channel. Thus, instead, we have to fall back to `incorrect_cltv_expiry`. Fixes lightningdevkit#1879
This ensures we always hit our new debug assertions while building failure packets in the immediately-fail pipeline while processing an inbound HTLC.
If we try to send any onion error with the `UPDATE` flag in response to a phantom receipt, we should always swap it for something generic that doesn't require a `channel_update` in it. Here we use `temporary_node_failure`. Test provided by Valentine Wallace <[email protected]>
TheBlueMatt
force-pushed
the
2022-12-fix-missing-data
branch
from
878a41f to
c9fe69f
Compare
|
Squashed without further changes. |
valentinewallace
approved these changes
Dec 6, 2022
wpaulino
approved these changes
Dec 6, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When we're constructing an HTLCFailReason, we should check that we
set the data to at least the correct length for the given failure
code, which we do here.
First we move HTLCFailReason into
onion_utilsand encapsulate it a bit better, making channelmanager just a bit smaller. Then we can assert the length, but only after fixing a few issues.Fixes #1879 but I'm frankly a bit confused - I don't see the
14@valentinewallace claimed was being used incorrectly in phantom failures - maybe it was already fixed?