(temp)build: bump lightning-onion

Author: GeorgeTsagk

go.mod

@@ -222,4 +222,7 @@ replace google.golang.org/protobuf => github.com/lightninglabs/protobuf-go-hex-d
 // well).
 go 1.24.6
 
+// Temporary replace until dependent PR is merged in lightning-onion.
+replace github.com/lightningnetwork/lightning-onion => github.com/joostjager/lightning-onion v0.0.0-20250630141312-2898b9c46c4e
+
 retract v0.0.2

go.sum

@@ -306,6 +306,8 @@ github.com/jessevdk/go-flags v1.4.0 h1:4IU2WS7AumrZ/40jfhf4QVDMsQwqA7VEHozFRrGAR
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
 github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
+github.com/joostjager/lightning-onion v0.0.0-20250630141312-2898b9c46c4e h1:kwxUmYn+qyX4olGy7TxgUeXpmnaMjf4+/bn9Ke9w0GU=
+github.com/joostjager/lightning-onion v0.0.0-20250630141312-2898b9c46c4e/go.mod h1:EDqJ3MuZIbMq0QI1czTIKDJ/GS8S14RXPwapHw8cw6w=
 github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
 github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ=
 github.com/jrick/logrotate v1.1.2 h1:6ePk462NCX7TfKtNp5JJ7MbA2YIslkpfgP03TlTYMN0=
@@ -368,8 +370,6 @@ github.com/lightninglabs/neutrino/cache v1.1.2 h1:C9DY/DAPaPxbFC+xNNEI/z1SJY9GS3
 github.com/lightninglabs/neutrino/cache v1.1.2/go.mod h1:XJNcgdOw1LQnanGjw8Vj44CvguYA25IMKjWFZczwZuo=
 github.com/lightninglabs/protobuf-go-hex-display v1.33.0-hex-display h1:Y2WiPkBS/00EiEg0qp0FhehxnQfk3vv8U6Xt3nN+rTY=
 github.com/lightninglabs/protobuf-go-hex-display v1.33.0-hex-display/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
-github.com/lightningnetwork/lightning-onion v1.2.1-0.20240815225420-8b40adf04ab9 h1:6D3LrdagJweLLdFm1JNodZsBk6iU4TTsBBFLQ4yiXfI=
-github.com/lightningnetwork/lightning-onion v1.2.1-0.20240815225420-8b40adf04ab9/go.mod h1:EDqJ3MuZIbMq0QI1czTIKDJ/GS8S14RXPwapHw8cw6w=
 github.com/lightningnetwork/lnd/cert v1.2.2 h1:71YK6hogeJtxSxw2teq3eGeuy4rHGKcFf0d0Uy4qBjI=
 github.com/lightningnetwork/lnd/cert v1.2.2/go.mod h1:jQmFn/Ez4zhDgq2hnYSw8r35bqGVxViXhX6Cd7HXM6U=
 github.com/lightningnetwork/lnd/clock v1.1.1 h1:OfR3/zcJd2RhH0RU+zX/77c0ZiOnIMsDIBjgjWdZgA0=

htlcswitch/failure.go

@@ -160,7 +160,7 @@ type OnionErrorDecrypter interface {
 	// node where error have occurred. As a result, in order to decrypt the
 	// error we need get all shared secret and apply decryption in the
 	// reverse order.
-	DecryptError(encryptedData []byte) (*sphinx.DecryptedError, error)
+	DecryptError(encryptedData, _ []byte, _ bool) (*sphinx.DecryptedError, error)
 }
 
 // SphinxErrorDecrypter wraps the sphinx data SphinxErrorDecrypter and maps the
@@ -177,7 +177,7 @@ type SphinxErrorDecrypter struct {
 func (s *SphinxErrorDecrypter) DecryptError(reason lnwire.OpaqueReason) (
 	*ForwardingError, error) {
 
-	failure, err := s.OnionErrorDecrypter.DecryptError(reason)
+	failure, err := s.OnionErrorDecrypter.DecryptError(reason, nil, false)
 	if err != nil {
 		return nil, err
 	}

htlcswitch/failure_test.go

@@ -52,7 +52,9 @@ func TestLongFailureMessage(t *testing.T) {
 	}
 
 	errorDecryptor := &SphinxErrorDecrypter{
-		OnionErrorDecrypter: sphinx.NewOnionErrorDecrypter(circuit),
+		OnionErrorDecrypter: sphinx.NewOnionErrorDecrypter(
+			circuit, nil,
+		),
 	}
 
 	// Assert that the failure message can still be extracted.

htlcswitch/hop/error_encryptor.go

@@ -58,19 +58,22 @@ type ErrorEncrypter interface {
 	// encrypted opaque failure reason. This method will be used at the
 	// source that the error occurs. It differs from IntermediateEncrypt
 	// slightly, in that it computes a proper MAC over the error.
-	EncryptFirstHop(lnwire.FailureMessage) (lnwire.OpaqueReason, error)
+	EncryptFirstHop(lnwire.FailureMessage) (lnwire.OpaqueReason, []byte,
+		error)
 
 	// EncryptMalformedError is similar to EncryptFirstHop (it adds the
 	// MAC), but it accepts an opaque failure reason rather than a failure
 	// message. This method is used when we receive an
 	// UpdateFailMalformedHTLC from the remote peer and then need to
 	// convert that into a proper error from only the raw bytes.
-	EncryptMalformedError(lnwire.OpaqueReason) (lnwire.OpaqueReason, error)
+	EncryptMalformedError(lnwire.OpaqueReason) (lnwire.OpaqueReason, []byte,
+		error)
 
 	// IntermediateEncrypt wraps an already encrypted opaque reason error
 	// in an additional layer of onion encryption. This process repeats
 	// until the error arrives at the source of the payment.
-	IntermediateEncrypt(lnwire.OpaqueReason) (lnwire.OpaqueReason, error)
+	IntermediateEncrypt(lnwire.OpaqueReason, []byte) (lnwire.OpaqueReason,
+		[]byte, error)
 
 	// Type returns an enum indicating the underlying concrete instance
 	// backing this interface.
@@ -123,16 +126,16 @@ func NewSphinxErrorEncrypter() *SphinxErrorEncrypter {
 //
 // NOTE: Part of the ErrorEncrypter interface.
 func (s *SphinxErrorEncrypter) EncryptFirstHop(
-	failure lnwire.FailureMessage) (lnwire.OpaqueReason, error) {
+	failure lnwire.FailureMessage) (lnwire.OpaqueReason, []byte, error) {
 
 	var b bytes.Buffer
 	if err := lnwire.EncodeFailure(&b, failure, 0); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	// We pass a true as the first parameter to indicate that a MAC should
 	// be added.
-	return s.EncryptError(true, b.Bytes()), nil
+	return s.EncryptError(true, b.Bytes(), nil, 0)
 }
 
 // EncryptMalformedError is similar to EncryptFirstHop (it adds the MAC), but
@@ -143,9 +146,9 @@ func (s *SphinxErrorEncrypter) EncryptFirstHop(
 //
 // NOTE: Part of the ErrorEncrypter interface.
 func (s *SphinxErrorEncrypter) EncryptMalformedError(
-	reason lnwire.OpaqueReason) (lnwire.OpaqueReason, error) {
+	reason lnwire.OpaqueReason) (lnwire.OpaqueReason, []byte, error) {
 
-	return s.EncryptError(true, reason), nil
+	return s.EncryptError(true, reason, nil, 0)
 }
 
 // IntermediateEncrypt wraps an already encrypted opaque reason error in an
@@ -156,9 +159,10 @@ func (s *SphinxErrorEncrypter) EncryptMalformedError(
 //
 // NOTE: Part of the ErrorEncrypter interface.
 func (s *SphinxErrorEncrypter) IntermediateEncrypt(
-	reason lnwire.OpaqueReason) (lnwire.OpaqueReason, error) {
+	reason lnwire.OpaqueReason, _ []byte) (lnwire.OpaqueReason, []byte,
+	error) {
 
-	return s.EncryptError(false, reason), nil
+	return s.EncryptError(false, reason, nil, 0)
 }
 
 // Type returns the identifier for a sphinx error encrypter.

htlcswitch/hop/iterator.go

@@ -909,9 +909,7 @@ func (p *OnionProcessor) DecodeHopIterators(id []byte,
 func (p *OnionProcessor) ExtractErrorEncrypter(ephemeralKey *btcec.PublicKey) (
 	ErrorEncrypter, lnwire.FailCode) {
 
-	onionObfuscator, err := sphinx.NewOnionErrorEncrypter(
-		p.router, ephemeralKey,
-	)
+	sharedSecret, err := p.router.GenerateSharedSecret(ephemeralKey, nil)
 	if err != nil {
 		switch err {
 		case sphinx.ErrInvalidOnionVersion:
@@ -926,6 +924,8 @@ func (p *OnionProcessor) ExtractErrorEncrypter(ephemeralKey *btcec.PublicKey) (
 		}
 	}
 
+	onionObfuscator := sphinx.NewOnionErrorEncrypter(sharedSecret, nil)
+
 	return &SphinxErrorEncrypter{
 		OnionErrorEncrypter: onionObfuscator,
 		EphemeralKey:        ephemeralKey,

htlcswitch/interceptable_switch.go

@@ -738,7 +738,9 @@ func (f *interceptedForward) ResumeModified(
 // Fail notifies the intention to Fail an existing hold forward with an
 // encrypted failure reason.
 func (f *interceptedForward) Fail(reason []byte) error {
-	obfuscatedReason, err := f.packet.obfuscator.IntermediateEncrypt(reason)
+	obfuscatedReason, _, err := f.packet.obfuscator.IntermediateEncrypt(
+		reason, nil,
+	)
 	if err != nil {
 		return err
 	}
@@ -807,7 +809,7 @@ func (f *interceptedForward) FailWithCode(code lnwire.FailCode) error {
 
 	// Encrypt the failure for the first hop. This node will be the origin
 	// of the failure.
-	reason, err := f.packet.obfuscator.EncryptFirstHop(failureMsg)
+	reason, _, err := f.packet.obfuscator.EncryptFirstHop(failureMsg)
 	if err != nil {
 		return fmt.Errorf("failed to encrypt failure reason %w", err)
 	}

htlcswitch/link.go

@@ -3532,7 +3532,7 @@ func (l *channelLink) sendHTLCError(add lnwire.UpdateAddHTLC,
 	sourceRef channeldb.AddRef, failure *LinkError,
 	e hop.ErrorEncrypter, isReceive bool) {
 
-	reason, err := e.EncryptFirstHop(failure.WireMessage())
+	reason, _, err := e.EncryptFirstHop(failure.WireMessage())
 	if err != nil {
 		l.log.Errorf("unable to obfuscate error: %v", err)
 		return
@@ -3634,7 +3634,7 @@ func (l *channelLink) sendIncomingHTLCFailureMsg(htlcIndex uint64,
 		failureMsg := lnwire.NewInvalidBlinding(
 			fn.None[[lnwire.OnionPacketSize]byte](),
 		)
-		reason, err := e.EncryptFirstHop(failureMsg)
+		reason, _, err := e.EncryptFirstHop(failureMsg)
 		if err != nil {
 			return err
 		}

htlcswitch/mailbox.go

@@ -721,7 +721,7 @@ func (m *memoryMailBox) FailAdd(pkt *htlcPacket) {
 		// If the packet is part of a forward, (identified by a non-nil
 		// obfuscator) we need to encrypt the error back to the source.
 		var err error
-		reason, err = pkt.obfuscator.EncryptFirstHop(failure)
+		reason, _, err = pkt.obfuscator.EncryptFirstHop(failure)
 		if err != nil {
 			log.Errorf("Unable to obfuscate error: %v", err)
 			return

htlcswitch/mock.go

@@ -421,30 +421,35 @@ func (o *mockObfuscator) Reextract(
 var fakeHmac = []byte("hmachmachmachmachmachmachmachmac")
 
 func (o *mockObfuscator) EncryptFirstHop(failure lnwire.FailureMessage) (
-	lnwire.OpaqueReason, error) {
+	lnwire.OpaqueReason, []byte, error) {
 
 	o.failure = failure
 
 	var b bytes.Buffer
 	b.Write(fakeHmac)
 
 	if err := lnwire.EncodeFailure(&b, failure, 0); err != nil {
-		return nil, err
+		return nil, nil, err
 	}
-	return b.Bytes(), nil
+
+	return b.Bytes(), nil, nil
 }
 
-func (o *mockObfuscator) IntermediateEncrypt(reason lnwire.OpaqueReason) (lnwire.OpaqueReason, error) {
-	return reason, nil
+func (o *mockObfuscator) IntermediateEncrypt(reason lnwire.OpaqueReason,
+	attrData []byte) (lnwire.OpaqueReason, []byte, error) {
+
+	return reason, nil, nil
 }
 
-func (o *mockObfuscator) EncryptMalformedError(reason lnwire.OpaqueReason) (lnwire.OpaqueReason, error) {
+func (o *mockObfuscator) EncryptMalformedError(
+	reason lnwire.OpaqueReason) (lnwire.OpaqueReason, []byte, error) {
+
 	var b bytes.Buffer
 	b.Write(fakeHmac)
 
 	b.Write(reason)
 
-	return b.Bytes(), nil
+	return b.Bytes(), nil, nil
 }
 
 // mockDeobfuscator mock implementation of the failure deobfuscator which
@@ -1139,8 +1144,8 @@ type mockOnionErrorDecryptor struct {
 	err       error
 }
 
-func (m *mockOnionErrorDecryptor) DecryptError(encryptedData []byte) (
-	*sphinx.DecryptedError, error) {
+func (m *mockOnionErrorDecryptor) DecryptError(encryptedData, _ []byte,
+	_ bool) (*sphinx.DecryptedError, error) {
 
 	return &sphinx.DecryptedError{
 		SenderIdx: m.sourceIdx,