Merge pull request #962 from jjyr/ensure-add-tlc-expiry-is-large-than-final_tlc_minimum_expiry_delta

quake · web-flow · commit 4810d958d006 · 2025-11-27T20:40:56.000+09:00
Ensure add tlc expiry is large than final tlc minimum expiry delta
diff --git a/crates/fiber-lib/src/fiber/channel.rs b/crates/fiber-lib/src/fiber/channel.rs
@@ -952,7 +952,8 @@ where
                             Some(invoice_expiry) => u64::try_from(
                                 invoice_expiry
                                     .as_millis()
-                                    .saturating_add(invoice.data.timestamp),
+                                    .saturating_add(invoice.data.timestamp)
+                                    .min(tlc.expiry.into()),
                             )
                             .unwrap_or(u64::MAX),
                             None => tlc.expiry,
@@ -1098,6 +1099,11 @@ where
                 if !matches!(invoice_status, CkbInvoiceStatus::Open) {
                     return Err(ProcessingChannelError::FinalInvoiceInvalid(invoice_status));
                 }
+
+                // ensure tlc expiry is large than the now + final_tlc_minimum_expiry_delta
+                if invoice.is_tlc_expire_too_soon(add_tlc.expiry) {
+                    return Err(ProcessingChannelError::IncorrectFinalTlcExpiry);
+                }
             }
 
             let Some(tlc) = state.tlc_state.get_mut(&add_tlc.tlc_id) else {
diff --git a/crates/fiber-lib/src/invoice/invoice_impl.rs b/crates/fiber-lib/src/invoice/invoice_impl.rs
@@ -113,7 +113,7 @@ pub struct CkbScript(#[serde_as(as = "EntityHex")] pub Script);
 #[serde(rename_all = "snake_case")]
 pub enum Attribute {
     #[serde(with = "U64Hex")]
-    /// The final tlc minimum expiry delta, in milliseconds, default is 1 day
+    /// The final tlc minimum expiry delta, in milliseconds, default is 160 minutes
     FinalHtlcMinimumExpiryDelta(u64),
     #[serde(with = "duration_hex")]
     /// The expiry time of the invoice, in seconds
@@ -297,6 +297,19 @@ impl CkbInvoice {
         })
     }
 
+    pub fn is_tlc_expire_too_soon(&self, tlc_expiry: u64) -> bool {
+        let now = UNIX_EPOCH
+            .elapsed()
+            .expect("Duration since unix epoch")
+            .as_millis();
+        let required_expiry = now
+            + (self
+                .final_tlc_minimum_expiry_delta()
+                .cloned()
+                .unwrap_or_default() as u128);
+        (tlc_expiry as u128) < required_expiry
+    }
+
     /// Check that the invoice is signed correctly and that key recovery works
     pub fn check_signature(&self) -> Result<(), InvoiceError> {
         if self.signature.is_none() {
diff --git a/crates/fiber-lib/src/rpc/invoice.rs b/crates/fiber-lib/src/rpc/invoice.rs
@@ -411,21 +411,22 @@ where
                 invoice_builder = invoice_builder.payment_secret(payment_secret.into());
             }
         };
-        if let Some(final_expiry_delta) = params.final_expiry_delta {
-            if final_expiry_delta < MIN_TLC_EXPIRY_DELTA {
-                return error(&format!(
-                    "final_expiry_delta must be greater than or equal to {}",
-                    MIN_TLC_EXPIRY_DELTA
-                ));
-            }
-            if final_expiry_delta > MAX_PAYMENT_TLC_EXPIRY_LIMIT {
-                return error(&format!(
-                    "final_expiry_delta must be less than or equal to {}",
-                    MAX_PAYMENT_TLC_EXPIRY_LIMIT
-                ));
-            }
-            invoice_builder = invoice_builder.final_expiry_delta(final_expiry_delta);
-        };
+
+        let final_expiry_delta = params.final_expiry_delta.unwrap_or(MIN_TLC_EXPIRY_DELTA);
+        if final_expiry_delta < MIN_TLC_EXPIRY_DELTA {
+            return error(&format!(
+                "final_expiry_delta must be greater than or equal to {}",
+                MIN_TLC_EXPIRY_DELTA
+            ));
+        }
+        if final_expiry_delta > MAX_PAYMENT_TLC_EXPIRY_LIMIT {
+            return error(&format!(
+                "final_expiry_delta must be less than or equal to {}",
+                MAX_PAYMENT_TLC_EXPIRY_LIMIT
+            ));
+        }
+        invoice_builder = invoice_builder.final_expiry_delta(final_expiry_delta);
+
         if let Some(udt_type_script) = &params.udt_type_script {
             invoice_builder = invoice_builder.udt_type_script(udt_type_script.clone().into());
         };
