Correctly fail back blinded HTLCs on initial forwarding check fail

valentinewallace · valentinewallace · commit 0bc4aa975ddb · 2023-09-06T14:17:24.000-04:00
diff --git a/lightning/src/ln/blinded_payment_tests.rs b/lightning/src/ln/blinded_payment_tests.rs
@@ -689,3 +689,115 @@ fn fail_blinded_payment() {
 			_ => panic!("Unexpected event"),
 	}
 }
+
+#[test]
+fn outbound_checks_failure() {
+	do_outbound_checks_failure(true);
+	do_outbound_checks_failure(false);
+}
+
+fn do_outbound_checks_failure(intro_node_fails: bool) {
+	// Ensure we'll fail backwards properly if a forwarding check fails on initial update_add
+	// receipt.
+	let chanmon_cfgs = create_chanmon_cfgs(4);
+	let node_cfgs = create_node_cfgs(4, &chanmon_cfgs);
+	let node_chanmgrs = create_node_chanmgrs(4, &node_cfgs, &[None, None, None, None]);
+	let nodes = create_network(4, &node_cfgs, &node_chanmgrs);
+	create_announced_chan_between_nodes_with_value(&nodes, 0, 1, 1_000_000, 0);
+	let chan_upd_1_2 = create_announced_chan_between_nodes_with_value(&nodes, 1, 2, 1_000_000, 0).0.contents;
+	let chan_upd_2_3 = create_announced_chan_between_nodes_with_value(&nodes, 2, 3, 1_000_000, 0).0.contents;
+
+	let amt_msat = 5000;
+	let (_, payment_hash, payment_secret) = get_payment_preimage_hash(&nodes[3], Some(amt_msat), None);
+	let intermediate_nodes = vec![(nodes[1].node.get_our_node_id(), ForwardTlvs {
+		short_channel_id: chan_upd_1_2.short_channel_id,
+		payment_relay: PaymentRelay {
+			cltv_expiry_delta: chan_upd_1_2.cltv_expiry_delta,
+			fee_proportional_millionths: chan_upd_1_2.fee_proportional_millionths,
+			fee_base_msat: chan_upd_1_2.fee_base_msat,
+		},
+		payment_constraints: PaymentConstraints {
+			max_cltv_expiry: u32::max_value(),
+			htlc_minimum_msat: chan_upd_1_2.htlc_minimum_msat,
+		},
+		features: BlindedHopFeatures::empty(),
+	}), (nodes[2].node.get_our_node_id(), ForwardTlvs {
+		short_channel_id: chan_upd_2_3.short_channel_id,
+		payment_relay: PaymentRelay {
+			cltv_expiry_delta: chan_upd_2_3.cltv_expiry_delta,
+			fee_proportional_millionths: chan_upd_2_3.fee_proportional_millionths,
+			fee_base_msat: chan_upd_2_3.fee_base_msat,
+		},
+		payment_constraints: PaymentConstraints {
+			max_cltv_expiry: u32::max_value(),
+			htlc_minimum_msat: chan_upd_2_3.htlc_minimum_msat,
+		},
+		features: BlindedHopFeatures::empty(),
+	})];
+	let payee_tlvs = ReceiveTlvs {
+		payment_secret,
+		payment_constraints: PaymentConstraints {
+			max_cltv_expiry: u32::max_value(),
+			htlc_minimum_msat: chan_upd_2_3.htlc_minimum_msat,
+		},
+	};
+	let mut secp_ctx = Secp256k1::new();
+	let blinded_path = BlindedPath::new_for_payment(
+		&intermediate_nodes[..], nodes[3].node.get_our_node_id(), payee_tlvs,
+		chan_upd_2_3.htlc_maximum_msat, &chanmon_cfgs[3].keys_manager, &secp_ctx
+	).unwrap();
+
+	let route_params = RouteParameters {
+		payment_params: PaymentParameters::blinded(vec![blinded_path]),
+		final_value_msat: amt_msat
+	};
+	nodes[0].node.send_payment(payment_hash, RecipientOnionFields::spontaneous_empty(),
+	PaymentId(payment_hash.0), route_params, Retry::Attempts(0)).unwrap();
+	check_added_monitors(&nodes[0], 1);
+
+	let mut events = nodes[0].node.get_and_clear_pending_msg_events();
+	assert_eq!(events.len(), 1);
+	let ev = remove_first_msg_event_to_node(&nodes[1].node.get_our_node_id(), &mut events);
+	let payment_event = SendEvent::from_event(ev);
+
+	if intro_node_fails {
+		// The intro node will see that the next-hop peer is disconnected and fail the HTLC backwards.
+		nodes[1].node.peer_disconnected(&nodes[2].node.get_our_node_id());
+	}
+	nodes[1].node.handle_update_add_htlc(&nodes[0].node.get_our_node_id(), &payment_event.msgs[0]);
+	check_added_monitors!(nodes[1], 0);
+	do_commitment_signed_dance(&nodes[1], &nodes[0], &payment_event.commitment_msg, true, true);
+
+	if intro_node_fails {
+		let mut updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+		nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fail_htlcs[0]);
+		do_commitment_signed_dance(&nodes[0], &nodes[1], &updates.commitment_signed, false, false);
+		expect_payment_failed_conditions(&nodes[0], payment_hash, false,
+			PaymentFailedConditions::new().expected_htlc_error_data(INVALID_ONION_BLINDING, &[0; 32]));
+		return
+	}
+
+	expect_pending_htlcs_forwardable!(nodes[1]);
+	check_added_monitors!(nodes[1], 1);
+	let mut events = nodes[1].node.get_and_clear_pending_msg_events();
+	assert_eq!(events.len(), 1);
+	let ev = remove_first_msg_event_to_node(&nodes[2].node.get_our_node_id(), &mut events);
+	let payment_event = SendEvent::from_event(ev);
+
+	nodes[2].node.peer_disconnected(&nodes[3].node.get_our_node_id());
+	nodes[2].node.handle_update_add_htlc(&nodes[1].node.get_our_node_id(), &payment_event.msgs[0]);
+	check_added_monitors!(nodes[2], 0);
+	do_commitment_signed_dance(&nodes[2], &nodes[1], &payment_event.commitment_msg, true, true);
+
+	let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
+	assert_eq!(updates.update_fail_malformed_htlcs[0].failure_code, INVALID_ONION_BLINDING);
+	assert_eq!(updates.update_fail_malformed_htlcs[0].sha256_of_onion, [0; 32]);
+	nodes[1].node.handle_update_fail_malformed_htlc(&nodes[2].node.get_our_node_id(), &updates.update_fail_malformed_htlcs[0]);
+	do_commitment_signed_dance(&nodes[1], &nodes[2], &updates.commitment_signed, true, false);
+
+	let mut updates = get_htlc_update_msgs!(nodes[1], nodes[0].node.get_our_node_id());
+	nodes[0].node.handle_update_fail_htlc(&nodes[1].node.get_our_node_id(), &updates.update_fail_htlcs[0]);
+	do_commitment_signed_dance(&nodes[0], &nodes[1], &updates.commitment_signed, false, false);
+	expect_payment_failed_conditions(&nodes[0], payment_hash, false,
+		PaymentFailedConditions::new().expected_htlc_error_data(INVALID_ONION_BLINDING, &[0; 32]));
+}
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -3007,15 +3007,17 @@ where
 				return_err!(err_msg, err_code, &[0; 0]);
 			},
 		};
-		let (outgoing_scid, outgoing_amt_msat, outgoing_cltv_value, next_packet_pk_opt) = match next_hop {
+		let (outgoing_scid, outgoing_amt_msat, outgoing_cltv_value, next_packet_pk_opt, blinded)
+			= match next_hop
+		{
 			onion_utils::Hop::Forward {
 				next_hop_data: msgs::InboundOnionPayload::Forward {
 					short_channel_id, amt_to_forward, outgoing_cltv_value
 				}, ..
 			} => {
 				let next_packet_pk = onion_utils::next_hop_pubkey(&self.secp_ctx,
 					msg.onion_routing_packet.public_key.unwrap(), &shared_secret);
-				(short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_packet_pk))
+				(short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_packet_pk), false)
 			},
 			onion_utils::Hop::Forward {
 				next_hop_data: msgs::InboundOnionPayload::BlindedForward {
@@ -3043,7 +3045,7 @@ where
 				}
 				let next_packet_pk = onion_utils::next_hop_pubkey(&self.secp_ctx,
 					msg.onion_routing_packet.public_key.unwrap(), &shared_secret);
-				(short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_packet_pk))
+				(short_channel_id, amt_to_forward, outgoing_cltv_value, Some(next_packet_pk), true)
 			},
 			// We'll do receive checks in [`Self::construct_pending_htlc_info`] so we have access to the
 			// inbound channel's state.
@@ -3167,6 +3169,7 @@ where
 			break None;
 		}
 		{
+			if blinded { return_blinded_htlc_err!(err); }
 			let mut res = VecWriter(Vec::with_capacity(chan_update.serialized_length() + 2 + 8 + 2));
 			if let Some(chan_update) = chan_update {
 				if code == 0x1000 | 11 || code == 0x1000 | 12 {
