f only skip double-validation if peers remain the same

Author: TheBlueMatt

lightning/src/routing/gossip.rs

@@ -1440,10 +1440,21 @@ impl<L: Deref> NetworkGraph<L> where L::Target: Logger {
 				if chan.capacity_sats.is_some() {
 					// If we'd previously looked up the channel on-chain and checked the script
 					// against what appears on-chain, ignore the duplicate announcement.
-					return Err(LightningError {
-						err: "Already have chain-validated channel".to_owned(),
-						action: ErrorAction::IgnoreDuplicateGossip
-					});
+					//
+					// Because a reorg could replace one channel with another at the same SCID, if
+					// the channel appears to be different, we re-validate. This doesn't expose us
+					// to any more DoS risk than not, as a peer can always flood us with
+					// randomly-generated SCID values anyway.
+					//
+					// We use the Node IDs rather than the bitcoin_keys to check for "equivalence"
+					// as we didn't (necessarily) store the bitcoin keys, and we only really care
+					// if the peers on the channel changed anyway.
+					if NodeId::from_pubkey(&msg.node_id_1) == chan.node_one && NodeId::from_pubkey(&msg.node_id_2) == chan.node_two {
+						return Err(LightningError {
+							err: "Already have chain-validated channel".to_owned(),
+							action: ErrorAction::IgnoreDuplicateGossip
+						});
+					}
 				} else if chain_access.is_none() {
 					// Similarly, if we can't check the chain right now anyway, ignore the
 					// duplicate announcement without bothering to take the channels write lock.