Add send_probe and introduce probing cookies

When we send payment probes, we generate the [`PaymentHash`] based on a
probing cookie secret and a random [`PaymentId`]. This allows us to
discern probes from real payments, without keeping additional state.

Author: tnull

lightning/src/ln/channelmanager.rs

@@ -749,6 +749,11 @@ pub struct ChannelManager<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref,
 	/// [fake scids]: crate::util::scid_utils::fake_scid
 	fake_scid_rand_bytes: [u8; 32],
 
+	/// When we send payment probes, we generate the [`PaymentHash`] based on this cookie secret
+	/// and a random [`PaymentId`]. This allows us to discern probes from real payments, without
+	/// keeping additional state.
+	probing_cookie_secret: [u8; 32],
+
 	/// Used to track the last value sent in a node_announcement "timestamp" field. We ensure this
 	/// value increases strictly since we don't assume access to a time source.
 	last_node_announcement_serial: AtomicUsize,
@@ -1605,6 +1610,8 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 			inbound_payment_key: expanded_inbound_key,
 			fake_scid_rand_bytes: keys_manager.get_secure_random_bytes(),
 
+			probing_cookie_secret: keys_manager.get_secure_random_bytes(),
+
 			last_node_announcement_serial: AtomicUsize::new(0),
 			highest_seen_timestamp: AtomicUsize::new(0),
 
@@ -2722,6 +2729,49 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 		}
 	}
 
+	/// Send a payment that is probing the given route for liquidity. We calculate the
+	/// [`PaymentHash`] of probes based on a static secret and a random [`PaymentId`], which allows
+	/// us to easily discern them from real payments. This can be checked by calling
+	/// [`payment_is_probe`].
+	///
+	/// [`payment_is_probe`]: Self::payment_is_probe
+	pub fn send_probe_payment(&self, route: &Route) -> Result<(PaymentHash, PaymentId), PaymentSendFailure> {
+		let payment_id = PaymentId(self.keys_manager.get_secure_random_bytes());
+
+		let mut preimage = [0u8; 32];
+		preimage[..16].copy_from_slice(&self.probing_cookie_secret[..16]);
+		preimage[16..].copy_from_slice(&payment_id.0[..16]);
+
+		let payment_hash = PaymentHash(Sha256::hash(&preimage).into_inner());
+
+		if let Some(params) = &route.payment_params {
+			if params.max_path_count != 1 {
+				return Err(PaymentSendFailure::ParameterError(APIError::APIMisuseError {
+					err: "Probe payments need to be sent over a single path".to_string()
+				}))
+			}
+		} else {
+			return Err(PaymentSendFailure::ParameterError(APIError::APIMisuseError {
+				err: "No parameters provided".to_string()
+			}))
+		}
+		
+		match self.send_payment_internal(route, payment_hash, &None, None, Some(payment_id), None) {
+			Ok(payment_id) => Ok((payment_hash, payment_id)),
+			Err(e) => Err(e)
+		}
+	}
+
+	/// Returns whether a payment with the given [`PaymentHash`] and [`PaymentId`] is, in fact, a
+	/// payment probe.
+	pub fn payment_is_probe(&self, payment_hash: PaymentHash, payment_id: PaymentId) -> bool {
+		let mut preimage = [0u8; 32];
+		preimage[..16].copy_from_slice(&self.probing_cookie_secret[..16]);
+		preimage[16..].copy_from_slice(&payment_id.0[..16]);
+		let target_payment_hash = PaymentHash(Sha256::hash(&preimage).into_inner());
+		target_payment_hash == payment_hash
+	}
+
 	/// Handles the generation of a funding transaction, optionally (for tests) with a function
 	/// which checks the correctness of the funding transaction given the associated channel.
 	fn funding_transaction_generated_intern<FundingOutput: Fn(&Channel<Signer>, &Transaction) -> Result<OutPoint, APIError>>(
@@ -6623,6 +6673,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> Writeable f
 			(5, self.our_network_pubkey, required),
 			(7, self.fake_scid_rand_bytes, required),
 			(9, htlc_purposes, vec_type),
+			(11, self.probing_cookie_secret, required),
 		});
 
 		Ok(())
@@ -6919,18 +6970,24 @@ impl<'a, Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref>
 		let mut pending_outbound_payments = None;
 		let mut received_network_pubkey: Option<PublicKey> = None;
 		let mut fake_scid_rand_bytes: Option<[u8; 32]> = None;
+		let mut probing_cookie_secret: Option<[u8; 32]> = None;
 		let mut claimable_htlc_purposes = None;
 		read_tlv_fields!(reader, {
 			(1, pending_outbound_payments_no_retry, option),
 			(3, pending_outbound_payments, option),
 			(5, received_network_pubkey, option),
 			(7, fake_scid_rand_bytes, option),
 			(9, claimable_htlc_purposes, vec_type),
+			(11, probing_cookie_secret, option),
 		});
 		if fake_scid_rand_bytes.is_none() {
 			fake_scid_rand_bytes = Some(args.keys_manager.get_secure_random_bytes());
 		}
 
+		if probing_cookie_secret.is_none() {
+			probing_cookie_secret = Some(args.keys_manager.get_secure_random_bytes());
+		}
+
 		if pending_outbound_payments.is_none() && pending_outbound_payments_no_retry.is_none() {
 			pending_outbound_payments = Some(pending_outbound_payments_compat);
 		} else if pending_outbound_payments.is_none() {
@@ -7136,6 +7193,8 @@ impl<'a, Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref>
 			outbound_scid_aliases: Mutex::new(outbound_scid_aliases),
 			fake_scid_rand_bytes: fake_scid_rand_bytes.unwrap(),
 
+			probing_cookie_secret: probing_cookie_secret.unwrap(),
+
 			our_network_key,
 			our_network_pubkey,
 			secp_ctx,