Consider trampoline hops for onion payload.

Author: arik-so

lightning/src/ln/blinded_payment_tests.rs

@@ -299,7 +299,7 @@ fn do_forward_checks_failure(check: ForwardCheckFail, intro_fails: bool) {
 					let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 					let cur_height = nodes[0].best_block_info().1;
 					let (mut onion_payloads, ..) = onion_utils::build_onion_payloads(
-						&route.paths[0], amt_msat, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+						&route.paths[0], amt_msat, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 					// Remove the receive payload so the blinded forward payload is encoded as a final payload
 					// (i.e. next_hop_hmac == [0; 32])
 					onion_payloads.pop();
@@ -873,7 +873,7 @@ fn do_multi_hop_receiver_fail(check: ReceiveCheckFail) {
 			let mut onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 			let cur_height = nodes[0].best_block_info().1;
 			let (mut onion_payloads, ..) = onion_utils::build_onion_payloads(
-				&route.paths[0], amt_msat, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+				&route.paths[0], amt_msat, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 
 			let update_add = &mut payment_event_1_2.msgs[0];
 			onion_payloads.last_mut().map(|p| {

lightning/src/ln/functional_tests.rs

@@ -1405,7 +1405,7 @@ fn test_fee_spike_violation_fails_htlc() {
 
 	let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route.paths[0], &session_priv).unwrap();
 	let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route.paths[0],
-		3460001, RecipientOnionFields::secret_only(payment_secret), cur_height, &None).unwrap();
+		3460001, RecipientOnionFields::secret_only(payment_secret).into(), cur_height, &None).unwrap();
 	let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash).unwrap();
 	let msg = msgs::UpdateAddHTLC {
 		channel_id: chan.2,
@@ -1602,7 +1602,7 @@ fn test_chan_reserve_violation_inbound_htlc_outbound_channel() {
 	let cur_height = nodes[1].node.best_block.read().unwrap().height + 1;
 	let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route.paths[0], &session_priv).unwrap();
 	let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(&route.paths[0],
-		700_000, RecipientOnionFields::secret_only(payment_secret), cur_height, &None).unwrap();
+		700_000, RecipientOnionFields::secret_only(payment_secret).into(), cur_height, &None).unwrap();
 	let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash).unwrap();
 	let msg = msgs::UpdateAddHTLC {
 		channel_id: chan.2,
@@ -1781,7 +1781,7 @@ fn test_chan_reserve_violation_inbound_htlc_inbound_chan() {
 	let cur_height = nodes[0].node.best_block.read().unwrap().height + 1;
 	let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route_2.paths[0], &session_priv).unwrap();
 	let (onion_payloads, htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(
-		&route_2.paths[0], recv_value_2, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+		&route_2.paths[0], recv_value_2, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 	let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash_1).unwrap();
 	let msg = msgs::UpdateAddHTLC {
 		channel_id: chan.2,
@@ -3505,7 +3505,7 @@ fn fail_backward_pending_htlc_upon_channel_failure() {
 		let session_priv = SecretKey::from_slice(&[42; 32]).unwrap();
 		let current_height = nodes[1].node.best_block.read().unwrap().height + 1;
 		let (onion_payloads, _amount_msat, cltv_expiry) = onion_utils::build_onion_payloads(
-			&route.paths[0], 50_000, RecipientOnionFields::secret_only(payment_secret), current_height, &None).unwrap();
+			&route.paths[0], 50_000, RecipientOnionFields::secret_only(payment_secret).into(), current_height, &None).unwrap();
 		let onion_keys = onion_utils::construct_onion_keys(&secp_ctx, &route.paths[0], &session_priv).unwrap();
 		let onion_routing_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash).unwrap();
 
@@ -6491,7 +6491,7 @@ fn test_update_add_htlc_bolt2_receiver_check_max_htlc_limit() {
 	let cur_height = nodes[0].node.best_block.read().unwrap().height + 1;
 	let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::signing_only(), &route.paths[0], &session_priv).unwrap();
 	let (onion_payloads, _htlc_msat, htlc_cltv) = onion_utils::build_onion_payloads(
-		&route.paths[0], send_amt, RecipientOnionFields::secret_only(our_payment_secret), cur_height, &None).unwrap();
+		&route.paths[0], send_amt, RecipientOnionFields::secret_only(our_payment_secret).into(), cur_height, &None).unwrap();
 	let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &our_payment_hash).unwrap();
 
 	let mut msg = msgs::UpdateAddHTLC {
@@ -8223,7 +8223,7 @@ fn test_onion_value_mpp_set_calculation() {
 			let session_priv = SecretKey::from_slice(&session_priv).unwrap();
 			let mut onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 			let (mut onion_payloads, _, _) = onion_utils::build_onion_payloads(&route.paths[0], 100_000,
-				RecipientOnionFields::secret_only(our_payment_secret), height + 1, &None).unwrap();
+				RecipientOnionFields::secret_only(our_payment_secret).into(), height + 1, &None).unwrap();
 			// Edit amt_to_forward to simulate the sender having set
 			// the final amount and the routing node taking less fee
 			if let msgs::OutboundOnionPayload::Receive {

lightning/src/ln/onion_payment.rs

@@ -531,7 +531,7 @@ mod tests {
 		let path = Path { hops, trampoline_hops: vec![], blinded_tail: None, };
 		let onion_keys = super::onion_utils::construct_onion_keys(&secp_ctx, &path, &session_priv).unwrap();
 		let (onion_payloads, ..) = super::onion_utils::build_onion_payloads(
-			&path, total_amt_msat, recipient_onion, cur_height + 1, &Some(keysend_preimage)
+			&path, total_amt_msat, recipient_onion.into(), cur_height + 1, &Some(keysend_preimage)
 		).unwrap();
 
 		assert!(super::onion_utils::construct_onion_packet(

lightning/src/ln/onion_route_tests.rs

@@ -358,7 +358,7 @@ fn test_onion_failure() {
 		let cur_height = nodes[0].best_block_info().1 + 1;
 		let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 		let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(
-			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 		let mut new_payloads = Vec::new();
 		for payload in onion_payloads.drain(..) {
 			new_payloads.push(BogusOnionHopData::new(payload));
@@ -376,7 +376,7 @@ fn test_onion_failure() {
 		let cur_height = nodes[0].best_block_info().1 + 1;
 		let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 		let (mut onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(
-			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 		let mut new_payloads = Vec::new();
 		for payload in onion_payloads.drain(..) {
 			new_payloads.push(BogusOnionHopData::new(payload));
@@ -613,7 +613,7 @@ fn test_onion_failure() {
 		route.paths[0].hops[1].cltv_expiry_delta += CLTV_FAR_FAR_AWAY + route.paths[0].hops[0].cltv_expiry_delta + 1;
 		let onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 		let (onion_payloads, _, htlc_cltv) = onion_utils::build_onion_payloads(
-			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty(), height, &None).unwrap();
+			&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty().into(), height, &None).unwrap();
 		let onion_packet = onion_utils::construct_onion_packet(onion_payloads, onion_keys, [0; 32], &payment_hash).unwrap();
 		msg.cltv_expiry = htlc_cltv;
 		msg.onion_routing_packet = onion_packet;
@@ -949,7 +949,7 @@ fn test_always_create_tlv_format_onion_payloads() {
 
 	let cur_height = nodes[0].best_block_info().1 + 1;
 	let (onion_payloads, _htlc_msat, _htlc_cltv) = onion_utils::build_onion_payloads(
-		&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty(), cur_height, &None).unwrap();
+		&route.paths[0], 40000, RecipientOnionFields::spontaneous_empty().into(), cur_height, &None).unwrap();
 
 	match onion_payloads[0] {
 		msgs::OutboundOnionPayload::Forward {..} => {},
@@ -1323,7 +1323,7 @@ fn test_phantom_invalid_onion_payload() {
 					let mut onion_keys = onion_utils::construct_onion_keys(&Secp256k1::new(), &route.paths[0], &session_priv).unwrap();
 					let (mut onion_payloads, _, _) = onion_utils::build_onion_payloads(
 						&route.paths[0], msgs::MAX_VALUE_MSAT + 1,
-						RecipientOnionFields::secret_only(payment_secret), height + 1, &None).unwrap();
+						RecipientOnionFields::secret_only(payment_secret).into(), height + 1, &None).unwrap();
 					// We only want to construct the onion packet for the last hop, not the entire route, so
 					// remove the first hop's payload and its keys.
 					onion_keys.remove(0);

lightning/src/ln/onion_utils.rs

@@ -269,17 +269,24 @@ pub(super) fn construct_trampoline_keys<T: secp256k1::Signing>(
 
 /// returns the hop data, as well as the first-hop value_msat and CLTV value we should send.
 pub(super) fn build_onion_payloads(
-	path: &Path, total_msat: u64, mut recipient_onion: RecipientOnionFields,
-	starting_htlc_offset: u32, keysend_preimage: &Option<PaymentPreimage>,
+	path: &Path, total_msat: u64, mut recipient_onion: RecipientOnion, starting_htlc_offset: u32,
+	keysend_preimage: &Option<PaymentPreimage>,
 ) -> Result<(Vec<msgs::OutboundOnionPayload>, u64, u32), APIError> {
 	let mut cur_value_msat = 0u64;
 	let mut cur_cltv = starting_htlc_offset;
 	let mut last_short_channel_id = 0;
-	let mut res: Vec<msgs::OutboundOnionPayload> = Vec::with_capacity(
-		path.hops.len() + path.blinded_tail.as_ref().map_or(0, |t| t.hops.len()),
-	);
 
-	for (idx, hop) in path.hops.iter().rev().enumerate() {
+	let blinded_path_length =
+		if let (RecipientOnion::Final(_), Some(tail)) = (&recipient_onion, &path.blinded_tail) {
+			// the blinded path is only applicable if the outer onion isn't wrapping a Trampoline onion
+			tail.hops.len()
+		} else {
+			0
+		};
+	let mut res: Vec<msgs::OutboundOnionPayload> =
+		Vec::with_capacity(path.hops.len() + blinded_path_length);
+
+	if let Some(hop) = path.hops.last() {
 		// First hop gets special values so that it can check, on receipt, that everything is
 		// exactly as it should be (and the next hop isn't trying to probe to find out if we're
 		// the intended recipient).
@@ -289,55 +296,89 @@ pub(super) fn build_onion_payloads(
 		} else {
 			cur_cltv
 		};
-		if idx == 0 {
-			if let Some(BlindedTail {
-				blinding_point,
-				hops,
-				final_value_msat,
-				excess_final_cltv_expiry_delta,
-				..
-			}) = &path.blinded_tail
-			{
-				let mut blinding_point = Some(*blinding_point);
-				for (i, blinded_hop) in hops.iter().enumerate() {
-					if i == hops.len() - 1 {
-						cur_value_msat += final_value_msat;
-						res.push(msgs::OutboundOnionPayload::BlindedReceive {
-							sender_intended_htlc_amt_msat: *final_value_msat,
-							total_msat,
-							cltv_expiry_height: cur_cltv + excess_final_cltv_expiry_delta,
-							encrypted_tlvs: blinded_hop.encrypted_payload.clone(),
-							intro_node_blinding_point: blinding_point.take(),
-						});
-					} else {
-						res.push(msgs::OutboundOnionPayload::BlindedForward {
-							encrypted_tlvs: blinded_hop.encrypted_payload.clone(),
-							intro_node_blinding_point: blinding_point.take(),
-						});
+
+		match recipient_onion {
+			RecipientOnion::TrampolineEntry(mut trampoline_entry_fields) => {
+				res.push(msgs::OutboundOnionPayload::TrampolineEntrypoint {
+					amt_to_forward: value_msat,
+					outgoing_cltv_value: cltv,
+					multipath_trampoline_data: None,
+					trampoline_packet: trampoline_entry_fields.trampoline_packet,
+				});
+			},
+			RecipientOnion::Final(mut recipient_onion_fields) => {
+				if let Some(BlindedTail {
+					blinding_point,
+					hops,
+					final_value_msat,
+					excess_final_cltv_expiry_delta,
+					..
+				}) = &path.blinded_tail
+				{
+					let mut blinding_point = Some(*blinding_point);
+					for (i, blinded_hop) in hops.iter().enumerate() {
+						if i == hops.len() - 1 {
+							cur_value_msat += final_value_msat;
+							res.push(msgs::OutboundOnionPayload::BlindedReceive {
+								sender_intended_htlc_amt_msat: *final_value_msat,
+								total_msat,
+								cltv_expiry_height: cur_cltv + excess_final_cltv_expiry_delta,
+								encrypted_tlvs: blinded_hop.encrypted_payload.clone(),
+								intro_node_blinding_point: blinding_point.take(),
+							});
+						} else {
+							res.push(msgs::OutboundOnionPayload::BlindedForward {
+								encrypted_tlvs: blinded_hop.encrypted_payload.clone(),
+								intro_node_blinding_point: blinding_point.take(),
+							});
+						}
 					}
+				} else {
+					res.push(msgs::OutboundOnionPayload::Receive {
+						payment_data: if let Some(secret) =
+							recipient_onion_fields.payment_secret.take()
+						{
+							Some(msgs::FinalOnionHopData { payment_secret: secret, total_msat })
+						} else {
+							None
+						},
+						payment_metadata: recipient_onion_fields.payment_metadata.take(),
+						keysend_preimage: *keysend_preimage,
+						custom_tlvs: recipient_onion_fields.custom_tlvs.clone(),
+						sender_intended_htlc_amt_msat: value_msat,
+						cltv_expiry_height: cltv,
+					});
 				}
-			} else {
-				res.push(msgs::OutboundOnionPayload::Receive {
-					payment_data: if let Some(secret) = recipient_onion.payment_secret.take() {
-						Some(msgs::FinalOnionHopData { payment_secret: secret, total_msat })
-					} else {
-						None
-					},
-					payment_metadata: recipient_onion.payment_metadata.take(),
-					keysend_preimage: *keysend_preimage,
-					custom_tlvs: recipient_onion.custom_tlvs.clone(),
-					sender_intended_htlc_amt_msat: value_msat,
-					cltv_expiry_height: cltv,
-				});
-			}
-		} else {
-			let payload = msgs::OutboundOnionPayload::Forward {
-				short_channel_id: last_short_channel_id,
-				amt_to_forward: value_msat,
-				outgoing_cltv_value: cltv,
-			};
-			res.insert(0, payload);
+			},
+		}
+
+		cur_value_msat += hop.fee_msat;
+		if cur_value_msat >= 21000000 * 100000000 * 1000 {
+			return Err(APIError::InvalidRoute { err: "Channel fees overflowed?".to_owned() });
+		}
+		cur_cltv += hop.cltv_expiry_delta as u32;
+		if cur_cltv >= 500000000 {
+			return Err(APIError::InvalidRoute { err: "Channel CLTV overflowed?".to_owned() });
 		}
+		last_short_channel_id = hop.short_channel_id;
+	}
+
+	for hop in path.hops.iter().rev().skip(1) {
+		// First hop gets special values so that it can check, on receipt, that everything is
+		// exactly as it should be (and the next hop isn't trying to probe to find out if we're
+		// the intended recipient).
+		let value_msat = if cur_value_msat == 0 { hop.fee_msat } else { cur_value_msat };
+		let cltv = if cur_cltv == starting_htlc_offset {
+			hop.cltv_expiry_delta + starting_htlc_offset
+		} else {
+			cur_cltv
+		};
+		let payload = msgs::OutboundOnionPayload::Forward {
+			short_channel_id: last_short_channel_id,
+			amt_to_forward: value_msat,
+			outgoing_cltv_value: cltv,
+		};
+		res.insert(0, payload);
 		cur_value_msat += hop.fee_msat;
 		if cur_value_msat >= 21000000 * 100000000 * 1000 {
 			return Err(APIError::InvalidRoute { err: "Channel fees overflowed?".to_owned() });
@@ -1265,7 +1306,7 @@ pub fn create_payment_onion<T: secp256k1::Signing>(
 	let (onion_payloads, htlc_msat, htlc_cltv) = build_onion_payloads(
 		&path,
 		total_msat,
-		recipient_onion,
+		recipient_onion.into(),
 		cur_block_height,
 		keysend_preimage,
 	)?;