mirror of
https://github.com/ACINQ/eclair.git
synced 2025-02-23 06:35:11 +01:00
59f6cdad4c
* Separate tlv decoding from content validation When decoding a tlv stream, we previously also validated the stream's content at decoding time. This was a layer violation, as checking that specific tlvs are present in a stream is not an encoding concern. This was somewhat fine when we only had very basic validation (presence or absence of specific tlvs), but blinded paths substantially changed that because one of the tlvs must be decrypted to yield another tlv stream that also needs to have its content validated. This forced us to have an overly complex trait hierarchy in PaymentOnion.scala and expose a blinding key in classes that shouldn't care about whether blinding is used or not. We now decouple that into two distinct steps: * codecs simply return tlv streams and verify that tlvs are correctly encoded * business logic case classes (such as ChannelRelayPayload) should be instantiated with a new `validate` method that takes tlv streams and verifies mandatory/forbidden tlvs This lets us greatly simplify the trait hierarchy and deal with case class that only contain fully decrypted and valid data. * Improve tests There was redundancy in the wrong places: route blinding codec tests were testing route blinding decryption and were missing content validation. We also change the behavior of the route blinding decode method to return the blinding override when present, instead of letting higher level components duplicate that logic. * Use hierarchical namespaces As suggested by @pm47 * Small PR comments * Remove confusing comment |
||
|---|---|---|
| .. | ||
| modules | ||
| src | ||
| pom.xml | ||