mirrors/lightning-bolts
1
0
Fork 0
mirror of https://github.com/lightning/bolts.git synced 2024-11-19 01:50:03 +01:00
Code Issues Projects Releases Wiki Activity
1,073 Commits 18 Branches 1 Tag 16 MiB
master
Commit Graph

1073 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rusty Russell
aad959a297 tools: remove option handling now last optional field was removed. 
6fee63fc34 made `htlc_maximum_msat`
compulsory, which was the last "optional" field.  All future options
will be TLVs, so we never need to parse the "] (optionxxx)" format
for fields again.

We allow options for messages, but only for documentation (we have
some messages which are only for `gossip_queries`), so we don't
put it in the output.

Here's the before/after diff of the output for all the spec files:

```diff
--- /tmp/before	2023-04-27 14:21:07.417170213 +0930
+++ /tmp/after	2023-04-27 14:19:39.184573086 +0930
@@ -273,7 +273,7 @@
 msgdata,channel_update,fee_base_msat,u32,
 msgdata,channel_update,fee_proportional_millionths,u32,
 msgdata,channel_update,htlc_maximum_msat,u64,
-msgtype,query_short_channel_ids,261,gossip_queries
+msgtype,query_short_channel_ids,261
 msgdata,query_short_channel_ids,chain_hash,chain_hash,
 msgdata,query_short_channel_ids,len,u16,
 msgdata,query_short_channel_ids,encoded_short_ids,byte,len
@@ -281,17 +281,17 @@
 tlvtype,query_short_channel_ids_tlvs,query_flags,1
 tlvdata,query_short_channel_ids_tlvs,query_flags,encoding_type,byte,
 tlvdata,query_short_channel_ids_tlvs,query_flags,encoded_query_flags,byte,...
-msgtype,reply_short_channel_ids_end,262,gossip_queries
+msgtype,reply_short_channel_ids_end,262
 msgdata,reply_short_channel_ids_end,chain_hash,chain_hash,
 msgdata,reply_short_channel_ids_end,full_information,byte,
-msgtype,query_channel_range,263,gossip_queries
+msgtype,query_channel_range,263
 msgdata,query_channel_range,chain_hash,chain_hash,
 msgdata,query_channel_range,first_blocknum,u32,
 msgdata,query_channel_range,number_of_blocks,u32,
 msgdata,query_channel_range,tlvs,query_channel_range_tlvs,
 tlvtype,query_channel_range_tlvs,query_option,1
 tlvdata,query_channel_range_tlvs,query_option,query_option_flags,bigsize,
-msgtype,reply_channel_range,264,gossip_queries
+msgtype,reply_channel_range,264
 msgdata,reply_channel_range,chain_hash,chain_hash,
 msgdata,reply_channel_range,first_blocknum,u32,
 msgdata,reply_channel_range,number_of_blocks,u32,
@@ -310,7 +310,7 @@
 subtype,channel_update_checksums
 subtypedata,channel_update_checksums,checksum_node_id_1,u32,
 subtypedata,channel_update_checksums,checksum_node_id_2,u32,
-msgtype,gossip_timestamp_filter,265,gossip_queries
+msgtype,gossip_timestamp_filter,265
 msgdata,gossip_timestamp_filter,chain_hash,chain_hash,
 msgdata,gossip_timestamp_filter,first_timestamp,u32,
 msgdata,gossip_timestamp_filter,timestamp_range,u32,
```

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2023-05-11 12:01:38 +09:30
Elle
1c1eda08a3
Bolt 4: clarify onion test payload contents (#1077) 
Adds a comment to the `onion-test.json` file to clarify that the
payloads specified for each hop in the test already include the variable
length encodings.
 2023-05-10 15:06:19 +02:00
Matt Corallo
2bf041f382
Merge pull request #1075 from t-bast/remove-disconnect-warning 
Remove requirements to disconnect on warnings
 2023-05-09 18:06:53 +00:00
Peter Neuroth
5635a3657e
Bolt 1: Clarify the definition of tu fields (#1073) 
Truncated integer fields, e.g. tu16 cannot have leading zeros
judging by the implementations of the parsers, which are used
across the different ln implementations.
The `can` imposed that it is not necessary to truncate the fields
to values of information.

Signed-off-by: Peter Neuroth <pet.v.ne@gmail.com>
 2023-05-08 22:57:46 +02:00
t-bast
3747ba8302
Remove requirements to disconnect on warnings 
We generally shouldn't disconnect when sending or receiving warning
messages. Whenever disconnecting after a warning makes sense, it should
be specified in the requirements linked to that specific scenario.

Fixes #1072
 2023-05-05 09:37:48 +02:00
Matt Corallo
50b2df24a2 Update onion errors since we allow overpaying or under-CLTVing 
In #1032 we allowed overshooting the final amount and expiry, but
forgot to update the onion error descriptions which make reference
thereto.
 2023-04-11 09:56:22 +02:00
Antoni Spaanderman
29c14c6e12 fix typos 2023-03-29 09:09:19 +02:00
t-bast
c4c5a8e5fb Bolt 4: add blinded payments 
Add specification requirements for using route blinding to make payments
while preserving recipient anonymity. Implementers must ensure they
understand all those requirements, there are subtle attacks that could let
malicious senders deanonymize the route if incompletely implemented.
 2023-03-28 08:44:14 +02:00
t-bast
58d80473e0 Bolt 4: add route blinding construction 
Add specification requirements for creating and using blinded routes.
This commit contains the low-level details of the route blinding scheme,
decoupled from how it can be used by high-level components such as onion
messages or payments.
 2023-03-28 08:44:14 +02:00
t-bast
ebd0659fc9 Route Blinding 
Route blinding allows a recipient to provide a blinded route to
potential payers. Each node_id in the route is tweaked, and dummy
hops may be included.

This is an alternative to rendezvous to preserve recipient anonymity.
It has a different set of trade-offs: onions are re-usable, but the
privacy guarantees are a bit weaker and require more work (e.g. when
handling payment fees and errors).
 2023-03-28 08:44:14 +02:00
Elle Mouton
33098ad37a BOLT 03: fix anchors same amt and pre-image test vector 
The `commitment tx with 3 htlc outputs, 2 offered having the same amount
and preimage` test was not correctly updated after the value of test
htlc 6 was changed to 5000001 and the cltv expiry of test htlc 5 was
changed to 506. This commit updates the anchors test accordingly.
 2023-02-28 10:51:45 +01:00
Elle Mouton
20066dc2ab BOLT 03: fix static-remote same amt and pre-image test vector 
The `commitment tx with 3 htlc outputs, 2 offered having the same amount
and preimage` test was not correctly updated after the value of test
htlc 6 was changed to 5000001 and the cltv expiry of test htlc 5 was
changed to 506. This commit updates the static-remote test accordingly.
 2023-02-28 10:51:45 +01:00
Elle Mouton
7f7ee7ffe6 BOLT 03: fix legacy same amt and pre-image test vector 
The `commitment tx with 3 htlc outputs, 2 offered having the same amount
and preimage` test was not correctly updated after the value of test
htlc 6 was changed to 5000001 and the cltv expiry of test htlc 5 was
changed to 506. This commit updates the legacy test accordingly.
 2023-02-28 10:51:45 +01:00
Elle Mouton
2be691e19d BOLT 03: fix no htlc single anchor test 
The commitment transaction tests are all meant to use the same funding
transaction which has an amount of 10000000000 msat. The LocalBalance
and RemoteBalance along with the value of any htlcs should always add up
to this amount.

This commit updates the `simple commitment tx with no HTLCs and single
anchor` anchors test to comply with the above.
 2023-02-28 10:51:45 +01:00
Wilmer Paulino
b02bb6b0ed
Add test vectors for option_anchors_zero_fee_htlc_tx (#1018) 
These are the same test vectors as those found under Appendix F, except
that each HTLC has a zero fee transaction instead, resulting in a
signature change.
 2023-02-28 09:30:50 +01:00
Jesse de Wit
f7dcc32694
A note on the maximum size of Tagged Fields (#1042) 
Make it more obvious to readers of bolt 11 that the maximum length of a Tagged
Field is 639 bytes.
 2022-12-22 13:27:15 +01:00
Olaoluwa Osuntokun
a0bbe47b02
Merge pull request #1021 from joostjager/failure-message-tlv 
TLV failure message and recommended length to 1024
 2022-12-05 11:11:14 -08:00
Bastien Teinturier
9af622690e
Use onion amount in MPP set calculation (#1040) 
* Use onion amount in MPP set calculation

The sender chooses the amounts that are set in the onion payload
(`amt_to_forward`) but cannot predict what amounts will be set in the
HTLCs (`amount_msat`) since intermediate nodes are allowed to overpay.

* Fix error requirements for final node

These requirements were missed when integrating #1032
 2022-11-22 09:41:17 +01:00
Joost Jager
1a48cdd787
BOLT 04: Update recommended failure message length and test vector 2022-11-21 12:40:14 +01:00
Bastien Teinturier
b38156b951
Allow nodes to overshoot final htlc amount and expiry (#1032) 
When nodes receive HTLCs, they verify that the contents of those HTLCs
match the intructions that the sender provided in the onion. It is
important to ensure that intermediate nodes and final nodes have similar
requirements, otherwise a malicious intermediate node could easily probe
whether the next node is the final recipient or not.

Unfortunately, the requirements for intermediate nodes were more lenient
than the requirements for final nodes. Intermediate nodes allowed overpaying
and increasing the CLTV expiry, whereas final nodes required a perfect
equality between the HTLC values and the onion values.

This provided a trivial way of probing: when relaying an HTLC, nodes could
relay 1 msat more than what the onion instructed (or increase the outgoing
expiry by 1). If the next node was an intermediate node, they would accept
this HTLC, but if the next node was the recipient, they would reject it.

We update those requirements to fix this probing attack vector.

We also clarify `min_final_cltv_expiry`: this is actually a cltv_expiry_delta,
not an absolute cltv_expiry, so the field name should reflect that.

Recipients require incoming HTLC expiry to comply with that expiry delta.
 2022-11-08 08:38:36 +01:00
Matt Corallo
fc40879995
Allow nodes to overshoot the MPP total_msat when paying (#1031) 
When a node retires a failed path as part of a larger MPP payment,
the node may wish to use a path which is constrained by an
`htlc_minimum_msat` value. In this case, the node is forced to
overpay, likely overshooting the `total_msat` it set in the earlier
onions for the same MPP payment.

There are two possible solutions to this - either allow the
`total_msat` value to change in later HTLCs or allow the node to
(slightly) overshoot the `total_msat` value.

Allowing `total_msat` to change across HTLCs is nontrivial to
implement - HTLCs may arrive out-of-order, causing the receiving
node to have to track all seen `total_msat` values and accept a
set of HTLCs which meet any of the seen `total_msat` values.

Instead, this commit changes the MPP logic to simply allow a sender
to overshoot the stated `total_msat`.

Sadly the backwards-compatibility story for this is not great.
There doesn't seem to be a good way to resolve this issue in a
backwards-compatible way. Instead we just bite the bullet and make
the incompatible change, hoping the overshooting is rare enough
that it's not a major issue.
 2022-11-08 08:37:07 +01:00
Joost Jager
484110f6e3
BOLT 04: Onion failure message may be followed by a tlv stream 2022-10-26 12:47:34 +02:00
Joost Jager
786963760a
BOLT 04: remove max hops from test vector 
With the tlv payload, the maximum isn't fixed anymore.
 2022-10-26 12:47:34 +02:00
Joost Jager
adcd03725c
BOLT 04: remove associated data from test vector 
Data is not relevant for failure message generation.
 2022-10-26 12:47:33 +02:00
Bastien Teinturier
16973e2b85
Bolt 7: restore htlc_maximum_msat requirement (#1029) 
Requirements for the htlc_maximum_msat field in channel_update were
inadvertently removed by #999 (this PR meant to make this field mandatory,
not removed explanations about what it does).
 2022-10-06 09:23:26 +02:00
t-bast
7053463bca Update onion test vectors 
To only use valid tlv payloads instead of fixed-size legacy ones and
invalid tlv streams.

[ Minor typo change: third payload is 275 not 256 bytes long --RR ]
 2022-09-29 12:37:35 +09:30
Rusty Russell
60cfb5972a BOLT 4: Remove legacy format, make var_onion_optin compulsory. 
My measurements a few weeks ago reveal that only 5 nodes do not
advertize this feature, of over 17000.  I have a patch to
remove support from c-lightning, too.

[ 6 months later: t-bast notes that they only see 0.2% of htlcs using
  legacy, and my node hasn't seen one for 2 months w/ 12000 htlcs --RR ]

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-09-29 12:37:35 +09:30
Duncan Dean
f32c6ddb5f
bolt3: Clarify order of operations for HTLC amount calculation (#1020) 
The order of operations is now more clearly specified as:

HTLC output amount = (`amount_msat` / 1000) - (fees in satoshis) where all
divisions are rounded down.

This is required to avoid issues in rounding if we were to take
HTLC output amount = (`amount_msat` - (`feerate_per_kw` * weight)) / 1000 and
then rounded down.
 2022-08-30 17:21:41 +02:00
neil saitug
47d325c6ac
gossip: delay considering a channel edge deleted for 12-blocks (#1004) 
Allows us time to propagate a splice update (new channel_announcement)

Suggested-By: @t-bast
Co-Authored: @ddustin
 2022-08-15 13:16:35 -07:00
Bastien Teinturier
6fee63fc34
Bolt7: add flag for not forwarding channel updates (#999) 
Since #910, nodes are allowed to use aliases instead of real scids. It is
helpful to make it explicit that updates using such aliases must not be
forwarded to other nodes by setting a flag in `channel_update`.

This flag is also generally useful for unannounced channels, regardless
of whether they use an scid alias or not.

We also make the `htlc_maximum_msat` field mandatory: every node on the
network currently sets it, so we can simplify the spec.
 2022-08-15 13:14:18 -07:00
Bastien Teinturier
48fed66e26
Clarify Bolt 7 latest channel update pruning (#1014) 
This is a follow-up on #1006, which actually created more confusion.
 2022-08-15 13:09:40 -07:00
Matt Corallo
38a2b1dfd4
Merge pull request #911 from m-schmoock/bolt7-hostnames 
BOLT 7: add gossip address descriptor type DNS hostname
 2022-08-02 16:43:11 +00:00
eugene
341ec844f1 BOLT#02: clarify coop close requirements 
This commit ensures closing_signed can only begin if there are
no dangling commitments. It also clarifies update_fee requirements
if it is sent after shutdown.
 2022-07-18 15:35:08 -05:00
t-bast
074a71f003 Add grace period for older channel parameters 
When a node creates a new `channel_update` to change its channel parameters,
it will take some time to propagate through the network and payers may use
older parameters. It is recommended to keep accepting older parameters for a
while to improve payment latency and reliability.
 2022-07-18 15:24:28 -05:00
fiatjaf
2ecc091f34
Fix typo in Bolt7: "lastest" channel_update, not "oldest" (#1006) 2022-06-29 14:41:50 +02:00
jerzybrzoska
caae842bfc
Fix typo: 'them' instead of 'her' (#1005) 2022-06-27 08:24:41 +02:00
Bastien Teinturier
c6c672aa15
Zero-conf typos and clarifications (#998) 
A typo wasn't fixed before merging, and there was a confusion between
public and private channels in the rationale for `alias`.
 2022-06-20 21:32:00 +02:00
Antoni Spaanderman
0c649ea1c2 Update 03-transactions.md 2022-06-10 19:04:36 +02:00
Matt Corallo
bc86304b4b
Merge pull request #910 from rustyrussell/zeroconf-as-alias 
Explicitly allow funding_locked early, and support alias scids (feat 46/47/50/51)
 2022-05-30 13:50:25 -07:00
Rusty Russell
34e9cd99db Rename funding_locked to channel_ready. 
And `next_per_commitment_point` to explictly `second_per_commitment_point`;
this is particularly important since `channel_ready` can be retransmitted
after the channel has been in use, for example.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Rusty Russell
7a812cf077 Make zeroconf a channel type, and acceptance indicates trust. 
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Rusty Russell
f8e5c92fb5 channel_update: make sure we use alias scids correctly. 
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Rusty Russell
7aa76b67b2 BOLT 2: add channel_type for option_scid_alias 
Allows upgrade in future.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Rusty Russell
faa6c413b9 BOLT 2: Restore minimum_depth requirement, but explicitly allow 0. 
And weaken it: the opener doesn't need to respect it.

Note also that the `funding_locked`-can-change-alias refers to the same peer.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Rusty Russell
d41cc1ec12 Explicitly allow funding_locked early, and support alias scids. 
This lets you add your brand new channel to routehints, and also
means you can use a routehinted channel even if you (later?) have a
real channel.

This supports both trusted and untrusted zero-conf channels: in the
trusted case you can use it immediately like any other channel,
and for the untrusted case you simply use any push_msat they gave you
for outgoing payments, but fail incoming.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
 2022-05-30 20:47:49 +00:00
Vincenzo Palazzo
c74a3bbcf8
BOLT 1: introduce port convention for different network (#968) 
* bolt1: introduce port convention for different network

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
 2022-05-23 13:44:05 -07:00
Matt Corallo
fe96e8fc3d Note that lightning implementations used to skip the msg type bytes 
...well, okay, do today, but by the time anyone is reading this
it'll be "used to".
 2022-05-19 08:28:31 +02:00
Matt Corallo
de8bb07a65 Clarify how to encode channel_update messages in onions 
Apparently not all implementations implemented the onion encoding
the same, causing vastly differing onion failure packets. This
should unify them somewhat.

CC https://github.com/ElementsProject/lightning/issues/5154
 2022-05-19 08:28:31 +02:00
Matt Corallo
03468e1756 Clarify what the two flag bytes are in channel_disabled failures 
Fixes #791
 2022-05-19 08:28:31 +02:00
Vincenzo Palazzo
e7017173d6
bolt2: disallow sending multiple shutdown msg (#977) 
The rationale for this is to avoid bad cases like the following one
which was previously allowed:

* sender -> shutdown(script_one) -> receiver
* sender -> shutdown(script_two) -> receiver
* sender <- shutdown(script_one) <- receiver

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
 2022-05-18 15:51:37 +02:00