mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2024-11-19 09:53:54 +01:00
Code Issues Projects Releases Wiki Activity
11c7e20d0a
lnd/htlcswitch/switch_test.go

5596 lines
150 KiB
Go
Raw Normal View History

htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
package htlcswitch
import (
multi: extend `InvoiceDB` methods with a context argument (#8066) * multi: extend InvoiceDB methods with a context argument This commit adds a context to InvoiceDB's methods. Along this refactor we also extend InvoiceRegistry methods with contexts where it makes sense. This change is essential to be able to provide kvdb and sqldb implementations for InvoiceDB. * channeldb: restrict invoice tests to only use an InvoiceDB instance * docs: update release notes for 0.18.0
2023-10-11 13:42:59 +02:00
"context"
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
"crypto/rand"
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
"crypto/sha256"
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
"fmt"
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
"io"
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
mrand "math/rand"
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
"reflect"
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
"testing"
"time"
multi: use btcd's btcec/v2 and btcutil modules This commit was previously split into the following parts to ease review: - 2d746f68: replace imports - 4008f0fd: use ecdsa.Signature - 849e33d1: remove btcec.S256() - b8f6ebbd: use v2 library correctly - fa80bca9: bump go modules
2022-02-23 14:48:00 +01:00
"github.com/btcsuite/btcd/btcutil"
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
"github.com/davecgh/go-spew/spew"
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
"github.com/go-errors/errors"
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
"github.com/lightningnetwork/lnd/chainntnfs"
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
"github.com/lightningnetwork/lnd/channeldb"
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
"github.com/lightningnetwork/lnd/channeldb/models"
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
"github.com/lightningnetwork/lnd/contractcourt"
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
"github.com/lightningnetwork/lnd/fn"
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
"github.com/lightningnetwork/lnd/htlcswitch/hodl"
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
"github.com/lightningnetwork/lnd/htlcswitch/hop"
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
"github.com/lightningnetwork/lnd/lntest/mock"
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
"github.com/lightningnetwork/lnd/lntypes"
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
"github.com/lightningnetwork/lnd/lnwallet/chainfee"
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
"github.com/lightningnetwork/lnd/lnwire"
htlcswitch test: add fwdinglog inspection on triggered FwdEventTicker
2018-09-25 09:41:22 +02:00
"github.com/lightningnetwork/lnd/ticker"
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
"github.com/stretchr/testify/require"
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
)
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
var zeroCircuit = models.CircuitKey{}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
var emptyScid = lnwire.ShortChannelID{}
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
func genPreimage() ([32]byte, error) {
var preimage [32]byte
if _, err := io.ReadFull(rand.Reader, preimage[:]); err != nil {
return preimage, err
}
return preimage, nil
}
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
// TestSwitchAddDuplicateLink tests that the switch will reject duplicate links
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// for live links. It also tests that we can successfully add a link after
// having removed it.
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
func TestSwitchAddDuplicateLink(t *testing.T) {
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
chanID1, aliceScid := genID()
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceScid, emptyScid, alicePeer, false, false,
false, false,
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
// Alice should have a live link, adding again should fail.
if err := s.AddLink(aliceChannelLink); err == nil {
t.Fatalf("adding duplicate link should have failed")
}
// Remove the live link to ensure the indexes are cleared.
htlcswitch/switch_test: update reverted test to use... current initialization methods
2018-07-13 02:41:12 +02:00
s.RemoveLink(chanID1)
Revert "htlcswitch: in event of duplicate link add, prefer newer link" This reverts commit e60d2b774a35e446081f9be2d4901925cac05379.
2018-07-13 00:59:00 +02:00
// Alice has no links, adding should succeed.
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
}
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
// TestSwitchHasActiveLink tests the behavior of HasActiveLink, and asserts that
// it only returns true if a link's short channel id has confirmed (meaning the
// channel is no longer pending) and it's EligibleToForward method returns true,
multi: replace `FundingLocked` related docs This commit replaces `FundingLocked` found in docs using the following command, ```shell find . -name "*.go" -exec sed -i '' 's/FundingLocked/ChannelReady/g' {} \; find . -name "*.go" -exec sed -i '' 's/FundingLock/ChannelReady/g' {} \; ```
2023-03-15 22:45:14 +01:00
// i.e. it has received ChannelReady from the remote peer.
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
func TestSwitchHasActiveLink(t *testing.T) {
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
chanID1, aliceScid := genID()
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceScid, emptyScid, alicePeer, false, false,
false, false,
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
// The link has been added, but it's still pending. HasActiveLink should
// return false since the link has not been added to the linkIndex
// containing live links.
if s.HasActiveLink(chanID1) {
t.Fatalf("link should not be active yet, still pending")
}
multi: update "funding locked" comments Replace a few un-caught instances of "funding locked" in some comments with "channel_ready"
2023-04-27 20:02:34 +02:00
// Finally, simulate the link receiving channel_ready by setting its
htlcswitch/switch_test: adds HasActiveLink unit test
2019-01-11 01:34:03 +01:00
// eligibility to true.
aliceChannelLink.eligible = true
// The link should now be reported as active, since EligibleToForward
// returns true and the link is in the linkIndex.
if !s.HasActiveLink(chanID1) {
t.Fatalf("link should not be active now")
}
}
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
// TestSwitchSendPending checks the inability of htlc switch to forward adds
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// over pending links.
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
func TestSwitchSendPending(t *testing.T) {
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
pendingChanID := lnwire.ShortChannelID{}
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, pendingChanID, emptyScid, alicePeer, false, false,
false, false,
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
)
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
// Create request which should is being forwarded from Bob channel
// link to Alice channel link.
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
packet := &htlcPacket{
incomingChanID: bobChanID,
incomingHTLCID: 0,
outgoingChanID: aliceChanID,
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Send the ADD packet, this should not be forwarded out to the link
// since there are no eligible links.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err = s.ForwardPackets(nil, packet); err != nil {
t.Fatal(err)
}
select {
case p := <-bobChannelLink.packets:
if p.linkFailure != nil {
err = p.linkFailure
}
case <-time.After(time.Second):
t.Fatal("no timely reply from switch")
}
htlcswitch: add linkError field to htlcpacket This commit adds a linkError field to track the value of failures which occur at our node. This field is set when local payments or multi hop htlcs fail in the switch or on our outgoing link. This addition is required for the addition of a htlc notifier which will notify these failures in handleDownstreamPacket. The passing of link error to failAddPacket removes the need for an additional error field, because the link error's failure detail will contain any additional metadata. In the places where the failure detail does not cover all the metadata that was previously supplied by addr err, the error is logged before calling failAddPacket so that this change does not reduce the amount of information we log.
2020-02-06 18:35:17 +01:00
linkErr, ok := err.(*LinkError)
if !ok {
t.Fatalf("expected link error, got: %T", err)
}
if linkErr.WireMessage().Code() != lnwire.CodeUnknownNextPeer {
t.Fatalf("expected fail unknown next peer, got: %T",
linkErr.WireMessage().Code())
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
}
// No message should be sent, since the packet was failed.
select {
case <-aliceChannelLink.packets:
t.Fatal("expected not to receive message")
case <-time.After(time.Second):
}
// Since the packet should have been failed, there should be no active
// circuits.
if s.circuits.NumOpen() != 0 {
t.Fatal("wrong amount of circuits")
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
}
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// TestSwitchForwardMapping checks that the Switch properly consults its maps
// when forwarding packets.
func TestSwitchForwardMapping(t *testing.T) {
tests := []struct {
name string
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// If this is true, then Alice's channel will be private.
alicePrivate bool
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// If this is true, then Alice's channel will be a zero-conf
// channel.
zeroConf bool
// If this is true, then Alice's channel will be an
// option-scid-alias feature-bit, non-zero-conf channel.
optionScid bool
// If this is true, then an alias will be used for forwarding.
useAlias bool
// This is Alice's channel alias. This may not be set if this
// is not an option_scid_alias channel (feature bit).
aliceAlias lnwire.ShortChannelID
// This is Alice's confirmed SCID. This may not be set if this
// is a zero-conf channel before confirmation.
aliceReal lnwire.ShortChannelID
// If this is set, we expect Bob forwarding to Alice to fail.
expectErr bool
}{
{
name: "private unconfirmed zero-conf",
alicePrivate: true,
zeroConf: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_002,
TxIndex: 2,
TxPosition: 2,
},
aliceReal: lnwire.ShortChannelID{},
expectErr: false,
},
{
name: "private confirmed zero-conf",
alicePrivate: true,
zeroConf: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_003,
TxIndex: 3,
TxPosition: 3,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 300000,
TxIndex: 3,
TxPosition: 3,
},
expectErr: false,
},
{
name: "private confirmed zero-conf failure",
alicePrivate: true,
zeroConf: true,
useAlias: false,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_004,
TxIndex: 4,
TxPosition: 4,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 300002,
TxIndex: 4,
TxPosition: 4,
},
expectErr: true,
},
{
name: "public unconfirmed zero-conf",
alicePrivate: false,
zeroConf: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_005,
TxIndex: 5,
TxPosition: 5,
},
aliceReal: lnwire.ShortChannelID{},
expectErr: false,
},
{
name: "public confirmed zero-conf w/ alias",
alicePrivate: false,
zeroConf: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_006,
TxIndex: 6,
TxPosition: 6,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 500000,
TxIndex: 6,
TxPosition: 6,
},
expectErr: false,
},
{
name: "public confirmed zero-conf w/ real",
alicePrivate: false,
zeroConf: true,
useAlias: false,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_007,
TxIndex: 7,
TxPosition: 7,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 502000,
TxIndex: 7,
TxPosition: 7,
},
expectErr: false,
},
{
name: "private non-option channel",
alicePrivate: true,
aliceAlias: lnwire.ShortChannelID{},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 505000,
TxIndex: 8,
TxPosition: 8,
},
},
{
name: "private option channel w/ alias",
alicePrivate: true,
optionScid: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_015,
TxIndex: 9,
TxPosition: 9,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 506000,
TxIndex: 10,
TxPosition: 10,
},
expectErr: false,
},
{
name: "private option channel failure",
alicePrivate: true,
optionScid: true,
useAlias: false,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_016,
TxIndex: 16,
TxPosition: 16,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 507000,
TxIndex: 17,
TxPosition: 17,
},
expectErr: true,
},
{
name: "public non-option channel",
alicePrivate: false,
useAlias: false,
aliceAlias: lnwire.ShortChannelID{},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 508000,
TxIndex: 17,
TxPosition: 17,
},
expectErr: false,
},
{
name: "public option channel w/ alias",
alicePrivate: false,
optionScid: true,
useAlias: true,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_018,
TxIndex: 18,
TxPosition: 18,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 509000,
TxIndex: 19,
TxPosition: 19,
},
expectErr: false,
},
{
name: "public option channel w/ real",
alicePrivate: false,
optionScid: true,
useAlias: false,
aliceAlias: lnwire.ShortChannelID{
BlockHeight: 16_000_019,
TxIndex: 19,
TxPosition: 19,
},
aliceReal: lnwire.ShortChannelID{
BlockHeight: 510000,
TxIndex: 20,
TxPosition: 20,
},
expectErr: false,
},
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
t.Parallel()
testSwitchForwardMapping(
t, test.alicePrivate, test.zeroConf,
test.useAlias, test.optionScid,
test.aliceAlias, test.aliceReal,
test.expectErr,
)
})
htlcswitch/switch_test: test send pending channel
2018-05-02 08:36:43 +02:00
}
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
func testSwitchForwardMapping(t *testing.T, alicePrivate, aliceZeroConf,
useAlias, optionScid bool, aliceAlias, aliceReal lnwire.ShortChannelID,
expectErr bool) {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() { _ = s.Stop() }()
// Create the lnwire.ChannelIDs that we'll use.
chanID1, chanID2, _, _ := genIDs()
var aliceChannelLink *mockChannelLink
if aliceZeroConf {
aliceChannelLink = newMockChannelLink(
s, chanID1, aliceAlias, aliceReal, alicePeer, true,
alicePrivate, true, false,
)
} else {
aliceChannelLink = newMockChannelLink(
s, chanID1, aliceReal, emptyScid, alicePeer, true,
alicePrivate, false, optionScid,
)
if optionScid {
aliceChannelLink.addAlias(aliceAlias)
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.AddLink(aliceChannelLink)
require.NoError(t, err)
// Bob will just have a non-option_scid_alias channel so no mapping is
// necessary.
bobScid := lnwire.ShortChannelID{
BlockHeight: 501000,
TxIndex: 200,
TxPosition: 2,
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobScid, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.AddLink(bobChannelLink)
require.NoError(t, err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// Generate preimage.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// Determine the outgoing SCID to use.
outgoingSCID := aliceReal
if useAlias {
outgoingSCID = aliceAlias
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
packet := &htlcPacket{
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
incomingChanID: bobScid,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
incomingHTLCID: 0,
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
outgoingChanID: outgoingSCID,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.ForwardPackets(nil, packet)
require.NoError(t, err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// If we expect a forwarding error, then assert that we receive one.
// option_scid_alias forwards may fail if forwarding would be a privacy
// leak.
if expectErr {
select {
case <-bobChannelLink.packets:
case <-time.After(time.Second * 5):
t.Fatal("expected a forwarding error")
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
select {
case <-aliceChannelLink.packets:
t.Fatal("did not expect a packet")
case <-time.After(time.Second * 5):
}
} else {
select {
case <-bobChannelLink.packets:
t.Fatal("did not expect a forwarding error")
case <-time.After(time.Second * 5):
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
select {
case <-aliceChannelLink.packets:
case <-time.After(time.Second * 5):
t.Fatal("expected alice to receive packet")
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// TestSwitchSendHTLCMapping tests that SendHTLC will properly route packets to
// zero-conf or option-scid-alias (feature-bit) channels if the confirmed SCID
// is used. It also tests that nothing breaks with the mapping change.
func TestSwitchSendHTLCMapping(t *testing.T) {
tests := []struct {
name string
contractcourt+switch: keep channels with timed-out initiated htlcs. This commit enables the user to specify he is not interested in automatically close channels with pending payments that their corresponding htlcs have timed-out. By requiring a configurable grace period uptime of our node before closing such channels, we give a chance to the other node to properly cancel the htlc and avoid unnecessary on-chain transaction. In mobile it is very important for the user experience as otherwise channels will be force closed more frequently.
2020-02-03 11:52:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// If this is true, the channel will be zero-conf.
zeroConf bool
// Denotes whether the channel is option-scid-alias, non
// zero-conf feature bit.
optionFeature bool
// If this is true, then the alias will be used in the packet.
useAlias bool
// This will be the channel alias if there is a mapping.
alias lnwire.ShortChannelID
// This will be the confirmed SCID if the channel is confirmed.
real lnwire.ShortChannelID
}{
{
name: "non-zero-conf real scid w/ option",
zeroConf: false,
optionFeature: true,
useAlias: false,
alias: lnwire.ShortChannelID{
BlockHeight: 10010,
TxIndex: 10,
TxPosition: 10,
},
real: lnwire.ShortChannelID{
BlockHeight: 500000,
TxIndex: 50,
TxPosition: 50,
},
},
{
name: "non-zero-conf real scid no option",
zeroConf: false,
useAlias: false,
alias: lnwire.ShortChannelID{},
real: lnwire.ShortChannelID{
BlockHeight: 400000,
TxIndex: 50,
TxPosition: 50,
},
},
{
name: "zero-conf alias scid w/ conf",
zeroConf: true,
useAlias: true,
alias: lnwire.ShortChannelID{
BlockHeight: 10020,
TxIndex: 20,
TxPosition: 20,
},
real: lnwire.ShortChannelID{
BlockHeight: 450000,
TxIndex: 50,
TxPosition: 50,
},
},
{
name: "zero-conf alias scid no conf",
zeroConf: true,
useAlias: true,
alias: lnwire.ShortChannelID{
BlockHeight: 10015,
TxIndex: 25,
TxPosition: 35,
},
real: lnwire.ShortChannelID{},
},
{
name: "zero-conf real scid",
zeroConf: true,
useAlias: false,
alias: lnwire.ShortChannelID{
BlockHeight: 10035,
TxIndex: 35,
TxPosition: 35,
},
real: lnwire.ShortChannelID{
BlockHeight: 470000,
TxIndex: 35,
TxPosition: 45,
},
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
},
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
t.Parallel()
testSwitchSendHtlcMapping(
t, test.zeroConf, test.useAlias, test.alias,
test.real, test.optionFeature,
)
})
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
func testSwitchSendHtlcMapping(t *testing.T, zeroConf, useAlias bool, alias,
realScid lnwire.ShortChannelID, optionFeature bool) {
peer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() { _ = s.Stop() }()
// Create the lnwire.ChannelID that we'll use.
chanID, _ := genID()
var link *mockChannelLink
if zeroConf {
link = newMockChannelLink(
s, chanID, alias, realScid, peer, true, false, true,
false,
)
} else {
link = newMockChannelLink(
s, chanID, realScid, emptyScid, peer, true, false,
false, true,
)
if optionFeature {
link.addAlias(alias)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.AddLink(link)
require.NoError(t, err)
// Generate preimage.
preimage, err := genPreimage()
require.NoError(t, err)
rhash := sha256.Sum256(preimage[:])
// Determine the outgoing SCID to use.
outgoingSCID := realScid
if useAlias {
outgoingSCID = alias
}
// Send the HTLC and assert that we don't get an error.
htlc := &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.SendHTLC(outgoingSCID, 0, htlc)
require.NoError(t, err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// TestSwitchUpdateScid verifies that zero-conf and non-zero-conf
// option-scid-alias (feature bit) channels will have the expected entries in
// the aliasToReal and baseIndex maps.
func TestSwitchUpdateScid(t *testing.T) {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Parallel()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
peer, err := newMockServer(
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() { _ = s.Stop() }()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// Create the IDs that we'll use.
chanID, chanID2, _, _ := genIDs()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
alias := lnwire.ShortChannelID{
BlockHeight: 16_000_000,
TxIndex: 0,
TxPosition: 0,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
alias2 := alias
alias2.TxPosition = 1
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
realScid := lnwire.ShortChannelID{
BlockHeight: 500000,
TxIndex: 0,
TxPosition: 0,
}
link := newMockChannelLink(
s, chanID, alias, emptyScid, peer, true, false, true, false,
)
link.addAlias(alias2)
err = s.AddLink(link)
require.NoError(t, err)
// Assert that the zero-conf link does not have entries in the
// aliasToReal map.
s.indexMtx.RLock()
_, ok := s.aliasToReal[alias]
require.False(t, ok)
_, ok = s.aliasToReal[alias2]
require.False(t, ok)
// Assert that both aliases point to the "base" SCID, which is actually
// just the first alias.
baseScid, ok := s.baseIndex[alias]
require.True(t, ok)
require.Equal(t, alias, baseScid)
baseScid, ok = s.baseIndex[alias2]
require.True(t, ok)
require.Equal(t, alias, baseScid)
s.indexMtx.RUnlock()
// We'll set the mock link's confirmed SCID so that UpdateShortChanID
// populates aliasToReal and adds an entry to baseIndex.
link.realScid = realScid
link.confirmedZC = true
err = s.UpdateShortChanID(chanID)
require.NoError(t, err)
// Assert that aliasToReal is populated and there is an entry in
// baseIndex for realScid.
s.indexMtx.RLock()
realMapping, ok := s.aliasToReal[alias]
require.True(t, ok)
require.Equal(t, realScid, realMapping)
realMapping, ok = s.aliasToReal[alias2]
require.True(t, ok)
require.Equal(t, realScid, realMapping)
baseScid, ok = s.baseIndex[realScid]
require.True(t, ok)
require.Equal(t, alias, baseScid)
s.indexMtx.RUnlock()
// Now we'll perform the same checks with a non-zero-conf
// option-scid-alias channel (feature-bit).
optionReal := lnwire.ShortChannelID{
BlockHeight: 600000,
TxIndex: 0,
TxPosition: 0,
}
optionAlias := lnwire.ShortChannelID{
BlockHeight: 12000,
TxIndex: 0,
TxPosition: 0,
}
optionAlias2 := optionAlias
optionAlias2.TxPosition = 1
link2 := newMockChannelLink(
s, chanID2, optionReal, emptyScid, peer, true, false, false,
true,
)
link2.addAlias(optionAlias)
link2.addAlias(optionAlias2)
err = s.AddLink(link2)
require.NoError(t, err)
// Assert that the option-scid-alias link does have entries in the
// aliasToReal and baseIndex maps.
s.indexMtx.RLock()
realMapping, ok = s.aliasToReal[optionAlias]
require.True(t, ok)
require.Equal(t, optionReal, realMapping)
realMapping, ok = s.aliasToReal[optionAlias2]
require.True(t, ok)
require.Equal(t, optionReal, realMapping)
baseScid, ok = s.baseIndex[optionReal]
require.True(t, ok)
require.Equal(t, optionReal, baseScid)
baseScid, ok = s.baseIndex[optionAlias]
require.True(t, ok)
require.Equal(t, optionReal, baseScid)
baseScid, ok = s.baseIndex[optionAlias2]
require.True(t, ok)
require.Equal(t, optionReal, baseScid)
s.indexMtx.RUnlock()
}
// TestSwitchForward checks the ability of htlc switch to forward add/settle
// requests.
func TestSwitchForward(t *testing.T) {
t.Parallel()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
if err != nil {
t.Fatalf("unable to create alice server: %v", err)
}
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
if err != nil {
t.Fatalf("unable to create bob server: %v", err)
}
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
if err != nil {
t.Fatalf("unable to init switch: %v", err)
}
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
aliceChannelLink := newMockChannelLink(
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
)
bobChannelLink := newMockChannelLink(
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarded from Alice channel link to
// bob channel link.
preimage, err := genPreimage()
if err != nil {
t.Fatalf("unable to generate preimage: %v", err)
}
rhash := sha256.Sum256(preimage[:])
packet := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Handle the request and checks that bob channel link received it.
if err := s.ForwardPackets(nil, packet); err != nil {
t.Fatal(err)
}
select {
case <-bobChannelLink.packets:
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
if s.circuits.NumOpen() != 1 {
t.Fatal("wrong amount of circuits")
}
if !s.IsForwardedHTLC(bobChannelLink.ShortChanID(), 0) {
t.Fatal("htlc should be identified as forwarded")
}
// Create settle request pretending that bob link handled the add htlc
// request and sent the htlc settle request back. This request should
// be forwarder back to Alice link.
packet = &htlcPacket{
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFulfillHTLC{
PaymentPreimage: preimage,
},
}
// Handle the request and checks that payment circuit works properly.
if err := s.ForwardPackets(nil, packet); err != nil {
t.Fatal(err)
}
select {
case pkt := <-aliceChannelLink.packets:
if err := aliceChannelLink.deleteCircuit(pkt); err != nil {
t.Fatalf("unable to remove circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to channelPoint")
}
if s.circuits.NumOpen() != 0 {
t.Fatal("wrong amount of circuits")
}
}
func TestSwitchForwardFailAfterFullAdd(t *testing.T) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
if err != nil {
t.Fatalf("unable to create alice server: %v", err)
}
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err, "unable to create bob server")
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
cdb, err := channeldb.Open(tempPath)
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
require.NoError(t, err, "unable to init switch")
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s.Stop()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarded from Alice channel link to
// bob channel link.
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
if s.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatal(err)
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Pull packet from bob's link, but do not perform a full add.
select {
case packet := <-bobChannelLink.packets:
// Complete the payment circuit and assign the outgoing htlc id
// before restarting.
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 1 {
t.Fatalf("wrong amount of circuits")
}
// Now we will restart bob, leaving the forwarding decision for this
// htlc is in the half-added state.
if err := s.Stop(); err != nil {
t.Fatalf(err.Error())
}
if err := cdb.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb2, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
// Even though we intend to Stop s2 later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s2.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s2.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s2.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 1 {
t.Fatalf("wrong amount of circuits")
}
// Craft a failure message from the remote peer.
fail := &htlcPacket{
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFailHTLC{},
}
// Send the fail packet from the remote peer through the switch.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s2.ForwardPackets(nil, fail); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatalf(err.Error())
}
// Pull packet from alice's link, as it should have gone through
// successfully.
select {
case pkt := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(pkt); err != nil {
t.Fatalf("unable to remove circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Circuit map should be empty now.
if s2.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Send the fail packet from the remote peer through the switch.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, fail); err != nil {
t.Fatal(err)
}
select {
case <-aliceChannelLink.packets:
t.Fatalf("expected duplicate fail to not arrive at the destination")
case <-time.After(time.Second):
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
}
func TestSwitchForwardSettleAfterFullAdd(t *testing.T) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
cdb, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s.Stop()
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarded from Alice channel link to
// bob channel link.
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
if s.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatal(err)
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Pull packet from bob's link, but do not perform a full add.
select {
case packet := <-bobChannelLink.packets:
// Complete the payment circuit and assign the outgoing htlc id
// before restarting.
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 1 {
t.Fatalf("wrong amount of circuits")
}
// Now we will restart bob, leaving the forwarding decision for this
// htlc is in the half-added state.
if err := s.Stop(); err != nil {
t.Fatalf(err.Error())
}
if err := cdb.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb2, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
// Even though we intend to Stop s2 later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s2.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s2.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s2.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 1 {
t.Fatalf("wrong amount of circuits")
}
// Craft a settle message from the remote peer.
settle := &htlcPacket{
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFulfillHTLC{
PaymentPreimage: preimage,
},
}
// Send the settle packet from the remote peer through the switch.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s2.ForwardPackets(nil, settle); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatalf(err.Error())
}
// Pull packet from alice's link, as it should have gone through
// successfully.
select {
case packet := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete circuit with in key=%s: %v",
packet.inKey(), err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Circuit map should be empty now.
if s2.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
// Send the settle packet again, which not arrive at destination.
if err := s2.ForwardPackets(nil, settle); err != nil {
t.Fatal(err)
}
select {
case <-bobChannelLink.packets:
t.Fatalf("expected duplicate fail to not arrive at the destination")
case <-time.After(time.Second):
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
}
func TestSwitchForwardDropAfterFullAdd(t *testing.T) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
cdb, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s.Stop()
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarded from Alice channel link to
// bob channel link.
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
if s.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatal(err)
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of half circuits")
}
// Pull packet from bob's link, but do not perform a full add.
select {
case packet := <-bobChannelLink.packets:
// Complete the payment circuit and assign the outgoing htlc id
// before restarting.
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Now we will restart bob, leaving the forwarding decision for this
// htlc is in the half-added state.
if err := s.Stop(); err != nil {
t.Fatalf(err.Error())
}
if err := cdb.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb2, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
// Even though we intend to Stop s2 later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s2.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s2.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s2.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 1 {
t.Fatalf("wrong amount of half circuits")
}
switch/test: use external interface for testing Previously the forward(...) method was used in forwarding tests, while that code path isn't used for forwards in reality.
2020-04-13 14:23:36 +02:00
// Resend the failed htlc. The packet will be dropped silently since the
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
// switch will detect that it has been half added previously.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s2.ForwardPackets(nil, ogPacket); err != nil {
switch/test: use external interface for testing Previously the forward(...) method was used in forwarding tests, while that code path isn't used for forwards in reality.
2020-04-13 14:23:36 +02:00
t.Fatal(err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
// After detecting an incomplete forward, the fail packet should have
// been returned to the sender.
select {
case <-aliceChannelLink.packets:
t.Fatal("request should not have returned to source")
case <-bobChannelLink.packets:
t.Fatal("request should not have forwarded to destination")
case <-time.After(time.Second):
}
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
func TestSwitchForwardFailAfterHalfAdd(t *testing.T) {
t.Parallel()
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch: update test utilities to latest switch/link changes
2017-06-17 00:03:30 +02:00
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
htlcswitch: run all unit tests in parallel
2017-06-17 00:41:42 +02:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
cdb, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s.Stop()
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
htlcswitch: update test utilities to latest switch/link changes
2017-06-17 00:03:30 +02:00
// Create request which should be forwarded from Alice channel link to
// bob channel link.
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket := &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator: NewMockObfuscator(),
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
htlc: &lnwire.UpdateAddHTLC{
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
PaymentHash: rhash,
Amount: 1,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
},
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of half circuits")
}
// Pull packet from bob's link, but do not perform a full add.
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
select {
case <-bobChannelLink.packets:
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to destination")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
// Now we will restart bob, leaving the forwarding decision for this
// htlc is in the half-added state.
if err := s.Stop(); err != nil {
t.Fatalf(err.Error())
}
if err := cdb.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb2, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
// Even though we intend to Stop s2 later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s2.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s2.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s2.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of half circuits")
}
// Resend the failed htlc, it should be returned to alice since the
// switch will detect that it has been half added previously.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
err = s2.ForwardPackets(nil, ogPacket)
switch/test: use external interface for testing Previously the forward(...) method was used in forwarding tests, while that code path isn't used for forwards in reality.
2020-04-13 14:23:36 +02:00
if err != nil {
t.Fatal(err)
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
}
// After detecting an incomplete forward, the fail packet should have
// been returned to the sender.
select {
switch/test: use external interface for testing Previously the forward(...) method was used in forwarding tests, while that code path isn't used for forwards in reality.
2020-04-13 14:23:36 +02:00
case pkt := <-aliceChannelLink.packets:
linkErr := pkt.linkFailure
if linkErr.FailureDetail != OutgoingFailureIncompleteForward {
t.Fatalf("expected incomplete forward, got: %v",
linkErr.FailureDetail)
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
}
// TestSwitchForwardCircuitPersistence checks the ability of htlc switch to
// maintain the proper entries in the circuit map in the face of restarts.
func TestSwitchForwardCircuitPersistence(t *testing.T) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
cdb, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s.Stop()
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarded from Alice channel link to
// bob channel link.
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
if s.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
t.Fatal(err)
}
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
// Retrieve packet from outgoing link and cache until after restart.
var packet *htlcPacket
select {
case packet = <-bobChannelLink.packets:
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
if err := s.Stop(); err != nil {
t.Fatalf(err.Error())
}
if err := cdb.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb2, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
// Even though we intend to Stop s2 later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
defer s2.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s2.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s2.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of half circuits")
}
// Now that the switch has restarted, complete the payment circuit.
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
if s2.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s2.circuits.NumOpen() != 1 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
htlcswitch: update test utilities to latest switch/link changes
2017-06-17 00:03:30 +02:00
// Create settle request pretending that bob link handled the add htlc
// request and sent the htlc settle request back. This request should
// be forwarder back to Alice link.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
ogPacket = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
multi: comprehensive typo fixes across all packages
2018-02-07 04:11:11 +01:00
htlc: &lnwire.UpdateFulfillHTLC{
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
PaymentPreimage: preimage,
},
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that payment circuit works properly.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s2.ForwardPackets(nil, ogPacket); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case packet = <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete circuit with in key=%s: %v",
packet.inKey(), err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: update test utilities to latest switch/link changes
2017-06-17 00:03:30 +02:00
t.Fatal("request was not propagated to channelPoint")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s2.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits, want 1, got %d",
s2.circuits.NumPending())
}
if s2.circuits.NumOpen() != 0 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s2.Stop(); err != nil {
t.Fatal(err)
}
if err := cdb2.Close(); err != nil {
t.Fatalf(err.Error())
}
cdb3, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to reopen channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb3.Close() })
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
multi: move block epochs dependency from links to switch In this commit, we move the block height dependency from the links in the switch to the switch itself. This is possible due to a recent change on the links no longer depending on the block height to update their commitment fees. We'll now only have the switch be alerted of new blocks coming in and links will retrieve the height from it atomically.
2018-06-01 05:31:40 +02:00
s3, err := initSwitchWithDB(testStartingHeight, cdb3)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable reinit switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s3.Start(); err != nil {
t.Fatalf("unable to restart switch: %v", err)
}
defer s3.Stop()
aliceChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s3, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
bobChannelLink = newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s3, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
)
if err := s3.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s3.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if s3.circuits.NumPending() != 0 {
t.Fatalf("wrong amount of half circuits")
}
if s3.circuits.NumOpen() != 0 {
t.Fatalf("wrong amount of circuits")
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
type multiHopFwdTest struct {
name string
eligible1, eligible2 bool
htlcswitch: use LinkError for internal errors Update the ChannelLink interface to specifically return the LinkError struct. This error implements the ClearTextError interface, so will be picked up as a routing realted error by the router. With LinkErrors implemented, the switch now returns a LinkError for all failures on our incoming/outgoing link and ForwardingError when the failure occurs down the line.
2020-01-14 14:07:42 +01:00
failure1, failure2 *LinkError
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
expectedReply lnwire.FailCode
}
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
// TestCircularForwards tests the allowing/disallowing of circular payments
// through the same channel in the case where the switch is configured to allow
// and disallow same channel circular forwards.
func TestCircularForwards(t *testing.T) {
chanID1, aliceChanID := genID()
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
hash := sha256.Sum256(preimage[:])
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
tests := []struct {
name string
allowCircularPayment bool
expectedErr error
}{
{
name: "circular payment allowed",
allowCircularPayment: true,
expectedErr: nil,
},
{
name: "circular payment disallowed",
allowCircularPayment: false,
expectedErr: NewDetailedLinkError(
lnwire.NewTemporaryChannelFailure(nil),
htlcswitch: rename FailureDetail to OutgoingFailure Rename FailureDetail in a separate commit so that a FailureDetail interface can be introduced in the following commit. OutgoingFailureOnionDecode is renamed to OutgoingFailureDecodeError to specifically indicate that we could not decode the wire failure that our payment experienced.
2020-02-06 18:35:16 +01:00
OutgoingFailureCircularRoute,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
),
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
t.Parallel()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil,
testDefaultDelta,
)
if err != nil {
t.Fatalf("unable to create alice server: %v",
err)
}
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
if err != nil {
t.Fatalf("unable to init switch: %v", err)
}
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer func() { _ = s.Stop() }()
// Set the switch to allow or disallow circular routes
// according to the test's requirements.
s.cfg.AllowCircularRoute = test.allowCircularPayment
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer,
true, false, false, false,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
// Create a new packet that loops through alice's link
// in a circle.
obfuscator := NewMockObfuscator()
packet := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
outgoingChanID: aliceChannelLink.ShortChanID(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: hash,
Amount: 1,
},
obfuscator: obfuscator,
}
// Attempt to forward the packet and check for the expected
// error.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err = s.ForwardPackets(nil, packet); err != nil {
t.Fatal(err)
}
select {
case p := <-aliceChannelLink.packets:
if p.linkFailure != nil {
err = p.linkFailure
}
case <-time.After(time.Second):
t.Fatal("no timely reply from switch")
}
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
if !reflect.DeepEqual(err, test.expectedErr) {
t.Fatalf("expected: %v, got: %v",
test.expectedErr, err)
}
// Ensure that no circuits were opened.
if s.circuits.NumOpen() > 0 {
t.Fatal("do not expect any open circuits")
}
})
}
}
// TestCheckCircularForward tests the error returned by checkCircularForward
// in cases where we allow and disallow same channel circular forwards.
func TestCheckCircularForward(t *testing.T) {
tests := []struct {
name string
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// aliasMapping determines whether the test should add an alias
// mapping to Switch alias maps before checkCircularForward.
aliasMapping bool
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
// allowCircular determines whether we should allow circular
// forwards.
allowCircular bool
// incomingLink is the link that the htlc arrived on.
incomingLink lnwire.ShortChannelID
// outgoingLink is the link that the htlc forward
// is destined to leave on.
outgoingLink lnwire.ShortChannelID
// expectedErr is the error we expect to be returned.
expectedErr *LinkError
}{
{
name: "not circular, allowed in config",
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
aliasMapping: false,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
allowCircular: true,
incomingLink: lnwire.NewShortChanIDFromInt(123),
outgoingLink: lnwire.NewShortChanIDFromInt(321),
expectedErr: nil,
},
{
name: "not circular, not allowed in config",
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
aliasMapping: false,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
allowCircular: false,
incomingLink: lnwire.NewShortChanIDFromInt(123),
outgoingLink: lnwire.NewShortChanIDFromInt(321),
expectedErr: nil,
},
{
name: "circular, allowed in config",
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
aliasMapping: false,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
allowCircular: true,
incomingLink: lnwire.NewShortChanIDFromInt(123),
outgoingLink: lnwire.NewShortChanIDFromInt(123),
expectedErr: nil,
},
{
name: "circular, not allowed in config",
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
aliasMapping: false,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
allowCircular: false,
incomingLink: lnwire.NewShortChanIDFromInt(123),
outgoingLink: lnwire.NewShortChanIDFromInt(123),
expectedErr: NewDetailedLinkError(
lnwire.NewTemporaryChannelFailure(nil),
htlcswitch: rename FailureDetail to OutgoingFailure Rename FailureDetail in a separate commit so that a FailureDetail interface can be introduced in the following commit. OutgoingFailureOnionDecode is renamed to OutgoingFailureDecodeError to specifically indicate that we could not decode the wire failure that our payment experienced.
2020-02-06 18:35:16 +01:00
OutgoingFailureCircularRoute,
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
),
},
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
{
name: "circular with map, not allowed",
aliasMapping: true,
allowCircular: false,
incomingLink: lnwire.NewShortChanIDFromInt(1 << 60),
outgoingLink: lnwire.NewShortChanIDFromInt(1 << 55),
expectedErr: NewDetailedLinkError(
lnwire.NewTemporaryChannelFailure(nil),
OutgoingFailureCircularRoute,
),
},
{
name: "circular with map, not allowed 2",
aliasMapping: true,
allowCircular: false,
incomingLink: lnwire.NewShortChanIDFromInt(1 << 55),
outgoingLink: lnwire.NewShortChanIDFromInt(1 << 60),
expectedErr: NewDetailedLinkError(
lnwire.NewTemporaryChannelFailure(nil),
OutgoingFailureCircularRoute,
),
},
{
name: "circular with map, allowed",
aliasMapping: true,
allowCircular: true,
incomingLink: lnwire.NewShortChanIDFromInt(1 << 60),
outgoingLink: lnwire.NewShortChanIDFromInt(1 << 55),
expectedErr: nil,
},
{
name: "circular with map, allowed 2",
aliasMapping: true,
allowCircular: true,
incomingLink: lnwire.NewShortChanIDFromInt(1 << 55),
outgoingLink: lnwire.NewShortChanIDFromInt(1 << 61),
expectedErr: nil,
},
{
name: "not circular, both confirmed SCID",
aliasMapping: false,
allowCircular: false,
incomingLink: lnwire.NewShortChanIDFromInt(1 << 60),
outgoingLink: lnwire.NewShortChanIDFromInt(1 << 61),
expectedErr: nil,
},
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
t.Parallel()
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() { _ = s.Stop() }()
if test.aliasMapping {
// Make the incoming and outgoing point to the
// same base SCID.
inScid := test.incomingLink
outScid := test.outgoingLink
s.indexMtx.Lock()
s.baseIndex[inScid] = outScid
s.baseIndex[outScid] = outScid
s.indexMtx.Unlock()
}
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
// Check for a circular forward, the hash passed can
// be nil because it is only used for logging.
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
err = s.checkCircularForward(
htlcswitch: add CheckCircularForward to handlePacketForward Add a CheckCircularForward function which detects packets which are forwards over the same incoming and outgoing link, and errors if the node is configured to disallow forwards of this nature. This check is added to increase the cost of a liquidity lockup attack, because it increases the length of the route required to lock up an individual node's bandwidth. Since nodes are currently limited to 20 hops, increasing the length of the route needed to lock up capital increases the number of malicious payments an attacker will have to route, which increases the capital requirement of the attack overall.
2020-01-30 09:01:17 +01:00
test.incomingLink, test.outgoingLink,
test.allowCircular, lntypes.Hash{},
)
if !reflect.DeepEqual(err, test.expectedErr) {
t.Fatalf("expected: %v, got: %v",
test.expectedErr, err)
}
})
}
}
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
// TestSkipIneligibleLinksMultiHopForward tests that if a multi-hop HTLC comes
multi: Fix typos [skip ci]
2022-01-13 17:29:43 +01:00
// along, then we won't attempt to forward it down al ink that isn't yet able
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
// to forward any HTLC's.
func TestSkipIneligibleLinksMultiHopForward(t *testing.T) {
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
tests := []multiHopFwdTest{
htlcswitch: fix returned failure for insufficient balance In the scenario where the requested channel does not have enough balance and another channel towards the same node generates a different failure, we erroneously returned UnknownNextPeer instead of the expected TemporaryChannelFailure. This commit rewrites the non-strict forwarding logic in the switch to return the proper failure message. Part of this is moving the link balance check inside the link.
2019-09-27 16:49:16 +02:00
// None of the channels is eligible.
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
{
name: "not eligible",
htlcswitch: fix returned failure for insufficient balance In the scenario where the requested channel does not have enough balance and another channel towards the same node generates a different failure, we erroneously returned UnknownNextPeer instead of the expected TemporaryChannelFailure. This commit rewrites the non-strict forwarding logic in the switch to return the proper failure message. Part of this is moving the link balance check inside the link.
2019-09-27 16:49:16 +02:00
expectedReply: lnwire.CodeUnknownNextPeer,
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
},
// Channel one has a policy failure and the other channel isn't
// available.
{
htlcswitch: use LinkError for internal errors Update the ChannelLink interface to specifically return the LinkError struct. This error implements the ClearTextError interface, so will be picked up as a routing realted error by the router. With LinkErrors implemented, the switch now returns a LinkError for all failures on our incoming/outgoing link and ForwardingError when the failure occurs down the line.
2020-01-14 14:07:42 +01:00
name: "policy fail",
eligible1: true,
failure1: NewLinkError(
lnwire.NewFinalIncorrectCltvExpiry(0),
),
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
expectedReply: lnwire.CodeFinalIncorrectCltvExpiry,
},
htlcswitch: fix returned failure for insufficient balance In the scenario where the requested channel does not have enough balance and another channel towards the same node generates a different failure, we erroneously returned UnknownNextPeer instead of the expected TemporaryChannelFailure. This commit rewrites the non-strict forwarding logic in the switch to return the proper failure message. Part of this is moving the link balance check inside the link.
2019-09-27 16:49:16 +02:00
// The requested channel is not eligible, but the packet is
// forwarded through the other channel.
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
{
name: "non-strict success",
eligible2: true,
expectedReply: lnwire.CodeNone,
},
htlcswitch: fix returned failure for insufficient balance In the scenario where the requested channel does not have enough balance and another channel towards the same node generates a different failure, we erroneously returned UnknownNextPeer instead of the expected TemporaryChannelFailure. This commit rewrites the non-strict forwarding logic in the switch to return the proper failure message. Part of this is moving the link balance check inside the link.
2019-09-27 16:49:16 +02:00
// The requested channel has insufficient bandwidth and the
// other channel's policy isn't satisfied.
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
{
htlcswitch: use LinkError for internal errors Update the ChannelLink interface to specifically return the LinkError struct. This error implements the ClearTextError interface, so will be picked up as a routing realted error by the router. With LinkErrors implemented, the switch now returns a LinkError for all failures on our incoming/outgoing link and ForwardingError when the failure occurs down the line.
2020-01-14 14:07:42 +01:00
name: "non-strict policy fail",
eligible1: true,
failure1: NewDetailedLinkError(
lnwire.NewTemporaryChannelFailure(nil),
htlcswitch: rename FailureDetail to OutgoingFailure Rename FailureDetail in a separate commit so that a FailureDetail interface can be introduced in the following commit. OutgoingFailureOnionDecode is renamed to OutgoingFailureDecodeError to specifically indicate that we could not decode the wire failure that our payment experienced.
2020-02-06 18:35:16 +01:00
OutgoingFailureInsufficientBalance,
htlcswitch: use LinkError for internal errors Update the ChannelLink interface to specifically return the LinkError struct. This error implements the ClearTextError interface, so will be picked up as a routing realted error by the router. With LinkErrors implemented, the switch now returns a LinkError for all failures on our incoming/outgoing link and ForwardingError when the failure occurs down the line.
2020-01-14 14:07:42 +01:00
),
eligible2: true,
failure2: NewLinkError(
lnwire.NewFinalIncorrectCltvExpiry(0),
),
htlcswitch: fix returned failure for insufficient balance In the scenario where the requested channel does not have enough balance and another channel towards the same node generates a different failure, we erroneously returned UnknownNextPeer instead of the expected TemporaryChannelFailure. This commit rewrites the non-strict forwarding logic in the switch to return the proper failure message. Part of this is moving the link balance check inside the link.
2019-09-27 16:49:16 +02:00
expectedReply: lnwire.CodeTemporaryChannelFailure,
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testSkipIneligibleLinksMultiHopForward(t, &test)
})
}
}
// testSkipIneligibleLinksMultiHopForward tests that if a multi-hop HTLC comes
multi: Fix typos [skip ci]
2022-01-13 17:29:43 +01:00
// along, then we won't attempt to forward it down al ink that isn't yet able
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
// to forward any HTLC's.
func testSkipIneligibleLinksMultiHopForward(t *testing.T,
testCase *multiHopFwdTest) {
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
t.Parallel()
var packet *htlcPacket
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
chanID1, aliceChanID := genID()
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
// We'll create a link for Bob, but mark the link as unable to forward
// any new outgoing HTLC's.
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
chanID2, bobChanID2 := genID()
bobChannelLink1 := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID2, emptyScid, bobPeer, testCase.eligible1,
false, false, false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
bobChannelLink1.checkHtlcForwardResult = testCase.failure1
chanID3, bobChanID3 := genID()
bobChannelLink2 := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID3, bobChanID3, emptyScid, bobPeer, testCase.eligible2,
false, false, false,
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
)
bobChannelLink2.checkHtlcForwardResult = testCase.failure2
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
if err := s.AddLink(bobChannelLink1); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
if err := s.AddLink(bobChannelLink2); err != nil {
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
t.Fatalf("unable to add bob link: %v", err)
}
// Create a new packet that's destined for Bob as an incoming HTLC from
// Alice.
preimage := [sha256.Size]byte{1}
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch/test: assert on replied failure message
2019-10-09 16:37:25 +02:00
obfuscator := NewMockObfuscator()
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
packet = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
outgoingChanID: bobChannelLink1.ShortChanID(),
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
htlc: &lnwire.UpdateAddHTLC{
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
PaymentHash: rhash,
Amount: 1,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
},
htlcswitch/test: assert on replied failure message
2019-10-09 16:37:25 +02:00
obfuscator: obfuscator,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
}
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
// The request to forward should fail as
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, packet); err != nil {
t.Fatal(err)
}
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
// We select from all links and extract the error if exists.
// The packet must be selected but we don't always expect a link error.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
var linkError *LinkError
select {
case p := <-aliceChannelLink.packets:
linkError = p.linkFailure
case p := <-bobChannelLink1.packets:
linkError = p.linkFailure
case p := <-bobChannelLink2.packets:
linkError = p.linkFailure
case <-time.After(time.Second):
t.Fatal("no timely reply from switch")
}
htlcswitch/test: assert on replied failure message
2019-10-09 16:37:25 +02:00
failure := obfuscator.(*mockObfuscator).failure
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
if testCase.expectedReply == lnwire.CodeNone {
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if linkError != nil {
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
t.Fatalf("forwarding should have succeeded")
}
if failure != nil {
t.Fatalf("unexpected failure %T", failure)
}
} else {
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if linkError == nil {
htlcswitch/test: test additional forwarding scenarios
2019-10-09 17:06:33 +02:00
t.Fatalf("forwarding should have failed due to " +
"inactive link")
}
if failure.Code() != testCase.expectedReply {
t.Fatalf("unexpected failure %T", failure)
}
htlcswitch/test: assert on replied failure message
2019-10-09 16:37:25 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumOpen() != 0 {
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
t.Fatal("wrong amount of circuits")
}
}
// TestSkipIneligibleLinksLocalForward ensures that the switch will not attempt
// to forward any HTLC's down a link that isn't yet eligible for forwarding.
func TestSkipIneligibleLinksLocalForward(t *testing.T) {
t.Parallel()
htlcswitch: check channel policy for local htlcs
2019-04-19 11:11:16 +02:00
testSkipLinkLocalForward(t, false, nil)
}
// TestSkipPolicyUnsatisfiedLinkLocalForward ensures that the switch will not
// attempt to send locally initiated HTLCs that would violate the channel policy
// down a link.
func TestSkipPolicyUnsatisfiedLinkLocalForward(t *testing.T) {
t.Parallel()
testSkipLinkLocalForward(t, true, lnwire.NewTemporaryChannelFailure(nil))
}
func testSkipLinkLocalForward(t *testing.T, eligible bool,
policyResult lnwire.FailureMessage) {
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
// We'll create a single link for this test, marking it as being unable
// to forward form the get go.
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
chanID1, _, aliceChanID, _ := genIDs()
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, eligible, false,
false, false,
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
)
htlcswitch: use LinkError for internal errors Update the ChannelLink interface to specifically return the LinkError struct. This error implements the ClearTextError interface, so will be picked up as a routing realted error by the router. With LinkErrors implemented, the switch now returns a LinkError for all failures on our incoming/outgoing link and ForwardingError when the failure occurs down the line.
2020-01-14 14:07:42 +01:00
aliceChannelLink.checkHtlcTransitResult = NewLinkError(
policyResult,
)
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
addMsg := &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
}
// We'll attempt to send out a new HTLC that has Alice as the first
// outgoing link. This should fail as Alice isn't yet able to forward
// any active HTLC's.
htlcswitch+router: move deobfuscator creation to GetPaymentResult call In this commit we move handing the deobfuscator from the router to the switch from when the payment is initiated, to when the result is queried. We do this because only the router can recreate the deobfuscator after a restart, and we are preparing for being able to handle results across restarts. Since the deobfuscator cannot be nil anymore, we can also get rid of that special case.
2019-05-16 15:27:29 +02:00
err = s.SendHTLC(aliceChannelLink.ShortChanID(), 0, addMsg)
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
if err == nil {
t.Fatalf("local forward should fail due to inactive link")
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumOpen() != 0 {
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
t.Fatal("wrong amount of circuits")
}
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// TestSwitchCancel checks that if htlc was rejected we remove unused
// circuits.
func TestSwitchCancel(t *testing.T) {
htlcswitch: run all unit tests in parallel
2017-06-17 00:41:42 +02:00
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarder from alice channel link
// to bob channel link.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
request := &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator: NewMockObfuscator(),
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
htlc: &lnwire.UpdateAddHTLC{
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
PaymentHash: rhash,
Amount: 1,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
},
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case packet := <-bobChannelLink.packets:
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to destination")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumPending() != 1 {
t.Fatalf("wrong amount of half circuits")
}
if s.circuits.NumOpen() != 1 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
// Create settle request pretending that bob channel link handled
// the add htlc request and sent the htlc settle request back. This
// request should be forwarder back to alice channel link.
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
request = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFailHTLC{},
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that payment circuit works properly.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case pkt := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(pkt); err != nil {
t.Fatalf("unable to remove circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
hltcswitch: increase timeout for bi-di payment test due to travis slowness This commit temporary increases the timeout for the TestChannelLinkBidirectionalOneHopPayments test in order to account for the slowness of the travis instances that our tests are run on.
2017-08-01 21:53:07 +02:00
t.Fatal("request was not propagated to channelPoint")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumPending() != 0 {
t.Fatal("wrong amount of circuits")
}
if s.circuits.NumOpen() != 0 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
}
// TestSwitchAddSamePayment tests that we send the payment with the same
// payment hash.
func TestSwitchAddSamePayment(t *testing.T) {
htlcswitch: run all unit tests in parallel
2017-06-17 00:41:42 +02:00
t.Parallel()
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: add tests to ensure we don't forward to inactive links
2017-12-11 01:19:40 +01:00
)
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
// Create request which should be forwarder from alice channel link
// to bob channel link.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
request := &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator: NewMockObfuscator(),
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
htlc: &lnwire.UpdateAddHTLC{
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
PaymentHash: rhash,
Amount: 1,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
},
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case packet := <-bobChannelLink.packets:
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to destination")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumOpen() != 1 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
htlcswitch: Change circuit map keys to (channel ID, HTLC ID). This changes the circuit map internals and API to reference circuits by a primary key of (channel ID, HTLC ID) instead of paymnet hash. This is because each circuit has a unique offered HTLC, but there may be multiple circuits for a payment hash with different source or destination channels.
2017-10-24 00:50:26 +02:00
request = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 1,
outgoingChanID: bobChannelLink.ShortChanID(),
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator: NewMockObfuscator(),
htlcswitch: Change circuit map keys to (channel ID, HTLC ID). This changes the circuit map internals and API to reference circuits by a primary key of (channel ID, HTLC ID) instead of paymnet hash. This is because each circuit has a unique offered HTLC, but there may be multiple circuits for a payment hash with different source or destination channels.
2017-10-24 00:50:26 +02:00
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that bob channel link received it.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
select {
case packet := <-bobChannelLink.packets:
if err := bobChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
if s.circuits.NumOpen() != 2 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
// Create settle request pretending that bob channel link handled
// the add htlc request and sent the htlc settle request back. This
// request should be forwarder back to alice channel link.
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
request = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFailHTLC{},
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that payment circuit works properly.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case pkt := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(pkt); err != nil {
t.Fatalf("unable to remove circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to channelPoint")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumOpen() != 1 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
htlcswitch: Change circuit map keys to (channel ID, HTLC ID). This changes the circuit map internals and API to reference circuits by a primary key of (channel ID, HTLC ID) instead of paymnet hash. This is because each circuit has a unique offered HTLC, but there may be multiple circuits for a payment hash with different source or destination channels.
2017-10-24 00:50:26 +02:00
request = &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
outgoingChanID: bobChannelLink.ShortChanID(),
outgoingHTLCID: 1,
amount: 1,
htlc: &lnwire.UpdateFailHTLC{},
htlcswitch: Change circuit map keys to (channel ID, HTLC ID). This changes the circuit map internals and API to reference circuits by a primary key of (channel ID, HTLC ID) instead of paymnet hash. This is because each circuit has a unique offered HTLC, but there may be multiple circuits for a payment hash with different source or destination channels.
2017-10-24 00:50:26 +02:00
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that payment circuit works properly.
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, request); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal(err)
}
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case pkt := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(pkt); err != nil {
t.Fatalf("unable to remove circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to channelPoint")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if s.circuits.NumOpen() != 0 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
}
// TestSwitchSendPayment tests ability of htlc switch to respond to the
// users when response is came back from channel link.
func TestSwitchSendPayment(t *testing.T) {
htlcswitch: run all unit tests in parallel
2017-06-17 00:41:42 +02:00
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
chanID1, _, aliceChanID, _ := genIDs()
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: mockChannelLink adds to circuit map to simplify tests.
2017-11-02 21:53:42 +01:00
)
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add link: %v", err)
}
// Create request which should be forwarder from alice channel link
// to bob channel link.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
update := &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
}
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
paymentID := uint64(123)
// First check that the switch will correctly respond that this payment
// ID is unknown.
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
_, err = s.GetAttemptResult(
multi: make GetPaymentResult take payment hash Used for logging in the switch, and when we remove the pending payments, only the router will have the hash stored across restarts.
2019-06-07 16:42:25 +02:00
paymentID, rhash, newMockDeobfuscator(),
htlcswitch+router: move deobfuscator creation to GetPaymentResult call In this commit we move handing the deobfuscator from the router to the switch from when the payment is initiated, to when the result is queried. We do this because only the router can recreate the deobfuscator after a restart, and we are preparing for being able to handle results across restarts. Since the deobfuscator cannot be nil anymore, we can also get rid of that special case.
2019-05-16 15:27:29 +02:00
)
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
if err != ErrPaymentIDNotFound {
t.Fatalf("expected ErrPaymentIDNotFound, got %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
// Handle the request and checks that bob channel link received it.
errChan := make(chan error)
go func() {
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
err := s.SendHTLC(
aliceChannelLink.ShortChanID(), paymentID, update,
htlcswitch+router: move deobfuscator creation to GetPaymentResult call In this commit we move handing the deobfuscator from the router to the switch from when the payment is initiated, to when the result is queried. We do this because only the router can recreate the deobfuscator after a restart, and we are preparing for being able to handle results across restarts. Since the deobfuscator cannot be nil anymore, we can also get rid of that special case.
2019-05-16 15:27:29 +02:00
)
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
if err != nil {
errChan <- err
return
}
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
resultChan, err := s.GetAttemptResult(
multi: make GetPaymentResult take payment hash Used for logging in the switch, and when we remove the pending payments, only the router will have the hash stored across restarts.
2019-06-07 16:42:25 +02:00
paymentID, rhash, newMockDeobfuscator(),
htlcswitch+router: move deobfuscator creation to GetPaymentResult call In this commit we move handing the deobfuscator from the router to the switch from when the payment is initiated, to when the result is queried. We do this because only the router can recreate the deobfuscator after a restart, and we are preparing for being able to handle results across restarts. Since the deobfuscator cannot be nil anymore, we can also get rid of that special case.
2019-05-16 15:27:29 +02:00
)
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
if err != nil {
errChan <- err
return
}
htlcswitch+router: move deobfuscator creation to GetPaymentResult call In this commit we move handing the deobfuscator from the router to the switch from when the payment is initiated, to when the result is queried. We do this because only the router can recreate the deobfuscator after a restart, and we are preparing for being able to handle results across restarts. Since the deobfuscator cannot be nil anymore, we can also get rid of that special case.
2019-05-16 15:27:29 +02:00
result, ok := <-resultChan
if !ok {
errChan <- fmt.Errorf("shutting down")
}
htlcswitch+router: define PaymentResult, GetPaymentResult This lets us distinguish an critical error from a actual payment result (success or failure). This is important since we know that we can only attempt another payment when a final result from the previous payment attempt is received.
2019-05-16 15:27:29 +02:00
if result.Error != nil {
errChan <- result.Error
return
}
errChan <- nil
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}()
select {
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
case packet := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case err := <-errChan:
htlcswitch/switch: clarify paymentID uniqueness With the following commits, it'll become important to not resuse paymentIDs, since there is no way to tell whether the HTLC in question has already been forwarded and settled/failed. We clarify this in the SendHTLC comments, and alter the tests to not attempt to resend an HTLC with a duplicate payment ID.
2019-05-16 15:27:28 +02:00
if err != nil {
htlcswitch: add test for integrated control tower
2018-08-12 15:20:57 +02:00
t.Fatalf("unable to send payment: %v", err)
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
htlcswitch: fix minor typos in switch test file
2017-09-23 00:54:39 +02:00
t.Fatal("request was not propagated to destination")
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
}
htlcswitch: add test for integrated control tower
2018-08-12 15:20:57 +02:00
if s.circuits.NumOpen() != 1 {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatal("wrong amount of circuits")
}
htlcswitch+router: add onion error obfuscation Within the network, it's important that when an HTLC forwarding failure occurs, the recipient is notified in a timely manner in order to ensure that errors are graceful and not unknown. For that reason with accordance to BOLT №4 onion failure obfuscation have been added.
2017-06-29 15:40:45 +02:00
// Create fail request pretending that bob channel link handled
// the add htlc request with error and sent the htlc fail request
// back. This request should be forwarded back to alice channel link.
htlcswitch/switch_test: change forward() -> send()
2018-01-04 18:49:22 +01:00
obfuscator := NewMockObfuscator()
lnwire+htlcswitch: report height for invalid payment details failure Extends the invalid payment details failure with the new accept height field. This allows sender to distinguish between a genuine invalid details situation and a delay caused by intermediate nodes.
2019-06-12 12:18:58 +02:00
failure := lnwire.NewFailIncorrectDetails(update.Amount, 100)
Htlcswitch: rename Deobfuscator and Obfuscator interfaces This commit renames the Deobfuscator interface to ErrorDecrypter and the Obfuscator interface to ErrorEncrypter. With this rename, the purpose of these two interfaces are a bit clearer. Additionally, DecryptError (which was formerly Deobfuscate) now directly returns an ForwardingError type instead of the lnwire.FailureMessage.
2017-10-11 04:36:52 +02:00
reason, err := obfuscator.EncryptFirstHop(failure)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable obfuscate failure")
htlcswitch+router: add onion error obfuscation Within the network, it's important that when an HTLC forwarding failure occurs, the recipient is notified in a timely manner in order to ensure that errors are graceful and not unknown. For that reason with accordance to BOLT №4 onion failure obfuscation have been added.
2017-06-29 15:40:45 +02:00
contractcourt+switch: keep channels with timed-out initiated htlcs. This commit enables the user to specify he is not interested in automatically close channels with pending payments that their corresponding htlcs have timed-out. By requiring a configurable grace period uptime of our node before closing such channels, we give a chance to the other node to properly cancel the htlc and avoid unnecessary on-chain transaction. In mobile it is very important for the user experience as otherwise channels will be force closed more frequently.
2020-02-03 11:52:22 +01:00
if s.IsForwardedHTLC(aliceChannelLink.ShortChanID(), update.ID) {
t.Fatal("htlc should be identified as not forwarded")
}
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
packet := &htlcPacket{
htlcswitch: Rename htlcPacket fields for clarity. The src/dest terminology for routing packets is kind of confusing because the source HTLC may not be the source of the packet for settles/fails traversing the circuit in the opposite direction. This changes the nomenclature to incoming/outgoing and always references the HTLCs themselves.
2017-10-30 19:56:51 +01:00
outgoingChanID: aliceChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
htlc: &lnwire.UpdateFailHTLC{
htlcswitch+router: add onion error obfuscation Within the network, it's important that when an HTLC forwarding failure occurs, the recipient is notified in a timely manner in order to ensure that errors are graceful and not unknown. For that reason with accordance to BOLT №4 onion failure obfuscation have been added.
2017-06-29 15:40:45 +02:00
Reason: reason,
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
},
htlcswitch: Remove constructor functions for htlcPacket. The constructor functions have no additional logic other than passing function parameters into struct fields. Given the large function signatures, it is more clear to directly construct the htlcPacket in client code than call a function with lots of positional arguments.
2017-10-24 08:18:26 +02:00
}
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, packet); err != nil {
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
t.Fatalf("can't forward htlc packet: %v", err)
}
select {
case err := <-errChan:
multi: rename FailUnknownPaymentHash to FailIncorrectDetails Align naming better with the lightning spec. Not the full name of the failure (FailIncorrectOrUnknownPaymentDetails) is used, because this would cause too many long lines in the code.
2019-06-12 11:35:54 +02:00
assertFailureCode(
t, err, lnwire.CodeIncorrectOrUnknownPaymentDetails,
)
htlcswitch: recreate hlcswitch from scratch This commit gives the start for making the htlc manager and htlc switch testable. The testability of htlc switch have been achieved by mocking all external subsystems. The concrete list of updates: 1. create standalone package for htlc switch. 2. add "ChannelLink" interface, which represent the previous htlc link. 3. add "Peer" interface, which represent the remote node inside our subsystem. 4. add htlc switch config to htlc switch susbystem, which stores the handlers which are not elongs to any of the above interfaces. With this commit we are able test htlc switch even without having the concrete implementation of Peer, ChannelLink structures, they will be added later.
2017-05-01 18:58:08 +02:00
case <-time.After(time.Second):
t.Fatal("err wasn't received")
}
}
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
// TestLocalPaymentNoForwardingEvents tests that if we send a series of locally
// initiated payments, then they aren't reflected in the forwarding log.
func TestLocalPaymentNoForwardingEvents(t *testing.T) {
t.Parallel()
// First, we'll create our traditional three hop network. We'll only be
// interacting with and asserting the state of the first end point for
// this test.
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
channels, _, err := createClusterChannels(
t, btcutil.SatoshiPerBitcoin*3, btcutil.SatoshiPerBitcoin*5,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create channel")
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
n := newThreeHopNetwork(t, channels.aliceToBob, channels.bobToAlice,
channels.bobToCarol, channels.carolToBob, testStartingHeight)
if err := n.start(); err != nil {
t.Fatalf("unable to start three hop network: %v", err)
}
// We'll now craft and send a payment from Alice to Bob.
amount := lnwire.NewMSatFromSatoshis(btcutil.SatoshiPerBitcoin)
htlcAmt, totalTimelock, hops := generateHops(
amount, testStartingHeight, n.firstBobChannelLink,
)
// With the payment crafted, we'll send it from Alice to Bob. We'll
// wait for Alice to receive the preimage for the payment before
// proceeding.
receiver := n.bobServer
htlcswitch: implement strict forwarding for locally dispatched payments In this commit, we address an issue that could arise when using the SendToRoute RPC. In this RPC, we specify the exact hops that a payment should take. However, within the switch, we would set a constraint for the first hop to be any hop as long as the first peer was at the end of it. This would cause discrepancies when attempting to use the RPC as the payment would actually go through another hop with the same peer. We fix this by explicitly specifying the channel ID of the first hop. Fixes #1500. Fixes #1515.
2018-07-10 03:11:25 +02:00
firstHop := n.firstBobChannelLink.ShortChanID()
htlcswitch/test: convert makePayment into function
2019-01-29 13:28:36 +01:00
_, err = makePayment(
htlcswitch: implement strict forwarding for locally dispatched payments In this commit, we address an issue that could arise when using the SendToRoute RPC. In this RPC, we specify the exact hops that a payment should take. However, within the switch, we would set a constraint for the first hop to be any hop as long as the first peer was at the end of it. This would cause discrepancies when attempting to use the RPC as the payment would actually go through another hop with the same peer. We fix this by explicitly specifying the channel ID of the first hop. Fixes #1500. Fixes #1515.
2018-07-10 03:11:25 +02:00
n.aliceServer, receiver, firstHop, hops, amount, htlcAmt,
totalTimelock,
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
).Wait(30 * time.Second)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to make the payment")
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
// At this point, we'll forcibly stop the three hop network. Doing
// this will cause any pending forwarding events to be flushed by the
// various switches in the network.
n.stop()
// With all the switches stopped, we'll fetch Alice's mock forwarding
// event log.
log, ok := n.aliceServer.htlcSwitch.cfg.FwdingLog.(*mockForwardingLog)
if !ok {
t.Fatalf("mockForwardingLog assertion failed")
}
htlcswitch: fix race in forwarding log test by grabbing log mtx
2018-03-09 05:11:43 +01:00
log.Lock()
defer log.Unlock()
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
// If we examine the memory of the forwarding log, then it should be
// blank.
if len(log.events) != 0 {
t.Fatalf("log should have no events, instead has: %v",
spew.Sdump(log.events))
}
}
// TestMultiHopPaymentForwardingEvents tests that if we send a series of
// multi-hop payments via Alice->Bob->Carol. Then Bob properly logs forwarding
// events, while Alice and Carol don't.
func TestMultiHopPaymentForwardingEvents(t *testing.T) {
t.Parallel()
// First, we'll create our traditional three hop network.
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
channels, _, err := createClusterChannels(
t, btcutil.SatoshiPerBitcoin*3, btcutil.SatoshiPerBitcoin*5,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create channel")
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
n := newThreeHopNetwork(t, channels.aliceToBob, channels.bobToAlice,
channels.bobToCarol, channels.carolToBob, testStartingHeight)
if err := n.start(); err != nil {
t.Fatalf("unable to start three hop network: %v", err)
}
// We'll make now 10 payments, of 100k satoshis each from Alice to
// Carol via Bob.
const numPayments = 10
finalAmt := lnwire.NewMSatFromSatoshis(100000)
htlcAmt, totalTimelock, hops := generateHops(
finalAmt, testStartingHeight, n.firstBobChannelLink,
n.carolChannelLink,
)
htlcswitch: implement strict forwarding for locally dispatched payments In this commit, we address an issue that could arise when using the SendToRoute RPC. In this RPC, we specify the exact hops that a payment should take. However, within the switch, we would set a constraint for the first hop to be any hop as long as the first peer was at the end of it. This would cause discrepancies when attempting to use the RPC as the payment would actually go through another hop with the same peer. We fix this by explicitly specifying the channel ID of the first hop. Fixes #1500. Fixes #1515.
2018-07-10 03:11:25 +02:00
firstHop := n.firstBobChannelLink.ShortChanID()
htlcswitch test: add fwdinglog inspection on triggered FwdEventTicker
2018-09-25 09:41:22 +02:00
for i := 0; i < numPayments/2; i++ {
htlcswitch/test: convert makePayment into function
2019-01-29 13:28:36 +01:00
_, err := makePayment(
htlcswitch test: add fwdinglog inspection on triggered FwdEventTicker
2018-09-25 09:41:22 +02:00
n.aliceServer, n.carolServer, firstHop, hops, finalAmt,
htlcAmt, totalTimelock,
).Wait(30 * time.Second)
if err != nil {
t.Fatalf("unable to send payment: %v", err)
}
}
bobLog, ok := n.bobServer.htlcSwitch.cfg.FwdingLog.(*mockForwardingLog)
if !ok {
t.Fatalf("mockForwardingLog assertion failed")
}
// After sending 5 of the payments, trigger the forwarding ticker, to
// make sure the events are properly flushed.
ticker+htlcswitch: rename Mock -> Force
2019-02-07 01:48:54 +01:00
bobTicker, ok := n.bobServer.htlcSwitch.cfg.FwdEventTicker.(*ticker.Force)
htlcswitch test: add fwdinglog inspection on triggered FwdEventTicker
2018-09-25 09:41:22 +02:00
if !ok {
t.Fatalf("mockTicker assertion failed")
}
// We'll trigger the ticker, and wait for the events to appear in Bob's
// forwarding log.
timeout := time.After(15 * time.Second)
for {
select {
case bobTicker.Force <- time.Now():
case <-time.After(1 * time.Second):
t.Fatalf("unable to force tick")
}
// If all 5 events is found in Bob's log, we can break out and
// continue the test.
bobLog.Lock()
if len(bobLog.events) == 5 {
bobLog.Unlock()
break
}
bobLog.Unlock()
// Otherwise wait a little bit before checking again.
select {
case <-time.After(50 * time.Millisecond):
case <-timeout:
bobLog.Lock()
defer bobLog.Unlock()
t.Fatalf("expected 5 events in event log, instead "+
"found: %v", spew.Sdump(bobLog.events))
}
}
// Send the remaining payments.
for i := numPayments / 2; i < numPayments; i++ {
htlcswitch/test: convert makePayment into function
2019-01-29 13:28:36 +01:00
_, err := makePayment(
htlcswitch: implement strict forwarding for locally dispatched payments In this commit, we address an issue that could arise when using the SendToRoute RPC. In this RPC, we specify the exact hops that a payment should take. However, within the switch, we would set a constraint for the first hop to be any hop as long as the first peer was at the end of it. This would cause discrepancies when attempting to use the RPC as the payment would actually go through another hop with the same peer. We fix this by explicitly specifying the channel ID of the first hop. Fixes #1500. Fixes #1515.
2018-07-10 03:11:25 +02:00
n.aliceServer, n.carolServer, firstHop, hops, finalAmt,
htlcAmt, totalTimelock,
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
).Wait(30 * time.Second)
if err != nil {
t.Fatalf("unable to send payment: %v", err)
}
}
// With all 10 payments sent. We'll now manually stop each of the
// switches so we can examine their end state.
n.stop()
// Alice and Carol shouldn't have any recorded forwarding events, as
// they were the source and the sink for these payment flows.
aliceLog, ok := n.aliceServer.htlcSwitch.cfg.FwdingLog.(*mockForwardingLog)
if !ok {
t.Fatalf("mockForwardingLog assertion failed")
}
htlcswitch: fix race in forwarding log test by grabbing log mtx
2018-03-09 05:11:43 +01:00
aliceLog.Lock()
defer aliceLog.Unlock()
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
if len(aliceLog.events) != 0 {
t.Fatalf("log should have no events, instead has: %v",
spew.Sdump(aliceLog.events))
}
htlcswitch: fix race in forwarding log test by grabbing log mtx
2018-03-09 05:11:43 +01:00
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
carolLog, ok := n.carolServer.htlcSwitch.cfg.FwdingLog.(*mockForwardingLog)
if !ok {
t.Fatalf("mockForwardingLog assertion failed")
}
htlcswitch: fix race in forwarding log test by grabbing log mtx
2018-03-09 05:11:43 +01:00
carolLog.Lock()
defer carolLog.Unlock()
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
if len(carolLog.events) != 0 {
t.Fatalf("log should have no events, instead has: %v",
spew.Sdump(carolLog.events))
}
// Bob on the other hand, should have 10 events.
htlcswitch: fix race in forwarding log test by grabbing log mtx
2018-03-09 05:11:43 +01:00
bobLog.Lock()
defer bobLog.Unlock()
htlcswitch: add set of tests for the forwarding log
2018-02-28 07:19:21 +01:00
if len(bobLog.events) != 10 {
t.Fatalf("log should have 10 events, instead has: %v",
spew.Sdump(bobLog.events))
}
// Each of the 10 events should have had all fields set properly.
for _, event := range bobLog.events {
// The incoming and outgoing channels should properly be set for
// the event.
if event.IncomingChanID != n.aliceChannelLink.ShortChanID() {
t.Fatalf("chan id mismatch: expected %v, got %v",
event.IncomingChanID,
n.aliceChannelLink.ShortChanID())
}
if event.OutgoingChanID != n.carolChannelLink.ShortChanID() {
t.Fatalf("chan id mismatch: expected %v, got %v",
event.OutgoingChanID,
n.carolChannelLink.ShortChanID())
}
// Additionally, the incoming and outgoing amounts should also
// be properly set.
if event.AmtIn != htlcAmt {
t.Fatalf("incoming amt mismatch: expected %v, got %v",
event.AmtIn, htlcAmt)
}
if event.AmtOut != finalAmt {
t.Fatalf("outgoing amt mismatch: expected %v, got %v",
event.AmtOut, finalAmt)
}
}
}
htlcswitch: add new TestUpdateFailMalformedHTLCErrorConversion test In this commit, we add a new test to ensure that we're able to properly convert malformed HTLC errors that are sourced from multiple hops away, or our direct channel peers. In order to test this effectively, we force the onion decryptors of various peers to always fail which will trigger the malformed HTLC logic.
2019-05-01 03:28:39 +02:00
// TestUpdateFailMalformedHTLCErrorConversion tests that we're able to properly
// convert malformed HTLC errors that originate at the direct link, as well as
// during multi-hop HTLC forwarding.
func TestUpdateFailMalformedHTLCErrorConversion(t *testing.T) {
t.Parallel()
// First, we'll create our traditional three hop network.
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
channels, _, err := createClusterChannels(
t, btcutil.SatoshiPerBitcoin*3, btcutil.SatoshiPerBitcoin*5,
htlcswitch: add new TestUpdateFailMalformedHTLCErrorConversion test In this commit, we add a new test to ensure that we're able to properly convert malformed HTLC errors that are sourced from multiple hops away, or our direct channel peers. In order to test this effectively, we force the onion decryptors of various peers to always fail which will trigger the malformed HTLC logic.
2019-05-01 03:28:39 +02:00
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create channel")
htlcswitch: add new TestUpdateFailMalformedHTLCErrorConversion test In this commit, we add a new test to ensure that we're able to properly convert malformed HTLC errors that are sourced from multiple hops away, or our direct channel peers. In order to test this effectively, we force the onion decryptors of various peers to always fail which will trigger the malformed HTLC logic.
2019-05-01 03:28:39 +02:00
n := newThreeHopNetwork(
t, channels.aliceToBob, channels.bobToAlice,
channels.bobToCarol, channels.carolToBob, testStartingHeight,
)
if err := n.start(); err != nil {
t.Fatalf("unable to start three hop network: %v", err)
}
assertPaymentFailure := func(t *testing.T) {
// With the decoder modified, we'll now attempt to send a
// payment from Alice to carol.
finalAmt := lnwire.NewMSatFromSatoshis(100000)
htlcAmt, totalTimelock, hops := generateHops(
finalAmt, testStartingHeight, n.firstBobChannelLink,
n.carolChannelLink,
)
firstHop := n.firstBobChannelLink.ShortChanID()
_, err = makePayment(
n.aliceServer, n.carolServer, firstHop, hops, finalAmt,
htlcAmt, totalTimelock,
).Wait(30 * time.Second)
// The payment should fail as Carol is unable to decode the
// onion blob sent to her.
if err == nil {
t.Fatalf("unable to send payment: %v", err)
}
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
routingErr := err.(ClearTextError)
failureMsg := routingErr.WireMessage()
htlcswitch: always assume an onion error for malformed htlc failures Previously a temporary channel failure was returning for unexpected malformed htlc failures. This is not what we want to communicate to the sender, because the sender may apply a penalty to us only. Returning the temporary channel failure is especially problematic if we ourselves are the sender and the malformed htlc failure comes from our direct peer. When interpretating the failure, we aren't able to distinguish anymore between our channel not having enough balance and our peer sending an unexpected failure back.
2019-08-16 19:46:51 +02:00
if _, ok := failureMsg.(*lnwire.FailInvalidOnionKey); !ok {
t.Fatalf("expected onion failure instead got: %v",
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
routingErr.WireMessage())
htlcswitch: add new TestUpdateFailMalformedHTLCErrorConversion test In this commit, we add a new test to ensure that we're able to properly convert malformed HTLC errors that are sourced from multiple hops away, or our direct channel peers. In order to test this effectively, we force the onion decryptors of various peers to always fail which will trigger the malformed HTLC logic.
2019-05-01 03:28:39 +02:00
}
}
t.Run("multi-hop error conversion", func(t *testing.T) {
// Now that we have our network up, we'll modify the hop
// iterator for the Bob <-> Carol channel to fail to decode in
// order to simulate either a replay attack or an issue
// decoding the onion.
n.carolOnionDecoder.decodeFail = true
assertPaymentFailure(t)
})
t.Run("direct channel error conversion", func(t *testing.T) {
// Similar to the above test case, we'll now make the Alice <->
// Bob link always fail to decode an onion. This differs from
// the above test case in that there's no encryption on the
// error at all since Alice will directly receive a
// UpdateFailMalformedHTLC message.
n.bobOnionDecoder.decodeFail = true
assertPaymentFailure(t)
})
}
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
// TestSwitchGetAttemptResult tests that the switch interacts as expected with
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
// the circuit map and network result store when looking up the result of a
// payment ID. This is important for not to lose results under concurrent
// lookup and receiving results.
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
func TestSwitchGetAttemptResult(t *testing.T) {
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
t.Parallel()
const paymentID = 123
var preimg lntypes.Preimage
preimg[0] = 3
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
lookup := make(chan *PaymentCircuit, 1)
s.circuits = &mockCircuitMap{
lookup: lookup,
}
// If the payment circuit is not found in the circuit map, the payment
// result must be found in the store if available. Since we haven't
// added anything to the store yet, ErrPaymentIDNotFound should be
// returned.
lookup <- nil
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
_, err = s.GetAttemptResult(
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
paymentID, lntypes.Hash{}, newMockDeobfuscator(),
)
if err != ErrPaymentIDNotFound {
t.Fatalf("expected ErrPaymentIDNotFound, got %v", err)
}
// Next let the lookup find the circuit in the circuit map. It should
// subscribe to payment results, and return the result when available.
lookup <- &PaymentCircuit{}
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
resultChan, err := s.GetAttemptResult(
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
paymentID, lntypes.Hash{}, newMockDeobfuscator(),
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to get payment result")
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
// Add the result to the store.
n := &networkResult{
msg: &lnwire.UpdateFulfillHTLC{
PaymentPreimage: preimg,
},
unencrypted: true,
isResolution: true,
}
err = s.networkResults.storeResult(paymentID, n)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to store result")
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
multi: Fix typos [skip ci]
2022-01-13 17:29:43 +01:00
// The result should be available.
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
select {
case res, ok := <-resultChan:
if !ok {
t.Fatalf("channel was closed")
}
if res.Error != nil {
t.Fatalf("got unexpected error result")
}
if res.Preimage != preimg {
t.Fatalf("expected preimg %v, got %v",
preimg, res.Preimage)
}
case <-time.After(1 * time.Second):
t.Fatalf("result not received")
}
// As a final test, try to get the result again. Now that is no longer
// in the circuit map, it should be immediately available from the
// store.
lookup <- nil
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
resultChan, err = s.GetAttemptResult(
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
paymentID, lntypes.Hash{}, newMockDeobfuscator(),
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to get payment result")
htlcswitch/switch test: add TestSwitchGetPaymentResult TestSwitchGetPaymentResult tests that the switch interacts as expected with the circuit map and network result store when looking up the result of a payment ID. This is important for not to lose results under concurrent lookup and receiving results.
2019-06-07 16:42:26 +02:00
select {
case res, ok := <-resultChan:
if !ok {
t.Fatalf("channel was closed")
}
if res.Error != nil {
t.Fatalf("got unexpected error result")
}
if res.Preimage != preimg {
t.Fatalf("expected preimg %v, got %v",
preimg, res.Preimage)
}
case <-time.After(1 * time.Second):
t.Fatalf("result not received")
}
}
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
// TestInvalidFailure tests that the switch returns an unreadable failure error
// if the failure cannot be decrypted.
func TestInvalidFailure(t *testing.T) {
t.Parallel()
htlcswitch/test: replace mock server delta with constant
2020-01-30 09:01:10 +01:00
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer s.Stop()
chanID1, _, aliceChanID, _ := genIDs()
// Set up a mock channel link.
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add link: %v", err)
}
// Create a request which should be forwarded to the mock channel link.
preimage, err := genPreimage()
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to generate preimage")
channeldb+htlcswitch: don't use fastsha256 in tests The btcsuite/fastsha256 registers itself in the crypto package of golang as a replacement for sha256. This causes problems in TLS1.3 connections that require the hash implementations to be serializable and results in the "tls: internal error: failed to clone hash" error. By removing all uses of the library we fix that error.
2020-05-20 11:07:38 +02:00
rhash := sha256.Sum256(preimage[:])
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
update := &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
}
paymentID := uint64(123)
// Send the request.
err = s.SendHTLC(
aliceChannelLink.ShortChanID(), paymentID, update,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to send payment")
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
// Catch the packet and complete the circuit so that the switch is ready
// for a response.
select {
case packet := <-aliceChannelLink.packets:
if err := aliceChannelLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Send response packet with an unreadable failure message to the
// switch. The reason failed is not relevant, because we mock the
// decryption.
packet := &htlcPacket{
outgoingChanID: aliceChannelLink.ShortChanID(),
outgoingHTLCID: 0,
amount: 1,
htlc: &lnwire.UpdateFailHTLC{
Reason: []byte{1, 2, 3},
},
}
htlcswitch: change ForwardPackets to return error As part of the preparation to the switch interceptor feature, this function is changed to return error instead of error channel that is closed automatically. Returning an error channel has become complex to maintain and implement when adding more asynchronous flows to the switch. The change doesn't affect the current behavior which logs the errors as before.
2020-05-19 11:13:02 +02:00
if err := s.ForwardPackets(nil, packet); err != nil {
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
t.Fatalf("can't forward htlc packet: %v", err)
}
// Get payment result from switch. We expect an unreadable failure
// message error.
deobfuscator := SphinxErrorDecrypter{
OnionErrorDecrypter: &mockOnionErrorDecryptor{
err: ErrUnreadableFailureMessage,
},
}
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
resultChan, err := s.GetAttemptResult(
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
paymentID, rhash, &deobfuscator,
)
if err != nil {
t.Fatal(err)
}
select {
case result := <-resultChan:
if result.Error != ErrUnreadableFailureMessage {
t.Fatal("expected unreadable failure message")
}
case <-time.After(time.Second):
t.Fatal("err wasn't received")
}
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
// Modify the decryption to simulate that decryption went alright, but
// the failure cannot be decoded.
deobfuscator = SphinxErrorDecrypter{
OnionErrorDecrypter: &mockOnionErrorDecryptor{
sourceIdx: 2,
message: []byte{200},
},
}
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
resultChan, err = s.GetAttemptResult(
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
paymentID, rhash, &deobfuscator,
)
if err != nil {
t.Fatal(err)
}
select {
case result := <-resultChan:
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
rtErr, ok := result.Error.(ClearTextError)
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
if !ok {
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
t.Fatal("expected ClearTextError")
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
}
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
source, ok := rtErr.(*ForwardingError)
if !ok {
t.Fatalf("expected forwarding error, got: %T", rtErr)
}
if source.FailureSourceIdx != 2 {
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
t.Fatal("unexpected error source index")
}
htlcswitch+routing: type check on ClearTextError Update the type check used for checking local payment failures to check on the ClearTextError interface rather than on the ForwardingError type. This change prepares for splitting payment errors up into Link and Forwarding errors.
2020-01-14 14:07:42 +01:00
if rtErr.WireMessage() != nil {
htlcswitch: do not consider unknown failures an error
2019-06-19 15:09:23 +02:00
t.Fatal("expected empty failure message")
}
case <-time.After(time.Second):
t.Fatal("err wasn't received")
}
htlcswitch: use distinct error for unreadable failures
2019-06-19 11:12:10 +02:00
}
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// htlcNotifierEvents is a function that generates a set of expected htlc
// notifier evetns for each node in a three hop network with the dynamic
// values provided. These functions take dynamic values so that changes to
// external systems (such as our default timelock delta) do not break
// these tests.
type htlcNotifierEvents func(channels *clusterChannels, htlcID uint64,
ts time.Time, htlc *lnwire.UpdateAddHTLC,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
hops []*hop.Payload,
preimage *lntypes.Preimage) ([]interface{}, []interface{}, []interface{})
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// TestHtlcNotifier tests the notifying of htlc events that are routed over a
// three hop network. It sets up an Alice -> Bob -> Carol network and routes
// payments from Alice -> Carol to test events from the perspective of a
// sending (Alice), forwarding (Bob) and receiving (Carol) node. Test cases
// are present for saduccessful and failed payments.
func TestHtlcNotifier(t *testing.T) {
tests := []struct {
name string
// Options is a set of options to apply to the three hop
// network's servers.
options []serverOption
// expectedEvents is a function which returns an expected set
// of events for the test.
expectedEvents htlcNotifierEvents
// iterations is the number of times we will send a payment,
// this is used to send more than one payment to force non-
// zero htlc indexes to make sure we aren't just checking
// default values.
iterations int
}{
{
name: "successful three hop payment",
options: nil,
expectedEvents: func(channels *clusterChannels,
htlcID uint64, ts time.Time,
htlc *lnwire.UpdateAddHTLC,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
hops []*hop.Payload,
preimage *lntypes.Preimage) ([]interface{},
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
[]interface{}, []interface{}) {
return getThreeHopEvents(
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
channels, htlcID, ts, htlc, hops, nil, preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
)
},
iterations: 2,
},
{
name: "failed at forwarding link",
// Set a functional option which disables bob as a
// forwarding node to force a payment error.
options: []serverOption{
serverOptionRejectHtlc(false, true, false),
},
expectedEvents: func(channels *clusterChannels,
htlcID uint64, ts time.Time,
htlc *lnwire.UpdateAddHTLC,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
hops []*hop.Payload,
preimage *lntypes.Preimage) ([]interface{},
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
[]interface{}, []interface{}) {
return getThreeHopEvents(
channels, htlcID, ts, htlc, hops,
&LinkError{
msg: &lnwire.FailChannelDisabled{},
FailureDetail: OutgoingFailureForwardsDisabled,
},
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
)
},
iterations: 1,
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testHtcNotifier(
t, test.options, test.iterations,
test.expectedEvents,
)
})
}
}
// testHtcNotifier runs a htlc notifier test.
func testHtcNotifier(t *testing.T, testOpts []serverOption, iterations int,
getEvents htlcNotifierEvents) {
t.Parallel()
// First, we'll create our traditional three hop
// network.
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
channels, _, err := createClusterChannels(
t, btcutil.SatoshiPerBitcoin*3, btcutil.SatoshiPerBitcoin*5,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create channel")
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// Mock time so that all events are reported with a static timestamp.
now := time.Now()
mockTime := func() time.Time {
return now
}
// Create htlc notifiers for each server in the three hop network and
// start them.
aliceNotifier := NewHtlcNotifier(mockTime)
if err := aliceNotifier.Start(); err != nil {
t.Fatalf("could not start alice notifier")
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(func() {
channelnotifier+discover+invoices: return error in Stop functions In order to be consistent with other sub systems an error is now returned from the Stop functions. This also allows writing a generic cleanup mechanism to stop all sub systems in case of a failure.
2019-01-21 12:11:19 +01:00
if err := aliceNotifier.Stop(); err != nil {
t.Fatalf("failed to stop alice notifier: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
})
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
bobNotifier := NewHtlcNotifier(mockTime)
if err := bobNotifier.Start(); err != nil {
t.Fatalf("could not start bob notifier")
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(func() {
channelnotifier+discover+invoices: return error in Stop functions In order to be consistent with other sub systems an error is now returned from the Stop functions. This also allows writing a generic cleanup mechanism to stop all sub systems in case of a failure.
2019-01-21 12:11:19 +01:00
if err := bobNotifier.Stop(); err != nil {
t.Fatalf("failed to stop bob notifier: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
})
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
carolNotifier := NewHtlcNotifier(mockTime)
if err := carolNotifier.Start(); err != nil {
t.Fatalf("could not start carol notifier")
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(func() {
channelnotifier+discover+invoices: return error in Stop functions In order to be consistent with other sub systems an error is now returned from the Stop functions. This also allows writing a generic cleanup mechanism to stop all sub systems in case of a failure.
2019-01-21 12:11:19 +01:00
if err := carolNotifier.Stop(); err != nil {
t.Fatalf("failed to stop carol notifier: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
})
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// Create a notifier server option which will set our htlc notifiers
// for the three hop network.
notifierOption := serverOptionWithHtlcNotifier(
aliceNotifier, bobNotifier, carolNotifier,
)
// Add the htlcNotifier option to any other options
// set in the test.
multi: fix newly detected linter issues
2022-02-07 13:58:25 +01:00
options := append(testOpts, notifierOption) // nolint:gocritic
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
n := newThreeHopNetwork(
t, channels.aliceToBob,
channels.bobToAlice, channels.bobToCarol,
channels.carolToBob, testStartingHeight,
options...,
)
if err := n.start(); err != nil {
t.Fatalf("unable to start three hop "+
"network: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(n.stop)
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// Before we forward anything, subscribe to htlc events
// from each notifier.
aliceEvents, err := aliceNotifier.SubscribeHtlcEvents()
if err != nil {
t.Fatalf("could not subscribe to alice's"+
" events: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(aliceEvents.Cancel)
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
bobEvents, err := bobNotifier.SubscribeHtlcEvents()
if err != nil {
t.Fatalf("could not subscribe to bob's"+
" events: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(bobEvents.Cancel)
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
carolEvents, err := carolNotifier.SubscribeHtlcEvents()
if err != nil {
t.Fatalf("could not subscribe to carol's"+
" events: %v", err)
}
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
t.Cleanup(carolEvents.Cancel)
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
// Send multiple payments, as specified by the test to test incrementing
// of htlc ids.
for i := 0; i < iterations; i++ {
// We'll start off by making a payment from
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
// Alice -> Bob -> Carol. The preimage, generated
// by Carol's Invoice is expected in the Settle events
htlc, hops, preimage := n.sendThreeHopPayment(t)
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
alice, bob, carol := getEvents(
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
channels, uint64(i), now, htlc, hops, preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
)
checkHtlcEvents(t, aliceEvents.Updates(), alice)
checkHtlcEvents(t, bobEvents.Updates(), bob)
checkHtlcEvents(t, carolEvents.Updates(), carol)
}
}
// checkHtlcEvents checks that a subscription has the set of htlc events
// we expect it to have.
func checkHtlcEvents(t *testing.T, events <-chan interface{},
expectedEvents []interface{}) {
htlcswitch/switch_test: add t.Helper() to assertion
2020-04-07 20:54:02 +02:00
t.Helper()
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
for _, expected := range expectedEvents {
select {
case event := <-events:
if !reflect.DeepEqual(event, expected) {
t.Fatalf("expected %v, got: %v", expected,
event)
}
htlcswitch/switch_test: increase checkHtlcEvents timeout This flakes locally for me on darwin.
2020-04-07 20:52:50 +02:00
case <-time.After(5 * time.Second):
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
t.Fatalf("expected event: %v", expected)
}
}
htlcswitch: add final htlc event to notifier
2022-08-29 13:28:17 +02:00
// Check that there are no unexpected events following.
select {
case event := <-events:
t.Fatalf("unexpected event: %v", event)
default:
}
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
}
// sendThreeHopPayment is a helper function which sends a payment over
// Alice -> Bob -> Carol in a three hop network and returns Alice's first htlc
// and the remainder of the hops.
func (n *threeHopNetwork) sendThreeHopPayment(t *testing.T) (*lnwire.UpdateAddHTLC,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
[]*hop.Payload, *lntypes.Preimage) {
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
amount := lnwire.NewMSatFromSatoshis(btcutil.SatoshiPerBitcoin)
htlcAmt, totalTimelock, hops := generateHops(amount, testStartingHeight,
n.firstBobChannelLink, n.carolChannelLink)
blob, err := generateRoute(hops...)
if err != nil {
t.Fatal(err)
}
invoice, htlc, pid, err := generatePayment(
amount, htlcAmt, totalTimelock, blob,
)
if err != nil {
t.Fatal(err)
}
multi: extend `InvoiceDB` methods with a context argument (#8066) * multi: extend InvoiceDB methods with a context argument This commit adds a context to InvoiceDB's methods. Along this refactor we also extend InvoiceRegistry methods with contexts where it makes sense. This change is essential to be able to provide kvdb and sqldb implementations for InvoiceDB. * channeldb: restrict invoice tests to only use an InvoiceDB instance * docs: update release notes for 0.18.0
2023-10-11 13:42:59 +02:00
err = n.carolServer.registry.AddInvoice(
context.Background(), *invoice, htlc.PaymentHash,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to add invoice in carol registry")
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
if err := n.aliceServer.htlcSwitch.SendHTLC(
n.firstBobChannelLink.ShortChanID(), pid, htlc,
); err != nil {
t.Fatalf("could not send htlc")
}
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
return htlc, hops, invoice.Terms.PaymentPreimage
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
}
// getThreeHopEvents gets the set of htlc events that we expect for a payment
// from Alice -> Bob -> Carol. If a non-nil link error is provided, the set
// of events will fail on Bob's outgoing link.
func getThreeHopEvents(channels *clusterChannels, htlcID uint64,
ts time.Time, htlc *lnwire.UpdateAddHTLC, hops []*hop.Payload,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
linkError *LinkError,
preimage *lntypes.Preimage) ([]interface{}, []interface{}, []interface{}) {
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
aliceKey := HtlcKey{
IncomingCircuit: zeroCircuit,
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
OutgoingCircuit: models.CircuitKey{
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
ChanID: channels.aliceToBob.ShortChanID(),
HtlcID: htlcID,
},
}
// Alice always needs a forwarding event because she initiates the
// send.
aliceEvents := []interface{}{
&ForwardingEvent{
HtlcKey: aliceKey,
HtlcInfo: HtlcInfo{
OutgoingTimeLock: htlc.Expiry,
OutgoingAmt: htlc.Amount,
},
HtlcEventType: HtlcEventTypeSend,
Timestamp: ts,
},
}
bobKey := HtlcKey{
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
IncomingCircuit: models.CircuitKey{
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
ChanID: channels.bobToAlice.ShortChanID(),
HtlcID: htlcID,
},
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
OutgoingCircuit: models.CircuitKey{
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
ChanID: channels.bobToCarol.ShortChanID(),
HtlcID: htlcID,
},
}
bobInfo := HtlcInfo{
IncomingTimeLock: htlc.Expiry,
IncomingAmt: htlc.Amount,
OutgoingTimeLock: hops[1].FwdInfo.OutgoingCTLV,
OutgoingAmt: hops[1].FwdInfo.AmountToForward,
}
// If we expect the payment to fail, we add failures for alice and
// bob, and no events for carol because the payment never reaches her.
if linkError != nil {
aliceEvents = append(aliceEvents,
&ForwardingFailEvent{
HtlcKey: aliceKey,
HtlcEventType: HtlcEventTypeSend,
Timestamp: ts,
},
)
bobEvents := []interface{}{
&LinkFailEvent{
HtlcKey: bobKey,
HtlcInfo: bobInfo,
HtlcEventType: HtlcEventTypeForward,
LinkError: linkError,
Incoming: false,
Timestamp: ts,
},
htlcswitch: add final htlc event to notifier
2022-08-29 13:28:17 +02:00
&FinalHtlcEvent{
CircuitKey: bobKey.IncomingCircuit,
Settled: false,
Offchain: true,
Timestamp: ts,
},
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
}
return aliceEvents, bobEvents, nil
}
// If we want to get events for a successful payment, we add a settle
// for alice, a forward and settle for bob and a receive settle for
// carol.
aliceEvents = append(
aliceEvents,
&SettleEvent{
HtlcKey: aliceKey,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
Preimage: *preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
HtlcEventType: HtlcEventTypeSend,
Timestamp: ts,
},
)
bobEvents := []interface{}{
&ForwardingEvent{
HtlcKey: bobKey,
HtlcInfo: bobInfo,
HtlcEventType: HtlcEventTypeForward,
Timestamp: ts,
},
&SettleEvent{
HtlcKey: bobKey,
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
Preimage: *preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
HtlcEventType: HtlcEventTypeForward,
Timestamp: ts,
},
htlcswitch: add final htlc event to notifier
2022-08-29 13:28:17 +02:00
&FinalHtlcEvent{
CircuitKey: bobKey.IncomingCircuit,
Settled: true,
Offchain: true,
Timestamp: ts,
},
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
}
carolEvents := []interface{}{
&SettleEvent{
HtlcKey: HtlcKey{
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
IncomingCircuit: models.CircuitKey{
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
ChanID: channels.carolToBob.ShortChanID(),
HtlcID: htlcID,
},
OutgoingCircuit: zeroCircuit,
},
feature: expose preimage in forward+settle event Until now, clients of SubscribeHTLCEvents didn't have access to the settled preimage. The API allows to intercept forward event and to be updated on forward events however the forward+settle event does not include the payment preimage. This pr changes allows it.
2021-06-15 21:01:24 +02:00
Preimage: *preimage,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
HtlcEventType: HtlcEventTypeReceive,
Timestamp: ts,
htlcswitch: add final htlc event to notifier
2022-08-29 13:28:17 +02:00
}, &FinalHtlcEvent{
multi: create channeldb/models package Add a new subpackage to `lnd/channeldb` to hold some of the types that are used in the package itself and in other packages that should not depend on `channeldb`.
2022-11-18 12:15:22 +01:00
CircuitKey: models.CircuitKey{
htlcswitch: add final htlc event to notifier
2022-08-29 13:28:17 +02:00
ChanID: channels.carolToBob.ShortChanID(),
HtlcID: htlcID,
},
Settled: true,
Offchain: true,
Timestamp: ts,
htlcswitch: add htlc notifier test
2020-02-19 16:34:48 +01:00
},
}
return aliceEvents, bobEvents, carolEvents
}
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
type mockForwardInterceptor struct {
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
t *testing.T
interceptedChan chan InterceptedPacket
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
func (m *mockForwardInterceptor) InterceptForwardHtlc(
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
intercepted InterceptedPacket) error {
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
m.interceptedChan <- intercepted
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
return nil
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
}
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
func (m *mockForwardInterceptor) getIntercepted() InterceptedPacket {
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
m.t.Helper()
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
select {
case p := <-m.interceptedChan:
return p
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
case <-time.After(time.Second):
require.Fail(m.t, "timeout")
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
return InterceptedPacket{}
}
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
func assertNumCircuits(t *testing.T, s *Switch, pending, opened int) {
if s.circuits.NumPending() != pending {
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
t.Fatalf("wrong amount of half circuits, expected %v but "+
"got %v", pending, s.circuits.NumPending())
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
if s.circuits.NumOpen() != opened {
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
t.Fatalf("wrong amount of circuits, expected %v but got %v",
opened, s.circuits.NumOpen())
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
}
func assertOutgoingLinkReceive(t *testing.T, targetLink *mockChannelLink,
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
expectReceive bool) *htlcPacket {
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
// Pull packet from targetLink link.
select {
case packet := <-targetLink.packets:
if !expectReceive {
t.Fatal("forward was intercepted, shouldn't land at bob link")
} else if err := targetLink.completeCircuit(packet); err != nil {
t.Fatalf("unable to complete payment circuit: %v", err)
}
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
return packet
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
case <-time.After(time.Second):
if expectReceive {
t.Fatal("request was not propagated to destination")
}
}
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
return nil
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
func assertOutgoingLinkReceiveIntercepted(t *testing.T,
targetLink *mockChannelLink) {
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
t.Helper()
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
select {
case <-targetLink.packets:
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
}
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
type interceptableSwitchTestContext struct {
t *testing.T
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
preimage [sha256.Size]byte
rhash [32]byte
onionBlob [1366]byte
incomingHtlcID uint64
cltvRejectDelta uint32
cltvInterceptDelta uint32
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
forwardInterceptor *mockForwardInterceptor
aliceChannelLink *mockChannelLink
bobChannelLink *mockChannelLink
s *Switch
}
func newInterceptableSwitchTestContext(
t *testing.T) *interceptableSwitchTestContext {
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create alice server")
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to create bob server")
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
cdb, err := channeldb.Open(tempPath)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to open channeldb")
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "unable to init switch")
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
)
if err := s.AddLink(aliceChannelLink); err != nil {
t.Fatalf("unable to add alice link: %v", err)
}
if err := s.AddLink(bobChannelLink); err != nil {
t.Fatalf("unable to add bob link: %v", err)
}
preimage := [sha256.Size]byte{1}
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
ctx := &interceptableSwitchTestContext{
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
t: t,
preimage: preimage,
rhash: sha256.Sum256(preimage[:]),
onionBlob: [1366]byte{4, 5, 6},
incomingHtlcID: uint64(0),
cltvRejectDelta: 10,
cltvInterceptDelta: 13,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
forwardInterceptor: &mockForwardInterceptor{
t: t,
interceptedChan: make(chan InterceptedPacket),
},
aliceChannelLink: aliceChannelLink,
bobChannelLink: bobChannelLink,
s: s,
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
}
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
return ctx
}
func (c *interceptableSwitchTestContext) createTestPacket() *htlcPacket {
c.incomingHtlcID++
return &htlcPacket{
incomingChanID: c.aliceChannelLink.ShortChanID(),
incomingHTLCID: c.incomingHtlcID,
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
incomingTimeout: testStartingHeight + c.cltvInterceptDelta + 1,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
outgoingChanID: c.bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: c.rhash,
Amount: 1,
OnionBlob: c.onionBlob,
},
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
}
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
func (c *interceptableSwitchTestContext) finish() {
if err := c.s.Stop(); err != nil {
c.t.Fatalf(err.Error())
}
}
func (c *interceptableSwitchTestContext) createSettlePacket(
outgoingHTLCID uint64) *htlcPacket {
return &htlcPacket{
outgoingChanID: c.bobChannelLink.ShortChanID(),
outgoingHTLCID: outgoingHTLCID,
amount: 1,
htlc: &lnwire.UpdateFulfillHTLC{
PaymentPreimage: c.preimage,
},
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
}
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
}
func TestSwitchHoldForward(t *testing.T) {
t.Parallel()
c := newInterceptableSwitchTestContext(t)
defer c.finish()
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
notifier := &mock.ChainNotifier{
EpochChan: make(chan *chainntnfs.BlockEpoch, 1),
}
notifier.EpochChan <- &chainntnfs.BlockEpoch{Height: testStartingHeight}
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
switchForwardInterceptor, err := NewInterceptableSwitch(
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
&InterceptableSwitchConfig{
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
Switch: c.s,
CltvRejectDelta: c.cltvRejectDelta,
CltvInterceptDelta: c.cltvInterceptDelta,
Notifier: notifier,
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
},
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
)
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
require.NoError(t, err)
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
require.NoError(t, switchForwardInterceptor.Start())
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
switchForwardInterceptor.SetInterceptor(c.forwardInterceptor.InterceptForwardHtlc)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
linkQuit := make(chan struct{})
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
// Test a forward that expires too soon.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
packet := c.createTestPacket()
packet.incomingTimeout = testStartingHeight + c.cltvRejectDelta - 1
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
err = switchForwardInterceptor.ForwardPackets(linkQuit, false, packet)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "can't forward htlc packet")
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertOutgoingLinkReceiveIntercepted(t, c.aliceChannelLink)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
// Test a forward that expires too soon and can't be failed.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
packet = c.createTestPacket()
packet.incomingTimeout = testStartingHeight + c.cltvRejectDelta - 1
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
// Simulate an error during the composition of the failure message.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
currentCallback := c.s.cfg.FetchLastChannelUpdate
c.s.cfg.FetchLastChannelUpdate = func(
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
lnwire.ShortChannelID) (*lnwire.ChannelUpdate, error) {
return nil, errors.New("cannot fetch update")
}
err = switchForwardInterceptor.ForwardPackets(linkQuit, false, packet)
multi: move many t.Fatalf calls to require.NoError
2022-05-05 22:11:50 +02:00
require.NoError(t, err, "can't forward htlc packet")
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
receivedPkt := assertOutgoingLinkReceive(t, c.bobChannelLink, true)
assertNumCircuits(t, c.s, 1, 1)
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
require.NoError(t, switchForwardInterceptor.ForwardPackets(
linkQuit, false,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.createSettlePacket(receivedPkt.outgoingHTLCID),
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.s.cfg.FetchLastChannelUpdate = currentCallback
htlcswitch: interceptor expiry check
2022-01-28 12:56:17 +01:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// Test resume a hold forward.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
err = switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, err)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
Action: FwdActionResume,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Key: c.forwardInterceptor.getIntercepted().IncomingCircuit,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
}))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
receivedPkt = assertOutgoingLinkReceive(t, c.bobChannelLink, true)
assertNumCircuits(t, c.s, 1, 1)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
// settling the htlc to close the circuit.
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
err = switchForwardInterceptor.ForwardPackets(
linkQuit, false,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.createSettlePacket(receivedPkt.outgoingHTLCID),
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, err)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// Test resume a hold forward after disconnection.
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
))
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// Wait until the packet is offered to the interceptor.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
_ = c.forwardInterceptor.getIntercepted()
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// No forward expected yet.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// Disconnect should resume the forwarding.
switchForwardInterceptor.SetInterceptor(nil)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
receivedPkt = assertOutgoingLinkReceive(t, c.bobChannelLink, true)
assertNumCircuits(t, c.s, 1, 1)
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
// Settle the htlc to close the circuit.
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.ForwardPackets(
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
linkQuit, false,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.createSettlePacket(receivedPkt.outgoingHTLCID),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
))
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
// Test failing a hold forward
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
switchForwardInterceptor.SetInterceptor(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.forwardInterceptor.InterceptForwardHtlc,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
Action: FwdActionFail,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Key: c.forwardInterceptor.getIntercepted().IncomingCircuit,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
FailureCode: lnwire.CodeTemporaryChannelFailure,
}))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
// Test failing a hold forward with a failure message.
require.NoError(t,
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
),
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
reason := lnwire.OpaqueReason([]byte{1, 2, 3})
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
Action: FwdActionFail,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Key: c.forwardInterceptor.getIntercepted().IncomingCircuit,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
FailureMessage: reason,
}))
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
packet = assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
require.Equal(t, reason, packet.htlc.(*lnwire.UpdateFailHTLC).Reason)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
// Test failing a hold forward with a malformed htlc failure.
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
err = switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch/test: isolate test packets Decouple the tests somewhat and fix a bug along the way where the test passed because of a left-over package from a prior test.
2022-03-23 15:25:02 +01:00
)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
require.NoError(t, err)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
code := lnwire.CodeInvalidOnionKey
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
Action: FwdActionFail,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Key: c.forwardInterceptor.getIntercepted().IncomingCircuit,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
FailureCode: code,
}))
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
packet = assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
failPacket := packet.htlc.(*lnwire.UpdateFailHTLC)
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
shaOnionBlob := sha256.Sum256(c.onionBlob[:])
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
expectedFailure := &lnwire.FailInvalidOnionKey{
OnionSHA256: shaOnionBlob,
}
htlcswitch/test: more realistic mock encryption This mock is used in the switch test TestUpdateFailMalformedHTLCErrorConversion. But because the mock isn't very realistic, it doesn't detect problems in the handling of malformed failures in the link.
2022-10-14 11:03:31 +02:00
fwdErr, err := newMockDeobfuscator().DecryptError(failPacket.Reason)
require.NoError(t, err)
require.Equal(t, expectedFailure, fwdErr.WireMessage())
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: accept failure reason for intercepted htlcs
2022-01-18 15:17:05 +01:00
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
// Test settling a hold forward
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertNumCircuits(t, c.s, 0, 0)
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Key: c.forwardInterceptor.getIntercepted().IncomingCircuit,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
Action: FwdActionSettle,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Preimage: c.preimage,
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
}))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
routerrpc+htlcswitch: move intercepted htlc tracking to switch In this commit we move the tracking of the outstanding intercepted htlcs to InterceptableSwitch. This is a preparation for making the htlc interceptor required. Required interception involves tracking outstanding htlcs across multiple grpc client sessions. The per-session routerrpc forwardInterceptor object is therefore no longer the best place for that.
2022-02-07 08:53:10 +01:00
require.NoError(t, switchForwardInterceptor.Stop())
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
// Test always-on interception.
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
notifier = &mock.ChainNotifier{
EpochChan: make(chan *chainntnfs.BlockEpoch, 1),
}
notifier.EpochChan <- &chainntnfs.BlockEpoch{Height: testStartingHeight}
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
switchForwardInterceptor, err = NewInterceptableSwitch(
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
&InterceptableSwitchConfig{
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Switch: c.s,
CltvRejectDelta: c.cltvRejectDelta,
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
CltvInterceptDelta: c.cltvInterceptDelta,
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
RequireInterceptor: true,
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
Notifier: notifier,
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
},
)
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
require.NoError(t, err)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.Start())
// Forward a fresh packet. It is expected to be failed immediately,
// because there is no interceptor registered.
require.NoError(t, switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, false, c.createTestPacket(),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
// Forward a replayed packet. It is expected to be held until the
// interceptor connects. To continue the test, it needs to be ran in a
// goroutine.
errChan := make(chan error)
go func() {
errChan <- switchForwardInterceptor.ForwardPackets(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
linkQuit, true, c.createTestPacket(),
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
)
}()
// Assert that nothing is forward to the switch.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
// Register an interceptor.
switchForwardInterceptor.SetInterceptor(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.forwardInterceptor.InterceptForwardHtlc,
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
)
// Expect the ForwardPackets call to unblock.
require.NoError(t, <-errChan)
// Now expect the queued packet to come through.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.forwardInterceptor.getIntercepted()
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
// Disconnect and reconnect interceptor.
switchForwardInterceptor.SetInterceptor(nil)
switchForwardInterceptor.SetInterceptor(
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
c.forwardInterceptor.InterceptForwardHtlc,
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
)
// A replay of the held packet is expected.
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
intercepted := c.forwardInterceptor.getIntercepted()
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
// Settle the packet.
switch+test: fix race condition in unit test
2022-03-22 12:40:08 +01:00
require.NoError(t, switchForwardInterceptor.Resolve(&FwdResolution{
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
Key: intercepted.IncomingCircuit,
Action: FwdActionSettle,
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
Preimage: c.preimage,
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
}))
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
assertOutgoingLinkReceive(t, c.bobChannelLink, false)
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
assertNumCircuits(t, c.s, 0, 0)
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.NoError(t, switchForwardInterceptor.Stop())
select {
htlcswitch/test: create interceptableSwitchTestContext Refactor to prepare for adding more tests.
2022-08-16 14:04:22 +02:00
case <-c.forwardInterceptor.interceptedChan:
htlcswitch: add an always on mode to interceptable switch Co-authored-by: Juan Pablo Civile <elementohb@gmail.com>
2022-02-03 15:34:25 +01:00
require.Fail(t, "unexpected interception")
default:
}
htlcswitch: introducing interceptable switch. In this commit we implement a wrapper arround the switch, called InterceptableSwitch. This kind of wrapper behaves like a proxy which intercepts forwarded packets and allows an external interceptor to signal if it is interested to hold this forward and resolve it manually later or let the switch execute its default behavior. This infrastructure allows the RPC layer to expose interceptor registration API to the user and by that enable the implementation of custom routing behavior.
2020-05-19 11:56:58 +02:00
}
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
func TestInterceptableSwitchWatchDog(t *testing.T) {
t.Parallel()
c := newInterceptableSwitchTestContext(t)
defer c.finish()
// Start interceptable switch.
notifier := &mock.ChainNotifier{
EpochChan: make(chan *chainntnfs.BlockEpoch, 1),
}
notifier.EpochChan <- &chainntnfs.BlockEpoch{Height: testStartingHeight}
switchForwardInterceptor, err := NewInterceptableSwitch(
&InterceptableSwitchConfig{
Switch: c.s,
CltvRejectDelta: c.cltvRejectDelta,
CltvInterceptDelta: c.cltvInterceptDelta,
Notifier: notifier,
},
)
require.NoError(t, err)
require.NoError(t, switchForwardInterceptor.Start())
// Set interceptor.
switchForwardInterceptor.SetInterceptor(
c.forwardInterceptor.InterceptForwardHtlc,
)
// Receive a packet.
linkQuit := make(chan struct{})
packet := c.createTestPacket()
err = switchForwardInterceptor.ForwardPackets(linkQuit, false, packet)
require.NoError(t, err, "can't forward htlc packet")
// Intercept the packet.
intercepted := c.forwardInterceptor.getIntercepted()
require.Equal(t,
int32(packet.incomingTimeout-c.cltvRejectDelta),
intercepted.AutoFailHeight,
)
// Htlc expires before a resolution from the interceptor.
notifier.EpochChan <- &chainntnfs.BlockEpoch{
Height: int32(packet.incomingTimeout) -
int32(c.cltvRejectDelta),
}
// Expect the htlc to be failed back.
assertOutgoingLinkReceive(t, c.aliceChannelLink, true)
// It is too late now to resolve. Expect an error.
require.Error(t, switchForwardInterceptor.Resolve(&FwdResolution{
Action: FwdActionSettle,
Key: intercepted.IncomingCircuit,
Preimage: c.preimage,
}))
}
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// TestSwitchDustForwarding tests that the switch properly fails HTLC's which
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// have incoming or outgoing links that breach their fee thresholds.
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
func TestSwitchDustForwarding(t *testing.T) {
t.Parallel()
// We'll create a three-hop network:
// - Alice has a dust limit of 200sats with Bob
// - Bob has a dust limit of 800sats with Alice
// - Bob has a dust limit of 200sats with Carol
// - Carol has a dust limit of 800sats with Bob
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
channels, _, err := createClusterChannels(
t, btcutil.SatoshiPerBitcoin, btcutil.SatoshiPerBitcoin,
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
require.NoError(t, err)
n := newThreeHopNetwork(
t, channels.aliceToBob, channels.bobToAlice,
channels.bobToCarol, channels.carolToBob, testStartingHeight,
)
err = n.start()
require.NoError(t, err)
// We'll also put Alice and Bob into hodl.ExitSettle mode, such that
// they won't settle incoming exit-hop HTLC's automatically.
n.aliceChannelLink.cfg.HodlMask = hodl.ExitSettle.Mask()
n.firstBobChannelLink.cfg.HodlMask = hodl.ExitSettle.Mask()
// We'll test that once the default threshold is exceeded on the
// Alice -> Bob channel, either side's calls to SendHTLC will fail.
//
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Alice will send 354 HTLC's of 700sats. Bob will also send 354 HTLC's
// of 700sats.
numHTLCs := 354
aliceAttemptID, bobAttemptID := numHTLCs, numHTLCs
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
amt := lnwire.NewMSatFromSatoshis(700)
aliceBobFirstHop := n.aliceChannelLink.ShortChanID()
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
sendDustHtlcs(t, n, true, amt, aliceBobFirstHop, numHTLCs)
sendDustHtlcs(t, n, false, amt, aliceBobFirstHop, numHTLCs)
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// Generate the parameters needed for Bob to send another dust HTLC.
_, timelock, hops := generateHops(
amt, testStartingHeight, n.aliceChannelLink,
)
blob, err := generateRoute(hops...)
require.NoError(t, err)
// Assert that if Bob sends a dust HTLC it will fail.
failingPreimage := lntypes.Preimage{0, 0, 3}
failingHash := failingPreimage.Hash()
failingHtlc := &lnwire.UpdateAddHTLC{
PaymentHash: failingHash,
Amount: amt,
Expiry: timelock,
OnionBlob: blob,
}
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
checkAlmostDust := func(link *channelLink, mbox MailBox,
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
whoseCommit lntypes.ChannelParty) bool {
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
timeout := time.After(15 * time.Second)
pollInterval := 300 * time.Millisecond
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
expectedDust := 354 * 2 * amt
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
for {
<-time.After(pollInterval)
select {
case <-timeout:
return false
default:
}
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
linkDust := link.getDustSum(
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
whoseCommit, fn.None[chainfee.SatPerKWeight](),
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
)
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
localMailDust, remoteMailDust := mbox.DustPackets()
totalDust := linkDust
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
if whoseCommit.IsRemote() {
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
totalDust += remoteMailDust
} else {
totalDust += localMailDust
}
if totalDust == expectedDust {
break
}
}
return true
}
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Wait until Bob is almost at the fee threshold.
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
bobMbox := n.bobServer.htlcSwitch.mailOrchestrator.GetOrCreateMailBox(
n.firstBobChannelLink.ChanID(),
n.firstBobChannelLink.ShortChanID(),
)
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
require.True(
t, checkAlmostDust(
n.firstBobChannelLink, bobMbox, lntypes.Local,
),
)
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Sending one more HTLC should fail. SendHTLC won't error, but the
// HTLC should be failed backwards.
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
err = n.bobServer.htlcSwitch.SendHTLC(
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
aliceBobFirstHop, uint64(bobAttemptID), failingHtlc,
)
require.Nil(t, err)
// Use the network result store to ensure the HTLC was failed
// backwards.
bobResultChan, err := n.bobServer.htlcSwitch.GetAttemptResult(
uint64(bobAttemptID), failingHash, newMockDeobfuscator(),
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
require.NoError(t, err)
result, ok := <-bobResultChan
require.True(t, ok)
assertFailureCode(
t, result.Error, lnwire.CodeTemporaryChannelFailure,
)
bobAttemptID++
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// Generate the parameters needed for bob to send a non-dust HTLC.
nondustAmt := lnwire.NewMSatFromSatoshis(10_000)
_, _, hops = generateHops(
nondustAmt, testStartingHeight, n.aliceChannelLink,
)
blob, err = generateRoute(hops...)
require.NoError(t, err)
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Now attempt to send an HTLC above Bob's dust limit. Even though this
// is not a dust HTLC, it should fail because the increase in weight
// pushes us over the threshold.
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
nondustPreimage := lntypes.Preimage{0, 0, 4}
nondustHash := nondustPreimage.Hash()
nondustHtlc := &lnwire.UpdateAddHTLC{
PaymentHash: nondustHash,
Amount: nondustAmt,
Expiry: timelock,
OnionBlob: blob,
}
err = n.bobServer.htlcSwitch.SendHTLC(
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
aliceBobFirstHop, uint64(bobAttemptID), nondustHtlc,
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
require.NoError(t, err)
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
require.True(t, checkAlmostDust(
n.firstBobChannelLink, bobMbox, lntypes.Local,
))
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Check that the HTLC failed.
bobResultChan, err = n.bobServer.htlcSwitch.GetAttemptResult(
uint64(bobAttemptID), nondustHash, newMockDeobfuscator(),
)
require.NoError(t, err)
result, ok = <-bobResultChan
require.True(t, ok)
assertFailureCode(
t, result.Error, lnwire.CodeTemporaryChannelFailure,
)
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// Introduce Carol into the mix and assert that sending a multi-hop
// dust HTLC to Alice will fail. Bob should fail back the HTLC with a
// temporary channel failure.
carolAmt, carolTimelock, carolHops := generateHops(
amt, testStartingHeight, n.secondBobChannelLink,
n.aliceChannelLink,
)
carolBlob, err := generateRoute(carolHops...)
require.NoError(t, err)
carolPreimage := lntypes.Preimage{0, 0, 5}
carolHash := carolPreimage.Hash()
carolHtlc := &lnwire.UpdateAddHTLC{
PaymentHash: carolHash,
Amount: carolAmt,
Expiry: carolTimelock,
OnionBlob: carolBlob,
}
// Initialize Carol's attempt ID.
carolAttemptID := 0
err = n.carolServer.htlcSwitch.SendHTLC(
n.carolChannelLink.ShortChanID(), uint64(carolAttemptID),
carolHtlc,
)
require.NoError(t, err)
htlcswitch+routing: rename `GetPaymentResult` to `GetAttemptResult` This commit renames the method `GetPaymentResult` to be `GetAttemptResult` to avoid potential confusion and to address the one-to-many relationship between a payment and its attempts.
2022-06-09 18:59:31 +02:00
carolResultChan, err := n.carolServer.htlcSwitch.GetAttemptResult(
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
uint64(carolAttemptID), carolHash, newMockDeobfuscator(),
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
require.NoError(t, err)
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
result, ok = <-carolResultChan
htlcswitch: remove 5 second timeout for data race unit tests
2021-10-05 21:36:24 +02:00
require.True(t, ok)
assertFailureCode(
t, result.Error, lnwire.CodeTemporaryChannelFailure,
)
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Send an HTLC from Alice to Carol and assert that it gets failed.
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
htlcAmt, totalTimelock, aliceHops := generateHops(
amt, testStartingHeight, n.firstBobChannelLink,
n.carolChannelLink,
)
blob, err = generateRoute(aliceHops...)
require.NoError(t, err)
aliceMultihopPreimage := lntypes.Preimage{0, 0, 6}
aliceMultihopHash := aliceMultihopPreimage.Hash()
aliceMultihopHtlc := &lnwire.UpdateAddHTLC{
PaymentHash: aliceMultihopHash,
Amount: htlcAmt,
Expiry: totalTimelock,
OnionBlob: blob,
}
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
// Wait until Alice's expected dust for the remote commitment is just
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// under the fee threshold.
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
aliceOrch := n.aliceServer.htlcSwitch.mailOrchestrator
aliceMbox := aliceOrch.GetOrCreateMailBox(
n.aliceChannelLink.ChanID(), n.aliceChannelLink.ShortChanID(),
)
htlcswitch: refactor dust handling to use ChannelParty
2024-07-31 02:05:04 +02:00
require.True(
t, checkAlmostDust(
n.aliceChannelLink, aliceMbox, lntypes.Remote,
),
)
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
err = n.aliceServer.htlcSwitch.SendHTLC(
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
n.aliceChannelLink.ShortChanID(), uint64(aliceAttemptID),
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
aliceMultihopHtlc,
)
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
require.Nil(t, err)
aliceResultChan, err := n.aliceServer.htlcSwitch.GetAttemptResult(
uint64(aliceAttemptID), aliceMultihopHash,
newMockDeobfuscator(),
)
require.NoError(t, err)
result, ok = <-aliceResultChan
require.True(t, ok)
assertFailureCode(
t, result.Error, lnwire.CodeTemporaryChannelFailure,
)
// Check that there are numHTLCs circuits open for both Alice and Bob.
require.Equal(t, numHTLCs, n.aliceServer.htlcSwitch.circuits.NumOpen())
require.Equal(t, numHTLCs, n.bobServer.htlcSwitch.circuits.NumOpen())
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
}
// sendDustHtlcs is a helper function used to send many dust HTLC's to test the
// Switch's dust-threshold logic. It takes a boolean denoting whether or not
// Alice is the sender.
func sendDustHtlcs(t *testing.T, n *threeHopNetwork, alice bool,
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
amt lnwire.MilliSatoshi, sid lnwire.ShortChannelID, numHTLCs int) {
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
t.Helper()
// Extract the destination into a variable. If alice is the sender, the
// destination is Bob.
destLink := n.aliceChannelLink
if alice {
destLink = n.firstBobChannelLink
}
// Create hops that will be used in the onion payload.
htlcAmt, totalTimelock, hops := generateHops(
amt, testStartingHeight, destLink,
)
// Convert the hops to a blob that will be put in the Add message.
blob, err := generateRoute(hops...)
require.NoError(t, err)
// Create a slice to store the preimages.
preimages := make([]lntypes.Preimage, numHTLCs)
// Initialize the attempt ID used in SendHTLC calls.
attemptID := uint64(0)
// Deterministically generate preimages. Avoid the all-zeroes preimage
// because that will be rejected by the database. We'll use a different
// third byte for Alice and Bob.
endByte := byte(2)
if alice {
endByte = byte(3)
}
for i := 0; i < numHTLCs; i++ {
preimages[i] = lntypes.Preimage{byte(i >> 8), byte(i), endByte}
}
sendingSwitch := n.bobServer.htlcSwitch
if alice {
sendingSwitch = n.aliceServer.htlcSwitch
}
// Call SendHTLC in a loop for numHTLCs.
for i := 0; i < numHTLCs; i++ {
// Construct the htlc packet.
hash := preimages[i].Hash()
htlc := &lnwire.UpdateAddHTLC{
PaymentHash: hash,
Amount: htlcAmt,
Expiry: totalTimelock,
OnionBlob: blob,
}
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
for {
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// It may be the case that the fee threshold is hit
// before all numHTLCs*2 HTLC's are sent due to double
htlcswitch: remove synchronous link handoff, special-case keystone err This allows Switch-initiated payments to be failed back if they don't make it into a commitment. Prior to this commit, a Switch-initiated HTLC could get "lost" meaning the circuit wouldn't get deleted except if conditions were "right" and the network result store would never be made aware of the HTLC's fate. Switch-initiated HTLC's are now passed to the link's mailbox to ensure they can be failed back. This change also special-cases the ErrDuplicateKeystone error from OpenCircuits(...) so that callers of updateCommitTx() in the link don't send an Error to the peer if they encounter the keystone error. With the first async change, the keystone error should now always be recoverable.
2022-05-09 20:33:45 +02:00
// counting. Get around this by continuing to send
// until successful.
err = sendingSwitch.SendHTLC(sid, attemptID, htlc)
if err == nil {
break
}
}
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
attemptID++
}
}
// TestSwitchMailboxDust tests that the switch takes into account the mailbox
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// dust when evaluating the fee threshold. The mockChannelLink does not have
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// channel state, so this only tests the switch-mailbox interaction.
func TestSwitchMailboxDust(t *testing.T) {
t.Parallel()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
carolPeer, err := newMockServer(
t, "carol", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() {
_ = s.Stop()
}()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
chanID3, carolChanID := genID()
aliceLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
err = s.AddLink(aliceLink)
require.NoError(t, err)
bobLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
err = s.AddLink(bobLink)
require.NoError(t, err)
carolLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID3, carolChanID, emptyScid, carolPeer, true, false,
false, false,
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
)
err = s.AddLink(carolLink)
require.NoError(t, err)
// mockChannelLink sets the local and remote dust limits of the mailbox
// to 400 satoshis and the feerate to 0. We'll fill the mailbox up with
// dust packets and assert that calls to SendHTLC will fail.
preimage, err := genPreimage()
require.NoError(t, err)
rhash := sha256.Sum256(preimage[:])
amt := lnwire.NewMSatFromSatoshis(350)
addMsg := &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: amt,
ChanID: chanID1,
}
// Initialize the carolHTLCID.
var carolHTLCID uint64
// It will take aliceCount HTLC's of 350sats to fill up Alice's mailbox
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// to the point where another would put Alice over the fee threshold.
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
aliceCount := 1428
mailbox := s.mailOrchestrator.GetOrCreateMailBox(chanID1, aliceChanID)
for i := 0; i < aliceCount; i++ {
alicePkt := &htlcPacket{
incomingChanID: carolChanID,
incomingHTLCID: carolHTLCID,
outgoingChanID: aliceChanID,
obfuscator: NewMockObfuscator(),
incomingAmount: amt,
amount: amt,
htlc: addMsg,
}
err = mailbox.AddPacket(alicePkt)
require.NoError(t, err)
carolHTLCID++
}
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
// Sending one more HTLC to Alice should result in the fee threshold
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// being breached.
err = s.SendHTLC(aliceChanID, 0, addMsg)
htlcswitch+lnwallet: calculate fee exposure as commit fees + dust This commit expands the definition of the dust limit to take into account commitment fees as well as dust HTLCs. The dust limit is now known as a fee exposure threshold. Dust HTLCs are fees anyways so it makes sense to account for commitment fees as well. The link has been modified slightly to calculate dust. In the future, the switch dust calculations can be removed.
2024-06-03 18:43:33 +02:00
require.ErrorIs(t, err, errFeeExposureExceeded)
htlcswitch: call evaluateDustThreshold in SendHTLC, handlePacketForward This commit makes SendHTLC (we are the source) evaluate the dust threshold of the outgoing channel against the default threshold of 500K satoshis. If the threshold is exceeded by adding this HTLC, we fail backwards. It also makes handlePacketForward (we are forwarding) evaluate the dust threshold of the incoming channel and the outgoing channel and fails backwards if either channel's dust sum exceeds the default threshold.
2021-09-28 17:46:13 +02:00
// We'll now call ForwardPackets from Bob to ensure that the mailbox
// sum is also accounted for in the forwarding case.
packet := &htlcPacket{
incomingChanID: bobChanID,
incomingHTLCID: 0,
outgoingChanID: aliceChanID,
obfuscator: NewMockObfuscator(),
incomingAmount: amt,
amount: amt,
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: amt,
ChanID: chanID1,
},
}
err = s.ForwardPackets(nil, packet)
require.NoError(t, err)
// Bob should receive a failure from the switch.
select {
case p := <-bobLink.packets:
require.NotEmpty(t, p.linkFailure)
assertFailureCode(
t, p.linkFailure, lnwire.CodeTemporaryChannelFailure,
)
case <-time.After(5 * time.Second):
t.Fatal("no timely reply from switch")
}
}
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
// TestSwitchResolution checks the ability of the switch to persist and handle
// resolution messages.
func TestSwitchResolution(t *testing.T) {
t.Parallel()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
// Even though we intend to Stop s later in the test, it is safe to
// defer this Stop since its execution it is protected by an atomic
// guard, guaranteeing it executes at most once.
t.Cleanup(func() { var _ = s.Stop() })
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
err = s.Start()
require.NoError(t, err)
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
aliceChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID1, aliceChanID, emptyScid, alicePeer, true, false,
false, false,
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
)
bobChannelLink := newMockChannelLink(
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
htlcswitch+lntest: modify Switch to persist resolution messages Include unit tests for the Switch, and integration tests that exercise the persistence logic.
2022-02-11 19:38:49 +01:00
)
err = s.AddLink(aliceChannelLink)
require.NoError(t, err)
err = s.AddLink(bobChannelLink)
require.NoError(t, err)
// Create an add htlcPacket that Alice will send to Bob.
preimage, err := genPreimage()
require.NoError(t, err)
rhash := sha256.Sum256(preimage[:])
packet := &htlcPacket{
incomingChanID: aliceChannelLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobChannelLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
err = s.ForwardPackets(nil, packet)
require.NoError(t, err)
// Bob will receive the packet and open the circuit.
select {
case <-bobChannelLink.packets:
err = bobChannelLink.completeCircuit(packet)
require.NoError(t, err)
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Check that only one circuit is open.
require.Equal(t, 1, s.circuits.NumOpen())
// We'll send a settle resolution to Switch that should go to Alice.
settleResMsg := contractcourt.ResolutionMsg{
SourceChan: bobChanID,
HtlcIndex: 0,
PreImage: &preimage,
}
// Before the resolution is sent, remove alice's link so we can assert
// that the resolution is actually stored. Otherwise, it would be
// deleted shortly after being sent.
s.RemoveLink(chanID1)
// Send the resolution message.
err = s.ProcessContractResolution(settleResMsg)
require.NoError(t, err)
// Assert that the resolution store contains the settle reoslution.
resMsgs, err := s.resMsgStore.fetchAllResolutionMsg()
require.NoError(t, err)
require.Equal(t, 1, len(resMsgs))
require.Equal(t, settleResMsg.SourceChan, resMsgs[0].SourceChan)
require.Equal(t, settleResMsg.HtlcIndex, resMsgs[0].HtlcIndex)
require.Nil(t, resMsgs[0].Failure)
require.Equal(t, preimage, *resMsgs[0].PreImage)
// Now we'll restart Alice's link and delete the circuit.
err = s.AddLink(aliceChannelLink)
require.NoError(t, err)
// Alice will receive the packet and open the circuit.
select {
case alicePkt := <-aliceChannelLink.packets:
err = aliceChannelLink.completeCircuit(alicePkt)
require.NoError(t, err)
case <-time.After(time.Second):
t.Fatal("request was not propagated to destination")
}
// Assert that there are no more circuits.
require.Equal(t, 0, s.circuits.NumOpen())
// We'll restart the Switch and assert that Alice does not receive
// another packet.
switchDB := s.cfg.DB.(*channeldb.DB)
err = s.Stop()
require.NoError(t, err)
s, err = initSwitchWithDB(testStartingHeight, switchDB)
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() {
_ = s.Stop()
}()
err = s.AddLink(aliceChannelLink)
require.NoError(t, err)
err = s.AddLink(bobChannelLink)
require.NoError(t, err)
// Alice should not receive a packet since the Switch should have
// deleted the resolution message since the circuit was closed.
select {
case alicePkt := <-aliceChannelLink.packets:
t.Fatalf("received erroneous packet: %v", alicePkt)
case <-time.After(time.Second * 5):
}
// Check that the resolution message no longer exists in the store.
resMsgs, err = s.resMsgStore.fetchAllResolutionMsg()
require.NoError(t, err)
require.Equal(t, 0, len(resMsgs))
}
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
// TestSwitchForwardFailAlias tests that if ForwardPackets returns a failure
// before actually forwarding, the ChannelUpdate uses the SCID from the
// incoming channel and does not leak private information like the UTXO.
func TestSwitchForwardFailAlias(t *testing.T) {
tests := []struct {
name string
// Whether or not Alice will be a zero-conf channel or an
// option-scid-alias channel (feature-bit).
zeroConf bool
}{
{
name: "option-scid-alias forwarding failure",
zeroConf: false,
},
{
name: "zero-conf forwarding failure",
zeroConf: true,
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testSwitchForwardFailAlias(t, test.zeroConf)
})
}
}
func testSwitchForwardFailAlias(t *testing.T, zeroConf bool) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
cdb, err := channeldb.Open(tempPath)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
// Make Alice's channel zero-conf or option-scid-alias (feature bit).
aliceAlias := lnwire.ShortChannelID{
BlockHeight: 16_000_000,
TxIndex: 5,
TxPosition: 5,
}
var aliceLink *mockChannelLink
if zeroConf {
aliceLink = newMockChannelLink(
s, chanID1, aliceAlias, aliceChanID, alicePeer, true,
true, true, false,
)
} else {
aliceLink = newMockChannelLink(
s, chanID1, aliceChanID, emptyScid, alicePeer, true,
true, false, true,
)
aliceLink.addAlias(aliceAlias)
}
err = s.AddLink(aliceLink)
require.NoError(t, err)
bobLink := newMockChannelLink(
s, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
)
err = s.AddLink(bobLink)
require.NoError(t, err)
// Create a packet that will be sent from Alice to Bob via the switch.
preimage := [sha256.Size]byte{1}
rhash := sha256.Sum256(preimage[:])
ogPacket := &htlcPacket{
incomingChanID: aliceLink.ShortChanID(),
incomingHTLCID: 0,
outgoingChanID: bobLink.ShortChanID(),
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Forward the packet and check that Bob's channel link received it.
err = s.ForwardPackets(nil, ogPacket)
require.NoError(t, err)
// Assert that the circuits are in the expected state.
require.Equal(t, 1, s.circuits.NumPending())
require.Equal(t, 0, s.circuits.NumOpen())
// Pull packet from Bob's link, and do nothing with it.
select {
case <-bobLink.packets:
case <-s.quit:
t.Fatal("switch shutting down, failed to forward packet")
}
// Now we will restart the Switch to trigger the LoadedFromDisk logic.
err = s.Stop()
require.NoError(t, err)
err = cdb.Close()
require.NoError(t, err)
cdb2, err := channeldb.Open(tempPath)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb2.Close() })
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s2, err := initSwitchWithDB(testStartingHeight, cdb2)
require.NoError(t, err)
err = s2.Start()
require.NoError(t, err)
defer func() {
_ = s2.Stop()
}()
var aliceLink2 *mockChannelLink
if zeroConf {
aliceLink2 = newMockChannelLink(
s2, chanID1, aliceAlias, aliceChanID, alicePeer, true,
true, true, false,
)
} else {
aliceLink2 = newMockChannelLink(
s2, chanID1, aliceChanID, emptyScid, alicePeer, true,
true, false, true,
)
aliceLink2.addAlias(aliceAlias)
}
err = s2.AddLink(aliceLink2)
require.NoError(t, err)
bobLink2 := newMockChannelLink(
s2, chanID2, bobChanID, emptyScid, bobPeer, true, false, false,
false,
)
err = s2.AddLink(bobLink2)
require.NoError(t, err)
// Reforward the ogPacket and wait for Alice to receive a failure
// packet.
err = s2.ForwardPackets(nil, ogPacket)
require.NoError(t, err)
select {
case failPacket := <-aliceLink2.packets:
// Assert that the failPacket does not leak UTXO information.
// This means checking that aliceChanID was not returned.
msg := failPacket.linkFailure.msg
failMsg, ok := msg.(*lnwire.FailTemporaryChannelFailure)
require.True(t, ok)
require.Equal(t, aliceAlias, failMsg.Update.ShortChannelID)
case <-s2.quit:
t.Fatal("switch shutting down, failed to forward packet")
}
}
// TestSwitchAliasFailAdd tests that the mailbox does not leak UTXO information
// when failing back an HTLC due to the 5-second timeout. This is tested in the
// switch rather than the mailbox because the mailbox tests do not have the
// proper context (e.g. the Switch's failAliasUpdate function). The caveat here
// is that if the private UTXO is already known, it is fine to send a failure
// back. This tests option-scid-alias (feature-bit) and zero-conf channels.
func TestSwitchAliasFailAdd(t *testing.T) {
tests := []struct {
name string
// Denotes whether the opened channel will be zero-conf.
zeroConf bool
// Denotes whether the opened channel will be private.
private bool
// Denotes whether an alias was used during forwarding.
useAlias bool
}{
{
name: "public zero-conf using alias",
zeroConf: true,
private: false,
useAlias: true,
},
{
name: "public zero-conf using real",
zeroConf: true,
private: false,
useAlias: true,
},
{
name: "private zero-conf using alias",
zeroConf: true,
private: true,
useAlias: true,
},
{
name: "public option-scid-alias using alias",
zeroConf: false,
private: false,
useAlias: true,
},
{
name: "public option-scid-alias using real",
zeroConf: false,
private: false,
useAlias: false,
},
{
name: "private option-scid-alias using alias",
zeroConf: false,
private: true,
useAlias: true,
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testSwitchAliasFailAdd(
t, test.zeroConf, test.private, test.useAlias,
)
})
}
}
func testSwitchAliasFailAdd(t *testing.T, zeroConf, private, useAlias bool) {
t.Parallel()
chanID1, chanID2, aliceChanID, bobChanID := genIDs()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
cdb, err := channeldb.Open(tempPath)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
defer cdb.Close()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
require.NoError(t, err)
// Change the mailOrchestrator's expiry to a second.
s.mailOrchestrator.cfg.expiry = time.Second
err = s.Start()
require.NoError(t, err)
defer func() {
_ = s.Stop()
}()
// Make Alice's channel zero-conf or option-scid-alias (feature bit).
aliceAlias := lnwire.ShortChannelID{
BlockHeight: 16_000_000,
TxIndex: 5,
TxPosition: 5,
}
aliceAlias2 := aliceAlias
aliceAlias2.TxPosition = 6
var aliceLink *mockChannelLink
if zeroConf {
aliceLink = newMockChannelLink(
s, chanID1, aliceAlias, aliceChanID, alicePeer, true,
private, true, false,
)
aliceLink.addAlias(aliceAlias2)
} else {
aliceLink = newMockChannelLink(
s, chanID1, aliceChanID, emptyScid, alicePeer, true,
private, false, true,
)
aliceLink.addAlias(aliceAlias)
aliceLink.addAlias(aliceAlias2)
}
err = s.AddLink(aliceLink)
require.NoError(t, err)
bobLink := newMockChannelLink(
s, chanID2, bobChanID, emptyScid, bobPeer, true, true, false,
false,
)
err = s.AddLink(bobLink)
require.NoError(t, err)
// Create a packet that Bob will send to Alice via ForwardPackets.
preimage := [sha256.Size]byte{1}
rhash := sha256.Sum256(preimage[:])
ogPacket := &htlcPacket{
incomingChanID: bobLink.ShortChanID(),
incomingHTLCID: 0,
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Determine which outgoingChanID to set based on the useAlias boolean.
outgoingChanID := aliceChanID
if useAlias {
// Choose randomly from the 2 possible aliases.
aliases := aliceLink.getAliases()
idx := mrand.Intn(len(aliases))
outgoingChanID = aliases[idx]
}
ogPacket.outgoingChanID = outgoingChanID
// Forward the packet so Alice's mailbox fails it backwards.
err = s.ForwardPackets(nil, ogPacket)
require.NoError(t, err)
// Assert that the circuits are in the expected state.
require.Equal(t, 1, s.circuits.NumPending())
require.Equal(t, 0, s.circuits.NumOpen())
// Wait to receive the packet from Bob's mailbox.
select {
case failPacket := <-bobLink.packets:
// Assert that failPacket returns the expected SCID in the
// ChannelUpdate.
msg := failPacket.linkFailure.msg
failMsg, ok := msg.(*lnwire.FailTemporaryChannelFailure)
require.True(t, ok)
require.Equal(t, outgoingChanID, failMsg.Update.ShortChannelID)
case <-s.quit:
t.Fatal("switch shutting down, failed to receive fail packet")
}
}
// TestSwitchHandlePacketForwardAlias checks that handlePacketForward (which
// calls CheckHtlcForward) does not leak the UTXO in a failure message for
// alias channels. This test requires us to have a REAL link, which we also
// must modify in order to test it properly (e.g. making it a private channel).
// This doesn't lead to good code, but short of refactoring the link-generation
// code there is not a good alternative.
func TestSwitchHandlePacketForward(t *testing.T) {
tests := []struct {
name string
// Denotes whether or not the channel will be zero-conf.
zeroConf bool
// Denotes whether or not the channel will have negotiated the
// option-scid-alias feature-bit and is not zero-conf.
optionFeature bool
// Denotes whether or not the channel will be private.
private bool
// Denotes whether or not the alias will be used for
// forwarding.
useAlias bool
}{
{
name: "public zero-conf using alias",
zeroConf: true,
private: false,
useAlias: true,
},
{
name: "public zero-conf using real",
zeroConf: true,
private: false,
useAlias: false,
},
{
name: "private zero-conf using alias",
zeroConf: true,
private: true,
useAlias: true,
},
{
name: "public option-scid-alias using alias",
zeroConf: false,
optionFeature: true,
private: false,
useAlias: true,
},
{
name: "public option-scid-alias using real",
zeroConf: false,
optionFeature: true,
private: false,
useAlias: false,
},
{
name: "private option-scid-alias using alias",
zeroConf: false,
optionFeature: true,
private: true,
useAlias: true,
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testSwitchHandlePacketForward(
t, test.zeroConf, test.private, test.useAlias,
test.optionFeature,
)
})
}
}
func testSwitchHandlePacketForward(t *testing.T, zeroConf, private,
useAlias, optionFeature bool) {
t.Parallel()
// Create a link for Alice that we'll add to the switch.
htlcswitch: remove Switch reference from channelLink
2024-02-23 02:38:40 +01:00
harness, err :=
htlcswitch: replace defer cleanup with `t.Cleanup` Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-27 09:05:55 +02:00
newSingleLinkTestHarness(t, btcutil.SatoshiPerBitcoin, 0)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
htlcswitch: remove Switch reference from channelLink
2024-02-23 02:38:40 +01:00
aliceLink := harness.aliceLink
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
s, err := initSwitchWithTempDB(t, testStartingHeight)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
if err != nil {
t.Fatalf("unable to init switch: %v", err)
}
if err := s.Start(); err != nil {
t.Fatalf("unable to start switch: %v", err)
}
defer func() {
_ = s.Stop()
}()
// Change Alice's ShortChanID and OtherShortChanID here.
aliceAlias := lnwire.ShortChannelID{
BlockHeight: 16_000_000,
TxIndex: 5,
TxPosition: 5,
}
aliceAlias2 := aliceAlias
aliceAlias2.TxPosition = 6
aliceChannelLink := aliceLink.(*channelLink)
aliceChannelState := aliceChannelLink.channel.State()
// Set the link's GetAliases function.
aliceChannelLink.cfg.GetAliases = func(
base lnwire.ShortChannelID) []lnwire.ShortChannelID {
return []lnwire.ShortChannelID{aliceAlias, aliceAlias2}
}
if !private {
// Change the channel to public depending on the test.
aliceChannelState.ChannelFlags = lnwire.FFAnnounceChannel
}
// If this is an option-scid-alias feature-bit non-zero-conf channel,
// we'll mark the channel as such.
if optionFeature {
aliceChannelState.ChanType |= channeldb.ScidAliasFeatureBit
}
// This is the ShortChannelID field in the OpenChannel struct.
aliceScid := aliceLink.ShortChanID()
if zeroConf {
// Store the alias in the shortChanID field and mark the real
// scid in the database.
err = aliceChannelState.MarkRealScid(aliceScid)
require.NoError(t, err)
aliceChannelState.ChanType |= channeldb.ZeroConfBit
}
err = s.AddLink(aliceLink)
require.NoError(t, err)
// Add a mockChannelLink for Bob.
bobChanID, bobScid := genID()
bobPeer, err := newMockServer(
t, "bob", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
bobLink := newMockChannelLink(
s, bobChanID, bobScid, emptyScid, bobPeer, true, false, false,
false,
)
err = s.AddLink(bobLink)
require.NoError(t, err)
preimage := [sha256.Size]byte{1}
rhash := sha256.Sum256(preimage[:])
ogPacket := &htlcPacket{
incomingChanID: bobLink.ShortChanID(),
incomingHTLCID: 0,
htlcswitch: return `FEE_INSUFFICIENT` before checking balance
2023-03-08 07:27:45 +01:00
incomingAmount: 1000,
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Determine which outgoingChanID to set based on the useAlias bool.
outgoingChanID := aliceScid
if useAlias {
// Choose from the possible aliases.
aliases := aliceLink.getAliases()
idx := mrand.Intn(len(aliases))
outgoingChanID = aliases[idx]
}
ogPacket.outgoingChanID = outgoingChanID
// Forward the packet to Alice and she should fail it back with an
// AmountBelowMinimum FailureMessage.
err = s.ForwardPackets(nil, ogPacket)
require.NoError(t, err)
select {
case failPacket := <-bobLink.packets:
// Assert that failPacket returns the expected ChannelUpdate.
msg := failPacket.linkFailure.msg
failMsg, ok := msg.(*lnwire.FailAmountBelowMinimum)
require.True(t, ok)
require.Equal(t, outgoingChanID, failMsg.Update.ShortChannelID)
case <-s.quit:
t.Fatal("switch shutting down, failed to receive failure")
}
}
// TestSwitchAliasInterceptFail tests that when the InterceptableSwitch fails
// an incoming HTLC, it does not leak the on-chain UTXO for option-scid-alias
// (feature bit) or zero-conf channels.
func TestSwitchAliasInterceptFail(t *testing.T) {
tests := []struct {
name string
// Denotes whether or not the incoming channel is a zero-conf
// channel or an option-scid-alias channel instead (feature
// bit).
zeroConf bool
}{
{
name: "option-scid-alias",
zeroConf: false,
},
{
name: "zero-conf",
zeroConf: true,
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
testSwitchAliasInterceptFail(t, test.zeroConf)
})
}
}
func testSwitchAliasInterceptFail(t *testing.T, zeroConf bool) {
t.Parallel()
chanID, aliceScid := genID()
alicePeer, err := newMockServer(
t, "alice", testStartingHeight, nil, testDefaultDelta,
)
require.NoError(t, err)
htlcswitch: use `T.TempDir` to create temporary test directory Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-08-15 15:06:21 +02:00
tempPath := t.TempDir()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
cdb, err := channeldb.Open(tempPath)
require.NoError(t, err)
htlcswitch: clean up test resources and temporary files The htlcswitch tests were creating temporary database files but failing to clean them up. We fix this by making it obvious when temporary db files are created, and cleaning up those resources where necessary in the tests.
2022-08-16 05:20:47 +02:00
t.Cleanup(func() { cdb.Close() })
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
s, err := initSwitchWithDB(testStartingHeight, cdb)
require.NoError(t, err)
err = s.Start()
require.NoError(t, err)
defer func() {
_ = s.Stop()
}()
// Make Alice's alias here.
aliceAlias := lnwire.ShortChannelID{
BlockHeight: 16_000_000,
TxIndex: 5,
TxPosition: 5,
}
aliceAlias2 := aliceAlias
aliceAlias2.TxPosition = 6
var aliceLink *mockChannelLink
if zeroConf {
aliceLink = newMockChannelLink(
s, chanID, aliceAlias, aliceScid, alicePeer, true,
true, true, false,
)
aliceLink.addAlias(aliceAlias2)
} else {
aliceLink = newMockChannelLink(
s, chanID, aliceScid, emptyScid, alicePeer, true,
true, false, true,
)
aliceLink.addAlias(aliceAlias)
aliceLink.addAlias(aliceAlias2)
}
err = s.AddLink(aliceLink)
require.NoError(t, err)
// Now we'll create the packet that will be sent from the Alice link.
preimage := [sha256.Size]byte{1}
rhash := sha256.Sum256(preimage[:])
ogPacket := &htlcPacket{
incomingChanID: aliceLink.ShortChanID(),
incomingTimeout: 1000,
incomingHTLCID: 0,
outgoingChanID: lnwire.ShortChannelID{},
obfuscator: NewMockObfuscator(),
htlc: &lnwire.UpdateAddHTLC{
PaymentHash: rhash,
Amount: 1,
},
}
// Now setup the interceptable switch so that we can reject this
// packet.
forwardInterceptor := &mockForwardInterceptor{
t: t,
interceptedChan: make(chan InterceptedPacket),
}
htlcswitch: add dedicated block subscription to interceptable switch Preparation for making the interceptable switch aware of expiring htlcs.
2022-08-15 15:28:23 +02:00
notifier := &mock.ChainNotifier{
EpochChan: make(chan *chainntnfs.BlockEpoch, 1),
}
notifier.EpochChan <- &chainntnfs.BlockEpoch{Height: testStartingHeight}
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
interceptSwitch, err := NewInterceptableSwitch(
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
&InterceptableSwitchConfig{
htlcswitch: auto-fail held htlcs Make the interceptable switch aware of htlc expiry and fail back htlcs in-time to prevent the counterparty from force-closing the channel.
2022-08-15 17:28:19 +02:00
Switch: s,
Notifier: notifier,
CltvRejectDelta: 10,
CltvInterceptDelta: 13,
htlcswitch: add InterceptableSwitchConfig Preparation for adding more config options.
2022-08-15 13:00:08 +02:00
},
)
htlcswitch: add error return value to NewInterceptableSwitch Prepares for parameter validation.
2022-10-14 14:25:25 +02:00
require.NoError(t, err)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, interceptSwitch.Start())
interceptSwitch.SetInterceptor(forwardInterceptor.InterceptForwardHtlc)
err = interceptSwitch.ForwardPackets(nil, false, ogPacket)
require.NoError(t, err)
inCircuit := forwardInterceptor.getIntercepted().IncomingCircuit
require.NoError(t, interceptSwitch.resolve(&FwdResolution{
Action: FwdActionFail,
Key: inCircuit,
FailureCode: lnwire.CodeTemporaryChannelFailure,
}))
select {
case failPacket := <-aliceLink.packets:
// Assert that failPacket returns the expected ChannelUpdate.
failHtlc, ok := failPacket.htlc.(*lnwire.UpdateFailHTLC)
require.True(t, ok)
htlcswitch/test: more realistic mock encryption This mock is used in the switch test TestUpdateFailMalformedHTLCErrorConversion. But because the mock isn't very realistic, it doesn't detect problems in the handling of malformed failures in the link.
2022-10-14 11:03:31 +02:00
fwdErr, err := newMockDeobfuscator().DecryptError(
failHtlc.Reason,
)
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
require.NoError(t, err)
htlcswitch/test: more realistic mock encryption This mock is used in the switch test TestUpdateFailMalformedHTLCErrorConversion. But because the mock isn't very realistic, it doesn't detect problems in the handling of malformed failures in the link.
2022-10-14 11:03:31 +02:00
failure := fwdErr.WireMessage()
server+htlcswitch: prevent privacy leaks, allow alias routing This intent of this change is to prevent privacy leaks when routing with aliases and also to allow routing when using an alias. The aliases are our aliases. Introduces are two maps: * aliasToReal: This is an N->1 mapping for a channel. The keys are the set of aliases and the value is the confirmed, on-chain SCID. * baseIndex: This is also an N->1 mapping for a channel. The keys are the set of aliases and the value is the "base" SCID (whatever is in the OpenChannel.ShortChannelID field). There is also a base->base mapping, so not all keys are aliases. The above maps are populated when a link is added to the switch and when the channel has confirmed on-chain. The maps are not removed from if the link is removed, but this is fine since forwarding won't occur. * getLinkByMapping This function is introduced to adhere to the spec requirements that using the confirmed SCID of a private, scid-alias-feature-bit channel does not work. Lnd implements a stricter version of the spec and disallows this behavior if the feature-bit was negotiated, rather than just the channel type. The old, privacy-leak behavior is preserved. The spec also requires that if we must fail back an HTLC, the ChannelUpdate must use the SCID of whatever was in the onion, to avoid a privacy leak. This is also done by passing in the relevant SCID to the mailbox and link. Lnd will also cancel back on the "incoming" side if the InterceptableSwitch was used or if the link failed to decrypt the onion. In this case, we are cautious and replace the SCID if an alias exists.
2022-04-04 22:44:51 +02:00
failureMsg, ok := failure.(*lnwire.FailTemporaryChannelFailure)
require.True(t, ok)
failScid := failureMsg.Update.ShortChannelID
isAlias := failScid == aliceAlias || failScid == aliceAlias2
require.True(t, isAlias)
case <-s.quit:
t.Fatalf("switch shutting down, failed to receive failure")
}
require.NoError(t, interceptSwitch.Stop())
}
Reference in New Issue Copy Permalink