If we are missing a `ChannelMonitor` for which the `ChannelManager`
has pending updates, it may be useful to print what the updates we
have actually are, at least useful in identifying the bug(s).
Peer::their_node_id is set to Some during the handshake process.
However, df3ab2ee27 accesses the field
unconditionally, causing a panic. This may be triggered if a gossip
message is received mid-handshake from another peer or if the user calls
broadcast_node_announcement during this time. The latter tends to be
executed on a timer.
Ensure that Peer::their_node_id is only accessed once the handshake is
complete.
When handling calls to `batch_funding_transaction_generated` which
were missing outputs for one of the batch channels, we'd previously
deadlock when trying to clean up the now-closed channels. This
fixes that and adds a new test case for it.
Found by the full_stack_target fuzzer.
When converting from CounterpartyForwardingInfo to PaymentRelay, the
cltv_expiry_delta is copied. Then, when forming a blinded payment path,
the value is mutated so that esoteric values don't reveal information
about the path. However, the value was only used in computing
PaymentConstraints and wasn't actually updated in PaymentRelay. Move the
logic for modifying the cltv_expiry_delta to the conversion code to
avoid this inconsistency.
The excess delta is included in the final RouteHop::cltv_expiry_delta, so by
adding it explicitly to cur_cltv we were erroneously including it twice in the
total cltv expiry.
This could've add up to an extra MAX_SHADOW_CLTV_DELTA_OFFSET (432) blocks to
the total cltv expiry.
As we'd generally like the `lightning` crate to, over time, have
more modules rather than being very monolithic, we should move the
cryptographic things into their own module, which we do here.
We also take this opportunity to move stream adapters into their
own module and make clear that the ChaChaPoly `decrypt` method is
variable time.
Previously, we were setting the final blinded hop's CLTV expiry height to
best_block_height + total_blinded_path_cltv_delta + shadow_cltv_offset. This is
incorrect, it should instead be set to best_block_height + shadow_cltv_offset
only -- it doesn't make sense to include the delta for the other blinded hops
in the final hop's expiry.
The reason this too-high final cltv value didn't cause test failures previously
is because of a 2nd bug that is fixed in an upcoming commit where the sender
adds the shadow offset twice to the total path CLTV expiry. This 2nd offset
meant that intermediate nodes had some buffer CLTV to subtract their delta from
while still (usually) have enough leftover to meet the expiry in the final hop's
onion.
