From 6a255fb588da8bac984f3b7c01fbe03f957e23ee Mon Sep 17 00:00:00 2001 From: Olaoluwa Osuntokun Date: Wed, 18 Oct 2017 22:20:47 -0700 Subject: [PATCH] htlcswitch: relax timelock verification in middle link to allow for shadow routes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In this commit, we relax the time lock verification when we realize we’re an intermediate hop. We no longer directly assert that the time lock we receive is _identical_, instead we allow slow slack and will reject iff, the incoming timelock minus the outgoing time lock doesn’t meet our delta requirements. --- htlcswitch/link.go | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/htlcswitch/link.go b/htlcswitch/link.go index e75e688d..3be0c59e 100644 --- a/htlcswitch/link.go +++ b/htlcswitch/link.go @@ -1294,9 +1294,9 @@ func (l *channelLink) processLockedInHtlcs( timeDelta := l.cfg.FwrdingPolicy.TimeLockDelta if pd.Timeout-timeDelta <= heightNow { log.Errorf("htlc(%x) has an expiry "+ - "that's too soon: expiry=%v, "+ + "that's too soon: outgoing_expiry=%v, "+ "best_height=%v", pd.RHash[:], - pd.Timeout, heightNow) + pd.Timeout-timeDelta, heightNow) var failure lnwire.FailureMessage update, err := l.cfg.GetLastChannelUpdate() @@ -1387,12 +1387,13 @@ func (l *channelLink) processLockedInHtlcs( // time lock. Otherwise, whether the sender // messed up, or an intermediate node tampered // with the HTLC. - if pd.Timeout-timeDelta != fwdInfo.OutgoingCTLV { + if pd.Timeout-timeDelta < fwdInfo.OutgoingCTLV { log.Errorf("Incoming htlc(%x) has "+ - "incorrect time-lock value: expected "+ - "%v blocks, got %v blocks", - pd.RHash[:], pd.Timeout-timeDelta, - fwdInfo.OutgoingCTLV) + "incorrect time-lock value: "+ + "expected at least %v block delta, "+ + "got %v block delta", pd.RHash[:], + timeDelta, + pd.Timeout-fwdInfo.OutgoingCTLV) // Grab the latest routing policy so // the sending node is up to date with