Commit Graph

143 Commits

Author SHA1 Message Date
carla
a3478f1d99
htlcswitch: add CheckCircularForward to handlePacketForward
Add a CheckCircularForward function which detects packets which are
forwards over the same incoming and outgoing link, and errors if the
node is configured to disallow forwards of this nature. This check is
added to increase the cost of a liquidity lockup attack, because it
increases the length of the route required to lock up an individual
node's bandwidth. Since nodes are currently limited to 20 hops,
increasing the length of the route needed to lock up capital increases
the number of malicious payments an attacker will have to route, which
increases the capital requirement of the attack overall.
2020-01-30 10:13:40 +02:00
carla
f430fd50c5
htlcswitch: use LinkError for internal errors
Update the ChannelLink interface to specifically
return the LinkError struct. This error implements
the ClearTextError interface, so will be picked
up as a routing realted error by the router.

With LinkErrors implemented, the switch now
returns a LinkError for all failures on our
incoming/outgoing link and ForwardingError when
the failure occurs down the line.
2020-01-14 15:21:15 +02:00
carla
6f0a342f92
htlcswitch: add ForwardingError constructor
Add a constructor for the creation of forwarding errors.
A special constructor is added for the case where we have
an unknown wire failure, and must set a nil failure message.
2020-01-14 15:07:29 +02:00
carla
94d3eb60a4
multi: Use user provided close address for cooperative closes
This commit is adapted from @Bluetegu's original
pull request #1462.

This commit reads an optional address to pay funds out to
from a user iniitiated close channel address. If the channel
already has a shutdown script set, the request will fail if
an address is provided. Otherwise, the cooperative close will
pay out to the address provided.
2019-12-10 09:13:01 +02:00
Olaoluwa Osuntokun
777ed104a3
chainfee: create new chainfee package extracting fees from lnwallet
In this commit, we create a new chainfee package, that houses all fee
related functionality used within the codebase. The creation of this new
package furthers our long-term goal of extracting functionality from the
bloated `lnwallet` package into new distinct packages. Additionally,
this new packages resolves a class of import cycle that could arise if a
new package that was imported by something in `lnwallet` wanted to use
the existing fee related functions in the prior `lnwallet` package.
2019-10-31 16:41:57 -07:00
Joost Jager
200be87212
htlcswitch: fix returned failure for insufficient balance
In the scenario where the requested channel does not have enough balance
and another channel towards the same node generates a different failure,
we erroneously returned UnknownNextPeer instead of the expected
TemporaryChannelFailure.

This commit rewrites the non-strict forwarding logic in the switch to
return the proper failure message. Part of this is moving the link
balance check inside the link.
2019-10-23 09:57:34 +02:00
Joost Jager
cf98e99001
htlcswitch: remove source hop check
This is already checked in EligibleToForward()
2019-10-23 09:57:24 +02:00
Joost Jager
5404348f51
htlcswitch: rename policy check functions 2019-10-23 09:57:22 +02:00
Joost Jager
b58dbb2d70
multi: fix canceled spelling 2019-10-03 17:27:36 +02:00
Joost Jager
c80feeb4b3
routing+discovery: extract local channel manager
The policy update logic that resided part in the gossiper and
part in the rpc server is extracted into its own object.

This prepares for additional validation logic to be added for policy
updates that would otherwise make the gossiper heavier.

It is also a small first step towards separation of our own channel data
from the rest of the graph.
2019-09-23 13:07:08 +02:00
Conner Fromknecht
6dca07577d
multi: move active/inactive ntfns from switch to link
Since we will now wait to deliver the event after channel reestablish,
notifying when the link is added to the switch will no longer be
sufficient. Later, we will add receiving reestablish as an additional
requirement for EligibleToForward returning true.

The inactive ntfn is also moved, to ensure that we don't fire inactive
notifications if no corresponding active notification was sent.
2019-09-19 12:46:44 -07:00
Joost Jager
3d7de2ad39
multi: remove dead code 2019-09-10 17:21:59 +02:00
Valentine Wallace
8ce7f82da0 discovery+switch: apply zero forwarding policy updates in-memory as well as on disk
In this commit, we fix a bug where if a user updates a forwarding policy to be
zero, the update will be applied to the policy correctly on-disk, but not
in-memory.

We solve this issue by having the gossiper return the list of on-disk updated
policies and passing these policies to the switch, so the switch can assume
that zero-valued fields are intentional and not just uninitialized.
2019-09-09 23:39:44 -07:00
Joost Jager
e54b24289f
htlcswitch: move hop iterator into htlcswitch/hop package
Prepares for onion blob decoding outside of htlcswitch.
2019-09-05 15:30:31 +02:00
Conner Fromknecht
378e0558c5
htlcswitch/hop: move hop.Exit and hop.Source to hop pkg 2019-09-05 01:35:23 -07:00
ccdle12
05d0d028bc
htlcswitch+config+server: Adds a rejecthtlc flag that disables forwarded
htlcs

config: Adding RejectHTLC field in config struct

This commit adds a RejectHTLC field in the config struct in config.go.
This allows the user to run lnd as a node that does not accept onward
HTLCs.

htlcswitch/switch: Adding a field RejectHTLC to the switch config

This commit adds a field RejectHTLC to the switch config. When the
switch receives an HTLC it will check this flag and if the HTLC is not
from the source hop, the HTLC will be rejected.

htlcswitch/switch: adding check for RejectHTLC flag and incomingChanID

This commit adds a check when receiving UpdateAddHTLC. The check looks
for the RejectHTLC flag set and whether the HTLC is from the sourceHop
(the local switch). If the HTLC is not from the sourceHop, then we
reject the HTLC and return a FailChannelDisabled error.

server: adding RejectHTLC field to initialization of switch

lnd_test: adding test for RejectHTLC

This commit adds a test which tests that a node with the --rejecthtlc
flag will reject any onward HTLCs but still can receive direct HTLCs and
can send HTLCs.
2019-08-20 11:01:44 +01:00
Johan T. Halseth
21baa7bf18
multi: fix linter errors 2019-08-07 10:53:10 +02:00
nsa
00814dc7c1 htlcswitch: pipeline settles to switch
This commit makes the outgoing link pipeline the settle to the
switch as soon as it receives it. Previously, it would wait for a
revocation before sending it, which caused increased latency on
payments as well as possibly never settling on the incoming link.
A duplicate settle is still sent to the switch, but it is handled
gracefully. A new AckEventTicker was added to the switch which
acknowledges any pending settle / fail entries in an outgoing
link's fwd pkgs in batch. This was needed in order to reduce the
number of db txn's which would have been incurred by acking whenever
we receive a duplicate settle without batching.
2019-07-18 17:20:40 -04:00
Joost Jager
c6f9517e48
lnwire+htlcswitch: only use references for failure messages
Methods on failure message types used to be defined on value receivers.
This allowed assignment of a failure message to ForwardingError both as
a value and as a pointer. This is error-prone, especially when using a
type switch.

In this commit the failure message methods are changed so that they
target pointer receivers.

Two instances where a value was assigned instead of a reference are
fixed.
2019-07-11 19:49:47 +02:00
Joost Jager
418fe364de
htlcswitch: use distinct error for unreadable failures 2019-07-11 19:49:45 +02:00
Joost Jager
2b47632b26
htlcswitch+routing+routerrpc: return error source as index 2019-07-11 10:37:26 +02:00
Johan T. Halseth
2cc778d309
htlcswitch/switch: use paymentResultStore to keep track of results 2019-06-07 16:53:32 +02:00
Johan T. Halseth
2dea790b55
multi: make GetPaymentResult take payment hash
Used for logging in the switch, and when we remove the pending payments,
only the router will have the hash stored across restarts.
2019-06-07 16:53:32 +02:00
Johan T. Halseth
d027e10201
htlcswitch+channeldb: move control tower to channeldb 2019-05-27 20:18:56 +02:00
Johan T. Halseth
cd02c22977
htlcswitch+router: move deobfuscator creation to GetPaymentResult call
In this commit we move handing the deobfuscator from the router to the
switch from when the payment is initiated, to when the result is
queried.

We do this because only the router can recreate the deobfuscator after a
restart, and we are preparing for being able to handle results across
restarts.

Since the deobfuscator cannot be nil anymore, we can also get rid of
that special case.
2019-05-16 23:56:12 +02:00
Johan T. Halseth
f99d0c4c68
htlcswitch/switch+payment_result: define networkResult, extractResult 2019-05-16 23:56:12 +02:00
Johan T. Halseth
ec087a9f73
htlcswitch+router: define PaymentResult, GetPaymentResult
This lets us distinguish an critical error from a actual payment result
(success or failure). This is important since we know that we can only
attempt another payment when a final result from the previous payment
attempt is received.
2019-05-16 23:56:12 +02:00
Johan T. Halseth
be129eb7c7
htlcswitch/switch: remove numPendingPayments only used in tests 2019-05-16 23:56:12 +02:00
Johan T. Halseth
cff4d3547d
htlcswitch/switch: clarify paymentID uniqueness
With the following commits, it'll become important to not resuse
paymentIDs, since there is no way to tell whether the HTLC in question
has already been forwarded and settled/failed.

We clarify this in the SendHTLC comments, and alter the tests to not
attempt to resend an HTLC with a duplicate payment ID.
2019-05-16 23:56:11 +02:00
Johan T. Halseth
bbbe3a37f5
htlcswitch/switch: make parseFailedPayment not dependent on pkt
We will later persist the fields necessary to decrypt a received error.
2019-05-16 23:56:11 +02:00
Johan T. Halseth
c9e8ff6a34
switch+router+server: move NextPaymentID to router
This commit moves the responsibility of generating a unique payment ID
from the switch to the router. This will make it easier for the router
to keep track of which HTLCs were successfully forwarded onto the
network, as it can query the switch for existing HTLCs as long as the
paymentIDs are kept.

The router is expected to maintain a map from paymentHash->paymentID,
such that they can be replayed on restart. This also lets the router
check the status of a sent payment after a restart, by querying the
switch for the paymentID in question.
2019-05-16 23:56:06 +02:00
Olaoluwa Osuntokun
a8fa4094ba
Merge pull request #3027 from Roasbeef/new-onion-structs
router+build: update to the latest version of lightning-onion
2019-05-03 13:30:41 -07:00
Joost Jager
f5f6a52ed8
htlcswitch: check channel policy for local htlcs 2019-05-03 12:22:36 +02:00
Olaoluwa Osuntokun
be63c7d286
htlcswitch: properly convert multi-hop malformed HTLC failures
In this commit, we now properly convert multi-hop malformed HTLC
failures. Before this commit, we wouldn't properly add a layer of
encryption to these errors meaning that the destination would fail to
decrypt the error as it was actually plaintext.

To remedy this, we'll now check if we need to convert an error, and if
so we'll encrypt it as if it we were the source of the error (the true
source is our direct channel peer).
2019-04-30 20:13:37 -07:00
Olaoluwa Osuntokun
cdc4aca40f
htlcswitch: properly handle direct link malformed HTLC failures
In this commit, we fix a bug that caused us to be unable to properly
handle malformed HTLC failures from our direct link. Before this commit,
we would attempt to decrypt it and fail since it wasn't well formed. In
this commit, if its an error for a local payment, and it needed to be
converted, then we'll decode it w/o decrypting since it's already
plaintext.
2019-04-30 20:13:36 -07:00
cryptagoras
a50428ca96 htlcswitch/switch: log target node on insufficient cap error 2019-03-25 18:25:58 +02:00
Valentine Wallace
bdd8ce14c9 switch: notify the ChannelNotifier on newly active/inactive channels. 2019-02-05 18:17:54 -08:00
Olaoluwa Osuntokun
9c59ac4383
Merge pull request #2397 from halseth/reject-commitment-expected-fee-reset-bug
[bugfix] Process fee updates as any other update message
2019-01-14 17:06:27 -08:00
Conner Fromknecht
164250d1cd
htlcswitch/switch: check EligibleToForward in HasActiveLink
This commit modifies the behavior of the
HasActiveLink method within the switch to
only return true if the link is in the
link index and is eligible to forward
HTLCs.

The prior version returns true whenever
the link is found in the link index,
which may return true for pending
channels that are not actually active.
2019-01-10 16:34:02 -08:00
Johan T. Halseth
480f43f1dc
lnwallet/channel: add lnwire<->PaymentDescriptor FeeUpdate conversion
This commit adds conversion between the lnwire.UpdateFee message and the
new FeeUpdate PaymentDescriptor. We re-purpose the existing Amount field
in the PaymentDescriptor stuct to hold the feerate.
2019-01-10 12:26:33 +01:00
Joost Jager
6c027e2bc9 htlcswitch: remove lnrpc dependency
This commits removes an unwanted dependency that prevents
moving parts of rpcserver to a sub server.
2019-01-03 09:07:56 +01:00
Olaoluwa Osuntokun
1fd3aac925
multi: switch from bolt packge to bbolt package for all imports 2018-11-29 20:33:49 -08:00
Alex Bosworth
2d8e239fe9
Move pewpew diff log into debug log 2018-11-01 17:46:03 -07:00
Olaoluwa Osuntokun
d8e6085c17
multi: update to go 1.11 gofmt 2018-10-07 14:37:38 +09:00
Wilmer Paulino
33dda07b62
htlcswitch: return concrete error from GetLinksByInterface 2018-08-28 20:34:18 -07:00
Conner Fromknecht
9c5c1d0cb5
htlcswitch/switch: prevent panic for unknown error decryptor 2018-08-22 10:26:27 -07:00
Conner Fromknecht
b59fea460a
htlcswitch/switch: make local response handling async
This commit moves the logic handling responses to
locally-initiated payments to be asynchronous. The
reordering of operations into handleLocalDispatch
brings a serious performance burden to the switch's
main event loop. However, the at-most once semantics
of circuit map and idempotency of cleanup methods
allows concurrent operations to run in parallel.

Prior to this commit, the async_payments_benchmark
would timeout due to the forcibly serial nature of
the prior design. With this change, there is no
perceptible difference in the benchmark OMM, even
though we've added two extra db calls.
2018-08-22 10:26:26 -07:00
Conner Fromknecht
2dd8f07014
htlcswitch/switch: use non-strict PaymentControl 2018-08-21 19:23:25 -07:00
Conner Fromknecht
d6083e0d66
htlcswitch/switch: reorder persistent calls and app ntfn...
for Settle/Fail responses.
2018-08-21 19:23:24 -07:00
Vadym Popov
21fc7aa829
htlcswitch: integration of control tower to htlc switch 2018-08-21 19:23:22 -07:00