This is a very simple bug that go-fuzz found. If length of an address
within CloseSigned is greater than 34, a runtime error: slice bounds out
of range happens. An error should be returned instead.
In this commit we reverse the ordering of the MinAcceptDepth and
HltcMinimum fields within the AcceptChannel message. Previously, the
order of these two fields were reversed, meaning the remote peer
would’ve attempted to parse the MinAcceptDepth (as we intended), as
part of the HtlcMinimum, leading to a garbage value.
This commit fixes a diversion from the way the UpdateAddHTLC message is
defined within the specification. We had the HTLC expiry value in the
wrong place on the wire, which meant that we couldn’t parse the
messages as sent by the other LN implementations.
This corrects the fuzz test in TestLightningWireProtocol for
MsgCommitSig to avoid creating an empty slice since the decoded message
only creates a slice when there are greater than zero signatures and an
empty slice is not considered equal to a nil slice under reflection.
This can be tested by running the TestLightningWireProtocol 1000 times
in a loop with and without this change.
This commit does away with the ErrorCode field in order to ensure that
we’re properly compatible with BOLT-0002. In the future the error code
field may be re-introduced as it’s much easier to check against an
internet error rather than interpret a byte slice describing the error.
This commit modifies the NodeAnnouncement message to ensure that it
matches the current spec ordering. The spec was recently modified to
place the feature vector first to allow for future changes to the
fields to be forwards compatible.
This commit updates the encoding/decoding for the onion errors to
properly match BOLT-0004. This commit does to major things: we increase
the max message size to 256 bytes to account for recent modifications
to the ChannelUpdate message, and also fold in the error code into the
failure message encapsulation itself.
This commit adds a new type to the lnwire package: MilliSatoshi. A
milli-satoshi is simply 1/1000th of a satoshi, and will be used for all
internal accounting when sending payments, calculating fees, updating
commitment state, etc. Two helper methods are added: ToBTC(), and
ToSatoshis() to make manipulation of the values easy.
This commit adds a new field to the CommitSig message: HtlcSigs. This
new field will house signatures for each of the HTLC’s on the newly
created commitment state. This addition allows us to implement the new
commitment transaction structure outlined within the specification
which modifies HTLC’s such that the claiming process is now a two-phase
process. The first state transitions an HTLC to the delay+claim state,
and the second state (after the delay has passed) allows the
broadcaster of the commitment transaction to sweep the HTLC’s.
Fixes#61.
This commit modifies the readElement and writeElement functions to add
the capability of reading/writing a slice of btcec.Signature. This new
case is required for the upcoming commit which will modify the
CommitSig message to include a field which houses signatures of reach
HTLC on the commitment transaction.
This commit adds the new set of single funder messages from the
specification. As a result, after this commit and a follow up, all of
our messages will directly line up with those that are detailed within
the specification.
The new set of funding messages are very similar to our prior ones,
aside from the main difference of the addition of several channel level
constraints that give nodes control over their exposure, throughput,
and other values.
This commit modifies the RevokeAndAck message in order to bring it more
in line with the current draft of the specification. The prior version
was based on a version that used a revocation hash for HTLC’s and a
revocation key for commitment outputs. The current commitment design
uses revocation keys uniformly throughout.
This commit removes the original single funder wire messages as they’ve
now been deprecated by the new commitment and HTLC structure within the
latest draft of the specification.
In this commit BOLT#4 specification message have been added to the
lnwire package. This messsage is needed in order to notify payment
sender that forwarding node unable to parse the onion blob.
In this commit onion routing error from BOLT#4 have been added, the
initial error construction have been splitted on two parts: The first
part which contains the actual data will reside inside the lnwire
package because it contains all necessary function to decode/encode
the data. The second part obfuscation and hmac checking will resides
inside the lighting-onion package because it requires the key
generation.
This commit updates the OnionPacketSize constant in order to reflect
the size of the onion payload as a result of the recent changes to the
sphinx packet format in the specification.
This commit gives the start for making the htlc manager and htlc switch
testable. The testability of htlc switch have been achieved by mocking
all external subsystems. The concrete list of updates:
1. create standalone package for htlc switch.
2. add "ChannelLink" interface, which represent the previous htlc link.
3. add "Peer" interface, which represent the remote node inside our
subsystem.
4. add htlc switch config to htlc switch susbystem, which stores the
handlers which are not elongs to any of the above interfaces.
With this commit we are able test htlc switch even without having
the concrete implementation of Peer, ChannelLink structures, they will
be added later.
This commit changes the cooperative channel close workflow to comply
with the latest spec. This adds steps to handle and send shutdown
messages as well as moving responsibility for sending the channel close
message from the initiator to the responder.
This commit fixes a deviant in the way we serialize and deserialize the
node announcement message from that which is currently in the spec.
Before this commit we reversed the order of features and addresses.
Instead, on the wire, features should come _before_ the addresses.
We also add a new temporary feature bit to ensure nodes that don’t
directly connect to each other if they don’t have this new update.
However, this will also partition any current tests nets when new nodes
join them as the digest signed has changed, therefore invalidating any
older messages.
Fixes#207.
This commit modifies ReadMessage to no longer return the total bytes
read as this value will now be calculated at a higher level. The
io.Reader that’s passed to ReadMessage is expected to contain the
_entire_ message rather than be a pointer into a stream that contains
the message itself.
This commit does away with all the old manual message equality tests
and replace it with a single property-based test that uses the
testing/quick package. This test uses a single scenario which MUST hold
for all the messages type and all possible messages generated for those
types. As a result we are able to do away with all the prior manually
generated test data as the fuzzer to scan the input space looking for a
message that violates the scenario.