lnd.xprv/zpay32
nsa 0f6e11c35f
zpay32: check invoice length while decoding
This commit checks that the size of the bech32 encoded invoice is not
greater than 7092 bytes, which is the maximum number of bytes that can
fit into a QR code. This mitigates a potential DoS vector where an attacker
could craft a very large bech32 invoice string containing an absurd amount
of route and/or hop hints. If sent to an application that processes
payment requests, this would allocate a burdensome amount of memory
due to the public key parsing for each route/hop hint.

For a 1.7MB payment request, this yielded about 38MB in allocations
from just parsing public keys:

```
   45.51MB  7.31% 92.07%    45.51MB  7.31%  math/big.nat.make
   25.50MB  4.09% 96.16%    25.50MB  4.09%  github.com/lightningnetwork/lnd/zpay32.bech32VerifyChecksum
       1MB  0.16% 96.32%    39.50MB  6.34%  github.com/lightningnetwork/lnd/zpay32.parseRouteHint
       1MB  0.16% 96.48%    33.50MB  5.38%  github.com/btcsuite/btcd/btcec.decompressPoint
    0.50MB  0.08% 96.56%     7.50MB  1.20%  crypto/elliptic.(*CurveParams).doubleJacobian
    0.50MB  0.08% 96.64%       38MB  6.10%  github.com/btcsuite/btcd/btcec.ParsePubKey
         0     0% 96.64%       12MB  1.93%  crypto/ecdsa.Verify
         0     0% 96.64%        8MB  1.28%  crypto/elliptic.(*CurveParams).ScalarBaseMult
         0     0% 96.64%       12MB  1.93%  crypto/elliptic.(*CurveParams).ScalarMult
```

With this change, memory usage will be far lower as decoding will exit
early with an error if the invoice is too large.
2019-09-24 06:21:27 -04:00
..
amountunits.go multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
bech32.go multi: comprehensive typo fixes across all packages 2018-02-06 19:11:11 -08:00
hophint.go routing+zpay32: copy pubkeys before nilling Curve and spewing 2019-06-12 12:19:43 +02:00
invoice_internal_test.go zpay32: move HopHint and DefaultFinalCLTVDelta 2019-03-15 10:08:32 +01:00
invoice_test.go zpay32: check invoice length while decoding 2019-09-24 06:21:27 -04:00
invoice.go zpay32: check invoice length while decoding 2019-09-24 06:21:27 -04:00
README.md

zpay32

Build Status MIT licensed GoDoc

The zpay32 package implements a basic scheme for the encoding of payment requests between two lnd nodes within the Lightning Network. The zpay32 encoding scheme uses the zbase32 scheme along with a checksum to encode a serialized payment request.

The payment request serialized by the package consist of: the destination's public key, the payment hash to use for the payment, and the value of payment to send.

Installation and Updating

$ go get -u github.com/lightningnetwork/lnd/zpay32