Enforce Trampoline Constraints (replacement) #4226
Conversation
To allow formatting on new code, move to per-function skips.
Remove skip without fixing up any of the ugly formatting, so that the diff is a bit more readable in review.
This commit adds three new local htlc failure error reasons: `TemporaryTrampolineFailure`, `TrampolineFeeOrExpiryInsufficient`, and `UnknownNextTrampoline` for trampoline payment forwarding failures.
We add a `check_trampoline_constraints` similar to `check_blinded_path_constraints` that compares the Trampoline onion's amount and CLTV values to the limitations imposed by the outer onion. Tests are added to cover validation of blinded and unblinded trampoline payloads against their outer onion. These are consolidated with our existing coverage for successful receives. Co-authored-by: Arik Sosman <git@arik.io> Co-authored-by: Maurice Poirrier <mpch@hey.com>
|
👋 Thanks for assigning @valentinewallace as a reviewer! |
| }), | ||
| onion_utils::Hop::TrampolineForward { next_trampoline_hop_data, next_trampoline_hop_hmac, new_trampoline_packet_bytes, trampoline_shared_secret, .. } => { | ||
| onion_utils::Hop::TrampolineForward { ref outer_hop_data, next_trampoline_hop_data, next_trampoline_hop_hmac, new_trampoline_packet_bytes, trampoline_shared_secret, .. } => { | ||
| // TODO: return reason as forward issue, not as receiving issue when forwarding is ready. |
There was a problem hiding this comment.
I'm not quite clear on what this todo means, still catching up on some context - @a-mpch could you help me out?
carlaKC
changed the title
|
Assigning reviewers who looked at the original PR - please free yourself if not appropriate! |
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #4226 +/- ##
==========================================
+ Coverage 89.32% 89.35% +0.02%
==========================================
Files 180 180
Lines 138329 138572 +243
Branches 138329 138572 +243
==========================================
+ Hits 123566 123819 +253
+ Misses 12157 12145 -12
- Partials 2606 2608 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
One thing to note about the tests here: we've currently only got coverage for blinded receives checking the constraints (this is what the original PR had). We could also add coverage for blinded forwards in the failure case (can't do for success because we just fail the forwards rn), which would make codecov a bit happier. I think this is worth doing, but it would mean adding a bit more code to the mega test helper - interested on hearing thoughts on how readable others find it before adding another layer to an already quite dense test! Can also easily be a small follow. up. |
|
Needs rebase :( I did find the new testing not ideal from a readability PoV at first glance, going to take a closer look in a bit but let me know if you see any obvious ways to improve things. I was thinking we might want to keep the previously-simple test the way it was and add on these complex ones separately, but need to look more closely to see if that makes sense. It may be that the nature of what we're testing makes it hard to improve things though. |
4 participants
This PR replaces #3983, adding validation of trampoline onions (as compared to the outer onion). It makes some quite significant changes to the tests in the original PR to consolidate blinded and unblinded tests for success/failure scenarios into a single helper (apologies to reviewers who've already looked at the tests, but I think this DRYs it up quite nicely).
While we're here, it also moves
rustfmt::skipto a per-function level onblinded_payment_tests.rsand formats the existing test helper that we're modifying in a pre-factor so that the new code can be formatted.