Skip to content

WIP: try to enforce signing vs revocation #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 55 commits into from
Nov 9, 2021
Merged

WIP: try to enforce signing vs revocation #1

merged 55 commits into from
Nov 9, 2021

Conversation

devrandom
Copy link
Member

@devrandom devrandom commented Jul 13, 2020
edited
Loading

This fails in various places, for example in ln::chanmon_update_fail_tests::during_funding_monitor_fail because of persistence issues.

In particular, EnforcingChannelKeys would like to get some common state from KeysInterface when it's deserialized, but that's not available with the current persistence design.

@devrandom devrandom mentioned this pull request Jul 13, 2020
Merged
@devrandom devrandom force-pushed the per-commitment branch 4 times, most recently from 950fa02 to b661164 Compare July 15, 2020 11:48
TheBlueMatt
TheBlueMatt reviewed Jul 20, 2020
View reviewed changes
lightning/src/util/enforcing_trait_impls.rs Outdated
if keys.per_commitment_point == self.inner.get_per_commitment_point(*revoked, secp_ctx) {
panic!("attempted to sign the latest revoked local commitment {}", self.inner.commitment_seed[0]);
} else {
panic!("can only sign the next two unrevoked commitment numbers, {} revoked={} point={}",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All the tests pass without this panic, and, indeed, I think you are correct in that it is just different objects getting serialized/read breaking things in the tests. It would be nice to enforce the other new assertions upstream even if we can't hit this one, but I think the solution is going to have to be some global static HashMap tracking revocation for a given commitment seed.

@devrandom devrandom force-pushed the per-commitment branch 2 times, most recently from fefae6a to b19d447 Compare July 22, 2020 18:47
TheBlueMatt and others added 6 commits November 23, 2020 13:52
@TheBlueMatt
[router] Fix + test routing via next/last-hop hints only
50b348c 
We had code in the router to support sending a payment via a single
hop across channels exclusively provided by the next-/last-hop hints.
However, in updating the fuzzer, I noted that this case not only
didn't work, but paniced in some cases.

Here, we both fix the panic, as well as write a new test which
ensures we don't break support for such routing in the future.
@TheBlueMatt
[netgraph] Do not allow capacity_sats * 1000 to overflow-panic
423073d 
In updating the router fuzzer, it discovered that a remote peer can
cause us to overflow while multiplying the channel capacity value.
Since the value should never exceed 21 million BTC, we just add a
check for that.
@TheBlueMatt
Expose manual-update methods in NetworkGraph.
c53d8a3 
These functions were created but previously not exported, however
they are useful if we want to skip signature checking when accepting
routing messages (which we really should be doing in the routing
fuzzer).
@TheBlueMatt
[fuzz] Make router_target a bit easier for fuzzers to explore
b56b4ad 
It turns out (somewhat obviously) that expecting a fuzzer to
correctly build multiple signatures which verify against multiple
public keys in the same message was a bit too daunting, so we now
skip message signatures in routing messages.

We also take this opportunity to simplify the target itself somewhat,
avoiding reading public keys over and over and instead generating
routes to all the public keys that appeared in messages while running.
@TheBlueMatt
Merge pull request lightningdevkit#748 from TheBlueMatt/2020-11-route…
fc7df54 
…r-fuzzer

Make router_target a bit easier for fuzzers to explore and fix two found bugs
@TheBlueMatt
Finally drop travis entirely.
9642356 
It seems travis isn't even bothering to spawn our jobs anymore, and
Github CI has been pretty stable, so just drop Travis entirely.
@devrandom devrandom changed the base branch from per-commitment to master November 24, 2020 17:16
TheBlueMatt and others added 8 commits November 24, 2020 14:00
@TheBlueMatt
Move UTXO-lookup into pub utility function from RoutingMsgHandler
d9c03f2 
This makes the public utility methods in `NetworkGraph` able to do
UTXO lookups ala `NetworkMsgHandler`'s `RoutingMessageHandler`
implementation, slightly simplifying the public interface.

We also take this opportunity to verify signatures before calling
out to UTXO lookups, under the "do actions in order of
cheapest-to-most-expensive to reduce DoS surface" principle.
@TheBlueMatt
Split NetworkGraph message handling fns into unsigned and signed
3b6f7f1 
This takes the now-public `NetworkGraph` message handling functions
and splits them all into two methods - one which takes a required
Secp256k1 context and verifies signatures and one which takes only
the unsigned part of the message and does not take a Secp256k1
context.

This both clarifies the public API as well as simplifies it, all
without duplicating code.

Finally, this adds an assertion in the Router fuzzer to make sure
the constants used for message deserialization are correct.
@TheBlueMatt
Bump version to 0.0.12
4aa8e9c
@TheBlueMatt
Update auto-generated bindings with new NetworkGraph API
ccd4a7a
@TheBlueMatt
Merge pull request lightningdevkit#758 from TheBlueMatt/2020-11-bindi…
84716ff 
…ngs-fix

Split `NetworkGraph` message handling fns into unsigned and signed (+update bindings)
@TheBlueMatt
Merge pull request lightningdevkit#759 from TheBlueMatt/2020-11-0.0.12
773c2d1 
Bump version to 0.0.12
@TheBlueMatt
Bump lightning-net-tokio crate version.
f377405
@TheBlueMatt
Merge pull request lightningdevkit#760 from TheBlueMatt/2020-11-0.0.12
a008464 
Bump lightning-net-tokio crate version.
@devrandom devrandom mentioned this pull request Nov 26, 2020
Merged
@bmancini55
Add gossip_queries feature flag
5af299e 
Support for the gossip_queries feature flag (bits 6/7) is added to the
Features struct. This feature is available in the Init and Node
contexts. The gossip_queries feature is not fully implemented so this
feature is disabled when sent to peers in the Init message.
@bmancini55
Add gossip_queries messages to wire decoding
3220f3b 
To enable gossip_queries message decoding, this commit implements the
wire module's Encoding trait for each message type. It also adds these
messages to the wire module's Message enum and the read function to
enable decoding of a buffer.
@devrandom devrandom force-pushed the revoke-enforcement branch 5 times, most recently from 6d3889d to 06e198c Compare January 12, 2021 18:17
@TheBlueMatt
Merge pull request lightningdevkit#771 from jkczyz/2021-01-bolt3-test…
d529a88 
…-vectors

Add BOLT 3 test vector for CLTV tiebreaker
@devrandom devrandom force-pushed the revoke-enforcement branch 3 times, most recently from 10a87ba to ebc80c3 Compare January 15, 2021 02:36
valentinewallace and others added 12 commits January 15, 2021 15:03
@valentinewallace
Update README with RL customization details
2535695
Add a GLOSSARY.md
4205c44 
Closes lightningdevkit#766

Contributions by Devrandom <[email protected]>
Extend Getting Started with GLOSSARY/meeting minutes in CONTRIBUTING.md
2caf289
@TheBlueMatt
Merge pull request lightningdevkit#772 from ariard/2021-01-getting-pr…
2ea3765 
…oject-context

Add GLOSSARY.md and more
@TheBlueMatt
Merge pull request lightningdevkit#776 from valentinewallace/update-r…
b73e5fc 
…eadme

Update readme
@devrandom
Fold sign_holder_commitment_htlc_transactions into sign_holder_commit…
cb83cfe 
…ment

Signing the commitment transaction is almost always followed by signing the attached HTLC transactions, so fold the signing operations into a single method.
@devrandom
Panic if signing fails in OnChainTx
63c56a4 
Signatures in OnChainTx must not fail, or we stand to lose funds
@devrandom
Simplify handling of OnChainTx.holder_commitment
0b20cf6 
It is no longer optional since it is available at construction time.
@TheBlueMatt
Merge pull request lightningdevkit#770 from lightning-signer/holder-h…
21a44da 
…tlc-sigs

Fold sign_holder_commitment_htlc_transactions into sign_holder_commitment
@devrandom
Use TestKeysInterface in functional tests
2cbb835 
This allows stateful validation in EnforcingChannelKeys
@devrandom
Revocation enforcement in signer
a5869b9 
We want to make sure that we don't sign revoked transactions.

Given that ChannelKeys are not singletons and revocation enforcement is stateful,
we need to store the revocation state in KeysInterface.
@devrandom
Fix fuzzing issue with revocation
bd4345d
@devrandom devrandom force-pushed the revoke-enforcement branch 5 times, most recently from 55f4ef8 to f8e0405 Compare January 21, 2021 19:19
@devrandom
Let some tests disable revocation policy check
142b0d6 
When simulating a bad actor that broadcasts a revoked tx, the policy check would otherwise panic.
@ksedgwic ksedgwic merged commit f151c02 into master Nov 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TheBlueMatt TheBlueMatt TheBlueMatt left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@devrandom @TheBlueMatt @ksedgwic @bmancini55 @sr-gi @jkczyz @valentinewallace