Skip to content

Add LSPS5 DOS protections. #3993

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add LSPS5 DOS protections. #3993

wants to merge 1 commit into from
+229 −17

Conversation

martinsaposnic
Copy link
Contributor

When handling an incoming LSPS5 request, the manager will check
if the counterparty is 'engaged' in some way before responding.
Engaged meaning = active channel | LSPS2 active operation | LSPS1 active operation.

Logic: If not engaged then reject request;

A single test is added only checking for the active channel condition,
because it's not super easy to get LSPS1-2 on the correct state to check this (yet).
Other tangential work is happening that will make this easier and more tests will come in the near future.

A few decisions that could be changed:

  • the DOS protections are optional (default true). maybe this should not be configurable?
  • I made the dos_protection_enforcer generic enough so it would be possible to add more behavior in the future. also some logic could be moved here like the ignored_peers logic from the manager, which could make sense to move to the dos enforcer

thoughts @tnull ?

@martinsaposnic
Add LSPS5 DOS protections.
28d6286 
When handling an incoming LSPS5 request, the manager will check
if the counterparty is 'engaged' in some way before responding.
`Engaged` meaning = active channel | LSPS2 active operation | LSPS1 active operation.

Logic: `If not engaged then reject request;`

A single test is added only checking for the active channel condition,
because it's not super easy to get LSPS1-2 on the correct state to check this (yet).
Other tangential work is happening that will make this easier and more tests will come in the near future
@ldk-reviews-bot
Copy link

ldk-reviews-bot commented Aug 7, 2025
edited
Loading

👋 Thanks for assigning @tnull as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

@martinsaposnic martinsaposnic mentioned this pull request Aug 7, 2025
Open
18 tasks
@codecov Codecov
Copy link

codecov bot commented Aug 7, 2025

Codecov Report

❌ Patch coverage is 60.41667% with 19 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.72%. Comparing base (dc335e9) to head (28d6286).
⚠️ Report is 12 commits behind head on main.

Files with missing lines Patch % Lines
lightning-liquidity/src/lsps2/service.rs 0.00% 15 Missing ⚠️
lightning-liquidity/src/dos_protection_enforcer.rs 50.00% 3 Missing ⚠️
lightning-liquidity/src/manager.rs 94.73% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3993      +/-   ##
==========================================
- Coverage   88.97%   88.72%   -0.25%     
==========================================
  Files         174      174              
  Lines      124222   124467     +245     
  Branches   124222   124467     +245     
==========================================
- Hits       110522   110433      -89     
- Misses      11217    11615     +398     
+ Partials     2483     2419      -64
Flag Coverage Δ
fuzzing ?
tests 88.72% <60.41%> (-0.08%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@tnull tnull requested review from tnull and removed request for joostjager August 7, 2025 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnull tnull Awaiting requested review from tnull

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@martinsaposnic @ldk-reviews-bot