Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate channel_update signatures without holding a graph lock #3310

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Validate channel_update signatures without holding a graph lock #3310

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0b7838b
Refactor `channel_update` processing logic into local fns
TheBlueMatt Sep 11, 2024
3a00cd8
Validate `channel_update` signatures without holding a graph lock
TheBlueMatt Sep 11, 2024
0325c14
f one less closure
TheBlueMatt Sep 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 60 additions & 54 deletions lightning/src/routing/gossip.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2294,62 +2294,68 @@ impl<L: Deref> NetworkGraph<L> where L::Target: Logger {
}
};

let mut channels = self.channels.write().unwrap();
match channels.get_mut(&msg.short_channel_id) {
None => {
core::mem::drop(channels);
self.pending_checks.check_hold_pending_channel_update(msg, full_msg)?;
return Err(LightningError {
err: "Couldn't find channel for update".to_owned(),
action: ErrorAction::IgnoreAndLog(Level::Gossip),
});
},
Some(channel) => {
check_msg_sanity(channel)?;

macro_rules! get_new_channel_info {
() => { {
let last_update_message = if msg.excess_data.len() <= MAX_EXCESS_BYTES_FOR_RELAY
{ full_msg.cloned() } else { None };

let updated_channel_update_info = ChannelUpdateInfo {
enabled: chan_enabled,
last_update: msg.timestamp,
cltv_expiry_delta: msg.cltv_expiry_delta,
htlc_minimum_msat: msg.htlc_minimum_msat,
htlc_maximum_msat: msg.htlc_maximum_msat,
fees: RoutingFees {
base_msat: msg.fee_base_msat,
proportional_millionths: msg.fee_proportional_millionths,
},
last_update_message
};
Some(updated_channel_update_info)
} }
}

let msg_hash = hash_to_message!(&message_sha256d_hash(&msg)[..]);
if msg.channel_flags & 1 == 1 {
if let Some(sig) = sig {
secp_verify_sig!(self.secp_ctx, &msg_hash, &sig, &PublicKey::from_slice(channel.node_two.as_slice()).map_err(|_| LightningError{
let node_pubkey;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

let node_pubkey = {
	// ...
};

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just find that hard to read across a long block...I know we do it a lot of places, was just trying to avoid it and try something new 🤷‍♂️

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, YMMV. Just seemed shorter after your change.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At least I didn't suggest a long chaining expression. 😉

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it affects legibility much, though consistency would favor @jkczyz's suggestion.

{
let channels = self.channels.read().unwrap();
match channels.get(&msg.short_channel_id) {
None => {
core::mem::drop(channels);
self.pending_checks.check_hold_pending_channel_update(msg, full_msg)?;
return Err(LightningError {
err: "Couldn't find channel for update".to_owned(),
action: ErrorAction::IgnoreAndLog(Level::Gossip),
});
},
Some(channel) => {
check_msg_sanity(channel)?;
let node_id = if msg.channel_flags & 1 == 1 {
channel.node_two.as_slice()
} else {
channel.node_one.as_slice()
};
node_pubkey = PublicKey::from_slice(node_id)
.map_err(|_| LightningError{
err: "Couldn't parse source node pubkey".to_owned(),
action: ErrorAction::IgnoreAndLog(Level::Debug)
})?, "channel_update");
}
if !only_verify {
channel.two_to_one = get_new_channel_info!();
}
} else {
if let Some(sig) = sig {
secp_verify_sig!(self.secp_ctx, &msg_hash, &sig, &PublicKey::from_slice(channel.node_one.as_slice()).map_err(|_| LightningError{
err: "Couldn't parse destination node pubkey".to_owned(),
action: ErrorAction::IgnoreAndLog(Level::Debug)
})?, "channel_update");
}
if !only_verify {
channel.one_to_two = get_new_channel_info!();
}
}
})?;
},
}
}

let msg_hash = hash_to_message!(&message_sha256d_hash(&msg)[..]);
if let Some(sig) = sig {
secp_verify_sig!(self.secp_ctx, &msg_hash, &sig, &node_pubkey, "channel_update");
}

if only_verify { return Ok(()); }

let mut channels = self.channels.write().unwrap();
if let Some(channel) = channels.get_mut(&msg.short_channel_id) {
check_msg_sanity(channel)?;

let get_new_channel_info = || {
TheBlueMatt marked this conversation as resolved.
Show resolved Hide resolved
let last_update_message = if msg.excess_data.len() <= MAX_EXCESS_BYTES_FOR_RELAY
{ full_msg.cloned() } else { None };

let updated_channel_update_info = ChannelUpdateInfo {
enabled: chan_enabled,
last_update: msg.timestamp,
cltv_expiry_delta: msg.cltv_expiry_delta,
htlc_minimum_msat: msg.htlc_minimum_msat,
htlc_maximum_msat: msg.htlc_maximum_msat,
fees: RoutingFees {
base_msat: msg.fee_base_msat,
proportional_millionths: msg.fee_proportional_millionths,
},
last_update_message
};
Some(updated_channel_update_info)
};

if msg.channel_flags & 1 == 1 {
channel.two_to_one = get_new_channel_info();
} else {
channel.one_to_two = get_new_channel_info();
}
}

Expand Down
Loading