Introduce ReceiveAuthKey verification for Blinded Payment Paths #4126

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

shaavan wants to merge 2 commits into lightningdevkit:main from shaavan:aad-payment

Member

shaavan commented Sep 25, 2025

Building on the goals set forth in #3917, this PR introduces ReceiveAuthKey-based verification for Blinded Payment Paths.

Key Outcomes

Uniform verification mechanism: Both payment and message blinded paths now share the same authentication logic.
Smaller payloads: The final ReceiveTlvs are noticeably reduced in size, making blinded paths lighter.

Follow-Up Preparation

This PR also lays the groundwork for introducing dummy payment hops in a follow-up PR.
By minimizing per-hop authentication data, we keep dummy hops compact — preserving overall path size and ensuring that forward and dummy TLVs are padded to the same length, improving hop indistinguishability and privacy.

ldk-reviews-bot commented Sep 25, 2025 •

edited

Loading

I've assigned @jkczyz as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

shaavan force-pushed the aad-payment branch from 69c57f9 to 359267e Compare

September 25, 2025 11:58

ldk-reviews-bot requested a review from jkczyz

September 25, 2025 12:02

shaavan force-pushed the aad-payment branch from 359267e to 13c4041 Compare

September 25, 2025 12:07

codecov bot commented Sep 25, 2025 •

edited

Loading

Codecov Report

❌ Patch coverage is 86.89655% with 19 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.63%. Comparing base (9514637) to head (a93113c).
⚠️ Report is 47 commits behind head on main.

Files with missing lines	Patch %	Lines
lightning/src/ln/onion_payment.rs	65.21%	6 Missing and 2 partials ⚠️
lightning/src/blinded_path/payment.rs	70.83%	3 Missing and 4 partials ⚠️
lightning/src/routing/router.rs	70.00%	3 Missing ⚠️
lightning/src/ln/msgs.rs	94.11%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4126      +/-   ##
==========================================
+ Coverage   88.57%   88.63%   +0.06%     
==========================================
  Files         179      180       +1     
  Lines      134374   135169     +795     
  Branches   134374   135169     +795     
==========================================
+ Hits       119016   119808     +792     
+ Misses      12604    12597       -7     
- Partials     2754     2764      +10

Flag	Coverage Δ
fuzzing	`21.77% <3.03%> (-0.04%)`	⬇️
tests	`88.47% <86.89%> (+0.06%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

ldk-reviews-bot commented Sep 27, 2025

🔔 1st Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

ldk-reviews-bot commented Sep 29, 2025

🔔 2nd Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

ldk-reviews-bot commented Oct 1, 2025

🔔 3rd Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

ldk-reviews-bot commented Oct 4, 2025

🔔 4th Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

ldk-reviews-bot commented Oct 6, 2025

🔔 5th Reminder

Hey @jkczyz! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

shaavan added 2 commits

October 6, 2025 23:41


          Introduce ReceiveAuthKey-based verification in Blinded Payment Paths

b924252

Extends the work started in
[PR#3917](lightningdevkit#3917)
by adding ReceiveAuthKey-based verification for Blinded Payment Paths.

This reduces space previously taken by individual ReceiveTlvs and
aligns the verification logic with that used for Blinded Message Paths.


          Cleanup: Remove redundant (hmac, nonce) from codebase

a93113c

Now that we have introduced an alternate mechanism for authentication
in the codebase, we can safely remove the now redundant (hmac, nonce)
fields from the Payment ReceiveTlvs's while maintaining the security
of the onion messages.

shaavan force-pushed the aad-payment branch from 13c4041 to a93113c Compare

October 6, 2025 18:13

Member Author

shaavan commented Oct 6, 2025

Updated from pr4126.01 to pr4126.02 (diff):

Changes:

Various cleanups
Expanded Documentation
Restructured the fails_receive_tlvs_authentication test so that it can properly test the new ReceiveAuthKey based authentication

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet