add ability to intercept htlcs

Author: johncantrell97

lightning/src/ln/channelmanager.rs

@@ -188,6 +188,24 @@ struct ClaimableHTLC {
 	total_msat: u64,
 }
 
+/// An identifier used to uniquely identify an intercepted htlc to LDK.
+/// (C-not exported) as we just use [u8; 32] directly
+#[derive(Hash, Copy, Clone, PartialEq, Eq, Debug)]
+pub struct InterceptId(pub [u8; 32]);
+
+impl Writeable for InterceptId {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.0.write(w)
+	}
+}
+
+impl Readable for InterceptId {
+	fn read<R: Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let buf: [u8; 32] = Readable::read(r)?;
+		Ok(InterceptId(buf))
+	}
+}
+
 /// A payment identifier used to uniquely identify a payment to LDK.
 /// (C-not exported) as we just use [u8; 32] directly
 #[derive(Hash, Copy, Clone, PartialEq, Eq, Debug)]
@@ -722,6 +740,10 @@ pub struct ChannelManager<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref,
 	/// Locked *after* channel_state.
 	pending_outbound_payments: Mutex<HashMap<PaymentId, PendingOutboundPayment>>,
 
+	/// Storage for HTLCForwardInfo's that have been intercepted and bubbled up to the user.
+	/// We hold them here until the user tells us what we should to with them.
+	pending_intercepted_payments: Mutex<HashMap<InterceptId, HTLCForwardInfo>>,
+
 	/// The set of outbound SCID aliases across all our channels, including unconfirmed channels
 	/// and some closed channels which reached a usable state prior to being closed. This is used
 	/// only to avoid duplicates, and is not persisted explicitly to disk, but rebuilt from the
@@ -1586,6 +1608,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 			outbound_scid_aliases: Mutex::new(HashSet::new()),
 			pending_inbound_payments: Mutex::new(HashMap::new()),
 			pending_outbound_payments: Mutex::new(HashMap::new()),
+			pending_intercepted_payments: Mutex::new(HashMap::new()),
 
 			our_network_key: keys_manager.get_node_secret(Recipient::Node).unwrap(),
 			our_network_pubkey: PublicKey::from_secret_key(&secp_ctx, &keys_manager.get_node_secret(Recipient::Node).unwrap()),
@@ -3055,6 +3078,59 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 		Ok(())
 	}
 
+	/// Fails the intercepted payment indicated by intercept_id.  This should really only be called in response
+	/// to a PaymentIntercepted event
+	pub fn fail_intercepted_payment(&self, intercept_id: InterceptId) {
+		let pending_intercept = {
+			let mut pending_intercepts = self.pending_intercepted_payments.lock().unwrap();
+			pending_intercepts.remove(&intercept_id)
+		};
+
+		if let Some(_payment) = pending_intercept {
+			// TODO: what's best way to fail this? in `process_pending_htlc_forwards` it uses that `fail_forward` macro
+			//			 awkward way could be to just use the forward_intercepted_payment code and pick a random scid
+		}
+	}
+
+	/// Attempts to forward an intercepted payment over the provided scid and with the provided amt_to_forward.
+	/// Should only really be called in response to a PaymentIntercepted event
+	pub fn forward_intercepted_payment(&self, intercept_id: InterceptId, scid: u64, amt_to_forward: u64) -> Result<(), APIError> {
+		let pending_intercept = {
+			let mut pending_intercepts = self.pending_intercepted_payments.lock().unwrap();
+			pending_intercepts.remove(&intercept_id)
+		};
+
+		match pending_intercept {
+			None => Err(APIError::APIMisuseError { err: "Payment with that InterceptId not found".to_string() }),
+			Some(payment) => {
+				match payment {
+					HTLCForwardInfo::AddHTLC { prev_short_channel_id, prev_htlc_id, forward_info, prev_funding_outpoint } => {
+
+						let routing = match forward_info.routing {
+								PendingHTLCRouting::Forward { onion_packet, .. } => {
+									PendingHTLCRouting::Forward { onion_packet, short_channel_id: scid }
+								},
+								_ => forward_info.routing
+							};
+
+							let pending_htlc_info = PendingHTLCInfo {
+								amt_to_forward,
+								routing,
+								..forward_info
+							};
+
+							let mut per_source_pending_forward = vec![(prev_short_channel_id, prev_funding_outpoint, vec![(pending_htlc_info, prev_htlc_id)])];
+
+							self.forward_htlcs(&mut per_source_pending_forward);
+
+							Ok(())
+					},
+					_ => Err(APIError::APIMisuseError { err: "impossible".to_string() })
+				}
+			}
+		}
+	}
+
 	/// Processes HTLCs which are pending waiting on random forward delay.
 	///
 	/// Should only really ever be called in response to a PendingHTLCsForwardable event.
@@ -3078,7 +3154,7 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 							for forward_info in pending_forwards.drain(..) {
 								match forward_info {
 									HTLCForwardInfo::AddHTLC { prev_short_channel_id, prev_htlc_id, forward_info: PendingHTLCInfo {
-										routing, incoming_shared_secret, payment_hash, amt_to_forward, outgoing_cltv_value },
+										ref routing, incoming_shared_secret, payment_hash, amt_to_forward, outgoing_cltv_value },
 										prev_funding_outpoint } => {
 											macro_rules! fail_forward {
 												($msg: expr, $err_code: expr, $err_data: expr, $phantom_ss: expr) => {
@@ -3125,6 +3201,24 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 														},
 														_ => panic!(),
 													}
+												} else if fake_scid::is_valid_intercept(&self.fake_scid_rand_bytes, short_chan_id) {
+													let intercept_id = InterceptId(Sha256::hash(&incoming_shared_secret).into_inner());
+													let mut pending_intercepts = self.pending_intercepted_payments.lock().unwrap();
+													match pending_intercepts.entry(intercept_id) {
+														hash_map::Entry::Vacant(entry) => {
+															entry.insert(forward_info);
+															new_events.push(events::Event::PaymentIntercepted {
+																short_channel_id: short_chan_id,
+																payment_hash,
+																inbound_amount_msats: 0,
+																expected_outbound_amount_msats: amt_to_forward,
+																intercept_id
+															});
+														},
+														hash_map::Entry::Occupied(_) => {
+															fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new(), None);
+														}
+													}
 												} else {
 													fail_forward!(format!("Unknown short channel id {} for forward HTLC", short_chan_id), 0x4000 | 10, Vec::new(), None);
 												}
@@ -5494,6 +5588,21 @@ impl<Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref> ChannelMana
 		inbound_payment::get_payment_preimage(payment_hash, payment_secret, &self.inbound_payment_key)
 	}
 
+	/// Gets a fake short channel id for use in receiving [intercepted payments]. These fake scids
+	/// are used when constructing the route hints for payments intended to be intercepted.
+	pub fn get_intercept_scid(&self) -> u64 {
+		let mut channel_state = self.channel_state.lock().unwrap();
+		let best_block = self.best_block.read().unwrap();
+		loop {
+			let scid_candidate = fake_scid::Namespace::Intercept.get_fake_scid(best_block.height(), &self.genesis_hash, &self.fake_scid_rand_bytes, &self.keys_manager);
+			// Ensure the generated scid doesn't conflict with a real channel.
+			match channel_state.short_to_id.entry(scid_candidate) {
+				hash_map::Entry::Occupied(_) => continue,
+				hash_map::Entry::Vacant(_) => return scid_candidate
+			}
+		}
+	}
+
 	/// Gets a fake short channel id for use in receiving [phantom node payments]. These fake scids
 	/// are used when constructing the phantom invoice's route hints.
 	///
@@ -7209,6 +7318,7 @@ impl<'a, Signer: Sign, M: Deref, T: Deref, K: Deref, F: Deref, L: Deref>
 			inbound_payment_key: expanded_inbound_key,
 			pending_inbound_payments: Mutex::new(pending_inbound_payments),
 			pending_outbound_payments: Mutex::new(pending_outbound_payments.unwrap()),
+			pending_intercepted_payments: Mutex::new(HashMap::new()),
 
 			outbound_scid_aliases: Mutex::new(outbound_scid_aliases),
 			fake_scid_rand_bytes: fake_scid_rand_bytes.unwrap(),

lightning/src/util/events.rs

@@ -36,6 +36,8 @@ use core::time::Duration;
 use core::ops::Deref;
 use sync::Arc;
 
+use crate::ln::channelmanager::InterceptId;
+
 /// Some information provided on receipt of payment depends on whether the payment received is a
 /// spontaneous payment or a "conventional" lightning payment that's paying an invoice.
 #[derive(Clone, Debug)]
@@ -425,6 +427,26 @@ pub enum Event {
 		/// now + 5*time_forwardable).
 		time_forwardable: Duration,
 	},
+	/// Used to indicate that the short_channel_id a payment was intended to be routed over signaled
+	/// for interception.  If this payment is to be rerouted you must call [`ChannelManager::forward_intercepted_payment`] with
+	/// the new short_channel_id and payment amount.  If this payment should be failed you must call
+	/// [`ChannelManager::fail_intercepted_payment`].
+	///
+	/// [`ChannelManager::forward_intercepted_payment`]: crate::ln::channelmanager::ChannelManager::forward_intercepted_payment
+	/// [`ChannelManager::fail_intercepted_payment`]: crate::ln::channelmanager::ChannelManager::fail_intercepted_payment
+	PaymentIntercepted {
+		/// The scid that indicated this payment should be intercepted
+		short_channel_id: u64,
+		/// The payment hash used for this payment
+		payment_hash: PaymentHash,
+		/// How many msats are to be received on the inbound edge of this payment
+		inbound_amount_msats: u64,
+		/// How many msats the payer intended to route to the next node. Depending on the reason you are
+		/// intercepting this payment, you might take a fee by forwarding less than this amount
+		expected_outbound_amount_msats: u64,
+		/// A id to help LDK identify which payment is being forwarded or failed
+		intercept_id: InterceptId
+	},
 	/// Used to indicate that an output which you should know how to spend was confirmed on chain
 	/// and is now spendable.
 	/// Such an output will *not* ever be spent by rust-lightning, and are not at risk of your
@@ -684,6 +706,16 @@ impl Writeable for Event {
 					(6, short_channel_id, option),
 				})
 			},
+			&Event::PaymentIntercepted { short_channel_id, payment_hash, inbound_amount_msats, expected_outbound_amount_msats, intercept_id } => {
+				25u8.write(writer)?;
+				write_tlv_fields!(writer, {
+					(0, short_channel_id, required),
+					(2, payment_hash, required),
+					(4, inbound_amount_msats, required),
+					(6, expected_outbound_amount_msats, required),
+					(8, intercept_id, required)
+				});
+			}
 			// Note that, going forward, all new events must only write data inside of
 			// `write_tlv_fields`. Versions 0.0.101+ will ignore odd-numbered events that write
 			// data via `write_tlv_fields`.
@@ -942,6 +974,30 @@ impl MaybeReadable for Event {
 				};
 				f()
 			},
+			25u8 => {
+				let f = || {
+					let mut payment_hash = PaymentHash([0; 32]);
+					let mut intercept_id = InterceptId([0; 32]);
+					let mut short_channel_id = 0;
+					let mut inbound_amount_msats = 0;
+					let mut expected_outbound_amount_msats = 0;
+					read_tlv_fields!(reader, {
+						(0, short_channel_id, required),
+						(2, payment_hash, required),
+						(4, inbound_amount_msats, required),
+						(6, expected_outbound_amount_msats, required),
+						(8, intercept_id, required)
+					});
+					Ok(Some(Event::PaymentIntercepted {
+						payment_hash,
+						short_channel_id,
+						inbound_amount_msats,
+						expected_outbound_amount_msats,
+						intercept_id,
+					}))
+				};
+				f()
+			},
 			// Versions prior to 0.0.100 did not ignore odd types, instead returning InvalidValue.
 			// Version 0.0.100 failed to properly ignore odd types, possibly resulting in corrupt
 			// reads.

lightning/src/util/scid_utils.rs

@@ -63,6 +63,7 @@ pub fn scid_from_parts(block: u64, tx_index: u64, vout_index: u64) -> Result<u64
 /// LDK has multiple reasons to generate fake short channel ids:
 /// 1) outbound SCID aliases we use for private channels
 /// 2) phantom node payments, to get an scid for the phantom node's phantom channel
+/// 3) payments intendend to be intercepted will route using a fake scid
 pub(crate) mod fake_scid {
 	use bitcoin::hash_types::BlockHash;
 	use bitcoin::hashes::hex::FromHex;
@@ -91,6 +92,7 @@ pub(crate) mod fake_scid {
 	pub(crate) enum Namespace {
 		Phantom,
 		OutboundAlias,
+		Intercept
 	}
 
 	impl Namespace {
@@ -150,7 +152,7 @@ pub(crate) mod fake_scid {
 		}
 	}
 
-	/// Returns whether the given fake scid falls into the given namespace.
+	/// Returns whether the given fake scid falls into the phantom namespace.
 	pub fn is_valid_phantom(fake_scid_rand_bytes: &[u8; 32], scid: u64) -> bool {
 		let block_height = scid_utils::block_from_scid(&scid);
 		let tx_index = scid_utils::tx_index_from_scid(&scid);
@@ -159,6 +161,17 @@ pub(crate) mod fake_scid {
 		valid_vout == scid_utils::vout_from_scid(&scid) as u8
 	}
 
+	/// Returns whether the given fake scid falls into the intercept namespace.
+	pub fn is_valid_intercept(fake_scid_rand_bytes: &[u8; 32], scid: u64) -> bool {
+		let block_height = scid_utils::block_from_scid(&scid);
+		let tx_index = scid_utils::tx_index_from_scid(&scid);
+		let namespace = Namespace::Intercept;
+		let valid_vout = namespace.get_encrypted_vout(block_height, tx_index, fake_scid_rand_bytes);
+		valid_vout == scid_utils::vout_from_scid(&scid) as u8
+	}
+
+
+
 	#[cfg(test)]
 	mod tests {
 		use bitcoin::blockdata::constants::genesis_block;
@@ -168,6 +181,8 @@ pub(crate) mod fake_scid {
 		use util::test_utils;
 		use sync::Arc;
 
+use crate::util::scid_utils::fake_scid::is_valid_intercept;
+
 		#[test]
 		fn namespace_identifier_is_within_range() {
 			let phantom_namespace = Namespace::Phantom;
@@ -201,6 +216,17 @@ pub(crate) mod fake_scid {
 			assert!(!is_valid_phantom(&fake_scid_rand_bytes, invalid_fake_scid));
 		}
 
+		#[test]
+		fn test_is_valid_intercept() {
+			let namespace = Namespace::Intercept;
+			let fake_scid_rand_bytes = [0; 32];
+			let valid_encrypted_vout = namespace.get_encrypted_vout(0, 0, &fake_scid_rand_bytes);
+			let valid_fake_scid = scid_utils::scid_from_parts(0, 0, valid_encrypted_vout as u64).unwrap();
+			assert!(is_valid_intercept(&fake_scid_rand_bytes, valid_fake_scid));
+			let invalid_fake_scid = scid_utils::scid_from_parts(0, 0, 12).unwrap();
+			assert!(!is_valid_intercept(&fake_scid_rand_bytes, invalid_fake_scid));
+		}
+
 		#[test]
 		fn test_get_fake_scid() {
 			let mainnet_genesis = genesis_block(Network::Bitcoin).header.block_hash();