lnwire+netann: update structure of g175 messages to be pure TLV #9175
Conversation
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
3 times, most recently
from
4160fd5
to
5d3c965
Compare
|
Ok i've also now updated this PR to include validating the signature of a |
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
from
5d3c965
to
6f0ce3b
Compare
lnwire/pure_tlv.go
Outdated
| const ( | ||
| pureTLVUnsignedRangeOneStart = 160 | ||
| pureTLVSignedSecondRangeStart = 1000000000 | ||
| pureTLVUnsignedRangeTwoStart = 3000000000 |
There was a problem hiding this comment.
How did we arrive at these values?
There was a problem hiding this comment.
Also I think we should try to capture this in the spec, independent of G 1.75.
There was a problem hiding this comment.
How did we arrive at these values?
Stole from Bolt12
There was a problem hiding this comment.
Also I think we should try to capture this in the spec, independent of G 1.75.
Agreed - however it is currently in bolt12. I'll update the G157 spec PR so that it moves the definition to a more "shared" location (like BOLT 1)
|
|
||
| // SerialiseFieldsToSign serialises all the records from the given | ||
| // PureTLVMessage that fall within the signed TLV range. | ||
| func SerialiseFieldsToSign(msg PureTLVMessage) ([]byte, error) { |
There was a problem hiding this comment.
We might want to adopt a similar structure for the signed portion of the dyn commit messages @ProofOfKeags. Basically we copied over from the way BOLT 12 works, and we can use the TLV type values, then let this handle how serialization works (does require a message to be pure TLV).
lnwire/pure_tlv_test.go
Outdated
| // Any extra fields in the signed range that we do not yet know about, | ||
| // but we need to keep them for signature validation and to produce a | ||
| // valid message. | ||
| ExtraFieldsInSignedRange map[uint64][]byte |
There was a problem hiding this comment.
Should something like this be split out into an embeddable struct?
There was a problem hiding this comment.
updated to be an embedded struct - let me know if this is what you had in mind
lnwire/announcement_signatures_2.go
Outdated
| // Any extra fields in the signed range that we do not yet know about, | ||
| // but we need to keep them for signature validation and to produce a | ||
| // valid message. | ||
| ExtraFieldsInSignedRange map[uint64][]byte |
There was a problem hiding this comment.
Also why can't we just continue to store it in the serialized form?
There was a problem hiding this comment.
Feels like unnecessary duplication? All the fields we know of, we explicitly handle above. Then this only contains all the other fields in the unsigned range that we need to keep. Just feels more structured to me. This pure tlv structure with unsigned and signed ranges feels fundamentally different to me than the previous usage of TLV which is purely tacked on the the end of a message and we always needed to keep the whole thing since the signature covers everything.
Happy to discuss further!
| // AuthenticatedGossiper. Any announcements that don't match this | ||
| // chain hash will be ignored. This is an internal config value obtained | ||
| // from ChainParams. | ||
| chainHash *chainhash.Hash |
There was a problem hiding this comment.
Why do we need it here if we have ChainParams?
There was a problem hiding this comment.
just had it there as a helper so that we dont need to do cfg.ChainParams.GenesisHash everytime.... but happy to remove
| ChainHash chainhash.Hash | ||
| // ChainParams holds the chain parameters for the active network this | ||
| // node is participating on. | ||
| ChainParams *chaincfg.Params |
There was a problem hiding this comment.
I think this can be a normal value rather than a pointer.
There was a problem hiding this comment.
wont it copy over struct values then though?
| []byte, error) { | ||
| txscript.ScriptClass, btcutil.Address, error) { | ||
|
|
||
| pkScript, err := lnwallet.FetchPKScriptWithQuit( |
There was a problem hiding this comment.
What about the merkle proof case?
There was a problem hiding this comment.
that wont be supported from the get go. That will be a separate feature bit
| @@ -108,7 +110,8 @@ func CreateChanAnnouncement(chanProof *models.ChannelAuthProof, | |||
|
|
|||
| // FetchPkScript defines a function that can be used to fetch the output script | |||
| // for the transaction with the given SCID. | |||
| type FetchPkScript func(*lnwire.ShortChannelID) ([]byte, error) | |||
| type FetchPkScript func(*lnwire.ShortChannelID) (txscript.ScriptClass, | |||
There was a problem hiding this comment.
Does the arg here need to be a pointer?
There was a problem hiding this comment.
else it is pass by value right?
|
@ellemouton, remember to re-request review from reviewers when ready |
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
from
6f0ce3b
to
5e509ab
Compare
|
Important Review skippedAuto reviews are limited to specific labels. 🏷️ Labels to auto review (1)
Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
from
5e509ab
to
f9b6397
Compare
PureTLVMessage describes an LN message that is a pure TLV stream. If the message includes a signature, it will sign all the TLV records in the inclusive ranges: 0 to 159 and 1000000000 to 2999999999. A comprehensive test is added that shows how two versions of the same message remain forward compatible.
So that we can use it as a TLV record type.
Such that all fields are now TLV (including the signature).
such that all fields are now TLV including the signature.
This commit expands the ChannelAnnouncement2 validation for the case where it is announcing a P2WSH channel.
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
from
f9b6397
to
72d8784
Compare
ellemouton
force-pushed
the
g175UpdateMessageStructure
branch
from
72d8784
to
53bdf65
Compare
Update the structure of all gossip 1.75 messages to be purely TLV.
With this update, the signature is also a TLV record. There is a un-signed
and signed range of TLVs. The signature along with things like SPV proofs
will fall in the un-signed range.
I've used the same un-signed range used by Bolt12 messages.
This PR introduces a new
PureTLVMessageinterface for messages like thisand adds a comprehensive test to ensure that old clients (who are aware of
fewer fields of a message than new clients) and new clients still generate the
same correct digest of a message regardless of if they are aware of all the
records or not.
Bonus Commit
Ok i've also now updated this PR to include validating the signature of a
ChannelAnnouncement2 message for the case where it is announcing a P2WSH channel.