diff --git a/Makefile b/Makefile index 76be2f2ff..fe095fe38 100644 --- a/Makefile +++ b/Makefile @@ -26,7 +26,7 @@ CCANDIR := ccan # Where we keep the BOLT RFCs BOLTDIR := ../bolts/ -DEFAULT_BOLTVERSION := 6a51861d93ad617438fe24195768e2742d7708ac +DEFAULT_BOLTVERSION := 6c0f0d878f52ee189be9649b06a0dd86e52a517a # Can be overridden on cmdline. BOLTVERSION := $(DEFAULT_BOLTVERSION) diff --git a/channeld/channeld.c b/channeld/channeld.c index b10c06a58..91147853f 100644 --- a/channeld/channeld.c +++ b/channeld/channeld.c @@ -622,7 +622,7 @@ static void handle_peer_add_htlc(struct peer *peer, const u8 *msg) } add_err = channel_add_htlc(peer->channel, REMOTE, id, amount, cltv_expiry, &payment_hash, - onion_routing_packet, tlvs->blinding_point, &htlc, NULL, + onion_routing_packet, tlvs->blinded_path, &htlc, NULL, /* We don't immediately fail incoming htlcs, * instead we wait and fail them after * they've been committed */ @@ -4412,8 +4412,8 @@ static void resend_commitment(struct peer *peer, struct changed_htlc *last) struct tlv_update_add_htlc_tlvs *tlvs; if (h->blinding) { tlvs = tlv_update_add_htlc_tlvs_new(tmpctx); - tlvs->blinding_point = tal_dup(tlvs, struct pubkey, - h->blinding); + tlvs->blinded_path = tal_dup(tlvs, struct pubkey, + h->blinding); } else tlvs = NULL; msg = towire_update_add_htlc(NULL, &peer->channel_id, @@ -5360,7 +5360,7 @@ static void handle_offer_htlc(struct peer *peer, const u8 *inmsg) if (blinding) { tlvs = tlv_update_add_htlc_tlvs_new(tmpctx); - tlvs->blinding_point = tal_dup(tlvs, struct pubkey, blinding); + tlvs->blinded_path = tal_dup(tlvs, struct pubkey, blinding); } else tlvs = NULL; diff --git a/common/blindedpath.c b/common/blindedpath.c index 19c836d02..87ed776da 100644 --- a/common/blindedpath.c +++ b/common/blindedpath.c @@ -14,13 +14,13 @@ #endif /* Blinds node_id and calculates next blinding factor. */ -static bool blind_node(const struct privkey *blinding, +static bool blind_node(const struct privkey *path_privkey, const struct secret *ss, const struct pubkey *node, struct pubkey *node_alias, - struct privkey *next_blinding) + struct privkey *next_path_privkey) { - struct pubkey blinding_pubkey; + struct pubkey path_pubkey; struct sha256 h; if (!blindedpath_get_alias(ss, node, node_alias)) @@ -30,32 +30,32 @@ static bool blind_node(const struct privkey *blinding, /* BOLT #4: * - $`E_{i+1} = SHA256(E_i || ss_i) * E_i`$ - * (NB: $`N_i`$ MUST NOT learn $`e_i`$) + * (`path_key`. NB: $`N_i`$ MUST NOT learn $`e_i`$) */ - if (!pubkey_from_privkey(blinding, &blinding_pubkey)) + if (!pubkey_from_privkey(path_privkey, &path_pubkey)) return false; SUPERVERBOSE("\t\"E\": \"%s\",\n", - fmt_pubkey(tmpctx, &blinding_pubkey)); + fmt_pubkey(tmpctx, &path_pubkey)); /* BOLT #4: * - $`e_{i+1} = SHA256(E_i || ss_i) * e_i`$ - * (blinding ephemeral private key, only known by $`N_r`$) + * (ephemeral private path key, only known by $`N_r`$) */ - blinding_hash_e_and_ss(&blinding_pubkey, ss, &h); + blinding_hash_e_and_ss(&path_pubkey, ss, &h); SUPERVERBOSE("\t\"H(E || ss)\": \"%s\",\n", fmt_sha256(tmpctx, &h)); - blinding_next_privkey(blinding, &h, next_blinding); + blinding_next_path_privkey(path_privkey, &h, next_path_privkey); SUPERVERBOSE("\t\"next_e\": \"%s\",\n", - fmt_privkey(tmpctx, next_blinding)); + fmt_privkey(tmpctx, next_path_privkey)); return true; } static u8 *enctlv_from_encmsg_raw(const tal_t *ctx, - const struct privkey *blinding, + const struct privkey *path_privkey, const struct pubkey *node, const u8 *raw_encmsg TAKES, - struct privkey *next_blinding, + struct privkey *next_path_privkey, struct pubkey *node_alias) { struct secret ss, rho; @@ -65,25 +65,25 @@ static u8 *enctlv_from_encmsg_raw(const tal_t *ctx, static const unsigned char npub[crypto_aead_chacha20poly1305_ietf_NPUBBYTES]; /* BOLT #4: - * - $`ss_i = SHA256(e_i * N_i) = SHA256(k_i * E_i)$` + * - $`ss_i = SHA256(e_i * N_i) = SHA256(k_i * E_i)`$ * (ECDH shared secret known only by $`N_r`$ and $`N_i`$) */ if (secp256k1_ecdh(secp256k1_ctx, ss.data, - &node->pubkey, blinding->secret.data, + &node->pubkey, path_privkey->secret.data, NULL, NULL) != 1) return NULL; SUPERVERBOSE("\t\"ss\": \"%s\",\n", fmt_secret(tmpctx, &ss)); - /* This calculates the node's alias, and next blinding */ - if (!blind_node(blinding, &ss, node, node_alias, next_blinding)) + /* This calculates the node's alias, and next path_key */ + if (!blind_node(path_privkey, &ss, node, node_alias, next_path_privkey)) return NULL; ret = tal_dup_talarr(ctx, u8, raw_encmsg); /* BOLT #4: * - $`rho_i = HMAC256(\text{"rho"}, ss_i)`$ - * (key used to encrypt the payload for $`N_i`$ by $`N_r`$) + * (key used to encrypt `encrypted_recipient_data` for $`N_i`$ by $`N_r`$) */ subkey_from_hmac("rho", &ss, &rho); SUPERVERBOSE("\t\"rho\": \"%s\",\n", @@ -91,7 +91,7 @@ static u8 *enctlv_from_encmsg_raw(const tal_t *ctx, /* BOLT #4: * - MUST encrypt each `encrypted_data_tlv[i]` with ChaCha20-Poly1305 using - * the corresponding `rho_i` key and an all-zero nonce to produce + * the corresponding $`rho_i`$ key and an all-zero nonce to produce * `encrypted_recipient_data[i]` */ /* Encrypt in place */ @@ -109,24 +109,24 @@ static u8 *enctlv_from_encmsg_raw(const tal_t *ctx, } u8 *encrypt_tlv_encrypted_data(const tal_t *ctx, - const struct privkey *blinding, + const struct privkey *path_privkey, const struct pubkey *node, - const struct tlv_encrypted_data_tlv *encmsg, - struct privkey *next_blinding, + const struct tlv_encrypted_data_tlv *tlv, + struct privkey *next_path_privkey, struct pubkey *node_alias) { struct privkey unused; - u8 *encmsg_raw = tal_arr(NULL, u8, 0); - towire_tlv_encrypted_data_tlv(&encmsg_raw, encmsg); + u8 *tlv_wire = tal_arr(NULL, u8, 0); + towire_tlv_encrypted_data_tlv(&tlv_wire, tlv); - /* last hop doesn't care about next_blinding */ - if (!next_blinding) - next_blinding = &unused; - return enctlv_from_encmsg_raw(ctx, blinding, node, take(encmsg_raw), - next_blinding, node_alias); + /* last hop doesn't care about next path_key */ + if (!next_path_privkey) + next_path_privkey = &unused; + return enctlv_from_encmsg_raw(ctx, path_privkey, node, take(tlv_wire), + next_path_privkey, node_alias); } -bool unblind_onion(const struct pubkey *blinding, +bool unblind_onion(const struct pubkey *path_key, void (*ecdh)(const struct pubkey *point, struct secret *ss), struct pubkey *onion_key, struct secret *ss) @@ -140,7 +140,7 @@ bool unblind_onion(const struct pubkey *blinding, * - $`ss_i = SHA256(k_i * E_i)`$ (standard ECDH) * - $`b_i = HMAC256(\text{"blinded\_node\_id"}, ss_i) * k_i`$ */ - ecdh(blinding, ss); + ecdh(path_key, ss); subkey_from_hmac("blinded_node_id", ss, &hmac); /* We instead tweak the *ephemeral* key from the onion and use @@ -149,7 +149,7 @@ bool unblind_onion(const struct pubkey *blinding, /* BOLT #4: * - MUST use $`b_i`$ instead of its private key $`k_i`$ to decrypt the onion. Note * that the node may instead tweak the onion ephemeral key with - * $`HMAC256(\text{"blinded\_node\_id}", ss_i)`$ which achieves the same result. + * $`HMAC256(\text{"blinded\_node\_id"}, ss_i)`$ which achieves the same result. */ return secp256k1_ec_pubkey_tweak_mul(secp256k1_ctx, &onion_key->pubkey, @@ -157,7 +157,6 @@ bool unblind_onion(const struct pubkey *blinding, } u8 *decrypt_encmsg_raw(const tal_t *ctx, - const struct pubkey *blinding, const struct secret *ss, const u8 *enctlv) { @@ -197,17 +196,16 @@ u8 *decrypt_encmsg_raw(const tal_t *ctx, } struct tlv_encrypted_data_tlv *decrypt_encrypted_data(const tal_t *ctx, - const struct pubkey *blinding, const struct secret *ss, const u8 *enctlv) { - const u8 *cursor = decrypt_encmsg_raw(tmpctx, blinding, ss, enctlv); + const u8 *cursor = decrypt_encmsg_raw(tmpctx, ss, enctlv); size_t maxlen = tal_bytelen(cursor); /* BOLT #4: * * - MUST return an error if `encrypted_recipient_data` does not decrypt - * using the blinding point as described in + * using the `path_key` as described in * [Route Blinding](#route-blinding). */ /* Note: our parser consider nothing is a valid TLV, but decrypt_encmsg_raw @@ -237,27 +235,27 @@ bool blindedpath_get_alias(const struct secret *ss, node_id_blinding.data) == 1; } -void blindedpath_next_blinding(const struct tlv_encrypted_data_tlv *enc, - const struct pubkey *blinding, +void blindedpath_next_path_key(const struct tlv_encrypted_data_tlv *enc, + const struct pubkey *path_key, const struct secret *ss, - struct pubkey *next_blinding) + struct pubkey *next_path_key) { /* BOLT #4: * - $`E_{i+1} = SHA256(E_i || ss_i) * E_i`$ * ... - * - If `encrypted_data` contains a `next_blinding_override`: - * - MUST use it as the next blinding point instead of $`E_{i+1}`$ + * - If `encrypted_data` contains a `next_path_key_override`: + * - MUST use it as the next `path_key` instead of $`E_{i+1}`$ * - Otherwise: - * - MUST use $`E_{i+1}`$ as the next blinding point + * - MUST use $`E_{i+1}`$ as the next `path_key` */ - if (enc->next_blinding_override) - *next_blinding = *enc->next_blinding_override; + if (enc->next_path_key_override) + *next_path_key = *enc->next_path_key_override; else { /* BOLT #4: * $`E_{i+1} = SHA256(E_i || ss_i) * E_i`$ */ struct sha256 h; - blinding_hash_e_and_ss(blinding, ss, &h); - blinding_next_pubkey(blinding, &h, next_blinding); + blinding_hash_e_and_ss(path_key, ss, &h); + blinding_next_path_key(path_key, &h, next_path_key); } } diff --git a/common/blindedpath.h b/common/blindedpath.h index 0b2330bef..b84869351 100644 --- a/common/blindedpath.h +++ b/common/blindedpath.h @@ -17,33 +17,33 @@ struct tlv_encrypted_data_tlv_payment_relay; /** * encrypt_tlv_encrypted_data - Encrypt a tlv_encrypted_data_tlv. * @ctx: tal context - * @blinding: e(i), the blinding secret + * @path_privkey: e(i), the path key * @node: the pubkey of the node to encrypt for * @tlv: the message to encrypt. - * @next_blinding: (out) e(i+1), the next blinding secret (optional) + * @next_path_privkey: (out) e(i+1), the next blinding secret (optional) * @node_alias: (out) the blinded pubkey of the node to tell the recipient. * * You create a blinding secret using randombytes_buf(), then call this * iteratively for each node in the path. */ u8 *encrypt_tlv_encrypted_data(const tal_t *ctx, - const struct privkey *blinding, + const struct privkey *path_privkey, const struct pubkey *node, const struct tlv_encrypted_data_tlv *tlv, - struct privkey *next_blinding, + struct privkey *next_path_privkey, struct pubkey *node_alias) NON_NULL_ARGS(2, 3, 4, 6); /** * unblind_onion - tweak onion epheremeral key so we can decode it with ours. - * @blinding: E(i), the blinding pubkey the previous peer gave us. + * @path_key: E(i), the blinding pubkey the previous peer gave us. * @ecdh: the ecdh routine (usually ecdh from common/ecdh_hsmd). * @onion_key: (in, out) the onionpacket->ephemeralkey to tweak. * @ss: (out) the shared secret we gained from blinding pubkey. * * The shared secret is needed to decrypt the enctlv we expect to find, too. */ -bool unblind_onion(const struct pubkey *blinding, +bool unblind_onion(const struct pubkey *path_key, void (*ecdh)(const struct pubkey *point, struct secret *ss), struct pubkey *onion_key, struct secret *ss) @@ -64,30 +64,27 @@ bool blindedpath_get_alias(const struct secret *ss, /** * decrypt_encrypted_data - Decrypt an encmsg to form an tlv_encrypted_data_tlv. * @ctx: the context to allocate off. - * @blinding: E(i), the blinding pubkey the previous peer gave us. * @ss: the blinding secret from unblind_onion(). * @enctlv: the enctlv from the onion (tal, may be NULL). * * Returns NULL if decryption failed or encmsg was malformed. */ struct tlv_encrypted_data_tlv *decrypt_encrypted_data(const tal_t *ctx, - const struct pubkey *blinding, const struct secret *ss, const u8 *enctlv) NON_NULL_ARGS(2, 3); /* Low-level accessor */ u8 *decrypt_encmsg_raw(const tal_t *ctx, - const struct pubkey *blinding, const struct secret *ss, const u8 *enctlv); /** - * blindedpath_next_blinding - Calculate or extract next blinding pubkey + * blindedpath_next_path_key - Calculate or extract next blinding pubkey */ -void blindedpath_next_blinding(const struct tlv_encrypted_data_tlv *enc, - const struct pubkey *blinding, +void blindedpath_next_path_key(const struct tlv_encrypted_data_tlv *enc, + const struct pubkey *path_key, const struct secret *ss, - struct pubkey *next_blinding); + struct pubkey *next_path_key); #endif /* LIGHTNING_COMMON_BLINDEDPATH_H */ diff --git a/common/blindedpay.c b/common/blindedpay.c index 513f7d6c1..9c3dec2e7 100644 --- a/common/blindedpay.c +++ b/common/blindedpay.c @@ -23,8 +23,8 @@ u8 **blinded_onion_hops(const tal_t *ctx, * - MUST include the `encrypted_recipient_data` provided by the * recipient * - For the first node in the blinded route: - * - MUST include the `blinding_point` provided by the - * recipient in `current_blinding_point` + * - MUST include the `path_key` provided by the + * recipient in `current_path_key` * - If it is the final node: * - MUST include `amt_to_forward`, `outgoing_cltv_value` and `total_amount_msat`. *... @@ -35,7 +35,7 @@ u8 **blinded_onion_hops(const tal_t *ctx, final ? &total_amount : NULL, final ? &final_cltv : NULL, path->path[i]->encrypted_recipient_data, - first ? &path->blinding : NULL); + first ? &path->first_path_key : NULL); } return onions; } diff --git a/common/blinding.c b/common/blinding.c index 1fbb4b09d..0b8e0d8ea 100644 --- a/common/blinding.c +++ b/common/blinding.c @@ -19,9 +19,9 @@ void blinding_hash_e_and_ss(const struct pubkey *e, } /* E(i+1) = H(E(i) || ss(i)) * E(i) */ -bool blinding_next_pubkey(const struct pubkey *pk, - const struct sha256 *h, - struct pubkey *next) +bool blinding_next_path_key(const struct pubkey *pk, + const struct sha256 *h, + struct pubkey *next) { *next = *pk; @@ -30,9 +30,9 @@ bool blinding_next_pubkey(const struct pubkey *pk, } /* e(i+1) = H(E(i) || ss(i)) * e(i) */ -bool blinding_next_privkey(const struct privkey *e, - const struct sha256 *h, - struct privkey *next) +bool blinding_next_path_privkey(const struct privkey *e, + const struct sha256 *h, + struct privkey *next) { *next = *e; return secp256k1_ec_seckey_tweak_mul(secp256k1_ctx, next->secret.data, diff --git a/common/blinding.h b/common/blinding.h index af30d0b0f..78ae22d82 100644 --- a/common/blinding.h +++ b/common/blinding.h @@ -13,13 +13,13 @@ void blinding_hash_e_and_ss(const struct pubkey *e, struct sha256 *sha); /* E(i+1) = H(E(i) || ss(i)) * E(i) */ -bool blinding_next_pubkey(const struct pubkey *pk, - const struct sha256 *h, - struct pubkey *next); +bool blinding_next_path_key(const struct pubkey *pk, + const struct sha256 *h, + struct pubkey *next); /* e(i+1) = H(E(i) || ss(i)) * e(i) */ -bool blinding_next_privkey(const struct privkey *e, - const struct sha256 *h, - struct privkey *next); +bool blinding_next_path_privkey(const struct privkey *e, + const struct sha256 *h, + struct privkey *next); #endif /* LIGHTNING_COMMON_BLINDING_H */ diff --git a/common/json_blinded_path.c b/common/json_blinded_path.c index 860845888..37a33ead4 100644 --- a/common/json_blinded_path.c +++ b/common/json_blinded_path.c @@ -22,7 +22,7 @@ json_to_blinded_path(const tal_t *ctx, const char *buffer, const jsmntok_t *tok) "first_node_id?:%," "first_scid?:%," "first_scid_dir?:%}", - JSON_SCAN(json_to_pubkey, &rpath->blinding), + JSON_SCAN(json_to_pubkey, &rpath->first_path_key), JSON_SCAN(json_to_pubkey, &first_node_id), JSON_SCAN(json_to_short_channel_id, &first_scidd.scid), JSON_SCAN(json_to_int, &first_scidd.dir), diff --git a/common/onion_decode.c b/common/onion_decode.c index 092ab6077..7155ef33a 100644 --- a/common/onion_decode.c +++ b/common/onion_decode.c @@ -14,14 +14,14 @@ *... * - If it is not the final node: * - MUST return an error if the payload contains other tlv fields than - * `encrypted_recipient_data` and `current_blinding_point`. + * `encrypted_recipient_data` and `current_path_key`. */ static bool check_nonfinal_tlv(const struct tlv_payload *tlv, u64 *failtlvtype) { for (size_t i = 0; i < tal_count(tlv->fields); i++) { switch (tlv->fields[i].numtype) { - case TLV_PAYLOAD_CURRENT_BLINDING_POINT: + case TLV_PAYLOAD_CURRENT_PATH_KEY: case TLV_PAYLOAD_ENCRYPTED_RECIPIENT_DATA: continue; } @@ -36,7 +36,7 @@ static bool check_nonfinal_tlv(const struct tlv_payload *tlv, *... * - If it is the final node: * - MUST return an error if the payload contains other tlv fields than - * `encrypted_recipient_data`, `current_blinding_point`, `amt_to_forward`, + * `encrypted_recipient_data`, `current_path_key`, `amt_to_forward`, * `outgoing_cltv_value` and `total_amount_msat`. */ static bool check_final_tlv(const struct tlv_payload *tlv, @@ -45,7 +45,7 @@ static bool check_final_tlv(const struct tlv_payload *tlv, for (size_t i = 0; i < tal_count(tlv->fields); i++) { switch (tlv->fields[i].numtype) { case TLV_PAYLOAD_ENCRYPTED_RECIPIENT_DATA: - case TLV_PAYLOAD_CURRENT_BLINDING_POINT: + case TLV_PAYLOAD_CURRENT_PATH_KEY: case TLV_PAYLOAD_AMT_TO_FORWARD: case TLV_PAYLOAD_OUTGOING_CLTV_VALUE: case TLV_PAYLOAD_TOTAL_AMOUNT_MSAT: @@ -215,37 +215,37 @@ struct onion_payload *onion_decode(const tal_t *ctx, /* BOLT #4: * - * - If `blinding_point` is set in the incoming `update_add_htlc`: - * - MUST return an error if `current_blinding_point` is present. - * - MUST use that `blinding_point` as the blinding point for decryption. + * - If `path_key` is set in the incoming `update_add_htlc`: + * - MUST return an error if `current_path_key` is present. + * - MUST use that `path_key` as `path_key` for decryption. * - Otherwise: - * - MUST return an error if `current_blinding_point` is not present. - * - MUST use that `current_blinding_point` as the blinding point for decryption. + * - MUST return an error if `current_path_key` is not present. + * - MUST use that `current_path_key` as the `path_key` for decryption. */ if (blinding) { - if (p->tlv->current_blinding_point) { - *failtlvtype = TLV_PAYLOAD_CURRENT_BLINDING_POINT; + if (p->tlv->current_path_key) { + *failtlvtype = TLV_PAYLOAD_CURRENT_PATH_KEY; goto field_bad; } p->blinding = tal_dup(p, struct pubkey, blinding); } else { - if (!p->tlv->current_blinding_point) { - *failtlvtype = TLV_PAYLOAD_CURRENT_BLINDING_POINT; + if (!p->tlv->current_path_key) { + *failtlvtype = TLV_PAYLOAD_CURRENT_PATH_KEY; goto field_bad; } p->blinding = tal_dup(p, struct pubkey, - p->tlv->current_blinding_point); + p->tlv->current_path_key); } /* BOLT #4: * The reader: *... * - MUST return an error if `encrypted_recipient_data` does - * not decrypt using the blinding point as described in + * not decrypt using the `path_key` as described in * [Route Blinding](#route-blinding). */ ecdh(p->blinding, &p->blinding_ss); - enc = decrypt_encrypted_data(tmpctx, p->blinding, &p->blinding_ss, + enc = decrypt_encrypted_data(tmpctx, &p->blinding_ss, p->tlv->encrypted_recipient_data); if (!enc) { *failtlvtype = TLV_PAYLOAD_ENCRYPTED_RECIPIENT_DATA; @@ -331,11 +331,11 @@ struct onion_payload *onion_decode(const tal_t *ctx, /* BOLT #4: * - Otherwise (it is not part of a blinded route): - * - MUST return an error if `blinding_point` is set in the - * incoming `update_add_htlc` or `current_blinding_point` + * - MUST return an error if `path_key` is set in the + * incoming `update_add_htlc` or `current_path_key` * is present. */ - if (blinding || p->tlv->current_blinding_point) { + if (blinding || p->tlv->current_path_key) { *failtlvtype = TLV_PAYLOAD_ENCRYPTED_RECIPIENT_DATA; goto field_bad; } diff --git a/common/onion_encode.c b/common/onion_encode.c index e300c0f02..ee9747189 100644 --- a/common/onion_encode.c +++ b/common/onion_encode.c @@ -120,7 +120,7 @@ u8 *onion_blinded_hop(const tal_t *ctx, } tlv->outgoing_cltv_value = cast_const(u32 *, outgoing_cltv_value); tlv->encrypted_recipient_data = cast_const(u8 *, enctlv); - tlv->current_blinding_point = cast_const(struct pubkey *, blinding); + tlv->current_path_key = cast_const(struct pubkey *, blinding); return make_tlv_hop(ctx, tlv); } diff --git a/common/onion_message.c b/common/onion_message.c index 98e5b87d8..0861a1c5a 100644 --- a/common/onion_message.c +++ b/common/onion_message.c @@ -69,7 +69,7 @@ struct blinded_path *blinded_path_from_encdata_tlvs(const tal_t *ctx, assert(tal_count(ids) > 0); randombytes_buf(&first_blinding, sizeof(first_blinding)); - if (!pubkey_from_privkey(&first_blinding, &path->blinding)) + if (!pubkey_from_privkey(&first_blinding, &path->first_path_key)) abort(); sciddir_or_pubkey_from_pubkey(&path->first_node_id, &ids[0]); @@ -191,9 +191,9 @@ struct onion_message *outgoing_onion_message(const tal_t *ctx, /* We need to tell last hop to hand blinded_path blinding for next hop */ pre_final = etlvs[tal_count(ids)-2]; - pre_final->next_blinding_override = tal_dup(pre_final, + pre_final->next_path_key_override = tal_dup(pre_final, struct pubkey, - &their_path->blinding); + &their_path->first_path_key); } our_path = blinded_path_from_encdata_tlvs(tmpctx, @@ -221,7 +221,7 @@ wrap: /* Now populate the onion message to return */ omsg = tal(ctx, struct onion_message); - omsg->first_blinding = combined_path->blinding; + omsg->first_blinding = combined_path->first_path_key; omsg->hops = onionmsg_tlvs_to_hops(omsg, combined_path, cast_const2(const struct tlv_onionmsg_tlv **, otlvs)); return omsg; diff --git a/common/onion_message_parse.c b/common/onion_message_parse.c index 71dad51e9..f3ddfcdd7 100644 --- a/common/onion_message_parse.c +++ b/common/onion_message_parse.c @@ -24,7 +24,7 @@ static bool decrypt_final_onionmsg(const tal_t *ctx, if (!blindedpath_get_alias(ss, my_id, alias)) return false; - encmsg = decrypt_encrypted_data(tmpctx, blinding, ss, enctlv); + encmsg = decrypt_encrypted_data(tmpctx, ss, enctlv); if (!encmsg) return false; @@ -37,15 +37,15 @@ static bool decrypt_final_onionmsg(const tal_t *ctx, return true; } -static bool decrypt_forwarding_onionmsg(const struct pubkey *blinding, +static bool decrypt_forwarding_onionmsg(const struct pubkey *path_key, const struct secret *ss, const u8 *enctlv, struct sciddir_or_pubkey *next_node, - struct pubkey *next_blinding) + struct pubkey *next_path_key) { struct tlv_encrypted_data_tlv *encmsg; - encmsg = decrypt_encrypted_data(tmpctx, blinding, ss, enctlv); + encmsg = decrypt_encrypted_data(tmpctx, ss, enctlv); if (!encmsg) return false; @@ -79,7 +79,7 @@ static bool decrypt_forwarding_onionmsg(const struct pubkey *blinding, } else return false; - blindedpath_next_blinding(encmsg, blinding, ss, next_blinding); + blindedpath_next_path_key(encmsg, path_key, ss, next_path_key); return true; } diff --git a/common/test/run-blindedpath_enctlv.c b/common/test/run-blindedpath_enctlv.c index af1459074..c9408cba2 100644 --- a/common/test/run-blindedpath_enctlv.c +++ b/common/test/run-blindedpath_enctlv.c @@ -95,13 +95,13 @@ static void test_ecdh(const struct pubkey *point, struct secret *ss) abort(); } -static void test_decrypt(const struct pubkey *blinding, +static void test_decrypt(const struct pubkey *path_key, const u8 *enctlv, const struct privkey *me, const struct pubkey *expected_next_node, - const struct privkey *expected_next_blinding_priv) + const struct privkey *expected_next_path_key_priv) { - struct pubkey expected_next_blinding, dummy, next_blinding; + struct pubkey expected_next_path_key, dummy, next_path_key; struct secret ss; struct tlv_encrypted_data_tlv *enc; @@ -109,17 +109,17 @@ static void test_decrypt(const struct pubkey *blinding, pubkey_from_privkey(me, &dummy); mykey = me; - assert(unblind_onion(blinding, test_ecdh, &dummy, &ss)); - enc = decrypt_encrypted_data(tmpctx, blinding, &ss, enctlv); + assert(unblind_onion(path_key, test_ecdh, &dummy, &ss)); + enc = decrypt_encrypted_data(tmpctx, &ss, enctlv); assert(enc); - pubkey_from_privkey(expected_next_blinding_priv, &expected_next_blinding); - blindedpath_next_blinding(enc, blinding, &ss, &next_blinding); - assert(pubkey_eq(&next_blinding, &expected_next_blinding)); + pubkey_from_privkey(expected_next_path_key_priv, &expected_next_path_key); + blindedpath_next_path_key(enc, path_key, &ss, &next_path_key); + assert(pubkey_eq(&next_path_key, &expected_next_path_key)); assert(pubkey_eq(enc->next_node_id, expected_next_node)); } -static void test_final_decrypt(const struct pubkey *blinding, +static void test_final_decrypt(const struct pubkey *path_key, const u8 *enctlv, const struct privkey *me, const struct pubkey *expected_alias, @@ -134,8 +134,8 @@ static void test_final_decrypt(const struct pubkey *blinding, mykey = me; pubkey_from_privkey(me, &my_pubkey); - assert(unblind_onion(blinding, test_ecdh, &dummy, &ss)); - enc = decrypt_encrypted_data(tmpctx, blinding, &ss, enctlv); + assert(unblind_onion(path_key, test_ecdh, &dummy, &ss)); + enc = decrypt_encrypted_data(tmpctx, &ss, enctlv); assert(enc); assert(blindedpath_get_alias(&ss, &my_pubkey, &alias)); @@ -146,8 +146,8 @@ static void test_final_decrypt(const struct pubkey *blinding, int main(int argc, char *argv[]) { - struct privkey alice, bob, carol, dave, blinding, override_blinding; - struct pubkey alice_id, bob_id, carol_id, dave_id, blinding_pub, override_blinding_pub, alias; + struct privkey alice, bob, carol, dave, path_key, override_path_key; + struct pubkey alice_id, bob_id, carol_id, dave_id, path_key_pub, override_path_key_pub, alias; struct secret self_id; u8 *enctlv; struct tlv_encrypted_data_tlv *tlv; @@ -163,8 +163,8 @@ int main(int argc, char *argv[]) pubkey_from_privkey(&carol, &carol_id); pubkey_from_privkey(&dave, &dave_id); - memset(&blinding, 5, sizeof(blinding)); - pubkey_from_privkey(&blinding, &blinding_pub); + memset(&path_key, 5, sizeof(path_key)); + pubkey_from_privkey(&path_key, &path_key_pub); /* We output the JSON test vectors. */ printf("[{"); @@ -173,10 +173,10 @@ int main(int argc, char *argv[]) fmt_privkey(tmpctx, &alice)); json_strfield("node_id", fmt_pubkey(tmpctx, &alice_id)); - json_strfield("blinding_secret", - fmt_privkey(tmpctx, &blinding)); - json_strfield("blinding", - fmt_pubkey(tmpctx, &blinding_pub)); + json_strfield("path_key_secret", + fmt_privkey(tmpctx, &path_key)); + json_strfield("path_key", + fmt_pubkey(tmpctx, &path_key_pub)); printf("\t\"encrypted_data_tlv\": {\n" "\t\t\"next_node_id\": \"%s\"\n" "\t},\n", @@ -184,50 +184,50 @@ int main(int argc, char *argv[]) tlv = tlv_encrypted_data_tlv_new(tmpctx); tlv->next_node_id = &bob_id; - enctlv = encrypt_tlv_encrypted_data(tmpctx, &blinding, &alice_id, tlv, - &blinding, &alias); + enctlv = encrypt_tlv_encrypted_data(tmpctx, &path_key, &alice_id, tlv, + &path_key, &alias); printf("\t\"encrypted_recipient_data_hex\": \"%s\"\n" "},\n", tal_hex(tmpctx, enctlv)); - test_decrypt(&blinding_pub, enctlv, &alice, &bob_id, &blinding); + test_decrypt(&path_key_pub, enctlv, &alice, &bob_id, &path_key); - pubkey_from_privkey(&blinding, &blinding_pub); - memset(&override_blinding, 7, sizeof(override_blinding)); - pubkey_from_privkey(&override_blinding, &override_blinding_pub); + pubkey_from_privkey(&path_key, &path_key_pub); + memset(&override_path_key, 7, sizeof(override_path_key)); + pubkey_from_privkey(&override_path_key, &override_path_key_pub); printf("{"); json_strfield("test name", - "Blinding-key-override encrypted_recipient_data for Bob, next is Carol"); + "path_key_override encrypted_recipient_data for Bob, next is Carol"); json_strfield("node_privkey", fmt_privkey(tmpctx, &bob)); json_strfield("node_id", fmt_pubkey(tmpctx, &bob_id)); - json_strfield("blinding_secret", - fmt_privkey(tmpctx, &blinding)); - json_strfield("blinding", - fmt_pubkey(tmpctx, &blinding_pub)); + json_strfield("path_key_secret", + fmt_privkey(tmpctx, &path_key)); + json_strfield("path_key", + fmt_pubkey(tmpctx, &path_key_pub)); printf("\t\"encrypted_data_tlv\": {\n" "\t\t\"next_node_id\": \"%s\",\n" - "\t\t\"blinding\": \"%s\"\n" + "\t\t\"path_key\": \"%s\"\n" "\t},\n", fmt_pubkey(tmpctx, &carol_id), - fmt_privkey(tmpctx, &override_blinding)); + fmt_privkey(tmpctx, &override_path_key)); tlv = tlv_encrypted_data_tlv_new(tmpctx); tlv->next_node_id = &carol_id; - tlv->next_blinding_override = &override_blinding_pub; - enctlv = encrypt_tlv_encrypted_data(tmpctx, &blinding, &bob_id, tlv, - &blinding, &alias); + tlv->next_path_key_override = &override_path_key_pub; + enctlv = encrypt_tlv_encrypted_data(tmpctx, &path_key, &bob_id, tlv, + &path_key, &alias); printf("\t\"encrypted_recipient_data_hex\": \"%s\"\n" "},\n", tal_hex(tmpctx, enctlv)); - test_decrypt(&blinding_pub, enctlv, &bob, &carol_id, &override_blinding); + test_decrypt(&path_key_pub, enctlv, &bob, &carol_id, &override_path_key); - /* That replaced the blinding */ - blinding = override_blinding; - blinding_pub = override_blinding_pub; + /* That replaced the path_key */ + path_key = override_path_key; + path_key_pub = override_path_key_pub; printf("{"); json_strfield("test name", "Padded encrypted_recipient_data for Carol, next is Dave"); @@ -235,10 +235,10 @@ int main(int argc, char *argv[]) fmt_privkey(tmpctx, &carol)); json_strfield("node_id", fmt_pubkey(tmpctx, &carol_id)); - json_strfield("blinding_secret", - fmt_privkey(tmpctx, &blinding)); - json_strfield("blinding", - fmt_pubkey(tmpctx, &blinding_pub)); + json_strfield("path_key_secret", + fmt_privkey(tmpctx, &path_key)); + json_strfield("path_key", + fmt_pubkey(tmpctx, &path_key_pub)); printf("\t\"encrypted_data_tlv\": {\n" "\t\t\"next_node_id\": \"%s\",\n" "\t\t\"padding\": \"%s\"\n" @@ -249,13 +249,13 @@ int main(int argc, char *argv[]) tlv = tlv_encrypted_data_tlv_new(tmpctx); tlv->padding = tal_arrz(tlv, u8, 35); tlv->next_node_id = &dave_id; - enctlv = encrypt_tlv_encrypted_data(tmpctx, &blinding, &carol_id, tlv, - &blinding, &alias); + enctlv = encrypt_tlv_encrypted_data(tmpctx, &path_key, &carol_id, tlv, + &path_key, &alias); printf("\t\"encrypted_recipient_data_hex\": \"%s\"\n" "},\n", tal_hex(tmpctx, enctlv)); - test_decrypt(&blinding_pub, enctlv, &carol, &dave_id, &blinding); + test_decrypt(&path_key_pub, enctlv, &carol, &dave_id, &path_key); for (size_t i = 0; i < sizeof(self_id); i++) self_id.data[i] = i+1; @@ -265,10 +265,10 @@ int main(int argc, char *argv[]) fmt_privkey(tmpctx, &dave)); json_strfield("node_id", fmt_pubkey(tmpctx, &dave_id)); - json_strfield("blinding_secret", - fmt_privkey(tmpctx, &blinding)); - json_strfield("blinding", - fmt_pubkey(tmpctx, &blinding_pub)); + json_strfield("path_key_secret", + fmt_privkey(tmpctx, &path_key)); + json_strfield("path_key", + fmt_pubkey(tmpctx, &path_key_pub)); printf("\t\"encrypted_data_tlv\": {\n" "\t\t\"self_id\": \"%s\"\n" "\t},\n", @@ -277,15 +277,15 @@ int main(int argc, char *argv[]) tlv = tlv_encrypted_data_tlv_new(tmpctx); tlv->path_id = tal_dup_arr(tlv, u8, self_id.data, ARRAY_SIZE(self_id.data), 0); - enctlv = encrypt_tlv_encrypted_data(tmpctx, &blinding, &dave_id, tlv, + enctlv = encrypt_tlv_encrypted_data(tmpctx, &path_key, &dave_id, tlv, NULL, &alias); printf("\t\"encrypted_recipient_data_hex\": \"%s\"\n", tal_hex(tmpctx, enctlv)); printf("}]\n"); - pubkey_from_privkey(&blinding, &blinding_pub); + pubkey_from_privkey(&path_key, &path_key_pub); - test_final_decrypt(&blinding_pub, enctlv, &dave, &alias, &self_id); + test_final_decrypt(&path_key_pub, enctlv, &dave, &alias, &self_id); common_shutdown(); } diff --git a/common/test/run-blindedpath_onion.c b/common/test/run-blindedpath_onion.c index 084e1a27e..7fa7abe59 100644 --- a/common/test/run-blindedpath_onion.c +++ b/common/test/run-blindedpath_onion.c @@ -118,11 +118,11 @@ void ecdh(const struct pubkey *point, struct secret *ss) static u8 *next_onion(const tal_t *ctx, u8 *omsg, const struct privkey *nodekey, - const struct pubkey *expected_blinding) + const struct pubkey *expected_path_key) { struct onionpacket *op; - struct pubkey blinding, ephemeral; - struct pubkey next_blinding; + struct pubkey path_key, ephemeral; + struct pubkey next_path_key; struct tlv_onionmsg_tlv *om; struct secret ss, onion_ss; const u8 *cursor; @@ -130,14 +130,14 @@ static u8 *next_onion(const tal_t *ctx, u8 *omsg, struct route_step *rs; struct tlv_encrypted_data_tlv *enc; - assert(fromwire_onion_message(tmpctx, omsg, &blinding, &omsg)); - assert(pubkey_eq(&blinding, expected_blinding)); + assert(fromwire_onion_message(tmpctx, omsg, &path_key, &omsg)); + assert(pubkey_eq(&path_key, expected_path_key)); op = parse_onionpacket(tmpctx, omsg, tal_bytelen(omsg), NULL); ephemeral = op->ephemeralkey; ecdh_key = nodekey; - assert(unblind_onion(&blinding, ecdh, &ephemeral, &ss)); + assert(unblind_onion(&path_key, ecdh, &ephemeral, &ss)); ecdh(&ephemeral, &onion_ss); rs = process_onionpacket(tmpctx, op, &onion_ss, NULL, 0); @@ -152,17 +152,17 @@ static u8 *next_onion(const tal_t *ctx, u8 *omsg, if (rs->nextcase == ONION_END) return NULL; - enc = decrypt_encrypted_data(tmpctx, &blinding, &ss, om->encrypted_recipient_data); + enc = decrypt_encrypted_data(tmpctx, &ss, om->encrypted_recipient_data); assert(enc); - blindedpath_next_blinding(enc, &blinding, &ss, &next_blinding); - return towire_onion_message(ctx, &next_blinding, + blindedpath_next_path_key(enc, &path_key, &ss, &next_path_key); + return towire_onion_message(ctx, &next_path_key, serialize_onionpacket(tmpctx, rs->next)); } int main(int argc, char *argv[]) { - struct privkey nodekey[4], blinding[4], override_blinding; - struct pubkey id[4], blinding_pub[4], override_blinding_pub, alias[4]; + struct privkey nodekey[4], path_key[4], override_path_key; + struct pubkey id[4], path_key_pub[4], override_path_key_pub, alias[4]; struct secret self_id; struct tlv_encrypted_data_tlv *tlv[4]; u8 *enctlv[4]; @@ -181,43 +181,43 @@ int main(int argc, char *argv[]) } /* Make enctlvs as per enctlv test vectors */ - memset(&blinding[ALICE], 5, sizeof(blinding[ALICE])); - pubkey_from_privkey(&blinding[ALICE], &blinding_pub[ALICE]); + memset(&path_key[ALICE], 5, sizeof(path_key[ALICE])); + pubkey_from_privkey(&path_key[ALICE], &path_key_pub[ALICE]); tlv[ALICE] = tlv_encrypted_data_tlv_new(tmpctx); tlv[ALICE]->next_node_id = &id[BOB]; enctlv[ALICE] = encrypt_tlv_encrypted_data(tmpctx, - &blinding[ALICE], + &path_key[ALICE], &id[ALICE], tlv[ALICE], - &blinding[BOB], + &path_key[BOB], &alias[ALICE]); - pubkey_from_privkey(&blinding[BOB], &blinding_pub[BOB]); + pubkey_from_privkey(&path_key[BOB], &path_key_pub[BOB]); - /* We override blinding for Carol. */ - memset(&override_blinding, 7, sizeof(override_blinding)); - pubkey_from_privkey(&override_blinding, &override_blinding_pub); + /* We override path_key for Carol. */ + memset(&override_path_key, 7, sizeof(override_path_key)); + pubkey_from_privkey(&override_path_key, &override_path_key_pub); tlv[BOB] = tlv_encrypted_data_tlv_new(tmpctx); tlv[BOB]->next_node_id = &id[CAROL]; - tlv[BOB]->next_blinding_override = &override_blinding_pub; + tlv[BOB]->next_path_key_override = &override_path_key_pub; enctlv[BOB] = encrypt_tlv_encrypted_data(tmpctx, - &blinding[BOB], + &path_key[BOB], &id[BOB], tlv[BOB], - &blinding[CAROL], + &path_key[CAROL], &alias[BOB]); - /* That replaced the blinding */ - blinding[CAROL] = override_blinding; - blinding_pub[CAROL] = override_blinding_pub; + /* That replaced the path_key */ + path_key[CAROL] = override_path_key; + path_key_pub[CAROL] = override_path_key_pub; tlv[CAROL] = tlv_encrypted_data_tlv_new(tmpctx); tlv[CAROL]->next_node_id = &id[DAVE]; tlv[CAROL]->padding = tal_arrz(tlv[CAROL], u8, 35); enctlv[CAROL] = encrypt_tlv_encrypted_data(tmpctx, - &blinding[CAROL], + &path_key[CAROL], &id[CAROL], tlv[CAROL], - &blinding[DAVE], + &path_key[DAVE], &alias[CAROL]); for (size_t i = 0; i < sizeof(self_id); i++) @@ -228,11 +228,11 @@ int main(int argc, char *argv[]) self_id.data, ARRAY_SIZE(self_id.data), 0); enctlv[DAVE] = encrypt_tlv_encrypted_data(tmpctx, - &blinding[DAVE], + &path_key[DAVE], &id[DAVE], tlv[DAVE], NULL, &alias[DAVE]); - pubkey_from_privkey(&blinding[DAVE], &blinding_pub[DAVE]); + pubkey_from_privkey(&path_key[DAVE], &path_key_pub[DAVE]); /* Create an onion which encodes this. */ sphinx_path = sphinx_path_new(tmpctx, NULL); @@ -248,7 +248,7 @@ int main(int argc, char *argv[]) &path_secrets); /* And finally, the onion message as handed to Alice */ - omsg = towire_onion_message(tmpctx, &blinding_pub[ALICE], + omsg = towire_onion_message(tmpctx, &path_key_pub[ALICE], serialize_onionpacket(tmpctx, op)); printf("{\n"); @@ -265,10 +265,10 @@ int main(int argc, char *argv[]) printf("\t\"onion_message\": {"); json_strfield("raw", tal_hex(tmpctx, omsg)); - json_strfield("blinding_secret", - fmt_privkey(tmpctx, &blinding[i])); - json_strfield("blinding", - fmt_pubkey(tmpctx, &blinding_pub[i])); + json_strfield("path_key_secret", + fmt_privkey(tmpctx, &path_key[i])); + json_strfield("path_key", + fmt_pubkey(tmpctx, &path_key_pub[i])); json_strfield("blinded_alias", fmt_pubkey(tmpctx, &alias[i])); json_strfield("onionmsg_tlv", @@ -280,7 +280,7 @@ int main(int argc, char *argv[]) printf(",\n"); /* Unwrap for next hop */ - omsg = next_onion(tmpctx, omsg, &nodekey[i], &blinding_pub[i]); + omsg = next_onion(tmpctx, omsg, &nodekey[i], &path_key_pub[i]); } assert(!omsg); printf("\n]}\n"); diff --git a/common/test/run-bolt12-encode-test.c b/common/test/run-bolt12-encode-test.c index 0b59adaef..9ec552ddd 100644 --- a/common/test/run-bolt12-encode-test.c +++ b/common/test/run-bolt12-encode-test.c @@ -230,7 +230,7 @@ int main(int argc, char *argv[]) offer->offer_paths[0]->first_node_id.is_pubkey = true; assert(pubkey_from_secret(&bob, &offer->offer_paths[0]->first_node_id.pubkey)); /* Random blinding secret. */ - assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[0]->blinding)); + assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[0]->first_path_key)); offer->offer_paths[0]->path = tal_arr(offer->offer_paths[0], struct onionmsg_hop *, 2); @@ -242,7 +242,7 @@ int main(int argc, char *argv[]) struct onionmsg_hop); assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[0]->path[1]->blinded_node_id)); offer->offer_paths[0]->path[1]->encrypted_recipient_data = tal_hexdata(offer->offer_paths[0]->path[1], "1111111111111111", 16); - print_valid_offer(offer, "with blinded path via Bob (0x424242...), blinding 020202...", + print_valid_offer(offer, "with blinded path via Bob (0x424242...), path_key 020202...", "path is [id=02020202..., enc=0x00*16], [id=02020202..., enc=0x11*8]", NULL); /* BOLT-offers #12: @@ -253,7 +253,7 @@ int main(int argc, char *argv[]) * - MUST set `offer_issuer_id` to the node's public key to request the invoice from. */ offer->offer_issuer_id = tal_free(offer->offer_issuer_id); - print_valid_offer(offer, "with no issuer_id and blinded path via Bob (0x424242...), blinding 020202...", + print_valid_offer(offer, "with no issuer_id and blinded path via Bob (0x424242...), path_key 020202...", "path is [id=02020202..., enc=0x00*16], [id=02020202..., enc=0x11*8]", NULL); offer->offer_issuer_id = tal(offer, struct pubkey); assert(pubkey_from_secret(&alice, offer->offer_issuer_id)); @@ -263,8 +263,8 @@ int main(int argc, char *argv[]) offer->offer_paths[1]->first_node_id.is_pubkey = false; assert(short_channel_id_dir_from_str("1x2x3/1", strlen("1x2x3/1"), &offer->offer_paths[1]->first_node_id.scidd)); - /* Random blinding secret. */ - assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[1]->blinding)); + /* Random path_key secret. */ + assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[1]->first_path_key)); offer->offer_paths[1]->path = tal_arr(offer->offer_paths[1], struct onionmsg_hop *, 2); @@ -276,7 +276,7 @@ int main(int argc, char *argv[]) struct onionmsg_hop); assert(pubkey_from_hexstr("020202020202020202020202020202020202020202020202020202020202020202", 66, &offer->offer_paths[1]->path[1]->blinded_node_id)); offer->offer_paths[1]->path[1]->encrypted_recipient_data = tal_hexdata(offer->offer_paths[1]->path[1], "2222222222222222", 16); - print_valid_offer(offer, "... and with second blinded path via 1x2x3 (direction 1), blinding 020202...", + print_valid_offer(offer, "... and with second blinded path via 1x2x3 (direction 1), path_key 020202...", "path is [id=02020202..., enc=0x00*16], [id=02020202..., enc=0x22*8]", NULL); paths = offer->offer_paths; offer->offer_paths = NULL; @@ -363,7 +363,7 @@ int main(int argc, char *argv[]) "0A05414C494345" "10020202020202020202020202020202020202020202020202020202020202020202030303030303030303030303030303030303030303030303030303030303030303010202020202020202020202020202020202020202020202020202020202020202020100" "1621020202020202020202020202020202020202020202020202020202020202020202", - "Malformed: bad blinding in blinded_path"); + "Malformed: bad path_key in blinded_path"); print_malformed_tlv("lno", "0A05414C494345" "10020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202010303030303030303030303030303030303030303030303030303030303030303030100" diff --git a/common/test/run-onion-message-test.c b/common/test/run-onion-message-test.c index 7017da3cf..ae1d55de7 100644 --- a/common/test/run-onion-message-test.c +++ b/common/test/run-onion-message-test.c @@ -119,15 +119,15 @@ void ecdh(const struct pubkey *point, struct secret *ss) #define LARGEST_DAVE_TLV_SIZE 42 /* Generic, ugly, function to calc encrypted_recipient_data, - alias and next blinding, and print out JSON */ + alias and next path_key, and print out JSON */ static u8 *add_hop(const char *name, const char *comment, const struct pubkey *me, const struct pubkey *next, - const struct privkey *override_blinding, + const struct privkey *override_path_key, const char *additional_field_hexstr, const char *path_id_hexstr, - struct privkey *blinding, /* in and out */ + struct privkey *path_key, /* in and out */ struct pubkey *alias /* out */) { struct tlv_encrypted_data_tlv *tlv = tlv_encrypted_data_tlv_new(tmpctx); @@ -137,7 +137,7 @@ static u8 *add_hop(const char *name, json_start(NULL, '{'); json_strfield("alias", name); json_strfield("comment", comment); - json_hexfield("blinding_secret", blinding->secret.data, sizeof(*blinding)); + json_hexfield("path_key_secret", path_key->secret.data, sizeof(*path_key)); /* We have to calc first, to make padding correct */ tlv->next_node_id = tal_dup_or_null(tlv, struct pubkey, next); @@ -145,12 +145,12 @@ static u8 *add_hop(const char *name, tlv->path_id = tal_hexdata(tlv, path_id_hexstr, strlen(path_id_hexstr)); - /* Normally we wouldn't know blinding privkey, and we'd just + /* Normally we wouldn't know path_key privkey, and we'd just * paste in the rest of the path as given, but here we're actually * generating the lot. */ - if (override_blinding) { - tlv->next_blinding_override = tal(tlv, struct pubkey); - assert(pubkey_from_privkey(override_blinding, tlv->next_blinding_override)); + if (override_path_key) { + tlv->next_path_key_override = tal(tlv, struct pubkey); + assert(pubkey_from_privkey(override_path_key, tlv->next_path_key_override)); } /* This is assumed to be a valid TLV tuple, and greater than @@ -178,7 +178,7 @@ static u8 *add_hop(const char *name, enctlv = tal_arr(tmpctx, u8, 0); towire_tlv_encrypted_data_tlv(&enctlv, tlv); towire(&enctlv, additional, tal_bytelen(additional)); - if (!override_blinding) + if (!override_path_key) assert(tal_bytelen(enctlv) == LARGEST_DAVE_TLV_SIZE); json_start("tlvs", '{'); @@ -188,12 +188,12 @@ static u8 *add_hop(const char *name, json_pubkey("next_node_id", tlv->next_node_id); if (tlv->path_id) json_hex_talfield("path_id", tlv->path_id); - if (tlv->next_blinding_override) { - json_pubkey("next_blinding_override", - tlv->next_blinding_override); - json_hexfield("blinding_override_secret", - override_blinding->secret.data, - sizeof(*override_blinding)); + if (tlv->next_path_key_override) { + json_pubkey("next_path_key_override", + tlv->next_path_key_override); + json_hexfield("path_key_override_secret", + override_path_key->secret.data, + sizeof(*override_path_key)); } if (additional) { /* Deconstruct into type, len, value */ @@ -211,16 +211,16 @@ static u8 *add_hop(const char *name, flush_comma(); enable_superverbose = true; encrypted_recipient_data = enctlv_from_encmsg_raw(tmpctx, - blinding, + path_key, me, enctlv, - blinding, + path_key, alias); enable_superverbose = false; json_hex_talfield("encrypted_recipient_data", encrypted_recipient_data); - if (override_blinding) - *blinding = *override_blinding; + if (override_path_key) + *path_key = *override_path_key; json_end('}'); maybe_comma(); @@ -230,8 +230,8 @@ static u8 *add_hop(const char *name, int main(int argc, char *argv[]) { const char *alias[] = {"Alice", "Bob", "Carol", "Dave"}; - struct privkey privkey[ARRAY_SIZE(alias)], blinding, override_blinding; - struct pubkey id[ARRAY_SIZE(alias)], blinding_pub; + struct privkey privkey[ARRAY_SIZE(alias)], path_key, override_path_key; + struct pubkey id[ARRAY_SIZE(alias)], path_key_pub; struct secret session_key; u8 *erd[ARRAY_SIZE(alias)]; /* encrypted_recipient_data */ u8 *onion_message_packet, *onion_message; @@ -257,36 +257,36 @@ int main(int argc, char *argv[]) json_hexfield("session_key", session_key.data, sizeof(session_key)); json_start("hops", '['); - memset(&blinding, 99, sizeof(blinding)); - memset(&override_blinding, 1, sizeof(override_blinding)); - erd[0] = add_hop("Alice", "Alice->Bob: note next_blinding_override to match that give by Dave for Bob", + memset(&path_key, 99, sizeof(path_key)); + memset(&override_path_key, 1, sizeof(override_path_key)); + erd[0] = add_hop("Alice", "Alice->Bob: note next_path_key_override to match that give by Dave for Bob", &id[0], &id[1], - &override_blinding, NULL, NULL, - &blinding, &blinded[0]); + &override_path_key, NULL, NULL, + &path_key, &blinded[0]); erd[1] = add_hop("Bob", "Bob->Carol", &id[1], &id[2], NULL, "fd023103123456", NULL, - &blinding, &blinded[1]); + &path_key, &blinded[1]); erd[2] = add_hop("Carol", "Carol->Dave", &id[2], &id[3], NULL, NULL, NULL, - &blinding, &blinded[2]); + &path_key, &blinded[2]); erd[3] = add_hop("Dave", "Dave is final node, hence path_id", &id[3], NULL, NULL, "fdffff0206c1", "deadbeefbadc0ffeedeadbeefbadc0ffeedeadbeefbadc0ffeedeadbeefbadc0", - &blinding, &blinded[3]); + &path_key, &blinded[3]); json_end(']'); json_end('}'); maybe_comma(); - memset(&blinding, 99, sizeof(blinding)); - assert(pubkey_from_privkey(&blinding, &blinding_pub)); + memset(&path_key, 99, sizeof(path_key)); + assert(pubkey_from_privkey(&path_key, &path_key_pub)); json_start("route", '{'); json_strfield("comment", "The resulting blinded route Alice to Dave."); json_pubkey("introduction_node_id", &id[0]); - json_pubkey("blinding", &blinding_pub); + json_pubkey("path_key", &path_key_pub); json_start("hops", '['); for (size_t i = 0; i < ARRAY_SIZE(erd); i++) { @@ -338,7 +338,7 @@ int main(int argc, char *argv[]) json_start("decrypt", '{'); json_strfield("comment", "This section contains the internal values generated by intermediate nodes when decrypting the onion."); - onion_message = towire_onion_message(tmpctx, &blinding_pub, onion_message_packet); + onion_message = towire_onion_message(tmpctx, &path_key_pub, onion_message_packet); json_start("hops", '['); for (size_t i = 0; i < ARRAY_SIZE(erd); i++) { @@ -354,11 +354,11 @@ int main(int argc, char *argv[]) /* Now, do full decrypt code, to check */ assert(fromwire_onion_message(tmpctx, onion_message, - &blinding_pub, &onion_message_packet)); + &path_key_pub, &onion_message_packet)); /* For test_ecdh */ mykey = &privkey[i]; - assert(onion_message_parse(tmpctx, onion_message_packet, &blinding_pub, + assert(onion_message_parse(tmpctx, onion_message_packet, &path_key_pub, &id[i], &onion_message, &next_node, &final_om, diff --git a/common/test/run-onion-test-vector.c b/common/test/run-onion-test-vector.c index a42cf1e9b..e7246dc0f 100644 --- a/common/test/run-onion-test-vector.c +++ b/common/test/run-onion-test-vector.c @@ -59,7 +59,6 @@ struct amount_sat amount_tx_fee(u32 fee_per_kw UNNEEDED, size_t weight UNNEEDED) { fprintf(stderr, "amount_tx_fee called!\n"); abort(); } /* Generated stub for decrypt_encrypted_data */ struct tlv_encrypted_data_tlv *decrypt_encrypted_data(const tal_t *ctx UNNEEDED, - const struct pubkey *blinding UNNEEDED, const struct secret *ss UNNEEDED, const u8 *enctlv) diff --git a/common/test/run-route_blinding_onion_test.c b/common/test/run-route_blinding_onion_test.c index 45610fa7c..84b291c2c 100644 --- a/common/test/run-route_blinding_onion_test.c +++ b/common/test/run-route_blinding_onion_test.c @@ -111,7 +111,7 @@ int main(int argc, char *argv[]) "final_amount_msat:%," "final_cltv:%," "blinded_payinfo:{fee_base_msat:%,fee_proportional_millionths:%,cltv_expiry_delta:%}," - "blinded_route:{introduction_node_id:%,blinding:%,hops:%}}}", + "blinded_route:{first_node_id:%,first_path_key:%,hops:%}}}", JSON_SCAN(json_to_secret, &session_key), JSON_SCAN_TAL(tmpctx, json_tok_bin_from_hex, &associated_data), JSON_SCAN(json_to_msat, &final_amount), @@ -120,7 +120,7 @@ int main(int argc, char *argv[]) JSON_SCAN(json_to_u32, &path_fee_proportional_millionths), JSON_SCAN(json_to_u32, &path_cltv_delta), JSON_SCAN(json_to_pubkey, &bpath->first_node_id.pubkey), - JSON_SCAN(json_to_pubkey, &bpath->blinding), + JSON_SCAN(json_to_pubkey, &bpath->first_path_key), JSON_SCAN(json_to_tok, &hops_tok)) == NULL); /* FIXME: Test scid as well! */ diff --git a/common/test/run-route_blinding_test.c b/common/test/run-route_blinding_test.c index 6cc627762..deb651509 100644 --- a/common/test/run-route_blinding_test.c +++ b/common/test/run-route_blinding_test.c @@ -118,10 +118,10 @@ static u8 *json_to_enctlvs(const tal_t *ctx, enctlv->path_id = json_tok_bin_from_hex(enctlv, buf, t+1); assert(enctlv->path_id); - } else if (json_tok_streq(buf, t, "next_blinding_override")) { - enctlv->next_blinding_override = tal(enctlv, struct pubkey); + } else if (json_tok_streq(buf, t, "next_path_key_override")) { + enctlv->next_path_key_override = tal(enctlv, struct pubkey); assert(json_to_pubkey(buf, t+1, - enctlv->next_blinding_override)); + enctlv->next_path_key_override)); } else if (json_tok_streq(buf, t, "payment_relay")) { enctlv->payment_relay = json_to_payment_relay(enctlv, buf, t+1); } else if (json_tok_streq(buf, t, "payment_constraints")) { @@ -159,7 +159,7 @@ int main(int argc, char *argv[]) const jsmntok_t *t, *hops_tok; struct pubkey *ids; u8 **enctlvs; - struct privkey blinding; + struct privkey path_key; common_setup(argv[0]); @@ -212,20 +212,20 @@ int main(int argc, char *argv[]) if (json_get_member(json, t, "session_key")) assert(json_to_secret(json, json_get_member(json, t, "session_key"), - &blinding.secret)); + &path_key.secret)); else - assert(secret_eq_consttime(&blinding.secret, &s)); + assert(secret_eq_consttime(&path_key.secret, &s)); - assert(pubkey_from_privkey(&blinding, &pubkey)); + assert(pubkey_from_privkey(&path_key, &pubkey)); json_to_pubkey(json, json_get_member(json, t, "ephemeral_pubkey"), &expected_pubkey); assert(pubkey_eq(&pubkey, &expected_pubkey)); enctlv = enctlv_from_encmsg_raw(tmpctx, - &blinding, + &path_key, &ids[i], enctlvs[i], - &blinding, + &path_key, &alias); expected_enctlv = json_tok_bin_from_hex(tmpctx,json, json_get_member(json, t, diff --git a/common/test/run-sphinx.c b/common/test/run-sphinx.c index 1af709090..2bca7edf4 100644 --- a/common/test/run-sphinx.c +++ b/common/test/run-sphinx.c @@ -60,7 +60,6 @@ size_t bigsize_put(u8 buf[BIGSIZE_MAX_LEN] UNNEEDED, bigsize_t v UNNEEDED) { fprintf(stderr, "bigsize_put called!\n"); abort(); } /* Generated stub for decrypt_encrypted_data */ struct tlv_encrypted_data_tlv *decrypt_encrypted_data(const tal_t *ctx UNNEEDED, - const struct pubkey *blinding UNNEEDED, const struct secret *ss UNNEEDED, const u8 *enctlv) diff --git a/devtools/bolt12-cli.c b/devtools/bolt12-cli.c index 7b4dae196..d6feea32e 100644 --- a/devtools/bolt12-cli.c +++ b/devtools/bolt12-cli.c @@ -270,10 +270,10 @@ static bool print_blindedpaths(const char *fieldname, for (size_t i = 0; i < tal_count(paths); i++) { struct onionmsg_hop **p = paths[i]->path; - printf("%s %zu/%zu: blinding %s ", + printf("%s %zu/%zu: first_path_key %s ", fieldname, i, tal_count(paths), - fmt_pubkey(tmpctx, &paths[i]->blinding)); + fmt_pubkey(tmpctx, &paths[i]->first_path_key)); printf("first_node_id %s ", fmt_sciddir_or_pubkey(tmpctx, &paths[i]->first_node_id)); printf("path "); diff --git a/gossipd/test/run-check_channel_announcement.c b/gossipd/test/run-check_channel_announcement.c index 42da0a710..6c743d4d9 100644 --- a/gossipd/test/run-check_channel_announcement.c +++ b/gossipd/test/run-check_channel_announcement.c @@ -46,16 +46,16 @@ void blinding_hash_e_and_ss(const struct pubkey *e UNNEEDED, const struct secret *ss UNNEEDED, struct sha256 *sha UNNEEDED) { fprintf(stderr, "blinding_hash_e_and_ss called!\n"); abort(); } -/* Generated stub for blinding_next_privkey */ -bool blinding_next_privkey(const struct privkey *e UNNEEDED, - const struct sha256 *h UNNEEDED, - struct privkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_privkey called!\n"); abort(); } -/* Generated stub for blinding_next_pubkey */ -bool blinding_next_pubkey(const struct pubkey *pk UNNEEDED, - const struct sha256 *h UNNEEDED, - struct pubkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_pubkey called!\n"); abort(); } +/* Generated stub for blinding_next_path_key */ +bool blinding_next_path_key(const struct pubkey *pk UNNEEDED, + const struct sha256 *h UNNEEDED, + struct pubkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_key called!\n"); abort(); } +/* Generated stub for blinding_next_path_privkey */ +bool blinding_next_path_privkey(const struct privkey *e UNNEEDED, + const struct sha256 *h UNNEEDED, + struct privkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_privkey called!\n"); abort(); } /* Generated stub for fromwire_sciddir_or_pubkey */ void fromwire_sciddir_or_pubkey(const u8 **cursor UNNEEDED, size_t *max UNNEEDED, struct sciddir_or_pubkey *sciddpk UNNEEDED) diff --git a/gossipd/test/run-extended-info.c b/gossipd/test/run-extended-info.c index 10ba32ad7..4973af8d9 100644 --- a/gossipd/test/run-extended-info.c +++ b/gossipd/test/run-extended-info.c @@ -21,16 +21,16 @@ void blinding_hash_e_and_ss(const struct pubkey *e UNNEEDED, const struct secret *ss UNNEEDED, struct sha256 *sha UNNEEDED) { fprintf(stderr, "blinding_hash_e_and_ss called!\n"); abort(); } -/* Generated stub for blinding_next_privkey */ -bool blinding_next_privkey(const struct privkey *e UNNEEDED, - const struct sha256 *h UNNEEDED, - struct privkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_privkey called!\n"); abort(); } -/* Generated stub for blinding_next_pubkey */ -bool blinding_next_pubkey(const struct pubkey *pk UNNEEDED, - const struct sha256 *h UNNEEDED, - struct pubkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_pubkey called!\n"); abort(); } +/* Generated stub for blinding_next_path_key */ +bool blinding_next_path_key(const struct pubkey *pk UNNEEDED, + const struct sha256 *h UNNEEDED, + struct pubkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_key called!\n"); abort(); } +/* Generated stub for blinding_next_path_privkey */ +bool blinding_next_path_privkey(const struct privkey *e UNNEEDED, + const struct sha256 *h UNNEEDED, + struct privkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_privkey called!\n"); abort(); } /* Generated stub for decode_channel_update_timestamps */ struct channel_update_timestamps *decode_channel_update_timestamps(const tal_t *ctx UNNEEDED, const struct tlv_reply_channel_range_tlvs_timestamps_tlv *timestamps_tlv UNNEEDED) diff --git a/gossipd/test/run-next_block_range.c b/gossipd/test/run-next_block_range.c index 8f2e7db7e..f6197acea 100644 --- a/gossipd/test/run-next_block_range.c +++ b/gossipd/test/run-next_block_range.c @@ -17,16 +17,16 @@ void blinding_hash_e_and_ss(const struct pubkey *e UNNEEDED, const struct secret *ss UNNEEDED, struct sha256 *sha UNNEEDED) { fprintf(stderr, "blinding_hash_e_and_ss called!\n"); abort(); } -/* Generated stub for blinding_next_privkey */ -bool blinding_next_privkey(const struct privkey *e UNNEEDED, - const struct sha256 *h UNNEEDED, - struct privkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_privkey called!\n"); abort(); } -/* Generated stub for blinding_next_pubkey */ -bool blinding_next_pubkey(const struct pubkey *pk UNNEEDED, - const struct sha256 *h UNNEEDED, - struct pubkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_pubkey called!\n"); abort(); } +/* Generated stub for blinding_next_path_key */ +bool blinding_next_path_key(const struct pubkey *pk UNNEEDED, + const struct sha256 *h UNNEEDED, + struct pubkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_key called!\n"); abort(); } +/* Generated stub for blinding_next_path_privkey */ +bool blinding_next_path_privkey(const struct privkey *e UNNEEDED, + const struct sha256 *h UNNEEDED, + struct privkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_privkey called!\n"); abort(); } /* Generated stub for find_peer */ struct peer *find_peer(struct daemon *daemon UNNEEDED, const struct node_id *id UNNEEDED) { fprintf(stderr, "find_peer called!\n"); abort(); } diff --git a/gossipd/test/run-txout_failure.c b/gossipd/test/run-txout_failure.c index 64ee3b698..ebb740ea7 100644 --- a/gossipd/test/run-txout_failure.c +++ b/gossipd/test/run-txout_failure.c @@ -19,16 +19,16 @@ void blinding_hash_e_and_ss(const struct pubkey *e UNNEEDED, const struct secret *ss UNNEEDED, struct sha256 *sha UNNEEDED) { fprintf(stderr, "blinding_hash_e_and_ss called!\n"); abort(); } -/* Generated stub for blinding_next_privkey */ -bool blinding_next_privkey(const struct privkey *e UNNEEDED, - const struct sha256 *h UNNEEDED, - struct privkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_privkey called!\n"); abort(); } -/* Generated stub for blinding_next_pubkey */ -bool blinding_next_pubkey(const struct pubkey *pk UNNEEDED, - const struct sha256 *h UNNEEDED, - struct pubkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_pubkey called!\n"); abort(); } +/* Generated stub for blinding_next_path_key */ +bool blinding_next_path_key(const struct pubkey *pk UNNEEDED, + const struct sha256 *h UNNEEDED, + struct pubkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_key called!\n"); abort(); } +/* Generated stub for blinding_next_path_privkey */ +bool blinding_next_path_privkey(const struct privkey *e UNNEEDED, + const struct sha256 *h UNNEEDED, + struct privkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_privkey called!\n"); abort(); } /* Generated stub for fromwire_sciddir_or_pubkey */ void fromwire_sciddir_or_pubkey(const u8 **cursor UNNEEDED, size_t *max UNNEEDED, struct sciddir_or_pubkey *sciddpk UNNEEDED) diff --git a/lightningd/invoice.c b/lightningd/invoice.c index ff185de61..d287c89ee 100644 --- a/lightningd/invoice.c +++ b/lightningd/invoice.c @@ -1613,13 +1613,13 @@ static void add_stub_blindedpath(const tal_t *ctx, struct tlv_invoice *inv) { struct blinded_path *path; - struct privkey blinding; + struct privkey path_key; struct tlv_encrypted_data_tlv *tlv; path = tal(NULL, struct blinded_path); sciddir_or_pubkey_from_pubkey(&path->first_node_id, &ld->our_pubkey); - randombytes_buf(&blinding, sizeof(blinding)); - if (!pubkey_from_privkey(&blinding, &path->blinding)) + randombytes_buf(&path_key, sizeof(path_key)); + if (!pubkey_from_privkey(&path_key, &path->first_path_key)) abort(); path->path = tal_arr(path, struct onionmsg_hop *, 1); path->path[0] = tal(path->path, struct onionmsg_hop); @@ -1633,7 +1633,7 @@ static void add_stub_blindedpath(const tal_t *ctx, path->path[0]->encrypted_recipient_data = encrypt_tlv_encrypted_data(path->path[0], - &blinding, + &path_key, &path->first_node_id.pubkey, tlv, NULL, diff --git a/lightningd/onion_message.c b/lightningd/onion_message.c index 495541266..31815262c 100644 --- a/lightningd/onion_message.c +++ b/lightningd/onion_message.c @@ -32,7 +32,7 @@ static void json_add_blindedpath(struct json_stream *stream, json_add_short_channel_id(stream, "first_scid", path->first_node_id.scidd.scid); json_add_u32(stream, "first_scid_dir", path->first_node_id.scidd.dir); } - json_add_pubkey(stream, "blinding", &path->blinding); + json_add_pubkey(stream, "blinding", &path->first_path_key); json_array_start(stream, "hops"); for (size_t i = 0; i < tal_count(path->path); i++) { json_object_start(stream, NULL); @@ -267,14 +267,14 @@ static struct command_result *json_decryptencrypteddata(struct command *cmd, const jsmntok_t *params) { u8 *encdata, *decrypted; - struct pubkey *blinding, next_blinding; + struct pubkey *path_key, next_path_key; struct secret ss; struct sha256 h; struct json_stream *response; if (!param_check(cmd, buffer, params, p_req("encrypted_data", param_bin_from_hex, &encdata), - p_req("blinding", param_pubkey, &blinding), + p_req("blinding", param_pubkey, &path_key), NULL)) return command_param_failed(); @@ -285,9 +285,9 @@ static struct command_result *json_decryptencrypteddata(struct command *cmd, *... * - MUST decrypt the `encrypted_data` field using $`rho_i`$ */ - ecdh(blinding, &ss); + ecdh(path_key, &ss); - decrypted = decrypt_encmsg_raw(cmd, blinding, &ss, encdata); + decrypted = decrypt_encmsg_raw(cmd, &ss, encdata); if (!decrypted) return command_fail(cmd, JSONRPC2_INVALID_PARAMS, "Decryption failed!"); @@ -299,13 +299,13 @@ static struct command_result *json_decryptencrypteddata(struct command *cmd, * * - $`E_{i+1} = SHA256(E_i || ss_i) * E_i`$ */ - blinding_hash_e_and_ss(blinding, &ss, &h); - blinding_next_pubkey(blinding, &h, &next_blinding); + blinding_hash_e_and_ss(path_key, &ss, &h); + blinding_next_path_key(path_key, &h, &next_path_key); response = json_stream_success(cmd); json_object_start(response, "decryptencrypteddata"); json_add_hex_talarr(response, "decrypted", decrypted); - json_add_pubkey(response, "next_blinding", &next_blinding); + json_add_pubkey(response, "next_blinding", &next_path_key); json_object_end(response); return command_success(cmd, response); } diff --git a/lightningd/peer_htlcs.c b/lightningd/peer_htlcs.c index 215314dc3..38446a094 100644 --- a/lightningd/peer_htlcs.c +++ b/lightningd/peer_htlcs.c @@ -136,9 +136,9 @@ static void channel_stats_incr_out_offered(struct channel *c, } /* BOLT #4: - * - if `blinding_point` is set in the incoming `update_add_htlc`: + * - if `path_key` is set in the incoming `update_add_htlc`: * - MUST return an `invalid_onion_blinding` error. - * - if `current_blinding_point` is set in the onion payload and it is not the + * - if `current_path_key` is set in the onion payload and it is not the * final node: * - MUST return an `invalid_onion_blinding` error. */ @@ -1421,8 +1421,8 @@ static bool peer_accepted_htlc(const tal_t *ctx, &hook_payload->payload->blinding_ss, &sha); hook_payload->next_blinding = tal(hook_payload, struct pubkey); - blinding_next_pubkey(hook_payload->payload->blinding, &sha, - hook_payload->next_blinding); + blinding_next_path_key(hook_payload->payload->blinding, &sha, + hook_payload->next_blinding); } else hook_payload->next_blinding = NULL; diff --git a/lightningd/test/run-invoice-select-inchan.c b/lightningd/test/run-invoice-select-inchan.c index 54fe654ac..4d2b0832b 100644 --- a/lightningd/test/run-invoice-select-inchan.c +++ b/lightningd/test/run-invoice-select-inchan.c @@ -244,10 +244,10 @@ char *encode_scriptpubkey_to_addr(const tal_t *ctx UNNEEDED, { fprintf(stderr, "encode_scriptpubkey_to_addr called!\n"); abort(); } /* Generated stub for encrypt_tlv_encrypted_data */ u8 *encrypt_tlv_encrypted_data(const tal_t *ctx UNNEEDED, - const struct privkey *blinding UNNEEDED, + const struct privkey *path_privkey UNNEEDED, const struct pubkey *node UNNEEDED, const struct tlv_encrypted_data_tlv *tlv UNNEEDED, - struct privkey *next_blinding UNNEEDED, + struct privkey *next_path_privkey UNNEEDED, struct pubkey *node_alias) { fprintf(stderr, "encrypt_tlv_encrypted_data called!\n"); abort(); } diff --git a/plugins/offers.c b/plugins/offers.c index ef75d6c46..1c75ac3e2 100644 --- a/plugins/offers.c +++ b/plugins/offers.c @@ -530,7 +530,7 @@ static bool json_add_blinded_paths(struct json_stream *js, json_add_u32(js, "first_scid_dir", paths[i]->first_node_id.scidd.dir); } - json_add_pubkey(js, "blinding", &paths[i]->blinding); + json_add_pubkey(js, "blinding", &paths[i]->first_path_key); /* Don't crash if we're short a payinfo! */ if (i < tal_count(blindedpay)) { diff --git a/plugins/pay.c b/plugins/pay.c index 967d97123..211e422da 100644 --- a/plugins/pay.c +++ b/plugins/pay.c @@ -1110,7 +1110,7 @@ decrypt_done(struct command *cmd, { const char *err; u8 *encdata; - struct pubkey next_blinding; + struct pubkey next_path_key; struct tlv_encrypted_data_tlv *enctlv; const u8 *cursor; size_t maxlen; @@ -1119,7 +1119,7 @@ decrypt_done(struct command *cmd, "{decryptencrypteddata:{decrypted:%" ",next_blinding:%}}", JSON_SCAN_TAL(tmpctx, json_tok_bin_from_hex, &encdata), - JSON_SCAN(json_to_pubkey, &next_blinding)); + JSON_SCAN(json_to_pubkey, &next_path_key)); if (err) { return command_fail(cmd, LIGHTNINGD, "Bad decryptencrypteddata response? %.*s: %s", @@ -1151,10 +1151,10 @@ decrypt_done(struct command *cmd, } /* Promote second hop to first hop */ - if (enctlv->next_blinding_override) - p->blindedpath->blinding = *enctlv->next_blinding_override; + if (enctlv->next_path_key_override) + p->blindedpath->first_path_key = *enctlv->next_path_key_override; else - p->blindedpath->blinding = next_blinding; + p->blindedpath->first_path_key = next_path_key; /* Remove now-decrypted part of path */ tal_free(p->blindedpath->path[0]); @@ -1205,7 +1205,7 @@ preapproveinvoice_succeed(struct command *cmd, json_add_hex_talarr(req->js, "encrypted_data", p->blindedpath->path[0]->encrypted_recipient_data); - json_add_pubkey(req->js, "blinding", &p->blindedpath->blinding); + json_add_pubkey(req->js, "blinding", &p->blindedpath->first_path_key); return send_outreq(cmd->plugin, req); } diff --git a/tests/fuzz/fuzz-wire-update_add_htlc.c b/tests/fuzz/fuzz-wire-update_add_htlc.c index 4f20964dc..7fa22be8b 100644 --- a/tests/fuzz/fuzz-wire-update_add_htlc.c +++ b/tests/fuzz/fuzz-wire-update_add_htlc.c @@ -47,7 +47,7 @@ static bool equal(const struct update_add_htlc *x, return false; assert(x->tlvs && y->tlvs); - return tal_arr_eq(x->tlvs->blinding_point, y->tlvs->blinding_point); + return tal_arr_eq(x->tlvs->blinded_path, y->tlvs->blinded_path); } void run(const u8 *data, size_t size) diff --git a/wallet/test/run-wallet.c b/wallet/test/run-wallet.c index 31006b1f7..9fe88a2cb 100644 --- a/wallet/test/run-wallet.c +++ b/wallet/test/run-wallet.c @@ -62,11 +62,11 @@ void blinding_hash_e_and_ss(const struct pubkey *e UNNEEDED, const struct secret *ss UNNEEDED, struct sha256 *sha UNNEEDED) { fprintf(stderr, "blinding_hash_e_and_ss called!\n"); abort(); } -/* Generated stub for blinding_next_pubkey */ -bool blinding_next_pubkey(const struct pubkey *pk UNNEEDED, - const struct sha256 *h UNNEEDED, - struct pubkey *next UNNEEDED) -{ fprintf(stderr, "blinding_next_pubkey called!\n"); abort(); } +/* Generated stub for blinding_next_path_key */ +bool blinding_next_path_key(const struct pubkey *pk UNNEEDED, + const struct sha256 *h UNNEEDED, + struct pubkey *next UNNEEDED) +{ fprintf(stderr, "blinding_next_path_key called!\n"); abort(); } /* Generated stub for bolt11_decode */ struct bolt11 *bolt11_decode(const tal_t *ctx UNNEEDED, const char *str UNNEEDED, const struct feature_set *our_features UNNEEDED, diff --git a/wire/extracted_onion_02_offers.patch b/wire/extracted_onion_02_offers.patch index c1de44245..07103ee20 100644 --- a/wire/extracted_onion_02_offers.patch +++ b/wire/extracted_onion_02_offers.patch @@ -2,7 +2,7 @@ diff --git a/wire/onion_wire.csv b/wire/onion_wire.csv index ae05f09fd..b09811ed1 100644 --- a/wire/onion_wire.csv +++ b/wire/onion_wire.csv -@@ -92,6 +92,12 @@ tlvtype,onionmsg_tlv,reply_path,2 +@@ -92,3 +92,9 @@ tlvtype,onionmsg_tlv,reply_path,2 tlvdata,onionmsg_tlv,reply_path,path,blinded_path, tlvtype,onionmsg_tlv,encrypted_recipient_data,4 tlvdata,onionmsg_tlv,encrypted_recipient_data,encrypted_recipient_data,byte,... @@ -12,6 +12,3 @@ index ae05f09fd..b09811ed1 100644 +tlvdata,onionmsg_tlv,invoice,invoice,tlv_invoice, +tlvtype,onionmsg_tlv,invoice_error,68 +tlvdata,onionmsg_tlv,invoice_error,invoice_error,tlv_invoice_error, - subtype,blinded_path - subtypedata,blinded_path,first_node_id,point, - subtypedata,blinded_path,blinding,point, diff --git a/wire/extracted_onion_03_onionmsg-payload-as-bytearr.patch b/wire/extracted_onion_03_onionmsg-payload-as-bytearr.patch index 1c17f0b31..55dce3419 100644 --- a/wire/extracted_onion_03_onionmsg-payload-as-bytearr.patch +++ b/wire/extracted_onion_03_onionmsg-payload-as-bytearr.patch @@ -4,7 +4,7 @@ diff --git b/wire/onion_wire.csv a/wire/onion_wire.csv index 5c52fe9a1..2ac0c4cff 100644 --- b/wire/onion_wire.csv +++ a/wire/onion_wire.csv -@@ -51,11 +29,11 @@ tlvdata,onionmsg_tlv,reply_path,path,onionmsg_path,... +@@ -51,8 +29,8 @@ tlvdata,onionmsg_tlv,reply_path,path,onionmsg_path,... tlvtype,onionmsg_tlv,encrypted_data_tlv,4 tlvdata,onionmsg_tlv,encrypted_data_tlv,encrypted_data_tlv,byte,... tlvtype,onionmsg_tlv,invoice_request,64 @@ -16,6 +16,3 @@ index 5c52fe9a1..2ac0c4cff 100644 tlvtype,onionmsg_tlv,invoice_error,68 -tlvdata,onionmsg_tlv,invoice_error,invoice_error,tlv_invoice_error, +tlvdata,onionmsg_tlv,invoice_error,invoice_error,byte,... - subtype,blinded_path - subtypedata,blinded_path,first_node_id,point, - subtypedata,blinded_path,blinding,point, diff --git a/wire/extracted_onion_05_remove-onion_message.patch b/wire/extracted_onion_05_remove-onion_message.patch index ae099ba26..ebadab75f 100644 --- a/wire/extracted_onion_05_remove-onion_message.patch +++ b/wire/extracted_onion_05_remove-onion_message.patch @@ -9,7 +9,7 @@ index 3884c63dd..25798c3da 100644 msgtype,invalid_onion_blinding,BADONION|PERM|24 msgdata,invalid_onion_blinding,sha256_of_onion,sha256, -msgtype,onion_message,513 --msgdata,onion_message,blinding,point, +-msgdata,onion_message,path_key,point, -msgdata,onion_message,len,u16, -msgdata,onion_message,onion_message_packet,byte,len tlvtype,onionmsg_tlv,reply_path,2 diff --git a/wire/extracted_onion_06_blinded_path_first_sciddir_or_pubkey.patch b/wire/extracted_onion_06_blinded_path_first_sciddir_or_pubkey.patch index e9bb8bda6..d58e831e2 100644 --- a/wire/extracted_onion_06_blinded_path_first_sciddir_or_pubkey.patch +++ b/wire/extracted_onion_06_blinded_path_first_sciddir_or_pubkey.patch @@ -8,6 +8,6 @@ index 41cafe553..c1d850c60 100644 subtype,blinded_path -subtypedata,blinded_path,first_node_id,point, +subtypedata,blinded_path,first_node_id,sciddir_or_pubkey, - subtypedata,blinded_path,blinding,point, + subtypedata,blinded_path,first_path_key,point, subtypedata,blinded_path,num_hops,byte, subtypedata,blinded_path,path,onionmsg_hop,num_hops diff --git a/wire/extracted_peer_05_newonion.patch b/wire/extracted_peer_05_newonion.patch index cc9676fec..b5b4674e9 100644 --- a/wire/extracted_peer_05_newonion.patch +++ b/wire/extracted_peer_05_newonion.patch @@ -7,6 +7,6 @@ FIXME: This is actually from BOLT 4, but we remove it from onion_wire.csv and pu msgdata,gossip_timestamp_filter,first_timestamp,u32, msgdata,gossip_timestamp_filter,timestamp_range,u32, +msgtype,onion_message,513,option_onion_messages -+msgdata,onion_message,blinding,point, ++msgdata,onion_message,path_key,point, +msgdata,onion_message,len,u16, +msgdata,onion_message,onionmsg,byte,len diff --git a/wire/onion_wire.csv b/wire/onion_wire.csv index d795a2443..e37f181d2 100644 --- a/wire/onion_wire.csv +++ b/wire/onion_wire.csv @@ -10,12 +10,21 @@ tlvdata,payload,payment_data,payment_secret,byte,32 tlvdata,payload,payment_data,total_msat,tu64, tlvtype,payload,encrypted_recipient_data,10 tlvdata,payload,encrypted_recipient_data,encrypted_data,byte,... -tlvtype,payload,current_blinding_point,12 -tlvdata,payload,current_blinding_point,blinding,point, +tlvtype,payload,current_path_key,12 +tlvdata,payload,current_path_key,path_key,point, tlvtype,payload,payment_metadata,16 tlvdata,payload,payment_metadata,payment_metadata,byte,... tlvtype,payload,total_amount_msat,18 tlvdata,payload,total_amount_msat,total_msat,tu64, +subtype,blinded_path +subtypedata,blinded_path,first_node_id,sciddir_or_pubkey, +subtypedata,blinded_path,first_path_key,point, +subtypedata,blinded_path,num_hops,byte, +subtypedata,blinded_path,path,onionmsg_hop,num_hops +subtype,onionmsg_hop +subtypedata,onionmsg_hop,blinded_node_id,point, +subtypedata,onionmsg_hop,enclen,u16, +subtypedata,onionmsg_hop,encrypted_recipient_data,byte,enclen tlvtype,encrypted_data_tlv,padding,1 tlvdata,encrypted_data_tlv,padding,padding,byte,... tlvtype,encrypted_data_tlv,short_channel_id,2 @@ -24,8 +33,8 @@ tlvtype,encrypted_data_tlv,next_node_id,4 tlvdata,encrypted_data_tlv,next_node_id,node_id,point, tlvtype,encrypted_data_tlv,path_id,6 tlvdata,encrypted_data_tlv,path_id,data,byte,... -tlvtype,encrypted_data_tlv,next_blinding_override,8 -tlvdata,encrypted_data_tlv,next_blinding_override,blinding,point, +tlvtype,encrypted_data_tlv,next_path_key_override,8 +tlvdata,encrypted_data_tlv,next_path_key_override,path_key,point, tlvtype,encrypted_data_tlv,payment_relay,10 tlvdata,encrypted_data_tlv,payment_relay,cltv_expiry_delta,u16, tlvdata,encrypted_data_tlv,payment_relay,fee_proportional_millionths,u32, @@ -93,12 +102,3 @@ tlvtype,onionmsg_tlv,invoice,66 tlvdata,onionmsg_tlv,invoice,invoice,byte,... tlvtype,onionmsg_tlv,invoice_error,68 tlvdata,onionmsg_tlv,invoice_error,invoice_error,byte,... -subtype,blinded_path -subtypedata,blinded_path,first_node_id,sciddir_or_pubkey, -subtypedata,blinded_path,blinding,point, -subtypedata,blinded_path,num_hops,byte, -subtypedata,blinded_path,path,onionmsg_hop,num_hops -subtype,onionmsg_hop -subtypedata,onionmsg_hop,blinded_node_id,point, -subtypedata,onionmsg_hop,enclen,u16, -subtypedata,onionmsg_hop,encrypted_recipient_data,byte,enclen diff --git a/wire/peer_wire.csv b/wire/peer_wire.csv index 3865c11f1..6543e34ee 100644 --- a/wire/peer_wire.csv +++ b/wire/peer_wire.csv @@ -245,8 +245,8 @@ msgdata,update_add_htlc,amount_msat,u64, msgdata,update_add_htlc,payment_hash,sha256, msgdata,update_add_htlc,cltv_expiry,u32, msgdata,update_add_htlc,onion_routing_packet,byte,1366 -tlvtype,update_add_htlc_tlvs,blinding_point,0 -tlvdata,update_add_htlc_tlvs,blinding_point,blinding,point, +tlvtype,update_add_htlc_tlvs,blinded_path,0 +tlvdata,update_add_htlc_tlvs,blinded_path,path_key,point, msgtype,update_fulfill_htlc,130 msgdata,update_fulfill_htlc,channel_id,channel_id, msgdata,update_fulfill_htlc,id,u64, @@ -388,6 +388,6 @@ msgdata,gossip_timestamp_filter,chain_hash,chain_hash, msgdata,gossip_timestamp_filter,first_timestamp,u32, msgdata,gossip_timestamp_filter,timestamp_range,u32, msgtype,onion_message,513,option_onion_messages -msgdata,onion_message,blinding,point, +msgdata,onion_message,path_key,point, msgdata,onion_message,len,u16, msgdata,onion_message,onionmsg,byte,len