channeld: Verify the signature sent by the counterparty (aka do not trust verify) #6384
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vincenzopalazzo
changed the title
vincenzopalazzo
added
the
protocol
This comment was marked as off-topic.
This comment was marked as off-topic.
rustyrussell
requested changes
Jul 10, 2023
This comment was marked as off-topic.
This comment was marked as off-topic.
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
from
3339ef1
to
21a5ae9
Compare
vincenzopalazzo
added a commit
to rustyrussell/lnprototest
that referenced
this pull request
Jul 14, 2023
Fixes a bug in lnprototest by removing the problematic code outlined in patch [1]. During our investigation of the cln code, we discovered that the message verification was not performed correctly as the BOL 7 suggest. This commit includes a patch [2] that fixes the issue and introduces an integration test to validate that core lightning adheres to the signature verification guidelines outlined in BOLT7. [1] #91 [2] ElementsProject/lightning#6384 Reported-by: lnprototest (#91) Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
from
21a5ae9
to
f82f775
Compare
vincenzopalazzo
added a commit
to rustyrussell/lnprototest
that referenced
this pull request
Jul 14, 2023
Fixes a bug in lnprototest by removing the problematic code outlined in patch [1]. During our investigation of the cln code, we discovered that the message verification was not performed correctly as the BOL 7 suggest. This commit includes a patch [2] that fixes the issue and introduces an integration test to validate that core lightning adheres to the signature verification guidelines outlined in BOLT7. [1] #91 [2] ElementsProject/lightning#6384 Reported-by: lnprototest (#91) Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
added a commit
to rustyrussell/lnprototest
that referenced
this pull request
Jul 15, 2023
Fixes a bug in lnprototest by removing the problematic code outlined in patch [1]. During our investigation of the cln code, we discovered that the message verification was not performed correctly as the BOL 7 suggest. This commit includes a patch [2] that fixes the issue and introduces an integration test to validate that core lightning adheres to the signature verification guidelines outlined in BOLT7. [1] #91 [2] ElementsProject/lightning#6384 Reported-by: lnprototest (#91) Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
from
f82f775
to
196214e
Compare
|
Ok this should be ready, I would like to wait for the CI to confirm In addition, the following PR on lnprorotest shows that the current master fails rustyrussell/lnprototest#100, but with this patch core lightning, it is Please note that a new version of lnprototest is included inside the e5d666f (see commit the body to know what it is changed) |
rustyrussell
approved these changes
Jul 15, 2023
|
Ack, needs fixup folding... |
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
from
e5d666f
to
28d1ae2
Compare
This comment was marked as outdated.
This comment was marked as outdated.
|
This broke dual funding, so clearly channel announcement isn't correct for that case? |
This comment was marked as outdated.
This comment was marked as outdated.
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
2 times, most recently
from
bdb2eba
to
0f5740e
Compare
This commit addresses an issue to enhance the resilience of core
lightning when receiving node announcements.
According to BOLT 7 (The announcement_signatures Message),
if the node_signature OR the bitcoin_signature is NOT correct,
it is recommended to either send a warning and close the connection or send an error and fail the channel.
In this commit, we take a strict approach. If any error is detected, we
send an error and fail the open channel operation.
This is because the announcement_signatures operation is optional,
and we assume that it must be correct.
lnprototest at commit dea47c29b5541dbfe7fe53cc2598330e897fa4f4 report
the following error now.
```
2023-07-06T21:03:20.930Z DEBUG hsmd: Shutting down
ERROR root:helpers.py:170 Traceback (most recent call last):
File "/home/vincent/Github/lightning/external/lnprototest/tests/helpers.py", line 167, in run_runner
runner.run(test)
File "/home/vincent/Github/lightning/external/lnprototest/lnprototest/runner.py", line 99, in run
all_done = sequence.action(self)
^^^^^^^^^^^^^^^^^^^^^
File "/home/vincent/Github/lightning/external/lnprototest/lnprototest/structure.py", line 55, in action
all_done &= e.action(runner)
^^^^^^^^^^^^^^^^
File "/home/vincent/Github/lightning/external/lnprototest/lnprototest/event.py", line 365, in action
raise EventError(self, "{}: message was {}".format(err, msg.to_str()))
lnprototest.errors.EventError: `Expected msgtype-warning, got msgtype-error: message was error channel_id=a37362839b13f61cfe82d35bd397b1264c389b245847cfb6111b38892546dc77 data=4661696c656420746f20766572696679206e6f64655f7369676e61747572652e` on event [{"event": "ExpectMsg", "file": "test_bolt2-01-close_channel.py", "pos": "157"},]
============================================================================================================================================================== short test summary info ===============================================================================================================================================================
FAILED tests/test_bolt2-01-close_channel.py::test_close_channel_shutdown_msg_normal_case_receiver_side - AssertionError: `Expected msgtype-shutdown, got msgtype-error: message was error channel_id=a37362839b13f61cfe82d35bd397b1264c389b245847cfb6111b38892546dc77 data=4661696c656420746f20766572696679206e6f64655f7369676e61747572652e` on event [{"event": "ExpectMsg", "file": "test_bolt2-01-close_channel.py", "pos": "75"},]
FAILED tests/test_bolt2-01-close_channel.py::test_close_channel_shutdown_msg_wrong_script_pubkey_receiver_side - AssertionError: `Expected msgtype-warning, got msgtype-error: message was error channel_id=a37362839b13f61cfe82d35bd397b1264c389b245847cfb6111b38892546dc77 data=4661696c656420746f20766572696679206e6f64655f7369676e61747572652e` on event [{"event": "ExpectMsg", "file": "test_bolt2-01-close_channel.py", "pos": "157"},]
```
Changelog-Fixes: channeld: Verify the signature sent in announcement_signatures by the counterparty
Reported-by: lnprototest
Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
This update incorporates the proposed version of lnprototest from the patch [1], which includes the following fixes: - Corrects the `ExpectError` event and updates BOLT 7 to expect a warning instead of an error. - Implements a new test for when the runner sends a bad signature within the announcement_signatures message. [1] rustyrussell/lnprototest#100 Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
vincenzopalazzo
force-pushed
the
macros/verify-signature
branch
from
ec38b82
to
7f8193b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit addresses an issue to enhance the resilience of core lightning when receiving node announcements.
According to BOLT 7 (The announcement_signatures Message), if the node_signature OR the bitcoin_signature is NOT correct, it is recommended to either send a warning and close the connection or send an error and fail the channel.
In this commit, we take a strict approach. If any error is detected, we send an error and fail the open channel operation. This is because the announcement_signatures operation is optional, and we assume that it must be correct.
lnprototest at commit dea47c29b5541dbfe7fe53cc2598330e897fa4f4 report the following error now.
This PR shows how useful is lnprototest in debugging issues and make sure that we are protocol compliant, so now lnprototest in this PR should fail, and when this is merged #6383 the tests should be again happy
P.S: the current version of lnprototest is buggy because relay on cln behavior!
Changelog-Fixes: channeld: Verify the signature sent in announcement_signatures by the counterparty
Reported-by: lnprototest