Skip to content

Commit

Permalink
Use one-hop blinded paths only for announced nodes
Browse files Browse the repository at this point in the history
To avoid exposing a node's identity in a blinded path, only create
one-hop blinded paths if the node has been announced, and thus has
public channels. Otherwise, there is no way to route a payment to the
node, exposing its identity needlessly.
  • Loading branch information
jkczyz committed Dec 15, 2023
1 parent 56f457c commit cc798a8
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 7 deletions.
14 changes: 9 additions & 5 deletions lightning/src/onion_message/messenger.rs
Original file line number Diff line number Diff line change
Expand Up @@ -350,25 +350,29 @@ where
const MIN_PEER_CHANNELS: usize = 3;

let network_graph = self.network_graph.deref().read_only();
let paths = peers.into_iter()
let paths = peers.iter()
// Limit to peers with announced channels
.filter(|pubkey|
network_graph
.node(&NodeId::from_pubkey(&pubkey))
.node(&NodeId::from_pubkey(pubkey))
.map(|info| &info.channels[..])
.map(|channels| channels.len() >= MIN_PEER_CHANNELS)
.unwrap_or(false)
)
.map(|pubkey| vec![pubkey, recipient])
.map(|pubkey| vec![*pubkey, recipient])
.map(|node_pks| BlindedPath::new_for_message(&node_pks, entropy_source, secp_ctx))
.take(MAX_PATHS)
.collect::<Result<Vec<_>, _>>();

match paths {
Ok(paths) if !paths.is_empty() => Ok(paths),
_ => {
BlindedPath::one_hop_for_message(recipient, entropy_source, secp_ctx)
.map(|path| vec![path])
if network_graph.nodes().contains_key(&NodeId::from_pubkey(&recipient)) {
BlindedPath::one_hop_for_message(recipient, entropy_source, secp_ctx)
.map(|path| vec![path])
} else {
Err(())
}
},
}
}
Expand Down
8 changes: 6 additions & 2 deletions lightning/src/routing/router.rs
Original file line number Diff line number Diff line change
Expand Up @@ -153,8 +153,12 @@ impl<G: Deref<Target = NetworkGraph<L>> + Clone, L: Deref, S: Deref, SP: Sized,
match paths {
Ok(paths) if !paths.is_empty() => Ok(paths),
_ => {
BlindedPath::one_hop_for_payment(recipient, tlvs, entropy_source, secp_ctx)
.map(|path| vec![path])
if network_graph.nodes().contains_key(&NodeId::from_pubkey(&recipient)) {
BlindedPath::one_hop_for_payment(recipient, tlvs, entropy_source, secp_ctx)
.map(|path| vec![path])
} else {
Err(())
}
},
}
}
Expand Down

0 comments on commit cc798a8

Please sign in to comment.