multi: pass blinding point through to reconstruction

lightningnetwork · Nov 8, 2023 · df54ade · df54ade
1 parent 3efb0f2
commit df54ade
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 7 deletions.
diff --git a/contractcourt/htlc_incoming_contest_resolver.go b/contractcourt/htlc_incoming_contest_resolver.go
@@ -520,9 +520,14 @@ func (h *htlcIncomingContestResolver) Supplement(htlc channeldb.HTLC) {
 func (h *htlcIncomingContestResolver) decodePayload() (*hop.Payload,
 	[]byte, error) {
 
+	blindingPoint, err := h.htlc.BlindingPoint()
+	if err != nil {
+		return nil, nil, err
+	}
+
 	onionReader := bytes.NewReader(h.htlc.OnionBlob[:])
 	iterator, err := h.OnionProcessor.ReconstructHopIterator(
-		onionReader, h.htlc.RHash[:],
+		onionReader, h.htlc.RHash[:], blindingPoint,
 	)
 	if err != nil {
 		return nil, nil, err

diff --git a/contractcourt/htlc_incoming_resolver_test.go b/contractcourt/htlc_incoming_resolver_test.go
@@ -6,6 +6,7 @@ import (
 	"io/ioutil"
 	"testing"
 
+	"github.com/btcsuite/btcd/btcec/v2"
 	sphinx "github.com/lightningnetwork/lightning-onion"
 	"github.com/lightningnetwork/lnd/chainntnfs"
 	"github.com/lightningnetwork/lnd/channeldb"
@@ -288,8 +289,8 @@ type mockOnionProcessor struct {
 	offeredOnionBlob []byte
 }
 
-func (o *mockOnionProcessor) ReconstructHopIterator(r io.Reader, rHash []byte) (
-	hop.Iterator, error) {
+func (o *mockOnionProcessor) ReconstructHopIterator(r io.Reader, rHash []byte,
+	blindingPoint *btcec.PublicKey) (hop.Iterator, error) {
 
 	data, err := ioutil.ReadAll(r)
 	if err != nil {

diff --git a/contractcourt/interfaces.go b/contractcourt/interfaces.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"io"
 
+	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/wire"
 	"github.com/lightningnetwork/lnd/channeldb"
 	"github.com/lightningnetwork/lnd/channeldb/models"
@@ -40,7 +41,8 @@ type Registry interface {
 type OnionProcessor interface {
 	// ReconstructHopIterator attempts to decode a valid sphinx packet from
 	// the passed io.Reader instance.
-	ReconstructHopIterator(r io.Reader, rHash []byte) (hop.Iterator, error)
+	ReconstructHopIterator(r io.Reader, rHash []byte,
+		blindingKey *btcec.PublicKey) (hop.Iterator, error)
 }
 
 // UtxoSweeper defines the sweep functions that contract court requires.

diff --git a/htlcswitch/hop/iterator.go b/htlcswitch/hop/iterator.go
@@ -149,20 +149,27 @@ func (p *OnionProcessor) Stop() error {
 // ReconstructHopIterator attempts to decode a valid sphinx packet from the passed io.Reader
 // instance using the rHash as the associated data when checking the relevant
 // MACs during the decoding process.
-func (p *OnionProcessor) ReconstructHopIterator(r io.Reader, rHash []byte) (
-	Iterator, error) {
+func (p *OnionProcessor) ReconstructHopIterator(r io.Reader, rHash []byte,
+	blindingPoint *btcec.PublicKey) (Iterator, error) {
 
 	onionPkt := &sphinx.OnionPacket{}
 	if err := onionPkt.Decode(r); err != nil {
 		return nil, err
 	}
 
+	var opts []sphinx.ProcessOnionOpt
+	if blindingPoint != nil {
+		opts = append(opts, sphinx.WithBlindingPoint(blindingPoint))
+	}
+
 	// Attempt to process the Sphinx packet. We include the payment hash of
 	// the HTLC as it's authenticated within the Sphinx packet itself as
 	// associated data in order to thwart attempts a replay attacks. In the
 	// case of a replay, an attacker is *forced* to use the same payment
 	// hash twice, thereby losing their money entirely.
-	sphinxPacket, err := p.router.ReconstructOnionPacket(onionPkt, rHash)
+	sphinxPacket, err := p.router.ReconstructOnionPacket(
+		onionPkt, rHash, opts...,
+	)
 	if err != nil {
 		return nil, err
 	}