Add API for constructing blinded payment paths

[valentinewallace]

Lays some groundwork for route blinding support, helping address #1970. Lets us build blinded payment paths from the TLV payloads contained within them. A lot of the diff is code moves so we can separate out onion message-specific code from blinded payment-specific code.

We don't pad any values at the moment, which would increase privacy.

More testing is added in #2413.

[alecchendev]

Nice!

[codecov-commenter]

Codecov Report

Patch coverage: 84.57% and project coverage change: -0.13% ⚠️

Comparison is base (b149279) 91.07% compared to head (9d481d1) 90.94%.
Report is 16 commits behind head on main.

❗ Current head 9d481d1 differs from pull request most recent head 63b60e2. Consider uploading reports for the commit 63b60e2 to get more accurate results

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2412      +/-   ##
==========================================
- Coverage   91.07%   90.94%   -0.13%     
==========================================
  Files         106      108       +2     
  Lines       63310    62914     -396     
  Branches    63310    62914     -396     
==========================================
- Hits        57657    57220     -437     
- Misses       5653     5694      +41     

Files Changed	Coverage Δ
lightning/src/events/mod.rs	44.54% <0.00%> (-3.42%)	⬇️
lightning/src/blinded_path/mod.rs	85.10% <50.00%> (-9.15%)	⬇️
lightning/src/blinded_path/payment.rs	83.15% <83.15%> (ø)
lightning/src/blinded_path/message.rs	88.57% <88.57%> (ø)
lightning/src/blinded_path/utils.rs	94.73% <95.65%> (+0.98%)	⬆️
lightning/src/ln/chan_utils.rs	94.62% <100.00%> (ø)
lightning/src/ln/channelmanager.rs	89.05% <100.00%> (-0.60%)	⬇️
lightning/src/offers/invoice_error.rs	82.35% <100.00%> (ø)
lightning/src/onion_message/messenger.rs	86.75% <100.00%> (+0.06%)	⬆️
lightning/src/onion_message/packet.rs	95.19% <100.00%> (-0.10%)	⬇️
... and 3 more

... and 17 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[valentinewallace]

Note for reviewers: it's a bit LDK-specific and not generic that we take a PaymentSecret here. But as discussed previously with @TheBlueMatt, the spec should not be prescribing anything for the final payload at all because it's constructed for the receiver, by the receiver, so I don't see an issue with doing this instead of calling this field path_id and taking a Vec<u8> (which is an unnecessary allocation as well). But I get that this might be a bit confusing coming from the spec so thoughts welcome here.

[jkczyz]

Where is this encoded in the BlindedPath?

[valentinewallace]

Not sure I understood the question but the payment_secret is written in the Writeable implementation for BlindedPaymentTlvs

[jkczyz]

Ah, I see. It's encoded in the BlindedPath when utils::encrypt_payload is called.

[valentinewallace]

Rebased due to conflicts and squashed minor fixups.

[jkczyz]

Where is this encoded in the BlindedPath?

[jkczyz]

Ah, I see. It's encoded in the BlindedPath when utils::encrypt_payload is called.

[TheBlueMatt]

Basically lg

[TheBlueMatt]

Don't we need the same utility for blinded payment paths (and do they have the same control tlvs)?

[valentinewallace]

I was planning to do this as a follow-up to #2413, is your preference to get it out sooner? The control TLVs aren't the same.

[TheBlueMatt]

No, that's alright, I just wanted to make sure that the move made sense - I guess the follow-up will mean basically copying this and writing some new code to do the same thing for blinded payment paths?

[valentinewallace]

No, that's alright, I just wanted to make sure that the move made sense - I guess the follow-up will mean basically copying this and writing some new code to do the same thing for blinded payment paths?

Yep, that's the thinking

[TheBlueMatt]

What's this TODO? Get the spec updated, or...?

[valentinewallace]

I think the spec needs an update here, I commented on the route blinding PR lightning/bolts#765 (comment) and t-bast is supposed to get back to me soon.

[valentinewallace]

Ended up adding this field as a separate parameter to BlindedPath::new_for_payment. See linked thread but it shouldn't be part of the blinded payment TLVs themselves.

[valentinewallace]

Rebased because the new spec test vector failed with the new code, fixed now.

[TheBlueMatt]

This needs to consider the fees charged earlier - if the second node in the path wants at least 1 sat, and the previous node charges 1 sat in fee, the min should be 2 sats.

[valentinewallace]

Digging into this a bit, it looks like eclair/CLN don't do this. Are we sure the htlc_minimum_msat field isn't the minimum final receive amount to the blinded path, i.e. the min amount prior to the aggregated fees being added? At first glance looks like get_route will treat the min to send to the blinded path as BlindedPayInfo::htlc_minimum_msat + aggregated_fees.

[TheBlueMatt]

Hmm, we should ask them, then, cause that doesn't make much sense to me - if we have a blinded path along A -> B -> C, and A charges a 10% fee and B has a min_htlc of 100 sats, then the min HTLC for the full path needs to be 110 sats. The total min depends on where the max-min is in the path.

[valentinewallace]

Rebased due to conflicts and squashed.

[TheBlueMatt]

Basically all LGTM. Only real issue is the 8 byte restirction on the padding cause we didn't tell rustc what type we meant (which is maybe the most obvious rustc bug I've ever come across that they insist is definitely a Feature 🤦 )

[TheBlueMatt]

By not defining a type here, I believe rustc magically assumed you wanted an i64 🎉 , because this crate uses i64s a ton, all over the place, its definitely what we wanted.....and also we'll fail to read if the padding isn't either empty or exactly 8 bytes :(

[jkczyz]

Would the trick used in ControlTlvs work?

let _padding: Option<Padding> = _padding;

[valentinewallace]

Yeah, that should work. I think I'll add some docs to impl_writeable* saying that you can't have unused read values. It would be nice if there were a way to enforce that programmatically, haven't looked into it though.