Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the core functionality required to resolve Human Readable Names #3179

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Add the core functionality required to resolve Human Readable Names #3179

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
cc7c19f
Add DNS(SEC) query and proof messages and onion message handler
TheBlueMatt Jul 13, 2024
6b760e7
f sp
TheBlueMatt Sep 12, 2024
513bb88
f use hostname type
TheBlueMatt Sep 12, 2024
e1a87af
Parse and handle `DNSResolverMessage`s in `OnionMessenger`
TheBlueMatt Jul 13, 2024
4359c89
Add a `MessageContext::DNSResolution` to protect against probing
TheBlueMatt Jul 13, 2024
f49d571
Add a type to track `HumanReadableName`s
TheBlueMatt Jul 13, 2024
3a6440a
f use Hostname's validation
TheBlueMatt Sep 12, 2024
72a01c9
Add the core functionality required to resolve Human Readable Names
TheBlueMatt Sep 12, 2024
7018be4
f use struct for queries
TheBlueMatt Sep 12, 2024
eaa1e2e
f take an entropysource to force rng use
TheBlueMatt Sep 10, 2024
03406f7
f add dnssec feature to docsrs
TheBlueMatt Sep 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions ci/ci-tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,12 @@ echo -e "\n\nBuilding and testing all workspace crates..."
cargo test --verbose --color always
cargo check --verbose --color always

echo -e "\n\nBuilding and testing lightning crate with dnssec feature"
pushd lightning
cargo test -p lightning --verbose --color always --features dnssec
cargo check -p lightning --verbose --color always --features dnssec
popd

echo -e "\n\nBuilding and testing Block Sync Clients with features"

cargo test -p lightning-block-sync --verbose --color always --features rest-client
Expand Down
2 changes: 2 additions & 0 deletions fuzz/src/onion_message.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ use lightning::blinded_path::message::{BlindedMessagePath, MessageContext, Offer
use lightning::blinded_path::EmptyNodeIdLookUp;
use lightning::ln::features::InitFeatures;
use lightning::ln::msgs::{self, DecodeError, OnionMessageHandler};
use lightning::ln::peer_handler::IgnoringMessageHandler;
use lightning::ln::script::ShutdownScript;
use lightning::offers::invoice::UnsignedBolt12Invoice;
use lightning::offers::invoice_request::UnsignedInvoiceRequest;
Expand Down Expand Up @@ -54,6 +55,7 @@ pub fn do_test<L: Logger>(data: &[u8], logger: &L) {
&message_router,
&offers_msg_handler,
&async_payments_msg_handler,
IgnoringMessageHandler {}, // TODO: Move to ChannelManager once it supports DNSSEC.
&custom_msg_handler,
);

Expand Down
4 changes: 3 additions & 1 deletion lightning-background-processor/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -648,7 +648,7 @@ use futures_util::{dummy_waker, OptionalSelector, Selector, SelectorOutput};
/// # type NetworkGraph = lightning::routing::gossip::NetworkGraph<Arc<Logger>>;
/// # type P2PGossipSync<UL> = lightning::routing::gossip::P2PGossipSync<Arc<NetworkGraph>, Arc<UL>, Arc<Logger>>;
/// # type ChannelManager<B, F, FE> = lightning::ln::channelmanager::SimpleArcChannelManager<ChainMonitor<B, F, FE>, B, FE, Logger>;
/// # type OnionMessenger<B, F, FE> = lightning::onion_message::messenger::OnionMessenger<Arc<lightning::sign::KeysManager>, Arc<lightning::sign::KeysManager>, Arc<Logger>, Arc<ChannelManager<B, F, FE>>, Arc<lightning::onion_message::messenger::DefaultMessageRouter<Arc<NetworkGraph>, Arc<Logger>, Arc<lightning::sign::KeysManager>>>, Arc<ChannelManager<B, F, FE>>, lightning::ln::peer_handler::IgnoringMessageHandler, lightning::ln::peer_handler::IgnoringMessageHandler>;
/// # type OnionMessenger<B, F, FE> = lightning::onion_message::messenger::OnionMessenger<Arc<lightning::sign::KeysManager>, Arc<lightning::sign::KeysManager>, Arc<Logger>, Arc<ChannelManager<B, F, FE>>, Arc<lightning::onion_message::messenger::DefaultMessageRouter<Arc<NetworkGraph>, Arc<Logger>, Arc<lightning::sign::KeysManager>>>, Arc<ChannelManager<B, F, FE>>, lightning::ln::peer_handler::IgnoringMessageHandler, lightning::ln::peer_handler::IgnoringMessageHandler, lightning::ln::peer_handler::IgnoringMessageHandler>;
/// # type Scorer = RwLock<lightning::routing::scoring::ProbabilisticScorer<Arc<NetworkGraph>, Arc<Logger>>>;
/// # type PeerManager<B, F, FE, UL> = lightning::ln::peer_handler::SimpleArcPeerManager<SocketDescriptor, ChainMonitor<B, F, FE>, B, FE, Arc<UL>, Logger>;
/// #
Expand Down Expand Up @@ -1186,6 +1186,7 @@ mod tests {
IgnoringMessageHandler,
Arc<ChannelManager>,
IgnoringMessageHandler,
IgnoringMessageHandler,
>;

struct Node {
Expand Down Expand Up @@ -1587,6 +1588,7 @@ mod tests {
IgnoringMessageHandler {},
manager.clone(),
IgnoringMessageHandler {},
IgnoringMessageHandler {},
));
let wallet = Arc::new(TestWallet {});
let sweeper = Arc::new(OutputSweeper::new(
Expand Down
6 changes: 5 additions & 1 deletion lightning/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Still missing tons of error-handling. See GitHub issues for suggested projects i
edition = "2021"

[package.metadata.docs.rs]
features = ["std"]
features = ["std", "dnssec"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might want to rebase after #3289 has been merged to double-check there is no silent merge conflict?

rustdoc-args = ["--cfg", "docsrs"]

[features]
Expand All @@ -32,6 +32,8 @@ unsafe_revoked_tx_signing = []
no-std = ["hashbrown", "possiblyrandom", "libm"]
std = []

dnssec = ["dnssec-prover/validation"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thinking if we can make the dnssec-prover dependencies optional and included just when this feature is specified?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We maybe could, but it seems nice to use the types from it, and the crate weighs basically nothing if we just pull the types from it and don't enable the validation feature.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, and I agree. I was thinking that maybe the dnssec will be a popular feature that we want enabled most of the time

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea, it likely is (and maybe we should make it default, even), but I think even still we can use the types from it no matter what.


# Generates low-r bitcoin signatures, which saves 1 byte in 50% of the cases
grind_signatures = []

Expand All @@ -44,6 +46,8 @@ lightning-invoice = { version = "0.32.0-rc1", path = "../lightning-invoice", def
bech32 = { version = "0.9.1", default-features = false }
bitcoin = { version = "0.32.2", default-features = false, features = ["secp-recovery"] }

dnssec-prover = { version = "0.6", default-features = false }
tnull marked this conversation as resolved.
Show resolved Hide resolved

hashbrown = { version = "0.13", optional = true, default-features = false }
possiblyrandom = { version = "0.2", path = "../possiblyrandom", optional = true, default-features = false }
regex = { version = "1.5.6", optional = true }
Expand Down
24 changes: 24 additions & 0 deletions lightning/src/blinded_path/message.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -280,6 +280,11 @@ pub enum MessageContext {
///
/// [`OffersMessage`]: crate::onion_message::offers::OffersMessage
Offers(OffersContext),
/// Represents a context for a blinded path used in a reply path when requesting a DNSSEC proof
/// in a [`DNSResolverMessage`].
///
/// [`DNSResolverMessage`]: crate::onion_message::dns_resolution::DNSResolverMessage
DNSResolver(DNSResolverContext),
/// Context specific to a [`CustomOnionMessageHandler::CustomMessage`].
///
/// [`CustomOnionMessageHandler::CustomMessage`]: crate::onion_message::messenger::CustomOnionMessageHandler::CustomMessage
Expand Down Expand Up @@ -353,6 +358,7 @@ pub enum OffersContext {
impl_writeable_tlv_based_enum!(MessageContext,
{0, Offers} => (),
{1, Custom} => (),
{2, DNSResolver} => (),
);

impl_writeable_tlv_based_enum!(OffersContext,
Expand All @@ -369,6 +375,24 @@ impl_writeable_tlv_based_enum!(OffersContext,
},
);

/// Contains a simple nonce for use in a blinded path's context.
///
/// Such a context is required when receiving a [`DNSSECProof`] message.
///
/// [`DNSSECProof`]: crate::onion_message::dns_resolution::DNSSECProof
#[derive(Clone, Debug, Hash, PartialEq, Eq)]
pub struct DNSResolverContext {
/// A nonce which uniquely describes a DNS resolution.
///
/// When we receive a DNSSEC proof message, we should check that it was sent over the blinded
/// path we included in the request by comparing a stored nonce with this one.
pub nonce: [u8; 16],
}

impl_writeable_tlv_based!(DNSResolverContext, {
(0, nonce, required),
});

/// Construct blinded onion message hops for the given `intermediate_nodes` and `recipient_node_id`.
pub(super) fn blinded_hops<T: secp256k1::Signing + secp256k1::Verification>(
secp_ctx: &Secp256k1<T>, intermediate_nodes: &[MessageForwardNode],
Expand Down
2 changes: 2 additions & 0 deletions lightning/src/ln/functional_test_utils.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -414,6 +414,7 @@ type TestOnionMessenger<'chan_man, 'node_cfg, 'chan_mon_cfg> = OnionMessenger<
&'node_cfg test_utils::TestMessageRouter<'chan_mon_cfg>,
&'chan_man TestChannelManager<'node_cfg, 'chan_mon_cfg>,
&'chan_man TestChannelManager<'node_cfg, 'chan_mon_cfg>,
IgnoringMessageHandler, // TODO: Swap for ChannelManager (when built with the "dnssec" feature)
IgnoringMessageHandler,
>;

Expand Down Expand Up @@ -3265,6 +3266,7 @@ pub fn create_network<'a, 'b: 'a, 'c: 'b>(node_count: usize, cfgs: &'b Vec<NodeC
let onion_messenger = OnionMessenger::new(
dedicated_entropy, cfgs[i].keys_manager, cfgs[i].logger, &chan_mgrs[i],
&cfgs[i].message_router, &chan_mgrs[i], &chan_mgrs[i], IgnoringMessageHandler {},
IgnoringMessageHandler {},
);
let gossip_sync = P2PGossipSync::new(cfgs[i].network_graph.as_ref(), None, cfgs[i].logger);
let wallet_source = Arc::new(test_utils::TestWalletSource::new(SecretKey::from_slice(&[i as u8 + 1; 32]).unwrap()));
Expand Down
12 changes: 3 additions & 9 deletions lightning/src/ln/offers_tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,9 +210,7 @@ fn extract_invoice_request<'a, 'b, 'c>(
OffersMessage::StaticInvoice(invoice) => panic!("Unexpected static invoice: {:?}", invoice),
OffersMessage::InvoiceError(error) => panic!("Unexpected invoice_error: {:?}", error),
},
#[cfg(async_payments)]
ParsedOnionMessageContents::AsyncPayments(message) => panic!("Unexpected async payments message: {:?}", message),
ParsedOnionMessageContents::Custom(message) => panic!("Unexpected custom message: {:?}", message),
_ => panic!("Unexpected message {:?}", message),
},
Ok(PeeledOnion::Forward(_, _)) => panic!("Unexpected onion message forward"),
Err(e) => panic!("Failed to process onion message {:?}", e),
Expand All @@ -229,9 +227,7 @@ fn extract_invoice<'a, 'b, 'c>(node: &Node<'a, 'b, 'c>, message: &OnionMessage)
OffersMessage::StaticInvoice(invoice) => panic!("Unexpected static invoice: {:?}", invoice),
OffersMessage::InvoiceError(error) => panic!("Unexpected invoice_error: {:?}", error),
},
#[cfg(async_payments)]
ParsedOnionMessageContents::AsyncPayments(message) => panic!("Unexpected async payments message: {:?}", message),
ParsedOnionMessageContents::Custom(message) => panic!("Unexpected custom message: {:?}", message),
_ => panic!("Unexpected message {:?}", message),
},
Ok(PeeledOnion::Forward(_, _)) => panic!("Unexpected onion message forward"),
Err(e) => panic!("Failed to process onion message {:?}", e),
Expand All @@ -250,9 +246,7 @@ fn extract_invoice_error<'a, 'b, 'c>(
OffersMessage::StaticInvoice(invoice) => panic!("Unexpected invoice: {:?}", invoice),
OffersMessage::InvoiceError(error) => error,
},
#[cfg(async_payments)]
ParsedOnionMessageContents::AsyncPayments(message) => panic!("Unexpected async payments message: {:?}", message),
ParsedOnionMessageContents::Custom(message) => panic!("Unexpected custom message: {:?}", message),
_ => panic!("Unexpected message: {:?}", message),
},
Ok(PeeledOnion::Forward(_, _)) => panic!("Unexpected onion message forward"),
Err(e) => panic!("Failed to process onion message {:?}", e),
Expand Down
11 changes: 10 additions & 1 deletion lightning/src/ln/peer_handler.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
use bitcoin::constants::ChainHash;
use bitcoin::secp256k1::{self, Secp256k1, SecretKey, PublicKey};

use crate::blinded_path::message::OffersContext;
use crate::blinded_path::message::{DNSResolverContext, OffersContext};
use crate::sign::{NodeSigner, Recipient};
use crate::events::{MessageSendEvent, MessageSendEventsProvider};
use crate::ln::types::ChannelId;
Expand All @@ -30,6 +30,7 @@ use crate::ln::peer_channel_encryptor::{PeerChannelEncryptor, NextNoiseStep, Mes
use crate::ln::wire;
use crate::ln::wire::{Encode, Type};
use crate::onion_message::async_payments::{AsyncPaymentsMessageHandler, HeldHtlcAvailable, ReleaseHeldHtlc};
use crate::onion_message::dns_resolution::{DNSResolverMessageHandler, DNSResolverMessage, DNSSECProof, DNSSECQuery};
use crate::onion_message::messenger::{CustomOnionMessageHandler, Responder, ResponseInstruction, MessageSendInstructions};
use crate::onion_message::offers::{OffersMessage, OffersMessageHandler};
use crate::onion_message::packet::OnionMessageContents;
Expand Down Expand Up @@ -154,6 +155,14 @@ impl AsyncPaymentsMessageHandler for IgnoringMessageHandler {
}
fn release_held_htlc(&self, _message: ReleaseHeldHtlc) {}
}
impl DNSResolverMessageHandler for IgnoringMessageHandler {
fn dnssec_query(
&self, _message: DNSSECQuery, _responder: Option<Responder>,
) -> Option<(DNSResolverMessage, ResponseInstruction)> {
None
}
fn dnssec_proof(&self, _message: DNSSECProof, _context: DNSResolverContext) {}
}
impl CustomOnionMessageHandler for IgnoringMessageHandler {
type CustomMessage = Infallible;
fn handle_custom_message(&self, _message: Infallible, _context: Option<Vec<u8>>, _responder: Option<Responder>) -> Option<(Infallible, ResponseInstruction)> {
Expand Down
Loading
Loading