Propagate Trampoline blinding errors

arik-so · arik-so · commit 09ffa57b9d56 · 2025-03-17T13:42:47.000-07:00
When a blinded hop fails to decode, we send a special malformed error.
However, we previously simply checked the presence of a blinding point
within the `UpdateAddHTLC` message, which is not necessarily applicable
to Trampoline, so now we additionally return a flag if the error stemmed
from an inner onion's blinded hop decoding failure.
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -5984,7 +5984,7 @@ where
 													onion_packet.hmac, payment_hash, None, &*self.node_signer
 												) {
 													Ok(res) => res,
-													Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code }) => {
+													Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code, .. }) => {
 														let sha256_of_onion = Sha256::hash(&onion_packet.hop_data).to_byte_array();
 														// In this scenario, the phantom would have sent us an
 														// `update_fail_malformed_htlc`, meaning here we encrypt the error as
diff --git a/lightning/src/ln/onion_payment.rs b/lightning/src/ln/onion_payment.rs
@@ -474,10 +474,10 @@ where
 	L::Target: Logger,
 {
 	macro_rules! return_malformed_err {
-		($msg: expr, $err_code: expr) => {
+		($msg: expr, $err_code: expr, $force_blinding_error: expr) => {
 			{
 				log_info!(logger, "Failed to accept/forward incoming HTLC: {}", $msg);
-				let (sha256_of_onion, failure_code) = if msg.blinding_point.is_some() {
+				let (sha256_of_onion, failure_code) = if $force_blinding_error || msg.blinding_point.is_some() {
 					([0; 32], INVALID_ONION_BLINDING)
 				} else {
 					(Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(), $err_code)
@@ -493,7 +493,7 @@ where
 	}
 
 	if let Err(_) = msg.onion_routing_packet.public_key {
-		return_malformed_err!("invalid ephemeral pubkey", 0x8000 | 0x4000 | 6);
+		return_malformed_err!("invalid ephemeral pubkey", 0x8000 | 0x4000 | 6, false);
 	}
 
 	if msg.onion_routing_packet.version != 0 {
@@ -503,12 +503,12 @@ where
 		//receiving node would have to brute force to figure out which version was put in the
 		//packet by the node that send us the message, in the case of hashing the hop_data, the
 		//node knows the HMAC matched, so they already know what is there...
-		return_malformed_err!("Unknown onion packet version", 0x8000 | 0x4000 | 4);
+		return_malformed_err!("Unknown onion packet version", 0x8000 | 0x4000 | 4, false);
 	}
 
 	let encode_relay_error = |message: &str, err_code: u16, shared_secret: [u8; 32], trampoline_shared_secret: Option<[u8; 32]>, data: &[u8]| {
 		if msg.blinding_point.is_some() {
-			return_malformed_err!(message, INVALID_ONION_BLINDING)
+			return_malformed_err!(message, INVALID_ONION_BLINDING, false)
 		}
 
 		log_info!(logger, "Failed to accept/forward incoming HTLC: {}", message);
@@ -526,8 +526,8 @@ where
 		msg.payment_hash, msg.blinding_point, node_signer
 	) {
 		Ok(res) => res,
-		Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code }) => {
-			return_malformed_err!(err_msg, err_code);
+		Err(onion_utils::OnionDecodeErr::Malformed { err_msg, err_code, trampoline_onion_blinding }) => {
+			return_malformed_err!(err_msg, err_code, trampoline_onion_blinding);
 		},
 		Err(onion_utils::OnionDecodeErr::Relay { err_msg, err_code, shared_secret, trampoline_shared_secret }) => {
 			return encode_relay_error(err_msg, err_code, shared_secret.secret_bytes(), trampoline_shared_secret.map(|tss| tss.secret_bytes()), &[0; 0]);
diff --git a/lightning/src/ln/onion_utils.rs b/lightning/src/ln/onion_utils.rs
@@ -1673,7 +1673,10 @@ impl Hop {
 #[derive(Debug)]
 pub(crate) enum OnionDecodeErr {
 	/// The HMAC of the onion packet did not match the hop data.
-	Malformed { err_msg: &'static str, err_code: u16 },
+	///
+	/// If the malformed onion packet was a blinded Trampoline hop, we communicate it up the call
+	/// stack for appropriate error handling.
+	Malformed { err_msg: &'static str, err_code: u16, trampoline_onion_blinding: bool },
 	/// We failed to decode the onion payload.
 	///
 	/// If the payload we failed to decode belonged to a Trampoline onion, following the successful
@@ -1732,6 +1735,7 @@ where
 							err_msg:
 								"Final Node OnionHopData provided for us as an intermediary node",
 							err_code: INVALID_ONION_BLINDING,
+							trampoline_onion_blinding: false,
 						});
 					}
 					Err(OnionDecodeErr::Relay {
@@ -1830,13 +1834,13 @@ where
 					}),
 					Ok((_, None)) => Err(OnionDecodeErr::Malformed {
 						err_msg: "Non-final Trampoline onion data provided to us as last hop",
-						// todo: find more suitable error code
-						err_code: 0x4000 | 22,
+						err_code: INVALID_ONION_BLINDING,
+						trampoline_onion_blinding: true,
 					}),
 					Ok((_, Some(_))) => Err(OnionDecodeErr::Malformed {
 						err_msg: "Final Trampoline onion data provided to us as intermediate hop",
-						// todo: find more suitable error code
-						err_code: 0x4000 | 22,
+						err_code: INVALID_ONION_BLINDING,
+						trampoline_onion_blinding: true,
 					}),
 					Err(e) => Err(e),
 				}
@@ -1846,6 +1850,7 @@ where
 					return Err(OnionDecodeErr::Malformed {
 						err_msg: "Intermediate Node OnionHopData provided for us as a final node",
 						err_code: INVALID_ONION_BLINDING,
+						trampoline_onion_blinding: false,
 					});
 				}
 				Err(OnionDecodeErr::Relay {
@@ -1980,6 +1985,7 @@ fn decode_next_hop<T, R: ReadableArgs<T>, N: NextPacketBytes>(
 		return Err(OnionDecodeErr::Malformed {
 			err_msg: "HMAC Check failed",
 			err_code: 0x8000 | 0x4000 | 5,
+			trampoline_onion_blinding: false,
 		});
 	}
 
