Add BlindedMessagePath type to disambiguate from blinded payment paths.

Author: valentinewallace

fuzz/src/chanmon_consistency.rs

@@ -33,9 +33,8 @@ use bitcoin::hashes::sha256d::Hash as Sha256dHash;
 use bitcoin::hashes::Hash as TraitImport;
 use bitcoin::WPubkeyHash;
 
-use lightning::blinded_path::message::MessageContext;
+use lightning::blinded_path::message::{BlindedMessagePath, MessageContext};
 use lightning::blinded_path::payment::{BlindedPaymentPath, ReceiveTlvs};
-use lightning::blinded_path::BlindedPath;
 use lightning::chain;
 use lightning::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator};
 use lightning::chain::channelmonitor::{ChannelMonitor, MonitorEvent};
@@ -142,7 +141,7 @@ impl MessageRouter for FuzzRouter {
 	fn create_blinded_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		&self, _recipient: PublicKey, _context: MessageContext, _peers: Vec<PublicKey>,
 		_secp_ctx: &Secp256k1<T>,
-	) -> Result<Vec<BlindedPath>, ()> {
+	) -> Result<Vec<BlindedMessagePath>, ()> {
 		unreachable!()
 	}
 }

fuzz/src/full_stack.rs

@@ -30,9 +30,8 @@ use bitcoin::hashes::Hash as _;
 use bitcoin::hex::FromHex;
 use bitcoin::WPubkeyHash;
 
-use lightning::blinded_path::message::MessageContext;
+use lightning::blinded_path::message::{BlindedMessagePath, MessageContext};
 use lightning::blinded_path::payment::{BlindedPaymentPath, ReceiveTlvs};
-use lightning::blinded_path::BlindedPath;
 use lightning::chain;
 use lightning::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator};
 use lightning::chain::chainmonitor;
@@ -179,7 +178,7 @@ impl MessageRouter for FuzzRouter {
 	fn create_blinded_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		&self, _recipient: PublicKey, _context: MessageContext, _peers: Vec<PublicKey>,
 		_secp_ctx: &Secp256k1<T>,
-	) -> Result<Vec<BlindedPath>, ()> {
+	) -> Result<Vec<BlindedMessagePath>, ()> {
 		unreachable!()
 	}
 }

fuzz/src/onion_message.rs

@@ -5,8 +5,8 @@ use bitcoin::secp256k1::ecdsa::RecoverableSignature;
 use bitcoin::secp256k1::schnorr;
 use bitcoin::secp256k1::{self, PublicKey, Scalar, Secp256k1, SecretKey};
 
-use lightning::blinded_path::message::{MessageContext, OffersContext};
-use lightning::blinded_path::{BlindedPath, EmptyNodeIdLookUp};
+use lightning::blinded_path::message::{BlindedMessagePath, MessageContext, OffersContext};
+use lightning::blinded_path::EmptyNodeIdLookUp;
 use lightning::ln::features::InitFeatures;
 use lightning::ln::msgs::{self, DecodeError, OnionMessageHandler};
 use lightning::ln::script::ShutdownScript;
@@ -98,7 +98,7 @@ impl MessageRouter for TestMessageRouter {
 	fn create_blinded_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		&self, _recipient: PublicKey, _context: MessageContext, _peers: Vec<PublicKey>,
 		_secp_ctx: &Secp256k1<T>,
-	) -> Result<Vec<BlindedPath>, ()> {
+	) -> Result<Vec<BlindedMessagePath>, ()> {
 		unreachable!()
 	}
 }

lightning/src/blinded_path/message.rs

@@ -7,9 +7,7 @@
 // You may not use this file except in accordance with one or both of these
 // licenses.
 
-//! Data structures and methods for constructing [`BlindedPath`]s to send a message over.
-//!
-//! [`BlindedPath`]: crate::blinded_path::BlindedPath
+//! Data structures and methods for constructing [`BlindedMessagePath`]s to send a message over.
 
 use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey};
 
@@ -23,16 +21,68 @@ use crate::blinded_path::utils;
 use crate::io;
 use crate::io::Cursor;
 use crate::ln::channelmanager::PaymentId;
+use crate::ln::msgs::DecodeError;
 use crate::ln::{PaymentHash, onion_utils};
 use crate::offers::nonce::Nonce;
 use crate::onion_message::packet::ControlTlvs;
-use crate::sign::{NodeSigner, Recipient};
+use crate::sign::{EntropySource, NodeSigner, Recipient};
 use crate::crypto::streams::ChaChaPolyReadAdapter;
-use crate::util::ser::{FixedLengthReader, LengthReadableArgs, Writeable, Writer};
+use crate::util::ser::{FixedLengthReader, LengthReadableArgs, Readable, Writeable, Writer};
 
 use core::mem;
 use core::ops::Deref;
 
+/// A [`BlindedPath`] to be used for sending or receiving a message, hiding the identity of the
+/// recipient.
+#[derive(Clone, Debug, Hash, PartialEq, Eq)]
+pub struct BlindedMessagePath(pub BlindedPath);
+
+impl Writeable for BlindedMessagePath {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.0.write(w)
+	}
+}
+
+impl Readable for BlindedMessagePath {
+	fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
+		Ok(Self(BlindedPath::read(r)?))
+	}
+}
+
+impl BlindedMessagePath {
+	/// Create a one-hop blinded path for a message.
+	pub fn one_hop<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
+		recipient_node_id: PublicKey, context: MessageContext, entropy_source: ES, secp_ctx: &Secp256k1<T>
+	) -> Result<Self, ()> where ES::Target: EntropySource {
+		Self::new(&[], recipient_node_id, context, entropy_source, secp_ctx)
+	}
+
+	/// Create a path for an onion message, to be forwarded along `node_pks`. The last node
+	/// pubkey in `node_pks` will be the destination node.
+	///
+	/// Errors if no hops are provided or if `node_pk`(s) are invalid.
+	//  TODO: make all payloads the same size with padding + add dummy hops
+	pub fn new<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
+		intermediate_nodes: &[ForwardNode], recipient_node_id: PublicKey, context: MessageContext,
+		entropy_source: ES, secp_ctx: &Secp256k1<T>
+	) -> Result<Self, ()> where ES::Target: EntropySource {
+		let introduction_node = IntroductionNode::NodeId(
+			intermediate_nodes.first().map_or(recipient_node_id, |n| n.node_id)
+		);
+		let blinding_secret_bytes = entropy_source.get_secure_random_bytes();
+		let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
+
+		Ok(Self(BlindedPath {
+			introduction_node,
+			blinding_point: PublicKey::from_secret_key(secp_ctx, &blinding_secret),
+			blinded_hops: blinded_hops(
+				secp_ctx, intermediate_nodes, recipient_node_id,
+				context, &blinding_secret,
+			).map_err(|_| ())?,
+		}))
+	}
+}
+
 /// An intermediate node, and possibly a short channel id leading to the next node.
 #[derive(Clone, Copy, Debug, Hash, PartialEq, Eq)]
 pub struct ForwardNode {
@@ -88,10 +138,10 @@ impl Writeable for ReceiveTlvs {
 	}
 }
 
-/// Additional data included by the recipient in a [`BlindedPath`].
+/// Additional data included by the recipient in a [`BlindedMessagePath`].
 ///
 /// This data is encrypted by the recipient and will be given to the corresponding message handler
-/// when handling a message sent over the [`BlindedPath`]. The recipient can use this data to
+/// when handling a message sent over the [`BlindedMessagePath`]. The recipient can use this data to
 /// authenticate the message or for further processing if needed.
 #[derive(Clone, Debug)]
 pub enum MessageContext {
@@ -110,7 +160,7 @@ pub enum MessageContext {
 /// [`OffersMessage`]: crate::onion_message::offers::OffersMessage
 #[derive(Clone, Debug, Eq, PartialEq)]
 pub enum OffersContext {
-	/// Context used by a [`BlindedPath`] within an [`Offer`].
+	/// Context used by a [`BlindedMessagePath`] within an [`Offer`].
 	///
 	/// This variant is intended to be received when handling an [`InvoiceRequest`].
 	///
@@ -124,7 +174,7 @@ pub enum OffersContext {
 		/// [`Offer`]: crate::offers::offer::Offer
 		nonce: Nonce,
 	},
-	/// Context used by a [`BlindedPath`] within a [`Refund`] or as a reply path for an
+	/// Context used by a [`BlindedMessagePath`] within a [`Refund`] or as a reply path for an
 	/// [`InvoiceRequest`].
 	///
 	/// This variant is intended to be received when handling a [`Bolt12Invoice`] or an
@@ -155,7 +205,7 @@ pub enum OffersContext {
 		/// [`InvoiceError`]: crate::offers::invoice_error::InvoiceError
 		hmac: Option<Hmac<Sha256>>,
 	},
-	/// Context used by a [`BlindedPath`] as a reply path for a [`Bolt12Invoice`].
+	/// Context used by a [`BlindedMessagePath`] as a reply path for a [`Bolt12Invoice`].
 	///
 	/// This variant is intended to be received when handling an [`InvoiceError`].
 	///
@@ -213,16 +263,16 @@ pub(super) fn blinded_hops<T: secp256k1::Signing + secp256k1::Verification>(
 //
 // Will only modify `path` when returning `Ok`.
 pub(crate) fn advance_path_by_one<NS: Deref, NL: Deref, T>(
-	path: &mut BlindedPath, node_signer: &NS, node_id_lookup: &NL, secp_ctx: &Secp256k1<T>
+	path: &mut BlindedMessagePath, node_signer: &NS, node_id_lookup: &NL, secp_ctx: &Secp256k1<T>
 ) -> Result<(), ()>
 where
 	NS::Target: NodeSigner,
 	NL::Target: NodeIdLookUp,
 	T: secp256k1::Signing + secp256k1::Verification,
 {
-	let control_tlvs_ss = node_signer.ecdh(Recipient::Node, &path.blinding_point, None)?;
+	let control_tlvs_ss = node_signer.ecdh(Recipient::Node, &path.0.blinding_point, None)?;
 	let rho = onion_utils::gen_rho_from_shared_secret(&control_tlvs_ss.secret_bytes());
-	let encrypted_control_tlvs = &path.blinded_hops.get(0).ok_or(())?.encrypted_payload;
+	let encrypted_control_tlvs = &path.0.blinded_hops.get(0).ok_or(())?.encrypted_payload;
 	let mut s = Cursor::new(encrypted_control_tlvs);
 	let mut reader = FixedLengthReader::new(&mut s, encrypted_control_tlvs.len() as u64);
 	match ChaChaPolyReadAdapter::read(&mut reader, rho) {
@@ -239,13 +289,13 @@ where
 			let mut new_blinding_point = match next_blinding_override {
 				Some(blinding_point) => blinding_point,
 				None => {
-					onion_utils::next_hop_pubkey(secp_ctx, path.blinding_point,
+					onion_utils::next_hop_pubkey(secp_ctx, path.0.blinding_point,
 						control_tlvs_ss.as_ref()).map_err(|_| ())?
 				}
 			};
-			mem::swap(&mut path.blinding_point, &mut new_blinding_point);
-			path.introduction_node = IntroductionNode::NodeId(next_node_id);
-			path.blinded_hops.remove(0);
+			mem::swap(&mut path.0.blinding_point, &mut new_blinding_point);
+			path.0.introduction_node = IntroductionNode::NodeId(next_node_id);
+			path.0.blinded_hops.remove(0);
 			Ok(())
 		},
 		_ => Err(())

lightning/src/blinded_path/mod.rs

@@ -13,13 +13,11 @@ pub mod payment;
 pub mod message;
 pub(crate) mod utils;
 
-use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey};
-use message::MessageContext;
+use bitcoin::secp256k1::PublicKey;
 use core::ops::Deref;
 
 use crate::ln::msgs::DecodeError;
 use crate::routing::gossip::{NodeId, ReadOnlyNetworkGraph};
-use crate::sign::EntropySource;
 use crate::util::ser::{Readable, Writeable, Writer};
 use crate::util::scid_utils;
 
@@ -121,38 +119,6 @@ pub struct BlindedHop {
 }
 
 impl BlindedPath {
-	/// Create a one-hop blinded path for a message.
-	pub fn one_hop_for_message<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
-		recipient_node_id: PublicKey, context: MessageContext, entropy_source: ES, secp_ctx: &Secp256k1<T>
-	) -> Result<Self, ()> where ES::Target: EntropySource {
-		Self::new_for_message(&[], recipient_node_id, context, entropy_source, secp_ctx)
-	}
-
-	/// Create a blinded path for an onion message, to be forwarded along `node_pks`. The last node
-	/// pubkey in `node_pks` will be the destination node.
-	///
-	/// Errors if no hops are provided or if `node_pk`(s) are invalid.
-	//  TODO: make all payloads the same size with padding + add dummy hops
-	pub fn new_for_message<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
-		intermediate_nodes: &[message::ForwardNode], recipient_node_id: PublicKey,
-		context: MessageContext, entropy_source: ES, secp_ctx: &Secp256k1<T>
-	) -> Result<Self, ()> where ES::Target: EntropySource {
-		let introduction_node = IntroductionNode::NodeId(
-			intermediate_nodes.first().map_or(recipient_node_id, |n| n.node_id)
-		);
-		let blinding_secret_bytes = entropy_source.get_secure_random_bytes();
-		let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
-
-		Ok(BlindedPath {
-			introduction_node,
-			blinding_point: PublicKey::from_secret_key(secp_ctx, &blinding_secret),
-			blinded_hops: message::blinded_hops(
-				secp_ctx, intermediate_nodes, recipient_node_id,
-				context, &blinding_secret,
-			).map_err(|_| ())?,
-		})
-	}
-
 	/// Returns the introduction [`NodeId`] of the blinded path, if it is publicly reachable (i.e.,
 	/// it is found in the network graph).
 	pub fn public_introduction_node_id<'a>(

lightning/src/blinded_path/utils.rs

@@ -16,6 +16,7 @@ use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey, Scalar};
 use bitcoin::secp256k1::ecdh::SharedSecret;
 
 use super::{BlindedHop, BlindedPath};
+use super::message::BlindedMessagePath;
 use crate::ln::msgs::DecodeError;
 use crate::ln::onion_utils;
 use crate::onion_message::messenger::Destination;
@@ -97,7 +98,7 @@ where
 			Destination::Node(pk) => {
 				build_keys!(pk, false, None);
 			},
-			Destination::BlindedPath(BlindedPath { blinded_hops, .. }) => {
+			Destination::BlindedPath(BlindedMessagePath(BlindedPath { blinded_hops, .. })) => {
 				for hop in blinded_hops {
 					build_keys_in_loop!(hop.blinded_node_id, true, Some(hop.encrypted_payload));
 				}

lightning/src/events/mod.rs

@@ -811,9 +811,9 @@ pub enum Event {
 		payment_id: PaymentId,
 		/// The invoice to pay.
 		invoice: Bolt12Invoice,
-		/// The context of the [`BlindedPath`] used to send the invoice.
+		/// The context of the [`BlindedMessagePath`] used to send the invoice.
 		///
-		/// [`BlindedPath`]: crate::blinded_path::BlindedPath
+		/// [`BlindedMessagePath`]: crate::blinded_path::message::BlindedMessagePath
 		context: Option<OffersContext>,
 		/// A responder for replying with an [`InvoiceError`] if needed.
 		///

lightning/src/ln/channelmanager.rs

@@ -32,8 +32,8 @@ use bitcoin::secp256k1::Secp256k1;
 use bitcoin::{secp256k1, Sequence};
 
 use crate::blinded_path::message::{MessageContext, OffersContext};
-use crate::blinded_path::{BlindedPath, NodeIdLookUp};
-use crate::blinded_path::message::ForwardNode;
+use crate::blinded_path::NodeIdLookUp;
+use crate::blinded_path::message::{BlindedMessagePath, ForwardNode};
 use crate::blinded_path::payment::{BlindedPaymentPath, Bolt12OfferContext, Bolt12RefundContext, PaymentConstraints, PaymentContext, ReceiveTlvs};
 use crate::chain;
 use crate::chain::{Confirm, ChannelMonitorUpdateStatus, Watch, BestBlock};
@@ -2472,11 +2472,11 @@ const MAX_NO_CHANNEL_PEERS: usize = 250;
 /// short-lived, while anything with a greater expiration is considered long-lived.
 ///
 /// Using [`ChannelManager::create_offer_builder`] or [`ChannelManager::create_refund_builder`],
-/// will included a [`BlindedPath`] created using:
+/// will included a [`BlindedMessagePath`] created using:
 /// - [`MessageRouter::create_compact_blinded_paths`] when short-lived, and
 /// - [`MessageRouter::create_blinded_paths`] when long-lived.
 ///
-/// Using compact [`BlindedPath`]s may provide better privacy as the [`MessageRouter`] could select
+/// Using compact [`BlindedMessagePath`]s may provide better privacy as the [`MessageRouter`] could select
 /// more hops. However, since they use short channel ids instead of pubkeys, they are more likely to
 /// become invalid over time as channels are closed. Thus, they are only suitable for short-term use.
 pub const MAX_SHORT_LIVED_RELATIVE_EXPIRY: Duration = Duration::from_secs(60 * 60 * 24);
@@ -8789,7 +8789,7 @@ macro_rules! create_offer_builder { ($self: ident, $builder: ty) => {
 	///
 	/// # Privacy
 	///
-	/// Uses [`MessageRouter`] to construct a [`BlindedPath`] for the offer based on the given
+	/// Uses [`MessageRouter`] to construct a [`BlindedMessagePath`] for the offer based on the given
 	/// `absolute_expiry` according to [`MAX_SHORT_LIVED_RELATIVE_EXPIRY`]. See those docs for
 	/// privacy implications as well as those of the parameterized [`Router`], which implements
 	/// [`MessageRouter`].
@@ -8856,7 +8856,7 @@ macro_rules! create_refund_builder { ($self: ident, $builder: ty) => {
 	///
 	/// # Privacy
 	///
-	/// Uses [`MessageRouter`] to construct a [`BlindedPath`] for the refund based on the given
+	/// Uses [`MessageRouter`] to construct a [`BlindedMessagePath`] for the refund based on the given
 	/// `absolute_expiry` according to [`MAX_SHORT_LIVED_RELATIVE_EXPIRY`]. See those docs for
 	/// privacy implications as well as those of the parameterized [`Router`], which implements
 	/// [`MessageRouter`].
@@ -8970,7 +8970,7 @@ where
 	/// # Privacy
 	///
 	/// For payer privacy, uses a derived payer id and uses [`MessageRouter::create_blinded_paths`]
-	/// to construct a [`BlindedPath`] for the reply path. For further privacy implications, see the
+	/// to construct a [`BlindedMessagePath`] for the reply path. For further privacy implications, see the
 	/// docs of the parameterized [`Router`], which implements [`MessageRouter`].
 	///
 	/// # Limitations
@@ -9273,7 +9273,7 @@ where
 	/// [`MAX_SHORT_LIVED_RELATIVE_EXPIRY`].
 	fn create_blinded_paths_using_absolute_expiry(
 		&self, context: OffersContext, absolute_expiry: Option<Duration>,
-	) -> Result<Vec<BlindedPath>, ()> {
+	) -> Result<Vec<BlindedMessagePath>, ()> {
 		let now = self.duration_since_epoch();
 		let max_short_lived_absolute_expiry = now.saturating_add(MAX_SHORT_LIVED_RELATIVE_EXPIRY);
 
@@ -9301,7 +9301,7 @@ where
 	/// [`MessageRouter::create_blinded_paths`].
 	///
 	/// Errors if the `MessageRouter` errors.
-	fn create_blinded_paths(&self, context: OffersContext) -> Result<Vec<BlindedPath>, ()> {
+	fn create_blinded_paths(&self, context: OffersContext) -> Result<Vec<BlindedMessagePath>, ()> {
 		let recipient = self.get_our_node_id();
 		let secp_ctx = &self.secp_ctx;
 
@@ -9322,7 +9322,7 @@ where
 	/// [`MessageRouter::create_compact_blinded_paths`].
 	///
 	/// Errors if the `MessageRouter` errors.
-	fn create_compact_blinded_paths(&self, context: OffersContext) -> Result<Vec<BlindedPath>, ()> {
+	fn create_compact_blinded_paths(&self, context: OffersContext) -> Result<Vec<BlindedMessagePath>, ()> {
 		let recipient = self.get_our_node_id();
 		let secp_ctx = &self.secp_ctx;