Add BlindedPaymentPath type, to disambiguate from message paths.

Next up, we'll add a BlindedMessagePath type so the API is clear which type of
path is expected in each context.

Author: valentinewallace

fuzz/src/chanmon_consistency.rs

@@ -34,7 +34,7 @@ use bitcoin::hashes::Hash as TraitImport;
 use bitcoin::WPubkeyHash;
 
 use lightning::blinded_path::message::MessageContext;
-use lightning::blinded_path::payment::ReceiveTlvs;
+use lightning::blinded_path::payment::{BlindedPaymentPath, ReceiveTlvs};
 use lightning::blinded_path::BlindedPath;
 use lightning::chain;
 use lightning::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator};
@@ -126,7 +126,7 @@ impl Router for FuzzRouter {
 	fn create_blinded_payment_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		&self, _recipient: PublicKey, _first_hops: Vec<ChannelDetails>, _tlvs: ReceiveTlvs,
 		_amount_msats: u64, _secp_ctx: &Secp256k1<T>,
-	) -> Result<Vec<(BlindedPayInfo, BlindedPath)>, ()> {
+	) -> Result<Vec<(BlindedPayInfo, BlindedPaymentPath)>, ()> {
 		unreachable!()
 	}
 }

fuzz/src/full_stack.rs

@@ -31,7 +31,7 @@ use bitcoin::hashes::Hash as _;
 use bitcoin::WPubkeyHash;
 
 use lightning::blinded_path::message::MessageContext;
-use lightning::blinded_path::payment::ReceiveTlvs;
+use lightning::blinded_path::payment::{BlindedPaymentPath, ReceiveTlvs};
 use lightning::blinded_path::BlindedPath;
 use lightning::chain;
 use lightning::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator};
@@ -163,7 +163,7 @@ impl Router for FuzzRouter {
 	fn create_blinded_payment_paths<T: secp256k1::Signing + secp256k1::Verification>(
 		&self, _recipient: PublicKey, _first_hops: Vec<ChannelDetails>, _tlvs: ReceiveTlvs,
 		_amount_msats: u64, _secp_ctx: &Secp256k1<T>,
-	) -> Result<Vec<(BlindedPayInfo, BlindedPath)>, ()> {
+	) -> Result<Vec<(BlindedPayInfo, BlindedPaymentPath)>, ()> {
 		unreachable!()
 	}
 }

fuzz/src/invoice_request_deser.rs

@@ -11,10 +11,9 @@ use crate::utils::test_logger;
 use bitcoin::secp256k1::{self, Keypair, Parity, PublicKey, Secp256k1, SecretKey};
 use core::convert::TryFrom;
 use lightning::blinded_path::payment::{
-	Bolt12OfferContext, ForwardNode, ForwardTlvs, PaymentConstraints, PaymentContext, PaymentRelay,
-	ReceiveTlvs,
+	BlindedPaymentPath, Bolt12OfferContext, ForwardNode, ForwardTlvs, PaymentConstraints,
+	PaymentContext, PaymentRelay, ReceiveTlvs,
 };
-use lightning::blinded_path::BlindedPath;
 use lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY_DELTA;
 use lightning::ln::features::BlindedHopFeatures;
 use lightning::ln::types::PaymentSecret;
@@ -118,7 +117,7 @@ fn build_response<T: secp256k1::Signing + secp256k1::Verification>(
 		node_id: pubkey(43),
 		htlc_maximum_msat: 1_000_000_000_000,
 	}];
-	let payment_path = BlindedPath::new_for_payment(
+	let payment_path = BlindedPaymentPath::new(
 		&intermediate_nodes,
 		pubkey(42),
 		payee_tlvs,

fuzz/src/refund_deser.rs

@@ -11,10 +11,9 @@ use crate::utils::test_logger;
 use bitcoin::secp256k1::{self, Keypair, PublicKey, Secp256k1, SecretKey};
 use core::convert::TryFrom;
 use lightning::blinded_path::payment::{
-	Bolt12RefundContext, ForwardNode, ForwardTlvs, PaymentConstraints, PaymentContext,
-	PaymentRelay, ReceiveTlvs,
+	BlindedPaymentPath, Bolt12RefundContext, ForwardNode, ForwardTlvs, PaymentConstraints,
+	PaymentContext, PaymentRelay, ReceiveTlvs,
 };
-use lightning::blinded_path::BlindedPath;
 use lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY_DELTA;
 use lightning::ln::features::BlindedHopFeatures;
 use lightning::ln::types::PaymentSecret;
@@ -96,7 +95,7 @@ fn build_response<T: secp256k1::Signing + secp256k1::Verification>(
 		node_id: pubkey(43),
 		htlc_maximum_msat: 1_000_000_000_000,
 	}];
-	let payment_path = BlindedPath::new_for_payment(
+	let payment_path = BlindedPaymentPath::new(
 		&intermediate_nodes,
 		pubkey(42),
 		payee_tlvs,

fuzz/src/router.rs

@@ -12,6 +12,7 @@ use bitcoin::blockdata::constants::ChainHash;
 use bitcoin::blockdata::script::Builder;
 use bitcoin::blockdata::transaction::TxOut;
 
+use lightning::blinded_path::payment::BlindedPaymentPath;
 use lightning::blinded_path::{BlindedHop, BlindedPath, IntroductionNode};
 use lightning::chain::transaction::OutPoint;
 use lightning::ln::channel_state::{ChannelCounterparty, ChannelDetails, ChannelShutdownState};
@@ -380,7 +381,7 @@ pub fn do_test<Out: test_logger::Output>(data: &[u8], out: Out) {
 				let mut last_hops_unblinded = Vec::new();
 				last_hops!(last_hops_unblinded);
 				let dummy_pk = PublicKey::from_slice(&[2; 33]).unwrap();
-				let last_hops: Vec<(BlindedPayInfo, BlindedPath)> = last_hops_unblinded
+				let last_hops: Vec<(BlindedPayInfo, BlindedPaymentPath)> = last_hops_unblinded
 					.into_iter()
 					.map(|hint| {
 						let hop = &hint.0[0];
@@ -402,11 +403,11 @@ pub fn do_test<Out: test_logger::Output>(data: &[u8], out: Out) {
 						}
 						(
 							payinfo,
-							BlindedPath {
+							BlindedPaymentPath(BlindedPath {
 								introduction_node: IntroductionNode::NodeId(hop.src_node_id),
 								blinding_point: dummy_pk,
 								blinded_hops,
-							},
+							}),
 						)
 					})
 					.collect();

lightning/src/blinded_path/mod.rs

@@ -18,7 +18,6 @@ use message::MessageContext;
 use core::ops::Deref;
 
 use crate::ln::msgs::DecodeError;
-use crate::offers::invoice::BlindedPayInfo;
 use crate::routing::gossip::{NodeId, ReadOnlyNetworkGraph};
 use crate::sign::EntropySource;
 use crate::util::ser::{Readable, Writeable, Writer};
@@ -154,52 +153,6 @@ impl BlindedPath {
 		})
 	}
 
-	/// Create a one-hop blinded path for a payment.
-	pub fn one_hop_for_payment<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
-		payee_node_id: PublicKey, payee_tlvs: payment::ReceiveTlvs, min_final_cltv_expiry_delta: u16,
-		entropy_source: ES, secp_ctx: &Secp256k1<T>
-	) -> Result<(BlindedPayInfo, Self), ()> where ES::Target: EntropySource {
-		// This value is not considered in pathfinding for 1-hop blinded paths, because it's intended to
-		// be in relation to a specific channel.
-		let htlc_maximum_msat = u64::max_value();
-		Self::new_for_payment(
-			&[], payee_node_id, payee_tlvs, htlc_maximum_msat, min_final_cltv_expiry_delta,
-			entropy_source, secp_ctx
-		)
-	}
-
-	/// Create a blinded path for a payment, to be forwarded along `intermediate_nodes`.
-	///
-	/// Errors if:
-	/// * a provided node id is invalid
-	/// * [`BlindedPayInfo`] calculation results in an integer overflow
-	/// * any unknown features are required in the provided [`ForwardTlvs`]
-	///
-	/// [`ForwardTlvs`]: crate::blinded_path::payment::ForwardTlvs
-	//  TODO: make all payloads the same size with padding + add dummy hops
-	pub fn new_for_payment<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
-		intermediate_nodes: &[payment::ForwardNode], payee_node_id: PublicKey,
-		payee_tlvs: payment::ReceiveTlvs, htlc_maximum_msat: u64, min_final_cltv_expiry_delta: u16,
-		entropy_source: ES, secp_ctx: &Secp256k1<T>
-	) -> Result<(BlindedPayInfo, Self), ()> where ES::Target: EntropySource {
-		let introduction_node = IntroductionNode::NodeId(
-			intermediate_nodes.first().map_or(payee_node_id, |n| n.node_id)
-		);
-		let blinding_secret_bytes = entropy_source.get_secure_random_bytes();
-		let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
-
-		let blinded_payinfo = payment::compute_payinfo(
-			intermediate_nodes, &payee_tlvs, htlc_maximum_msat, min_final_cltv_expiry_delta
-		)?;
-		Ok((blinded_payinfo, BlindedPath {
-			introduction_node,
-			blinding_point: PublicKey::from_secret_key(secp_ctx, &blinding_secret),
-			blinded_hops: payment::blinded_hops(
-				secp_ctx, intermediate_nodes, payee_node_id, payee_tlvs, &blinding_secret
-			).map_err(|_| ())?,
-		}))
-	}
-
 	/// Returns the introduction [`NodeId`] of the blinded path, if it is publicly reachable (i.e.,
 	/// it is found in the network graph).
 	pub fn public_introduction_node_id<'a>(

lightning/src/blinded_path/payment.rs

@@ -7,9 +7,7 @@
 // You may not use this file except in accordance with one or both of these
 // licenses.
 
-//! Data structures and methods for constructing [`BlindedPath`]s to send a payment over.
-//!
-//! [`BlindedPath`]: crate::blinded_path::BlindedPath
+//! Data structures and methods for constructing [`BlindedPaymentPath`]s to send a payment over.
 
 use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey};
 
@@ -26,7 +24,7 @@ use crate::ln::onion_utils;
 use crate::offers::invoice::BlindedPayInfo;
 use crate::offers::invoice_request::InvoiceRequestFields;
 use crate::offers::offer::OfferId;
-use crate::sign::{NodeSigner, Recipient};
+use crate::sign::{EntropySource, NodeSigner, Recipient};
 use crate::util::ser::{FixedLengthReader, LengthReadableArgs, HighZeroBytesDroppedBigSize, Readable, Writeable, Writer};
 
 use core::mem;
@@ -35,6 +33,55 @@ use core::ops::Deref;
 #[allow(unused_imports)]
 use crate::prelude::*;
 
+/// A [`BlindedPath`] to be used for sending or receiving a payment, hiding the identity of the
+/// recipient.
+#[derive(Clone, Debug, Hash, PartialEq, Eq)]
+pub struct BlindedPaymentPath(pub BlindedPath);
+
+impl Writeable for BlindedPaymentPath {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.0.write(w)
+	}
+}
+
+impl Readable for BlindedPaymentPath {
+	fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
+		Ok(Self(BlindedPath::read(r)?))
+	}
+}
+
+impl BlindedPaymentPath {
+	/// Create a blinded path for a payment, to be forwarded along `intermediate_nodes`.
+	///
+	/// Errors if:
+	/// * a provided node id is invalid
+	/// * [`BlindedPayInfo`] calculation results in an integer overflow
+	/// * any unknown features are required in the provided [`ForwardTlvs`]
+	//  TODO: make all payloads the same size with padding + add dummy hops
+	pub fn new<ES: Deref, T: secp256k1::Signing + secp256k1::Verification>(
+		intermediate_nodes: &[ForwardNode], payee_node_id: PublicKey, payee_tlvs: ReceiveTlvs,
+		htlc_maximum_msat: u64, min_final_cltv_expiry_delta: u16, entropy_source: ES,
+		secp_ctx: &Secp256k1<T>
+	) -> Result<(BlindedPayInfo, Self), ()> where ES::Target: EntropySource {
+		let introduction_node = IntroductionNode::NodeId(
+			intermediate_nodes.first().map_or(payee_node_id, |n| n.node_id)
+		);
+		let blinding_secret_bytes = entropy_source.get_secure_random_bytes();
+		let blinding_secret = SecretKey::from_slice(&blinding_secret_bytes[..]).expect("RNG is busted");
+
+		let blinded_payinfo = compute_payinfo(
+			intermediate_nodes, &payee_tlvs, htlc_maximum_msat, min_final_cltv_expiry_delta
+		)?;
+		Ok((blinded_payinfo, Self(BlindedPath {
+			introduction_node,
+			blinding_point: PublicKey::from_secret_key(secp_ctx, &blinding_secret),
+			blinded_hops: blinded_hops(
+				secp_ctx, intermediate_nodes, payee_node_id, payee_tlvs, &blinding_secret
+			).map_err(|_| ())?,
+		})))
+	}
+}
+
 /// An intermediate node, its outbound channel, and relay parameters.
 #[derive(Clone, Debug)]
 pub struct ForwardNode {
@@ -117,10 +164,9 @@ pub struct PaymentConstraints {
 	pub htlc_minimum_msat: u64,
 }
 
-/// The context of an inbound payment, which is included in a [`BlindedPath`] via [`ReceiveTlvs`]
-/// and surfaced in [`PaymentPurpose`].
+/// The context of an inbound payment, which is included in a [`BlindedPaymentPath`] via
+/// [`ReceiveTlvs`] and surfaced in [`PaymentPurpose`].
 ///
-/// [`BlindedPath`]: crate::blinded_path::BlindedPath
 /// [`PaymentPurpose`]: crate::events::PaymentPurpose
 #[derive(Clone, Debug, Eq, PartialEq)]
 pub enum PaymentContext {
@@ -286,16 +332,16 @@ pub(super) fn blinded_hops<T: secp256k1::Signing + secp256k1::Verification>(
 //
 // Will only modify `path` when returning `Ok`.
 pub(crate) fn advance_path_by_one<NS: Deref, NL: Deref, T>(
-	path: &mut BlindedPath, node_signer: &NS, node_id_lookup: &NL, secp_ctx: &Secp256k1<T>
+	path: &mut BlindedPaymentPath, node_signer: &NS, node_id_lookup: &NL, secp_ctx: &Secp256k1<T>
 ) -> Result<(), ()>
 where
 	NS::Target: NodeSigner,
 	NL::Target: NodeIdLookUp,
 	T: secp256k1::Signing + secp256k1::Verification,
 {
-	let control_tlvs_ss = node_signer.ecdh(Recipient::Node, &path.blinding_point, None)?;
+	let control_tlvs_ss = node_signer.ecdh(Recipient::Node, &path.0.blinding_point, None)?;
 	let rho = onion_utils::gen_rho_from_shared_secret(&control_tlvs_ss.secret_bytes());
-	let encrypted_control_tlvs = &path.blinded_hops.get(0).ok_or(())?.encrypted_payload;
+	let encrypted_control_tlvs = &path.0.blinded_hops.get(0).ok_or(())?.encrypted_payload;
 	let mut s = Cursor::new(encrypted_control_tlvs);
 	let mut reader = FixedLengthReader::new(&mut s, encrypted_control_tlvs.len() as u64);
 	match ChaChaPolyReadAdapter::read(&mut reader, rho) {
@@ -307,11 +353,11 @@ where
 				None => return Err(()),
 			};
 			let mut new_blinding_point = onion_utils::next_hop_pubkey(
-				secp_ctx, path.blinding_point, control_tlvs_ss.as_ref()
+				secp_ctx, path.0.blinding_point, control_tlvs_ss.as_ref()
 			).map_err(|_| ())?;
-			mem::swap(&mut path.blinding_point, &mut new_blinding_point);
-			path.introduction_node = IntroductionNode::NodeId(next_node_id);
-			path.blinded_hops.remove(0);
+			mem::swap(&mut path.0.blinding_point, &mut new_blinding_point);
+			path.0.introduction_node = IntroductionNode::NodeId(next_node_id);
+			path.0.blinded_hops.remove(0);
 			Ok(())
 		},
 		_ => Err(())

lightning/src/ln/blinded_payment_tests.rs

@@ -8,8 +8,7 @@
 // licenses.
 
 use bitcoin::secp256k1::{PublicKey, Secp256k1, SecretKey};
-use crate::blinded_path::BlindedPath;
-use crate::blinded_path::payment::{ForwardNode, ForwardTlvs, PaymentConstraints, PaymentContext, PaymentRelay, ReceiveTlvs};
+use crate::blinded_path::payment::{BlindedPaymentPath, ForwardNode, ForwardTlvs, PaymentConstraints, PaymentContext, PaymentRelay, ReceiveTlvs};
 use crate::events::{Event, HTLCDestination, MessageSendEvent, MessageSendEventsProvider, PaymentFailureReason};
 use crate::ln::types::PaymentSecret;
 use crate::ln::channelmanager;
@@ -31,7 +30,7 @@ fn blinded_payment_path(
 	payment_secret: PaymentSecret, intro_node_min_htlc: u64, intro_node_max_htlc: u64,
 	node_ids: Vec<PublicKey>, channel_upds: &[&msgs::UnsignedChannelUpdate],
 	keys_manager: &test_utils::TestKeysInterface
-) -> (BlindedPayInfo, BlindedPath) {
+) -> (BlindedPayInfo, BlindedPaymentPath) {
 	let mut intermediate_nodes = Vec::new();
 	let mut intro_node_min_htlc_opt = Some(intro_node_min_htlc);
 	let mut intro_node_max_htlc_opt = Some(intro_node_max_htlc);
@@ -66,7 +65,7 @@ fn blinded_payment_path(
 		payment_context: PaymentContext::unknown(),
 	};
 	let mut secp_ctx = Secp256k1::new();
-	BlindedPath::new_for_payment(
+	BlindedPaymentPath::new(
 		&intermediate_nodes[..], *node_ids.last().unwrap(), payee_tlvs,
 		intro_node_max_htlc_opt.unwrap_or_else(|| channel_upds.last().unwrap().htlc_maximum_msat),
 		TEST_FINAL_CLTV as u16, keys_manager, &secp_ctx
@@ -112,8 +111,8 @@ fn do_one_hop_blinded_path(success: bool) {
 		payment_context: PaymentContext::unknown(),
 	};
 	let mut secp_ctx = Secp256k1::new();
-	let blinded_path = BlindedPath::one_hop_for_payment(
-		nodes[1].node.get_our_node_id(), payee_tlvs, TEST_FINAL_CLTV as u16,
+	let blinded_path = BlindedPaymentPath::new(
+		&[], nodes[1].node.get_our_node_id(), payee_tlvs, u64::MAX, TEST_FINAL_CLTV as u16,
 		&chanmon_cfgs[1].keys_manager, &secp_ctx
 	).unwrap();
 
@@ -155,8 +154,8 @@ fn mpp_to_one_hop_blinded_path() {
 		},
 		payment_context: PaymentContext::unknown(),
 	};
-	let blinded_path = BlindedPath::one_hop_for_payment(
-		nodes[3].node.get_our_node_id(), payee_tlvs, TEST_FINAL_CLTV as u16,
+	let blinded_path = BlindedPaymentPath::new(
+		&[], nodes[3].node.get_our_node_id(), payee_tlvs, u64::MAX, TEST_FINAL_CLTV as u16,
 		&chanmon_cfgs[3].keys_manager, &secp_ctx
 	).unwrap();
 
@@ -1301,8 +1300,8 @@ fn custom_tlvs_to_blinded_path() {
 		payment_context: PaymentContext::unknown(),
 	};
 	let mut secp_ctx = Secp256k1::new();
-	let blinded_path = BlindedPath::one_hop_for_payment(
-		nodes[1].node.get_our_node_id(), payee_tlvs, TEST_FINAL_CLTV as u16,
+	let blinded_path = BlindedPaymentPath::new(
+		&[], nodes[1].node.get_our_node_id(), payee_tlvs, u64::MAX, TEST_FINAL_CLTV as u16,
 		&chanmon_cfgs[1].keys_manager, &secp_ctx
 	).unwrap();
 

lightning/src/ln/channelmanager.rs

@@ -34,7 +34,7 @@ use bitcoin::{secp256k1, Sequence};
 use crate::blinded_path::message::{MessageContext, OffersContext};
 use crate::blinded_path::{BlindedPath, NodeIdLookUp};
 use crate::blinded_path::message::ForwardNode;
-use crate::blinded_path::payment::{Bolt12OfferContext, Bolt12RefundContext, PaymentConstraints, PaymentContext, ReceiveTlvs};
+use crate::blinded_path::payment::{BlindedPaymentPath, Bolt12OfferContext, Bolt12RefundContext, PaymentConstraints, PaymentContext, ReceiveTlvs};
 use crate::chain;
 use crate::chain::{Confirm, ChannelMonitorUpdateStatus, Watch, BestBlock};
 use crate::chain::chaininterface::{BroadcasterInterface, ConfirmationTarget, FeeEstimator, LowerBoundedFeeEstimator};
@@ -9069,8 +9069,8 @@ where
 	/// message.
 	///
 	/// The resulting invoice uses a [`PaymentHash`] recognized by the [`ChannelManager`] and a
-	/// [`BlindedPath`] containing the [`PaymentSecret`] needed to reconstruct the corresponding
-	/// [`PaymentPreimage`]. It is returned purely for informational purposes.
+	/// [`BlindedPaymentPath`] containing the [`PaymentSecret`] needed to reconstruct the
+	/// corresponding [`PaymentPreimage`]. It is returned purely for informational purposes.
 	///
 	/// # Limitations
 	///
@@ -9346,7 +9346,7 @@ where
 	/// [`Router::create_blinded_payment_paths`].
 	fn create_blinded_payment_paths(
 		&self, amount_msats: u64, payment_secret: PaymentSecret, payment_context: PaymentContext
-	) -> Result<Vec<(BlindedPayInfo, BlindedPath)>, ()> {
+	) -> Result<Vec<(BlindedPayInfo, BlindedPaymentPath)>, ()> {
 		let secp_ctx = &self.secp_ctx;
 
 		let first_hops = self.list_usable_channels();