common: remove support for pre v0.10.2 onionmessages.

Temporarily disable sendpay_blinding test which uses obsolete onionmsg; there's still some debate on the PR about how blinded HTLCs will work. Changelog-EXPERIMENTAL: onionmessage: removed support for v0.10.1 onion messages. Signed-off-by: Rusty Russell <[email protected]>
gavatron1010 · Nov 30, 2021 · b74848f · b74848f
1 parent 166ee4b
commit b74848f
Show file tree

Hide file tree

Showing 27 changed files with 53 additions and 1,271 deletions.
diff --git a/channeld/channeld.c b/channeld/channeld.c
@@ -2321,7 +2321,6 @@ static void peer_in(struct peer *peer, const u8 *msg)
 	case WIRE_WARNING:
 	case WIRE_ERROR:
 	case WIRE_ONION_MESSAGE:
-	case WIRE_OBS_ONION_MESSAGE:
 		abort();
 	}
 

diff --git a/common/blindedpath.c b/common/blindedpath.c
@@ -11,95 +11,6 @@
 #define SUPERVERBOSE(...)
 #endif
 
-/* Obsolete version: use enctlv() helper. */
-struct onionmsg_path **make_blindedpath(const tal_t *ctx,
-					const struct pubkey *route,
-					struct pubkey *initial_blinding,
-					struct pubkey *final_blinding)
-{
-	struct privkey e;
-	struct pubkey *pk_e, *b;
-	struct secret *rho;
-	struct onionmsg_path **path;
-	size_t num = tal_count(route);
-
-	if (!num)
-		abort();
-
-	/* E(i) */
-	pk_e = tal_arr(tmpctx, struct pubkey, num);
-	/* B(i) */
-	b = tal_arr(tmpctx, struct pubkey, num);
-	/* rho(i) */
-	rho = tal_arr(tmpctx, struct secret, num);
-
-	randombytes_buf(&e, sizeof(e));
-	if (!pubkey_from_privkey(&e, &pk_e[0]))
-		abort();
-
-	for (size_t i = 0; i < num; i++) {
-		struct secret ss;
-		struct secret hmac;
-		struct sha256 h;
-
-		if (secp256k1_ecdh(secp256k1_ctx, ss.data,
-				   &route[i].pubkey, e.secret.data,
-				   NULL, NULL) != 1)
-				abort();
-
-		subkey_from_hmac("blinded_node_id", &ss, &hmac);
-		b[i] = route[i];
-		if (i != 0) {
-			if (secp256k1_ec_pubkey_tweak_mul(secp256k1_ctx,
-					  &b[i].pubkey, hmac.data) != 1)
-				abort();
-		}
-		subkey_from_hmac("rho", &ss, &rho[i]);
-		blinding_hash_e_and_ss(&pk_e[i], &ss, &h);
-		if (i != num-1)
-			blinding_next_pubkey(&pk_e[i], &h, &pk_e[i+1]);
-		blinding_next_privkey(&e, &h, &e);
-	}
-
-	*initial_blinding = pk_e[0];
-	*final_blinding = pk_e[num-1];
-
-	path = tal_arr(ctx, struct onionmsg_path *, num);
-	for (size_t i = 0; i < num; i++) {
-		path[i] = tal(path, struct onionmsg_path);
-		path[i]->node_id = b[i];
-	}
-
-	for (size_t i = 0; i < num - 1; i++) {
-		const unsigned char npub[crypto_aead_chacha20poly1305_ietf_NPUBBYTES] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
-		struct tlv_encmsg_tlvs *inner;
-		int ret;
-
-		/* Inner is encrypted */
-		inner = tlv_encmsg_tlvs_new(tmpctx);
-		/* FIXME: We could support scids, too */
-		inner->next_node_id = cast_const(struct pubkey *, &route[i+1]);
-
-		path[i]->enctlv = tal_arr(path, u8, 0);
-		towire_encmsg_tlvs(&path[i]->enctlv, inner);
-		towire_pad(&path[i]->enctlv,
-			   crypto_aead_chacha20poly1305_ietf_ABYTES);
-
-		ret = crypto_aead_chacha20poly1305_ietf_encrypt(path[i]->enctlv, NULL,
-								path[i]->enctlv,
-								tal_bytelen(path[i]->enctlv) - crypto_aead_chacha20poly1305_ietf_ABYTES,
-								NULL, 0,
-								NULL, npub,
-								rho[i].data);
-		assert(ret == 0);
-	}
-
-	/* Final one has no enctlv */
-	path[num-1]->enctlv = NULL;
-
-	return path;
-}
-
 /* Blinds node_id and calculates next blinding factor. */
 static bool blind_node(const struct privkey *blinding,
 		       const struct secret *ss,

diff --git a/common/blindedpath.h b/common/blindedpath.h
@@ -10,13 +10,6 @@ struct pubkey;
 struct privkey;
 struct secret;
 
-/* Fills in *initial_blinding and *final_blinding and returns
- * onionmsg_path array for this route */
-struct onionmsg_path **make_blindedpath(const tal_t *ctx,
-					const struct pubkey *route,
-					struct pubkey *initial_blinding,
-					struct pubkey *final_blinding);
-
 /**
  * create_enctlv - Encrypt an encmsg to form an enctlv.
  * @ctx: tal context

diff --git a/devtools/blindedpath.c b/devtools/blindedpath.c
@@ -144,15 +144,7 @@ int main(int argc, char **argv)
 
 			/* Inner is encrypted */
 			inner = tlv_encmsg_tlvs_new(tmpctx);
-			/* Use scid if they provided one */
-			if (scids[i]) {
-				inner->obs_next_short_channel_id
-					= tal_dup(inner, struct short_channel_id,
-						  scids[i]);
-			} else {
-				inner->next_node_id
-					= tal_dup(inner, struct pubkey, &nodes[i+1]);
-			}
+			inner->next_node_id = tal_dup(inner, struct pubkey, &nodes[i+1]);
 			p = tal_arr(tmpctx, u8, 0);
 			towire_encmsg_tlvs(&p, inner);
 

diff --git a/doc/PLUGINS.md b/doc/PLUGINS.md
@@ -1514,13 +1514,12 @@ type prefix, since c-lightning does not know how to parse the message.
 Because this is a chained hook, the daemon expects the result to be
 `{'result': 'continue'}`. It will fail if something else is returned.
 
-### `onion_message`, `onion_message_blinded` and `onion_message_ourpath`
+### `onion_message_blinded` and `onion_message_ourpath`
 
 **(WARNING: experimental-offers only)**
 
-These three hooks are almost identical, in that they are called when
-an onion message is received.  The `onion_message` hook is only used
-for obsolete unblinded messages, and can be ignored for modern usage.
+These two hooks are almost identical, in that they are called when
+an onion message is received.
 
 `onion_message_blinded` is used for unsolicited messages (where the
 source knows that it is sending to this node), and
@@ -1556,6 +1555,7 @@ The payload for a call follows this format:
 All fields shown here are optional.
 
 We suggest just returning `{'result': 'continue'}`; any other result
+Signed-off-by: Rusty Russell <[email protected]>
 will cause the message not to be handed to any other hooks.
 
 ## Bitcoin backend