Allow final node to return failures for dummy route

Final nodes can choose to use a one-hop blinded route with just a dummy hop and themselves as the introduction point when the sender already knows their identity. This lets them return normal failures which may help the sender retry more efficiently. We also update the reference test vector since `total_amount_msat` was made mandatory in the previous commit.
lightning · Nov 15, 2022 · ce57116 · ce57116
1 parent 274c0c0
commit ce57116
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 18 deletions.
diff --git a/02-peer-protocol.md b/02-peer-protocol.md
@@ -1142,7 +1142,8 @@ A node:
     - MUST NOT send an `update_fulfill_htlc`, `update_fail_htlc`, or
 `update_fail_malformed_htlc`.
   - When failing an incoming HTLC:
-    - If `current_blinding_point` is set in the onion payload:
+    - If `current_blinding_point` is set in the onion payload and it is not the
+      final node:
       - MUST send an `update_fail_htlc` error using the
         `invalid_onion_blinding` failure code with the `sha256_of_onion`
         of the onion it received, for any local or downstream errors.

diff --git a/04-onion-routing.md b/04-onion-routing.md
@@ -1037,10 +1037,6 @@ The _erring node_:
   - SHOULD set `pad` such that the `failure_len` plus `pad_len` is equal to 256.
     - Note: this value is 118 bytes longer than the longest currently-defined
     message.
-  - If `blinding_point` is set in the incoming `update_add_htlc` or
-    `current_blinding_point` is set in the onion payload:
-    - MUST return `invalid_onion_blinding` for any local error or other
-      downstream errors.
 
 The _origin node_:
   - once the return message has been decrypted:
@@ -1251,12 +1247,18 @@ The onion sent to a blinded path didn't match the recipient's encrypted relay re
 ### Requirements
 
 An _erring node_:
-  - MUST select one of the above error codes when creating an error message.
-  - MUST include the appropriate data for that particular error type.
-  - if there is more than one error:
-    - SHOULD select the first error it encounters from the list above.
+  - if `blinding_point` is set in the incoming `update_add_htlc`:
+    - MUST return an `invalid_onion_blinding` error.
+  - if `current_blinding_point` is set in the onion payload and it is not the
+    final node:
+    - MUST return an `invalid_onion_blinding` error.
+  - otherwise:
+    - MUST select one of the above error codes when creating an error message.
+    - MUST include the appropriate data for that particular error type.
+    - if there is more than one error:
+      - SHOULD select the first error it encounters from the list above.
 
-Any _erring node_ MAY:
+An _erring node_ MAY:
   - if the `realm` byte is unknown:
     - return an `invalid_realm` error.
   - if the per-hop payload in the onion is invalid (e.g. it is not a valid tlv stream)
@@ -1270,6 +1272,15 @@ Any _erring node_ MAY:
   which were NOT included in the onion:
     - return a `required_node_feature_missing` error.
 
+A _forwarding node_ MUST:
+  - if `blinding_point` is set in the incoming `update_add_htlc`:
+    - return an `invalid_onion_blinding` error.
+  - if `current_blinding_point` is set in the onion payload and it is not the
+    final node:
+    - return an `invalid_onion_blinding` error.
+  - otherwise:
+    - select one of the above error codes when creating an error message.
+
 A _forwarding node_ MAY, but a _final node_ MUST NOT:
   - if the onion `version` byte is unknown:
     - return an `invalid_onion_version` error.