Move cryptographic algorithms and utilities to a new crypto mod

[TheBlueMatt]

As we'd generally like the lightning crate to, over time, have more modules rather than being very monolithic, we should move the cryptographic things into their own module, which we do here.

We also take this opportunity to move stream adapters into their own module and make clear that the ChaChaPoly decrypt method is variable time.

[coderabbitai]

Walkthrough

The Rust codebase for a lightning network project has undergone a significant reorganization, centralizing cryptographic functionality into a new crypto module. This includes the implementation of ChaCha20 and ChaCha20Poly1305RFC algorithms, streamlining encryption and decryption processes. Modules for chacha20, poly1305, and chacha20poly1305rfc were relocated from util to crypto, and various import paths across the project were updated to reflect this structural change.

Changes

File(s)	Summary
lightning/src/crypto/mod.rs, lightning/src/lib.rs	Introduced crypto module with submodules for cryptographic operations; set visibility to pub(crate); added std::io re-export.
lightning/src/crypto/chacha20.rs, lightning/src/crypto/poly1305.rs, lightning/src/crypto/chacha20poly1305rfc.rs	Implemented cryptographic structures and algorithms; modified and removed certain functions and assertions.
lightning/src/crypto/streams.rs, lightning/src/blinded_path/utils.rs, lightning/src/onion_message/packet.rs	Added stream functionality for encryption/decryption; updated import paths for stream adapters.
lightning/src/ln/..., lightning/src/util/scid_utils.rs, lightning/src/routing/router.rs	Updated import paths to reflect the new crypto module location for cryptographic functions and structures.
lightning/src/ln/peer_channel_encryptor.rs	Reorganized cryptographic module import paths; modified decryption logic.
lightning/src/util/mod.rs	Removed cryptographic modules; reordered module declarations.
lightning/src/sign/mod.rs, lightning/src/chain/channelmonitor.rs	Reorganized imports to use crypto module for cryptographic utilities.

🐇✨
To cryptos new abode they hop,
With ChaCha dance and Poly stop.
Through lightning's code, they twist and weave,
In crypto module, they now believe. 🌩️🔐

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository from git and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[codecov-commenter]

Codecov Report

Attention: 23 lines in your changes are missing coverage. Please review.

Comparison is base (4b70921) 88.53% compared to head (4a0abd5) 88.52%.
Report is 6 commits behind head on main.

Files	Patch %	Lines
lightning/src/crypto/streams.rs	83.19%	10 Missing and 10 partials ⚠️
lightning/src/crypto/chacha20poly1305rfc.rs	96.96%	2 Missing and 1 partial ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2828      +/-   ##
==========================================
- Coverage   88.53%   88.52%   -0.02%     
==========================================
  Files         114      115       +1     
  Lines       92090    92090              
  Branches    92090    92090              
==========================================
- Hits        81535    81520      -15     
- Misses       8059     8072      +13     
- Partials     2496     2498       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[tnull]

I wonder whether we should rather move this to a dedicated lightning-crypto crate? The benefit would be that some other related projects could reuse the same, reviewed, code rather than copy/pasting or rolling their own. Examples would be vss-rust-client which had to copy over a bunch of things (see, https://github.com/lightningdevkit/vss-rust-client/tree/main/src/crypto) and possibly in the future lightning-liquidity when it comes to implementing LSPS4. Having duplicated code live at different places would of course introduce the risk with some slipping though unpatched if we ever found a bug, etc.

[TheBlueMatt]

We've historically avoided that because our ChaCha implementation doesn't actually fully comply with the RFC (missing handling for high bits set in the nonce and doesn't support sending > 4B blocks of data). If we want to arbitrary expose it I'd want to fix those issues first.

[valentinewallace]

nit: unnecessary braces. Why can't we use prelude?

[TheBlueMatt]

#2829 includes these files by symlink, so can't refer to the in-crate stuff.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between ea5de93 and 4a0abd5.

Files selected for processing (20)

• lightning/src/blinded_path/message.rs (1 hunks)
• lightning/src/blinded_path/utils.rs (1 hunks)
• lightning/src/chain/channelmonitor.rs (1 hunks)
• lightning/src/crypto/chacha20.rs (2 hunks)
• lightning/src/crypto/chacha20poly1305rfc.rs (1 hunks)
• lightning/src/crypto/mod.rs (1 hunks)
• lightning/src/crypto/poly1305.rs (1 hunks)
• lightning/src/crypto/streams.rs (1 hunks)
• lightning/src/lib.rs (1 hunks)
• lightning/src/ln/chan_utils.rs (1 hunks)
• lightning/src/ln/inbound_payment.rs (1 hunks)
• lightning/src/ln/monitor_tests.rs (1 hunks)
• lightning/src/ln/msgs.rs (1 hunks)
• lightning/src/ln/onion_utils.rs (1 hunks)
• lightning/src/ln/peer_channel_encryptor.rs (2 hunks)
• lightning/src/onion_message/packet.rs (1 hunks)
• lightning/src/routing/router.rs (2 hunks)
• lightning/src/sign/mod.rs (2 hunks)
• lightning/src/util/mod.rs (2 hunks)
• lightning/src/util/scid_utils.rs (1 hunks)

Files skipped from review as they are similar to previous changes (20)

• lightning/src/blinded_path/message.rs
• lightning/src/blinded_path/utils.rs
• lightning/src/chain/channelmonitor.rs
• lightning/src/crypto/chacha20.rs
• lightning/src/crypto/chacha20poly1305rfc.rs
• lightning/src/crypto/mod.rs
• lightning/src/crypto/poly1305.rs
• lightning/src/crypto/streams.rs
• lightning/src/lib.rs
• lightning/src/ln/chan_utils.rs
• lightning/src/ln/inbound_payment.rs
• lightning/src/ln/monitor_tests.rs
• lightning/src/ln/msgs.rs
• lightning/src/ln/onion_utils.rs
• lightning/src/ln/peer_channel_encryptor.rs
• lightning/src/onion_message/packet.rs
• lightning/src/routing/router.rs
• lightning/src/sign/mod.rs
• lightning/src/util/mod.rs
• lightning/src/util/scid_utils.rs

[valentinewallace]

nit: extra newline

[valentinewallace]

TIL in super::super.

[valentinewallace]

Just code moves and a rename so I'm going to land it. Nice cleanup!