Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invoice Acceptor: ensure asset ID match between RFQ and HTLC #1299

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Invoice Acceptor: ensure asset ID match between RFQ and HTLC #1299

wants to merge 2 commits into from

Conversation

GeorgeTsagk
Copy link
Member

Description

This PR adds an extra strictness check which requires the asset ID of the RFQ quote and HTLC records to match. This is done as an extra strict check to guard against HTLC and RFQ asset ID mismatch, which can lead to malicious behavior where a quote for a different asset is being accounted for when accepting an asset HTLC.

Closes #1255

@GeorgeTsagk GeorgeTsagk self-assigned this Jan 14, 2025
ffranr
ffranr requested changes Jan 14, 2025
View reviewed changes
Copy link
Contributor

@ffranr ffranr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea!

tapchannel/aux_invoice_manager.go Show resolved Hide resolved
@dstadulis
Copy link
Collaborator

TODO

  • itest to cover the negative cases

@dstadulis dstadulis added this to the v0.6 milestone Jan 14, 2025
@GeorgeTsagk
tapchannel: add assetIDFromQuote helper
e177bd2 
We add a simple assetIDFromQuote function that fetches the asset ID
associated with a certain accepted quote identified by its rfq ID. We
will later use this in the handleInvoice function to compare the asset
ID of the quote with that of the HTLCs.
@GeorgeTsagk
tapchannel: compare asset id of htlc records with quote
ef54607 
In this commit we use the previously defined helper to fetch the asset
ID of the accepted quote, then we compare it with the asset ID of each
HTLC. This is done as an extra strict check to guard against HTLC and
RFQ asset ID mismatch, which can lead to malicious behavior where a
quote for a different asset is being accounted for when accepting an
asset HTLC.
@GeorgeTsagk GeorgeTsagk force-pushed the inv-accept-asset-id-match branch from 7eb3643 to ef54607 Compare January 16, 2025 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ffranr ffranr ffranr requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@GeorgeTsagk GeorgeTsagk

Labels
htlc security
Projects
Taproot-Assets Project Board
Status: 👀 In review
Milestone
v0.6
Development

Successfully merging this pull request may close these issues.

Assert invoice-RFQ asset ID and HTLC asset ID match
3 participants
@GeorgeTsagk @dstadulis @ffranr