Skip to content

[bug]: high values for time_lock_delta can result in unexpected setting of 0 #7320

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
nomnombtc opened this issue Jan 14, 2023 · 4 comments · Fixed by #7350
Closed

[bug]: high values for time_lock_delta can result in unexpected setting of 0 #7320

nomnombtc opened this issue Jan 14, 2023 · 4 comments · Fixed by #7350
Assignees
@eval-exec
Labels
bug Unintended code behaviour good first issue Issues suitable for first time contributors to LND lncli P2 should be fixed if one has time policy

Comments

@nomnombtc
Copy link

Hello,

updatechanpolicy's time_lock_delta can roll over when very high values are used, which might result in a setting of 0.
I noticed this in a happy accident, where I used the channel_id instead of the channel_point and also forgot to actually
set time_lock_delta. So my channel_id got parsed as --time_lock_delta.

lncli --network testnet updatechanpolicy --fee_rate 0 --base_fee_msat 0 844393044316848128

resulted in time_lock_delta getting set to 0 for all my channels...

This shouldn't even be possible, because normally it complains that the minimum value is 18.

Your environment

tlv/v1.1.0-130-g143eba82e (0.15.99-beta current git master)
Linux lnd-test2 5.10.0-18-amd64 #1 SMP Debian 5.10.140-1 (2022-09-02) x86_64 GNU/Linux
bitcoin-core 23.0

Steps to reproduce

lncli --network testnet updatechanpolicy --fee_rate 0 --base_fee_msat 0 844393044316848128

Expected behaviour

Failure or time_lock_delta set to a high value

Actual behaviour

time_lock_delta got set to 0 for all my channels

$ lncli --network testnet getchaninfo 2610605642201169921
{
[...]
"node1_policy": {
"time_lock_delta": 0,
"min_htlc": "1000",
"fee_base_msat": "0",
"fee_rate_milli_msat": "0",
"disabled": false,
"max_htlc_msat": "1458270000",
"last_update": 1673657439,
"custom_records": {
}
},
[...]
$ lncli --network testnet getchaninfo 2610596846108147712
{
[...]
"node1_policy": {
"time_lock_delta": 0,
"min_htlc": "1000",
"fee_base_msat": "0",
"fee_rate_milli_msat": "0",
"disabled": false,
"max_htlc_msat": "990000000",
"last_update": 1673657439,
"custom_records": {
}
},
[...]

Additional Info

This might be caused by a 32bit roll over, as this still works as expected:
lncli --network testnet updatechanpolicy --fee_rate 0 --base_fee_msat 0 --time_lock_delta 2147483647
results in time_lock_delta 65535
while this results in setting it to zero again:
lncli --network testnet updatechanpolicy --fee_rate 0 --base_fee_msat 0 --time_lock_delta 2147483648
@nomnombtc nomnombtc added bug Unintended code behaviour needs triage labels Jan 14, 2023
@Roasbeef
Copy link
Member

Nice catch! We should make sure we check for overflow directly.

@yyforyongyu yyforyongyu added the good first issue Issues suitable for first time contributors to LND label Jan 15, 2023
@saubyk saubyk added this to the v0.16.1 milestone Jan 19, 2023
@eval-exec
Copy link
Contributor

@Roasbeef Hi Roasbeef, I found TimeLockDelta's type is inconsistent, it's uint16 in somewhere like:

lnd/lnwire/channel_update.go

Line 100 in 2cf6969

TimeLockDelta uint16

lnd/channeldb/graph.go

Line 3418 in 1aa9626

TimeLockDelta uint16

and it's uint32 in:

lnd/lnrpc/lightning.proto

Line 4048 in 3dd9e04

uint32 time_lock_delta = 5;

I think we should unify TimeLockDelta to uint16 and check for overflow up to max(uint16). What do you think?

@eval-exec eval-exec mentioned this issue Jan 22, 2023
Merged
7 tasks
@Roasbeef
Copy link
Member

I think we should unify TimeLockDelta to uint16 and check for overflow up to max(uint16). What do you think?

Agreed we should make the value consistent. For particular purposes, the uint16 should be enough. IIIRC, for the protos there isn't a uint16 type, so we need to use a uint32 there. Similarly, the database serialization in the other link assumes a uint16, so we can't change that as easily.

@saubyk saubyk added the P2 should be fixed if one has time label Aug 8, 2023
@saubyk saubyk removed this from the Medium Priority milestone Aug 8, 2023
@saubyk
Copy link
Collaborator

saubyk commented Dec 12, 2023

closed with: #7350

@saubyk saubyk closed this as completed Dec 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eval-exec eval-exec

Labels
bug Unintended code behaviour good first issue Issues suitable for first time contributors to LND lncli P2 should be fixed if one has time policy
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[rpcServer]: add time_lock_delta overflow check for UpdateChannelPolicy eval-exec/lnd
5 participants
@Roasbeef @nomnombtc @yyforyongyu @saubyk @eval-exec