Skip to content

Fix #669: Prevent dangling ConnectionState from GetOffer messages #680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
omsuneri wants to merge 2 commits into from
Closed

Fix #669: Prevent dangling ConnectionState from GetOffer messages #680

omsuneri wants to merge 2 commits into from

Conversation

@omsuneri
Copy link

@omsuneri omsuneri commented Jan 1, 2026
edited
Loading

fixes #669

  • Modified handle_message_taproot to return (Response, bool) tuple
  • GetOffer now creates temporary state that is never persisted
  • SwapDetails and subsequent messages persist state normally
  • Handles both cases: GetOffer called or skipped

@omsuneri
Fix citadel-tech#669: Prevent dangling ConnectionState from GetOffer …
4253fb8 
…messages

- Modified handle_message_taproot to return (Response, bool) tuple
- GetOffer now creates temporary state that is never persisted
- SwapDetails and subsequent messages persist state normally
- Handles both cases: GetOffer called or skipped
Copilot AI review requested due to automatic review settings January 1, 2026 14:25
Copilot AI reviewed Jan 1, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR attempts to fix issue #669 by preventing dangling ConnectionState entries from GetOffer messages. However, the implementation introduces a critical bug that breaks the normal swap flow.

Key Changes:

  • Modified handle_message_taproot to return a tuple (Response, bool) where the boolean indicates whether state should be persisted
  • GetOffer now uses temporary state that is never persisted
  • SwapDetails and subsequent messages persist state normally

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
src/maker/handlers2.rs Updated function signature to return persistence flag; modified SwapDetails to generate keypair if missing; added documentation for new return type
src/maker/server2.rs Changed connection state handling to use temporary state for GetOffer; added conditional persistence logic based on should_persist flag; updated error messages

Critical Issue Found:

The PR breaks the standard swap flow where a taker sends GetOffer followed by SwapDetails. When GetOffer is received, the maker generates a keypair and sends the public key to the taker, but this state is not persisted. When SwapDetails arrives, the maker generates a NEW keypair, causing a mismatch. The taker will use the wrong public key when constructing contracts, causing the swap to fail. This is evidenced in the taker code at src/taker/api2.rs:732 where the taker stores and uses the tweakable_point from the GetOffer response.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@omsuneri
Copy link
Author

omsuneri commented Jan 1, 2026
edited
Loading

@stark-3k would you please review this !!

@omsuneri
Fix citadel-tech#669: Prevent dangling ConnectionState from GetOffer …
cb0122c 
…messages

- Modified handle_message_taproot to return (Response, bool) tuple
- GetOffer now creates temporary state that is never persisted
- SwapDetails and subsequent messages persist state normally
- Handles both cases: GetOffer called or skipped
@mojoX911
Copy link

mojoX911 commented Jan 1, 2026

@omsuneri we don't allow AI-generated code in this project. The code we are writing is security-critical and requires a lot of care while changing core modules like this.

Please refrain from opening PRs if you gonna write AI slops. We won't spend time reviewing this.

Consider this a warning: if you put more AI-generated PRs like this, you can get banned from the project. Write your own code, or don't bother writing at all.

@omsuneri
Copy link
Author

omsuneri commented Jan 1, 2026
edited
Loading

@mojoX911 i did it on my own but dunno how the ai review turns on in my pr and i m getting the review automatically written
the issue is properly tested by me !!
if it seems not resolving the issue i can close it

@mojoX911
Copy link

mojoX911 commented Jan 1, 2026

You are changing documentations and other code that are not related to the task at all.

@omsuneri
Copy link
Author

omsuneri commented Jan 1, 2026
edited
Loading

@mojoX911 ohhh actually the changes made the functionality change so i modified the comments if you want i can just add them
sorry if i make any chaos here !!

@mojoX911
Copy link

mojoX911 commented Jan 1, 2026
edited
Loading

The changeset is still too noisy to review. I don't know what's going on. Its definitely changing unrelated code lines. Not possible to micro-review each change. Like random logs being changed etc.

Try doing the refactor in only the specific required location without changing anything else.

Also this is not in priority, as the team is busy with the v2 release. We will be picking up reviews on current open issues from next weeks.

@omsuneri
Copy link
Author

omsuneri commented Jan 1, 2026

should i close this PR

@mojoX911
Copy link

mojoX911 commented Jan 1, 2026

You can try for yourself as long as you want. Try to follow these points.

  • Keep the changes to most minimum as possible. Not a single extra line should be touched in server code.
  • Add clear comment on the change site why you are doing this.
  • Add clear log when connection states are being created and when being cleared out.

@omsuneri
Copy link
Author

omsuneri commented Jan 1, 2026

You can try for yourself as long as you want. Try to follow these points.

  • Keep the changes to most minimum as possible. Not a single extra line should be touched in server code.
  • Add clear comment on the change site why you are doing this.
  • Add clear log when connection states are being created and when being cleared out.

sure, will keep this in mind from ahead !!
i will edit this to keep only useful chnages

@codecov
Copy link

codecov bot commented Jan 1, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 68.00000% with 16 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.53%. Comparing base (776b75d) to head (cb0122c).
⚠️ Report is 88 commits behind head on master.

Files with missing lines Patch % Lines
src/maker/server2.rs 56.75% 16 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #680      +/-   ##
==========================================
+ Coverage   68.87%   77.53%   +8.66%     
==========================================
  Files          35       49      +14     
  Lines        4932    15007   +10075     
==========================================
+ Hits         3397    11636    +8239     
- Misses       1535     3371    +1836

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@mojoX911
Copy link

mojoX911 commented Jan 22, 2026

Closing this as it will be handled separately.

@mojoX911 mojoX911 closed this Jan 22, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Maker] Create and store ConnectionState after verifying SendersContract

2 participants

@omsuneri @mojoX911