You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: 04-onion-routing.md
+7-6Lines changed: 7 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -1037,7 +1037,8 @@ route, so it knows where to return-forward any eventual return packets.
1037
1037
1038
1038
## Erring node
1039
1039
1040
-
The node generating the error message (_erring node_) builds a return packet (the `reason` field in `update_fail_htlc`) consisting of the following fields:
1040
+
The node generating the error message builds a _return packet_
1041
+
consisting of the following fields:
1041
1042
1042
1043
1. data:
1043
1044
*[`32*byte`:`hmac`]
@@ -1066,7 +1067,7 @@ The erring node puts its hold time at the start of this array and zeroes out the
1066
1067
field is based on the maximum supported number of hops in a route (20).
1067
1068
1068
1069
The field `truncated_hmacs` contains truncated authentication codes series for each hop, with the
1069
-
same `um` key that is used for `hmac` in the `reason` field. Regular 32 byte HMACs are
1070
+
same `um` key that is used for `hmac` in the return packet. Regular 32 byte HMACs are
1070
1071
truncated to the first 4 bytes to save space.
1071
1072
1072
1073
In theory this truncation makes it possible for malicious nodes to guess the
@@ -1092,7 +1093,7 @@ away from the erring node.
1092
1093
1093
1094
Each HMAC covers the following data:
1094
1095
1095
-
* The `reason` field.
1096
+
* The return packet.
1096
1097
1097
1098
* The first `y+1` hold times in `htlc_hold_times`. For example, `hmac_0_2` would cover
1098
1099
all three hold times.
@@ -1158,7 +1159,7 @@ result to obfuscate the `attribution_data` field.
1158
1159
Furthermore every hop, also the ones that do no support attributable failures, performs these steps:
1159
1160
1160
1161
* Generate its `ammag` key, generate the pseudo-random byte streams, and apply the
1161
-
result to obfuscate the `reason` field
1162
+
result to obfuscate the return packet. This is then stored as the `reason` field of the `update_htlc_fail` message.
1162
1163
1163
1164
These obfuscation steps are identical to the obfuscation steps that the erring node carries out.
1164
1165
@@ -1185,9 +1186,9 @@ For nodes supporting attributable failures:
1185
1186
1186
1187
For all nodes:
1187
1188
1188
-
* Compute the HMAC for the `reason` field, using the hop's `um` key.
1189
+
* Compute the HMAC for the return packet, using the hop's `um` key.
1189
1190
1190
-
* When the computed HMAC matches `hmac` in the `reason` field, the sender will know that the current hop is the sender of the failure. They can then parse `failuremsg`.
1191
+
* When the computed HMAC matches `hmac` in the return packet, the sender will know that the current hop is the sender of the failure. They can then parse `failuremsg`.
1191
1192
1192
1193
The association between the forward and return packets is handled outside of
1193
1194
this onion routing protocol, e.g. via association with an HTLC in a payment
0 commit comments