LSPS5 implementation #3662
LSPS5 implementation #3662
Conversation
|
👋 Thanks for assigning @tnull as a reviewer! |
|
This is a huge PR, but it wasn’t obvious to me how to split it in a way that would still make sense (I did split it into small commits to make it easier to review.). I’m open to suggestions if you have ideas on how this could be structured differently. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3662 +/- ##
==========================================
- Coverage 89.26% 89.16% -0.11%
==========================================
Files 155 159 +4
Lines 119968 121932 +1964
Branches 119968 121932 +1964
==========================================
+ Hits 107092 108719 +1627
- Misses 10265 10515 +250
- Partials 2611 2698 +87 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Wow, thank you for looking into this! I did a first pass, and it looks pretty amazing already!
Before going too much into further details, here are a few general comments upfront:
-
I'm generally no fan of introducing additional dependencies here, an in particular not
reqwestandtokio. I think following the pattern so farBroadcastNotificationscould be a request that the user handles with any HTTP client they want and then could call back intoLSPS5ServiceHandler. Alternatively, we could also use a trait similar to the currentHTTPClient, but I don't think we want to keep the default implementation. Note that the blockingreqwestvariant wraps atokioruntime internally, and therefore should never (1, 2, ...) be used together. I guess technically we could consider a defaultasyncversion of the trait that usesasyncreqwest, but I would prefer to simply have well-documented trait on our end that the user can implement however they choose to. Also note that stackingtokioruntimes is heavily discouraged in general, so assuming our users would themselves use atokioruntime, we shouldn't wrap one inLSPS5ServiceHandler. -
Note that
lightning-liquidityis optionally no-stdcompliant, so please don't rely onstdwherever possible, often it's just a matter of usingcoreinstead and importing the respective types fromcrate::prelude. If you really find yourselves needing to usestd, make sure it's feature gated behindfeature = "std"and we provide an alternative for users that don't support it. -
Minor: Regarding formatting we're using tabs, not spaces. Feel free to run
./contrib/run-rustfmt.shafter each commit to run our formatting scripts. -
This PR in its current scope is great, just want to note that eventually we need to add persistence for the state. As we haven't fully fleshed out the persistence strategy for
lightning-liquidityin general yet, it's actually preferred to defer this to a follow-up, but just wanted to mention it. Also note that some changes toMessageQueue/EventQueuewill happen inlightning-liquidity: IntroduceEventQueuenotifier and wake BP for message processing #3509, but will ping you to rebase once that has been merged. (just sidenotes here).
I hope these initial points make sense, let me know if you have any questions, or once you made corresponding changes and think this is ready for the next round of review!
|
👋 The first review has been submitted! Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer. |
Thanks for asking! I'm totally fine to keep this (with its current scope) in a single PR, as long as we keep the commit history pretty clean to allow continuing review to happen commit-by-commit. To this end, please make sure add any fixup commits clearly marked (e.g. via a |
|
Btw, I'm not sure if you're familiar with the previous attempt of implementing LSPS5: #3499 Given this is a clean slate, not sure how much there is to learn, but still might be worth a look. Also not sure if @johncantrell97 would be interested in reviewing this PR, too, as he's familiar with the codebase and LSPS5. |
martinsaposnic
force-pushed
the
lsps5
branch
2 times, most recently
from
1d4b47c to
edf5346
Compare
|
@tnull, ready for the next review round!
CI is failing because of the usage of the |
martinsaposnic
force-pushed
the
lsps5
branch
7 times, most recently
from
9809682 to
af5929e
Compare
|
🔔 1st Reminder Hey @tnull @valentinewallace! This PR has been waiting for your review. |
1 similar comment
|
🔔 1st Reminder Hey @tnull @valentinewallace! This PR has been waiting for your review. |
Yes, let's please also drop the |
martinsaposnic
force-pushed
the
lsps5
branch
3 times, most recently
from
2c51275 to
b0b7bad
Compare
|
Hey @tnull, thank you so much for reviewing and answering my questions! I just pushed some updates, addressing all your comments, including:
This should be ready for the next round of review. Thanks again! |
martinsaposnic
force-pushed
the
lsps5
branch
2 times, most recently
from
cc8a9ea to
f057bda
Compare
- Add 'time' feature flag to allow disabling time-dependent functionality - Include 'time' in default features - Allow users to disable SystemTime::now without disabling all std features - Follows pattern established in other crates (e.g., lightning-transaction-sync) - Improves compatibility with WASM environments
Adds a new url_utils.rs module that provides: - A lightweight URL parser specialized for LSPS5 webhook validation - A URL trait and Url implementation focusing on scheme and host extraction - RFC-compliant scheme validation - Comprehensive test coverage for various URL scenarios This implementation allows validating webhook URLs without depending on the external url crate
- Remove unnecessary URL trait (no other implementations expected) - Rename Url to LSPSUrl to avoid namespace conflicts - Clean up redundant comments
- Define LSPS5Request and LSPS5Response enums for webhook registration, listing, and removal. - Implement WebhookNotification and associated helper constructors for different notification types. - Implement serialization/deserialization support with comprehensive tests. - Improve LSPS5 message types, validation, and testing - Replace generic String types with strongly-typed Lsps5AppName and Lsps5WebhookUrl with built-in length and format validation - Restructure imports to follow one-per-line convention - Add constants for notification method strings - Make WebhookNotificationMethod enum more consistent with LSPS5 prefix - Use explicit serde_json::json and serde_json::Value instead of imports - Improve code documentation with proper ticks and references - Add comprehensive test vectors from the BLIP-0055 specification
- Rename types to use consistent UPPERCASE prefix (LSPS5AppName, LSPS5WebhookUrl) - Use LSPSUrl type for webhook URLs instead of raw strings - Replace LightningError with LSPSResponseError for better separation of concerns - Add appName and webhookUrl validation on msgs so they can be reused both in service and client - Embed notification parameters directly in WebhookNotificationMethod - Improve serialization/deserialization for webhook notifications
- Introduce LSPS5ServiceEvent for LSPS-side webhook events including registration, listing, removal, and notification. - Define LSPS5ClientEvent for handling webhook outcomes on the client (Lightning node) side. - Outline WebhookNotificationParams enum to support notification-specific parameters. - Improve LSPS5 event documentation and field naming - Rename client/lsp fields to counterparty_node_id for consistent terminology - Replace generic String types with more specific Lsps5AppName and Lsps5WebhookUrl - Add comprehensive documentation for all events and fields - Include format specifications (UTF-8, ISO8601) and size constraints - Add request_id field to all relevant events for consistent request tracking - Provide detailed descriptions of error codes and their meanings - Use complete sentences in documentation comments
- Rename types to LSPS5AppName and LSPS5WebhookUrl for naming consistency - Change WebhookNotificationSent to SendWebhookNotifications for better model - Update event to indicate a notification needs to be sent (not was sent) - Add headers field to support HTTP POST requests with headers - Remove redundant WebhookNotificationParams enum (was moved to msgs) - Fix bLIP-50 references to correctly reference bLIP-55
Implements the LSPS5 webhook registration service that allows LSPs to notify clients of important events via webhooks. This service handles webhook registration, listing, removal, and notification delivery according to the LSPS5 specification. Some details: - A generic HttpClient trait is defined so users can provide their own HTTP implementation - A generic TimeProvider trait is defined with a DefaultTimeProvider that uses std functionality - Uses URL utils to validate webhook URLs according to LSPS5 requirements - Uses secure message signing logic from the lightning::util::message_signing module - Works with the events and messages defined in earlier commits - Tests will be provided in a future commit
Thanks for the review @tnull! I've addressed all new comments and pushed them as Key changes:
CI is taking forever, so I may need to push a few fixes if anything breaks, but this should be ready for review again! A couple of things I know will get comments:
/// Returns the number of seconds since the Unix epoch.
pub fn new_from_duration(duration: Duration) -> Self {
Self(DateTime::from_timestamp(duration.as_secs() as i64, duration.subsec_nanos()).unwrap())
}It works, but it’s not the cleanest approach—open to suggestions.
When the event is triggered, the service picks it up and receives already-validated LSPS5AppName and LSPS5WebhookUrl, but it calls This pattern— Looking forward to your feedback! |
…client logic - Reorder and group imports (e.g. LSPS5 msgs) for clarity - Rename time provider method to duration_since_epoch and - - use LSPSDateTime serialization instead of custom functions - Remove dead code and configuration related to HTTP client - Replace magic numbers with well-named constants and document their purpose - Update tests to use the new time provider method consistently
Implements the client-side functionality for LSPS5 webhook registration, allowing Lightning clients to register, list, and remove webhooks with LSPs. This client handler processes responses and verifies webhook notification signatures. Key features: - Full client API for webhook registration operations - Per-peer state tracking for pending requests - Automatic request timeout and cleanup - Security validation for webhook URLs - Notification signature verification - Some tests are provided but more will come in a future commit This implementation pairs with the service-side LSPS5 webhook handler to complete the webhook registration protocol according to the LSPS5 specification.
- Replace unwrapping with safe Option handling - Remove redundant URL security validation code from client methods, they are now in msgs - Adjust timestamp subtraction to properly handle potential underflow - Group and reorganize imports for clarity and consistency - Add store_signature and check_signature to prevent replay attacks
Fully integrates the LSPS5 webhook components into the lightning-liquidity framework, enabling usage through the LiquidityManager. It includes - Registering LSPS5 events in the event system - Adding LSPS5 module to the main library exports - Updating LSPS0 serialization to handle LSPS5 messages - Adding LSPS5 configuration options to client and service config structures - Implementing message handling for LSPS5 requests and responses - Adding accessor methods for LSPS5 client and service handlers With this change, LSPS5 webhook functionality can now be accessed through the standard LiquidityManager interface, following the same pattern as other LSPS protocols.
…orrectness of the signing logic
There was a problem hiding this comment.
Cool, thank you for the quick turnaround! I did a rather quick round on the fixups, they look good so far, feel free to squash them!
I think CI is currently failing due to some use of moved value: _time_provider`` errors. Will see to do a more thorough round on the entire PR once it passes again.
| @@ -46,4 +47,5 @@ check-cfg = [ | |||
| "cfg(c_bindings)", | |||
| "cfg(backtrace)", | |||
| "cfg(ldk_bench)", | |||
| "cfg(time)", | |||
There was a problem hiding this comment.
This is likely not needed, as time is a feature, not a cfg flag, no?
| @@ -27,6 +28,7 @@ use bitcoin::secp256k1::PublicKey; | |||
| use core::fmt::{self, Display}; | |||
| use core::str::FromStr; | |||
|
|
|||
| use core::time::Duration; | |||
| #[cfg(feature = "std")] | |||
There was a problem hiding this comment.
I think this now needs to be feature-gated on time, same below, no? Or are we doing this in the follow-up also addressing LSPS2?
|
|
||
| /// Returns the number of seconds since the Unix epoch. | ||
| pub fn new_from_duration(duration: Duration) -> Self { | ||
| Self(DateTime::from_timestamp(duration.as_secs() as i64, duration.subsec_nanos()).unwrap()) |
There was a problem hiding this comment.
As Add<Duration> is implemented for chrono::DateTime (see https://docs.rs/chrono/latest/chrono/struct.DateTime.html#impl-Add%3CDuration%3E-for-DateTime%3CTz%3E), we should be able to make this infallible by simply doing
DateTime::UNIX_EPOCH + duration| } | ||
|
|
||
| /// Returns the number of seconds since the Unix epoch. | ||
| pub fn new_from_duration(duration: Duration) -> Self { |
There was a problem hiding this comment.
Can we make this an impl From<Duration> for LSPSDateTime?
| @@ -212,6 +214,16 @@ impl LSPSDateTime { | |||
| self.0.timestamp().try_into().expect("expiration to be ahead of unix epoch"); | |||
| now_seconds_since_epoch > datetime_seconds_since_epoch | |||
| } | |||
|
|
|||
| /// Returns the number of seconds since the Unix epoch. | |||
| pub fn timestamp(&self) -> u64 { | |||
There was a problem hiding this comment.
Part of introducing LSPSDateTime was exactly to avoid such ambiguous timestamp types. Are we sure we need this, and does it need to be part of the public API?
| /// This event occurs after the LSP successfully contacts a client's webhook. | ||
| WebhookNotificationSent { | ||
| /// Client node ID that was notified | ||
| /// This event occurs when the LSP needs to send a notification to a client's webhook. |
There was a problem hiding this comment.
Please provide more concrete guidance how users need to handle this event.
A complete implementation for LSPS5 (spec defined here lightning/blips#55)
Reviewing commit by commit is recommended (~40% of the added lines are tests)
Notes:
lightning-liquidity: IntroduceEventQueuenotifier and wake BP for message processing #3509 once that PR is merged