[Lightning-dev] Onion routing strawman proposal

Rusty Russell rusty at rustcorp.com.au
Fri Oct 2 05:48:39 UTC 2015


Hi all!

        So, I've pushed some test onion routing code in an acceptable
format:
https://github.com/ElementsProject/lightning/blob/onion/test/test_onion.c

        #define MESSAGE_SIZE 128
        #define MAX_HOPS 20

        /* Prepend 0x02 to get pubkey for libsecp256k1 */
        struct pubkey {
        	unsigned char u8[32];
        };

        struct hop {
        	unsigned char msg[MESSAGE_SIZE];
        	struct pubkey pubkey;
        	struct sha256 hmac;
        };

        struct onion {
        	struct hop hop[MAX_HOPS];
        };

That's a fixed 3840 bytes; each node decrypts and removed the tail
entry, then prepends padding.  (Working backwards like that turns out to
be slightly more efficient for generating, see git commits).

There's nothing exotic in here: it's AES128 counter mode, HMAC using
SHA256, and Bitcoin's EC with ECDH.  But crypto review particularly
welcome!

Cheers,
Rusty.


More information about the Lightning-dev mailing list