LSPS5 implementation #3662
LSPS5 implementation #3662
Conversation
|
👋 Thanks for assigning @tnull as a reviewer! |
|
This is a huge PR, but it wasn’t obvious to me how to split it in a way that would still make sense (I did split it into small commits to make it easier to review.). I’m open to suggestions if you have ideas on how this could be structured differently. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #3662 +/- ##
==========================================
- Coverage 89.26% 89.11% -0.16%
==========================================
Files 155 159 +4
Lines 119968 122611 +2643
Branches 119968 122611 +2643
==========================================
+ Hits 107092 109263 +2171
- Misses 10265 10621 +356
- Partials 2611 2727 +116 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Wow, thank you for looking into this! I did a first pass, and it looks pretty amazing already!
Before going too much into further details, here are a few general comments upfront:
-
I'm generally no fan of introducing additional dependencies here, an in particular not
reqwestandtokio. I think following the pattern so farBroadcastNotificationscould be a request that the user handles with any HTTP client they want and then could call back intoLSPS5ServiceHandler. Alternatively, we could also use a trait similar to the currentHTTPClient, but I don't think we want to keep the default implementation. Note that the blockingreqwestvariant wraps atokioruntime internally, and therefore should never (1, 2, ...) be used together. I guess technically we could consider a defaultasyncversion of the trait that usesasyncreqwest, but I would prefer to simply have well-documented trait on our end that the user can implement however they choose to. Also note that stackingtokioruntimes is heavily discouraged in general, so assuming our users would themselves use atokioruntime, we shouldn't wrap one inLSPS5ServiceHandler. -
Note that
lightning-liquidityis optionally no-stdcompliant, so please don't rely onstdwherever possible, often it's just a matter of usingcoreinstead and importing the respective types fromcrate::prelude. If you really find yourselves needing to usestd, make sure it's feature gated behindfeature = "std"and we provide an alternative for users that don't support it. -
Minor: Regarding formatting we're using tabs, not spaces. Feel free to run
./contrib/run-rustfmt.shafter each commit to run our formatting scripts. -
This PR in its current scope is great, just want to note that eventually we need to add persistence for the state. As we haven't fully fleshed out the persistence strategy for
lightning-liquidityin general yet, it's actually preferred to defer this to a follow-up, but just wanted to mention it. Also note that some changes toMessageQueue/EventQueuewill happen inlightning-liquidity: IntroduceEventQueuenotifier and wake BP for message processing #3509, but will ping you to rebase once that has been merged. (just sidenotes here).
I hope these initial points make sense, let me know if you have any questions, or once you made corresponding changes and think this is ready for the next round of review!
|
👋 The first review has been submitted! Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer. |
Thanks for asking! I'm totally fine to keep this (with its current scope) in a single PR, as long as we keep the commit history pretty clean to allow continuing review to happen commit-by-commit. To this end, please make sure add any fixup commits clearly marked (e.g. via a |
|
Btw, I'm not sure if you're familiar with the previous attempt of implementing LSPS5: #3499 Given this is a clean slate, not sure how much there is to learn, but still might be worth a look. Also not sure if @johncantrell97 would be interested in reviewing this PR, too, as he's familiar with the codebase and LSPS5. |
martinsaposnic
force-pushed
the
lsps5
branch
2 times, most recently
from
1d4b47c to
edf5346
Compare
|
@tnull, ready for the next review round!
CI is failing because of the usage of the |
martinsaposnic
force-pushed
the
lsps5
branch
7 times, most recently
from
9809682 to
af5929e
Compare
|
🔔 1st Reminder Hey @tnull @valentinewallace! This PR has been waiting for your review. |
1 similar comment
|
🔔 1st Reminder Hey @tnull @valentinewallace! This PR has been waiting for your review. |
martinsaposnic
force-pushed
the
lsps5
branch
3 times, most recently
from
2c51275 to
b0b7bad
Compare
|
Hey @tnull, thank you so much for reviewing and answering my questions! I just pushed some updates, addressing all your comments, including:
This should be ready for the next round of review. Thanks again! |
martinsaposnic
force-pushed
the
lsps5
branch
3 times, most recently
from
f057bda to
979abf1
Compare
Thanks for the review @tnull! I've addressed all new comments and pushed them as Key changes:
CI is taking forever, so I may need to push a few fixes if anything breaks, but this should be ready for review again! A couple of things I know will get comments:
/// Returns the number of seconds since the Unix epoch.
pub fn new_from_duration(duration: Duration) -> Self {
Self(DateTime::from_timestamp(duration.as_secs() as i64, duration.subsec_nanos()).unwrap())
}It works, but it’s not the cleanest approach—open to suggestions.
When the event is triggered, the service picks it up and receives already-validated LSPS5AppName and LSPS5WebhookUrl, but it calls This pattern— Looking forward to your feedback! |
There was a problem hiding this comment.
Cool, thank you for the quick turnaround! I did a rather quick round on the fixups, they look good so far, feel free to squash them!
I think CI is currently failing due to some use of moved value: _time_provider`` errors. Will see to do a more thorough round on the entire PR once it passes again.
lightning-liquidity/src/lsps0/ser.rs
Outdated
| } | ||
|
|
||
| /// Returns the number of seconds since the Unix epoch. | ||
| pub fn new_from_duration(duration: Duration) -> Self { |
There was a problem hiding this comment.
Can we make this an impl From<Duration> for LSPSDateTime?
There was a problem hiding this comment.
Hmm, thinking about this again, I think this was a bad idea as From should be really only implemented if there is a clear 1:1 conversion between the types applicable that doesn't need additional context. Here, it however hides the fact that we implictly assume it's a Duration from the UNIX epoch.
I have to eat my words, please revert this and make it a new_from_duration_since_epoch constructor. Sorry, excuse the back-and-forth!
- Add 'time' feature flag to allow disabling time-dependent functionality - Include 'time' in default features - Allow users to disable SystemTime::now without disabling all std features - Follows pattern established in other crates (e.g., lightning-transaction-sync) - Improves compatibility with WASM environments
- Implement From<Duration> for LSPSDateTime - Avoid doing ambiguous timestamp types - Add abs_diff function to use on client / service
Adds a new url_utils.rs module that provides: - A lightweight URL parser specialized for LSPS5 webhook validation - A URL trait and Url implementation focusing on scheme and host extraction - RFC-compliant scheme validation - Comprehensive test coverage for various URL scenarios This implementation allows validating webhook URLs without depending on the external url crate
- Define LSPS5Request and LSPS5Response enums for webhook registration, listing, and removal. - Implement WebhookNotification and associated helper constructors for different notification types. - Implement serialization/deserialization support with comprehensive tests. - Improve LSPS5 message types, validation, and testing - Replace generic String types with strongly-typed Lsps5AppName and Lsps5WebhookUrl with built-in length and format validation - Restructure imports to follow one-per-line convention - Add constants for notification method strings - Make WebhookNotificationMethod enum more consistent with LSPS5 prefix - Use explicit serde_json::json and serde_json::Value instead of imports - Improve code documentation with proper ticks and references - Add comprehensive test vectors from the BLIP-0055 specification
- Introduce LSPS5ServiceEvent for LSPS-side webhook events including registration, listing, removal, and notification. - Define LSPS5ClientEvent for handling webhook outcomes on the client (Lightning node) side. - Outline WebhookNotificationParams enum to support notification-specific parameters. - Improve LSPS5 event documentation and field naming - Rename client/lsp fields to counterparty_node_id for consistent terminology - Replace generic String types with more specific Lsps5AppName and Lsps5WebhookUrl - Add comprehensive documentation for all events and fields - Include format specifications (UTF-8, ISO8601) and size constraints - Add request_id field to all relevant events for consistent request tracking - Provide detailed descriptions of error codes and their meanings - Use complete sentences in documentation comments
Implements the LSPS5 webhook registration service that allows LSPs to notify clients of important events via webhooks. This service handles webhook registration, listing, removal, and notification delivery according to the LSPS5 specification. Some details: - A generic HttpClient trait is defined so users can provide their own HTTP implementation - A generic TimeProvider trait is defined with a DefaultTimeProvider that uses std functionality - Uses URL utils to validate webhook URLs according to LSPS5 requirements - Uses secure message signing logic from the lightning::util::message_signing module - Works with the events and messages defined in earlier commits - Tests will be provided in a future commit
Implements the client-side functionality for LSPS5 webhook registration, allowing Lightning clients to register, list, and remove webhooks with LSPs. This client handler processes responses and verifies webhook notification signatures. Key features: - Full client API for webhook registration operations - Per-peer state tracking for pending requests - Automatic request timeout and cleanup - Security validation for webhook URLs - Notification signature verification - Add store_signature and check_signature to prevent replay attacks - Some tests are provided but more will come in a future commit This implementation pairs with the service-side LSPS5 webhook handler to complete the webhook registration protocol according to the LSPS5 specification.
Fully integrates the LSPS5 webhook components into the lightning-liquidity framework, enabling usage through the LiquidityManager. It includes - Registering LSPS5 events in the event system - Adding LSPS5 module to the main library exports - Updating LSPS0 serialization to handle LSPS5 messages - Adding LSPS5 configuration options to client and service config structures - Implementing message handling for LSPS5 requests and responses - Adding accessor methods for LSPS5 client and service handlers With this change, LSPS5 webhook functionality can now be accessed through the standard LiquidityManager interface, following the same pattern as other LSPS protocols.
…orrectness of the signing logic
|
Hey @tnull, thanks for the review! Apologies for pinging you earlier when the CI was failing. I've addressed your last comments in |
|
🔔 1st Reminder Hey @tnull! This PR has been waiting for your review. |
| @@ -71,9 +71,15 @@ pub enum LSPS5ServiceEvent { | |||
| request_id: LSPSRequestId, | |||
| }, | |||
|
|
|||
| /// A notification needs to be sent to a client's webhook | |||
There was a problem hiding this comment.
No, having a one-line description paragraph first is still a good idea, IMO.
lightning-liquidity/src/lsps0/ser.rs
Outdated
| } | ||
|
|
||
| /// Returns the number of seconds since the Unix epoch. | ||
| pub fn new_from_duration(duration: Duration) -> Self { |
There was a problem hiding this comment.
Hmm, thinking about this again, I think this was a bad idea as From should be really only implemented if there is a clear 1:1 conversion between the types applicable that doesn't need additional context. Here, it however hides the fact that we implictly assume it's a Duration from the UNIX epoch.
I have to eat my words, please revert this and make it a new_from_duration_since_epoch constructor. Sorry, excuse the back-and-forth!
There was a problem hiding this comment.
Seems this fixup should be an actual prefactor commit as it's changing pre-existing code?
There was a problem hiding this comment.
Now that we don't use the trait, the commit message needs an update.
| /// According to RFC 1738, a scheme must: | ||
| /// 1. Start with a letter (a-z, A-Z) | ||
| /// 2. Contain only letters, digits, plus (+), period (.), or hyphen (-) | ||
| fn validate_scheme(scheme: &str) -> bool { |
There was a problem hiding this comment.
nit: Given this returns a bool naming this is_valid_scheme would be more idiomatic.
|
|
||
| let mut final_host = clean_host; | ||
| if let Some(port_idx) = clean_host.rfind(':') { | ||
| final_host = &clean_host[0..port_idx]; |
There was a problem hiding this comment.
Isn't the port part of the host though? If we strip it, the resulting Url wouldn't be usable if it doesn't use default ports, no?
|
|
||
| use super::url_utils::LSPSUrl; | ||
|
|
||
| /// Maximum allowed length for an app_name (in bytes) |
| pub(crate) const LSPS5_LIST_WEBHOOKS_METHOD_NAME: &str = "lsps5.list_webhooks"; | ||
| pub(crate) const LSPS5_REMOVE_WEBHOOK_METHOD_NAME: &str = "lsps5.remove_webhook"; | ||
|
|
||
| pub(crate) const LSPS5_WEBHOOK_REGISTERED: &str = "lsps5.webhook_registered"; |
There was a problem hiding this comment.
Maybe suffix these consts with _NOTIFICATION or similar?
|
|
||
| impl WebhookNotificationMethod { | ||
| /// Extract parameters for JSON serialization | ||
| pub fn parameters_json_value(&self) -> serde_json::Value { |
There was a problem hiding this comment.
Hmm, kinda unfortunate we need this. Maybe we should make this private as it's specific to the way WebhookNotification's serialization works?
| LSPS5_EXPIRY_SOON => { | ||
| // Default timeout when deserializing without params | ||
| // The actual timeout will be set from the params field later | ||
| Ok(Self::LSPS5ExpirySoon { timeout: 0 }) |
There was a problem hiding this comment.
Ugh, this is kind of hacky and seems it's inviting bugs down the line. Do we have an idea how to avoid it? Maybe it means we need to serialize/deserialize WebhookNotification in one go rather than also implementing Serialize/Deserialize for just WebhookNotificationMethod?
A complete implementation for LSPS5 (spec defined here lightning/blips#55)
Reviewing commit by commit is recommended (~40% of the added lines are tests)
Notes:
lightning-liquidity: IntroduceEventQueuenotifier and wake BP for message processing #3509 once that PR is merged