Limit payment path length based on payment_metadata, custom TLVs, etc.

[valentinewallace]

Currently the maximum payment path length is hardcoded in the router to 19. However, the presence of payment_metadata, custom TLVs, and/or blinded paths may mean that the actual limit is much shorter. Account for these extra onion fields when calculating and setting the maximum path length for use in pathfinding.

Closes #2201.

[valentinewallace]

Note: currently I’m evaluating the max path length based on the largest blinded path, i.e. the blinded path that limits us the most. Therefore, if some blinded paths are larger than others, this could unnecessarily limit us in pathfinding. We could set the max path length on a per-blinded-path basis? In practice, ISTM that blinded paths within the same invoice are likely to be of similar sizes to each other.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 97.88732% with 12 lines in your changes are missing coverage. Please review.

Project coverage is 89.85%. Comparing base (da7a916) to head (3cc673b).
Report is 4 commits behind head on main.

Files	Patch %	Lines
lightning/src/routing/router.rs	77.14%	8 Missing ⚠️
lightning/src/ln/max_payment_path_len_tests.rs	99.22%	2 Missing ⚠️
lightning/src/ln/outbound_payment.rs	91.66%	1 Missing and 1 partial ⚠️

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3026      +/-   ##
==========================================
+ Coverage   89.79%   89.85%   +0.06%     
==========================================
  Files         116      117       +1     
  Lines       96466    97278     +812     
  Branches    96466    97278     +812     
==========================================
+ Hits        86619    87413     +794     
- Misses       7290     7314      +24     
+ Partials     2557     2551       -6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[valentinewallace]

I found some more edge cases around how get_route counts hops as part of a path, so feel free to hold off on review there.

[valentinewallace]

Rebased to (hopefully) fix CI. This should be good for review.

[valentinewallace]

Feedback should be addressed. Also this needs a rebase so let me know when I can do that.

[TheBlueMatt]

Feel free to squash, IMO.

[TheBlueMatt]

This could be higher if we have to overpay when routing, so the object could serialize a bit longer.

[valentinewallace]

Added some buffer here. I think my buffer is a bit conservative so let me know if it needs tuning.

[jkczyz]

In practice, would the features not be empty? Perhaps it is negligible?

[valentinewallace]

These features aren't included in onion payloads so don't impact encoding size.

[jkczyz]

Why do we expose this if max_path_length is overridden by outbound_payments.rs?

[valentinewallace]

This was requested here: #3026 (comment). I suppose it could be useful if the user is calculating routes separately from sending a payment. Don't feel strongly about including it, though.

[jkczyz]

Hmmm... I see, though we should update ChannelManager::send_payment's docs to indicate that max_path_length is not honored then. Or maybe it would it be better to use the existing setting if it is smaller than what is computed instead of the default MAX_PATH_LENGTH_ESTIMATE?

[valentinewallace]

Or maybe it would it be better to use the existing setting if it is smaller than what is computed instead of the default MAX_PATH_LENGTH_ESTIMATE?

I think that's a good point, went this way in a fixup.

[jkczyz]

I'm good if you want to squash

[jkczyz]

Hmmm... I see, though we should update ChannelManager::send_payment's docs to indicate that max_path_length is not honored then. Or maybe it would it be better to use the existing setting if it is smaller than what is computed instead of the default MAX_PATH_LENGTH_ESTIMATE?

[jkczyz]

Just checking if the change from 4 to 3 was intentional.

[valentinewallace]

Yeah, should've called this out but 3 felt cleaner somehow? As noted here #3026 (comment), these numbers may want tuning.

[valentinewallace]

Squashed with 1 new fixup.

[jkczyz]

Should we even include MAX_PATH_LENGTH_ESTIMATE? If the computed max_path_length is smaller than the given one, shouldn't we prefer that over an estimated one?

[valentinewallace]

We need to include MAX_PATH_LENGTH_ESTIMATE here because the router currently has hardcoded assumptions that 19 will be the maximum path length. So if the computed value and the user-provided value are both higher than that, we still want to set the parameter to be the estimate.

[jkczyz]

I see. Should that be capped in the router, though? That is, is it conceivable that a different router implementation would not have that assumption?

[valentinewallace]

We do cap it in the router so you're right it's not necessary. I thought it made sense to have some kind of upper bound, but we can remove it if you prefer.

[valentinewallace]

Went ahead and removed it in the latest push.

[TheBlueMatt]

I guess this is fine, but should we really be included the blinded tail? Its not really a part of the "path" in the sense that the router didn't pick it and we refer to it separately from the hops themselves. It also results in code specifically to add/remove it as an offset here and in the limit calculator, which we could just elide.

[valentinewallace]

Fair enough, done in fixups.

[jkczyz]

LGTM. Feel free to squash.

[valentinewallace]

Squashed.