Fix blinded recipient fail on malformed HTLC

If a blinded recipient to a multihop blinded path needs to fail back a
malformed HTLC, they should use error code INVALID_ONION_BLINDING and a zeroed
out onion hash per BOLT 4.

Author: valentinewallace

lightning/src/ln/blinded_payment_tests.rs

@@ -281,7 +281,12 @@ fn failed_backwards_to_intro_node() {
 
 	let mut updates = get_htlc_update_msgs!(nodes[2], nodes[1].node.get_our_node_id());
 	let mut update_malformed = &mut updates.update_fail_malformed_htlcs[0];
-	// Ensure the final hop does not correctly blind their error.
+	// Check that the final node encodes its failure correctly.
+	assert_eq!(update_malformed.failure_code, INVALID_ONION_BLINDING);
+	assert_eq!(update_malformed.sha256_of_onion, [0; 32]);
+
+	// Modify such the final hop does not correctly blind their error so we can ensure the intro node
+	// converts it to the correct error.
 	update_malformed.sha256_of_onion = [1; 32];
 	nodes[1].node.handle_update_fail_malformed_htlc(&nodes[2].node.get_our_node_id(), update_malformed);
 	do_commitment_signed_dance(&nodes[1], &nodes[2], &updates.commitment_signed, true, false);

lightning/src/ln/onion_payment.rs

@@ -319,11 +319,16 @@ where
 		($msg: expr, $err_code: expr) => {
 			{
 				log_info!(logger, "Failed to accept/forward incoming HTLC: {}", $msg);
+				let (sha256_of_onion, failure_code) = if msg.blinding_point.is_some() {
+					([0; 32], INVALID_ONION_BLINDING)
+				} else {
+					(Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(), $err_code)
+				};
 				return Err(HTLCFailureMsg::Malformed(msgs::UpdateFailMalformedHTLC {
 					channel_id: msg.channel_id,
 					htlc_id: msg.htlc_id,
-					sha256_of_onion: Sha256::hash(&msg.onion_routing_packet.hop_data).to_byte_array(),
-					failure_code: $err_code,
+					sha256_of_onion,
+					failure_code,
 				}));
 			}
 		}