From c3e96e058e9f6023754bc99c27d5f254537a01db Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Mon, 14 Jan 2019 12:56:12 +1030
Subject: [PATCH] bolt: Updated the BOLT specification to unify
 UNKNOWN_PAYMENT_HASH & INCORRECT_PAYMENT_AMOUNT

This is based on Christian's change, but removes all trace of the old codes.

I've proposed another spec change which removes this code altogether:
	https://github.com/lightningnetwork/lightning-rfc/pull/544

Signed-off-by: Christian Decker <decker.christian@gmail.com>
Reported-by: Rusty Russell <@rustyrussell>
---
 Makefile                |  2 +-
 channeld/channeld.c     | 11 ++++++-----
 lightningd/peer_htlcs.c | 20 ++++++++++----------
 tests/test_closing.py   |  4 ++--
 wire/gen_onion_wire_csv |  3 ++-
 5 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/Makefile b/Makefile
index a23bbc67c..3f2ce068a 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@ CCANDIR := ccan
 
 # Where we keep the BOLT RFCs
 BOLTDIR := ../lightning-rfc/
-BOLTVERSION := a07dc3df3b4611989e3359f28f96c574f7822850
+BOLTVERSION := 914ebab9080ccccb0ff176cb16b7a6ba21e23bbe
 
 -include config.vars
 
diff --git a/channeld/channeld.c b/channeld/channeld.c
index 5f5ec5188..89707e29a 100644
--- a/channeld/channeld.c
+++ b/channeld/channeld.c
@@ -863,11 +863,9 @@ static u8 *make_failmsg(const tal_t *ctx,
 	case WIRE_EXPIRY_TOO_FAR:
 		msg = towire_expiry_too_far(ctx);
 		goto done;
-	case WIRE_UNKNOWN_PAYMENT_HASH:
-		msg = towire_unknown_payment_hash(ctx);
-		goto done;
-	case WIRE_INCORRECT_PAYMENT_AMOUNT:
-		msg = towire_incorrect_payment_amount(ctx);
+	case WIRE_INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS:
+		msg = towire_incorrect_or_unknown_payment_details(
+		    ctx, htlc->msatoshi);
 		goto done;
 	case WIRE_FINAL_EXPIRY_TOO_SOON:
 		msg = towire_final_expiry_too_soon(ctx);
@@ -887,6 +885,9 @@ static u8 *make_failmsg(const tal_t *ctx,
 	case WIRE_INVALID_ONION_KEY:
 		msg = towire_invalid_onion_key(ctx, sha256);
 		goto done;
+	case WIRE_INCORRECT_PAYMENT_AMOUNT:
+		/* Deprecated: we should never make this any more! */
+		break;
 	}
 	status_failed(STATUS_FAIL_INTERNAL_ERROR,
 		      "Asked to create failmsg %u (%s)",
diff --git a/lightningd/peer_htlcs.c b/lightningd/peer_htlcs.c
index 0433ed7da..83dd766b9 100644
--- a/lightningd/peer_htlcs.c
+++ b/lightningd/peer_htlcs.c
@@ -281,7 +281,7 @@ static void handle_localpay(struct htlc_in *hin,
 	}
 
 	if (!wallet_invoice_find_unpaid(ld->wallet, &invoice, payment_hash)) {
-		failcode = WIRE_UNKNOWN_PAYMENT_HASH;
+		failcode = WIRE_INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS;
 		goto fail;
 	}
 	details = wallet_invoice_details(tmpctx, ld->wallet, invoice);
@@ -292,19 +292,19 @@ static void handle_localpay(struct htlc_in *hin,
 	 *...
 	 *   - if the amount paid is less than the amount expected:
 	 *     - MUST fail the HTLC.
-	 *...
-	 *   - if the amount paid is more than twice the amount expected:
-	 *     - SHOULD fail the HTLC.
-	 *     - SHOULD return an `incorrect_payment_amount` error.
-	 *       - Note: this allows the origin node to reduce information
-	 *         leakage by altering the amount while not allowing for
-	 *         accidental gross overpayment.
 	 */
 	if (details->msatoshi != NULL && hin->msatoshi < *details->msatoshi) {
-		failcode = WIRE_INCORRECT_PAYMENT_AMOUNT;
+		failcode = WIRE_INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS;
 		goto fail;
 	} else if (details->msatoshi != NULL && hin->msatoshi > *details->msatoshi * 2) {
-		failcode = WIRE_INCORRECT_PAYMENT_AMOUNT;
+		/* FIXME: bolt update fixes this quote! */
+		/* BOLT #4:
+		 *
+		 *   - if the amount paid is more than twice the amount expected:
+		 *     - SHOULD fail the HTLC.
+		 *     - SHOULD return an `incorrect_payment_amount` error.
+		 */
+		failcode = WIRE_INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS;
 		goto fail;
 	}
 
diff --git a/tests/test_closing.py b/tests/test_closing.py
index 84e211ead..e1fcff3fc 100644
--- a/tests/test_closing.py
+++ b/tests/test_closing.py
@@ -1060,12 +1060,12 @@ def setup_multihtlc_test(node_factory, bitcoind):
     # First, the failed attempts (paying wrong node).  CLTV1
     r = nodes[0].rpc.getroute(nodes[-2].info['id'], 10**8, 1)["route"]
     nodes[0].rpc.sendpay(r, h)
-    with pytest.raises(RpcError, match=r'UNKNOWN_PAYMENT_HASH'):
+    with pytest.raises(RpcError, match=r'INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS'):
         nodes[0].rpc.waitsendpay(h)
 
     r = nodes[-1].rpc.getroute(nodes[1].info['id'], 10**8, 1)["route"]
     nodes[-1].rpc.sendpay(r, h)
-    with pytest.raises(RpcError, match=r'UNKNOWN_PAYMENT_HASH'):
+    with pytest.raises(RpcError, match=r'INCORRECT_OR_UNKNOWN_PAYMENT_DETAILS'):
         nodes[-1].rpc.waitsendpay(h)
 
     # Now increment CLTV -> CLTV2
diff --git a/wire/gen_onion_wire_csv b/wire/gen_onion_wire_csv
index 8523c6fc5..1dd767485 100644
--- a/wire/gen_onion_wire_csv
+++ b/wire/gen_onion_wire_csv
@@ -30,7 +30,8 @@ incorrect_cltv_expiry,6,channel_update,len
 expiry_too_soon,UPDATE|14
 expiry_too_soon,0,len,2
 expiry_too_soon,2,channel_update,len
-unknown_payment_hash,PERM|15
+incorrect_or_unknown_payment_details,PERM|15
+incorrect_or_unknown_payment_details,0,htlc_msat,8
 incorrect_payment_amount,PERM|16
 final_expiry_too_soon,17
 final_incorrect_cltv_expiry,18