Open ariard opened 4 years ago
TheBlueMatt
commented
4 years ago Hmm, I dont think it can be implemented as a simple proxy before messages are handed to ChannelManager as, IIRC, we have to wait for commitment_signed before we can fail backwards. So to do this we'd have to add a hook in the forwarding logic.
ariard
commented
4 years ago Yeah right implementing such firewall would be a spec violation for HTLC, maybe not for open_channel messages. So the firewall logic could also run before calling process_pending_htlc_forwards and reject htlc without trying adding them on the outgoing chan.
Node operators may want to refuse incoming channel/HTLCs based on more complex heuristic than the one in BOLTs or node identity (we have persistent pubkey contrary to base layer).
It should be simple to implement in rust-lightning between ChannelManager and PeerHandler after message are decrypted, it can be transparent for ChannelManager, ofc it shouldn't be in this repository (like ChannelAutopilot, not part of the core protocol).