diff --git a/CHANGELOG.md b/CHANGELOG.md index a35f38d05a6..be12be58d1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,39 @@ +# 0.1.1 - Jan 28, 2025 - "Onchain Matters" + +## API Updates + * A `ChannelManager::send_payment_with_route` was (re-)added, with semantics + similar to `ChannelManager::send_payment` (rather than like the pre-0.1 + `send_payent_with_route`, #3534). + * `RawBolt11Invoice::{to,from}_raw` were added (#3549). + +## Bug Fixes + * HTLCs which were forwarded where the inbound edge times out within the next + three blocks will have the inbound HTLC failed backwards irrespective of the + status of the outbound HTLC. This avoids the peer force-closing the channel + (and claiming the inbound edge HTLC on-chain) even if we have not yet managed + to claim the outbound edge on chain (#3556). + * On restart, replay of `Event::SpendableOutput`s could have caused + `OutputSweeper` to generate double-spending transactions, making it unable to + claim any delayed claims. This was resolved by retaining old claims for more + than four weeks after they are claimed on-chain to detect replays (#3559). + * Fixed the additional feerate we will pay each time we RBF on-chain claims to + match the Bitcoin Core policy (1 sat/vB) instead of 16 sats/vB (#3457). + * Fixed a cased where a custom `Router` which returns an invalid `Route`, + provided to `ChannelManager`, can result in an outbound payment remaining + pending forever despite no HTLCs being pending (#3531). + +## Security +0.1.1 fixes a denial-of-service vulnerability allowing channel counterparties to +cause force-closure of unrelated channels. + * If a malicious channel counterparty force-closes a channel, broadcasting a + revoked commitment transaction while the channel at closure time included + multiple non-dust forwarded outbound HTLCs with identical payment hashes and + amounts, failure to fail the HTLCs backwards could cause the channels on + which we recieved the corresponding inbound HTLCs to be force-closed. Note + that we'll receive, at a minimum, the malicious counterparty's reserve value + when they broadcast the stale commitment (#3556). Thanks to Matt Morehouse for + reporting this issue. + # 0.1 - Jan 15, 2025 - "Human Readable Version Numbers" The LDK 0.1 release represents an important milestone for the LDK project. While diff --git a/lightning-invoice/Cargo.toml b/lightning-invoice/Cargo.toml index ff8d88c5f63..f4629c1ad5c 100644 --- a/lightning-invoice/Cargo.toml +++ b/lightning-invoice/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "lightning-invoice" description = "Data structures to parse and serialize BOLT11 lightning invoices" -version = "0.33.0" +version = "0.33.1" authors = ["Sebastian Geisler "] documentation = "https://docs.rs/lightning-invoice/" license = "MIT OR Apache-2.0" diff --git a/lightning/Cargo.toml b/lightning/Cargo.toml index 3e46c996147..6417d231f9e 100644 --- a/lightning/Cargo.toml +++ b/lightning/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "lightning" -version = "0.1.0" +version = "0.1.1" authors = ["Matt Corallo"] license = "MIT OR Apache-2.0" repository = "https://github.com/lightningdevkit/rust-lightning/" diff --git a/pending_changelog/3531-buggy-router-leak.txt b/pending_changelog/3531-buggy-router-leak.txt deleted file mode 100644 index 72714aa8a8b..00000000000 --- a/pending_changelog/3531-buggy-router-leak.txt +++ /dev/null @@ -1,4 +0,0 @@ -## Bug Fixes - -* Fixed a rare case where a custom router returning a buggy route could result in holding onto a - pending payment forever and in some cases failing to generate a PaymentFailed event (#3531).