f additional things that were backported

TheBlueMatt · Jan 15, 2025 · a188f12 · a188f12
1 parent 73c9cf2
commit a188f12
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -35,6 +35,8 @@
  * `ChannelMonitorUpdate::update_id`s no longer have a magic value (of
    `u64::MAX`) for updates after a channel has been closed. They are now
    always monotonically increasing (#3355).
+ * The MSRV of `lightning-transaction-sync` has been increased to rustc 1.75 due
+   to its HTTP client dependencies (#3528).
  * The default `ProbabilisticScoringFeeParameters` values now recommend specific
    ratios between different penalties, and default penalties now allow for
    higher fees in order to reduce payment latency (#3495).
@@ -44,6 +46,9 @@
    requirements for nodes using anchor channels (#3340).
  * A `MigratableKVStore` trait was added (and implemented for
    `FilesystemStore`), enabling easy migration between `KVStore`s (#3481).
+ * `InvoiceRequest::amount_msats` now returns the `offer`-implied amount if a
+   Bitcoin-denominated amount was set in the `offer` and no amount was set
+   directly in the `invoice_request` (#3535).
  * `Event::OpenChannelRequest::push_msat` has been replaced with an enum in
    preparation for the dual-funding protocol coming in a future release (#3137).
  * `GossipVerifier` now requires a `P2PGossipSync` which holds a reference to
@@ -78,6 +83,11 @@
 ## Bug Fixes
  * Fixed a rare case where a BOLT 12 payment may be made duplicatively if the
    node crashes while processing a BOLT 12 `invoice` message (#3313).
+ * Fixed a bug where a counterparty can cause funds of ours to be locked up
+   by broadcasting a revoked commitment transaction and following HTLC
+   transactions in specific formats when using an anchor channel. The funds can
+   be recovered by upgrading to 0.1 and replaying the counterparty's broadcasted
+   transactions (using `Confirm::transactions_confirmed`) (#3537).
  * Fixed a bug where a malicious sender could cause a payment `Event` to be
    generated with an `OfferId` using a payment with a lower amount than the
    corresponding BOLT 12 offer would have required. The amount in the
@@ -107,6 +117,9 @@
    delivered to peers even if the peer is behind in processing relayed gossip.
    This ensures our own gossip propagates well even if we have very limited
    upload bandwidth (#3142).
+ * Fixed a bug where calling `OutputSweeper::transactions_confirmed` with
+   transactions from anything but the latest block may have triggered a spurious
+   assertion in debug mode (#3524).
 
 ## Performance Improvements
  * LDK now verifies `channel_update` gossip messages without holding a lock,
@@ -146,6 +159,13 @@
    will have `balance_msat` equal to `next_outbound_htlc_limit_msat` (#3243).
 
 ## Security
+0.1 fixes a funds-theft vulnerability when paying BOLT 12 offers.
+ * When paying a BOLT 12 offer, if the recipient responds to our
+   `invoice_request` with an `invoice` which had an amount different from the
+   amount we intended to pay (either from the `offer` or the `amount_msats`
+   passed to `ChannelManager::pay_for_offer`), LDK would pay the amount from the
+   `invoice`. As a result, a malicious recipient could cause us to overpay the
+   amount we intended to pay (#3535).
  * Various denial-of-service issues in the formerly-alpha `lightning-liquidity`
    crate have been addressed (#3436, #3493).