LND: Only modify amount + channel id on forward with channel open

[JssDWt]

Intro

LSPD allows clients to register a payment with the LSP, so that a just-in-time channel will be opened to the client node on the fly at the moment the payment is forwarded. The payment is identified by the payment hash.

When the client creates an invoice that needs an inbound channel, the flow is the following. The client creates an invoice in its node of amount (to receive - lsp fee). Then it creates a new invoice outside the node of the actual amount to receive, and with a hop hint to the LSP with a fake channel id (1x0x0). The sender pays this invoice, and routes over the LSP.

When a htlc for the given payment hash is intercepted by the LSP, a channel is opened to the client. In order to then forward the HTLC, a few things are modified.

1. The LSP takes a fee for opening the channel, so the forwarded amount is deducted.
2. The channel id has to be adjusted to the newly created channel alias.

Current situation

Currently, in the LND implementation for lspd, we create a whole new onion. Any information from the sender is basically dropped. The client shared the payment secret with lspd when it registered the payment, that's why this works. The client doesn't even know it received a new onion from the LSP. There are some caveats to this, however.

1. The client has to share the payment secret with the LSP (that's not the preimage), so it cannot verify the amount received was the intented amount by the sender.
2. These new onion packets are encrypted with a new session key. That means if the client returns an error, the sender is unable to read this error, because it's encrypted with an unknown key.
3. Any additional metadata from the sender is lost.

Currently, that new onion is created here

New situation

We want to change this to include the original onion from the sender and only modify the amount and channel id in the htlc for the next hop. We already do this in the CLN implementation of lspd and this mechanism is also part of the lsp spec, so this would get us closer to implementing the spec.

What to change

In order to do this we will need a few things:

• Modify our fork of LND for the LSP, so the htlc interceptor accepts a different amount + channel id, in such a way that the original onion and tlvs are kept intact, but only the amount and channel id will be different in the update_add_htlc message.
• Modify our fork of LND for the client so that it accepts the lower amount. It's mainly the difference between the forwarded amount and the total_msat provided by the sender that causes a mismatch.
• Modify lspd, so it uses the newly created flow.

Keep in mind that some clients will not support the new flow yet, so we also have to support the old flow for old clients.

CLN reference

The implementation we currently already have for CLN is here. When the htlc is intercepted in CLN, we modify the amount and channel id in the payload for the current hop, so the payload for the LSP itself. When that's sent back to CLN, CLN takes that new payload to continue its flow. So it will eventually construct an update_add_htlc message for the client with the lower amount and different channel id.

On the client side the CLN client needs a htlc interceptor, the total_msat is modified in the payload to the amount in the invoice. And the amount is set to whatever was received in the HTLC. There's a naive implementation in the tests here and a more stable rust implementation here.

I'm not sure whether this kind of mechanism is reusable in LND or not, or whether we have to come up with something new.

[JssDWt]

This is completed on the lsp side in #134