lightningd: add dev-uniform-padding flag to lightningd

sangbida · sangbida · commit f844eb0864b6 · 2026-03-30T16:42:15.000+10:00
diff --git a/connectd/connectd.c b/connectd/connectd.c
@@ -1692,7 +1692,8 @@ static void connect_init(struct daemon *daemon, const u8 *msg)
 				    &daemon->dev_no_reconnect,
 				    &daemon->dev_fast_reconnect,
 				    &dev_limit_connections_inflight,
-				    &daemon->dev_keep_nagle)) {
+				    &daemon->dev_keep_nagle,
+				    &daemon->dev_uniform_padding)) {
 		/* This is a helper which prints the type expected and the actual
 		 * message, then exits (it should never be called!). */
 		master_badmsg(WIRE_CONNECTD_INIT, msg);
@@ -2569,6 +2570,7 @@ int main(int argc, char *argv[])
 	daemon->dev_exhausted_fds = false;
 	daemon->dev_lightningd_is_slow = false;
 	daemon->dev_keep_nagle = false;
+	daemon->dev_uniform_padding = false;
 	/* We generally allow 1MB per second per peer, except for dev testing */
 	daemon->gossip_stream_limit = 1000000;
 	daemon->incoming_stream_limit = 1000000;
diff --git a/connectd/connectd.h b/connectd/connectd.h
@@ -318,6 +318,9 @@ struct daemon {
 	/* Allow localhost to be considered "public", only with --developer */
 	bool dev_allow_localhost;
 
+	/* Pad outgoing messages to uniform 1460-byte segments (traffic analysis defence) */
+	bool dev_uniform_padding;
+
 	/* How much to gossip allow a peer every second (bytes) */
 	size_t gossip_stream_limit;
 
diff --git a/lightningd/connect_control.c b/lightningd/connect_control.c
@@ -727,7 +727,8 @@ int connectd_init(struct lightningd *ld)
 				   !ld->reconnect,
 				   ld->dev_fast_reconnect,
 				   ld->dev_limit_connections_inflight,
-				   ld->dev_keep_nagle);
+				   ld->dev_keep_nagle,
+				   ld->dev_uniform_padding);
 
 	subd_req(ld->connectd, ld->connectd, take(msg), -1, 0,
 		 connect_init_done, NULL);
diff --git a/lightningd/lightningd.c b/lightningd/lightningd.c
@@ -150,6 +150,7 @@ static struct lightningd *new_lightningd(const tal_t *ctx)
 	ld->dev_strict_forwarding = false;
 	ld->dev_limit_connections_inflight = false;
 	ld->dev_keep_nagle = false;
+	ld->dev_uniform_padding = false;
 
 	/*~ We try to ensure enough fds for twice the number of channels
 	 * we start with.  We have a developer option to change that factor
diff --git a/lightningd/lightningd.h b/lightningd/lightningd.h
@@ -369,6 +369,9 @@ struct lightningd {
 	/* Tell connectd we don't want TCP_NODELAY */
 	bool dev_keep_nagle;
 
+	/* Pad outgoing messages to uniform 1460-byte segments (traffic analysis defence) */
+	bool dev_uniform_padding;
+
 	/* tor support */
 	struct wireaddr *proxyaddr;
 	bool always_use_proxy;
diff --git a/lightningd/options.c b/lightningd/options.c
@@ -952,6 +952,10 @@ static void dev_register_opts(struct lightningd *ld)
 		       opt_set_bool,
 		       &ld->dev_keep_nagle,
 		       "Tell connectd not to set TCP_NODELAY.");
+	clnopt_noarg("--dev-uniform-padding", OPT_DEV,
+		       opt_set_bool,
+		       &ld->dev_uniform_padding,
+		       "Pad all outgoing peer messages to uniform 1460-byte segments");
 	/* This is handled directly in daemon_developer_mode(), so we ignore it here */
 	clnopt_noarg("--dev-debug-self", OPT_DEV,
 		     opt_ignore,
