Bolt12Invoice for Offer without signing_pubkey

When parsing a Bolt12Invoice use both the Offer's signing_pubkey and paths to determine if it is for an Offer or a Refund. Previously, an Offer was required to have a signing_pubkey. But now that it is optional, the Offers paths can be used to make the determination. Additionally, check that the invoice matches one of the blinded node ids from the paths' last hops.
lightningdevkit · Apr 24, 2024 · 94d12f9 · 94d12f9
1 parent d20de39
commit 94d12f9
Showing 1 changed file with 17 additions and 3 deletions.
diff --git a/lightning/src/offers/invoice.rs b/lightning/src/offers/invoice.rs
@@ -1447,8 +1447,8 @@ impl TryFrom<PartialInvoiceTlvStream> for InvoiceContents {
 			features, signing_pubkey,
 		};
 
-		match offer_tlv_stream.node_id {
-			Some(expected_signing_pubkey) => {
+		match (offer_tlv_stream.node_id, &offer_tlv_stream.paths) {
+			(Some(expected_signing_pubkey), _) => {
 				if fields.signing_pubkey != expected_signing_pubkey {
 					return Err(Bolt12SemanticError::InvalidSigningPubkey);
 				}
@@ -1458,7 +1458,21 @@ impl TryFrom<PartialInvoiceTlvStream> for InvoiceContents {
 				)?;
 				Ok(InvoiceContents::ForOffer { invoice_request, fields })
 			},
-			None => {
+			(None, Some(paths)) => {
+				if !paths
+					.iter()
+					.filter_map(|path| path.blinded_hops.last())
+					.any(|last_hop| fields.signing_pubkey == last_hop.blinded_node_id)
+				{
+					return Err(Bolt12SemanticError::InvalidSigningPubkey);
+				}
+
+				let invoice_request = InvoiceRequestContents::try_from(
+					(payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream)
+				)?;
+				Ok(InvoiceContents::ForOffer { invoice_request, fields })
+			},
+			(None, None) => {
 				let refund = RefundContents::try_from(
 					(payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream)
 				)?;