New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sending to Offer
without signing_pubkey
#3017
Sending to Offer
without signing_pubkey
#3017
Conversation
Codecov ReportAttention: Patch coverage is
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## main #3017 +/- ##
==========================================
+ Coverage 89.13% 89.49% +0.35%
==========================================
Files 118 118
Lines 97492 100077 +2585
Branches 97492 100077 +2585
==========================================
+ Hits 86903 89564 +2661
+ Misses 8349 8261 -88
- Partials 2240 2252 +12 ☔ View full report in Codecov by Sentry. |
94d12f9
to
825eb2f
Compare
825eb2f
to
a70af2b
Compare
Feel free to squash imo |
If an Offer contains a path, the blinded_node_id of the path's final hop can be used as the signing pubkey. Make Offer::signing_pubkey and OfferContents::signing_pubkey return an Option to support this. Upcoming commits will implement this behavior.
If an offer has at least one path, it may omit the signing pubkey and use the blinded node id of the last hop of a path to sign an invoice. Allow parsing such offers but not yet creating them.
Instead of reusing OfferTlvStream::paths, add a dedicated paths TLV to InvoiceRequestTlvStream such that it can be used in Refund. This allows for an Offer without a signing_pubkey and still be able to differentiate whether an invoice is for an offer or a refund.
When parsing a Bolt12Invoice use both the Offer's signing_pubkey and paths to determine if it is for an Offer or a Refund. Previously, an Offer was required to have a signing_pubkey. But now that it is optional, the Offers paths can be used to make the determination. Additionally, check that the invoice matches one of the blinded node ids from the paths' last hops.
a70af2b
to
b7635c4
Compare
.iter() | ||
.filter_map(|path| path.blinded_hops.last()) | ||
.any(|last_hop| fields.signing_pubkey == last_hop.blinded_node_id) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the spec, it looks like we MUST verify that the signing pubkey matches a path we sent an invoice request to. I'm not certain it matters or if the spec should change but it looks like we don't specifically check that at the moment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, this is a slight deviation as we don't have the blinded node id for the path that the invoice was sent over when parsing. We could do some sort of check at the handler level, but even that would require piping that data through.
); | ||
pending_offers_messages.push(message); | ||
} else { | ||
debug_assert!(false); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Its usually worth having a comment on these kinds of assertions as to why we think its not reachable.
…pubkey Sending to `Offer` without `signing_pubkey`
If an
Offer
contains apath
, theblinded_node_id
of the path's final hop can be used when signing an invoice. This helps to further reduce offer QR code size by makingoffer_node_id
optional whenoffer_paths
is set. Allow parsing (and thus sending to) such offers. Also replacesRefund
's use ofoffer_paths
with a newinvreq_paths
TLV in order to differentiate aBolt12Invoice
for anOffer
from one for aRefund
.Receiving to an
Offer
without asigning_pubkey
is not supported yet.