OffersMessageHandler impl for ChannelManager

jkczyz · jkczyz · commit d5dbc5c331f3 · 2023-07-28T16:01:49.000-05:00
Define the BOLT 12 message flow in ChannelManager's
OffersMessageHandler implementation.
- An invoice_request message results in responding with an invoice
  message if it can be verified that the request is for a valid offer.
- An invoice is paid if it can be verified to have originated from a
  sent invoice_request or a refund.
- An invoice_error is sent in some failure cases.
diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
@@ -55,6 +55,11 @@ use crate::ln::msgs::{ChannelMessageHandler, DecodeError, LightningError};
 use crate::ln::outbound_payment;
 use crate::ln::outbound_payment::{OutboundPayments, PaymentAttempts, PendingOutboundPayment, SendAlongPathArgs};
 use crate::ln::wire::Encode;
+use crate::offers::invoice::{Bolt12Invoice, DEFAULT_RELATIVE_EXPIRY, DerivedSigningPubkey, InvoiceBuilder};
+use crate::offers::invoice_error::InvoiceError;
+use crate::offers::merkle::{SignError, TaggedHash};
+use crate::offers::parse::Bolt12SemanticError;
+use crate::onion_message::{OffersMessage, OffersMessageHandler};
 use crate::sign::{EntropySource, KeysManager, NodeSigner, Recipient, SignerProvider, ChannelSigner, WriteableEcdsaChannelSigner};
 use crate::util::config::{UserConfig, ChannelConfig, ChannelConfigUpdate};
 use crate::util::wakers::{Future, Notifier};
@@ -3291,6 +3296,17 @@ where
 		self.pending_outbound_payments.test_set_payment_metadata(payment_id, new_payment_metadata);
 	}
 
+	pub(super) fn send_payment_for_bolt12_invoice(&self, invoice: &Bolt12Invoice, payment_id: PaymentId) -> Result<(), RetryableSendFailure> {
+		let best_block_height = self.best_block.read().unwrap().height();
+		let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(self);
+		self.pending_outbound_payments
+			.send_payment_for_bolt12_invoice(
+				invoice, payment_id, &self.router, self.list_usable_channels(),
+				|| self.compute_inflight_htlcs(), &self.entropy_source, &self.node_signer,
+				best_block_height, &self.logger, &self.pending_events,
+				|args| self.send_payment_along_path(args)
+			)
+	}
 
 	/// Signals that no further retries for the given payment should occur. Useful if you have a
 	/// pending outbound payment with retries remaining, but wish to stop retrying the payment before
@@ -7440,6 +7456,123 @@ where
 	}
 }
 
+impl<M: Deref, T: Deref, ES: Deref, NS: Deref, SP: Deref, F: Deref, R: Deref, L: Deref>
+OffersMessageHandler for ChannelManager<M, T, ES, NS, SP, F, R, L>
+where
+	M::Target: chain::Watch<<SP::Target as SignerProvider>::Signer>,
+	T::Target: BroadcasterInterface,
+	ES::Target: EntropySource,
+	NS::Target: NodeSigner,
+	SP::Target: SignerProvider,
+	F::Target: FeeEstimator,
+	R::Target: Router,
+	L::Target: Logger,
+{
+	fn handle_message(&self, message: OffersMessage) -> Option<OffersMessage> {
+		let secp_ctx = &self.secp_ctx;
+		let expanded_key = &self.inbound_payment_key;
+
+		match message {
+			OffersMessage::InvoiceRequest(invoice_request) => {
+				let amount_msats = match InvoiceBuilder::<DerivedSigningPubkey>::amount_msats(
+					&invoice_request
+				) {
+					Ok(amount_msats) => Some(amount_msats),
+					Err(error) => return Some(OffersMessage::InvoiceError(error.into())),
+				};
+				let invoice_request = match invoice_request.verify(expanded_key, secp_ctx) {
+					Ok(invoice_request) => invoice_request,
+					Err(()) => {
+						let error = Bolt12SemanticError::InvalidMetadata;
+						return Some(OffersMessage::InvoiceError(error.into()));
+					},
+				};
+				let relative_expiry = DEFAULT_RELATIVE_EXPIRY.as_secs() as u32;
+
+				match self.create_inbound_payment(amount_msats, relative_expiry, None) {
+					Ok((payment_hash, _payment_secret)) if invoice_request.keys.is_some() => {
+						// TODO: Include payment_secret in payment_paths.
+						let payment_paths = vec![];
+						#[cfg(not(feature = "no-std"))]
+						let builder = invoice_request.respond_using_derived_keys(
+							payment_paths, payment_hash
+						);
+						#[cfg(feature = "no-std")]
+						let created_at = Duration::from_secs(
+							self.highest_seen_timestamp.load(Ordering::Acquire) as u64
+						);
+						#[cfg(feature = "no-std")]
+						let builder = invoice_request.respond_using_derived_keys_no_std(
+							payment_paths, payment_hash, created_at
+						);
+						match builder.and_then(|b| b.allow_mpp().build_and_sign(secp_ctx)) {
+							Ok(invoice) => Some(OffersMessage::Invoice(invoice)),
+							Err(error) => Some(OffersMessage::InvoiceError(error.into())),
+						}
+					},
+					Ok((payment_hash, _payment_secret)) => {
+						// TODO: Include payment_secret in payment_paths.
+						let payment_paths = vec![];
+						#[cfg(not(feature = "no-std"))]
+						let builder = invoice_request.respond_with(payment_paths, payment_hash);
+						#[cfg(feature = "no-std")]
+						let created_at = Duration::from_secs(
+							self.highest_seen_timestamp.load(Ordering::Acquire) as u64
+						);
+						#[cfg(feature = "no-std")]
+						let builder = invoice_request.respond_with_no_std(
+							payment_paths, payment_hash, created_at
+						);
+						let response = builder.and_then(|builder| builder.allow_mpp().build())
+							.map_err(|e| OffersMessage::InvoiceError(e.into()))
+							.and_then(|invoice|
+								match invoice.sign(|message: &TaggedHash, metadata: &[u8]|
+									self.node_signer.sign_bolt12_message(message, metadata)
+								) {
+									Ok(invoice) => Ok(OffersMessage::Invoice(invoice)),
+									Err(SignError::Signing(())) => Err(OffersMessage::InvoiceError(
+											InvoiceError::from_str("Failed signing invoice")
+									)),
+									Err(SignError::Verification(_)) => Err(OffersMessage::InvoiceError(
+											InvoiceError::from_str("Failed invoice signature verification")
+									)),
+								});
+						match response {
+							Ok(invoice) => Some(invoice),
+							Err(error) => Some(error),
+						}
+					},
+					Err(()) => {
+						Some(OffersMessage::InvoiceError(Bolt12SemanticError::InvalidAmount.into()))
+					},
+				}
+			},
+			OffersMessage::Invoice(invoice) => {
+				match invoice.verify(expanded_key, secp_ctx) {
+					Err(()) => {
+						Some(OffersMessage::InvoiceError(InvoiceError::from_str("Unrecognized invoice")))
+					},
+					Ok(_) if invoice.features().requires_unknown_bits() => {
+						Some(OffersMessage::InvoiceError(Bolt12SemanticError::UnknownRequiredFeatures.into()))
+					},
+					Ok(payment_id) => {
+						if let Err(e) = self.send_payment_for_bolt12_invoice(&invoice, payment_id) {
+							log_error!(self.logger, "Failed paying invoice: {:?}", e);
+							Some(OffersMessage::InvoiceError(InvoiceError::from_str(&format!("{:?}", e))))
+						} else {
+							None
+						}
+					},
+				}
+			},
+			OffersMessage::InvoiceError(invoice_error) => {
+				log_error!(self.logger, "Received invoice_error: {}", invoice_error);
+				None
+			},
+		}
+	}
+}
+
 /// Fetches the set of [`NodeFeatures`] flags which are provided by or required by
 /// [`ChannelManager`].
 pub(crate) fn provided_node_features(config: &UserConfig) -> NodeFeatures {
diff --git a/lightning/src/ln/outbound_payment.rs b/lightning/src/ln/outbound_payment.rs
@@ -18,6 +18,7 @@ use crate::events::{self, PaymentFailureReason};
 use crate::ln::{PaymentHash, PaymentPreimage, PaymentSecret};
 use crate::ln::channelmanager::{ChannelDetails, EventCompletionAction, HTLCSource, IDEMPOTENCY_TIMEOUT_TICKS, INVOICE_REQUEST_TIMEOUT_TICKS, PaymentId};
 use crate::ln::onion_utils::HTLCFailReason;
+use crate::offers::invoice::Bolt12Invoice;
 use crate::routing::router::{InFlightHtlcs, Path, PaymentParameters, Route, RouteParameters, Router};
 use crate::util::errors::APIError;
 use crate::util::logger::Logger;
@@ -341,6 +342,10 @@ pub enum RetryableSendFailure {
 	/// [`Event::PaymentSent`]: crate::events::Event::PaymentSent
 	/// [`Event::PaymentFailed`]: crate::events::Event::PaymentFailed
 	DuplicatePayment,
+	/// Indicates that a payment for the provided [`PaymentId`] was unexpected, either because the
+	/// invoice was not explicitly requested (or for a known refund) or the invoice was not received
+	/// in time (or was already paid).
+	UnexpectedPayment,
 }
 
 /// If a payment fails to send with [`ChannelManager::send_payment_with_route`], it can be in one
@@ -498,6 +503,8 @@ pub(super) struct SendAlongPathArgs<'a> {
 	pub session_priv_bytes: [u8; 32],
 }
 
+const BOLT_12_INVOICE_RETRY_STRATEGY: Retry = Retry::Attempts(3);
+
 pub(super) struct OutboundPayments {
 	pub(super) pending_outbound_payments: Mutex<HashMap<PaymentId, PendingOutboundPayment>>,
 	pub(super) retry_lock: Mutex<()>,
@@ -531,6 +538,47 @@ impl OutboundPayments {
 			best_block_height, logger, pending_events, &send_payment_along_path)
 	}
 
+	pub(super) fn send_payment_for_bolt12_invoice<R: Deref, ES: Deref, NS: Deref, IH, SP, L: Deref>(
+		&self, invoice: &Bolt12Invoice, payment_id: PaymentId, router: &R,
+		first_hops: Vec<ChannelDetails>, compute_inflight_htlcs: IH, entropy_source: &ES,
+		node_signer: &NS, best_block_height: u32, logger: &L,
+		pending_events: &Mutex<VecDeque<(events::Event, Option<EventCompletionAction>)>>,
+		send_payment_along_path: SP,
+	) -> Result<(), RetryableSendFailure>
+	where
+		R::Target: Router,
+		ES::Target: EntropySource,
+		NS::Target: NodeSigner,
+		L::Target: Logger,
+		IH: Fn() -> InFlightHtlcs,
+		SP: Fn(SendAlongPathArgs) -> Result<(), APIError>,
+	{
+		match self.pending_outbound_payments.lock().unwrap().entry(payment_id) {
+			hash_map::Entry::Occupied(entry) => {
+				if !entry.get().is_awaiting_invoice() {
+					return Err(RetryableSendFailure::DuplicatePayment)
+				}
+			},
+			hash_map::Entry::Vacant(_) => return Err(RetryableSendFailure::UnexpectedPayment),
+		}
+
+		let recipient_onion = RecipientOnionFields {
+			payment_secret: None,
+			payment_metadata: None,
+		};
+		let payment_hash = invoice.payment_hash();
+		let route_params = RouteParameters {
+			payment_params: PaymentParameters::from_bolt12_invoice(&invoice),
+			final_value_msat: invoice.amount_msats(),
+		};
+
+		self.send_payment(
+			payment_hash, recipient_onion, payment_id, BOLT_12_INVOICE_RETRY_STRATEGY, route_params,
+			router, first_hops, compute_inflight_htlcs, entropy_source, node_signer,
+			best_block_height, logger, pending_events, send_payment_along_path
+		)
+	}
+
 	pub(super) fn send_payment_with_route<ES: Deref, NS: Deref, F>(
 		&self, route: &Route, payment_hash: PaymentHash, recipient_onion: RecipientOnionFields,
 		payment_id: PaymentId, entropy_source: &ES, node_signer: &NS, best_block_height: u32,
diff --git a/lightning/src/offers/invoice.rs b/lightning/src/offers/invoice.rs
@@ -130,7 +130,7 @@ use crate::prelude::*;
 #[cfg(feature = "std")]
 use std::time::SystemTime;
 
-const DEFAULT_RELATIVE_EXPIRY: Duration = Duration::from_secs(7200);
+pub(crate) const DEFAULT_RELATIVE_EXPIRY: Duration = Duration::from_secs(7200);
 
 /// Tag for the hash function used when signing a [`Bolt12Invoice`]'s merkle root.
 pub const SIGNATURE_TAG: &'static str = concat!("lightning", "invoice", "signature");
@@ -176,7 +176,7 @@ impl<'a> InvoiceBuilder<'a, ExplicitSigningPubkey> {
 		invoice_request: &'a InvoiceRequest, payment_paths: Vec<(BlindedPayInfo, BlindedPath)>,
 		created_at: Duration, payment_hash: PaymentHash
 	) -> Result<Self, Bolt12SemanticError> {
-		let amount_msats = Self::check_amount_msats(invoice_request)?;
+		let amount_msats = Self::amount_msats(invoice_request)?;
 		let signing_pubkey = invoice_request.contents.inner.offer.signing_pubkey();
 		let contents = InvoiceContents::ForOffer {
 			invoice_request: invoice_request.contents.clone(),
@@ -209,7 +209,7 @@ impl<'a> InvoiceBuilder<'a, DerivedSigningPubkey> {
 		invoice_request: &'a InvoiceRequest, payment_paths: Vec<(BlindedPayInfo, BlindedPath)>,
 		created_at: Duration, payment_hash: PaymentHash, keys: KeyPair
 	) -> Result<Self, Bolt12SemanticError> {
-		let amount_msats = Self::check_amount_msats(invoice_request)?;
+		let amount_msats = Self::amount_msats(invoice_request)?;
 		let signing_pubkey = invoice_request.contents.inner.offer.signing_pubkey();
 		let contents = InvoiceContents::ForOffer {
 			invoice_request: invoice_request.contents.clone(),
@@ -239,7 +239,9 @@ impl<'a> InvoiceBuilder<'a, DerivedSigningPubkey> {
 }
 
 impl<'a, S: SigningPubkeyStrategy> InvoiceBuilder<'a, S> {
-	fn check_amount_msats(invoice_request: &InvoiceRequest) -> Result<u64, Bolt12SemanticError> {
+	pub(crate) fn amount_msats(
+		invoice_request: &InvoiceRequest
+	) -> Result<u64, Bolt12SemanticError> {
 		match invoice_request.amount_msats() {
 			Some(amount_msats) => Ok(amount_msats),
 			None => match invoice_request.contents.inner.offer.amount() {
diff --git a/lightning/src/offers/invoice_error.rs b/lightning/src/offers/invoice_error.rs
@@ -48,6 +48,16 @@ pub struct ErroneousField {
 	pub suggested_value: Option<Vec<u8>>,
 }
 
+impl InvoiceError {
+	/// Creates an [`InvoiceError`] with the given message.
+	pub fn from_str(s: &str) -> Self {
+		Self {
+			erroneous_field: None,
+			message: UntrustedString(s.to_string()),
+		}
+	}
+}
+
 impl core::fmt::Display for InvoiceError {
 	fn fmt(&self, f: &mut core::fmt::Formatter) -> Result<(), core::fmt::Error> {
 		self.message.fmt(f)
