Merge pull request #1927 from jkczyz/2022-12-invoice-rework

Pre-work for BOLT 12 invoices

Author: valentinewallace

lightning/src/ln/features.rs

@@ -65,7 +65,7 @@ use core::marker::PhantomData;
 use bitcoin::bech32;
 use bitcoin::bech32::{Base32Len, FromBase32, ToBase32, u5, WriteBase32};
 use crate::ln::msgs::DecodeError;
-use crate::util::ser::{Readable, Writeable, Writer};
+use crate::util::ser::{Readable, WithoutLength, Writeable, Writer};
 
 mod sealed {
 	use crate::prelude::*;
@@ -159,6 +159,15 @@ mod sealed {
 	]);
 	define_context!(OfferContext, []);
 	define_context!(InvoiceRequestContext, []);
+	define_context!(Bolt12InvoiceContext, [
+		// Byte 0
+		,
+		// Byte 1
+		,
+		// Byte 2
+		BasicMPP,
+	]);
+	define_context!(BlindedHopContext, []);
 	// This isn't a "real" feature context, and is only used in the channel_type field in an
 	// `OpenChannel` message.
 	define_context!(ChannelTypeContext, [
@@ -342,7 +351,7 @@ mod sealed {
 	define_feature!(15, PaymentSecret, [InitContext, NodeContext, InvoiceContext],
 		"Feature flags for `payment_secret`.", set_payment_secret_optional, set_payment_secret_required,
 		supports_payment_secret, requires_payment_secret);
-	define_feature!(17, BasicMPP, [InitContext, NodeContext, InvoiceContext],
+	define_feature!(17, BasicMPP, [InitContext, NodeContext, InvoiceContext, Bolt12InvoiceContext],
 		"Feature flags for `basic_mpp`.", set_basic_mpp_optional, set_basic_mpp_required,
 		supports_basic_mpp, requires_basic_mpp);
 	define_feature!(19, Wumbo, [InitContext, NodeContext],
@@ -369,7 +378,7 @@ mod sealed {
 
 	#[cfg(test)]
 	define_feature!(123456789, UnknownFeature,
-		[NodeContext, ChannelContext, InvoiceContext, OfferContext, InvoiceRequestContext],
+		[NodeContext, ChannelContext, InvoiceContext, OfferContext, InvoiceRequestContext, Bolt12InvoiceContext, BlindedHopContext],
 		"Feature flags for an unknown feature used in testing.", set_unknown_feature_optional,
 		set_unknown_feature_required, supports_unknown_test_feature, requires_unknown_test_feature);
 }
@@ -432,6 +441,10 @@ pub type InvoiceFeatures = Features<sealed::InvoiceContext>;
 pub type OfferFeatures = Features<sealed::OfferContext>;
 /// Features used within an `invoice_request`.
 pub type InvoiceRequestFeatures = Features<sealed::InvoiceRequestContext>;
+/// Features used within an `invoice`.
+pub type Bolt12InvoiceFeatures = Features<sealed::Bolt12InvoiceContext>;
+/// Features used within BOLT 4 encrypted_data_tlv and BOLT 12 blinded_payinfo
+pub type BlindedHopFeatures = Features<sealed::BlindedHopContext>;
 
 /// Features used within the channel_type field in an OpenChannel message.
 ///
@@ -719,32 +732,47 @@ impl_feature_len_prefixed_write!(InitFeatures);
 impl_feature_len_prefixed_write!(ChannelFeatures);
 impl_feature_len_prefixed_write!(NodeFeatures);
 impl_feature_len_prefixed_write!(InvoiceFeatures);
+impl_feature_len_prefixed_write!(BlindedHopFeatures);
 
 // Some features only appear inside of TLVs, so they don't have a length prefix when serialized.
 macro_rules! impl_feature_tlv_write {
 	($features: ident) => {
 		impl Writeable for $features {
 			fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
-				self.write_be(w)
+				WithoutLength(self).write(w)
 			}
 		}
 		impl Readable for $features {
 			fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
-				let v = io_extras::read_to_end(r)?;
-				Ok(Self::from_be_bytes(v))
+				Ok(WithoutLength::<Self>::read(r)?.0)
 			}
 		}
 	}
 }
 
 impl_feature_tlv_write!(ChannelTypeFeatures);
-impl_feature_tlv_write!(OfferFeatures);
-impl_feature_tlv_write!(InvoiceRequestFeatures);
+
+// Some features may appear both in a TLV record and as part of a TLV subtype sequence. The latter
+// requires a length but the former does not.
+
+impl<T: sealed::Context> Writeable for WithoutLength<&Features<T>> {
+	fn write<W: Writer>(&self, w: &mut W) -> Result<(), io::Error> {
+		self.0.write_be(w)
+	}
+}
+
+impl<T: sealed::Context> Readable for WithoutLength<Features<T>> {
+	fn read<R: io::Read>(r: &mut R) -> Result<Self, DecodeError> {
+		let v = io_extras::read_to_end(r)?;
+		Ok(WithoutLength(Features::<T>::from_be_bytes(v)))
+	}
+}
 
 #[cfg(test)]
 mod tests {
-	use super::{ChannelFeatures, ChannelTypeFeatures, InitFeatures, InvoiceFeatures, NodeFeatures, sealed};
+	use super::{ChannelFeatures, ChannelTypeFeatures, InitFeatures, InvoiceFeatures, NodeFeatures, OfferFeatures, sealed};
 	use bitcoin::bech32::{Base32Len, FromBase32, ToBase32, u5};
+	use crate::util::ser::{Readable, WithoutLength, Writeable};
 
 	#[test]
 	fn sanity_test_unknown_bits() {
@@ -838,6 +866,20 @@ mod tests {
 		assert!(features.supports_payment_secret());
 	}
 
+	#[test]
+	fn encodes_features_without_length() {
+		let features = OfferFeatures::from_le_bytes(vec![1, 2, 3, 4, 5, 42, 100, 101]);
+		assert_eq!(features.flags.len(), 8);
+
+		let mut serialized_features = Vec::new();
+		WithoutLength(&features).write(&mut serialized_features).unwrap();
+		assert_eq!(serialized_features.len(), 8);
+
+		let deserialized_features =
+			WithoutLength::<OfferFeatures>::read(&mut &serialized_features[..]).unwrap().0;
+		assert_eq!(features, deserialized_features);
+	}
+
 	#[test]
 	fn invoice_features_encoding() {
 		let features_as_u5s = vec![

lightning/src/offers/invoice_request.rs

@@ -223,11 +223,11 @@ impl<'a> UnsignedInvoiceRequest<'a> {
 		unsigned_tlv_stream.write(&mut bytes).unwrap();
 
 		let pubkey = self.invoice_request.payer_id;
-		let signature = Some(merkle::sign_message(sign, SIGNATURE_TAG, &bytes, pubkey)?);
+		let signature = merkle::sign_message(sign, SIGNATURE_TAG, &bytes, pubkey)?;
 
 		// Append the signature TLV record to the bytes.
 		let signature_tlv_stream = SignatureTlvStreamRef {
-			signature: signature.as_ref(),
+			signature: Some(&signature),
 		};
 		signature_tlv_stream.write(&mut bytes).unwrap();
 
@@ -249,7 +249,7 @@ impl<'a> UnsignedInvoiceRequest<'a> {
 pub struct InvoiceRequest {
 	pub(super) bytes: Vec<u8>,
 	contents: InvoiceRequestContents,
-	signature: Option<Signature>,
+	signature: Signature,
 }
 
 /// The contents of an [`InvoiceRequest`], which may be shared with an `Invoice`.
@@ -311,7 +311,7 @@ impl InvoiceRequest {
 	/// Signature of the invoice request using [`payer_id`].
 	///
 	/// [`payer_id`]: Self::payer_id
-	pub fn signature(&self) -> Option<Signature> {
+	pub fn signature(&self) -> Signature {
 		self.signature
 	}
 
@@ -320,7 +320,7 @@ impl InvoiceRequest {
 		let (payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream) =
 			self.contents.as_tlv_stream();
 		let signature_tlv_stream = SignatureTlvStreamRef {
-			signature: self.signature.as_ref(),
+			signature: Some(&self.signature),
 		};
 		(payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream, signature_tlv_stream)
 	}
@@ -371,7 +371,7 @@ impl Writeable for InvoiceRequestContents {
 tlv_stream!(InvoiceRequestTlvStream, InvoiceRequestTlvStreamRef, 80..160, {
 	(80, chain: ChainHash),
 	(82, amount: (u64, HighZeroBytesDroppedBigSize)),
-	(84, features: InvoiceRequestFeatures),
+	(84, features: (InvoiceRequestFeatures, WithoutLength)),
 	(86, quantity: (u64, HighZeroBytesDroppedBigSize)),
 	(88, payer_id: PublicKey),
 	(89, payer_note: (String, WithoutLength)),
@@ -421,9 +421,11 @@ impl TryFrom<Vec<u8>> for InvoiceRequest {
 			(payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream)
 		)?;
 
-		if let Some(signature) = &signature {
-			merkle::verify_signature(signature, SIGNATURE_TAG, &bytes, contents.payer_id)?;
-		}
+		let signature = match signature {
+			None => return Err(ParseError::InvalidSemantics(SemanticError::MissingSignature)),
+			Some(signature) => signature,
+		};
+		merkle::verify_signature(&signature, SIGNATURE_TAG, &bytes, contents.payer_id)?;
 
 		Ok(InvoiceRequest { bytes, contents, signature })
 	}
@@ -471,7 +473,7 @@ impl TryFrom<PartialInvoiceRequestTlvStream> for InvoiceRequestContents {
 
 #[cfg(test)]
 mod tests {
-	use super::{InvoiceRequest, InvoiceRequestTlvStreamRef};
+	use super::{InvoiceRequest, InvoiceRequestTlvStreamRef, SIGNATURE_TAG};
 
 	use bitcoin::blockdata::constants::ChainHash;
 	use bitcoin::network::constants::Network;
@@ -483,7 +485,7 @@ mod tests {
 	use core::time::Duration;
 	use crate::ln::features::InvoiceRequestFeatures;
 	use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
-	use crate::offers::merkle::{SignError, SignatureTlvStreamRef};
+	use crate::offers::merkle::{SignError, SignatureTlvStreamRef, self};
 	use crate::offers::offer::{Amount, OfferBuilder, OfferTlvStreamRef, Quantity};
 	use crate::offers::parse::{ParseError, SemanticError};
 	use crate::offers::payer::PayerTlvStreamRef;
@@ -536,7 +538,11 @@ mod tests {
 		assert_eq!(invoice_request.quantity(), None);
 		assert_eq!(invoice_request.payer_id(), payer_pubkey());
 		assert_eq!(invoice_request.payer_note(), None);
-		assert!(invoice_request.signature().is_some());
+		assert!(
+			merkle::verify_signature(
+				&invoice_request.signature, SIGNATURE_TAG, &invoice_request.bytes, payer_pubkey()
+			).is_ok()
+		);
 
 		assert_eq!(
 			invoice_request.as_tlv_stream(),
@@ -563,7 +569,7 @@ mod tests {
 					payer_id: Some(&payer_pubkey()),
 					payer_note: None,
 				},
-				SignatureTlvStreamRef { signature: invoice_request.signature().as_ref() },
+				SignatureTlvStreamRef { signature: Some(&invoice_request.signature()) },
 			),
 		);
 
@@ -1222,7 +1228,7 @@ mod tests {
 	}
 
 	#[test]
-	fn parses_invoice_request_without_signature() {
+	fn fails_parsing_invoice_request_without_signature() {
 		let mut buffer = Vec::new();
 		OfferBuilder::new("foo".into(), recipient_pubkey())
 			.amount_msats(1000)
@@ -1232,8 +1238,9 @@ mod tests {
 			.invoice_request
 			.write(&mut buffer).unwrap();
 
-		if let Err(e) = InvoiceRequest::try_from(buffer) {
-			panic!("error parsing invoice_request: {:?}", e);
+		match InvoiceRequest::try_from(buffer) {
+			Ok(_) => panic!("expected error"),
+			Err(e) => assert_eq!(e, ParseError::InvalidSemantics(SemanticError::MissingSignature)),
 		}
 	}
 

lightning/src/offers/offer.rs

@@ -567,7 +567,7 @@ tlv_stream!(OfferTlvStream, OfferTlvStreamRef, 1..80, {
 	(6, currency: CurrencyCode),
 	(8, amount: (u64, HighZeroBytesDroppedBigSize)),
 	(10, description: (String, WithoutLength)),
-	(12, features: OfferFeatures),
+	(12, features: (OfferFeatures, WithoutLength)),
 	(14, absolute_expiry: (u64, HighZeroBytesDroppedBigSize)),
 	(16, paths: (Vec<BlindedPath>, WithoutLength)),
 	(18, issuer: (String, WithoutLength)),

lightning/src/offers/parse.rs

@@ -159,6 +159,8 @@ pub enum SemanticError {
 	MissingPayerMetadata,
 	/// A payer id was expected but was missing.
 	MissingPayerId,
+	/// A signature was expected but was missing.
+	MissingSignature,
 }
 
 impl From<bech32::Error> for ParseError {

lightning/src/offers/refund.rs

@@ -102,8 +102,8 @@ pub struct RefundBuilder {
 }
 
 impl RefundBuilder {
-	/// Creates a new builder for a refund using the [`Refund::payer_id`] for signing invoices. Use
-	/// a different pubkey per refund to avoid correlating refunds.
+	/// Creates a new builder for a refund using the [`Refund::payer_id`] for the public node id to
+	/// send to if no [`Refund::paths`] are set. Otherwise, it may be a transient pubkey.
 	///
 	/// Additionally, sets the required [`Refund::description`], [`Refund::metadata`], and
 	/// [`Refund::amount_msats`].
@@ -285,7 +285,10 @@ impl Refund {
 		&self.contents.features
 	}
 
-	/// A possibly transient pubkey used to sign the refund.
+	/// A public node id to send to in the case where there are no [`paths`]. Otherwise, a possibly
+	/// transient pubkey.
+	///
+	/// [`paths`]: Self::paths
 	pub fn payer_id(&self) -> PublicKey {
 		self.contents.payer_id
 	}