Expose a BOLT 12 Invoice's signable_hash

This is useful as an identifier for downstream clients like VLS.

diff --git a/lightning/src/offers/invoice.rs b/lightning/src/offers/invoice.rs
index 49c03a443475cb0c0c4f6ed556f5a242cda7d40b..48b8cec3536b2ab0576feca6826ed960f46d7a60 100644 (file)
--- a/lightning/src/offers/invoice.rs
+++ b/lightning/src/offers/invoice.rs
@@ -469,6 +469,11 @@ impl Invoice {
                self.signature
        }
 
+       /// Hash that was used for signing the invoice.
+       pub fn signable_hash(&self) -> [u8; 32] {
+               merkle::message_digest(SIGNATURE_TAG, &self.bytes).as_ref().clone()
+       }
+
        #[cfg(test)]
        fn as_tlv_stream(&self) -> FullInvoiceTlvStreamRef {
                let (payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream, invoice_tlv_stream) =
@@ -937,6 +942,11 @@ mod tests {
                        ).is_ok()
                );
 
+               let digest = Message::from_slice(&invoice.signable_hash()).unwrap();
+               let pubkey = recipient_pubkey().into();
+               let secp_ctx = Secp256k1::verification_only();
+               assert!(secp_ctx.verify_schnorr(&invoice.signature, &digest, &pubkey).is_ok());
+
                assert_eq!(
                        invoice.as_tlv_stream(),
                        (

diff --git a/lightning/src/offers/merkle.rs b/lightning/src/offers/merkle.rs
index 9782dc7d1e84131f1d6e659dce2d28ac7e9de6f0..94a1eac0ca416bac20ad7a456c224d84706a73d0 100644 (file)
--- a/lightning/src/offers/merkle.rs
+++ b/lightning/src/offers/merkle.rs
@@ -66,7 +66,7 @@ pub(super) fn verify_signature(
        secp_ctx.verify_schnorr(signature, &digest, &pubkey)
 }
 
-fn message_digest(tag: &str, bytes: &[u8]) -> Message {
+pub(super) fn message_digest(tag: &str, bytes: &[u8]) -> Message {
        let tag = sha256::Hash::hash(tag.as_bytes());
        let merkle_root = root_hash(bytes);
        Message::from_slice(&tagged_hash(tag, merkle_root)).unwrap()