projects / rust-lightning / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add c_bindings version of InvoiceRequestBuilder
[rust-lightning] / lightning / src / offers / offer.rs
1 // This file is Copyright its original authors, visible in version control
2 // history.
3 //
4 // This file is licensed under the Apache License, Version 2.0 <LICENSE-APACHE
5 // or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
6 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
7 // You may not use this file except in accordance with one or both of these
8 // licenses.
9
10 //! Data structures and encoding for `offer` messages.
11 //!
12 //! An [`Offer`] represents an "offer to be paid." It is typically constructed by a merchant and
13 //! published as a QR code to be scanned by a customer. The customer uses the offer to request an
14 //! invoice from the merchant to be paid.
15 //!
16 //! # Example
17 //!
18 //! ```
19 //! extern crate bitcoin;
20 //! extern crate core;
21 //! extern crate lightning;
22 //!
23 //! use core::convert::TryFrom;
24 //! use core::num::NonZeroU64;
25 //! use core::time::Duration;
26 //!
27 //! use bitcoin::secp256k1::{KeyPair, PublicKey, Secp256k1, SecretKey};
28 //! use lightning::offers::offer::{Offer, OfferBuilder, Quantity};
29 //! use lightning::offers::parse::Bolt12ParseError;
30 //! use lightning::util::ser::{Readable, Writeable};
31 //!
32 //! # use lightning::blinded_path::BlindedPath;
33 //! # #[cfg(feature = "std")]
34 //! # use std::time::SystemTime;
35 //! #
36 //! # fn create_blinded_path() -> BlindedPath { unimplemented!() }
37 //! # fn create_another_blinded_path() -> BlindedPath { unimplemented!() }
38 //! #
39 //! # #[cfg(feature = "std")]
40 //! # fn build() -> Result<(), Bolt12ParseError> {
41 //! let secp_ctx = Secp256k1::new();
42 //! let keys = KeyPair::from_secret_key(&secp_ctx, &SecretKey::from_slice(&[42; 32]).unwrap());
43 //! let pubkey = PublicKey::from(keys);
44 //!
45 //! let expiration = SystemTime::now() + Duration::from_secs(24 * 60 * 60);
46 //! let offer = OfferBuilder::new("coffee, large".to_string(), pubkey)
47 //!     .amount_msats(20_000)
48 //!     .supported_quantity(Quantity::Unbounded)
49 //!     .absolute_expiry(expiration.duration_since(SystemTime::UNIX_EPOCH).unwrap())
50 //!     .issuer("Foo Bar".to_string())
51 //!     .path(create_blinded_path())
52 //!     .path(create_another_blinded_path())
53 //!     .build()?;
54 //!
55 //! // Encode as a bech32 string for use in a QR code.
56 //! let encoded_offer = offer.to_string();
57 //!
58 //! // Parse from a bech32 string after scanning from a QR code.
59 //! let offer = encoded_offer.parse::<Offer>()?;
60 //!
61 //! // Encode offer as raw bytes.
62 //! let mut bytes = Vec::new();
63 //! offer.write(&mut bytes).unwrap();
64 //!
65 //! // Decode raw bytes into an offer.
66 //! let offer = Offer::try_from(bytes)?;
67 //! # Ok(())
68 //! # }
69 //! ```
70 //!
71 //! # Note
72 //!
73 //! If constructing an [`Offer`] for use with a [`ChannelManager`], use
74 //! [`ChannelManager::create_offer_builder`] instead of [`OfferBuilder::new`].
75 //!
76 //! [`ChannelManager`]: crate::ln::channelmanager::ChannelManager
77 //! [`ChannelManager::create_offer_builder`]: crate::ln::channelmanager::ChannelManager::create_offer_builder
78
79 use bitcoin::blockdata::constants::ChainHash;
80 use bitcoin::network::constants::Network;
81 use bitcoin::secp256k1::{KeyPair, PublicKey, Secp256k1, self};
82 use core::convert::TryFrom;
83 use core::num::NonZeroU64;
84 use core::ops::Deref;
85 use core::str::FromStr;
86 use core::time::Duration;
87 use crate::sign::EntropySource;
88 use crate::io;
89 use crate::blinded_path::BlindedPath;
90 use crate::ln::channelmanager::PaymentId;
91 use crate::ln::features::OfferFeatures;
92 use crate::ln::inbound_payment::{ExpandedKey, IV_LEN, Nonce};
93 use crate::ln::msgs::MAX_VALUE_MSAT;
94 use crate::offers::merkle::TlvStream;
95 use crate::offers::parse::{Bech32Encode, Bolt12ParseError, Bolt12SemanticError, ParsedMessage};
96 use crate::offers::signer::{Metadata, MetadataMaterial, self};
97 use crate::util::ser::{HighZeroBytesDroppedBigSize, WithoutLength, Writeable, Writer};
98 use crate::util::string::PrintableString;
99
100 #[cfg(not(c_bindings))]
101 use {
102         crate::offers::invoice_request::{DerivedPayerId, ExplicitPayerId, InvoiceRequestBuilder},
103 };
104 #[cfg(c_bindings)]
105 use {
106         crate::offers::invoice_request::{InvoiceRequestWithDerivedPayerIdBuilder, InvoiceRequestWithExplicitPayerIdBuilder},
107 };
108
109 use crate::prelude::*;
110
111 #[cfg(feature = "std")]
112 use std::time::SystemTime;
113
114 pub(super) const IV_BYTES: &[u8; IV_LEN] = b"LDK Offer ~~~~~~";
115
116 /// Builds an [`Offer`] for the "offer to be paid" flow.
117 ///
118 /// See [module-level documentation] for usage.
119 ///
120 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
121 ///
122 /// [module-level documentation]: self
123 pub struct OfferBuilder<'a, M: MetadataStrategy, T: secp256k1::Signing> {
124         offer: OfferContents,
125         metadata_strategy: core::marker::PhantomData<M>,
126         secp_ctx: Option<&'a Secp256k1<T>>,
127 }
128
129 /// Builds an [`Offer`] for the "offer to be paid" flow.
130 ///
131 /// See [module-level documentation] for usage.
132 ///
133 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
134 ///
135 /// [module-level documentation]: self
136 #[cfg(c_bindings)]
137 pub struct OfferWithExplicitMetadataBuilder<'a> {
138         offer: OfferContents,
139         metadata_strategy: core::marker::PhantomData<ExplicitMetadata>,
140         secp_ctx: Option<&'a Secp256k1<secp256k1::All>>,
141 }
142
143 /// Builds an [`Offer`] for the "offer to be paid" flow.
144 ///
145 /// See [module-level documentation] for usage.
146 ///
147 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
148 ///
149 /// [module-level documentation]: self
150 #[cfg(c_bindings)]
151 pub struct OfferWithDerivedMetadataBuilder<'a> {
152         offer: OfferContents,
153         metadata_strategy: core::marker::PhantomData<DerivedMetadata>,
154         secp_ctx: Option<&'a Secp256k1<secp256k1::All>>,
155 }
156
157 /// Indicates how [`Offer::metadata`] may be set.
158 ///
159 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
160 pub trait MetadataStrategy {}
161
162 /// [`Offer::metadata`] may be explicitly set or left empty.
163 ///
164 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
165 pub struct ExplicitMetadata {}
166
167 /// [`Offer::metadata`] will be derived.
168 ///
169 /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
170 pub struct DerivedMetadata {}
171
172 impl MetadataStrategy for ExplicitMetadata {}
173
174 impl MetadataStrategy for DerivedMetadata {}
175
176 macro_rules! offer_explicit_metadata_builder_methods { (
177         $self: ident, $self_type: ty, $return_type: ty, $return_value: expr
178 ) => {
179         /// Creates a new builder for an offer setting the [`Offer::description`] and using the
180         /// [`Offer::signing_pubkey`] for signing invoices. The associated secret key must be remembered
181         /// while the offer is valid.
182         ///
183         /// Use a different pubkey per offer to avoid correlating offers.
184         ///
185         /// # Note
186         ///
187         /// If constructing an [`Offer`] for use with a [`ChannelManager`], use
188         /// [`ChannelManager::create_offer_builder`] instead of [`OfferBuilder::new`].
189         ///
190         /// [`ChannelManager`]: crate::ln::channelmanager::ChannelManager
191         /// [`ChannelManager::create_offer_builder`]: crate::ln::channelmanager::ChannelManager::create_offer_builder
192         pub fn new(description: String, signing_pubkey: PublicKey) -> Self {
193                 Self {
194                         offer: OfferContents {
195                                 chains: None, metadata: None, amount: None, description,
196                                 features: OfferFeatures::empty(), absolute_expiry: None, issuer: None, paths: None,
197                                 supported_quantity: Quantity::One, signing_pubkey,
198                         },
199                         metadata_strategy: core::marker::PhantomData,
200                         secp_ctx: None,
201                 }
202         }
203
204         /// Sets the [`Offer::metadata`] to the given bytes.
205         ///
206         /// Successive calls to this method will override the previous setting.
207         pub fn metadata(mut $self: $self_type, metadata: Vec<u8>) -> Result<$return_type, Bolt12SemanticError> {
208                 $self.offer.metadata = Some(Metadata::Bytes(metadata));
209                 Ok($return_value)
210         }
211 } }
212
213 macro_rules! offer_derived_metadata_builder_methods { ($secp_context: ty) => {
214         /// Similar to [`OfferBuilder::new`] except, if [`OfferBuilder::path`] is called, the signing
215         /// pubkey is derived from the given [`ExpandedKey`] and [`EntropySource`]. This provides
216         /// recipient privacy by using a different signing pubkey for each offer. Otherwise, the
217         /// provided `node_id` is used for the signing pubkey.
218         ///
219         /// Also, sets the metadata when [`OfferBuilder::build`] is called such that it can be used by
220         /// [`InvoiceRequest::verify`] to determine if the request was produced for the offer given an
221         /// [`ExpandedKey`].
222         ///
223         /// [`InvoiceRequest::verify`]: crate::offers::invoice_request::InvoiceRequest::verify
224         /// [`ExpandedKey`]: crate::ln::inbound_payment::ExpandedKey
225         pub fn deriving_signing_pubkey<ES: Deref>(
226                 description: String, node_id: PublicKey, expanded_key: &ExpandedKey, entropy_source: ES,
227                 secp_ctx: &'a Secp256k1<$secp_context>
228         ) -> Self where ES::Target: EntropySource {
229                 let nonce = Nonce::from_entropy_source(entropy_source);
230                 let derivation_material = MetadataMaterial::new(nonce, expanded_key, IV_BYTES, None);
231                 let metadata = Metadata::DerivedSigningPubkey(derivation_material);
232                 Self {
233                         offer: OfferContents {
234                                 chains: None, metadata: Some(metadata), amount: None, description,
235                                 features: OfferFeatures::empty(), absolute_expiry: None, issuer: None, paths: None,
236                                 supported_quantity: Quantity::One, signing_pubkey: node_id,
237                         },
238                         metadata_strategy: core::marker::PhantomData,
239                         secp_ctx: Some(secp_ctx),
240                 }
241         }
242 } }
243
244 macro_rules! offer_builder_methods { (
245         $self: ident, $self_type: ty, $return_type: ty, $return_value: expr $(, $self_mut: tt)?
246 ) => {
247         /// Adds the chain hash of the given [`Network`] to [`Offer::chains`]. If not called,
248         /// the chain hash of [`Network::Bitcoin`] is assumed to be the only one supported.
249         ///
250         /// See [`Offer::chains`] on how this relates to the payment currency.
251         ///
252         /// Successive calls to this method will add another chain hash.
253         pub fn chain($self: $self_type, network: Network) -> $return_type {
254                 $self.chain_hash(ChainHash::using_genesis_block(network))
255         }
256
257         /// Adds the [`ChainHash`] to [`Offer::chains`]. If not called, the chain hash of
258         /// [`Network::Bitcoin`] is assumed to be the only one supported.
259         ///
260         /// See [`Offer::chains`] on how this relates to the payment currency.
261         ///
262         /// Successive calls to this method will add another chain hash.
263         pub(crate) fn chain_hash($($self_mut)* $self: $self_type, chain: ChainHash) -> $return_type {
264                 let chains = $self.offer.chains.get_or_insert_with(Vec::new);
265                 if !chains.contains(&chain) {
266                         chains.push(chain);
267                 }
268
269                 $return_value
270         }
271
272         /// Sets the [`Offer::amount`] as an [`Amount::Bitcoin`].
273         ///
274         /// Successive calls to this method will override the previous setting.
275         pub fn amount_msats($self: $self_type, amount_msats: u64) -> $return_type {
276                 $self.amount(Amount::Bitcoin { amount_msats })
277         }
278
279         /// Sets the [`Offer::amount`].
280         ///
281         /// Successive calls to this method will override the previous setting.
282         pub(super) fn amount($($self_mut)* $self: $self_type, amount: Amount) -> $return_type {
283                 $self.offer.amount = Some(amount);
284                 $return_value
285         }
286
287         /// Sets the [`Offer::absolute_expiry`] as seconds since the Unix epoch. Any expiry that has
288         /// already passed is valid and can be checked for using [`Offer::is_expired`].
289         ///
290         /// Successive calls to this method will override the previous setting.
291         pub fn absolute_expiry($($self_mut)* $self: $self_type, absolute_expiry: Duration) -> $return_type {
292                 $self.offer.absolute_expiry = Some(absolute_expiry);
293                 $return_value
294         }
295
296         /// Sets the [`Offer::issuer`].
297         ///
298         /// Successive calls to this method will override the previous setting.
299         pub fn issuer($($self_mut)* $self: $self_type, issuer: String) -> $return_type {
300                 $self.offer.issuer = Some(issuer);
301                 $return_value
302         }
303
304         /// Adds a blinded path to [`Offer::paths`]. Must include at least one path if only connected by
305         /// private channels or if [`Offer::signing_pubkey`] is not a public node id.
306         ///
307         /// Successive calls to this method will add another blinded path. Caller is responsible for not
308         /// adding duplicate paths.
309         pub fn path($($self_mut)* $self: $self_type, path: BlindedPath) -> $return_type {
310                 $self.offer.paths.get_or_insert_with(Vec::new).push(path);
311                 $return_value
312         }
313
314         /// Sets the quantity of items for [`Offer::supported_quantity`]. If not called, defaults to
315         /// [`Quantity::One`].
316         ///
317         /// Successive calls to this method will override the previous setting.
318         pub fn supported_quantity($($self_mut)* $self: $self_type, quantity: Quantity) -> $return_type {
319                 $self.offer.supported_quantity = quantity;
320                 $return_value
321         }
322
323         /// Builds an [`Offer`] from the builder's settings.
324         pub fn build($($self_mut)* $self: $self_type) -> Result<Offer, Bolt12SemanticError> {
325                 match $self.offer.amount {
326                         Some(Amount::Bitcoin { amount_msats }) => {
327                                 if amount_msats > MAX_VALUE_MSAT {
328                                         return Err(Bolt12SemanticError::InvalidAmount);
329                                 }
330                         },
331                         Some(Amount::Currency { .. }) => return Err(Bolt12SemanticError::UnsupportedCurrency),
332                         None => {},
333                 }
334
335                 if let Some(chains) = &$self.offer.chains {
336                         if chains.len() == 1 && chains[0] == $self.offer.implied_chain() {
337                                 $self.offer.chains = None;
338                         }
339                 }
340
341                 Ok($self.build_without_checks())
342         }
343
344         fn build_without_checks($($self_mut)* $self: $self_type) -> Offer {
345                 // Create the metadata for stateless verification of an InvoiceRequest.
346                 if let Some(mut metadata) = $self.offer.metadata.take() {
347                         if metadata.has_derivation_material() {
348                                 if $self.offer.paths.is_none() {
349                                         metadata = metadata.without_keys();
350                                 }
351
352                                 let mut tlv_stream = $self.offer.as_tlv_stream();
353                                 debug_assert_eq!(tlv_stream.metadata, None);
354                                 tlv_stream.metadata = None;
355                                 if metadata.derives_recipient_keys() {
356                                         tlv_stream.node_id = None;
357                                 }
358
359                                 let (derived_metadata, keys) = metadata.derive_from(tlv_stream, $self.secp_ctx);
360                                 metadata = derived_metadata;
361                                 if let Some(keys) = keys {
362                                         $self.offer.signing_pubkey = keys.public_key();
363                                 }
364                         }
365
366                         $self.offer.metadata = Some(metadata);
367                 }
368
369                 let mut bytes = Vec::new();
370                 $self.offer.write(&mut bytes).unwrap();
371
372                 Offer {
373                         bytes,
374                         #[cfg(not(c_bindings))]
375                         contents: $self.offer,
376                         #[cfg(c_bindings)]
377                         contents: $self.offer.clone()
378                 }
379         }
380 } }
381
382 #[cfg(test)]
383 macro_rules! offer_builder_test_methods { (
384         $self: ident, $self_type: ty, $return_type: ty, $return_value: expr $(, $self_mut: tt)?
385 ) => {
386         #[cfg_attr(c_bindings, allow(dead_code))]
387         fn features_unchecked($($self_mut)* $self: $self_type, features: OfferFeatures) -> $return_type {
388                 $self.offer.features = features;
389                 $return_value
390         }
391
392         #[cfg_attr(c_bindings, allow(dead_code))]
393         pub(crate) fn clear_paths($($self_mut)* $self: $self_type) -> $return_type {
394                 $self.offer.paths = None;
395                 $return_value
396         }
397
398         #[cfg_attr(c_bindings, allow(dead_code))]
399         pub(super) fn build_unchecked($self: $self_type) -> Offer {
400                 $self.build_without_checks()
401         }
402 } }
403
404 impl<'a, M: MetadataStrategy, T: secp256k1::Signing> OfferBuilder<'a, M, T> {
405         offer_builder_methods!(self, Self, Self, self, mut);
406
407         #[cfg(test)]
408         offer_builder_test_methods!(self, Self, Self, self, mut);
409 }
410
411 impl<'a> OfferBuilder<'a, ExplicitMetadata, secp256k1::SignOnly> {
412         offer_explicit_metadata_builder_methods!(self, Self, Self, self);
413 }
414
415 impl<'a, T: secp256k1::Signing> OfferBuilder<'a, DerivedMetadata, T> {
416         offer_derived_metadata_builder_methods!(T);
417 }
418
419 #[cfg(all(c_bindings, not(test)))]
420 impl<'a> OfferWithExplicitMetadataBuilder<'a> {
421         offer_explicit_metadata_builder_methods!(self, &mut Self, (), ());
422         offer_builder_methods!(self, &mut Self, (), ());
423 }
424
425 #[cfg(all(c_bindings, test))]
426 impl<'a> OfferWithExplicitMetadataBuilder<'a> {
427         offer_explicit_metadata_builder_methods!(self, &mut Self, &mut Self, self);
428         offer_builder_methods!(self, &mut Self, &mut Self, self);
429         offer_builder_test_methods!(self, &mut Self, &mut Self, self);
430 }
431
432 #[cfg(all(c_bindings, not(test)))]
433 impl<'a> OfferWithDerivedMetadataBuilder<'a> {
434         offer_derived_metadata_builder_methods!(secp256k1::All);
435         offer_builder_methods!(self, &mut Self, (), ());
436 }
437
438 #[cfg(all(c_bindings, test))]
439 impl<'a> OfferWithDerivedMetadataBuilder<'a> {
440         offer_derived_metadata_builder_methods!(secp256k1::All);
441         offer_builder_methods!(self, &mut Self, &mut Self, self);
442         offer_builder_test_methods!(self, &mut Self, &mut Self, self);
443 }
444
445 #[cfg(c_bindings)]
446 impl<'a> From<OfferBuilder<'a, DerivedMetadata, secp256k1::All>>
447 for OfferWithDerivedMetadataBuilder<'a> {
448         fn from(builder: OfferBuilder<'a, DerivedMetadata, secp256k1::All>) -> Self {
449                 let OfferBuilder { offer, metadata_strategy, secp_ctx } = builder;
450
451                 Self { offer, metadata_strategy, secp_ctx }
452         }
453 }
454
455 /// An `Offer` is a potentially long-lived proposal for payment of a good or service.
456 ///
457 /// An offer is a precursor to an [`InvoiceRequest`]. A merchant publishes an offer from which a
458 /// customer may request an [`Bolt12Invoice`] for a specific quantity and using an amount sufficient
459 /// to cover that quantity (i.e., at least `quantity * amount`). See [`Offer::amount`].
460 ///
461 /// Offers may be denominated in currency other than bitcoin but are ultimately paid using the
462 /// latter.
463 ///
464 /// Through the use of [`BlindedPath`]s, offers provide recipient privacy.
465 ///
466 /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
467 /// [`Bolt12Invoice`]: crate::offers::invoice::Bolt12Invoice
468 #[derive(Clone, Debug)]
469 #[cfg_attr(test, derive(PartialEq))]
470 pub struct Offer {
471         // The serialized offer. Needed when creating an `InvoiceRequest` if the offer contains unknown
472         // fields.
473         pub(super) bytes: Vec<u8>,
474         pub(super) contents: OfferContents,
475 }
476
477 /// The contents of an [`Offer`], which may be shared with an [`InvoiceRequest`] or a
478 /// [`Bolt12Invoice`].
479 ///
480 /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
481 /// [`Bolt12Invoice`]: crate::offers::invoice::Bolt12Invoice
482 #[derive(Clone, Debug)]
483 #[cfg_attr(test, derive(PartialEq))]
484 pub(super) struct OfferContents {
485         chains: Option<Vec<ChainHash>>,
486         metadata: Option<Metadata>,
487         amount: Option<Amount>,
488         description: String,
489         features: OfferFeatures,
490         absolute_expiry: Option<Duration>,
491         issuer: Option<String>,
492         paths: Option<Vec<BlindedPath>>,
493         supported_quantity: Quantity,
494         signing_pubkey: PublicKey,
495 }
496
497 macro_rules! offer_accessors { ($self: ident, $contents: expr) => {
498         // TODO: Return a slice once ChainHash has constants.
499         // - https://github.com/rust-bitcoin/rust-bitcoin/pull/1283
500         // - https://github.com/rust-bitcoin/rust-bitcoin/pull/1286
501         /// The chains that may be used when paying a requested invoice (e.g., bitcoin mainnet).
502         /// Payments must be denominated in units of the minimal lightning-payable unit (e.g., msats)
503         /// for the selected chain.
504         pub fn chains(&$self) -> Vec<bitcoin::blockdata::constants::ChainHash> {
505                 $contents.chains()
506         }
507
508         // TODO: Link to corresponding method in `InvoiceRequest`.
509         /// Opaque bytes set by the originator. Useful for authentication and validating fields since it
510         /// is reflected in `invoice_request` messages along with all the other fields from the `offer`.
511         pub fn metadata(&$self) -> Option<&Vec<u8>> {
512                 $contents.metadata()
513         }
514
515         /// The minimum amount required for a successful payment of a single item.
516         pub fn amount(&$self) -> Option<&$crate::offers::offer::Amount> {
517                 $contents.amount()
518         }
519
520         /// A complete description of the purpose of the payment. Intended to be displayed to the user
521         /// but with the caveat that it has not been verified in any way.
522         pub fn description(&$self) -> $crate::util::string::PrintableString {
523                 $contents.description()
524         }
525
526         /// Features pertaining to the offer.
527         pub fn offer_features(&$self) -> &$crate::ln::features::OfferFeatures {
528                 &$contents.features()
529         }
530
531         /// Duration since the Unix epoch when an invoice should no longer be requested.
532         ///
533         /// If `None`, the offer does not expire.
534         pub fn absolute_expiry(&$self) -> Option<core::time::Duration> {
535                 $contents.absolute_expiry()
536         }
537
538         /// The issuer of the offer, possibly beginning with `user@domain` or `domain`. Intended to be
539         /// displayed to the user but with the caveat that it has not been verified in any way.
540         pub fn issuer(&$self) -> Option<$crate::util::string::PrintableString> {
541                 $contents.issuer()
542         }
543
544         /// Paths to the recipient originating from publicly reachable nodes. Blinded paths provide
545         /// recipient privacy by obfuscating its node id.
546         pub fn paths(&$self) -> &[$crate::blinded_path::BlindedPath] {
547                 $contents.paths()
548         }
549
550         /// The quantity of items supported.
551         pub fn supported_quantity(&$self) -> $crate::offers::offer::Quantity {
552                 $contents.supported_quantity()
553         }
554
555         /// The public key used by the recipient to sign invoices.
556         pub fn signing_pubkey(&$self) -> bitcoin::secp256k1::PublicKey {
557                 $contents.signing_pubkey()
558         }
559 } }
560
561 impl Offer {
562         offer_accessors!(self, self.contents);
563
564         pub(super) fn implied_chain(&self) -> ChainHash {
565                 self.contents.implied_chain()
566         }
567
568         /// Returns whether the given chain is supported by the offer.
569         pub fn supports_chain(&self, chain: ChainHash) -> bool {
570                 self.contents.supports_chain(chain)
571         }
572
573         /// Whether the offer has expired.
574         #[cfg(feature = "std")]
575         pub fn is_expired(&self) -> bool {
576                 self.contents.is_expired()
577         }
578
579         /// Whether the offer has expired given the duration since the Unix epoch.
580         pub fn is_expired_no_std(&self, duration_since_epoch: Duration) -> bool {
581                 self.contents.is_expired_no_std(duration_since_epoch)
582         }
583
584         /// Returns whether the given quantity is valid for the offer.
585         pub fn is_valid_quantity(&self, quantity: u64) -> bool {
586                 self.contents.is_valid_quantity(quantity)
587         }
588
589         /// Returns whether a quantity is expected in an [`InvoiceRequest`] for the offer.
590         ///
591         /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
592         pub fn expects_quantity(&self) -> bool {
593                 self.contents.expects_quantity()
594         }
595 }
596
597 macro_rules! request_invoice_derived_payer_id { ($self: ident, $builder: ty) => {
598         /// Similar to [`Offer::request_invoice`] except it:
599         /// - derives the [`InvoiceRequest::payer_id`] such that a different key can be used for each
600         ///   request,
601         /// - sets [`InvoiceRequest::payer_metadata`] when [`InvoiceRequestBuilder::build`] is called
602         ///   such that it can be used by [`Bolt12Invoice::verify`] to determine if the invoice was
603         ///   requested using a base [`ExpandedKey`] from which the payer id was derived, and
604         /// - includes the [`PaymentId`] encrypted in [`InvoiceRequest::payer_metadata`] so that it can
605         ///   be used when sending the payment for the requested invoice.
606         ///
607         /// Useful to protect the sender's privacy.
608         ///
609         /// [`InvoiceRequest::payer_id`]: crate::offers::invoice_request::InvoiceRequest::payer_id
610         /// [`InvoiceRequest::payer_metadata`]: crate::offers::invoice_request::InvoiceRequest::payer_metadata
611         /// [`Bolt12Invoice::verify`]: crate::offers::invoice::Bolt12Invoice::verify
612         /// [`ExpandedKey`]: crate::ln::inbound_payment::ExpandedKey
613         pub fn request_invoice_deriving_payer_id<
614                 'a, 'b, ES: Deref,
615                 #[cfg(not(c_bindings))]
616                 T: secp256k1::Signing
617         >(
618                 &'a $self, expanded_key: &ExpandedKey, entropy_source: ES,
619                 #[cfg(not(c_bindings))]
620                 secp_ctx: &'b Secp256k1<T>,
621                 #[cfg(c_bindings)]
622                 secp_ctx: &'b Secp256k1<secp256k1::All>,
623                 payment_id: PaymentId
624         ) -> Result<$builder, Bolt12SemanticError>
625         where
626                 ES::Target: EntropySource,
627         {
628                 if $self.offer_features().requires_unknown_bits() {
629                         return Err(Bolt12SemanticError::UnknownRequiredFeatures);
630                 }
631
632                 Ok(<$builder>::deriving_payer_id($self, expanded_key, entropy_source, secp_ctx, payment_id))
633         }
634 } }
635
636 macro_rules! request_invoice_explicit_payer_id { ($self: ident, $builder: ty) => {
637         /// Similar to [`Offer::request_invoice_deriving_payer_id`] except uses `payer_id` for the
638         /// [`InvoiceRequest::payer_id`] instead of deriving a different key for each request.
639         ///
640         /// Useful for recurring payments using the same `payer_id` with different invoices.
641         ///
642         /// [`InvoiceRequest::payer_id`]: crate::offers::invoice_request::InvoiceRequest::payer_id
643         pub fn request_invoice_deriving_metadata<ES: Deref>(
644                 &$self, payer_id: PublicKey, expanded_key: &ExpandedKey, entropy_source: ES,
645                 payment_id: PaymentId
646         ) -> Result<$builder, Bolt12SemanticError>
647         where
648                 ES::Target: EntropySource,
649         {
650                 if $self.offer_features().requires_unknown_bits() {
651                         return Err(Bolt12SemanticError::UnknownRequiredFeatures);
652                 }
653
654                 Ok(<$builder>::deriving_metadata($self, payer_id, expanded_key, entropy_source, payment_id))
655         }
656
657         /// Creates an [`InvoiceRequestBuilder`] for the offer with the given `metadata` and `payer_id`,
658         /// which will be reflected in the `Bolt12Invoice` response.
659         ///
660         /// The `metadata` is useful for including information about the derivation of `payer_id` such
661         /// that invoice response handling can be stateless. Also serves as payer-provided entropy while
662         /// hashing in the signature calculation.
663         ///
664         /// This should not leak any information such as by using a simple BIP-32 derivation path.
665         /// Otherwise, payments may be correlated.
666         ///
667         /// Errors if the offer contains unknown required features.
668         ///
669         /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
670         pub fn request_invoice(
671                 &$self, metadata: Vec<u8>, payer_id: PublicKey
672         ) -> Result<$builder, Bolt12SemanticError> {
673                 if $self.offer_features().requires_unknown_bits() {
674                         return Err(Bolt12SemanticError::UnknownRequiredFeatures);
675                 }
676
677                 Ok(<$builder>::new($self, metadata, payer_id))
678         }
679 } }
680
681 #[cfg(not(c_bindings))]
682 impl Offer {
683         request_invoice_derived_payer_id!(self, InvoiceRequestBuilder<'a, 'b, DerivedPayerId, T>);
684         request_invoice_explicit_payer_id!(self, InvoiceRequestBuilder<ExplicitPayerId, secp256k1::SignOnly>);
685 }
686
687 #[cfg(c_bindings)]
688 impl Offer {
689         request_invoice_derived_payer_id!(self, InvoiceRequestWithDerivedPayerIdBuilder<'a, 'b>);
690         request_invoice_explicit_payer_id!(self, InvoiceRequestWithExplicitPayerIdBuilder);
691 }
692
693 #[cfg(test)]
694 impl Offer {
695         pub(super) fn as_tlv_stream(&self) -> OfferTlvStreamRef {
696                 self.contents.as_tlv_stream()
697         }
698 }
699
700 impl AsRef<[u8]> for Offer {
701         fn as_ref(&self) -> &[u8] {
702                 &self.bytes
703         }
704 }
705
706 impl OfferContents {
707         pub fn chains(&self) -> Vec<ChainHash> {
708                 self.chains.as_ref().cloned().unwrap_or_else(|| vec![self.implied_chain()])
709         }
710
711         pub fn implied_chain(&self) -> ChainHash {
712                 ChainHash::using_genesis_block(Network::Bitcoin)
713         }
714
715         pub fn supports_chain(&self, chain: ChainHash) -> bool {
716                 self.chains().contains(&chain)
717         }
718
719         pub fn metadata(&self) -> Option<&Vec<u8>> {
720                 self.metadata.as_ref().and_then(|metadata| metadata.as_bytes())
721         }
722
723         pub fn amount(&self) -> Option<&Amount> {
724                 self.amount.as_ref()
725         }
726
727         pub fn description(&self) -> PrintableString {
728                 PrintableString(&self.description)
729         }
730
731         pub fn features(&self) -> &OfferFeatures {
732                 &self.features
733         }
734
735         pub fn absolute_expiry(&self) -> Option<Duration> {
736                 self.absolute_expiry
737         }
738
739         #[cfg(feature = "std")]
740         pub(super) fn is_expired(&self) -> bool {
741                 SystemTime::UNIX_EPOCH
742                         .elapsed()
743                         .map(|duration_since_epoch| self.is_expired_no_std(duration_since_epoch))
744                         .unwrap_or(false)
745         }
746
747         pub(super) fn is_expired_no_std(&self, duration_since_epoch: Duration) -> bool {
748                 self.absolute_expiry
749                         .map(|absolute_expiry| duration_since_epoch > absolute_expiry)
750                         .unwrap_or(false)
751         }
752
753         pub fn issuer(&self) -> Option<PrintableString> {
754                 self.issuer.as_ref().map(|issuer| PrintableString(issuer.as_str()))
755         }
756
757         pub fn paths(&self) -> &[BlindedPath] {
758                 self.paths.as_ref().map(|paths| paths.as_slice()).unwrap_or(&[])
759         }
760
761         pub(super) fn check_amount_msats_for_quantity(
762                 &self, amount_msats: Option<u64>, quantity: Option<u64>
763         ) -> Result<(), Bolt12SemanticError> {
764                 let offer_amount_msats = match self.amount {
765                         None => 0,
766                         Some(Amount::Bitcoin { amount_msats }) => amount_msats,
767                         Some(Amount::Currency { .. }) => return Err(Bolt12SemanticError::UnsupportedCurrency),
768                 };
769
770                 if !self.expects_quantity() || quantity.is_some() {
771                         let expected_amount_msats = offer_amount_msats.checked_mul(quantity.unwrap_or(1))
772                                 .ok_or(Bolt12SemanticError::InvalidAmount)?;
773                         let amount_msats = amount_msats.unwrap_or(expected_amount_msats);
774
775                         if amount_msats < expected_amount_msats {
776                                 return Err(Bolt12SemanticError::InsufficientAmount);
777                         }
778
779                         if amount_msats > MAX_VALUE_MSAT {
780                                 return Err(Bolt12SemanticError::InvalidAmount);
781                         }
782                 }
783
784                 Ok(())
785         }
786
787         pub fn supported_quantity(&self) -> Quantity {
788                 self.supported_quantity
789         }
790
791         pub(super) fn check_quantity(&self, quantity: Option<u64>) -> Result<(), Bolt12SemanticError> {
792                 let expects_quantity = self.expects_quantity();
793                 match quantity {
794                         None if expects_quantity => Err(Bolt12SemanticError::MissingQuantity),
795                         Some(_) if !expects_quantity => Err(Bolt12SemanticError::UnexpectedQuantity),
796                         Some(quantity) if !self.is_valid_quantity(quantity) => {
797                                 Err(Bolt12SemanticError::InvalidQuantity)
798                         },
799                         _ => Ok(()),
800                 }
801         }
802
803         fn is_valid_quantity(&self, quantity: u64) -> bool {
804                 match self.supported_quantity {
805                         Quantity::Bounded(n) => quantity <= n.get(),
806                         Quantity::Unbounded => quantity > 0,
807                         Quantity::One => quantity == 1,
808                 }
809         }
810
811         fn expects_quantity(&self) -> bool {
812                 match self.supported_quantity {
813                         Quantity::Bounded(_) => true,
814                         Quantity::Unbounded => true,
815                         Quantity::One => false,
816                 }
817         }
818
819         pub(super) fn signing_pubkey(&self) -> PublicKey {
820                 self.signing_pubkey
821         }
822
823         /// Verifies that the offer metadata was produced from the offer in the TLV stream.
824         pub(super) fn verify<T: secp256k1::Signing>(
825                 &self, bytes: &[u8], key: &ExpandedKey, secp_ctx: &Secp256k1<T>
826         ) -> Result<Option<KeyPair>, ()> {
827                 match self.metadata() {
828                         Some(metadata) => {
829                                 let tlv_stream = TlvStream::new(bytes).range(OFFER_TYPES).filter(|record| {
830                                         match record.r#type {
831                                                 OFFER_METADATA_TYPE => false,
832                                                 OFFER_NODE_ID_TYPE => {
833                                                         !self.metadata.as_ref().unwrap().derives_recipient_keys()
834                                                 },
835                                                 _ => true,
836                                         }
837                                 });
838                                 signer::verify_recipient_metadata(
839                                         metadata, key, IV_BYTES, self.signing_pubkey(), tlv_stream, secp_ctx
840                                 )
841                         },
842                         None => Err(()),
843                 }
844         }
845
846         pub(super) fn as_tlv_stream(&self) -> OfferTlvStreamRef {
847                 let (currency, amount) = match &self.amount {
848                         None => (None, None),
849                         Some(Amount::Bitcoin { amount_msats }) => (None, Some(*amount_msats)),
850                         Some(Amount::Currency { iso4217_code, amount }) => (
851                                 Some(iso4217_code), Some(*amount)
852                         ),
853                 };
854
855                 let features = {
856                         if self.features == OfferFeatures::empty() { None } else { Some(&self.features) }
857                 };
858
859                 OfferTlvStreamRef {
860                         chains: self.chains.as_ref(),
861                         metadata: self.metadata(),
862                         currency,
863                         amount,
864                         description: Some(&self.description),
865                         features,
866                         absolute_expiry: self.absolute_expiry.map(|duration| duration.as_secs()),
867                         paths: self.paths.as_ref(),
868                         issuer: self.issuer.as_ref(),
869                         quantity_max: self.supported_quantity.to_tlv_record(),
870                         node_id: Some(&self.signing_pubkey),
871                 }
872         }
873 }
874
875 impl Writeable for Offer {
876         fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
877                 WithoutLength(&self.bytes).write(writer)
878         }
879 }
880
881 impl Writeable for OfferContents {
882         fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> {
883                 self.as_tlv_stream().write(writer)
884         }
885 }
886
887 /// The minimum amount required for an item in an [`Offer`], denominated in either bitcoin or
888 /// another currency.
889 #[derive(Clone, Debug, PartialEq)]
890 pub enum Amount {
891         /// An amount of bitcoin.
892         Bitcoin {
893                 /// The amount in millisatoshi.
894                 amount_msats: u64,
895         },
896         /// An amount of currency specified using ISO 4712.
897         Currency {
898                 /// The currency that the amount is denominated in.
899                 iso4217_code: CurrencyCode,
900                 /// The amount in the currency unit adjusted by the ISO 4712 exponent (e.g., USD cents).
901                 amount: u64,
902         },
903 }
904
905 /// An ISO 4712 three-letter currency code (e.g., USD).
906 pub type CurrencyCode = [u8; 3];
907
908 /// Quantity of items supported by an [`Offer`].
909 #[derive(Clone, Copy, Debug, PartialEq)]
910 pub enum Quantity {
911         /// Up to a specific number of items (inclusive). Use when more than one item can be requested
912         /// but is limited (e.g., because of per customer or inventory limits).
913         ///
914         /// May be used with `NonZeroU64::new(1)` but prefer to use [`Quantity::One`] if only one item
915         /// is supported.
916         Bounded(NonZeroU64),
917         /// One or more items. Use when more than one item can be requested without any limit.
918         Unbounded,
919         /// Only one item. Use when only a single item can be requested.
920         One,
921 }
922
923 impl Quantity {
924         fn to_tlv_record(&self) -> Option<u64> {
925                 match self {
926                         Quantity::Bounded(n) => Some(n.get()),
927                         Quantity::Unbounded => Some(0),
928                         Quantity::One => None,
929                 }
930         }
931 }
932
933 /// Valid type range for offer TLV records.
934 pub(super) const OFFER_TYPES: core::ops::Range<u64> = 1..80;
935
936 /// TLV record type for [`Offer::metadata`].
937 const OFFER_METADATA_TYPE: u64 = 4;
938
939 /// TLV record type for [`Offer::signing_pubkey`].
940 const OFFER_NODE_ID_TYPE: u64 = 22;
941
942 tlv_stream!(OfferTlvStream, OfferTlvStreamRef, OFFER_TYPES, {
943         (2, chains: (Vec<ChainHash>, WithoutLength)),
944         (OFFER_METADATA_TYPE, metadata: (Vec<u8>, WithoutLength)),
945         (6, currency: CurrencyCode),
946         (8, amount: (u64, HighZeroBytesDroppedBigSize)),
947         (10, description: (String, WithoutLength)),
948         (12, features: (OfferFeatures, WithoutLength)),
949         (14, absolute_expiry: (u64, HighZeroBytesDroppedBigSize)),
950         (16, paths: (Vec<BlindedPath>, WithoutLength)),
951         (18, issuer: (String, WithoutLength)),
952         (20, quantity_max: (u64, HighZeroBytesDroppedBigSize)),
953         (OFFER_NODE_ID_TYPE, node_id: PublicKey),
954 });
955
956 impl Bech32Encode for Offer {
957         const BECH32_HRP: &'static str = "lno";
958 }
959
960 impl FromStr for Offer {
961         type Err = Bolt12ParseError;
962
963         fn from_str(s: &str) -> Result<Self, <Self as FromStr>::Err> {
964                 Self::from_bech32_str(s)
965         }
966 }
967
968 impl TryFrom<Vec<u8>> for Offer {
969         type Error = Bolt12ParseError;
970
971         fn try_from(bytes: Vec<u8>) -> Result<Self, Self::Error> {
972                 let offer = ParsedMessage::<OfferTlvStream>::try_from(bytes)?;
973                 let ParsedMessage { bytes, tlv_stream } = offer;
974                 let contents = OfferContents::try_from(tlv_stream)?;
975                 Ok(Offer { bytes, contents })
976         }
977 }
978
979 impl TryFrom<OfferTlvStream> for OfferContents {
980         type Error = Bolt12SemanticError;
981
982         fn try_from(tlv_stream: OfferTlvStream) -> Result<Self, Self::Error> {
983                 let OfferTlvStream {
984                         chains, metadata, currency, amount, description, features, absolute_expiry, paths,
985                         issuer, quantity_max, node_id,
986                 } = tlv_stream;
987
988                 let metadata = metadata.map(|metadata| Metadata::Bytes(metadata));
989
990                 let amount = match (currency, amount) {
991                         (None, None) => None,
992                         (None, Some(amount_msats)) if amount_msats > MAX_VALUE_MSAT => {
993                                 return Err(Bolt12SemanticError::InvalidAmount);
994                         },
995                         (None, Some(amount_msats)) => Some(Amount::Bitcoin { amount_msats }),
996                         (Some(_), None) => return Err(Bolt12SemanticError::MissingAmount),
997                         (Some(iso4217_code), Some(amount)) => Some(Amount::Currency { iso4217_code, amount }),
998                 };
999
1000                 let description = match description {
1001                         None => return Err(Bolt12SemanticError::MissingDescription),
1002                         Some(description) => description,
1003                 };
1004
1005                 let features = features.unwrap_or_else(OfferFeatures::empty);
1006
1007                 let absolute_expiry = absolute_expiry
1008                         .map(|seconds_from_epoch| Duration::from_secs(seconds_from_epoch));
1009
1010                 let supported_quantity = match quantity_max {
1011                         None => Quantity::One,
1012                         Some(0) => Quantity::Unbounded,
1013                         Some(n) => Quantity::Bounded(NonZeroU64::new(n).unwrap()),
1014                 };
1015
1016                 let signing_pubkey = match node_id {
1017                         None => return Err(Bolt12SemanticError::MissingSigningPubkey),
1018                         Some(node_id) => node_id,
1019                 };
1020
1021                 Ok(OfferContents {
1022                         chains, metadata, amount, description, features, absolute_expiry, issuer, paths,
1023                         supported_quantity, signing_pubkey,
1024                 })
1025         }
1026 }
1027
1028 impl core::fmt::Display for Offer {
1029         fn fmt(&self, f: &mut core::fmt::Formatter) -> Result<(), core::fmt::Error> {
1030                 self.fmt_bech32_str(f)
1031         }
1032 }
1033
1034 #[cfg(test)]
1035 mod tests {
1036         use super::{Amount, Offer, OfferTlvStreamRef, Quantity};
1037         #[cfg(not(c_bindings))]
1038         use {
1039                 super::OfferBuilder,
1040         };
1041         #[cfg(c_bindings)]
1042         use {
1043                 super::OfferWithExplicitMetadataBuilder as OfferBuilder,
1044         };
1045
1046         use bitcoin::blockdata::constants::ChainHash;
1047         use bitcoin::network::constants::Network;
1048         use bitcoin::secp256k1::Secp256k1;
1049         use core::convert::TryFrom;
1050         use core::num::NonZeroU64;
1051         use core::time::Duration;
1052         use crate::blinded_path::{BlindedHop, BlindedPath};
1053         use crate::sign::KeyMaterial;
1054         use crate::ln::features::OfferFeatures;
1055         use crate::ln::inbound_payment::ExpandedKey;
1056         use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
1057         use crate::offers::parse::{Bolt12ParseError, Bolt12SemanticError};
1058         use crate::offers::test_utils::*;
1059         use crate::util::ser::{BigSize, Writeable};
1060         use crate::util::string::PrintableString;
1061
1062         #[test]
1063         fn builds_offer_with_defaults() {
1064                 let offer = OfferBuilder::new("foo".into(), pubkey(42)).build().unwrap();
1065
1066                 let mut buffer = Vec::new();
1067                 offer.write(&mut buffer).unwrap();
1068
1069                 assert_eq!(offer.bytes, buffer.as_slice());
1070                 assert_eq!(offer.chains(), vec![ChainHash::using_genesis_block(Network::Bitcoin)]);
1071                 assert!(offer.supports_chain(ChainHash::using_genesis_block(Network::Bitcoin)));
1072                 assert_eq!(offer.metadata(), None);
1073                 assert_eq!(offer.amount(), None);
1074                 assert_eq!(offer.description(), PrintableString("foo"));
1075                 assert_eq!(offer.offer_features(), &OfferFeatures::empty());
1076                 assert_eq!(offer.absolute_expiry(), None);
1077                 #[cfg(feature = "std")]
1078                 assert!(!offer.is_expired());
1079                 assert_eq!(offer.paths(), &[]);
1080                 assert_eq!(offer.issuer(), None);
1081                 assert_eq!(offer.supported_quantity(), Quantity::One);
1082                 assert_eq!(offer.signing_pubkey(), pubkey(42));
1083
1084                 assert_eq!(
1085                         offer.as_tlv_stream(),
1086                         OfferTlvStreamRef {
1087                                 chains: None,
1088                                 metadata: None,
1089                                 currency: None,
1090                                 amount: None,
1091                                 description: Some(&String::from("foo")),
1092                                 features: None,
1093                                 absolute_expiry: None,
1094                                 paths: None,
1095                                 issuer: None,
1096                                 quantity_max: None,
1097                                 node_id: Some(&pubkey(42)),
1098                         },
1099                 );
1100
1101                 if let Err(e) = Offer::try_from(buffer) {
1102                         panic!("error parsing offer: {:?}", e);
1103                 }
1104         }
1105
1106         #[test]
1107         fn builds_offer_with_chains() {
1108                 let mainnet = ChainHash::using_genesis_block(Network::Bitcoin);
1109                 let testnet = ChainHash::using_genesis_block(Network::Testnet);
1110
1111                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1112                         .chain(Network::Bitcoin)
1113                         .build()
1114                         .unwrap();
1115                 assert!(offer.supports_chain(mainnet));
1116                 assert_eq!(offer.chains(), vec![mainnet]);
1117                 assert_eq!(offer.as_tlv_stream().chains, None);
1118
1119                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1120                         .chain(Network::Testnet)
1121                         .build()
1122                         .unwrap();
1123                 assert!(offer.supports_chain(testnet));
1124                 assert_eq!(offer.chains(), vec![testnet]);
1125                 assert_eq!(offer.as_tlv_stream().chains, Some(&vec![testnet]));
1126
1127                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1128                         .chain(Network::Testnet)
1129                         .chain(Network::Testnet)
1130                         .build()
1131                         .unwrap();
1132                 assert!(offer.supports_chain(testnet));
1133                 assert_eq!(offer.chains(), vec![testnet]);
1134                 assert_eq!(offer.as_tlv_stream().chains, Some(&vec![testnet]));
1135
1136                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1137                         .chain(Network::Bitcoin)
1138                         .chain(Network::Testnet)
1139                         .build()
1140                         .unwrap();
1141                 assert!(offer.supports_chain(mainnet));
1142                 assert!(offer.supports_chain(testnet));
1143                 assert_eq!(offer.chains(), vec![mainnet, testnet]);
1144                 assert_eq!(offer.as_tlv_stream().chains, Some(&vec![mainnet, testnet]));
1145         }
1146
1147         #[test]
1148         fn builds_offer_with_metadata() {
1149                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1150                         .metadata(vec![42; 32]).unwrap()
1151                         .build()
1152                         .unwrap();
1153                 assert_eq!(offer.metadata(), Some(&vec![42; 32]));
1154                 assert_eq!(offer.as_tlv_stream().metadata, Some(&vec![42; 32]));
1155
1156                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1157                         .metadata(vec![42; 32]).unwrap()
1158                         .metadata(vec![43; 32]).unwrap()
1159                         .build()
1160                         .unwrap();
1161                 assert_eq!(offer.metadata(), Some(&vec![43; 32]));
1162                 assert_eq!(offer.as_tlv_stream().metadata, Some(&vec![43; 32]));
1163         }
1164
1165         #[test]
1166         fn builds_offer_with_metadata_derived() {
1167                 let desc = "foo".to_string();
1168                 let node_id = recipient_pubkey();
1169                 let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
1170                 let entropy = FixedEntropy {};
1171                 let secp_ctx = Secp256k1::new();
1172
1173                 #[cfg(c_bindings)]
1174                 use super::OfferWithDerivedMetadataBuilder as OfferBuilder;
1175                 let offer = OfferBuilder
1176                         ::deriving_signing_pubkey(desc, node_id, &expanded_key, &entropy, &secp_ctx)
1177                         .amount_msats(1000)
1178                         .build().unwrap();
1179                 assert_eq!(offer.signing_pubkey(), node_id);
1180
1181                 let invoice_request = offer.request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1182                         .build().unwrap()
1183                         .sign(payer_sign).unwrap();
1184                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_ok());
1185
1186                 // Fails verification with altered offer field
1187                 let mut tlv_stream = offer.as_tlv_stream();
1188                 tlv_stream.amount = Some(100);
1189
1190                 let mut encoded_offer = Vec::new();
1191                 tlv_stream.write(&mut encoded_offer).unwrap();
1192
1193                 let invoice_request = Offer::try_from(encoded_offer).unwrap()
1194                         .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1195                         .build().unwrap()
1196                         .sign(payer_sign).unwrap();
1197                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
1198
1199                 // Fails verification with altered metadata
1200                 let mut tlv_stream = offer.as_tlv_stream();
1201                 let metadata = tlv_stream.metadata.unwrap().iter().copied().rev().collect();
1202                 tlv_stream.metadata = Some(&metadata);
1203
1204                 let mut encoded_offer = Vec::new();
1205                 tlv_stream.write(&mut encoded_offer).unwrap();
1206
1207                 let invoice_request = Offer::try_from(encoded_offer).unwrap()
1208                         .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1209                         .build().unwrap()
1210                         .sign(payer_sign).unwrap();
1211                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
1212         }
1213
1214         #[test]
1215         fn builds_offer_with_derived_signing_pubkey() {
1216                 let desc = "foo".to_string();
1217                 let node_id = recipient_pubkey();
1218                 let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
1219                 let entropy = FixedEntropy {};
1220                 let secp_ctx = Secp256k1::new();
1221
1222                 let blinded_path = BlindedPath {
1223                         introduction_node_id: pubkey(40),
1224                         blinding_point: pubkey(41),
1225                         blinded_hops: vec![
1226                                 BlindedHop { blinded_node_id: pubkey(42), encrypted_payload: vec![0; 43] },
1227                                 BlindedHop { blinded_node_id: node_id, encrypted_payload: vec![0; 44] },
1228                         ],
1229                 };
1230
1231                 #[cfg(c_bindings)]
1232                 use super::OfferWithDerivedMetadataBuilder as OfferBuilder;
1233                 let offer = OfferBuilder
1234                         ::deriving_signing_pubkey(desc, node_id, &expanded_key, &entropy, &secp_ctx)
1235                         .amount_msats(1000)
1236                         .path(blinded_path)
1237                         .build().unwrap();
1238                 assert_ne!(offer.signing_pubkey(), node_id);
1239
1240                 let invoice_request = offer.request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1241                         .build().unwrap()
1242                         .sign(payer_sign).unwrap();
1243                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_ok());
1244
1245                 // Fails verification with altered offer field
1246                 let mut tlv_stream = offer.as_tlv_stream();
1247                 tlv_stream.amount = Some(100);
1248
1249                 let mut encoded_offer = Vec::new();
1250                 tlv_stream.write(&mut encoded_offer).unwrap();
1251
1252                 let invoice_request = Offer::try_from(encoded_offer).unwrap()
1253                         .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1254                         .build().unwrap()
1255                         .sign(payer_sign).unwrap();
1256                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
1257
1258                 // Fails verification with altered signing pubkey
1259                 let mut tlv_stream = offer.as_tlv_stream();
1260                 let signing_pubkey = pubkey(1);
1261                 tlv_stream.node_id = Some(&signing_pubkey);
1262
1263                 let mut encoded_offer = Vec::new();
1264                 tlv_stream.write(&mut encoded_offer).unwrap();
1265
1266                 let invoice_request = Offer::try_from(encoded_offer).unwrap()
1267                         .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
1268                         .build().unwrap()
1269                         .sign(payer_sign).unwrap();
1270                 assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
1271         }
1272
1273         #[test]
1274         fn builds_offer_with_amount() {
1275                 let bitcoin_amount = Amount::Bitcoin { amount_msats: 1000 };
1276                 let currency_amount = Amount::Currency { iso4217_code: *b"USD", amount: 10 };
1277
1278                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1279                         .amount_msats(1000)
1280                         .build()
1281                         .unwrap();
1282                 let tlv_stream = offer.as_tlv_stream();
1283                 assert_eq!(offer.amount(), Some(&bitcoin_amount));
1284                 assert_eq!(tlv_stream.amount, Some(1000));
1285                 assert_eq!(tlv_stream.currency, None);
1286
1287                 #[cfg(not(c_bindings))]
1288                 let builder = OfferBuilder::new("foo".into(), pubkey(42))
1289                         .amount(currency_amount.clone());
1290                 #[cfg(c_bindings)]
1291                 let mut builder = OfferBuilder::new("foo".into(), pubkey(42));
1292                 #[cfg(c_bindings)]
1293                 builder.amount(currency_amount.clone());
1294                 let tlv_stream = builder.offer.as_tlv_stream();
1295                 assert_eq!(builder.offer.amount, Some(currency_amount.clone()));
1296                 assert_eq!(tlv_stream.amount, Some(10));
1297                 assert_eq!(tlv_stream.currency, Some(b"USD"));
1298                 match builder.build() {
1299                         Ok(_) => panic!("expected error"),
1300                         Err(e) => assert_eq!(e, Bolt12SemanticError::UnsupportedCurrency),
1301                 }
1302
1303                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1304                         .amount(currency_amount.clone())
1305                         .amount(bitcoin_amount.clone())
1306                         .build()
1307                         .unwrap();
1308                 let tlv_stream = offer.as_tlv_stream();
1309                 assert_eq!(tlv_stream.amount, Some(1000));
1310                 assert_eq!(tlv_stream.currency, None);
1311
1312                 let invalid_amount = Amount::Bitcoin { amount_msats: MAX_VALUE_MSAT + 1 };
1313                 match OfferBuilder::new("foo".into(), pubkey(42)).amount(invalid_amount).build() {
1314                         Ok(_) => panic!("expected error"),
1315                         Err(e) => assert_eq!(e, Bolt12SemanticError::InvalidAmount),
1316                 }
1317         }
1318
1319         #[test]
1320         fn builds_offer_with_features() {
1321                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1322                         .features_unchecked(OfferFeatures::unknown())
1323                         .build()
1324                         .unwrap();
1325                 assert_eq!(offer.offer_features(), &OfferFeatures::unknown());
1326                 assert_eq!(offer.as_tlv_stream().features, Some(&OfferFeatures::unknown()));
1327
1328                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1329                         .features_unchecked(OfferFeatures::unknown())
1330                         .features_unchecked(OfferFeatures::empty())
1331                         .build()
1332                         .unwrap();
1333                 assert_eq!(offer.offer_features(), &OfferFeatures::empty());
1334                 assert_eq!(offer.as_tlv_stream().features, None);
1335         }
1336
1337         #[test]
1338         fn builds_offer_with_absolute_expiry() {
1339                 let future_expiry = Duration::from_secs(u64::max_value());
1340                 let past_expiry = Duration::from_secs(0);
1341                 let now = future_expiry - Duration::from_secs(1_000);
1342
1343                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1344                         .absolute_expiry(future_expiry)
1345                         .build()
1346                         .unwrap();
1347                 #[cfg(feature = "std")]
1348                 assert!(!offer.is_expired());
1349                 assert!(!offer.is_expired_no_std(now));
1350                 assert_eq!(offer.absolute_expiry(), Some(future_expiry));
1351                 assert_eq!(offer.as_tlv_stream().absolute_expiry, Some(future_expiry.as_secs()));
1352
1353                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1354                         .absolute_expiry(future_expiry)
1355                         .absolute_expiry(past_expiry)
1356                         .build()
1357                         .unwrap();
1358                 #[cfg(feature = "std")]
1359                 assert!(offer.is_expired());
1360                 assert!(offer.is_expired_no_std(now));
1361                 assert_eq!(offer.absolute_expiry(), Some(past_expiry));
1362                 assert_eq!(offer.as_tlv_stream().absolute_expiry, Some(past_expiry.as_secs()));
1363         }
1364
1365         #[test]
1366         fn builds_offer_with_paths() {
1367                 let paths = vec![
1368                         BlindedPath {
1369                                 introduction_node_id: pubkey(40),
1370                                 blinding_point: pubkey(41),
1371                                 blinded_hops: vec![
1372                                         BlindedHop { blinded_node_id: pubkey(43), encrypted_payload: vec![0; 43] },
1373                                         BlindedHop { blinded_node_id: pubkey(44), encrypted_payload: vec![0; 44] },
1374                                 ],
1375                         },
1376                         BlindedPath {
1377                                 introduction_node_id: pubkey(40),
1378                                 blinding_point: pubkey(41),
1379                                 blinded_hops: vec![
1380                                         BlindedHop { blinded_node_id: pubkey(45), encrypted_payload: vec![0; 45] },
1381                                         BlindedHop { blinded_node_id: pubkey(46), encrypted_payload: vec![0; 46] },
1382                                 ],
1383                         },
1384                 ];
1385
1386                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1387                         .path(paths[0].clone())
1388                         .path(paths[1].clone())
1389                         .build()
1390                         .unwrap();
1391                 let tlv_stream = offer.as_tlv_stream();
1392                 assert_eq!(offer.paths(), paths.as_slice());
1393                 assert_eq!(offer.signing_pubkey(), pubkey(42));
1394                 assert_ne!(pubkey(42), pubkey(44));
1395                 assert_eq!(tlv_stream.paths, Some(&paths));
1396                 assert_eq!(tlv_stream.node_id, Some(&pubkey(42)));
1397         }
1398
1399         #[test]
1400         fn builds_offer_with_issuer() {
1401                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1402                         .issuer("bar".into())
1403                         .build()
1404                         .unwrap();
1405                 assert_eq!(offer.issuer(), Some(PrintableString("bar")));
1406                 assert_eq!(offer.as_tlv_stream().issuer, Some(&String::from("bar")));
1407
1408                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1409                         .issuer("bar".into())
1410                         .issuer("baz".into())
1411                         .build()
1412                         .unwrap();
1413                 assert_eq!(offer.issuer(), Some(PrintableString("baz")));
1414                 assert_eq!(offer.as_tlv_stream().issuer, Some(&String::from("baz")));
1415         }
1416
1417         #[test]
1418         fn builds_offer_with_supported_quantity() {
1419                 let one = NonZeroU64::new(1).unwrap();
1420                 let ten = NonZeroU64::new(10).unwrap();
1421
1422                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1423                         .supported_quantity(Quantity::One)
1424                         .build()
1425                         .unwrap();
1426                 let tlv_stream = offer.as_tlv_stream();
1427                 assert_eq!(offer.supported_quantity(), Quantity::One);
1428                 assert_eq!(tlv_stream.quantity_max, None);
1429
1430                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1431                         .supported_quantity(Quantity::Unbounded)
1432                         .build()
1433                         .unwrap();
1434                 let tlv_stream = offer.as_tlv_stream();
1435                 assert_eq!(offer.supported_quantity(), Quantity::Unbounded);
1436                 assert_eq!(tlv_stream.quantity_max, Some(0));
1437
1438                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1439                         .supported_quantity(Quantity::Bounded(ten))
1440                         .build()
1441                         .unwrap();
1442                 let tlv_stream = offer.as_tlv_stream();
1443                 assert_eq!(offer.supported_quantity(), Quantity::Bounded(ten));
1444                 assert_eq!(tlv_stream.quantity_max, Some(10));
1445
1446                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1447                         .supported_quantity(Quantity::Bounded(one))
1448                         .build()
1449                         .unwrap();
1450                 let tlv_stream = offer.as_tlv_stream();
1451                 assert_eq!(offer.supported_quantity(), Quantity::Bounded(one));
1452                 assert_eq!(tlv_stream.quantity_max, Some(1));
1453
1454                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1455                         .supported_quantity(Quantity::Bounded(ten))
1456                         .supported_quantity(Quantity::One)
1457                         .build()
1458                         .unwrap();
1459                 let tlv_stream = offer.as_tlv_stream();
1460                 assert_eq!(offer.supported_quantity(), Quantity::One);
1461                 assert_eq!(tlv_stream.quantity_max, None);
1462         }
1463
1464         #[test]
1465         fn fails_requesting_invoice_with_unknown_required_features() {
1466                 match OfferBuilder::new("foo".into(), pubkey(42))
1467                         .features_unchecked(OfferFeatures::unknown())
1468                         .build().unwrap()
1469                         .request_invoice(vec![1; 32], pubkey(43))
1470                 {
1471                         Ok(_) => panic!("expected error"),
1472                         Err(e) => assert_eq!(e, Bolt12SemanticError::UnknownRequiredFeatures),
1473                 }
1474         }
1475
1476         #[test]
1477         fn parses_offer_with_chains() {
1478                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1479                         .chain(Network::Bitcoin)
1480                         .chain(Network::Testnet)
1481                         .build()
1482                         .unwrap();
1483                 if let Err(e) = offer.to_string().parse::<Offer>() {
1484                         panic!("error parsing offer: {:?}", e);
1485                 }
1486         }
1487
1488         #[test]
1489         fn parses_offer_with_amount() {
1490                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1491                         .amount(Amount::Bitcoin { amount_msats: 1000 })
1492                         .build()
1493                         .unwrap();
1494                 if let Err(e) = offer.to_string().parse::<Offer>() {
1495                         panic!("error parsing offer: {:?}", e);
1496                 }
1497
1498                 let mut tlv_stream = offer.as_tlv_stream();
1499                 tlv_stream.amount = Some(1000);
1500                 tlv_stream.currency = Some(b"USD");
1501
1502                 let mut encoded_offer = Vec::new();
1503                 tlv_stream.write(&mut encoded_offer).unwrap();
1504
1505                 if let Err(e) = Offer::try_from(encoded_offer) {
1506                         panic!("error parsing offer: {:?}", e);
1507                 }
1508
1509                 let mut tlv_stream = offer.as_tlv_stream();
1510                 tlv_stream.amount = None;
1511                 tlv_stream.currency = Some(b"USD");
1512
1513                 let mut encoded_offer = Vec::new();
1514                 tlv_stream.write(&mut encoded_offer).unwrap();
1515
1516                 match Offer::try_from(encoded_offer) {
1517                         Ok(_) => panic!("expected error"),
1518                         Err(e) => assert_eq!(e, Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingAmount)),
1519                 }
1520
1521                 let mut tlv_stream = offer.as_tlv_stream();
1522                 tlv_stream.amount = Some(MAX_VALUE_MSAT + 1);
1523                 tlv_stream.currency = None;
1524
1525                 let mut encoded_offer = Vec::new();
1526                 tlv_stream.write(&mut encoded_offer).unwrap();
1527
1528                 match Offer::try_from(encoded_offer) {
1529                         Ok(_) => panic!("expected error"),
1530                         Err(e) => assert_eq!(e, Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::InvalidAmount)),
1531                 }
1532         }
1533
1534         #[test]
1535         fn parses_offer_with_description() {
1536                 let offer = OfferBuilder::new("foo".into(), pubkey(42)).build().unwrap();
1537                 if let Err(e) = offer.to_string().parse::<Offer>() {
1538                         panic!("error parsing offer: {:?}", e);
1539                 }
1540
1541                 let mut tlv_stream = offer.as_tlv_stream();
1542                 tlv_stream.description = None;
1543
1544                 let mut encoded_offer = Vec::new();
1545                 tlv_stream.write(&mut encoded_offer).unwrap();
1546
1547                 match Offer::try_from(encoded_offer) {
1548                         Ok(_) => panic!("expected error"),
1549                         Err(e) => {
1550                                 assert_eq!(e, Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingDescription));
1551                         },
1552                 }
1553         }
1554
1555         #[test]
1556         fn parses_offer_with_paths() {
1557                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1558                         .path(BlindedPath {
1559                                 introduction_node_id: pubkey(40),
1560                                 blinding_point: pubkey(41),
1561                                 blinded_hops: vec![
1562                                         BlindedHop { blinded_node_id: pubkey(43), encrypted_payload: vec![0; 43] },
1563                                         BlindedHop { blinded_node_id: pubkey(44), encrypted_payload: vec![0; 44] },
1564                                 ],
1565                         })
1566                         .path(BlindedPath {
1567                                 introduction_node_id: pubkey(40),
1568                                 blinding_point: pubkey(41),
1569                                 blinded_hops: vec![
1570                                         BlindedHop { blinded_node_id: pubkey(45), encrypted_payload: vec![0; 45] },
1571                                         BlindedHop { blinded_node_id: pubkey(46), encrypted_payload: vec![0; 46] },
1572                                 ],
1573                         })
1574                         .build()
1575                         .unwrap();
1576                 if let Err(e) = offer.to_string().parse::<Offer>() {
1577                         panic!("error parsing offer: {:?}", e);
1578                 }
1579
1580                 let mut builder = OfferBuilder::new("foo".into(), pubkey(42));
1581                 builder.offer.paths = Some(vec![]);
1582
1583                 let offer = builder.build().unwrap();
1584                 if let Err(e) = offer.to_string().parse::<Offer>() {
1585                         panic!("error parsing offer: {:?}", e);
1586                 }
1587         }
1588
1589         #[test]
1590         fn parses_offer_with_quantity() {
1591                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1592                         .supported_quantity(Quantity::One)
1593                         .build()
1594                         .unwrap();
1595                 if let Err(e) = offer.to_string().parse::<Offer>() {
1596                         panic!("error parsing offer: {:?}", e);
1597                 }
1598
1599                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1600                         .supported_quantity(Quantity::Unbounded)
1601                         .build()
1602                         .unwrap();
1603                 if let Err(e) = offer.to_string().parse::<Offer>() {
1604                         panic!("error parsing offer: {:?}", e);
1605                 }
1606
1607                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1608                         .supported_quantity(Quantity::Bounded(NonZeroU64::new(10).unwrap()))
1609                         .build()
1610                         .unwrap();
1611                 if let Err(e) = offer.to_string().parse::<Offer>() {
1612                         panic!("error parsing offer: {:?}", e);
1613                 }
1614
1615                 let offer = OfferBuilder::new("foo".into(), pubkey(42))
1616                         .supported_quantity(Quantity::Bounded(NonZeroU64::new(1).unwrap()))
1617                         .build()
1618                         .unwrap();
1619                 if let Err(e) = offer.to_string().parse::<Offer>() {
1620                         panic!("error parsing offer: {:?}", e);
1621                 }
1622         }
1623
1624         #[test]
1625         fn parses_offer_with_node_id() {
1626                 let offer = OfferBuilder::new("foo".into(), pubkey(42)).build().unwrap();
1627                 if let Err(e) = offer.to_string().parse::<Offer>() {
1628                         panic!("error parsing offer: {:?}", e);
1629                 }
1630
1631                 let mut tlv_stream = offer.as_tlv_stream();
1632                 tlv_stream.node_id = None;
1633
1634                 let mut encoded_offer = Vec::new();
1635                 tlv_stream.write(&mut encoded_offer).unwrap();
1636
1637                 match Offer::try_from(encoded_offer) {
1638                         Ok(_) => panic!("expected error"),
1639                         Err(e) => {
1640                                 assert_eq!(e, Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingSigningPubkey));
1641                         },
1642                 }
1643         }
1644
1645         #[test]
1646         fn fails_parsing_offer_with_extra_tlv_records() {
1647                 let offer = OfferBuilder::new("foo".into(), pubkey(42)).build().unwrap();
1648
1649                 let mut encoded_offer = Vec::new();
1650                 offer.write(&mut encoded_offer).unwrap();
1651                 BigSize(80).write(&mut encoded_offer).unwrap();
1652                 BigSize(32).write(&mut encoded_offer).unwrap();
1653                 [42u8; 32].write(&mut encoded_offer).unwrap();
1654
1655                 match Offer::try_from(encoded_offer) {
1656                         Ok(_) => panic!("expected error"),
1657                         Err(e) => assert_eq!(e, Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1658                 }
1659         }
1660 }
1661
1662 #[cfg(test)]
1663 mod bolt12_tests {
1664         use super::{Bolt12ParseError, Bolt12SemanticError, Offer};
1665         use crate::ln::msgs::DecodeError;
1666
1667         #[test]
1668         fn parses_bech32_encoded_offers() {
1669                 let offers = [
1670                         // Minimal bolt12 offer
1671                         "lno1pgx9getnwss8vetrw3hhyuckyypwa3eyt44h6txtxquqh7lz5djge4afgfjn7k4rgrkuag0jsd5xvxg",
1672
1673                         // for testnet
1674                         "lno1qgsyxjtl6luzd9t3pr62xr7eemp6awnejusgf6gw45q75vcfqqqqqqq2p32x2um5ypmx2cm5dae8x93pqthvwfzadd7jejes8q9lhc4rvjxd022zv5l44g6qah82ru5rdpnpj",
1675
1676                         // for bitcoin (redundant)
1677                         "lno1qgsxlc5vp2m0rvmjcxn2y34wv0m5lyc7sdj7zksgn35dvxgqqqqqqqq2p32x2um5ypmx2cm5dae8x93pqthvwfzadd7jejes8q9lhc4rvjxd022zv5l44g6qah82ru5rdpnpj",
1678
1679                         // for bitcoin or liquidv1
1680                         "lno1qfqpge38tqmzyrdjj3x2qkdr5y80dlfw56ztq6yd9sme995g3gsxqqm0u2xq4dh3kdevrf4zg6hx8a60jv0gxe0ptgyfc6xkryqqqqqqqq9qc4r9wd6zqan9vd6x7unnzcss9mk8y3wkklfvevcrszlmu23kfrxh49px20665dqwmn4p72pksese",
1681
1682                         // with metadata
1683                         "lno1qsgqqqqqqqqqqqqqqqqqqqqqqqqqqzsv23jhxapqwejkxar0wfe3vggzamrjghtt05kvkvpcp0a79gmy3nt6jsn98ad2xs8de6sl9qmgvcvs",
1684
1685                         // with amount
1686                         "lno1pqpzwyq2p32x2um5ypmx2cm5dae8x93pqthvwfzadd7jejes8q9lhc4rvjxd022zv5l44g6qah82ru5rdpnpj",
1687
1688                         // with currency
1689                         "lno1qcp4256ypqpzwyq2p32x2um5ypmx2cm5dae8x93pqthvwfzadd7jejes8q9lhc4rvjxd022zv5l44g6qah82ru5rdpnpj",
1690
1691                         // with expiry
1692                         "lno1pgx9getnwss8vetrw3hhyucwq3ay997czcss9mk8y3wkklfvevcrszlmu23kfrxh49px20665dqwmn4p72pksese",
1693
1694                         // with issuer
1695                         "lno1pgx9getnwss8vetrw3hhyucjy358garswvaz7tmzdak8gvfj9ehhyeeqgf85c4p3xgsxjmnyw4ehgunfv4e3vggzamrjghtt05kvkvpcp0a79gmy3nt6jsn98ad2xs8de6sl9qmgvcvs",
1696
1697                         // with quantity
1698                         "lno1pgx9getnwss8vetrw3hhyuc5qyz3vggzamrjghtt05kvkvpcp0a79gmy3nt6jsn98ad2xs8de6sl9qmgvcvs",
1699
1700                         // with unlimited (or unknown) quantity
1701                         "lno1pgx9getnwss8vetrw3hhyuc5qqtzzqhwcuj966ma9n9nqwqtl032xeyv6755yeflt235pmww58egx6rxry",
1702
1703                         // with single quantity (weird but valid)
1704                         "lno1pgx9getnwss8vetrw3hhyuc5qyq3vggzamrjghtt05kvkvpcp0a79gmy3nt6jsn98ad2xs8de6sl9qmgvcvs",
1705
1706                         // with feature
1707                         "lno1pgx9getnwss8vetrw3hhyucvp5yqqqqqqqqqqqqqqqqqqqqkyypwa3eyt44h6txtxquqh7lz5djge4afgfjn7k4rgrkuag0jsd5xvxg",
1708
1709                         // with blinded path via Bob (0x424242...), blinding 020202...
1710                         "lno1pgx9getnwss8vetrw3hhyucs5ypjgef743p5fzqq9nqxh0ah7y87rzv3ud0eleps9kl2d5348hq2k8qzqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgqpqqqqqqqqqqqqqqqqqqqqqqqqqqqzqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqqzq3zyg3zyg3zyg3vggzamrjghtt05kvkvpcp0a79gmy3nt6jsn98ad2xs8de6sl9qmgvcvs",
1711
1712                         // ... and with second blinded path via Carol (0x434343...), blinding 020202...
1713                         "lno1pgx9getnwss8vetrw3hhyucsl5q5yqeyv5l2cs6y3qqzesrth7mlzrlp3xg7xhulusczm04x6g6nms9trspqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqqsqqqqqqqqqqqqqqqqqqqqqqqqqqpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsqpqg3zyg3zyg3zygz0uc7h32x9s0aecdhxlk075kn046aafpuuyw8f5j652t3vha2yqrsyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsqzqqqqqqqqqqqqqqqqqqqqqqqqqqqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqqyzyg3zyg3zyg3zzcss9mk8y3wkklfvevcrszlmu23kfrxh49px20665dqwmn4p72pksese",
1714
1715                         // unknown odd field
1716                         "lno1pgx9getnwss8vetrw3hhyuckyypwa3eyt44h6txtxquqh7lz5djge4afgfjn7k4rgrkuag0jsd5xvxfppf5x2mrvdamk7unvvs",
1717                 ];
1718                 for encoded_offer in &offers {
1719                         if let Err(e) = encoded_offer.parse::<Offer>() {
1720                                 panic!("Invalid offer ({:?}): {}", e, encoded_offer);
1721                         }
1722                 }
1723         }
1724
1725         #[test]
1726         fn fails_parsing_bech32_encoded_offers() {
1727                 // Malformed: fields out of order
1728                 assert_eq!(
1729                         "lno1zcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszpgz5znzfgdzs".parse::<Offer>(),
1730                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1731                 );
1732
1733                 // Malformed: unknown even TLV type 78
1734                 assert_eq!(
1735                         "lno1pgz5znzfgdz3vggzqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpysgr0u2xq4dh3kdevrf4zg6hx8a60jv0gxe0ptgyfc6xkryqqqqqqqq".parse::<Offer>(),
1736                         Err(Bolt12ParseError::Decode(DecodeError::UnknownRequiredFeature)),
1737                 );
1738
1739                 // Malformed: empty
1740                 assert_eq!(
1741                         "lno1".parse::<Offer>(),
1742                         Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingDescription)),
1743                 );
1744
1745                 // Malformed: truncated at type
1746                 assert_eq!(
1747                         "lno1pg".parse::<Offer>(),
1748                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1749                 );
1750
1751                 // Malformed: truncated in length
1752                 assert_eq!(
1753                         "lno1pt7s".parse::<Offer>(),
1754                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1755                 );
1756
1757                 // Malformed: truncated after length
1758                 assert_eq!(
1759                         "lno1pgpq".parse::<Offer>(),
1760                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1761                 );
1762
1763                 // Malformed: truncated in description
1764                 assert_eq!(
1765                         "lno1pgpyz".parse::<Offer>(),
1766                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1767                 );
1768
1769                 // Malformed: invalid offer_chains length
1770                 assert_eq!(
1771                         "lno1qgqszzs9g9xyjs69zcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1772                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1773                 );
1774
1775                 // Malformed: truncated currency UTF-8
1776                 assert_eq!(
1777                         "lno1qcqcqzs9g9xyjs69zcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1778                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1779                 );
1780
1781                 // Malformed: invalid currency UTF-8
1782                 assert_eq!(
1783                         "lno1qcpgqsg2q4q5cj2rg5tzzqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqg".parse::<Offer>(),
1784                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1785                 );
1786
1787                 // Malformed: truncated description UTF-8
1788                 assert_eq!(
1789                         "lno1pgqcq93pqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqy".parse::<Offer>(),
1790                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1791                 );
1792
1793                 // Malformed: invalid description UTF-8
1794                 assert_eq!(
1795                         "lno1pgpgqsgkyypqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs".parse::<Offer>(),
1796                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1797                 );
1798
1799                 // Malformed: truncated offer_paths
1800                 assert_eq!(
1801                         "lno1pgz5znzfgdz3qqgpzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1802                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1803                 );
1804
1805                 // Malformed: zero num_hops in blinded_path
1806                 assert_eq!(
1807                         "lno1pgz5znzfgdz3qqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsqzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1808                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1809                 );
1810
1811                 // Malformed: truncated onionmsg_hop in blinded_path
1812                 assert_eq!(
1813                         "lno1pgz5znzfgdz3qqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqspqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqgkyypqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqs".parse::<Offer>(),
1814                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1815                 );
1816
1817                 // Malformed: bad first_node_id in blinded_path
1818                 assert_eq!(
1819                         "lno1pgz5znzfgdz3qqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqspqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqgqzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1820                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1821                 );
1822
1823                 // Malformed: bad blinding in blinded_path
1824                 assert_eq!(
1825                         "lno1pgz5znzfgdz3qqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcpqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqgqzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1826                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1827                 );
1828
1829                 // Malformed: bad blinded_node_id in onionmsg_hop
1830                 assert_eq!(
1831                         "lno1pgz5znzfgdz3qqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqspqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqgqzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1832                         Err(Bolt12ParseError::Decode(DecodeError::ShortRead)),
1833                 );
1834
1835                 // Malformed: truncated issuer UTF-8
1836                 assert_eq!(
1837                         "lno1pgz5znzfgdz3yqvqzcssyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqsz".parse::<Offer>(),
1838                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1839                 );
1840
1841                 // Malformed: invalid issuer UTF-8
1842                 assert_eq!(
1843                         "lno1pgz5znzfgdz3yq5qgytzzqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqg".parse::<Offer>(),
1844                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1845                 );
1846
1847                 // Malformed: invalid offer_node_id
1848                 assert_eq!(
1849                         "lno1pgz5znzfgdz3vggzqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvpsxqcrqvps".parse::<Offer>(),
1850                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1851                 );
1852
1853                 // Contains type >= 80
1854                 assert_eq!(
1855                         "lno1pgz5znzfgdz3vggzqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgpqyqszqgp9qgr0u2xq4dh3kdevrf4zg6hx8a60jv0gxe0ptgyfc6xkryqqqqqqqq".parse::<Offer>(),
1856                         Err(Bolt12ParseError::Decode(DecodeError::InvalidValue)),
1857                 );
1858
1859                 // TODO: Resolved in spec https://github.com/lightning/bolts/pull/798/files#r1334851959
1860                 // Contains unknown feature 22
1861                 assert!(
1862                         "lno1pgx9getnwss8vetrw3hhyucvqdqqqqqkyypwa3eyt44h6txtxquqh7lz5djge4afgfjn7k4rgrkuag0jsd5xvxg".parse::<Offer>().is_ok()
1863                 );
1864
1865                 // Missing offer_description
1866                 assert_eq!(
1867                         "lno1zcss9mk8y3wkklfvevcrszlmu23kfrxh49px20665dqwmn4p72pksese".parse::<Offer>(),
1868                         Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingDescription)),
1869                 );
1870
1871                 // Missing offer_node_id"
1872                 assert_eq!(
1873                         "lno1pgx9getnwss8vetrw3hhyuc".parse::<Offer>(),
1874                         Err(Bolt12ParseError::InvalidSemantics(Bolt12SemanticError::MissingSigningPubkey)),
1875                 );
1876         }
1877 }
Personal fork of Rust-Lightning. Upstream is https://github.com/rust-bitcoin/rust-lightning