2 #![deny(non_upper_case_globals)]
3 #![deny(non_camel_case_types)]
4 #![deny(non_snake_case)]
6 #![deny(broken_intra_doc_links)]
8 #![cfg_attr(feature = "strict", deny(warnings))]
9 #![cfg_attr(all(not(feature = "std"), not(test)), no_std)]
11 //! This crate provides data structures to represent
12 //! [lightning BOLT11](https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md)
13 //! invoices and functions to create, encode and decode these. If you just want to use the standard
14 //! en-/decoding functionality this should get you started:
16 //! * For parsing use `str::parse::<Invoice>(&self)` (see the docs of `impl FromStr for Invoice`)
17 //! * For constructing invoices use the `InvoiceBuilder`
18 //! * For serializing invoices use the `Display`/`ToString` traits
20 #[cfg(not(any(feature = "std", feature = "no-std")))]
21 compile_error!("at least one of the `std` or `no-std` features must be enabled");
27 extern crate bitcoin_hashes;
28 #[macro_use] extern crate lightning;
29 extern crate num_traits;
30 extern crate secp256k1;
32 #[cfg(any(test, feature = "std"))]
35 #[cfg(feature = "std")]
36 use std::time::SystemTime;
39 use bitcoin_hashes::Hash;
40 use bitcoin_hashes::sha256;
41 use lightning::ln::PaymentSecret;
42 use lightning::ln::features::InvoiceFeatures;
43 #[cfg(any(doc, test))]
44 use lightning::routing::network_graph::RoutingFees;
45 use lightning::routing::router::RouteHint;
47 use secp256k1::key::PublicKey;
48 use secp256k1::{Message, Secp256k1};
49 use secp256k1::recovery::RecoverableSignature;
51 use core::fmt::{Display, Formatter, self};
52 use core::iter::FilterMap;
54 use core::slice::Iter;
55 use core::time::Duration;
62 #[cfg(feature = "hashbrown")]
63 extern crate hashbrown;
65 pub use alloc::{vec, vec::Vec, string::String, collections::VecDeque, boxed::Box};
66 #[cfg(not(feature = "hashbrown"))]
67 pub use std::collections::{HashMap, HashSet, hash_map};
68 #[cfg(feature = "hashbrown")]
69 pub use self::hashbrown::{HashMap, HashSet, hash_map};
71 pub use alloc::string::ToString;
76 /// Sync compat for std/no_std
77 #[cfg(feature = "std")]
79 pub use ::std::sync::{Mutex, MutexGuard};
82 /// Sync compat for std/no_std
83 #[cfg(not(feature = "std"))]
86 pub use de::{ParseError, ParseOrSemanticError};
88 /// The number of bits used to represent timestamps as defined in BOLT 11.
89 const TIMESTAMP_BITS: usize = 35;
91 /// The maximum timestamp as [`Duration::as_secs`] since the Unix epoch allowed by [`BOLT 11`].
93 /// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md
94 pub const MAX_TIMESTAMP: u64 = (1 << TIMESTAMP_BITS) - 1;
96 /// Default expiry time as defined by [BOLT 11].
98 /// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md
99 pub const DEFAULT_EXPIRY_TIME: u64 = 3600;
101 /// Default minimum final CLTV expiry as defined by [BOLT 11].
103 /// Note that this is *not* the same value as rust-lightning's minimum CLTV expiry, which is
104 /// provided in [`MIN_FINAL_CLTV_EXPIRY`].
106 /// [BOLT 11]: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md
107 /// [`MIN_FINAL_CLTV_EXPIRY`]: lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY
108 pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18;
110 /// Builder for `Invoice`s. It's the most convenient and advised way to use this library. It ensures
111 /// that only a semantically and syntactically correct Invoice can be built using it.
114 /// extern crate secp256k1;
115 /// extern crate lightning;
116 /// extern crate lightning_invoice;
117 /// extern crate bitcoin_hashes;
119 /// use bitcoin_hashes::Hash;
120 /// use bitcoin_hashes::sha256;
122 /// use secp256k1::Secp256k1;
123 /// use secp256k1::key::SecretKey;
125 /// use lightning::ln::PaymentSecret;
127 /// use lightning_invoice::{Currency, InvoiceBuilder};
129 /// # #[cfg(not(feature = "std"))]
131 /// # #[cfg(feature = "std")]
133 /// let private_key = SecretKey::from_slice(
135 /// 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f,
136 /// 0xe2, 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04,
137 /// 0xa8, 0xca, 0x3b, 0x2d, 0xb7, 0x34
141 /// let payment_hash = sha256::Hash::from_slice(&[0; 32][..]).unwrap();
142 /// let payment_secret = PaymentSecret([42u8; 32]);
144 /// let invoice = InvoiceBuilder::new(Currency::Bitcoin)
145 /// .description("Coins pls!".into())
146 /// .payment_hash(payment_hash)
147 /// .payment_secret(payment_secret)
148 /// .current_timestamp()
149 /// .min_final_cltv_expiry(144)
150 /// .build_signed(|hash| {
151 /// Secp256k1::new().sign_recoverable(hash, &private_key)
155 /// assert!(invoice.to_string().starts_with("lnbc1"));
159 /// # Type parameters
160 /// The two parameters `D` and `H` signal if the builder already contains the correct amount of the
162 /// * `D`: exactly one `Description` or `DescriptionHash`
163 /// * `H`: exactly one `PaymentHash`
164 /// * `T`: the timestamp is set
166 /// (C-not exported) as we likely need to manually select one set of boolean type parameters.
167 #[derive(Eq, PartialEq, Debug, Clone)]
168 pub struct InvoiceBuilder<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> {
171 si_prefix: Option<SiPrefix>,
172 timestamp: Option<PositiveTimestamp>,
173 tagged_fields: Vec<TaggedField>,
174 error: Option<CreationError>,
176 phantom_d: core::marker::PhantomData<D>,
177 phantom_h: core::marker::PhantomData<H>,
178 phantom_t: core::marker::PhantomData<T>,
179 phantom_c: core::marker::PhantomData<C>,
180 phantom_s: core::marker::PhantomData<S>,
183 /// Represents a syntactically and semantically correct lightning BOLT11 invoice.
185 /// There are three ways to construct an `Invoice`:
186 /// 1. using `InvoiceBuilder`
187 /// 2. using `Invoice::from_signed(SignedRawInvoice)`
188 /// 3. using `str::parse::<Invoice>(&str)`
189 #[derive(Eq, PartialEq, Debug, Clone)]
191 signed_invoice: SignedRawInvoice,
194 /// Represents the description of an invoice which has to be either a directly included string or
195 /// a hash of a description provided out of band.
197 /// (C-not exported) As we don't have a good way to map the reference lifetimes making this
198 /// practically impossible to use safely in languages like C.
199 #[derive(Eq, PartialEq, Debug, Clone)]
200 pub enum InvoiceDescription<'f> {
201 /// Reference to the directly supplied description in the invoice
202 Direct(&'f Description),
204 /// Reference to the description's hash included in the invoice
208 /// Represents a signed `RawInvoice` with cached hash. The signature is not checked and may be
212 /// The hash has to be either from the deserialized invoice or from the serialized `raw_invoice`.
213 #[derive(Eq, PartialEq, Debug, Clone)]
214 pub struct SignedRawInvoice {
215 /// The rawInvoice that the signature belongs to
216 raw_invoice: RawInvoice,
218 /// Hash of the `RawInvoice` that will be used to check the signature.
220 /// * if the `SignedRawInvoice` was deserialized the hash is of from the original encoded form,
221 /// since it's not guaranteed that encoding it again will lead to the same result since integers
222 /// could have been encoded with leading zeroes etc.
223 /// * if the `SignedRawInvoice` was constructed manually the hash will be the calculated hash
224 /// from the `RawInvoice`
227 /// signature of the payment request
228 signature: InvoiceSignature,
231 /// Represents an syntactically correct Invoice for a payment on the lightning network,
232 /// but without the signature information.
233 /// De- and encoding should not lead to information loss but may lead to different hashes.
235 /// For methods without docs see the corresponding methods in `Invoice`.
236 #[derive(Eq, PartialEq, Debug, Clone)]
237 pub struct RawInvoice {
238 /// human readable part
242 pub data: RawDataPart,
245 /// Data of the `RawInvoice` that is encoded in the human readable part
247 /// (C-not exported) As we don't yet support Option<Enum>
248 #[derive(Eq, PartialEq, Debug, Clone)]
250 /// The currency deferred from the 3rd and 4th character of the bech32 transaction
251 pub currency: Currency,
253 /// The amount that, multiplied by the SI prefix, has to be payed
254 pub raw_amount: Option<u64>,
256 /// SI prefix that gets multiplied with the `raw_amount`
257 pub si_prefix: Option<SiPrefix>,
260 /// Data of the `RawInvoice` that is encoded in the data part
261 #[derive(Eq, PartialEq, Debug, Clone)]
262 pub struct RawDataPart {
263 /// generation time of the invoice
264 pub timestamp: PositiveTimestamp,
266 /// tagged fields of the payment request
267 pub tagged_fields: Vec<RawTaggedField>,
270 /// A timestamp that refers to a date after 1 January 1970.
274 /// The Unix timestamp representing the stored time has to be positive and no greater than
275 /// [`MAX_TIMESTAMP`].
276 #[derive(Eq, PartialEq, Debug, Clone)]
277 pub struct PositiveTimestamp(Duration);
279 /// SI prefixes for the human readable part
280 #[derive(Eq, PartialEq, Debug, Clone, Copy)]
293 /// Returns the multiplier to go from a BTC value to picoBTC implied by this SiPrefix.
294 /// This is effectively 10^12 * the prefix multiplier
295 pub fn multiplier(&self) -> u64 {
297 SiPrefix::Milli => 1_000_000_000,
298 SiPrefix::Micro => 1_000_000,
299 SiPrefix::Nano => 1_000,
304 /// Returns all enum variants of `SiPrefix` sorted in descending order of their associated
307 /// (C-not exported) As we don't yet support a slice of enums, and also because this function
308 /// isn't the most critical to expose.
309 pub fn values_desc() -> &'static [SiPrefix] {
311 static VALUES: [SiPrefix; 4] = [Milli, Micro, Nano, Pico];
316 /// Enum representing the crypto currencies (or networks) supported by this library
317 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
335 /// Tagged field which may have an unknown tag
337 /// (C-not exported) as we don't currently support TaggedField
338 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
339 pub enum RawTaggedField {
340 /// Parsed tagged field with known tag
341 KnownSemantics(TaggedField),
342 /// tagged field which was not parsed due to an unknown tag or undefined field semantics
343 UnknownSemantics(Vec<u5>),
346 /// Tagged field with known tag
348 /// For descriptions of the enum values please refer to the enclosed type's docs.
350 /// (C-not exported) As we don't yet support enum variants with the same name the struct contained
352 #[allow(missing_docs)]
353 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
354 pub enum TaggedField {
356 Description(Description),
357 PayeePubKey(PayeePubKey),
358 DescriptionHash(Sha256),
359 ExpiryTime(ExpiryTime),
360 MinFinalCltvExpiry(MinFinalCltvExpiry),
362 PrivateRoute(PrivateRoute),
363 PaymentSecret(PaymentSecret),
364 Features(InvoiceFeatures),
368 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
369 pub struct Sha256(/// (C-not exported) as the native hash types are not currently mapped
372 /// Description string
375 /// The description can be at most 639 __bytes__ long
376 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
377 pub struct Description(String);
380 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
381 pub struct PayeePubKey(pub PublicKey);
383 /// Positive duration that defines when (relatively to the timestamp) in the future the invoice
385 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
386 pub struct ExpiryTime(Duration);
388 /// `min_final_cltv_expiry` to use for the last HTLC in the route
389 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
390 pub struct MinFinalCltvExpiry(pub u64);
392 // TODO: better types instead onf byte arrays
393 /// Fallback address in case no LN payment is possible
394 #[allow(missing_docs)]
395 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
401 PubKeyHash([u8; 20]),
402 ScriptHash([u8; 20]),
405 /// Recoverable signature
406 #[derive(Clone, Debug, Eq, PartialEq)]
407 pub struct InvoiceSignature(pub RecoverableSignature);
409 /// Private routing information
412 /// The encoded route has to be <1024 5bit characters long (<=639 bytes or <=12 hops)
414 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
415 pub struct PrivateRoute(RouteHint);
417 /// Tag constants as specified in BOLT11
418 #[allow(missing_docs)]
420 pub const TAG_PAYMENT_HASH: u8 = 1;
421 pub const TAG_DESCRIPTION: u8 = 13;
422 pub const TAG_PAYEE_PUB_KEY: u8 = 19;
423 pub const TAG_DESCRIPTION_HASH: u8 = 23;
424 pub const TAG_EXPIRY_TIME: u8 = 6;
425 pub const TAG_MIN_FINAL_CLTV_EXPIRY: u8 = 24;
426 pub const TAG_FALLBACK: u8 = 9;
427 pub const TAG_PRIVATE_ROUTE: u8 = 3;
428 pub const TAG_PAYMENT_SECRET: u8 = 16;
429 pub const TAG_FEATURES: u8 = 5;
432 impl InvoiceBuilder<tb::False, tb::False, tb::False, tb::False, tb::False> {
433 /// Construct new, empty `InvoiceBuilder`. All necessary fields have to be filled first before
434 /// `InvoiceBuilder::build(self)` becomes available.
435 pub fn new(currrency: Currency) -> Self {
441 tagged_fields: Vec::new(),
444 phantom_d: core::marker::PhantomData,
445 phantom_h: core::marker::PhantomData,
446 phantom_t: core::marker::PhantomData,
447 phantom_c: core::marker::PhantomData,
448 phantom_s: core::marker::PhantomData,
453 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, T, C, S> {
454 /// Helper function to set the completeness flags.
455 fn set_flags<DN: tb::Bool, HN: tb::Bool, TN: tb::Bool, CN: tb::Bool, SN: tb::Bool>(self) -> InvoiceBuilder<DN, HN, TN, CN, SN> {
456 InvoiceBuilder::<DN, HN, TN, CN, SN> {
457 currency: self.currency,
459 si_prefix: self.si_prefix,
460 timestamp: self.timestamp,
461 tagged_fields: self.tagged_fields,
464 phantom_d: core::marker::PhantomData,
465 phantom_h: core::marker::PhantomData,
466 phantom_t: core::marker::PhantomData,
467 phantom_c: core::marker::PhantomData,
468 phantom_s: core::marker::PhantomData,
472 /// Sets the amount in millisatoshis. The optimal SI prefix is chosen automatically.
473 pub fn amount_milli_satoshis(mut self, amount_msat: u64) -> Self {
474 let amount = amount_msat * 10; // Invoices are denominated in "pico BTC"
475 let biggest_possible_si_prefix = SiPrefix::values_desc()
477 .find(|prefix| amount % prefix.multiplier() == 0)
478 .expect("Pico should always match");
479 self.amount = Some(amount / biggest_possible_si_prefix.multiplier());
480 self.si_prefix = Some(*biggest_possible_si_prefix);
484 /// Sets the payee's public key.
485 pub fn payee_pub_key(mut self, pub_key: PublicKey) -> Self {
486 self.tagged_fields.push(TaggedField::PayeePubKey(PayeePubKey(pub_key)));
490 /// Sets the expiry time
491 pub fn expiry_time(mut self, expiry_time: Duration) -> Self {
492 self.tagged_fields.push(TaggedField::ExpiryTime(ExpiryTime::from_duration(expiry_time)));
496 /// Adds a fallback address.
497 pub fn fallback(mut self, fallback: Fallback) -> Self {
498 self.tagged_fields.push(TaggedField::Fallback(fallback));
502 /// Adds a private route.
503 pub fn private_route(mut self, hint: RouteHint) -> Self {
504 match PrivateRoute::new(hint) {
505 Ok(r) => self.tagged_fields.push(TaggedField::PrivateRoute(r)),
506 Err(e) => self.error = Some(e),
512 impl<D: tb::Bool, H: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, tb::True, C, S> {
513 /// Builds a `RawInvoice` if no `CreationError` occurred while construction any of the fields.
514 pub fn build_raw(self) -> Result<RawInvoice, CreationError> {
516 // If an error occurred at any time before, return it now
517 if let Some(e) = self.error {
522 currency: self.currency,
523 raw_amount: self.amount,
524 si_prefix: self.si_prefix,
527 let timestamp = self.timestamp.expect("ensured to be Some(t) by type T");
529 let tagged_fields = self.tagged_fields.into_iter().map(|tf| {
530 RawTaggedField::KnownSemantics(tf)
531 }).collect::<Vec<_>>();
533 let data = RawDataPart {
534 timestamp: timestamp,
535 tagged_fields: tagged_fields,
545 impl<H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<tb::False, H, T, C, S> {
546 /// Set the description. This function is only available if no description (hash) was set.
547 pub fn description(mut self, description: String) -> InvoiceBuilder<tb::True, H, T, C, S> {
548 match Description::new(description) {
549 Ok(d) => self.tagged_fields.push(TaggedField::Description(d)),
550 Err(e) => self.error = Some(e),
555 /// Set the description hash. This function is only available if no description (hash) was set.
556 pub fn description_hash(mut self, description_hash: sha256::Hash) -> InvoiceBuilder<tb::True, H, T, C, S> {
557 self.tagged_fields.push(TaggedField::DescriptionHash(Sha256(description_hash)));
562 impl<D: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, tb::False, T, C, S> {
563 /// Set the payment hash. This function is only available if no payment hash was set.
564 pub fn payment_hash(mut self, hash: sha256::Hash) -> InvoiceBuilder<D, tb::True, T, C, S> {
565 self.tagged_fields.push(TaggedField::PaymentHash(Sha256(hash)));
570 impl<D: tb::Bool, H: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, tb::False, C, S> {
571 /// Sets the timestamp to a specific [`SystemTime`].
572 #[cfg(feature = "std")]
573 pub fn timestamp(mut self, time: SystemTime) -> InvoiceBuilder<D, H, tb::True, C, S> {
574 match PositiveTimestamp::from_system_time(time) {
575 Ok(t) => self.timestamp = Some(t),
576 Err(e) => self.error = Some(e),
582 /// Sets the timestamp to a duration since the Unix epoch.
583 pub fn duration_since_epoch(mut self, time: Duration) -> InvoiceBuilder<D, H, tb::True, C, S> {
584 match PositiveTimestamp::from_duration_since_epoch(time) {
585 Ok(t) => self.timestamp = Some(t),
586 Err(e) => self.error = Some(e),
592 /// Sets the timestamp to the current system time.
593 #[cfg(feature = "std")]
594 pub fn current_timestamp(mut self) -> InvoiceBuilder<D, H, tb::True, C, S> {
595 let now = PositiveTimestamp::from_system_time(SystemTime::now());
596 self.timestamp = Some(now.expect("for the foreseeable future this shouldn't happen"));
601 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, T, tb::False, S> {
602 /// Sets `min_final_cltv_expiry`.
603 pub fn min_final_cltv_expiry(mut self, min_final_cltv_expiry: u64) -> InvoiceBuilder<D, H, T, tb::True, S> {
604 self.tagged_fields.push(TaggedField::MinFinalCltvExpiry(MinFinalCltvExpiry(min_final_cltv_expiry)));
609 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool> InvoiceBuilder<D, H, T, C, tb::False> {
610 /// Sets the payment secret and relevant features.
611 pub fn payment_secret(mut self, payment_secret: PaymentSecret) -> InvoiceBuilder<D, H, T, C, tb::True> {
612 let features = InvoiceFeatures::empty()
613 .set_variable_length_onion_required()
614 .set_payment_secret_required();
615 self.tagged_fields.push(TaggedField::PaymentSecret(payment_secret));
616 self.tagged_fields.push(TaggedField::Features(features));
621 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool> InvoiceBuilder<D, H, T, C, tb::True> {
622 /// Sets the `basic_mpp` feature as optional.
623 pub fn basic_mpp(mut self) -> Self {
624 self.tagged_fields = self.tagged_fields
626 .map(|field| match field {
627 TaggedField::Features(f) => TaggedField::Features(f.set_basic_mpp_optional()),
635 impl InvoiceBuilder<tb::True, tb::True, tb::True, tb::True, tb::True> {
636 /// Builds and signs an invoice using the supplied `sign_function`. This function MAY NOT fail
637 /// and MUST produce a recoverable signature valid for the given hash and if applicable also for
638 /// the included payee public key.
639 pub fn build_signed<F>(self, sign_function: F) -> Result<Invoice, CreationError>
640 where F: FnOnce(&Message) -> RecoverableSignature
642 let invoice = self.try_build_signed::<_, ()>(|hash| {
643 Ok(sign_function(hash))
648 Err(SignOrCreationError::CreationError(e)) => Err(e),
649 Err(SignOrCreationError::SignError(())) => unreachable!(),
653 /// Builds and signs an invoice using the supplied `sign_function`. This function MAY fail with
654 /// an error of type `E` and MUST produce a recoverable signature valid for the given hash and
655 /// if applicable also for the included payee public key.
656 pub fn try_build_signed<F, E>(self, sign_function: F) -> Result<Invoice, SignOrCreationError<E>>
657 where F: FnOnce(&Message) -> Result<RecoverableSignature, E>
659 let raw = match self.build_raw() {
661 Err(e) => return Err(SignOrCreationError::CreationError(e)),
664 let signed = match raw.sign(sign_function) {
666 Err(e) => return Err(SignOrCreationError::SignError(e)),
669 let invoice = Invoice {
670 signed_invoice: signed,
673 invoice.check_field_counts().expect("should be ensured by type signature of builder");
674 invoice.check_feature_bits().expect("should be ensured by type signature of builder");
675 invoice.check_amount().expect("should be ensured by type signature of builder");
682 impl SignedRawInvoice {
683 /// Disassembles the `SignedRawInvoice` into its three parts:
685 /// 2. hash of the raw invoice
687 pub fn into_parts(self) -> (RawInvoice, [u8; 32], InvoiceSignature) {
688 (self.raw_invoice, self.hash, self.signature)
691 /// The `RawInvoice` which was signed.
692 pub fn raw_invoice(&self) -> &RawInvoice {
696 /// The hash of the `RawInvoice` that was signed.
697 pub fn hash(&self) -> &[u8; 32] {
701 /// InvoiceSignature for the invoice.
702 pub fn signature(&self) -> &InvoiceSignature {
706 /// Recovers the public key used for signing the invoice from the recoverable signature.
707 pub fn recover_payee_pub_key(&self) -> Result<PayeePubKey, secp256k1::Error> {
708 let hash = Message::from_slice(&self.hash[..])
709 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
711 Ok(PayeePubKey(Secp256k1::new().recover(
717 /// Checks if the signature is valid for the included payee public key or if none exists if it's
718 /// valid for the recovered signature (which should always be true?).
719 pub fn check_signature(&self) -> bool {
720 let included_pub_key = self.raw_invoice.payee_pub_key();
722 let mut recovered_pub_key = Option::None;
723 if recovered_pub_key.is_none() {
724 let recovered = match self.recover_payee_pub_key() {
726 Err(_) => return false,
728 recovered_pub_key = Some(recovered);
731 let pub_key = included_pub_key.or_else(|| recovered_pub_key.as_ref())
732 .expect("One is always present");
734 let hash = Message::from_slice(&self.hash[..])
735 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
737 let secp_context = Secp256k1::new();
738 let verification_result = secp_context.verify(
740 &self.signature.to_standard(),
744 match verification_result {
751 /// Finds the first element of an enum stream of a given variant and extracts one member of the
752 /// variant. If no element was found `None` gets returned.
754 /// The following example would extract the first B.
763 /// let elements = vec![A(1), A(2), B(3), A(4)]
765 /// assert_eq!(find_extract!(elements.iter(), Enum::B(ref x), x), Some(3u16))
767 macro_rules! find_extract {
768 ($iter:expr, $enm:pat, $enm_var:ident) => {
769 find_all_extract!($iter, $enm, $enm_var).next()
773 /// Finds the all elements of an enum stream of a given variant and extracts one member of the
774 /// variant through an iterator.
776 /// The following example would extract all A.
785 /// let elements = vec![A(1), A(2), B(3), A(4)]
788 /// find_all_extract!(elements.iter(), Enum::A(ref x), x).collect::<Vec<u8>>(),
789 /// vec![1u8, 2u8, 4u8])
791 macro_rules! find_all_extract {
792 ($iter:expr, $enm:pat, $enm_var:ident) => {
793 $iter.filter_map(|tf| match *tf {
794 $enm => Some($enm_var),
800 #[allow(missing_docs)]
802 /// Construct the invoice's HRP and signatureless data into a preimage to be hashed.
803 pub(crate) fn construct_invoice_preimage(hrp_bytes: &[u8], data_without_signature: &[u5]) -> Vec<u8> {
804 use bech32::FromBase32;
806 let mut preimage = Vec::<u8>::from(hrp_bytes);
808 let mut data_part = Vec::from(data_without_signature);
809 let overhang = (data_part.len() * 5) % 8;
811 // add padding if data does not end at a byte boundary
812 data_part.push(u5::try_from_u8(0).unwrap());
814 // if overhang is in (1..3) we need to add u5(0) padding two times
816 data_part.push(u5::try_from_u8(0).unwrap());
820 preimage.extend_from_slice(&Vec::<u8>::from_base32(&data_part)
821 .expect("No padding error may occur due to appended zero above."));
825 /// Hash the HRP as bytes and signatureless data part.
826 fn hash_from_parts(hrp_bytes: &[u8], data_without_signature: &[u5]) -> [u8; 32] {
827 let preimage = RawInvoice::construct_invoice_preimage(hrp_bytes, data_without_signature);
828 let mut hash: [u8; 32] = Default::default();
829 hash.copy_from_slice(&sha256::Hash::hash(&preimage)[..]);
833 /// Calculate the hash of the encoded `RawInvoice`
834 pub fn hash(&self) -> [u8; 32] {
835 use bech32::ToBase32;
837 RawInvoice::hash_from_parts(
838 self.hrp.to_string().as_bytes(),
839 &self.data.to_base32()
843 /// Signs the invoice using the supplied `sign_function`. This function MAY fail with an error
844 /// of type `E`. Since the signature of a `SignedRawInvoice` is not required to be valid there
845 /// are no constraints regarding the validity of the produced signature.
847 /// (C-not exported) As we don't currently support passing function pointers into methods
849 pub fn sign<F, E>(self, sign_method: F) -> Result<SignedRawInvoice, E>
850 where F: FnOnce(&Message) -> Result<RecoverableSignature, E>
852 let raw_hash = self.hash();
853 let hash = Message::from_slice(&raw_hash[..])
854 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
855 let signature = sign_method(&hash)?;
857 Ok(SignedRawInvoice {
860 signature: InvoiceSignature(signature),
864 /// Returns an iterator over all tagged fields with known semantics.
866 /// (C-not exported) As there is not yet a manual mapping for a FilterMap
867 pub fn known_tagged_fields(&self)
868 -> FilterMap<Iter<RawTaggedField>, fn(&RawTaggedField) -> Option<&TaggedField>>
870 // For 1.14.0 compatibility: closures' types can't be written an fn()->() in the
871 // function's type signature.
872 // TODO: refactor once impl Trait is available
873 fn match_raw(raw: &RawTaggedField) -> Option<&TaggedField> {
875 RawTaggedField::KnownSemantics(ref tf) => Some(tf),
880 self.data.tagged_fields.iter().filter_map(match_raw )
883 pub fn payment_hash(&self) -> Option<&Sha256> {
884 find_extract!(self.known_tagged_fields(), TaggedField::PaymentHash(ref x), x)
887 pub fn description(&self) -> Option<&Description> {
888 find_extract!(self.known_tagged_fields(), TaggedField::Description(ref x), x)
891 pub fn payee_pub_key(&self) -> Option<&PayeePubKey> {
892 find_extract!(self.known_tagged_fields(), TaggedField::PayeePubKey(ref x), x)
895 pub fn description_hash(&self) -> Option<&Sha256> {
896 find_extract!(self.known_tagged_fields(), TaggedField::DescriptionHash(ref x), x)
899 pub fn expiry_time(&self) -> Option<&ExpiryTime> {
900 find_extract!(self.known_tagged_fields(), TaggedField::ExpiryTime(ref x), x)
903 pub fn min_final_cltv_expiry(&self) -> Option<&MinFinalCltvExpiry> {
904 find_extract!(self.known_tagged_fields(), TaggedField::MinFinalCltvExpiry(ref x), x)
907 pub fn payment_secret(&self) -> Option<&PaymentSecret> {
908 find_extract!(self.known_tagged_fields(), TaggedField::PaymentSecret(ref x), x)
911 pub fn features(&self) -> Option<&InvoiceFeatures> {
912 find_extract!(self.known_tagged_fields(), TaggedField::Features(ref x), x)
915 /// (C-not exported) as we don't support Vec<&NonOpaqueType>
916 pub fn fallbacks(&self) -> Vec<&Fallback> {
917 find_all_extract!(self.known_tagged_fields(), TaggedField::Fallback(ref x), x).collect()
920 pub fn private_routes(&self) -> Vec<&PrivateRoute> {
921 find_all_extract!(self.known_tagged_fields(), TaggedField::PrivateRoute(ref x), x).collect()
924 pub fn amount_pico_btc(&self) -> Option<u64> {
925 self.hrp.raw_amount.map(|v| {
926 v * self.hrp.si_prefix.as_ref().map_or(1_000_000_000_000, |si| { si.multiplier() })
930 pub fn currency(&self) -> Currency {
931 self.hrp.currency.clone()
935 impl PositiveTimestamp {
936 /// Creates a `PositiveTimestamp` from a Unix timestamp in the range `0..=MAX_TIMESTAMP`.
938 /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
939 pub fn from_unix_timestamp(unix_seconds: u64) -> Result<Self, CreationError> {
940 Self::from_duration_since_epoch(Duration::from_secs(unix_seconds))
943 /// Creates a `PositiveTimestamp` from a [`SystemTime`] with a corresponding Unix timestamp in
944 /// the range `0..=MAX_TIMESTAMP`.
946 /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
947 #[cfg(feature = "std")]
948 pub fn from_system_time(time: SystemTime) -> Result<Self, CreationError> {
949 time.duration_since(SystemTime::UNIX_EPOCH)
950 .map(Self::from_duration_since_epoch)
951 .unwrap_or(Err(CreationError::TimestampOutOfBounds))
954 /// Creates a `PositiveTimestamp` from a [`Duration`] since the Unix epoch in the range
955 /// `0..=MAX_TIMESTAMP`.
957 /// Otherwise, returns a [`CreationError::TimestampOutOfBounds`].
958 pub fn from_duration_since_epoch(duration: Duration) -> Result<Self, CreationError> {
959 if duration.as_secs() <= MAX_TIMESTAMP {
960 Ok(PositiveTimestamp(duration))
962 Err(CreationError::TimestampOutOfBounds)
966 /// Returns the Unix timestamp representing the stored time
967 pub fn as_unix_timestamp(&self) -> u64 {
971 /// Returns the duration of the stored time since the Unix epoch
972 pub fn as_duration_since_epoch(&self) -> Duration {
976 /// Returns the [`SystemTime`] representing the stored time
977 #[cfg(feature = "std")]
978 pub fn as_time(&self) -> SystemTime {
979 SystemTime::UNIX_EPOCH + self.0
983 #[cfg(feature = "std")]
984 impl Into<SystemTime> for PositiveTimestamp {
985 fn into(self) -> SystemTime {
986 SystemTime::UNIX_EPOCH + self.0
991 /// Transform the `Invoice` into it's unchecked version
992 pub fn into_signed_raw(self) -> SignedRawInvoice {
996 /// Check that all mandatory fields are present
997 fn check_field_counts(&self) -> Result<(), SemanticError> {
998 // "A writer MUST include exactly one p field […]."
999 let payment_hash_cnt = self.tagged_fields().filter(|&tf| match *tf {
1000 TaggedField::PaymentHash(_) => true,
1003 if payment_hash_cnt < 1 {
1004 return Err(SemanticError::NoPaymentHash);
1005 } else if payment_hash_cnt > 1 {
1006 return Err(SemanticError::MultiplePaymentHashes);
1009 // "A writer MUST include either exactly one d or exactly one h field."
1010 let description_cnt = self.tagged_fields().filter(|&tf| match *tf {
1011 TaggedField::Description(_) | TaggedField::DescriptionHash(_) => true,
1014 if description_cnt < 1 {
1015 return Err(SemanticError::NoDescription);
1016 } else if description_cnt > 1 {
1017 return Err(SemanticError::MultipleDescriptions);
1020 self.check_payment_secret()?;
1025 /// Checks that there is exactly one payment secret field
1026 fn check_payment_secret(&self) -> Result<(), SemanticError> {
1027 // "A writer MUST include exactly one `s` field."
1028 let payment_secret_count = self.tagged_fields().filter(|&tf| match *tf {
1029 TaggedField::PaymentSecret(_) => true,
1032 if payment_secret_count < 1 {
1033 return Err(SemanticError::NoPaymentSecret);
1034 } else if payment_secret_count > 1 {
1035 return Err(SemanticError::MultiplePaymentSecrets);
1041 /// Check that amount is a whole number of millisatoshis
1042 fn check_amount(&self) -> Result<(), SemanticError> {
1043 if let Some(amount_pico_btc) = self.amount_pico_btc() {
1044 if amount_pico_btc % 10 != 0 {
1045 return Err(SemanticError::ImpreciseAmount);
1051 /// Check that feature bits are set as required
1052 fn check_feature_bits(&self) -> Result<(), SemanticError> {
1053 self.check_payment_secret()?;
1055 // "A writer MUST set an s field if and only if the payment_secret feature is set."
1056 // (this requirement has been since removed, and we now require the payment secret
1057 // feature bit always).
1058 let features = self.tagged_fields().find(|&tf| match *tf {
1059 TaggedField::Features(_) => true,
1063 None => Err(SemanticError::InvalidFeatures),
1064 Some(TaggedField::Features(features)) => {
1065 if features.requires_unknown_bits() {
1066 Err(SemanticError::InvalidFeatures)
1067 } else if !features.supports_payment_secret() {
1068 Err(SemanticError::InvalidFeatures)
1073 Some(_) => unreachable!(),
1077 /// Check that the invoice is signed correctly and that key recovery works
1078 pub fn check_signature(&self) -> Result<(), SemanticError> {
1079 match self.signed_invoice.recover_payee_pub_key() {
1080 Err(secp256k1::Error::InvalidRecoveryId) =>
1081 return Err(SemanticError::InvalidRecoveryId),
1082 Err(secp256k1::Error::InvalidSignature) =>
1083 return Err(SemanticError::InvalidSignature),
1084 Err(e) => panic!("no other error may occur, got {:?}", e),
1088 if !self.signed_invoice.check_signature() {
1089 return Err(SemanticError::InvalidSignature);
1095 /// Constructs an `Invoice` from a `SignedRawInvoice` by checking all its invariants.
1097 /// use lightning_invoice::*;
1099 /// let invoice = "lnbc100p1psj9jhxdqud3jxktt5w46x7unfv9kz6mn0v3jsnp4q0d3p2sfluzdx45tqcs\
1100 /// h2pu5qc7lgq0xs578ngs6s0s68ua4h7cvspp5q6rmq35js88zp5dvwrv9m459tnk2zunwj5jalqtyxqulh0l\
1101 /// 5gflssp5nf55ny5gcrfl30xuhzj3nphgj27rstekmr9fw3ny5989s300gyus9qyysgqcqpcrzjqw2sxwe993\
1102 /// h5pcm4dxzpvttgza8zhkqxpgffcrf5v25nwpr3cmfg7z54kuqq8rgqqqqqqqq2qqqqq9qq9qrzjqd0ylaqcl\
1103 /// j9424x9m8h2vcukcgnm6s56xfgu3j78zyqzhgs4hlpzvznlugqq9vsqqqqqqqlgqqqqqeqq9qrzjqwldmj9d\
1104 /// ha74df76zhx6l9we0vjdquygcdt3kssupehe64g6yyp5yz5rhuqqwccqqyqqqqlgqqqqjcqq9qrzjqf9e58a\
1105 /// guqr0rcun0ajlvmzq3ek63cw2w282gv3z5uupmuwvgjtq2z55qsqqg6qqqyqqqrtnqqqzq3cqygrzjqvphms\
1106 /// ywntrrhqjcraumvc4y6r8v4z5v593trte429v4hredj7ms5z52usqq9ngqqqqqqqlgqqqqqqgq9qrzjq2v0v\
1107 /// p62g49p7569ev48cmulecsxe59lvaw3wlxm7r982zxa9zzj7z5l0cqqxusqqyqqqqlgqqqqqzsqygarl9fh3\
1108 /// 8s0gyuxjjgux34w75dnc6xp2l35j7es3jd4ugt3lu0xzre26yg5m7ke54n2d5sym4xcmxtl8238xxvw5h5h5\
1109 /// j5r6drg6k6zcqj0fcwg";
1111 /// let signed = invoice.parse::<SignedRawInvoice>().unwrap();
1113 /// assert!(Invoice::from_signed(signed).is_ok());
1115 pub fn from_signed(signed_invoice: SignedRawInvoice) -> Result<Self, SemanticError> {
1116 let invoice = Invoice {
1117 signed_invoice: signed_invoice,
1119 invoice.check_field_counts()?;
1120 invoice.check_feature_bits()?;
1121 invoice.check_signature()?;
1122 invoice.check_amount()?;
1127 /// Returns the `Invoice`'s timestamp (should equal its creation time)
1128 #[cfg(feature = "std")]
1129 pub fn timestamp(&self) -> SystemTime {
1130 self.signed_invoice.raw_invoice().data.timestamp.as_time()
1133 /// Returns the `Invoice`'s timestamp as a duration since the Unix epoch
1134 pub fn duration_since_epoch(&self) -> Duration {
1135 self.signed_invoice.raw_invoice().data.timestamp.0
1138 /// Returns an iterator over all tagged fields of this Invoice.
1140 /// (C-not exported) As there is not yet a manual mapping for a FilterMap
1141 pub fn tagged_fields(&self)
1142 -> FilterMap<Iter<RawTaggedField>, fn(&RawTaggedField) -> Option<&TaggedField>> {
1143 self.signed_invoice.raw_invoice().known_tagged_fields()
1146 /// Returns the hash to which we will receive the preimage on completion of the payment
1147 pub fn payment_hash(&self) -> &sha256::Hash {
1148 &self.signed_invoice.payment_hash().expect("checked by constructor").0
1151 /// Return the description or a hash of it for longer ones
1153 /// (C-not exported) because we don't yet export InvoiceDescription
1154 pub fn description(&self) -> InvoiceDescription {
1155 if let Some(ref direct) = self.signed_invoice.description() {
1156 return InvoiceDescription::Direct(direct);
1157 } else if let Some(ref hash) = self.signed_invoice.description_hash() {
1158 return InvoiceDescription::Hash(hash);
1160 unreachable!("ensured by constructor");
1163 /// Get the payee's public key if one was included in the invoice
1164 pub fn payee_pub_key(&self) -> Option<&PublicKey> {
1165 self.signed_invoice.payee_pub_key().map(|x| &x.0)
1168 /// Get the payment secret if one was included in the invoice
1169 pub fn payment_secret(&self) -> &PaymentSecret {
1170 self.signed_invoice.payment_secret().expect("was checked by constructor")
1173 /// Get the invoice features if they were included in the invoice
1174 pub fn features(&self) -> Option<&InvoiceFeatures> {
1175 self.signed_invoice.features()
1178 /// Recover the payee's public key (only to be used if none was included in the invoice)
1179 pub fn recover_payee_pub_key(&self) -> PublicKey {
1180 self.signed_invoice.recover_payee_pub_key().expect("was checked by constructor").0
1183 /// Returns the invoice's expiry time, if present, otherwise [`DEFAULT_EXPIRY_TIME`].
1184 pub fn expiry_time(&self) -> Duration {
1185 self.signed_invoice.expiry_time()
1187 .unwrap_or(Duration::from_secs(DEFAULT_EXPIRY_TIME))
1190 /// Returns whether the invoice has expired.
1191 #[cfg(feature = "std")]
1192 pub fn is_expired(&self) -> bool {
1193 Self::is_expired_from_epoch(&self.timestamp(), self.expiry_time())
1196 /// Returns whether the expiry time from the given epoch has passed.
1197 #[cfg(feature = "std")]
1198 pub(crate) fn is_expired_from_epoch(epoch: &SystemTime, expiry_time: Duration) -> bool {
1199 match epoch.elapsed() {
1200 Ok(elapsed) => elapsed > expiry_time,
1205 /// Returns whether the expiry time would pass at the given point in time.
1206 /// `at_time` is the timestamp as a duration since the Unix epoch.
1207 pub fn would_expire(&self, at_time: Duration) -> bool {
1208 self.duration_since_epoch()
1209 .checked_add(self.expiry_time())
1210 .unwrap_or_else(|| Duration::new(u64::max_value(), 1_000_000_000 - 1)) < at_time
1213 /// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise
1214 /// [`DEFAULT_MIN_FINAL_CLTV_EXPIRY`].
1215 pub fn min_final_cltv_expiry(&self) -> u64 {
1216 self.signed_invoice.min_final_cltv_expiry()
1218 .unwrap_or(DEFAULT_MIN_FINAL_CLTV_EXPIRY)
1221 /// Returns a list of all fallback addresses
1223 /// (C-not exported) as we don't support Vec<&NonOpaqueType>
1224 pub fn fallbacks(&self) -> Vec<&Fallback> {
1225 self.signed_invoice.fallbacks()
1228 /// Returns a list of all routes included in the invoice
1229 pub fn private_routes(&self) -> Vec<&PrivateRoute> {
1230 self.signed_invoice.private_routes()
1233 /// Returns a list of all routes included in the invoice as the underlying hints
1234 pub fn route_hints(&self) -> Vec<RouteHint> {
1236 self.signed_invoice.known_tagged_fields(), TaggedField::PrivateRoute(ref x), x
1237 ).map(|route| (**route).clone()).collect()
1240 /// Returns the currency for which the invoice was issued
1241 pub fn currency(&self) -> Currency {
1242 self.signed_invoice.currency()
1245 /// Returns the amount if specified in the invoice as millisatoshis.
1246 pub fn amount_milli_satoshis(&self) -> Option<u64> {
1247 self.signed_invoice.amount_pico_btc().map(|v| v / 10)
1250 /// Returns the amount if specified in the invoice as pico <currency>.
1251 fn amount_pico_btc(&self) -> Option<u64> {
1252 self.signed_invoice.amount_pico_btc()
1256 impl From<TaggedField> for RawTaggedField {
1257 fn from(tf: TaggedField) -> Self {
1258 RawTaggedField::KnownSemantics(tf)
1263 /// Numeric representation of the field's tag
1264 pub fn tag(&self) -> u5 {
1265 let tag = match *self {
1266 TaggedField::PaymentHash(_) => constants::TAG_PAYMENT_HASH,
1267 TaggedField::Description(_) => constants::TAG_DESCRIPTION,
1268 TaggedField::PayeePubKey(_) => constants::TAG_PAYEE_PUB_KEY,
1269 TaggedField::DescriptionHash(_) => constants::TAG_DESCRIPTION_HASH,
1270 TaggedField::ExpiryTime(_) => constants::TAG_EXPIRY_TIME,
1271 TaggedField::MinFinalCltvExpiry(_) => constants::TAG_MIN_FINAL_CLTV_EXPIRY,
1272 TaggedField::Fallback(_) => constants::TAG_FALLBACK,
1273 TaggedField::PrivateRoute(_) => constants::TAG_PRIVATE_ROUTE,
1274 TaggedField::PaymentSecret(_) => constants::TAG_PAYMENT_SECRET,
1275 TaggedField::Features(_) => constants::TAG_FEATURES,
1278 u5::try_from_u8(tag).expect("all tags defined are <32")
1284 /// Creates a new `Description` if `description` is at most 1023 __bytes__ long,
1285 /// returns `CreationError::DescriptionTooLong` otherwise
1287 /// Please note that single characters may use more than one byte due to UTF8 encoding.
1288 pub fn new(description: String) -> Result<Description, CreationError> {
1289 if description.len() > 639 {
1290 Err(CreationError::DescriptionTooLong)
1292 Ok(Description(description))
1296 /// Returns the underlying description `String`
1297 pub fn into_inner(self) -> String {
1302 impl Into<String> for Description {
1303 fn into(self) -> String {
1308 impl Deref for Description {
1311 fn deref(&self) -> &str {
1316 impl From<PublicKey> for PayeePubKey {
1317 fn from(pk: PublicKey) -> Self {
1322 impl Deref for PayeePubKey {
1323 type Target = PublicKey;
1325 fn deref(&self) -> &PublicKey {
1331 /// Construct an `ExpiryTime` from seconds.
1332 pub fn from_seconds(seconds: u64) -> ExpiryTime {
1333 ExpiryTime(Duration::from_secs(seconds))
1336 /// Construct an `ExpiryTime` from a `Duration`.
1337 pub fn from_duration(duration: Duration) -> ExpiryTime {
1338 ExpiryTime(duration)
1341 /// Returns the expiry time in seconds
1342 pub fn as_seconds(&self) -> u64 {
1346 /// Returns a reference to the underlying `Duration` (=expiry time)
1347 pub fn as_duration(&self) -> &Duration {
1353 /// Creates a new (partial) route from a list of hops
1354 pub fn new(hops: RouteHint) -> Result<PrivateRoute, CreationError> {
1355 if hops.0.len() <= 12 {
1356 Ok(PrivateRoute(hops))
1358 Err(CreationError::RouteTooLong)
1362 /// Returns the underlying list of hops
1363 pub fn into_inner(self) -> RouteHint {
1368 impl Into<RouteHint> for PrivateRoute {
1369 fn into(self) -> RouteHint {
1374 impl Deref for PrivateRoute {
1375 type Target = RouteHint;
1377 fn deref(&self) -> &RouteHint {
1382 impl Deref for InvoiceSignature {
1383 type Target = RecoverableSignature;
1385 fn deref(&self) -> &RecoverableSignature {
1390 impl Deref for SignedRawInvoice {
1391 type Target = RawInvoice;
1393 fn deref(&self) -> &RawInvoice {
1398 /// Errors that may occur when constructing a new `RawInvoice` or `Invoice`
1399 #[derive(Eq, PartialEq, Debug, Clone)]
1400 pub enum CreationError {
1401 /// The supplied description string was longer than 639 __bytes__ (see [`Description::new(…)`](./struct.Description.html#method.new))
1404 /// The specified route has too many hops and can't be encoded
1407 /// The Unix timestamp of the supplied date is less than zero or greater than 35-bits
1408 TimestampOutOfBounds,
1410 /// The supplied millisatoshi amount was greater than the total bitcoin supply.
1414 impl Display for CreationError {
1415 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1417 CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"),
1418 CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"),
1419 CreationError::TimestampOutOfBounds => f.write_str("The Unix timestamp of the supplied date is less than zero or greater than 35-bits"),
1420 CreationError::InvalidAmount => f.write_str("The supplied millisatoshi amount was greater than the total bitcoin supply"),
1425 #[cfg(feature = "std")]
1426 impl std::error::Error for CreationError { }
1428 /// Errors that may occur when converting a `RawInvoice` to an `Invoice`. They relate to the
1429 /// requirements sections in BOLT #11
1430 #[derive(Eq, PartialEq, Debug, Clone)]
1431 pub enum SemanticError {
1432 /// The invoice is missing the mandatory payment hash
1435 /// The invoice has multiple payment hashes which isn't allowed
1436 MultiplePaymentHashes,
1438 /// No description or description hash are part of the invoice
1441 /// The invoice contains multiple descriptions and/or description hashes which isn't allowed
1442 MultipleDescriptions,
1444 /// The invoice is missing the mandatory payment secret, which all modern lightning nodes
1448 /// The invoice contains multiple payment secrets
1449 MultiplePaymentSecrets,
1451 /// The invoice's features are invalid
1454 /// The recovery id doesn't fit the signature/pub key
1457 /// The invoice's signature is invalid
1460 /// The invoice's amount was not a whole number of millisatoshis
1464 impl Display for SemanticError {
1465 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1467 SemanticError::NoPaymentHash => f.write_str("The invoice is missing the mandatory payment hash"),
1468 SemanticError::MultiplePaymentHashes => f.write_str("The invoice has multiple payment hashes which isn't allowed"),
1469 SemanticError::NoDescription => f.write_str("No description or description hash are part of the invoice"),
1470 SemanticError::MultipleDescriptions => f.write_str("The invoice contains multiple descriptions and/or description hashes which isn't allowed"),
1471 SemanticError::NoPaymentSecret => f.write_str("The invoice is missing the mandatory payment secret"),
1472 SemanticError::MultiplePaymentSecrets => f.write_str("The invoice contains multiple payment secrets"),
1473 SemanticError::InvalidFeatures => f.write_str("The invoice's features are invalid"),
1474 SemanticError::InvalidRecoveryId => f.write_str("The recovery id doesn't fit the signature/pub key"),
1475 SemanticError::InvalidSignature => f.write_str("The invoice's signature is invalid"),
1476 SemanticError::ImpreciseAmount => f.write_str("The invoice's amount was not a whole number of millisatoshis"),
1481 #[cfg(feature = "std")]
1482 impl std::error::Error for SemanticError { }
1484 /// When signing using a fallible method either an user-supplied `SignError` or a `CreationError`
1486 #[derive(Eq, PartialEq, Debug, Clone)]
1487 pub enum SignOrCreationError<S = ()> {
1488 /// An error occurred during signing
1491 /// An error occurred while building the transaction
1492 CreationError(CreationError),
1495 impl<S> Display for SignOrCreationError<S> {
1496 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1498 SignOrCreationError::SignError(_) => f.write_str("An error occurred during signing"),
1499 SignOrCreationError::CreationError(err) => err.fmt(f),
1506 use bitcoin_hashes::hex::FromHex;
1507 use bitcoin_hashes::sha256;
1510 fn test_system_time_bounds_assumptions() {
1512 ::PositiveTimestamp::from_unix_timestamp(::MAX_TIMESTAMP + 1),
1513 Err(::CreationError::TimestampOutOfBounds)
1518 fn test_calc_invoice_hash() {
1519 use ::{RawInvoice, RawHrp, RawDataPart, Currency, PositiveTimestamp};
1520 use ::TaggedField::*;
1522 let invoice = RawInvoice {
1524 currency: Currency::Bitcoin,
1529 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1530 tagged_fields: vec![
1531 PaymentHash(::Sha256(sha256::Hash::from_hex(
1532 "0001020304050607080900010203040506070809000102030405060708090102"
1533 ).unwrap())).into(),
1534 Description(::Description::new(
1535 "Please consider supporting this project".to_owned()
1541 let expected_hash = [
1542 0xc3, 0xd4, 0xe8, 0x3f, 0x64, 0x6f, 0xa7, 0x9a, 0x39, 0x3d, 0x75, 0x27, 0x7b, 0x1d,
1543 0x85, 0x8d, 0xb1, 0xd1, 0xf7, 0xab, 0x71, 0x37, 0xdc, 0xb7, 0x83, 0x5d, 0xb2, 0xec,
1544 0xd5, 0x18, 0xe1, 0xc9
1547 assert_eq!(invoice.hash(), expected_hash)
1551 fn test_check_signature() {
1553 use secp256k1::Secp256k1;
1554 use secp256k1::recovery::{RecoveryId, RecoverableSignature};
1555 use secp256k1::key::{SecretKey, PublicKey};
1556 use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256,
1559 let invoice = SignedRawInvoice {
1560 raw_invoice: RawInvoice {
1562 currency: Currency::Bitcoin,
1567 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1568 tagged_fields: vec ! [
1569 PaymentHash(Sha256(sha256::Hash::from_hex(
1570 "0001020304050607080900010203040506070809000102030405060708090102"
1571 ).unwrap())).into(),
1574 "Please consider supporting this project".to_owned()
1581 0xc3, 0xd4, 0xe8, 0x3f, 0x64, 0x6f, 0xa7, 0x9a, 0x39, 0x3d, 0x75, 0x27,
1582 0x7b, 0x1d, 0x85, 0x8d, 0xb1, 0xd1, 0xf7, 0xab, 0x71, 0x37, 0xdc, 0xb7,
1583 0x83, 0x5d, 0xb2, 0xec, 0xd5, 0x18, 0xe1, 0xc9
1585 signature: InvoiceSignature(RecoverableSignature::from_compact(
1587 0x38u8, 0xec, 0x68, 0x91, 0x34, 0x5e, 0x20, 0x41, 0x45, 0xbe, 0x8a,
1588 0x3a, 0x99, 0xde, 0x38, 0xe9, 0x8a, 0x39, 0xd6, 0xa5, 0x69, 0x43,
1589 0x4e, 0x18, 0x45, 0xc8, 0xaf, 0x72, 0x05, 0xaf, 0xcf, 0xcc, 0x7f,
1590 0x42, 0x5f, 0xcd, 0x14, 0x63, 0xe9, 0x3c, 0x32, 0x88, 0x1e, 0xad,
1591 0x0d, 0x6e, 0x35, 0x6d, 0x46, 0x7e, 0xc8, 0xc0, 0x25, 0x53, 0xf9,
1592 0xaa, 0xb1, 0x5e, 0x57, 0x38, 0xb1, 0x1f, 0x12, 0x7f
1594 RecoveryId::from_i32(0).unwrap()
1598 assert!(invoice.check_signature());
1600 let private_key = SecretKey::from_slice(
1602 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f, 0xe2,
1603 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04, 0xa8, 0xca,
1604 0x3b, 0x2d, 0xb7, 0x34
1607 let public_key = PublicKey::from_secret_key(&Secp256k1::new(), &private_key);
1609 assert_eq!(invoice.recover_payee_pub_key(), Ok(::PayeePubKey(public_key)));
1611 let (raw_invoice, _, _) = invoice.into_parts();
1612 let new_signed = raw_invoice.sign::<_, ()>(|hash| {
1613 Ok(Secp256k1::new().sign_recoverable(hash, &private_key))
1616 assert!(new_signed.check_signature());
1620 fn test_check_feature_bits() {
1622 use lightning::ln::features::InvoiceFeatures;
1623 use secp256k1::Secp256k1;
1624 use secp256k1::key::SecretKey;
1625 use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice,
1628 let private_key = SecretKey::from_slice(&[42; 32]).unwrap();
1629 let payment_secret = lightning::ln::PaymentSecret([21; 32]);
1630 let invoice_template = RawInvoice {
1632 currency: Currency::Bitcoin,
1637 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1638 tagged_fields: vec ! [
1639 PaymentHash(Sha256(sha256::Hash::from_hex(
1640 "0001020304050607080900010203040506070809000102030405060708090102"
1641 ).unwrap())).into(),
1644 "Please consider supporting this project".to_owned()
1653 let mut invoice = invoice_template.clone();
1654 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1655 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1657 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
1659 // Missing feature bits
1661 let mut invoice = invoice_template.clone();
1662 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1663 invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
1664 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1666 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
1668 // Including payment secret and feature bits
1670 let mut invoice = invoice_template.clone();
1671 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1672 invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
1673 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1675 assert!(Invoice::from_signed(invoice).is_ok());
1677 // No payment secret or features
1679 let invoice = invoice_template.clone();
1680 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1682 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
1684 // No payment secret or feature bits
1686 let mut invoice = invoice_template.clone();
1687 invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
1688 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1690 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
1692 // Missing payment secret
1694 let mut invoice = invoice_template.clone();
1695 invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
1696 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1698 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::NoPaymentSecret));
1700 // Multiple payment secrets
1702 let mut invoice = invoice_template.clone();
1703 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1704 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1705 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1707 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets));
1711 fn test_builder_amount() {
1714 let builder = InvoiceBuilder::new(Currency::Bitcoin)
1715 .description("Test".into())
1716 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1717 .duration_since_epoch(Duration::from_secs(1234567));
1719 let invoice = builder.clone()
1720 .amount_milli_satoshis(1500)
1724 assert_eq!(invoice.hrp.si_prefix, Some(SiPrefix::Nano));
1725 assert_eq!(invoice.hrp.raw_amount, Some(15));
1728 let invoice = builder.clone()
1729 .amount_milli_satoshis(150)
1733 assert_eq!(invoice.hrp.si_prefix, Some(SiPrefix::Pico));
1734 assert_eq!(invoice.hrp.raw_amount, Some(1500));
1738 fn test_builder_fail() {
1740 use lightning::routing::router::RouteHintHop;
1741 use std::iter::FromIterator;
1742 use secp256k1::key::PublicKey;
1744 let builder = InvoiceBuilder::new(Currency::Bitcoin)
1745 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1746 .duration_since_epoch(Duration::from_secs(1234567))
1747 .min_final_cltv_expiry(144);
1749 let too_long_string = String::from_iter(
1750 (0..1024).map(|_| '?')
1753 let long_desc_res = builder.clone()
1754 .description(too_long_string)
1756 assert_eq!(long_desc_res, Err(CreationError::DescriptionTooLong));
1758 let route_hop = RouteHintHop {
1759 src_node_id: PublicKey::from_slice(
1761 0x03, 0x9e, 0x03, 0xa9, 0x01, 0xb8, 0x55, 0x34, 0xff, 0x1e, 0x92, 0xc4,
1762 0x3c, 0x74, 0x43, 0x1f, 0x7c, 0xe7, 0x20, 0x46, 0x06, 0x0f, 0xcf, 0x7a,
1763 0x95, 0xc3, 0x7e, 0x14, 0x8f, 0x78, 0xc7, 0x72, 0x55
1766 short_channel_id: 0,
1769 proportional_millionths: 0,
1771 cltv_expiry_delta: 0,
1772 htlc_minimum_msat: None,
1773 htlc_maximum_msat: None,
1775 let too_long_route = RouteHint(vec![route_hop; 13]);
1776 let long_route_res = builder.clone()
1777 .description("Test".into())
1778 .private_route(too_long_route)
1780 assert_eq!(long_route_res, Err(CreationError::RouteTooLong));
1782 let sign_error_res = builder.clone()
1783 .description("Test".into())
1784 .payment_secret(PaymentSecret([0; 32]))
1785 .try_build_signed(|_| {
1786 Err("ImaginaryError")
1788 assert_eq!(sign_error_res, Err(SignOrCreationError::SignError("ImaginaryError")));
1792 fn test_builder_ok() {
1794 use lightning::routing::router::RouteHintHop;
1795 use secp256k1::Secp256k1;
1796 use secp256k1::key::{SecretKey, PublicKey};
1797 use std::time::{UNIX_EPOCH, Duration};
1799 let secp_ctx = Secp256k1::new();
1801 let private_key = SecretKey::from_slice(
1803 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f, 0xe2,
1804 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04, 0xa8, 0xca,
1805 0x3b, 0x2d, 0xb7, 0x34
1808 let public_key = PublicKey::from_secret_key(&secp_ctx, &private_key);
1810 let route_1 = RouteHint(vec![
1812 src_node_id: public_key.clone(),
1813 short_channel_id: de::parse_int_be(&[123; 8], 256).expect("short chan ID slice too big?"),
1816 proportional_millionths: 1,
1818 cltv_expiry_delta: 145,
1819 htlc_minimum_msat: None,
1820 htlc_maximum_msat: None,
1823 src_node_id: public_key.clone(),
1824 short_channel_id: de::parse_int_be(&[42; 8], 256).expect("short chan ID slice too big?"),
1827 proportional_millionths: 2,
1829 cltv_expiry_delta: 146,
1830 htlc_minimum_msat: None,
1831 htlc_maximum_msat: None,
1835 let route_2 = RouteHint(vec![
1837 src_node_id: public_key.clone(),
1838 short_channel_id: 0,
1841 proportional_millionths: 3,
1843 cltv_expiry_delta: 147,
1844 htlc_minimum_msat: None,
1845 htlc_maximum_msat: None,
1848 src_node_id: public_key.clone(),
1849 short_channel_id: de::parse_int_be(&[1; 8], 256).expect("short chan ID slice too big?"),
1852 proportional_millionths: 4,
1854 cltv_expiry_delta: 148,
1855 htlc_minimum_msat: None,
1856 htlc_maximum_msat: None,
1860 let builder = InvoiceBuilder::new(Currency::BitcoinTestnet)
1861 .amount_milli_satoshis(123)
1862 .duration_since_epoch(Duration::from_secs(1234567))
1863 .payee_pub_key(public_key.clone())
1864 .expiry_time(Duration::from_secs(54321))
1865 .min_final_cltv_expiry(144)
1866 .fallback(Fallback::PubKeyHash([0;20]))
1867 .private_route(route_1.clone())
1868 .private_route(route_2.clone())
1869 .description_hash(sha256::Hash::from_slice(&[3;32][..]).unwrap())
1870 .payment_hash(sha256::Hash::from_slice(&[21;32][..]).unwrap())
1871 .payment_secret(PaymentSecret([42; 32]))
1874 let invoice = builder.clone().build_signed(|hash| {
1875 secp_ctx.sign_recoverable(hash, &private_key)
1878 assert!(invoice.check_signature().is_ok());
1879 assert_eq!(invoice.tagged_fields().count(), 10);
1881 assert_eq!(invoice.amount_milli_satoshis(), Some(123));
1882 assert_eq!(invoice.amount_pico_btc(), Some(1230));
1883 assert_eq!(invoice.currency(), Currency::BitcoinTestnet);
1884 #[cfg(feature = "std")]
1886 invoice.timestamp().duration_since(UNIX_EPOCH).unwrap().as_secs(),
1889 assert_eq!(invoice.payee_pub_key(), Some(&public_key));
1890 assert_eq!(invoice.expiry_time(), Duration::from_secs(54321));
1891 assert_eq!(invoice.min_final_cltv_expiry(), 144);
1892 assert_eq!(invoice.fallbacks(), vec![&Fallback::PubKeyHash([0;20])]);
1893 assert_eq!(invoice.private_routes(), vec![&PrivateRoute(route_1), &PrivateRoute(route_2)]);
1895 invoice.description(),
1896 InvoiceDescription::Hash(&Sha256(sha256::Hash::from_slice(&[3;32][..]).unwrap()))
1898 assert_eq!(invoice.payment_hash(), &sha256::Hash::from_slice(&[21;32][..]).unwrap());
1899 assert_eq!(invoice.payment_secret(), &PaymentSecret([42; 32]));
1900 assert_eq!(invoice.features(), Some(&InvoiceFeatures::known()));
1902 let raw_invoice = builder.build_raw().unwrap();
1903 assert_eq!(raw_invoice, *invoice.into_signed_raw().raw_invoice())
1907 fn test_default_values() {
1909 use secp256k1::Secp256k1;
1910 use secp256k1::key::SecretKey;
1912 let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin)
1913 .description("Test".into())
1914 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1915 .payment_secret(PaymentSecret([0; 32]))
1916 .duration_since_epoch(Duration::from_secs(1234567))
1919 .sign::<_, ()>(|hash| {
1920 let privkey = SecretKey::from_slice(&[41; 32]).unwrap();
1921 let secp_ctx = Secp256k1::new();
1922 Ok(secp_ctx.sign_recoverable(hash, &privkey))
1925 let invoice = Invoice::from_signed(signed_invoice).unwrap();
1927 assert_eq!(invoice.min_final_cltv_expiry(), DEFAULT_MIN_FINAL_CLTV_EXPIRY);
1928 assert_eq!(invoice.expiry_time(), Duration::from_secs(DEFAULT_EXPIRY_TIME));
1929 assert!(!invoice.would_expire(Duration::from_secs(1234568)));
1933 fn test_expiration() {
1935 use secp256k1::Secp256k1;
1936 use secp256k1::key::SecretKey;
1938 let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin)
1939 .description("Test".into())
1940 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1941 .payment_secret(PaymentSecret([0; 32]))
1942 .duration_since_epoch(Duration::from_secs(1234567))
1945 .sign::<_, ()>(|hash| {
1946 let privkey = SecretKey::from_slice(&[41; 32]).unwrap();
1947 let secp_ctx = Secp256k1::new();
1948 Ok(secp_ctx.sign_recoverable(hash, &privkey))
1951 let invoice = Invoice::from_signed(signed_invoice).unwrap();
1953 assert!(invoice.would_expire(Duration::from_secs(1234567 + DEFAULT_EXPIRY_TIME + 1)));