//! published as a QR code to be scanned by a customer. The customer uses the offer to request an
//! invoice from the merchant to be paid.
//!
-//! ```ignore
+//! ```
//! extern crate bitcoin;
//! extern crate core;
//! extern crate lightning;
//! use lightning::offers::parse::ParseError;
//! use lightning::util::ser::{Readable, Writeable};
//!
-//! # use lightning::onion_message::BlindedPath;
+//! # use lightning::blinded_path::BlindedPath;
//! # #[cfg(feature = "std")]
//! # use std::time::SystemTime;
//! #
use bitcoin::blockdata::constants::ChainHash;
use bitcoin::network::constants::Network;
-use bitcoin::secp256k1::PublicKey;
+use bitcoin::secp256k1::{KeyPair, PublicKey, Secp256k1, self};
use core::convert::TryFrom;
use core::num::NonZeroU64;
+use core::ops::Deref;
use core::str::FromStr;
use core::time::Duration;
+use crate::sign::EntropySource;
use crate::io;
+use crate::blinded_path::BlindedPath;
use crate::ln::features::OfferFeatures;
+use crate::ln::inbound_payment::{ExpandedKey, IV_LEN, Nonce};
use crate::ln::msgs::MAX_VALUE_MSAT;
+use crate::offers::invoice_request::{DerivedPayerId, ExplicitPayerId, InvoiceRequestBuilder};
+use crate::offers::merkle::TlvStream;
use crate::offers::parse::{Bech32Encode, ParseError, ParsedMessage, SemanticError};
-use crate::onion_message::BlindedPath;
+use crate::offers::signer::{Metadata, MetadataMaterial, self};
use crate::util::ser::{HighZeroBytesDroppedBigSize, WithoutLength, Writeable, Writer};
use crate::util::string::PrintableString;
#[cfg(feature = "std")]
use std::time::SystemTime;
+pub(super) const IV_BYTES: &[u8; IV_LEN] = b"LDK Offer ~~~~~~";
+
/// Builds an [`Offer`] for the "offer to be paid" flow.
///
/// See [module-level documentation] for usage.
///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+///
/// [module-level documentation]: self
-pub struct OfferBuilder {
+pub struct OfferBuilder<'a, M: MetadataStrategy, T: secp256k1::Signing> {
offer: OfferContents,
+ metadata_strategy: core::marker::PhantomData<M>,
+ secp_ctx: Option<&'a Secp256k1<T>>,
}
-impl OfferBuilder {
+/// Indicates how [`Offer::metadata`] may be set.
+///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+pub trait MetadataStrategy {}
+
+/// [`Offer::metadata`] may be explicitly set or left empty.
+///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+pub struct ExplicitMetadata {}
+
+/// [`Offer::metadata`] will be derived.
+///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+pub struct DerivedMetadata {}
+
+impl MetadataStrategy for ExplicitMetadata {}
+impl MetadataStrategy for DerivedMetadata {}
+
+impl<'a> OfferBuilder<'a, ExplicitMetadata, secp256k1::SignOnly> {
/// Creates a new builder for an offer setting the [`Offer::description`] and using the
/// [`Offer::signing_pubkey`] for signing invoices. The associated secret key must be remembered
/// while the offer is valid.
///
/// Use a different pubkey per offer to avoid correlating offers.
pub fn new(description: String, signing_pubkey: PublicKey) -> Self {
- let offer = OfferContents {
- chains: None, metadata: None, amount: None, description,
- features: OfferFeatures::empty(), absolute_expiry: None, issuer: None, paths: None,
- supported_quantity: Quantity::one(), signing_pubkey: Some(signing_pubkey),
- };
- OfferBuilder { offer }
+ OfferBuilder {
+ offer: OfferContents {
+ chains: None, metadata: None, amount: None, description,
+ features: OfferFeatures::empty(), absolute_expiry: None, issuer: None, paths: None,
+ supported_quantity: Quantity::One, signing_pubkey,
+ },
+ metadata_strategy: core::marker::PhantomData,
+ secp_ctx: None,
+ }
+ }
+
+ /// Sets the [`Offer::metadata`] to the given bytes.
+ ///
+ /// Successive calls to this method will override the previous setting.
+ pub fn metadata(mut self, metadata: Vec<u8>) -> Result<Self, SemanticError> {
+ self.offer.metadata = Some(Metadata::Bytes(metadata));
+ Ok(self)
}
+}
+impl<'a, T: secp256k1::Signing> OfferBuilder<'a, DerivedMetadata, T> {
+ /// Similar to [`OfferBuilder::new`] except, if [`OfferBuilder::path`] is called, the signing
+ /// pubkey is derived from the given [`ExpandedKey`] and [`EntropySource`]. This provides
+ /// recipient privacy by using a different signing pubkey for each offer. Otherwise, the
+ /// provided `node_id` is used for the signing pubkey.
+ ///
+ /// Also, sets the metadata when [`OfferBuilder::build`] is called such that it can be used by
+ /// [`InvoiceRequest::verify`] to determine if the request was produced for the offer given an
+ /// [`ExpandedKey`].
+ ///
+ /// [`InvoiceRequest::verify`]: crate::offers::invoice_request::InvoiceRequest::verify
+ /// [`ExpandedKey`]: crate::ln::inbound_payment::ExpandedKey
+ pub fn deriving_signing_pubkey<ES: Deref>(
+ description: String, node_id: PublicKey, expanded_key: &ExpandedKey, entropy_source: ES,
+ secp_ctx: &'a Secp256k1<T>
+ ) -> Self where ES::Target: EntropySource {
+ let nonce = Nonce::from_entropy_source(entropy_source);
+ let derivation_material = MetadataMaterial::new(nonce, expanded_key, IV_BYTES);
+ let metadata = Metadata::DerivedSigningPubkey(derivation_material);
+ OfferBuilder {
+ offer: OfferContents {
+ chains: None, metadata: Some(metadata), amount: None, description,
+ features: OfferFeatures::empty(), absolute_expiry: None, issuer: None, paths: None,
+ supported_quantity: Quantity::One, signing_pubkey: node_id,
+ },
+ metadata_strategy: core::marker::PhantomData,
+ secp_ctx: Some(secp_ctx),
+ }
+ }
+}
+
+impl<'a, M: MetadataStrategy, T: secp256k1::Signing> OfferBuilder<'a, M, T> {
/// Adds the chain hash of the given [`Network`] to [`Offer::chains`]. If not called,
/// the chain hash of [`Network::Bitcoin`] is assumed to be the only one supported.
///
self
}
- /// Sets the [`Offer::metadata`].
- ///
- /// Successive calls to this method will override the previous setting.
- pub fn metadata(mut self, metadata: Vec<u8>) -> Self {
- self.offer.metadata = Some(metadata);
- self
- }
-
/// Sets the [`Offer::amount`] as an [`Amount::Bitcoin`].
///
/// Successive calls to this method will override the previous setting.
- pub fn amount_msats(mut self, amount_msats: u64) -> Self {
+ pub fn amount_msats(self, amount_msats: u64) -> Self {
self.amount(Amount::Bitcoin { amount_msats })
}
/// Sets the [`Offer::amount`].
///
/// Successive calls to this method will override the previous setting.
- fn amount(mut self, amount: Amount) -> Self {
+ pub(super) fn amount(mut self, amount: Amount) -> Self {
self.offer.amount = Some(amount);
self
}
- /// Sets the [`Offer::features`].
- ///
- /// Successive calls to this method will override the previous setting.
- #[cfg(test)]
- pub fn features(mut self, features: OfferFeatures) -> Self {
- self.offer.features = features;
- self
- }
-
/// Sets the [`Offer::absolute_expiry`] as seconds since the Unix epoch. Any expiry that has
/// already passed is valid and can be checked for using [`Offer::is_expired`].
///
}
/// Sets the quantity of items for [`Offer::supported_quantity`]. If not called, defaults to
- /// [`Quantity::one`].
+ /// [`Quantity::One`].
///
/// Successive calls to this method will override the previous setting.
pub fn supported_quantity(mut self, quantity: Quantity) -> Self {
}
}
+ Ok(self.build_without_checks())
+ }
+
+ fn build_without_checks(mut self) -> Offer {
+ // Create the metadata for stateless verification of an InvoiceRequest.
+ if let Some(mut metadata) = self.offer.metadata.take() {
+ if metadata.has_derivation_material() {
+ if self.offer.paths.is_none() {
+ metadata = metadata.without_keys();
+ }
+
+ let mut tlv_stream = self.offer.as_tlv_stream();
+ debug_assert_eq!(tlv_stream.metadata, None);
+ tlv_stream.metadata = None;
+ if metadata.derives_keys() {
+ tlv_stream.node_id = None;
+ }
+
+ let (derived_metadata, keys) = metadata.derive_from(tlv_stream, self.secp_ctx);
+ metadata = derived_metadata;
+ if let Some(keys) = keys {
+ self.offer.signing_pubkey = keys.public_key();
+ }
+ }
+
+ self.offer.metadata = Some(metadata);
+ }
+
let mut bytes = Vec::new();
self.offer.write(&mut bytes).unwrap();
- Ok(Offer {
- bytes,
- contents: self.offer,
- })
+ Offer { bytes, contents: self.offer }
+ }
+}
+
+#[cfg(test)]
+impl<'a, M: MetadataStrategy, T: secp256k1::Signing> OfferBuilder<'a, M, T> {
+ fn features_unchecked(mut self, features: OfferFeatures) -> Self {
+ self.offer.features = features;
+ self
+ }
+
+ pub(super) fn build_unchecked(self) -> Offer {
+ self.build_without_checks()
}
}
/// An `Offer` is a potentially long-lived proposal for payment of a good or service.
///
-/// An offer is a precursor to an `InvoiceRequest`. A merchant publishes an offer from which a
-/// customer may request an `Invoice` for a specific quantity and using an amount sufficient to
+/// An offer is a precursor to an [`InvoiceRequest`]. A merchant publishes an offer from which a
+/// customer may request an [`Invoice`] for a specific quantity and using an amount sufficient to
/// cover that quantity (i.e., at least `quantity * amount`). See [`Offer::amount`].
///
/// Offers may be denominated in currency other than bitcoin but are ultimately paid using the
/// latter.
///
/// Through the use of [`BlindedPath`]s, offers provide recipient privacy.
+///
+/// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
+/// [`Invoice`]: crate::offers::invoice::Invoice
#[derive(Clone, Debug)]
+#[cfg_attr(test, derive(PartialEq))]
pub struct Offer {
// The serialized offer. Needed when creating an `InvoiceRequest` if the offer contains unknown
// fields.
- bytes: Vec<u8>,
- contents: OfferContents,
+ pub(super) bytes: Vec<u8>,
+ pub(super) contents: OfferContents,
}
-/// The contents of an [`Offer`], which may be shared with an `InvoiceRequest` or an `Invoice`.
+/// The contents of an [`Offer`], which may be shared with an [`InvoiceRequest`] or an [`Invoice`].
+///
+/// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
+/// [`Invoice`]: crate::offers::invoice::Invoice
#[derive(Clone, Debug)]
+#[cfg_attr(test, derive(PartialEq))]
pub(super) struct OfferContents {
chains: Option<Vec<ChainHash>>,
- metadata: Option<Vec<u8>>,
+ metadata: Option<Metadata>,
amount: Option<Amount>,
description: String,
features: OfferFeatures,
issuer: Option<String>,
paths: Option<Vec<BlindedPath>>,
supported_quantity: Quantity,
- signing_pubkey: Option<PublicKey>,
+ signing_pubkey: PublicKey,
}
impl Offer {
/// Payments must be denominated in units of the minimal lightning-payable unit (e.g., msats)
/// for the selected chain.
pub fn chains(&self) -> Vec<ChainHash> {
- self.contents.chains
- .as_ref()
- .cloned()
- .unwrap_or_else(|| vec![self.contents.implied_chain()])
+ self.contents.chains()
+ }
+
+ pub(super) fn implied_chain(&self) -> ChainHash {
+ self.contents.implied_chain()
+ }
+
+ /// Returns whether the given chain is supported by the offer.
+ pub fn supports_chain(&self, chain: ChainHash) -> bool {
+ self.contents.supports_chain(chain)
}
// TODO: Link to corresponding method in `InvoiceRequest`.
/// Opaque bytes set by the originator. Useful for authentication and validating fields since it
/// is reflected in `invoice_request` messages along with all the other fields from the `offer`.
pub fn metadata(&self) -> Option<&Vec<u8>> {
- self.contents.metadata.as_ref()
+ self.contents.metadata()
}
/// The minimum amount required for a successful payment of a single item.
pub fn amount(&self) -> Option<&Amount> {
- self.contents.amount.as_ref()
+ self.contents.amount()
}
/// A complete description of the purpose of the payment. Intended to be displayed to the user
/// but with the caveat that it has not been verified in any way.
pub fn description(&self) -> PrintableString {
- PrintableString(&self.contents.description)
+ self.contents.description()
}
/// Features pertaining to the offer.
/// Whether the offer has expired.
#[cfg(feature = "std")]
pub fn is_expired(&self) -> bool {
- match self.absolute_expiry() {
- Some(seconds_from_epoch) => match SystemTime::UNIX_EPOCH.elapsed() {
- Ok(elapsed) => elapsed > seconds_from_epoch,
- Err(_) => false,
- },
- None => false,
- }
+ self.contents.is_expired()
}
/// The issuer of the offer, possibly beginning with `user@domain` or `domain`. Intended to be
self.contents.supported_quantity()
}
+ /// Returns whether the given quantity is valid for the offer.
+ pub fn is_valid_quantity(&self, quantity: u64) -> bool {
+ self.contents.is_valid_quantity(quantity)
+ }
+
+ /// Returns whether a quantity is expected in an [`InvoiceRequest`] for the offer.
+ ///
+ /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
+ pub fn expects_quantity(&self) -> bool {
+ self.contents.expects_quantity()
+ }
+
/// The public key used by the recipient to sign invoices.
pub fn signing_pubkey(&self) -> PublicKey {
- self.contents.signing_pubkey.unwrap()
+ self.contents.signing_pubkey()
+ }
+
+ /// Similar to [`Offer::request_invoice`] except it:
+ /// - derives the [`InvoiceRequest::payer_id`] such that a different key can be used for each
+ /// request, and
+ /// - sets the [`InvoiceRequest::metadata`] when [`InvoiceRequestBuilder::build`] is called such
+ /// that it can be used by [`Invoice::verify`] to determine if the invoice was requested using
+ /// a base [`ExpandedKey`] from which the payer id was derived.
+ ///
+ /// Useful to protect the sender's privacy.
+ ///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
+ /// [`InvoiceRequest::payer_id`]: crate::offers::invoice_request::InvoiceRequest::payer_id
+ /// [`InvoiceRequest::metadata`]: crate::offers::invoice_request::InvoiceRequest::metadata
+ /// [`Invoice::verify`]: crate::offers::invoice::Invoice::verify
+ /// [`ExpandedKey`]: crate::ln::inbound_payment::ExpandedKey
+ pub fn request_invoice_deriving_payer_id<'a, 'b, ES: Deref, T: secp256k1::Signing>(
+ &'a self, expanded_key: &ExpandedKey, entropy_source: ES, secp_ctx: &'b Secp256k1<T>
+ ) -> Result<InvoiceRequestBuilder<'a, 'b, DerivedPayerId, T>, SemanticError>
+ where
+ ES::Target: EntropySource,
+ {
+ if self.features().requires_unknown_bits() {
+ return Err(SemanticError::UnknownRequiredFeatures);
+ }
+
+ Ok(InvoiceRequestBuilder::deriving_payer_id(self, expanded_key, entropy_source, secp_ctx))
+ }
+
+ /// Similar to [`Offer::request_invoice_deriving_payer_id`] except uses `payer_id` for the
+ /// [`InvoiceRequest::payer_id`] instead of deriving a different key for each request.
+ ///
+ /// Useful for recurring payments using the same `payer_id` with different invoices.
+ ///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
+ /// [`InvoiceRequest::payer_id`]: crate::offers::invoice_request::InvoiceRequest::payer_id
+ pub fn request_invoice_deriving_metadata<ES: Deref>(
+ &self, payer_id: PublicKey, expanded_key: &ExpandedKey, entropy_source: ES
+ ) -> Result<InvoiceRequestBuilder<ExplicitPayerId, secp256k1::SignOnly>, SemanticError>
+ where
+ ES::Target: EntropySource,
+ {
+ if self.features().requires_unknown_bits() {
+ return Err(SemanticError::UnknownRequiredFeatures);
+ }
+
+ Ok(InvoiceRequestBuilder::deriving_metadata(self, payer_id, expanded_key, entropy_source))
+ }
+
+ /// Creates an [`InvoiceRequestBuilder`] for the offer with the given `metadata` and `payer_id`,
+ /// which will be reflected in the `Invoice` response.
+ ///
+ /// The `metadata` is useful for including information about the derivation of `payer_id` such
+ /// that invoice response handling can be stateless. Also serves as payer-provided entropy while
+ /// hashing in the signature calculation.
+ ///
+ /// This should not leak any information such as by using a simple BIP-32 derivation path.
+ /// Otherwise, payments may be correlated.
+ ///
+ /// Errors if the offer contains unknown required features.
+ ///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
+ /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest
+ pub fn request_invoice(
+ &self, metadata: Vec<u8>, payer_id: PublicKey
+ ) -> Result<InvoiceRequestBuilder<ExplicitPayerId, secp256k1::SignOnly>, SemanticError> {
+ if self.features().requires_unknown_bits() {
+ return Err(SemanticError::UnknownRequiredFeatures);
+ }
+
+ Ok(InvoiceRequestBuilder::new(self, metadata, payer_id))
}
#[cfg(test)]
- fn as_tlv_stream(&self) -> OfferTlvStreamRef {
+ pub(super) fn as_tlv_stream(&self) -> OfferTlvStreamRef {
self.contents.as_tlv_stream()
}
}
}
impl OfferContents {
+ pub fn chains(&self) -> Vec<ChainHash> {
+ self.chains.as_ref().cloned().unwrap_or_else(|| vec![self.implied_chain()])
+ }
+
pub fn implied_chain(&self) -> ChainHash {
ChainHash::using_genesis_block(Network::Bitcoin)
}
+ pub fn supports_chain(&self, chain: ChainHash) -> bool {
+ self.chains().contains(&chain)
+ }
+
+ pub fn metadata(&self) -> Option<&Vec<u8>> {
+ self.metadata.as_ref().and_then(|metadata| metadata.as_bytes())
+ }
+
+ pub fn description(&self) -> PrintableString {
+ PrintableString(&self.description)
+ }
+
+ #[cfg(feature = "std")]
+ pub(super) fn is_expired(&self) -> bool {
+ match self.absolute_expiry {
+ Some(seconds_from_epoch) => match SystemTime::UNIX_EPOCH.elapsed() {
+ Ok(elapsed) => elapsed > seconds_from_epoch,
+ Err(_) => false,
+ },
+ None => false,
+ }
+ }
+
+ pub fn amount(&self) -> Option<&Amount> {
+ self.amount.as_ref()
+ }
+
+ pub(super) fn check_amount_msats_for_quantity(
+ &self, amount_msats: Option<u64>, quantity: Option<u64>
+ ) -> Result<(), SemanticError> {
+ let offer_amount_msats = match self.amount {
+ None => 0,
+ Some(Amount::Bitcoin { amount_msats }) => amount_msats,
+ Some(Amount::Currency { .. }) => return Err(SemanticError::UnsupportedCurrency),
+ };
+
+ if !self.expects_quantity() || quantity.is_some() {
+ let expected_amount_msats = offer_amount_msats.checked_mul(quantity.unwrap_or(1))
+ .ok_or(SemanticError::InvalidAmount)?;
+ let amount_msats = amount_msats.unwrap_or(expected_amount_msats);
+
+ if amount_msats < expected_amount_msats {
+ return Err(SemanticError::InsufficientAmount);
+ }
+
+ if amount_msats > MAX_VALUE_MSAT {
+ return Err(SemanticError::InvalidAmount);
+ }
+ }
+
+ Ok(())
+ }
+
pub fn supported_quantity(&self) -> Quantity {
self.supported_quantity
}
- fn as_tlv_stream(&self) -> OfferTlvStreamRef {
+ pub(super) fn check_quantity(&self, quantity: Option<u64>) -> Result<(), SemanticError> {
+ let expects_quantity = self.expects_quantity();
+ match quantity {
+ None if expects_quantity => Err(SemanticError::MissingQuantity),
+ Some(_) if !expects_quantity => Err(SemanticError::UnexpectedQuantity),
+ Some(quantity) if !self.is_valid_quantity(quantity) => {
+ Err(SemanticError::InvalidQuantity)
+ },
+ _ => Ok(()),
+ }
+ }
+
+ fn is_valid_quantity(&self, quantity: u64) -> bool {
+ match self.supported_quantity {
+ Quantity::Bounded(n) => quantity <= n.get(),
+ Quantity::Unbounded => quantity > 0,
+ Quantity::One => quantity == 1,
+ }
+ }
+
+ fn expects_quantity(&self) -> bool {
+ match self.supported_quantity {
+ Quantity::Bounded(_) => true,
+ Quantity::Unbounded => true,
+ Quantity::One => false,
+ }
+ }
+
+ pub(super) fn signing_pubkey(&self) -> PublicKey {
+ self.signing_pubkey
+ }
+
+ /// Verifies that the offer metadata was produced from the offer in the TLV stream.
+ pub(super) fn verify<T: secp256k1::Signing>(
+ &self, bytes: &[u8], key: &ExpandedKey, secp_ctx: &Secp256k1<T>
+ ) -> Result<Option<KeyPair>, ()> {
+ match self.metadata() {
+ Some(metadata) => {
+ let tlv_stream = TlvStream::new(bytes).range(OFFER_TYPES).filter(|record| {
+ match record.r#type {
+ OFFER_METADATA_TYPE => false,
+ OFFER_NODE_ID_TYPE => !self.metadata.as_ref().unwrap().derives_keys(),
+ _ => true,
+ }
+ });
+ signer::verify_metadata(
+ metadata, key, IV_BYTES, self.signing_pubkey(), tlv_stream, secp_ctx
+ )
+ },
+ None => Err(()),
+ }
+ }
+
+ pub(super) fn as_tlv_stream(&self) -> OfferTlvStreamRef {
let (currency, amount) = match &self.amount {
None => (None, None),
Some(Amount::Bitcoin { amount_msats }) => (None, Some(*amount_msats)),
OfferTlvStreamRef {
chains: self.chains.as_ref(),
- metadata: self.metadata.as_ref(),
+ metadata: self.metadata(),
currency,
amount,
description: Some(&self.description),
paths: self.paths.as_ref(),
issuer: self.issuer.as_ref(),
quantity_max: self.supported_quantity.to_tlv_record(),
- node_id: self.signing_pubkey.as_ref(),
+ node_id: Some(&self.signing_pubkey),
}
}
}
/// Quantity of items supported by an [`Offer`].
#[derive(Clone, Copy, Debug, PartialEq)]
pub enum Quantity {
- /// Up to a specific number of items (inclusive).
+ /// Up to a specific number of items (inclusive). Use when more than one item can be requested
+ /// but is limited (e.g., because of per customer or inventory limits).
+ ///
+ /// May be used with `NonZeroU64::new(1)` but prefer to use [`Quantity::One`] if only one item
+ /// is supported.
Bounded(NonZeroU64),
- /// One or more items.
+ /// One or more items. Use when more than one item can be requested without any limit.
Unbounded,
+ /// Only one item. Use when only a single item can be requested.
+ One,
}
impl Quantity {
- /// The default quantity of one.
- pub fn one() -> Self {
- Quantity::Bounded(NonZeroU64::new(1).unwrap())
- }
-
fn to_tlv_record(&self) -> Option<u64> {
match self {
- Quantity::Bounded(n) => {
- let n = n.get();
- if n == 1 { None } else { Some(n) }
- },
+ Quantity::Bounded(n) => Some(n.get()),
Quantity::Unbounded => Some(0),
+ Quantity::One => None,
}
}
}
-tlv_stream!(OfferTlvStream, OfferTlvStreamRef, 1..80, {
+/// Valid type range for offer TLV records.
+pub(super) const OFFER_TYPES: core::ops::Range<u64> = 1..80;
+
+/// TLV record type for [`Offer::metadata`].
+const OFFER_METADATA_TYPE: u64 = 4;
+
+/// TLV record type for [`Offer::signing_pubkey`].
+const OFFER_NODE_ID_TYPE: u64 = 22;
+
+tlv_stream!(OfferTlvStream, OfferTlvStreamRef, OFFER_TYPES, {
(2, chains: (Vec<ChainHash>, WithoutLength)),
- (4, metadata: (Vec<u8>, WithoutLength)),
+ (OFFER_METADATA_TYPE, metadata: (Vec<u8>, WithoutLength)),
(6, currency: CurrencyCode),
(8, amount: (u64, HighZeroBytesDroppedBigSize)),
(10, description: (String, WithoutLength)),
- (12, features: OfferFeatures),
+ (12, features: (OfferFeatures, WithoutLength)),
(14, absolute_expiry: (u64, HighZeroBytesDroppedBigSize)),
(16, paths: (Vec<BlindedPath>, WithoutLength)),
(18, issuer: (String, WithoutLength)),
(20, quantity_max: (u64, HighZeroBytesDroppedBigSize)),
- (22, node_id: PublicKey),
+ (OFFER_NODE_ID_TYPE, node_id: PublicKey),
});
impl Bech32Encode for Offer {
issuer, quantity_max, node_id,
} = tlv_stream;
+ let metadata = metadata.map(|metadata| Metadata::Bytes(metadata));
+
let amount = match (currency, amount) {
(None, None) => None,
(None, Some(amount_msats)) if amount_msats > MAX_VALUE_MSAT => {
.map(|seconds_from_epoch| Duration::from_secs(seconds_from_epoch));
let supported_quantity = match quantity_max {
- None => Quantity::one(),
+ None => Quantity::One,
Some(0) => Quantity::Unbounded,
- Some(1) => return Err(SemanticError::InvalidQuantity),
Some(n) => Quantity::Bounded(NonZeroU64::new(n).unwrap()),
};
- if node_id.is_none() {
- return Err(SemanticError::MissingSigningPubkey);
- }
+ let signing_pubkey = match node_id {
+ None => return Err(SemanticError::MissingSigningPubkey),
+ Some(node_id) => node_id,
+ };
Ok(OfferContents {
chains, metadata, amount, description, features, absolute_expiry, issuer, paths,
- supported_quantity, signing_pubkey: node_id,
+ supported_quantity, signing_pubkey,
})
}
}
#[cfg(test)]
mod tests {
- use super::{Amount, Offer, OfferBuilder, Quantity};
+ use super::{Amount, Offer, OfferBuilder, OfferTlvStreamRef, Quantity};
use bitcoin::blockdata::constants::ChainHash;
use bitcoin::network::constants::Network;
- use bitcoin::secp256k1::{PublicKey, Secp256k1, SecretKey};
+ use bitcoin::secp256k1::Secp256k1;
use core::convert::TryFrom;
use core::num::NonZeroU64;
use core::time::Duration;
+ use crate::blinded_path::{BlindedHop, BlindedPath};
+ use crate::sign::KeyMaterial;
use crate::ln::features::OfferFeatures;
+ use crate::ln::inbound_payment::ExpandedKey;
use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
use crate::offers::parse::{ParseError, SemanticError};
- use crate::onion_message::{BlindedHop, BlindedPath};
+ use crate::offers::test_utils::*;
use crate::util::ser::{BigSize, Writeable};
use crate::util::string::PrintableString;
- fn pubkey(byte: u8) -> PublicKey {
- let secp_ctx = Secp256k1::new();
- PublicKey::from_secret_key(&secp_ctx, &privkey(byte))
- }
-
- fn privkey(byte: u8) -> SecretKey {
- SecretKey::from_slice(&[byte; 32]).unwrap()
- }
-
#[test]
fn builds_offer_with_defaults() {
let offer = OfferBuilder::new("foo".into(), pubkey(42)).build().unwrap();
- let tlv_stream = offer.as_tlv_stream();
+
let mut buffer = Vec::new();
offer.write(&mut buffer).unwrap();
assert_eq!(offer.bytes, buffer.as_slice());
assert_eq!(offer.chains(), vec![ChainHash::using_genesis_block(Network::Bitcoin)]);
+ assert!(offer.supports_chain(ChainHash::using_genesis_block(Network::Bitcoin)));
assert_eq!(offer.metadata(), None);
assert_eq!(offer.amount(), None);
assert_eq!(offer.description(), PrintableString("foo"));
assert!(!offer.is_expired());
assert_eq!(offer.paths(), &[]);
assert_eq!(offer.issuer(), None);
- assert_eq!(offer.supported_quantity(), Quantity::one());
+ assert_eq!(offer.supported_quantity(), Quantity::One);
assert_eq!(offer.signing_pubkey(), pubkey(42));
- assert_eq!(tlv_stream.chains, None);
- assert_eq!(tlv_stream.metadata, None);
- assert_eq!(tlv_stream.currency, None);
- assert_eq!(tlv_stream.amount, None);
- assert_eq!(tlv_stream.description, Some(&String::from("foo")));
- assert_eq!(tlv_stream.features, None);
- assert_eq!(tlv_stream.absolute_expiry, None);
- assert_eq!(tlv_stream.paths, None);
- assert_eq!(tlv_stream.issuer, None);
- assert_eq!(tlv_stream.quantity_max, None);
- assert_eq!(tlv_stream.node_id, Some(&pubkey(42)));
+ assert_eq!(
+ offer.as_tlv_stream(),
+ OfferTlvStreamRef {
+ chains: None,
+ metadata: None,
+ currency: None,
+ amount: None,
+ description: Some(&String::from("foo")),
+ features: None,
+ absolute_expiry: None,
+ paths: None,
+ issuer: None,
+ quantity_max: None,
+ node_id: Some(&pubkey(42)),
+ },
+ );
if let Err(e) = Offer::try_from(buffer) {
panic!("error parsing offer: {:?}", e);
.chain(Network::Bitcoin)
.build()
.unwrap();
+ assert!(offer.supports_chain(mainnet));
assert_eq!(offer.chains(), vec![mainnet]);
assert_eq!(offer.as_tlv_stream().chains, None);
.chain(Network::Testnet)
.build()
.unwrap();
+ assert!(offer.supports_chain(testnet));
assert_eq!(offer.chains(), vec![testnet]);
assert_eq!(offer.as_tlv_stream().chains, Some(&vec![testnet]));
.chain(Network::Testnet)
.build()
.unwrap();
+ assert!(offer.supports_chain(testnet));
assert_eq!(offer.chains(), vec![testnet]);
assert_eq!(offer.as_tlv_stream().chains, Some(&vec![testnet]));
.chain(Network::Testnet)
.build()
.unwrap();
+ assert!(offer.supports_chain(mainnet));
+ assert!(offer.supports_chain(testnet));
assert_eq!(offer.chains(), vec![mainnet, testnet]);
assert_eq!(offer.as_tlv_stream().chains, Some(&vec![mainnet, testnet]));
}
#[test]
fn builds_offer_with_metadata() {
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .metadata(vec![42; 32])
+ .metadata(vec![42; 32]).unwrap()
.build()
.unwrap();
assert_eq!(offer.metadata(), Some(&vec![42; 32]));
assert_eq!(offer.as_tlv_stream().metadata, Some(&vec![42; 32]));
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .metadata(vec![42; 32])
- .metadata(vec![43; 32])
+ .metadata(vec![42; 32]).unwrap()
+ .metadata(vec![43; 32]).unwrap()
.build()
.unwrap();
assert_eq!(offer.metadata(), Some(&vec![43; 32]));
assert_eq!(offer.as_tlv_stream().metadata, Some(&vec![43; 32]));
}
+ #[test]
+ fn builds_offer_with_metadata_derived() {
+ let desc = "foo".to_string();
+ let node_id = recipient_pubkey();
+ let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
+ let entropy = FixedEntropy {};
+ let secp_ctx = Secp256k1::new();
+
+ let offer = OfferBuilder
+ ::deriving_signing_pubkey(desc, node_id, &expanded_key, &entropy, &secp_ctx)
+ .amount_msats(1000)
+ .build().unwrap();
+ assert_eq!(offer.signing_pubkey(), node_id);
+
+ let invoice_request = offer.request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_ok());
+
+ // Fails verification with altered offer field
+ let mut tlv_stream = offer.as_tlv_stream();
+ tlv_stream.amount = Some(100);
+
+ let mut encoded_offer = Vec::new();
+ tlv_stream.write(&mut encoded_offer).unwrap();
+
+ let invoice_request = Offer::try_from(encoded_offer).unwrap()
+ .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
+
+ // Fails verification with altered metadata
+ let mut tlv_stream = offer.as_tlv_stream();
+ let metadata = tlv_stream.metadata.unwrap().iter().copied().rev().collect();
+ tlv_stream.metadata = Some(&metadata);
+
+ let mut encoded_offer = Vec::new();
+ tlv_stream.write(&mut encoded_offer).unwrap();
+
+ let invoice_request = Offer::try_from(encoded_offer).unwrap()
+ .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
+ }
+
+ #[test]
+ fn builds_offer_with_derived_signing_pubkey() {
+ let desc = "foo".to_string();
+ let node_id = recipient_pubkey();
+ let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
+ let entropy = FixedEntropy {};
+ let secp_ctx = Secp256k1::new();
+
+ let blinded_path = BlindedPath {
+ introduction_node_id: pubkey(40),
+ blinding_point: pubkey(41),
+ blinded_hops: vec![
+ BlindedHop { blinded_node_id: pubkey(42), encrypted_payload: vec![0; 43] },
+ BlindedHop { blinded_node_id: node_id, encrypted_payload: vec![0; 44] },
+ ],
+ };
+
+ let offer = OfferBuilder
+ ::deriving_signing_pubkey(desc, node_id, &expanded_key, &entropy, &secp_ctx)
+ .amount_msats(1000)
+ .path(blinded_path)
+ .build().unwrap();
+ assert_ne!(offer.signing_pubkey(), node_id);
+
+ let invoice_request = offer.request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_ok());
+
+ // Fails verification with altered offer field
+ let mut tlv_stream = offer.as_tlv_stream();
+ tlv_stream.amount = Some(100);
+
+ let mut encoded_offer = Vec::new();
+ tlv_stream.write(&mut encoded_offer).unwrap();
+
+ let invoice_request = Offer::try_from(encoded_offer).unwrap()
+ .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
+
+ // Fails verification with altered signing pubkey
+ let mut tlv_stream = offer.as_tlv_stream();
+ let signing_pubkey = pubkey(1);
+ tlv_stream.node_id = Some(&signing_pubkey);
+
+ let mut encoded_offer = Vec::new();
+ tlv_stream.write(&mut encoded_offer).unwrap();
+
+ let invoice_request = Offer::try_from(encoded_offer).unwrap()
+ .request_invoice(vec![1; 32], payer_pubkey()).unwrap()
+ .build().unwrap()
+ .sign(payer_sign).unwrap();
+ assert!(invoice_request.verify(&expanded_key, &secp_ctx).is_err());
+ }
+
#[test]
fn builds_offer_with_amount() {
let bitcoin_amount = Amount::Bitcoin { amount_msats: 1000 };
#[test]
fn builds_offer_with_features() {
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .features(OfferFeatures::unknown())
+ .features_unchecked(OfferFeatures::unknown())
.build()
.unwrap();
assert_eq!(offer.features(), &OfferFeatures::unknown());
assert_eq!(offer.as_tlv_stream().features, Some(&OfferFeatures::unknown()));
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .features(OfferFeatures::unknown())
- .features(OfferFeatures::empty())
+ .features_unchecked(OfferFeatures::unknown())
+ .features_unchecked(OfferFeatures::empty())
.build()
.unwrap();
assert_eq!(offer.features(), &OfferFeatures::empty());
#[test]
fn builds_offer_with_supported_quantity() {
+ let one = NonZeroU64::new(1).unwrap();
let ten = NonZeroU64::new(10).unwrap();
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .supported_quantity(Quantity::one())
+ .supported_quantity(Quantity::One)
.build()
.unwrap();
let tlv_stream = offer.as_tlv_stream();
- assert_eq!(offer.supported_quantity(), Quantity::one());
+ assert_eq!(offer.supported_quantity(), Quantity::One);
assert_eq!(tlv_stream.quantity_max, None);
let offer = OfferBuilder::new("foo".into(), pubkey(42))
assert_eq!(offer.supported_quantity(), Quantity::Bounded(ten));
assert_eq!(tlv_stream.quantity_max, Some(10));
+ let offer = OfferBuilder::new("foo".into(), pubkey(42))
+ .supported_quantity(Quantity::Bounded(one))
+ .build()
+ .unwrap();
+ let tlv_stream = offer.as_tlv_stream();
+ assert_eq!(offer.supported_quantity(), Quantity::Bounded(one));
+ assert_eq!(tlv_stream.quantity_max, Some(1));
+
let offer = OfferBuilder::new("foo".into(), pubkey(42))
.supported_quantity(Quantity::Bounded(ten))
- .supported_quantity(Quantity::one())
+ .supported_quantity(Quantity::One)
.build()
.unwrap();
let tlv_stream = offer.as_tlv_stream();
- assert_eq!(offer.supported_quantity(), Quantity::one());
+ assert_eq!(offer.supported_quantity(), Quantity::One);
assert_eq!(tlv_stream.quantity_max, None);
}
+ #[test]
+ fn fails_requesting_invoice_with_unknown_required_features() {
+ match OfferBuilder::new("foo".into(), pubkey(42))
+ .features_unchecked(OfferFeatures::unknown())
+ .build().unwrap()
+ .request_invoice(vec![1; 32], pubkey(43))
+ {
+ Ok(_) => panic!("expected error"),
+ Err(e) => assert_eq!(e, SemanticError::UnknownRequiredFeatures),
+ }
+ }
+
#[test]
fn parses_offer_with_chains() {
let offer = OfferBuilder::new("foo".into(), pubkey(42))
#[test]
fn parses_offer_with_quantity() {
let offer = OfferBuilder::new("foo".into(), pubkey(42))
- .supported_quantity(Quantity::one())
+ .supported_quantity(Quantity::One)
.build()
.unwrap();
if let Err(e) = offer.to_string().parse::<Offer>() {
panic!("error parsing offer: {:?}", e);
}
- let mut tlv_stream = offer.as_tlv_stream();
- tlv_stream.quantity_max = Some(1);
-
- let mut encoded_offer = Vec::new();
- tlv_stream.write(&mut encoded_offer).unwrap();
-
- match Offer::try_from(encoded_offer) {
- Ok(_) => panic!("expected error"),
- Err(e) => {
- assert_eq!(e, ParseError::InvalidSemantics(SemanticError::InvalidQuantity));
- },
+ let offer = OfferBuilder::new("foo".into(), pubkey(42))
+ .supported_quantity(Quantity::Bounded(NonZeroU64::new(1).unwrap()))
+ .build()
+ .unwrap();
+ if let Err(e) = offer.to_string().parse::<Offer>() {
+ panic!("error parsing offer: {:?}", e);
}
}
panic!("error parsing offer: {:?}", e);
}
- let mut builder = OfferBuilder::new("foo".into(), pubkey(42));
- builder.offer.signing_pubkey = None;
+ let mut tlv_stream = offer.as_tlv_stream();
+ tlv_stream.node_id = None;
- let offer = builder.build().unwrap();
- match offer.to_string().parse::<Offer>() {
+ let mut encoded_offer = Vec::new();
+ tlv_stream.write(&mut encoded_offer).unwrap();
+
+ match Offer::try_from(encoded_offer) {
Ok(_) => panic!("expected error"),
Err(e) => {
assert_eq!(e, ParseError::InvalidSemantics(SemanticError::MissingSigningPubkey));