//! use lightning::offers::refund::{Refund, RefundBuilder};
//! use lightning::util::ser::{Readable, Writeable};
//!
-//! # use lightning::onion_message::BlindedPath;
+//! # use lightning::blinded_path::BlindedPath;
//! # #[cfg(feature = "std")]
//! # use std::time::SystemTime;
//! #
use core::ops::Deref;
use core::str::FromStr;
use core::time::Duration;
-use crate::chain::keysinterface::EntropySource;
+use crate::sign::EntropySource;
use crate::io;
+use crate::blinded_path::BlindedPath;
use crate::ln::PaymentHash;
use crate::ln::features::InvoiceRequestFeatures;
use crate::ln::inbound_payment::{ExpandedKey, IV_LEN, Nonce};
use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
-use crate::offers::invoice::{BlindedPayInfo, InvoiceBuilder};
+use crate::offers::invoice::{BlindedPayInfo, DerivedSigningPubkey, ExplicitSigningPubkey, InvoiceBuilder};
use crate::offers::invoice_request::{InvoiceRequestTlvStream, InvoiceRequestTlvStreamRef};
use crate::offers::offer::{OfferTlvStream, OfferTlvStreamRef};
use crate::offers::parse::{Bech32Encode, ParseError, ParsedMessage, SemanticError};
use crate::offers::payer::{PayerContents, PayerTlvStream, PayerTlvStreamRef};
-use crate::offers::signer::{Metadata, MetadataMaterial};
-use crate::onion_message::BlindedPath;
+use crate::offers::signer::{Metadata, MetadataMaterial, self};
use crate::util::ser::{SeekReadable, WithoutLength, Writeable, Writer};
use crate::util::string::PrintableString;
#[cfg(feature = "std")]
use std::time::SystemTime;
-const IV_BYTES: &[u8; IV_LEN] = b"LDK Refund ~~~~~";
+pub(super) const IV_BYTES: &[u8; IV_LEN] = b"LDK Refund ~~~~~";
/// Builds a [`Refund`] for the "offer for money" flow.
///
/// See [module-level documentation] for usage.
///
+/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+///
/// [module-level documentation]: self
pub struct RefundBuilder<'a, T: secp256k1::Signing> {
refund: RefundContents,
/// A complete description of the purpose of the refund. Intended to be displayed to the user
/// but with the caveat that it has not been verified in any way.
pub fn description(&self) -> PrintableString {
- PrintableString(&self.contents.description)
+ self.contents.description()
}
/// Duration since the Unix epoch when an invoice should no longer be sent.
///
/// [`payer_id`]: Self::payer_id
pub fn metadata(&self) -> &[u8] {
- self.contents.payer.0.as_bytes().map(|bytes| bytes.as_slice()).unwrap_or(&[])
+ self.contents.metadata()
}
/// A chain that the refund is valid for.
/// See [`Refund::respond_with_no_std`] for further details where the aforementioned creation
/// time is used for the `created_at` parameter.
///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
/// [`Duration`]: core::time::Duration
#[cfg(feature = "std")]
pub fn respond_with(
&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
signing_pubkey: PublicKey,
- ) -> Result<InvoiceBuilder, SemanticError> {
+ ) -> Result<InvoiceBuilder<ExplicitSigningPubkey>, SemanticError> {
let created_at = std::time::SystemTime::now()
.duration_since(std::time::SystemTime::UNIX_EPOCH)
.expect("SystemTime::now() should come after SystemTime::UNIX_EPOCH");
///
/// Errors if the request contains unknown required features.
///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
/// [`Invoice::created_at`]: crate::offers::invoice::Invoice::created_at
pub fn respond_with_no_std(
&self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
signing_pubkey: PublicKey, created_at: Duration
- ) -> Result<InvoiceBuilder, SemanticError> {
+ ) -> Result<InvoiceBuilder<ExplicitSigningPubkey>, SemanticError> {
if self.features().requires_unknown_bits() {
return Err(SemanticError::UnknownRequiredFeatures);
}
InvoiceBuilder::for_refund(self, payment_paths, created_at, payment_hash, signing_pubkey)
}
+ /// Creates an [`InvoiceBuilder`] for the refund using the given required fields and that uses
+ /// derived signing keys to sign the [`Invoice`].
+ ///
+ /// See [`Refund::respond_with`] for further details.
+ ///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
+ /// [`Invoice`]: crate::offers::invoice::Invoice
+ #[cfg(feature = "std")]
+ pub fn respond_using_derived_keys<ES: Deref>(
+ &self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
+ expanded_key: &ExpandedKey, entropy_source: ES
+ ) -> Result<InvoiceBuilder<DerivedSigningPubkey>, SemanticError>
+ where
+ ES::Target: EntropySource,
+ {
+ let created_at = std::time::SystemTime::now()
+ .duration_since(std::time::SystemTime::UNIX_EPOCH)
+ .expect("SystemTime::now() should come after SystemTime::UNIX_EPOCH");
+
+ self.respond_using_derived_keys_no_std(
+ payment_paths, payment_hash, created_at, expanded_key, entropy_source
+ )
+ }
+
+ /// Creates an [`InvoiceBuilder`] for the refund using the given required fields and that uses
+ /// derived signing keys to sign the [`Invoice`].
+ ///
+ /// See [`Refund::respond_with_no_std`] for further details.
+ ///
+ /// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+ ///
+ /// [`Invoice`]: crate::offers::invoice::Invoice
+ pub fn respond_using_derived_keys_no_std<ES: Deref>(
+ &self, payment_paths: Vec<(BlindedPath, BlindedPayInfo)>, payment_hash: PaymentHash,
+ created_at: core::time::Duration, expanded_key: &ExpandedKey, entropy_source: ES
+ ) -> Result<InvoiceBuilder<DerivedSigningPubkey>, SemanticError>
+ where
+ ES::Target: EntropySource,
+ {
+ if self.features().requires_unknown_bits() {
+ return Err(SemanticError::UnknownRequiredFeatures);
+ }
+
+ let nonce = Nonce::from_entropy_source(entropy_source);
+ let keys = signer::derive_keys(nonce, expanded_key);
+ InvoiceBuilder::for_refund_using_keys(self, payment_paths, created_at, payment_hash, keys)
+ }
+
#[cfg(test)]
fn as_tlv_stream(&self) -> RefundTlvStreamRef {
self.contents.as_tlv_stream()
}
impl RefundContents {
+ pub fn description(&self) -> PrintableString {
+ PrintableString(&self.description)
+ }
+
#[cfg(feature = "std")]
pub(super) fn is_expired(&self) -> bool {
match self.absolute_expiry {
}
}
+ pub(super) fn metadata(&self) -> &[u8] {
+ self.payer.0.as_bytes().map(|bytes| bytes.as_slice()).unwrap_or(&[])
+ }
+
pub(super) fn chain(&self) -> ChainHash {
self.chain.unwrap_or_else(|| self.implied_chain())
}
ChainHash::using_genesis_block(Network::Bitcoin)
}
+ pub(super) fn derives_keys(&self) -> bool {
+ self.payer.0.derives_keys()
+ }
+
+ pub(super) fn payer_id(&self) -> PublicKey {
+ self.payer_id
+ }
+
pub(super) fn as_tlv_stream(&self) -> RefundTlvStreamRef {
let payer = PayerTlvStreamRef {
metadata: self.payer.0.as_bytes(),
use bitcoin::secp256k1::{KeyPair, Secp256k1, SecretKey};
use core::convert::TryFrom;
use core::time::Duration;
+ use crate::blinded_path::{BlindedHop, BlindedPath};
+ use crate::sign::KeyMaterial;
use crate::ln::features::{InvoiceRequestFeatures, OfferFeatures};
+ use crate::ln::inbound_payment::ExpandedKey;
use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT};
use crate::offers::invoice_request::InvoiceRequestTlvStreamRef;
use crate::offers::offer::OfferTlvStreamRef;
use crate::offers::parse::{ParseError, SemanticError};
use crate::offers::payer::PayerTlvStreamRef;
use crate::offers::test_utils::*;
- use crate::onion_message::{BlindedHop, BlindedPath};
use crate::util::ser::{BigSize, Writeable};
use crate::util::string::PrintableString;
}
}
+ #[test]
+ fn builds_refund_with_metadata_derived() {
+ let desc = "foo".to_string();
+ let node_id = payer_pubkey();
+ let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
+ let entropy = FixedEntropy {};
+ let secp_ctx = Secp256k1::new();
+
+ let refund = RefundBuilder
+ ::deriving_payer_id(desc, node_id, &expanded_key, &entropy, &secp_ctx, 1000)
+ .unwrap()
+ .build().unwrap();
+ assert_eq!(refund.payer_id(), node_id);
+
+ // Fails verification with altered fields
+ let invoice = refund
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(invoice.verify(&expanded_key, &secp_ctx));
+
+ let mut tlv_stream = refund.as_tlv_stream();
+ tlv_stream.2.amount = Some(2000);
+
+ let mut encoded_refund = Vec::new();
+ tlv_stream.write(&mut encoded_refund).unwrap();
+
+ let invoice = Refund::try_from(encoded_refund).unwrap()
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(!invoice.verify(&expanded_key, &secp_ctx));
+
+ // Fails verification with altered metadata
+ let mut tlv_stream = refund.as_tlv_stream();
+ let metadata = tlv_stream.0.metadata.unwrap().iter().copied().rev().collect();
+ tlv_stream.0.metadata = Some(&metadata);
+
+ let mut encoded_refund = Vec::new();
+ tlv_stream.write(&mut encoded_refund).unwrap();
+
+ let invoice = Refund::try_from(encoded_refund).unwrap()
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(!invoice.verify(&expanded_key, &secp_ctx));
+ }
+
+ #[test]
+ fn builds_refund_with_derived_payer_id() {
+ let desc = "foo".to_string();
+ let node_id = payer_pubkey();
+ let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32]));
+ let entropy = FixedEntropy {};
+ let secp_ctx = Secp256k1::new();
+
+ let blinded_path = BlindedPath {
+ introduction_node_id: pubkey(40),
+ blinding_point: pubkey(41),
+ blinded_hops: vec![
+ BlindedHop { blinded_node_id: pubkey(43), encrypted_payload: vec![0; 43] },
+ BlindedHop { blinded_node_id: node_id, encrypted_payload: vec![0; 44] },
+ ],
+ };
+
+ let refund = RefundBuilder
+ ::deriving_payer_id(desc, node_id, &expanded_key, &entropy, &secp_ctx, 1000)
+ .unwrap()
+ .path(blinded_path)
+ .build().unwrap();
+ assert_ne!(refund.payer_id(), node_id);
+
+ let invoice = refund
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(invoice.verify(&expanded_key, &secp_ctx));
+
+ // Fails verification with altered fields
+ let mut tlv_stream = refund.as_tlv_stream();
+ tlv_stream.2.amount = Some(2000);
+
+ let mut encoded_refund = Vec::new();
+ tlv_stream.write(&mut encoded_refund).unwrap();
+
+ let invoice = Refund::try_from(encoded_refund).unwrap()
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(!invoice.verify(&expanded_key, &secp_ctx));
+
+ // Fails verification with altered payer_id
+ let mut tlv_stream = refund.as_tlv_stream();
+ let payer_id = pubkey(1);
+ tlv_stream.2.payer_id = Some(&payer_id);
+
+ let mut encoded_refund = Vec::new();
+ tlv_stream.write(&mut encoded_refund).unwrap();
+
+ let invoice = Refund::try_from(encoded_refund).unwrap()
+ .respond_with_no_std(payment_paths(), payment_hash(), recipient_pubkey(), now())
+ .unwrap()
+ .build().unwrap()
+ .sign(recipient_sign).unwrap();
+ assert!(!invoice.verify(&expanded_key, &secp_ctx));
+ }
+
#[test]
fn builds_refund_with_absolute_expiry() {
let future_expiry = Duration::from_secs(u64::max_value());