git.bitcoin.ninja Git - rust-lightning/commit

author	Matt Corallo <git@bluematt.me>
	Thu, 12 Sep 2024 18:36:58 +0000 (18:36 +0000)
committer	Matt Corallo <git@bluematt.me>
	Mon, 23 Sep 2024 01:24:28 +0000 (01:24 +0000)
commit	aaf529d19366bde82c0bee632dddfd8e38692caa
tree	4a402213ddade5547e23aa2dbedc063a527c232c	tree \| snapshot
parent	aa09c33a1719944769ba98624bfe18ea33083f44	commit \| diff

Add a `PaymentId` for inbound payments

We expect our users to have fully idempotent `Event` handling as we
may replay events on restart for one of a number of reasons. This
isn't a big deal as long as all our events have some kind of
identifier users can use to check if the `Event` has already been
handled.

For outbound payments, this is the `PaymentId` they provide in the
send methods, however for inbound payments we don't have a great
option.

`PaymentHash` largely suffices - users can simply always claim in
response to a `PaymentClaimable` of sufficient value and treat a
`PaymentClaimed` event as duplicate any time they see a second one
for the same `PaymentHash`. This mostly works, but may result in
accepting duplicative payments if someone (incorrectly) pays twice
for the same `PaymentHash`.

Users could also fail for duplicative `PaymentClaimable` events of
the same `PaymentHash`, but doing so may result in spuriously
failing a payment if the `PaymentClaimable` event is a replay and
they never saw a corresponding `PaymentClaimed` event.

While none of this will result in spuriously thinking they've been
paid when they have not, it does result in some pretty awkward
semantics which we'd rather avoid our users having to deal with.

Instead, here, we add a new `PaymentId` which is simply an HMAC of
the HTLCs (as Channel ID, HTLC ID pairs) which were included in the
payment.

lightning/src/events/mod.rs		diff \| blob \| history
lightning/src/ln/channelmanager.rs		diff \| blob \| history
lightning/src/ln/msgs.rs		diff \| blob \| history