Don't include HMAC in Refund paths

Refunds are typically communicated via QR code, where a smaller size is
desirable. Make the HMAC in OutboundPayment data optional such that it
is elided from blinded paths used in refunds. This prevents abandoning
refunds if the reader sends an invoice_error instead of an invoice
message. However, this use case isn't necessary as the corresponding
outbound payment will either timeout when the refund expires or can be
explicitly abandoned by the creator.

diff --git a/lightning/src/blinded_path/message.rs b/lightning/src/blinded_path/message.rs
index 313ac56bfcf684581620535c99c6cba37959a0cf..26019c0369d4dcd9290c656c1596dc100df240db 100644 (file)
--- a/lightning/src/blinded_path/message.rs
+++ b/lightning/src/blinded_path/message.rs
@@ -153,7 +153,7 @@ pub enum OffersContext {
                /// used with an [`InvoiceError`].
                ///
                /// [`InvoiceError`]: crate::offers::invoice_error::InvoiceError
-               hmac: Hmac<Sha256>,
+               hmac: Option<Hmac<Sha256>>,
        },
        /// Context used by a [`BlindedPath`] as a reply path for a [`Bolt12Invoice`].
        ///
@@ -181,7 +181,7 @@ impl_writeable_tlv_based_enum!(OffersContext,
        (1, OutboundPayment) => {
                (0, payment_id, required),
                (1, nonce, required),
-               (2, hmac, required),
+               (2, hmac, option),
        },
        (2, InboundPayment) => {
                (0, payment_hash, required),

diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs
index 17361a1628a3f00d66d5271b1497c13c6676c6d1..5ebb3b2a8b3ff36c69d2abdb61d4f85d536336f7 100644 (file)
--- a/lightning/src/ln/channelmanager.rs
+++ b/lightning/src/ln/channelmanager.rs
@@ -8891,8 +8891,7 @@ macro_rules! create_refund_builder { ($self: ident, $builder: ty) => {
                let secp_ctx = &$self.secp_ctx;
 
                let nonce = Nonce::from_entropy_source(entropy);
-               let hmac = signer::hmac_for_payment_id(payment_id, nonce, expanded_key);
-               let context = OffersContext::OutboundPayment { payment_id, nonce, hmac };
+               let context = OffersContext::OutboundPayment { payment_id, nonce, hmac: None };
                let path = $self.create_blinded_paths_using_absolute_expiry(context, Some(absolute_expiry))
                        .and_then(|paths| paths.into_iter().next().ok_or(()))
                        .map_err(|_| Bolt12SemanticError::MissingPaths)?;
@@ -9028,7 +9027,7 @@ where
                let invoice_request = builder.build_and_sign()?;
 
                let hmac = signer::hmac_for_payment_id(payment_id, nonce, expanded_key);
-               let context = OffersContext::OutboundPayment { payment_id, nonce, hmac };
+               let context = OffersContext::OutboundPayment { payment_id, nonce, hmac: Some(hmac) };
                let reply_paths = self.create_blinded_paths(context)
                        .map_err(|_| Bolt12SemanticError::MissingPaths)?;
 
@@ -10916,7 +10915,7 @@ where
                                log_trace!(logger, "Received invoice_error: {}", invoice_error);
 
                                match context {
-                                       Some(OffersContext::OutboundPayment { payment_id, nonce, hmac }) => {
+                                       Some(OffersContext::OutboundPayment { payment_id, nonce, hmac: Some(hmac) }) => {
                                                if signer::verify_payment_id(payment_id, hmac, nonce, expanded_key) {
                                                        self.abandon_payment_with_reason(
                                                                payment_id, PaymentFailureReason::RecipientRejected,