From 114954cbace0b26bc99205c493ce53dc9bf42183 Mon Sep 17 00:00:00 2001 From: Jeffrey Czyz Date: Fri, 12 Jul 2024 17:26:30 -0500 Subject: [PATCH] Pass Nonce directly to RefundBuilder When using RefundBuilder::deriving_payer_id, the nonce generated needs to be the same one included in any RefundBuilder::paths. This is because the nonce is used along with the refund TLVs to derive a payer id and will soon be used to authenticate any invoices. --- lightning/src/ln/channelmanager.rs | 3 ++- lightning/src/offers/refund.rs | 14 ++++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/lightning/src/ln/channelmanager.rs b/lightning/src/ln/channelmanager.rs index 6e6b0ceb6..1988aba4a 100644 --- a/lightning/src/ln/channelmanager.rs +++ b/lightning/src/ln/channelmanager.rs @@ -8861,13 +8861,14 @@ macro_rules! create_refund_builder { ($self: ident, $builder: ty) => { let entropy = &*$self.entropy_source; let secp_ctx = &$self.secp_ctx; + let nonce = Nonce::from_entropy_source(entropy); let context = OffersContext::OutboundPayment { payment_id }; let path = $self.create_blinded_paths_using_absolute_expiry(context, Some(absolute_expiry)) .and_then(|paths| paths.into_iter().next().ok_or(())) .map_err(|_| Bolt12SemanticError::MissingPaths)?; let builder = RefundBuilder::deriving_payer_id( - node_id, expanded_key, entropy, secp_ctx, amount_msats, payment_id + node_id, expanded_key, nonce, secp_ctx, amount_msats, payment_id )? .chain_hash($self.chain_hash) .absolute_expiry(absolute_expiry) diff --git a/lightning/src/offers/refund.rs b/lightning/src/offers/refund.rs index 6a14d2871..d5171b3a6 100644 --- a/lightning/src/offers/refund.rs +++ b/lightning/src/offers/refund.rs @@ -197,15 +197,14 @@ macro_rules! refund_builder_methods { ( /// /// [`InvoiceRequest`]: crate::offers::invoice_request::InvoiceRequest /// [`ExpandedKey`]: crate::ln::inbound_payment::ExpandedKey - pub fn deriving_payer_id( - node_id: PublicKey, expanded_key: &ExpandedKey, entropy_source: ES, + pub fn deriving_payer_id( + node_id: PublicKey, expanded_key: &ExpandedKey, nonce: Nonce, secp_ctx: &'a Secp256k1<$secp_context>, amount_msats: u64, payment_id: PaymentId - ) -> Result where ES::Target: EntropySource { + ) -> Result { if amount_msats > MAX_VALUE_MSAT { return Err(Bolt12SemanticError::InvalidAmount); } - let nonce = Nonce::from_entropy_source(entropy_source); let payment_id = Some(payment_id); let derivation_material = MetadataMaterial::new(nonce, expanded_key, IV_BYTES, payment_id); let metadata = Metadata::DerivedSigningPubkey(derivation_material); @@ -940,6 +939,7 @@ mod tests { use crate::ln::inbound_payment::ExpandedKey; use crate::ln::msgs::{DecodeError, MAX_VALUE_MSAT}; use crate::offers::invoice_request::InvoiceRequestTlvStreamRef; + use crate::offers::nonce::Nonce; use crate::offers::offer::OfferTlvStreamRef; use crate::offers::parse::{Bolt12ParseError, Bolt12SemanticError}; use crate::offers::payer::PayerTlvStreamRef; @@ -1029,11 +1029,12 @@ mod tests { let node_id = payer_pubkey(); let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32])); let entropy = FixedEntropy {}; + let nonce = Nonce::from_entropy_source(&entropy); let secp_ctx = Secp256k1::new(); let payment_id = PaymentId([1; 32]); let refund = RefundBuilder - ::deriving_payer_id(node_id, &expanded_key, &entropy, &secp_ctx, 1000, payment_id) + ::deriving_payer_id(node_id, &expanded_key, nonce, &secp_ctx, 1000, payment_id) .unwrap() .build().unwrap(); assert_eq!(refund.payer_id(), node_id); @@ -1083,6 +1084,7 @@ mod tests { let node_id = payer_pubkey(); let expanded_key = ExpandedKey::new(&KeyMaterial([42; 32])); let entropy = FixedEntropy {}; + let nonce = Nonce::from_entropy_source(&entropy); let secp_ctx = Secp256k1::new(); let payment_id = PaymentId([1; 32]); @@ -1096,7 +1098,7 @@ mod tests { }; let refund = RefundBuilder - ::deriving_payer_id(node_id, &expanded_key, &entropy, &secp_ctx, 1000, payment_id) + ::deriving_payer_id(node_id, &expanded_key, nonce, &secp_ctx, 1000, payment_id) .unwrap() .path(blinded_path) .build().unwrap(); -- 2.39.5