2 #![deny(non_upper_case_globals)]
3 #![deny(non_camel_case_types)]
4 #![deny(non_snake_case)]
6 #![deny(broken_intra_doc_links)]
8 #![cfg_attr(feature = "strict", deny(warnings))]
10 //! This crate provides data structures to represent
11 //! [lightning BOLT11](https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md)
12 //! invoices and functions to create, encode and decode these. If you just want to use the standard
13 //! en-/decoding functionality this should get you started:
15 //! * For parsing use `str::parse::<Invoice>(&self)` (see the docs of `impl FromStr for Invoice`)
16 //! * For constructing invoices use the `InvoiceBuilder`
17 //! * For serializing invoices use the `Display`/`ToString` traits
21 extern crate bitcoin_hashes;
22 extern crate lightning;
23 extern crate num_traits;
24 extern crate secp256k1;
27 use bitcoin_hashes::Hash;
28 use bitcoin_hashes::sha256;
29 use lightning::ln::PaymentSecret;
30 use lightning::ln::features::InvoiceFeatures;
31 #[cfg(any(doc, test))]
32 use lightning::routing::network_graph::RoutingFees;
33 use lightning::routing::router::RouteHint;
35 use secp256k1::key::PublicKey;
36 use secp256k1::{Message, Secp256k1};
37 use secp256k1::recovery::RecoverableSignature;
39 use std::fmt::{Display, Formatter, self};
40 use std::iter::FilterMap;
43 use std::time::{SystemTime, Duration, UNIX_EPOCH};
49 pub use de::{ParseError, ParseOrSemanticError};
51 // TODO: fix before 2037 (see rust PR #55527)
52 /// Defines the maximum UNIX timestamp that can be represented as `SystemTime`. This is checked by
53 /// one of the unit tests, please run them.
54 const SYSTEM_TIME_MAX_UNIX_TIMESTAMP: u64 = std::i32::MAX as u64;
56 /// Allow the expiry time to be up to one year. Since this reduces the range of possible timestamps
57 /// it should be rather low as long as we still have to support 32bit time representations
58 const MAX_EXPIRY_TIME: u64 = 60 * 60 * 24 * 356;
60 /// Default expiry time as defined by [BOLT 11].
62 /// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md
63 pub const DEFAULT_EXPIRY_TIME: u64 = 3600;
65 /// Default minimum final CLTV expiry as defined by [BOLT 11].
67 /// Note that this is *not* the same value as rust-lightning's minimum CLTV expiry, which is
68 /// provided in [`MIN_FINAL_CLTV_EXPIRY`].
70 /// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md
71 /// [`MIN_FINAL_CLTV_EXPIRY`]: lightning::ln::channelmanager::MIN_FINAL_CLTV_EXPIRY
72 pub const DEFAULT_MIN_FINAL_CLTV_EXPIRY: u64 = 18;
74 /// This function is used as a static assert for the size of `SystemTime`. If the crate fails to
75 /// compile due to it this indicates that your system uses unexpected bounds for `SystemTime`. You
76 /// can remove this functions and run the test `test_system_time_bounds_assumptions`. In any case,
77 /// please open an issue. If all tests pass you should be able to use this library safely by just
78 /// removing this function till we patch it accordingly.
79 fn __system_time_size_check() {
80 // Use 2 * sizeof(u64) as expected size since the expected underlying implementation is storing
81 // a `Duration` since `SystemTime::UNIX_EPOCH`.
82 unsafe { std::mem::transmute_copy::<SystemTime, [u8; 16]>(&UNIX_EPOCH); }
86 /// **Call this function on startup to ensure that all assumptions about the platform are valid.**
88 /// Unfortunately we have to make assumptions about the upper bounds of the `SystemTime` type on
89 /// your platform which we can't fully verify at compile time and which isn't part of it's contract.
90 /// To our best knowledge our assumptions hold for all platforms officially supported by rust, but
91 /// since this check is fast we recommend to do it anyway.
93 /// If this function fails this is considered a bug. Please open an issue describing your
94 /// platform and stating your current system time.
97 /// If the check fails this function panics. By calling this function on startup you ensure that
98 /// this wont happen at an arbitrary later point in time.
99 pub fn check_platform() {
100 // The upper and lower bounds of `SystemTime` are not part of its public contract and are
101 // platform specific. That's why we have to test if our assumptions regarding these bounds
102 // hold on the target platform.
104 // If this test fails on your platform, please don't use the library and open an issue
105 // instead so we can resolve the situation. Currently this library is tested on:
107 let fail_date = UNIX_EPOCH + Duration::from_secs(SYSTEM_TIME_MAX_UNIX_TIMESTAMP);
108 let year = Duration::from_secs(60 * 60 * 24 * 365);
110 // Make sure that the library will keep working for another year
111 assert!(fail_date.duration_since(SystemTime::now()).unwrap() > year);
113 let max_ts = PositiveTimestamp::from_unix_timestamp(
114 SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME
116 let max_exp = ::ExpiryTime::from_seconds(MAX_EXPIRY_TIME).unwrap();
119 (*max_ts.as_time() + *max_exp.as_duration()).duration_since(UNIX_EPOCH).unwrap().as_secs(),
120 SYSTEM_TIME_MAX_UNIX_TIMESTAMP
125 /// Builder for `Invoice`s. It's the most convenient and advised way to use this library. It ensures
126 /// that only a semantically and syntactically correct Invoice can be built using it.
129 /// extern crate secp256k1;
130 /// extern crate lightning_invoice;
131 /// extern crate bitcoin_hashes;
133 /// use bitcoin_hashes::Hash;
134 /// use bitcoin_hashes::sha256;
136 /// use secp256k1::Secp256k1;
137 /// use secp256k1::key::SecretKey;
139 /// use lightning_invoice::{Currency, InvoiceBuilder};
142 /// let private_key = SecretKey::from_slice(
144 /// 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f,
145 /// 0xe2, 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04,
146 /// 0xa8, 0xca, 0x3b, 0x2d, 0xb7, 0x34
150 /// let payment_hash = sha256::Hash::from_slice(&[0; 32][..]).unwrap();
152 /// let invoice = InvoiceBuilder::new(Currency::Bitcoin)
153 /// .description("Coins pls!".into())
154 /// .payment_hash(payment_hash)
155 /// .current_timestamp()
156 /// .min_final_cltv_expiry(144)
157 /// .build_signed(|hash| {
158 /// Secp256k1::new().sign_recoverable(hash, &private_key)
162 /// assert!(invoice.to_string().starts_with("lnbc1"));
166 /// # Type parameters
167 /// The two parameters `D` and `H` signal if the builder already contains the correct amount of the
169 /// * `D`: exactly one `Description` or `DescriptionHash`
170 /// * `H`: exactly one `PaymentHash`
171 /// * `T`: the timestamp is set
173 /// (C-not exported) as we likely need to manually select one set of boolean type parameters.
174 #[derive(Eq, PartialEq, Debug, Clone)]
175 pub struct InvoiceBuilder<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> {
178 si_prefix: Option<SiPrefix>,
179 timestamp: Option<PositiveTimestamp>,
180 tagged_fields: Vec<TaggedField>,
181 error: Option<CreationError>,
183 phantom_d: std::marker::PhantomData<D>,
184 phantom_h: std::marker::PhantomData<H>,
185 phantom_t: std::marker::PhantomData<T>,
186 phantom_c: std::marker::PhantomData<C>,
187 phantom_s: std::marker::PhantomData<S>,
190 /// Represents a syntactically and semantically correct lightning BOLT11 invoice.
192 /// There are three ways to construct an `Invoice`:
193 /// 1. using `InvoiceBuilder`
194 /// 2. using `Invoice::from_signed(SignedRawInvoice)`
195 /// 3. using `str::parse::<Invoice>(&str)`
196 #[derive(Eq, PartialEq, Debug, Clone)]
198 signed_invoice: SignedRawInvoice,
201 /// Represents the description of an invoice which has to be either a directly included string or
202 /// a hash of a description provided out of band.
204 /// (C-not exported) As we don't have a good way to map the reference lifetimes making this
205 /// practically impossible to use safely in languages like C.
206 #[derive(Eq, PartialEq, Debug, Clone)]
207 pub enum InvoiceDescription<'f> {
208 /// Reference to the directly supplied description in the invoice
209 Direct(&'f Description),
211 /// Reference to the description's hash included in the invoice
215 /// Represents a signed `RawInvoice` with cached hash. The signature is not checked and may be
219 /// The hash has to be either from the deserialized invoice or from the serialized `raw_invoice`.
220 #[derive(Eq, PartialEq, Debug, Clone)]
221 pub struct SignedRawInvoice {
222 /// The rawInvoice that the signature belongs to
223 raw_invoice: RawInvoice,
225 /// Hash of the `RawInvoice` that will be used to check the signature.
227 /// * if the `SignedRawInvoice` was deserialized the hash is of from the original encoded form,
228 /// since it's not guaranteed that encoding it again will lead to the same result since integers
229 /// could have been encoded with leading zeroes etc.
230 /// * if the `SignedRawInvoice` was constructed manually the hash will be the calculated hash
231 /// from the `RawInvoice`
234 /// signature of the payment request
235 signature: InvoiceSignature,
238 /// Represents an syntactically correct Invoice for a payment on the lightning network,
239 /// but without the signature information.
240 /// De- and encoding should not lead to information loss but may lead to different hashes.
242 /// For methods without docs see the corresponding methods in `Invoice`.
243 #[derive(Eq, PartialEq, Debug, Clone)]
244 pub struct RawInvoice {
245 /// human readable part
249 pub data: RawDataPart,
252 /// Data of the `RawInvoice` that is encoded in the human readable part
254 /// (C-not exported) As we don't yet support Option<Enum>
255 #[derive(Eq, PartialEq, Debug, Clone)]
257 /// The currency deferred from the 3rd and 4th character of the bech32 transaction
258 pub currency: Currency,
260 /// The amount that, multiplied by the SI prefix, has to be payed
261 pub raw_amount: Option<u64>,
263 /// SI prefix that gets multiplied with the `raw_amount`
264 pub si_prefix: Option<SiPrefix>,
267 /// Data of the `RawInvoice` that is encoded in the data part
268 #[derive(Eq, PartialEq, Debug, Clone)]
269 pub struct RawDataPart {
270 /// generation time of the invoice
271 pub timestamp: PositiveTimestamp,
273 /// tagged fields of the payment request
274 pub tagged_fields: Vec<RawTaggedField>,
277 /// A timestamp that refers to a date after 1 January 1970 which means its representation as UNIX
278 /// timestamp is positive.
281 /// The UNIX timestamp representing the stored time has to be positive and small enough so that
282 /// a `EpiryTime` can be added to it without an overflow.
283 #[derive(Eq, PartialEq, Debug, Clone)]
284 pub struct PositiveTimestamp(SystemTime);
286 /// SI prefixes for the human readable part
287 #[derive(Eq, PartialEq, Debug, Clone, Copy)]
300 /// Returns the multiplier to go from a BTC value to picoBTC implied by this SiPrefix.
301 /// This is effectively 10^12 * the prefix multiplier
302 pub fn multiplier(&self) -> u64 {
304 SiPrefix::Milli => 1_000_000_000,
305 SiPrefix::Micro => 1_000_000,
306 SiPrefix::Nano => 1_000,
311 /// Returns all enum variants of `SiPrefix` sorted in descending order of their associated
314 /// (C-not exported) As we don't yet support a slice of enums, and also because this function
315 /// isn't the most critical to expose.
316 pub fn values_desc() -> &'static [SiPrefix] {
318 static VALUES: [SiPrefix; 4] = [Milli, Micro, Nano, Pico];
323 /// Enum representing the crypto currencies (or networks) supported by this library
324 #[derive(Eq, PartialEq, Debug, Clone)]
342 /// Tagged field which may have an unknown tag
344 /// (C-not exported) as we don't currently support TaggedField
345 #[derive(Eq, PartialEq, Debug, Clone)]
346 pub enum RawTaggedField {
347 /// Parsed tagged field with known tag
348 KnownSemantics(TaggedField),
349 /// tagged field which was not parsed due to an unknown tag or undefined field semantics
350 UnknownSemantics(Vec<u5>),
353 /// Tagged field with known tag
355 /// For descriptions of the enum values please refer to the enclosed type's docs.
357 /// (C-not exported) As we don't yet support enum variants with the same name the struct contained
359 #[allow(missing_docs)]
360 #[derive(Eq, PartialEq, Debug, Clone)]
361 pub enum TaggedField {
363 Description(Description),
364 PayeePubKey(PayeePubKey),
365 DescriptionHash(Sha256),
366 ExpiryTime(ExpiryTime),
367 MinFinalCltvExpiry(MinFinalCltvExpiry),
369 PrivateRoute(PrivateRoute),
370 PaymentSecret(PaymentSecret),
371 Features(InvoiceFeatures),
375 #[derive(Eq, PartialEq, Debug, Clone)]
376 pub struct Sha256(pub sha256::Hash);
378 /// Description string
381 /// The description can be at most 639 __bytes__ long
382 #[derive(Eq, PartialEq, Debug, Clone)]
383 pub struct Description(String);
386 #[derive(Eq, PartialEq, Debug, Clone)]
387 pub struct PayeePubKey(pub PublicKey);
389 /// Positive duration that defines when (relatively to the timestamp) in the future the invoice
393 /// The number of seconds this expiry time represents has to be in the range
394 /// `0...(SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME)` to avoid overflows when adding it to a
396 #[derive(Eq, PartialEq, Debug, Clone)]
397 pub struct ExpiryTime(Duration);
399 /// `min_final_cltv_expiry` to use for the last HTLC in the route
400 #[derive(Eq, PartialEq, Debug, Clone)]
401 pub struct MinFinalCltvExpiry(pub u64);
403 // TODO: better types instead onf byte arrays
404 /// Fallback address in case no LN payment is possible
405 #[allow(missing_docs)]
406 #[derive(Eq, PartialEq, Debug, Clone)]
412 PubKeyHash([u8; 20]),
413 ScriptHash([u8; 20]),
416 /// Recoverable signature
417 #[derive(Eq, PartialEq, Debug, Clone)]
418 pub struct InvoiceSignature(pub RecoverableSignature);
420 /// Private routing information
423 /// The encoded route has to be <1024 5bit characters long (<=639 bytes or <=12 hops)
425 #[derive(Eq, PartialEq, Debug, Clone)]
426 pub struct PrivateRoute(RouteHint);
428 /// Tag constants as specified in BOLT11
429 #[allow(missing_docs)]
431 pub const TAG_PAYMENT_HASH: u8 = 1;
432 pub const TAG_DESCRIPTION: u8 = 13;
433 pub const TAG_PAYEE_PUB_KEY: u8 = 19;
434 pub const TAG_DESCRIPTION_HASH: u8 = 23;
435 pub const TAG_EXPIRY_TIME: u8 = 6;
436 pub const TAG_MIN_FINAL_CLTV_EXPIRY: u8 = 24;
437 pub const TAG_FALLBACK: u8 = 9;
438 pub const TAG_PRIVATE_ROUTE: u8 = 3;
439 pub const TAG_PAYMENT_SECRET: u8 = 16;
440 pub const TAG_FEATURES: u8 = 5;
443 impl InvoiceBuilder<tb::False, tb::False, tb::False, tb::False, tb::False> {
444 /// Construct new, empty `InvoiceBuilder`. All necessary fields have to be filled first before
445 /// `InvoiceBuilder::build(self)` becomes available.
446 pub fn new(currrency: Currency) -> Self {
452 tagged_fields: Vec::new(),
455 phantom_d: std::marker::PhantomData,
456 phantom_h: std::marker::PhantomData,
457 phantom_t: std::marker::PhantomData,
458 phantom_c: std::marker::PhantomData,
459 phantom_s: std::marker::PhantomData,
464 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, T, C, S> {
465 /// Helper function to set the completeness flags.
466 fn set_flags<DN: tb::Bool, HN: tb::Bool, TN: tb::Bool, CN: tb::Bool, SN: tb::Bool>(self) -> InvoiceBuilder<DN, HN, TN, CN, SN> {
467 InvoiceBuilder::<DN, HN, TN, CN, SN> {
468 currency: self.currency,
470 si_prefix: self.si_prefix,
471 timestamp: self.timestamp,
472 tagged_fields: self.tagged_fields,
475 phantom_d: std::marker::PhantomData,
476 phantom_h: std::marker::PhantomData,
477 phantom_t: std::marker::PhantomData,
478 phantom_c: std::marker::PhantomData,
479 phantom_s: std::marker::PhantomData,
483 /// Sets the amount in pico BTC. The optimal SI prefix is choosen automatically.
484 pub fn amount_pico_btc(mut self, amount: u64) -> Self {
485 let biggest_possible_si_prefix = SiPrefix::values_desc()
487 .find(|prefix| amount % prefix.multiplier() == 0)
488 .expect("Pico should always match");
489 self.amount = Some(amount / biggest_possible_si_prefix.multiplier());
490 self.si_prefix = Some(*biggest_possible_si_prefix);
494 /// Sets the payee's public key.
495 pub fn payee_pub_key(mut self, pub_key: PublicKey) -> Self {
496 self.tagged_fields.push(TaggedField::PayeePubKey(PayeePubKey(pub_key)));
500 /// Sets the expiry time
501 pub fn expiry_time(mut self, expiry_time: Duration) -> Self {
502 match ExpiryTime::from_duration(expiry_time) {
503 Ok(t) => self.tagged_fields.push(TaggedField::ExpiryTime(t)),
504 Err(e) => self.error = Some(e),
509 /// Adds a fallback address.
510 pub fn fallback(mut self, fallback: Fallback) -> Self {
511 self.tagged_fields.push(TaggedField::Fallback(fallback));
515 /// Adds a private route.
516 pub fn private_route(mut self, hint: RouteHint) -> Self {
517 match PrivateRoute::new(hint) {
518 Ok(r) => self.tagged_fields.push(TaggedField::PrivateRoute(r)),
519 Err(e) => self.error = Some(e),
525 impl<D: tb::Bool, H: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, tb::True, C, S> {
526 /// Builds a `RawInvoice` if no `CreationError` occurred while construction any of the fields.
527 pub fn build_raw(self) -> Result<RawInvoice, CreationError> {
529 // If an error occurred at any time before, return it now
530 if let Some(e) = self.error {
535 currency: self.currency,
536 raw_amount: self.amount,
537 si_prefix: self.si_prefix,
540 let timestamp = self.timestamp.expect("ensured to be Some(t) by type T");
542 let tagged_fields = self.tagged_fields.into_iter().map(|tf| {
543 RawTaggedField::KnownSemantics(tf)
544 }).collect::<Vec<_>>();
546 let data = RawDataPart {
547 timestamp: timestamp,
548 tagged_fields: tagged_fields,
558 impl<H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<tb::False, H, T, C, S> {
559 /// Set the description. This function is only available if no description (hash) was set.
560 pub fn description(mut self, description: String) -> InvoiceBuilder<tb::True, H, T, C, S> {
561 match Description::new(description) {
562 Ok(d) => self.tagged_fields.push(TaggedField::Description(d)),
563 Err(e) => self.error = Some(e),
568 /// Set the description hash. This function is only available if no description (hash) was set.
569 pub fn description_hash(mut self, description_hash: sha256::Hash) -> InvoiceBuilder<tb::True, H, T, C, S> {
570 self.tagged_fields.push(TaggedField::DescriptionHash(Sha256(description_hash)));
575 impl<D: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, tb::False, T, C, S> {
576 /// Set the payment hash. This function is only available if no payment hash was set.
577 pub fn payment_hash(mut self, hash: sha256::Hash) -> InvoiceBuilder<D, tb::True, T, C, S> {
578 self.tagged_fields.push(TaggedField::PaymentHash(Sha256(hash)));
583 impl<D: tb::Bool, H: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, tb::False, C, S> {
584 /// Sets the timestamp.
585 pub fn timestamp(mut self, time: SystemTime) -> InvoiceBuilder<D, H, tb::True, C, S> {
586 match PositiveTimestamp::from_system_time(time) {
587 Ok(t) => self.timestamp = Some(t),
588 Err(e) => self.error = Some(e),
594 /// Sets the timestamp to the current UNIX timestamp.
595 pub fn current_timestamp(mut self) -> InvoiceBuilder<D, H, tb::True, C, S> {
596 let now = PositiveTimestamp::from_system_time(SystemTime::now());
597 self.timestamp = Some(now.expect("for the foreseeable future this shouldn't happen"));
602 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, S: tb::Bool> InvoiceBuilder<D, H, T, tb::False, S> {
603 /// Sets `min_final_cltv_expiry`.
604 pub fn min_final_cltv_expiry(mut self, min_final_cltv_expiry: u64) -> InvoiceBuilder<D, H, T, tb::True, S> {
605 self.tagged_fields.push(TaggedField::MinFinalCltvExpiry(MinFinalCltvExpiry(min_final_cltv_expiry)));
610 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool> InvoiceBuilder<D, H, T, C, tb::False> {
611 /// Sets the payment secret and relevant features.
612 pub fn payment_secret(mut self, payment_secret: PaymentSecret) -> InvoiceBuilder<D, H, T, C, tb::True> {
613 let features = InvoiceFeatures::empty()
614 .set_variable_length_onion_required()
615 .set_payment_secret_required();
616 self.tagged_fields.push(TaggedField::PaymentSecret(payment_secret));
617 self.tagged_fields.push(TaggedField::Features(features));
622 impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool> InvoiceBuilder<D, H, T, C, tb::True> {
623 /// Sets the `basic_mpp` feature as optional.
624 pub fn basic_mpp(mut self) -> Self {
625 self.tagged_fields = self.tagged_fields
627 .map(|field| match field {
628 TaggedField::Features(f) => TaggedField::Features(f.set_basic_mpp_optional()),
636 impl<S: tb::Bool> InvoiceBuilder<tb::True, tb::True, tb::True, tb::True, S> {
637 /// Builds and signs an invoice using the supplied `sign_function`. This function MAY NOT fail
638 /// and MUST produce a recoverable signature valid for the given hash and if applicable also for
639 /// the included payee public key.
640 pub fn build_signed<F>(self, sign_function: F) -> Result<Invoice, CreationError>
641 where F: FnOnce(&Message) -> RecoverableSignature
643 let invoice = self.try_build_signed::<_, ()>(|hash| {
644 Ok(sign_function(hash))
649 Err(SignOrCreationError::CreationError(e)) => Err(e),
650 Err(SignOrCreationError::SignError(())) => unreachable!(),
654 /// Builds and signs an invoice using the supplied `sign_function`. This function MAY fail with
655 /// an error of type `E` and MUST produce a recoverable signature valid for the given hash and
656 /// if applicable also for the included payee public key.
657 pub fn try_build_signed<F, E>(self, sign_function: F) -> Result<Invoice, SignOrCreationError<E>>
658 where F: FnOnce(&Message) -> Result<RecoverableSignature, E>
660 let raw = match self.build_raw() {
662 Err(e) => return Err(SignOrCreationError::CreationError(e)),
665 let signed = match raw.sign(sign_function) {
667 Err(e) => return Err(SignOrCreationError::SignError(e)),
670 let invoice = Invoice {
671 signed_invoice: signed,
674 invoice.check_field_counts().expect("should be ensured by type signature of builder");
675 invoice.check_feature_bits().expect("should be ensured by type signature of builder");
682 impl SignedRawInvoice {
683 /// Disassembles the `SignedRawInvoice` into its three parts:
685 /// 2. hash of the raw invoice
687 pub fn into_parts(self) -> (RawInvoice, [u8; 32], InvoiceSignature) {
688 (self.raw_invoice, self.hash, self.signature)
691 /// The `RawInvoice` which was signed.
692 pub fn raw_invoice(&self) -> &RawInvoice {
696 /// The hash of the `RawInvoice` that was signed.
697 pub fn hash(&self) -> &[u8; 32] {
701 /// InvoiceSignature for the invoice.
702 pub fn signature(&self) -> &InvoiceSignature {
706 /// Recovers the public key used for signing the invoice from the recoverable signature.
707 pub fn recover_payee_pub_key(&self) -> Result<PayeePubKey, secp256k1::Error> {
708 let hash = Message::from_slice(&self.hash[..])
709 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
711 Ok(PayeePubKey(Secp256k1::new().recover(
717 /// Checks if the signature is valid for the included payee public key or if none exists if it's
718 /// valid for the recovered signature (which should always be true?).
719 pub fn check_signature(&self) -> bool {
720 let included_pub_key = self.raw_invoice.payee_pub_key();
722 let mut recovered_pub_key = Option::None;
723 if recovered_pub_key.is_none() {
724 let recovered = match self.recover_payee_pub_key() {
726 Err(_) => return false,
728 recovered_pub_key = Some(recovered);
731 let pub_key = included_pub_key.or_else(|| recovered_pub_key.as_ref())
732 .expect("One is always present");
734 let hash = Message::from_slice(&self.hash[..])
735 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
737 let secp_context = Secp256k1::new();
738 let verification_result = secp_context.verify(
740 &self.signature.to_standard(),
744 match verification_result {
751 /// Finds the first element of an enum stream of a given variant and extracts one member of the
752 /// variant. If no element was found `None` gets returned.
754 /// The following example would extract the first B.
763 /// let elements = vec![A(1), A(2), B(3), A(4)]
765 /// assert_eq!(find_extract!(elements.iter(), Enum::B(ref x), x), Some(3u16))
767 macro_rules! find_extract {
768 ($iter:expr, $enm:pat, $enm_var:ident) => {
769 find_all_extract!($iter, $enm, $enm_var).next()
773 /// Finds the all elements of an enum stream of a given variant and extracts one member of the
774 /// variant through an iterator.
776 /// The following example would extract all A.
785 /// let elements = vec![A(1), A(2), B(3), A(4)]
788 /// find_all_extract!(elements.iter(), Enum::A(ref x), x).collect::<Vec<u8>>(),
789 /// vec![1u8, 2u8, 4u8])
791 macro_rules! find_all_extract {
792 ($iter:expr, $enm:pat, $enm_var:ident) => {
793 $iter.filter_map(|tf| match *tf {
794 $enm => Some($enm_var),
800 #[allow(missing_docs)]
802 /// Construct the invoice's HRP and signatureless data into a preimage to be hashed.
803 pub(crate) fn construct_invoice_preimage(hrp_bytes: &[u8], data_without_signature: &[u5]) -> Vec<u8> {
804 use bech32::FromBase32;
806 let mut preimage = Vec::<u8>::from(hrp_bytes);
808 let mut data_part = Vec::from(data_without_signature);
809 let overhang = (data_part.len() * 5) % 8;
811 // add padding if data does not end at a byte boundary
812 data_part.push(u5::try_from_u8(0).unwrap());
814 // if overhang is in (1..3) we need to add u5(0) padding two times
816 data_part.push(u5::try_from_u8(0).unwrap());
820 preimage.extend_from_slice(&Vec::<u8>::from_base32(&data_part)
821 .expect("No padding error may occur due to appended zero above."));
825 /// Hash the HRP as bytes and signatureless data part.
826 fn hash_from_parts(hrp_bytes: &[u8], data_without_signature: &[u5]) -> [u8; 32] {
827 let preimage = RawInvoice::construct_invoice_preimage(hrp_bytes, data_without_signature);
828 let mut hash: [u8; 32] = Default::default();
829 hash.copy_from_slice(&sha256::Hash::hash(&preimage)[..]);
833 /// Calculate the hash of the encoded `RawInvoice`
834 pub fn hash(&self) -> [u8; 32] {
835 use bech32::ToBase32;
837 RawInvoice::hash_from_parts(
838 self.hrp.to_string().as_bytes(),
839 &self.data.to_base32()
843 /// Signs the invoice using the supplied `sign_function`. This function MAY fail with an error
844 /// of type `E`. Since the signature of a `SignedRawInvoice` is not required to be valid there
845 /// are no constraints regarding the validity of the produced signature.
847 /// (C-not exported) As we don't currently support passing function pointers into methods
849 pub fn sign<F, E>(self, sign_method: F) -> Result<SignedRawInvoice, E>
850 where F: FnOnce(&Message) -> Result<RecoverableSignature, E>
852 let raw_hash = self.hash();
853 let hash = Message::from_slice(&raw_hash[..])
854 .expect("Hash is 32 bytes long, same as MESSAGE_SIZE");
855 let signature = sign_method(&hash)?;
857 Ok(SignedRawInvoice {
860 signature: InvoiceSignature(signature),
864 /// Returns an iterator over all tagged fields with known semantics.
866 /// (C-not exported) As there is not yet a manual mapping for a FilterMap
867 pub fn known_tagged_fields(&self)
868 -> FilterMap<Iter<RawTaggedField>, fn(&RawTaggedField) -> Option<&TaggedField>>
870 // For 1.14.0 compatibility: closures' types can't be written an fn()->() in the
871 // function's type signature.
872 // TODO: refactor once impl Trait is available
873 fn match_raw(raw: &RawTaggedField) -> Option<&TaggedField> {
875 RawTaggedField::KnownSemantics(ref tf) => Some(tf),
880 self.data.tagged_fields.iter().filter_map(match_raw )
883 pub fn payment_hash(&self) -> Option<&Sha256> {
884 find_extract!(self.known_tagged_fields(), TaggedField::PaymentHash(ref x), x)
887 pub fn description(&self) -> Option<&Description> {
888 find_extract!(self.known_tagged_fields(), TaggedField::Description(ref x), x)
891 pub fn payee_pub_key(&self) -> Option<&PayeePubKey> {
892 find_extract!(self.known_tagged_fields(), TaggedField::PayeePubKey(ref x), x)
895 pub fn description_hash(&self) -> Option<&Sha256> {
896 find_extract!(self.known_tagged_fields(), TaggedField::DescriptionHash(ref x), x)
899 pub fn expiry_time(&self) -> Option<&ExpiryTime> {
900 find_extract!(self.known_tagged_fields(), TaggedField::ExpiryTime(ref x), x)
903 pub fn min_final_cltv_expiry(&self) -> Option<&MinFinalCltvExpiry> {
904 find_extract!(self.known_tagged_fields(), TaggedField::MinFinalCltvExpiry(ref x), x)
907 pub fn payment_secret(&self) -> Option<&PaymentSecret> {
908 find_extract!(self.known_tagged_fields(), TaggedField::PaymentSecret(ref x), x)
911 pub fn features(&self) -> Option<&InvoiceFeatures> {
912 find_extract!(self.known_tagged_fields(), TaggedField::Features(ref x), x)
915 /// (C-not exported) as we don't support Vec<&NonOpaqueType>
916 pub fn fallbacks(&self) -> Vec<&Fallback> {
917 find_all_extract!(self.known_tagged_fields(), TaggedField::Fallback(ref x), x).collect()
920 pub fn private_routes(&self) -> Vec<&PrivateRoute> {
921 find_all_extract!(self.known_tagged_fields(), TaggedField::PrivateRoute(ref x), x).collect()
924 pub fn amount_pico_btc(&self) -> Option<u64> {
925 self.hrp.raw_amount.map(|v| {
926 v * self.hrp.si_prefix.as_ref().map_or(1_000_000_000_000, |si| { si.multiplier() })
930 pub fn currency(&self) -> Currency {
931 self.hrp.currency.clone()
935 impl PositiveTimestamp {
936 /// Create a new `PositiveTimestamp` from a unix timestamp in the Range
937 /// `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a
938 /// `CreationError::TimestampOutOfBounds`.
939 pub fn from_unix_timestamp(unix_seconds: u64) -> Result<Self, CreationError> {
940 if unix_seconds > SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME {
941 Err(CreationError::TimestampOutOfBounds)
943 Ok(PositiveTimestamp(UNIX_EPOCH + Duration::from_secs(unix_seconds)))
947 /// Create a new `PositiveTimestamp` from a `SystemTime` with a corresponding unix timestamp in
948 /// the Range `0...SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME`, otherwise return a
949 /// `CreationError::TimestampOutOfBounds`.
950 pub fn from_system_time(time: SystemTime) -> Result<Self, CreationError> {
952 .duration_since(UNIX_EPOCH)
953 .map(|t| t.as_secs() <= SYSTEM_TIME_MAX_UNIX_TIMESTAMP - MAX_EXPIRY_TIME)
956 Ok(PositiveTimestamp(time))
958 Err(CreationError::TimestampOutOfBounds)
962 /// Returns the UNIX timestamp representing the stored time
963 pub fn as_unix_timestamp(&self) -> u64 {
964 self.0.duration_since(UNIX_EPOCH)
965 .expect("ensured by type contract/constructors")
969 /// Returns a reference to the internal `SystemTime` time representation
970 pub fn as_time(&self) -> &SystemTime {
975 impl Into<SystemTime> for PositiveTimestamp {
976 fn into(self) -> SystemTime {
981 impl Deref for PositiveTimestamp {
982 type Target = SystemTime;
984 fn deref(&self) -> &Self::Target {
990 /// Transform the `Invoice` into it's unchecked version
991 pub fn into_signed_raw(self) -> SignedRawInvoice {
995 /// Check that all mandatory fields are present
996 fn check_field_counts(&self) -> Result<(), SemanticError> {
997 // "A writer MUST include exactly one p field […]."
998 let payment_hash_cnt = self.tagged_fields().filter(|&tf| match *tf {
999 TaggedField::PaymentHash(_) => true,
1002 if payment_hash_cnt < 1 {
1003 return Err(SemanticError::NoPaymentHash);
1004 } else if payment_hash_cnt > 1 {
1005 return Err(SemanticError::MultiplePaymentHashes);
1008 // "A writer MUST include either exactly one d or exactly one h field."
1009 let description_cnt = self.tagged_fields().filter(|&tf| match *tf {
1010 TaggedField::Description(_) | TaggedField::DescriptionHash(_) => true,
1013 if description_cnt < 1 {
1014 return Err(SemanticError::NoDescription);
1015 } else if description_cnt > 1 {
1016 return Err(SemanticError::MultipleDescriptions);
1022 /// Check that feature bits are set as required
1023 fn check_feature_bits(&self) -> Result<(), SemanticError> {
1024 // "If the payment_secret feature is set, MUST include exactly one s field."
1025 let payment_secret_count = self.tagged_fields().filter(|&tf| match *tf {
1026 TaggedField::PaymentSecret(_) => true,
1029 if payment_secret_count > 1 {
1030 return Err(SemanticError::MultiplePaymentSecrets);
1033 // "A writer MUST set an s field if and only if the payment_secret feature is set."
1034 let has_payment_secret = payment_secret_count == 1;
1035 let features = self.tagged_fields().find(|&tf| match *tf {
1036 TaggedField::Features(_) => true,
1040 None if has_payment_secret => Err(SemanticError::InvalidFeatures),
1042 Some(TaggedField::Features(features)) => {
1043 if features.supports_payment_secret() && has_payment_secret {
1045 } else if has_payment_secret {
1046 Err(SemanticError::InvalidFeatures)
1047 } else if features.supports_payment_secret() {
1048 Err(SemanticError::InvalidFeatures)
1053 Some(_) => unreachable!(),
1057 /// Check that the invoice is signed correctly and that key recovery works
1058 pub fn check_signature(&self) -> Result<(), SemanticError> {
1059 match self.signed_invoice.recover_payee_pub_key() {
1060 Err(secp256k1::Error::InvalidRecoveryId) =>
1061 return Err(SemanticError::InvalidRecoveryId),
1062 Err(secp256k1::Error::InvalidSignature) =>
1063 return Err(SemanticError::InvalidSignature),
1064 Err(e) => panic!("no other error may occur, got {:?}", e),
1068 if !self.signed_invoice.check_signature() {
1069 return Err(SemanticError::InvalidSignature);
1075 /// Constructs an `Invoice` from a `SignedRawInvoice` by checking all its invariants.
1077 /// use lightning_invoice::*;
1079 /// let invoice = "lnbc100p1psj9jhxdqud3jxktt5w46x7unfv9kz6mn0v3jsnp4q0d3p2sfluzdx45tqcs\
1080 /// h2pu5qc7lgq0xs578ngs6s0s68ua4h7cvspp5q6rmq35js88zp5dvwrv9m459tnk2zunwj5jalqtyxqulh0l\
1081 /// 5gflssp5nf55ny5gcrfl30xuhzj3nphgj27rstekmr9fw3ny5989s300gyus9qyysgqcqpcrzjqw2sxwe993\
1082 /// h5pcm4dxzpvttgza8zhkqxpgffcrf5v25nwpr3cmfg7z54kuqq8rgqqqqqqqq2qqqqq9qq9qrzjqd0ylaqcl\
1083 /// j9424x9m8h2vcukcgnm6s56xfgu3j78zyqzhgs4hlpzvznlugqq9vsqqqqqqqlgqqqqqeqq9qrzjqwldmj9d\
1084 /// ha74df76zhx6l9we0vjdquygcdt3kssupehe64g6yyp5yz5rhuqqwccqqyqqqqlgqqqqjcqq9qrzjqf9e58a\
1085 /// guqr0rcun0ajlvmzq3ek63cw2w282gv3z5uupmuwvgjtq2z55qsqqg6qqqyqqqrtnqqqzq3cqygrzjqvphms\
1086 /// ywntrrhqjcraumvc4y6r8v4z5v593trte429v4hredj7ms5z52usqq9ngqqqqqqqlgqqqqqqgq9qrzjq2v0v\
1087 /// p62g49p7569ev48cmulecsxe59lvaw3wlxm7r982zxa9zzj7z5l0cqqxusqqyqqqqlgqqqqqzsqygarl9fh3\
1088 /// 8s0gyuxjjgux34w75dnc6xp2l35j7es3jd4ugt3lu0xzre26yg5m7ke54n2d5sym4xcmxtl8238xxvw5h5h5\
1089 /// j5r6drg6k6zcqj0fcwg";
1091 /// let signed = invoice.parse::<SignedRawInvoice>().unwrap();
1093 /// assert!(Invoice::from_signed(signed).is_ok());
1095 pub fn from_signed(signed_invoice: SignedRawInvoice) -> Result<Self, SemanticError> {
1096 let invoice = Invoice {
1097 signed_invoice: signed_invoice,
1099 invoice.check_field_counts()?;
1100 invoice.check_feature_bits()?;
1101 invoice.check_signature()?;
1106 /// Returns the `Invoice`'s timestamp (should equal it's creation time)
1107 pub fn timestamp(&self) -> &SystemTime {
1108 self.signed_invoice.raw_invoice().data.timestamp.as_time()
1111 /// Returns an iterator over all tagged fields of this Invoice.
1113 /// (C-not exported) As there is not yet a manual mapping for a FilterMap
1114 pub fn tagged_fields(&self)
1115 -> FilterMap<Iter<RawTaggedField>, fn(&RawTaggedField) -> Option<&TaggedField>> {
1116 self.signed_invoice.raw_invoice().known_tagged_fields()
1119 /// Returns the hash to which we will receive the preimage on completion of the payment
1120 pub fn payment_hash(&self) -> &sha256::Hash {
1121 &self.signed_invoice.payment_hash().expect("checked by constructor").0
1124 /// Return the description or a hash of it for longer ones
1126 /// (C-not exported) because we don't yet export InvoiceDescription
1127 pub fn description(&self) -> InvoiceDescription {
1128 if let Some(ref direct) = self.signed_invoice.description() {
1129 return InvoiceDescription::Direct(direct);
1130 } else if let Some(ref hash) = self.signed_invoice.description_hash() {
1131 return InvoiceDescription::Hash(hash);
1133 unreachable!("ensured by constructor");
1136 /// Get the payee's public key if one was included in the invoice
1137 pub fn payee_pub_key(&self) -> Option<&PublicKey> {
1138 self.signed_invoice.payee_pub_key().map(|x| &x.0)
1141 /// Get the payment secret if one was included in the invoice
1142 pub fn payment_secret(&self) -> Option<&PaymentSecret> {
1143 self.signed_invoice.payment_secret()
1146 /// Get the invoice features if they were included in the invoice
1147 pub fn features(&self) -> Option<&InvoiceFeatures> {
1148 self.signed_invoice.features()
1151 /// Recover the payee's public key (only to be used if none was included in the invoice)
1152 pub fn recover_payee_pub_key(&self) -> PublicKey {
1153 self.signed_invoice.recover_payee_pub_key().expect("was checked by constructor").0
1156 /// Returns the invoice's expiry time, if present, otherwise [`DEFAULT_EXPIRY_TIME`].
1157 pub fn expiry_time(&self) -> Duration {
1158 self.signed_invoice.expiry_time()
1160 .unwrap_or(Duration::from_secs(DEFAULT_EXPIRY_TIME))
1163 /// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise
1164 /// [`DEFAULT_MIN_FINAL_CLTV_EXPIRY`].
1165 pub fn min_final_cltv_expiry(&self) -> u64 {
1166 self.signed_invoice.min_final_cltv_expiry()
1168 .unwrap_or(DEFAULT_MIN_FINAL_CLTV_EXPIRY)
1171 /// Returns a list of all fallback addresses
1173 /// (C-not exported) as we don't support Vec<&NonOpaqueType>
1174 pub fn fallbacks(&self) -> Vec<&Fallback> {
1175 self.signed_invoice.fallbacks()
1178 /// Returns a list of all routes included in the invoice
1179 pub fn private_routes(&self) -> Vec<&PrivateRoute> {
1180 self.signed_invoice.private_routes()
1183 /// Returns a list of all routes included in the invoice as the underlying hints
1184 pub fn route_hints(&self) -> Vec<&RouteHint> {
1186 self.signed_invoice.known_tagged_fields(), TaggedField::PrivateRoute(ref x), x
1187 ).map(|route| &**route).collect()
1190 /// Returns the currency for which the invoice was issued
1191 pub fn currency(&self) -> Currency {
1192 self.signed_invoice.currency()
1195 /// Returns the amount if specified in the invoice as pico <currency>.
1196 pub fn amount_pico_btc(&self) -> Option<u64> {
1197 self.signed_invoice.amount_pico_btc()
1201 impl From<TaggedField> for RawTaggedField {
1202 fn from(tf: TaggedField) -> Self {
1203 RawTaggedField::KnownSemantics(tf)
1208 /// Numeric representation of the field's tag
1209 pub fn tag(&self) -> u5 {
1210 let tag = match *self {
1211 TaggedField::PaymentHash(_) => constants::TAG_PAYMENT_HASH,
1212 TaggedField::Description(_) => constants::TAG_DESCRIPTION,
1213 TaggedField::PayeePubKey(_) => constants::TAG_PAYEE_PUB_KEY,
1214 TaggedField::DescriptionHash(_) => constants::TAG_DESCRIPTION_HASH,
1215 TaggedField::ExpiryTime(_) => constants::TAG_EXPIRY_TIME,
1216 TaggedField::MinFinalCltvExpiry(_) => constants::TAG_MIN_FINAL_CLTV_EXPIRY,
1217 TaggedField::Fallback(_) => constants::TAG_FALLBACK,
1218 TaggedField::PrivateRoute(_) => constants::TAG_PRIVATE_ROUTE,
1219 TaggedField::PaymentSecret(_) => constants::TAG_PAYMENT_SECRET,
1220 TaggedField::Features(_) => constants::TAG_FEATURES,
1223 u5::try_from_u8(tag).expect("all tags defined are <32")
1229 /// Creates a new `Description` if `description` is at most 1023 __bytes__ long,
1230 /// returns `CreationError::DescriptionTooLong` otherwise
1232 /// Please note that single characters may use more than one byte due to UTF8 encoding.
1233 pub fn new(description: String) -> Result<Description, CreationError> {
1234 if description.len() > 639 {
1235 Err(CreationError::DescriptionTooLong)
1237 Ok(Description(description))
1241 /// Returns the underlying description `String`
1242 pub fn into_inner(self) -> String {
1247 impl Into<String> for Description {
1248 fn into(self) -> String {
1253 impl Deref for Description {
1256 fn deref(&self) -> &str {
1261 impl From<PublicKey> for PayeePubKey {
1262 fn from(pk: PublicKey) -> Self {
1267 impl Deref for PayeePubKey {
1268 type Target = PublicKey;
1270 fn deref(&self) -> &PublicKey {
1276 /// Construct an `ExpiryTime` from seconds. If there exists a `PositiveTimestamp` which would
1277 /// overflow on adding the `EpiryTime` to it then this function will return a
1278 /// `CreationError::ExpiryTimeOutOfBounds`.
1279 pub fn from_seconds(seconds: u64) -> Result<ExpiryTime, CreationError> {
1280 if seconds <= MAX_EXPIRY_TIME {
1281 Ok(ExpiryTime(Duration::from_secs(seconds)))
1283 Err(CreationError::ExpiryTimeOutOfBounds)
1287 /// Construct an `ExpiryTime` from a `Duration`. If there exists a `PositiveTimestamp` which
1288 /// would overflow on adding the `EpiryTime` to it then this function will return a
1289 /// `CreationError::ExpiryTimeOutOfBounds`.
1290 pub fn from_duration(duration: Duration) -> Result<ExpiryTime, CreationError> {
1291 if duration.as_secs() <= MAX_EXPIRY_TIME {
1292 Ok(ExpiryTime(duration))
1294 Err(CreationError::ExpiryTimeOutOfBounds)
1298 /// Returns the expiry time in seconds
1299 pub fn as_seconds(&self) -> u64 {
1303 /// Returns a reference to the underlying `Duration` (=expiry time)
1304 pub fn as_duration(&self) -> &Duration {
1310 /// Creates a new (partial) route from a list of hops
1311 pub fn new(hops: RouteHint) -> Result<PrivateRoute, CreationError> {
1312 if hops.0.len() <= 12 {
1313 Ok(PrivateRoute(hops))
1315 Err(CreationError::RouteTooLong)
1319 /// Returns the underlying list of hops
1320 pub fn into_inner(self) -> RouteHint {
1325 impl Into<RouteHint> for PrivateRoute {
1326 fn into(self) -> RouteHint {
1331 impl Deref for PrivateRoute {
1332 type Target = RouteHint;
1334 fn deref(&self) -> &RouteHint {
1339 impl Deref for InvoiceSignature {
1340 type Target = RecoverableSignature;
1342 fn deref(&self) -> &RecoverableSignature {
1347 impl Deref for SignedRawInvoice {
1348 type Target = RawInvoice;
1350 fn deref(&self) -> &RawInvoice {
1355 /// Errors that may occur when constructing a new `RawInvoice` or `Invoice`
1356 #[derive(Eq, PartialEq, Debug, Clone)]
1357 pub enum CreationError {
1358 /// The supplied description string was longer than 639 __bytes__ (see [`Description::new(…)`](./struct.Description.html#method.new))
1361 /// The specified route has too many hops and can't be encoded
1364 /// The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`
1365 TimestampOutOfBounds,
1367 /// The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`
1368 ExpiryTimeOutOfBounds,
1371 impl Display for CreationError {
1372 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1374 CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"),
1375 CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"),
1376 CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`"),
1377 CreationError::ExpiryTimeOutOfBounds => f.write_str("The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`"),
1382 impl std::error::Error for CreationError { }
1384 /// Errors that may occur when converting a `RawInvoice` to an `Invoice`. They relate to the
1385 /// requirements sections in BOLT #11
1386 #[derive(Eq, PartialEq, Debug, Clone)]
1387 pub enum SemanticError {
1388 /// The invoice is missing the mandatory payment hash
1391 /// The invoice has multiple payment hashes which isn't allowed
1392 MultiplePaymentHashes,
1394 /// No description or description hash are part of the invoice
1397 /// The invoice contains multiple descriptions and/or description hashes which isn't allowed
1398 MultipleDescriptions,
1400 /// The invoice contains multiple payment secrets
1401 MultiplePaymentSecrets,
1403 /// The invoice's features are invalid
1406 /// The recovery id doesn't fit the signature/pub key
1409 /// The invoice's signature is invalid
1413 impl Display for SemanticError {
1414 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1416 SemanticError::NoPaymentHash => f.write_str("The invoice is missing the mandatory payment hash"),
1417 SemanticError::MultiplePaymentHashes => f.write_str("The invoice has multiple payment hashes which isn't allowed"),
1418 SemanticError::NoDescription => f.write_str("No description or description hash are part of the invoice"),
1419 SemanticError::MultipleDescriptions => f.write_str("The invoice contains multiple descriptions and/or description hashes which isn't allowed"),
1420 SemanticError::MultiplePaymentSecrets => f.write_str("The invoice contains multiple payment secrets"),
1421 SemanticError::InvalidFeatures => f.write_str("The invoice's features are invalid"),
1422 SemanticError::InvalidRecoveryId => f.write_str("The recovery id doesn't fit the signature/pub key"),
1423 SemanticError::InvalidSignature => f.write_str("The invoice's signature is invalid"),
1428 impl std::error::Error for SemanticError { }
1430 /// When signing using a fallible method either an user-supplied `SignError` or a `CreationError`
1432 #[derive(Eq, PartialEq, Debug, Clone)]
1433 pub enum SignOrCreationError<S = ()> {
1434 /// An error occurred during signing
1437 /// An error occurred while building the transaction
1438 CreationError(CreationError),
1441 impl<S> Display for SignOrCreationError<S> {
1442 fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
1444 SignOrCreationError::SignError(_) => f.write_str("An error occurred during signing"),
1445 SignOrCreationError::CreationError(err) => err.fmt(f),
1452 use bitcoin_hashes::hex::FromHex;
1453 use bitcoin_hashes::sha256;
1456 fn test_system_time_bounds_assumptions() {
1460 ::PositiveTimestamp::from_unix_timestamp(::SYSTEM_TIME_MAX_UNIX_TIMESTAMP + 1),
1461 Err(::CreationError::TimestampOutOfBounds)
1465 ::ExpiryTime::from_seconds(::MAX_EXPIRY_TIME + 1),
1466 Err(::CreationError::ExpiryTimeOutOfBounds)
1471 fn test_calc_invoice_hash() {
1472 use ::{RawInvoice, RawHrp, RawDataPart, Currency, PositiveTimestamp};
1473 use ::TaggedField::*;
1475 let invoice = RawInvoice {
1477 currency: Currency::Bitcoin,
1482 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1483 tagged_fields: vec![
1484 PaymentHash(::Sha256(sha256::Hash::from_hex(
1485 "0001020304050607080900010203040506070809000102030405060708090102"
1486 ).unwrap())).into(),
1487 Description(::Description::new(
1488 "Please consider supporting this project".to_owned()
1494 let expected_hash = [
1495 0xc3, 0xd4, 0xe8, 0x3f, 0x64, 0x6f, 0xa7, 0x9a, 0x39, 0x3d, 0x75, 0x27, 0x7b, 0x1d,
1496 0x85, 0x8d, 0xb1, 0xd1, 0xf7, 0xab, 0x71, 0x37, 0xdc, 0xb7, 0x83, 0x5d, 0xb2, 0xec,
1497 0xd5, 0x18, 0xe1, 0xc9
1500 assert_eq!(invoice.hash(), expected_hash)
1504 fn test_check_signature() {
1506 use secp256k1::Secp256k1;
1507 use secp256k1::recovery::{RecoveryId, RecoverableSignature};
1508 use secp256k1::key::{SecretKey, PublicKey};
1509 use {SignedRawInvoice, InvoiceSignature, RawInvoice, RawHrp, RawDataPart, Currency, Sha256,
1512 let invoice = SignedRawInvoice {
1513 raw_invoice: RawInvoice {
1515 currency: Currency::Bitcoin,
1520 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1521 tagged_fields: vec ! [
1522 PaymentHash(Sha256(sha256::Hash::from_hex(
1523 "0001020304050607080900010203040506070809000102030405060708090102"
1524 ).unwrap())).into(),
1527 "Please consider supporting this project".to_owned()
1534 0xc3, 0xd4, 0xe8, 0x3f, 0x64, 0x6f, 0xa7, 0x9a, 0x39, 0x3d, 0x75, 0x27,
1535 0x7b, 0x1d, 0x85, 0x8d, 0xb1, 0xd1, 0xf7, 0xab, 0x71, 0x37, 0xdc, 0xb7,
1536 0x83, 0x5d, 0xb2, 0xec, 0xd5, 0x18, 0xe1, 0xc9
1538 signature: InvoiceSignature(RecoverableSignature::from_compact(
1540 0x38u8, 0xec, 0x68, 0x91, 0x34, 0x5e, 0x20, 0x41, 0x45, 0xbe, 0x8a,
1541 0x3a, 0x99, 0xde, 0x38, 0xe9, 0x8a, 0x39, 0xd6, 0xa5, 0x69, 0x43,
1542 0x4e, 0x18, 0x45, 0xc8, 0xaf, 0x72, 0x05, 0xaf, 0xcf, 0xcc, 0x7f,
1543 0x42, 0x5f, 0xcd, 0x14, 0x63, 0xe9, 0x3c, 0x32, 0x88, 0x1e, 0xad,
1544 0x0d, 0x6e, 0x35, 0x6d, 0x46, 0x7e, 0xc8, 0xc0, 0x25, 0x53, 0xf9,
1545 0xaa, 0xb1, 0x5e, 0x57, 0x38, 0xb1, 0x1f, 0x12, 0x7f
1547 RecoveryId::from_i32(0).unwrap()
1551 assert!(invoice.check_signature());
1553 let private_key = SecretKey::from_slice(
1555 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f, 0xe2,
1556 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04, 0xa8, 0xca,
1557 0x3b, 0x2d, 0xb7, 0x34
1560 let public_key = PublicKey::from_secret_key(&Secp256k1::new(), &private_key);
1562 assert_eq!(invoice.recover_payee_pub_key(), Ok(::PayeePubKey(public_key)));
1564 let (raw_invoice, _, _) = invoice.into_parts();
1565 let new_signed = raw_invoice.sign::<_, ()>(|hash| {
1566 Ok(Secp256k1::new().sign_recoverable(hash, &private_key))
1569 assert!(new_signed.check_signature());
1573 fn test_check_feature_bits() {
1575 use lightning::ln::features::InvoiceFeatures;
1576 use secp256k1::Secp256k1;
1577 use secp256k1::key::SecretKey;
1578 use {RawInvoice, RawHrp, RawDataPart, Currency, Sha256, PositiveTimestamp, Invoice,
1581 let private_key = SecretKey::from_slice(&[42; 32]).unwrap();
1582 let payment_secret = lightning::ln::PaymentSecret([21; 32]);
1583 let invoice_template = RawInvoice {
1585 currency: Currency::Bitcoin,
1590 timestamp: PositiveTimestamp::from_unix_timestamp(1496314658).unwrap(),
1591 tagged_fields: vec ! [
1592 PaymentHash(Sha256(sha256::Hash::from_hex(
1593 "0001020304050607080900010203040506070809000102030405060708090102"
1594 ).unwrap())).into(),
1597 "Please consider supporting this project".to_owned()
1606 let mut invoice = invoice_template.clone();
1607 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1608 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1610 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
1612 // Missing feature bits
1614 let mut invoice = invoice_template.clone();
1615 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1616 invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
1617 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1619 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
1621 // Including payment secret and feature bits
1623 let mut invoice = invoice_template.clone();
1624 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1625 invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
1626 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1628 assert!(Invoice::from_signed(invoice).is_ok());
1630 // No payment secret or features
1632 let invoice = invoice_template.clone();
1633 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1635 assert!(Invoice::from_signed(invoice).is_ok());
1637 // No payment secret or feature bits
1639 let mut invoice = invoice_template.clone();
1640 invoice.data.tagged_fields.push(Features(InvoiceFeatures::empty()).into());
1641 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1643 assert!(Invoice::from_signed(invoice).is_ok());
1645 // Missing payment secret
1647 let mut invoice = invoice_template.clone();
1648 invoice.data.tagged_fields.push(Features(InvoiceFeatures::known()).into());
1649 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1651 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::InvalidFeatures));
1653 // Multiple payment secrets
1655 let mut invoice = invoice_template.clone();
1656 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1657 invoice.data.tagged_fields.push(PaymentSecret(payment_secret).into());
1658 invoice.sign::<_, ()>(|hash| Ok(Secp256k1::new().sign_recoverable(hash, &private_key)))
1660 assert_eq!(Invoice::from_signed(invoice), Err(SemanticError::MultiplePaymentSecrets));
1664 fn test_builder_amount() {
1667 let builder = InvoiceBuilder::new(Currency::Bitcoin)
1668 .description("Test".into())
1669 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1670 .current_timestamp();
1672 let invoice = builder.clone()
1673 .amount_pico_btc(15000)
1677 assert_eq!(invoice.hrp.si_prefix, Some(SiPrefix::Nano));
1678 assert_eq!(invoice.hrp.raw_amount, Some(15));
1681 let invoice = builder.clone()
1682 .amount_pico_btc(1500)
1686 assert_eq!(invoice.hrp.si_prefix, Some(SiPrefix::Pico));
1687 assert_eq!(invoice.hrp.raw_amount, Some(1500));
1691 fn test_builder_fail() {
1693 use lightning::routing::router::RouteHintHop;
1694 use std::iter::FromIterator;
1695 use secp256k1::key::PublicKey;
1697 let builder = InvoiceBuilder::new(Currency::Bitcoin)
1698 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1699 .current_timestamp()
1700 .min_final_cltv_expiry(144);
1702 let too_long_string = String::from_iter(
1703 (0..1024).map(|_| '?')
1706 let long_desc_res = builder.clone()
1707 .description(too_long_string)
1709 assert_eq!(long_desc_res, Err(CreationError::DescriptionTooLong));
1711 let route_hop = RouteHintHop {
1712 src_node_id: PublicKey::from_slice(
1714 0x03, 0x9e, 0x03, 0xa9, 0x01, 0xb8, 0x55, 0x34, 0xff, 0x1e, 0x92, 0xc4,
1715 0x3c, 0x74, 0x43, 0x1f, 0x7c, 0xe7, 0x20, 0x46, 0x06, 0x0f, 0xcf, 0x7a,
1716 0x95, 0xc3, 0x7e, 0x14, 0x8f, 0x78, 0xc7, 0x72, 0x55
1719 short_channel_id: 0,
1722 proportional_millionths: 0,
1724 cltv_expiry_delta: 0,
1725 htlc_minimum_msat: None,
1726 htlc_maximum_msat: None,
1728 let too_long_route = RouteHint(vec![route_hop; 13]);
1729 let long_route_res = builder.clone()
1730 .description("Test".into())
1731 .private_route(too_long_route)
1733 assert_eq!(long_route_res, Err(CreationError::RouteTooLong));
1735 let sign_error_res = builder.clone()
1736 .description("Test".into())
1737 .try_build_signed(|_| {
1738 Err("ImaginaryError")
1740 assert_eq!(sign_error_res, Err(SignOrCreationError::SignError("ImaginaryError")));
1744 fn test_builder_ok() {
1746 use lightning::routing::router::RouteHintHop;
1747 use secp256k1::Secp256k1;
1748 use secp256k1::key::{SecretKey, PublicKey};
1749 use std::time::{UNIX_EPOCH, Duration};
1751 let secp_ctx = Secp256k1::new();
1753 let private_key = SecretKey::from_slice(
1755 0xe1, 0x26, 0xf6, 0x8f, 0x7e, 0xaf, 0xcc, 0x8b, 0x74, 0xf5, 0x4d, 0x26, 0x9f, 0xe2,
1756 0x06, 0xbe, 0x71, 0x50, 0x00, 0xf9, 0x4d, 0xac, 0x06, 0x7d, 0x1c, 0x04, 0xa8, 0xca,
1757 0x3b, 0x2d, 0xb7, 0x34
1760 let public_key = PublicKey::from_secret_key(&secp_ctx, &private_key);
1762 let route_1 = RouteHint(vec![
1764 src_node_id: public_key.clone(),
1765 short_channel_id: de::parse_int_be(&[123; 8], 256).expect("short chan ID slice too big?"),
1768 proportional_millionths: 1,
1770 cltv_expiry_delta: 145,
1771 htlc_minimum_msat: None,
1772 htlc_maximum_msat: None,
1775 src_node_id: public_key.clone(),
1776 short_channel_id: de::parse_int_be(&[42; 8], 256).expect("short chan ID slice too big?"),
1779 proportional_millionths: 2,
1781 cltv_expiry_delta: 146,
1782 htlc_minimum_msat: None,
1783 htlc_maximum_msat: None,
1787 let route_2 = RouteHint(vec![
1789 src_node_id: public_key.clone(),
1790 short_channel_id: 0,
1793 proportional_millionths: 3,
1795 cltv_expiry_delta: 147,
1796 htlc_minimum_msat: None,
1797 htlc_maximum_msat: None,
1800 src_node_id: public_key.clone(),
1801 short_channel_id: de::parse_int_be(&[1; 8], 256).expect("short chan ID slice too big?"),
1804 proportional_millionths: 4,
1806 cltv_expiry_delta: 148,
1807 htlc_minimum_msat: None,
1808 htlc_maximum_msat: None,
1812 let builder = InvoiceBuilder::new(Currency::BitcoinTestnet)
1813 .amount_pico_btc(123)
1814 .timestamp(UNIX_EPOCH + Duration::from_secs(1234567))
1815 .payee_pub_key(public_key.clone())
1816 .expiry_time(Duration::from_secs(54321))
1817 .min_final_cltv_expiry(144)
1818 .fallback(Fallback::PubKeyHash([0;20]))
1819 .private_route(route_1.clone())
1820 .private_route(route_2.clone())
1821 .description_hash(sha256::Hash::from_slice(&[3;32][..]).unwrap())
1822 .payment_hash(sha256::Hash::from_slice(&[21;32][..]).unwrap())
1823 .payment_secret(PaymentSecret([42; 32]))
1826 let invoice = builder.clone().build_signed(|hash| {
1827 secp_ctx.sign_recoverable(hash, &private_key)
1830 assert!(invoice.check_signature().is_ok());
1831 assert_eq!(invoice.tagged_fields().count(), 10);
1833 assert_eq!(invoice.amount_pico_btc(), Some(123));
1834 assert_eq!(invoice.currency(), Currency::BitcoinTestnet);
1836 invoice.timestamp().duration_since(UNIX_EPOCH).unwrap().as_secs(),
1839 assert_eq!(invoice.payee_pub_key(), Some(&public_key));
1840 assert_eq!(invoice.expiry_time(), Duration::from_secs(54321));
1841 assert_eq!(invoice.min_final_cltv_expiry(), 144);
1842 assert_eq!(invoice.fallbacks(), vec![&Fallback::PubKeyHash([0;20])]);
1843 assert_eq!(invoice.private_routes(), vec![&PrivateRoute(route_1), &PrivateRoute(route_2)]);
1845 invoice.description(),
1846 InvoiceDescription::Hash(&Sha256(sha256::Hash::from_slice(&[3;32][..]).unwrap()))
1848 assert_eq!(invoice.payment_hash(), &sha256::Hash::from_slice(&[21;32][..]).unwrap());
1849 assert_eq!(invoice.payment_secret(), Some(&PaymentSecret([42; 32])));
1850 assert_eq!(invoice.features(), Some(&InvoiceFeatures::known()));
1852 let raw_invoice = builder.build_raw().unwrap();
1853 assert_eq!(raw_invoice, *invoice.into_signed_raw().raw_invoice())
1857 fn test_default_values() {
1859 use secp256k1::Secp256k1;
1860 use secp256k1::key::SecretKey;
1862 let signed_invoice = InvoiceBuilder::new(Currency::Bitcoin)
1863 .description("Test".into())
1864 .payment_hash(sha256::Hash::from_slice(&[0;32][..]).unwrap())
1865 .current_timestamp()
1868 .sign::<_, ()>(|hash| {
1869 let privkey = SecretKey::from_slice(&[41; 32]).unwrap();
1870 let secp_ctx = Secp256k1::new();
1871 Ok(secp_ctx.sign_recoverable(hash, &privkey))
1874 let invoice = Invoice::from_signed(signed_invoice).unwrap();
1876 assert_eq!(invoice.min_final_cltv_expiry(), DEFAULT_MIN_FINAL_CLTV_EXPIRY);
1877 assert_eq!(invoice.expiry_time(), Duration::from_secs(DEFAULT_EXPIRY_TIME));