projects / rust-lightning / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9bd43e0) | patch
Stateless verification of Invoice for Offer
authorJeffrey Czyz <jkczyz@gmail.com>
Mon, 30 Jan 2023 20:57:43 +0000 (14:57 -0600)
committerJeffrey Czyz <jkczyz@gmail.com>
Thu, 20 Apr 2023 02:31:07 +0000 (21:31 -0500)
commit022eadc4dbf0f60179674f936d604cade6c5dd9e
treedc6541d9b2ffb7e7b77f0352c812efe6d1957118tree | snapshot
parent9bd43e077fd00add0491960aeb5533a75d9d71d3commit | diff
Stateless verification of Invoice for Offer

Verify that an Invoice was produced from an InvoiceRequest constructed
by the payer using the payer metadata reflected in the Invoice. The
payer metadata consists of a 128-bit encrypted nonce and possibly a
256-bit HMAC over the nonce and InvoiceRequest TLV records (excluding
the payer id) using an ExpandedKey.

Thus, the HMAC can be reproduced from the invoice request bytes using
the nonce and the original ExpandedKey, and then checked against the
metadata. If metadata does not contain an HMAC, then the reproduced HMAC
was used to form the signing keys, and thus can be checked against the
payer id.
lightning/src/offers/invoice.rs diff | blob | history
lightning/src/offers/invoice_request.rs diff | blob | history
lightning/src/offers/merkle.rs diff | blob | history
lightning/src/offers/offer.rs diff | blob | history
lightning/src/offers/payer.rs diff | blob | history
lightning/src/offers/signer.rs diff | blob | history
Personal fork of Rust-Lightning. Upstream is https://github.com/rust-bitcoin/rust-lightning