offer: make the merkle tree signature public #3892
Conversation
|
👋 Thanks for assigning @jkczyz as a reviewer! |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
0ffed61 to
be23002
Compare
|
I'm not personally opposed to this and it may be nice to expose it for the use cases you mention. I'm also not sure about any API guarantees for these methods. I don't think it's too much of a hassle to treat them the same way we treat any other public API. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3892 +/- ##
==========================================
+ Coverage 89.00% 89.03% +0.02%
==========================================
Files 166 167 +1
Lines 119990 121903 +1913
Branches 119990 121903 +1913
==========================================
+ Hits 106798 108537 +1739
- Misses 10770 10952 +182
+ Partials 2422 2414 -8
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
👋 The first review has been submitted! Do you think this PR is ready for a second reviewer? If so, click here to assign a second reviewer. |
![graphite-app[bot]](https://avatars.githubusercontent.com/in/158384?s=60&v=4){kind=small}
|
🔔 1st Reminder Hey @TheBlueMatt @valentinewallace! This PR has been waiting for your review. |
1 similar comment
|
🔔 1st Reminder Hey @TheBlueMatt @valentinewallace! This PR has been waiting for your review. |
|
cc @jkczyz |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
2 times, most recently
from
dd046d5 to
29e5bd6
Compare
|
Will take a look at this after @jkczyz's comments are addressed, assuming he thinks it needs a second reviewer at that point. |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
0c7fe08 to
123e16f
Compare
|
🔔 2nd Reminder Hey @valentinewallace! This PR has been waiting for your review. |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
2 times, most recently
from
7429b6a to
1b958e9
Compare
|
Ok, I pushed the change that @jkczyz requested, and now the PR is organised in two commits as follows:
Let me know if you are fine with the commit divided in this way, or you prefer e60b87c |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
1b958e9 to
699f37f
Compare
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
22ef851 to
e60b87c
Compare
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
2 times, most recently
from
ec9b1c6 to
98d51cd
Compare
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
98d51cd to
bf5ca05
Compare
|
Done thanks, should be ready for another pass! |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
bf5ca05 to
a68da7e
Compare
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
2da0ac8 to
a95815c
Compare
lightning/src/offers/invoice.rs
Outdated
| let offer_id = match &contents { | ||
| InvoiceContents::ForOffer { .. } => Some(OfferId::from_valid_bolt12_tlv_stream(&bytes)), | ||
| InvoiceContents::ForRefund { .. } => None, | ||
| }; | ||
| Self { bytes, experimental_bytes, contents, tagged_hash, offer_id } |
There was a problem hiding this comment.
@jkczyz do you think that we should add in OfferId a maybe_from_valid_bolt12_tlv_stream(&bytes) -> Option<OfferId> to include the refund case without duplicate the match here?
There was a problem hiding this comment.
We'd need to take in the InvoiceContents then, too. Leaning towards not doing this for unsigned invoices after all. See next comment.
lightning/src/offers/invoice.rs
Outdated
| let offer_id = match &contents { | ||
| InvoiceContents::ForOffer { .. } => Some(OfferId::from_valid_bolt12_tlv_stream(&bytes)), | ||
| InvoiceContents::ForRefund { .. } => None, | ||
| }; | ||
| Self { bytes, experimental_bytes, contents, tagged_hash, offer_id } |
There was a problem hiding this comment.
We'd need to take in the InvoiceContents then, too. Leaning towards not doing this for unsigned invoices after all. See next comment.
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
3 times, most recently
from
079db78 to
0e5217d
Compare
|
Ok pushed the changes, not sure that I have got 100% this review, but let me know if there is something that is still pending #3892 (comment) |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
2 times, most recently
from
097c4a7 to
8df655b
Compare
|
I noted that for some reason, I was not making public the |
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
8df655b to
5ceaf4d
Compare
| let issuer_sign_pubkey = offer.issuer_signing_pubkey().unwrap(); | ||
| let tagged_hash = invoice.tagged_hash(); | ||
| let signature = invoice.signature(); | ||
| assert!(merkle::verify_signature(&signature, tagged_hash, issuer_sign_pubkey).is_ok()); |
There was a problem hiding this comment.
Seems like exposing verify_signature doesn't provide much value as it's simply a wrapper around the secp256k1 crate. Maybe it is fine to expose as a convenience function, but it isn't strictly necessary to support the use case (i.e., all we need to do is make tagged_hash accessible).
There was a problem hiding this comment.
I see it, from an API point of view I think it is nice to have a verify_signature, but I am not oppose to use secp256k1
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
3 times, most recently
from
c5fe6a3 to
f5fbd6c
Compare
|
I had to rebase to make the CI happy because there was a problem fixed by some PR that is now merged. So I think the only missing thing to resolve is the following one #3892 (comment) Would love to have the API to hide the |
This is helpfull for the users that want to use the merkle tree signature in their own code, for example to verify the signature of bolt12 invoices or recreate it. Very useful for people that are building command line tools for the bolt12 offers. Signed-off-by: Vincenzo Palazzo <[email protected]>
- Add an Option<OfferId> field to Bolt12Invoice to track the originating offer. - Compute the offer_id for invoices created from offers by extracting the offer TLV records and hashing them with the correct tag. - Expose a public offer_id() accessor on invoice. - Add tests to ensure the offer_id in the invoice matches the originating Offer, and that refund invoices have no offer_id. - All existing and new tests pass. This enables linking invoices to their originating offers in a robust and spec-compliant way. Co-authored-by: graphite-app[bot] <96075541+graphite-app[bot]@users.noreply.github.com> Signed-off-by: Vincenzo Palazzo <[email protected]>
vincenzopalazzo
force-pushed
the
macros/markle-signature
branch
from
f5fbd6c to
87c74b1
Compare
| /// Returns the [`TaggedHash`] of the invoice that was signed. | ||
| pub fn tagged_hash(&self) -> &TaggedHash { | ||
| &self.tagged_hash | ||
| } |
There was a problem hiding this comment.
This should go in the first commit.
There was a problem hiding this comment.
Ah, ok, now I see what you wanted to move on the first commit, I did not get it in the first place.
Ok, moving all the signature logic related to the first commit
This is helpful for users who want to use the Merkle tree signature in their own code, for example, to verify the signature of bolt12 invoices or recreate it.
Very useful for people who are building command line tools for the bolt12 offers.
I am opening this, but I do not know if it is something that you want to do, but at the same time, IMHO, this is very useful to expose because it allows to use LDK in command line tools and in learning tools.
However, this is not strictly necessary because
Bolt12Invoice::try_fromalready verifies the signature, but I would open this to know your point of view.