wip

Author: accumulator

electrum/bolt12.py

@@ -26,19 +26,24 @@
 import copy
 import io
 import os
+import time
 from decimal import Decimal
 
-from typing import Union, Optional, List, Tuple
+from typing import TYPE_CHECKING, Union, Optional, List, Tuple, Sequence
 
 import electrum_ecc as ecc
 
 from . import constants
 from .bitcoin import COIN
+from .crypto import sha256
 from .lnaddr import LnAddr
 from .lnmsg import OnionWireSerializer, batched
-from .onion_message import Timeout
+from .onion_message import Timeout, get_blinded_reply_paths, create_blinded_path, get_blinded_paths_to_me
 from .segwit_addr import bech32_decode, DecodedBech32, convertbits
 
+if TYPE_CHECKING:
+    from .lnworker import LNWallet
+
 
 def is_offer(data: str) -> bool:
     d = bech32_decode(data, ignore_long_length=True, with_checksum=False)
@@ -168,6 +173,8 @@ async def request_invoice(
     else:
         node_id = bolt12_offer['offer_issuer_id']['id']
 
+    # spec: MUST set invreq_payer_id to a transient public key.
+    # spec: MUST remember the secret key corresponding to invreq_payer_id.
     session_key = os.urandom(32)
     blinding = ecc.ECPrivkey(session_key).get_public_key_bytes()
 
@@ -241,6 +248,54 @@ async def request_invoice(
     return invoice_data, invoice_tlv
 
 
+def verify_request_and_create_invoice(
+        lnwallet: 'LNWallet',
+        bolt12_offer: dict,
+        bolt12_invreq: dict,
+        preimage,
+) -> dict:
+    # TODO check offer fields in invreq are equal
+    # TODO check constraints, like expiry, offer_amount etc
+    # copy the invreq and offer fields
+    invoice = copy.deepcopy(bolt12_invreq)
+    del invoice['signature']  # remove the signature from the invreq
+    now = int(time.time())
+    invoice_payment_hash = sha256(preimage)
+    invoice.update({
+        'invoice_created_at': {'timestamp': now},
+        'invoice_relative_expiry': {'seconds_from_creation': 3600},  # TODO hardcoded
+        'invoice_payment_hash': {'payment_hash': invoice_payment_hash}
+    })
+
+    # spec: if invreq_amount is present: MUST set invoice_amount to invreq_amount
+    # otherwise: 'expected' amount (or amount == 0 invoice? or min_htlc_msat from channel set?)
+    amount_msat = 0
+    if bolt12_invreq.get('invreq_amount'):
+        amount_msat = bolt12_invreq['invreq_amount']['msat']
+    invoice.update({
+        'invoice_amount': {'msat': amount_msat}
+    })
+
+    # spec: if offer_issuer_id is present: MUST set invoice_node_id to the offer_issuer_id
+    # spec: otherwise, if offer_paths is present: MUST set invoice_node_id to the final blinded_node_id
+    # on the path it received the invoice request
+    if bolt12_offer.get('offer_issuer_id'):
+        invoice.update({
+            'invoice_node_id': {'node_id': bolt12_offer['offer_issuer_id']['id']}
+        })
+    else:
+        # we don't have invreq used path available here atm.
+        raise Exception('branch not implemented, electrum should set offer_issuer_id')
+
+    invoice_paths, payinfo = get_blinded_paths_to_me(lnwallet)
+    invoice.update({
+        'invoice_paths': {'paths': invoice_paths},
+        'invoice_blindedpay': {'payinfo': payinfo}
+    })
+
+    return invoice
+
+
 # wraps remote invoice_error
 class Bolt12InvoiceError(Exception): pass
 

electrum/lnworker.py

@@ -27,6 +27,7 @@
 import dns.exception
 from aiorpcx import run_in_thread, NetAddress, ignore_after
 
+from .bolt12 import encode_invoice
 from .logging import Logger
 from .i18n import _
 from .json_db import stored_in
@@ -55,7 +56,7 @@
     sha256, chacha20_encrypt, chacha20_decrypt, pw_encode_with_version_and_mac, pw_decode_with_version_and_mac
 )
 
-from .onion_message import OnionMessageManager
+from .onion_message import OnionMessageManager, send_onion_message_to, encode_blinded_path
 from .lntransport import (
     LNTransport, LNResponderTransport, LNTransportBase, LNPeerAddr, split_host_port, extract_nodeid,
     ConnStringFormatError
@@ -3782,3 +3783,77 @@ def get_forwarding_failure(self, payment_key: str) -> Tuple[Optional[bytes], Opt
         error_bytes = bytes.fromhex(error_hex) if error_hex else None
         failure_message = OnionRoutingFailure.from_bytes(bytes.fromhex(failure_hex)) if failure_hex else None
         return error_bytes, failure_message
+
+    def on_bolt12_invoice_request(self, recipient_data: dict, payload: dict):
+        # match to offer
+        self.logger.debug(f'on_bolt12_invoice_request: {recipient_data=} {payload=}')
+        offer_id = recipient_data['path_id']['data']
+        offer = self.wallet.get_offer(offer_id)
+        if offer is None:
+            self.logger.warning('no matching offer for invoice_request')
+            return
+
+        invreq_tlv = payload['invoice_request']['invoice_request']
+        invreq = bolt12.decode_invoice_request(invreq_tlv)
+        self.logger.info(f'invoice_request: {invreq=}')
+        self.logger.debug(f'invoice_request for {offer=}')
+
+        # two scenarios:
+        # 1) not in response to offer (no offer_issuer_id or offer_paths)
+        #     MUST reject the invoice request if any of the following are present:
+        #         offer_chains, offer_features or offer_quantity_max.
+        #     MUST reject the invoice request if invreq_amount is not present.
+        #     MAY use offer_amount (or offer_currency) for informational display to user.
+        #     if it sends an invoice in response:
+        #         MUST use invreq_paths if present, otherwise MUST use invreq_payer_id as the node id to send to.
+
+        # 2) response to offer.
+        #
+        #     MUST reject the invoice request if the offer fields do not exactly match a valid, unexpired offer.
+        #     if offer_paths is present:
+        #         MUST ignore the invoice_request if it did not arrive via one of those paths.
+        #     otherwise:
+        #         MUST ignore any invoice_request if it arrived via a blinded path.
+        #     if offer_quantity_max is present:
+        #         MUST reject the invoice request if there is no invreq_quantity field.
+        #         if offer_quantity_max is non-zero:
+        #             MUST reject the invoice request if invreq_quantity is zero, OR greater than offer_quantity_max.
+        #     otherwise:
+        #         MUST reject the invoice request if there is an invreq_quantity field.
+        #     if offer_amount is present:
+        #         MUST calculate the expected amount using the offer_amount:
+        #             if offer_currency is not the invreq_chain currency, convert to the invreq_chain currency.
+        #             if invreq_quantity is present, multiply by invreq_quantity.quantity.
+        #         if invreq_amount is present:
+        #             MUST reject the invoice request if invreq_amount.msat is less than the expected amount.
+        #             MAY reject the invoice request if invreq_amount.msat greatly exceeds the expected amount.
+        #     otherwise (no offer_amount):
+        #         MUST reject the invoice request if it does not contain invreq_amount.
+        #     SHOULD send an invoice in response using the onionmsg_tlv reply_path.
+
+        is_response_to_offer = True  # always assume scenario 2 for now
+
+        if is_response_to_offer:
+            node_id_or_blinded_path = encode_blinded_path(payload['reply_path']['path'])
+        else:
+            # spec: MUST use invreq_paths if present, otherwise MUST use invreq_payer_id as the node id to send to.
+            if 'invreq_paths' in invreq:
+                node_id_or_blinded_path = invreq['invreq_paths']['paths'][0]  # take first
+            else:
+                node_id_or_blinded_path = invreq['invreq_payer_id']
+
+        preimage = os.urandom(32)
+        invoice = bolt12.verify_request_and_create_invoice(self, offer, invreq, preimage)
+        if invoice is None:  # TODO: use exception, not None
+            self.logger.error('could not generate invoice')
+            # TODO: send invoice_error if request not totally bogus
+            return
+        invoice_payment_hash = sha256(preimage)
+        self.save_preimage(invoice_payment_hash, preimage)
+
+        destination_payload = {
+            'invoice': {'invoice': encode_invoice(invoice, self.node_keypair.privkey)}
+        }
+
+        send_onion_message_to(self, node_id_or_blinded_path, destination_payload)
+

electrum/onion_message.py

@@ -29,18 +29,19 @@
 import time
 from random import random
 
-from typing import TYPE_CHECKING, Optional, Sequence, NamedTuple
+from typing import TYPE_CHECKING, Optional, Sequence, NamedTuple, Tuple
 
 import electrum_ecc as ecc
 
+from electrum.channel_db import get_mychannel_policy
 from electrum.lnrouter import PathEdge
 from electrum.logging import get_logger, Logger
 from electrum.crypto import sha256, get_ecdh
 from electrum.lnmsg import OnionWireSerializer
 from electrum.lnonion import (get_bolt04_onion_key, OnionPacket, process_onion_packet,
                               OnionHopsDataSingle, decrypt_onionmsg_data_tlv, encrypt_onionmsg_data_tlv,
                               get_shared_secrets_along_route, new_onion_packet, encrypt_hops_recipient_data)
-from electrum.lnutil import LnFeatures
+from electrum.lnutil import LnFeatures, REMOTE
 from electrum.util import OldTaskGroup, log_exceptions
 
 
@@ -368,8 +369,9 @@ def get_blinded_reply_paths(
     """construct a list of blinded reply-paths for onion message.
     """
     mydata = {'path_id': {'data': path_id}}  # same path_id used in every reply path
-    return get_blinded_paths_to_me(lnwallet, mydata, max_paths=max_paths,
-                                   preferred_node_id=preferred_node_id, onion_message=True)
+    paths, payinfo = get_blinded_paths_to_me(lnwallet, mydata, max_paths=max_paths,
+                                             preferred_node_id=preferred_node_id, onion_message=True)
+    return paths
 
 
 def get_blinded_paths_to_me(
@@ -379,7 +381,7 @@ def get_blinded_paths_to_me(
         max_paths: int = PAYMENT_PATHS_MAX,
         preferred_node_id: bytes = None,
         onion_message: bool = False
-) -> Sequence[dict]:
+) -> Tuple[Sequence[dict], Sequence[dict]]:
     """construct a list of blinded paths.
        current logic:
        - uses channels peers if not onion_message
@@ -395,13 +397,27 @@ def get_blinded_paths_to_me(
                        lnwallet.peers.get(chan.node_id).their_features.supports(LnFeatures.OPTION_ONION_MESSAGE_OPT)]
 
     result = []
+    payinfo = []
     mynodeid = lnwallet.node_keypair.pubkey
     if len(my_channels):
         # randomize list, but prefer preferred_node_id
         rchans = sorted(my_channels, key=lambda x: random() if x.node_id != preferred_node_id else 0)
         for chan in rchans[:max_paths]:
             blinded_path = create_blinded_path(os.urandom(32), [chan.node_id, mynodeid], final_recipient_data)
             result.append(blinded_path)
+            if not onion_message:  # add payinfo, assumption: len(blinded_path) == 2 (us and peer)
+                # get policy
+                cp = get_mychannel_policy(chan.short_channel_id, chan.node_id,
+                                          {chan.short_channel_id: chan})
+                payinfo.append({
+                    'fee_base_msat': cp.fee_base_msat,
+                    'fee_proportional_millionths': cp.fee_proportional_millionths,
+                    'cltv_expiry_delta': cp.cltv_delta,
+                    'htlc_minimum_msat': cp.htlc_minimum_msat,
+                    'htlc_maximum_msat': cp.htlc_maximum_msat,
+                    'flen': 0,
+                    'features': bytes(0)
+                })
     elif onion_message:
         # we can use peers even without channels for onion messages
         my_onionmsg_peers = [peer for peer in lnwallet.peers.values() if
@@ -413,7 +429,17 @@ def get_blinded_paths_to_me(
                 blinded_path = create_blinded_path(os.urandom(32), [peer.pubkey, mynodeid], final_recipient_data)
                 result.append(blinded_path)
 
-    return result
+    return result, payinfo
+
+
+def encode_blinded_path(blinded_path: dict):
+    with io.BytesIO() as blinded_path_fd:
+        OnionWireSerializer.write_field(
+            fd=blinded_path_fd,
+            field_type='blinded_path',
+            count=1,
+            value=blinded_path)
+        return blinded_path_fd.getvalue()
 
 
 class Timeout(Exception): pass