core-lightning/plugins/fetchinvoice.c

1955 lines
59 KiB
C
Raw Normal View History

#include "config.h"
#include <bitcoin/chainparams.h>
#include <ccan/array_size/array_size.h>
#include <ccan/cast/cast.h>
#include <ccan/json_out/json_out.h>
#include <ccan/mem/mem.h>
#include <ccan/str/hex/hex.h>
#include <ccan/tal/str/str.h>
#include <common/blindedpath.h>
#include <common/bolt12_merkle.h>
#include <common/dijkstra.h>
#include <common/gossmap.h>
#include <common/json_param.h>
#include <common/json_stream.h>
#include <common/memleak.h>
#include <common/overflows.h>
#include <common/route.h>
#include <common/type_to_string.h>
#include <errno.h>
#include <plugins/libplugin.h>
#include <secp256k1_schnorrsig.h>
#include <sodium.h>
static struct gossmap *global_gossmap;
static struct pubkey local_id;
static bool disable_connect = false;
static LIST_HEAD(sent_list);
struct sent {
/* We're in sent_invreqs, awaiting reply. */
struct list_node list;
/* The alias used by reply */
struct pubkey *reply_alias;
/* The command which sent us. */
struct command *cmd;
/* The offer we are trying to get an invoice/payment for. */
struct tlv_offer *offer;
/* Path to use (including self) */
struct pubkey *path;
/* The invreq we sent, OR the invoice we sent */
struct tlv_invoice_request *invreq;
struct tlv_invoice *inv;
struct preimage inv_preimage;
struct json_escape *inv_label;
/* How long to wait for response before giving up. */
u32 wait_timeout;
};
static struct sent *find_sent_by_alias(const struct pubkey *alias)
{
struct sent *i;
list_for_each(&sent_list, i, list) {
if (i->reply_alias && pubkey_eq(i->reply_alias, alias))
return i;
}
return NULL;
}
static const char *field_diff_(struct plugin *plugin,
const tal_t *a, const tal_t *b,
const char *fieldname)
{
/* One is set and the other isn't? */
if ((a == NULL) != (b == NULL)) {
plugin_log(plugin, LOG_DBG, "field_diff %s: a is %s, b is %s",
fieldname, a ? "set": "unset", b ? "set": "unset");
return fieldname;
}
if (!memeq(a, tal_bytelen(a), b, tal_bytelen(b))) {
plugin_log(plugin, LOG_DBG, "field_diff %s: a=%s, b=%s",
fieldname, tal_hex(tmpctx, a), tal_hex(tmpctx, b));
return fieldname;
}
return NULL;
}
#define field_diff(a, b, fieldname) \
field_diff_((cmd)->plugin, a->fieldname, b->fieldname, #fieldname)
/* Returns true if b is a with something appended. */
static bool description_is_appended(const char *a, const char *b)
{
if (!a || !b)
return false;
if (tal_bytelen(b) < tal_bytelen(a))
return false;
return memeq(a, tal_bytelen(a), b, tal_bytelen(a));
}
/* Hack to suppress warnings when we finish a different command */
static void discard_result(struct command_result *ret)
{
}
/* Returns NULL if it wasn't an error. */
static struct command_result *handle_error(struct command *cmd,
struct sent *sent,
const char *buf,
const jsmntok_t *om)
{
const u8 *data;
size_t dlen;
struct tlv_invoice_error *err;
struct json_out *details;
const jsmntok_t *errtok;
errtok = json_get_member(buf, om, "invoice_error");
if (!errtok)
return NULL;
data = json_tok_bin_from_hex(cmd, buf, errtok);
dlen = tal_bytelen(data);
details = json_out_new(cmd);
plugin_log(cmd->plugin, LOG_DBG, "errtok = %.*s",
json_tok_full_len(errtok),
json_tok_full(buf, errtok));
json_out_start(details, NULL, '{');
err = fromwire_tlv_invoice_error(cmd, &data, &dlen);
if (!err) {
plugin_log(cmd->plugin, LOG_DBG,
"Invalid invoice_error %.*s",
json_tok_full_len(errtok),
json_tok_full(buf, errtok));
json_out_addstr(details, "invoice_error_hex",
tal_strndup(tmpctx,
buf + errtok->start,
errtok->end - errtok->start));
} else {
char *failstr;
/* FIXME: with a bit more generate-wire.py support,
* we could have fieldnames and even types. */
if (err->erroneous_field)
json_out_add(details, "erroneous_field", false,
"%"PRIu64, *err->erroneous_field);
if (err->suggested_value)
json_out_addstr(details, "suggested_value",
tal_hex(tmpctx,
err->suggested_value));
/* If they don't include this, it'll be empty */
failstr = tal_strndup(tmpctx,
err->error,
tal_bytelen(err->error));
json_out_addstr(details, "error", failstr);
}
json_out_end(details, '}');
discard_result(command_done_err(sent->cmd,
OFFER_BAD_INVREQ_REPLY,
"Remote node sent failure message",
details));
return command_hook_success(cmd);
}
static struct command_result *handle_invreq_response(struct command *cmd,
struct sent *sent,
const char *buf,
const jsmntok_t *om)
{
const u8 *invbin;
const jsmntok_t *invtok;
size_t len;
struct tlv_invoice *inv;
struct sha256 merkle, sighash;
struct json_stream *out;
const char *badfield;
u64 *expected_amount;
invtok = json_get_member(buf, om, "invoice");
if (!invtok) {
plugin_log(cmd->plugin, LOG_UNUSUAL,
"Neither invoice nor invoice_request_failed in reply %.*s",
json_tok_full_len(om),
json_tok_full(buf, om));
discard_result(command_fail(sent->cmd,
OFFER_BAD_INVREQ_REPLY,
"Neither invoice nor invoice_request_failed in reply %.*s",
json_tok_full_len(om),
json_tok_full(buf, om)));
return command_hook_success(cmd);
}
invbin = json_tok_bin_from_hex(cmd, buf, invtok);
len = tal_bytelen(invbin);
inv = fromwire_tlv_invoice(cmd, &invbin, &len);
if (!inv) {
badfield = "invoice";
goto badinv;
}
#if DEVELOPER
/* Raw send? Just fwd reply. */
if (!sent->offer) {
out = jsonrpc_stream_success(sent->cmd);
json_add_string(out, "invoice", invoice_encode(tmpctx, inv));
discard_result(command_finished(sent->cmd, out));
return command_hook_success(cmd);
}
#endif /* DEVELOPER */
/* BOLT-offers #12:
* - MUST reject the invoice unless `node_id` is equal to the offer.
*/
if (!point32_eq(sent->offer->node_id, inv->node_id)) {
badfield = "node_id";
goto badinv;
}
/* BOLT-offers #12:
* - MUST reject the invoice if `signature` is not a valid signature
* using `node_id` as described in [Signature Calculation]
*/
merkle_tlv(inv->fields, &merkle);
sighash_from_merkle("invoice", "signature", &merkle, &sighash);
if (!inv->signature
|| secp256k1_schnorrsig_verify(secp256k1_ctx, inv->signature->u8,
sighash.u.u8, sizeof(sighash.u.u8), &inv->node_id->pubkey) != 1) {
badfield = "signature";
goto badinv;
}
/* BOLT-offers #12:
* - MUST reject the invoice if `msat` is not present.
*/
if (!inv->amount) {
badfield = "amount";
goto badinv;
}
/* BOLT-offers #12:
* - MUST reject the invoice unless `offer_id` is equal to the id of the
* offer.
*/
if ((badfield = field_diff(sent->invreq, inv, offer_id)))
goto badinv;
/* BOLT-offers #12:
* - if the invoice is a reply to an `invoice_request`:
*...
* - MUST reject the invoice unless the following fields are equal or
* unset exactly as they are in the `invoice_request:`
* - `quantity`
* - `payer_key`
* - `payer_info`
*/
/* BOLT-offers-recurrence #12:
* - if the invoice is a reply to an `invoice_request`:
*...
* - MUST reject the invoice unless the following fields are equal or
* unset exactly as they are in the `invoice_request:`
* - `quantity`
* - `recurrence_counter`
* - `recurrence_start`
* - `payer_key`
* - `payer_info`
*/
if ((badfield = field_diff(sent->invreq, inv, quantity)))
goto badinv;
if ((badfield = field_diff(sent->invreq, inv, recurrence_counter)))
goto badinv;
if ((badfield = field_diff(sent->invreq, inv, recurrence_start)))
goto badinv;
if ((badfield = field_diff(sent->invreq, inv, payer_key)))
goto badinv;
if ((badfield = field_diff(sent->invreq, inv, payer_info)))
goto badinv;
/* Get the amount we expected: firstly, if that's what we sent,
* secondly, if specified in the invoice. */
if (sent->invreq->amount) {
expected_amount = tal_dup(tmpctx, u64, sent->invreq->amount);
} else if (sent->offer->amount && !sent->offer->currency) {
expected_amount = tal(tmpctx, u64);
*expected_amount = *sent->offer->amount;
if (sent->invreq->quantity) {
/* We should never have sent this! */
if (mul_overflows_u64(*expected_amount,
*sent->invreq->quantity)) {
badfield = "quantity overflow";
goto badinv;
}
*expected_amount *= *sent->invreq->quantity;
}
} else
expected_amount = NULL;
/* BOLT-offers-recurrence #12:
* - if the offer contained `recurrence`:
* - MUST reject the invoice if `recurrence_basetime` is not set.
*/
if (sent->invreq->recurrence_counter && !inv->recurrence_basetime) {
badfield = "recurrence_basetime";
goto badinv;
}
/* BOLT-offers #12:
* - SHOULD confirm authorization if the `description` does not exactly
* match the `offer`
* - MAY highlight if `description` has simply had a change appended.
*/
/* We highlight these changes to the caller, for them to handle */
out = jsonrpc_stream_success(sent->cmd);
json_add_string(out, "invoice", invoice_encode(tmpctx, inv));
json_object_start(out, "changes");
if (field_diff(sent->offer, inv, description)) {
/* Did they simply append? */
if (description_is_appended(sent->offer->description,
inv->description)) {
size_t off = tal_bytelen(sent->offer->description);
json_add_stringn(out, "description_appended",
inv->description + off,
tal_bytelen(inv->description) - off);
} else if (!inv->description)
json_add_stringn(out, "description_removed",
sent->offer->description,
tal_bytelen(sent->offer->description));
else
json_add_stringn(out, "description",
inv->description,
tal_bytelen(inv->description));
}
/* BOLT-offers #12:
* - SHOULD confirm authorization if `issuer` does not exactly
* match the `offer`
*/
if (field_diff(sent->offer, inv, issuer)) {
if (!inv->issuer)
json_add_stringn(out, "issuer_removed",
sent->offer->issuer,
tal_bytelen(sent->offer->issuer));
else
json_add_stringn(out, "issuer",
inv->issuer,
tal_bytelen(inv->issuer));
}
/* BOLT-offers #12:
* - SHOULD confirm authorization if `msat` is not within the amount
* range authorized.
*/
/* We always tell them this unless it's trivial to calc and
* exactly as expected. */
if (!expected_amount || *inv->amount != *expected_amount) {
if (deprecated_apis)
json_add_amount_msat_only(out, "msat",
amount_msat(*inv->amount));
json_add_amount_msat_only(out, "amount_msat",
amount_msat(*inv->amount));
}
json_object_end(out);
/* We tell them about next period at this point, if any. */
if (sent->offer->recurrence) {
u64 next_counter, next_period_idx;
u64 paywindow_start, paywindow_end;
next_counter = *sent->invreq->recurrence_counter + 1;
if (sent->invreq->recurrence_start)
next_period_idx = *sent->invreq->recurrence_start
+ next_counter;
else
next_period_idx = next_counter;
/* If this was the last, don't tell them about a next! */
if (!sent->offer->recurrence_limit
|| next_period_idx <= *sent->offer->recurrence_limit) {
json_object_start(out, "next_period");
json_add_u64(out, "counter", next_counter);
json_add_u64(out, "starttime",
offer_period_start(*inv->recurrence_basetime,
next_period_idx,
sent->offer->recurrence));
json_add_u64(out, "endtime",
offer_period_start(*inv->recurrence_basetime,
next_period_idx + 1,
sent->offer->recurrence) - 1);
offer_period_paywindow(sent->offer->recurrence,
sent->offer->recurrence_paywindow,
sent->offer->recurrence_base,
*inv->recurrence_basetime,
next_period_idx,
&paywindow_start, &paywindow_end);
json_add_u64(out, "paywindow_start", paywindow_start);
json_add_u64(out, "paywindow_end", paywindow_end);
json_object_end(out);
}
}
discard_result(command_finished(sent->cmd, out));
return command_hook_success(cmd);
badinv:
plugin_log(cmd->plugin, LOG_DBG, "Failed invoice due to %s", badfield);
discard_result(command_fail(sent->cmd,
OFFER_BAD_INVREQ_REPLY,
"Incorrect %s field in %.*s",
badfield,
json_tok_full_len(invtok),
json_tok_full(buf, invtok)));
return command_hook_success(cmd);
}
static struct command_result *recv_modern_onion_message(struct command *cmd,
const char *buf,
const jsmntok_t *params)
{
const jsmntok_t *om, *aliastok;
struct sent *sent;
struct pubkey alias;
struct command_result *err;
om = json_get_member(buf, params, "onion_message");
aliastok = json_get_member(buf, om, "our_alias");
if (!aliastok || !json_to_pubkey(buf, aliastok, &alias))
return command_hook_success(cmd);
sent = find_sent_by_alias(&alias);
if (!sent) {
plugin_log(cmd->plugin, LOG_DBG,
"No match for modern onion %.*s",
json_tok_full_len(om),
json_tok_full(buf, om));
return command_hook_success(cmd);
}
plugin_log(cmd->plugin, LOG_DBG, "Received modern onion message: %.*s",
json_tok_full_len(params),
json_tok_full(buf, params));
err = handle_error(cmd, sent, buf, om);
if (err)
return err;
if (sent->invreq)
return handle_invreq_response(cmd, sent, buf, om);
return command_hook_success(cmd);
}
static void destroy_sent(struct sent *sent)
{
list_del(&sent->list);
}
/* We've received neither a reply nor a payment; return failure. */
static void timeout_sent_invreq(struct sent *sent)
{
/* This will free sent! */
discard_result(command_fail(sent->cmd, OFFER_TIMEOUT,
"Timeout waiting for response"));
}
static struct command_result *sendonionmsg_done(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent)
{
tal_steal(cmd, plugin_timer(cmd->plugin,
time_from_sec(sent->wait_timeout),
timeout_sent_invreq, sent));
sent->cmd = cmd;
list_add_tail(&sent_list, &sent->list);
tal_add_destructor(sent, destroy_sent);
return command_still_pending(cmd);
}
static void init_gossmap(struct plugin *plugin)
{
size_t num_cupdates_rejected;
global_gossmap
= notleak_with_children(gossmap_load(NULL,
GOSSIP_STORE_FILENAME,
&num_cupdates_rejected));
if (!global_gossmap)
plugin_err(plugin, "Could not load gossmap %s: %s",
GOSSIP_STORE_FILENAME, strerror(errno));
if (num_cupdates_rejected)
plugin_log(plugin, LOG_DBG,
"gossmap ignored %zu channel updates",
num_cupdates_rejected);
}
static struct gossmap *get_gossmap(struct plugin *plugin)
{
if (!global_gossmap)
init_gossmap(plugin);
else
gossmap_refresh(global_gossmap, NULL);
return global_gossmap;
}
static struct command_result *param_offer(struct command *cmd,
const char *name,
const char *buffer,
const jsmntok_t *tok,
struct tlv_offer **offer)
{
char *fail;
/* BOLT-offers #12:
* - if `features` contains unknown _odd_ bits that are non-zero:
* - MUST ignore the bit.
* - if `features` contains unknown _even_ bits that are non-zero:
* - MUST NOT respond to the offer.
* - SHOULD indicate the unknown bit to the user.
*/
/* BOLT-offers #12:
* - MUST NOT set or imply any `chain_hash` not set or implied by
* the offer.
*/
*offer = offer_decode(cmd, buffer + tok->start, tok->end - tok->start,
plugin_feature_set(cmd->plugin), chainparams,
&fail);
if (!*offer)
return command_fail_badparam(cmd, name, buffer, tok,
tal_fmt(cmd,
"Unparsable offer: %s",
fail));
/* BOLT-offers #12:
*
* - if `node_id` or `description` is not set:
* - MUST NOT respond to the offer.
*/
if (!(*offer)->node_id)
return command_fail_badparam(cmd, name, buffer, tok,
"Offer does not contain a node_id");
if (!(*offer)->description)
return command_fail_badparam(cmd, name, buffer, tok,
"Offer does not contain a description");
return NULL;
}
static bool can_carry_onionmsg(const struct gossmap *map,
const struct gossmap_chan *c,
int dir,
struct amount_msat amount UNUSED,
void *arg UNUSED)
{
const struct gossmap_node *n;
/* Don't use it if either side says it's disabled */
if (!c->half[dir].enabled || !c->half[!dir].enabled)
return false;
/* Check features of recipient */
n = gossmap_nth_node(map, c, !dir);
/* 102/103 was the old EXPERIMENTAL feature bit: remove soon! */
return gossmap_node_get_feature(map, n, OPT_ONION_MESSAGES) != -1
|| gossmap_node_get_feature(map, n, 102) != -1;
}
enum nodeid_parity {
nodeid_parity_even = SECP256K1_TAG_PUBKEY_EVEN,
nodeid_parity_odd = SECP256K1_TAG_PUBKEY_ODD,
nodeid_parity_unknown = 1,
};
static enum nodeid_parity node_parity(const struct gossmap *gossmap,
const struct gossmap_node *node)
{
struct node_id id;
gossmap_node_get_id(gossmap, node, &id);
return id.k[0];
}
static void node_id_from_point32(struct node_id *nid,
const struct point32 *node32_id,
enum nodeid_parity parity)
{
assert(parity == SECP256K1_TAG_PUBKEY_EVEN
|| parity == SECP256K1_TAG_PUBKEY_ODD);
nid->k[0] = parity;
secp256k1_xonly_pubkey_serialize(secp256k1_ctx, nid->k+1,
&node32_id->pubkey);
}
/* Create path to node which can carry onion messages (including
* self); if it can't find one, returns NULL. Fills in nodeid_parity
* for 33rd nodeid byte. */
static struct pubkey *path_to_node(const tal_t *ctx,
struct plugin *plugin,
const struct point32 *node32_id,
enum nodeid_parity *parity)
{
struct route_hop *r;
const struct dijkstra *dij;
const struct gossmap_node *src;
const struct gossmap_node *dst;
struct node_id dstid, local_nodeid;
struct pubkey *nodes;
struct gossmap *gossmap = get_gossmap(plugin);
/* We try both parities. */
*parity = nodeid_parity_even;
node_id_from_point32(&dstid, node32_id, *parity);
dst = gossmap_find_node(gossmap, &dstid);
if (!dst) {
*parity = nodeid_parity_odd;
node_id_from_point32(&dstid, node32_id, *parity);
dst = gossmap_find_node(gossmap, &dstid);
if (!dst) {
*parity = nodeid_parity_unknown;
return NULL;
}
}
*parity = node_parity(gossmap, dst);
/* If we don't exist in gossip, routing can't happen. */
node_id_from_pubkey(&local_nodeid, &local_id);
src = gossmap_find_node(gossmap, &local_nodeid);
if (!src)
return NULL;
dij = dijkstra(tmpctx, gossmap, dst, AMOUNT_MSAT(0), 0,
can_carry_onionmsg, route_score_shorter, NULL);
r = route_from_dijkstra(tmpctx, gossmap, dij, src, AMOUNT_MSAT(0), 0);
if (!r)
return NULL;
nodes = tal_arr(ctx, struct pubkey, tal_count(r) + 1);
nodes[0] = local_id;
for (size_t i = 0; i < tal_count(r); i++) {
if (!pubkey_from_node_id(&nodes[i+1], &r[i].node_id)) {
plugin_err(plugin, "Could not convert nodeid %s",
type_to_string(tmpctx, struct node_id,
&r[i].node_id));
}
}
return nodes;
}
/* Marshal arguments for sending onion messages */
struct sending {
struct sent *sent;
const char *msgfield;
const u8 *msgval;
struct tlv_obs2_onionmsg_payload_reply_path *obs2_reply_path;
struct command_result *(*done)(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent);
};
static struct command_result *
send_obs2_message(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sending *sending)
{
struct sent *sent = sending->sent;
struct privkey blinding_iter;
struct pubkey fwd_blinding, *node_alias;
size_t nhops = tal_count(sent->path);
struct tlv_obs2_onionmsg_payload **payloads;
struct out_req *req;
/* Now create enctlvs for *forward* path. */
randombytes_buf(&blinding_iter, sizeof(blinding_iter));
if (!pubkey_from_privkey(&blinding_iter, &fwd_blinding))
return command_fail(cmd, LIGHTNINGD,
"Could not convert blinding %s to pubkey!",
type_to_string(tmpctx, struct privkey,
&blinding_iter));
/* We overallocate: this node (0) doesn't have payload or alias */
payloads = tal_arr(cmd, struct tlv_obs2_onionmsg_payload *, nhops);
node_alias = tal_arr(cmd, struct pubkey, nhops);
for (size_t i = 1; i < nhops - 1; i++) {
payloads[i] = tlv_obs2_onionmsg_payload_new(payloads);
payloads[i]->enctlv = create_obs2_enctlv(payloads[i],
&blinding_iter,
&sent->path[i],
&sent->path[i+1],
/* FIXME: Pad? */
0,
NULL,
&blinding_iter,
&node_alias[i]);
}
/* Final payload contains the actual data. */
payloads[nhops-1] = tlv_obs2_onionmsg_payload_new(payloads);
/* We don't include enctlv in final, but it gives us final alias */
if (!create_obs2_final_enctlv(tmpctx, &blinding_iter, &sent->path[nhops-1],
/* FIXME: Pad? */ 0,
NULL,
&node_alias[nhops-1])) {
/* Should not happen! */
return command_fail(cmd, LIGHTNINGD,
"Could create final enctlv");
}
/* FIXME: This interface is a string for sendobsonionmessage! */
if (streq(sending->msgfield, "invoice_request")) {
payloads[nhops-1]->invoice_request
= cast_const(u8 *, sending->msgval);
} else {
assert(streq(sending->msgfield, "invoice"));
payloads[nhops-1]->invoice
= cast_const(u8 *, sending->msgval);
}
payloads[nhops-1]->reply_path = sending->obs2_reply_path;
req = jsonrpc_request_start(cmd->plugin, cmd, "sendobs2onionmessage",
sending->done,
forward_error,
sending->sent);
json_add_pubkey(req->js, "first_id", &sent->path[1]);
json_add_pubkey(req->js, "blinding", &fwd_blinding);
json_array_start(req->js, "hops");
for (size_t i = 1; i < nhops; i++) {
u8 *tlv;
json_object_start(req->js, NULL);
json_add_pubkey(req->js, "id", &node_alias[i]);
tlv = tal_arr(tmpctx, u8, 0);
towire_tlv_obs2_onionmsg_payload(&tlv, payloads[i]);
json_add_hex_talarr(req->js, "tlv", tlv);
json_object_end(req->js);
}
json_array_end(req->js);
return send_outreq(cmd->plugin, req);
}
static struct command_result *
send_modern_message(struct command *cmd,
struct tlv_onionmsg_payload_reply_path *reply_path,
struct sending *sending)
{
struct sent *sent = sending->sent;
struct privkey blinding_iter;
struct pubkey fwd_blinding, *node_alias;
size_t nhops = tal_count(sent->path);
struct tlv_onionmsg_payload **payloads;
struct out_req *req;
/* Now create enctlvs for *forward* path. */
randombytes_buf(&blinding_iter, sizeof(blinding_iter));
if (!pubkey_from_privkey(&blinding_iter, &fwd_blinding))
return command_fail(cmd, LIGHTNINGD,
"Could not convert blinding %s to pubkey!",
type_to_string(tmpctx, struct privkey,
&blinding_iter));
/* We overallocate: this node (0) doesn't have payload or alias */
payloads = tal_arr(cmd, struct tlv_onionmsg_payload *, nhops);
node_alias = tal_arr(cmd, struct pubkey, nhops);
for (size_t i = 1; i < nhops - 1; i++) {
payloads[i] = tlv_onionmsg_payload_new(payloads);
payloads[i]->encrypted_data_tlv = create_enctlv(payloads[i],
&blinding_iter,
&sent->path[i],
&sent->path[i+1],
/* FIXME: Pad? */
0,
NULL,
&blinding_iter,
&node_alias[i]);
}
/* Final payload contains the actual data. */
payloads[nhops-1] = tlv_onionmsg_payload_new(payloads);
/* We don't include enctlv in final, but it gives us final alias */
if (!create_final_enctlv(tmpctx, &blinding_iter, &sent->path[nhops-1],
/* FIXME: Pad? */ 0,
NULL,
&node_alias[nhops-1])) {
/* Should not happen! */
return command_fail(cmd, LIGHTNINGD,
"Could create final enctlv");
}
/* FIXME: This interface is a string for sendobsonionmessage! */
if (streq(sending->msgfield, "invoice_request")) {
payloads[nhops-1]->invoice_request
= cast_const(u8 *, sending->msgval);
} else {
assert(streq(sending->msgfield, "invoice"));
payloads[nhops-1]->invoice
= cast_const(u8 *, sending->msgval);
}
payloads[nhops-1]->reply_path = reply_path;
req = jsonrpc_request_start(cmd->plugin, cmd, "sendonionmessage",
/* Try sending older version next */
send_obs2_message,
forward_error,
sending);
json_add_pubkey(req->js, "first_id", &sent->path[1]);
json_add_pubkey(req->js, "blinding", &fwd_blinding);
json_array_start(req->js, "hops");
for (size_t i = 1; i < nhops; i++) {
u8 *tlv;
json_object_start(req->js, NULL);
json_add_pubkey(req->js, "id", &node_alias[i]);
tlv = tal_arr(tmpctx, u8, 0);
towire_tlv_onionmsg_payload(&tlv, payloads[i]);
json_add_hex_talarr(req->js, "tlv", tlv);
json_object_end(req->js);
}
json_array_end(req->js);
return send_outreq(cmd->plugin, req);
}
/* Lightningd gives us reply path, since we don't know secret to put
* in final so it will recognize it. */
static struct command_result *use_reply_path(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sending *sending)
{
struct tlv_onionmsg_payload_reply_path *rpath;
rpath = json_to_reply_path(cmd, buf,
json_get_member(buf, result, "blindedpath"));
if (!rpath)
plugin_err(cmd->plugin,
"could not parse reply path %.*s?",
json_tok_full_len(result),
json_tok_full(buf, result));
sending->obs2_reply_path = json_to_obs2_reply_path(cmd, buf,
json_get_member(buf, result,
"obs2blindedpath"));
if (!sending->obs2_reply_path)
plugin_err(cmd->plugin,
"could not parse obs2 reply path %.*s?",
json_tok_full_len(result),
json_tok_full(buf, result));
/* Remember our alias we used so we can recognize reply */
sending->sent->reply_alias
= tal_dup(sending->sent, struct pubkey,
&rpath->path[tal_count(rpath->path)-1]->node_id);
return send_modern_message(cmd, rpath, sending);
}
static struct command_result *make_reply_path(struct command *cmd,
struct sending *sending)
{
struct out_req *req;
size_t nhops = tal_count(sending->sent->path);
/* FIXME: Maybe we should allow this? */
if (tal_count(sending->sent->path) == 1)
return command_fail(cmd, PAY_ROUTE_NOT_FOUND,
"Refusing to talk to ourselves");
req = jsonrpc_request_start(cmd->plugin, cmd, "blindedpath",
use_reply_path,
forward_error,
sending);
/* FIXME: Could create an independent reply path, not just
* reverse existing. */
json_array_start(req->js, "ids");
for (int i = nhops - 2; i >= 0; i--)
json_add_pubkey(req->js, NULL, &sending->sent->path[i]);
json_array_end(req->js);
return send_outreq(cmd->plugin, req);
}
static struct command_result *send_message(struct command *cmd,
struct sent *sent,
const char *msgfield TAKES,
const u8 *msgval TAKES,
struct command_result *(*done)
(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent))
{
struct sending *sending = tal(cmd, struct sending);
sending->sent = sent;
sending->msgfield = tal_strdup(sending, msgfield);
sending->msgval = tal_dup_talarr(sending, u8, msgval);
sending->done = done;
return make_reply_path(cmd, sending);
}
/* We've received neither a reply nor a payment; return failure. */
static void timeout_sent_inv(struct sent *sent)
{
struct json_out *details = json_out_new(sent);
json_out_start(details, NULL, '{');
json_out_addstr(details, "invstring", invoice_encode(tmpctx, sent->inv));
json_out_end(details, '}');
/* This will free sent! */
discard_result(command_done_err(sent->cmd, OFFER_TIMEOUT,
"Failed: timeout waiting for response",
details));
}
static struct command_result *prepare_inv_timeout(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent)
{
tal_steal(cmd, plugin_timer(cmd->plugin,
time_from_sec(sent->wait_timeout),
timeout_sent_inv, sent));
return sendonionmsg_done(cmd, buf, result, sent);
}
/* We've connected (if we tried), so send the invreq. */
static struct command_result *
sendinvreq_after_connect(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent)
{
u8 *rawinvreq = tal_arr(tmpctx, u8, 0);
towire_tlv_invoice_request(&rawinvreq, sent->invreq);
return send_message(cmd, sent, "invoice_request", rawinvreq,
sendonionmsg_done);
}
struct connect_attempt {
struct node_id node_id;
struct command_result *(*cb)(struct command *command,
const char *buf,
const jsmntok_t *result,
struct sent *sent);
struct sent *sent;
};
static struct command_result *connected(struct command *command,
const char *buf,
const jsmntok_t *result,
struct connect_attempt *ca)
{
return ca->cb(command, buf, result, ca->sent);
}
static struct command_result *connect_failed(struct command *command,
const char *buf,
const jsmntok_t *result,
struct connect_attempt *ca)
{
return command_done_err(command, OFFER_ROUTE_NOT_FOUND,
"Failed: could not route, could not connect",
NULL);
}
/* Offers contain only a 32-byte id. If we can't find the address, we
* don't know if it's 02 or 03, so we try both. If we're here, we
* failed 02. */
static struct command_result *try_other_parity(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct connect_attempt *ca)
{
struct out_req *req;
/* Flip parity */
ca->node_id.k[0] = SECP256K1_TAG_PUBKEY_ODD;
/* Path is us -> them, so they're second entry */
if (!pubkey_from_node_id(&ca->sent->path[1], &ca->node_id)) {
/* Should not happen!
* Pieter Wuille points out:
* y^2 = x^3 + 7 mod p
* negating y doesnt change the left hand side
*/
return command_done_err(cmd, LIGHTNINGD,
"Failed: could not convert inverted pubkey?",
NULL);
}
req = jsonrpc_request_start(cmd->plugin, cmd, "connect", connected,
connect_failed, ca);
json_add_node_id(req->js, "id", &ca->node_id);
return send_outreq(cmd->plugin, req);
}
/* We can't find a route, so we're going to try to connect, then just blast it
* to them. */
static struct command_result *
connect_direct(struct command *cmd,
const struct point32 *dst,
enum nodeid_parity parity,
struct command_result *(*cb)(struct command *command,
const char *buf,
const jsmntok_t *result,
struct sent *sent),
struct sent *sent)
{
struct out_req *req;
struct connect_attempt *ca = tal(cmd, struct connect_attempt);
ca->cb = cb;
ca->sent = sent;
if (parity == nodeid_parity_unknown) {
plugin_notify_message(cmd, LOG_INFORM,
"Cannot find route, trying connect to 02/03%s directly",
type_to_string(tmpctx, struct point32, dst));
/* Try even first. */
node_id_from_point32(&ca->node_id, dst, SECP256K1_TAG_PUBKEY_EVEN);
} else {
plugin_notify_message(cmd, LOG_INFORM,
"Cannot find route, trying connect to %02x%s directly",
parity,
type_to_string(tmpctx, struct point32, dst));
node_id_from_point32(&ca->node_id, dst, parity);
}
/* Make a direct path -> dst. */
sent->path = tal_arr(sent, struct pubkey, 2);
sent->path[0] = local_id;
if (!pubkey_from_node_id(&sent->path[1], &ca->node_id)) {
/* Should not happen! */
return command_done_err(cmd, LIGHTNINGD,
"Failed: could not convert to pubkey?",
NULL);
}
if (disable_connect) {
/* FIXME: This means we will fail if parity is wrong! */
plugin_notify_message(cmd, LOG_UNUSUAL,
"Cannot find route, but"
" fetchplugin-noconnect set:"
" trying direct anyway to %s",
type_to_string(tmpctx, struct point32,
dst));
return cb(cmd, NULL, NULL, sent);
}
req = jsonrpc_request_start(cmd->plugin, cmd, "connect", connected,
parity == nodeid_parity_unknown ?
try_other_parity : connect_failed, ca);
json_add_node_id(req->js, "id", &ca->node_id);
return send_outreq(cmd->plugin, req);
}
static struct command_result *invreq_done(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sent *sent)
{
const jsmntok_t *t;
char *fail;
enum nodeid_parity parity;
/* Get invoice request */
t = json_get_member(buf, result, "bolt12");
if (!t)
return command_fail(cmd, LIGHTNINGD,
"Missing bolt12 %.*s",
json_tok_full_len(result),
json_tok_full(buf, result));
plugin_log(cmd->plugin, LOG_DBG,
"invoice_request: %.*s",
json_tok_full_len(t),
json_tok_full(buf, t));
sent->inv = NULL;
sent->invreq = invrequest_decode(sent,
buf + t->start,
t->end - t->start,
plugin_feature_set(cmd->plugin),
chainparams,
&fail);
if (!sent->invreq)
return command_fail(cmd, LIGHTNINGD,
"Invalid invoice_request %.*s: %s",
json_tok_full_len(t),
json_tok_full(buf, t),
fail);
/* Now that's given us the previous base, check this is an OK time
* to request an invoice. */
if (sent->invreq->recurrence_counter) {
u64 *base;
const jsmntok_t *pbtok;
u64 period_idx = *sent->invreq->recurrence_counter;
if (sent->invreq->recurrence_start)
period_idx += *sent->invreq->recurrence_start;
/* BOLT-offers-recurrence #12:
* - if the offer contained `recurrence_limit`:
* - MUST NOT send an `invoice_request` for a period greater
* than `max_period`
*/
if (sent->offer->recurrence_limit
&& period_idx > *sent->offer->recurrence_limit)
return command_fail(cmd, LIGHTNINGD,
"Can't send invreq for period %"
PRIu64" (limit %u)",
period_idx,
*sent->offer->recurrence_limit);
/* BOLT-offers-recurrence #12:
* - SHOULD NOT send an `invoice_request` for a period which has
* already passed.
*/
/* If there's no recurrence_base, we need a previous payment
* for this: fortunately createinvoicerequest does that
* lookup. */
pbtok = json_get_member(buf, result, "previous_basetime");
if (pbtok) {
base = tal(tmpctx, u64);
json_to_u64(buf, pbtok, base);
} else if (sent->offer->recurrence_base)
base = &sent->offer->recurrence_base->basetime;
else {
/* happens with *recurrence_base == 0 */
assert(*sent->invreq->recurrence_counter == 0);
base = NULL;
}
if (base) {
u64 period_start, period_end, now = time_now().ts.tv_sec;
offer_period_paywindow(sent->offer->recurrence,
sent->offer->recurrence_paywindow,
sent->offer->recurrence_base,
*base, period_idx,
&period_start, &period_end);
if (now < period_start)
return command_fail(cmd, LIGHTNINGD,
"Too early: can't send until time %"
PRIu64" (in %"PRIu64" secs)",
period_start,
period_start - now);
if (now > period_end)
return command_fail(cmd, LIGHTNINGD,
"Too late: expired time %"
PRIu64" (%"PRIu64" secs ago)",
period_end,
now - period_end);
}
}
sent->path = path_to_node(sent, cmd->plugin,
sent->offer->node_id,
&parity);
if (!sent->path)
return connect_direct(cmd, sent->offer->node_id, parity,
sendinvreq_after_connect, sent);
return sendinvreq_after_connect(cmd, NULL, NULL, sent);
}
/* If they hand us the payer secret, we sign it directly, bypassing checks
* about periods etc. */
static struct command_result *
force_payer_secret(struct command *cmd,
struct sent *sent,
struct tlv_invoice_request *invreq,
const struct secret *payer_secret)
{
struct sha256 merkle, sha;
enum nodeid_parity parity;
secp256k1_keypair kp;
u8 *msg;
const u8 *p;
size_t len;
if (secp256k1_keypair_create(secp256k1_ctx, &kp, payer_secret->data) != 1)
return command_fail(cmd, LIGHTNINGD, "Bad payer_secret");
invreq->payer_key = tal(invreq, struct point32);
/* Docs say this only happens if arguments are invalid! */
if (secp256k1_keypair_xonly_pub(secp256k1_ctx,
&invreq->payer_key->pubkey, NULL,
&kp) != 1)
plugin_err(cmd->plugin,
"secp256k1_keypair_pub failed on %s?",
type_to_string(tmpctx, struct secret, payer_secret));
/* Linearize populates ->fields */
msg = tal_arr(tmpctx, u8, 0);
towire_tlv_invoice_request(&msg, invreq);
p = msg;
len = tal_bytelen(msg);
sent->invreq = fromwire_tlv_invoice_request(cmd, &p, &len);
if (!sent->invreq)
plugin_err(cmd->plugin,
"Could not remarshall invreq %s", tal_hex(tmpctx, msg));
merkle_tlv(sent->invreq->fields, &merkle);
if (deprecated_apis)
sighash_from_merkle("invoice_request", "payer_signature", &merkle, &sha);
else
sighash_from_merkle("invoice_request", "signature", &merkle, &sha);
sent->invreq->signature = tal(invreq, struct bip340sig);
if (!secp256k1_schnorrsig_sign32(secp256k1_ctx,
sent->invreq->signature->u8,
sha.u.u8,
&kp,
NULL)) {
return command_fail(cmd, LIGHTNINGD,
"Failed to sign with payer_secret");
}
sent->path = path_to_node(sent, cmd->plugin,
sent->offer->node_id,
&parity);
if (!sent->path)
return connect_direct(cmd, sent->offer->node_id, parity,
sendinvreq_after_connect, sent);
return sendinvreq_after_connect(cmd, NULL, NULL, sent);
}
/* Fetches an invoice for this offer, and makes sure it corresponds. */
static struct command_result *json_fetchinvoice(struct command *cmd,
const char *buffer,
const jsmntok_t *params)
{
struct amount_msat *msat;
const char *rec_label, *payer_note;
struct out_req *req;
struct tlv_invoice_request *invreq;
struct sent *sent = tal(cmd, struct sent);
struct secret *payer_secret = NULL;
u32 *timeout;
invreq = tlv_invoice_request_new(sent);
if (!param(cmd, buffer, params,
p_req("offer", param_offer, &sent->offer),
p_opt("amount_msat|msatoshi", param_msat, &msat),
p_opt("quantity", param_u64, &invreq->quantity),
p_opt("recurrence_counter", param_number,
&invreq->recurrence_counter),
p_opt("recurrence_start", param_number,
&invreq->recurrence_start),
p_opt("recurrence_label", param_string, &rec_label),
p_opt_def("timeout", param_number, &timeout, 60),
p_opt("payer_note", param_string, &payer_note),
#if DEVELOPER
p_opt("payer_secret", param_secret, &payer_secret),
#endif
NULL))
return command_param_failed();
sent->wait_timeout = *timeout;
/* BOLT-offers #12:
* - MUST set `offer_id` to the Merkle root of the offer as described
* in [Signature Calculation](#signature-calculation).
*/
invreq->offer_id = tal(invreq, struct sha256);
merkle_tlv(sent->offer->fields, invreq->offer_id);
/* Check if they are trying to send us money. */
if (sent->offer->send_invoice)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Offer wants an invoice, not invoice_request");
/* BOLT-offers #12:
* - SHOULD not respond to an offer if the current time is after
* `absolute_expiry`.
*/
if (sent->offer->absolute_expiry
&& time_now().ts.tv_sec > *sent->offer->absolute_expiry)
return command_fail(cmd, OFFER_EXPIRED, "Offer expired");
/* BOLT-offers-recurrence #12:
* - if the offer did not specify `amount`:
* - MUST specify `amount`.`msat` in multiples of the minimum
* lightning-payable unit (e.g. milli-satoshis for bitcoin) for
* `chain` (or for bitcoin, if there is no `chain`).
* - otherwise:
* - MAY omit `amount`.
* - if it sets `amount`:
* - MUST specify `amount`.`msat` as greater or equal to amount
* expected by the offer (before any proportional period amount).
*/
if (sent->offer->amount) {
/* FIXME: Check after quantity? */
if (msat) {
invreq->amount = tal_dup(invreq, u64,
&msat->millisatoshis); /* Raw: tu64 */
}
} else {
if (!msat)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"msatoshi parameter required");
invreq->amount = tal_dup(invreq, u64,
&msat->millisatoshis); /* Raw: tu64 */
}
/* BOLT-offers #12:
* - if the offer had a `quantity_min` or `quantity_max` field:
* - MUST set `quantity`
* - MUST set it within that (inclusive) range.
* - otherwise:
* - MUST NOT set `quantity`
*/
if (sent->offer->quantity_min || sent->offer->quantity_max) {
if (!invreq->quantity)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity parameter required");
if (sent->offer->quantity_min
&& *invreq->quantity < *sent->offer->quantity_min)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity must be >= %"PRIu64,
*sent->offer->quantity_min);
if (sent->offer->quantity_max
&& *invreq->quantity > *sent->offer->quantity_max)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity must be <= %"PRIu64,
*sent->offer->quantity_max);
} else {
if (invreq->quantity)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity parameter unnecessary");
}
/* BOLT-offers-recurrence #12:
* - if the offer contained `recurrence`:
*/
if (sent->offer->recurrence) {
/* BOLT-offers-recurrence #12:
* - for the initial request:
*...
* - MUST set `recurrence_counter` `counter` to 0.
*/
/* BOLT-offers-recurrence #12:
* - for any successive requests:
*...
* - MUST set `recurrence_counter` `counter` to one greater
* than the highest-paid invoice.
*/
if (!invreq->recurrence_counter)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"needs recurrence_counter");
/* BOLT-offers-recurrence #12:
* - if the offer contained `recurrence_base` with
* `start_any_period` non-zero:
* - MUST include `recurrence_start`
*...
* - otherwise:
* - MUST NOT include `recurrence_start`
*/
if (sent->offer->recurrence_base
&& sent->offer->recurrence_base->start_any_period) {
if (!invreq->recurrence_start)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"needs recurrence_start");
} else {
if (invreq->recurrence_start)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"unnecessary recurrence_start");
}
/* recurrence_label uniquely identifies this series of
* payments (unless they supply secret themselves)! */
if (!rec_label && !payer_secret)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"needs recurrence_label");
} else {
/* BOLT-offers-recurrence #12:
* - otherwise:
* - MUST NOT set `recurrence_counter`.
* - MUST NOT set `recurrence_start`
*/
if (invreq->recurrence_counter)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"unnecessary recurrence_counter");
if (invreq->recurrence_start)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"unnecessary recurrence_start");
}
/* BOLT-offers #12:
*
* - if the chain for the invoice is not solely bitcoin:
* - MUST specify `chains` the offer is valid for.
* - otherwise:
* - the bitcoin chain is implied as the first and only entry.
*/
if (!streq(chainparams->network_name, "bitcoin")) {
invreq->chain = tal_dup(invreq, struct bitcoin_blkid,
&chainparams->genesis_blockhash);
}
invreq->features
= plugin_feature_set(cmd->plugin)->bits[BOLT11_FEATURE];
/* invreq->payer_note is not a nul-terminated string! */
if (payer_note)
invreq->payer_note = tal_dup_arr(invreq, utf8,
payer_note, strlen(payer_note),
0);
/* They can provide a secret, and we don't assume it's our job
* to pay. */
if (payer_secret)
return force_payer_secret(cmd, sent, invreq, payer_secret);
/* Make the invoice request (fills in payer_key and payer_info) */
req = jsonrpc_request_start(cmd->plugin, cmd, "createinvoicerequest",
&invreq_done,
&forward_error,
sent);
json_add_string(req->js, "bolt12", invrequest_encode(tmpctx, invreq));
if (rec_label)
json_add_string(req->js, "recurrence_label", rec_label);
return send_outreq(cmd->plugin, req);
}
/* FIXME: Using a hook here is not ideal: technically it doesn't mean
* it's actually hit the db! But using waitinvoice is also suboptimal
* because we don't have libplugin infra to cancel a pending req (and I
* want to rewrite our wait* API anyway) */
static struct command_result *invoice_payment(struct command *cmd,
const char *buf,
const jsmntok_t *params)
{
struct sent *i;
const jsmntok_t *ptok, *preimagetok, *msattok;
struct preimage preimage;
struct amount_msat msat;
ptok = json_get_member(buf, params, "payment");
preimagetok = json_get_member(buf, ptok, "preimage");
msattok = json_get_member(buf, ptok, "msat");
if (!preimagetok || !msattok)
plugin_err(cmd->plugin,
"Invalid invoice_payment %.*s",
json_tok_full_len(params),
json_tok_full(buf, params));
hex_decode(buf + preimagetok->start,
preimagetok->end - preimagetok->start,
&preimage, sizeof(preimage));
json_to_msat(buf, msattok, &msat);
list_for_each(&sent_list, i, list) {
struct out_req *req;
if (!i->inv)
continue;
if (!preimage_eq(&preimage, &i->inv_preimage))
continue;
/* It was paid! Success. Return as per waitinvoice. */
req = jsonrpc_request_start(cmd->plugin, i->cmd, "waitinvoice",
&forward_result,
&forward_error,
i);
json_add_escaped_string(req->js, "label", i->inv_label);
discard_result(send_outreq(cmd->plugin, req));
break;
}
return command_hook_success(cmd);
}
/* We've connected (if we tried), so send the invoice. */
static struct command_result *
sendinvoice_after_connect(struct command *cmd,
const char *buf UNUSED,
const jsmntok_t *result UNUSED,
struct sent *sent)
{
u8 *rawinv = tal_arr(tmpctx, u8, 0);
towire_tlv_invoice(&rawinv, sent->inv);
return send_message(cmd, sent, "invoice", rawinv, prepare_inv_timeout);
}
static struct command_result *createinvoice_done(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sent *sent)
{
const jsmntok_t *invtok = json_get_member(buf, result, "bolt12");
char *fail;
enum nodeid_parity parity;
/* Replace invoice with signed one */
tal_free(sent->inv);
sent->inv = invoice_decode(sent,
buf + invtok->start,
invtok->end - invtok->start,
plugin_feature_set(cmd->plugin),
chainparams,
&fail);
if (!sent->inv) {
plugin_log(cmd->plugin, LOG_BROKEN,
"Bad createinvoice %.*s: %s",
json_tok_full_len(invtok),
json_tok_full(buf, invtok),
fail);
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Bad createinvoice response %s", fail);
}
sent->path = path_to_node(sent, cmd->plugin,
sent->offer->node_id,
&parity);
if (!sent->path)
return connect_direct(cmd, sent->offer->node_id, parity,
sendinvoice_after_connect, sent);
return sendinvoice_after_connect(cmd, NULL, NULL, sent);
}
static struct command_result *sign_invoice(struct command *cmd,
struct sent *sent)
{
struct out_req *req;
/* Get invoice signature and put in db so we can receive payment */
req = jsonrpc_request_start(cmd->plugin, cmd, "createinvoice",
&createinvoice_done,
&forward_error,
sent);
json_add_string(req->js, "invstring", invoice_encode(tmpctx, sent->inv));
json_add_preimage(req->js, "preimage", &sent->inv_preimage);
json_add_escaped_string(req->js, "label", sent->inv_label);
return send_outreq(cmd->plugin, req);
}
static bool json_to_bip340sig(const char *buffer, const jsmntok_t *tok,
struct bip340sig *sig)
{
return hex_decode(buffer + tok->start, tok->end - tok->start,
sig->u8, sizeof(sig->u8));
}
static struct command_result *payersign_done(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sent *sent)
{
const jsmntok_t *sig;
sent->inv->refund_signature = tal(sent->inv, struct bip340sig);
sig = json_get_member(buf, result, "signature");
json_to_bip340sig(buf, sig, sent->inv->refund_signature);
return sign_invoice(cmd, sent);
}
/* They're offering a refund, so we need to sign with same key as used
* in initial payment. */
static struct command_result *listsendpays_done(struct command *cmd,
const char *buf,
const jsmntok_t *result,
struct sent *sent)
{
const jsmntok_t *t, *arr = json_get_member(buf, result, "payments");
size_t i;
const u8 *public_tweak = NULL, *p;
u8 *msg;
size_t len;
struct sha256 merkle;
struct out_req *req;
/* Linearize populates ->fields */
msg = tal_arr(tmpctx, u8, 0);
towire_tlv_invoice(&msg, sent->inv);
p = msg;
len = tal_bytelen(msg);
sent->inv = fromwire_tlv_invoice(cmd, &p, &len);
if (!sent->inv)
plugin_err(cmd->plugin,
"Could not remarshall %s", tal_hex(tmpctx, msg));
merkle_tlv(sent->inv->fields, &merkle);
json_for_each_arr(i, t, arr) {
const jsmntok_t *b12tok;
struct tlv_invoice *inv;
char *fail;
b12tok = json_get_member(buf, t, "bolt12");
if (!b12tok) {
/* This could happen if they try to refund a bolt11 */
plugin_log(cmd->plugin, LOG_UNUSUAL,
"Not bolt12 string in %.*s?",
json_tok_full_len(t),
json_tok_full(buf, t));
continue;
}
inv = invoice_decode(tmpctx, buf + b12tok->start,
b12tok->end - b12tok->start,
plugin_feature_set(cmd->plugin),
chainparams,
&fail);
if (!inv) {
plugin_log(cmd->plugin, LOG_BROKEN,
"Bad bolt12 string in %.*s?",
json_tok_full_len(t),
json_tok_full(buf, t));
continue;
}
public_tweak = inv->payer_info;
break;
}
if (!public_tweak)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Cannot find invoice %s for refund",
type_to_string(tmpctx, struct sha256,
sent->offer->refund_for));
/* BOLT-offers #12:
* - MUST set `refund_signature` to the signature of the
* `refunded_payment_hash` using prefix `refund_signature` and the
* `payer_key` from the to-be-refunded invoice.
*/
req = jsonrpc_request_start(cmd->plugin, cmd, "payersign",
&payersign_done,
&forward_error,
sent);
json_add_string(req->js, "messagename", "invoice");
json_add_string(req->js, "fieldname", "refund_signature");
json_add_sha256(req->js, "merkle", &merkle);
json_add_hex_talarr(req->js, "tweak", public_tweak);
return send_outreq(cmd->plugin, req);
}
static struct command_result *json_sendinvoice(struct command *cmd,
const char *buffer,
const jsmntok_t *params)
{
struct amount_msat *msat;
struct out_req *req;
u32 *timeout;
struct sent *sent = tal(cmd, struct sent);
sent->inv = tlv_invoice_new(cmd);
sent->invreq = NULL;
sent->cmd = cmd;
/* FIXME: Support recurring send_invoice offers? */
if (!param(cmd, buffer, params,
p_req("offer", param_offer, &sent->offer),
p_req("label", param_label, &sent->inv_label),
p_opt("amount_msat|msatoshi", param_msat, &msat),
p_opt_def("timeout", param_number, &timeout, 90),
p_opt("quantity", param_u64, &sent->inv->quantity),
NULL))
return command_param_failed();
/* This is how long we'll wait for a reply for. */
sent->wait_timeout = *timeout;
/* Check they are really trying to send us money. */
if (!sent->offer->send_invoice)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Offer wants an invoice_request, not invoice");
/* If they don't tell us how much, base it on offer. */
if (!msat) {
if (sent->offer->currency)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Offer in different currency: need amount");
if (!sent->offer->amount)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Offer did not specify: need amount");
sent->inv->amount = tal_dup(sent->inv, u64, sent->offer->amount);
if (sent->inv->quantity)
*sent->inv->amount *= *sent->inv->quantity;
} else
sent->inv->amount = tal_dup(sent->inv, u64,
&msat->millisatoshis); /* Raw: tlv */
/* FIXME: Support blinded paths, in which case use fake nodeid */
/* BOLT-offers #12:
* - otherwise (responding to a `send_invoice` offer):
* - MUST set `node_id` to the id of the node to send payment to.
* - MUST set `description` the same as the offer.
*/
sent->inv->node_id = tal(sent->inv, struct point32);
/* This only fails if pubkey is invalid. */
if (!secp256k1_xonly_pubkey_from_pubkey(secp256k1_ctx,
&sent->inv->node_id->pubkey,
NULL,
&local_id.pubkey))
abort();
sent->inv->description
= tal_dup_talarr(sent->inv, char, sent->offer->description);
/* BOLT-offers #12:
* - MUST set (or not set) `send_invoice` the same as the offer.
*/
sent->inv->send_invoice = tal(sent->inv, struct tlv_invoice_send_invoice);
/* BOLT-offers #12:
* - MUST set `offer_id` to the id of the offer.
*/
sent->inv->offer_id = tal(sent->inv, struct sha256);
merkle_tlv(sent->offer->fields, sent->inv->offer_id);
/* BOLT-offers #12:
* - SHOULD not respond to an offer if the current time is after
* `absolute_expiry`.
*/
if (sent->offer->absolute_expiry
&& time_now().ts.tv_sec > *sent->offer->absolute_expiry)
return command_fail(cmd, OFFER_EXPIRED, "Offer expired");
/* BOLT-offers #12:
* - otherwise (responding to a `send_invoice` offer):
*...
* - if the offer had a `quantity_min` or `quantity_max` field:
* - MUST set `quantity`
* - MUST set it within that (inclusive) range.
* - otherwise:
* - MUST NOT set `quantity`
*/
if (sent->offer->quantity_min || sent->offer->quantity_max) {
if (!sent->inv->quantity)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity parameter required");
if (sent->offer->quantity_min
&& *sent->inv->quantity < *sent->offer->quantity_min)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity must be >= %"PRIu64,
*sent->offer->quantity_min);
if (sent->offer->quantity_max
&& *sent->inv->quantity > *sent->offer->quantity_max)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity must be <= %"PRIu64,
*sent->offer->quantity_max);
} else {
if (sent->inv->quantity)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"quantity parameter unnecessary");
}
/* BOLT-offers #12:
* - MUST set `created_at` to the number of seconds since Midnight 1
* January 1970, UTC when the offer was created.
*/
sent->inv->created_at = tal(sent->inv, u64);
*sent->inv->created_at = time_now().ts.tv_sec;
/* BOLT-offers #12:
* - if the expiry for accepting payment is not 7200 seconds after
* `created_at`:
* - MUST set `relative_expiry` `seconds_from_creation` to the number
* of seconds after `created_at` that payment of this invoice should
* not be attempted.
*/
if (sent->wait_timeout != 7200) {
sent->inv->relative_expiry = tal(sent->inv, u32);
*sent->inv->relative_expiry = sent->wait_timeout;
}
/* BOLT-offers #12:
* - MUST set `payer_key` to the `node_id` of the offer.
*/
sent->inv->payer_key = sent->offer->node_id;
/* FIXME: recurrence? */
if (sent->offer->recurrence)
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"FIXME: handle recurring send_invoice offer!");
/* BOLT-offers #12:
*
* - if the chain for the invoice is not solely bitcoin:
* - MUST specify `chains` the offer is valid for.
* - otherwise:
* - the bitcoin chain is implied as the first and only entry.
*/
if (!streq(chainparams->network_name, "bitcoin")) {
sent->inv->chain = tal_dup(sent->inv, struct bitcoin_blkid,
&chainparams->genesis_blockhash);
}
sent->inv->features
= plugin_feature_set(cmd->plugin)->bits[BOLT11_FEATURE];
randombytes_buf(&sent->inv_preimage, sizeof(sent->inv_preimage));
sent->inv->payment_hash = tal(sent->inv, struct sha256);
sha256(sent->inv->payment_hash,
&sent->inv_preimage, sizeof(sent->inv_preimage));
/* BOLT-offers #12:
* - MUST set (or not set) `refund_for` exactly as the offer did.
* - if it sets `refund_for`:
* - MUST set `refund_signature` to the signature of the
* `refunded_payment_hash` using prefix `refund_signature` and
* the `payer_key` from the to-be-refunded invoice.
* - otherwise:
* - MUST NOT set `refund_signature`
*/
if (sent->offer->refund_for) {
sent->inv->refund_for = sent->offer->refund_for;
/* Find original payment invoice */
req = jsonrpc_request_start(cmd->plugin, cmd, "listsendpays",
&listsendpays_done,
&forward_error,
sent);
json_add_sha256(req->js, "payment_hash",
sent->offer->refund_for);
return send_outreq(cmd->plugin, req);
}
return sign_invoice(cmd, sent);
}
#if DEVELOPER
static struct command_result *param_invreq(struct command *cmd,
const char *name,
const char *buffer,
const jsmntok_t *tok,
struct tlv_invoice_request **invreq)
{
char *fail;
*invreq = invrequest_decode(cmd, buffer + tok->start, tok->end - tok->start,
plugin_feature_set(cmd->plugin), chainparams,
&fail);
if (!*invreq)
return command_fail_badparam(cmd, name, buffer, tok,
tal_fmt(cmd,
"Unparsable invreq: %s",
fail));
return NULL;
}
static struct command_result *json_rawrequest(struct command *cmd,
const char *buffer,
const jsmntok_t *params)
{
struct sent *sent = tal(cmd, struct sent);
u32 *timeout;
struct node_id *node_id;
struct point32 node_id32;
enum nodeid_parity parity;
if (!param(cmd, buffer, params,
p_req("invreq", param_invreq, &sent->invreq),
p_req("nodeid", param_node_id, &node_id),
p_opt_def("timeout", param_number, &timeout, 60),
NULL))
return command_param_failed();
/* Skip over 02/03 in node_id */
if (!secp256k1_xonly_pubkey_parse(secp256k1_ctx,
&node_id32.pubkey,
node_id->k + 1))
return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
"Invalid nodeid");
/* This is how long we'll wait for a reply for. */
sent->wait_timeout = *timeout;
sent->cmd = cmd;
sent->offer = NULL;
sent->path = path_to_node(sent, cmd->plugin,
&node_id32,
&parity);
if (!sent->path) {
/* We *do* know parity: they gave it to us! */
parity = node_id->k[0];
return connect_direct(cmd, &node_id32, parity,
sendinvreq_after_connect, sent);
}
return sendinvreq_after_connect(cmd, NULL, NULL, sent);
}
#endif /* DEVELOPER */
static const struct plugin_command commands[] = {
{
"fetchinvoice",
"payment",
"Request remote node for an invoice for this {offer}, with {amount}, {quanitity}, {recurrence_counter}, {recurrence_start} and {recurrence_label} iff required.",
NULL,
json_fetchinvoice,
},
{
"sendinvoice",
"payment",
"Request remote node for to pay this send_invoice {offer}, with {amount}, {quanitity}, {recurrence_counter}, {recurrence_start} and {recurrence_label} iff required.",
NULL,
json_sendinvoice,
},
#if DEVELOPER
{
"dev-rawrequest",
"util",
"Send {invreq} to {nodeid}, wait {timeout} (60 seconds by default)",
NULL,
json_rawrequest,
},
#endif /* DEVELOPER */
};
static const char *init(struct plugin *p, const char *buf UNUSED,
const jsmntok_t *config UNUSED)
{
bool exp_offers;
rpc_scan(p, "getinfo",
take(json_out_obj(NULL, NULL, NULL)),
"{id:%}", JSON_SCAN(json_to_pubkey, &local_id));
rpc_scan(p, "listconfigs",
take(json_out_obj(NULL, "config", "experimental-offers")),
"{experimental-offers:%}",
JSON_SCAN(json_to_bool, &exp_offers));
if (!exp_offers)
return "offers not enabled in config";
return NULL;
}
static const struct plugin_hook hooks[] = {
{
"onion_message_ourpath",
recv_modern_onion_message
},
{
"invoice_payment",
invoice_payment,
},
};
int main(int argc, char *argv[])
{
setup_locale();
plugin_main(argv, init, PLUGIN_RESTARTABLE, true, NULL,
commands, ARRAY_SIZE(commands),
/* No notifications */
NULL, 0,
hooks, ARRAY_SIZE(hooks),
NULL, 0,
plugin_option("fetchinvoice-noconnect", "flag",
"Don't try to connect directly to fetch an invoice.",
flag_option, &disable_connect),
NULL);
}