From 6cf3d4750526a6d4f5d70bd6a47e16a8aab30529 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Sat, 10 Sep 2022 11:36:31 +0930 Subject: [PATCH] offers: remove backwards-compatiblity invoice_request signatures. We changed the field name in v0.11.0, so this breaks compat with v0.10.2. Signed-off-by: Rusty Russell --- lightningd/offer.c | 11 +++-------- plugins/fetchinvoice.c | 5 +---- plugins/offers.c | 21 +++------------------ plugins/offers_invreq_hook.c | 18 +++--------------- tests/test_pay.py | 14 -------------- 5 files changed, 10 insertions(+), 59 deletions(-) diff --git a/lightningd/offer.c b/lightningd/offer.c index f80a7b39c..67ca0e10f 100644 --- a/lightningd/offer.c +++ b/lightningd/offer.c @@ -473,14 +473,9 @@ static struct command_result *json_createinvoicerequest(struct command *cmd, invreq->fields = tlv_make_fields(invreq, tlv_invoice_request); merkle_tlv(invreq->fields, &merkle); invreq->signature = tal(invreq, struct bip340sig); - if (deprecated_apis) - hsm_sign_b12(cmd->ld, "invoice_request", "payer_signature", - &merkle, invreq->payer_info, invreq->payer_key, - invreq->signature); - else - hsm_sign_b12(cmd->ld, "invoice_request", "signature", - &merkle, invreq->payer_info, invreq->payer_key, - invreq->signature); + hsm_sign_b12(cmd->ld, "invoice_request", "signature", + &merkle, invreq->payer_info, invreq->payer_key, + invreq->signature); response = json_stream_success(cmd); json_add_string(response, "bolt12", invrequest_encode(tmpctx, invreq)); diff --git a/plugins/fetchinvoice.c b/plugins/fetchinvoice.c index b7f3abe70..cbf00bfc3 100644 --- a/plugins/fetchinvoice.c +++ b/plugins/fetchinvoice.c @@ -1196,10 +1196,7 @@ force_payer_secret(struct command *cmd, "Could not remarshall invreq %s", tal_hex(tmpctx, msg)); merkle_tlv(sent->invreq->fields, &merkle); - if (deprecated_apis) - sighash_from_merkle("invoice_request", "payer_signature", &merkle, &sha); - else - sighash_from_merkle("invoice_request", "signature", &merkle, &sha); + sighash_from_merkle("invoice_request", "signature", &merkle, &sha); sent->invreq->signature = tal(invreq, struct bip340sig); if (!secp256k1_schnorrsig_sign32(secp256k1_ctx, diff --git a/plugins/offers.c b/plugins/offers.c index 5fd2cf11d..4a64e3729 100644 --- a/plugins/offers.c +++ b/plugins/offers.c @@ -776,24 +776,9 @@ static void json_add_invoice_request(struct json_stream *js, "signature", invreq->payer_key, invreq->signature)) { - bool sig_valid; - - if (deprecated_apis) { - /* The old name? */ - sig_valid = bolt12_check_signature(invreq->fields, - "invoice_request", - "payer_signature", - invreq->payer_key, - invreq->signature); - } else { - sig_valid = false; - } - - if (!sig_valid) { - json_add_string(js, "warning_invoice_request_invalid_signature", - "Bad signature"); - valid = false; - } + json_add_string(js, "warning_invoice_request_invalid_signature", + "Bad signature"); + valid = false; } } else { json_add_string(js, "warning_invoice_request_missing_signature", diff --git a/plugins/offers_invreq_hook.c b/plugins/offers_invreq_hook.c index a75817bba..ff6a0fc3a 100644 --- a/plugins/offers_invreq_hook.c +++ b/plugins/offers_invreq_hook.c @@ -431,23 +431,11 @@ static bool check_payer_sig(struct command *cmd, merkle_tlv(invreq->fields, &merkle); sighash_from_merkle("invoice_request", "signature", &merkle, &sighash); - if (secp256k1_schnorrsig_verify(secp256k1_ctx, - sig->u8, - sighash.u.u8, sizeof(sighash.u.u8), &payer_key->pubkey) == 1) - return true; - - if (!deprecated_apis) - return false; - - /* Try old name */ - plugin_log(cmd->plugin, LOG_DBG, - "Testing invoice_request with old name 'payer_signature'"); - sighash_from_merkle("invoice_request", "payer_signature", - &merkle, &sighash); - return secp256k1_schnorrsig_verify(secp256k1_ctx, sig->u8, - sighash.u.u8, sizeof(sighash.u.u8), &payer_key->pubkey) == 1; + sighash.u.u8, + sizeof(sighash.u.u8), + &payer_key->pubkey) == 1; } static struct command_result *invreq_amount_by_quantity(struct command *cmd, diff --git a/tests/test_pay.py b/tests/test_pay.py index 8360b81f5..e10cf0afb 100644 --- a/tests/test_pay.py +++ b/tests/test_pay.py @@ -4540,20 +4540,6 @@ def test_offer(node_factory, bitcoind): assert 'recurrence: every 600 seconds paywindow -10 to +600 (pay proportional)\n' in output -def test_deprecated_offer(node_factory, bitcoind): - """Test that we allow old invreq name `payer_signature` with deprecated_apis""" - l1, l2 = node_factory.line_graph(2, opts={'experimental-offers': None, - 'allow-deprecated-apis': True}) - - offer = l2.rpc.call('offer', {'amount': 10000, - 'description': 'test'})['bolt12'] - - inv = l1.rpc.call('fetchinvoice', {'offer': offer})['invoice'] - l2.daemon.wait_for_log("Testing invoice_request with old name 'payer_signature'") - - l1.rpc.pay(inv) - - @pytest.mark.developer("dev-no-modern-onion is DEVELOPER-only") def test_fetchinvoice_3hop(node_factory, bitcoind): l1, l2, l3, l4 = node_factory.line_graph(4, wait_for_announce=True,