Merge pull request #3440 from valentinewallace/2024-12-async-payment-receive

Support receiving async payments

Author: TheBlueMatt

lightning/src/blinded_path/message.rs

@@ -434,6 +434,10 @@ pub enum AsyncPaymentsContext {
 		///
 		/// [`HeldHtlcAvailable`]: crate::onion_message::async_payments::HeldHtlcAvailable
 		hmac: Hmac<Sha256>,
+		/// The time as duration since the Unix epoch at which this path expires and messages sent over
+		/// it should be ignored. Without this, anyone with the path corresponding to this context is
+		/// able to trivially ask if we're online forever.
+		path_absolute_expiry: core::time::Duration,
 	},
 }
 
@@ -469,6 +473,7 @@ impl_writeable_tlv_based_enum!(AsyncPaymentsContext,
 	(1, InboundPayment) => {
 		(0, nonce, required),
 		(2, hmac, required),
+		(4, path_absolute_expiry, required),
 	},
 );
 

lightning/src/blinded_path/payment.rs

@@ -11,6 +11,7 @@
 
 use bitcoin::hashes::hmac::Hmac;
 use bitcoin::hashes::sha256::Hash as Sha256;
+use bitcoin::secp256k1::ecdh::SharedSecret;
 use bitcoin::secp256k1::{self, PublicKey, Secp256k1, SecretKey};
 
 use crate::blinded_path::utils;
@@ -193,17 +194,11 @@ impl BlindedPaymentPath {
 		NL::Target: NodeIdLookUp,
 		T: secp256k1::Signing + secp256k1::Verification,
 	{
-		let control_tlvs_ss =
-			node_signer.ecdh(Recipient::Node, &self.inner_path.blinding_point, None)?;
-		let rho = onion_utils::gen_rho_from_shared_secret(&control_tlvs_ss.secret_bytes());
-		let encrypted_control_tlvs =
-			&self.inner_path.blinded_hops.get(0).ok_or(())?.encrypted_payload;
-		let mut s = Cursor::new(encrypted_control_tlvs);
-		let mut reader = FixedLengthReader::new(&mut s, encrypted_control_tlvs.len() as u64);
-		match ChaChaPolyReadAdapter::read(&mut reader, rho) {
-			Ok(ChaChaPolyReadAdapter {
-				readable: BlindedPaymentTlvs::Forward(ForwardTlvs { short_channel_id, .. }),
-			}) => {
+		match self.decrypt_intro_payload::<NS>(node_signer) {
+			Ok((
+				BlindedPaymentTlvs::Forward(ForwardTlvs { short_channel_id, .. }),
+				control_tlvs_ss,
+			)) => {
 				let next_node_id = match node_id_lookup.next_node_id(short_channel_id) {
 					Some(node_id) => node_id,
 					None => return Err(()),
@@ -223,6 +218,25 @@ impl BlindedPaymentPath {
 		}
 	}
 
+	pub(crate) fn decrypt_intro_payload<NS: Deref>(
+		&self, node_signer: &NS,
+	) -> Result<(BlindedPaymentTlvs, SharedSecret), ()>
+	where
+		NS::Target: NodeSigner,
+	{
+		let control_tlvs_ss =
+			node_signer.ecdh(Recipient::Node, &self.inner_path.blinding_point, None)?;
+		let rho = onion_utils::gen_rho_from_shared_secret(&control_tlvs_ss.secret_bytes());
+		let encrypted_control_tlvs =
+			&self.inner_path.blinded_hops.get(0).ok_or(())?.encrypted_payload;
+		let mut s = Cursor::new(encrypted_control_tlvs);
+		let mut reader = FixedLengthReader::new(&mut s, encrypted_control_tlvs.len() as u64);
+		match ChaChaPolyReadAdapter::read(&mut reader, rho) {
+			Ok(ChaChaPolyReadAdapter { readable, .. }) => Ok((readable, control_tlvs_ss)),
+			_ => Err(()),
+		}
+	}
+
 	pub(crate) fn inner_blinded_path(&self) -> &BlindedPath {
 		&self.inner_path
 	}

lightning/src/events/mod.rs

@@ -178,9 +178,10 @@ impl PaymentPurpose {
 		}
 	}
 
+	/// Errors when provided an `AsyncBolt12OfferContext`, see below.
 	pub(crate) fn from_parts(
 		payment_preimage: Option<PaymentPreimage>, payment_secret: PaymentSecret,
-		payment_context: Option<PaymentContext>,
+		payment_context: Option<PaymentContext>
 	) -> Result<Self, ()> {
 		match payment_context {
 			None => {
@@ -203,11 +204,12 @@ impl PaymentPurpose {
 					payment_context: context,
 				})
 			},
-			Some(PaymentContext::AsyncBolt12Offer(_context)) => {
-				// This code will change to return Self::Bolt12OfferPayment when we add support for async
-				// receive.
+			Some(PaymentContext::AsyncBolt12Offer(_)) => {
+				// Callers are expected to convert from `AsyncBolt12OfferContext` to `Bolt12OfferContext`
+				// using the invoice request provided in the payment onion prior to calling this method.
+				debug_assert!(false);
 				Err(())
-			},
+			}
 		}
 	}
 }
@@ -1190,12 +1192,12 @@ pub enum Event {
 		/// events generated or serialized by versions prior to 0.0.122.
 		next_user_channel_id: Option<u128>,
 		/// The node id of the previous node.
-		/// 
+		///
 		/// This is only `None` for HTLCs received prior to 0.1 or for events serialized by
 		/// versions prior to 0.1
 		prev_node_id: Option<PublicKey>,
 		/// The node id of the next node.
-		/// 
+		///
 		/// This is only `None` for HTLCs received prior to 0.1 or for events serialized by
 		/// versions prior to 0.1
 		next_node_id: Option<PublicKey>,