BOLT 12 offer parsing #1726
BOLT 12 offer parsing #1726
Conversation
Codecov ReportBase: 90.80% // Head: 91.95% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## main #1726 +/- ##
==========================================
+ Coverage 90.80% 91.95% +1.14%
==========================================
Files 89 91 +2
Lines 47963 58814 +10851
Branches 47963 58814 +10851
==========================================
+ Hits 43554 54081 +10527
- Misses 4409 4733 +324
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
4 times, most recently
from
eb9a7ea
to
77f0517
Compare
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
77f0517
to
3253cb5
Compare
lightning/src/offers/offer.rs
Outdated
| impl Writeable for OfferContents { | ||
| fn write<W: Writer>(&self, writer: &mut W) -> Result<(), io::Error> { | ||
| self.as_tlv_stream().write(writer) | ||
| } | ||
| } | ||
|
|
||
| impl TryFrom<Vec<u8>> for Offer { |
There was a problem hiding this comment.
Readable seems more ergonomic as an API?
There was a problem hiding this comment.
Readable only supports DecodeError. Could map ParseError to DecodeError::InvalidValue, but I don't think we'd want to swallow the more specific error. Plus, it would be inconsistent with parsing InvoiceRequest and Invoice, where it's helpful to know the error reason.
There was a problem hiding this comment.
Forgot to mention but also note that Offer needs to take ownership of the bytes.
lightning/src/offers/parse.rs
Outdated
| MissingNodeId, | ||
| /// An empty set of blinded paths was provided. | ||
| MissingPaths, | ||
| /// A quantity representing an empty range or that was outside of a valid range was provided. |
There was a problem hiding this comment.
Bit confusing wording to parse
There was a problem hiding this comment.
Rewrote the InvalidQuantity docs. PTAL.
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
2 times, most recently
from
b35db47
to
c9fc32f
Compare
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
c9fc32f
to
e584fae
Compare
|
Updated to parse bech32 strings directly into the higher-level structs instead of an intermediary TLV stream format by adding a |
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
e584fae
to
4236762
Compare
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
2 times, most recently
from
11b712e
to
9eeccb2
Compare
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
3 times, most recently
from
7fe129f
to
0af1aff
Compare
|
FYI, I refactored commit out of the next PR that limits TLV stream decoding to a type range and moved it here. |
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
c15b93d
to
0839966
Compare
| } | ||
|
|
||
| let mut builder = OfferBuilder::new("foo".into(), pubkey(42)); | ||
| builder.offer.paths = Some(vec![]); |
There was a problem hiding this comment.
I don't quite get why this should cause us to fail to parse
There was a problem hiding this comment.
I likely inferred it from this part of the spec:
- if it is connected only by private channels:
- MUST include `offer_paths` containing one or more paths to the node from
publicly reachable nodes.
- otherwise:
- MAY include `offer_paths`.
There was a problem hiding this comment.
But doesn't that imply offer_paths is optional? Only for public nodes, but that's not something we know at decode-time.
There was a problem hiding this comment.
True... I guess it is more that we fail if given a paths TLV record with length 0. We are fine parsing it if the paths TLV record doesn't exist. Could remove this check if you prefer.
There was a problem hiding this comment.
Hmm, no strong opinion, I worry we'd spuriously fail there encountering those in the wild, though?
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
2 times, most recently
from
391fa0b
to
179e961
Compare
|
Feel free to squash IMO. |
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
179e961
to
0a56d98
Compare
|
|
||
| /// Parses a bech32-encoded message into a TLV stream. | ||
| fn from_bech32_str(s: &str) -> Result<Self, ParseError> { | ||
| // Offer encoding may be split by '+' followed by optional whitespace. |
There was a problem hiding this comment.
I'm confused - are offers allowed to have an arbitrary number of +( )*s? Is there some restriction as to where in the offer they can be that we can avoid copying the whole string next just to call bech32::decode? What is the reason they're allowed to have +s anyway?
There was a problem hiding this comment.
According to BOLT 12 requirements:
Readers of a bolt12 string:
- if it encounters a
+followed by zero or more whitespace characters between two bech32 characters:
- MUST remove the
+and whitespace.
Rationale is for use in text fields with limited size, like Twitter.
BOLT 12 defines some test vectors currently exercised in fails_parsing_bech32_encoded_offers_with_invalid_continuations.
Could probably avoid the copy if bech32 crate worked on an iterator of characters. But currently bech32::decode also returns slices into the string for HRP and data.
There was a problem hiding this comment.
Ugh....I wonder if it makes sense to at least have an optimization for cases with no +? Probably more work than it's worth but nice to avoid copying just because.
|
|
||
| /// Formats the message using bech32-encoding. | ||
| fn fmt_bech32_str(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> { | ||
| bech32::encode_without_checksum_to_fmt(f, Self::BECH32_HRP, self.as_ref().to_base32()) |
There was a problem hiding this comment.
Grr, its really kinda dumb we're forced to put the intermediate u5s in a vec in between here, but that's upstream's fault - rust-bitcoin/rust-bech32#81
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
0a56d98
to
2a25525
Compare
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
2a25525
to
e916bf8
Compare
|
LGTM, feel free to squash IMO. |
Add common bech32 parsing for BOLT 12 messages. The encoding is similar to bech32 only without a checksum and with support for continuing messages across multiple parts. Messages implementing Bech32Encode are parsed into a TLV stream, which is converted to the desired message content while performing semantic checks. Checking after conversion allows for more elaborate checks of data composed of multiple TLV records and for more meaningful error messages. The parsed bytes are also saved to allow creating messages with mirrored data, even if TLV records are unknown.
Test semantic errors when parsing offer bytes.
BOLT 12 messages are limited to a range of TLV record types. Refactor decode_tlv_stream into a decode_tlv_stream_range macro for limiting which types are parsed. Requires a SeekReadable trait for rewinding when a type outside of the range is seen. This allows for composing TLV streams of different ranges. Updates offer parsing accordingly and adds a test demonstrating failure if a type outside of the range is included.
jkczyz
force-pushed
the
2022-09-offer-parsing
branch
from
e916bf8
to
1e26a2b
Compare
Add common
bech32parsing for BOLT 12 messages. The encoding is similar tobech32only without a checksum and with support for continuing messages across multiple parts.Messages implementing
Bech32Encodeare parsed into a TLV stream, which is converted to the desired message content while performing semantic checks. Checking after conversion allows for more elaborate checks of data composed of multiple TLV records and for more meaningful error messages.The parsed bytes are also saved to allow creating messages with mirrored data, even if TLV records are unknown.
Also, implement
WriteableforOfferand have a correspondingTryFromimplementation for decoding the raw bytes.