Move BOLT11 JIT params to payment metadata#899
Conversation
The values describe the `LSPS2` parameters negotiated for JIT-channel receives, not a fee-limit concept owned by the payment store. Rename the public type and internal references while preserving the existing fields, TLV encoding, and `PaymentKind::Bolt11Jit` storage shape for the follow-up refactor. Co-Authored-By: HAL 9000
|
👋 Thanks for assigning @joostjager as a reviewer! |
joostjager
left a comment
joostjager
left a comment
There was a problem hiding this comment.
PR looks great. I like the offloading of state to clients. And ofc happy to see usage of lightning/bolts#912 😄
| let payment_hash = invoice.payment_hash(); | ||
| let payment_secret = invoice.payment_secret(); | ||
| let lsp_fee_limits = LSPFeeLimits { | ||
| let lsp_fee_limits = LSPS2Parameters { |
There was a problem hiding this comment.
Not sure if this rename is strictly better. Parameters sounds broader than what it is.
There was a problem hiding this comment.
Yes, that's intentional as we might add more fields in the BOLT12 context that are not 'fee limits'. Sorry, maybe should have given that rationale in the commit description.
There was a problem hiding this comment.
Which parameters are that?
There was a problem hiding this comment.
| let client_payment = client_node.payment(&client_payment_id).unwrap(); | ||
| match client_payment.kind { | ||
| PaymentKind::Bolt11Jit { counterparty_skimmed_fee_msat, .. } => { | ||
| PaymentKind::Bolt11 { counterparty_skimmed_fee_msat, .. } => { |
There was a problem hiding this comment.
Would it be worth to add some coverage for "skimmed fee with missing/malformed metadata" failing?
There was a problem hiding this comment.
I added a small fixup that basically asserts that, let me know if you deem this sufficient. Note that asserting handle_event behavior overall is a bit tricky, and we don't have a good way to create integration tests that feature LSPs maliciously withholding funds.
tnull
force-pushed
the
2026-05-move-jit-params-to-payment-metadata
branch
from
7d41d4f to
40f11e6
Compare
|
Now updated and included a commit that allows us to de/encrypt |
| } | ||
| } | ||
|
|
||
| fn nonce(&self, payment_hash: &PaymentHash, payment_secret: &PaymentSecret) -> [u8; 12] { |
There was a problem hiding this comment.
Is it totally ruled out that payment hash and secret are never reused, also not in some manual flow for example? Perhaps defensively picking a random nonce and storing it in the metadata is safer?
There was a problem hiding this comment.
Yes, pretty much. If we reuse the payment hash for example we have worse issues than just privacy leakage at our hands. Happy to store the nonce if you insist, but note that we try to keep invoices as small as possible, in particular for QR encoding.
There was a problem hiding this comment.
Still I think it is better to not rely on that, but might be worth getting a 2nd opinion.
There was a problem hiding this comment.
Related question: if size is important, is the current scheme minimal? Perhaps the double tlv wrapper and/or u64 can be shaved down too.
There was a problem hiding this comment.
And with lightningdevkit/rust-lightning#4528, perhaps the tag isn't needed anymore for auth, because auth is already on the rust-lightning level?
There was a problem hiding this comment.
Related question: if size is important, is the current scheme minimal? Perhaps the double tlv wrapper and/or u64 can be shaved down too.
We want the wrapper for clean extensibility, and I'd rather not go down the road of using something besides u64 for msat values, as we're very consistent about that, and we soon want to switch to a LightningAmount type that will be serialized as u64, so hopefully we can just use that everywhere in-place.
|
@joostjager Let me know if you have any other questions, otherwise it would be good to land this soon to keep moving. |
joostjager
left a comment
joostjager
left a comment
There was a problem hiding this comment.
Only open item for me is a 2nd reviewer opinion on the nonce generation
3 participants
Context
We recently found that for the intended BOLT12-JIT flow we'll have to encode the LSPS2 parameters in the payment metadata (based on lightningdevkit/rust-lightning#4584). As a prefactor to that (and to simplify things for #811, rather than add yet another store type there, just to revert once we get to the BOLT12-JIT changes), we here switch to store the LSPS2 parameters in the BOLT11
payment_metadatarather than persisting them on-disk. To make this safe we'll also need lightningdevkit/rust-lightning#4528, as otherwise the payer could collude with the LSP to rob the payee.Summary
This moves LSPS2/JIT-channel receive parameters out of dedicated payment-store
state and into the BOLT11 invoice
payment_metadata, so the payment store nolonger needs a
PaymentKind::Bolt11Jitvariant for new payments.Changes
LSPFeeLimitstoLSPS2Parameters.Bolt11PaymentMetadatainbolt11.rswith TLV-based encoding.LSPS2Parametersinto BOLT11payment_metadatawhen creating JITinvoices.
PaymentKind::Bolt11.PaymentKind::Bolt11Jitrecords asPaymentKind::Bolt11.payment_metadataprovesthe LSPS2 fee is within the negotiated limit.
PaymentDetailsfield-1 JIT metadata reader, whilekeeping the released legacy
PaymentKind::Bolt11Jitdecoder.prior JIT state is not migrated.