|
13 | 13 | //! We're also able to figure out when incoming payments have been made by one of our contacts. |
14 | 14 | //! See [bLIP 42](https://github.com/lightning/blips/blob/master/blip-0042.md) for more details. |
15 | 15 |
|
16 | | -use crate::blinded_path::IntroductionNode; |
17 | 16 | use crate::offers::offer::Offer; |
18 | 17 | use bitcoin::hashes::{sha256, Hash, HashEngine}; |
19 | 18 | use bitcoin::secp256k1::Scalar; |
20 | | -use bitcoin::secp256k1::{PublicKey, Secp256k1, SecretKey}; |
| 19 | +use bitcoin::secp256k1::{Secp256k1, SecretKey}; |
21 | 20 | use core::fmt; |
22 | 21 |
|
23 | 22 | #[allow(unused_imports)] |
@@ -81,66 +80,7 @@ impl fmt::Display for ContactAddress { |
81 | 80 | } |
82 | 81 | } |
83 | 82 |
|
84 | | -/// When we receive an invoice_request containing a contact address, we don't immediately fetch |
85 | | -/// the offer from the BIP 353 address, because this could otherwise be used as a DoS vector |
86 | | -/// since we haven't received a payment yet. |
87 | | -/// |
88 | | -/// After receiving the payment, we resolve the BIP 353 address to store the contact. |
89 | | -/// In the invoice_request, they committed to the signing key used for their offer. |
90 | | -/// We verify that the offer uses this signing key, otherwise the BIP 353 address most likely |
91 | | -/// doesn't belong to them. |
92 | | -#[derive(Clone, Debug, PartialEq, Eq)] |
93 | | -pub struct UnverifiedContactAddress { |
94 | | - address: ContactAddress, |
95 | | - expected_offer_signing_key: PublicKey, |
96 | | -} |
97 | | - |
98 | | -// FIXME: this can be simply a function call? |
99 | | -impl UnverifiedContactAddress { |
100 | | - /// Creates a new [`UnverifiedContactAddress`]. |
101 | | - pub fn new(address: ContactAddress, expected_offer_signing_key: PublicKey) -> Self { |
102 | | - Self { address, expected_offer_signing_key } |
103 | | - } |
104 | | - |
105 | | - /// Returns the contact address. |
106 | | - pub fn address(&self) -> &ContactAddress { |
107 | | - &self.address |
108 | | - } |
109 | | - |
110 | | - /// Returns the expected offer signing key. |
111 | | - pub fn expected_offer_signing_key(&self) -> PublicKey { |
112 | | - self.expected_offer_signing_key |
113 | | - } |
114 | 83 |
|
115 | | - /// Verify that the offer obtained by resolving the BIP 353 address matches the |
116 | | - /// invoice_request commitment. |
117 | | - /// |
118 | | - /// If this returns false, it means that either: |
119 | | - /// - the contact address doesn't belong to the node |
120 | | - /// - or they changed the signing key of the offer associated with their BIP 353 address |
121 | | - /// |
122 | | - /// Since the second case should be very infrequent, it's more likely that the remote node |
123 | | - /// is malicious and we shouldn't store them in our contacts list. |
124 | | - pub fn verify(&self, offer: &Offer) -> bool { |
125 | | - // Check if the expected key matches the offer's issuer ID |
126 | | - if let Some(issuer_id) = offer.issuer_signing_pubkey() { |
127 | | - if issuer_id == self.expected_offer_signing_key { |
128 | | - return true; |
129 | | - } |
130 | | - } |
131 | | - |
132 | | - // Check if the expected key matches any of the blinded path node IDs |
133 | | - for path in offer.paths() { |
134 | | - if let IntroductionNode::NodeId(node_id) = path.introduction_node() { |
135 | | - if *node_id == self.expected_offer_signing_key { |
136 | | - return true; |
137 | | - } |
138 | | - } |
139 | | - } |
140 | | - |
141 | | - false |
142 | | - } |
143 | | -} |
144 | 84 |
|
145 | 85 | /// Contact secrets are used to mutually authenticate payments. |
146 | 86 | /// |
|
0 commit comments