f - Remove MAX_EXPIRY_TIME

jkczyz · jkczyz · commit 26a44c2c98e9 · 2022-01-24T16:57:45.000-06:00
diff --git a/lightning-invoice/src/de.rs b/lightning-invoice/src/de.rs
@@ -24,7 +24,7 @@ use secp256k1::key::PublicKey;
 
 use super::{Invoice, Sha256, TaggedField, ExpiryTime, MinFinalCltvExpiry, Fallback, PayeePubKey, InvoiceSignature, PositiveTimestamp,
 	SemanticError, PrivateRoute, Description, RawTaggedField, Currency, RawHrp, SiPrefix, RawInvoice, constants, SignedRawInvoice,
-	RawDataPart, CreationError, InvoiceFeatures};
+	RawDataPart, InvoiceFeatures};
 
 use self::hrp_sm::parse_hrp;
 
@@ -359,7 +359,6 @@ impl FromBase32 for PositiveTimestamp {
 			.expect("7*5bit < 64bit, no overflow possible");
 		match PositiveTimestamp::from_unix_timestamp(timestamp) {
 			Ok(t) => Ok(t),
-			Err(CreationError::TimestampOutOfBounds) => Err(ParseError::TimestampOverflow),
 			Err(_) => unreachable!(),
 		}
 	}
@@ -516,7 +515,7 @@ impl FromBase32 for ExpiryTime {
 
 	fn from_base32(field_data: &[u5]) -> Result<ExpiryTime, ParseError> {
 		match parse_int_be::<u64, u5>(field_data, 32)
-			.and_then(|t| ExpiryTime::from_seconds(t).ok()) // ok, since the only error is out of bounds
+			.map(|t| ExpiryTime::from_seconds(t))
 		{
 			Some(t) => Ok(t),
 			None => Err(ParseError::IntegerOverflowError),
@@ -646,7 +645,6 @@ pub enum ParseError {
 	/// Not an error, but used internally to signal that a part of the invoice should be ignored
 	/// according to BOLT11
 	Skip,
-	TimestampOverflow,
 }
 
 /// Indicates that something went wrong while parsing or validating the invoice. Parsing errors
@@ -709,9 +707,6 @@ impl Display for ParseError {
 			ParseError::Skip => {
 				f.write_str("the tagged field has to be skipped because of an unexpected, but allowed property")
 			},
-			ParseError::TimestampOverflow => {
-                f.write_str("the invoice's timestamp could not be represented as SystemTime")
-            },
 		}
 	}
 }
@@ -877,7 +872,7 @@ mod test {
 		use bech32::FromBase32;
 
 		let input = from_bech32("pu".as_bytes());
-		let expected = Ok(ExpiryTime::from_seconds(60).unwrap());
+		let expected = Ok(ExpiryTime::from_seconds(60));
 		assert_eq!(ExpiryTime::from_base32(&input), expected);
 
 		let input_too_large = from_bech32("sqqqqqqqqqqqq".as_bytes());
diff --git a/lightning-invoice/src/lib.rs b/lightning-invoice/src/lib.rs
@@ -92,13 +92,6 @@ const TIMESTAMP_BITS: usize = 35;
 /// allowing for adding an expiry without overflowing.
 const MAX_TIMESTAMP: u64 = core::u64::MAX >> (64 - TIMESTAMP_BITS);
 
-/// The maximum expiry allowed, represented as a [`Duration`] since the invoice timestamp.
-const MAX_EXPIRY_TIME: u64 = core::u64::MAX - MAX_TIMESTAMP;
-
-/// Assert that the maximum expiry represented as a [`Duration`] since the UNIX epoch does not
-/// exceed [`u64::MAX`].
-const _MAX_EXPIRY_TIMESTAMP: u64 = MAX_TIMESTAMP + MAX_EXPIRY_TIME;
-
 /// Default expiry time as defined by [BOLT 11].
 ///
 /// [BOLT 11]: https://github.com/lightningnetwork/lightning-rfc/blob/master/11-payment-encoding.md
@@ -388,10 +381,6 @@ pub struct PayeePubKey(pub PublicKey);
 
 /// Positive duration that defines when (relatively to the timestamp) in the future the invoice
 /// expires
-///
-/// # Invariants
-/// The number of seconds this expiry time represents has to be in the range
-/// `0...MAX_EXPIRY_TIME` to avoid overflows when adding it to a timestamp.
 #[derive(Clone, Debug, Hash, Eq, PartialEq)]
 pub struct ExpiryTime(Duration);
 
@@ -499,10 +488,7 @@ impl<D: tb::Bool, H: tb::Bool, T: tb::Bool, C: tb::Bool, S: tb::Bool> InvoiceBui
 
 	/// Sets the expiry time
 	pub fn expiry_time(mut self, expiry_time: Duration) -> Self {
-        match ExpiryTime::from_duration(expiry_time) {
-            Ok(t) => self.tagged_fields.push(TaggedField::ExpiryTime(t)),
-            Err(e) => self.error = Some(e),
-        };
+        self.tagged_fields.push(TaggedField::ExpiryTime(ExpiryTime::from_duration(expiry_time)));
 		self
 	}
 
@@ -1222,7 +1208,9 @@ impl Invoice {
 	/// Returns whether the expiry time would pass at the given point in time.
 	/// `at_time` is the timestamp as a duration since the UNIX epoch.
 	pub fn would_expire(&self, at_time: Duration) -> bool {
-		self.duration_since_epoch() + self.expiry_time() < at_time
+		self.duration_since_epoch()
+			.checked_add(self.expiry_time())
+			.unwrap_or_else(|| Duration::new(u64::max_value(), 1_000_000_000 - 1)) < at_time
 	}
 
 	/// Returns the invoice's `min_final_cltv_expiry` time, if present, otherwise
@@ -1343,26 +1331,14 @@ impl Deref for PayeePubKey {
 }
 
 impl ExpiryTime {
-	/// Construct an `ExpiryTime` from seconds. If there exists a `PositiveTimestamp` which would
-	/// overflow on adding the `ExpiryTime` to it then this function will return a
-	/// `CreationError::ExpiryTimeOutOfBounds`.
-	pub fn from_seconds(seconds: u64) -> Result<ExpiryTime, CreationError> {
-		if seconds <= MAX_EXPIRY_TIME {
-			Ok(ExpiryTime(Duration::from_secs(seconds)))
-		} else {
-			Err(CreationError::ExpiryTimeOutOfBounds)
-		}
+	/// Construct an `ExpiryTime` from seconds.
+	pub fn from_seconds(seconds: u64) -> ExpiryTime {
+		ExpiryTime(Duration::from_secs(seconds))
 	}
 
-	/// Construct an `ExpiryTime` from a `Duration`. If there exists a `PositiveTimestamp` which
-	/// would overflow on adding the `ExpiryTime` to it then this function will return a
-	/// `CreationError::ExpiryTimeOutOfBounds`.
-	pub fn from_duration(duration: Duration) -> Result<ExpiryTime, CreationError> {
-		if duration.as_secs() <= MAX_EXPIRY_TIME {
-			Ok(ExpiryTime(duration))
-		} else {
-			Err(CreationError::ExpiryTimeOutOfBounds)
-		}
+	/// Construct an `ExpiryTime` from a `Duration`.
+	pub fn from_duration(duration: Duration) -> ExpiryTime {
+		ExpiryTime(duration)
 	}
 
 	/// Returns the expiry time in seconds
@@ -1431,12 +1407,9 @@ pub enum CreationError {
 	/// The specified route has too many hops and can't be encoded
 	RouteTooLong,
 
-	/// The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`
+	/// The unix timestamp of the supplied date is less than zero or greater than 35-bits
 	TimestampOutOfBounds,
 
-	/// The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`
-	ExpiryTimeOutOfBounds,
-
 	/// The supplied millisatoshi amount was greater than the total bitcoin supply.
 	InvalidAmount,
 }
@@ -1446,8 +1419,7 @@ impl Display for CreationError {
 		match self {
 			CreationError::DescriptionTooLong => f.write_str("The supplied description string was longer than 639 bytes"),
 			CreationError::RouteTooLong => f.write_str("The specified route has too many hops and can't be encoded"),
-			CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is <0 or can't be represented as `SystemTime`"),
-			CreationError::ExpiryTimeOutOfBounds => f.write_str("The supplied expiry time could cause an overflow if added to a `PositiveTimestamp`"),
+			CreationError::TimestampOutOfBounds => f.write_str("The unix timestamp of the supplied date is less than zero or greater than 35-bits"),
 			CreationError::InvalidAmount => f.write_str("The supplied millisatoshi amount was greater than the total bitcoin supply"),
 		}
 	}
@@ -1543,11 +1515,6 @@ mod test {
 			::PositiveTimestamp::from_unix_timestamp(::MAX_TIMESTAMP + 1),
 			Err(::CreationError::TimestampOutOfBounds)
 		);
-
-		assert_eq!(
-			::ExpiryTime::from_seconds(::MAX_EXPIRY_TIME + 1),
-			Err(::CreationError::ExpiryTimeOutOfBounds)
-		);
 	}
 
 	#[test]
