f derive keys from offer metadata

Author: valentinewallace

lightning/src/offers/offer.rs

@@ -664,6 +664,12 @@ impl Offer {
 	pub fn expects_quantity(&self) -> bool {
 		self.contents.expects_quantity()
 	}
+
+	pub(super) fn verify<T: secp256k1::Signing>(
+		&self, key: &ExpandedKey, secp_ctx: &Secp256k1<T>
+	) -> Result<(OfferId, Option<Keypair>), ()> {
+		self.contents.verify(&self.bytes, key, secp_ctx)
+	}
 }
 
 macro_rules! request_invoice_derived_payer_id { ($self: ident, $builder: ty) => {

lightning/src/offers/static_invoice.rs

@@ -12,6 +12,7 @@
 use crate::blinded_path::BlindedPath;
 use crate::io;
 use crate::ln::features::{Bolt12InvoiceFeatures, OfferFeatures};
+use crate::ln::inbound_payment::ExpandedKey;
 use crate::ln::msgs::DecodeError;
 use crate::offers::invoice::{
 	check_invoice_signing_pubkey, construct_payment_paths, filter_fallbacks, BlindedPathIter,
@@ -94,9 +95,10 @@ impl<'a> StaticInvoiceBuilder<'a> {
 	///
 	/// Unless [`StaticInvoiceBuilder::relative_expiry`] is set, the invoice will expire 24 hours
 	/// after `created_at`.
-	pub fn for_offer_using_keys(
+	pub fn for_offer_using_keys<T: secp256k1::Signing>(
 		offer: &'a Offer, payment_paths: Vec<(BlindedPayInfo, BlindedPath)>,
-		message_paths: Vec<BlindedPath>, created_at: Duration, keys: Keypair,
+		message_paths: Vec<BlindedPath>, created_at: Duration, expanded_key: &ExpandedKey,
+		secp_ctx: &Secp256k1<T>,
 	) -> Result<Self, Bolt12SemanticError> {
 		if offer.chains().len() > 1 {
 			return Err(Bolt12SemanticError::UnexpectedChain);
@@ -108,6 +110,13 @@ impl<'a> StaticInvoiceBuilder<'a> {
 
 		let offer_signing_pubkey =
 			offer.signing_pubkey().ok_or(Bolt12SemanticError::MissingSigningPubkey)?;
+
+		let keys = offer
+			.verify(&expanded_key, &secp_ctx)
+			.map_err(|()| Bolt12SemanticError::InvalidMetadata)?
+			.1
+			.ok_or(Bolt12SemanticError::MissingSigningPubkey)?;
+
 		let signing_pubkey = keys.public_key();
 		if signing_pubkey != offer_signing_pubkey {
 			return Err(Bolt12SemanticError::InvalidSigningPubkey);