From 6237e1e348b54621f3b56da577c04a5f08e1ccee Mon Sep 17 00:00:00 2001 From: Thomas HUET Date: Wed, 24 Aug 2022 16:38:45 +0200 Subject: [PATCH] Trusted offers for tips and payments between friends --- 12-offer-encoding.md | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/12-offer-encoding.md b/12-offer-encoding.md index 0b4d9c5cf..e58340822 100644 --- a/12-offer-encoding.md +++ b/12-offer-encoding.md @@ -222,6 +222,7 @@ The human-readable prefix for offers is `lno`. 2. data: * [`point`:`node_id`] 1. type: 26 (`offer_send_invoice`) + 1. type: 28 (`is_trusted`) 1. subtype: `blinded_path` 2. data: @@ -297,6 +298,8 @@ A reader of an offer: from that expectation. - SHOULD not respond to an offer if the current time is after `offer_absolute_expiry`. + - if `is_trusted` is set: + - MUST not respond to the offer unless the reader trusts the offer issuer and does not need proof of payment. - FIXME: more! ## Rationale @@ -366,6 +369,7 @@ for [Signature Calculation](#signature-calculation). 1. type: 24 (`offer_node_id`) 2. data: * [`point`:`node_id`] + 1. type: 28 (`is_trusted`) 1. type: 80 (`invoice_request_chain`) 2. data: * [`chain_hash`:`chain`] @@ -391,7 +395,13 @@ for [Signature Calculation](#signature-calculation). ## Requirements for Invoice Requests The writer: - - MUST copy all fields from the offer (including unknown fields). + - if responding to an offer: + - MUST copy all fields from the offer (including unknown fields). + - otherwise: + - MUST set `offer_node_id` to the (possibly blinded) public key of the node to request the invoice from. + - MUST set `description` to a complete description of the purpose of the payment. + - MUST set `is_trusted`. + - MUST NOT expect to receive anything in exchange of paying the invoice. - MUST NOT set any tlv fields greater or equal to 160. - SHOULD set `invoice_request_payer_info` to an unpredictable series of bytes. - MUST set `invoice_request_payer_key` to a transient public key. @@ -426,7 +436,10 @@ The reader: - MUST fail the request if `invoice_request_chain`.`chain` is not a supported chain. - MUST fail the request if `invoice_request_features` contains unknown even bits. - MUST fail the request if `offer_send_invoice` is present. - - MUST fail the request if the offer fields do not exactly match a valid, unexpired offer. + - if `is_trusted` is set: + - MAY respond with an invoice with the understanding that the requester does not expect anything in exchange of paying the invoice. + - otherwise: + - MUST fail the request if the offer fields do not exactly match a valid, unexpired offer. - MUST fail the request if `invoice_request_signature` is not correct as detailed in [Signature Calculation](#signature-calculation) using the `invoice_request_payer_key`. - if `offer_quantity_min` or `offer_quantity_max` is present: - MUST fail the request if there is no `invoice_request_quantity` field. @@ -463,6 +476,9 @@ the invoice request amount exceeds the amount it's expecting (i.e. its `offer_amount` after any currency conversion, multiplied by `invoice_request_quantity`, if any). +Users should be able to send tips or pay friends without needing a preexisting offer. +In that case the payer can't expect a proof that they are entitled to receive something and they signal this by setting `is_trusted`. + # Invoices Invoices are a payment request, and when the payment is made, @@ -513,6 +529,7 @@ using the `onion_message` `invoice` field. 2. data: * [`point`:`node_id`] 1. type: 26 (`offer_send_invoice`) + 1. type: 28 (`is_trusted`) 1. type: 80 (`invoice_request_chain`) 2. data: * [`chain_hash`:`chain`]