You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Now that the payer nonce is included in the payer metadata of
InvoiceRequest and Refund, Bolt12Invoice verification no longer needs
the nonce from the blinded path's OffersContext. Remove it from
OffersContext::OutboundPaymentForOffer and
OffersContext::OutboundPaymentForRefund, along with
enqueue_invoice_request's nonce parameter, which only existed to supply
it. The nonce in RetryableInvoiceRequest is no longer used either but
is still persisted -- and retained when reading state written by prior
versions -- so that such versions can retry the payment and verify the
resulting invoice after a downgrade.
The payment_id is kept in both variants, however. While no longer needed
to verify the invoice, it is still used when handling a received
Bolt12Invoice to confirm the invoice arrived over the reply path created
for that payment. This prevents a payee from de-anonymizing us by minting
invoices and delivering them to candidate nodes over other paths to
observe which one we pay.
Co-Authored-By: Claude <noreply@anthropic.com>
0 commit comments