Make payment_secret mandatory and ASSUMED#1
Conversation
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
from
79c9a63 to
cae28f6
Compare
| - MUST require a valid `s` field to be present | ||
| - MUST fail the payment if no valid `s` field is found | ||
| - MUST use the `s` field value as [`payment_secret`](04-onion-routing.md#tlv_payload-payload-format) |
There was a problem hiding this comment.
For consistency, I think we should use wording that's similar to the other requirements. Something like:
| - MUST require a valid `s` field to be present | |
| - MUST fail the payment if no valid `s` field is found | |
| - MUST use the `s` field value as [`payment_secret`](04-onion-routing.md#tlv_payload-payload-format) | |
| - if a valid `s` field is not provided: | |
| - MUST fail the payment. | |
| - otherwise: | |
| - MUST use the `s` field as [`payment_secret`](04-onion-routing.md#tlv_payload-payload-format) |
There was a problem hiding this comment.
Question: "MUST fail the payment if no valid s field is found". What would be an invalid s field? it should fail anyway, no? It seems like it should be "MUST fail the payment if no s field is found"?
There was a problem hiding this comment.
An s field that's not len=52 would be invalid. Your suggested wording would mean the reader should not fail if such a field is found.
Suggestion: "The BOLT 11 payment secret (
I think this is more of a privacy enhancement than a security/reliability change. The idea is to prevent intermediate nodes in the payment path from probing for the destination by generating their own payment onions. Also I think it would be helpful to point back to the PR that made the change on the writer side, and then explain that it's been X years since then and all implementations now always write payment secrets. Additionally, LDK already refuses to pay invoices that are missing a payment secret and other implementations should do the same Potential BOLT 9 changeIf we make the current change, it might also make sense to change the |
nit: I think "for both sides of the protocol" sounds a little bit weird. Could be "for both writer and reader". |
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
2 times, most recently
from
579c90c to
d292135
Compare
erickcestari
changed the title
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
2 times, most recently
from
c6c8819 to
ce17d45
Compare
morehouse
left a comment
morehouse
left a comment
There was a problem hiding this comment.
Basically LGTM. The PR description is great!
| - if a valid `s` field is not provided: | ||
| - MUST fail the payment. | ||
| - otherwise: | ||
| - MUST use the `s` field as [`payment_secret`](04-onion-routing.md#tlv_payload-payload-format) |
There was a problem hiding this comment.
It might also make sense to remove the requirement further up that incorrect-length s fields be skipped. WDYT?
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
from
ce17d45 to
523f97d
Compare
| A reader: | ||
| - MUST skip over unknown fields, OR an `f` field with unknown `version`, OR `p`, `h`, `s` or | ||
| - MUST skip over unknown fields, OR an `f` field with unknown `version`, OR `p`, `h` or | ||
| `n` fields that do NOT have `data_length`s of 52, 52, 52 or 53, respectively. |
There was a problem hiding this comment.
Since you removed the s you have to update here as well?
| `n` fields that do NOT have `data_length`s of 52, 52, 52 or 53, respectively. | |
| `n` fields that do NOT have `data_length`s of 52, 52, or 53, respectively. |
There was a problem hiding this comment.
Yes, good catch. I completely forgot about this. Thanks for pointing it out.
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
from
523f97d to
a8cdbd0
Compare
Make the payment secret ('s' field) mandatory for readers in addition
to writers, and update the payment_secret feature to ASSUMED status in BOLT 9.
This formalizes the expectation that all Lightning invoices must include
a payment secret after ~4 years of writer-side requirements.
The payment secret prevents intermediate nodes in the payment path from
probing for the destination by generating their own payment onions,
enhancing privacy in the Lightning Network.
- Add requirement for readers to fail payment if 's' field is missing
- Remove requirement to skip 's' fields with incorrect length
- Add test vector demonstrating an invalid invoice missing 's' field
- Change payment_secret feature to ASSUMED in BOLT 9
This aligns with existing implementations like LDK which already refuse
to pay invoices missing a payment secret.
Co-authored-by: morehouse <mattmorehouse@gmail.com>
Co-authored-by: brunoerg <brunoely.gc@gmail.com>
erickcestari
force-pushed
the
require-payment-secret-for-readers
branch
from
a8cdbd0 to
7dbbe9c
Compare
3 participants
Background
The BOLT 11 payment secret (
sfield) was previously required for writers but not for readers (as implemented in lightning#887), likely to maintain backward compatibility with unupgraded nodes during the initial rollout period. Now that several years have passed and implementations have widely adopted this requirement, this PR updates the spec to make the payment secret field mandatory for both writer and reader, and updates thepayment_secretfeature to ASSUMED status in BOLT 9.Changes
sfield is missingsfieldpayment_secretfeature to ASSUMED in BOLT 9, since all nodes are now required to support itMotivation
This change improves protocol privacy by ensuring that all Lightning invoices contain a payment secret. The payment secret prevents intermediate nodes in the payment path from probing for the destination by generating their own payment onions. Since implementations like LDK have already implemented this requirement (refusing to pay invoices missing a payment secret) and it's been ~4 years since the writer-side requirement was introduced, formalizing it in the specification makes sense. At this point, all implementations now always write payment secrets, and other implementations should follow LDK's example in refusing to process invoices without them.
Making the
payment_secretfeature ASSUMED in BOLT 9 reflects the reality that this feature has become standard across the Lightning Network and should be considered a core part of the protocol rather than an optional feature.