Correct the pjos parameter parity#546
Conversation
|
I think this fix is correct but I want to ask @spacebear21 if the field should be renamed to |
Pull Request Test Coverage Report for Build 14041324313Details
💛 - Coveralls |
DanGould
left a comment
DanGould
left a comment
There was a problem hiding this comment.
I may have spoken too soon. Although I believe your change mechanics are correct, and I dig the test, I request a slight change to make the code semantics more correct
I think |
|
We've got to fix this bug before next release. @Gmin2 I'm going to push the recommended changes to this branch and merge as co-author, so no pressure |
I changed my mind on this, I prefer |
|
In the spirit of Towards Impeccable Rust I'm inclined to replace the boolean with an |
|
The one thing I'm on the fence about is whether or not |
DanGould
force-pushed
the
pjos-to-0
branch
2 times, most recently
from
e7c149f to
bd311e6
Compare
spacebear21
left a comment
spacebear21
left a comment
There was a problem hiding this comment.
ACK
There is a typo in the second commit message:
`pjos` must come before `pjos` for optimistic alphanumeric QR encoding.
^ should be `pj`
| /// Whether the receiver is allowed to substitute original outputs or not. | ||
| pub fn output_substitution(&self) -> OutputSubstitution { self.v1.output_substitution() } |
There was a problem hiding this comment.
I don't remember why this is public on WantsOutputs and PayjoinProposal but maybe it doesn't need to be? It's checked in some tests but I don't know why a user would need it
There was a problem hiding this comment.
WantsOutputs is should be better to handle an OutputSubstitutionError::OutputSubstitutionDisabled variant, assuming that variant, agreed. I'm not sure why it would be on PayjoinProposal.
Similarly, I'm confused why there are multiple OutputSubstitutionDisabled(&str) variants instead of distinct variants. This part is going to become a new issue.
There was a problem hiding this comment.
Hm, though if they're removed, the OutputSubstitution Enum again only makes sense to expose publicly within the context of receive::v1::exclusive
There was a problem hiding this comment.
A v1 receiver on an unsecured server MUST disallow output substitution, but that doesn't preclude a v2 receiver disabling it for other reasons?
There was a problem hiding this comment.
A v2 receiver is always going to serialize pjos=0 to prevent A v1 sender from trying output substitution over the directory in plaintext messages, but a v2 sender may use disableoutputsubstitution Params to prevent the receiver from doing so. A receiver is really responding to preferences of the sender in v2 because they're always using an authenticated protocol.
DanGould
force-pushed
the
pjos-to-0
branch
2 times, most recently
from
fad76bd to
1bebd6a
Compare
The inverse had been implemented, serializing "1" by mistake.
`pjos=1` is implied when it is not present. `pjos` must come before `pj`, which should be last since it contains the most data that can benefit from the compression of alphanumeric QR encoding.
|
rebased on #590 |
An enum makes misuse more difficult. Since we were fixing our own misuse, this seemed like a prime area to use an enum instead of a bool. An enum also catches a bug caught in test_serialize_pjos, where elided pjos=1 should imply enabled output substitution. Vestigial is_output_substitution_disabled removed. The method was included before the state machine checked OutputSubstitutionErrors. Now those errors can replace the boolean.
spacebear21
left a comment
spacebear21
left a comment
There was a problem hiding this comment.
tACK 4889b1e
Ran the payjoin-cli receiver with defaults and confirmed the pjos parameter is omitted (i.e. output substitution allowed) by default. Also ran a patched v1 receiver with hardcoded OutputSubstitution::Disabled to confirm that pjos=0 in the BIP21 uri
DanGould
changed the title
5 participants
altered and corrected the logic for
pjosparameterfixes #545