Skip to content

Commit

Permalink
common: add check that pico-valued invoices are round numbers.
Browse files Browse the repository at this point in the history
Otherwise you can ask for a sub-millisatoshi amount, which is dumb and
violates the spec.

See-also: lightning/bolts#736
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
  • Loading branch information
rustyrussell committed Feb 3, 2020
1 parent 8abe4c2 commit 7d463b2
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 0 deletions.
11 changes: 11 additions & 0 deletions common/bolt11.c
Original file line number Diff line number Diff line change
Expand Up @@ -649,6 +649,17 @@ struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str,
* amount required for payment.
*/
b11->msat = tal(b11, struct amount_msat);
/* BOLT-50143e388e16a449a92ed574fc16eb35b51426b9 #11:
*
* - if multiplier is `p` and the last decimal of `amount` is
* not 0:
* - MUST fail the payment.
*/
if (amount * m10 % 10 != 0)
return decode_fail(b11, fail,
"Invalid sub-millisatoshi amount"
" '%sp'", amountstr);

b11->msat->millisatoshis = amount * m10 / 10; /* Raw: raw amount multiplier calculation */
}

Expand Down
7 changes: 7 additions & 0 deletions common/test/run-bolt11.c
Original file line number Diff line number Diff line change
Expand Up @@ -562,6 +562,13 @@ int main(void)
assert(!bolt11_decode(tmpctx, "lnbc2500x1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpujr6jxr9gq9pv6g46y7d20jfkegkg4gljz2ea2a3m9lmvvr95tq2s0kvu70u3axgelz3kyvtp2ywwt0y8hkx2869zq5dll9nelr83zzqqpgl2zg", NULL, &fail));
assert(streq(fail, "Invalid amount postfix 'x'"));

/* BOLT- #11:
* > ### Invalid sub-millisatoshi precision.
* > lnbc2500000001p1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpu7hqtk93pkf7sw55rdv4k9z2vj050rxdr6za9ekfs3nlt5lr89jqpdmxsmlj9urqumg0h9wzpqecw7th56tdms40p2ny9q4ddvjsedzcplva53s
*/
assert(!bolt11_decode(tmpctx, "lnbc2500000001p1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpu7hqtk93pkf7sw55rdv4k9z2vj050rxdr6za9ekfs3nlt5lr89jqpdmxsmlj9urqumg0h9wzpqecw7th56tdms40p2ny9q4ddvjsedzcplva53s", NULL, &fail));
assert(streq(fail, "Invalid sub-millisatoshi amount '2500000001p'"));

/* FIXME: Test the others! */
wally_cleanup(0);
tal_free(tmpctx);
Expand Down

0 comments on commit 7d463b2

Please sign in to comment.