Closed jsarenik closed 2 years ago
Same thing with version 1.7.0
.
Can you confirm that the amount is set correctly? lnurl-pay is using millisats and the amount request is passed as GET parameter to the callback URL. this means your callback URL should create an invoice for 10 sats: https://signetfaucet.bublina.eu.org/cgi-bin/lnurl.sh?amount=10000 but it creates an invoice of 100 sats.
Check the spec: https://github.com/fiatjaf/lnurl-rfc/blob/legacy/lnurl-pay.md
Could the problem be here? https://github.com/getAlby/lightning-browser-extension/blob/master/src/common/lib/lnurl.ts#L109
yes, that also could be the problem. I think somehow the invoice is not as expected. - either the amount or the metadata is not as expected. could that be?
Yes, I confirm that the amount is set correctly. It works well with stacker.news and coinos.io.
For completness, here is another lightning address anyone@coinos.io
which works well with Alby and produces following invoice:
$ lnaddr.sh anyone@coinos.io 15000
Enter comment (maxLength: 500): forCoinOS
https://coinos.io/lnurl/671ce96fec63876c1fabc68bb95751808559b35bdb94ed390de9cbb9a7137904?amount=15000&comment=forCoinOS
{"pr":"lnbc150n1p3r4f34pp5h9rh6yyrreckexz32a6mvtke5jqz064567htwlg6xlplll7jncpqhp5t7ygdl8ft532fa2gpgxhh4rg9afsn9yp22yfpnglluevg6ey6ytqcqzpgxqyz5vqsp5f8mv3dzgu9nvpzsw4zyuxjernderz65ana0syy0tk3kjx49qvfzq9qyyssqfqhnq8ukxgfp45796j9ew2n5ypyehhlt5azyskztpgdd3u4f864zuy45954qe27qysj56uzl4k3xkefpxng993sazqxgrthxd5g8fcsq2rjzcv","routes":[]}
$ lightning-cli decode lnbc150n1p3r4f34pp5h9rh6yyrreckexz32a6mvtke5jqz064567htwlg6xlplll7jncpqhp5t7ygdl8ft532fa2gpgxhh4rg9afsn9yp22yfpnglluevg6ey6ytqcqzpgxqyz5vqsp5f8mv3dzgu9nvpzsw4zyuxjernderz65ana0syy0tk3kjx49qvfzq9qyyssqfqhnq8ukxgfp45796j9ew2n5ypyehhlt5azyskztpgdd3u4f864zuy45954qe27qysj56uzl4k3xkefpxng993sazqxgrthxd5g8fcsq2rjzcv
{
"type": "bolt11 invoice",
"currency": "bc",
"created_at": 1648010805,
"expiry": 86400,
"payee": "02868e12f320073cad0c2959c42559fbcfd1aa326fcb943492ed7f02c9820aa399",
"msatoshi": 15000,
"amount_msat": "15000msat",
"description_hash": "5f8886fce95d22a4f5480a0d7bd4682f53099481528890cd1fff32c46b24d116",
"min_final_cltv_expiry": 40,
"payment_secret": "49f6c8b448e166c08a0ea889c34b239b72316a9d9f5f0211ebb46d2354a06244",
"features": "024200",
"payment_hash": "b9477d10831e716c98515775b62ed9a48027eab4d7aeb77d1a37c3ffffd29e02",
"signature": "30440220482f301f9632121ad3c5d48b972a7420499bdfeba74448584b0a1ad8f2a93eaa02202e12b42d2a0cabc024254d705fada26b652134d052c61d100c81aee66d1074e2",
"valid": true
}
So what we see is that the invoices which are accepted by Alby contain the "description_hash"
field, which the c-lightning-generated invoice does not contain (it is considered optional, correctly defined with ?
in Alby's src/declarations.d.ts
)
For the record: I am pretty sure this issue is not because of routing hints or similar. This issue is because of the LNURL described validations of the invoice. In this case the invoice (requested through LNURL-pay) does not pass the validation. (amount, description_hash must be the hash of the LNURL metadata, ...)
see also: https://github.com/getAlby/lightning-browser-extension/pull/735#issuecomment-1077440267
@bumi Yes, it is being worked on in c-lightning. See https://github.com/ElementsProject/lightning/pull/5121, which I was totally unaware of.
Thanks @fiatjaf for link!
Leaving this issue open just to track it also on this side (as there may be others like me unaware of the related work).
great, I updated the title to mention the LNURL invoice check. keep me posted, I did not know that LNURL-pay is not possible with a clightning node right now.
Here is a new invoice generated with deschashonly=true
parameter introduced by ElementsProject/lightning@ccaf04d26 and seems to still not work with Albi. @bumi please have a look what could be wrong here.
{
"type": "bolt11 invoice",
"currency": "bc",
"created_at": 1648648330,
"expiry": 604800,
"payee": "032de5c0f28f9d7d10c0c0b5ec92e83f9bf40def2bf40181c0f4330c57e58a8605",
"msatoshi": 1000,
"amount_msat": "1000msat",
"description_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"min_final_cltv_expiry": 18,
"payment_secret": "26c8de60d4cc4d78db9d641bf724fad4eda0750fd459747eda548e70c9ec0ebf",
"features": "024100",
"routes": [
[
{
"pubkey": "038fe1bd966b5cb0545963490c631eaa1924e2c4c0ea4e7dcb5d4582a1e7f2f1a5",
"short_channel_id": "728591x176x1",
"fee_base_msat": 0,
"fee_proportional_millionths": 0,
"cltv_expiry_delta": 34
}
]
],
"payment_hash": "eda88c6c5de9916d9a9530e3274df0e06ef5e2811f8f676ba8caf37c6c50ef1f",
"signature": "3044022054085601153fcf15b145d64f73d5a9235f867e25091551daa59602fe79fb5b8d022079249349a36df5952e3cf6fde135eaaa1b89cc50012c08c721e68ed156745fae",
"valid": true
}
Easy to generate similar invoice using webLN at https://ln.anyone.eu.org/meta1.html (which makes Albi generate an invoice to anyone@ln.anyone.eu.org
).
It still works well with coinos.io and stacker.news.
what do you use as invoice description? If I read that PR correct then it adds a hash of the description to the description hash? LNURL request the bolt11 description hash to equal the hash of the LNURL metadata.
can you confirm that e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
is the hash of your LNURL metadata? Can you provide that metadata here?
Yes, that's an empty description:
$ printf "" | sha256sum
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 -
Another example. The invoice was triggered via LNURL by Albi:
$ lightning-cli decode lnbc1230n1p3ygeqrpp5zrkw0q6y65jt78p9zm5tk4y6mxvkkpgs4yzmj3m8zsqnrwjlpfeqhp5n7rdpqvgf37ktx30a2sv2kkszk3m7ncm9v9cytx3t4kptv8spgyqxqyjw5qcqpjsp5ryssw8nyt90gpthrnnpknhmmz754vy9ape9v0cpmy249l7dw4d8srzjqw87r0vkddwtq4zevdysccc74gvjfckycr4yulwtt4zc9g087tc62zc7puqqpvqqqyqqqqqqqqqqqqqqyg9qyysgqg62kdy69uyumte06ptqg0t644knwqdzzsyglsvtlnlef604kc5eyf4sq59ltnprcc5pjwu85q3ygx90ezthxggs2t566vvzsqeqj9ngq30954y
{
"type": "bolt11 invoice",
"currency": "bc",
"created_at": 1648649219,
"expiry": 604800,
"payee": "032de5c0f28f9d7d10c0c0b5ec92e83f9bf40def2bf40181c0f4330c57e58a8605",
"msatoshi": 123000,
"amount_msat": "123000msat",
"description_hash": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08",
"min_final_cltv_expiry": 18,
"payment_secret": "1921071e64595e80aee39cc369df7b17a95610bd0e4ac7e03b22aa5ff9aeab4f",
"features": "024100",
"routes": [
[
{
"pubkey": "038fe1bd966b5cb0545963490c631eaa1924e2c4c0ea4e7dcb5d4582a1e7f2f1a5",
"short_channel_id": "728591x176x1",
"fee_base_msat": 0,
"fee_proportional_millionths": 0,
"cltv_expiry_delta": 34
}
]
],
"payment_hash": "10ece78344d524bf1c2516e8bb549ad9996b0510a905b94767140131ba5f0a72",
"signature": "304402204695669345e139b5e5fa0ac087af55ada6e034428111f8317f9ff29d3eb6c532022044d600a17eb98478c5032770f404488315f912ee64220a5d35a63050064122cd",
"valid": true
}
This invoice is recorded like this with CLN:
$ lightning-cli listinvoices lnurl-generated-12541-test
{
"invoices": [
{
"label": "lnurl-generated-12541-test",
"bolt11": "lnbc1230n1p3ygeqrpp5zrkw0q6y65jt78p9zm5tk4y6mxvkkpgs4yzmj3m8zsqnrwjlpfeqhp5n7rdpqvgf37ktx30a2sv2kkszk3m7ncm9v9cytx3t4kptv8spgyqxqyjw5qcqpjsp5ryssw8nyt90gpthrnnpknhmmz754vy9ape9v0cpmy249l7dw4d8srzjqw87r0vkddwtq4zevdysccc74gvjfckycr4yulwtt4zc9g087tc62zc7puqqpvqqqyqqqqqqqqqqqqqqyg9qyysgqg62kdy69uyumte06ptqg0t644knwqdzzsyglsvtlnlef604kc5eyf4sq59ltnprcc5pjwu85q3ygx90ezthxggs2t566vvzsqeqj9ngq30954y",
"payment_hash": "10ece78344d524bf1c2516e8bb549ad9996b0510a905b94767140131ba5f0a72",
"msatoshi": 123000,
"amount_msat": "123000msat",
"status": "unpaid",
"description": "test",
"expires_at": 1649254019
}
]
}
The description test
matches perfectly the description_hash
:
$ printf "test" | sha256sum
9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 -
Read https://github.com/fiatjaf/lnurl-rfc/blob/luds/06.md, @jsarenik.
The "metadata" field is this JSON string which is an array of properties. That is what should be hashed for the description_hash
. The wallet will check if bolt11.invoice_description == sha256(metadata)
.
@fiatjaf at https://github.com/fiatjaf/lnurl-rfc/blob/luds/06.md#wallet-to-service-interaction-flow in point 7 writes that h
tag in provided invoice… what's is that? I do not see any h
tag inside the invoice generated by coinos.io or stacker.news, not even zbd.gg.
I also do not understand the meaning and flow of https://github.com/fiatjaf/lnurl-rfc/blob/luds/06.md#notes-on-metadata-for-server-side-lnurl-pay and need more explanation on that.
Example invoice generated for fiatjaf@zbd.gg
follows:
{
"type": "bolt11 invoice",
"currency": "bc",
"created_at": 1648655484,
"expiry": 300,
"payee": "0251fff168b58b74e9b476af5a515b91fe0540a3681bc97fbb65379a807aea5f66",
"msatoshi": 21000,
"amount_msat": "21000msat",
"description_hash": "b66fde4e4d981bce733f07eb743ce9a322905e448d83101ba414cf48925bcc18",
"min_final_cltv_expiry": 40,
"payment_secret": "d5e4b8dbb5ef4b29cc883c73efd821babf08bd6a3b947780856b7734e6f748fa",
"features": "024200",
"payment_hash": "079849a0ea8b40d4e1a64511a62112b7785893999223f8b0dc3f187ed8fe6955",
"signature": "304502210092b7e8ddabec75f9ecac805d7bd3326ee30853e90736f2e5b4170b344151579a02206f655d61a9d875cd7e0c3ef872c265eaa93651169520b3b3086be612cf113928",
"valid": true
}
The JSON sent by zbd.gg was this:
{
"minSendable": 12000,
"maxSendable": 45000000,
"commentAllowed": 150,
"tag": "payRequest",
"metadata": "[[\"text/plain\",\"fiatjaf - o bramido do silêncio do diamante\"],[\"text/identifier\",\"fiatjaf@zbd.gg\"],[\"image/png;base64\",\"/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wAARCACAAIADASIAAhEBAxEB/8QAHAAAAgIDAQEAAAAAAAAAAAAABAUDBgECBwAI/8QAOhAAAgEDAgQEBAQEBgIDAAAAAQIDAAQRBRIGITFRE0FhcRQiMoFSkaHRI2Kx4QcVJEJT8DTCQ3LB/8QAGgEAAgMBAQAAAAAAAAAAAAAAAwQBAgUABv/EACsRAAICAgECBQMEAwAAAAAAAAECABEDITEEEhMiQVFhBRSxMjNxkaHh8P/aAAwDAQACEQMRAD8Azov+NuvwBVnukuFHlNGD+vI1fdG/xwim2i/sY/UxOR+hzXyfZy75Cu4jsabwrMozHIDT/wBxgOsiiIfZ5wLxMfz+Z9m6b/iVw7qCYklaEnqJFBH6UXJHwtq2dlxZjd5xy7GP2r43gvL2HBGSPQ1PNxDdxrhi68vPIoi+Bzjcg/zF8uLqW8uZAw+REPFcMcWu3kcJHhidlX23GusaRqCx20KMQVVAAVPTlXFrqZri73MclnH9av3ONVYH5SMgjoR6GvOfVz4jCj7z0X0zGAhDfE6TbzJIoZGVlPaikaub2moTwMGilZfv1qyaZxHFIAl3iNum8dP7ViFCI+2KuJbEapFb70DDMrqGVgQehByDU6OO9Vg6hQPLpWc47VErisl/WokyUtkfvVd1Dii0gna3s45r64U4ZLZdwHuelKuIdbivb2TThepZ2MPK7uN2GY/8aevc1tZ6uq2623C+lSSxjkJXXw4/ck8zRlx0LIlC3tJX4pWIj/MNOvLRPxOnL86QalxwJgINLh/1DZBeVhsT19abz8P3Opgvr988uelvbnZGv7muYcVaM2k3TmCbxLbftUn6h7/vTOFMTGvWUcsBcr8CeDLFz65FO7Z+Xell4hXwzg/K1H2gOKfd7FzsaUajGNznBNEq67cMOVCJzIxipckEignJGRjnmtbYyB2jTcDkHGKMtZVhBimYiBjlW/4z+xoNe+a3yWXa3P7UFj3cy4UDiNWj8M7WUg9R2I71kIPI+/KhdOnaNRFODJB0Az8y+xqwxaLIYYp4WWW2l+mVfI/hbsfSlnPbzDDejFklzdx2UsEEzqsi4wDimPC9vdPbsj6zd286t8q8iuPY0whsIYo8kB3/ABVpPbjxAykqw6MP6GgfcWKElsAbmN1sNYH065n/AO1stLeJbfUbLRbq5n1u5kKABI4kWMMxOAOXPqaki1h7FP8AWYEQON+eX9qr3GPF9jd28FtZ7pXWeOVyRhcKc4z50XD3Owof4ieXH4fJlt0XhywsIIWlto5rzaDJLKNxLeeM9OdPCQFwp5dq5TDx7qH+YCaURPb55wquBj0PXNdA0vV7bVLQT2kgZT1U9VPY1OXHkXbQasDoSXVLoW1q7n6ui+9c/wBQlVg+/BB6g+dWDie8zIsQPJRk+9c/1i88RjEhBHUkUTBjLGc7douP73TYp4pEkjDKwxuA5ik+kWkPiSWd2Cl1ET0P1r5EVdvhsLgg5pVrOii9QTQ5S5j+ll5E+lAx59dpOjNBse+5RuCHRUAzG5x7VhtFnxldrD8q1sNSvbfKXVu1wq9Wi5OPcUxh4gsTkO0kXcOmKknMONyQ2P11FUmnXEX1RMR6DNYjtGY4KkE+nOrPDqNrMoKzIR3zTC2RJiGjZHX+XmKo3UOo8whFVW4MR2WkAEGYcu3Q/erBpZaxmG1CIJMLNF5OvcdmHUGiFhAYEjmKmupoNMa3e6UyTSc4bYfVIe57L60qMr5GkuqhdwHXJItM+JNy4CW5O4gfrj1yKomqcXuRtsIQgHLfJzJ+3SrbxRZzaxYXMUsgE8reIXHTdnOPauRXUUtrcPb3KlJUOCDT/RYcWSydmK9TkyIBUmvdRuLti1xK8jepoIOc5rVuVa5rXVQNCZbMSbMl34o7StZutLuhPaSbW6FTzVh2IpUWr0K+JJgnAHMmpKgijK3XEvWscRW2o6fFNBE0d1ISJVJyB7d6q+7LEmoi+eQwB2FC3txtTw1PNuvoKomMIKEh3Lczvph3rnbj3rAt1YlXwPUGjpo8kcjj08q28IbflUHv615oibwMqnEUFpYQG5nZg4OEZOTk9sedK44+I5oFlS3to426LLguR6imtnD/AJ1xVPNLk2mn/wAONT08TzP/AH0qzPZ5A35K9cjyoxfwQFIs/MqCX36ShPLJAQNX0WN4+hkijBx9sUXbafpc4E2l38tpL1Gxzj2Kmrx8MxT5cSD1ODVZ1nh4SObizX4a6HM4Hyv7ioXOGNfp/H9S5x18w/h+e5tRd3GveHJZWkfieNH/APIc4CkepoSKU6zrl1qMjCQKAieWM9hWOFdattOvprHX42tYrpPBlwcoefJ17EGtNc0Gbhq7X4eYxK43w3AOYZ1/9T3HT0o5xeU1on+oAPT73D76ZLe2eWU5SNSzcu1cq4l1GPVbhZDbJGi5A5/MR6mn2pXja5qEdrd3Agij+WVEP1MPPPQj26UwtOENMR/FYSSj/arPuX3Hf71bAE6XzZOZOUt1HlTicuLfOVyT2OOorU5866fxJw7b6jbAQhY7mNcRkDHLsR2/pVLt+Gr6WTF0hgQHBJGSa0cXVo62dRHJ0jq1DcQElmCrzY9KJQeGm0HJ6k9zTHUUtrQm2swCB9ch6se2e1LSe9Moe4XFsg7TUxLKI0LHypcWLsWPMmp5pEkViWGF8v2oeNgRkHIq4gjPp2CZWVScjHIipZHIJIRmwM0EN3TaB3bNG25wwAwR55GcivNkVNy7iLgG2L6TNPGy+LJcOXB86s7IdmA2048+lVng5hZXeo2D4DxzMwH4lPn/AN71ZC43HHPP5j7VTqf3CZbF+kCaxq0OCRlT1xXrnaU+bmvlkdPvW0mUBKkEHtzFJLnXA0jWumQteSqcPtOI0P8AMx5D7UsFLHUPdcyDWtLivoWV1Vg3MZ6g9waC4b19NPjPDvE7ltMkO2GVhlrZvIjuvpWmsXF5Z27yalex20Z5iG1TczHsGb9qqMME+oSmS4ebJ5ruy20eQ5DrWl0wIU9x1F8w7joblin4TutImuoJ2hnDNvXIyk6Ho6ny+3SgHnn0yJmt2kAT6reUZP2Pn/X1p9o+q2raWmi6xLLBAv8A49xgmSzb3P1RnzHlVV4kj1W11SXT7yWB5wuFmikBSZDzBHqc/vTONPEfzHUXyP4a1W4sueIblpjMXweRJb/87D0qXUOJJHsWRYvCuH5bgeQHcUhvI3hYxzoyN+FhignYmnzhR6JHETGd0ujzNXOc1vaQiaUeJkRDq2OXtUDk9FGSelGLc2fwQitmcTSEIVf/AG9znpRH0NQSCzZgUGnLfXfg2+4KxYgAbjgc+nmcUZd8MtaWdxNmWV1banh4G0DqWHP9M+9F2Vr8KIZoJ5Y7+Nx8qdFXruBpjeX8lxbr8DvUIM71TO5s4249zj70I5GsATmX1M6qkzbwjYU9x0NGxOEdSp8+uaVRRlT8shZF655lf7UYjIu1WCsvUOvlWIxBmuBA9Xs5op4r7T8fGJ8rKTykXsfWtYOKLeIbb+J7aUfUrqf0pmz5dUxjH+4eftSXX7sC3S0gRZby5YpHuGQvdvYCoWnpWFyT5diA67xPaXlx8Kl00Nmq5lkQHfJ/IO3qaHj195bZbbQNPmEf0hiu1ff+9MorO1gtorGBEyF/iOVGSPM57mmPhJHHHGiKEAwMcjUs2NQAF/73llDHZMr1pok9xcC41aR5ZRzCg5C1YDax+GCgC7PLy/tU5KIMciB5Uv1nUI9PtHuJH+Reg82PkBQSz5WAhR2oIi4tuobSBX6XjckUcwR559KpCusluSZz8QmSyvyyP5f2rTWtSkurh7ibLSOcKo6Adh6UEAfqPUjp2rd6fB4aAHmZHUZvEbXEkuZ5JyviuzbRtXJzgdqFapGrMFs907LGM7RubHXFNaAi3Ji2VpviE2ZUeR70z0aBlvkk8FZwc5U9G7174ZwwBGSMgAjIzTLToRbIlzfRt/AcBMNjf6Y/XNDdtSw1CpI4hCojQK/iFhs+kc+WDUGq3DCLwmbwoEffuX6t2C3I/lTXTEnlt7hvh0343YU4Ug/oPOq5xNevMz7yrEMy9OYyPPvigILapLHVzsEcjiMKcIxIxgDmPejZuTqIyyLjcTnNKURXiVn5sOQPlRVrIseMhD8uN5GcVjsJrXDWmS1t5JrgqIUBYsOWBVf0wG5S51m7xvlXbEhODHH5D3PWsa/Ib+7ttKRh4Z/jXG3yUHkv3NEOhe6itlXKRje46ewz0/OrKvavyfx/uRdn+JNaROsZklB8R/q5c19Pyop22bWHMDoetbSxnAZSyny5ZGPUVHKwUozKARzwOZPqO9BvuMKDUinlWKKSV2C7V3Ek9AP7VzjiDWZtVuAWOII8iNP/AGPqaYcXayLuX4O1cG3jPzuvSRv2FKbnTWh0i3vpJwpnYiOLbkso6nNavSYBjAd+TEeozd3lXiKZBuPtWCeXOpHXaBih45SzyLIpXA+U960YiZJBC9xPHDCN0kjBVHqaP4l4X1PQJkuQTLBy23EWflPY9v6GhdNnmtJxdxBfk5YYZBB61ZOI+K21DQYbWzeSENkXEZ54XtnzBobM/cAvEsAK3zFFhem5QeLFiUMAZEXkc+nkaYtp80EaJbEuR80yuOWD2+1MrnSb/hmzt4ZokgluoPGUb1cSr54P4hnpU2n/AA80kkl68iNKASYzlVbpzHkMdcUB29RxJAJgerTT6VZyEYgBjCoAAG3diPMczVM0vR9S1uZo9Ls5rox/M/hj6c9Mk8qc8XyzSyskk4kWBjtx07HH5Um0vU4YbC8sLuOU285WRXhfa6SKDg+owcEflRsIIWxzBO1mvSdiwULBlzGTzx5VuvhxrmRhsAyG7j9618UFcouR+IcwfQ+lJ9fuhBpd0oUqXGEB5g57GsYKWNTXuhcxw+fFF1fzKCbp2K5/CvQf1pjpTH4eS4wplmckE5yO1BTqLPR4oEYbgixggdT/ANzTK0AhtkUITtGOVTkN2feSgoVDkldAjlsbuoz19hVa411V7eP4OBwWlG4tjmg9D3NPmYqys55r35nNItX0yC/3MSVn/wCTuPaq4O0OGbidk7ipCzn8rbF5fYVrNNIyRK8hwgwBnkoz0H3r2qN8HdyQPhgp+odQe4rV/DcQyKylCebCt0GxcyjYNQmxYXDfDsu7PTPJgfTv7Vq9kfi1jLZiPNmXqFzg+1R3UkUU6pbt4gU53gYNZe5kEzSxld7DnuUGu2eJFj1mupFreR7cFCqMV3IMbh3o2z0p7yyF0kYEKuEVDyMhAyefp50l/iy3B3sS7nLHvV+06eRNOggldEhClYmwBtHPOT78/WhuSgFTu4MdwOWOdY0m1SaS4ZVCRjcWCL549B2FTWmJmUoyrywGz1P/AHyqDTL50aODIuYWJSOReqn38u+DQ+h3F7p3EK3enwiSSLcQrA7CCMEnp+lDq7uW7qgmqRrtPnkfnSHU7G3C2r205kkkXMibcbGzjb6mrvrUKzzyvI4Ny+6WUKm1VJOeQ7c6U2VkqyNIAC4GV5Zy3QD8zV8eShKFbM//2Q==\"]]",
"callback": "https://api.zebedee.io/v0/process-static-charges/1f561267-6b24-4f2e-bb6b-5cd162727840",
"payerData": {
"name": {
"mandatory": false
},
"identifier": {
"mandatory": false
}
},
"disposable": false
}
The h
tag is the description_hash
, see bolt11: https://github.com/lightning/bolts/blob/master/11-payment-encoding.md#tagged-fields=
Can you please point me to some working code that is doing it properly? Any language.
Pseudocode:
handle('/.well-known/lnurlp/username') => {
return {
...,
metadata: '[["text/plain", "my description"]]',
callback: 'https://service.com/callback'
}
}
handle('/callback') => {
return {
pr: make_invoice(description_hash=sha256('[["text/plain", "my description"]]', msatoshi=request.qs.amount))
}
}
I don't know the new c-lightning API works though. How are you calling it?
I call lightning-cli
from shell.
$ desc=test
$ lightning-cli -k invoice msatoshi=1000 label="lnurlp-test-$RANDOM" description="[[\"text/plain\", \"$desc\"]]" deschashonly=true
{
"code": -32602,
"message": "description: should be a string (without \\u): invalid token '[[\"text/plain\", \"test\"]]'"
}
So c-lightning is not acceping anything but string in the description.
Pseudocode:
handle('/.well-known/lnurlp/username') => { return { ..., metadata: '[["text/plain", "my description"]]', callback: 'https://service.com/callback' } } handle('/callback') => { return { pr: make_invoice(description_hash=sha256('[["text/plain", "my description"]]', msatoshi=request.qs.amount)) } }
Thank you for this example @fiatjaf. I get the idea, just that description_hash
should be the hash of the description. This looks like artificially setting the value (which is not yet implemented in c-lightning, or would require allowing description
to contain characters which are filtered now).
Try calling the RPC directly instead of the CLI. Does it raise the same error?
I have no idea how to call that RPC directly. Happy to learn. @cdecker?
If I read that linked PR correct: did you try setting the metadata as invoice description and specify the hash only attribute?
Yes, I tried setting the metadata as invoice description and specified the deschashonly
attribute.
Yes, I tried setting the metadata as invoice description and specified the
deschashonly
attribute.
ah, sorry, yes missed that. does it work if you just set some random text description?
@jsarenik:
echo '{"method":"getinfo","params":{},"jsonrpc":"2.0","id":"0"}' | nc -U ~/.lightning/bitcoin/lightning-rpc
But do it with the invoice stuff instead.
Thank you @fiatjaf, that is exactly what I was looking for. Still, it does not work as the metadata
have to be put into description
to get it reflected in description_hash
and there I have to quote the double-quotes,
So I can not have it plain like in your example code ('[["text/plain", "my description"]]'
), but rather "[[\"text/plain\", \"my description\"]]"
which breaks the expected sha256 hash (there are extra backslashes, without them it reports Invalid token in json input:
).
It is possible to put there single-quotes, but that will not help probably. I.e. to end up with
"description": "[['text/plain', 'my description']]",
Strange that it does not work with escaped double-quotes as the LUD shows backslashes in the example: "[[\"text/plain\", \"lorem ipsum blah blah\"]]"
I actually found the hash and was able to reproduce it manually, so the double-quotes are not the issue. Writing it down to think more about what I may be doing wrong.
First, an invoice is generated by CLN, triggered by Albi over LNURLp. The description
is set to [[\"text/plain\", \"anyone\"]]
. This invoice decoded looks like this:
{
"type": "bolt11 invoice",
"currency": "bc",
"created_at": 1648801429,
"expiry": 604800,
"payee": "032de5c0f28f9d7d10c0c0b5ec92e83f9bf40def2bf40181c0f4330c57e58a8605",
"msatoshi": 1000,
"amount_msat": "1000msat",
"description_hash": "5a6ede4ae913c22e0b5f00c0fd16e376893e2f1ef131e5b296b66993dced971a",
"min_final_cltv_expiry": 18,
"payment_secret": "1cf98aa26f31e28f9a42d2d26fe5d716b527bedd3a8cc7e8e4d3e74dd5e5aada",
"features": "024100",
"routes": [
[
{
"pubkey": "029e3508ee0579a5aceb3bfecb01839fb1309fe67050b26d9ce9e27323fa2e66f1",
"short_channel_id": "684650x2064x0",
"fee_base_msat": 1000,
"fee_proportional_millionths": 1,
"cltv_expiry_delta": 40
}
]
],
"payment_hash": "b40e2b930b2282bd187e568868c2ce1c7ef7e302b2487cb876965184e43d6ed6",
"signature": "3044022019d1e20300ebde2cdd6dffea3939e67a83fcc378a365bb3565d46ecfb3b56eca02201d31fd4d3b1cc4ee69965c3fbb35bf2f5ada38469cc60528ebf7ed7cfa47f9e3",
"valid": true
}
Now I do the sha256 checksum (note the \"
becomes "
because of printf
, opposite of what I was thinking, so the result actually matches the example code provided by @fiatjaf):
$ printf '[[\"text/plain\", \"anyone\"]]' | sha256sum
5a6ede4ae913c22e0b5f00c0fd16e376893e2f1ef131e5b296b66993dced971a -
The result is the same hash as the description_hash
in the decoded JSON above. Now I need to figure out what am I doing wrong that Alby still reports "Invalid invoice".
@bumi How to see some debugging of the Albi browser extension? And yes, I was trying to set random text description as well.
How are you testing this in Alby?
I am testing exactly as described in the reproduction steps in the beginning of this issue.
As for debugging on my side, you can see the static .well-known file, the source of lnurl.sh and its last JSON output for your originating IP which stays the same after being generated until paid or for 1 minute (whichever comes first).
@bumi So my question is: what is Alby exactly checking the sha256sum against (with examples please)? My content of description_hash
matches exactly the hash of [["text/plain", "my description"]]
and the invoice is still deemed invalid.
if this is the lnurl-pay response: https://ln.anyone.eu.org/.well-known/lnurlp/anyone
metadata":"[[\"text/identifier\", \"anyone@ln.anyone.eu.org\"], [\"text/plain\", \"anyone\"]]"
then I think it checks the hash of [["text/identifier", "anyone@ln.anyone.eu.org"], ["text/plain", "anyone"]]
- the hash of the stringified version of the metadata JSON.
does that help? do you include the text/identifier
?
this seems to be missing here: https://github.com/jsarenik/bitcoin-faucet-shell/blob/master/cgi-bin/lnurl.sh#L72
at least it is not using the same metadata as returned by the lnurl-pay JSON response.
@bumi Yes, that was it. Thank you!
great! happy we could solve it and it works! 👍
Describe the bug
An invoice which contains route hints is considered invalid by Alby. The GUI reports following:
To Reproduce Steps to reproduce the behavior:
Expected behavior The payment process should be initiated with no
Invalid invoice
message, like when you do the same at https://ln.anyone.eu.org (which targets atanyone@coinos.io
).Information About Alby
1.6.0
Device Information [optional]:
Version 98.0.4758.102 (Official Build) (64-bit)
Additional context The issue is not present when paying
justsmile@stacker.news
instead ofanyone@ln.anyone.eu.org
so here are the decoded invoices of the two:Now the other invoice produced by CLN (c-lightning) which has issues in Alby:
For
lnaddr.sh
script, have a look at https://github.com/jsarenik/cls.Are you working on this issue? No, but let me know how can I help.