f remove deprecated blinded path auth stuff

Author: valentinewallace

lightning/src/blinded_path/message.rs

@@ -451,19 +451,6 @@ pub enum AsyncPaymentsContext {
 		///
 		/// [`StaticInvoice`]: crate::offers::static_invoice::StaticInvoice
 		static_invoice_absolute_expiry: core::time::Duration,
-		/// A nonce used for authenticating that a [`StaticInvoicePersisted`] message is valid for a
-		/// preceding [`ServeStaticInvoice`] message.
-		///
-		/// [`StaticInvoicePersisted`]: crate::onion_message::async_payments::StaticInvoicePersisted
-		/// [`ServeStaticInvoice`]: crate::onion_message::async_payments::ServeStaticInvoice
-		nonce: Nonce,
-		/// Authentication code for the [`StaticInvoicePersisted`] message.
-		///
-		/// Prevents nodes from creating their own blinded path to us and causing us to cache an
-		/// unintended async receive offer.
-		///
-		/// [`StaticInvoicePersisted`]: crate::onion_message::async_payments::StaticInvoicePersisted
-		hmac: Hmac<Sha256>,
 		/// The time as duration since the Unix epoch at which this path expires and messages sent over
 		/// it should be ignored.
 		///
@@ -562,9 +549,7 @@ impl_writeable_tlv_based_enum!(AsyncPaymentsContext,
 		(4, offer_created_at, required),
 		(6, update_static_invoice_path, required),
 		(8, static_invoice_absolute_expiry, required),
-		(10, nonce, required),
-		(12, hmac, required),
-		(14, path_absolute_expiry, required),
+		(10, path_absolute_expiry, required),
 	},
 );
 

lightning/src/offers/flow.rs

@@ -1206,14 +1206,9 @@ where
 		ES::Target: EntropySource,
 		R::Target: Router,
 	{
-		let expanded_key = &self.inbound_payment_key;
 		let duration_since_epoch = self.duration_since_epoch();
-
 		match context {
-			AsyncPaymentsContext::OfferPaths { nonce, hmac, path_absolute_expiry } => {
-				if let Err(()) = signer::verify_offer_paths_context(nonce, hmac, expanded_key) {
-					return None;
-				}
+			AsyncPaymentsContext::OfferPaths { path_absolute_expiry } => {
 				if duration_since_epoch > path_absolute_expiry {
 					return None;
 				}
@@ -1325,8 +1320,6 @@ where
 			.and_then(|paths| paths.into_iter().next().ok_or(()))?;
 
 		let reply_path_context = {
-			let nonce = Nonce::from_entropy_source(entropy);
-			let hmac = signer::hmac_for_static_invoice_persisted_context(nonce, expanded_key);
 			let static_invoice_absolute_expiry =
 				invoice.created_at().saturating_add(invoice.relative_expiry());
 			let path_absolute_expiry =
@@ -1337,8 +1330,6 @@ where
 				offer_created_at,
 				update_static_invoice_path,
 				static_invoice_absolute_expiry,
-				nonce,
-				hmac,
 				path_absolute_expiry,
 			}
 		};

lightning/src/offers/signer.rs

@@ -55,11 +55,6 @@ const PAYMENT_TLVS_HMAC_INPUT: &[u8; 16] = &[8; 16];
 #[cfg(async_payments)]
 const ASYNC_PAYMENTS_HELD_HTLC_HMAC_INPUT: &[u8; 16] = &[9; 16];
 
-// HMAC input used in `AsyncPaymentsContext::StaticInvoicePersisted` to authenticate inbound
-// static_invoice_persisted onion messages.
-#[cfg(async_payments)]
-const ASYNC_PAYMENTS_STATIC_INV_PERSISTED_INPUT: &[u8; 16] = &[11; 16];
-
 /// Message metadata which possibly is derived from [`MetadataMaterial`] such that it can be
 /// verified.
 #[derive(Clone)]
@@ -575,27 +570,3 @@ pub(crate) fn verify_held_htlc_available_context(
 		Err(())
 	}
 }
-
-#[cfg(async_payments)]
-pub(crate) fn verify_offer_paths_context(
-	nonce: Nonce, hmac: Hmac<Sha256>, expanded_key: &ExpandedKey,
-) -> Result<(), ()> {
-	if hmac_for_offer_paths_context(nonce, expanded_key) == hmac {
-		Ok(())
-	} else {
-		Err(())
-	}
-}
-
-#[cfg(async_payments)]
-pub(crate) fn hmac_for_static_invoice_persisted_context(
-	nonce: Nonce, expanded_key: &ExpandedKey,
-) -> Hmac<Sha256> {
-	const IV_BYTES: &[u8; IV_LEN] = b"LDK InvPersisted";
-	let mut hmac = expanded_key.hmac_for_offer();
-	hmac.input(IV_BYTES);
-	hmac.input(&nonce.0);
-	hmac.input(ASYNC_PAYMENTS_STATIC_INV_PERSISTED_INPUT);
-
-	Hmac::from_engine(hmac)
-}