f remove to-be-deprecated auth from offer_paths_req reply path

Author: valentinewallace

lightning/src/blinded_path/message.rs

@@ -410,19 +410,6 @@ pub enum AsyncPaymentsContext {
 	/// [`OfferPathsRequest`]: crate::onion_message::async_payments::OfferPathsRequest
 	/// [`OfferPaths`]: crate::onion_message::async_payments::OfferPaths
 	OfferPaths {
-		/// A nonce used for authenticating that an [`OfferPaths`] message is valid for a preceding
-		/// [`OfferPathsRequest`] that we sent as an async recipient.
-		///
-		/// [`OfferPathsRequest`]: crate::onion_message::async_payments::OfferPathsRequest
-		/// [`OfferPaths`]: crate::onion_message::async_payments::OfferPaths
-		nonce: Nonce,
-		/// Authentication code for the [`OfferPaths`] message.
-		///
-		/// Prevents nodes from creating their own blinded path that terminates at our async recipient
-		/// node and causing us to cache an unintended async receive offer.
-		///
-		/// [`OfferPaths`]: crate::onion_message::async_payments::OfferPaths
-		hmac: Hmac<Sha256>,
 		/// The time as duration since the Unix epoch at which this path expires and messages sent over
 		/// it should be ignored.
 		///
@@ -513,9 +500,7 @@ impl_writeable_tlv_based_enum!(AsyncPaymentsContext,
 		(4, path_absolute_expiry, required),
 	},
 	(2, OfferPaths) => {
-		(0, nonce, required),
-		(2, hmac, required),
-		(4, path_absolute_expiry, required),
+		(0, path_absolute_expiry, required),
 	},
 );
 

lightning/src/ln/channelmanager.rs

@@ -5142,7 +5142,7 @@ where
 	#[cfg(async_payments)]
 	fn check_refresh_async_receive_offers(&self) {
 		let peers = self.get_peers_for_blinded_path();
-		match self.flow.check_refresh_async_receive_offers(peers, &*self.entropy_source) {
+		match self.flow.check_refresh_async_receive_offers(peers) {
 			Err(()) => {
 				log_error!(
 					self.logger,

lightning/src/offers/flow.rs

@@ -1132,18 +1132,14 @@ where
 	///
 	/// Errors if we failed to create blinded reply paths when sending an [`OfferPathsRequest`] message.
 	#[cfg(async_payments)]
-	pub(crate) fn check_refresh_async_receive_offers<ES: Deref>(
-		&self, peers: Vec<MessageForwardNode>, entropy: ES,
-	) -> Result<(), ()>
-	where
-		ES::Target: EntropySource,
-	{
+	pub(crate) fn check_refresh_async_receive_offers(
+		&self, peers: Vec<MessageForwardNode>,
+	) -> Result<(), ()> {
 		// Terminate early if this node does not intend to receive async payments.
 		if self.paths_to_static_invoice_server.is_empty() {
 			return Ok(());
 		}
 
-		let expanded_key = &self.inbound_payment_key;
 		let duration_since_epoch = self.duration_since_epoch();
 
 		// Update the cache to remove expired offers, and check to see whether we need new offers to be
@@ -1156,10 +1152,7 @@ where
 
 		// If we need new offers, send out offer paths request messages to the static invoice server.
 		if needs_new_offers {
-			let nonce = Nonce::from_entropy_source(&*entropy);
 			let context = MessageContext::AsyncPayments(AsyncPaymentsContext::OfferPaths {
-				nonce,
-				hmac: signer::hmac_for_offer_paths_context(nonce, expanded_key),
 				path_absolute_expiry: duration_since_epoch
 					.saturating_add(TEMP_REPLY_PATH_RELATIVE_EXPIRY),
 			});

lightning/src/offers/signer.rs

@@ -55,11 +55,6 @@ const PAYMENT_TLVS_HMAC_INPUT: &[u8; 16] = &[8; 16];
 #[cfg(async_payments)]
 const ASYNC_PAYMENTS_HELD_HTLC_HMAC_INPUT: &[u8; 16] = &[9; 16];
 
-// HMAC input used in `AsyncPaymentsContext::OfferPaths` to authenticate inbound offer_paths onion
-// messages.
-#[cfg(async_payments)]
-const ASYNC_PAYMENTS_OFFER_PATHS_INPUT: &[u8; 16] = &[10; 16];
-
 /// Message metadata which possibly is derived from [`MetadataMaterial`] such that it can be
 /// verified.
 #[derive(Clone)]
@@ -575,16 +570,3 @@ pub(crate) fn verify_held_htlc_available_context(
 		Err(())
 	}
 }
-
-#[cfg(async_payments)]
-pub(crate) fn hmac_for_offer_paths_context(
-	nonce: Nonce, expanded_key: &ExpandedKey,
-) -> Hmac<Sha256> {
-	const IV_BYTES: &[u8; IV_LEN] = b"LDK Offer Paths~";
-	let mut hmac = expanded_key.hmac_for_offer();
-	hmac.input(IV_BYTES);
-	hmac.input(&nonce.0);
-	hmac.input(ASYNC_PAYMENTS_OFFER_PATHS_INPUT);
-
-	Hmac::from_engine(hmac)
-}