Option for Fe32->bytes conversion (fes_to_bytes) to not drop last partial values #198
Comments
|
The code in question is pretty bizarre. It takes byte-encoded data, encodes it into bech32 without adding any padding (because it is eventually part of some larger bech32 string) and then does this insane transformation to convert back to base 256. Since lightningdevkit/rust-lightning#3234 (a PR that Matt created specifically to deal with this case) you can change your signing method to just take a raw HRP invoice instead of taking a partially-serialized shadow of one, and you can throw away all these useless conversions (along with the useless allocations and error paths). So concept NACK from me. Needing to do this is indicative of confused logic, and this particular example is super confused. |
|
Unfortunately it's not the case, it's not so simple. I show this through a simple (made-up) example.
(So far it looks For the signature the hash is needed, and the input for the hash is the data part ( These bytes can't be derived from the bytes of the original data parts! If you look for the repeated values I can see no practical way to derive it apart from decoding from the encoded Bech32 value. Is it sub-optimal? Arguably, but this is how lightning invoices are defined and used. Note that the same operation is needed in the usecase of verifying the signature of an existing invoice. Moreover, there is another, low-prio use case where Base32->Base256 conversion with padding is needed, is the internal encoding of Feature bits. This is a whole different story, it's LDK specific, and the encoding is all reversed there -- both the byte order and the bit order. Currently we have custom conversion there, but if we want to reuse I raised this issue as I thought there is no way to optimize out this problem, and the only solution is the pre-pad before invoking If you prefer not to have this option in (In the meantime I've realized that the padding can also be done in an iterator adapter (counts the elements, pads at the end if needed), and in that way it it's still a small workaround but it fits nicer into iterative processing). |
|
Thanks for writing up this detailed example. I think you're right that, given the bizarre definition of the LN invoice format, it makes sense to support this decoding mode. I'm sure there are hoops that ldk can jump through to avoid this, but should everybody who wants to parse/sign LN invoices need to do this? It seems to me that if a major part of the ecosystem is specified in a way that conceptually requires this... we ought to add it here.
I believe this is what I did when I worked through this. But maybe I didn't get far enough along in my rewrite to get here. It's possible I was just confused -- I woud up being blocked on 3234 before I was able to get my code to even compile, let alone the unit tests passing. |
I rescind this. The confused logic is embedded in a specification and we need to live with it, just like the dozens of similar weird things in Bitcoin itself. concept ACK. |
|
This is not an urgent, nor a major issue in LDK, and implementation in |
This is my preferred approach. Though you can reuse the We should maybe call it |
|
I second the new function approach. No need to break the API by adding a parameter to an existing function. |
This is a minor feature request:
The Fe32->bytes conversion --
fes_to_bytesinprimitives/iter.rs-- drops the last incomplete byte:In some use cases padding with 0 bits is needed (rather than dropping bits). Currently this can be achieved by appending the input with 0, 1, or 2
0values (depending the input length), before doing the conversion.It would be nice if this is provided as a possibility in conversion (e.g. by a different method
fes_to_bytes_pador an parameter flag).An example with pre-padding is here: https://github.com/lightningdevkit/rust-lightning/blob/main/lightning-invoice/src/lib.rs#L963
If the idea is accepted/clarified, I can prepare a PR.
The text was updated successfully, but these errors were encountered: