Support Currency-Based Offers and Async Invoice Handling via FlowEvents#3833
Support Currency-Based Offers and Async Invoice Handling via FlowEvents#3833shaavan wants to merge 6 commits intolightningdevkit:mainfrom
Conversation
|
👋 Thanks for assigning @jkczyz as a reviewer! |
|
cc @jkczyz |
|
🔔 1st Reminder Hey @joostjager! This PR has been waiting for your review. |
|
Is this proposed change a response to a request from a specific user/users? |
|
Hi @joostjager! This PR is actually a continuation of the original thread that led to the The motivation behind it was to provide users with the ability to handle So, as a first step, we worked on refactoring most of the Offers-related code out of Hope that gives a clear picture of the intent behind this! Let me know if you have any thoughts or suggestions—would love to hear them. Thanks a lot! |
|
Another use case is Fedimint, where they'll want to include their own payment hash in the |
Does Fedimint plan to use the |
I believe with one. |
|
🔔 2nd Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 3rd Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 4th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 5th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 6th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 7th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 8th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 9th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 10th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
🔔 11th Reminder Hey @joostjager! This PR has been waiting for your review. |
|
Removing @joostjager for now to stop bot spam. @shaavan and I have been working through some variations of this approach. |
vincenzopalazzo
left a comment
vincenzopalazzo
left a comment
There was a problem hiding this comment.
Concept ACK for me
I was just looking around to sync with this Offer Flow
shaavan
changed the title
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #3833 +/- ##
==========================================
+ Coverage 89.34% 89.37% +0.02%
==========================================
Files 180 180
Lines 138480 140045 +1565
Branches 138480 140045 +1565
==========================================
+ Hits 123730 125164 +1434
- Misses 12129 12295 +166
+ Partials 2621 2586 -35
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
shaavan
force-pushed
the
currency
branch
2 times, most recently
from
4656246 to
ab92369
Compare
|
Updated .09 → .10 Changes:
|
TheBlueMatt
left a comment
TheBlueMatt
left a comment
There was a problem hiding this comment.
I'm a bit unclear on why the events are here, they don't seem complete and could presumably go in a different PR?
As for the currency conversion, presumably we want to also add support for currency conversion to sending invreqs? Given the intended use-case for currency conversion is mostly recurring invoices, a payer likely really wants to ensure that they're actually gonna pay $5 and not have the recipient decide that actually $5 is 1 BTC. We also need to figure out tolerance thresholds for that (are there any mentioned in the spec?) - someone trying to pay us $5 where we think its $4.99 is probably okay. Not quite sure what to do there, maybe including it as a part of the interface makes sense - rather than an amount, a min amount and a selected amount?
lightning/src/offers/flow.rs
Outdated
| /// | ||
| /// Once generated, these events are stored in the [`OffersMessageFlow`], where they can be | ||
| /// manually inspected and responded to. | ||
| pub enum OfferMessageFlowEvent { |
There was a problem hiding this comment.
Hmm, so is the intention that these cannot be used for those using ChannelManager? We don't currently expose the flow object itself in ChannelManager so these events wouldn't be reachable (and you can't set the config on them either).
lightning/src/ln/channelmanager.rs
Outdated
| @@ -15699,6 +15360,7 @@ where | |||
| InvoiceRequestVerifiedFromOffer::DerivedKeys(request) => { | |||
| let result = self.flow.create_invoice_builder_from_invoice_request_with_keys( | |||
| &self.router, | |||
| &DefaultCurrencyConversion, | |||
There was a problem hiding this comment.
So is the intention that some future PR will enable currency conversion for ChannelManager users? I'm not clear on why we're passing the trait impl in to each function rather than having the flow object own a CurrencyConversion (Deref).
| /// Returning msats per major unit will be off by a factor of 10^exponent (e.g. 100× for USD). | ||
| /// | ||
| /// This convention ensures amounts remain precise and purely integer-based when parsing and | ||
| /// validating BOLT12 invoice requests. |
There was a problem hiding this comment.
You might want to add some phrasing here noting that implementations should almost certainly rely on fetching and caching latest rates and should never fetch rates live in response to a query.
The reason the (currently incomplete) FlowEvents appear here is that they’re tied to a broader architectural decision we need to make around where currency conversion should live. The underlying question is whether currency conversion should be treated as:
This PR currently builds on the second approach, but before moving further I wanted to lay out the trade-offs and get your thoughts on which direction we should commit to. Option A: Flow-owned (synchronous) currency conversionIn this approach, Pros
Cons
Option B: Event/handler-owned (async-capable) conversionIn this model, users who want currency conversion opt into manual Pros
Cons
Why FlowEvents appear in this PRIf we go with Option B, FlowEvents are the natural seam for introducing currency conversion into the core flow. If we choose Option A, these events can be deferred or split into a separate PR. Before fleshing FlowEvents out further, I wanted to get your thoughts on which trade-off we should commit to.
Makes sense. That would require additional API changes (e.g., passing conversion context into
The spec doesn’t define a tolerance threshold, so this seems best left as a user-level decision. One possible approach would be to extend the user-implemented |
|
Hmm, yea, its an interesting question. Naively it seems like going the async direction makes sense - fetching currency conversion is likely something that happens via the internet so it should be async. But once we complete the event pipeline (presumably by bubbling these new events up as top-level On the flip side, doing currency conversion via a sync (cached) API doesn't seem so bad when you look at actual currency conversion APIs. Instead of being individual APIs that you hit to request the conversion from currency A to B, my glance through available options seems to mostly point to them being a single request that returns a JSON map of all the known currencies to their value in some fixed base currency (eg see https://openexchangerates.org/). Thus, in practice caching should be quite simple/a single up-front request. This does leave some complexity in ensuring you dont block the node on startup waiting for the conversion API response but presumably we want a fallible API anyway... |
|
Thanks for the thoughtful points, @TheBlueMatt On currency conversion specifically, I agree that a synchronous API is the better default. In practice it nudges users toward exactly the model they should be using anyway: cached, pre-fetched rates rather than just-in-time lookups. That said, I wanted to discuss one broader issue around Flow events in general.
I think this is a very fair criticism of the event-based model as it stands. Even if we move currency conversion to a synchronous, flow-owned API, we still seem to want some mechanism that lets a user “catch” an For example, @jkczyz mentioned a Fedimint use case that would require exactly this kind of interception and analysis. One idea we had explored was keeping a separate event queue inside So the one question left is this: How should we introduce Flow-events, or a Flow-event-like mechanism, that allows users to asynchronously inspect and reason about Would love to get your thoughts on this! |
|
🔔 1st Reminder Hey @TheBlueMatt! This PR has been waiting for your review. |
|
🔔 2nd Reminder Hey @TheBlueMatt! This PR has been waiting for your review. |
|
🔔 3rd Reminder Hey @TheBlueMatt! This PR has been waiting for your review. |
|
🔔 4th Reminder Hey @TheBlueMatt! This PR has been waiting for your review. |
|
Oops sorry took me a minute to get back to this. Its a really good question I don't have a great answer for. In general in the This doesn't, of course, help us in
IMO we should generally default to the last option, avoiding adding any specific handling until we have a real specific use-case in mind and can see how to implement for that clearly. eg the fedi logic may well often run without a channelmanager or at least can punt the offers message handling out to a flow anyway. |
Adds a `CurrencyConversion` trait allowing users to provide logic for converting currency-denominated amounts into millisatoshis. LDK itself cannot perform such conversions as exchange rates are external, time-dependent, and application-specific. Instead, the conversion logic must be supplied by the user. This trait forms the foundation for supporting Offers denominated in fiat currencies while keeping exchange-rate handling outside the core protocol logic.
Makes OffersMessageFlow generic over a CurrencyConversion implementation, propagating the parameter through to ChannelManager. Upcoming changes will introduce currency conversion support in BOLT 12 message handling, which requires access to conversion logic from both ChannelManager and OffersMessageFlow. By threading the conversion abstraction through OffersMessageFlow now, subsequent commits can use it directly without introducing temporary plumbing or refactoring the type hierarchy later.
Extends `OfferBuilder` to allow creating Offers whose amount is denominated in a fiat currency instead of millisatoshis. To ensure such Offers can later be processed correctly, currency amounts may only be set when the caller provides a `CurrencyConversion` implementation capable of resolving the amount into millisatoshis. Since amount correctness checks are now performed directly in the amount setters, they can be removed from the `build()` method. This introduces the first layer of currency support in Offers, allowing them to be created with currency-denominated amounts.
To support currency-denominated Offers, the InvoiceRequest builder needs to resolve the Offer amount at multiple points during construction. This occurs when explicitly setting `amount_msats` and again when the InvoiceRequest is finalized via `build()`. To avoid repeatedly passing a `CurrencyConversion` implementation into these checks, the builder now stores a reference to it at creation time. This allows the builder to resolve currency-denominated Offer amounts whenever validation requires it. As part of this change, `InvoiceRequest::amount_msats()` is updated to use the provided `CurrencyConversion` to resolve the underlying Offer amount when necessary.
Adds currency conversion support when responding to an `InvoiceRequest` and constructing the `InvoiceBuilder`. When the underlying Offer specifies its amount in a currency denomination, the `CurrencyConversion` implementation is used to resolve the payable amount into millisatoshis and ensure the invoice amount satisfies the Offer's requirements. This reintroduces the currency validation intentionally skipped during `InvoiceRequest` parsing, keeping parsing focused on structural validation while enforcing amount correctness at the time the Invoice is constructed.
Adds tests covering Offers whose amounts are denominated in fiat currencies. These tests verify that: * currency-denominated Offer amounts can be created * InvoiceRequests correctly resolve amounts using CurrencyConversion * Invoice construction validates and enforces the payable amount This ensures the full Offer → InvoiceRequest → Invoice flow works correctly when the original Offer amount is specified in currency.
|
Updated .10 → .11 Changes:
See the updated PR description for full details. |
7 participants
This PR adds support for currency-denominated Offers in LDK’s BOLT 12 offer-handling flow.
Previously, Offers could only specify their amount in millisatoshis. However, BOLT 12 allows Offers to be denominated in other currencies such as fiat. Supporting this requires converting those currency amounts into millisatoshis at runtime when validating payments and constructing invoices.
Because exchange rates are external, time-dependent, and application-specific, LDK cannot perform these conversions itself. Instead, this PR introduces a
CurrencyConversiontrait which allows applications to provide their own logic for resolving currency-denominated amounts into millisatoshis. LDK remains exchange-rate agnostic and simply invokes this trait whenever a currency amount must be resolved.To make this conversion logic available throughout the BOLT 12 flow,
OffersMessageFlowis parameterized over aCurrencyConversionimplementation and the abstraction is threaded through the offer handling pipeline.With this in place:
OfferBuildercan now create Offers whose amounts are denominated in currencies instead of millisatoshis•
InvoiceRequesthandling can resolve Offer amounts when validating requests•
InvoiceBuilderenforces that the final invoice amount satisfies the Offer’s requirements after resolving any currency denominationCurrency validation is intentionally deferred until invoice construction when necessary, keeping earlier stages focused on structural validation while ensuring the final payable amount is correct.
Tests are added to cover the complete Offer → InvoiceRequest → Invoice flow when the original Offer amount is specified in a currency.