Skip to content

Commit 5d2fdfe

Browse files
rustyrussellcdecker
rustyrussell
authored and
cdecker
committed
common: add check that pico-valued invoices are round numbers.
Otherwise you can ask for a sub-millisatoshi amount, which is dumb and violates the spec. See-also: lightning/bolts#736 Signed-off-by: Rusty Russell <[email protected]> Changelog-Changed: We now reject invoices which ask for sub-millisatoshi amounts
1 parent 3e9d4de commit 5d2fdfe

File tree

2 files changed

+18
-0
lines changed

2 files changed

+18
-0
lines changed

common/bolt11.c

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -649,6 +649,17 @@ struct bolt11 *bolt11_decode(const tal_t *ctx, const char *str,
649649
* amount required for payment.
650650
*/
651651
b11->msat = tal(b11, struct amount_msat);
652+
/* BOLT-50143e388e16a449a92ed574fc16eb35b51426b9 #11:
653+
*
654+
* - if multiplier is `p` and the last decimal of `amount` is
655+
* not 0:
656+
* - MUST fail the payment.
657+
*/
658+
if (amount * m10 % 10 != 0)
659+
return decode_fail(b11, fail,
660+
"Invalid sub-millisatoshi amount"
661+
" '%sp'", amountstr);
662+
652663
b11->msat->millisatoshis = amount * m10 / 10; /* Raw: raw amount multiplier calculation */
653664
}
654665

common/test/run-bolt11.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -562,6 +562,13 @@ int main(void)
562562
assert(!bolt11_decode(tmpctx, "lnbc2500x1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpujr6jxr9gq9pv6g46y7d20jfkegkg4gljz2ea2a3m9lmvvr95tq2s0kvu70u3axgelz3kyvtp2ywwt0y8hkx2869zq5dll9nelr83zzqqpgl2zg", NULL, &fail));
563563
assert(streq(fail, "Invalid amount postfix 'x'"));
564564

565+
/* BOLT- #11:
566+
* > ### Invalid sub-millisatoshi precision.
567+
* > lnbc2500000001p1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpu7hqtk93pkf7sw55rdv4k9z2vj050rxdr6za9ekfs3nlt5lr89jqpdmxsmlj9urqumg0h9wzpqecw7th56tdms40p2ny9q4ddvjsedzcplva53s
568+
*/
569+
assert(!bolt11_decode(tmpctx, "lnbc2500000001p1pvjluezpp5qqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqqqsyqcyq5rqwzqfqypqdq5xysxxatsyp3k7enxv4jsxqzpu7hqtk93pkf7sw55rdv4k9z2vj050rxdr6za9ekfs3nlt5lr89jqpdmxsmlj9urqumg0h9wzpqecw7th56tdms40p2ny9q4ddvjsedzcplva53s", NULL, &fail));
570+
assert(streq(fail, "Invalid sub-millisatoshi amount '2500000001p'"));
571+
565572
/* FIXME: Test the others! */
566573
wally_cleanup(0);
567574
tal_free(tmpctx);

0 commit comments

Comments
 (0)