bolts icon indicating copy to clipboard operation
bolts copied to clipboard
verified publisher icon lightning

bolt12: Add test vector for missing offer_amount with offer_currency

Open erickcestari opened this issue 5 months ago • 2 comments

During differential fuzzing between C-lightning and rust-lightning, discovered that C-lightning incorrectly accepts offers with offer_currency set but offer_amount missing, while rust-lightning rejects them.

The BOLT 12 specification states in "Requirements For Offers":

if offer_currency is set and offer_amount is not set:

  • MUST NOT respond to the offer.

This pr adds a test vector for the invalid offer: lno1qcp4256ypgx9getnwss8vetrw3hhyuckyypwa3eyt44h6txtxquqh7lz5djge4afgfjn7k4rgrkuag0jsd5xvxg

Which contains CURRENCY=USD but no amount field, and should be rejected by all compliant implementations.

I got this test vector from: https://github.com/ElementsProject/lightning/blob/c3362b057c2174589024254f4cab9eb8d955a26f/common/test/run-bolt12-encode-test.c#L439

erickcestari avatar Aug 13 '25 14:08 erickcestari

Thanks. Eclair too fails this test, I've fixed it in https://github.com/ACINQ/eclair/pull/3140.

thomash-acinq avatar Aug 18 '25 08:08 thomash-acinq

@rustyrussell could you fix this on the cln side and verify this test vector?

t-bast avatar Sep 17 '25 08:09 t-bast