feat: add mints_strict field to payment requests#2007
Conversation
d4rp4t
force-pushed
the
feat/nut18-nut28-mint-strict-flag
branch
from
085b13c to
da6ce50
Compare
|
Added changes so it matches: cashubtc/nuts#381 |
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: da6ce50884
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| /// Mints strict flag | ||
| #[serde(rename = "ms")] | ||
| #[serde(skip_serializing_if = "Option::is_none")] | ||
| pub mints_strict: Option<bool>, |
There was a problem hiding this comment.
When ms is Some(false), the mint list is only a suggestion, but WalletRepository::pay_request still rejects a specified mint and skips auto-selected wallets whenever payment_request.mints is non-empty. A payer with funds only at another mint will fail a non-strict request instead of using that mint, so the selection filters should be gated on mints_strict.unwrap_or(true).
Useful? React with 👍 / 👎.
| /// Additional fee reserve for payments from non-preferred mints | ||
| #[serde(rename = "fr")] | ||
| #[serde(skip_serializing_if = "Option::is_none")] | ||
| pub fee_reserve: Option<Amount>, |
There was a problem hiding this comment.
The referenced NUT-18/NUT-26 change only adds ms/tag 0x09; fr is not defined for payment requests. Because this field and its builder method are serialized into CBOR and NUT-26 tag 0x0a when set, callers can emit non-standard requests that may collide with future tag assignments, so this should be removed until the NUT assigns it.
Useful? React with 👍 / 👎.
| /// Supported payment methods the mint must support | ||
| #[serde(rename = "sm")] | ||
| #[serde(skip_serializing_if = "Vec::is_empty", default)] | ||
| pub supported_methods: Vec<String>, |
There was a problem hiding this comment.
The preferred-mints spec change does not define an sm payment-request field or NUT-26 tag 0x0b. If a caller sets supported_methods, this implementation serializes a non-standard field in both encodings, which other implementations may ignore and which can conflict with a future NUT assignment.
Useful? React with 👍 / 👎.
| unit: Some(CurrencyUnit::from_str(¶ms.unit)?), | ||
| single_use: Some(true), | ||
| mints, | ||
| mints_strict: None, |
There was a problem hiding this comment.
For Nostr requests created here, None means strict mode by default, but NostrWaitInfo does not retain the accepted mints and both wait_for_nostr_payment paths receive/create a wallet for any payload.mint. In Nostr receive flows this accepts payments from mints the request says must be rejected, so carry the mint policy into the wait info or pass the original request to wait_for_nostr_payment and check it before receiving.
Useful? React with 👍 / 👎.
| if !value.is_empty() { | ||
| mints_strict = Some(value[0] != 0); |
There was a problem hiding this comment.
NUT-26 defines tag 0x09 as a single u8 0/1, but this accepts empty values as absent and any multi-byte or non-zero value as true. A malformed CREQB with tag 0x09 length 2 decodes successfully and re-encodes to different canonical bytes, so check value.len() == 1 and matches!(value[0], 0 | 1) before setting the field.
Useful? React with 👍 / 👎.
| unit, | ||
| single_use, | ||
| mints, | ||
| mints_strict: None, |
There was a problem hiding this comment.
The structured payment-request fuzzer round-trips PaymentRequestArb through CBOR, Bech32, and JSON, but the new mints_strict field is always None. That means regressions in serializing or decoding Some(false)/Some(true) will not be exercised by this target, so make this field fuzz-controlled like the other optional booleans.
Useful? React with 👍 / 👎.
2 participants
Description
Adds mints_strict (ms) field to PaymentRequest as specified in NUT-18 and NUT-26 PR: cashubtc/nuts#381
When ms is absent or true (default), the recipient MUST reject payments from mints not in the mint list. When ms is false, the mint list is a suggestion for the payer.
NUT-26 (bech32m) encoding adds TLV tag 0x09 for this field.
Notes to the reviewers
The field is serialized with skip_serializing_if = "Option::is_none" so existing encoded payment requests remain valid — absence of the tag is equivalent to true (strict mode), consistent with the proposed spec default.
Suggested CHANGELOG Updates
CHANGED
ADDED
Checklist
just quick-checkbefore committingcrates/cdk-ffi)