Static invoice server

[joostjager]

Wires up async payments functionality in ldk-node. This PR only covers the static invoice creation part. In a follow up, the full mechanism will be put in place to hold an htlc sender-side until the receiver comes online again.

[ldk-reviews-bot]

👋 Thanks for assigning @tnull as a reviewer!
I'll wait for their review and will help manage the review process.
Once they submit their review, I'll check if a second reviewer would be helpful.

[tnull]

I realize this is in draft for good reason, just leaving some early comments here.

[joostjager]

Keeping it simple here

[joostjager]

Needed to add Mutex here even though I don't think it is used concurrently. Otherwise handle_event needed to be made mutable, the Arc higher up no longer working, etc.

[joostjager]

Async, prepare for async kv store.

[joostjager]

Added bindings

[joostjager]

Made rate limiter a bit less simplistic by adding a leaky bucket. Otherwise the second call of two consecutive calls immediately fails.

[ldk-reviews-bot]

🔔 1st Reminder

Hey @tnull! This PR has been waiting for your review.
Please take a look when you have a chance. If you're unable to review, please let us know so we can find another reviewer.

[tnull]

Took a first look, have yet to review the rate limiter logic and tests closer.

[tnull]

In the Rust API, we def. still want to return the actual BlindedMessagePaths, just for the uniffi interface it's okay to fallback to a bytes for now.

[joostjager]

Why would it be required to know the details of the blinded paths for the Rust API and not for the other APIs? Not sure which use that unlocks.

[tnull]

Why would it be required to know the details of the blinded paths for the Rust API and not for the other APIs? Not sure which use that unlocks.

Users might want to expect what they're paying to. It's fine to take a shortcut here for bindings, but please use the full Rust type in the Rust API.

[joostjager]

This is not about what they are paying to. It's the path that the receiver can use to contact the static invoice server. Because it is blinded, they still don't know where that server is potentially?

[tnull]

We try to use the proper Rust types where possible, and I really don't see why we shouldn't in this case. In case of set_paths_to_static_invoice_server users could theoretically handcraft a blinded path somehow if their service implementation doesn't exactly meet our serialization and try to use it. Here we'd just match that API type.

[joostjager]

I think consistency between languages is more important. Especially if the handcrafted blinded path is speculative. But no blocker, I've updated the code with distinct method signatures.

[joostjager]

Unit tests added for static invoice store and rate limiter.

[joostjager]

Added async services config flag

[tnull]

Mostly looks good, some comments/questions.

[tnull]

I think we need to return Err(ReplayEvent()) here and below in case of persistence failure to be able to retry?

[joostjager]

Good point. Also static_invoice_persisted shouldn't be called in that case. Fixed here and below.

[tnull]

This is out-of-date now that we don't serialize invoice_slot as hex?

[tnull]

Also, let's move this example to the static invoice store, as this is just the primary namespace const. We should however cross-link to the the respective LDK docs here so that readers know what 'static invoices' are in the first place.

[joostjager]

Decimal invoice slot, example moved, LDK link added.

[tnull]

Suggested change

	pub(crate) const STATIC_INVOICES_PRIMARY_NAMESPACE: &str = "static_invoices";
	pub(crate) const STATIC_INVOICE_STORE_PRIMARY_NAMESPACE: &str = "static_invoices";

[joostjager]

Not sure if I like this better. It's not the store that is stored, but the invoices. I don't really mind either. Changed.

[tnull]

This and the other new files need a module description and a copyright header.

[joostjager]

Added

[tnull]

Do we really need two independent rate limiters here or would a single one not suffice?

[joostjager]

I thought that it wouldn't be nice if a recipient can't update their invoice because someone else is keeping the limited active with requests.

[tnull]

nit: As mentioned elsewhere previously, module-level grouping of imports would be preferred.

I'm starting to wonder if we should go 'bleeding edge' here and introduce a nightly rustfmt CI job, which would indeed support dealing with the import groups for us:

group_imports = "StdExternalCrate"
reorder_imports = true
imports_granularity = "Module"

[joostjager]

That would be great. FIxing import groups isn't something that humans should be required to do, especially because some people don't even care for them.

[tnull]

Hmm, let's just forward the full Config as we might need it for other things in the future, too?

[joostjager]

I didn't want to add a dependency to the full object if a bool suffices. Also makes it more clear what part of config matters. Maybe we don't need things in the future. But no strong objection, so changed.

[tnull]

Mind adding an 'experimental feature' note here and on the other main APIs?

[joostjager]

I can do that, but in what regard is it experimental? Added

[tnull]

Do we need to check whether we actually know/have a channel open with the recipient? Or is all that fully handled on the LDK side already?

[joostjager]

Discussed offline. At this point, I think it is part of the integration of ldk-node into the wider system to ensure that blinded_paths_for_async_recipient isn't called without restrictions.

[joostjager]

Squashed previous fixups and added new fix up that addresses review comments.