blip42: Add contact secret and payer offer support to invoice requests

Implements BLIP-42 contact management for the sender side:

- Add contact_secret and payer_offer fields to InvoiceRequestContents
- Add builder methods: contact_secrets(), payer_offer()
- Add accessor methods: contact_secret(), payer_offer()
- Add OptionalOfferPaymentParams fields for contact_secrects and payer_offer
- Update ChannelManager::pay_for_offer to pass contact information
- Add create_compact_offer_builder to OffersMessageFlow for small payer offers
- Update tests to include new InvoiceRequestFields

Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>

Author: vincenzopalazzo

fuzz/src/invoice_request_deser.rs

@@ -98,6 +98,8 @@ fn build_response<T: secp256k1::Signing + secp256k1::Verification>(
 					.payer_note()
 					.map(|s| UntrustedString(s.to_string())),
 				human_readable_name: None,
+				contact_secret: None,
+				payer_offer: None,
 			}
 		};
 

lightning/src/ln/channelmanager.rs

@@ -94,6 +94,7 @@ use crate::ln::outbound_payment::{
 };
 use crate::ln::types::ChannelId;
 use crate::offers::async_receive_offer_cache::AsyncReceiveOfferCache;
+use crate::offers::contacts::ContactSecrets;
 use crate::offers::flow::{HeldHtlcReplyPath, InvreqResponseInstructions, OffersMessageFlow};
 use crate::offers::invoice::{Bolt12Invoice, UnsignedBolt12Invoice};
 use crate::offers::invoice_error::InvoiceError;
@@ -773,6 +774,34 @@ pub struct OptionalOfferPaymentParams {
 	/// will ultimately fail once all pending paths have failed (generating an
 	/// [`Event::PaymentFailed`]).
 	pub retry_strategy: Retry,
+	/// Contact secrets to include in the invoice request for BLIP-42 contact management.
+	/// If provided, these secrets will be used to establish a contact relationship with the recipient.
+	pub contact_secrets: Option<ContactSecrets>,
+	/// A custom payer offer to include in the invoice request for BLIP-42 contact management.
+	///
+	/// If provided, this offer will be included in the invoice request, allowing the recipient to
+	/// contact you back. If `None`, **no payer offer will be included** in the invoice request.
+	///
+	/// You can create custom offers using [`OffersMessageFlow::create_compact_offer_builder`]:
+	/// - Pass `None` for no blinded path (smallest size, ~70 bytes)
+	/// - Pass `Some(intro_node_id)` for a single blinded path (~200 bytes)
+	///
+	/// # Example
+	/// ```rust,ignore
+	/// // Include a compact offer with a single blinded path
+	/// let payer_offer = flow.create_compact_offer_builder(
+	///     &entropy_source,
+	///     Some(trusted_peer_pubkey)
+	/// )?.build()?;
+	///
+	/// let params = OptionalOfferPaymentParams {
+	///     payer_offer: Some(payer_offer),
+	///     ..Default::default()
+	/// };
+	/// ```
+	///
+	/// [`OffersMessageFlow::create_compact_offer_builder`]: crate::offers::flow::OffersMessageFlow::create_compact_offer_builder
+	pub payer_offer: Option<Offer>,
 }
 
 impl Default for OptionalOfferPaymentParams {
@@ -784,6 +813,8 @@ impl Default for OptionalOfferPaymentParams {
 			retry_strategy: Retry::Timeout(core::time::Duration::from_secs(2)),
 			#[cfg(not(feature = "std"))]
 			retry_strategy: Retry::Attempts(3),
+			contact_secrets: None,
+			payer_offer: None,
 		}
 	}
 }
@@ -14619,6 +14650,33 @@ macro_rules! create_offer_builder { ($self: ident, $builder: ty) => {
 
 		Ok(builder.into())
 	}
+
+	/// Creates a compact [`OfferBuilder`] suitable for BLIP-42's `payer_offer` field.
+	///
+	/// This creates an offer with minimal size by either:
+	/// - Having no blinded paths when `intro_node_id` is `None` (for public nodes)
+	/// - Having a single one-hop blinded path when `intro_node_id` is `Some` (for private nodes)
+	///
+	/// The compact format is ideal for encoding in invoice request fields where space is limited.
+	///
+	/// # Privacy
+	///
+	/// Uses a derived signing pubkey in the offer for recipient privacy.
+	///
+	/// # Errors
+	///
+	/// Errors if a blinded path cannot be created when `intro_node_id` is provided.
+	///
+	/// [`Offer`]: crate::offers::offer::Offer
+	pub fn create_compact_offer_builder(
+		&$self, intro_node_id: Option<PublicKey>,
+	) -> Result<$builder, Bolt12SemanticError> {
+		let builder = $self.flow.create_compact_offer_builder(
+			&$self.entropy_source, intro_node_id
+		)?;
+
+		Ok(builder.into())
+	}
 } }
 
 macro_rules! create_refund_builder { ($self: ident, $builder: ty) => {
@@ -14854,6 +14912,8 @@ impl<
 			payment_id,
 			None,
 			create_pending_payment_fn,
+			optional_params.contact_secrets,
+			optional_params.payer_offer,
 		)
 	}
 
@@ -14883,6 +14943,8 @@ impl<
 			payment_id,
 			Some(offer.hrn),
 			create_pending_payment_fn,
+			optional_params.contact_secrets,
+			optional_params.payer_offer,
 		)
 	}
 
@@ -14925,6 +14987,8 @@ impl<
 			payment_id,
 			None,
 			create_pending_payment_fn,
+			optional_params.contact_secrets,
+			optional_params.payer_offer,
 		)
 	}
 
@@ -14933,6 +14997,7 @@ impl<
 		&self, offer: &Offer, quantity: Option<u64>, amount_msats: Option<u64>,
 		payer_note: Option<String>, payment_id: PaymentId,
 		human_readable_name: Option<HumanReadableName>, create_pending_payment: CPP,
+		contacts: Option<ContactSecrets>, payer_offer: Option<Offer>,
 	) -> Result<(), Bolt12SemanticError> {
 		let entropy = &self.entropy_source;
 		let nonce = Nonce::from_entropy_source(entropy);
@@ -14958,6 +15023,20 @@ impl<
 			Some(hrn) => builder.sourced_from_human_readable_name(hrn),
 		};
 
+		let builder = if let Some(secrets) = contacts.as_ref() {
+			builder.contact_secrets(secrets.clone())
+		} else {
+			builder
+		};
+
+		// Add payer offer only if provided by the user.
+		// If the user explicitly wants to include an offer, they should provide it via payer_offer parameter.
+		let builder = if let Some(offer) = payer_offer {
+			builder.payer_offer(&offer)
+		} else {
+			builder
+		};
+
 		let invoice_request = builder.build_and_sign()?;
 		let _persistence_guard = PersistenceNotifierGuard::notify_on_drop(self);
 

lightning/src/ln/offers_tests.rs

@@ -727,6 +727,8 @@ fn creates_and_pays_for_offer_using_two_hop_blinded_path() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 	assert_eq!(invoice_request.amount_msats(), Some(10_000_000));
@@ -885,6 +887,8 @@ fn creates_and_pays_for_offer_using_one_hop_blinded_path() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 	assert_eq!(invoice_request.amount_msats(), Some(10_000_000));
@@ -1006,6 +1010,8 @@ fn pays_for_offer_without_blinded_paths() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 
@@ -1274,6 +1280,8 @@ fn creates_and_pays_for_offer_with_retry() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 	assert_eq!(invoice_request.amount_msats(), Some(10_000_000));
@@ -1339,6 +1347,8 @@ fn pays_bolt12_invoice_asynchronously() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 
@@ -1436,6 +1446,8 @@ fn creates_offer_with_blinded_path_using_unannounced_introduction_node() {
 			quantity: None,
 			payer_note_truncated: None,
 			human_readable_name: None,
+			contact_secret: None,
+			payer_offer: None,
 		},
 	});
 	assert_ne!(invoice_request.payer_signing_pubkey(), bob_id);

lightning/src/offers/flow.rs

@@ -572,6 +572,40 @@ impl<MR: MessageRouter, L: Logger> OffersMessageFlow<MR, L> {
 		Ok((builder.into(), nonce))
 	}
 
+	/// Creates a minimal [`OfferBuilder`] with derived metadata and an optional blinded path.
+	///
+	/// If `intro_node_id` is `None`, creates an offer with no blinded paths (~70 bytes) suitable
+	/// for scenarios like BLIP-42 where the payer intentionally shares their contact info.
+	///
+	/// If `intro_node_id` is `Some`, creates an offer with a single blinded path (~200 bytes)
+	/// providing privacy/routability for unannounced nodes. The intro node must be a public
+	/// peer (routable via gossip) with an outbound channel.
+	///
+	/// # Privacy
+	///
+	/// - `None`: Exposes the derived signing pubkey directly without blinded path privacy
+	/// - `Some`: Intro node learns payer identity (choose trusted/routable peer)
+	///
+	/// This is not exported to bindings users as builder patterns don't map outside of move semantics.
+	pub fn create_compact_offer_builder<ES: EntropySource>(
+		&self, entropy_source: ES, intro_node_id: Option<PublicKey>,
+	) -> Result<OfferBuilder<'_, DerivedMetadata, secp256k1::All>, Bolt12SemanticError> {
+		match intro_node_id {
+			None => {
+				// Use the internal builder but don't add any paths
+				self.create_offer_builder_intern(&entropy_source, |_, _, _| Ok(core::iter::empty()))
+					.map(|(builder, _)| builder)
+			},
+			Some(node_id) => {
+				// Delegate to create_offer_builder with a single-peer list to reuse the router logic
+				self.create_offer_builder(
+					entropy_source,
+					vec![MessageForwardNode { node_id, short_channel_id: None }],
+				)
+			},
+		}
+	}
+
 	/// Creates an [`OfferBuilder`] such that the [`Offer`] it builds is recognized by the
 	/// [`OffersMessageFlow`], and any corresponding [`InvoiceRequest`] can be verified using
 	/// [`Self::verify_invoice_request`].