Present a configured fee claim on register_node

Read fee_claim into NodeConfig and hand it to the LSPS4 client builder, which
forwards it on register_node. The LSP verifies the grant and, if valid, drops
the node off the standard 2% skim.

The claim is node config, not a secret, so it lives in [node] fee_claim. The
MDK_FEE_CLAIM env var is a fallback for deployments that inject config through
the environment. config.toml wins when both are set. Unset everywhere is the
default until the issuer starts minting, which leaves fee_claim None and the
node on the standard policy.

The ldk-node bumps carry the client plumbing for the third
set_liquidity_source_lsps4 argument:
- ldk-node (variant client dep) f13fcead -> 06509b7a, pulling rust-lightning
  9b5f40f0 (M1 + M2 + the register_node fee_claim parameter).
- ldk-node-lsp (lsp-0.7.0 dev-dep) e5fcce06 -> 6449e1b8, pulling rust-lightning
  bdcdf57d (M1 + M2, no client parameter; this copy is the verifier).
The two pull different rust-lightning revs: existing arrangement, not a
regression. Client and LSP talk over the wire, so duplicate compilation is fine.

The integration test runs a node with a claim bound to its node id and asserts
the full 100k arrives instead of 98k, mirroring test_getbalance_after_payment.
It only passes if the LSP verifies the signature, so it covers the whole loop.
The claim hex is minted offline against the in-tree issuer secret; the
regeneration recipe is in a comment next to it. MDK-998 tracks replacing it
with a reusable mnemonic-bound vector once lightning-liquidity exposes a mint
helper.

Author: amackillop

Cargo.lock

@@ -16,7 +16,7 @@ demo = []
 
 [dependencies]
 # Branch: https://github.com/moneydevkit/ldk-node/tree/lsp-0.7.0_accept-underpaying-htlcs_with_timing_logs
-ldk-node = { git = "https://github.com/moneydevkit/ldk-node", rev = "f13fcead7e02ef4b77489a83854f204de11e902b" }
+ldk-node = { git = "https://github.com/moneydevkit/ldk-node", rev = "06509b7a27952fc42ad6a519bbecd39cd64e7107" }
 
 # Pinned to the same git rev as ldk-node's transitive pull to avoid duplicate
 # crate compilation. Verify with `cargo tree -d | grep bitcoin-payment-instructions`.
@@ -45,7 +45,7 @@ base64 = "0.22"
 corepc-node = { version = "0.10", features = ["29_0"] }
 futures-util = "0.3"
 http-body-util = "0.1.3"
-ldk-node-lsp = { package = "ldk-node", git = "https://github.com/moneydevkit/ldk-node", rev = "e5fcce065fa97c522de0f8fec87beb9e7e541456" }
+ldk-node-lsp = { package = "ldk-node", git = "https://github.com/moneydevkit/ldk-node", rev = "6449e1b8e829a4038512946897dc380179422d87" }
 tempfile = "3"
 tokio-tungstenite = "0.26"
 tower = "0.5.3"

Cargo.toml

@@ -72,14 +72,14 @@
               "sha256-kJz+7u55DiSy+/7Rpvm9aiB2ZGpds91M3QQ0CzOi9q4=";
             "git+https://github.com/moneydevkit/bitcoin-payment-instructions?rev=bdcef061488bcc619142010a2a69cd49462d8843#bdcef061488bcc619142010a2a69cd49462d8843" =
               "sha256-oj2zEt1iTQhK+m/2qXzRMHeZ7a+rm3pAO2ZbQXV1h18=";
-            "git+https://github.com/moneydevkit/ldk-node?rev=e5fcce065fa97c522de0f8fec87beb9e7e541456#e5fcce065fa97c522de0f8fec87beb9e7e541456" =
-              "sha256-LsodimSQabrGNw0vgoVKWC8pBglRJJYFvLqLL2/TIrA=";
-            "git+https://github.com/moneydevkit/ldk-node?rev=f13fcead7e02ef4b77489a83854f204de11e902b#f13fcead7e02ef4b77489a83854f204de11e902b" =
-              "sha256-w1AbC0s3SEuxCVMr0F8Uujw/MG0WyN5afHQK0h0S4Zw=";
-            "git+https://github.com/moneydevkit/rust-lightning?rev=eecf53e7c763e8ae8e436585858db506a7aac588#eecf53e7c763e8ae8e436585858db506a7aac588" =
-              "sha256-gRxr9GIIn9fWHhbg/xx2DT4z2CiBS6wVghiIXks/gsI=";
-            "git+https://github.com/moneydevkit/rust-lightning?rev=f56f47fe6c874771cd079faaacf96c42b32fbe72#f56f47fe6c874771cd079faaacf96c42b32fbe72" =
-              "sha256-g4+lUlGQVvURW1zizRQjcHfkFVbSV3jjFsyV3ah/kOo=";
+            "git+https://github.com/moneydevkit/ldk-node?rev=6449e1b8e829a4038512946897dc380179422d87#6449e1b8e829a4038512946897dc380179422d87" =
+              "sha256-dJam/azTnxC08hiLtNE/5CYp5UWdAJkQnBy6czwFraA=";
+            "git+https://github.com/moneydevkit/ldk-node?rev=06509b7a27952fc42ad6a519bbecd39cd64e7107#06509b7a27952fc42ad6a519bbecd39cd64e7107" =
+              "sha256-nSk5PZIN/GrEPDUYt/dsLGmhwY0cneX2DSla6qlXrKE=";
+            "git+https://github.com/moneydevkit/rust-lightning?rev=bdcdf57de38baeabce4bf8486769bc60d0aa0f8d#bdcdf57de38baeabce4bf8486769bc60d0aa0f8d" =
+              "sha256-9IDjszL8KOPsTUiOIAy2nU2DTvUaOGDMIutjIYjfc2M=";
+            "git+https://github.com/moneydevkit/rust-lightning?rev=9b5f40f00a623ff5e1cbe2540d79c3665589be6e#9b5f40f00a623ff5e1cbe2540d79c3665589be6e" =
+              "sha256-UB1MxvE88orgXTEGxyIzalJ7NLP9n4B66Gm07wHF/DM=";
           };
         };
 

flake.nix

@@ -31,6 +31,7 @@ struct NodeSection {
     rest_service_address: Option<String>,
     alias: Option<String>,
     pathfinding_scores_source_url: Option<String>,
+    fee_claim: Option<String>,
     scoring: Option<ScoringSection>,
 }
 
@@ -108,6 +109,7 @@ pub struct MdkConfig {
     pub storage_dir_path: Option<String>,
     pub log_level: LevelFilter,
     pub pathfinding_scores_source_url: Option<String>,
+    pub fee_claim: Option<String>,
     pub scoring_overrides: ScoringOverrides,
     pub splice: SpliceConfig,
     pub max_sendable: MaxSendableConfig,
@@ -208,6 +210,7 @@ pub fn load_config(path: &str) -> io::Result<MdkConfig> {
         storage_dir_path,
         log_level,
         pathfinding_scores_source_url: node.pathfinding_scores_source_url,
+        fee_claim: node.fee_claim,
         scoring_overrides,
         splice,
         max_sendable,

src/daemon/config.rs

@@ -129,6 +129,12 @@ fn main() {
         alias: config_file.alias.map(|a| a.to_string()),
         socks_proxy: socks_proxy.clone(),
         pathfinding_scores_source_url: config_file.pathfinding_scores_source_url,
+        // config.toml is the documented surface; MDK_FEE_CLAIM is an undocumented fallback for
+        // deployments that inject config through the environment (the open-money container, whose
+        // only runtime seam is env vars and whose baked config.toml cannot carry a per-wallet claim).
+        fee_claim: config_file
+            .fee_claim
+            .or_else(|| std::env::var("MDK_FEE_CLAIM").ok()),
         mnemonic: mnemonic_phrase,
         infra,
         scoring_overrides: config_file.scoring_overrides,

src/main.rs

@@ -29,6 +29,7 @@ pub struct NodeConfig {
     pub alias: Option<String>,
     pub socks_proxy: Option<String>,
     pub pathfinding_scores_source_url: Option<String>,
+    pub fee_claim: Option<String>,
     pub mnemonic: String,
     pub infra: NetworkInfra,
     pub scoring_overrides: ScoringOverrides,
@@ -168,7 +169,7 @@ pub fn build_node(
         .map_err(|e| MdkError::InvalidInput(format!("bad lsp_node_id: {e}")))?;
     let lsp_addr = SocketAddress::from_str(&infra.lsp_address)
         .map_err(|e| MdkError::InvalidInput(format!("bad lsp_address: {e}")))?;
-    builder.set_liquidity_source_lsps4(lsp_pubkey, lsp_addr);
+    builder.set_liquidity_source_lsps4(lsp_pubkey, lsp_addr, config.fee_claim);
     info!("LSPS4 liquidity source: {}", infra.lsp_node_id);
 
     builder.set_runtime(runtime);

src/mdk/node.rs

@@ -14,6 +14,7 @@ use ldk_node::lightning::ln::msgs::SocketAddress;
 use ldk_node::lightning_invoice::Bolt11Invoice;
 use ldk_node::{Builder, Node};
 
+use ldk_node_lsp::bitcoin::secp256k1::XOnlyPublicKey;
 use ldk_node_lsp::config::Config as LspNodeConfig;
 use ldk_node_lsp::lightning::ln::msgs::SocketAddress as LspSocketAddress;
 use ldk_node_lsp::liquidity::LSPS4ServiceConfig;
@@ -89,11 +90,14 @@ pub struct MdkdHandle {
 }
 
 impl MdkdHandle {
+    /// `fee_claim`, when set, is written into the `[node]` section of the generated config.toml
+    /// so the node presents a signed fee-policy grant on `register_node`. `None` omits the key.
     pub async fn start(
         bitcoind: &TestBitcoind,
         webhook_port: Option<u16>,
         lsp: Option<&LspNode>,
         mnemonic: &str,
+        fee_claim: Option<&str>,
     ) -> Self {
         #[allow(deprecated)]
         let storage_dir = tempfile::tempdir().unwrap().into_path();
@@ -120,12 +124,15 @@ impl MdkdHandle {
         let http_password_full = "test_full_password";
         let http_password_read_only = "test_readonly_password";
 
+        let fee_claim_line = fee_claim
+            .map(|claim| format!("fee_claim = \"{claim}\"\n"))
+            .unwrap_or_default();
         let config = format!(
             r#"[node]
 network = "regtest"
 listening_addresses = ["127.0.0.1:{p2p_port}"]
 rest_service_address = "127.0.0.1:{api_port}"
-
+{fee_claim_line}
 [storage.disk]
 dir_path = "{storage_dir}"
 
@@ -375,6 +382,12 @@ pub struct LspNode {
 
 impl LspNode {
     pub fn new(bitcoind: &TestBitcoind) -> Self {
+        Self::with_issuer_keys(bitcoind, vec![])
+    }
+
+    /// Stand up the LSP trusting `issuer_pubkeys` to grant non-standard fee policies via a signed
+    /// `MDK_FEE_CLAIM`. An empty set (the default `new`) keeps every node on the standard 2% skim.
+    pub fn with_issuer_keys(bitcoind: &TestBitcoind, issuer_pubkeys: Vec<XOnlyPublicKey>) -> Self {
         #[allow(deprecated)]
         let storage_dir = tempfile::tempdir().unwrap().into_path();
         let p2p_port = find_available_port();
@@ -401,6 +414,7 @@ impl LspNode {
             channel_over_provisioning_ppm: 500_000,
             forwarding_fee_proportional_millionths: 20_000,
             channel_size_tiers: vec![],
+            issuer_pubkeys,
         });
 
         let node = Arc::new(builder.build().unwrap());
@@ -702,6 +716,11 @@ pub fn random_mnemonic() -> String {
         .to_string()
 }
 
+/// Parse a 32-byte x-only public key from hex, for configuring the LSP's trusted issuer set.
+pub fn xonly_from_hex(hex: &str) -> XOnlyPublicKey {
+    XOnlyPublicKey::from_str(hex).expect("valid x-only pubkey hex")
+}
+
 // ---------------------------------------------------------------------------
 // LNURL bech32 helper
 // ---------------------------------------------------------------------------