Enforces low-S canonical signatures when the n field is present in a BOLT11 invoice

[MPins]

Fixes #10222

This change enforces low-S canonical signatures in BOLT11 invoices when n is present and adds the corresponding Bolts test vectors (PR#1284 and PR#1298).

This PR depends on btcd PR btcsuite/btcd#2524

This cannot be merged until that PR is merged and LND updates btcdc/v2.

[gemini-code-assist]

Summary of Changes

Hello @MPins, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a critical update to LND's BOLT11 invoice processing by enforcing low-S canonical signatures when the n field is present. This ensures that LND strictly adheres to the BOLT specifications, preventing the acceptance of invoices with non-canonical high-S signatures. The change enhances the network's security and interoperability by standardizing signature validation, complemented by new test vectors to verify the correct implementation of this enforcement.

Highlights

• BOLT11 Signature Enforcement: LND now enforces low-S canonical signatures for BOLT11 invoices that include the n field, rejecting non-canonical high-S signatures to ensure protocol compliance.
• BOLT Spec Alignment: This change aligns LND with the latest BOLT specifications regarding signature canonicalization, improving interoperability and security within the Lightning Network.
• Test Vector Additions: New test cases have been added to validate the enforcement of low-S signatures, including specific tests for high-S signatures in invoices with the n field, ensuring the new logic functions as expected.
• Release Notes Update: The release notes for version 0.21.0 have been updated to reflect this significant protocol enforcement, and the contributor list has been expanded.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request enforces low-S canonical signatures for BOLT11 invoices when the destination public key is provided in the n field, aligning with recent BOLT spec updates. The changes include the core logic in zpay32/decode.go and corresponding test cases. My review focuses on improving the implementation's maintainability by leveraging existing library functions. Overall, the change is correct and well-tested.

[MPins]

Hello @Roasbeef the helper function was created btcsuite/btcd#2463

[github-actions]

🟡 PR Severity: MEDIUM

Automated classification | 2 files (excl. tests) | 8 lines changed (excl. tests)

MEDIUM files (1):

• zpay32/decode.go — zpay32/* package (BOLT-11 invoice codec)

LOW files (1):

• docs/release-notes/release-notes-0.21.0.md — release notes/docs

Excluded from classification (1):

• zpay32/invoice_test.go — test file (*_test.go)

Analysis: This PR modifies zpay32/decode.go in the zpay32 package (BOLT-11 invoice encoding/decoding). Per classification rules, zpay32/* is MEDIUM severity. The change is small (4 lines added to the decoder) with an accompanying test and release note.

No severity bump conditions apply: only 2 non-test files changed (threshold >20), only 8 lines changed (threshold >500), no multiple critical packages touched.

Recommendation: Focused review by an engineer familiar with BOLT-11 invoice parsing.

To override, add a severity-override-{critical,high,medium,low} label.
<!-- pr-severity-bot -->

[lightninglabs-deploy]

@Roasbeef: review reminder
@MPins, remember to re-request review from reviewers when ready

[MPins]

Hello @Roasbeef and @yyforyongyu, since the btcd dependency has been merged, we can move this PR forward.