If nodes aren’t doing this they are not following spec?
bolt11: “a reader …. MUST check that the sha2 256-bit hash in the `h` field exactly matches the hashed description “
How can it do this without storing the description when creating deschash invoices ?
the reader is the sender’s wallet, right?
this is not a real world case.
that mean for example WoS, etc. would need to somehow also know the zap request to do that check.
this is problem with the ecosystem atm, there is no way to pass a description into the wallet via a lightning link, i added this to my CLN ios wallet but it seems no other wallet does this. It definitely seems like people are not caring about the spec and are just paying deschash invoices without the description… maybe just have to live with that now ?
even if one would pass some random big string to the wallet, what should it do with the zap request for example? (bolt11 and description would come from the same source)
should it show the scary JSON somehow to the user?
the description is used as a short text for humans. that’s what is shown for people.
yes the wallet would have to support parsing that and show a cool zap screen, which isn’t too unreasonable considering the amount of overlap these days. But definitely not good for a general wallet. I imagine people will put lots of weird crap in bolt11 descriptions 😬
assuming a zap request could be shorter than 639 bytes it would also not work.
I don’t know the bolt11 details well enough.
Even if it’s their fault to not implement the bolt11 spec perfectly the state is that some big implementations have this problem.
It limits how zappers can be built. LN implementations have problems, not to talk about tools like lnbits, strike, etc.
those can not be used because of this limitation.
So you just want nip57 to be updated to remove this:
SHA256(description) MUST match the description hash in the bolt11 invoice.
?
