Persist sender when initialized

This commit introduces a persistence flow for constructing
`v2::Sender`. We enforce that senders must be persisted before
initiating their type state. To support this, callers will first create a
`NewSender`, which must be persisted. Once persisted, a storage token is
returned that can be passed to `v2::Sender::load(...)` to construct the
full `v2::Sender`.

For use cases that do not require persistence—such as testing— can use the
 `NoopPersister` provided in `persist/mod.rs`.

Issue: payjoin#336

Author: arminsabouri

payjoin-cli/src/app/v2.rs

@@ -14,7 +14,7 @@ use super::config::Config;
 use super::wallet::BitcoindWallet;
 use super::App as AppTrait;
 use crate::app::{handle_interrupt, http_agent};
-use crate::db::v2::ReceiverPersister;
+use crate::db::v2::{ReceiverPersister, SenderPersister};
 use crate::db::Database;
 
 #[derive(Clone)]
@@ -53,11 +53,15 @@ impl AppTrait for App {
             Some(send_session) => send_session,
             None => {
                 let psbt = self.create_original_psbt(&uri, fee_rate)?;
-                let mut req_ctx = SenderBuilder::new(psbt, uri.clone())
+                let mut persister = SenderPersister::new(self.db.clone());
+                let new_sender = SenderBuilder::new(psbt, uri.clone())
                     .build_recommended(fee_rate)
                     .with_context(|| "Failed to build payjoin request")?;
-                self.db.insert_send_session(&mut req_ctx, url)?;
-                req_ctx
+                let storage_token = new_sender
+                    .persist(&mut persister)
+                    .map_err(|e| anyhow!("Failed to persist sender: {}", e))?;
+                Sender::load(storage_token, &persister)
+                    .map_err(|e| anyhow!("Failed to load sender: {}", e))?
             }
         };
         self.spawn_payjoin_sender(req_ctx).await

payjoin-cli/src/db/v2.rs

@@ -3,12 +3,36 @@ use std::sync::Arc;
 use bitcoincore_rpc::jsonrpc::serde_json;
 use payjoin::persist::{Persister, Value};
 use payjoin::receive::v2::{Receiver, ReceiverToken};
-use payjoin::send::v2::Sender;
+use payjoin::send::v2::{Sender, SenderToken};
 use sled::Tree;
 use url::Url;
 
 use super::*;
 
+pub(crate) struct SenderPersister(Arc<Database>);
+impl SenderPersister {
+    pub fn new(db: Arc<Database>) -> Self { Self(db) }
+}
+
+impl Persister<Sender> for SenderPersister {
+    type Token = SenderToken;
+    type Error = crate::db::error::Error;
+    fn save(&mut self, value: Sender) -> std::result::Result<SenderToken, Self::Error> {
+        let send_tree = self.0 .0.open_tree("send_sessions")?;
+        let key = value.key();
+        let value = serde_json::to_vec(&value).map_err(Error::Serialize)?;
+        send_tree.insert(key.clone(), value.as_slice())?;
+        send_tree.flush()?;
+        Ok(key)
+    }
+
+    fn load(&self, key: SenderToken) -> std::result::Result<Sender, Self::Error> {
+        let send_tree = self.0 .0.open_tree("send_sessions")?;
+        let value = send_tree.get(key.as_ref())?.ok_or(Error::NotFound(key.to_string()))?;
+        serde_json::from_slice(&value).map_err(Error::Deserialize)
+    }
+}
+
 pub(crate) struct ReceiverPersister(Arc<Database>);
 impl ReceiverPersister {
     pub fn new(db: Arc<Database>) -> Self { Self(db) }
@@ -51,14 +75,6 @@ impl Database {
         Ok(())
     }
 
-    pub(crate) fn insert_send_session(&self, session: &mut Sender, pj_url: &Url) -> Result<()> {
-        let send_tree: Tree = self.0.open_tree("send_sessions")?;
-        let value = serde_json::to_string(session).map_err(Error::Serialize)?;
-        send_tree.insert(pj_url.to_string(), IVec::from(value.as_str()))?;
-        send_tree.flush()?;
-        Ok(())
-    }
-
     pub(crate) fn get_send_sessions(&self) -> Result<Vec<Sender>> {
         let send_tree: Tree = self.0.open_tree("send_sessions")?;
         let mut sessions = Vec::new();
@@ -72,7 +88,7 @@ impl Database {
 
     pub(crate) fn get_send_session(&self, pj_url: &Url) -> Result<Option<Sender>> {
         let send_tree = self.0.open_tree("send_sessions")?;
-        if let Some(val) = send_tree.get(pj_url.to_string())? {
+        if let Some(val) = send_tree.get(pj_url.as_str())? {
             let session: Sender = serde_json::from_slice(&val).map_err(Error::Deserialize)?;
             Ok(Some(session))
         } else {
@@ -82,7 +98,7 @@ impl Database {
 
     pub(crate) fn clear_send_session(&self, pj_url: &Url) -> Result<()> {
         let send_tree: Tree = self.0.open_tree("send_sessions")?;
-        send_tree.remove(pj_url.to_string())?;
+        send_tree.remove(pj_url.as_str())?;
         send_tree.flush()?;
         Ok(())
     }

payjoin/src/send/multiparty/mod.rs

@@ -1,3 +1,5 @@
+use std::fmt::{self, Display};
+
 use bitcoin::{FeeRate, Psbt};
 use error::{
     CreateRequestError, FinalizeResponseError, FinalizedError, InternalCreateRequestError,
@@ -11,8 +13,8 @@ use super::{serialize_url, AdditionalFeeContribution, BuildSenderError, Internal
 use crate::hpke::decrypt_message_b;
 use crate::ohttp::ohttp_decapsulate;
 use crate::output_substitution::OutputSubstitution;
-use crate::receive::ImplementationError;
-use crate::send::v2::V2PostContext;
+use crate::persist::{self, Persister};
+use crate::send::v2::{ImplementationError, V2PostContext};
 use crate::uri::UrlExt;
 use crate::{PjUri, Request};
 
@@ -23,17 +25,58 @@ pub struct SenderBuilder<'a>(v2::SenderBuilder<'a>);
 
 impl<'a> SenderBuilder<'a> {
     pub fn new(psbt: Psbt, uri: PjUri<'a>) -> Self { Self(v2::SenderBuilder::new(psbt, uri)) }
-    pub fn build_recommended(self, min_fee_rate: FeeRate) -> Result<Sender, BuildSenderError> {
-        let v2 = v2::SenderBuilder::new(self.0 .0.psbt, self.0 .0.uri)
-            .build_recommended(min_fee_rate)?;
-        Ok(Sender(v2))
+
+    pub fn build_recommended(self, min_fee_rate: FeeRate) -> Result<NewSender, BuildSenderError> {
+        let sender = self.0.build_recommended(min_fee_rate)?;
+        Ok(NewSender(sender))
     }
 }
 
+pub struct NewSender(v2::NewSender);
+
+impl NewSender {
+    pub fn persist<P: Persister<Sender>>(
+        &self,
+        persister: &mut P,
+    ) -> Result<P::Token, ImplementationError> {
+        let sender =
+            Sender(v2::Sender { v1: self.0.v1.clone(), reply_key: self.0.reply_key.clone() });
+        persister.save(sender).map_err(ImplementationError::from)
+    }
+}
+
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct SenderToken(Url);
+
+impl Display for SenderToken {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "{}", self.0) }
+}
+
+impl From<Sender> for SenderToken {
+    fn from(sender: Sender) -> Self { SenderToken(sender.0.endpoint().clone()) }
+}
+
+impl AsRef<[u8]> for SenderToken {
+    fn as_ref(&self) -> &[u8] { self.0.as_str().as_bytes() }
+}
+
 #[derive(Clone, PartialEq, Eq, Serialize, Deserialize)]
 pub struct Sender(v2::Sender);
 
+impl persist::Value for Sender {
+    type Key = SenderToken;
+
+    fn key(&self) -> Self::Key { SenderToken(self.0.endpoint().clone()) }
+}
+
 impl Sender {
+    pub fn load<P: Persister<Sender>>(
+        token: P::Token,
+        persister: &P,
+    ) -> Result<Self, ImplementationError> {
+        let sender = persister.load(token).map_err(ImplementationError::from)?;
+        Ok(sender)
+    }
     pub fn extract_v2(
         &self,
         ohttp_relay: Url,

payjoin/src/send/v2/error.rs

@@ -2,6 +2,7 @@ use core::fmt;
 
 use crate::uri::url_ext::ParseReceiverPubkeyParamError;
 
+pub type ImplementationError = Box<dyn std::error::Error + Send + Sync>;
 /// Error returned when request could not be created.
 ///
 /// This error can currently only happen due to programmer mistake.

payjoin/src/send/v2/mod.rs

@@ -21,8 +21,10 @@
 //! [`bitmask-core`](https://github.com/diba-io/bitmask-core) BDK integration. Bring your own
 //! wallet and http client.
 
+use std::fmt::{self, Display};
+
 use bitcoin::hashes::{sha256, Hash};
-pub use error::{CreateRequestError, EncapsulationError};
+pub use error::{CreateRequestError, EncapsulationError, ImplementationError};
 use error::{InternalCreateRequestError, InternalEncapsulationError};
 use ohttp::ClientResponse;
 use serde::{Deserialize, Serialize};
@@ -32,6 +34,7 @@ use super::error::BuildSenderError;
 use super::*;
 use crate::hpke::{decrypt_message_b, encrypt_message_a, HpkeSecretKey};
 use crate::ohttp::{ohttp_decapsulate, ohttp_encapsulate};
+use crate::persist::{Persister, Value};
 use crate::send::v1;
 use crate::uri::{ShortId, UrlExt};
 use crate::{HpkeKeyPair, HpkePublicKey, IntoUrl, OhttpKeys, PjUri, Request};
@@ -64,11 +67,12 @@ impl<'a> SenderBuilder<'a> {
     // The minfeerate parameter is set if the contribution is available in change.
     //
     // This method fails if no recommendation can be made or if the PSBT is malformed.
-    pub fn build_recommended(self, min_fee_rate: FeeRate) -> Result<Sender, BuildSenderError> {
-        Ok(Sender {
+    pub fn build_recommended(self, min_fee_rate: FeeRate) -> Result<NewSender, BuildSenderError> {
+        let sender = NewSender {
             v1: self.0.build_recommended(min_fee_rate)?,
             reply_key: HpkeKeyPair::gen_keypair().0,
-        })
+        };
+        Ok(sender)
     }
 
     /// Offer the receiver contribution to pay for his input.
@@ -90,16 +94,17 @@ impl<'a> SenderBuilder<'a> {
         change_index: Option<usize>,
         min_fee_rate: FeeRate,
         clamp_fee_contribution: bool,
-    ) -> Result<Sender, BuildSenderError> {
-        Ok(Sender {
+    ) -> Result<NewSender, BuildSenderError> {
+        let sender = NewSender {
             v1: self.0.build_with_additional_fee(
                 max_fee_contribution,
                 change_index,
                 min_fee_rate,
                 clamp_fee_contribution,
             )?,
             reply_key: HpkeKeyPair::gen_keypair().0,
-        })
+        };
+        Ok(sender)
     }
 
     /// Perform Payjoin without incentivizing the payee to cooperate.
@@ -109,11 +114,28 @@ impl<'a> SenderBuilder<'a> {
     pub fn build_non_incentivizing(
         self,
         min_fee_rate: FeeRate,
-    ) -> Result<Sender, BuildSenderError> {
-        Ok(Sender {
+    ) -> Result<NewSender, BuildSenderError> {
+        let sender = NewSender {
             v1: self.0.build_non_incentivizing(min_fee_rate)?,
             reply_key: HpkeKeyPair::gen_keypair().0,
-        })
+        };
+        Ok(sender)
+    }
+}
+
+#[derive(Debug)]
+pub struct NewSender {
+    pub(crate) v1: v1::Sender,
+    pub(crate) reply_key: HpkeSecretKey,
+}
+
+impl NewSender {
+    pub fn persist<P: Persister<Sender>>(
+        &self,
+        persister: &mut P,
+    ) -> Result<P::Token, ImplementationError> {
+        let sender = Sender { v1: self.v1.clone(), reply_key: self.reply_key.clone() };
+        Ok(persister.save(sender)?)
     }
 }
 
@@ -125,7 +147,35 @@ pub struct Sender {
     pub(crate) reply_key: HpkeSecretKey,
 }
 
+/// Opaque key type for the sender
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct SenderToken(Url);
+
+impl Display for SenderToken {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { write!(f, "{}", self.0) }
+}
+
+impl From<Sender> for SenderToken {
+    fn from(sender: Sender) -> Self { SenderToken(sender.endpoint().clone()) }
+}
+
+impl AsRef<[u8]> for SenderToken {
+    fn as_ref(&self) -> &[u8] { self.0.as_str().as_bytes() }
+}
+
+impl Value for Sender {
+    type Key = SenderToken;
+
+    fn key(&self) -> Self::Key { SenderToken(self.endpoint().clone()) }
+}
+
 impl Sender {
+    pub fn load<P: Persister<Sender>>(
+        token: P::Token,
+        persister: &P,
+    ) -> Result<Self, ImplementationError> {
+        persister.load(token).map_err(ImplementationError::from)
+    }
     /// Extract serialized V1 Request and Context from a Payjoin Proposal
     pub fn extract_v1(&self) -> (Request, v1::V1Context) { self.v1.extract_v1() }