-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: handle pending payments when failed payments with same hash exist #2151
Conversation
507fdbe
to
9285a96
Compare
a845fc4
to
45bad5c
Compare
c1408ea
to
17dfd87
Compare
|
GitGuardian id | Secret | Commit | Filename | |
---|---|---|---|---|
5547718 | Elliptic Curve Private Key | 42ab2a4 | dev/lnd/tls.key | View secret |
5547719 | Elliptic Curve Private Key | 42ab2a4 | dev/lnd/tls.key.base64 | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
ff66d6d
to
baf7aa7
Compare
if ( | ||
status === PaymentStatus.Failed || | ||
// pendingPayment is a different version to latest payment from lnd | ||
satsAmount !== toSats(paymentFlow.btcPaymentAmount.amount) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this comparison should be made with invoice amount because fees can change depending on the route
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think both sides of this is the invoice amount without fees (left from lnd, right from PaymentFlow)... is it?
if (!(filteredPayments && filteredPayments.length)) | ||
return new CouldNotFindTransactionError() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not sure about this.... so I cant re-try a failed invoice? an example can be done with OBW, create an invoice, close the app, try a payment (it will fail because is not connected) then open OBW wait to connect and try payment again (should succeed)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand how this affects retry. As-is now we can always retry as tested here? https:/GaloyMoney/galoy/pull/2151/files#diff-15e9812156b4ff1c33faaaf99ffcc368a8af2756ccb7a5e81acdcfc46782db9fR2363
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be the same logic as what was here before at Ln259, except done over an array instead of a single payment instead
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but you are including amount validation... lets validate it in staging.
hash: paymentHash, | ||
}) | ||
|
||
return totalNotPending > 0 && totalPending === 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the material change that allows us to retry if there are both pending and settled txns (from multiple attempts)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved with small comment, also, please let me know to test this in staging.
This is to accomodate the case where there may be multiple pending txns for the same no-amount invoice with different amounts sent.
This partially reverts commit 429613e.
The 2nd success payment can't be made for some reason even with liquidity available on the path. This could probably use some more troubleshooting to determine if it's a: - path liquidity problem - lnd mission control issue
Needed to: 1. Make sure payment is above channel reserve 2. Probe 1st to avoid duplicate fee_reimburse when undoing txns 3. Add a manual 1-sat reimburse to accommodate sub-sat accounting inconsistency
78af2d2
to
352ee2a
Compare
Description
This PR fixes an issue where our
updatePendingPayments
isn't able to progress past theisLnTxRecorded
step because it wasn't able to register if pending ledger transactions also exist alongside settled failed ones.The first step was to adjust the
isLnTxRecorded
checkThe next step was to then fail a pending payment if its amount did not match the amount we got back from lnd (in the case of different amounts used for no-amount invoices)
Note
This PR assumes that there can't be 2 simultaneous pending payments (see a4f9e06) for the same hash with the same correct amount. It assumes there can only be 1 pending payment for the correct amount and multiple other failed payments for the same hash.
If this assumption does not hold then there is the risk that multiple payments out get settled for the same single lnd payment which would mean that users would notice an extra payment out. If we think this assumption isn't fair, we can consider adding some provision to account for potentially multiple pending payments (or we can wait until a user observes this in actual usage).