fix: handle pending payments when failed payments with same hash exist #2151
Conversation
vindard
changed the title
vindard
force-pushed
the
add-mult-payment-handling
branch
from
507fdbe
to
9285a96
Compare
vindard
force-pushed
the
add-mult-payment-handling
branch
6 times, most recently
from
a845fc4
to
45bad5c
Compare
vindard
force-pushed
the
add-mult-payment-handling
branch
4 times, most recently
from
c1408ea
to
17dfd87
Compare
|
| GitGuardian id | Secret | Commit | Filename | |
|---|---|---|---|---|
| 5547718 | Elliptic Curve Private Key | 42ab2a4 | dev/lnd/tls.key | View secret |
| 5547719 | Elliptic Curve Private Key | 42ab2a4 | dev/lnd/tls.key.base64 | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
vindard
force-pushed
the
add-mult-payment-handling
branch
3 times, most recently
from
ff66d6d
to
baf7aa7
Compare
| if ( | ||
| status === PaymentStatus.Failed || | ||
| // pendingPayment is a different version to latest payment from lnd | ||
| satsAmount !== toSats(paymentFlow.btcPaymentAmount.amount) |
There was a problem hiding this comment.
this comparison should be made with invoice amount because fees can change depending on the route
There was a problem hiding this comment.
I think both sides of this is the invoice amount without fees (left from lnd, right from PaymentFlow)... is it?
| if (!(filteredPayments && filteredPayments.length)) | ||
| return new CouldNotFindTransactionError() |
There was a problem hiding this comment.
not sure about this.... so I cant re-try a failed invoice? an example can be done with OBW, create an invoice, close the app, try a payment (it will fail because is not connected) then open OBW wait to connect and try payment again (should succeed)
There was a problem hiding this comment.
I don't understand how this affects retry. As-is now we can always retry as tested here? https:/GaloyMoney/galoy/pull/2151/files#diff-15e9812156b4ff1c33faaaf99ffcc368a8af2756ccb7a5e81acdcfc46782db9fR2363
There was a problem hiding this comment.
This should be the same logic as what was here before at Ln259, except done over an array instead of a single payment instead
There was a problem hiding this comment.
but you are including amount validation... lets validate it in staging.
| hash: paymentHash, | ||
| }) | ||
|
|
||
| return totalNotPending > 0 && totalPending === 0 |
There was a problem hiding this comment.
This is the material change that allows us to retry if there are both pending and settled txns (from multiple attempts)
This is to accomodate the case where there may be multiple pending txns for the same no-amount invoice with different amounts sent.
This partially reverts commit 429613e.
The 2nd success payment can't be made for some reason even with liquidity available on the path. This could probably use some more troubleshooting to determine if it's a: - path liquidity problem - lnd mission control issue
Needed to: 1. Make sure payment is above channel reserve 2. Probe 1st to avoid duplicate fee_reimburse when undoing txns 3. Add a manual 1-sat reimburse to accommodate sub-sat accounting inconsistency
vindard
force-pushed
the
add-mult-payment-handling
branch
from
78af2d2
to
352ee2a
Compare
Description
This PR fixes an issue where our
updatePendingPaymentsisn't able to progress past theisLnTxRecordedstep because it wasn't able to register if pending ledger transactions also exist alongside settled failed ones.The first step was to adjust the
isLnTxRecordedcheckThe next step was to then fail a pending payment if its amount did not match the amount we got back from lnd (in the case of different amounts used for no-amount invoices)
Note
This PR assumes that there can't be 2 simultaneous pending payments (see a4f9e06) for the same hash with the same correct amount. It assumes there can only be 1 pending payment for the correct amount and multiple other failed payments for the same hash.
If this assumption does not hold then there is the risk that multiple payments out get settled for the same single lnd payment which would mean that users would notice an extra payment out. If we think this assumption isn't fair, we can consider adding some provision to account for potentially multiple pending payments (or we can wait until a user observes this in actual usage).